Where to turn for help


Besides the Office of Management and Budget guidance, there are other sourcesof information about the requirements of the Government Information SecurityReform Act.

* The act itself. It's available on the CIO Council Web site (www.cio.gov/docs/NDAA2001.htm),separate from the fiscal 2001 Defense Authorization Act.

* The National Institute of Standards and Technology draft special publication,"Self-Assessment Guide for Information Technology Systems." Available atthe Computer Security Resource Center's Web site (csrc.nist.gov). A finalversion will be available soon but won't differ much from the draft.

* The CIO Council's Information Technology Security Assessment Framework.Also available on the council's site, the framework is what the NIST specialpublication builds on.

* The CIO Council's report "Securing Electronic Government." This publication,also on the council's Web site, takes a more program-oriented view at whatsecurity is necessary for different systems and services

Featured

  • Acquisition
    Shutterstock ID 169474442 By Maxx-Studio

    The growing importance of GWACs

    One of the government's most popular methods for buying emerging technologies and critical IT services faces significant challenges in an ever-changing marketplace

  • Workforce
    Shutterstock image 1658927440 By Deliris masks in office coronavirus covid19

    White House orders federal contractors vaccinated by Dec. 8

    New COVID-19 guidance directs federal contractors and subcontractors to make sure their employees are vaccinated — the latest in a series of new vaccine requirements the White House has been rolling out in recent weeks.

Stay Connected