GISRA instructions released
The Office of Management and Budget released instructions June 22 explaining what agencies should include in their first reports under the Government Information Security Reform Act. GISRA requires agencies to adopt security management practices, conduct reviews of the practices and report on their actions. The reports, which are due Sept. 10, will be summarized for a report to Congress.
The memo includes instructions for the reports' executive summary and questions on topics such as accounting procedures and performance measures.
New standard set for security
The Commerce Department approved the new standard for the minimum level of cryptography in federal security products, replacing a standard that had been in effect for seven years.
With the approval June 27, security products used for sensitive, unclassified information must be certified under the National Institute of Standards and Technology's Federal Information Processing Standard 140-2, Security Requirements for Cryptographic Modules. The new standard goes into effect Nov. 25.
Energy Star gets a boost
President Bush said in a June 28 speech that he has a dream: "to have desktop computers all across our government with the latest [energy-saving] devices."
Bush told Energy Department em.ployees that federal offices should be equipped so that "when the computer is off or on standby, the energy supply being used is reduced by sevenfold. That's necessary. It is the right step for our federal government to set the example."
He promised to aggressively promote the Environmental Protection Agency's Energy Star program. "The Energy Star is a great way for the federal government to enter into a partnership with consumer product producers," the president said.