GSA office gets infosec management

OMB GISRA reporting guidelines

Telos Corp. announced Aug. 13 it signed a contract to support the information security management of systems within the General Services Administration's Office of Governmentwide Policy.

Telos and its subsidiary Xacta Corp. will perform security risk assessments of the office's systems. The company also will evaluate the office's security, contingency, configuration, and certification and accreditation plans, and help develop new ones.

The blanket purchase agreement potentially could be worth $10 million over five years.

Agencies are required to take specific security management actions under various laws and regulations, but Congress underlined the importance of such steps in the Government Information Security Reform Act (GISRA) of 2000. GISRA calls for agencies to do annual self-assessments of their security management practices and submit a report to the Office of Management and Budget.

In addition to submitting an annual report to Congress on agencies' compliance with GISRA, OMB is using the law as an important management enforcement tool for the White House. Last month, OMB issued its latest guidance for agencies on what information to include in their annual reports, and what steps must also be taken to address the weaknesses found in the self-assessments.

Featured

  • Defense
    Soldiers from the Old Guard test the second iteration of the Integrated Visual Augmentation System (IVAS) capability set during an exercise at Fort Belvoir, VA in Fall 2019. Photo by Courtney Bacon

    IVAS and the future of defense acquisition

    The Army’s Integrated Visual Augmentation System has been in the works for years, but the potentially multibillion deal could mark a paradigm shift in how the Defense Department buys and leverages technology.

  • Cybersecurity
    Deputy Secretary of Homeland Security Alejandro Mayorkas  (U.S. Coast Guard photo by Petty Officer 3rd Class Lora Ratliff)

    Mayorkas announces cyber 'sprints' on ransomware, ICS, workforce

    The Homeland Security secretary announced a series of focused efforts to address issues around ransomware, critical infrastructure and the agency's workforce that will all be launched in the coming weeks.

Stay Connected