Commerce sets infosec policy

The Commerce Department chief information officer last week issued the first departmentwide information technology security policy that sets comprehensive ground rules for protecting and accessing the department's systems.

The policy explains the department's IT security program requirements and provides guidance on the implementation of IT security programs within Commerce.

The department has been making progress on IT security since receiving critical reports from the General Accounting Office and Congress in 2001 and 2002, said Thomas Pyke Jr., the CIO at Commerce. For instance, the department now conducts vulnerability testing of its own systems and provides training in IT security for employees and contractors.

However, enhancing IT security is an ongoing process, Pyke said. "We have to be constantly vigilant."

The policy lays out in detail such things as IT security roles and responsibilities and controls that must be included in the department's IT security programs, such as risk management and contingency planning.

Commerce operating units may take the policy and develop more detailed supplemental guidance for their employees, Pyke said.

Pyke said he has asked the heads of operating units and CIOs in the department to notify the Commerce IT security program manager by June 30 that they have met the minimum mandatory standards laid out in the policy or that they will meet them by Sept. 30.

Featured

  • IT Modernization
    shutterstock image By enzozo; photo ID: 319763930

    OMB provides key guidance for TMF proposals amid surge in submissions

    Deputy Federal CIO Maria Roat details what makes for a winning Technology Modernization Fund proposal as agencies continue to submit major IT projects for potential funding.

  • gears and money (zaozaa19/Shutterstock.com)

    Worries from a Democrat about the Biden administration and federal procurement

    Steve Kelman is concerned that the push for more spending with small disadvantaged businesses will detract from the goal of getting the best deal for agencies and taxpayers.

Stay Connected