Evans: No big changes in security guidance

Related Links

"Unfair grading?"

Karen Evans, the Office of Management and Budget’s administrator for e-government and information technology, testified today that she has no plans for making major revisions to OMB's information security policy guidance, despite some lawmakers' questions about its effectiveness.

But Evans said she would be willing to consider additions or changes that would make annual security evaluations more consistent among federal agencies. The evaluations are required under the Federal Information Security Management Act of 2002, which OMB administers.

Rep. Tom Davis (R-Va.), who conducted today's congressional hearing, questioned the quality of OMB's guidance and whether a standard auditing approach is necessary in light of the federal government's D-plus grade on information security.

Members of Davis' Government Reform Committee are considering whether agency inspectors general who conduct security evaluations might have a need for information security audit standards, similar to those used for auditing financial management systems.

Because federal IGs have different levels of resources and expertise, any new standards that would support greater consistency would be something that OMB could support, Evans said.

Davis later wanted to know if the Homeland Security Department has unique problems that make it especially difficult for DHS to get a good security grade. DHS is responsible for the nation’s cybersecurity but has received an F on its own security report card two years in a row.

"What’s holding them up?" Davis asked Steve Cooper, the department's CIO.

Cooper responded that the department has procedures in place that will enable it to earn a respectable grade by 2006.

Davis thanked Cooper for his efforts at DHS. Cooper is leaving the top CIO position at DHS later this month.


  • innovation (Sergey Nivens/Shutterstock.com)

    VA embraces procurement challenges at scale

    Steve Kelman applauds the Department of Veterans Affairs' ambitious attempt to move beyond one-off prize-based contests to combat veteran suicides more effectively.

  • big data AI health data

    Where did the ideas for shutdowns and social distancing come from?

    Steve Kelman offers another story about hero civil servants (and a good president).

Stay Connected


Sign up for our newsletter.

I agree to this site's Privacy Policy.