Intell community gets new IT policies

The Director of National Intelligence has issued a new information security directive that officials say will improve collaboration in the intelligence community and influence how information technology is used across the government.

Intelligence Community Directive 503 sets IT policy for the intelligence community’s 16 member agencies and elements. It deals with IT system issues such as security, reciprocity, dispute resolution and risk management. The directive also lays out new certification and accreditation principles for compliance by forthcoming information systems or IT items.

The directive “focuses on a more holistic and strategic process for the risk management of information technology systems, and on processes and procedures designed to develop trust across the intelligence community information technology enterprise through the use of common standards and reciprocally accepted certification and accreditation decisions,” the directive reads.

The directive was signed by Director of National Intelligence Mike McConnell on Sept. 15, but was announced on the Office of the Director of National Intelligence’s Web site on Sept. 30. It implements  strategic goals agreed on by the intelligence community’s chief information officer, the Defense Department’s CIOs, the Office of Management and Budget and National Institute of Standards and Technology in January 2007, according to the directive.

Under the new policy, the intelligence community’s CIO will issue standards for IT risk management. In addition, the directive instructs elements of the intelligence community to ensure that accreditation of their systems permits collaboration and information sharing across the community.

Elements of the intelligence community also will be expected to accept the certification of an IT system that was approved by another element, the directive states. The acceptance of certification also extends to systems of other federal, state or tribal agencies, organizations and contractors as long as it was based on standards compatible with those put forward by the intelligence community.

All intelligence community elements will also be expected to accept accreditations for the sovereign information systems of Australia, Canada, New Zealand and the United Kingdom that communicate national intelligence information provided by the United States government.

About the Author

Ben Bain is a reporter for Federal Computer Week.

Featured

  • Cybersecurity
    Shutterstock photo id 669226093 By Gorodenkoff

    The disinformation game

    The federal government is poised to bring new tools and strategies to bear in the fight against foreign-backed online disinformation campaigns, but how and when they choose to act could have ramifications on the U.S. political ecosystem.

  • FCW PERSPECTIVES
    sensor network (agsandrew/Shutterstock.com)

    Are agencies really ready for EIS?

    The telecom contract has the potential to reinvent IT infrastructure, but finding the bandwidth to take full advantage could prove difficult.

  • People
    Dave Powner, GAO

    Dave Powner audits the state of federal IT

    The GAO director of information technology issues is leaving government after 16 years. On his way out the door, Dave Powner details how far govtech has come in the past two decades and flags the most critical issues he sees facing federal IT leaders.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.