Policy

OMB issues A-130 update

Shutterstock image (by Maksim Kabakou): cyber defense conept, magnifying glass.

The Office of Management and Budget has released the long-awaited update to Circular A-130, the overarching framework for federal information policy.

The circular, which covers a wide variety of topics, has not been updated since 2000.

According to a White House statement, "Today's update to Circular A-130 gathers in one resource a wide range of policy updates for federal agencies regarding cybersecurity, information governance, privacy, records management, open data, and acquisitions. It also establishes general policy for IT planning and budgeting through governance, acquisition and management of federal information, personnel, equipment, funds, IT resources and supporting infrastructure and services."

Officials said the document addresses concerns about how often systems are assessed and updated by focusing on real-time knowledge of the environment, proactive risk management and shared responsibility.

One of the obstacles to cybersecurity, for example, is the amount of time some federal systems take to be updated and/or replaced.

A-130 would "make clear the shift away from check-list exercises and toward the ongoing monitoring, assessment and evaluation of federal information resources," the White House announcement states.

To deal with growing concerns about the use of social media and personal email accounts on government systems, the updated circular will "ensure everyone remains responsible and accountable for assuring privacy and security of information -- from managers to employees to citizens interacting with government services."

Agencies will be required to monitor user activity to more aggressively protect against insider threats, encrypt information at rest and in transit, and provide identity assurance to enable the secure use of government services.

The updated circular goes into effect on July 28.

About the Author

Aisha Chowdhry is a former staff writer for FCW.


Featured

  • People
    Federal CIO Suzette Kent

    Federal CIO Kent to exit in July

    During her tenure, Suzette Kent pushed on policies including Trusted Internet Connection, identity management and the creation of the Chief Data Officers Council

  • Defense
    Essye Miller, Director at Defense Information Management, speaks during the Breaking the Gender Barrier panel at the Air Space, Cyber Conference in National Harbor, Md., Sept. 19, 2017. (U.S. Air Force photo/Staff Sgt. Chad Trujillo)

    Essye Miller: The exit interview

    Essye Miller, DOD's outgoing principal deputy CIO, talks about COVID, the state of the tech workforce and the hard conversations DOD has to have to prepare personnel for the future.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.