http://www.fcw.com/article103240-07-17-07-Web
By Jason Miller
July 17, 2007
The Office of Management and Budget and the Homeland Security Department
today explained 10 common mistakes agencies make when securing data and
personal information and offered a host of best practices to correct
each mistake.
In a new paper, Common Risks Impeding the Adequate Protection of
Government Information [1], OMB and DHS discuss common problems in areas
such as training, contracting and records management.
OMB and DHS developed this paper as a part of the Presidents Identity
Theft Task Force recommendations.
All of the best practices and important resources are interrelated, and
they can help agencies address the risks associated with information
security and privacy programs, said Karen Evans, OMBs administrator for
information technology and e-government.
In the paper, OMB and DHS recommend agencies take steps to protect data.
These include tailoring training to employees with significant security
and privacy responsibilities, incorporating the Federal Acquisition
Regulation language into all contracts and agreements and developing a
standard operating procedure that describes how to identify and report
suspicious activities or incidents.
The paper also provides resources from OMB, DHS and the National
Institute of Standards and Technology for agencies to refer to when
implementing the best practices.
[1] http://csrc.nist.gov/pcig/document/Common-Risks-Impeding-Adequate-Protection-Govt-Info.pdf
Received on Wed Jul 18 00:29:59 2007