Shows & Panels
- AFCEA Answers
- Ask the CIO
- The Big Data Dilemma
- Carrying On with Continuity of Operations
- Connected Government
- Constituent Servicing
- Continuous Monitoring: Tools and Techniques for Trustworthy Government IT
- The Cyber Imperative
- Cyber Solutions for 2013 and Beyond
- The Data Privacy Imperative: Safeguarding Sensitive Data
- Expert Voices
- Federal Executive Forum
- Federal IT Challenge
- Federal Tech Talk
- Mission-critical Apps in the Cloud
- The Modern Federal Threat Landscape
- The Path from Legacy Systems
- The Real Deal on Digital Government
- The Reality of Continuous Monitoring... Is Your Agency Secure?
- Veterans in Private Sector: Making the Transition
Shows & Panels
OMB wants classified systems assessed
Tuesday - 1/4/2011, 3:34pm EST
Federal News Radio
Agencies must assess their procedures for safeguarding classified information by the end of the month.
The Office of Management and Budget is requiring that these analyses include everything from how agencies properly label confidential information to detailed evaluations of automated data systems.
OMB Director Jacob Lew issued a memo Monday. This follows a Nov. 28 order that agencies establish teams to evaluate their security, counterintelligence and information protocols. In this latest directive, OMB wants agencies to focus on automated systems.
OMB wants the initial assessment, due Jan. 28, to build on existing requirements that agencies have ongoing self inspection programs. Agencies must look for weaknesses in automated systems, respond to questions in eight target areas, assess plans for system changes and upgrades and evaluate department security documents and protocol.
The security reviews reflect administration fears following the WikiLeaks release in which Army Private First Class Bradley Manning allegedly downloaded large caches of sensitive military material from Army computers and released it to the Internet watchdog group WikiLeaks.
As part of the assessment, the Information Security Oversight Office (ISOO) and the National Counterintelligence Executive within the Office of the Director of National Intelligence (ODNI) formulated is a list of questions around eight areas:
- Management and Oversight - Does the agency have sufficient measures in place to ensure access to sensitive material is limited to appropriate personnel?
- Counter intelligence - Has the agency identified and protected information that would be of interest to the nation's enemies?
- Safeguarding - How does the agency ensure that classified information is accessed and transmitted securely?
- Deterring, detecting and defending against employee unauthorized disclosures - Does the agency have an insider threat program or other means by which to identify personnel trustworthiness?
- Information assurance measures - Do national security systems that process classified information meet additional standards specific to their missions?
- Education and Training - What does the agency do to ensure that personnel knows both the importance of protecting classified information and the punishment for violating agency security policies?
- Personnel security - Has the agency established a program by which to evaluate personnel behavior and identify threat indicators?
- Physical and/or Technical - Does the agency conduct annual reports on the status of its secure systems?
Following submission of the assessments, ISOO and ODNI officials will assist agencies with security measures when necessary and conduct onsite valuations to ensure compliance.
(Copyright 2011 by FederalNewsRadio.com. All Rights Reserved.)