[ISN] Administration will review FISMA metrics

From: InfoSec News <alerts_at_private>
Date: Thu, 5 Mar 2009 04:28:21 -0600 (CST)
http://fcw.com/articles/2009/03/04/fisma-report.aspx

By Ben Bain
FCW.com
Mar 04, 2009

The Office of Management and Budget has said it will review the security 
metrics agencies use to report their compliance with the Federal 
Information Security Management Act (FISMA) and it may develop new 
metrics to improve the assurance of information security at agencies.

In general, reports from agencies’ chief information officers and 
inspectors general during fiscal 2008 showed increased compliance with 
FISMA’s information security requirements, according to the a report 
from OMB to Congress on agencies’ FISMA implementation released 
recently. However, OMB also said “it could be time to modify the metrics 
to improve the assurance of security.”

“One goal for new metrics would be to move beyond periodic compliance 
reporting to more continuous monitoring of security,” the report said.

Federal agencies spent $6.2 billion on securing information technology 
systems in fiscal 2008, or about 9.2 percent of the approximately $68 
billion spent on IT, OMB said.

[...]


_______________________________________________      
Best Selling Security Books and More!
http://www.shopinfosecnews.org/
Received on Thu Mar 05 2009 - 02:28:21 PST

This archive was generated by hypermail 2.2.0 : Thu Mar 05 2009 - 02:44:51 PST