OMB’s Recent CIO Memorandum: Clarifying and Reinforcing CIO Primary Responsibilities

A new memorandum details four areas for which all Federal Chief Information Officers (CIOs) have authority and “a lead role”: Governance, Commodity IT, Program Management, and Information Security.

Seven Management Imperatives: Imperative Five - Respond to the New Security Environment

The price of interconnectivity is the continuing tradeoff between opportunity and vulnerability. Government organizations need to enact policies to protect networks and networked information.

 

IT Governance, Risk Management, Security & Privacy – a Perspective for the C-Suite

Today, more than ever, with the increasing number of cybersecurity attacks on government organizations and threats of data breaches to the privacy of government officials and their staffs, and government contractor staffs, strong IT Governance based on sound IT risk management is critical to restoring confidence in the security and privacy protections provided by our Federal Government.  This is no longer purely an IT technology issue but an issue that must be addressed at the top layers of government – from the “overseers” of IT policy (e.g., Office of Management and Budget (OMB), National

A Roadmap for Implementing and Improving IT Governance

As previously discussed, all Federal departments/agencies were charged with establishing an IT Governance program per OMB Memorandum M-09-02.

Creating the appropriate environment for successful adoption of IT Governance that supports improved security

To start, guiding principles can ensure that all staff have a common understanding of the core IT Governance criteria. These guiding principles let staff know that IT Governance is recognized by the C-Suite as critical to the organization’s success, and that IT resources result in maximum effectiveness and efficiency across the organization. It ensures that security is integrated in meeting requirements and delivers benefits set by an organization’s business leaders.

New Organizational Structure Required for an Effective IT Governance Program With Strong Security

This consists of a definition of IT Governance communicated throughout the agency, and the establishment of a new organizational structure to ensure the IT Governance Program is effective and continuously improved. Continuing with the Veterans Affairs Department (VA) example discussed in the previous blog, below is the definition VA developed and a generic discussion of the organizational structure that VA adopted. The VA model provides an excellent example for agencies to consider as they implement IT governance.

Benefits of Effective IT Governance with Strong Security

This post is the fourth in a series on how strong IT Governance can help drive effective security across Federal enterprises. See the first installment. In the first example, a federal agency needed to transform the way it governed and managed IT within the Department. It created three boards: an IT Leadership Board, a Budgeting and Near Term Issues Board, and a Programming and Long Term Issues Board.

Pages

Your cart

Your cart is empty.