Agencies told to document security work

Agencies told to document security work

The House Energy and Commerce Subcommittee on Oversight and Investigations has asked 15 agencies for proof of compliance with a new systems security requirement.

The Information Security Reform Act, a rider to the fiscal 2001 Defense Authorization Act, directed agencies to develop comprehensive information security programs. The agencies' plans are subject to approval by the Office of Management and Budget.

A March 2 letter from the subcommittee's chairman, Rep. Jim Greenwood (R-Pa.), asked for records relating to vulnerability assessments; audits and testing of security plans; incident detection and response plans; OMB reviews; and the status of internal reviews.

The targeted agencies are the Centers for Disease Control and Prevention, Consumer Product Safety Commission, Environmental Protection Agency, Federal Communications Commission, Federal Energy Regulatory Commission, Federal Trade Commission, Food and Drug Administration, Health Care Financing Administration, National Highway Traffic Safety Administration, National Institutes of Health, Nuclear Regulatory Commission, Office of the U.S. Trade Representative, and the departments of Commerce, Energy, and Health and Human Services.

'W. Jackson

Stay Connected

Sign up for our newsletter.

I agree to this site's Privacy Policy.