Davis introduces security, IT work force exchange bills

Davis introduces security, IT work force exchange bills

Rep. Tom Davis (R-Va.) has introduced legislation to set mandatory computer security standards for federal agencies.

The chair of the Government Reform Committee's Subcommittee on Technology and Procurement Policy introduced the Federal Information Security Management Act, HR 3844, today to permanently reauthorize the Government Information Security Reform Act of 2000 and add more teeth to it. GISRA is set to expire Nov. 29.

Davis also joined Rep. Dan Burton (R-Ind.), chairman of the Government Reform Committee, yesterday to introduce the Federal Information Technology Workforce and Acquisition Improvement Act of 2002, HR 3843. This bill, in part, incorporates Davis' Digital Tech Corps bill, which he introduced last year.

The security bill would require agencies to use security best practices, and it would give the National Institute of Standards and Technology a bigger role in developing and maintaining security standards and controls. The Office of Management and Budget also would be required to make the NIST standards compulsory so they could not be waived under the Computer Security Act of 1987.

'The fact that federal information systems continue to be woefully unprotected from both malevolent attacks and benign interruptions has presented a grave concern to me for a number of years,' Davis said during a hearing before the Government Reform Committee's Subcommittee on Government Efficiency, Financial Management and Intergovernmental Relations. 'It is clear that the state of federal information security suffers from a lack of coordinated, uniform management.'

The security bill also requires agencies to identify their systems' levels of risk and to implement protections.

'Information security cannot go the way of any other issue du jour,' Davis said. 'It is a constant management requirement that requires eternal vigilance, and the ranking of its importance to federal operations cannot fluctuate from one administration to the next.'

The bill was referred to the Government Reform Committee and the Science Committee.

The IT work force bill would sanction an exchange program between agencies and the private sector for midlevel IT managers for up to two years.

The acquisition part of the bill would extend for five years a pilot to expedite IT purchases using simpler acquisition procedures. There also is a section to encourage contractors to telecommute and require agencies to permit telecommuting by vendors working for them.

The bill was referred to the Government Reform Committee.

inside gcn

  • security compliance

    Security fundamentals: Policy compliance

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group