Evans: Agencies are improving security profiles

Agencies continue to make progress in securing their information systems, at least in terms of improving their collective FISMA scores, according to Karen Evans, the Office of Management and Budget's administrator of e-government and IT. Evans was the keynote speaker at the ITAA 2006 Information Security Workshop today in Falls Church, Va.

FISMA ' the Federal Information Security Management Act ' sets the standards and procedures agencies must observe in order to improve their security profiles. Each year, every department and independent agency is given a letter grade, based on their implementation of the elements of FISMA.

Final grades usually are released in the spring, reflecting agencies' performance in the previous fiscal year. But Evans said preliminary results in three key categories, taken together, show that agencies are making progress.

In fiscal 2005, 85 percent of government systems were certified and accredited, Evans said; this year, 88 percent of the systems received C&A.

This addresses 'how much risk to live with,' Evans said. 'This identifies risks [and] controls ' at the end it makes agencies think about services versus their risks, and senior management has to sign off' on that tradeoff.

In another category, 78 percent of agencies tested their security contingency plans in 2006, up from 60 percent in 2005, Evans said.

And inspectors general at 19 agencies verified and assigned ratings on weaknesses identified in their organizations' systems, up from 17 agencies the previous year.

The numbers indicate how well government systems are secured, Evans said. 'That's why the combination of those three numbers is important.'


  • 2020 Government Innovation Awards
    Government Innovation Awards - https://governmentinnovationawards.com

    21 Public Sector Innovation award winners

    These projects at the federal, state and local levels show just how transformative government IT can be.

  • Federal 100 Awards
    cheering federal workers

    Nominations for the 2021 Fed 100 are now being accepted

    The deadline for submissions is Dec. 31.

Stay Connected