OMB has updated its Circular A-130, Managing Information as a Strategic Resource, the policy guide on IT and cybersecurity for federal agencies, saying that “as the government continues to digitize, we must ensure we manage data to not only keep it secure, but also allow us to harness this information to provide the best possible service to our citizens.”
The circular gathers in one resource a wide range of policy updates for federal agencies regarding cybersecurity, information governance, privacy, records management, open data, and acquisitions, OMB said. The circular further establishes general policy for IT planning and budgeting through governance, acquisition, and management of federal information, personnel, equipment, funds, IT resources, and supporting infrastructure and services.
Areas of emphasis include:
* moving away from periodic, compliance-driven assessment exercises and to instead continuously assess systems and build-in security and privacy with every update and re-design;
* encouraging agencies to proactively identify risks, determine practical solutions, and implement and continually test the solutions; and
* stressing privacy and security of information, including personally identifying information.
