Federal Manager's Daily Report

Agencies are making progress with longstanding information

security weaknesses but there is an evident lack of

ADVERTISEMENT


accountability among agency officials who do not understand

their responsibilities, the Office of Management and Budget

reported to Congress recently regarding 2003 data it

collected under the Federal Information Security Management

Act.


However, that FISMA data could be improved through validation

and the completion of system inventories, the General

Accounting Office has said in a review of OMB’s report.


It said OMB’s report on the implementation of FISMA

requirements by 24 of the largest federal agencies showed

that risk assessments for systems increased from 65 to 78

percent, systems having contingency plans in place rose from

55 to 68 percent, and systems authorized for processing

after certification and accreditation went up from 47 to 67

percent. However, some agencies reported to OMB that less

than half their systems met certain requirements.


According to GAO, OMB told Congress that the National

Institute of Standards and Technology is attempting to improve

the usefulness of performance measurement data by developing

standards with which to categorize systems — for example,

the potential impact that system would have in the event of

a security breach. However, NIST said that current and future

funding constraints could threaten future information security

work. sparklist.com