|
| Home | Statistics | Documents | Catalog | StratEdit | XSLTForms | DNAOS | About | Portal | Glossary | Contact [!?] |
| Documents/CIOC2007/4: Required content not provided |
4: Required content not provided An integrated, accessible Federal infrastructure enabling interoperability across Federal, state, tribal, and local governments, as well as partners in the commercial and academic sectors. Other Information: DESCRIPTION: In most cases Federal agencies’ infrastructures grew organically over time without an overall plan of development and implementation. The CIOC is leading the effort to integrate these home-grown networks into an interoperable network, encompassing agencies at all levels of Government, thereby helping to realize the President’s vision of a Government that is truly citizen centered. The challenge has grown because, even as we make the transition, agency networks must continue to meet increasing demands for bandwidth and connectivity in support of expansion of agency-specific systems. At the same time, by continuing to incorporate the accessibility standards of Section 508, agencies will ensure that employees and others with disabilities will have full access to Federal information and technology. KEY PERFORMANCE INDICATORS: - 100% of Federal agencies have implemented IPv6.17 components registered in CORE.gov that are actually being reused. - 100% of agencies reusing components available in CORE.gov. - At least 3 components actually being reused by each agency. - Stakeholder satisfaction with government information and services. SUCCESS STORY: The Architecture and Infrastructure Committee (AIC), in conjunction with OMB, created the Federal Enterprise Architecture Security and Privacy Profile v2.0 (FEA SPP). The purpose of the FEA SPP is to provide agency decision-makers with a scalable and repeatable methodology for addressing information security and privacy from a business enterprise perspective. To develop the FEA SPP, the AIC formed a cross-agency team to update the goals and process for augmenting the FEA SPP. The process developed by the FEA SPP team to expand on the FEA SPP documentation was a ground-breaking and innovative approach that allowed multiple disparate groups to collaborate and create a more effective guidance document. The FEA SPP team linked system and program-level security and privacy activities to agency architectures through the FEA reference models, providing agencies with a methodology for managing security and privacy issues according to the business-focused enterprise viewpoint. The FEA SPP was field tested through validation exercises at the Department of Housing and Urban Development and the Department of Justice. During these exercises, senior cross-functional teams applied and reviewed the FEA SPP methodology to ensure its usability and applicability. Through the validation process, the FEA SPP team identified best practices and developed recommendations designed to promote the successful incorporation of security and privacy into an organization’s enterprise architecture. The validation process also helped to ensure appropriate consideration of security and privacy requirements in agencies’ strategic planning and investment decision processes. The process used to validate the FEA SPP benefited validating agencies by providing them with an opportunity to explore relationships between security processes and enterprise resources within their agencies. In addition, this process allowed for the thorough testing of the FEA SPP model before applying it to a wider audience. The execution of this process provided an exemplary method for testing and validating best practices and recommended techniques for incorporating security and privacy activities into an organization’s enterprise architecture. The validation process used to develop the FEA SPP will ultimately lead to the widespread acceptance of information security best practices because the process allowed for transparent decision-making and a clear understanding of the application of the proposed methodology. The FEA SPP provides agencies with a tool to facilitate the incorporation of security and privacy activities within their architectures. The FEA SPP is designed to assist organizations in understanding security and privacy requirements, their ability to meet those requirements, and the business risks associated with failures to meet security requirements. In addition, the FEA SPP will help program executives select the best solutions for meeting requirements and improving current capabilities, and improves agencies’ processes for incorporating privacy and security into major investments by selecting solutions most in keeping with enterprise needs. It is expected that through the implementation of the FEA SPP, federal agencies’ security and privacy programs will see an improvement in their effectiveness by applying a proven methodology to advance agency security and privacy. The FEA SPP exemplifies one of the many successes of the AIC by demonstrating the value of a sound process for developing a methodology that will be applied across the Federal government and by providing a repeatable methodology for addressing information security that will help to improve the business of Federal agencies. Objective(s):
|
| sitemap | Copyright 1971-2012 01 COMMUNICATIONS INC. ALL RIGHTS RESERVED. - Powered by DNAOS | contact |