Please enable JavaScript.
Coggle requires JavaScript to display documents.
Federal Government Information Security and Privacy Regulations - Coggle…
Federal Government Information Security and Privacy Regulations
Information Security Challenges Facing the Federal Government
A culture within the federal governments of merely complying with reporting requirements
Lack of an enterprise approach to information technology
Lack of coordination between the federal government and the private sector
Lack of focused research ans development activities to enhance cybersecurity
Lack of coordination within the federal government
The Federal Information Security Management Act
Scope
Applies to all federal agencies
Main requirements
The role of NIST
Central incident response center
Agency information security programs
Purpose
To protect federal IT systems and the data in those systems
Oversight
In the beginning, the OMB was responsible, bit later some was transferred to the DHS
Protecting Privacy in Federal Information Systems
The e-government act of 2002
Post privacy policies on their websites
Post machine-readable privacy policies on their websites
Review their IT systems for privacy risks
Report privacy activities to the OMB
OMB breach notification policy
Source for notification
Contents of the notification
Time for notification
Means of providing the notice
Whether breach notification is required
Who gets the notice
The privacy act of 1974
Used to limit organization on collecting individuals data and having consent from the individual to distribute the data
Import and Export Control Laws
Export administration regulations
Regulations form the office of foreign asset control
International traffic in arms regulation
Examples
Missing hard drives
Social networking sites