Where to turn for help

Besides the Office of Management and Budget guidance, there are other sourcesof information about the requirements of the Government Information SecurityReform Act. * The act itself. It's available on the CIO Council Web site (),separate from the fiscal 2001 Defense Authorization Act. * The National Institute of Standards and Technology draft special publication,"Self-Assessment Guide for Information Technology Systems." Available atthe Computer Security Resource Center's Web site (). A finalversion will be available soon but won't differ much from the draft. * The CIO Council's Information Technology Security Assessment Framework.Also available on the council's site, the framework is what the NIST specialpublication builds on. * The CIO Council's report "Securing Electronic Government." This publication,also on the council's Web site, takes a more program-oriented view at whatsecurity is necessary for different systems and services