Putnam to continue security grading

The man who originated them may be gone, but agencies still will receive grades on their information practices and policies from Congress in the coming years.

Information security and how agencies manage it will be a top priority for the House Government Reform Committee's Technology, Information Policy, Intergovernmental Relations and the Census Subcommittee, said Rep. Adam Putnam (R-Fla.), its new chairman.

A key part of the subcommittee's oversight is the plan to continue issuing the information security scorecard started by former Rep. Stephen Horn (R-Calif.), Putnam said, speaking today at an event sponsored by the Computing Technology Industry Association.

While information security is still largely unnoticed by Congress as a whole, focusing attention on how agencies are progressing in this area is critical to technology management as well as the overall personnel and training challenge, Putnam said.

In addition to the grades, the subcommittee will keep close track of how agencies progress by identifying shortcomings in the governmentwide approach, ensuring that money is made available where it is needed, holding the appropriate officials accountable and encouraging the spread of private-sector best practices, he said.

Attention from Congress really does encourage change and progress from the agencies, said Tim Grance, manager of the systems and network security group at the National Institute for Standards and Technology's Computer Security Division.

Changing the culture at agencies to focus on security as part of systems development and day-to-day management is a slow process, and Horn's grades definitely helped raise awareness, Grance said.

Horn, who was chairman of the House Government Reform Committee's Government Efficiency, Financial Management and Intergovernmental Relations Subcommittee, retired from Congress at the end of the last session.