CIO Council folds security panel

The Office of Management and Budget and the federal CIO Council have decided to disband the council's Security, Privacy and Critical Infrastructure Committee to move beyond general issues to the "nitty-gritty details," said Mark Forman, OMB's associate director for information technology and e-government.

Such details include making sure agencies have adequate training programs, the right people and the proper security architectures in place to address governmentwide security vulnerabilities.

The CIO Council completed a total reorganization last month to better focus on e-government issues and eliminated all but three committees. Jim Flyzik, vice chairman of the council, said at the time that the group had not decided what to do with the security committee. But last week, Forman said security and privacy issues will be folded into the council's other committees.

During the past two years, the committee completed a framework to assess agencies' security status and assembled a best practices guide for security practices. A review of governmentwide security shows that having a chief information officer or deputy CIO as a member of the committee has not raised the security level at agencies, Forman said.

Security now will be part of each CIO Council committee's priorities. The council has developed a five-page list of things the committees need to work on in the security area and ideas on how to handle them, Forman said.

* The workforce committee will look at the issue of security skills and awareness.

* The best practices committee will include studies of security best practices.

* The architecture committee will work on security standards.