risk management

NIST releases automation-friendly security and privacy assessment procedures

by • 9 hours ago

The agency developed an online comment tool to release future controls and assessment procedures concurrently to keep pace with evolving cyber threats.

DOD CIO updating cyber reciprocity guidance after audit finds weaknesses

by • 2 months ago

In a recent audit, the DOD IG observed a mixed bag of some DOD components leveraging reciprocity and others not.

Delayed DHS biometrics system’s risk management issues persist

by • 8 months ago

GAO says acquisition practices for the new system, HART, must also be improved.

GAO: Agencies must ramp up supply chain risk management practices

by • 1 year ago

A new GAO report reveals that few agencies have implemented recommended practices for managing IT supply chain risks, especially pertinent following the SolarWinds attack.

Cloud and AI key to managing risk for government agencies

by • 1 year ago

IT leaders are overwhelmed with security and regulation requirements. But using AI-enabled tools and a holistic cloud strategy can help agencies better mitigate security risk.

State Department is looking for tools to manage its global supply chain risk

by • 1 year ago

The department wants to better understand its supply chain of IT vendors and be able to rapidly discover or anticipate risks to its networks.