April 13, 2007
HUD EARNS AN A-PLUS ON IT SECURITY EFFORTS
Revitalized IT efforts lead Agency to complete turnaround from previous D rating
WASHINGTON - Congressman Tom Davis, ranking member of the House Government Oversight and Reform Committee, gave U.S. Department of Housing and Urban Development an overall grade of A-plus when it comes to safekeeping information on government computer systems. HUD had, for the first time, developed a full inventory of its information security apparatus, a major plus in the grading. It also showed improvement in virtually all categories.
Davis specifically sighted HUD's turnaround as "encouraging and an excellent sign of progress" in the annual report. "The agency reports showed that the number of systems reported, annual testing of security controls and contingency plans all have increased," said Davis. "More systems are certified and accredited as secure as well."
The grades are derived from annual reports agencies produce to comply with the Federal Information Security Management Act (FISMA), which Davis wrote and shepherded to passage in 2002. Agencies are rated on their annual tests of information security, their plans of action and milestones or corrective action plans, whether they certify and accredit their systems as secure, how well they manage the configuration of their computers to ensure security, how they detect and react to breaches of security, their training programs and the accuracy of their inventories.
HUD's Chief Information Officer, Lisa Schlosser credits the agency's leadership for the turnaround. "Since FISMA went into effect in 2002, HUD Secretary Alphonso Jackson and Deputy Secretary Roy Bernardi, have placed a renewed focused on improving HUD's information security program," explained Schlosser. "That support, along with the support of all of HUD's Assistant Secretaries and with the valuable oversight of the Inspector General, has allowed us to take such actions as hiring an industry-recognized leader in information Security, Mr. Patrick Howard, as our chief information security officer. Pat, with our business unit Information Systems Security Officers, has successfully established an effective and visible enterprise Information Security Program."
"The results of the report card this year show that federal agencies are beginning to take seriously their responsibilities to safeguard sensitive information," said Congressman Mike Turner, ranking member of the Information Policy, Census and National Archives subcommittee, which deals with information security issues.
Schlosser explained there's more to be done. "We must remain eternally vigilant to this security issue. Our challenge will be to continue to capitalize on state of the art technology to support our mission, while also evolving our security program to confront increasingly more sophisticated threats."
HUD's A-plus rating is the second high honor earned by the IT team in little over one week. Earlier, the agency's IT team earned recognition from the prestigious Computerworld Honors Program for its HUD Information Technology Services (HITS) program. The Computerworld Honors Program brings together the principals of the world's foremost information technology companies to recognize and document the achievements of the men, women, organizations and institutions around the world.
HUD is the nation's housing agency committed to increasing homeownership, particularly among minorities; creating affordable housing opportunities for low-income Americans; and supporting the homeless, elderly, people with disabilities and people living with AIDS. The Department also promotes economic and community development, and enforces the nation's fair housing laws. More information about HUD and its programs is available on the Internet and espanol.hud.gov.