Why you can’t decide (And what to do about it)
May 27, 2016
Commentary: The rapidly changing digital world can leave tech executives feeling overwhelmed when they're faced with charting the course of their company's cybersecurity strategy.
David Stegon was a staff reporter for FedScoop and StateScoop from 2011-2014.
The Department of Homeland Security needs to further define and implement its new information technology governance process, the Government Accountability Office said in a new report.
DHS has defined a vision for its new IT governance process, which includes a tiered oversight structure that defines distinct roles and responsibilities throughout the department.
The new governance framework and the associated policies and procedures are generally consistent with recent Office of Management and Budget guidance and with best practices for managing projects and portfolios identified in GAO’s IT Investment Management framework.
However, DHS policies and procedures have not yet been finalized, because the focus has been on piloting the new governance process.
DHS has begun to implement aspects of its new governance process, however, the department has not fully followed other practices, including developing a mechanism to capture lessons learned.
To implement an effective IT governance process, GAO recommends that DHS finalize associated policies and procedures, and fully follow best practices for implementing the process. In comments on a draft of this report, DHS concurred with GAO’s recommendations and estimated it would address them by September 2013.