Issue No.02 - March-April (2013 vol.15)
Julie M. Anderson , Civitas Group
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MITP.2013.29
Current US law and government IT policy take a limited a view of the potential conflicts between existing government information privacy and security standards and actual vendor data collection practices. As a result, procurement requirements lack appropriate risk-management and enforcement mechanisms. Given the proliferation of data collection practices in Internet services companies, government IT leaders should more directly define the parameters of government data ownership in government IT policy and procurement guidance. Government should also better educate employees and govern the use of Internet-based services on government-owned systems.
Risk management, Government policies, Procurement, Contracts, Privacy, Security, procurement requirements, risk management, government IT, information privacy, privacy and security, information technology
Julie M. Anderson, "Government Risk Management Lags behind Vendor Practices", IT Professional, vol.15, no. 2, pp. 5-7, March-April 2013, doi:10.1109/MITP.2013.29