Issue No. 02 - March-April (2013 vol. 15)
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MITP.2013.29
Julie M. Anderson , Civitas Group
Current US law and government IT policy take a limited a view of the potential conflicts between existing government information privacy and security standards and actual vendor data collection practices. As a result, procurement requirements lack appropriate risk-management and enforcement mechanisms. Given the proliferation of data collection practices in Internet services companies, government IT leaders should more directly define the parameters of government data ownership in government IT policy and procurement guidance. Government should also better educate employees and govern the use of Internet-based services on government-owned systems.
Risk management, Government policies, Procurement, Contracts, Privacy, Security, procurement requirements, risk management, government IT, information privacy, privacy and security, information technology
J. M. Anderson, "Government Risk Management Lags behind Vendor Practices," in IT Professional, vol. 15, no. , pp. 5-7, 2013.