The Community for Technology Leaders
RSS Icon
Issue No.02 - March-April (2013 vol.15)
pp: 5-7
Julie M. Anderson , Civitas Group
Current US law and government IT policy take a limited a view of the potential conflicts between existing government information privacy and security standards and actual vendor data collection practices. As a result, procurement requirements lack appropriate risk-management and enforcement mechanisms. Given the proliferation of data collection practices in Internet services companies, government IT leaders should more directly define the parameters of government data ownership in government IT policy and procurement guidance. Government should also better educate employees and govern the use of Internet-based services on government-owned systems.
Risk management, Government policies, Procurement, Contracts, Privacy, Security, procurement requirements, risk management, government IT, information privacy, privacy and security, information technology
Julie M. Anderson, "Government Risk Management Lags behind Vendor Practices", IT Professional, vol.15, no. 2, pp. 5-7, March-April 2013, doi:10.1109/MITP.2013.29
1. T. Grance and W. Jansen, "Guidelines on Security and Privacy in Public Cloud Computing," Nat'l Inst. Standards and Technology, NIST Special Publication 800-144, Dec. 2011;
2. "Email as a Service (EaaS) Blanket Purchase Agreement (BPA) Requirements Document," US General Services Administration, 2013;
3. "Cloud-Based Email and Collaboration Services (CECS)—Statement of Work," Department of the Interior, Oct. 2011;
4. "Request for Proposal Number D1PS00041," Department of the Interior, 2013;
51 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool