This is the first of two articles dealing with Cyber-Security and government. This article discusses the results of the New South Wales (NSW) Auditor-Generals Report on Cyber-Security in Local Government. The second will deal with the U.S. National Institute of Standards and Technology’s (NIST) Cyber-security Framework 2.0. Continue reading
On February 26, 2024, the National Institute of Standards and Technology (NIST) issued several Cyber-Security Frameworks. These included: a.) Cyber-security Framework 2.0 Small Business Quick-Start Guide, b.) Cyber-security Framework (CFS) 2.0 Resources Overview Guide, c.) Cyber-security Framework 2.0 Quick Start Guide, and Cybersecurity Framework 2.0: Enterprise Risk Management Quick-Start Guide. Another manual Enterprise Risk Management and Governance Oversight was issued on March 6, 2024. (1) These guides and manuals indicate the NIST is attempting to provide a wide range of information on cyber-security for different sectors of the economy, which have different levels of risk management sophistication. Continue reading
In November 2023, the National Institute of Standards and Technology (NIST) issued NIST Special Publication NIST SP 800-221 (SP). The publication is entitled “Enterprise Impact of Information and Communications Technology Risk: Governing and Managing ICT Risk Programs Within an Enterprise Risk Portfolio. (1) This SP provides a guide for integrating ICT Risk Management with the larger Enterprise Risk Management (ERM) framework. Continue reading
In November 2023, the National Institute of Standards and Technology (NIST) issued NIST Special Publication NIST SP 800-221 (SP). The publication is entitled “Enterprise Impact of Information and Communications Technology Risk: Governing and Managing ICT Risk Programs Within an Enterprise Risk Portfolio. (1) This SP provides a guide for integrating ICT Risk Management with the larger Enterprise Risk Management (ERM) framework. Continue reading
In 2023 the Federal Enterprise Risk Management and Guidehouse 9th Consecutive survey of 52 federal agencies was published. (1) The survey was conducted from July 24 to September 2023. Sixty-two percent of the respondents had some Risk Management Function. Seven percent had Finance, Budgeting and Accounting responsibility. In terms of position, nineteen percent were from the Senior Executive Service (SES). Eighty-four percent were non-SES. This piece looks at key survey questions and the responses. Where possible the 2023 and 2022 responses are shown side by side. Continue reading