White House: “Today the Office of Management and Budget (OMB) is releasing an update to the Federal Government’s governing document for the management of Federal information resources: Circular A-130, Managing Information as a Strategic Resource.
The way we manage information technology(IT), security, data governance, and privacy has rapidly evolved since A-130 was last updated in 2000. In today’s digital world, we are creating and collecting large volumes of data to carry out the Federal Government’s various missions to serve the American people. This data is duplicated, stored, processed, analyzed, and transferred with ease. As government continues to digitize, we must ensure we manage data to not only keep it secure, but also allow us to harness this information to provide the best possible service to our citizens.
Today’s update to Circular A-130 gathers in one resource a wide range of policy updates for Federal agencies regarding cybersecurity, information governance, privacy, records management, open data, and acquisitions. It also establishes general policy for IT planning and budgeting through governance, acquisition, and management of Federal information, personnel, equipment, funds, IT resources, and supporting infrastructure and services. In particular, A-130 focuses on three key elements to help spur innovation throughout the government:
- Real Time Knowledge of the Environment. In today’s rapidly changing environment, threats and technology are evolving at previously unimagined speeds. In such a setting, the Government cannot afford to authorize a system and not look at it again for years at a time. In order to keep pace, we must move away from periodic, compliance-driven assessment exercises and, instead, continuously assess our systems and build-in security and privacy with every update and re-design. Throughout the Circular, we make clear the shift away from check-list exercises and toward the ongoing monitoring, assessment, and evaluation of Federal information resources.
- Proactive Risk Management. To keep pace with the needs of citizens, we must constantly innovate. As part of such efforts, however, the Federal Government must modernize the way it identifies, categorizes, and handles risk to ensure both privacy and security. Significant increases in the volume of data processed and utilized by Federal resources requires new ways of storing, transferring, and managing it Circular A-130 emphasizes the need for strong data governance that encourages agencies to proactively identify risks, determine practical and implementable solutions to address said risks, and implement and continually test the solutions. This repeated testing of agency solutions will help to proactively identify additional risks, starting the process anew.
- Shared Responsibility. Citizens are connecting with each other in ways never before imagined. From social media to email, the connectivity we have with one another can lead to tremendous advances. The updated A-130 helps to ensure everyone remains responsible and accountable for assuring privacy and security of information – from managers to employees to citizens interacting with government services. …(More)”