Best Practices In Focus

• Phase I of the FEA Security and Privacy Profile
• Governors Association Provides Robust Best Practices Web Site

Phase I of the FEA Security and Privacy Profile

In February 2005, the FEA PMO posted the finalized draft of The FEA Security and Privacy Profile (SPP) Phase I Final, a best practice methodology that enables federal decision makers to initiate management, operational, and technical controls that will ensure security and privacy of information resources for any given business process while protecting citizen privacy. The SPP helps process owners and managers identify risk exposure for their enterprises, programs, or projects, the controls needed to manage risks, the cost of applying controls, and possible ways to lower this cost by combining controls.

For SPP Phase II, the Architecture and Infrastructure Committee of the Chief Information Officers Council (CIOC) is synthesizing best practices and guidance derived from the FEA Reference Models to develop improvements of the SPP. According to the 2005 – 2006 FEA PMO Action Plan, the results of the second phase will provide a uniform, repeatable, and simplified methodology for consistent application across lines of business government wide.

Governors Association Provides Robust Best Practices Web Site

By surveying states on key issues and providing assessments of current state activities, the Center of Best Practices Online of the National Governors Association provides an informative Web site of best practices and common solutions to help governors and their staff develop policy. The centers four areas of interest are education; social, economic, and workforce programs; health; homeland security and technology; and environment, energy, and natural resources. It also publishes an online newsletter Front & Center that includes best practices and federal policies, links to research, and other analysis.

To find out more about In Focus items and suggest other In Focus items, contact us.