An Official Website of the United States Government
 



Information Security Committee

Purpose:
The Information Security and Identity Management Committee (ISIMC) provides a consensus based forum to support the Federal CIO Council (FCIOC) that enables Chief Information Officers (CIOs) and Chief Information Security Officers (CISOs) to collaborate on: (1) identifying high priority security and identity management initiatives; and (2) developing recommendations for policies, procedures, and standards to address those initiatives that enhance the security posture and protection afforded to Federal Government networks, information, and information systems.
 
The ISIMC shall be the principal interagency forum for identifying and recommending strategic high priority IT security and identity management initiatives to the FCIOC and OMB that enable Federal Government's information systems security programs and agencies' mission objectives through a comprehensive and consistently implemented set of risk-based, cost-effective controls and measures. The committee will recommend standard organization structures for information security committees across the Federal government; and ensure the tools, metrics and measures will lead to defensive operational capabilities and protections of the Federal networks, systems and applications. The Committee shall establish and oversee appropriate subcommittees, working groups, and/or task forces to perform the following functions:
 
  • Develop strategies to coordinate and facilitate the execution of the Comprehensive National Cybersecurity Initiative (CNCI) (National Security Presidential Directive 54/Homeland Security Presidential Directive 23 (NSPD-54/HSPD-23)).
  • Identify and recommend information security and identity management enhancements to policies, processes, and solutions, that address the strategies in (A) above and improve upon identification management solutions.
  • Provide oversight of the ISIMC subcommittees, working groups, and task forces. Coordinate with and provide advice to other Federal committees to improve collaboration, identify complimentary activities, and reduce duplication in security and identity management related areas. Review and concur on common security management requirements, performance measures, and Federal Enterprise Architecture (FEA) updates, program management plan, fiscal budget and funding strategy for security management service areas.
  • Promote the development and use of standard performance measures for agency information security.
  • Share experiences and innovative approaches related to information sharing and information security best practices that span both defensive operational security such as penetration testing regimes, and incident response mitigation, and span security policies compliance, such as FISMA or PMA achievement.
  • Identify common Computer Information Security Officer (CISO) and information assurance professional qualifications in coordination with the FCIOC IT Workforce Committee.
 
The co-chairs of the ISIMC establish subcommittees, working groups, and task forces as necessary. The four standing subcommittees, established by the ISIMC co-chairs, are as follows:
 
  1. Security Program Management Subcommittee (SPMSC)
    Kevin Deeley, Kevin.Deeley@usdoj.gov
    Don Benack, Donald.Benack@dhs.gov
  2. Identity, Credential and Access Management Subcommittee (ICAMSC)
    Judith Spencer, Judith.Spencer@gsa.gov
    Paul Grant, Paul.Grant@osd.mil
  3. Network and Infrastructure Security Subcommittee (NISC)
    Brian Burns, Brian.Burns@pentagon.af.mil
    Earl Crane, Earl.Crane@DHS.gov
  4. Security Acquisitions Subcommittee (SASC)
    Harry Feely, Harry.Feely@ed.gov
    Andrew Orndorff, Andrew.Orndorff@dot.gov
    Mitra Nejad, Mitra.Nejad@usdoj.gov
 

 

 

Leadership:
Co-Chair
Mr. Vance Hitch
Chief Information Officer
Department of Justice
950 Pennsylvania Avenue, NW
Room 1310A
Washington, DC 20530-3101
vance.hitch@usdoj.gov
Office Phone: 202-514-0507
Fax:202-514-1225
 

 

Search CIO.Gov
TechStat - Learn moreFedRamp - Learn moreIT Dashboard - Learn more

Beta 05.19.2010