The Administration supports Senate passage of S. 1993, the
Government Information Security Act, which would provide a comprehensive
framework for establishing and ensuring the effectiveness of controls over
information and information resources that support Federal operations and
assets. The Administration fully supports the bill's goal of strong central
management, oversight, and enforcement for government security policies while
building on the Clinger-Cohen model to ensure that the agencies are ultimately
responsible for the security of their assets. In addition, the Administration
agrees that periodic security program evaluations and the periodic independent
audits of those evaluations are important tools for agencies to make certain
that their security programs achieve and maintain adequate security. S. 1993
goes a long way toward meeting these important goals.
The Administration also agrees with the additional
responsibilities assigned to the Office of Personnel Management and the
National Science Foundation to ensure that the Federal Government has a
sufficient number of trained information security specialists.
The Administration appreciates that the legislation maintains
the existing distinction between: (1) policy and oversight for national
security systems and information; and (2) policy and oversight for unclassified
systems and information, in a manner generally consistent with existing law,
policy, and practice. This issue has been debated vigorously for years, with
each discussion ultimately concluding that the merger of the two systems, with
their distinctly different needs, would work to the detriment of both.
The Administration is pleased that no provision in this Act is
intended to inappropriately and unnecessarily infringe upon the statutory
authorities and responsibilities of Federal agencies. The Administration looks
forward to working with Congress as the bill proceeds through the legislative
process. |