The federal government's information systems security program enables agencies' mission objectives through a comprehensive and consistently implemented set of risk-based, cost-effective controls and measures that adequately protects information contained in federal government information systems.
The Information Systems Security Line of Business (ISSLoB) was created in 2005 to improve the level of information systems security across government by eliminating duplication of effort, increasing aggregate expertise, and enhancing the overall security posture of the federal government. This value proposition is supported through the use of Shared Service Centers (SSC's), consolidated acquisitions, agency standard practices, and lessons learned across agencies.
ISSLOB is currently addressing four common information systems security needs across the government including:
- Security & Awareness Training - Common suites of ISS training products and training services for the federal government, including government-wide licenses for commercial IT applications and security training products
- Tier I - Security Awareness Training Services and Content
- Tier II - Specialized (Role Based) Training Content
- Situational Awareness & Incident Response (SAIR) - Provide federal enterprise situational awareness and incident response capability through:
- multiple SSCs shared products and services for specific functional areas;
- Blanket Purchase Agreements setup to provide quick access to products and services; and
- provision of a critical foundation for ISS, identifying others in future as Line of Business evolves.
- Risk Management Framework (C&A) Service Offerings - Established to facilitate the implementation of common solutions for areas that many agencies are missing with regard to achieving greater efficiencies in executing the C&A process.
The Information Systems Security Line of Business aims to improve information systems security across the federal government by:
- identifying problems and proposing solutions to strengthen the ability of all agencies to identify and manage information security risks;
- providing improved, consistent, and measurable information security processes and controls across government; and
- achieving savings or cost-avoidance through reduced duplication and economies of scale.
- The Program Management Office facilitates the day-to-day operations of ISSLoB.
- Federal Systems Security Governance Board - Multi-agency, oversight body and steering committee
- Customer Agency Advisory Board - A representative user group from all activity areas of the LOB
For more information, please contact: