The federal government's information systems security program enables agencies' mission objectives through a comprehensive and consistently implemented set of risk-based, cost-effective controls and measures that adequately protects information contained in federal government information systems. The Information Systems Security Line of Business (ISSLoB) was created in 2005 to improve the level of information systems security across government by eliminating duplication of effort, increasing aggregate expertise, and enhancing the overall security posture of the federal government. This value proposition is supported through the use of Shared Service Centers (SSC's), consolidated acquisitions, agency standard practices, and lessons learned across agencies.
ISSLoB is currently addressing common information security systems security needs across the government, including:
- Security & Awareness Training - Common suites of ISS training products and training services for the federal government, including government-wide licenses for commercial IT applications and security training products
- Tier I - Security Awareness Training Services and Content
- Tier II - Specialized (Role Based) Training Content
- Situational Awareness & Incident Response (SAIR) - Provide federal enterprise situational awareness and incident response capability through:
- Multiple SSCs shared products and services for specific functional areas;
- Blanket Purchase Agreements setup to provide quick access to products and services; and
- Provision of a critical foundation for ISS, identifying others in future as Line of Business evolves.
- Risk Management Framework (A&A) Service Offerings - Established to facilitate the implementation of common solutions for areas that many agencies are missing with regard to achieving greater efficiencies in executing the A&A process.
The Information Systems Security Line of Business aims to improve information systems security across the federal government by:
- Identifying problems and proposing solutions to strengthen the ability of all agencies to identify and manage information security risks;
- Providing improved, consistent, and measurable information security processes and controls across government; and
- Achieving savings or cost-avoidance through reduced duplication and economies of scale.
- The Shared Services Governance Board – Multi-agency, primary executive body responsible for advising future policies and decision making of the Shared Services Policy Officer.
- Shared Services Policy Officer – Designated by the OMB Director, has the authority and responsibility, in conjunction with Office of Management and Budget leads the development and implementation of administrative shared services policy across the government.
- Unified Shared Services Management – General Services Administration oversees the current shared service ecosystem and provides a consistent long-term strategy for the expansion of administrative shared services.
- Line of Business Managing Partner Council – Serves as an advisory council to the Shared Services Policy Officer.
- The Federal Network Resilience Division, Mission Support Office Branch - Facilitates the day-to-day operations of the Department of Homeland Security ISSLoB activities.
For more information, please contact: