Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Everything I think I understand about IT compliance

Everything I think I understand about IT compliance

A talk about the Authority to Operate process and general IT compliance at 18F. Video: https://www.youtube.com/watch?v=-Nc4GXPxpQg&index=1&list=PLd9b-GuOJ3nG5zDAg7exOHusZKVVrkhjO

Aidan Feldman

July 26, 2016
Tweet

More Decks by Aidan Feldman

Other Decks in Technology

Transcript

  1. 18F ATO chain of command 1. Denise Turner Roth (GSA

    Administrator) 2. ??? 3. Phaedra Chrousos (head of TTS) 4. Aaron Snow (head of 18F) 5. Noah Kunin (18F Director of Infrastructure)
  2. FISMA requires each federal agency to develop, document, and implement

    an agency-wide program to provide information security for the information and information systems...of the agency http://csrc.nist.gov/groups/SMA/fisma/faqs.html
  3. Unknowns • Where did “authority to operate” come from? •

    Is there anything stopping the Authorizing Official from saying yes to everything?