About | HeinOnline Law Journal Library | HeinOnline Law Journal Library | HeinOnline
LOG IN
LOG IN

GAO-08-1075R 1 (2008-09-16)

handle is hein.gao/gaocrptawdi0001 and id is 1 raw text is: G A 0 United States Government Accountability Office Washington, DC 20548 September 16, 2008 The Honorable James R. Langevin Chairman Subcommittee on Emerging Threats, Cybersecurity, and Science and Technology Committee on Homeland Security House of Representatives The Honorable Sheila Jackson-Lee Chairwoman Subcommittee on Transportation Security and Infrastructure Protection Committee on Homeland Security House of Representatives Subject: Information Technology: Federal Laws, Regulations, and Mandatory Standards for Securing Private Sector Information Technology Systems and Data in Critical Infrastructure Sectors Federal policy identifies 18 infrastructure sectors-such as banking and finance, energy, public health and healthcare, and telecommunications-that are critical to the nation's security, economy, public health, and safety.' Because these sectors rely extensively on computerized information systems and electronic data, it is crucial that the security of these systems and data is maintained. Further, because most of these infrastructures are owned by the private sector, it is imperative that public and private entities work together to protect these assets. The federal government uses both voluntary partnerships with private industry and requirements in federal laws, regulations, and mandatory standards to assist in the security of privately owned information technology (IT) systems and data within critical infrastructure sectors. As agreed, our objectives were to (1) identify, for each critical infrastructure sector, the federal laws, regulations, and mandatory standards that pertain to securing that sector's privately owned IT systems and data and (2) identify enforcement mechanisms for each of the above laws, regulations, and mandatory standards. To accomplish these objectives, we solicited information from the federal agencies responsible for overseeing each critical infrastructure sector to identify the applicable requirements, as well as the mechanisms and authorities available to the government to enforce compliance with these requirements. 1 See, for example, Homeland Security Presidential Directive 7. GAO-08-1075R - Federal Legal Requirements for Critical Infrastructure IT Security

What Is HeinOnline?

HeinOnline is a subscription-based resource containing thousands of academic and legal journals from inception; complete coverage of government documents such as U.S. Statutes at Large, U.S. Code, Federal Register, Code of Federal Regulations, U.S. Reports, and much more. Documents are image-based, fully searchable PDFs with the authority of print combined with the accessibility of a user-friendly and powerful database. For more information, request a quote or trial for your organization below.



Contact us for annual subscription options:

Contact Us

Already a HeinOnline Subscriber?

Log In

profiles profiles most