OMB considers certifications

The software certification role of the National Information Assurance Partnership might expand from defense and national security agencies to all federal agencies, a White House official told Congress.

Karen Evans, administrator for e-government and IT at the Office of Management and Budget, told the House Government Reform Committee this month that NIAP could be used to certify the security of commercial software that civilian agencies use.

NIAP oversees security-testing standards for military and intelligence agencies. Started in 1997, NIAP is a collaboration between the National Security Agency and the National Institute of Standards and Technology to establish a framework for security testing of commercial software for use on classified military networks.