BSA: Industry should use FISMA standards

A software industry group suggested today that the new Federal Information Security Management Act guidelines be used by the private sector in developing information-security blueprints.

A report released by the Business Software Alliance, on the eve of the Global Tech Summit in Washington, said FISMA and the International Organization for Standardization's ISO 17799 should be part of a broader, voluntary industry framework that is needed to address information security policy and procedures.

The group, which represents some of the world's largest software companies, issued the report as part of a broader effort to heighten awareness of computer security issues and laws.

"This is a journey, it's a start," said Bill Conner, chief executive officer of Entrust Inc., a Dallas digital security company. He helped lead a BSA task force on information-security governance.

While BSA said FISMA is "overly detailed for the private sector," some components can be used by all organizations. "It is especially good at defining the people and process aspects of information security governance," according to the report.

ISO 17799 addresses best practices and standards in information security.

Before releasing the security report, top executives of BSA member companies, including Microsoft Corp.'s Steve Ballmer and Bruce Chizen of Adobe Systems Inc., spent the day in private meetings with congressional and administration leaders.

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

What is your e-mail address?

My e-mail address is:

Do you have a password?

Forgot your password? Click here

Washington Technology Daily

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.


contracts DB