Dave Nyczepir – РИСК-АКАДЕМИЯ – АНО ДПО ИСАР https://risk-academy.ru Управление рисками, риск менеджмент, обучение по управлению рисками, тренинг риск менеджмент Wed, 02 Dec 2020 00:55:00 +0000 en-US hourly 1 https://wordpress.org/?v=6.9.4 https://raruswebsite.s3.amazonaws.com/wp-content/uploads/2018/02/10213225/cropped-favicon-32x32.png Dave Nyczepir – РИСК-АКАДЕМИЯ – АНО ДПО ИСАР https://risk-academy.ru 32 32 OMB should lead category management efforts to improve contract data, GAO says https://risk-academy.ru/omb-should-lead-category-management-efforts-to-improve-contract-data-gao-says/ Wed, 02 Dec 2020 00:54:59 +0000 https://risk-academy.ru/omb-should-lead-category-management-efforts-to-improve-contract-data-gao-says/ Written by

Dave Nyczepir
Dec 1, 2020 | FEDSCOOP

Efforts to improve contract data must be led by the Office of Management and Budget, if its category management initiative is to improve, according to the Government Accountability Office.

GAO found OMB‘s category management initiative focused too much on how to buy things — at the expense of helping agencies determine what goods and services they actually need — when it assessed data for 28 agencies, reviewed guidance for four and interviewed officials.

The category management initiative saved $27.3 billion in three years by having agencies use existing contracts to buy similar products and services like those in the IT Category, but billions more could be saved if OMB pursues governmentwide solutions to data challenges.

“Agency officials told GAO that data challenges—particularly challenges in collecting, analyzing, and sharing data on their spending and the prices they pay—have hindered implementation of the category management initiative,” reads GAO’s congressional report released Monday. “OMB is aware of these…

Read More…

]]> Use of a cyber risk framework would be mandatory for agencies under Senate bill https://risk-academy.ru/use-of-a-cyber-risk-framework-would-be-mandatory-for-agencies-under-senate-bill/ Sat, 03 Oct 2020 04:51:45 +0000 https://risk-academy.ru/use-of-a-cyber-risk-framework-would-be-mandatory-for-agencies-under-senate-bill/ Written by

Dave Nyczepir
Oct 2, 2020 | FEDSCOOP

Agencies should spend their limited cybersecurity funds better by prioritizing tools that address the most pressing threats, a bipartisan pair of senators says.

Rob Portman, R-Ohio, and Gary Peters, D-Mich., introduced the Risk-Informed Spending for Cybersecurity (RISC) Act on Thursday, in response to a 2019 report revealing most agencies lack comprehensive cyber risk frameworks.

The Office of Management and Budget would be required to develop a risk-based budgeting model that agencies must use because, while some quantify their cyber risk, the practice isn’t mandatory.

“Too often, insufficient information about threats and their associated risks inhibits [agencies’] ability to make the best, most informed decisions,” Portman said in the announcement. “It is crucial that federal agencies know the return on investment for each cybersecurity capability acquired and whether those capabilities address existing security vulnerabilities.”

Inspectors general found seven of eight agencies reviewed failed to properly protect…

Read More…

]]>