Secure Government Networks - 5 Points For Success in Gaining Compliance and Connection

"The world is changing around us at an incredible pace due to remarkable technological change. This process can either overwhelm us, or make our lives better and our country stronger. What we can't do is pretend it is not happening." Prime Minister Tony Blair on commissioning the Transformational Government strategy.

To survive in this era of accelerating technological change, and to implement the edicts of the Transformational Government strategy, every public sector organisation will have to undergo fundamental technology-enabled change. This article provides a five-point check list for senior managers responsible for developing and delivering a successful Transformational Government change programme.

Ensuring that an organisation can satisfy the necessary information security requirements to enable it to be a component part of joined-up government, requires consideration that will inform budget and strategy, reshape organisational process and procedures, and redefine culture and working practices.

As a guide to those responsible for their organisation's information assurance and implementation of the Transformation Government agenda, this article provides a five-point check list to provide a basis for ICT-enabled organisational change.

Point 1 - Be fully appraised of current Government policy and strategy

Current UK Government policy and strategy is leading public service organisations through a significant period of change to achieve efficiency gains through streamlined citizen-centric, ICT-enabled, secure shared services.

Understanding current UK Government policy and strategy will assist you in:

Understanding measures you should take to deliver ICT enabled business change

Identifying expected business benefits

Identifying costs

Identifying scope of change

Identifying risks.

A list of the key sources of UK Government policy and strategy can be found in the thought leadership section of the VEGA website.

Point 2 - Ensure board level buy-in and understanding

A board level information assurance champion should be appointed to act as Senior Information Risk Owner (SIRO) for your organisation. This recommendation meets mandatory requirement 3 from the HMG Security Policy Framework (SPF) V1.0.

Your SIRO should agree to terms of reference which clearly define their role and responsibilities with regard to the information assurance of your organisation. Additionally, your SIRO should meet regularly with your organisation's security staff to discuss security policy and discuss a risk managed approach to information assurance. This ensures that information assurance and governance is a recognised board level responsibility which includes the protection and utilisation of all of your organisation's assets (information, personnel and physical).

Point 3 - Manage your stakeholders

Obtaining stakeholder buy-in to your organisation's information assurance strategy is critical to its success. Good stakeholder management creates awareness, provides the framework for supporting delivery and assists you secure budget where resource is scarce and competition is fierce.

A communications plan should therefore be developed to identify:

Desired buy-in outcomes

Audience of stakeholders (internal and external)

How to best engage stakeholders

How messages are to be communicated

Ownership of responsibility for maintaining communications

Frequency of communications.

Stakeholders should subsequently be plotted on a stakeholder map prioritised by power and interest. This will assist you in grouping them. Your communications strategy can then focus on key stakeholders whilst ensuring other stakeholders are engaged to the level required.

Failure to gain buy-in from key stakeholders has sealed the fate of many information assurance projects.

Point 4 - Involve the experts

When pursuing an information assurance strategy, you should seek advice from recognised Government and industry experts. These organisations have faced the same challenges as you and have valuable information and knowledge to share. This will save you time and money, whilst ensuring that the information assurance solutions you plan to implement are fit for purpose and proven across Government.

The organisations you may wish to contact include:

Office Government and Commerce Buying Solutions (OGCBS)

Communications-Electronics Security Group (CESG)

Government Computer Emergency Response Team (GOVCERT)

Central Sponsor for Information Assurance (CSIA)

Centre for the Protection of National Infrastructure (CPNI)

Warning, Advice and Reporting Point (WARP)

Information Commissioners Office (ICO)

Public sector organisations similar to your own

Consultancies with expertise in enabling Transformational Government change programmes

Point 5 - Achieving and evidencing compliance

Recent data losses across Government have placed an increased focus on information assurance. Public sector organisations must comply with centrally released security policy (e.g. HMG SPF) which defines mandatory minimum security measures.

To connect to a secure network, your organisation must comply with mandatory security controls. Depending on the security impact level of the secure network, your organisation will either have to complete a Code of Connection (CoCo) or produce a Risk Management and Accreditation Document Set (RMADS).

To answer the requirements of a CoCo you should treat each control like an exam question (answer the question with relevant evidence), and sell your strengths, if you comply with standards such as ISO/IEC27001:2005 or PCI DSS.

The completion of a RMADS is much more involved. Unless your organisation has significant experience, you should involve a CESG Listed Advisor from the CESG Listed Advisor Scheme (CLAS).

Connection to a secure network will only be permitted once the relevant governing security authority is content that your organisation meets the information assurance requirements of the network you wish to connect to. This ensures that the risk your organisation poses to other organisations on the network is managed.

Once your organisation's connection is authorised, you should expect regular audits which ensure the level of information assurance your organisation has achieved is maintained and improved.

These five points will hopefully act as an aide memoir� when your organisation starts to consider its connection to a secure government network. The most important thing to understand is that information security is not just about technology; it is the catalyst for organisational change that encompasses people, training, policy and procedures.

VEGA is a member of the CESG Listed Advisor Scheme (CLAS), as well as a registered CHECK service provider. VEGA has an established track record of working across Government providing strategic advice and technological expertise to help secure public sector information through the implementation and use of secure Government networks.

By Damian Schogger, Communications Manager, VEGA

About VEGA VEGA is a professional services company that delivers technology-enabled change in complex environments, often where security and resilience are key. We have an in-depth knowledge and experience to support organisaitions planning to gain connnection to secure government networks, gained from working on several major UK government projects in this area.

Please contact us for further information. Connecting to Secure Government Networks

VEGA

Government IT Jobs

Government IT jobs are some of the best positions you can ever hope to find in the labor market. Here we discuss the benefits and tips on how you can find these much sort after jobs.

Benefits of Working for the Government are numerous and I mention some here.

� Their Heath Insurance Program is Superb:

Their health insurance scheme is nationally recognized and respected because it offers you choice and flexibility. This comes along with major employer contribution to premiums. You have an option to pay your share of premiums as well as your out-of-pocket costs with pre-tax dollars.

� A very Generous Leave Policy:

A government job provides ample time to take care of your personal business than any other employer. Depending on the number of years you've worked for government you could get up to 60 days off in one year.

� Excellent Employee Welfare Schemes:

A government job offers you a range of family friendly flexibilities such as child care and elder care resources, flexible work schedules, child support, adoption information and incentives programs amongst many others.

Here are some tips to help you get government IT Jobs.

� The Region is a Crucial Factor:

The easy at which you get a government job is determined by location and concentration of agencies. Areas with more government agencies and employees will have the most jobs. In USA California, Texas, the District of Columbia, Virginia and New York will have the lion share of federal jobs.

� The Size of the Agency Counts:

The Department of Defense will employ more people than many other government agencies put together. Therefore, the bigger the agency the more job entry points it has. Other big employers in government include the Treasury Department and Homeland Security.

� Critical Occupational Areas:

Safety is the number one national concern. The government has to ensure citizenry safety first before any other priority. That is why Pharmacologists at the Food and Drug Administration are critical to ensuring the safety of drugs and medical supplies ahead of such agencies like Federal Trade Commission.

� IT Jobs in Government:

Everything now revolves around modern computer technology. Information Technology is becoming more important in government operations and this makes openings in this field highly lucrative. If you are an expert in IT security then your services are in high demand in government agencies dealing in; security, safety, financial fraud prevention, cyber crime, etc.

� The Peace Corps Connection:

Another way to find government IT jobs is to join the Peace Corps. It is no secret that many former volunteers have gone to respectable positions in government.

� Website Searches:

Another method you may use to find government IT jobs is to search online. On the internet you well find highly specialized websites dealing in genuine job search and placement including government jobs for US citizens.

For more information on this topic and especially jobs in IT Security you may want to visit his website now.

Steve wanjie is a blogger, expert article writer and marketer.

Website: http://www.jobsforuscitizens.com/browse/all/Information%20Technology/all

Government IT Jobs

Government IT jobs are some of the best positions you can ever hope to find in the labor market. Here we discuss the benefits and tips on how you can find these much sort after jobs.

Benefits of Working for the Government are numerous and I mention some here.

� Their Heath Insurance Program is Superb:

Their health insurance scheme is nationally recognized and respected because it offers you choice and flexibility. This comes along with major employer contribution to premiums. You have an option to pay your share of premiums as well as your out-of-pocket costs with pre-tax dollars.

� A very Generous Leave Policy:

A government job provides ample time to take care of your personal business than any other employer. Depending on the number of years you've worked for government you could get up to 60 days off in one year.

� Excellent Employee Welfare Schemes:

A government job offers you a range of family friendly flexibilities such as child care and elder care resources, flexible work schedules, child support, adoption information and incentives programs amongst many others.

Here are some tips to help you get government IT Jobs.

� The Region is a Crucial Factor:

The easy at which you get a government job is determined by location and concentration of agencies. Areas with more government agencies and employees will have the most jobs. In USA California, Texas, the District of Columbia, Virginia and New York will have the lion share of federal jobs.

� The Size of the Agency Counts:

The Department of Defense will employ more people than many other government agencies put together. Therefore, the bigger the agency the more job entry points it has. Other big employers in government include the Treasury Department and Homeland Security.

� Critical Occupational Areas:

Safety is the number one national concern. The government has to ensure citizenry safety first before any other priority. That is why Pharmacologists at the Food and Drug Administration are critical to ensuring the safety of drugs and medical supplies ahead of such agencies like Federal Trade Commission.

� IT Jobs in Government:

Everything now revolves around modern computer technology. Information Technology is becoming more important in government operations and this makes openings in this field highly lucrative. If you are an expert in IT security then your services are in high demand in government agencies dealing in; security, safety, financial fraud prevention, cyber crime, etc.

� The Peace Corps Connection:

Another way to find government IT jobs is to join the Peace Corps. It is no secret that many former volunteers have gone to respectable positions in government.

� Website Searches:

Another method you may use to find government IT jobs is to search online. On the internet you well find highly specialized websites dealing in genuine job search and placement including government jobs for US citizens.

For more information on this topic and especially jobs in IT Security you may want to visit his website now.

Steve wanjie is a blogger, expert article writer and marketer.

Website: http://www.jobsforuscitizens.com/browse/all/Information%20Technology/all