CSRC Pages

  -  CSRC Homepage
  -  ICAT Vulnerability Database
  -  Vulnerability/Threat Advisories
  -  Site Map
  -  Virus Information

  Search:  

POSTED July 23, 2003:
Click here to go to page that contains links to view/download the workshop presentations, notes, and handouts. Available in .pdf format.

Workshop Description
This workshop will focus on effectively integrating security into the capital planning process. It will also provide participants with information on how to best develop a comprehensive business case in support of IT security acquisitions and investments.

The seminar is designed to support those with key roles in the IT security planning process and personnel responsible for investment development and approval requests. This includes:

• IT Managers and security professionals
• Security Program Managers
• Investment Review Board (IRB) participants

Federal government contractors will be permitted to register for this workshop. In addition to formally registering, contractors should have their agency contacts email Elaine Frye [elaine.frye@nist.gov] indicating that the contractor is attending at their request.

Objectives of the course are:

• Identify why the IT Governance process is important in making sound IT Security investment decisions
• Explain how current security requirements relate to and support IT capital planning.
• Identify relevant OMB and other guidance that applies to governing Federal Government IT Security investment decisions.
• Identify security roles and responsibilities in the IT capital planning process
• Identify steps required to complete a sound business case in support of IT Security investments

Preliminary Agenda

Focus
There are no special prerequisites beyond the expectation that those attending have a role in the IT security capital planning process. Suggested attendees are noted above.

Technical Information
Joan Hash
NIST
Telephone: 975-3357
Fax: (301) 975-4007
Email:    joan.hash at nist.gov
     (note: substitute the "at" with "@" in e-mail link)