DoD and ONDI announce new IT standards

Slow and steady wins the race. Eight months after launching an ambitious project to overhaul IT security standards for federal intelligence agencies, the Office of the National Director of National Intelligence (ONDI) and the Defense Department have created seven new areas of certification and accreditation. The plan, which replaces one drafted ten years ago (and which took four years to develop), defines a common set of trust levels and reciprocity regimes for the two agencies, adopts NIST’s Special Publication 800-53 as a starting point, and — perhaps most importantly — creates a senior executive function to oversee the entire process. “Many elements look on the surface as common sense things,” said ODNI’s Dale Meyerrose. “But they are tearing down the walls to build up partnerships.” The next step, of course, is implementation, and that may take some time. The last time around, it took four years to fully coordinate the procedures.