Last week, I had the privilege of speaking to an accomplished group of Information Technology professionals at the 5th MIT Chief Data Officer Forum. This event, organized by the Sloane School of Management, allowed practitioners to discuss emerging and challenging topics across the public and private sectors.

When I addressed the group, I focused on four key themes: (1) threats and risks are dynamic and constantly evolving, (2) organization-specific approaches have limited scalability, extensibility, and agility in the face of dynamic and evolving threats, (3) it is deflect to  maintain information safeguards and semantic integrity increases geometrically with the number of information sharing partners, and (4) that the stove-piped nature of IT system development and procurement leads to sharing and safeguarding barriers and increased mission risk.

While the language is not explicit in the 9/11 Commission Report, connecting the dots to keep the nation safe is contingent on effective enterprise data management. For this reason, our office advocates that practitioners should be authentically invested in creating and supporting an information sharing environment.

Resources

I also mentioned a number of different resources my office has developed for the enterprise architecture community. The following are links to key documents and information:

  • Common Profile: The ISE Common Profile Framework description (Common Profile) is a means to standardize the way a modular component profile or an information interoperability profile is documented. We put a description of the program on our GitHub Information Sharing Initiative portal, and the PDF of the document can be found at: http://ise.gov/sites/default/files/Common_Profile_Framework_v2_2015.pdf
  • Data Aggregation Reference Architecture (DARA): The DARA is intended for IT system program manager, and the easiest way to use the document is to follow the self-assessment process (see the 5-step approach on page 14, section 3.7.1) to determine a particular data aggregation system’s maturity, making use of the detail provided in each of the DARA domains to assure an accurate self-evaluation. The link to a PDF of the DARA is http://ise.gov/sites/default/files/DARA_v1.pdf.
  • Identity, Credential and Access Management (ICAM): We believe that ICAM is a key enabler of information sharing because it helps ensure access and share information within and amongst groups. To learn more about my office’s work on ICAM, look through our website at http://search.usa.gov/search?affiliate=ISE&query=icam.
  • Trustmark Framework: A key part of implementing federated ICAM is through the Trustmark Framework. The effort began once managers realized that “the trust and interoperability scaling problem is the single most significant barrier to the wide adoption of an Identity Ecosystem.” To engage with the Trustmark initiative and download resources, visit Georgia Tech Research Institute at https://trustmark.gtri.gatech.edu/.
  • Threat and Risk Initiative: The multidimensional threat landscape means that systems can enable better decision making to prevent harm. The Threat and Risk initiative is a standards initiative with the Object Management Group. Learn more about this effort at http://www.omg.org/news/meetings/tc/va-15/special-events/Threat_Risk_Day-agenda.htm

Want to get involved?

If you are a member of a standards organization, reach out to one of the members of the Standards Coordinating Council and plug in to our efforts. If you work in the public sector, email outreach@ise.gov and our staff can put you in touch with our information sharing projects and working groups. 

News Source: