Office of the Chief Information Security Officer of GSA
E66228
The Office of the Chief Information Security Officer of GSA is the organizational unit within the U.S. General Services Administration responsible for overseeing and managing the agency’s information security, cybersecurity policies, and related risk management activities.
Statements (42)
| Predicate | Object |
|---|---|
| instanceOf |
government office
ⓘ
organizational unit ⓘ |
| activity |
conducting or coordinating security audits and assessments
ⓘ
coordinating with GSA components on remediation of security weaknesses ⓘ developing and issuing GSA-wide information security guidance ⓘ supporting authority to operate (ATO) decisions for GSA systems ⓘ |
| collaboratesWith |
Office of the Chief Information Officer of GSA
ⓘ
surface form:
GSA Office of the Chief Information Officer
other federal cybersecurity and oversight bodies ⓘ |
| country |
United States of America
ⓘ
surface form:
United States
|
| focusArea |
enterprise cybersecurity governance
ⓘ
information security policy and standards ⓘ risk management and compliance ⓘ security awareness and training ⓘ security operations and incident management ⓘ |
| followsFramework |
Federal Information Security Modernization Act of 2014
ⓘ
surface form:
Federal Information Security Modernization Act (FISMA)
NIST Cybersecurity Framework ⓘ NIST SP 800 series ⓘ
surface form:
NIST Risk Management Framework
National Institute of Standards and Technology (NIST) information security standards and guidelines ⓘ |
| hasJurisdiction | U.S. General Services Administration information systems ⓘ |
| headedBy |
Chief Information Officer of GSA
ⓘ
surface form:
Chief Information Security Officer of GSA
|
| location |
Washington, D.C. (headquarters of GSA)
ⓘ
surface form:
Washington, D.C. (primary headquarters of GSA)
|
| mandate |
ensure GSA compliance with federal cybersecurity laws, regulations, and policies
ⓘ
manage cybersecurity risk across GSA enterprise IT environment ⓘ protect confidentiality, integrity, and availability of GSA information and information systems ⓘ |
| oversees |
GSA information security risk assessments
ⓘ
GSA security authorization and continuous monitoring activities ⓘ GSA security incident reporting processes ⓘ GSA vulnerability management activities ⓘ GSA-wide cybersecurity awareness and training programs ⓘ implementation of security controls on GSA information systems ⓘ |
| parentOrganization | U.S. General Services Administration ⓘ |
| partOf | U.S. General Services Administration ⓘ |
| reportsTo |
Chief Information Officer of GSA
ⓘ
surface form:
GSA Chief Information Officer (organizationally, through the CIO structure)
|
| responsibleFor |
compliance oversight with federal information security requirements at GSA
ⓘ
coordination of cybersecurity initiatives within GSA ⓘ cybersecurity policies of GSA ⓘ development of GSA information security policies and standards ⓘ incident response coordination for GSA information systems ⓘ information security program of GSA ⓘ information security risk management at GSA ⓘ oversight of GSA information security controls ⓘ |
| sector | federal government ⓘ |
Referenced by (1)
Full triples — surface form annotated when it differs from this entity's canonical label.
U.S. General Services Administration
→
hasPart
→
Office of the Chief Information Security Officer of GSA
ⓘ