The Internal Revenue Service (IRS) has submitted to the Department of the Treasury and the Office of Management and Budget (OMB) "inaccurate and misleading" information about the state of its information-security programs, according to a report prepared by an assistant inspector general for audit with the Department of the Treasury, who undertook a review of the IRS's process for monitoring its program- and system-level security weaknesses. @ Go to SM Online for more on the report. .
In Information Security Governance Simplified, author Todd Fitzgerald provides an excellent overview on how security managers can create an effective information security program without breaking the bank. He shows the reader how to create a governance program that includes all of the necessary managerial, technical, and operational controls.