ISC2 ISSEP Exam - Topic 3 Question 40 Discussion

The OMB M-00-07 memorandum reminds the departments and agencies of the OMB principles for

including and funding security as an element

of agency information technology systems and architectures and of the decision criteria, which is

used to evaluate security for information

systems investments.

The OMB M-00-07 memorandum is written in accordance with the Information Technology

Management Reform Act (the Clinger-Cohen Act),

which guides OMB to build, as an element of the budget process, a mechanism to analyze, track, and

calculates the risks and results of major

capital investments made by an executive agency for information systems.

Answer option A is incorrect. The OMB M-00-13 memorandum reminds the Federal agencies that it

is required by law and policy to establish

clear privacy policies for Web activities and to comply with those policies.

Answer option D is incorrect. The OMB M-03-19 memorandum reports the instructions for the

Federal Information Security Management Act

and Updated Guidance on quarterly IT security reporting.

Answer option B is incorrect. The OMB M-99-18 memorandum instructs Federal departments and

agencies to post clear privacy policies on

World Wide Web (WWW) sites. It also provides the assistance on posting the privacy policies. The

policy states that the agencies should

clearly and concisely inform visitors accessing their Web sites what information the agency collects

about individuals, why the agency collects

it, and how the agency will use it. The privacy policies should be clearly labeled and easily accessed

when someone visits a Web site.