Protection against identity thief is becoming a bigger challenge. In February 2008 Karen Evans, Administrator, Office of E-Government and Information Technology and Paul A. Denett, Administrator for Federal Procurement Policy co-authored a Memorandum M-08-10 to the heads of federal departments and agencies outlining the creation of a GSA basic purchase agreement (BPA) addressing the M-07-16 Memorandum for “Safeguarding Against and Responding to the Breach of Personally Identifiable Information”. M-07-16 requires agencies to promptly conduct a risk analysis and be prepared to submit a report containing the findings to the Congressional Oversight Committees of the U.S. Senate and House of Representatives, as appropriate.

Our panel will focus on what lead to this new emphasis? When would an agency seek independent risk analysis? What are the benefits of doing an independent risk analysis? And how does an agency prepare for a possible breach. This month’s panel shares their insights.