Many government agencies, departments, subcontractors, service providers, and organizations that operate IT systems on behalf of the government must ensure protection of their critical infrastructure and ensure data security and continuous systems operation.
These requirements are documented in various international and national standards, regulations and statutes established by authorities and covered by best practices frameworks such as COBIT, NIST800-53, ISO/IEC 27001, ISO/IEC 15408 and ITIL. They demand that government agencies secure and protect the confidentiality, integrity, and availability of information systems and the data processed, stored, or transmitted by them.