Policy Recommendations

CISQ provides policy makers with insight and recommendations regarding the implications of technology-related legislation, regulations, policies and proposals on software quality, risk and resilience.


Read comments provided by CISQ:


CISQ comments on NISTIR 8170: The Cybersecurity Framework: Implementation Guidance for Federal Agencies, proposed by NIST. (August 2017)


CISQ comments on Promoting Stakeholder Action Against Botnets and Other Automated Threats, proposed by the U.S. Department of Commerce and National Telecommunications and Information Administration. (July 2017)


IT Policy Report, published by Glasshouse Policy and Texas House Innovation and Technology Caucus, contains strategic goals and objectives for IT procurement and contracting reform in the state of Texas. Contributor: Herb Krasner, CISQ Advisory Board member. (May 2017)


CISQ comments on Enhanced Cyber Risk Management Standards, proposed by The Board of Governors of the Federal Reserve System, the Office of the Comptroller of the Currency, and the Federal Deposit Insurance Corporation. (January 2017)


CISQ comments on NIST Workshop: Dramatically Reducing Software Vulnerabilities and subsequent report to the White House Office of Science and Technology Policy. (October 2016)


CISQ comments on Proposed Update to the NIST Framework for Improving Critical Infrastructure Cybersecurity. (April 2016)


CISQ comments part 1 and part 2 on Regulation Systems Compliance and Integrity – Rule 1000(b)(1), proposed by the Securities and Exchange Commission (SEC). (September 2013)