Originally Posted by
Superguy
Not entirely true. Some agencies have freer hands than others.
Also, while the "policy" may be the same, the fact of the matter is that there are many levels of security within that policy that cause as much variation as having completely separate security policies.
Were the policies all the same, we wouldn't be having to do so much paperwork at work and having to deal with multiple customers' security requirements.
I'm surprised that you of all people miss a very fundamental point. There is a minimum government IT security standard across the board. Some agencies have stricter policies depending on the information they handle. Classified information has a separate standard that is based on similar principles but comes with its own unique set of rules.
I'm not surprised that you would quibble over such detail.