Normally I am not a fan of giving government more authority! However, since this has to do with the security of IT information each entity should have protective measures in place and someone to monitor and be responsible for this security. Now this person needs to be held accountable as well. If there are breaches this person should be exchanged with someone who can get this job done!!!