FedAccountant.com

CIO

The Chief Information Officer has become the government’s best friend and worst excuse for financial inefficiencies.  Overburdened by regulations, requirements, and legacy reporting systems, the CIO works more to stay afloat than to ride the tide.  Through proper risk assessments, mitigating controls, change management solutions, and a revolution in current reporting requirements, the CIO role can return to its true functions in creating efficiencies and protecting entity assets.  Offering the most up to date links FedAccountant.com is a one stop shop for the federal CIO.

The Clinger-Cohen Act of 1996 (CCA) (Pulic Law 104-208)combined the Information Technology Management Reform Act (ITMRA) and Federal Acquisition Reform Act of 1996 (FARA) and established into law, Chief Information Officers (CIO) for Federal agencies. CIOs are responsible for providing advice and assistance to agency heads on IT acquisition and Information Resource Management (IRM). The CIO is responsible for developing, maintaining and facilitating the implementation of a sound and integrated IT architecture.

Additional Details

Department of Defense CIO Desk Reference

Cliner-Cohen Act of 1996 (Public Law 104-208)

Paperwork Reduction Act of 1980 (PRA) (Public Law 104-13)

OMB Circular A-130 Management of Federal Information Resources

Financial Information Security Management Reform Act (FISMA)

NIST Management Framework

• FIPS Publication 199, Standards for Security Categorization of Federal Information and Information System (Completed)
• FIPS Publication 200, Minimum Security Requirements for Federal Information and Federal Information Systems (Completed)
• NIST Special Publication 800-30, Revision 1, Risk Assessment Guideline (Completion October 2008)
• NIST Special Publication 800-37, Guide for the Security Certification and Accreditation of Federal Information Systems (Completed)
• NIST Special Publication 800-39, (initial public draft) NIST Risk Management Framework (Completion February 2008)
• NIST Special Publication 800-53 Revision 2, Recommended Security Controls for Federal Information Systems (Completed)
• NIST Special Publication 800-53A, Guide for Assessing the Security Controls in Federal Information Systems (Completion March 2008)
• NIST Special Publication 800-59, Guide for Identifying an Information System as a National Security System (Completed)
• NIST Special Publication 800-60 Revision 1 (draft), Guide for Mapping Types of Information and Information Systems to Security Categories (Completion March 2008)

E-Government Initiatives

• FY 2007 Report to Congress on Implementation of The E-Government Act of 2002 (March 1, 2008) (43 pages, 261 kb)
• M-06-25, FY 2006 E-Government Act Reporting Instructions (August 25, 2006) (3 pages, 53 kb)

• M-06-07, Designation of a Senior Agency Official for Geospatial Information (March 3, 2006) (3 pages, 30 kb)
• Report to Congress on the Benefits of the President's E-Government Initiatives (January 6, 2006) (183 pages, 1,469 kb)
• M-05-25, SmartBUY Agreement with Oracle (August 25, 2005) (3 pages, 75 kb)
• M-05-05, Electronic Signatures: How to Mitigate the Risk of Commercial Managed Services (December 20, 2004) (2 pages, 54 kb)
• Streamlining Authentication and Identity Management (July 3, 2003) (2 pages, 95 kb)
• Small Business Paperwork Relief Task Force Report (June 27, 2003) (64 pages, 904 kb)
• Procedures for Requesting Funds from the E-Government Fund (May 12, 2003) 4 pages, (91 kb)
• E-Government Strategy, Implementing the President’s Management Agenda for E-Government (April 2003) (41 pages, 907 kb)

IT Policy Documents

• M-06-02, Improving Public Access to and Dissemination of Government Information and Using the Federal Enterprise Architecture Data Reference Model (December 16, 2005) (6 pages, 65 kb)
• M-05-23, Improving Information Technology (IT) Project Planning and Execution (August 4, 2005) (8 pages, 81 kb)
• M-05-22, Transition Planning for Internet Protocol Version 6 (IPv6) (August 2, 2005) (9 pages, 93 kb)
• M-05-04, Policies for Federal Agency Public Websites (December 17, 2004) (5 pages, 55 kb)
• M-04-26, Personal Use Policies and “File Sharing” Technology (September 8, 2004)
• M-04-04 E-Authentication Guidance (December 16, 2003) (17 pages, 126 kb)
• FIMSA: M-03-19 Reporting Instructions for the Federal Information Security Management Act and Updated Guidance on Quarterly IT Security Reporting (August 6, 2003) (35 paes, 602 kb)
• M-03-18, Implementation Guidance for the E-Government Act of 2002 (August 1, 2003) (13 pages, 704 kb)
• M-00-15, OMB Guidance on Implementing the Electronic Signatures in Global and National Commerce Act (September 25, 2000)
• OMB Circular A-130, Transmittal Memorandum #4, Management of Federal Information Resources (November 28, 2000)
• M-97-07, Multiagency Contracts Under the Information Technology Management Reform Act of 1996 (February 26, 1997)

Computer Security

• FISMA: Fiscal Year 2007 Report to Congress on Implementation of The Federal Information Security Management Act of 2002 (March 1, 2008) (22 pages, 177 kb)
• FISMA: M-07-19, FY 2007 Reporting Instructions for the Federal Information Security Management Act and Agency Privacy Management (July 25, 2007) (43 pages, 251 kb)
• M-07-11, Implementation of Commonly Accepted Security Configurations for Windows Operating Systems (March 22, 2007) (1 page, 28 kb)
• M-05-16, Regulation on Maintaining Telecommunication Services During a Crisis or Emergency in Federally-owned Buildings (June 30, 2005) (4 pages, 59 kb)
• M-00-07, Incorporating and Funding Security in Information Systems Investments (February 28, 2000)
• M-99-20, Security of Federal Automated Information Resources (June 23, 1999)

Privacy Guidance 

• M-07-16, Safeguarding Against and Responding to the Breach of Personally Identifiable Information (May 22, 2007) (22 pages, 228 kb)
• Recommendations for Identity Theft Related Data Breach Notification (September 20, 2006) (12 pages, 1,903 kb)
• M-06-15, Safeguarding Personally Identifiable Information (May 22, 2006) (2 pages, 50 kb)
• M-05-08, Designation of Senior Agency Officials for Privacy (February 11, 2005) (2 pages, 31 kb)
• M-03-22, OMB Guidance for Implementing the Privacy Provisions of the E-Government Act of 2002 (September 30, 2003)
• M-01-05, Guidance on Inter-Agency Sharing of Personal Data - Protecting Personal Privacy (December 20, 2000)
• Letter from John Spotila to Roger Baker, clarification of OMB Cookies Policy (September 5, 2000)
• Letter from Roger Baker to John Spotila on Federal agency use of Web cookies (July 28, 2000)
• M-00-13, Privacy Policies and Data Collection on Federal Web Sites (June 22, 2000)
• M-99-18, Privacy Policies on Federal Web Sites (June 2, 1999)
• M-99-05, Instructions on Complying with President's Memorandum of May 14, 1998, "Privacy and Personal Information in Federal Records" (January 7, 1999)
• Biennial Privacy Act and Computer Matching Reports (June 1998)
• Privacy Act Responsibilities for Implementing the Personal Responsibility and Work Opportunity Reconciliation Act of 1996 (November 3, 1997) (3 pages, 431 kb)

Privacy Reference Materials

• Computer Matching and Privacy Protection Amendments of 1990 and the Privacy Act o1 1974, 56 FR 18599 (April 23, 1991) (3 pages, 592 kb)
• Final Guidance Interpreting the Provisions of Public Law 100-503, the Computer Matching and Privacy Protection Act of 1988, 54 FR 25818 (June 16, 1989) (12 pages, 1.45 mb)
• Guidance on Privacy Act Implementations of Call Detail Programs, 54 FR 12290 (April 20, 1987) (4 pages, 543 kb)
• Privacy Act Guidance -- Update (May 24, 1985) (10 pages, 647 kb)
• M-83-11, Guidelines on the Relationship Between the Privacy Act of 1974 and the Debt Collection Act of 1982 48 FR 15556, April 11, 1983 (March 30, 1983) (5 pages, 1.39 mb)
• Implementation of the Privacy Act of 1974, Supplemental Guidance, 40 FR 5674, (December 4, 1975) (3 pages, 215 kb)
• Congressional Inquiries which Entail Access to Personal Information Subject to the Privacy Act (October 3, 1975) (2 pages, 265 kb)
• Privacy Act Implementation, Guidelines and Responsibilities, 40 FR 28948 (July 9, 1975) (3 pages, 4.62 mb)

Government Paperwork Elimination Act (GPEA)

• Government Paperwork Elimination Act (May 2, 2000)

Freedom of Information Reform Act

• The Freedom of Information Reform Act of 1986: Uniform Freedom of Information Act Fee Schedule and Guidelines (March 27, 1987) (9 pages, 4,738 kb)

Need More Information?

Federal Computer Week

CIO Council

NIST