recommended reading

OMB: CIOs must report to agency heads

For the first time, the Office of Management and Budget explicitly says federal chief information officers must report to the head of the agency and no one else, according to a draft of a memo outlining the responsibilities of government CIOs that the agency plans to release soon.

Comment on this article in The Forum.The draft memo, obtained by Nextgov, outlines the role of CIOs and stipulates that they must report to the head of the agency they work for, a departure from the position the Bush administration has held since President Bush took office in 2001.

The memo spells out the responsibilities and authorities of CIOs in detail for the first time since the position was established under the 1996 Clinger-Cohen Act. The memo states that CIOs have the ultimate responsibility for the governance, management and delivery of IT programs in their departments.

"Except where otherwise authorized by law, order, or waiver from the director of OMB, no other individual in any organizational component of the agency ... has authorities or responsibilities that infringe upon those of the agency CIO," according to the memo.

The step of defining the role and responsibilities of the CIO position is one that the federal CIO community has advocated for years, and a former federal CIO said the memo is long overdue.

"It's a great document," said the source, who asked not to be identified. "But why did [OMB] wait until they went out the door? Why didn't they do this seven years ago? They didn't just discover the need."

The memo was issued by Clay Johnson, deputy director of management at OMB, who said the administration wanted to provide for a smooth transition of IT management to the next president. "In order to assure effective management for IT and minimize any disruption during the upcoming transition or any transition of leadership, please review the attached IT governance framework and summarize your agency's current alignment with each element of the framework via signed memorandum by December 1, 2008," the memo states.

The former CIO said that in the past, OMB dismissed the notion of a rule that CIOs must report to the head of an agency. But OMB needed to spell out the provision because agencies have unevenly implemented the 1996 Clinger-Cohen Act, which established the CIO position, the source said. In many agencies, including the Health and Human Services, and Interior departments, the CIO reports to the agency's chief financial officer, a reporting line that can leave top officials the impression that IT is a cost center, not a strategic player in forming agency policies, IT management professionals say.

"Often the CIO either doesn't report to the secretary or it's a false, dotted line thing," the source said.

OMB officials said last week that a memo would be released as early as Monday. A final memo could be released in the next day or so, according to sources.

The memo also lays out the organizational structure for agencies' IT executives and senior managers, stating that the CIO must review the qualifications of those employees and provide input into their hiring and evaluations. The memo also states all IT executives and managers must adhere to the agency's IT policy as established by the CIO.

Among the authorities assigned to the position is the ability to set and enforce agencywide IT policy in all areas of IT governance, from procurement to workforce management.

In addition, the CIO must participate in planning every portion of the agency's IT portfolio, from formulating budgets, planning investments and allocating resources to reviewing projects, conducting oversight and deciding when to re-baseline or cancel struggling programs.

The CIO is responsible for ensuring all agency IT programs comply with the federal enterprise architecture and are accessible to other agencies, according to the memo. The CIO also must ensure that IT systems within the agency do not duplicate those available from other federal agencies.

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats

JOIN THE DISCUSSION

Close [ x ] More from Nextgov