Part A, Office of the Secretary, Statement of Organization, Functions and Delegations of Authority for the Department of Health and Human Services (HHS) is being amended as follows: Chapter AM, “Office of Budget, Technology and Finance,” Chapter AMM, “Office of Information Resources Management,” as last amended at 70 FR 17690-91, dated April 7, 2005. This reorganization will retitle the Office of Information Resources Management (OIRM) and realign its functions in an Office of the Chief Information Officer (OCIO). The changes are as follows:
I. Under Chapter AM, “Office of Budget, Technology and Finance, Section AM.10 Organization, delete, in its entirety and replace with the following:
Section AM.10 Organization: The Office of Budget, Technology, and Finance is headed by the Assistant Secretary for Budget, Technology and Finance (ASBTF). The Assistant Secretary for Budget, Technology, and Finance is the Departmental Chief Financial Officer (CFO), and reports to the Secretary. The office consists of the following components:
Immediate Office of the ASBTF (AM)
Office of Budget (AML)
Office of the Chief Information Officer (AMM)
Office of Finance (AMS)
Office of Grants (AMT)
II. Under Section AM.20 Functions, paragraph 3, titled “Office of Information and Resources Management,” delete in its entirety and replace with the following:
3. Office of the Chief Information Officer (AMM). The Deputy Assistant Secretary for Information Technology (DASIT), who is also the HHS Chief Information Officer, heads the Office of the Chief Information Officer (OCIO). OCIO provides the Secretary and the Assistant Secretary for Budget, Technology, and Finance (ASBTF) with strategic planning, information resources management and technology policy, architecture, investment review, and Office of the Secretary (OS) computer operations management support.
III. Under Section AM: Functions, delete Chapter AMM, “Office of Information Resources Management,” and replace with the following:
C. Chapter AMM, Office of the Chief Information Officer
AMM .00 Mission. The Office of the Chief Information Officer advises the Secretary and the Assistant Secretary for Budget, Technology and Finance on matters pertaining to the use of information and related technologies to accomplish Departmental goals and program objectives. The mission of the Office is to establish and provide: Assistance and guidance on the use of technology-supported business process reengineering; investment analysis; performance measurement; strategic development and application of information systems and infrastructure; policies to provide improved management of information resources and technology; and better, more efficient service to our clients and employees. The Office exercises authorities delegated by the Secretary to the Deputy Assistant Secretary for Information Technology, as the CIO for the Department. These authorities derive from the Clinger-Cohen Act of 1996, the Paperwork Reduction Act of 1995, the Computer Matching and Privacy Act of 1988, the Computer Security Act of 1987, the Federal Information Security Management Act (FISMA), the National Archives and Records Administration Act of 1984, the Competition in Contracting Act of 1984, the Federal Records Act of 1950, OMB Circulars A-130 and A-11, Government Printing and Binding Regulations issued by the Joint Committee on Printing, and Presidential Decision Directive 63.
Section AMM.10 Organization. The Office of the Chief Information Officer (OCIO) is headed by the Deputy Assistant Secretary for Information Technology/HHS CIO, who reports to the Secretary and the Assistant Secretary for Budget, Technology and Finance. The HHS CIO serves as the primary IT leader for the Department, and the OCIO consists of the following:
Immediate Office (AMM1)
Office of Resources Management (AMM2)
Office of Information Technology Operations (AMM3)
Office of Enterprise Architecture (AMM4)
Office of Enterprise Project Management (AMM5)
Section AMM.20 Functions
The Immediate Office of the Chief Information Officer (AMMI). The Immediate Office of the Chief Information Officer supports the DASIT/CIO, and also provides leadership in OS IT issues, HHS IT architecture, use of technology in HHS and the HHS Web site. It performs the following functions:
a. Provides continuous development and implementation of effective strategic solutions for enabling the HHS mission. Provides advice and counsel to the Secretary and the Assistant Secretary for Budget, Technology and Finance.
b. Ensures the development and updates to the Information Technology Five Year Strategic Plan.
c. Develops and coordinates information resources management policies applicable across the Department and the Office of the Secretary, including the creation, handling, storage, dissemination, and disposition of information.
d. Leads the development and implementation of an enterprise information infrastructure across the Department.
e. Oversees and manages risks associated with major information systems and information technology.
f. Evaluates major investments in information technology, and is responsible for their subsequent period review.
g. Guides and oversees the development of information systems and communications networks.
h. Provide leadership in e-government activities.
i. Provides data processing and communications equipment for the Office of the Secretary and participating HHS OPDIVs, and implements, operates, and maintains standard office automation applications running on the OS network.
j. Provides executive direction to align Departmental strategic planning for information resources and technology with the Department's strategic business planning.
k. Provides executive direction to develop and maintain Departmental information technology policy and architecture.
l. Promotes business process reengineering, investment analysis, and performance measurement throughout the Department, to capitalize on evolving information technology.
m. Represents the Department in Federal Government-wide initiatives to Start Printed Page 42322develop policy and implement an information infrastructure.
n. Provides leadership to the Department's Information Technology Investment Review Board (ITIRB) and the Department's Chief Information Officers' Advisory Council. Oversees enterprise IT efforts and any similar OPDIV efforts related to architecture, technology and the HHS Web site. Provides review and guidance to the ITIRB and CIO Council via analyses of alternative analyses strategies, standards compliance, architectural conformance and technology solutions.
o. Develops and maintains HHS-wide Architecture, including the business, data, application and technology components. Establishes architecture tools and repositories, coordinates with OPDIV architectures, develops technical guidance, assists managers of applications systems, and coordinates expert working groups to populate the architecture. Advises the ASBTF, OPDIV CIOs and other senior officials on matters relating to technology. Leads the development of a department-wide investment strategy for advanced, innovative technology, and reviews agency technology policies, programs, processes and capabilities to ensure that HHS technology programs support the Department's objectives.
p. Performs alternative analysis for key emerging and enabling technologies. Coordinates or directs pilot projects in these areas to establish proof of concept, confirm return on investment, or implement initial production implementations.
q. Leads the development of HHS web communications to provide users with a single access point for HHS information. Leads the development of an enterprise information portal to improve the ability of HHS employees to communicate and collaborate with each other.
2. Office of Resources Management (AMM2): The Office of Resources Management (ORM) is headed by the Director, Office of Resources Management and is responsible for OCIO Business Operations. The Office advises the CIO and OCIO managers on matters relating to OCIO operations, HHS information collection, HHS policy development and interpretation, development of the OCIO budget, HHS IT workforce development, coordinates e-government efforts across the Department, and provides recommendations regarding funding of e-government efforts. The Office is responsible for the following:
a. Leading Departmental efforts to expand the availability of electronic means for conducting business.
b. Coordinates HHS activities that support the President's Management Agenda's objective for E-Government.
c. Coordinates planning and task tracking relating to HHS CIO responsibilities to ensure effective utilization of staff and other resources.
d. Prepares, manages, integrates and coordinates budget formulation, presentation and execution with respect to the responsibilities of the CIO. Conducts analyses of budget implementation for the CIO.
e. As directed by the DASIT, prepares staffing forecasts, analyzes staffing requirements and utilization, and recommends strategies for changes in human capital for OCIO.
f. Oversees full life-cycle of OCIO contracts. Works with HHS contracting organizations, contractors and other parties to ensure that contractual transactions are substantively correct, and to track completion of tasks.
g. Oversees and manages employee performance improvement programs to develop and maintain the technical expertise and qualifications of employees in OCIO.
h. Coordinates and directs the Department's compliance activities under the Rehabilitation Act (1973), Section 508.
i. Develops policies and guidance on information resources and technology management, including telecommunications, as required by law or regulation or to fulfill CIO responsibilities and Departmental initiatives.
j. Manages the Department's information collection program, including development of Departmental policies, coordinating the Department's information collection budget, and reviewing and certifying requests to collect information from the public.
k. Approves and reporting on computer matching activities as required by law through the Departmental Data Integrity Board.
l. Manages the Departmental printing management, records management, and mail management policy programs.
3. Office of Information Technology Operations (AMM3): The Office of Information Technology Operations (OITO) is directed by the Director of IT Services Center (ITSC), who also is the Office of the Secretary (OS) Chief Information Officer. OITO is responsible for providing Network Services, Help Desk, Call Center, Desktop Support, Web Architecture, Server Architectures, OPDIV IT Security, Secretary's Command Center and Continuity of Operations Planning (COOP) support, and Outreach/Customer Relationship Management (CRM). The Office is a primary resource for advising the HHS CIO on network and infrastructure related technology implementation, and for piloting HHS CIO special programs. OITO is responsible for the following:
a. Operating, maintaining, and enhancing the ITSC computer network and services, including services for participating HHS organizations.
b. Implementing and monitoring network policies and procedures, and developing plans and budgets for network support services.
c. Ensuring reliable, high-performance network services.
d. Implementing and operating electronic tools to enhance Secretarial communications with all HHS personnel.
e. Coordinating with OPDIVs and STAFFDIVs to develop ITSC, IT capital planning and budgeting processes, providing direct planning support to assure that IRM plans support agency business planning and mission accomplishment, as it applies to the infrastructure.
f. Implementing policies and guidance on information resources management within ITSC for acquisition and use of information technology, support of technical model, and coordination of implementation procedures.
g. Maintaining and operating the inventory of automated data processing equipment for ITSC participating agencies.
h. Operating and maintaining an information technology support service (Help Desk and Call Center) for participating HHS components.
i. Managing contracts for equipment and support services related to the provision of IT services in ITSC participating agencies.
j. Representing the Department through participation on interagency and Departmental work groups and task forces, as appropriate.
k. Responsible for ITSC compliance with and implementation of all applicable HHS policies and Federal Laws regarding IT Security.
l. Reviewing and facilitating acquisitions for activities related to ITSC.
m. Supporting the Director in the role of OS CIO which holds CIO responsibility for the OS as an OPDIV, including the Program Support Center (PSC) and the Office of the Inspector General, as well as other OPDIVs, as required and authorized by HHS senior officials.
5. Office of Enterprise Architecture (AMM4): The Office of Enterprise Architecture (OEA) is headed by the Director, Office of Enterprise Architecture who is also the HHS Chief Start Printed Page 42323Enterprise Architect and supports all planning and enterprise programs that fall under the Office of the Chief Information Officer. The Office of Enterprise Architecture is responsible for:
a. Working with OPDIV Chief Information Officers (CIOs) to support Government-wide initiatives of the Federal CIO Council and to identify opportunities for participation and consultation in information technology projects with major effects on OPDIV program performance.
b. Providing leadership in the planning, design, and evaluation of major Departmental projects and oversight throughout project rollout and perform post implementation performance assessments.
c. Assessing risks that major information systems pose to performance of program operations and administrative business throughout the Department, develops risk assessment policies and standard operating procedures and tools, and uses program outcome measures to gauge the quality of Departmental information resources management.
d. Coordinating the Department's strategic planning, capital planning and investment control (CPIC), budgeting and performance management processes for information technology, and provides direct planning development and support to assure that IRM plans support agency business planning and mission accomplishment.
e. Coordinating the activities of the Departmental Information Technology Investment Review Board (ITIRB) in assessing and prioritizing the Department's major information systems, and in analyzing and evaluating IT investment decisions. Reviews OPDIV ITIRB implementations, IT capital funding decisions, and use of performance metrics to evaluate program for both initial and continued funding.
f. Coordinating and supports the Department's Chief Information Officer's Advisory Council, whose membership consists of the chief Information Officers from each OPDIV.
g. Representing the Department through participation on interagency and Departmental work groups and task forces, as appropriate.
h. Working with OPDIV Chief Information Officers to identify opportunities for administering information management functions and telecommunications initiatives with major effects on OPDIV performance. OEA provides leadership primarily in defining alternatives for acquisition of telecommunications services and coordinating implementation of information management initiatives in conjunction with the Chief Technology Officer and the Department Architect.
i. Providing support for special priority initiatives identified by the CIO.
j. Developing, implementing and administering the program to protect the information resources of the Department. This includes management and oversight of activities under the Federal Information Security Management Act (FISMA), IT critical infrastructure protection (CIP), and Department-wide security contracts and high level project management of OPDIV security programs, such as corrective action plans and security policies.
k. Implementing and administering the HHS security program to protect the information resources of the Department in compliance with legislation, Executive Orders, directives of the OMB, or other mandated requirements (e.g., the Clinger-Cohen Act, Presidential Decision Directive 63, OMB Circular A-130), the National Security Agency, and other Federal agencies.
l. Directing the development of and implementing cyber security policies and guidance for the Department, including requirements for employees and contractors who are responsible for systems of data, or for the acquisition, management, or use of information resources.
m. Monitoring information system security program activities in the Department by reviewing OPDIV's and STAFFDIVs security plans for sensitive systems, recommending improvements, and evaluating safeguards to protect major information systems, or IT infrastructure.
n. Responding to requests in conjunction with OMB Circular A-130, the Computer Security Act of 1987, and Presidential Decision Directive 63, or other legislative or mandated requirements related to IT security or privacy.
o. Monitoring all Departmental systems development and operations for security and privacy compliance and providing advice and guidance to ensure compliance standards are included throughout system life cycle development.
p. Reviewing Departmental ITIRB and CIO Council business cases (as well as OMB circular A-11 requirements) for assurance of security and privacy compliance.
q. Recommending to the CIO to grant or deny programs the authority to operate information systems, based on security compliance.
r. Establishing and leading inter-OPDIV teams to conduct reviews to protect HHS cyber and personnel security programs and conduct vulnerability assessments of HHS critical assets. This includes regular certification of existing systems as well as newly implemented systems.
s. Reviewing the Department's information resources for fraud, waste, and abuse to avoid having redundant resources, in conformance with the Clinger-Cohen Act.
t. Developing, implementing, and evaluating an employee cyber security awareness and training program to meet the requirements as mandated by OMB Circular A-130 and the Computer Security Act.
u. Establishing and providing leadership to the Subcommittee of the HHS CIO Council on Security.
v. Establishing and leading the HHS Computer Security Incident Response Capability team, the Department's overall cyber security incident response/coordination center and primary point of contact for Federal Computer Incident Response Capability (FedCIRC) and National Infrastructure Protection Center (NIPC).
5. The Office of Enterprise Project Management (AMM5): The Office of Enterprise Project Management (OEPM) is headed by the Director, Office of Enterprise Project Management who is also the HHS Chief Technology Officer and supports the design, development, configuration, integration and implementation of all HHS enterprise information technology projects that fall under the Office of the Chief Information Officer. The Office of Enterprise Project Management (OEPM) is responsible for:
a. Advising the HHS CIO on all matters of technology implementation across HHS.
b. Providing IT project management and oversight for all major IT projects that have enterprise importance.
c. Managing the design, development, configuration, implementation and testing of major enterprise projects prior to their insertion into service.
d. Development and management of technical IT contracts in support of major enterprise projects.
e. Coordinating the HHS participation in, and the technical implementation of, all Presidents Management Agenda (PMA) E-Government initiatives.
f. Collaboration with the HHS Chief Enterprise Architect to evaluate technical proposals for IT projects to ensure the most beneficial technical alternative is chosen for HHS.
g. Representing HHS in all technical forums.Start Printed Page 42324
IV. Continuation of Policy: Except as inconsistent with this reorganization, all statements of policy and interpretations with respect to the Office of Information and Resources Management heretofore issued and in effect prior to this reorganization are continued in full force and effect with respect to the Office of the Chief Information Officer.
V. Delegation of Authority: All delegations and redelegations of authority previously made to officials and employees of the Office of Information Resources Management will continue in them or their successors pending further redelegation, provided they are consistent with this reorganization.
V. Funds, Personnel, and Equipment: Transfer of organizations and functions affected by this reorganization shall be accompanied by direct and support funds, positions, personnel, records, equipment, supplies, and other sources.Start Signature
Dated: July 18, 2005.
Joe W. Ellis,
Assistant Secretary for Administration and Management.
[FR Doc. 05-14506 Filed 7-21-05; 8:45 am]
BILLING CODE 4150-24-M