Department of the Interior
Departmental Manual
Effective Date: 7/23/01
Series: Organization
Part 110: Office of the Secretary
Chapter 18: Office of the Chief Information Officer
Originating Office: Office of the Chief Information Officer
110 DM 18
18.1 Office of the Chief Information Officer. The Office is headed by the Chief Information Officer (CIO) who is responsible to the Secretary with operational responsibility to the Assistant Secretary - Policy, Management and Budget. The CIO is assisted by a Deputy CIO.
18.2 Authorities. The program authorities for the mission and function of the organization are: the Paperwork Reduction Act, the Clinger-Cohen Act (formerly known as the Information Technology Management Reform Act of 1996), the Government Paperwork Elimination Act, the Federal Records Act, the Freedom of Information Act, and the Privacy Act.
18.3 General Objectives. The objectives of the Office are to establish and manage for the Department of the Interior, a comprehensive information resources management (IRM) program. The basic elements of the Departmental IRM program include policy and planning to define the IRM program; standards and guidelines to guide the implementation of the IRM program; technical assistance to help carry out the IRM program; and review and evaluation to recommend changes to the IRM program.
18.4 Responsibilities. The Office of the Chief Information Officer (OCIO) is responsible for overseeing and guiding the development, management, and use of information resources and information technologies Department-wide.
A. The OCIO is the Department=s focal point for IRM planning, policy development, program coordination and direction, and technical assistance and review for numerous functional areas that support the mission and administration requirements for bureaus and Departmental offices.
B. Functional areas include: information technology (IT) management, Freedom of Information Act, Privacy Act, records management, office automation, data administration, telecommunications management of voice, data, and radio communication systems and services, and computer security.
18.5 Organization. The CIO carries out the functions of the Office with the assistance of a Deputy CIO, administrative and security staff and 3 divisions (see attached organization chart).
A. The immediate Office of the CIO includes administrative support staff and the Information Technology Security Staff (ITSS). The ITSS is responsible for the following:
(1) Assists the CIO by providing Departmental capabilities in program management, policy and implementation guidance, security accreditation, oversight, education and awareness, incident handling, intrusion detection, and security architecture.
(2) Coordinates activities for the Department=s IT Security Working Group and is the principal IT security consultant to Departmental senior management.
(3) Manages the Departmental IT Security Program, consistent with public laws, Federal regulations, executive branch directions, and DOI policies.
(4) Develops, coordinates, interprets, and maintains IT security policies and implementation guidance for the protection of information and information systems supporting Departmental assets.
(5) Develops, coordinates, interprets, and maintains the Department=s IT Security Plan that specifies the minimum risk mitigation requirements of IT resources for which the Department is responsible.
(6) Carries out the requirements of OMB Circular A-130 by establishing the criteria for:
(a) security certification and accreditation of major applications and general support systems and conducting periodic reviews;
(b) computer security awareness training and ensuring that a training program is implemented to meet the requirements of the Computer Security Act of 1987; and
(c) computer incident handling and intrusion detection.
(7) Conducts security certification and accreditation activities for Departmental systems.
(8) Oversees bureau compliance with Federal and Departmental policies, guidelines, and regulations governing IT security.
(9) Coordinates the Department=s reporting of computer security incidents to Federal agencies responsible for national incident response.
(10) Serves as the Departmental IT Security Architect and is the principal IT security architecture consultant to the CIO.
(11) Develops and issues control evaluation guidelines for conducting reviews of general support systems and major applications as related to system and computer security, as required by 340 DM 1.4B(5).
B. The Office of the CIO includes the following divisions:
(1) Information Technology and Portfolio Management Division (PMD). This Division is responsible for assisting the CIO with managing the Department=s enterprise information architecture as well as its portfolio of information technology systems from concept to implementation. This Division assists the CIO through development of policy and guidelines related to IT systems and information architecture (including business, data, applications, and technology components), data resource management, strategic planning, capital planning and investment control, budget preparation, acquisition oversight and system development life cycle monitoring, including system retirement and close-out. The PMD also provides direct oversight of, and technical assistance to, individual automated systems initiatives throughout their system=s life cycle (i.e., conception, design, development, implementation, and maintenance). Specific functions and responsibilities related to these areas include:
(a) Serves as a focal point for collaboration on cross-cutting Interior information architecture activities and related policy development. Collaborates with Interior bureaus to establish and maintain realistic standards and guidelines to maximize information and information systems interoperability as well as integration. Establishes working groups and integrated product teams as necessary to focus on specific architectural domains (e.g., business, data, applications, and technology architectures).
(b) Develops, implements, and maintains the business architecture model that captures the cross-cutting Interior-wide business segments, functions, and processes.
(c) Develops, implements, and maintains the data architecture that accurately supports the cross-cutting business segments, functions, and processes that are identified in the business architecture.
(d) Documents the existing and target applications architecture. Develops and maintains policies and procedures for Life Cycle Management including applications development standards, project management guidelines, procedures for linkage among the budget, acquisition, telecommunications, and IRM communities to ensure organizational integration.
(e) Develops, implements, and maintains the Interior Technology Architecture and associated Technical Reference Model.
(f) Develops Departmental policy and guidelines as needed to ensure compliance with strategic planning statutes, laws, and regulations. Coordinates the development of bureau IRM strategic plans as well as the Departmental IRM strategic plan. Represents the Office in the Departmental Performance Management Council and prepares Department Level IT goals to the Department=s Strategic Plan as well as the Annual Performance Plan.
(g) Develops requirements and policy guidance for the Department=s annual information technology budget request in conjunction with the Department=s budget formulation process and requirements promulgated in applicable Office of Management and Budget (OMB) Circular(s). Assists the bureaus and offices with preparing their annual Capital Asset and Plan Justifications (Exhibit 300B) and their Agency Information Technology Investment Portfolio (Exhibit 53) for submission to OMB. Monitors compliance with OMB Circular requirements related to those exhibits.
(h) Develops the Department=s IT capital planning and investment program policy. Reviews all IT capital planning and investment programs, including individual bureau programs, to ensure compliance with current OMB and GAO guidance as well as compliance with Departmental policy. Develops, administers, and maintains the capital planning investment review and portfolio management process for all information technology capital assets in the Department. Annually assesses all review thresholds and criteria; periodically analyzes the review process, and makes recommendations for improvement as needed. Provides assistance to the bureaus and offices with tailoring and maintaining the Information Technology Investment Portfolio System (I-TIPS) or its equivalent. Regularly analyzes I-TIPS data and reports findings to the CIO.
(i) Develops policy and provides guidance concerning Information Technology acquisition management and operations. Reviews, approves, and monitors the acquisition of information technology and IT-related resources (equipment, software, maintenance, and services) exceeding the Department=s thresholds for bureaus and offices.
(j) Provides project management support and oversight to the bureaus and offices as they develop specific information technology systems. Evaluates their management of risks and contingency planning as needed. Provides IRM technical advice and assistance to the bureaus and offices in developing automated systems, and in redesigning existing systems to resolve complex information technology problems.
(k) As assigned by the CIO, Assistant Secretary - Policy, Management and Budget, or the Secretary of the Interior, provides project management oversight of specific IT projects and provides regular progress assessments. Makes recommendations for improving performance or operations, as necessary, to the CIO and the individual project manager. Monitors and evaluates major information technology and systems projects for compliance with the Department=s life cycle management policies.
(l) Maintains liaison with other Federal departments and agencies regarding best practices associated with IT capital planning and architecture programs. Incorporates, as appropriate, best practices into the Department=s IT capital planning and architecture programs.
(m) Develops and issues control evaluation guidelines for conducting reviews of information technology general support systems and major applications involving strategic planning, capital planning, business architecture, data architecture, applications architecture, technology architecture, project management and life cycle review for information technology systems, as required by 340 DM 1.4B(5).
(2) Telecommunications Systems Division. This Division is responsible for developing and implementing Department-wide telecommunications (voice, data, and radio) policies, standards and guidelines, and advising and providing technical assistance to bureaus and offices in the acquisition, operation, and use of telecommunications facilities and services. The Division=s data communications responsibilities include those planning and policy activities related to virtual network and Internet access. Specific functions and responsibilities are as follows:
(a) Establishes Departmental telecommunications policies, and develops programs and/or procedures for the acquisition and use of voice, radio, and data communication systems and services.
(b) Identifies requirements for Departmental telecommunications services and facilities, and coordinates the development of a Departmental telecommunications plan.
(c) Assists bureaus and offices in the planning, design, optimization, procurement, and implementation of shared communication services.
(d) Reviews, approves, and monitors the acquisition and installation of telephone systems and data communications networks acquired by bureaus and offices within the Department, and provides liaison with GSA on those actions.
(e) Oversees the management and operation of Departmental telecommunication systems, networks, and services.
(f) Provides technical assistance, and issues information, guidance, and instructions for the design, management, and operation of voice, data (including local and wide area networks) and radio communications systems within the Department.
(g) Prepares inter- and intra-agency agreements for shared communications on behalf of the bureaus and offices.
(h) Acts for the Department to obtain agreements, licenses, authorizations, understandings, registrations, and other authorities necessary to the operation of telecommunications facilities. This includes assignments for Departmental radio frequencies and management of radio frequency authorizations.
(i) Represents the Department on Departmental, Federal, National, and International committees in matters relating to telecommunications activities. Maintains liaison with GSA, the National Telecommunications and Information Agency, the National Communications System, interexchange carriers, and local operating companies.
(j) Provides telecommunications support for Department-wide special projects and communications security applications.
(k) Develops and issues control evaluation guidelines for conducting reviews of information technology general support systems and major applications involving telecommunications (voice, data, and radio), activities related to networks and Internet access, as required by 340 DM 1.4B(5)
(3) Information Management Division (IMD). This Division is responsible for developing, coordinating, and implementing Department-wide IRM policies, standards and guidelines, and providing technical assistance to bureaus and offices related to Records Management, the Freedom of Information Act (FOIA) and Appeals, the Privacy Act and Appeals, specialty programs including Section 508 of the Rehabilitation Act of 1973, as amended, electronic messaging services, web-based mission and business solutions, and IRM Internal and Management Controls. Specific functions and responsibilities are as follows:
(a) Develops broad IRM policies involving more than one of the IRM functional areas and specific IRM policies for functions assigned to the Division. Interprets, plans and monitors the implementation of related polices emanating from Congress and other organizations. Represents the Department and provides staff support to Departmental representatives on IRM policy matters requiring interface with other government agencies.
(b) Coordinates the preparation and submission of IRM reports to the Department=s Chief Information Officer and to the OIG, GAO, OMB, GSA, Congress and other governmental bodies.
(c) Issues directives, policies and guidance that establish records management policies, program objectives, responsibilities, and authorities for Departmental recordkeeping requirements, 380 DM 1.
(d) Coordinates the development of policy and standard operating procedures for Department-wide, Web-based mission/business solutions that include but are not limited to (1) Web style guides, (2) electronic forms, (3) Web-based data storage/retrieval methods and, (4) Web application development standards, (5) e-commerce and (6) overall government strategies as required by 340 DM 1.4B(5). The Departmental Webmaster chairs the Interior Webmaster=s Council.
(e) Develops and establishes policy, procedures, and provides leadership for improving the operations costs, performance, and reliability of Interior-wide electronic messaging services.
(f) Develops and administers a comprehensive and effective program for implementation of all provisions of the FOIA, Privacy Act, and FOIA/Privacy Act Appeals, 383 DM 15, 383 DM 1.
(g) Provides general policy and procedural guidance to the bureaus through policy development, coordination, reporting, and assessment actions.
(h) Provides guidance and advice for the technical safeguarding of computerized systems of records, and paperwork management policy aspects of safeguarding systems of records, such as system design, archival records, transfers, and records storage and disposal techniques.
(i) Provides general guidance to the bureaus on procedures for disclosing or denying disclosure of personal records to third parties.
(j) Provides training for all Department of the Interior employees to ensure compliance, relative to the IMD functions.
(k) Develops and issues control evaluation guidelines for conducting reviews of information technology general support systems and major applications involving records management, FOIA, and the Privacy Act as required by 340 DM 1.4B(5)
7/23/01 #3371
Replaces 8/9/91 #2921