CAPITAL PLANNING & INVESTMENT CONTROL (CPIC) FOR SECURITY

TABLE OF CONTENT

DM 3560-000         

                                                                                                                                                              

                                                Page

 

Chapter­ 12 – General Information

 

1          Purpose                                                                                             2                     

2          Cancellation                                                                                   2                     

3          References                                                                                       2                     

4          Scope                                                                                                3                     

5          Abbreviations                                                                                 3                     

6          Definitions                                                                                        3                                                                     

3560-001

Part I – Security Requirements for CPIC

 

1          Background                                                                                    1                     

2          Policy                                                                                                 1         

3          Responsibilities                                                                                2

 

 

Attachment

 

A         Guide to Capital Planning and Investment Control for the Cyber Security Infrastructure

            Table 1          Cost Categories

            Table 2          Cyber Security Program Operations

            Table 3          Cyber Security Major Initiatives

           

                                                                                               

 

 

 

 

 

 

 

 

 

 

 

                                                                             

U.S. Department of Agriculture

Washington, D.C.

 

DEPARTMENTAL MANUAL

 

    NUMBER:

  3560-000

 

 

 SUBJECT:

 Capital Planning & Investment Control (CPIC) for Security

 

DATE:

February 17, 2005

 

OPI:         Office of the Chief Information Officer, Cyber Security

                                                                                                                                               

CHAPTER 12

GENERAL INFORMATION

 

 

1          PURPOSE

 

This Departmental Manual chapter requires that all USDA agencies and staff offices define and document security requirements and costs using the Capital Planning and Investment Control (CPIC)

Process.

 

 

2          CANCELLATION

 

            This Departmental Manual will be in effect until superceded.

 

 

3          REFERENCES

 

E-Government Act of 2002, Pub. L. No. 107-347, 44 U.S.C. 3531 et seq., Title III, Federal Information Security Management Act (FISMA)Chief Financial Officers Act

 

Clinger-Cohen Act

 

Federal Acquisition Streamlining Act (FASA)

 

Government Performance and Results Act

 

Paperwork Reduction Act

 

 

Presidential Decision Directive 63, Policy on Critical Infrastructure Protection;

 

Public Law 100-235, Computer Security Act of 1987;

 

Office of Management and Budget Circular A-130, Security of Federal Automated Information Resources, Appendix III; 

 

 

4          SCOPE

 

            This manual applies to all USDA agencies, programs, teams,

            organizations, appointees, employees and other activities.

 

 

5          ABBREVIATIONS

 

CPIC              Capital Planning and Investment Control

CIO                Chief Information Officer

CSBR              Cost, Schedule, Benefit and Risk

CS                   Cyber Security

EITIRB             Executive Information Technology Investment Review

Board

            EWG               Executive Working Group

            FISMA            Federal Information Security Management Act

IRM                 Information Resources Management

ISSPM             Information Systems Security Program Manager

IT                     Information Technology

I-TIPS              Information Technology Investment Portfolio System

NIST                National Institute of Standards and Technology

OCIO             Office of the Chief Information Officer

OMB               Office of Management and Budget

USDA             United States Department of Agriculture