PROGRAM MANAGEMENT

INTRODUCTION

These performance measures link to HRSA’s Strategic Plan goal to achieve excellence in management and to the specific objectives to strategically manage information technology to support programs, and foster and lead a high-quality, well-trained workforce.

DISCUSSION OF TARGETS AND RESULTS

35.VII.B.1.  Information Technology Management: Ensure Critical Infrastructure Protection.

HRSA continues to administer a diligent Critical Infrastructure Protection (CIP) program that includes, among other efforts, a strong emphasis on perimeter protection, incident response, risk assessment, and security awareness training.  Legislation such as the Federal Information Security Management Act (FISMA) imposes significant computer security requirements including periodic assessments of security risks to information systems and data supporting its critical operations.

HRSA will monitor the performance of the CIP and Information Systems Security Program through the following measures:

A.  Perimeter Protection:  HRSA will protect the perimeter and network boundaries by implementing the appropriate network intrusion infrastructure to detect and mitigate improper network violations. In FY 06, monitoring/auditing was redesigned to incorporate an additional monitoring and incident detection tool (Securify) which complies with HHS EA needs.  In addition, there is now 24/7 monitoring supported by an agreement with the NIH.  In FY 07, HRSA Improved overall security posture and compliance levels through implementation of customized and streamlined policies on various IPS/IDS devices and installation of ISS Proventia Enterprise Vulnerability Scanner, ISS Real Secure Server Sensors, and Arcsight for event correlation. FY 09 Goal: HRSA will implement and operate a cyber protection and incident handling center to conduct real-time assessment of current network vulnerabilities and remediation of network perimeters.

B.     Risk Assessment: As defined by OMB Circular A-130 and integral to the IT security program, HRSA will broaden risk assessment efforts for Agency information systems and networks. During FY 06, HRSA completed annual self-assessments, privacy impact assessments, security reviews, and security plans for all Agency FISMA mission critical/essential systems.  During FY 07, completed four (4) full Certification and Accreditations and performed annual security reviews on fourteen (14) other HRSA systems.  FY 09 Goal: complete Certification and Accreditation (C&A) for twenty (20) HRSA systems.

C.     Security Awareness Training:  In addition to security education and outreach efforts, HRSA will expand the security awareness training program for Agency employees, and other program staff with unique information security responsibilities. In FY 07, HRSA successfully reported a 100% completion rate for HRSA Executives and those staff identified to have significant security responsibilities and a 99.9% completion rate for Security Awareness training of HRSA staff.  FY 09 Goal: HRSA will have full participation in Security Awareness Training by 100% of HRSA Staff, specialized security training for 100% of HRSA staff identified to have significant security responsibilities, and participation of Executive Awareness Training by 100% of HRSA executive staff.

35.VII.A.1.  Strategic Management of Human Capital Initiative:  As part of a management review, HRSA will implement a Delayering Management and Streamlining Organizational Plan.

HRSA continues to focus its efforts to consolidate and re-deploy staff to more effectively support the President’s Management Agenda and accomplish the mission and goals of the Department and HRSA.  By the end of December 2001, HRSA had accomplished the following: 1) Created a Citizen-Centered Agency; 2) Realigned Health Professions Programs into one Bureau and created a mission centered Primary Care Bureau; 3) Streamlined the Office of the Administrator; 4) Consolidated Information Technology (IT) functions; and 5) Consolidated Legislative and Public Affairs staff within HRSA, with appropriate reporting relationships to OS.

During FY 02 and FY 03, HRSA accomplished the following restructuring efforts:

1) Completed the restructuring of its financial management functions.  These functions were formerly performed by the Office of Management and Program Support and HRSA’s four Bureaus.  They have all been consolidated; and 2) Completed a reorganization plan that was announced in the Federal Register on January 7, 2003, which restructured the grants function within HRSA.  During FY 04, a substantial Agency restructuring package was published in the Federal Register on September 21, 2004.  This eliminated a variety of levels, created an Office of Federal Assistance Management which consolidated the grants activity within HRSA, and realigned administrative and financial management activities in the Office of Administration and Financial Management.  During FY 06, HRSA created an Office of Health Information Technology, which was formally established with a Federal Register notice.  During FY 07, HRSA consolidated a variety of Health Professions loan repayment and obligated scholarship programs into a Bureau of Clinician Recruitment and Services.  (April 18, 2007 Federal Register)

35.VII.A.2.  Strategic Management of Human Capital Initiative: Implement the HRSA Scholars Program.

To assist in accomplishing the President’s Strategic Management of Human Capital Initiative, HRSA has developed the HRSA Scholars Program.  This program will increase career development opportunities and develop a new approach to hiring staff-experienced professionals and young graduates.  It has components for workforce planning, outreach and recruitment, hiring, recruiting incentives, training, developing and mentoring, and evaluation.  This approach focuses on bringing in honor students at the GS-5, 7 and 9 levels.

During FY 01, the HRSA Scholars Program was developed and implemented.  Forty-eight Scholars were hired. In FY 02 and FY 03 the numbers of scholars were 53 and 43, respectively.

For FY 04, 41 HRSA Scholars were brought on board. In FY 05, an additional 18 scholars were brought on board.  This initiative was originally a five-year initiative (FY 01- FY 05), but an additional class was added.  The FY 06 target was set at a level of 50 Scholars.  Fifty-one (51) scholars were brought on board in FY 06.  In FY 07, 62 scholars were added, exceeding the target of 55.  There is no target for FY 09.

The HRSA Scholars Program served as a model for the HHS Emerging Leaders Program.  Additionally, HRSA is a full participant in the HHS Emerging Leaders Program.  Of the first class of 65, HRSA took 5 positions. This represents about 7.7% of the total HHS class, although HRSA represents only 3.2% of the HHS workforce.