HHS OCIO Policies, Standards and ChartersPolicies, Standards, and Charters - Categories Policy is defined as the "what" and the "when" whereas Procedure is defined as the "how". Oversight groups (the President; Congress; Office of Management and Budget (OMB); General Services Agency (GSA); Office of Personnel Management (OPM); etc.) set the standards, the goal, the expectations that all Cabinet-Level Departments and their equivalents are to meet. The delta between where a Department is from that oversight-set goal, that expectation; that is the Department's Policy on "what" and "when" activities must occur in order to achieve progress towards that set that goal. The HTML links below will take you to the Policy, Standard, or Charter listed. If you would like to view a summary of all the documents shown below, please click here: OCIO Summary Page. POLICIES
PROCEDURES AND APPENDICES STANDARDS [5 Total] Description | Number | Date Issued | HTML Document |
---|
IT Security and Privacy |
---|
HHS Standard for Encryption | 2008-0007.001S | 12/23/2008 | HTML | HHS Standard for FISMA Inventory Management | 2008-0006.001S | 12/23/2008 | HTML | HHS Standard for Plan of Action and Milestones | 2008-0005.001S | 12/23/2008 | HTML | HHS-OCIO Standard for Security Configurations Language in HHS Contracts | 2008-0004.001S | 09/11/2008 | HTML | HHS Standard for the Segregation of Development/Test Environments from Production | 2008-0003.002S | 08/07/2008 | HTML | HHS Standard for Managing Outbound Web Traffic | 2008-0002.003S | 06/06/2008 | HTML | HHS Rules of Behavior (For Use of Technology Resources and Information) | 2008-0001.003S | 02/12/2008 | HTML | Enterprise Systems |
---|
CHARTERS [4 Total] Description | Number | Date Issued | HTML Document |
---|
Enterprise Architecture |
---|
CIO Council Charter | 2007-0001.001C | 06/27/2007 | HTML | Records Management |
---|
Records Management Council Charter | 2007-0002.001C | 08/21/2007 | HTML | IT Security and Privacy |
---|
Personally Identifiable Information (PII) Breach Response Team (BRT) Charter | 2008.0001.003C | 11/17/2008 | HTML | Enterprise Systems |
---|
HHS Trusted Internet Connection Access Provider (TICAP) Steering Committee Charter | 2008.0002.001C | 06/23/2008 | HTML |
|