|
Federal Laws Relevant to the Clinger-Cohen Act (CCA)
|
|
Clinger-Cohen Act "Purple Book"
|
UPDATED: 2009 Edition
The CCA Purple book is a PDF that includes CCA, historical perspectives for the act, the executive order, and the DoD memos that created the CIO structures.
|
|
|
Clinger-Cohen Act (CCA) of 1996 (Full text)
|
The CCA, formally called the Information Technology Management Reform Act, formed the need to create the CIO function, and institutionalizes a number of best management practices.
|
|
|
Federal Acquisition Reform Act (FARA) of 1996
|
The Federal Acquisition Reform Act (FARA) increases the discretion of Contracting Officers in making competitive range determinations and lowers the approval levels for justification and approvals resulting in efficient competition. FARA also permits the use of Simplified Acquisition Procedures (SAP) in the acquisition of commercial items up to $5 million.
|
|
|
Paperwork Reduction Act (PRA) of 1995
|
The Paperwork Reduction Act (PRA) of 1995 requires that agencies obtain OMB approval before requesting most types of information from the public. "Information collections" include forms, interview, recordkeeping requirements, etc.
|
|
|
The Federal Acquisition Streamlining Act (FASA) of 1994
|
FASA was enacted to revise and streamline the acquisition laws of the Federal Government. FASA also expanded the definition of records, placed additional record retention requirements, and gave agencies statutory authority to access computer records of contractors doing business with the government.
|
|
|
Government Management Reform Act (GMRA) of 1994
|
The GMRA provides for a more effective, efficient and responsive Government by expanding the CFO Act requirement for audited financial statements; streamlining management control that authorizes the Director of OMB to publish in the budget, recommendations for consolidation, elimination or adjustments in frequency and due dates of statutorily required periodic reports to Congress or its committees.
|
|
|
Government Performance and Results Modernization Act (GPRA 2) of 2011
|
The Government Performance and Results Modernization Act of 2011 (GPRA 2) requires that federally funded agencies develop and implement an accountability system based on performance measurement, including setting goals and objectives and measuring progress toward achieving them.
|
|
|
The CFO Act of 1990
|
The CFO Act of 1990 focused attention on financial management improvements in the Federal Government by requiring the identification of a responsible official. The Law created a framework for financial organizations to focus on the integration of accounting, budget and other financial activities under one umbrella; the preparation of audited financial statements; and the integration of financial management systems. It also requires federal agencies to prepare a CFO strategic five year plan. The act required 14 Cabinet level Departments and 10 major agencies to established the position of a CFO who will report to the agency head.
|
|
OMB Circulars Relevant to CCA
|
|
Office of Management and Budget Circular No.A-11, Exhibit 300, Part I, Section I.C. Performance Goals and Measures
|
The OMB requires a submission of information about each investment that will be expending $1M or more in that budget year. This report permits the OMB to meet its statutory responsibilities under a number of Acts, including GPRA and CCA.
|
|
|
A-130, Management of Federal Information Resources
|
This Circular establishes policy for the management of Federal information resources. Procedural and analytic guidelines for implementing specific aspects of these policies are included as appendices.
|
|
|
A-76, Performance of Commercial Activities (also known as outsourcing)
|
This Circular sets forth the procedures for determining whether commercial activities should be performed under contract with commercial sources or in-house using Government facilities and personnel.
|
|
DoD Directives and Instructions Relevant to CCA
|
|
DoDI 5000.02 Enclosure 4 Language
|
DoDI 5000.02, Enclosure 4 provides IT considerations that must be met, including a CCA compliance table (Table E4.T1.).
|
|
|
DoD Directive 5144.1: ASD(NII)/DoD CIO
|
This Directive assigns responsibilities, functions, relationships, and authorities to the Assistant Secretary of Defense for Networks and Information Integration/DoD Chief Information Officer (ASD(NII)/DoD CIO). This directive applies to all DoD Components.
|
|
|
DoD Directive 8500.1: Information Assurance (IA)
|
This Directive establishes policy and assigns responsibilities under Section 2224 of title 10, United States Code to achieve Department of Defense (DoD) information assurance (IA) through a defense-in-depth approach that integrates the capabilities of personnel, operations, and technology, and supports the evolution to network centric warfare.
|
|
|
DoD Directive 8100.1: Global Information Grid (GIG) Overarching Policy
|
This Directive Establishes policy and assigns responsibilities for GIG configuration management, architecture, and the relationships with the Intelligence Community (IC) and defense intelligence components.
|
|
OSD Policy Memorandums on CCA
|
|
24 March 2009: Clinger-Cohen Act (CCA) Compliance of Major Information Systems (MAIS) for Fiscal Year (FY) 2009
|
The Defense Appropriations Act for FY 2009 (Public Law 110-329) did not reenact the provisions contained in the FY 2008 Act (Section 8068(c)).
As stated in the DoD CIO Memorandum, Clinger-Cohen Act (CCA) Compliance of Major Automated Informations (MAIS) for Fiscal Year (FY) 2009, March 24, 2009, DoD Component CIOs will, however, follow the guidance in Enclosure 5 to the DoD Instruction 5000.02, Operation of Defense Acquisition System, dated December 8, 2008, which states that for all programs that acquire information technology (IT), including a National Security System (NSS), at any Acquisition Category level, the Milestone Decision Authority shall not initiate a program or an increment of a program, or approve entry into any phase of the acquistion process, and the DoD Component shall not award a contract until:
- The sponsoring DoD Component or PM has satisfied the requirements of Title 40/CCA;
- The DoD Component CIO, or designee, confirms Titile 40/CCA compliance; and
- For Major Defense Acquisition Programs and MAIS programs only, the DoD CIO also confirms Title 40/CCA compliance.
|
|
|
22 March 2004: Information Technology Portfolio Management
|
This memorandum establishes DoD Policies and assigns responsibilities for managing information technology (IT) investments as portfolios. Decisions on what IT investments to make, modify or terminate shall be based on architectures, risk tolerance levels, potential returns, outcome goals and performance.
|
|
|
28 September 2005: DoD IT Registry Merger into DITPR
|
With the completion of the merger of the DoD IT Registry into the DOD IT Portfolio Repository (DITPR) as outlined in the 28 September 05 Memorandum titled, "DoD IT Registry Merger into DITPR," DITPR will become the official unclassified DoD data source for FISMA, E-Authentication, Portfolio Management, Privacy Impact Assessments, the inventory of MC/ME/MS systems, and the registry for systems under DODI 5000.2. The completion date is 1 Feb 06.
|
|
|
8 March 2002: CCA Compliance Policy
|
This CCA Compliance Policy Memo dated 8 Mar 02 clarifies and simplifies the requirements for judging compliance under the law. It also states that the CCA requirement is fully integrated into DoDI 5000.2. This document is now more historical in nature as it was written before the recent changes in DoD 5000, and the changes in certification to Congress in 2003, whereby the Component and NII certify and both certifications are forwarded to congress.
|
|
|
24 October 2001: Policy and Procedures for the Fast Track Deployment of Information Technology (IT) Functionality
|
Given the war on terror, OSD has developed a process to speed up the deployment of IT functionality to enable faster improvements to mission capabilities required to support Operation Enduring Freedom.
|
|
|
13 July 2000: DOD IT Systems Certification Requirements
|
This memorandum provides guidance on certification of Major Automated Information Systems (MAIS) compliance with CCA
|
|
|
1 May 1997: Requirements for Compliance with Reform Legislation for Information Technology (IT) Acquisitions
|
This memo correlates the Information Technology Management Reform Act of 1996 (now called Clinger-Cohen Act) with the Government Performance and Results Act (GPRA) of 1993 and the Paperwork Reduction Act (PRA) of 1995. A matrix is provided to show how these requirements correlate with each major milestone.
|
|
|
|
|
Contact