An essential element of expanding e-government is ensuring that Federal agency information technology systems are funded, developed and operated to provide the greatest level of performance, manage risk, and provide robust services to citizens. Information policy and technology provides a framework for Federal technology systems that includes privacy and security and capital planning.
The Federal Government must effectively manage its portfolio of capital assets, including information technology, to ensure that scarce public resources are wisely invested. Capital planning and investment control integrates the planning, acquisition and management of capital assets into the budget decision-making process, and is intended to assist agencies in improving asset management and in complying with results-oriented requirements. Capital planning is an essential part of the E-Government strategy and assists projects managers and agency officials in managing their portfolio of technology projects so that agency mission goals may be achieved and citizens are served better.
Capital planning guidance is provided by the Office of Management and Budget.
PRIVACY & SECURITY
Privacy and security of data are important elements of planning, acquisition, and management of Federal information technology systems. The E-Government Act of 2002 and the Federal Information Security Management Act (FISMA) provide significant privacy and security responsibilities for federal information technology system operators.
The E-Government Act of 2002 requires agencies to conduct a Privacy Impact Assessment (PIA) before developing or procuring IT systems or projects that collect, maintain, or disseminate information in identifiable form from or about members of the public, or initiating, consistent with the Paperwork Reduction Act, a new electronic collection of information in identifiable form for 10 or more persons (excluding agencies, instrumentalities or employees of the federal government). Agencies must update their PIAs to reflect changed information collection authorities, business processes or other factors affecting the collection and handling of information in identifiable form.
FISMA requires agencies to integrate IT security into their capital planning and enterprise architecture processes, to conduct annual IT security reviews of all programs and systems, and to report the results of those reviews to OMB. The Act provides the framework for securing the Federal government’s information technology. All agencies covered by the Paperwork Reduction Act must implement the requirements of FISMA and report annually to the Office of Management and Budget and Congress on the effectiveness of their security programs.
HOMELAND SECURITY PRESIDENTIAL DIRECTIVE: COMMON IDENTIFICATION STANDARD FOR EMPLOYEES AND CONTRACTORS (HSPD-12)
On August 27, 2004, the President issued a Homeland Security Presidential Directive calling for a mandatory, government-wide standard for secure and reliable forms of identification issued by the federal government to its employees and to the employees of federal contractors. The implementation of this Standard will ensure the identification for government employees and contractors is reliable and secure.
The Office of Management and Budget was directed to oversee agency implementation. Agencies must ensure consistency with existing privacy and security law and policies to ensure employee and contractor information is protected and appropriately used.
INTERNET PROTOCOL VERSION 6 (IPV6)
On August 2, 2005, the OMB Office of E-Gov and IT issued OMB Memorandum 05-22, “Transition Planning for Internet Protocol Version 6 (IPv6),” directing all Federal government agencies to transition their network backbones to the next generation of the Internet Protocol Version 6 (IPv6), by June 30, 2008. The memorandum identifies several key milestones and requirements for all Federal government agencies in support of the June 30, 2008 target date.
The existing protocol supporting the Internet today - Internet Protocol Version 4 (IPv4) - supports only 4 billion IP addresses, limiting the number of devices that can be given a unique, globally routable location on the Internet. This has constrained the growth of the Internet worldwide, and has limited the number of computers and other devices that can be connected to one another via the Internet. In contrast to IPv4, IPv6 provides an almost unlimited number of IP addresses, and offers enhanced mobility, security, and network management features. IPv6 supports the continued growth of the Internet and development of new business capabilities leveraging mobile, Internet connectivity.
The CIO Council will issue guidance to assist agencies with transition planning.