An essential element of expanding e-government is ensuring that Federal agency information technology systems are funded, developed and operated to provide the greatest level of performance, manage risk, and provide robust services to citizens. Information policy and technology provides a framework for Federal technology systems that includes privacy and security and capital planning.
The Federal Government must effectively manage its portfolio of capital assets, including information technology, to ensure that scarce public resources are wisely invested. Capital planning and investment control integrates the planning, acquisition and management of capital assets into the budget decision-making process, and is intended to assist agencies in improving asset management and in complying with results-oriented requirements. Capital planning is an essential part of the E-Government strategy and assists projects managers and agency officials in managing their portfolio of technology projects so that agency mission goals may be achieved and citizens are served better.
Capital planning guidance is provided by the Office of Management and Budget.
PRIVACY & SECURITY
Privacy and security of data are important elements of planning, acquisition, and management of Federal information technology systems. The E-Government Act of 2002 and the Federal Information Security Management Act (FISMA) provide significant privacy and security responsibilities for federal information technology system operators.
The E-Government Act of 2002 requires agencies to conduct a Privacy Impact Assessment (PIA) before developing or procuring IT systems or projects that collect, maintain, or disseminate information in identifiable form from or about members of the public, or initiating, consistent with the Paperwork Reduction Act, a new electronic collection of information in identifiable form for 10 or more persons (excluding agencies, instrumentalities or employees of the federal government). Agencies must update their PIAs to reflect changed information collection authorities, business processes or other factors affecting the collection and handling of information in identifiable form.
FISMA requires agencies to integrate IT security into their capital planning and enterprise architecture processes, to conduct annual IT security reviews of all programs and systems, and to report the results of those reviews to OMB. The Act provides the framework for securing the Federal government’s information technology. All agencies covered by the Paperwork Reduction Act must implement the requirements of FISMA and report annually to the Office of Management and Budget and Congress on the effectiveness of their security programs.