Information Policy, E-Gov & IT

• E-Government Initiatives
• Information Quality Government-wide Initiatives
• OMB-Specific Information Quality Web page
• IT Policy Documents
• IT Spending
• Computer Security
• Privacy Guidance
• Privacy Reference Materials
• Government Paperwork Elimination Act (GPEA)
• Freedom of Information Reform Act

• E-Government Initiatives
  • FY 2007 Report to Congress on Implementation of The E-Government Act of 2002 (March 1, 2008) (43 pages, 261 kb)
  • Updated Instructions for Public Posting of Homeland Security Presidential Directive 12 (HSPD-12) Implementation Status (October 26, 2007) (3 pages, 73 kb)
  • M-08-01, HSPD-12 Implementation Status (October 23, 2007) (2 pages, 39 kb)
  • FY 2006 Report to Congress on Implementation of The E-Government Act of 2002 (March 1, 2007) (38 pages, 272 kb)
  • Homeland Security Presidential Directive (HSPD) 12 Implementation Plan Update (August 29, 2006) (1 page, 29 kb)
  • M-06-25, FY 2006 E-Government Act Reporting Instructions (August 25, 2006) (3 pages, 53 kb)
  • M-06-18, Acquisition of Products and Services for Implementation of HSPD-12 (June 30, 2006) (5 pages, 69 kb)
  • M-06-07, Designation of a Senior Agency Official for Geospatial Information (March 3, 2006) (3 pages, 30 kb)
    • FY 2005 Report to Congress on Implementation of The E-Government Act of 2002 (March 1, 2006) (46 pages, 374 kb)
  • Report to Congress on the Benefits of the President's E-Government Initiatives (January 6, 2006) (183 pages, 1,469 kb)
  • M-05-25, SmartBUY Agreement with Oracle (August 25, 2005) (3 pages, 75 kb)
  • M-05-24, Implementation of Homeland Security Presidential Directive (HSPD) 12 – Policy for a Common Identification Standard for Federal Employees and Contractors (August 5, 2005) (13 pages, 141 kb)
    • Public Comments Received on Draft OMB HSPD-12 Guidance
  • FY 2005 E-Government Act Reporting Instructions (July 28, 2005) (2 pages, 43 kb)
  • Section 213 of the E-Government Act Report to Congress: Organizations Complementing Federal Agency Information Dissemination Programs (April 15, 2005) (23 pages, 361 kb)
  • FY 2004 Report to Congress on Implementation of the E-Government Act of 2002 (March 1, 2005) (43 pages, 335 kb)
  • M-05-05, Electronic Signatures: How to Mitigate the Risk of Commercial Managed Services (December 20, 2004) (2 pages, 54 kb)
  • E-Government Act Transmittal Letters (March 9, 2004) (74 pages, 62 kb)
  • FY 2003 Report to Congress on Implementation of The E-Government Act (March 8, 2004) (74 pages, 587 kb)
  • Reporting Instructions for the E-Government Act (November 21, 2003)
  • Streamlining Authentication and Identity Management (July 3, 2003) (2 pages, 95 kb)
  • Small Business Paperwork Relief Task Force Report (June 27, 2003) (64 pages, 904 kb)
  • Procedures for Requesting Funds from the E-Government Fund (May 12, 2003) 4 pages, (91 kb)
  • E-Government Strategy, Implementing the President’s Management Agenda for E-Government (April 2003) (41 pages, 907 kb)
  • E-Government Strategy, Implementing the President’s Management Agenda for E-Government (February 27, 2002) (41 pages, 549 kb)

  Top of page

• Information Quality Government-wide Initiatives
  • M-07-24, Updated Principles for Risk Analysis (September 19, 2007) (13 pages, 156 kb)
    • News Release, OMB and OSTP Statements on Updated 1995 Principles for Risk Analysis (September 19, 2007)
  • Proposed Bulletin on Risk Assessment
    • Link to Public Comments on Proposed Risk Assessment Bulletin
    • Link to National Academy of Sciences (NAS) review of draft Risk Bulletin
    • OMB Proposed Bulletin on Risk Assessment (January 9, 2006) (26 pages, 157 kb)
    • OMB Requests Peer Review of Proposed Risk Assessment Bulletin (Press Release, January 9, 2006) (1 page, 44 kb)
    • Federal Register Notice announcing Proposed Bulletin on Risk Assessment (January 17, 2006) (1 page, 71 kb)
    • OMB Peer Review Agenda for Proposed Bulletin on Risk Assessment (1 page, 18 kb)
  • Final Information Quality Bulletin for Peer Review
    • Issuance of OMB's Final Information Quality Bulletin for Peer Review (December 16, 2004) (45 pages, 263 kb)
    • Federal Register Notice for Final Bulletin (January 14, 2005) (14 pages, 145 kb)
    • Response to Comments on the Revised Proposal for Bulletin on Peer Review (December 15, 2004) (6 pages, 45 kb)
  • Memorandum from John D. Graham to the President's Management Council, "Posting of Information Quality Correction Requests and Responses" (August 30, 2004) (1 page, 34 kb)
  • Information Quality: A Report to Congress (April 30, 2004) (122 pages, 739 kb)
  • Revised Information Quality Bulletin on Peer Review (April 15, 2004) (36 pages, 197 kb)
    • Submitting Comments on the Revised Information Quality Bulletin on Peer Review
    • Summary of Public and Agency Comments on Proposed Bulletin on Peer Review and Information Quality, Including Responses by OMB (April 15, 2004) (14 pages, 84 kb)
    • Public Comments on the Revised Proposal for Bulletin on Peer Review
  • Memorandum from John D. Graham for the President's Management Council, "Guidance for the Information Quality Annual Agency Report to OMB" (October 17, 2003) (8 pages, 174 kb)
  • Peer Review and Information Quality Proposed Bulletin and Request for Comment (August 29, 2003) (14 pages, 189 kb)
  • Extension of Comment Period to December 15, 2003 (September 15, 2003) (7 pages, 105 kb)
  • Public Comments on the Peer Review and Information Quality Proposed Bulletin
  • Agency Information Quality Guidelines
  • Memorandum from John D. Graham for the President's Management Council, "Executive Branch Information Quality Law" (October 4, 2002) (4 pages, 68 kb)
  • Final Office of Management and Budget Information Quality Guidelines (October 1, 2002) (9 pages, 98 kb)
  • Draft Office of Management and Budget Information Quality Guidelines and Request for Comment (May 1, 2002) (10 pages, 140 kb)
    • Extension of Comment Period (June 13, 2002) (1 page, 49 kb)
  • Memorandum from John D. Graham for the President's Management Council, "Agency Final Information Quality Guidelines"
    (September 5, 2002) (3 pages, 154 kb)
  • Memorandum from John D. Graham for the President's Management Council, "Agency Draft Information Quality Guidelines" (June 10, 2002) (12 pages, 140 kb)
  • Letter from John D. Graham to Selected Agencies Regarding Draft Information Quality Guidelines (May 22, 2002) (10 pages, 14 kb)
  • OIRA Administrator Speech: OMB’S ROLE IN OVERSEEING INFORMATION QUALITY (Remarks to Public Workshop on Information-Quality Guidelines, Sponsored by Committee on Data Quality, Science, Technology and Law Program, National Research Council/National Academy of Sciences, Washington, DC (March 21, 2002) (12 pages, 18 kb)
  • Guidelines for Ensuring and Maximizing the Quality, Objectivity, Utility, and Integrity of Information Disseminated by Federal Agencies (February 22, 2002) (10 pages, 162 kb)
  • Guidelines for Ensuring and Maximizing the Quality, Objectivity, Utility, and Integrity of Information Disseminated by Federal Agencies (September 28, 2001)

    Top of page

• IT Policy Documents
• M-06-06, Sample Privacy Documents for Agency Implementation of Homeland Security Presidential Directive (HSPD) 12 (February 17, 2006) (1 page, 30 kb)
  • Sample Privacy Documents (Word, 260 kb)
• M-06-02, Improving Public Access to and Dissemination of Government Information and Using the Federal Enterprise Architecture Data Reference Model (December 16, 2005) (6 pages, 65 kb)
• M-05-23, Improving Information Technology (IT) Project Planning and Execution (August 4, 2005) (8 pages, 81 kb)
• M-05-22, Transition Planning for Internet Protocol Version 6 (IPv6) (August 2, 2005) (9 pages, 93 kb)
• M-05-04, Policies for Federal Agency Public Websites (December 17, 2004) (5 pages, 55 kb)
• M-04-26, Personal Use Policies and “File Sharing” Technology (September 8, 2004)
• M-04-04 E-Authentication Guidance (December 16, 2003) (17 pages, 126 kb)
• M-03-19 Reporting Instructions for the Federal Information Security Management Act and Updated Guidance on Quarterly IT Security Reporting (August 6, 2003) (35 paes, 602 kb)
• M-03-18, Implementation Guidance for the E-Government Act of 2002 (August 1, 2003) (13 pages, 704 kb)
• M-00-15, OMB Guidance on Implementing the Electronic Signatures in Global and National Commerce Act (September 25, 2000)
• OMB Circular A-130, Transmittal Memorandum #4, Management of Federal Information Resources (November 28, 2000)
• M-98-09, Updated Guidance on Developing a Handbook for Individuals Seeking Access of Public Information (April 23, 1998)
• OMB Circular A-119: Federal Participation in the Development and Use of Voluntary Consensus Standards and in Conformity Assessment Activities (February 10, 1998)
• M-97-10, Guidance on Developing a Handbook for Individuals Seeking Access to Public Information (April 7, 1997)
• M-97-07, Multiagency Contracts Under the Information Technology Management Reform Act of 1996 (February 26, 1997)

Top of page

• IT Spending
• Report on Information Technology Spending for the Federal Government for Fiscal Years 2000, 2001, and 2002 (April 9, 2001) (Excel, 528 kb)
  
  
• Computer Security
• Fiscal Year 2007 Report to Congress on Implementation of The Federal Information Security Management Act of 2002 (March 1, 2008) (22 pages, 177 kb)
• Reminder - Ensuring Competition When Acquiring Information Technology and Using Common Security Configurations (December 19, 2007) (2 pages, 61 kb)
  
• M-07-19, FY 2007 Reporting Instructions for the Federal Information Security Management Act and Agency Privacy Management (July 25, 2007) (43 pages, 251 kb)
• M-07-11, Implementation of Commonly Accepted Security Configurations for Windows Operating Systems (March 22, 2007) (1 page, 28 kb)
• FY 2006 Report to Congress on Implementation of The Federal Information Security Management Act of 2002 (March 1, 2007) (Note: reposted to correct minor typographical errors) (144 pages, 772 kb)
• M-06-20, FY 2006 Reporting Instructions for the Federal Information Security Management Act and Agency Privacy Management (July 17, 2006) (42 pages, 301 kb)
  
• FY 2005 Report to Congress on Implementation of The Federal Information Security Management Act of 2002 (March 1, 2006) (86 pages, 437 kb)
• M-05-16, Regulation on Maintaining Telecommunication Services During a Crisis or Emergency in Federally-owned Buildings (June 30, 2005) (4 pages, 59 kb)
• M-05-15, FY 2005 Reporting Instructions for the Federal Information Security Management Act and Agency Privacy Management (June 13, 2005)
• Federal Information Security Management Act (FISMA) 2004 Report to Congress (March 1, 2005) (56 pages, 642 kb)
• M-04-25, FY 2004 Reporting Instructions for the Federal Information Security Management Act (August 23, 2004) (28 pages, 270 kb)
  • Section E -- FY04 FISMA Reporting Template (Excel, 164 kb)
• M-04-15, Development of Homeland Security Presidential Directive
  (HSPD) - 7 Critical Infrastructure Protection Plans to Protect Federal Critical Infrastructures and Key Resources (June 17, 2004) (14 pages, 119 kb)
• FY 2003 Report to Congress on Federal Government Information Security Management (March 1, 2004) (78 pages, 690 kb)
• FY 2002 OMB Report to Congress on Federal Government Information Security Reform (May 16, 2003) (131 pages, 1.24 mb)
• Improved FedCIRC Incident Reporting System (November 14, 2002)
• FY 2001 Report to Congress on Federal Government Information Security Reform (February 13, 2002) (112 pages, 1,079 kb)
• M-00-07, Incorporating and Funding Security in Information Systems Investments (February 28, 2000)
• M-99-20, Security of Federal Automated Information Resources (June 23, 1999)

  Top of page

• Privacy Guidance
  • M-07-19, FY 2007 Reporting Instructions for the Federal Information Security Management Act and Agency Privacy Management (July 25, 2007) (43 pages, 251 kb)
  • M-07-16, Safeguarding Against and Responding to the Breach of Personally Identifiable Information (May 22, 2007) (22 pages, 228 kb)
  • Recommendations for Identity Theft Related Data Breach Notification (September 20, 2006) (12 pages, 1,903 kb)
  • M-06-20, FY 2006 Reporting Instructions for the Federal Information Security Management Act and Agency Privacy Management (July 17, 2006) (42 pages, 301 kb)
  • M-06-19, Reporting Incidents Involving Personally Identifiable Information Incorporating the Cost for Security in Agency Information Technology Investments (July 12, 2006) (2 pages, 41 kb)
  • M-06-15, Safeguarding Personally Identifiable Information (May 22, 2006) (2 pages, 50 kb)
  • M-05-15, FY 2005 Reporting Instructions for the Federal Information Security Management Act and Agency Privacy Management (June 13, 2005)
  • M-05-08, Designation of Senior Agency Officials for Privacy (February 11, 2005) (2 pages, 31 kb)
  • M-03-22, OMB Guidance for Implementing the Privacy Provisions of the E-Government Act of 2002 (September 30, 2003)
  • M-01-05, Guidance on Inter-Agency Sharing of Personal Data - Protecting Personal Privacy (December 20, 2000)
  • Letter from John Spotila to Roger Baker, clarification of OMB Cookies Policy (September 5, 2000)
  • Letter from Roger Baker to John Spotila on Federal agency use of Web cookies (July 28, 2000)
  • Status of Biennial Reporting Requirements under the Privacy Act and the Computer Matching and Privacy Protection Act (June 21, 2000) (2 pages, 229 kb)
  • M-00-13, Privacy Policies and Data Collection on Federal Web Sites (June 22, 2000)
  • M-99-18, Privacy Policies on Federal Web Sites (June 2, 1999)
  • M-99-05, Instructions on Complying with President's Memorandum of May 14, 1998, "Privacy and Personal Information in Federal Records" (January 7, 1999)
  • Biennial Privacy Act and Computer Matching Reports (June 1998)
  • Privacy Act Responsibilities for Implementing the Personal Responsibility and Work Opportunity Reconciliation Act of 1996 (November 3, 1997) (3 pages, 431 kb)

    Top of page

• Privacy Reference Materials
  • Computer Matching and Privacy Protection Amendments of 1990 and the Privacy Act o1 1974, 56 FR 18599 (April 23, 1991) (3 pages, 592 kb)
  • Final Guidance Interpreting the Provisions of Public Law 100-503, the Computer Matching and Privacy Protection Act of 1988, 54 FR 25818 (June 16, 1989) (12 pages, 1.45 mb)
  • Guidance on Privacy Act Implementations of Call Detail Programs, 54 FR 12290 (April 20, 1987) (4 pages, 543 kb)
  • Privacy Act Guidance -- Update (May 24, 1985) (10 pages, 647 kb)
  • M-83-11, Guidelines on the Relationship Between the Privacy Act of 1974 and the Debt Collection Act of 1982 48 FR 15556, April 11, 1983 (March 30, 1983) (5 pages, 1.39 mb)
  • Implementation of the Privacy Act of 1974, Supplemental Guidance, 40 FR 5674, (December 4, 1975) (3 pages, 215 kb)
  • Congressional Inquiries which Entail Access to Personal Information Subject to the Privacy Act (October 3, 1975) (2 pages, 265 kb)
  • Privacy Act Implementation, Guidelines and Responsibilities, 40 FR 28948 (July 9, 1975) (3 pages, 4.62 mb)

Top of page

• Government Paperwork Elimination Act (GPEA)
  • Progress Report on Implementing the Government Paperwork Elimination Act (GPEA) (May 15, 2003) (4 pages, 156 kb)
  • Progress Report on Implementing the Government Paperwork Elimination Act (GPEA) (August 9, 2002) (5 pages, 147 kb)
  • Progress Report on Implementing the Government Paperwork Elimination Act (GPEA) (September 24, 2001) (9 pages, 69 kb)
  • Implementation of the Government Paperwork Elimination Act (May 2, 2000)
    
    
• Freedom of Information Reform Act
  • The Freedom of Information Reform Act of 1986: Uniform Freedom of Information Act Fee Schedule and Guidelines (March 27, 1987) (9 pages, 4,738 kb)