The role of federal chief information officers is about to shift, according to the government’s new top CIO, Steven VanRoekel, who was named last week to succeed outgoing CIO, Vivek Kundra.
In a White House blog post published last night, VanRoekel highlighted four new areas of focus for federal CIOs: Governance, Commodity IT, Program Management, and Information Security.
The newly-defined responsibilities were summarized in a memorandum issued yesterday by Office of Management and Budget Director, Jacob Lew (pictured), to executive department and agency chiefs.
Behind the changes is long-recognized need by administration officials to shift the primary responsibilities of federal chief information officers, “away from just policy making and infrastructure maintenance, to encompass true portfolio management for all IT,” Lew said.
As part of the revised duties, the charter of the federal CIO council, the organization federal CIOs work through to address cross-agency issues, will also be amended to allow more effective development and management of shared services, cross-agency initiatives, and governmentwide policy.
In addition to their statutory responsibilities through the Clinger-Cohen Act and related laws, Lew wrote, there will be four main areas in which “agency CIOs shall have a lead role”:
Governance: CIOs must drive the investment review process for IT investments and have responsibility over the entire IT portfolio for an Agency, working with chief financial and chief acquisition officers to ensure IT portfolio analysis is an integral part of the yearly budget process for an agency.
Commodity IT: Agency CIOs must focus on eliminating duplication and rationalize their agency’s IT investments in IT infrastructure (data centers, networks, desktop computers and mobile devices); enterprise IT systems (e-mail, collaboration tools, identity and access management, security, and web infrastructure); and business systems (finance, human resources, and other administrative functions). The CIO shall pool their agency’s purchasing power across their entire organization to drive down costs and improve service for commodity IT. In addition, enterprise architects will support the CIO in the alignment of IT resources, to consolidate duplicative investments and applications.
Program Management. Agency CIOs shall improve the overall management of large federal IT projects by identifying, recruiting, hiring, training and reviewing top IT program management talent. CIOs will be held accountable for the performance of IT program managers based on their governance process and the IT Dashboard.
Information Security: CIOs, or senior agency officials reporting to the CIO, shall have the authority and primary responsibility to implement an agency-wide information security program. They will also be responsible for providing information security for both the information collected and maintained by, or on behalf of the agency, and for the information systems that support the operations.
The new responsibilities build on the Obama’s Administration’s “25 Point Plan to Reform Federal IT Management,” now in it its eight month of implementation, said VanRoekel. The reforms were “developed to remedy what had become routine in Washington: IT projects running over budget, falling behind schedule or failing to deliver promised functionality,” said Van Roekel.
As part of those expanded responsibilities, federal CIO’s will be charged with paying close attention to continuous network and information security monitoring and standardized risk assessment processes. These process are to be supported by “CyberStat” sessions run by the Department of Homeland Security, Lew said.
In addition, agency CIOs are required to play a greater cross-agency portfolio management role through the Federal CIO Council.
“Just as CIOs are tasked to find and eliminate duplicative systems in their agencies, the Council will seek opportunities to reduce duplication, improve collaboration and to eliminate waste across agency boundaries,” Lew said.