1.5.1 CIO Responsibilities – Laws and Executive Orders
CIOs are responsible for the processes for managing, evaluating, and assessing how well the agency is managing its IT resources. This section lists the statutory responsibilities of CIOs related to investment management. The statutory language is directly pulled from applicable laws and executive orders. These statutory responsibilities are then implemented through OMB guidance and guidance from other government-wide organizations. This language, along with the language in other sections under the heading "CIO Responsibilities – Laws and Executive Orders," defines the CIO role and gives the CIO their statutory mandate.
General Responsibilities
The head of each covered agency … shall ensure that the [CIO] of the agency has a significant role in—(i) the decision processes for all annual and multi-year planning, programming, budgeting, and execution decisions… and (ii) the management, governance and oversight processes related to [IT]. (40 U.S.C. §11319(b)(1)(A). Responsibility for Acquisitions of Information Technology. Resources, planning, and portfolio management. Additional Authorities for Chief Information Officers.)
Information Technology Investments
The Director of the [OMB] shall require in the annual information technology capital planning guidance of the [OMB] the following: That the [CIO] of each covered agency certify that information technology investments are adequately implementing incremental development, as defined in capital planning guidance issued by the [OMB]. (Ibid
The CIO monitors the performance of information technology programs of the agency, evaluates the performance of those programs on the basis of the applicable performance measurements, and advises the head of the agency regarding whether to continue, modify, or terminate a program or project. (40 U.S.C. §11315. Responsibility for Acquisitions of Information Technology. Agency Chief Information Officer.)
Review
A covered agency other than the Department of Defense (I) may not enter into a contract or other agreement for information technology or information technology services, unless the contract or other agreement has been reviewed and approved by the [CIO] of the agency. (40 U.S.C. §11319(b)(1)(C)(I). Responsibility for Acquisitions of Information Technology. Resources, planning, and portfolio management. Review.)
A covered agency other than the Department of Defense (II) may not request the reprogramming of any funds made available for information technology programs, unless the request has been reviewed and approved by the [CIO] of the agency. (Ibid, (II).)
Latest News
AI Transparency Listening Session with the White House Office of Management and Budget
The White House Office of Management and Budget (OMB) is leading a series of listening sessions to learn more from industry about their approaches to AI transparency and auditable risk management.
AI in Action: 5 Essential Findings from the 2024 Federal AI Use Case Inventory
This year, agencies publicly reported more than 1,700 ways they are using Artificial Intelligence (AI) to advance their missions and deliver better experiences to the public.
CISO Council and CDO Council Release Joint Guide on Federal Zero Trust Data Security
Today, the CISO Council and CDO Council released the Federal Zero Trust (ZT) Data Security Guide, a first-of-its-kind document and key deliverable of OMB M-22-09, Moving the U.S. Government Towards Zero Trust Cybersecurity Principles. M-22-09 charged the Federal CDO Council and Federal CISO Council to convene a cross-agency working group of data and security experts to develop a data security guide for Federal agencies.