IT Laws
Key legislation governing federal information technology, including laws that establish CIO responsibilities and IT management requirements.
Federal CIOs must be familiar with the laws that define their responsibilities and govern federal IT management. These laws establish requirements for IT security, acquisition, data management, and more.
2.1 Federal Information Technology Acquisition Reform Act (2014)
The Federal Information Technology Acquisition Reform Act (FITARA), passed in December 2014, strengthened the role of agency CIOs and provided greater accountability for the delivery of IT capabilities across the Federal Government.
2.10 Freedom of Information Act (2000)
Allows for the full or partial disclosure of previously unreleased information and documents controlled by the United States government ($1).
2.11 Confidential Information Protection and Statistical Efficiency Act (2002)
Enacted to protect the confidentiality of information acquired from the public.
2.12 Digital Accountability and Transparency Act (2014)
Enacted to improve the quality and transparency of Federal award data.
2.13 Geospatial Data Act (2018)
Codifies the Federal Geographic Data Committee and supports the National Spatial Data Infrastructure The Geospatial Data Act of 2018 (GDA) became law on October 5, 2018.
2.14 Evidence-Based Policy Making Act (2018)
Establishes processes for the federal government to modernize data management practices, evidence building functions, and statistical efficiency.
2.15 Open Government Data Act (2018)
Requires public government data assets to be published as machine readable data, and each agency shall develop and maintain a comprehensive data inventory and designate a Chief Data Officer.
2.16 Creating Advanced Streamlined Electronic Services for Constituents Act (2019)
Enacted in 2019, the Creating Advanced Streamlined Electronic Services for Constituents (CASES) Act directs OMB to require each federal agency to accept electronic identity proofing and authentication processes that allow an individual, under the [Privacy Act of 1974], to access the individual's records or to provide prior written consent for the disclosure of the individual's records.
2.17 Internet of Things Cybersecurity Improvement Act of 2020
Enacted in 2020 to establish minimum security standards for Internet of Things (IoT) devices owned and controlled by the federal government.
2.18 IT Modernization Centers of Excellence Program Act
Enacted in 2020 to establish a program to facilitate the adoption of modern technology by executive agencies.
2.2 Clinger Cohen Act (1996)
The Information Technology Management Reform Act (ITMRA) and the Federal Acquisition Reform Act (FARA) were signed into law as part of the National Defense Authorization Act for Fiscal Year 1996 and were subsequently designated the Clinger Cohen Act of 1996.
2.3 Federal Information Security Modernization Act (2002)
The Federal Information Security Modernization Act (FISMA), first enacted in 2002 and updated in December 2014, established roles and responsibilities for OMB, DHS, and agency CIOs to provide accountability for the delivery of information security capabilities.
2.4 Chief Financial Officers Act (1990)
The CFO Act gave OMB new authority and responsibility for directing federal financial management, modernizing the government's financial management systems, and strengthening financial reporting.
2.5 Privacy Act (1974)
The Privacy Act ($1) establishes a code of fair information practices that governs the collection, maintenance, use, and dissemination of information about individuals that is maintained in systems of records by Federal agencies.
2.6 Government Performance and Results Act (1993)
The GPRA Modernization Act of 2010 was enacted in January 2011.
2.7 Paperwork Reduction Act (1980 and 1995)
The Paperwork Reduction Act (PRA) of 1980 established, within OMB, [OIRA].
2.8 Government Paperwork Elimination Act (1998)
The Government Paperwork Elimination Act (GPEA) seeks to "preclude agencies or courts from systematically treating electronic documents and signatures less favorably than their paper counterparts", so that citizens can interact with the Federal government electronically (S.
2.9 Information Quality Act (2000)
Section 515 of Public Law 106 554, known as the Information Quality Act, required the [OMB] to promulgate guidance to agencies ensuring the quality, objectivity, utility, and integrity of information (including statistical information) disseminated by Federal agencies.
Latest News
AI Transparency Listening Session with the White House Office of Management and Budget
The White House Office of Management and Budget (OMB) is leading a series of listening sessions to learn more from industry about their approaches to AI transparency and auditable risk management.
AI in Action: 5 Essential Findings from the 2024 Federal AI Use Case Inventory
This year, agencies publicly reported more than 1,700 ways they are using Artificial Intelligence (AI) to advance their missions and deliver better experiences to the public.
CISO Council and CDO Council Release Joint Guide on Federal Zero Trust Data Security
Today, the CISO Council and CDO Council released the Federal Zero Trust (ZT) Data Security Guide, a first-of-its-kind document and key deliverable of OMB M-22-09, Moving the U.S. Government Towards Zero Trust Cybersecurity Principles. M-22-09 charged the Federal CDO Council and Federal CISO Council to convene a cross-agency working group of data and security experts to develop a data security guide for Federal agencies.