[Congressional Bills 113th Congress]
[From the U.S. Government Publishing Office]
[S. 2372 Introduced in Senate (IS)]

113th CONGRESS
  2d Session
                                S. 2372

   To provide additional oversight and guidance to the Department of 
                           Homeland Security.


_______________________________________________________________________


                   IN THE SENATE OF THE UNITED STATES

                              May 21, 2014

Mr. Bennet (for himself and Mr. Portman) introduced the following bill; 
which was read twice and referred to the Committee on Homeland Security 
                        and Governmental Affairs

_______________________________________________________________________

                                 A BILL


 
   To provide additional oversight and guidance to the Department of 
                           Homeland Security.

    Be it enacted by the Senate and House of Representatives of the 
United States of America in Congress assembled,

SECTION 1. SHORT TITLE.

    This Act may be cited as the ``Federal Cybersecurity Workforce 
Assessment Act''.

SEC. 2. DEFINITIONS.

    In this Act:
            (1) Appropriate congressional committees.--The term 
        ``appropriate congressional committees'' means--
                    (A) the Committee on Homeland Security and 
                Governmental Affairs of the Senate;
                    (B) the Committee on Homeland Security of the House 
                of Representatives; and
                    (C) the Committee on House Administration of the 
                House of Representatives.
            (2) Cybersecurity work category; data element code; 
        specialty area.--The terms ``Cybersecurity Work Category'', 
        ``Data Element Code'', and ``Specialty Area'' have the meanings 
        given such terms in the Office of Personnel Management's Guide 
        to Data Standards.
            (3) Director.--The term ``Director'' means the Director of 
        the Office of Personnel Management.
            (4) Secretary.--The term ``Secretary'' means the Secretary 
        of Homeland Security.

SEC. 3. NATIONAL CYBERSECURITY WORKFORCE MEASUREMENT INITIATIVE.

    (a) In General.--The head of each Federal agency shall--
            (1) identify all cybersecurity workforce positions within 
        the agency;
            (2) determine the primary Cybersecurity Work Category and 
        Specialty Area of such positions; and
            (3) assign the corresponding Data Element Code, as set 
        forth in the Office of Personnel Management's Guide to Data 
        Standards which is aligned with the National Initiative for 
        Cybersecurity Education's National Cybersecurity Workforce 
        Framework report, in accordance with subsection (b).
    (b) Employment Codes.--
            (1) Procedures.--Not later than 90 days after the date of 
        the enactment of this Act, the head of each Federal agency 
        shall establish procedures--
                    (A) to identify open positions that include 
                cybersecurity functions (as defined in the OPM Guide to 
                Data Standards); and
                    (B) to assign the appropriate employment code to 
                each such position, using agreed standards and 
                definitions.
            (2) Code assignments.--Not later than 9 months after the 
        date of the enactment of this Act, the head of each Federal 
        agency shall assign the appropriate employment code to--
                    (A) each employee within the agency who carries out 
                cybersecurity functions; and
                    (B) each open position within the agency that has 
                been identified as having cybersecurity functions.
    (c) Progress Report.--Not later than 1 year after the date of the 
enactment of this Act, the Director shall submit a progress report on 
the implementation of this section to the appropriate congressional 
committees.

SEC. 4. IDENTIFICATION OF CYBERSECURITY WORK CATEGORY AND SPECIALTY 
              AREAS OF CRITICAL NEED.

    (a) In General.--Beginning not later than 1 year after the date on 
which the employment codes are assigned to employees pursuant to 
section 3(b)(2), and annually through 2021, the head of each Federal 
agency, in consultation with the Director and the Secretary, shall--
            (1) identify Cybersecurity Work Categories and Specialty 
        Areas of critical need in the agency's cybersecurity workforce; 
        and
            (2) submit a report to the Director that--
                    (A) describes the Cybersecurity Work Categories and 
                Specialty Areas identified under paragraph (1); and
                    (B) substantiates the critical need designations.
    (b) Guidance.--The Director shall provide Federal agencies with 
timely guidance for identifying Cybersecurity Work Categories and 
Specialty Areas of critical need, including--
            (1) current Cybersecurity Work Categories and Specialty 
        Areas with acute skill shortages; and
            (2) Cybersecurity Work Categories and Specialty Areas with 
        emerging skill shortages.
    (c) Cybersecurity Critical Needs Report.--Not later than 18 months 
after the date of the enactment of this Act, the Director, in 
consultation with the Secretary, shall--
            (1) identify Specialty Areas of critical need for 
        cybersecurity workforce across all Federal agencies; and
            (2) submit a progress report on the implementation of this 
        section to the appropriate congressional committees.

SEC. 5. GOVERNMENT ACCOUNTABILITY OFFICE STATUS REPORTS.

    The Comptroller General of the United States shall--
            (1) analyze and monitor the implementation of sections 3 
        and 4; and
            (2) not later than 3 years after the date of the enactment 
        of this Act, submit a report to the appropriate congressional 
        committees that describes the status of such implementation.
                                 <all>