[Federal Register Volume 70, Number 140 (Friday, July 22, 2005)]
[Notices]
[Pages 42321-42324]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 05-14506]


-----------------------------------------------------------------------

DEPARTMENT OF HEALTH AND HUMAN SERVICES

Office of the Secretary


Office of Budget, Technology and Finance; Statement of 
Organization, Functions, and Delegations of Authority

    Part A, Office of the Secretary, Statement of Organization, 
Functions and Delegations of Authority for the Department of Health and 
Human Services (HHS) is being amended as follows: Chapter AM, ``Office 
of Budget, Technology and Finance,'' Chapter AMM, ``Office of 
Information Resources Management,'' as last amended at 70 FR 17690-91, 
dated April 7, 2005. This reorganization will retitle the Office of 
Information Resources Management (OIRM) and realign its functions in an 
Office of the Chief Information Officer (OCIO). The changes are as 
follows:
    I. Under Chapter AM, ``Office of Budget, Technology and Finance, 
Section AM.10 Organization, delete, in its entirety and replace with 
the following:
    Section AM.10 Organization: The Office of Budget, Technology, and 
Finance is headed by the Assistant Secretary for Budget, Technology and 
Finance (ASBTF). The Assistant Secretary for Budget, Technology, and 
Finance is the Departmental Chief Financial Officer (CFO), and reports 
to the Secretary. The office consists of the following components:

Immediate Office of the ASBTF (AM)
Office of Budget (AML)
Office of the Chief Information Officer (AMM)
Office of Finance (AMS)
Office of Grants (AMT)

    II. Under Section AM.20 Functions, paragraph 3, titled ``Office of 
Information and Resources Management,'' delete in its entirety and 
replace with the following:
    3. Office of the Chief Information Officer (AMM). The Deputy 
Assistant Secretary for Information Technology (DASIT), who is also the 
HHS Chief Information Officer, heads the Office of the Chief 
Information Officer (OCIO). OCIO provides the Secretary and the 
Assistant Secretary for Budget, Technology, and Finance (ASBTF) with 
strategic planning, information resources management and technology 
policy, architecture, investment review, and Office of the Secretary 
(OS) computer operations management support.
    III. Under Section AM: Functions, delete Chapter AMM, ``Office of 
Information Resources Management,'' and replace with the following:

C. Chapter AMM, Office of the Chief Information Officer

    AMM .00 Mission. The Office of the Chief Information Officer 
advises the Secretary and the Assistant Secretary for Budget, 
Technology and Finance on matters pertaining to the use of information 
and related technologies to accomplish Departmental goals and program 
objectives. The mission of the Office is to establish and provide: 
Assistance and guidance on the use of technology-supported business 
process reengineering; investment analysis; performance measurement; 
strategic development and application of information systems and 
infrastructure; policies to provide improved management of information 
resources and technology; and better, more efficient service to our 
clients and employees. The Office exercises authorities delegated by 
the Secretary to the Deputy Assistant Secretary for Information 
Technology, as the CIO for the Department. These authorities derive 
from the Clinger-Cohen Act of 1996, the Paperwork Reduction Act of 
1995, the Computer Matching and Privacy Act of 1988, the Computer 
Security Act of 1987, the Federal Information Security Management Act 
(FISMA), the National Archives and Records Administration Act of 1984, 
the Competition in Contracting Act of 1984, the Federal Records Act of 
1950, OMB Circulars A-130 and A-11, Government Printing and Binding 
Regulations issued by the Joint Committee on Printing, and Presidential 
Decision Directive 63.
    Section AMM.10 Organization. The Office of the Chief Information 
Officer (OCIO) is headed by the Deputy Assistant Secretary for 
Information Technology/HHS CIO, who reports to the Secretary and the 
Assistant Secretary for Budget, Technology and Finance. The HHS CIO 
serves as the primary IT leader for the Department, and the OCIO 
consists of the following:

Immediate Office (AMM1)
Office of Resources Management (AMM2)
Office of Information Technology Operations (AMM3)
Office of Enterprise Architecture (AMM4)
Office of Enterprise Project Management (AMM5)

Section AMM.20 Functions

    The Immediate Office of the Chief Information Officer (AMMI). The 
Immediate Office of the Chief Information Officer supports the DASIT/
CIO, and also provides leadership in OS IT issues, HHS IT architecture, 
use of technology in HHS and the HHS Web site. It performs the 
following functions:
    a. Provides continuous development and implementation of effective 
strategic solutions for enabling the HHS mission. Provides advice and 
counsel to the Secretary and the Assistant Secretary for Budget, 
Technology and Finance.
    b. Ensures the development and updates to the Information 
Technology Five Year Strategic Plan.
    c. Develops and coordinates information resources management 
policies applicable across the Department and the Office of the 
Secretary, including the creation, handling, storage, dissemination, 
and disposition of information.
    d. Leads the development and implementation of an enterprise 
information infrastructure across the Department.
    e. Oversees and manages risks associated with major information 
systems and information technology.
    f. Evaluates major investments in information technology, and is 
responsible for their subsequent period review.
    g. Guides and oversees the development of information systems and 
communications networks.
    h. Provide leadership in e-government activities.
    i. Provides data processing and communications equipment for the 
Office of the Secretary and participating HHS OPDIVs, and implements, 
operates, and maintains standard office automation applications running 
on the OS network.
    j. Provides executive direction to align Departmental strategic 
planning for information resources and technology with the Department's 
strategic business planning.
    k. Provides executive direction to develop and maintain 
Departmental information technology policy and architecture.
    l. Promotes business process reengineering, investment analysis, 
and performance measurement throughout the Department, to capitalize on 
evolving information technology.
    m. Represents the Department in Federal Government-wide initiatives 
to

[[Page 42322]]

develop policy and implement an information infrastructure.
    n. Provides leadership to the Department's Information Technology 
Investment Review Board (ITIRB) and the Department's Chief Information 
Officers' Advisory Council. Oversees enterprise IT efforts and any 
similar OPDIV efforts related to architecture, technology and the HHS 
Web site. Provides review and guidance to the ITIRB and CIO Council via 
analyses of alternative analyses strategies, standards compliance, 
architectural conformance and technology solutions.
    o. Develops and maintains HHS-wide Architecture, including the 
business, data, application and technology components. Establishes 
architecture tools and repositories, coordinates with OPDIV 
architectures, develops technical guidance, assists managers of 
applications systems, and coordinates expert working groups to populate 
the architecture. Advises the ASBTF, OPDIV CIOs and other senior 
officials on matters relating to technology. Leads the development of a 
department-wide investment strategy for advanced, innovative 
technology, and reviews agency technology policies, programs, processes 
and capabilities to ensure that HHS technology programs support the 
Department's objectives.
    p. Performs alternative analysis for key emerging and enabling 
technologies. Coordinates or directs pilot projects in these areas to 
establish proof of concept, confirm return on investment, or implement 
initial production implementations.
    q. Leads the development of HHS web communications to provide users 
with a single access point for HHS information. Leads the development 
of an enterprise information portal to improve the ability of HHS 
employees to communicate and collaborate with each other.
    2. Office of Resources Management (AMM2): The Office of Resources 
Management (ORM) is headed by the Director, Office of Resources 
Management and is responsible for OCIO Business Operations. The Office 
advises the CIO and OCIO managers on matters relating to OCIO 
operations, HHS information collection, HHS policy development and 
interpretation, development of the OCIO budget, HHS IT workforce 
development, coordinates e-government efforts across the Department, 
and provides recommendations regarding funding of e-government efforts. 
The Office is responsible for the following:
    a. Leading Departmental efforts to expand the availability of 
electronic means for conducting business.
    b. Coordinates HHS activities that support the President's 
Management Agenda's objective for E-Government.
    c. Coordinates planning and task tracking relating to HHS CIO 
responsibilities to ensure effective utilization of staff and other 
resources.
    d. Prepares, manages, integrates and coordinates budget 
formulation, presentation and execution with respect to the 
responsibilities of the CIO. Conducts analyses of budget implementation 
for the CIO.
    e. As directed by the DASIT, prepares staffing forecasts, analyzes 
staffing requirements and utilization, and recommends strategies for 
changes in human capital for OCIO.
    f. Oversees full life-cycle of OCIO contracts. Works with HHS 
contracting organizations, contractors and other parties to ensure that 
contractual transactions are substantively correct, and to track 
completion of tasks.
    g. Oversees and manages employee performance improvement programs 
to develop and maintain the technical expertise and qualifications of 
employees in OCIO.
    h. Coordinates and directs the Department's compliance activities 
under the Rehabilitation Act (1973), Section 508.
    i. Develops policies and guidance on information resources and 
technology management, including telecommunications, as required by law 
or regulation or to fulfill CIO responsibilities and Departmental 
initiatives.
    j. Manages the Department's information collection program, 
including development of Departmental policies, coordinating the 
Department's information collection budget, and reviewing and 
certifying requests to collect information from the public.
    k. Approves and reporting on computer matching activities as 
required by law through the Departmental Data Integrity Board.
    l. Manages the Departmental printing management, records 
management, and mail management policy programs.
    3. Office of Information Technology Operations (AMM3): The Office 
of Information Technology Operations (OITO) is directed by the Director 
of IT Services Center (ITSC), who also is the Office of the Secretary 
(OS) Chief Information Officer. OITO is responsible for providing 
Network Services, Help Desk, Call Center, Desktop Support, Web 
Architecture, Server Architectures, OPDIV IT Security, Secretary's 
Command Center and Continuity of Operations Planning (COOP) support, 
and Outreach/Customer Relationship Management (CRM). The Office is a 
primary resource for advising the HHS CIO on network and infrastructure 
related technology implementation, and for piloting HHS CIO special 
programs. OITO is responsible for the following:
    a. Operating, maintaining, and enhancing the ITSC computer network 
and services, including services for participating HHS organizations.
    b. Implementing and monitoring network policies and procedures, and 
developing plans and budgets for network support services.
    c. Ensuring reliable, high-performance network services.
    d. Implementing and operating electronic tools to enhance 
Secretarial communications with all HHS personnel.
    e. Coordinating with OPDIVs and STAFFDIVs to develop ITSC, IT 
capital planning and budgeting processes, providing direct planning 
support to assure that IRM plans support agency business planning and 
mission accomplishment, as it applies to the infrastructure.
    f. Implementing policies and guidance on information resources 
management within ITSC for acquisition and use of information 
technology, support of technical model, and coordination of 
implementation procedures.
    g. Maintaining and operating the inventory of automated data 
processing equipment for ITSC participating agencies.
    h. Operating and maintaining an information technology support 
service (Help Desk and Call Center) for participating HHS components.
    i. Managing contracts for equipment and support services related to 
the provision of IT services in ITSC participating agencies.
    j. Representing the Department through participation on interagency 
and Departmental work groups and task forces, as appropriate.
    k. Responsible for ITSC compliance with and implementation of all 
applicable HHS policies and Federal Laws regarding IT Security.
    l. Reviewing and facilitating acquisitions for activities related 
to ITSC.
    m. Supporting the Director in the role of OS CIO which holds CIO 
responsibility for the OS as an OPDIV, including the Program Support 
Center (PSC) and the Office of the Inspector General, as well as other 
OPDIVs, as required and authorized by HHS senior officials.
    5. Office of Enterprise Architecture (AMM4): The Office of 
Enterprise Architecture (OEA) is headed by the Director, Office of 
Enterprise Architecture who is also the HHS Chief

[[Page 42323]]

Enterprise Architect and supports all planning and enterprise programs 
that fall under the Office of the Chief Information Officer. The Office 
of Enterprise Architecture is responsible for:
    a. Working with OPDIV Chief Information Officers (CIOs) to support 
Government-wide initiatives of the Federal CIO Council and to identify 
opportunities for participation and consultation in information 
technology projects with major effects on OPDIV program performance.
    b. Providing leadership in the planning, design, and evaluation of 
major Departmental projects and oversight throughout project rollout 
and perform post implementation performance assessments.
    c. Assessing risks that major information systems pose to 
performance of program operations and administrative business 
throughout the Department, develops risk assessment policies and 
standard operating procedures and tools, and uses program outcome 
measures to gauge the quality of Departmental information resources 
management.
    d. Coordinating the Department's strategic planning, capital 
planning and investment control (CPIC), budgeting and performance 
management processes for information technology, and provides direct 
planning development and support to assure that IRM plans support 
agency business planning and mission accomplishment.
    e. Coordinating the activities of the Departmental Information 
Technology Investment Review Board (ITIRB) in assessing and 
prioritizing the Department's major information systems, and in 
analyzing and evaluating IT investment decisions. Reviews OPDIV ITIRB 
implementations, IT capital funding decisions, and use of performance 
metrics to evaluate program for both initial and continued funding.
    f. Coordinating and supports the Department's Chief Information 
Officer's Advisory Council, whose membership consists of the chief 
Information Officers from each OPDIV.
    g. Representing the Department through participation on interagency 
and Departmental work groups and task forces, as appropriate.
    h. Working with OPDIV Chief Information Officers to identify 
opportunities for administering information management functions and 
telecommunications initiatives with major effects on OPDIV performance. 
OEA provides leadership primarily in defining alternatives for 
acquisition of telecommunications services and coordinating 
implementation of information management initiatives in conjunction 
with the Chief Technology Officer and the Department Architect.
    i. Providing support for special priority initiatives identified by 
the CIO.
    j. Developing, implementing and administering the program to 
protect the information resources of the Department. This includes 
management and oversight of activities under the Federal Information 
Security Management Act (FISMA), IT critical infrastructure protection 
(CIP), and Department-wide security contracts and high level project 
management of OPDIV security programs, such as corrective action plans 
and security policies.
    k. Implementing and administering the HHS security program to 
protect the information resources of the Department in compliance with 
legislation, Executive Orders, directives of the OMB, or other mandated 
requirements (e.g., the Clinger-Cohen Act, Presidential Decision 
Directive 63, OMB Circular A-130), the National Security Agency, and 
other Federal agencies.
    l. Directing the development of and implementing cyber security 
policies and guidance for the Department, including requirements for 
employees and contractors who are responsible for systems of data, or 
for the acquisition, management, or use of information resources.
    m. Monitoring information system security program activities in the 
Department by reviewing OPDIV's and STAFFDIVs security plans for 
sensitive systems, recommending improvements, and evaluating safeguards 
to protect major information systems, or IT infrastructure.
    n. Responding to requests in conjunction with OMB Circular A-130, 
the Computer Security Act of 1987, and Presidential Decision Directive 
63, or other legislative or mandated requirements related to IT 
security or privacy.
    o. Monitoring all Departmental systems development and operations 
for security and privacy compliance and providing advice and guidance 
to ensure compliance standards are included throughout system life 
cycle development.
    p. Reviewing Departmental ITIRB and CIO Council business cases (as 
well as OMB circular A-11 requirements) for assurance of security and 
privacy compliance.
    q. Recommending to the CIO to grant or deny programs the authority 
to operate information systems, based on security compliance.
    r. Establishing and leading inter-OPDIV teams to conduct reviews to 
protect HHS cyber and personnel security programs and conduct 
vulnerability assessments of HHS critical assets. This includes regular 
certification of existing systems as well as newly implemented systems.
    s. Reviewing the Department's information resources for fraud, 
waste, and abuse to avoid having redundant resources, in conformance 
with the Clinger-Cohen Act.
    t. Developing, implementing, and evaluating an employee cyber 
security awareness and training program to meet the requirements as 
mandated by OMB Circular A-130 and the Computer Security Act.
    u. Establishing and providing leadership to the Subcommittee of the 
HHS CIO Council on Security.
    v. Establishing and leading the HHS Computer Security Incident 
Response Capability team, the Department's overall cyber security 
incident response/coordination center and primary point of contact for 
Federal Computer Incident Response Capability (FedCIRC) and National 
Infrastructure Protection Center (NIPC).
    5. The Office of Enterprise Project Management (AMM5): The Office 
of Enterprise Project Management (OEPM) is headed by the Director, 
Office of Enterprise Project Management who is also the HHS Chief 
Technology Officer and supports the design, development, configuration, 
integration and implementation of all HHS enterprise information 
technology projects that fall under the Office of the Chief Information 
Officer. The Office of Enterprise Project Management (OEPM) is 
responsible for:
    a. Advising the HHS CIO on all matters of technology implementation 
across HHS.
    b. Providing IT project management and oversight for all major IT 
projects that have enterprise importance.
    c. Managing the design, development, configuration, implementation 
and testing of major enterprise projects prior to their insertion into 
service.
    d. Development and management of technical IT contracts in support 
of major enterprise projects.
    e. Coordinating the HHS participation in, and the technical 
implementation of, all Presidents Management Agenda (PMA) E-Government 
initiatives.
    f. Collaboration with the HHS Chief Enterprise Architect to 
evaluate technical proposals for IT projects to ensure the most 
beneficial technical alternative is chosen for HHS.
    g. Representing HHS in all technical forums.

[[Page 42324]]

    IV. Continuation of Policy: Except as inconsistent with this 
reorganization, all statements of policy and interpretations with 
respect to the Office of Information and Resources Management 
heretofore issued and in effect prior to this reorganization are 
continued in full force and effect with respect to the Office of the 
Chief Information Officer.
    V. Delegation of Authority: All delegations and redelegations of 
authority previously made to officials and employees of the Office of 
Information Resources Management will continue in them or their 
successors pending further redelegation, provided they are consistent 
with this reorganization.
    V. Funds, Personnel, and Equipment: Transfer of organizations and 
functions affected by this reorganization shall be accompanied by 
direct and support funds, positions, personnel, records, equipment, 
supplies, and other sources.

    Dated: July 18, 2005.
Joe W. Ellis,
Assistant Secretary for Administration and Management.
[FR Doc. 05-14506 Filed 7-21-05; 8:45 am]
BILLING CODE 4150-24-M