[Federal Register Volume 76, Number 195 (Friday, October 7, 2011)]
[Notices]
[Pages 62420-62421]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2011-26007]


-----------------------------------------------------------------------

DEPARTMENT OF HEALTH AND HUMAN SERVICES

Health Resources and Services Administration


Statement of Organization, Functions and Delegations of Authority

    This notice amends Part R of the Statement of Organization, 
Functions and Delegations of Authority of the Department of Health and 
Human Services (HHS), Health Resources and Services Administration 
(HRSA) (60 FR 56605, as amended November 6, 1995; as last amended at 76 
FR 54236 dated August 31, 2011).
    This notice reflects organizational changes to the Health Resources 
and Services Administration. Specifically, this notice updates the 
Office of Information Technology (RB5) functional statement. The update 
to the functional statement will better align functional responsibility 
with improved security management capabilities and improved alignment 
of current security initiatives within the Office of Information 
Technology (RB5).

Chapter RB5--Office of Information Technology

Section RB5-10, Organization

    The Office of Information Technology (RB5) is headed by the 
Director and Chief Information Officer, who reports directly to the 
Chief Operating Officer.

Section RB5-20, Functions

    (1) Delete the functional statement for the Office of the Director 
(RB5) and replace in its entirety; and (2) delete the functional 
statement for the Division of IT Operational Support Services (RB58) 
and replace in its entirety.

Office of the Director (RB5)

    The Chief Information Officer (CIO) is responsible for the 
organization, management, and administrative functions necessary to 
carry out the responsibilities of the CIO including: (1) Provides 
organizational development, investment control, budget formulation and 
execution, policy development, strategic and tactical planning, and 
performance monitoring; (2) provides leadership in the development, 
review and implementation of policies and procedures to promote 
improved information technology management capabilities and best 
practices throughout HRSA; and (3) coordinates IT workforce issues and 
works closely with the departmental Office of Human Resources 
Management on IT recruitment and training issues.
    The Chief Information Security Officer (CISO), reporting to the 
CIO, provides leadership for, and collaborates with, Agency staff to 
oversee the implementation of security and privacy policy in the 
management of their IT systems, and plans all activities associated 
with Federal Information Security Management Act (FISMA) or other 
agency security and privacy initiatives, and also carries out the 
responsibilities including: (1) Implements, coordinates, and 
administers security and privacy programs to protect the information 
resources of HRSA in compliance with legislation, Executive Orders, 
directives of the Office of Management and Budget (OMB), or other 
mandated requirements e.g., Presidential Decision Directive 63,

[[Page 62421]]

OMB Circular A-130, the National Security Agency, the Privacy Act, and 
other Federal agencies; (2) executes the Agency's Risk Management 
Program, evaluates and assists with the implementation of safeguards to 
protect major information systems, and IT infrastructure; (3) manages 
the development, implementation, and evaluation of the HRSA information 
technology security and privacy training program to meet the 
requirements as mandated by OMB Circular A-130, the Computer Security 
Act, and Privacy Act; (4) assesses all new emerging technologies and 
impact on technology integration on HRSA missions and program 
objectives; (5) provides leadership for strategic planning that 
leverages information systems security, program strategies, and 
advanced technology integration to achieve program objectives through 
innovative technology use; (6) the HRSA Incident Response Center (HIRC) 
provides a centralized, responsive resource for computer security 
incident reporting, management, and situational awareness of the 
Department's information security posture; (7) provides services 
include computer security situational awareness reports, computer 
forensics, cyber-related advisories, as well as cyber alerts, warnings, 
and Block/Watch lists are utilized and disseminated; (8) the HIRC 
coordinates with other Agencies and organizations for computer security 
and maintains a lab where new products are tested to insure that HRSA 
is utilizing state of the art, cutting edge technologies to ensure the 
secure operation of the HRSA infrastructure; and (9) provides 
leadership for ongoing cyber protection and incident detection 
response, reporting, and handling in accordance with OMB and 
departmental guidance.

Division of IT Operational Support Services (RB58)

    The Division of IT Operational Support Services (ITOSS) (1) 
provides leadership, consultation, training, and management services 
for HRSA's enterprise computing environment; (2) directs and manages 
the support and acquisition of HRSA network and desktop hardware, 
servers, wireless communication devices, and software licenses; (3) is 
responsible for the HRSA Data Center and the operation and maintenance 
of a complex, high-availability network infrastructure on which 
mission-critical applications are made available 24 hours per day, 7 
days per week; (4) controls infrastructure configuration management, 
installations and upgrades, security perimeter protection, and system 
resource access; (5) coordinates IT activities for Continuity of 
Operations Planning (COOP) Agency-wide including provisioning and 
maintaining IT infrastructure and hardware at designated COOP locations 
to support emergency and COOP requirements; (6) maintains workstation 
hardware and software configuration management controls; (7) the Chief 
Technology Officer (CTO), reporting to the ITOSS Division Director is 
responsible for assessing emerging technologies and the subsequent 
impact on current infrastructure restraints and program objectives; (8) 
coordinates and engages with all OIT Divisions and Branches to insure 
that advanced technology is being utilized to achieve program 
objectives through innovative technology use; and (9) provides 
leadership and establishes policy and provides oversight for Agency IT 
configuration management.

Section RB5-30, Delegations of Authority

    All delegations of authority and re-delegations of authority made 
to HRSA officials that were in effect immediately prior to this 
reorganization, and that are consistent with this reorganization, shall 
continue in effect pending further re-delegation.
    This reorganization is effective upon date of signature.

    Dated: September 30, 2011.
Mary K. Wakefield,
Administrator.
[FR Doc. 2011-26007 Filed 10-6-11; 8:45 am]
BILLING CODE 4165-15-P