Federal CIO, Act III
- By Diane Frank
- Aug 07, 2000
Recognizing that management of federal information technology is an issue
that will last well beyond the imminent end of the 106th Congress, Rep.
Tom Davis (R-Va.) last month introduced a bill that would coordinate almost
every aspect of federal IT, from paperwork reduction to information security.
The Federal Information Policy Act is a comprehensive look at IT policy
creation, implementation and enforcement within agencies. The legislation
would coordinate those functions in a new Office of Information Policy that
would work directly with the president and the Office of Management and
This kind of coordination may be what the federal government needs,
but the bill tackles so many issues that many observers agree that it will
not pass before this Congress ends and a new president is elected.
"There's not much time left in the session to debate something like
this," said Bill Piatt, chief information officer at the General Services
Administration. "It just covers so many topics and problems that need to
But it was because of the number of issues involved that Davis wanted
to get the bill introduced this session, said Amy Heerink, Davis' legislative
director. Even if the bill dies when Congress ends in October and Davis
has to reintroduce it next year, it was worth it to him to propose something
to spur discussion about the bill's ideas, Heerink said.
"This issue is not going to go away, and we'll take it up again next
year," she said.
Pulling from a similar bill by Rep. Jim Turner (D-Texas), the act creates
a federal CIO to head the proposed Office of Information Policy. The federal
CIO would work closely with the director of OMB to influence IT budget decisions
and the CIO Council to develop governmentwide policies and initiatives.
"I am deeply concerned that current federal [information resources management]
policies are suffering from the lack of a focused, coordinating body," Davis
said when he introduced the bill.
The Clinger-Cohen Act of 1996 created the role of agency CIO, helping
to bring IT to the forefront of agency decision-making, but those decisions
should be made on a consistent, governmentwide basis, he said.
Regarding cybersecurity, Davis' plan supports the ideas in the Government
Information Security Act, which has been attached to the Defense authorization
bill and is in conference committee. The bill, sponsored by Sens. Fred Thompson
(R-Tenn.) and Joseph Lieberman (D-Conn.), creates an Office of Information
Security and Technical Protection within the Office of Information Policy.
The office's director would coordinate and enforce information security
policy, standards and practices under the federal CIO.
Most of these IT and information security management functions are already
carried out within OMB — mostly by the Office of Information and Regulatory
Affairs. But in creating a new office and federal CIO, Davis' bill splits
those responsibilities out of OIRA, leaving OIRA only responsible for paperwork
"With its many management responsibilities, OMB is simply unable to
devote the attention needed for effective [information resources management],"
Davis said. "A federal CIO will allow OIRA to concentrate and improve on
the critical function of paperwork reduction."
OMB, agencies and Congress do have a common goal to improve policy planning,
coordination and implementation, said John Spotila, director of OIRA. But
although the bill gives the federal CIO budget authority by encouraging
a partnership with OMB, that would not be as effective as OMB staying in
charge, he said. "[Davis] acknowledges that there is a need to work closely
together, but I'm not sure that it's the same...as giving OMB the direct
responsibility as part of its overall management coordination responsibility
to try and address this problem," he said. "I think as a starting point
we ought to think long and hard about the tremendous advantage that a senior
information policy official has by being part of OMB and working directly
with the director of OMB."