DOD issues directive to define CIO role

tech manager

The Defense Department on April 22 issued a new directive outlining the roles and responsibilities of the Pentagon's chief information officer, updating nearly decade-old governance to include some of DOD's most pressing concerns.

Perhaps most notable in DOD directive 5044.2 is the specific injection of cybersecurity, a phrase that does not appear in the directive's previous iteration, issued in 2005. In the interim there have been some updates – in particular, the disestablishment of the position of assistant secretary of defense (networks and information integration). The powers of ASD (NII) were officially transferred to the DOD CIO job under a January 2012 memo from Ashton Carter, deputy secretary of defense.

A DOD spokesman said the directive is just part of routine housekeeping, but the newly issued governance and its emphasis on cybersecurity, including collaboration and information-sharing, seems to represent an update in the priorities of the defense secretary's top adviser for all things IT.

The CIO "directs, manages and provides policy guidance and oversight of the DOD cybersecurity program, which includes responsibility for the Defense Information Assurance Program...and information security," the directive states.

The governance directs coordination on cybersecurity in a number of different ways, including participation in oversight groups dealing with cybersecurity, as well as specific orders to work with the commander of U.S. Cyber Command "on all matters under the commander’s purview related to the authorities, responsibilities, and functions assigned in this directive, including...requirements and capabilities for cyber operations, information network defense and monitoring, and cyberspace threats and domain requirements."

The evolution in coordination between DOD components – as well as roles and responsibilities that are similarly changing with the times – is something the DOD CIO herself, Teri Takai, addressed April 23 at an industry event in Arlington, Va.

"As we change the architecture, who in fact does cybersecurity, who does defense, who is able to see into networks – that is going to be evolving, and that has to do with what we're doing with CyberCom, how CyberCom operates with [the Defense Information Systems Agency], and how both of those organizations operate with the services and combatant commands," Takai said. "I say it's evolving because it's not something that we can set in stone today, because it's very much based on what infrastructure we have to operate in." Other new-era provisions in the directive include a measure to tackle the much-discussed shortage in cybersecurity professionals, an issue that was not mentioned in the 2005 directive.

Under the new directive, the DOD CIO "provides guidance and oversight with regard to the recruiting, retention, training and professional development of the DOD IT and cybersecurity workforce," the text notes. "The DOD CIO will assess the requirements for agency personnel regarding [information resources management] knowledge and skill and conduct formal training programs to educate agency program and management officials about IRM."

The directive also defines the government officials and other parties with which the CIO does and does not directly interface, another provision that did not appear in the 2005 measure.

According to the directive, the CIO is to "communicate with other executive branch officials, state and local officials, representatives of non-governmental organizations, members of the public and representatives of foreign governments, as appropriate, in carrying out assigned responsibilities and functions."

And while 2005's guidance described the CIO role as a DOD representative to the legislative branch, the new directive prescribes that "communications with representatives of the legislative branch must be conducted through the Assistant Secretary of Defense for Legislative Affairs or the [DOD comptroller], as appropriate, and be consistent with the DOD legislative program."

About the Author

Amber Corrin is a former staff writer for FCW and Defense Systems.


  • Telecommunications
    Stock photo ID: 658810513 By asharkyu

    GSA extends EIS deadline to 2023

    Agencies are getting up to three more years on existing telecom contracts before having to shift to the $50 billion Enterprise Infrastructure Solutions vehicle.

  • Workforce
    Shutterstock image ID: 569172169 By Zenzen

    OMB looks to retrain feds to fill cyber needs

    The federal government is taking steps to fill high-demand, skills-gap positions in tech by retraining employees already working within agencies without a cyber or IT background.

  • Acquisition
    GSA Headquarters (Photo by Rena Schild/Shutterstock)

    GSA to consolidate multiple award schedules

    The General Services Administration plans to consolidate dozens of its buying schedules across product areas including IT and services to reduce duplication.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.