DOD issues directive to define CIO role

tech manager

The Defense Department on April 22 issued a new directive outlining the roles and responsibilities of the Pentagon's chief information officer, updating nearly decade-old governance to include some of DOD's most pressing concerns.

Perhaps most notable in DOD directive 5044.2 is the specific injection of cybersecurity, a phrase that does not appear in the directive's previous iteration, issued in 2005. In the interim there have been some updates – in particular, the disestablishment of the position of assistant secretary of defense (networks and information integration). The powers of ASD (NII) were officially transferred to the DOD CIO job under a January 2012 memo from Ashton Carter, deputy secretary of defense.

A DOD spokesman said the directive is just part of routine housekeeping, but the newly issued governance and its emphasis on cybersecurity, including collaboration and information-sharing, seems to represent an update in the priorities of the defense secretary's top adviser for all things IT.

The CIO "directs, manages and provides policy guidance and oversight of the DOD cybersecurity program, which includes responsibility for the Defense Information Assurance Program...and information security," the directive states.

The governance directs coordination on cybersecurity in a number of different ways, including participation in oversight groups dealing with cybersecurity, as well as specific orders to work with the commander of U.S. Cyber Command "on all matters under the commander’s purview related to the authorities, responsibilities, and functions assigned in this directive, including...requirements and capabilities for cyber operations, information network defense and monitoring, and cyberspace threats and domain requirements."

The evolution in coordination between DOD components – as well as roles and responsibilities that are similarly changing with the times – is something the DOD CIO herself, Teri Takai, addressed April 23 at an industry event in Arlington, Va.

"As we change the architecture, who in fact does cybersecurity, who does defense, who is able to see into networks – that is going to be evolving, and that has to do with what we're doing with CyberCom, how CyberCom operates with [the Defense Information Systems Agency], and how both of those organizations operate with the services and combatant commands," Takai said. "I say it's evolving because it's not something that we can set in stone today, because it's very much based on what infrastructure we have to operate in." Other new-era provisions in the directive include a measure to tackle the much-discussed shortage in cybersecurity professionals, an issue that was not mentioned in the 2005 directive.

Under the new directive, the DOD CIO "provides guidance and oversight with regard to the recruiting, retention, training and professional development of the DOD IT and cybersecurity workforce," the text notes. "The DOD CIO will assess the requirements for agency personnel regarding [information resources management] knowledge and skill and conduct formal training programs to educate agency program and management officials about IRM."

The directive also defines the government officials and other parties with which the CIO does and does not directly interface, another provision that did not appear in the 2005 measure.

According to the directive, the CIO is to "communicate with other executive branch officials, state and local officials, representatives of non-governmental organizations, members of the public and representatives of foreign governments, as appropriate, in carrying out assigned responsibilities and functions."

And while 2005's guidance described the CIO role as a DOD representative to the legislative branch, the new directive prescribes that "communications with representatives of the legislative branch must be conducted through the Assistant Secretary of Defense for Legislative Affairs or the [DOD comptroller], as appropriate, and be consistent with the DOD legislative program."

About the Author

Amber Corrin is a former staff writer for FCW and Defense Systems.

The Fed 100

Save the date for 28th annual Federal 100 Awards Gala.


  • Social network, census

    5 predictions for federal IT in 2017

    As the Trump team takes control, here's what the tech community can expect.

  • Rep. Gerald Connolly

    Connolly warns on workforce changes

    The ranking member of the House Oversight Committee's Government Operations panel warns that Congress will look to legislate changes to the federal workforce.

  • President Donald J. Trump delivers his inaugural address

    How will Trump lead on tech?

    The businessman turned reality star turned U.S. president clearly has mastered Twitter, but what will his administration mean for broader technology issues?

  • Login.gov moving ahead

    The bid to establish a single login for accessing government services is moving again on the last full day of the Obama presidency.

  • Shutterstock image (by Jirsak): customer care, relationship management, and leadership concept.

    Obama wraps up security clearance reforms

    In a last-minute executive order, President Obama institutes structural reforms to the security clearance process designed to create a more unified system across government agencies.

  • Shutterstock image: breached lock.

    What cyber can learn from counterterrorism

    The U.S. has to look at its experience in developing post-9/11 counterterrorism policies to inform efforts to formalize cybersecurity policies, says a senior official.

Reader comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group