Circular A-11 to require more info on IPv6, security

The Office of Management and Budget updated Circular A-11 budget guidance July 2 and added 11 new questions for agency chief information officers to answer. A-11 details how Exhibit 53 documents and Section 300 information technology business cases need to be filled out for fiscal 2009 budget submissions. Agencies usually submit their budget requests to OMB by early September. “All IT investments must clearly demonstrate the investment is needed to help meet the agency’s strategic goals and mission,” OMB said in the document. “They should also support the President’s Management Agenda.” OMB added seven of the 11 new questions in the Exhibit 53 area. The White House wants agencies to show how much they are investing in IPv6 compared with their total IT budgets. Agencies must also figure out the amount spent on IT as part of the total budget for Homeland Security Presidential Directive 12. Agencies also must tell OMB whether their projects are on the Government Accountability Office’s high-risk list and if there has been a data breach reported to the Homeland Security Department’s U.S. Computer and Emergency Response Team involving any of the systems detailed in Exhibit 53. Under Section 300, A-11 now asks agencies to describe whether the project directly supports one of GAO’s high-risk areas. Agencies also must indicate the contracting officer’s highest level of certification — either defense or civilian. This comes from a January Office of Federal Procurement Policy memo detailing these requirements. OMB also now wants agencies to answer security and privacy questions for each system. “OMB uses the Exhibit 300 to make…quantitative decisions about budgetary resources consistent with the administration’s program priorities,” the document states.