Federal CIO, Act III

Recognizing that management of federal information technology is an issue

that will last well beyond the imminent end of the 106th Congress, Rep.

Tom Davis (R-Va.) last month introduced a bill that would coordinate almost

every aspect of federal IT, from paperwork reduction to information security.

The Federal Information Policy Act is a comprehensive look at IT policy

creation, implementation and enforcement within agencies. The legislation

would coordinate those functions in a new Office of Information Policy that

would work directly with the president and the Office of Management and

Budget.

This kind of coordination may be what the federal government needs,

but the bill tackles so many issues that many observers agree that it will

not pass before this Congress ends and a new president is elected.

"There's not much time left in the session to debate something like

this," said Bill Piatt, chief information officer at the General Services

Administration. "It just covers so many topics and problems that need to

be addressed."

But it was because of the number of issues involved that Davis wanted

to get the bill introduced this session, said Amy Heerink, Davis' legislative

director. Even if the bill dies when Congress ends in October and Davis

has to reintroduce it next year, it was worth it to him to propose something

to spur discussion about the bill's ideas, Heerink said.

"This issue is not going to go away, and we'll take it up again next

year," she said.

Pulling from a similar bill by Rep. Jim Turner (D-Texas), the act creates

a federal CIO to head the proposed Office of Information Policy. The federal

CIO would work closely with the director of OMB to influence IT budget decisions

and the CIO Council to develop governmentwide policies and initiatives.

"I am deeply concerned that current federal [information resources management]

policies are suffering from the lack of a focused, coordinating body," Davis

said when he introduced the bill.

The Clinger-Cohen Act of 1996 created the role of agency CIO, helping

to bring IT to the forefront of agency decision-making, but those decisions

should be made on a consistent, governmentwide basis, he said.

Regarding cybersecurity, Davis' plan supports the ideas in the Government

Information Security Act, which has been attached to the Defense authorization

bill and is in conference committee. The bill, sponsored by Sens. Fred Thompson

(R-Tenn.) and Joseph Lieberman (D-Conn.), creates an Office of Information

Security and Technical Protection within the Office of Information Policy.

The office's director would coordinate and enforce information security

policy, standards and practices under the federal CIO.

Most of these IT and information security management functions are already

carried out within OMB — mostly by the Office of Information and Regulatory

Affairs. But in creating a new office and federal CIO, Davis' bill splits

those responsibilities out of OIRA, leaving OIRA only responsible for paperwork

reduction initiatives.

"With its many management responsibilities, OMB is simply unable to

devote the attention needed for effective [information resources management],"

Davis said. "A federal CIO will allow OIRA to concentrate and improve on

the critical function of paperwork reduction."

OMB, agencies and Congress do have a common goal to improve policy planning,

coordination and implementation, said John Spotila, director of OIRA. But

although the bill gives the federal CIO budget authority by encouraging

a partnership with OMB, that would not be as effective as OMB staying in

charge, he said. "[Davis] acknowledges that there is a need to work closely

together, but I'm not sure that it's the same...as giving OMB the direct

responsibility as part of its overall management coordination responsibility

to try and address this problem," he said. "I think as a starting point

we ought to think long and hard about the tremendous advantage that a senior

information policy official has by being part of OMB and working directly

with the director of OMB."