1.1.3 CIO Responsibilities - OMB Guidance
This section consists of language from OMB guidance that further demarcates, expands upon, or otherwise clarifies the responsibilities of agency CIOs with regards to IT leadership and accountability. See sections on OMB Memoranda and OMB Circulars for more information about these forms of OMB guidance. See sections on the Office of Inspector General (OIG) and the Government Accountability Office (GAO) to review how compliance with policies is measured.
Empowering Agency CIOs
IT solutions are most effective when they result from a strong partnership between program and mission officials and empowered CIOs. Program and mission officials are responsible for understanding customer needs and establishing business requirements. Agency CIOs must support mission programs by providing secure and effective commodity IT and business systems that take enterprise needs into account. Consistent with OMB Memorandum M-11-29, CIOs must be empowered by the agency head to drive operating efficiencies by having authority over IT governance, commodity IT systems, information security, and IT program management oversight. Agencies without an empowered CIO regularly lack a complete and accurate inventory of IT assets and services (including mission systems) across the enterprise. This lack of visibility reduces agencies’ capacity to consolidate redundant applications, promote modular development, use enterprise license agreements, and migrate to a service orientation.(OMB M-13-09. Fiscal Year 2013 PortfolioStat Guidance: Strengthening Federal IT Portfolio Management. March 2013.)
The CIO reports to the agency head (or deputy/[Chief Operating Officer (COO)]). As required by the Clinger Cohen Act and left in place by The Federal IT Acquisition and Reform Act (FITARA), the CIO “shall report directly to such agency head to carry out the responsibilities of the agency under this subchapter.” (OMB M-15-14. Management and Oversight of Federal Information Technology. June 2015, 44 U.S.C. §3506. US Federal Information Policy. Federal Agency Responsibilities.)
IT Investment Governance
FITARA creates clear responsibilities for agency CIOs related to IT investments and planning, as well as requiring that agency CIOs be involved in the IT acquisition process. OMB’s FITARA implementation guidance established a “common baseline” for roles, responsibilities, and authorities of the agency CIO and the roles of other applicable Senior Agency Officials in managing IT as a strategic resource.
Accordingly, agency heads must ensure that CIOs and Senior Agency Officials, including Chief Acquisition Officers (CAOs), are positioned with the responsibility and authority necessary to implement the requirements of this policy.