Nature of the beast

Nature of the beast

The more you know about the monster, the better your chances of victory.

GISRA

The Government Information Security Reform Act of 2000 requires agencies to assess the security of classified and nonclassified systems and to include risk assessment and security needs with each agency budget request. The act, an amendment to the Government Paperwork Reduction Act of 1995, also reinforces computer security policies set forth in the Computer Security Act of 1987 and the Clinger-Cohen Act of 1996. GISRA is due to expire in November. Rep. Tom Davis (R-Va.) has introduced a bill to reauthorize it as a permanent law that sets mandatory security standards.

Deadlines: Assessments due with every budget request.

Obstacles: It's a new twist'agencies historically have not considered security in long-range plans; assessments are difficult to do right.

Resources: OMB memo, Reporting Instructions for the Government Information Security Reform Act, June 22, 2001, available at www.whitehouse.gov/omb/memoranda/m01-24.pdf.

Clinger-Cohen Act

Formerly known as the Information Technology Management Reform Act in 1996, Clinger-Cohen defined the role of agency CIOs, chartered the CIO Council and streamlined acquisition, but also requires agencies to tie IT investments to agency accomplishments and establish integrated systems architectures.

Deadlines: No deadlines set by the act.

Obstacles: Difficulty of building interoperable systems on a large scale; the need for commitment from the top; no model for accomplishing the goals. Act also provided no funds.

Resources: Guidance includes OMB Circulars A-11, Planning, Budgeting, Acquisition of Capital Assets, Strategic Plans, Performance Plans; A-76, Performance of Commercial Activities (Outsourcing); A-94, Guidelines and Discount Rates for Benefit-Cost Analysis of Federal Programs; A-130, Management of Federal Information Resources.

Further guidance available from GSA at www.itpolicy.gsa.gov.

GPEA

Under the Government Paperwork Elimination Act, agencies must let people or organizations submit information or conduct transactions electronically, when practicable, and to maintain records electronically, when practicable. It sanctions the use of electronic signatures and allows the use of a variety of formats.

Deadline: October 2003

Obstacles: Extent of the task and shortness of the deadline is daunting; agencies are uncertain what to do with their electronic documents.

Resources: The Office of Management and Budget's Circular A-130. Presidential Decision Directive 63 of 1998 outlines goals for a secure infrastructure. OMB provides guidance at www.whitehouse.gov/omb/fedreg/gpea2.html.

The National Institute of Standards and Technology also provides guidance on risk analysis at csrc.nist.gov/nistpubs.

The National Archives and Records Administration's guidance on records management can be found at www.nara.gov/records/policy/gpea.html#1^0.

GPRA

The Government Performance and Results Act requires agencies to set standards for measuring their performance. Enacted in 1993 but put into effect in 1997, the law incorporated program results into the agency budgeting process and requires annual performance reports be made to Congress. It required agencies to develop multiyear strategic plans, annual performance plans, and annual performance reports. The President's Management Agenda, issued last fall, reinforces performance goals and emphasizes competitive sourcing.

Deadlines: Annual performance plans and reports.

Obstacles: Cost of implementing long-range plans, cultural resistance, inability to fully identify and report costs of activities.

Resources: OMB Circular A-11, Part 3. OMB guidance to GPRA and the President's Management Agenda is at www.whitehouse.gov/omb/mgmt-gpra/.

FAIR Act

The Federal Activities Inventory Reform Act, signed into law in October 1998, requires agencies to compile inventories of jobs that are not inherently governmental, and so could be outsourced.

Obstacles: Inventories have no standard form and haven't been able to define how many of these jobs are IT-related; the results of some inventories have been challenged.

Deadlines: The administration wants to open to private-sector competition 5 percent of jobs in this category this year, and 10 percent next year.

Resources: OMB Circular A-76; OMB guidance to department and agency heads is at www.whitehouse.gov/omb/circulars/a076/
fair2000guide.html
.

Small Business Act

The act requires agencies to give small businesses the opportunity to get government contracts. The Small Business Administration seeks to ensure goals of 23 percent of prime contracts for small businesses; 5 percent of prime and subcontracts for small disadvantaged businesses; 5 percent of prime and subcontracts for women-owned small businesses; 2.5 percent of HUBZone contracts for FY2002 and 3 percent for FY2003 and each year thereafter; 3 percent of prime and subcontracts for service-disabled veteran-owned small businesses.

Deadlines: Yearly compliance with goals.

Obstacles: Mission vs. compliance debate, possible bias toward large-business vendors skimming from procurment reform.

Resources: The act is available at the SBA online library, at www.sba.gov/library/lawroom.html. OFPP offers guidance at www.arnet.gov/Library/OFPP/PolicyLetters.

Section 508

Section 508 of the Rehabilitation Act Amendments of 1998 requires agencies to allow access to electronic information and IT by people with disabilities. It includes Web site navigation and workplace accommodations. Regulations incorporated into the Federal Acquisition Regulation require that all IT purchases of over $2,500 comply with Section 508. Purchases under $2,500 must meet accessibility standards by next year. The rules don't apply to commercial enterprises, but states receiving funds under the Technology Related Assistance for Individuals With Disabilities Act must comply.

Deadlines: No ironclad dates for compliance, except on procurement'purchases over $2,500 were to meet standards by last June; those under $2,500 by Jan. 1, 2003.

Obstacles: High cost of governmentwide compliance; possible contract disputes with vendors over liability.

Resources: Standards issued by the Access Board in December 2000, CFR Part 1194, available at www.access-board.gov; the FAR amendment, available at www.section508.gov.

Telecommuting

The Transportation Appropriations Act of 2000 instructed agencies to offer telecommuting options to 25 percent of eligible employees by last April and add 25 percent a year until all eligible employees have the option. Last October, an Office of Personnel Management study found that only 2.6 percent of employees governmentwide were telecommuting'but that represented an increase in telecommuters of nearly 40 percent over six months.

Deadlines: April 2004 for full compliance.

Obstacles: Manager resistance, security, costs of implementation, employee reluctance to being 'out of the loop.'

Resources: A Web site at www.telework.gov, operated jointly by OPM and GSA, is a portal to telework information.

inside gcn

  • abstract view of data (agsandrew/Shutterstock.com)

    Can quantum computing prevent an encryption meltdown?

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group