[Top] [Bottom] [Previous] [Next] [TOC]

Appendix K


The Clinger-Cohen Act of 1996 (formerly the Information Technology Management Reform Act (ITMRA) of 1996) is being implemented throughout the Department of Defense. Section 5123 of ITMRA requires that the Department establish goals for improving the efficiency and effectiveness of agency operations through the use of information technology (IT) and prepare an annual report, to be included in the agencyís budget submission to Congress, on the progress in achieving the goals. This is the Departmentís second Section 5123 annual report.


The DoD Chief Information Officer (CIO) has published a DoD Information Technology Management Strategic Plan (DoD ITM Strategic Plan). This plan focuses on information superiority achieved through global, affordable, and timely access to reliable and secure information for worldwide decision making and operations. To realize this vision, the Department has established the goals described in Table K-1.

Table K-1


  • Goal 1 - Become a mission partner:
  • Increase and promote information technology interaction with mission.
  • Serve mission information users as customers.
  • Facilitate process improvement.

Goal 2 - Provide services that satisfy customer information needs:

  • Build architecture and performance infrastructure.
  • Modernize and integrate defense information infrastructure.
  • Upgrade technology base.
  • Improve information technology management tools.

Goal 3 - Reform information technology management processes to increase efficiency and mission contribution:

  • Institutionalize ITMRA provisions.
  • Institute fundamental information technology management reform efforts.
  • Upgrade DoD information technology work force.

Goal 4 - Ensure DoDís vital information resources are secure and protected:

  • Build information assurance framework.
  • Build information assurance architecture and support services.
  • Improve acquisition processes and regulations.
  • Assess information assurance posture of DoD operational systems.



Goal 1 - Become a mission partner:

The Department established the DoD CIO Council as its executive management body for information technology. The Department is strengthening the DoD CIO Council by creating a working level council to develop draft policies and veteran issues for resolution. This tiered structure will enable broad participation, decision making, and a stronger defense for information technology resource requirements.

The Department is integrating information technology management strategic planning into the DoD Planning, Programming, and Budgeting System (PPBS). The DoD ITM Strategic Plan was used as a guide for information technology planning in the Departmentís high level planning guidance. DoD components have used the DoD ITM Strategic Plan and planning process to help structure their CIO organizations. The plan is being revised to better link to the Report of the Quadrennial Defense Review, the Defense Reform Initiative, and Joint Vision 2010. Componentsí strategic plan proposals and concepts are also being used to update the DoD ITM Strategic Plan, making it a more effective tool for managing the Departmentís information technology resources.

On July 25, 1997, the DoD CIO approved the Information Technology Investment Management Insight Policy for Acquisition. The policy simplifies and streamlines the way that DoD components inform the DoD CIO about their major information technology acquisitions. In 1998, the DoD CIO reviewed 20 such notifications.

To further streamline the current IT acquisition policy, and institutionalize IT investment management for IT acquisitions, the DoD CIO is developing a capability-based risk-sharing methodology that can be used to decide the level of risk the CIO may share with the component CIOs.

DoD components are applying extraordinary efforts to meet the technical challenges related to Year 2000 compliance. The Department has assessed virtually all of its known systems and identified Year 2000 issues for corrective action. Renovation of systems is in process, and schedules have been developed for testing each system. Resources are identified and available for accomplishing these actions.

Goal 2 - Provide services that satisfy customer information needs:

The Department is taking several key initiatives to manage its worldwide information infrastructure as a coherent Global Networked Information Enterprise, to provide forces with affordable information dominance, anywhere and any time. These initiatives include the increased exchange of information across the enterprise through the use of enterprise data exchange tools, which facilitate the sharing of data elements among todayís disparate applications.

The DoD CIO is exploring ways to reduce the total cost of ownership for software by collaborating across DoD in an Enterprise Software Initiative. DoD components have decided to leverage their buying power by negotiating DoD-wide agreements for software. They are also creating a DoD business process for estimating software requirements, agreeing on common terms and conditions, electronic software shopping and distribution, software funding, and tracking and managing software.

The Department conducted an information technology investment process pilot study for the Departmentís CIO using the Office of the Assistant Secretary of Defense for Health Affairs as the subject. The study concluded that the office has effective management and oversight structures that ensure extensive involvement by the functional community and the Health Affairs CIO. A key success factor is that Health Affairs has a consolidated tri-Service (Army, Navy, Air Force) program that allows prioritization of investments across the entire Departmental enterprise. Continual program evaluation, monitoring, and problem resolution within Health Affairs result in an effective investment program that reflects the priorities of the health affairs community.

Goal 3 - Reform information technology management processes to increase efficiency and mission contribution:

In July 1998, the Deputy Secretary disestablished the Major Automated Information System Review Council (MAISRC). The MAISRC was DoDís primary body for overseeing major automated information systems (AISs) and other IT investments. DoD will continue to oversee major AISs and other IT investments through the IT Overarching Integrated Product Team and, when necessary, special reviews by the DoD CIO. The focus of IT investment oversight will evolve over the next year to place greater emphasis on the planning phase, on portfolios of investments, and on evaluating performance outcomes.

Section 5122 requires an integrated information technology Capital Planning and Investment Control Process. The Department uses the PPBS, in conjunction with its requirements and acquisition processes, to ensure that the correct information technology investments are selected. Over the past year, changes have been made in the PPBS to ensure full participation of the DoD CIO in the decision making process and to strengthen the linkages of information technology programs to the missions they support. The DoD CIO has become a member of the Defense Resource Board, thus ensuring that the CIO position is heard on all budget deliberations.

DoD has been instrumental in the adoption of a new Information Technology Budget reporting exhibit by the Federal CIO Council and the Office of Management and Budget. The new exhibit will explicitly tie information technology systems to the mission they support and provide performance measures, as well as progress toward those measures, for major information technology systems.

The DoD CIO has made information technology management literacy a primary goal within the Department by developing Clinger-Cohen competencies that depict skill requirements and knowledge required by CIOs and information resource management personnel. The competencies have been adopted government-wide by the Federal CIO Council as desired skill requirements of senior managers. DoD led the government-wide effort to update the competencies in 1998.

The Department continued to sponsor CIO Executive training sessions for CIOs, Deputy CIOs, and senior managers with CIO responsibilities. Four sessions were held in 1998 and four sessions are planned for 1999. In addition, during 1998 two CIO Certificate Web-based courses were established to reach a broader audience.

Under the auspices of acquisition reform, a live satellite broadcast on the Clinger-Cohen Act was held in June 1998 and questions were fielded from the DoD community regarding the new laws, regulations, and implementation guidance. A video training tape on the Clinger-Cohen Act and its implementation in the Department was also developed for use by DoD schools and personnel.

Goal 4 - Ensure DoDís vital information resources are secure and protected:

To respond to Presidential Decision Directive 63, Critical Infrastructure Protection, May 1998, and to formulate an integrated, comprehensive defense-wide critical infrastructure protection program, the Department:

∑∑ Assigned the DoD CIO as the Departmentís Chief Infrastructure Assurance Officer.

∑∑ Submitted a DoD-wide critical infrastructure protection plan to the National Coordinator in November 1998, with the goal of implementing the plan within two years.

Information assurance is a critical component of the Departmentís operational readiness because it assures that Defense Information Infrastructure systems and networks stand ready to provide continuous and dependable service. The Department took major steps in 1998 to improve its information assurance posture:

∑∑ In January 1998, the Deputy Secretary of Defense established the defense-wide Information Assurance Program to provide for the planning, coordination, integration, and oversight of the Departmentís information assurance activities and resources.

∑∑ The Department initiated a defense-wide action to baseline the information assurance and information technology skills and resources within the Department, determine future requirements, and address personnel training, certification, and retention issues.

The Department instituted a positive control process to ensure that information concerning information system vulnerabilities are appropriately disseminated and countermeasures are implemented.


While the Department made progress in 1998, it has yet to fully institutionalize all of the mandates of the Clinger-Cohen Act of 1996. The aggressive DoD CIO agenda for 1999 will do much to ameliorate this condition by:

Addressing known Year 2000 and information assurance deficiencies.

Reorienting the DoD CIO Council from an information gathering to a decision making body.

Promoting Capital Planning for information technology.

Pursuing cross-component reviews of information technology investment portfolios in lieu of system by system oversight

Evaluating Value Chain Analysis for its utility in end-to-end function and information technology portfolio reviews.

Utilizing mission outcome based performance measurements as the cornerstone for information technology performance assessments.

With the accomplishment of these steps, the Department will achieve the intent of the Clinger-Cohen Act of 1996.

[Top] [Bottom] [Previous] [Next] [TOC]