[Top] [Bottom] [Previous] [Next] [Table of Contents]

Appendix J


The Clinger–Cohen Act of 1996 is being implemented throughout the Department of Defense. Section 5123 of the Clinger–Cohen Act requires that the Department establish goals for improving the efficiency and effectiveness of agency operations through the use of information technology (IT) and prepare an annual report, to be included in the budget submission to Congress, on the progress in achieving the goals. This is the Department’s third Section 5123 annual report.


The DoD Chief Information Officer (CIO) has published a DoD Information Management (IM) Strategic Plan. This plan focuses on information superiority achieved through global, affordable, and timely access to reliable and secure information for worldwide decision making and operations. To realize this vision, the Department has established the goals described in Table J.

Table J


Goal 1 - Become a mission partner:

  • Identify mission needs and align IT.
  • Forge effective partnership relationships with customers.
  • Move toward an information marketplace.

  • Goal 2 - Provide services that satisfy customer information needs:

  • Build an infrastructure based on architectures and performance.
  • Ensure DoD systems meet the Year 2000 (Y2K) challenge.
  • Modernize and integrate the Defense Information Infrastructure, evolving it to the Global Information Grid.
  • Introduce new paradigms.
  • Improve IT management tools.

  • Goal 3 - Reform information technology management processes to increase efficiency and mission contribution:

  • Institutionalize Clinger–Cohen Act provisions.
  • Institute fundamental IT management reform efforts.
  • Promote the development of an IT management knowledge–based workforce within DoD.
  • Provide the IM/IT support required to ensure individuals with disabilities have equal access to the information
    environments and opportunities in DoD.

  • Goal 4 - Ensure DoD’s vital information resources are secure and protected:

  • Make Information Assurance (IA) an integral part of DoD mission readiness criteria.
  • Enhance DoD personnel IA awareness and capabilities.
  • Enhance DoD IA operational capabilities.
  • Establish an integrated DoD security management infrastructure.


    Goal 1 - Become a mission partner

    A DoD CIO Executive Board has been established as the principal DoD forum to advise the Secretary and Deputy Secretary of Defense, through the DoD CIO, on the full range of matters pertaining to Subdivision E of the Clinger–Cohen Act; coordinate implementation of activities under Clinger–Cohen Act; exchange pertinent information and discuss issues regarding the Global Information Grid (GIG); and coordinate with the Intelligence Community CIO Executive Council on matters of mutual interest.

    On July 25, 1997, the DoD CIO approved the Information Technology Investment Management Insight Policy for Acquisition. The policy simplifies and streamlines the way that DoD components inform the DoD CIO about their major information technology acquisitions. In 1999, the DoD CIO reviewed 12 such notifications.

    Goal 2 - Provide services that satisfy
    customer information needs

    All DoD mission critical systems will be Y2K compliant by December 1999 as well over 99.9 percent of non–mission critical systems. In support of Y2K remediation, DoD conducted the largest IT operational evaluation and testing program in its history; developed systems and operational contingency plans; and formulated key policies on consequence management, configuration management, connection to the Internet, and community conversations.

    A GIG concept was formulated to enable Full Spectrum Dominance for Joint Vision 2010 and beyond. The GIG envisions a baseline capability integrating all DoD command, control, communications, computers, intelligence, surveillance, and reconnaissance require–ments—strategic, operational, tactical, and base/post/ camp/station/ship—providing flexible, assured band– width to warfighters regardless of environment. The GIG encompasses IT and National Security Systems as defined in Public Law 104–106.

    The Defense Management Council approved the overall smart card adoption and implementation policy concept on September 24, 1999, and directed all DoD components to take actions necessary to implement the use of a standard DoD smart card. This card, which will become the Department’s common access card, will embrace the functions of personnel identification (ID), physical security access, and computer network access. The common access card will be the standard ID card for military personnel (to include the Selected Reserve) and DoD civilian employees.

    Goal 3 - Reform information technology management processes to increase efficiency and mission contribution

    The DoD CIO became a member of the Defense Acquisition Board, thus ensuring that the CIO position is heard on all acquisition deliberations.

    Recent statutory requirements, including the Clinger– Cohen Act, mandated that DoD implement a process whereby IT investments were managed and evaluated based on specific, measurable contributions to DoD mission goals and priorities. To achieve this, the Department is developing the Portfolio Management and Oversight (PM&O) process. Under PM&O, investments will be grouped by mission capability to establish portfolios; trade–offs among investments will be made to the optimum benefit of the mission; and benefits will be measured and evaluated in the context of their contribution to the overall success of the mission.

    The ongoing Enterprise Software Initiative (ESI) is a project that is saving money on DoD common–use, commercial–off–the–shelf software by creating DoD– wide Enterprise Software Agreements. ESI is realizing savings, from 28 percent to 98 percent off General Services Administration pricing, as a result of innovative process changes.

    Goal 4 - Ensure DoD’s vital information resources are secure and protected

    Through a Web security initiative, a higher level of scrutiny was applied to the type of information being posted to DoD Web sites.

    Disparate computer forensics labs were integrated into the Defense Computer Forensics Laboratory, and a training facility was established to develop the skills needed in the future to investigate computer intrusions.

    The Department formulated its policy on Public Key Infrastructure and established an office to guide the Department’s efforts to dramatically improve the integrity and security of information processes.

    In support of Critical Infrastructure (PDD–63) and DoD critical asset protection, the Department completed its portion of the National Plan for Information Systems Protection.

    DoD established the Joint Counterintelligence Evaluation Office to ensure that the senior DoD leadership is informed, in a timely manner, of significant counterintelligence investigative activity. Significant activity includes foreign intelligence threats to DoD critical technologies, information infrastructure, U.S. military operations, and personnel.

    In response to increasing cyber attacks, DoD:

    · Increased DoD awareness by establishing a 24–hour watch.

    · Identified and patched systems at risk.

    · Installed Intrusion Detection Systems on key nodes.

    · Increased the number of Emergency Response Teams for triage and repair.

    · Developed contingency plans for degradation/loss of network.

    · Improved its ability to analyze data and assess attacks.

    · Conducted red team exercises to improve operational readiness and continued improvements to the red team methodology.


    By aggressively pursuing a well–articulated set of DoD CIO priorities, DoD has:

    · Addressed known Y2K deficiencies.

    · Reoriented the DoD CIO Council from an information–gathering group to a decision making forum—the DoD CIO Executive Board.

    · Established the Global Information Grid.

    · Initiated the Portfolio Management and Oversight process.

    With the accomplishment of these steps, the Department has achieved the intent of the Clinger–Cohen Act of 1996.

    [Top] [Bottom] [Previous] [Next] [Table of Contents]