The Information Technology Management Reform Act of 1996 is a United States federal law, designed to improve the way the federal government acquires, uses and disposes information technology (IT). It was passed as Division E of the National Defense Authorization Act for Fiscal Year 1996 (S. 1124; Pub. L. 104–106 (text) (PDF)). Together with the Federal Acquisition Reform Act of 1996, it is known as the Clinger–Cohen Act.[1]
The Clinger–Cohen Act supplements the information resources management policies by establishing a comprehensive approach for executive agencies to improve the acquisition and management of their information resources, by:[2]
- focusing information resource planning to support their strategic missions;
- implementing a capital planning and investment control process that links to budget formulation and execution; and
- rethinking and restructuring the way they do their work before investing in information systems.
The Act directed the development and maintenance of Information Technology Architectures (ITAs) by federal agencies to maximize the benefits of information technology (IT) within the Government. In subsequent guidance on implementing the Act, the Office of Management and Budget stipulated that agency ITA's "...should be consistent with Federal, agency, and bureau information architectures.."[3] In keeping with this mandate, in 1999 the US Federal CIO Council initiated the Federal Enterprise Architecture, essentially a federal-wide ITA that would "... develop, maintain, and facilitate the implementation of the top-level enterprise architecture for the Federal Enterprise." [4]
In February 1996, Congress enacted the Clinger–Cohen Act to reform and improve the way Federal agencies acquire and manage IT resources.[5] Central to implementing these reforms is the need to establish effective IT leadership within each agency. The law requires each agency head to establish clear accountability for IT management activities by appointing an agency chief information officer (CIO) with the visibility and management responsibilities necessary to carry out the specific provisions of the Act. The CIO plays a critical leadership role in driving reforms to:[5]
- help control system development risks;
- better manage technology spending; and
- succeed in achieving real, measurable improvements in agency performance.
The Act provides that the government information technology shop be operated as an efficient and profitable business would be operated. Acquisition, planning and management of technology must be treated as a "capital investment." While the law is complex, all consumers of hardware and software in the Department should be aware of the chief information officer's leadership in implementing this statute.[6]
The Act emphasizes an integrated framework of technology aimed at efficiently performing the business of the Department. Just as few businesses can turn a profit by allowing their employees to purchase anything they want to do any project they want, the Department also cannot operate efficiently with hardware and software systems purchased on an "impulse purchase" basis and installed without an overall plan. All facets of capital planning are taken into consideration just as they would be in private industry.[6]
The Act assigns the Director of the Office of Management and Budget (OMB) responsibility for improving the acquisition, use, and disposal of information technology by the federal government. The Director should aim to improve the productivity, efficiency, and effectiveness of federal programs, including through dissemination of public information and the reduction of information collection burdens on the public. The Act supplements the information resources management (IRM) policies contained in the Paperwork Reduction Act (PRA) by establishing a comprehensive approach to improving the acquisition and management of agency information systems through work process redesign, and by linking planning and investment strategies to the budget process.[7]
The "Information Technology Management Reform Act" of 1996 was later renamed "Clinger-Cohen Act" for its co-sponsors, Rep. William Clinger, R-PA., and Senator William Cohen, R-ME.[8]
To provide agencies with guidance on implementing the Clinger–Cohen Act, the Office of Management and Budget (OMB) in April 2000 distributed an "OMB Circular A-130"[2] about the management of Federal Information Resources. This circular incorporated some other memoranda:[7]
- M–96–20, "Implementation of the Information Technology Management Reform Act of 1996"
- M–97–02, "Funding Information Systems Investments"
- M–97–16, "Information Technology Architecture",
as well as new material including;
- M-15-14 "Management and Oversight of Federal Information Technology"
National Defense Authorization Act for Fiscal Year 1996
This "Information Technology Management Reform Act" was part of the National Defense Authorization Act for Fiscal Year 1996, which is organized in five divisions:[9]
- (1) Division A — Department of Defense Authorizations.
- (2) Division B — Military Construction Authorizations.
- (3) Division C — Department of Energy National Security Authorizations and Other Authorizations.
- (4) Division D — Federal Acquisition Reform.
- (5) Division E — Information Technology Management
This public law was intended to authorize appropriations for fiscal year 1996 for military activities of the Department of Defense, for military construction, and for defense activities of the Department of Energy, to prescribe personnel strengths for such fiscal year for the Armed Forces, to reform acquisition laws and information technology management of the Federal Government, and for other purposes.
Definitions
In the Act, some terms have been explicitly defined:[9]
- Information technology
- The term Information Technology, with respect to an executive agency means any equipment or interconnected system or subsystem of equipment, that is used in the automatic acquisition, storage, manipulation, management, movement, control, display, switching, interchange, transmission, or reception of data or information by the executive agency. For purposes of the preceding sentence, equipment is used by an executive agency if the equipment is used by the executive agency directly or is used by a contractor under a contract with the executive agency which (i) requires the use of such equipment, or (ii) requires the use, to a significant extent, of such equipment in the performance of a service or the furnishing of a product.
- Information technology includes computers, ancillary equipment, software, firmware and similar procedures, services (including support services), and related resources. It does not include any equipment that is acquired by a Federal contractor incidental to a Federal contract.
- Information resources
- The term Information Resources means information and related resources, such as personnel, equipment, funds, and information technology.
- Information resources management
- The term Information Resources Management means the process of managing information resources to accomplish agency missions and to improve agency performance, including through the reduction of information collection burdens on the public.
- Information system
- The term information system means a discrete set of information resources organized for the collection, processing, maintenance, use, sharing, dissemination, or disposition of information.
- Information technology architecture
- The term Information Technology Architecture, with respect to an executive agency, means an integrated framework for evolving or maintaining existing information technology and acquiring new information technology to achieve the agency’s strategic goals and information resources management goals.
Director of the Office of Management and Budget
Clinger–Cohen Act assigns the Director of the Office of Management and Budget (OMB) some ten tasks. The following list represents a selection:[9]
- Use of Information Technology in Federal programs
- The OMB Director is responsible for improving the acquisition, use, and disposal of information technology by the Federal Government. The Director should aim to improve the productivity, efficiency, and effectiveness of Federal programs, including through dissemination of public information and the reduction of information collection burdens on the public.
- Use of budget process
- The OMB Director shall develop, as part of the budget process, a process for analyzing, tracking, and evaluating the risks and results of all major capital investments made by an executive agency for information systems. The process shall cover the life of each system and shall include explicit criteria for analyzing the projected and actual costs, benefits, and risks associated with the investments.
- Information Technology Standards
- The OMB Director shall oversee the development and implementation of standards and guidelines pertaining to Federal computer systems by the Secretary of Commerce through the National Institute of Standards and Technology.
- Use of Best Practices in Acquisition
- The OMB Director shall encourage the heads of the executive agencies to develop and use the best practices in the acquisition of information technology.
- Assessment of other models for managing Information Technology
- The OMB Director shall assess, on a continuing basis, the experiences of executive agencies, State and local governments, international organizations, and the private sector in managing information technology.
Other tasks are about the comparison of agency uses of IT, training, Informing Congress, and procurement policies.
Director of the Office of Management and Budget (OMB) shall encourage the use of performance-based and results-based management in fulfilling the responsibilities assigned. OMB's Director is tasked with the following responsibilities:[9]
- to evaluate the information resources management practices of the executive agencies with respect to the performance and results of the investments made by the executive agencies in information technology.
- to issue the head of each executive agency to:
- establish effective and efficient capital planning processes for selecting, managing, and evaluating the results of all of its major investments in information systems;
- determine, before making an investment in a new information system:
- whether the function to be supported by the system should be performed by the private sector and, if so, whether any component of the executive agency performing that function should be converted from a governmental organization to a private sector organization;
- whether the function should be performed by the executive agency and, if so, whether the function should be performed by a private sector contract or by executive agency personnel;
- analyze the missions of the agency and, based on the analysis, revise its mission-related processes and administrative processes, before making significant investments in information technology for those missions;
- ensure that the information security policies, procedures, and practices are adequate.
- guidance for undertaking efficiently and effectively interagency and Government-wide investments in information technology
- periodic reviews of selected information resources management activities of the agencies
- to enforce accountability of the head of an agency for information resources management
Executive Agencies
The head of each US Federal executive agency shall comply with several specific matters. A selection.[9]
- Design of Process
- Each executive agency shall design and implement in the executive agency a process for maximizing the value and assessing and managing the risks of the information technology acquisitions of the executive agency.
- Content of Process
- The process of an executive agency shall
- provide for the selection of information technology investments to be made by the executive agency, the management of such investments, and the evaluation of the results of such investments;
- be integrated with the processes for making budget, financial, and program management decisions within the agency;
- include minimum criteria to be applied in considering whether to undertake a particular investment in information systems, including criteria related to the quantitatively expressed projected net, risk-adjusted return on investment and specific quantitative and qualitative criteria for comparing and prioritizing alternative information systems investment projects;
- provide for identifying information systems investments that would result in shared benefits or costs for other Federal agencies or State or local governments;
- provide for identifying for a proposed investment quantifiable measurements for determining the net benefits and risks of the investment; and
- provide the means for senior management personnel of the agency to obtain timely information regarding the progress of an investment in an information system, including a system of milestones for measuring progress, on an independently verifiable basis, in terms of cost, capability of the system to meet specified requirements, timeliness, and quality.
- Performance and Result-based Management
- The head of an executive agency shall (1) establish goals for improving the efficiency and effectiveness of agency operations. (2) prepare an annual report, (3) ensure that performance measurements (4) comparable with processes and organizations in the public or private sectors (5) analyze the missions, and (6) ensure that the information security policies, procedures, and practices of the executive agency are adequate.
- Acquisition of Information Technology
- The authority of the head of an executive agency to conduct an acquisition of information technology includes several general and specific authorities.
The CCA generated a number of significant changes in the roles and responsibilities of various federal agencies in managing acquisition of IT. It elevated overall responsibility to the Director of the Office of Management and Budget (White House). OMB set forth guidelines that must be followed by agencies.
At the agency level, IT management must be integrated into procurement, and procurement of commercial-off-the-shelf technology was encouraged. CCA required each agency to name a Chief Information Officer (CIO) with the responsibility of "developing, maintaining, and facilitating the implementation of a sound and integrated information technology architecture". The CIO is tasked with advising the agency director and senior staff on all IT issues.
Since these rules went into effect, the agency CIOs also have worked together to form the US Federal CIO Council. Initially an informal group, the council's existence became codified into law by Congress in the E-Government Act of 2002. Official duties for the council include developing recommendations for government information technology management policies, procedures, and standards; identifying opportunities to share information resources; and assessing and addressing the needs of the Federal Government's IT workforce.[10]
In general, National Security Systems (NSS), as defined in 40 USC 11103, are exempt from the Act. However, there are specific exceptions to this exemption regarding:
- Capital Planning and Investment Control (CPIC);
- Performance- And Results-Based Management;
- Agency Chief Information Officer (CIO) responsibilities; and
- Accountability.
Raines' Rules
Following the Clinger–Cohen Act, White House budget director Franklin Raines issued a supplementary policy memorandum, M-97-02,[11] in 1996 that became known as "Raines' Rules".[12][13] The memorandum specified the following eight investment criteria for new IT projects:
- support core/priority mission functions that need to be performed by the Federal government;[11]
- be undertaken by the requesting agency because no alternative private sector or governmental source can efficiently support the function;[11]
- support work processes that have been simplified or otherwise redesigned to reduce costs, improve effectiveness, and make maximum use of commercial, off-the-shelf technology;[11]
- demonstrate a projected return on the investment that is clearly equal to or better than alternative uses of available public resources. Return may include: improved mission performance in accordance with GPRA measures; reduced cost; increased quality, speed, or flexibility; and increased customer and employee satisfaction. Return should be adjusted for such risk factors as the project's technical complexity, the agency's management capacity, the likelihood of cost overruns, and the consequences of under- or non-performance[11]
- be consistent with Federal, agency, and bureau information architectures which: integrate agency work processes and information flows with technology to achieve the agency's strategic goals; reflect the agency's technology vision and year 2000 compliance plan; and specify standards that enable information exchange and resource sharing, while retaining flexibility in the choice of suppliers and in the design of local work processes;[11]
- reduce risk by: avoiding or isolating custom-designed components to minimize the potential adverse consequences on the overall project; using fully tested pilots, simulations, or prototype implementations before going to production; establishing clear measures and accountability for project progress; and, securing substantial involvement and buy-in throughout the project from the program officials who will use the system;[11]
- be implemented in phased, successive chunks as narrow in scope and brief in duration as practicable, each of which solves a specific part of an overall mission problem and delivers a measurable net benefit independent of future chunks;[11] and,
- employ an acquisition strategy that appropriately allocates risk between government and contractor, effectively uses competition, ties contract payments to accomplishments, and takes maximum advantage of commercial technology.[11]
Jack L. Brock, Jr., John P. Finedore, Deborah A. Davis (1997), Business Process Reengineering Assessment Guide. p. 5
Thomas G. Kessler, Patricia Kelley (2008). Federal IT Capital Planning and Investment Control. p. 9