OMB Circular A-130

Government-wide Responsibilities

Government-wide Responsibilities

  1. Department of Commerce

The Secretary of Commerce shall:

  1. Develop and issue Federal Information Processing Standards (FIPS) and guidelines necessary to ensure the efficient and effective acquisition, management, security, and use of information technology, while taking into consideration the recommendations of the agencies and the CIO Council;
  2. Provide OMB and the agencies with scientific and technical advisory services relating to the development and use of information technology;
  3. Conduct studies and evaluations concerning telecommunications technology, and the improvement, expansion, testing, operation, and use of Federal telecommunications systems, and advise the Director of OMB and appropriate agencies of the recommendations that result from such studies;
  4. Develop, in consultation with the Secretary of State and the Director of OMB, plans, policies, and programs relating to international telecommunications issues affecting Federal information activities;
  5. Identify needs for standardization of telecommunications and information processing technology, and develop standards, in consultation with the Secretary of Defense and the Administrator of General Services, to ensure efficient application of such technology; and

  6. Ensure the Federal Government is represented in the development of national and international (in consultation with the Secretary of State) information technology standards, and advise the Director of OMB on such activities.

  7. Department of Defense

The Secretary of Defense shall develop, in consultation with the Administrator of General Services, uniform Federal telecommunications standards and guidelines to ensure national security, emergency preparedness, and continuity of government.

  1. Department of Homeland Security

The Secretary of Homeland Security shall:

  1. Monitor and assist agencies with the implementation of information security policies and practices for information systems;
  2. Assist OMB in carrying out its information security oversight and policy responsibilities;

  3. Develop and oversee the implementation of binding operational directives that reinforce the policies, principles, standards, and guidelines developed by OMB, that focus on:

    1. Requirements for the mitigation of exigent risks to information systems;
    2. Requirements for reporting incidents to the Federal information security incident center; and
    3. Other operational requirements, as deemed necessary by OMB;

  4. Coordinate the development of binding operational directives and the oversight of the implementation of such directives with OMB and NIST to ensure consistency with OMB policies and NIST standards and guidelines;

  5. Consult with the Director of NIST regarding any binding operational directives that implement or affect the standards and guidelines developed by NIST;

  6. Convene meetings with senior agency officials to help ensure effective implementation of information security policies and procedures;

  7. Coordinate government-wide efforts on information security policies and practices, including consultation with the CIO Council and NIST;

  8. Manage government-wide information security programs and provide and operate Federal information security shared services, as directed by OMB;

  9. Provide operational and technical assistance to agencies in implementing policies, principles, standards, and guidelines on information security. This includes:

    1. Operating the Federal information security incident center;
    2. Deploying technology to assist agencies to continuously diagnose and mitigate cyber threats and vulnerabilities, with or without reimbursement and at the request of the agency;
    3. Compiling and analyzing data on agency information security; and
    4. Developing and conducting targeted operational evaluations, including threat and vulnerability assessments, on information systems.

  10. Provide agencies with intelligence about cyber threats, vulnerabilities, and incidents for risk assessments;

  11. Consult with OMB to determine what other actions may be necessary to support implementation of effective government-wide information security programs;

  12. Provide the public with timely notice and opportunities for comment on proposed information security directives and procedures to the extent that such directives and procedures affect the public or communication with the public; and

  13. Solicit and consider the recommendations of the Information Security Privacy Advisory Board, established by the National Institute of Standards and Technology Act.

  14. Department of State

The Secretary of State shall:

  1. Consult with and advise the Director of OMB on the development of United States positions and policies on international information policy and technology issues affecting Federal Government activities and the development of international information technology standards; and

  2. Be responsible for liaison, consultation, and negotiation with foreign governments and intergovernmental organizations on all matters related to information resources management, including Federal information technology. The Secretary must also ensure, in consultation with the Secretary of Commerce, that the United States is represented in the development of international standards and recommendations affecting information technology. These responsibilities may also require the Secretary to consult, as appropriate, with affected domestic agencies, organizations, and other members of the public.

  3. Federal CIO Council

The Federal CIO Council, in consultation with OPM, shall:

  1. Analyze on an ongoing basis, the workforce needs of the Federal Government related to information technology and information resources management, in conjunction with relevant agencies;
  2. Identify where current information technology and information resources management training does not satisfy the needs of the Federal Government related to information technology;
  3. Oversee the development of curricula, training methods, and training priorities that correspond to the projected personnel needs related to information technology and information resources management; and
  4. Assess the training of employees in information technology disciplines in order to ensure that information resources management needs are addressed; and

  5. Recommend new policy, as appropriate.

  6. General Services Administration

The Administrator of General Services shall:

  1. Manage a single government-wide network contract per offeror that leverages shared solutions for many agencies;
  2. Serve as an intermediary of managed network services for the agencies;
  3. Manage the Acquisition Services Fund in accordance with the General Services Administration Modernization Act;
  4. Provide policy leadership for improvements to the bid protest process;
  5. Assist OMB in setting strategic direction for electronic government and overseeing government-wide implementation, and recommend changes relating to government-wide strategies and priorities;
  6. Promote innovative uses of information technology by agencies, particularly initiatives involving multiagency collaboration, through support of pilot projects, research, experimentation, and the use of innovative technologies;
  7. Provide support and assistance to the CIO Council; and

  8. Provide leadership and continued policy development to implement section 508 of the Americans with Disabilities Act.

  9. National Archives and Records Administration

The Archivist of the United States shall:

  1. Administer the Federal Records Act and National Archives and Records Administration regulations (36 CFR Subchapter B—Records Management);
  2. Develop standards and guidelines relating to electronic records management in consultation with OMB;
  3. Work with agencies to ensure the transfer of permanent Federal electronic records to the National Archives of the United States in digital or electronic form to the greatest extent possible; and
  4. Ensure agency compliance with records management requirements, provide records management training, and facilitate public access to high-value government records.
-->