layout: page title: Government-wide Responsibilities permalink: /gov-wide-responsibilities/
#####a. Department of Commerce
The Secretary of Commerce shall:
#####b. Department of Homeland Security
The Secretary of Homeland Security shall:22
Develop and oversee the implementation of binding operational directives that reinforce the policies, principles, standards, and guidelines developed by OMB, that focus on:
a. Requirements for the mitigation of exigent risks to information systems;
b. Requirements for reporting incidents to the Federal information security incident center; and
c. Other operational requirements, as deemed necessary by OMB;
Coordinate the development of binding operational directives and the oversight of the implementation of such directives with OMB and NIST to ensure consistency with OMB policies and NIST standards and guidelines;
Consult with the Director of NIST regarding any binding operational directives that implement or affect the standards and guidelines developed by NIST;
Convene meetings with senior agency officials to help ensure effective implementation of information security policies and procedures;
Coordinate government-wide efforts on information security policies and practices, including consultation with the CIO Council and NIST;
Manage government-wide information security programs and provide and operate Federal information security shared services, as directed by OMB;
Provide operational and technical assistance to agencies in implementing policies, principles, standards, and guidelines on information security. This includes:
a. Operating the Federal information security incident center;
b. Deploying technology to assist agencies to continuously diagnose and mitigate cyber threats and vulnerabilities, with or without reimbursement and at the request of the agency;
c. Compiling and analyzing data on agency information security; and
d. Developing and conducting targeted operational evaluations, including threat and vulnerability assessments, on information systems.
Provide agencies with current, timely and actionable intelligence about cyber threats, vulnerabilities, and incidents for risk assessments;
Consult with OMB to determine what other actions may be necessary to support implementation of effective government-wide information security programs;
Provide the public with timely notice and opportunities for comment on proposed information security directives and procedures to the extent that such directives and procedures affect the public or communication with the public; and
Solicit and consider the recommendations of the Information Security Privacy Advisory Board, established by the National Institute of Standards and Technology Act.
#####c. General Services Administration
The Administrator of General Services shall:
#####d. National Archives and Records Administration
The Archivist of the United States shall:
#####e. Office of Personnel Management
The Office of Personnel Management shall:31
###Footnotes