5 FAM 630 DATA MANAGEMENT POLICY

Size: px
Start display at page:

Download "5 FAM 630 DATA MANAGEMENT POLICY"

Transcription

1 5 FAM 630 DATA MANAGEMENT POLICY (Office of Origin: IRM/BMP/OCA/GPC) 5 FAM 631 GENERAL POLICIES a. Data management incorporates the full spectrum of activities involved in handling data, including its policy, administration, collection, capture, retention, and use. b. This section provides the general policies of managing data across the Department and key areas where Information Resource Management (IRM) provides support. The general policy is based on the principle that the Department of State considers data to be an asset. c. All systems and business owners while managing data must consider cost, ownership, stewardship, privacy and security, risk management, storage, and security. d. Business owners should also consider how data relates to existing laws and regulations and how to maximize information sharing across the Department, Federal Government, and if applicable, the public. 5 FAM Definitions a. A data steward is one who oversees and maintains consistent reference data and master data definitions, publishes relevant interpretation and proper usage of the data, and ensures the quality of the content and metadata. b. A data architect is one who establishes the data architecture, defines the taxonomy and naming conventions to be used, and supports the alignment of the data models to the business needs for the IT system or investment. c. A data administrator is one who manages access, security, and integrity of the database and monitors the performance of the database system to maintain any established service level agreements. d. A data analyst is one who understands, applies a variety of techniques, and analyzes the data to align, interpret, and communicate the data to support effective decision-making. 5 Fam 630 Page 1 of 12

2 5 FAM 632 SCOPE This policy applies to all programs and projects in the Department that collect and store unclassified data. 5 FAM 633 AUTHORITIES The authorities establishing this policy include: (1) Clinger-Cohen Act Public Law , Section 5125 (40 U.S.C ); (2) OMB Circular A-130, Management of Federal Information Resources, November 30, 2002; (3) Data Quality OMB, "Guidelines for Ensuring and Maximizing the Quality, Objectivity, Utility and Integrity of Information Disseminated by Federal Agencies," issued pursuant to the Treasury and General Government Appropriations Act for Fiscal Year 2001, Public Law , Section 515; (4) Government Performance and Results Act (GPRA), Public Law, ; (5) Government Paperwork Elimination Act (GPEA), Public Law, , Title XVII (44 U.S.C note); (6) E-Government Act of 2002, Title II; (7) OMB Memorandum M-13-13, Open Data Policy Managing Information as an Asset, May 9, 2013; (8) Executive Order, Making Open and Machine-Readable the New Default for Government Information, May 9, 2013; and (9) Application and Data Coordination Working Group Charter, May 18, FAM 634 ROLES AND RESPONSIBILITIES a. On behalf of the Under Secretary for Management, the Office of Management Policy, Rightsizing, and Innovation (M/PRI) and IRM provide strategic direction for the Department's Data Management policies, processes, and procedures. b. The Application and Data Coordination Working Group (ADCWG) provides an executive-level body that assists in providing strategic direction in managing data and in promoting the value of data to the Department so that it is managed accordingly. The mission of the ADCWG is to facilitate data standardization across the Department by engaging both the key stakeholders who maintain enterprise data as well as the users to ensure data standards 5 Fam 630 Page 2 of 12

3 meet all stakeholders' business needs. Composed of authoritative personnel who serve as the governing body for determining data standards, the ADCWG approves master reference data sets and provides subject matter expertise for associated definitions, taxonomies, and business rules. The ADCWG is trichaired and sponsored by the Chief Information Officer (IRM), the Chief Financial Officer (CGFS), and the Director of M/PRI. c. The Office of the Chief Architect (IRM/BMP/OCA) provides support in formulating and maintaining the Data Management policy and an enterprise view of information, how it can be shared, accessed, and managed consistently across the Department. OCA supports the IT Investment process in evaluating and assessing the adherence and compliance of systems to the Data Management policy. d. The Systems Integration Office (IRM/OPS/SIO) supports the implementation of the Data Management policy by managing and maintaining the Master Reference Data (MRD), Enterprise Metadata Repository (EMR) and the Enterprise Service Bus (ESB). SIO supports the Data Standardization Process in identifying, analyzing, implementing, and maintaining the master reference data sets that are to be used as standards across the Department. e. The Strategic Planning Office (IRM/BMP/SPO) supports the adherence and compliance of the Data Management policy by managing and maintaining the Department s portfolio management system (imatrix) as a part of the IT Capital Planning and Investment Control (CPIC) process. SPO supports the long-range planning, budget and acquisition process to facilitate decision making regarding the best use of available funds to achieve strategic business goals and objectives. f. Bureau Executive Directors provide leadership to ensure their data is managed as an asset and ensure IT projects conform to data management policy. g. Business Owners are accountable for the definition, assignment, and restricting access to data. Business Owners plan for and ensure implementation of data management policies and standards. h. System owners are accountable for all control, management, and support aspects of the information system that stores and manages the data. System Owners prepare and maintain updated implementation plans, which outline how the system will incorporate standardized data sets. These implementation plans must be submitted annually to the ADCWG chairs. i. Data stewards are responsible for resolving data quality issues (content and metadata) in accordance with ADCWG standards and making decisions related to specific data sets and/or information integrity, security, delivery, and access within the assigned business area. For master reference data, Data Stewards are identified and designated by the ADCWG. j. Data architects are responsible for reviewing the business need, developing strategy, processes, and models to ensure the data model leverages existing 5 Fam 630 Page 3 of 12

4 data as applicable. k. Data administrators are responsible for ensuring the database is running efficiently and securely. They monitor the operations of the database in line with the system. l. Data analysts collect, analyze, and interpret data in support of business needs. Data Analysts also support the Data Steward and Data Administrator in identifying quality issues and supporting decisions about data sets related to information integrity, security, delivery, and access. 5 FAM 635 MANAGEMENT OF DATA LIFECYCLE a. Create or acquire: During this phase, all data stakeholders must make sure that all the conceptual details and requirements are addressed whether the data is being created or acquired from other sources. b. Store and maintain: During this phase, the data must be stored using best practices that cover areas such as data integrity and data quality. There needs to be a mechanism in place to perform quality assurance and quality control to ensure data quality. c. Use and share: During this phase, data is shared with the appropriate audiences through secure channels. System owners must consider leveraging technology to interface with other systems so that sharing of data can be automated; where appropriate, authoritative data sources must be used. d. Archive or Dispose: During this phase, data must either be archived or disposed in accordance with policies or guidelines associated with the type of data. System owners must document their standard practices for data storage, archival, or backup. 5 FAM 636 DATA MANAGEMENT COMPONENTS The Data Management policy provides a framework supporting system and business owners for the purpose of improving the accuracy and integrity of data being used. The five components of the data management policy are: (1) Data Governance: Provides strategic oversight and controls to ensure policy and principles are upheld. This component is led by the ADCWG; (2) Information Architecture: Provides an enterprise view of information, business entities, relationships, attributes, definitions and reference values as guidance to share, access, and manage data consistently across the Department. This component is led by IRM/BMP/OCA; 5 Fam 630 Page 4 of 12

5 (3) Implementation: Leverages existing investments (e.g., Master Reference Data) to support operations and maintenance of sound policies, processes, and practices. Provides best practices and standards to manage data as an asset. All business and system owners participate in this component in coordination with IRM/OPS/SIO and IRM/BMP; (4) Information Security Management: Provides the processes and methodologies to protect data. When new technology and infrastructure are introduced, supports the Department by bringing together the processes, tools, and discipline on how information can be accessed, delivered, and protected. All business and system owners participate in this component in coordination with IRM/IA and DS; and (5) Collaboration: Provides tools and processes to enable better collaboration, management of data to facilitate data sharing and compliance with all regulations and policies. 5 FAM 637 DATA MANAGEMENT PRINCIPLES The Data Management policy is guided by the following key principles. These principles provide a foundation to: (1) Build a consensus amongst data stakeholders across the Department (2) Ensure consistency in data management across bureaus and system owners; and (3) Implement and monitor compliance to the policy. 5 FAM Managing Data a. Data is an asset of the Department and must be managed accordingly. It is an invaluable resource for the Department to inform decisions. b. Data must be carefully managed to ensure that the source is credible. c. All data assets must be registered in the Department s portfolio management system (imatrix). d. Roles and responsibilities for those associated with the data must be clearly defined. 5 FAM Data Quality a. The accuracy of data that is used and shared must be verified and validated. 5 Fam 630 Page 5 of 12

6 b. Data quality procedures should be followed throughout the lifecycle. Data users must be able to clearly identify the data quality procedures (e.g. quality assurance, quality control, etc.) that have been followed. 5 FAM Securing Data a. Data residing in any systems (data at rest) or being transmitted (data in motion) must be secured according to the required level of classification. b. Data must be protected from unauthorized use and disclosure. c. Security needs must be identified and managed at the data and information flow level. d. An ongoing and evolving data security approach of tested layered controls must be used for reducing risks to data. 5 FAM Sharing Data a. Data is made available to users as needed to perform their functions. b. Data must be classified and discoverable by users. c. Levels of access to the underlying data must be determined by security principles. d. Common data access policies and guidelines must be adopted and enforced to keep the data current and secure. e. Clear statements of criteria for data access and, when applicable, information on any limitations must be applied to data to enable control of full access that could affect its use. f. Data being shared or published must be consistent with relevant policies, guidelines, and/or initiatives as specified by the Data Policy Framework Working Group s Information Memo dated March FAM Authoritative Data Source a. Authoritative data sources must be registered in the Department's portfolio management system (imatrix), and the associated data sets must be registered in the Enterprise Data Inventory. Generally, authoritative data sources should also be the primary source system, with an appropriate records disposition schedule, for the data, except where the authoritative data source is a combination of disparate sources. 5 Fam 630 Page 6 of 12

7 b. An authoritative data source has to be identified for any data that is being shared. c. An authoritative data set is a data asset recognized by the ADCWG as the official data for use by the Department. The Master Reference Data platform is the authoritative data source for standardized data. d. Published data that is available and useable to users must be clearly documented with consistent delivery procedures. 5 FAM Common Taxonomy a. Data must be defined consistently throughout the Department. b. Taxonomy is the science of classification, wherein objects are structured in relation to one another. It is a conceptual framework for organizing information within a defined scope and context. Taxonomy is also a component of Information Architecture. c. Taxonomies can be applied to any electronic resource system to improve information access. Taxonomies structure information and are integral to effective data management. d. Terms in common taxonomies should be defined in a way that is unambiguous, in order to be understandable and available to all stakeholders. e. Applications or systems using common data sets must use a common vocabulary to facilitate communication. 5 FAM 638 DATA MANAGEMENT PRACTICES The following Data Management practices must be followed by all business and system owners: (1) Business owners at all levels (executive directors, program managers, project managers, etc.) must plan for and enforce data management policies and standards; (2) Information resource (data) project managers must refer to the Department s Information Architecture Blueprint that contains conventions, reference models, practices, and guidelines to ensure architectural alignment; (3) System owners must apply effective Data Quality Management procedures that include quality assurance and quality control processes at all stages of the data lifecycle; (4) System owners must leverage standardized data sets identified in the 5 Fam 630 Page 7 of 12

8 Master Reference Data that have been approved by the ADCWG. Bureaus must prepare and maintain updated implementation plans, which outline how the bureau s systems will incorporate standardized data sets. These implementation plans should be submitted annually to the ADCWG chairs; (5) All system owners must have a mechanism to produce metadata of their key data sets using Metadata Management. The metadata of the data sets being shared must be provided to the Enterprise Metadata Repository; and (6) To ensure effective and secure use of data throughout the lifecycle, some of the key documentation must include: o Data/Information flows o Logical Data Model o Database specifications o Data storage, backup, and recovery methods o Archival or disposition plan 5 FAM 639 IMPLEMENTING DATA MANAGEMENT 5 FAM Enterprise Data Inventory a. imatrix maintains the inventory of the Department's data assets as a part of the Enterprise Data Inventory (EDI). b. System or business owners must register their data assets in imatrix and update the entries on a regular basis. c. The EDI contains data elements as required by OMB and other additional data elements so that valuable insights into the data assets can be obtained. d. The authoritative data sources for the data assets must be identified and entered in imatrix. e. The data assets must be categorized in accordance with the Information Reference Model specified in the Information Architecture Blueprint. 5 FAM Master Reference Data a. Master Reference Data (MRD) is a set of stable reference data sets sharable by all business teams and applications across the Department. b. Incorporating Master Reference Data into all Department systems where applicable improves the accuracy and integrity of data being used, while also 5 Fam 630 Page 8 of 12

9 facilitating information exchange and cross-system reporting. c. The MRD application is the central source for the Department s authoritative data sets approved by the ADCWG. d. The MRD application improves the accuracy, consistency, and timeliness of reference data, while reducing maintenance requirements. e. Master Reference Data is available to application developers in various formats, including as a web service. f. Master Reference Data is maintained by the data steward established and appointed during the data standardization process chartered by the ADCWG. g. System and business owners must incorporate or have a plan of incorporating the Master Reference Data into their system and process where the data is applicable. Adherence to this policy will be evaluated as a part of the CPIC process. h. The owners of information resource programs and projects must apply data sharing and use of Master Reference Data (MRD), as approved by the ADCWG, as explicit business requirements for all Department systems and must integrate these data management principles into the data lifecycle. 5 FAM Security Guidelines and Checklists a. IT access controls must be implemented pursuant to 12 FAM 652 and 12 FAM 653; b. IT security awareness and training must be implemented pursuant to 5 FAM 845 and 12 FAM 632; c. IT auditing and accountability must be implemented pursuant to 12 FAH-10 and 12 FAM 623; d. IT security and authorization assessments must be conducted pursuant to 1 FAM 262, 12 FAH-10, 5 FAH-6, 5 FAH-11, and 12 FAM 629; e. IT configuration management must be implemented pursuant to 5 FAM 650; f. IT contingency planning must be implemented pursuant to 5 FAM 1060 and 12 FAM 622; g. User and system identification and authentication measures must be implemented pursuant to 12 FAM 623, 12 FAM 632, 12 FAM 653, and 12 FAH- 10; h. Computer security incident response must be implemented pursuant to 12 FAM 590, 12 FAM 622, 12 FAM 680 and 1 FAM 262; i. IT system maintenance must be implemented pursuant to 5 FAH-5, 5 FAH-11, and 12 FAH-10; 5 Fam 630 Page 9 of 12

10 j. Document and media protection must be implemented pursuant to 5 FAH-11, 7 FAH-2, 12 FAM 620, and 12 FAM 630; k. Physical and environmental protection must be implemented pursuant to 12 FAH-5, 12 FAM 390, 12 FAM 530, and 12 FAM 575; l. Security planning must be conducted pursuant to 12 FAH-5, 12 FAH-10 and 11; m. Information security program plans must be developed and disseminated pursuant to 12 FAM 500, and 5 FAH-11; n. Personnel security must be implemented pursuant to 5 FAM 100, 5 FAM 900, 5 FAH-11 and 12 FAH-10; o. IT risk assessments must be conducted pursuant to 5 FAH-5, and 5 FAH-11; p. System and service acquisition must be managed pursuant to 5 FAH-5 and 5 FAH-11; q. Systems and communication protections must be implemented pursuant to 5 FAH-11 and 12 FAH-10; and r. System and information integrity must be maintained pursuant to 12 FAM 600 and 12 FAH FAM Enterprise Metadata Repository a. Metadata is the definition or description of data. In data processing, metadata provides information about, or documentation of, other data managed within an application or environment. For example, metadata would include name, size, data type, and definition for a data element or attribute, as well as data about records or data structures (length, fields, columns, etc.) and information about data (e.g., where it is located, how it is associated, who owns it, what other data it may be related to, etc.). b. The Enterprise Metadata Repository (EMR) contains enterprise metadata elements from various sources in a centralized system. c. IRM/OPS/SIO provides user access and accounts and administers the application, as follows: (1) Provides data to both technical and business users; (2) Provides repeatable data transformation processes; (3) Supports data standardization; (4) Provides data traceability across systems; and (5) Provides a capability to produce impact analysis for changes to Department systems. d. IT project managers must provide metadata to the EMR based on the 5 Fam 630 Page 10 of 12

11 requirements previously stated in 5 FAM 638(e). 5 FAM Authoritative Data Sets a. All authoritative data sets must be identified as a part of the Enterprise Data Inventory. b. A comprehensive list of reference data sets and their authoritative data sources can be found in the Master Reference Data tables. c. Uses of authoritative data sets require all naming, classification, and standardization conventions to be in compliance with the determination made by the ADCWG. d. The data must be maintained and updated by the appropriate data steward, to be selected by the ADCWG. e. Data consumers and/or application owners must request changes to data sets through the ADCWG change request (CR) process. f. Manipulating data 'downstream' for alternative functions is permissible (such as appending data points that require a security classification), provided the MRD is still the source of the data and the manipulated data is not exchanged across bureaus. g. The core attributes identified with each data set must be stored in each system that is required to use the reference data sets from the MRD. Storing the core attributes ensures that common elements are stored in each system to facilitate data exchange and to make downstream aggregation of data possible. h. Data up to the SBU-level should be exchanged with the MRD through IRM s SBU Enterprise Service Bus (ESB). Any exceptions should be documented in the Capital Planning and Investment Control process. 5 FAM Naming Conventions a. Department systems must adhere to object naming conventions as governed by the ADCWG and be compatible with the Federal Information Processing Standards (FIPS) 156 Information Resource Dictionary System (IRDS) standard and the National Institute of Standards and Technology (NIST) data design guidelines. b. Object definition and naming conventions are critical in facilitating object sharing and consistency across the Department s organizations. c. The Department s naming conventions describe how objects should be defined, including what metadata should be documented. In addition, naming conventions are defined to: 5 Fam 630 Page 11 of 12

12 (1) Facilitate object sharing, object consistency, and communication among the Department s organizations; (2) Increase reliability of information stored, shared, and managed by the repository tool set; (3) Promote accessibility and understandability of information across systems; (4) Improve the quality of data and application documentation; (5) Eliminate data redundancy and inconsistency; (6) Facilitate user access to object names and related documentation as used throughout the Department. (7) Assist analysts in selecting names that are clear and represent rules of good grammar; and (8) Simplify recognition of synonyms. 5 Fam 630 Page 12 of 12

UNITED STATES DEPARTMENT OF THE INTERIOR BUREAU OF LAND MANAGEMENT MANUAL TRANSMITTAL SHEET. 1283 Data Administration and Management (Public)

UNITED STATES DEPARTMENT OF THE INTERIOR BUREAU OF LAND MANAGEMENT MANUAL TRANSMITTAL SHEET. 1283 Data Administration and Management (Public) Form 1221-2 (June 1969) Subject UNITED STATES DEPARTMENT OF THE INTERIOR BUREAU OF LAND MANAGEMENT MANUAL TRANSMITTAL SHEET 1283 Data Administration and Management (Public) Release 1-1742 Date 7/10/2012

More information

United States Department of State Bureau of Information Resource Management (IRM) Open Data Plan

United States Department of State Bureau of Information Resource Management (IRM) Open Data Plan United States Department of State Bureau of Information Resource Management (IRM) Open Data Plan November 12, 2013 Table of Contents Background... 1 Requirements... 1 Enterprise Data Inventory... 1 Public

More information

5 FAM 620 INFORMATION TECHNOLOGY (IT) PROJECT MANAGEMENT

5 FAM 620 INFORMATION TECHNOLOGY (IT) PROJECT MANAGEMENT 5 FAM 620 INFORMATION TECHNOLOGY (IT) PROJECT MANAGEMENT 5 FAM 621 GENERAL (Office of Origin: IRM/BMP/SPO/PMD) a. The strategic importance of Information Technology (IT) to the mission of the State Department

More information

US Department of Education Federal Student Aid Integration Leadership Support Contractor June 1, 2007

US Department of Education Federal Student Aid Integration Leadership Support Contractor June 1, 2007 US Department of Education Federal Student Aid Integration Leadership Support Contractor June 1, 2007 Draft Enterprise Data Management Data Policies Final i Executive Summary This document defines data

More information

5 FAH-11 H-500 PERFORMANCE MEASURES FOR INFORMATION ASSURANCE

5 FAH-11 H-500 PERFORMANCE MEASURES FOR INFORMATION ASSURANCE 5 FAH-11 H-500 PERFORMANCE MEASURES FOR INFORMATION ASSURANCE 5 FAH-11 H-510 GENERAL (Office of Origin: IRM/IA) 5 FAH-11 H-511 INTRODUCTION 5 FAH-11 H-511.1 Purpose a. This subchapter implements the policy

More information

A. Title 5, United States Code (U.S.C.), Section 552a, Records Maintained On Individuals (The Privacy Act of 1974)

A. Title 5, United States Code (U.S.C.), Section 552a, Records Maintained On Individuals (The Privacy Act of 1974) Department of Homeland Security DHS Directives System Directive Number: 103-01 Revision Number: 01 Issue Date: 8/25/2014 ENTERPRISE DATA MANAGEMENT POLICY I. Purpose This Directive establishes the Department

More information

City of Minneapolis Policy for Enterprise Information Management

City of Minneapolis Policy for Enterprise Information Management City of Minneapolis Policy for Enterprise Information Management Origin: Developed by the City Clerk s Office and Business Information Services. Based on requirements set forth in Federal and State regulations

More information

Enterprise Information Management Policy. EPA Classification No.: CIO CIO Approval Date: 03/03/2015

Enterprise Information Management Policy. EPA Classification No.: CIO CIO Approval Date: 03/03/2015 INFORMATION POLICY Enterprise Information Management Policy Issued by the EPA Chief Information Officer, Pursuant to Delegation 1-19, dated July 7, 2005 ENTERPRISE INFORMATION MANAGEMENT POLICY (EIMP)

More information

Guidelines for Best Practices in Data Management Roles and Responsibilities

Guidelines for Best Practices in Data Management Roles and Responsibilities Guidelines for Best Practices in Data Management Roles and Responsibilities September 2010 Data Architecture Advisory Committee A subcommittee of Information Architecture & Standards Branch Table of Contents

More information

This Policy is issued by the Sector Head responsible for Records Management.

This Policy is issued by the Sector Head responsible for Records Management. Records Management Policy Effective Date: This Policy takes effect on July 15, 2013 Purpose The purpose of this policy is to achieve efficient and effective management of CMHC information with business

More information

UNITED STATES DEPARTMENT OF THE INTERIOR BUREAU OF LAND MANAGEMENT MANUAL TRANSMITTAL SHEET

UNITED STATES DEPARTMENT OF THE INTERIOR BUREAU OF LAND MANAGEMENT MANUAL TRANSMITTAL SHEET Form 1221-2 (June 1969) UNITED STATES DEPARTMENT OF THE INTERIOR BUREAU OF LAND MANAGEMENT Release: 1-1718 Date: MANUAL TRANSMITTAL SHEET Subject 1265 Information Technology Investment Management (ITIM)

More information

U.S. Department of Education. Office of the Chief Information Officer

U.S. Department of Education. Office of the Chief Information Officer U.S. Department of Education Office of the Chief Information Officer Investment Review Board (IRB) CHARTER January 23, 2013 I. ESTABLISHMENT The Investment Review Board (IRB) is the highest level IT investment

More information

Institutional Data Governance Policy

Institutional Data Governance Policy Institutional Data Governance Policy Policy Statement Institutional Data is a strategic asset of the University. As such, it is important that it be managed according to sound data governance procedures.

More information

Audit of the Department of State Information Security Program

Audit of the Department of State Information Security Program UNITED STATES DEPARTMENT OF STATE AND THE BROADCASTING BOARD OF GOVERNORS OFFICE OF INSPECTOR GENERAL AUD-IT-15-17 Office of Audits October 2014 Audit of the Department of State Information Security Program

More information

Rowan University Data Governance Policy

Rowan University Data Governance Policy Rowan University Data Governance Policy Effective: January 2014 Table of Contents 1. Introduction... 3 2. Regulations, Statutes, and Policies... 4 3. Policy Scope... 4 4. Governance Roles... 6 4.1. Data

More information

United States Department of Health & Human Services Enterprise Architecture Program Management Office. HHS Enterprise Architecture Governance Plan

United States Department of Health & Human Services Enterprise Architecture Program Management Office. HHS Enterprise Architecture Governance Plan United States Department of Health & Human Services Enterprise Architecture Program Management Office HHS Enterprise Architecture Governance Plan Version 3.0 February 2007 Approvals The Health and Human

More information

COMDTINST 5200.7 11 JUL 2013 COAST GUARD C4I DATA MANAGEMENT (DM) POLICY

COMDTINST 5200.7 11 JUL 2013 COAST GUARD C4I DATA MANAGEMENT (DM) POLICY Commandant 2100 2 nd St SW Stop 7101 United States Coast Guard Washington, DC 20593-7101 Staff Symbol: CG-6 Phone: (202) 475-3469 Fax: (202)475-3930 Email: edmp@uscg.mil COMMANDANT INSTRUCTION 5200.7 COMDTINST

More information

5 FAH-8 H-351 CLOUD COMPUTING

5 FAH-8 H-351 CLOUD COMPUTING 5 FAH-8 H-350 CLOUD COMPUTING (Office of Origin: IRM/BMP) 5 FAH-8 H-351 CLOUD COMPUTING GOVERNANCE BOARD a. The Cloud Computing Governance Board (CCGB) exists to provide advice to the Authorizing Official

More information

DATA STANDARDS POLICY

DATA STANDARDS POLICY EPA Classification No: CIO 2133.0 (formerly 2128.0) CIO Approval Date: 06/28/07 Issued by the EPA Chief Information Officer, Pursuant to Delegation 1-19, dated 07/07/2005 DATA STANDARDS POLICY 1. PURPOSE

More information

PREFACE TO SELECTED INFORMATION DIRECTIVES CHIEF INFORMATION OFFICER MEMORANDUM

PREFACE TO SELECTED INFORMATION DIRECTIVES CHIEF INFORMATION OFFICER MEMORANDUM PREFACE TO SELECTED INFORMATION DIRECTIVES CIO Transmittal No.: 15-010 CIO Approval Date: 06/12/2015 Issued by the EPA Chief Information Officer, Pursuant to Delegation 1-19, dated 07/07/2005 CHIEF INFORMATION

More information

IT SECURITY EDUCATION AWARENESS TRAINING POLICY OCIO-6009-09 TABLE OF CONTENTS

IT SECURITY EDUCATION AWARENESS TRAINING POLICY OCIO-6009-09 TABLE OF CONTENTS OFFICE OF THE CHIEF INFORMATION OFFICER Date of Issuance: May 22, 2009 Effective Date: May 22, 2009 Review Date: Section I. PURPOSE II. AUTHORITY III. SCOPE IV. DEFINITIONS V. POLICY VI. RESPONSIBILITIES

More information

DIRECTIVE TRANSMITTAL

DIRECTIVE TRANSMITTAL U.S. NUCLEAR REGULATORY COMMISSION DIRECTIVE TRANSMITTAL TN: DT-07-08 To: Subject: Purpose: Office and Division of Origin: NRC Management Directives Custodians Transmittal of Management Directive 2.8,

More information

EPA Classification No.: CIO 2123.0-P-01.1 CIO Approval Date: 06/10/2013 CIO Transmittal No.: 13-003 Review Date: 06/10/2016

EPA Classification No.: CIO 2123.0-P-01.1 CIO Approval Date: 06/10/2013 CIO Transmittal No.: 13-003 Review Date: 06/10/2016 Issued by the EPA Chief Information Officer, Pursuant to Delegation 1-84, dated June 7, 2005 CONFIGURATION MANAGEMENT PROCEDURE 1 PURPOSE The purpose of this procedure is to describe the process EPA Program

More information

5 FAM 670 INFORMATION TECHNOLOGY (IT) PERFORMANCE MEASURES FOR PROJECT MANAGEMENT

5 FAM 670 INFORMATION TECHNOLOGY (IT) PERFORMANCE MEASURES FOR PROJECT MANAGEMENT 5 FAM 670 INFORMATION TECHNOLOGY (IT) PERFORMANCE MEASURES FOR PROJECT MANAGEMENT (CT:IM-92; 08-01-2007) (Office of Origin: IRM/BPC/PRG) 5 FAM 671 WHAT ARE IT PERFORMANCE MEASURES AND WHY ARE THEY REQUIRED?

More information

Management and Use of Information & Information Technology (I&IT) Directive. Management Board of Cabinet

Management and Use of Information & Information Technology (I&IT) Directive. Management Board of Cabinet Management and Use of Information & Information Technology (I&IT) Directive Management Board of Cabinet February 28, 2014 TABLE OF CONTENTS PURPOSE... 1 APPLICATION AND SCOPE... 1 PRINCIPLES... 1 ENABLE

More information

U.S. DEPARTMENT OF HOUSING AND URBAN DEVELOPMENT. Issued: September 6, 2002

U.S. DEPARTMENT OF HOUSING AND URBAN DEVELOPMENT. Issued: September 6, 2002 U.S. DEPARTMENT OF HOUSING AND URBAN DEVELOPMENT ADMINISTRATION Special Attention of: Transmittal for Handbook No: 3260.1 Issued: September 6, 2002 1. This Transmits: HUD Handbook 3260.1, Enterprise Data

More information

Interagency Science Working Group. National Archives and Records Administration

Interagency Science Working Group. National Archives and Records Administration Interagency Science Working Group 1 National Archives and Records Administration Establishing Trustworthy Digital Repositories: A Discussion Guide Based on the ISO Open Archival Information System (OAIS)

More information

U.S. Department of Energy Washington, D.C.

U.S. Department of Energy Washington, D.C. U.S. Department of Energy Washington, D.C. ORDER DOE O 200.1A Approved: SUBJECT: INFORMATION TECHNOLOGY MANAGEMENT 1. OBJECTIVES. The Department of Energy s (DOE) overarching mission, to advance the national,

More information

Information Technology Processes FinCEN is an agency whose mission is dependent on the effective collection,

Information Technology Processes FinCEN is an agency whose mission is dependent on the effective collection, Appendix L Project Management and Information Technology Processes FinCEN is an agency whose mission is dependent on the effective collection, dissemination, and meaningful analysis of large quantities

More information

INFORMATION TECHNOLOGY DATA MANAGEMENT PROCEDURES AND GOVERNANCE STRUCTURE BALL STATE UNIVERSITY OFFICE OF INFORMATION SECURITY SERVICES

INFORMATION TECHNOLOGY DATA MANAGEMENT PROCEDURES AND GOVERNANCE STRUCTURE BALL STATE UNIVERSITY OFFICE OF INFORMATION SECURITY SERVICES INFORMATION TECHNOLOGY DATA MANAGEMENT PROCEDURES AND GOVERNANCE STRUCTURE BALL STATE UNIVERSITY OFFICE OF INFORMATION SECURITY SERVICES 1. INTRODUCTION If you are responsible for maintaining or using

More information

US Department of Education Federal Student Aid Integration Leadership Support Contractor January 25, 2007

US Department of Education Federal Student Aid Integration Leadership Support Contractor January 25, 2007 US Department of Education Federal Student Aid Integration Leadership Support Contractor January 25, 2007 Task 18 - Enterprise Data Management 18.002 Enterprise Data Management Concept of Operations i

More information

Corporate Property Automated Information System CPAIS. Privacy Impact Assessment

Corporate Property Automated Information System CPAIS. Privacy Impact Assessment Corporate Property Automated Information System CPAIS Privacy Impact Assessment May 2003 CONTENTS Background...3 Access to the Data...5 Maintenance of Administrative Controls...9 1 Introduction The Office

More information

Data Governance Policy. Version 2.0 19 October 2015

Data Governance Policy. Version 2.0 19 October 2015 Version 2.0 19 October 2015 Document Title: Summary: Date of Issue: Status: Contact Officer: Applies To: References: This policy provides the Cancer Institute NSW with an instrument to formally manage

More information

VOLUME 1, CHAPTER 3: FEDERAL FINANCIAL MANAGEMENT IMPROVEMENT ACT OF 1996 COMPLIANCE, EVALUATION, AND REPORTING SUMMARY OF MAJOR CHANGES

VOLUME 1, CHAPTER 3: FEDERAL FINANCIAL MANAGEMENT IMPROVEMENT ACT OF 1996 COMPLIANCE, EVALUATION, AND REPORTING SUMMARY OF MAJOR CHANGES VOLUME 1, CHAPTER 3: FEDERAL FINANCIAL MANAGEMENT IMPROVEMENT ACT OF 1996 COMPLIANCE, EVALUATION, AND REPORTING SUMMARY OF MAJOR CHANGES All changes are denoted by blue font. Substantive revisions are

More information

Part A OVERVIEW...1. 1. Introduction...1. 2. Applicability...2. 3. Legal Provision...2. Part B SOUND DATA MANAGEMENT AND MIS PRACTICES...

Part A OVERVIEW...1. 1. Introduction...1. 2. Applicability...2. 3. Legal Provision...2. Part B SOUND DATA MANAGEMENT AND MIS PRACTICES... Part A OVERVIEW...1 1. Introduction...1 2. Applicability...2 3. Legal Provision...2 Part B SOUND DATA MANAGEMENT AND MIS PRACTICES...3 4. Guiding Principles...3 Part C IMPLEMENTATION...13 5. Implementation

More information

Data Governance Policy. Staff Only Students Only Staff and Students. Vice-Chancellor

Data Governance Policy. Staff Only Students Only Staff and Students. Vice-Chancellor Name of Policy Description of Policy Policy applies to Data Governance Policy To establish proper standards to assure the quality and integrity of University data. This policy also defines the roles and

More information

National Geospatial Data Policy Procedure for Geospatial Metadata Management

National Geospatial Data Policy Procedure for Geospatial Metadata Management Issued by the EPA Chief Information Officer, Pursuant to Delegation 1-19, dated 07/07/2005 National Geospatial Data Policy Procedure for Geospatial Metadata Management 1. PURPOSE The purpose of the Procedure

More information

AUDIT REPORT. The Energy Information Administration s Information Technology Program

AUDIT REPORT. The Energy Information Administration s Information Technology Program U.S. Department of Energy Office of Inspector General Office of Audits and Inspections AUDIT REPORT The Energy Information Administration s Information Technology Program DOE-OIG-16-04 November 2015 Department

More information

Department of the Interior Privacy Impact Assessment

Department of the Interior Privacy Impact Assessment Department of the Interior August 15, 2014 Name of Project: email Enterprise Records and Document Management System (eerdms) Bureau: Office of the Secretary Project s Unique ID: Not Applicable A. CONTACT

More information

U.S. Department of Education Federal Student Aid

U.S. Department of Education Federal Student Aid U.S. Department of Education Federal Student Aid Lifecycle Management Methodology Stage Gate Review Process Description Version 1.3 06/30/2015 Final DOCUMENT NUMBER: FSA_TOQA_PROC_STGRW.NA_001 Lifecycle

More information

Policy and Procedures Date: April 1, 2008

Policy and Procedures Date: April 1, 2008 Virginia Polytechnic Institute and State University No. 7100 Rev.: 4 Policy and Procedures Date: April 1, 2008 Subject: Administrative Data Management and Access Policy Contents 1. Premise and Purpose...

More information

FISH AND WILDLIFE SERVICE INFORMATION RESOURCES MANAGEMENT. Chapter 7 Information Technology (IT) Security Program 270 FW 7 TABLE OF CONTENTS

FISH AND WILDLIFE SERVICE INFORMATION RESOURCES MANAGEMENT. Chapter 7 Information Technology (IT) Security Program 270 FW 7 TABLE OF CONTENTS TABLE OF CONTENTS General Topics Purpose and Authorities Roles and Responsibilities Policy and Program Waiver Process Contact Abbreviated Sections/Questions 7.1 What is the purpose of this chapter? 7.2

More information

UNCLASSIFIED (U) U.S. Department of State Foreign Affairs Manual Volume 5 Information Management 5 FAM 870 NETWORKS

UNCLASSIFIED (U) U.S. Department of State Foreign Affairs Manual Volume 5 Information Management 5 FAM 870 NETWORKS 5 FAM 870 NETWORKS (Office of Origin: IRM/BMP/GRP/GP) 5 FAM 871 ENTERPRISE NETWORKS (CT:IM-138; 01-18-2013) The Department currently has two enterprise networks: ClassNet and OpenNet. Only Department-issued

More information

THE STATUS OF ENTERPRISE ARCHITECTURE AND INFORMATION TECHNOLOGY INVESTMENT MANAGEMENT IN THE DEPARTMENT OF JUSTICE

THE STATUS OF ENTERPRISE ARCHITECTURE AND INFORMATION TECHNOLOGY INVESTMENT MANAGEMENT IN THE DEPARTMENT OF JUSTICE THE STATUS OF ENTERPRISE ARCHITECTURE AND INFORMATION TECHNOLOGY INVESTMENT MANAGEMENT IN THE DEPARTMENT OF JUSTICE U.S. Department of Justice Office of the Inspector General Audit Division Audit Report

More information

Architecture Principles

Architecture Principles Architecture Principles Table of Contents 1 GENERAL INFORMATION...2 2 INTENT...2 3 OWNERSHIP...2 4 APPLYING THE PRINCIPLES...2 5 ARCHITECTURAL OBJECTIVES...2 6 ARCHITECTURE PRINCIPLES...3 6.1 General...

More information

Department of the Interior Privacy Impact Assessment

Department of the Interior Privacy Impact Assessment Department of the Interior September 8, 2014 Name of Project: Enterprise Forms System Bureau: Office of the Secretary Project s Unique ID (Exhibit 300): 010-000000312 Once the PIA is completed and the

More information

Scope The data management framework must support industry best practice processes and provide as a minimum the following functional capability:

Scope The data management framework must support industry best practice processes and provide as a minimum the following functional capability: Data Management Policy Version Information A. Introduction Purpose 1. Outline and articulate the strategy for data management across Redland City Council (RCC). This document will provide direction and

More information

Information Security Handbook

Information Security Handbook Information Security Handbook Adopted 6/4/14 Page 0 Page 1 1. Introduction... 5 1.1. Executive Summary... 5 1.2. Governance... 5 1.3. Scope and Application... 5 1.4. Biennial Review... 5 2. Definitions...

More information

DAMA-DMBOK Functional Framework

DAMA-DMBOK Functional Framework DAMA-DMBOK Functional Framework Version 3.02 Mark Mosley September 10, 2008 2008 DAMA International All Rights Reserved Table of Contents Table of Contents... 1 About This Document... 1 Revision History...

More information

FSIS DIRECTIVE 1306.3

FSIS DIRECTIVE 1306.3 UNITED STATES DEPARTMENT OF AGRICULTURE FOOD SAFETY AND INSPECTION SERVICE WASHINGTON, DC FSIS DIRECTIVE 1306.3 REVISION 1 12/13/12 CONFIGURATION MANAGEMENT (CM) OF SECURITY CONTROLS FOR INFORMATION SYSTEMS

More information

Information Security Program Management Standard

Information Security Program Management Standard State of California California Information Security Office Information Security Program Management Standard SIMM 5305-A September 2013 REVISION HISTORY REVISION DATE OF RELEASE OWNER SUMMARY OF CHANGES

More information

CIOP CHAPTER 1351.40 Common Operating Environment (COE) Services Management Policy TABLE OF CONTENTS. Section 40.1. Purpose

CIOP CHAPTER 1351.40 Common Operating Environment (COE) Services Management Policy TABLE OF CONTENTS. Section 40.1. Purpose CIOP CHAPTER 1351.40 Common Operating Environment (COE) Services Management Policy TABLE OF CONTENTS Section 40.1. Purpose... 1 Section 40.2. Background... 2 Section 40.3. Scope and Applicability... 3

More information

2.0 ROLES AND RESPONSIBILITIES

2.0 ROLES AND RESPONSIBILITIES 2.0 ROLES AND RESPONSIBILITIES This handout describes applicable roles and responsibilities for the Capital Planning and Investment Process (CPIC) as presented in the NIST Integrating IT Security into

More information

NATIONAL CREDIT UNION ADMINISTRATION OFFICE OF INSPECTOR GENERAL

NATIONAL CREDIT UNION ADMINISTRATION OFFICE OF INSPECTOR GENERAL NATIONAL CREDIT UNION ADMINISTRATION OFFICE OF INSPECTOR GENERAL INDEPENDENT EVALUATION OF THE NATIONAL CREDIT UNION ADMINISTRATION S COMPLIANCE WITH THE FEDERAL INFORMATION SECURITY MANAGEMENT ACT (FISMA)

More information

Bureau of Land Management. Information System Decommissioning Guide

Bureau of Land Management. Information System Decommissioning Guide Department Bureau of the Land Interior Management Bureau of Land Management Information System Decommissioning Guide Version Control Log Date Version # Author Description January 11, 2011 0.1 WO-550 Original

More information

Embarcadero DataU Conference. Data Governance. Francis McWilliams. Solutions Architect. Master Your Data

Embarcadero DataU Conference. Data Governance. Francis McWilliams. Solutions Architect. Master Your Data Data Governance Francis McWilliams Solutions Architect Master Your Data A Level Set Data Governance Some definitions... Business and IT leaders making strategic decisions regarding an enterprise s data

More information

U.S. Department of the Treasury. Treasury IT Performance Measures Guide

U.S. Department of the Treasury. Treasury IT Performance Measures Guide U.S. Department of the Treasury Treasury IT Performance Measures Guide Office of the Chief Information Officer (OCIO) Enterprise Architecture Program June 2007 Revision History June 13, 2007 (Version 1.1)

More information

TREASURY INSPECTOR GENERAL FOR TAX ADMINISTRATION

TREASURY INSPECTOR GENERAL FOR TAX ADMINISTRATION TREASURY INSPECTOR GENERAL FOR TAX ADMINISTRATION The Customer Account Data Engine 2 Systems Development Guidelines; However, Process Improvements Are Needed to Address Inconsistencies September 30, Year

More information

TITLE III INFORMATION SECURITY

TITLE III INFORMATION SECURITY H. R. 2458 48 (1) maximize the degree to which unclassified geographic information from various sources can be made electronically compatible and accessible; and (2) promote the development of interoperable

More information

UNITED STATES DEPARTMENT OF EDUCATION OFFICE OF INSPECTOR GENERAL

UNITED STATES DEPARTMENT OF EDUCATION OFFICE OF INSPECTOR GENERAL UNITED STATES DEPARTMENT OF EDUCATION OFFICE OF INSPECTOR GENERAL AUDIT SERVICES June 30, 2016 Control Number ED-OIG/A04O0014 James W. Runcie Chief Operating Officer Federal Student Aid U.S. Department

More information

ClOP CHAPTER 1351.39. Departmental Information Technology Governance Policy TABLE OF CONTENTS. Section 39.1

ClOP CHAPTER 1351.39. Departmental Information Technology Governance Policy TABLE OF CONTENTS. Section 39.1 ClOP CHAPTER 1351.39 Departmental Information Technology Governance Policy TABLE OF CONTENTS Section 39.1 Purpose... 1 Section 39.2 Section 39.3 Section 39.4 Section 39.5 Section 39.6 Section 39.7 Section

More information

Master Data Management

Master Data Management Master Data Management Managing Data as an Asset By Bandish Gupta Consultant CIBER Global Enterprise Integration Practice Abstract: Organizations used to depend on business practices to differentiate them

More information

University of Hawai i Executive Policy on Data Governance (Draft 2/1/12)

University of Hawai i Executive Policy on Data Governance (Draft 2/1/12) University of Hawai i Executive Policy on Data Governance (Draft 2/1/12) I. Definition Data governance is the exercise of authority and control (planning, monitoring, and enforcement) over the management

More information

Subject: 1268-1 Information Technology Configuration Management Manual

Subject: 1268-1 Information Technology Configuration Management Manual Form 1221-2 (June 1969) UNITED STATES DEPARTMENT OF THE INTERIOR BUREAU OF LAND MANAGEMENT Release 1-1741 Date MANUAL TRANSMITTAL SHEET 06/19/2012 Subject: 1268-1 Information Technology Configuration Management

More information

Institutional Data Governance Policy

Institutional Data Governance Policy Institutional Data Governance Policy Vanderbilt University and Medical Center Effective Date: 07/09/2014 Revision Date: N/A DOCUMENT CONTROL Document Title Institutional Data Governance Policy Summary:

More information

Manag. Roles. Novemb. ber 20122

Manag. Roles. Novemb. ber 20122 Information Technology Manag gement Framework Roles and Respo onsibilities Version 1.2 Novemb ber 20122 ITM Roles and Version History Version ed By Revision Date Approved By Approval Date Description of

More information

The Data Reference Model. Volume I, Version 1.0 DRM

The Data Reference Model. Volume I, Version 1.0 DRM The Data Reference Model Volume I, Version 1.0 DRM September 2004 Document Organization Document Organization 2 Executive Summary 3 Overview of the DRM 9 DRM Foundation 12 Use of the DRM 17 DRM Roadmap

More information

CMS Policy for Information Technology (IT) Investment Management & Governance

CMS Policy for Information Technology (IT) Investment Management & Governance Chief Information Officer Office of Information Services Centers for Medicare & Medicaid Services CMS Policy for Information Technology (IT) Investment Management & Governance May 17, 2007 Document Number:

More information

BPA Policy 434-1 Cyber Security Program

BPA Policy 434-1 Cyber Security Program B O N N E V I L L E P O W E R A D M I N I S T R A T I O N BPA Policy Table of Contents.1 Purpose & Background...2.2 Policy Owner... 2.3 Applicability... 2.4 Terms & Definitions... 2.5 Policy... 5.6 Policy

More information

NSW Government Standard Approach to Information Architecture. December 2013 v.1.0

NSW Government Standard Approach to Information Architecture. December 2013 v.1.0 NSW Government Standard Approach to Information Architecture December 2013 v.1.0 DOCUMENTATION AND ENDORSEMENT Document history Date Version No. Description Author October 2013 0.1 IM Framework Roadmap

More information

DEPARTMENT OF THE ARMY ER 25-1-110 U.S. Army Corps of Engineers CECI-A Washington, DC 20314-1000. Regulation No. 25-1-110 31 July 2013

DEPARTMENT OF THE ARMY ER 25-1-110 U.S. Army Corps of Engineers CECI-A Washington, DC 20314-1000. Regulation No. 25-1-110 31 July 2013 DEPARTMENT OF THE ARMY ER 25-1-110 U.S. Army Corps of Engineers CECI-A Washington, DC 20314-1000 Regulation No. 25-1-110 31 July 2013 INFORMATON MANAGEMENT ENTERPRISE DATA MANAGEMENT POLICY CORPORATE INFORMATION

More information

Privacy Impact Assessment (PIA) for the. Certification & Accreditation (C&A) Web (SBU)

Privacy Impact Assessment (PIA) for the. Certification & Accreditation (C&A) Web (SBU) Privacy Impact Assessment (PIA) for the Cyber Security Assessment and Management (CSAM) Certification & Accreditation (C&A) Web (SBU) Department of Justice Information Technology Security Staff (ITSS)

More information

University of Michigan Medical School Data Governance Council Charter

University of Michigan Medical School Data Governance Council Charter University of Michigan Medical School Data Governance Council Charter 1 Table of Contents 1.0 SIGNATURE PAGE 2.0 REVISION HISTORY 3.0 PURPOSE OF DOCUMENT 4.0 DATA GOVERNANCE PROGRAM FOUNDATIONAL ELEMENTS

More information

Integrated Financial Management Information System (IFMIS) Merger

Integrated Financial Management Information System (IFMIS) Merger for the Information System (IFMIS) Merger DHS/FEMA/PIA-020 December 16, 2011 Contact Point Michael Thaggard Office of Chief Financial Officer (202) 212-8192 Reviewing Official Mary Ellen Callahan Chief

More information

Department of Veterans Affairs VA Directive 6004 CONFIGURATION, CHANGE, AND RELEASE MANAGEMENT PROGRAMS

Department of Veterans Affairs VA Directive 6004 CONFIGURATION, CHANGE, AND RELEASE MANAGEMENT PROGRAMS Department of Veterans Affairs VA Directive 6004 Washington, DC 20420 Transmittal Sheet September 28, 2009 CONFIGURATION, CHANGE, AND RELEASE MANAGEMENT PROGRAMS 1. REASON FOR ISSUE: This Directive establishes

More information

CMS Policy for Configuration Management

CMS Policy for Configuration Management Chief Information Officer Centers for Medicare & Medicaid Services CMS Policy for Configuration April 2012 Document Number: CMS-CIO-POL-MGT01-01 TABLE OF CONTENTS 1. PURPOSE...1 2. BACKGROUND...1 3. CONFIGURATION

More information

BC Geographic Warehouse. A Guide for Data Custodians & Data Managers

BC Geographic Warehouse. A Guide for Data Custodians & Data Managers BC Geographic Warehouse A Guide for Data Custodians & Data Managers Last updated November, 2013 TABLE OF CONTENTS INTRODUCTION... 1 Purpose... 1 Audience... 1 Contents... 1 It's All About Information...

More information

Knowledgent White Paper Series. Developing an MDM Strategy WHITE PAPER. Key Components for Success

Knowledgent White Paper Series. Developing an MDM Strategy WHITE PAPER. Key Components for Success Developing an MDM Strategy Key Components for Success WHITE PAPER Table of Contents Introduction... 2 Process Considerations... 3 Architecture Considerations... 5 Conclusion... 9 About Knowledgent... 10

More information

The Bureau of the Fiscal Service. Privacy Impact Assessment

The Bureau of the Fiscal Service. Privacy Impact Assessment The Bureau of the Fiscal Service Privacy Impact Assessment The mission of the Bureau of the Fiscal Service (Fiscal Service) is to promote the financial integrity and operational efficiency of the federal

More information

Washington State s Use of the IBM Data Governance Unified Process Best Practices

Washington State s Use of the IBM Data Governance Unified Process Best Practices STATS-DC 2012 Data Conference July 12, 2012 Washington State s Use of the IBM Data Governance Unified Process Best Practices Bill Huennekens Washington State Office of Superintendent of Public Instruction,

More information

Human Resources Management. Portfolio Management Concept of Operations

Human Resources Management. Portfolio Management Concept of Operations Human Resources Management Portfolio Management Concept of Operations September 30, 2012 Table of Contents 1.0 Overview... 2 1.1 Background... 2 1.2 Purpose... 2 1.3 Organization of This Document... 2

More information

Department of Homeland Security Office of Inspector General. Review of U.S. Coast Guard Enterprise Architecture Implementation Process

Department of Homeland Security Office of Inspector General. Review of U.S. Coast Guard Enterprise Architecture Implementation Process Department of Homeland Security Office of Inspector General Review of U.S. Coast Guard Enterprise Architecture Implementation Process OIG-09-93 July 2009 Contents/Abbreviations Executive Summary...1 Background...2

More information

Data Management & Protection: Roles & Responsibilities

Data Management & Protection: Roles & Responsibilities Data Management & Protection: Roles & Responsibilities Document Version: 1.0 Effective Date: December, 2008 Original Issue Date: December, 2008 Most Recent Revision Date: November 29, 2011 Approval Authority:

More information

INFORMATION MANAGEMENT

INFORMATION MANAGEMENT United States Government Accountability Office Report to the Committee on Homeland Security and Governmental Affairs, U.S. Senate May 2015 INFORMATION MANAGEMENT Additional Actions Are Needed to Meet Requirements

More information

DEPARTMENTAL REGULATION

DEPARTMENTAL REGULATION U.S. DEPARTMENT OF AGRICULTURE WASHINGTON, D.C. 20250 DEPARTMENTAL REGULATION SUBJECT: Identity, Credential, and Access Management Number: 3640-001 DATE: December 9, 2011 OPI: Office of the Chief Information

More information

5 FAM 140 ACCEPTABILITY AND USE OF ELECTRONIC SIGNATURES

5 FAM 140 ACCEPTABILITY AND USE OF ELECTRONIC SIGNATURES 5 FAM 140 ACCEPTABILITY AND USE OF ELECTRONIC SIGNATURES 5 FAM 141 PURPOSE (CT-IM-112; 07-30-2010) (Office of Origin: IRM/OPS/ITI/SI/IIB) The purpose of this FAM chapter is to enable the Department to

More information

e-performance System

e-performance System Updated Privacy Impact Assessment for the e-performance System Contact Point John Allen HRMS Human Capital Business Systems Department of Homeland Security (202) 357-8285 Reviewing Official Hugo Teufel

More information

Privacy Impact Assessment. For Personnel Development Program Data Collection System (DCS) Date: June 1, 2014

Privacy Impact Assessment. For Personnel Development Program Data Collection System (DCS) Date: June 1, 2014 For Personnel Development Program Data Collection System (DCS) Date: June 1, 2014 Point of Contact: Marlene Simon-Burroughs Marlene.Simon-Burroughs@ed.gov System Owner: Bonnie Jones Bonnie.Jones@ed.gov

More information

USAID Management Operations Council Charter

USAID Management Operations Council Charter USAID Management Operations Council Charter Version 1.0 Date: August 1, 2011 TABLE OF CONTENTS 1. INTRODUCTION... 1 1.1 PURPOSE... 1 1.2 OBJECTIVE... 1 1.3 SCOPE... 1 2. OVERVIEW OF THE MOC... 1 2.1 MOC

More information

POLICY AND PROCEDURES OFFICE OF STRATEGIC PROGRAMS. CDER Informatics Governance Process. Table of Contents

POLICY AND PROCEDURES OFFICE OF STRATEGIC PROGRAMS. CDER Informatics Governance Process. Table of Contents CENTER FOR DRUG EVALUATION AND RESEARCH MAPP 7600.8 Rev. 1 POLICY AND PROCEDURES OFFICE OF STRATEGIC PROGRAMS CDER Informatics Governance Process Table of Contents PURPOSE...1 BACKGROUND...1 POLICY...2

More information

FEDERAL CHIEF INFORMATION OFFICERS COUNCIL CHARTER

FEDERAL CHIEF INFORMATION OFFICERS COUNCIL CHARTER FEDERAL CHIEF INFORMATION OFFICERS COUNCIL CHARTER NOVEMBER 2012 NAME OF ORGANZATION Federal Chief Information Officers Council Federal CIO Council AUTHORITY Established by Executive Order 13011 (Federal

More information

NATIONAL CREDIT UNION ADMINISTRATION OFFICE OF INSPECTOR GENERAL

NATIONAL CREDIT UNION ADMINISTRATION OFFICE OF INSPECTOR GENERAL NATIONAL CREDIT UNION ADMINISTRATION OFFICE OF INSPECTOR GENERAL FY 2015 INDEPENDENT EVALUATION OF THE EFFECTIVENESS OF NCUA S INFORMATION SECURITY PROGRAM UNDER THE FEDERAL INFORMATION SECURITY MODERNIZATION

More information

Office of Financial Research Constituent Relationship Management Tool Privacy Impact Assessment ( PIA ) April, 2015

Office of Financial Research Constituent Relationship Management Tool Privacy Impact Assessment ( PIA ) April, 2015 Office of Financial Research Constituent Relationship Management Tool Privacy Impact Assessment ( PIA ) April, 2015 A. Identification System Name: OMB Unique Identifier: System Owner: Constituent Relationship

More information

Seeing Though the Clouds

Seeing Though the Clouds Seeing Though the Clouds A PM Primer on Cloud Computing and Security NIH Project Management Community Meeting Mark L Silverman Are You Smarter Than a 5 Year Old? 1 Cloud First Policy Cloud First When evaluating

More information

5 FAM 1060 INFORMATION ASSURANCE MANAGEMENT

5 FAM 1060 INFORMATION ASSURANCE MANAGEMENT 5 FAM 1060 INFORMATION ASSURANCE MANAGEMENT 5 FAM 1061 GENERAL (CT:IM-141; 06-07-2013) (Office of Origin: IRM/IA) a. The Chief Information Security Officer (CISO) operates under the direction and supervision

More information

NSW Data & Information Custodianship Policy. June 2013 v1.0

NSW Data & Information Custodianship Policy. June 2013 v1.0 NSW Data & Information Custodianship Policy June 2013 v1.0 CONTENTS 1. PURPOSE... 4 2. INTRODUCTION... 4 2.1 Information Management Framework... 4 2.2 Data and information custodianship... 4 2.3 Terms...

More information

Department of Veterans Affairs VA Directive 0054. VA Enterprise Risk Management (ERM)

Department of Veterans Affairs VA Directive 0054. VA Enterprise Risk Management (ERM) Department of Veterans Affairs VA Directive 0054 Washington, DC 20420 Transmittal Sheet April 8, 2014 VA Enterprise Risk Management (ERM) 1. REASON FOR ISSUE: This directive provides guidelines to help

More information

STATEMENT OF. Dr. David McClure Associate Administrator Office of Citizen Services and Innovative Technologies General Services Administration

STATEMENT OF. Dr. David McClure Associate Administrator Office of Citizen Services and Innovative Technologies General Services Administration STATEMENT OF Dr. David McClure Associate Administrator Office of Citizen Services and Innovative Technologies General Services Administration BEFORE THE HOUSE COMMITTEE ON OVERSIGHT AND GOVERNMENT REFORM

More information

Information Security Guide For Government Executives. Pauline Bowen Elizabeth Chew Joan Hash

Information Security Guide For Government Executives. Pauline Bowen Elizabeth Chew Joan Hash Information Security Guide For Government Executives Pauline Bowen Elizabeth Chew Joan Hash Introduction Table of Contents Introduction 1 Why do I need to invest in information security? 2 Where do I need

More information

SLCM Framework (Version 2003.1) Roles and Responsibilities As of January 21, 2005

SLCM Framework (Version 2003.1) Roles and Responsibilities As of January 21, 2005 SLCM Framework (Version 2003.1) Roles and Responsibilities As of January 21, 2005 ROLE RESPONSIBILITY REVIEW SIGN- OFF CTO Manage IT assets to meet corporate goals Establish and chair the Information Technology

More information