U. S. Department of Justice
Information Technology Strategic Plan

Appendix A

Statutory Framework for Managing IT

Year Public Law Title Description
1990 (November) 101-576 Chief Financial Officers Act (CFO) The CFO Act lays a foundation for comprehensive reform of Federal financial management. The act establishes a leadership structure, provides for long-range planning, requires audited financial statements, and strengthens accountability reporting. Federal financial managers, auditors, and program managers at all levels of government will take necessary actions required under the CFO Act to improve financial management systems and information.
1993 (January) 103-62 Government Performance and Results Act (GPRA) Intended to improve Federal program effectiveness and public accountability by focusing on results, service quality, and customer satisfaction. Mandates adoption of strategic and annual planning processes-to be tied to the budget and authorization cycles, and based on established and measurable performance indicators-to inform Congress and the public of: (1) performance goals for agencies' major program and activities; (2) measures used to gauge performance; (3) strategies and resources-e.g. skills, technology, human, capital, information, and other resources-required to meet performance goals; (4) procedures used to verify and validate performance; and (5) performance compared with established goals, including reasons goals were not met, and action plans and schedules for meeting unmet goals.
1994 (October) 103-355 Federal Acquisition Streamlining Act (FASA) Requires agencies to define cost, schedule, and performance goals for Federal acquisition programs (to include IT projects) and monitor these programs to ensure that they remain within prescribed tolerances. If a program fails tolerance, FASA requires the agency head to review, take necessary actions, and, if necessary, terminate the program.
1995 (October) 104-13 Paperwork Reduction Act (PRA) Requires agencies to minimize the paperwork burden for individuals; small businesses; educational and non-profit institutions; Federal contractors; State, local and tribal governments; and other persons; resulting from the collection of information by or for the Federal Government.
1996 (February) 104-106 Clinger-Cohen Act (CCA) Also known as the Information Technology Management Reform Act (ITMRA), requires Federal agencies to focus more on the results achieved through IT investments while streamlining the Federal IT procurement process. This act introduces much more rigor and structure into how agencies approach the selection and management of IT projects, and describes a Capital Planning and Investment Control process as a method for advancing this discipline.
1998 (January) 100-235 Computer Security Act of 1987 Assigns the National Institute of Standards and Technology (formerly known as the Bureau of Standards) responsibility for developing standards and guidelines for Federal computer systems, including responsibility for developing standards and guidelines needed to assure the cost-effective security and privacy of sensitive information in Federal computers systems, drawing on the technical advice and assistance of the National Security Agency where appropriate; to provide for promulgation of such standards and guidelines; to require establishment of security plans by all operators of Federal computer systems that contain sensitive information; and to require mandatory periodic training for all persons involved in management, use, or operation of Federal computer systems that contain sensitive information.
1998 (August) 105-220 Electronic and Information Technology Regulations (Section 508 of the Workforce Investment Act of 1998) Requires the Federal government to provide accessibility, unless an undue burden would be imposed on the department or agency, in the development, procurement, maintenance, or use of electronic and information technology, so that the electronic and information technology allows, regardless of the type of medium of the technology--individuals with disabilities who are Federal employees and members of the public seeking information or services from a Federal department to have access to and use of information and data that is comparable to the access to and use of the information and data by such members of the public who are not individuals with disabilities.
1998 (October) 105-277 Government Paperwork Elimination Act (GPEA) Requires the Office of Management and Budget (OMB) to include alternative information technologies that provide for electronic submission, maintenance, or disclosure of information as a substitute for paper and for the use and acceptance of electronic signatures. The act also directs OMB to set procedures for use and acceptance of electronic signatures by Federal agencies, and to develop procedures to permit private employers to store, and to file electronically with Federal agencies, forms pertaining to their employees. Also, Federal agencies will eventually be required to accept those electronic submissions except when they are impractical or inappropriate.
106-229 Electronic Signatures in Global and National Commerce Act Facilitates the use of electronic records and signatures in interstate or foreign commerce.
2000 (October) 106-398 Government Information Security Reform Act (GISRA) (Title X, Subtitle G of the Defense Authorization Act) Provides a comprehensive framework for establishing and ensuring the effectiveness of controls over information resources that support Federal operations and assets; recognizes the highly networked nature of the Federal computing environment including the need for Federal government interoperability and, in the implementation of improved security management measures, assure that opportunities for interoperability are not adversely affected; provides effective government wide management and oversight of the related information security risks, including coordination of information security efforts throughout the civilian, national security, and law enforcement communities; provides for development and maintenance of minimum controls required to protect Federal information and information systems; and provides a mechanism for improved oversight of Federal agency information security programs.