Tap any paragraph to write a margin note. Your notes collect in the Desk below the text and file under cases with @. The side-by-side margin rail opens on a larger screen.

§
Marginalia
Code · BILL · 117th Congress · H.R. 4357 (Introduced in House) — To amend the Homeland Security Act of 2002 to make certain reforms to the Department of Homeland Security, and for ot... · Sec. 304

Sec. 304. Chief Information Officer

1,507 words·~7 min read·/bill/117/hr/4357/ih/section-304·

A research copy — for the controlling text, always check the official state or federal source. Not legal advice.

Section 703 of the Homeland Security Act of 2002 ( 6 U.S.C. 343 ) is amended— in subsection (a), by adding at the end the following new sentence: In addition to the functions under section 3506(a)(2) of title 44, United States Code, the Chief Information Officer shall perform the functions set forth in this section and such other functions as may be assigned by the Secretary. ; by redesignating subsection
(b)as subsection (f); by inserting after subsection
(a)the following new subsections: The Chief Information Officer shall— serve as the lead technical authority for information technology programs of the Department; advise and assist the Secretary, heads of the components of the Department, and other senior officials in carrying out the responsibilities of the Department with respect to information technology for all activities relating to the budget, programs, security, and operations; to the extent delegated by the Secretary, exercise authority over Department information technology management and establish the information technology priorities, policies, processes, standards, guidelines, and procedures of the Department to ensure interoperability and standardization of information technology; establish criteria for— identifying mission critical and mission essential information systems of the Department; maintaining a consolidated inventory of such systems; and developing and maintaining contingency plans for responding to a disruption in the operation of any of such systems; maintain the security, visibility, reliability, integrity, and availability of data and information technology of the Department; in consultation with the Chief Procurement Officer of the Department, establish and implement policies and procedures to identify and manage vulnerabilities in the supply chain relating to the purchase of information technology; review contracts and interagency agreements associated with major information technology investments and information technology investments that have had cost, schedule, or performance challenges in the past; assess the risk of all major information technology investments and publicly report the risk rating to the Office of Management and Budget; and carry out any other responsibilities delegated by the Secretary consistent with an effective information system management function. Not later than October 1, 2023, and every five years thereafter, the Chief Information Officer, in coordination with the Chief Financial Officer, shall submit to the appropriate congressional committees a successor information technology strategic plan. The strategic plan required under paragraph
(1)shall include the following: An analysis to determine if the budget of the Department aligns with priorities specified in the information technology strategic plan required under paragraph (1). Information relating to— the information technology priorities of the Department; whether such priorities were funded by the Department; and if such priorities were not so funded, the reasons relating thereto. Information relating to the Department identifying and addressing skills gaps needed to implement the information technology strategic plan. Information relating to the identification of duplicate information technology within the components of the Department and the removal of such technology. In addition to the responsibilities specified in section 11315 of title 40, United States Code, the Chief Information Officer, in consultation with the Under Secretary for Management, shall— oversee the management of the Homeland Security Enterprise Architecture; ensure that before each acquisition decision event (as such term is defined in section 830), information technology aspects of acquisition programs comply with any departmental information technology management requirements, security protocols, and the Homeland Security Enterprise Architecture; and provide recommendations relating to information technology programs and developing information technology acquisitions strategic guidance to the Acquisition Review Board of the Department. In this section, the term appropriate congressional committees means— the Committee on Homeland Security and the Committee on Appropriations of the House of Representatives; and the Committee on Homeland Security and Governmental Affairs and the Committee on Appropriations of the Senate. ; and by adding at the end the following new subsection: The Secretary, in consultation with the Chief Information Officer, shall designate a career appointee of the Department as the Chief Data Officer of the Department. The Chief Data Officer shall possess training and experience with respect to management, governance, generation, collection, protection, analysis, use, and sharing of data, including the protection and de-identification of personally identifiable information. The Chief Data Officer, in addition to carrying out the functions set forth in section 3520 of title 44, United States Code, shall be responsible for the following: Ensuring the Department conforms with data management best practices recognized across the private sector and the Federal Government. Coordinating the organization and integration of data across the Department for improved interoperability, analysis, and decision-making. Reviewing the impact of the infrastructure of the Department regarding data integrity and interoperability. Coordinating the release of data for public use following appropriate privacy reviews within the Department, as coordinated with the Chief Privacy Officer of the Department. Promoting innovation in the use of data by the Department to improve Department management and operations. Coordinating the storage of Department records in accordance with the General Records Schedules of the National Archives and Records Administration. Publishing guidance for revising record schedule proposals, including guidelines for keeping a written record of justification for such revisions. Overseeing, in consultation with the Chief Privacy Officer, as appropriate, the compliance of the Department with respect to— issuing guidelines ensuring the quality, objectivity, utility, and integrity of information, including statistical information; establishing administrative mechanisms that allow affected persons to seek and obtain correction of information maintained and disseminated by relevant components of the Department that does not comply with the guidelines of the Department; and reporting to the Director of the Office of Management and Budget the number and nature of complaints received by relevant components of the Department relating to the accuracy of information disseminated and the handling of such complaints by such components. Coordinating with appropriate officials of the Department, including the Chief Privacy Officer, component privacy officers, component Chief Data Officers, and program managers, regarding the use of data within their respective components and under their authorities. Serving as the liaison to the Office of Management and Budget and other Federal agencies with respect to using existing Department data for statistical purposes. The heads of each operational component of the Department, in consultation with the Chief Data Officer of the Department and the Chief Information Officer of such component, shall designate a career appointee from each such component as the Chief Data Officer of such component. Each such component Chief Data Officer shall— possess the qualifications described in paragraph (2); and coordinate with and assist the Chief Data Officer of the Department in the implementation of the functions specified in subparagraphs
(A)through
(F)of paragraph
(3)for their respective component. Not later than 180 days after the date of the enactment of this subsection and annually thereafter, the Secretary shall submit to the Committee on Homeland Security of the House of Representatives and the Committee on Homeland Security and Governmental Affairs of the Senate a report relating to the implementation of this subsection and any concerns regarding such implementation. In this subsection, the term career appointee has the meaning given such term in section 3132 of title 5, United States Code. . Not later than 180 days after the date of the enactment of this Act and every two years thereafter until 2025, the Chief Information Officer of the Department, in consultation with Department component chief information officers, shall submit to the Secretary, the Committee on Homeland Security of the House of Representatives, and the Committee on Homeland Security and Governmental Affairs of the Senate a report relating to the software licenses of the Department. The report required under subparagraph
(A)shall include— a Department-wide inventory of all existing software licenses held by the Department; an assessment of— the needs of the Department and the components of the Department with respect to software licenses for the subsequent two fiscal years; how the Department can achieve the greatest possible economies of scale and cost savings in the procurement of software licenses; and how the use of shared cloud-computing services will impact the needs for software licenses for the subsequent two fiscal years; and plans for eliminating unutilized software licenses for the subsequent two fiscal years. Not later than 90 days after the date on which the report required under paragraph
(1)is submitted, if the Chief Information Officer of the Department determines the number of software licenses held by the Department and the components of the Department exceed the needs of the Department pursuant to the findings of such report, the Secretary shall establish a plan for reducing the number of such software licenses to meet the needs of the Department. Not later than December 30, 2023, the Comptroller General shall report on the extent to which the Chief Information Officer of the Department has fulfilled all requirements established by this section and the amendments made by this section. Not later than one year after the date of the enactment of this Act, the Chief Information Officer of the Department shall complete the first information technology strategic plan required under subsection
(c)of section 701 of the Homeland Security Act of 2002, as added by subsection
(a)of this section.
Connectionstraces to 1
Traces to 1 document
Citation graph
cites case law
Sec. 304
Chief Information Officer
U.S.C.§ 343
Cites 1Cited by 0 across 0 sources
★   the supreme law of the land   ★
Don't Tread on Me
E Pluribus Unum — out of many, one

"If you don't know your rights, you don't have any."

Marginalia · a citizen's law index
A research desk, not legal advice. Always read the cited source before relying on a summary.
Questions or an issue? support@self-law.org
disclaimerMarginalia is a research index, not a law firm. Nothing on this site is legal, tax, or financial advice and no attorney–client relationship is formed by using it. Statutes, regulations, and case law change; summaries, search results, AI output, and member posts may be incomplete, out of date, or wrong. Any interpretation drawn from material on this site should be validated by a licensed attorney in your jurisdiction before you act on it.