[Federal Register Volume 77, Number 48 (Monday, March 12, 2012)]
[Notices]
[Pages 14525-14527]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2012-5862]
=======================================================================
-----------------------------------------------------------------------
DEPARTMENT OF HEALTH AND HUMAN SERVICES
Centers for Disease Control and Prevention
Statement of Organization, Functions, and Delegations of
Authority
Part C (Centers for Disease Control and Prevention) of the
Statement of Organization, Functions, and Delegations of Authority of
the Department of Health and Human Services (45 FR 67772-76, dated
October 14, 1980, and corrected at 45 FR 69296, October 20, 1980, as
amended most recently at 77 FR 5804-5812, dated February 6, 2012) is
amended to reflect the reorganization of the Office of the Chief
Operating Officer, Office of the Director, Centers for Disease Control
and Prevention.
Section C-B, Organization and Functions, is hereby amended as
follows:
Delete in its entirety the functional statement for the Office of
the Chief Operating Officer (CAJ), and insert the following:
Office of the Chief Operating Officer (CAJ). (1) Provides mission
and values-based leadership, direction, support and assistance to CDC's
programs and activities to enhance CDC's strategic position in public
health; ensure responsible stewardship; maintain core values; optimize
operational effectiveness of business services; and institutionalize
accountability for achieving management initiatives; (2) directs the
conduct of operational
[[Page 14526]]
activities undertaken by Agency program support and management service
staff, including, among others, facilities and real property planning
and management; grants, procurement and materiel management; human
resources management; information technology and systems planning and
support; internal security and emergency preparedness; and management
analysis and services; (3) manages the planning, evaluation, and
implementation of continuous improvement and reengineering initiatives
and adoption of innovations and technologies in these areas and ensures
that they are undertaken in a comprehensive and integrated manner and
with consideration of strategic implications for human capital
planning; (4) maintains liaison with officials of DHHS responsible for
the direction and conduct of DHHS program support and management
services functions; (5) participates in the development of CDC's goals
and objectives; (6) provides assistance to DHHS officials and to CDC's
Centers/Institute/Offices (CI0s) to assure that the human resources of
CDC are sufficient in numbers, training, and diversity to effectively
conduct the public health mission of CDC; (7) provides direction for
the Agency's ethics program and activities associated with Departmental
and Presidential management initiatives; (8) provides direction in
establishing accountable measures for financial management of both
budget estimating and execution processes agencywide; and (9) provides
guidance and ensures compliance with the budget priorities established
by the Office of the Director, CDC.
Delete in their entirety the title and functional statement for the
Administrative Services and Program Office (CAJ12).
After the functional statement for the Office of the Director
(CAJ1), Office of the Chief Operating Officer (CAJ), insert the
following:
Office of the Chief Financial Officer (CAJ1P). The Office of the
Chief Financial Officer (OCFO), located within the Office of the Chief
Operating Officer (OCOO), addresses agency-wide fiscal accountability
and oversight. The OCFO supports CDC's mission to ``save money through
prevention'' by ensuring appropriate fiscal stewardship of the tax
payer dollar while CDC accomplishes its activities in the areas of
disease research, prevention, and early detection. Accordingly, the
OCFO: (1) Manages the financial risk of the agency; (2) provides
oversight of the agency's financial activities and accounting
practices; (3) performs reviews and training in high risk areas for
both the agency and the Department where there appears to be fiscal
vulnerabilities; (4) provides expertise in interpreting appropriations
law issues and financial policy matters; (5) assists in the receipt,
distribution and monitoring of agency issues submitted by the Office of
the Inspector General Hotline; (6) advises and assists the CDC
Director, the Chief Operating Officer, and other key agency officials
(both in Program and Business Service Offices) on all fiscal aspects of
the agency; and (7) provides support for public health by ensuring that
appropriated funds provided to the agency are utilized, in compliance
with Congressional mandate, for the sole purpose of preventing and
controlling infectious diseases domestically and globally.
Delete in its entirety the title for the Human Capital Management
Office (CAJQ), and insert the title Human Capital and Resources
Management Office (CAJQ).
After the title and functional statements for the Human Capital and
Resources Management Office (CAJQ), insert the following:
Office of the Chief Information Officer (CAJR). The mission of the
Office of the Chief Information Officer (OCIO) is to administer CDC's
information resources and information technology programs including
collection, management, use, and disposition of data and information
assets; development, acquisition, operation, maintenance, and
retirement of information systems and information technologies; IT
capital planning; enterprise architecture; information security;
education, training, and workforce development in information and IT
disciplines; development and oversight of information and IT policies,
standards, and guidance; and administration of certain other general
management functions and services for CDC.
Office of the Director (CAJR1). (1) Provides leadership, direction,
support and assistance to CDC's programs and activities to enhance
CDC's strategic position in public health informatics; information
technology, and other information areas to optimize operational
effectiveness support of CDC's mission and business services; (2)
coordinates and oversees all CDC efforts in these areas; (3) serves as
the accountable focus for CDC in these program areas and represents CDC
with various external stakeholders, collaborators, service providers,
oversight organizations, and others; (4) maintains liaison with
officials of HHS responsible for the direction and conduct of such
functions; and (5) directs the operations of offices within the OCIO to
ensure effective and efficient service delivery and alignment with CDC
strategic direction.
Enterprise Information Technology Portfolio Office (CAJR12). (1)
Leads, plans, and manages CDC's information technology (IT) budget
development and review processes; (2) plans and directs the Capital
Planning Investment Control processes including investment selection,
control and evaluation, business case analyses, lifecycle reviews,
portfolio development, performance measures, and investment
prioritization procedures; (3) develops and monitors earned value
management analyses of project cost, schedule and deliverable
commitments; (4) provides guidance to program and project managers on
the use of the tools for preparing investment documentation that meet
CDC, HHS, and OMB requirements; (5) develops CDC IT strategic and
tactical plans; (6) leads development of the enterprise architecture
and transition strategies; (7) collaborates with CDC staff to develop
business process models for CDC public health functions; (8) develops
and maintains a shared services catalog to promote reuse of existing
resources; (9) supports CDC information resource governance structures
including common processes, tools, techniques; (10) identifies needs
and develops strategies and approaches to acquire and manage enterprise
statistical software licenses; and (11) develops internal cost
allocation methods and coordinates allocation of costs for annual
license renewal payments.
Freedom of Information Act Office (CAJR13). (1) Leads and
administers the Freedom of Information Act (FOIA) program for CDC and
ATSDR; (2) reviews, analyzes, redacts as necessary, and releases
documents to the public under the provisions of the Act; (3) tracks and
monitors FOIA requests and responses to ensure timely and appropriate
responses; (4) provides guidance to employees, supervisors, management,
OGC and high-level agency officials on various aspects of the Act; (5)
interprets and applies legal and technical precedents, laws and
regulations relating to FOIA issues; and (6) provides training to
program staff and management concerning FOIA requirements and
processing.
CIMS Program Management Office (CAJR14). (1) Plans, develops,
manages, and conducts oversight of CDC's information services
contracts; (2) coordinates and facilitates contracts use including
requirements development, specifications, performance needs, quality
assurance and service delivery, and contract administration; and (3)
[[Page 14527]]
provides guidance and assistance to programs on the various aspects of
the contracts to meet their requirements.
Remove all CAJD standard administrative codes for the Information
Technology Services Office (CAJD), and replace with the following:
Information Technology Services Office (CAJRB), Office of the
Director (CAJRB1), Operations Branch (CARBB), Network Technology Branch
(CAJRBC), Customer Services Branch (CAJRBD).
Remove all CAJG standard administrative codes for the Management
Analysis and Services Office (CAJG), and replace with the following:
Management Analysis and Services Office (CAJRC), Office of the
Director (CAJRC1), Management Assessment Branch (CAJRCB), Information
Services Branch (CAJRCC), Business Process Analysis Branch (CAJRCD),
Federal Advisory Committee Management Branch (CAJRCE),
Remove the CAJN standard administrative code for the Management
Information Systems Office (CAJN), and replace with Management
Information Systems Office (CAJRD).
After the functional statement for the Management Information
Systems Office (CAJRD), insert the following:
Office of the Chief Information Security Officer (CAJRE). The
mission of the Office of the Chief Information Security Officer (OCISO)
is to administer CDC's information security program to protect CDC's
information, information systems, and information technology
commensurate with the risk and magnitude of harm resulting from the
unauthorized access, use, disclosure, disruption, modification, or
destruction of information collected or maintained by or on behalf of
the agency.
Office of the Director (CAJRE1). (1) Manages and directs the
activities and functions of the Office of the Chief Information
Security Officer; (2) develops and maintains a CDC-wide information
security program; (3) develops and maintains information security
policies, procedures and control techniques to address the
responsibilities assigned to the CDC under the Federal Information
Security Management Act of 2002 (FISMA) and other governing statutes,
regulations, and policies; (4) coordinates the professional development
and operating procedures of CDC staff substantially involved in
information security responsibilities; (5) assists CDC senior
management concerning their FISMA responsibilities; and (6) ensures
privacy management so personally identifiable information is
appropriately collected, processed, stored and protected.
Operations, Analysis and Response Branch (CAJREB). (1) Performs
continuous monitoring functions including enterprise security log
correlation, vulnerability and compliance scanning and risk
assessments; (2) performs network monitoring, security event
correlation, forensic investigations, data recovery and malware
analysis; (3) develops and maintains the CDC Computer Security Incident
Response Team; (4) performs cyber security incident reporting according
to US-CERT reporting guidelines; (5) facilitates cyber security
incident remediation; (6) coordinates with law enforcement agencies and
participates in cyber security intelligence activities; (7) develops
enterprise security architecture, firewall management, cyber security
tool management and CDC information resource governance--security
component; and (8) supports OCISO IT operations; and (9) performs
security product research and development, evaluation and testing.
Policy and Planning Branch (CAJREC). (1) Coordinates compliance and
audit reviews; (2) develops cyber security policies and standards; (3)
conducts system security tests and evaluations and identifies,
assesses, prioritizes, and monitors the progress of corrective efforts
for security weaknesses found in programs and systems; (4) maintains
the Security Awareness Training program and coordinates significant
security responsibilities and IT security training; (5) reviews and
approves security and privacy related elements of OMB business cases;
(6) conducts OCISO internal audit program and contract language reviews
for information security and privacy act clearance decisions; (7)
coordinates critical infrastructure protection continuity operations
plans, data call management, E-Authentication and security requirements
of CDC information system development; (8) conducts security reviews of
non-standard software for use at CDC; and (9) coordinates FISMA
security milestone oversight reporting and is the Office of Inspector
General and Government Accounting Office Audit Liaison.
Dated: March 5, 2012.
Thomas R. Frieden,
Director, Centers for Disease Control and Prevention.
[FR Doc. 2012-5862 Filed 3-9-12; 8:45 am]
BILLING CODE 4160-18-M