(a)(1) The head of each agency shall be responsible for—
(A) carrying out the agency's information resources management activities to improve agency productivity, efficiency, and effectiveness; and
(B) complying with the requirements of this subchapter and related policies established by the Director.
(2)(A) Except as provided under subparagraph (B), the head of each agency shall designate a Chief Information Officer who shall report directly to such agency head to carry out the responsibilities of the agency under this subchapter.
(B) The Secretary of the Department of Defense and the Secretary of each military department may each designate Chief Information Officers who shall report directly to such Secretary to carry out the responsibilities of the department under this subchapter. If more than one Chief Information Officer is designated, the respective duties of the Chief Information Officers shall be clearly delineated.
(3) The Chief Information Officer designated under paragraph (2) shall head an office responsible for ensuring agency compliance with and prompt, efficient, and effective implementation of the information policies and information resources management responsibilities established under this subchapter, including the reduction of information collection burdens on the public. The Chief Information Officer and employees of such office shall be selected with special attention to the professional qualifications required to administer the functions described under this subchapter.
(4) Each agency program official shall be responsible and accountable for information resources assigned to and supporting the programs under such official. In consultation with the Chief Information Officer designated under paragraph (2) and the agency Chief Financial Officer (or comparable official), each agency program official shall define program information needs and develop strategies, systems, and capabilities to meet those needs.
(b) With respect to general information resources management, each agency shall—
(1) manage information resources to—
(A) reduce information collection burdens on the public;
(B) increase program efficiency and effectiveness; and
(C) improve the integrity, quality, and utility of information to all users within and outside the agency, including capabilities for ensuring dissemination of public information, public access to government information, and protections for privacy and security;
(2) in accordance with guidance by the Director, develop and maintain a strategic information resources management plan that shall describe how information resources management activities help accomplish agency missions;
(3) develop and maintain an ongoing process to—
(A) ensure that information resources management operations and decisions are integrated with organizational planning, budget, financial management, human resources management, and program decisions;
(B) in cooperation with the agency Chief Financial Officer (or comparable official), develop a full and accurate accounting of information technology expenditures, related expenses, and results; and
(C) establish goals for improving information resources management's contribution to program productivity, efficiency, and effectiveness, methods for measuring progress towards those goals, and clear roles and responsibilities for achieving those goals;
(4) in consultation with the Director, the Administrator of General Services, and the Archivist of the United States, maintain a current and complete inventory of the agency's information resources, including directories necessary to fulfill the requirements of section 3511 of this subchapter; and
(5) in consultation with the Director and the Director of the Office of Personnel Management, conduct formal training programs to educate agency program and management officials about information resources management.
(c) With respect to the collection of information and the control of paperwork, each agency shall—
(1) establish a process within the office headed by the Chief Information Officer designated under subsection (a), that is sufficiently independent of program responsibility to evaluate fairly whether proposed collections of information should be approved under this subchapter, to—
(A) review each collection of information before submission to the Director for review under this subchapter, including—
(i) an evaluation of the need for the collection of information;
(ii) a functional description of the information to be collected;
(iii) a plan for the collection of the information;
(iv) a specific, objectively supported estimate of burden;
(v) a test of the collection of information through a pilot program, if appropriate; and
(vi) a plan for the efficient and effective management and use of the information to be collected, including necessary resources;
(B) ensure that each information collection—
(i) is inventoried, displays a control number and, if appropriate, an expiration date;
(ii) indicates the collection is in accordance with the clearance requirements of section 3507; and
(iii) informs the person receiving the collection of information of—
(I) the reasons the information is being collected;
(II) the way such information is to be used;
(III) an estimate, to the extent practicable, of the burden of the collection;
(IV) whether responses to the collection of information are voluntary, required to obtain a benefit, or mandatory; and
(V) the fact that an agency may not conduct or sponsor, and a person is not required to respond to, a collection of information unless it displays a valid control number; and
(C) assess the information collection burden of proposed legislation affecting the agency;
(2)(A) except as provided under subparagraph (B) or section 3507(j), provide 60-day notice in the Federal Register, and otherwise consult with members of the public and affected agencies concerning each proposed collection of information, to solicit comment to—
(i) evaluate whether the proposed collection of information is necessary for the proper performance of the functions of the agency, including whether the information shall have practical utility;
(ii) evaluate the accuracy of the agency's estimate of the burden of the proposed collection of information;
(iii) enhance the quality, utility, and clarity of the information to be collected; and
(iv) minimize the burden of the collection of information on those who are to respond, including through the use of automated collection techniques or other forms of information technology; and
(B) for any proposed collection of information contained in a proposed rule (to be reviewed by the Director under section 3507(d)), provide notice and comment through the notice of proposed rulemaking for the proposed rule and such notice shall have the same purposes specified under subparagraph (A)(i) through (iv);
(3) certify (and provide a record supporting such certification, including public comments received by the agency) that each collection of information submitted to the Director for review under section 3507—
(A) is necessary for the proper performance of the functions of the agency, including that the information has practical utility;
(B) is not unnecessarily duplicative of information otherwise reasonably accessible to the agency;
(C) reduces to the extent practicable and appropriate the burden on persons who shall provide information to or for the agency, including with respect to small entities, as defined under section 601(6) of title 5, the use of such techniques as—
(i) establishing differing compliance or reporting requirements or timetables that take into account the resources available to those who are to respond;
(ii) the clarification, consolidation, or simplification of compliance and reporting requirements; or
(iii) an exemption from coverage of the collection of information, or any part thereof;
(D) is written using plain, coherent, and unambiguous terminology and is understandable to those who are to respond;
(E) is to be implemented in ways consistent and compatible, to the maximum extent practicable, with the existing reporting and recordkeeping practices of those who are to respond;
(F) indicates for each recordkeeping requirement the length of time persons are required to maintain the records specified;
(G) contains the statement required under paragraph (1)(B)(iii);
(H) has been developed by an office that has planned and allocated resources for the efficient and effective management and use of the information to be collected, including the processing of the information in a manner which shall enhance, where appropriate, the utility of the information to agencies and the public;
(I) uses effective and efficient statistical survey methodology appropriate to the purpose for which the information is to be collected; and
(J) to the maximum extent practicable, uses information technology to reduce burden and improve data quality, agency efficiency and responsiveness to the public; and
(4) in addition to the requirements of this chapter regarding the reduction of information collection burdens for small business concerns (as defined in section 3 of the Small Business Act (15 U.S.C. 632)), make efforts to further reduce the information collection burden for small business concerns with fewer than 25 employees.
(d) With respect to information dissemination, each agency shall—
(1) ensure that the public has timely and equitable access to the agency's public information, including ensuring such access through—
(A) encouraging a diversity of public and private sources for information based on government public information;
(B) in cases in which the agency provides public information maintained in electronic format, providing timely and equitable access to the underlying data (in whole or in part); and
(C) agency dissemination of public information in an efficient, effective, and economical manner;
(2) regularly solicit and consider public input on the agency's information dissemination activities;
(3) provide adequate notice when initiating, substantially modifying, or terminating significant information dissemination products; and
(4) not, except where specifically authorized by statute—
(A) establish an exclusive, restricted, or other distribution arrangement that interferes with timely and equitable availability of public information to the public;
(B) restrict or regulate the use, resale, or redissemination of public information by the public;
(C) charge fees or royalties for resale or redissemination of public information; or
(D) establish user fees for public information that exceed the cost of dissemination.
(e) With respect to statistical policy and coordination, each agency shall—
(1) ensure the relevance, accuracy, timeliness, integrity, and objectivity of information collected or created for statistical purposes;
(2) inform respondents fully and accurately about the sponsors, purposes, and uses of statistical surveys and studies;
(3) protect respondents' privacy and ensure that disclosure policies fully honor pledges of confidentiality;
(4) observe Federal standards and practices for data collection, analysis, documentation, sharing, and dissemination of information;
(5) ensure the timely publication of the results of statistical surveys and studies, including information about the quality and limitations of the surveys and studies; and
(6) make data available to statistical agencies and readily accessible to the public.
(f) With respect to records management, each agency shall implement and enforce applicable policies and procedures, including requirements for archiving information maintained in electronic format, particularly in the planning, design and operation of information systems.
(g) With respect to privacy and security, each agency shall—
(1) implement and enforce applicable policies, procedures, standards, and guidelines on privacy, confidentiality, security, disclosure and sharing of information collected or maintained by or for the agency; and
(2) assume responsibility and accountability for compliance with and coordinated management of sections 552 and 552a of title 5, subchapter II of this chapter, and related information management laws.
(h) With respect to Federal information technology, each agency shall—
(1) implement and enforce applicable Governmentwide and agency information technology management policies, principles, standards, and guidelines;
(2) assume responsibility and accountability for information technology investments;
(3) promote the use of information technology by the agency to improve the productivity, efficiency, and effectiveness of agency programs, including the reduction of information collection burdens on the public and improved dissemination of public information;
(4) propose changes in legislation, regulations, and agency procedures to improve information technology practices, including changes that improve the ability of the agency to use technology to reduce burden; and
(5) assume responsibility for maximizing the value and assessing and managing the risks of major information systems initiatives through a process that is—
(A) integrated with budget, financial, and program management decisions; and
(B) used to select, control, and evaluate the results of major information systems initiatives.
(i)(1) In addition to the requirements described in subsection (c), each agency shall, with respect to the collection of information and the control of paperwork, establish 1 point of contact in the agency to act as a liaison between the agency and small business concerns (as defined in section 3 of the Small Business Act (15 U.S.C. 632)).
(2) Each point of contact described under paragraph (1) shall be established not later than 1 year after the date of enactment of the Small Business Paperwork Relief Act of 2002.
(Added Pub. L. 104–13, §2, May 22, 1995, 109 Stat. 171; amended Pub. L. 104–106, div. E, title LI, §5125(a), Feb. 10, 1996, 110 Stat. 684; Pub. L. 106–398, §1 [[div. A], title X, §1064(b)], Oct. 30, 2000, 114 Stat. 1654, 1654A–275; Pub. L. 107–198, §2(b), (c), June 28, 2002, 116 Stat. 729; Pub. L. 107–217, §3(l)(6), Aug. 21, 2002, 116 Stat. 1302; Pub. L. 107–296, title X, §1005(c)(3), Nov. 25, 2002, 116 Stat. 2273; Pub. L. 107–347, title III, §305(c)(3), Dec. 17, 2002, 116 Stat. 2961.)
The date of enactment of the Small Business Paperwork Relief Act of 2002, referred to in subsec. (i)(2), is the date of enactment of Pub. L. 107–198, which was approved June 28, 2002.
A prior section 3506, added Pub. L. 96–511, §2(a), Dec. 11, 1980, 94 Stat. 2819; amended Pub. L. 99–500, §101(m) [title VIII, §816], Oct. 18, 1986, 100 Stat. 1783–308, 1783–338, and Pub. L. 99–591, §101(m) [title VIII, §816], Oct. 30, 1986, 100 Stat. 3341–308, 3341–338, related to Federal agency responsibilities prior to the general amendment of this chapter by Pub. L. 104–13.
Another prior section 3506, Pub. L. 90–620, Oct. 22, 1968, 82 Stat. 1303, provided for determination of necessity for information and hearing thereon, prior to the general amendment of this chapter by Pub. L. 96–511. See section 3508 of this title.
2002—Subsec. (c)(4). Pub. L. 107–198, §2(c), added par. (4).
Subsec. (g)(1). Pub. L. 107–296, §1005(c)(3)(A), and Pub. L. 107–347, §305(c)(3)(A), amended par. (1) identically, inserting "and" at end.
Subsec. (g)(2). Pub. L. 107–296, §1005(c)(3)(B), and Pub. L. 107–347, §305(c)(3)(B), amended par. (2) identically, substituting "subchapter II of this chapter" for "section 11332 of title 40" and a period for "; and" at end.
Pub. L. 107–217, §3(l)(6)(A), substituted "section 11332 of title 40" for "the Computer Security Act of 1987 (40 U.S.C. 759 note)".
Subsec. (g)(3). Pub. L. 107–296, §1005(c)(3)(C), and Pub. L. 107–347, §305(c)(3)(C), amended subsec. (g) identically, striking out par. (3) which read as follows: "consistent with section 11332 of title 40, identify and afford security protections commensurate with the risk and magnitude of the harm resulting from the loss, misuse, or unauthorized access to or modification of information collected or maintained by or on behalf of an agency."
Pub. L. 107–217, §3(l)(6)(B), substituted "section 11332 of title 40" for "the Computer Security Act of 1987 (40 U.S.C. 759 note)".
Subsec. (i). Pub. L. 107–198, §2(b), added subsec. (i).
2000—Subsecs. (a)(1) to (3), (b)(4), (c)(1). Pub. L. 106–398 substituted "subchapter" for "chapter" wherever appearing.
1996—Subsec. (a)(2)(A). Pub. L. 104–106, §5125(a)(1)(A), substituted "Chief Information Officer" for "senior official".
Subsec. (a)(2)(B). Pub. L. 104–106, §5125(a)(1)(B), substituted "designate Chief Information Officers" for "designate senior officials", "Chief Information Officer" for "official", and "the Chief Information Officers" for "the officials".
Subsec. (a)(3), (4). Pub. L. 104–106, §5125(a)(1)(C), substituted "Chief Information Officer" for "senior official" wherever appearing.
Subsec. (c)(1). Pub. L. 104–106, §5125(a)(2), substituted "Chief Information Officer" for "official" in introductory provisions.
Amendment by Pub. L. 107–347 effective Dec. 17, 2002, see section 402(b) of Pub. L. 107–347, set out as a note under section 3504 of this title.
Amendment by Pub. L. 107–296 effective 60 days after Nov. 25, 2002, see section 4 of Pub. L. 107–296, set out as an Effective Date note under section 101 of Title 6, Domestic Security.
Amendment by Pub. L. 106–398 effective 30 days after Oct. 30, 2000, see section 1 [[div. A], title X, §1065] of Pub. L. 106–398, Oct. 30, 2000, 114 Stat. 1654, formerly set out as an Effective Date note under former section 3531 of this title.
Amendment by Pub. L. 104–106 effective 180 days after Feb. 10, 1996, see section 5701 of Pub. L. 104–106, Feb. 10, 1996, 110 Stat. 702.
Ex. Ord. No. 13073, Feb. 4, 1998, 63 F.R. 6467, as amended by Ex. Ord. No. 13127, June 14, 1999, 64 F.R. 32793, provided:
The American people expect reliable service from their Government and deserve the confidence that critical government functions dependent on electronic systems will be performed accurately and in a timely manner. Because of a design feature in many electronic systems, a large number of activities in the public and private sectors could be at risk beginning in the year 2000. Some computer systems and other electronic devices will misinterpret the year "00" as 1900, rather than 2000. Unless appropriate action is taken, this flaw, known as the "Y2K problem," can cause systems that support those functions to compute erroneously or simply not run. Minimizing the Y2K problem will require a major technological and managerial effort, and it is critical that the United States Government do its part in addressing this challenge.
Accordingly, by the authority vested in me as President by the Constitution and the laws of the United States of America, it is hereby ordered as follows:
(1) assure that no critical Federal program experiences disruption because of the Y2K problem;
(2) assist and cooperate with State, local, and tribal governments to address the Y2K problem where those governments depend on Federal information or information technology or the Federal Government is dependent on those governments to perform critical missions;
(3) cooperate with the private sector operators of critical national and local systems, including the banking and financial system, the telecommunications system, the public health system, the transportation system, and the electric power generation system, in addressing the Y2K problem; and
(4) communicate with their foreign counterparts to raise awareness of and generate cooperative international arrangements to address the Y2K problem.
(b) As used in this order, "agency" and "agencies" refer to Federal agencies that are not in the judicial or legislative branches.
(a) The Council shall be led by a Chair who shall be an Assistant to the President, and it shall be composed of one representative from each of the executive departments and from such other Federal agencies as may be determined by the Chair of the Council (the "Chair").
(b) The Chair shall appoint a Vice Chair and assign other responsibilities for operations of the council as he or she deems necessary.
(c) The Chair shall oversee the activities of agencies to assure that their systems operate smoothly through the year 2000, act as chief spokesperson on this issue for the executive branch in national and international fora, provide policy coordination of executive branch activities with State, local, and tribal governments on the Y2K problem, and promote appropriate Federal roles with respect to private sector activities in this area.
(d) The Chair and the Director of the Office of Management and Budget shall report jointly at least quarterly to me on the progress of agencies in addressing the Y2K problem.
(e) The Chair shall identify such resources from agencies as the Chair deems necessary for the implementation of the policies set out in this order, consistent with applicable law.
(1) assure that efforts to address the Y2K problem receive the highest priority attention in the agency and that the policies established in this order are carried out; and
(2) cooperate to the fullest extent with the Chair by making available such information, support, and assistance, including personnel, as the Chair may request to support the accomplishment of the tasks assigned herein, consistent with applicable law.
(b) The heads of executive departments and the agencies designated by the Chair under section 2(a) of this order shall identify a responsible official to represent the head of the executive department or agency on the Council with sufficient authority and experience to commit agency resources to address the Y2K problem.
(b) At the direction of the Chair, the ICC will assist in making preparations for information sharing and coordination within the Federal Government and key components of the public and private sectors, coordinating agency assessments of Y2K emergencies that could have an adverse affect on U.S. interests at home and abroad, and, if necessary, assisting Federal agencies and the Chair in reconstitution processes where appropriate.
(c) The ICC will:
(1) consist of officials from executive agencies, designated by agency heads under subsection 3(a)(2) of this order, who have expertise in important management and technical areas, computer hardware, software or security systems, reconstitution and recovery, and of additional personnel hired directly or by contract, as required, to carry out the duties described under section 5 of this order;
(2) work with the Council and the Office of Management and Budget to assure that Federal efforts to restore critical systems are coordinated with efforts managed by Federal agencies acting under existing emergency response authorities.
(d) The Chair of the President's Council on Year 2000 Conversion shall designate a Director of the ICC.
William J. Clinton.