Federal agency Chief Information Officer’s (CIOs) will now move from concentrating on policy and maintaining infrastructure to being responsible for IT portfolio management.  In a memorandum issued yesterday by Jacob Lew, Director of the Office of Management and Budget (OMB), told federal agency heads that their CIOs must focus on “delivering IT solutions that support the mission and effectiveness of their agencies and overcome bureaucratic impediments to deliver enterprise-wide solution.”  

Steven VanRoekel, US Chief Information Officer, writing on the White House website said that under the new responsibilities, CIOs will be able to “reduce the number of wasteful duplicative wasteful systems, simplify services for the American people, and deliver more effective information technology to support their agency’s mission.”

The memo clarified CIO responsibilities in the four areas of responsibility for CIOs laid out in the IT Reform Plan issued in December, 2010. 

Governance:  CIOs will now drive the review process for IT investments and be responsible for the agency’s entire IT portfolio.  They will make IT portfolio analysis an integral part of the yearly budget process and will ensure that agencies meet the IT Reform plan goal of “turning around” a third of all underperforming IT investments by June 2012.

Commodity IT:  CIOs will focus on eliminating duplication in IT investments and will reduce costs and improve service for commodity IT by pooling agency purchasing power across the organization.  CIOs will work with enterprise architects to align IT resources by consolidating duplicative investments and applications.  They are directed to use shared services rather than establishing separate independent services.

Program Management:  CIOs are directed to hire top IT program managers and improve training.  They will also be held accountable for IT program manager performance and will perform annual performance evaluations of component CIOs.

Information Security:  CIOs will be responsible for implementing an agency-wide information security program.  They will ensure that the program includes a “well-designed, well-managed continuous monitoring and standardized risk assessment process supported by Department of Homeland Security run “CyberStat” sessions.