Appendix A: IT Governance Structure

The Department established an overall IT governance process and an internal management structure that supports the achievement of the plan’s three strategic goals. IT management policies and practices will continue to evolve and improve the effectiveness of IT management.

Structure of IT Governance Boards

The E-Government Program Board (E-GovPB) provides overall oversight and resourcing for the enterprise IT activities. Program Board members include Bureau Assistant Secretaries. The objectives of the board are to: set the Department’s IT strategic direction; evaluate IT programs and investments; drive innovation through IT capital decisions; and prioritize strategic and resource issues related to IT investments and initiatives. The Department relies on the E-GovPB to promote collaboration with the bureaus and posts, to review strategic goals and performance measures, and to ensure all IT activities remain focused on agreed-upon goals and priorities.

The E-Government Advisory Board (E-GovAB) supports the E-GovPB by identifying issues for the E-GovPB to review, providing assessments and recommendations on the Department’s IT initiatives ensuring they align with IT policies, architecture, standards, and goals, and determining strategies, policies, and timelines required to implement the directives of the E-GovPB. The E-GovAB is informed by other governance structures, such as the CCGB, and supported by the E-Gov Program Management Office. Through the E-GovPB and E-GovAB, the CIO works in partnership with BP, the Comptroller, Chief Acquisition Officer (CAO), and other executive stakeholders, to establish policies and procedures that ensure the accountability that information technology assets are designed, developed and maintained effectively.

IT Budget Review

The IT governance process is aligned closely with IT Capital Planning. With the implementation of FITARA, IRM and BP will partner to ensure the CIO reviews IT budget resources throughout the funding lifecycle. In collaboration with BP, IRM reviews requested budgets for IT categories, regardless of budget account, for alignment with established IT goals, architectures, priorities, efficiencies, and performance. Through the E-GovPB, the CIO, Director of BP, Chief Financial Officer (CFO), and Comptroller will continue to participate in budget development governance, guiding and performing oversight of enterprise and federal requirements and initiatives.

Chief Information Officer Roles and Responsibilities

The CIO is equivalent to an Assistant Secretary, and manages IRM, providing IT infrastructure and services the Department needs to achieve its foreign policy mission. The CIO leverages the E-GovPB, consisting of senior leaders across the C-suite, manages investments in accordance with applicable OMB circulars through an enterprise CPIC Program, and leverages Enterprise Architecture to integrate business requirements. The CIO has full visibility into planning and budgeting, acquisition, program and project management, expenditures, and human capital aspects of IT resources.

Chief Information Security Officer Roles and Responsibilities

The Chief Information Security Officer (CISO) operates under the direction and supervision of the CIO and is the CIO’s primary advisor concerning Department information security issues. The CISO is responsible for defining and evaluating the information security posture of the Department’s information and information systems and ensures agency compliance with FISMA and other federal mandates and requirements.