U.S. Code, Title 44, Public Printing and Documents

Contents:
Author: "U.S. Congress, Office of the Law Revision Counsel"

Show Summary

§ 3533. Authority and Functions of the Director

     (a)(1) The Director shall establish governmentwide policies for the management of programs that—

     (A) support the cost-effective security of Federal information systems by promoting security as an integral component of each agency’s business operations; and

     (B) include information technology architectures as defined under section 5125 of the Clinger-Cohen Act of 1996 (40 U.S.C. 1425).

     (2) Policies under this subsection shall—

     (A) be founded on a continuing risk management cycle that recognizes the need to—

     (i) identify, assess, and understand risk; and

     (ii) determine security needs commensurate with the level of risk;

     (B) implement controls that adequately address the risk;

     (C) promote continuing awareness of information security risk; and

     (D) continually monitor and evaluate policy and control effectiveness of information security practices.

     (b) The authority under subsection (a) includes the authority to—

     (1) oversee and develop policies, principles, standards, and guidelines for the handling of Federal information and information resources to improve the efficiency and effectiveness of governmental operations, including principles, policies, and guidelines for the implementation of agency responsibilities under applicable law for ensuring the privacy, confidentiality, and security of Federal information;

     (2) consistent with the standards and guidelines promulgated under section 5131 of the Clinger-Cohen Act of 1996 (40 U.S.C. 1441) and sections 5 and 6 of the Computer Security Act of 1987 (40 U.S.C. 1441 note; Public Law 100–235; 101 Stat. 1729), require Federal agencies to identify and afford security protections commensurate with the risk and magnitude of the harm resulting from the loss, misuse, or unauthorized access to or modification of information collected or maintained by or on behalf of an agency;

     (3) direct the heads of agencies to—

     (A) identify, use, and share best security practices;

     (B) develop an agencywide information security plan;

     (C) incorporate information security principles and practices throughout the life cycles of the agency’s information systems; and

     (D) ensure that the agency’s information security plan is practiced throughout all life cycles of the agency’s information systems;

     (4) oversee the development and implementation of standards and guidelines relating to security controls for Federal computer systems by the Secretary of Commerce through the National Institute of Standards and Technology under section 5131 of the Clinger-Cohen Act of 1996 (40 U.S.C. 1441) and section 20 of the National Institute of Standards and Technology Act (15 U.S.C. 278g–3);

     (5) oversee and coordinate compliance with this section in a manner consistent with—

     (A) sections 552 and 552a of title 5;

     (B) sections 20 and 21 of the National Institute of Standards and Technology Act (15 U.S.C. 278g–3 and 278g–4);

     (C) section 5131 of the Clinger-Cohen Act of 1996 (40 U.S.C. 1441);

     (D) sections 5 and 6 of the Computer Security Act of 1987 (40 U.S.C. 1441 note; Public Law 100–235; 101 Stat. 1729); and

     (E) related information management laws; and

     (6) take any authorized action under section 5113(b)(5) of the Clinger-Cohen Act of 1996 (40 U.S.C. 1413(b)(5)) that the Director considers appropriate, including any action involving the budgetary process or appropriations management process, to enforce accountability of the head of an agency for information resources management, including the requirements of this subchapter, and for the investments made by the agency in information technology, including—

     (A) recommending a reduction or an increase in any amount for information resources that the head of the agency proposes for the budget submitted to Congress under section 1105(a) of title 31;

     (B) reducing or otherwise adjusting apportionments and reapportionments of appropriations for information resources; and

     (C) using other authorized administrative controls over appropriations to restrict the availability of funds for information resources.

     (c) The authorities of the Director under this section (other than the authority described in subsection (b)(6))—

     (1) shall be delegated to the Secretary of Defense, the Director of Central Intelligence, and another agency head as designated by the President in the case of systems described under subparagraphs (A) and (B) of section 3532(b)(2);

     (2) shall be delegated to the Secretary of Defense in the case of systems described under subparagraph (C) of section 3532(b)(2) that are operated by the Department of Defense, a contractor of the Department of Defense, or another entity on behalf of the Department of Defense; and

     (3) in the case of all other Federal information systems, may be delegated only to the Deputy Director for Management of the Office of Management and Budget.

(Added Pub. L. 106–398, § 1 [[div. A], title X, § 1061], Oct. 30, 2000, 114 Stat. 1654, 1654A–266.)

Contents:

Related Resources

None available for this document.

Download Options


Title: U.S. Code, Title 44, Public Printing and Documents

Select an option:

*Note: A download may not start for up to 60 seconds.

Email Options


Title: U.S. Code, Title 44, Public Printing and Documents

Select an option:

Email addres:

*Note: It may take up to 60 seconds for for the email to be generated.

Chicago: "U.S. Congress, Office of the Law Revision Counsel", "§ 3533. Authority and Functions of the Director," U.S. Code, Title 44, Public Printing and Documents in U.S. Code, Title 44, Public Printing and Documents (Washington, D.C.: Government Printing Office, 2002), Original Sources, accessed July 20, 2019, http://www.originalsources.com/Document.aspx?DocID=1GWPCNPRNUI8EQL.

MLA: "U.S. Congress, Office of the Law Revision Counsel". "§ 3533. Authority and Functions of the Director." U.S. Code, Title 44, Public Printing and Documents, in U.S. Code, Title 44, Public Printing and Documents, Washington, D.C., Government Printing Office, 2002, Original Sources. 20 Jul. 2019. www.originalsources.com/Document.aspx?DocID=1GWPCNPRNUI8EQL.

Harvard: "U.S. Congress, Office of the Law Revision Counsel", '§ 3533. Authority and Functions of the Director' in U.S. Code, Title 44, Public Printing and Documents. cited in 2002, U.S. Code, Title 44, Public Printing and Documents, Government Printing Office, Washington, D.C.. Original Sources, retrieved 20 July 2019, from http://www.originalsources.com/Document.aspx?DocID=1GWPCNPRNUI8EQL.