MEMORANDUM FOR SECRETARIES OF THE MILITARY DEPARTMENTS
CHAIRMAN OF THE JOINT CHIEFS OF STAFF
UNDER SECRETARIES OF DEFENSE
GENERAL COUNSEL OF THE DEPARTMENT
INSPECTOR GENERAL OF THE DEPARTMENT
DIRECTORS OF THE DEFENSE
SUBJECT: Clinger-Cohen Act Compliance for Major Automated Information Systems
This MEMORANDUM provides guidance for demonstrating compliance with the Clinger-Cohen Act (CCA) for major automated information systems (MAIS). The DoD Appropriations Act for Fiscal Year 2002 (Pub. L. 107-107) did not re-enact a provision (DoD) Chief Information Officer (CIO) to certify CCA compliance to the congressional defense committee at acquisition milestones.
Although the DoD CIO is not required to notify congressional defense committees of CCA certifications for MAIS this fiscal year, all of the Department's information technology (IT) investments are still required to comply with the CCA. In addition, under section 811 (c) of the Floyd D. Spence National Defense Authorization Act for Fiscal Year 2001 (Pub. L. 106-398), the DoD CIO may not grant milestone,approval until he determines that a MAIS is being developed in accordance until he determines that a MAIS is being developed in accordance with the CCA. Similarly, section 811 (b) prohibits the award of a contract for the acquisition of a mission critical or that is required to be provided under the DoD 5000 series and has determined that there is in place for the system an appropriate information as strategy. In order to satisfy these requirements, DoD Instruction 5000.2 continues to require, as a condition of Milestone approval, that the Component CIO confirm to the DoD CIO that the MAIS is being developed in accordance with the CCA.
Effective immediately, the requirements in Section 184.108.40.206.3.2.3 of DODI5000.2 for a CCA Compliance Report for a MAIS, and related certification to the congressional defense committees is rescinded. However, as stated above, Component CIOs must still confirm CCA compliance to the DOD CIO before a MAIS milestone decision. Out March 8, 2002, memorandum entitled, "Clinger-Cohen Act Compliance Policy" states that Component CIOs may confirm CCA compliance by concurring with the Program Manager's CCA compliance table (A slightly revised tables is attached). CCA compliance issues should be raised as early as possible during the review process for requirements and acquisition documents. To facilitate this, DoD and Component CIO staff should participate in integrated product teams regarding MAIS programs to help ensure that the tenets of CCA are considered at appropriate points in the requirements generation and acquisition processes. The PM is still ultimately responsible for compiling all required data prior to each milestone.
The Officer of the Deputy will continue to work with Component CIO and Acquisition Executive staffs and the Office of the USD (AT&L) to develop improved guidance and policy regarding the implementation of the CCA for acquisition programs. Our goal will be to avoid imposing duplicative CCA documentation requirements that do not add value and to ensure that the requirements of the law are met by use of the exciting requirements generation and acquisition processes.
My action officer for this memorandum is Edward Wingfield at (703) 602-0980 x126 or email@example.com