Applying technology to address Federal Mandates and Executive Orders
Technology is key to many of the Mandates and Executive Orders that apply to your organization. Microsoft is here to help with information and links to details and solutions that help you address requirements and achieve the level of compliance you need.
Federal Information Security Management Act (FISMA)
The E-Government Act passed in 2002 recognized the importance of information security to the economic and national security interests of the United States. As Title III of this act, FISMA requires each federal agency to develop, document and implement an agency-wide program to provide information security that supports the operations and assets of the agency and related agencies and sources.
Office 365 implements security processes that adhere to the standards required by U.S. federal agencies, and it has acquired FISMA Authority to Operate (ATO) from a federal agency.
Learn more at the links below.
Visit the CRSC site for more detail on FISMA
Federal Mandate: Common Criteria Evaluation and Validation Scheme for IT Security
Under the National Information Assurance Partnership (NIAP), the National Institute of Standards and Technology (NIST) and the National Security Agency (NSA) established the Common Criteria Evaluation and Validation Scheme for IT Security (CCEVS). The goals, per the Federal Mandate, are to ensure that security evaluations of IT products are performed to consistent standards, encourage the formation of commercial security testing laboratories, meet the needs of government and industry for cost-effective evaluation of IT products, and improve the availability of those products.
Visit the NIAP Common Criteria Evaluation and Validation Scheme for IT Security website.
Federal Mandate: U.S. Government Configuration Baseline Initiative
The U.S. Government Configuration Baseline (USGCB), which evolved from the Federal Desktop Core Configuration mandate (FDCC), provides guidance to federal agencies to help improve security configurations for government IT. The requirements support compliance testing and reporting, focus on green IT, and itemize ways in which to work with the Windows operating system and with Windows Internet Explorer. As a result of the Initiative, agencies can achieve more environmentally aware and more secure IT environments.
Visit the U.S. Government Configuration Baseline Initiative website.
Cost Savings and Services Accountability
Executive Order: Delivering an Efficient, Effective, and Accountable Government
This Executive Order, which aims to reduce federal government spending, was signed on June 13, 2011. Its goals include: save taxpayer money by cutting waste, curb spending, increase efficiency, and improve accountability. Other goals are to eliminate duplicative and inefficient programs, accelerate innovation, and terminate poorly performing information technology projects. Read the full Executive Order.
Executive Order: Streamlining Service Delivery and Improving Customer Service
This Executive Order, issued April 27, 2011, acknowledges the responsibility of government agencies to streamline services and to deliver them faster and at a lower cost. It encourages agencies to look at best practices from the private sector and to explore lower-cost, self-service options for citizen access and services availability. Advances in technology make these options more accessible than ever. Read the full Executive Order.
Federal Mandate: Federal Funding Accountability and Transparency Act of 2006
The Federal Funding Accountability and Transparency Act of 2006 (Public Law 109-282), also known as FFATA, was signed on September 26, 2006. The Act mandates that information on federal expenditures be made searchable and available on a single website (www.USASpending.gov). Transparency is critical as citizens seek more information and accountability, even in times of reduced budgets. The website is maintained by the U.S. Office of Management and Budget (OMB). Read the full Act.
Federal Mandate: Federal Rules of Civil Procedure
The Federal Rules of Civil Procedure (FRCP), updated December 1, 2006, govern the processes that courts follow when hearing civil cases—how a lawsuit may be commenced, what kind of service process is required, how the courts and clerks must function, and more. They do not apply to state court actions, but many states have modeled their guidelines on the FRCP. Visit the Federal Rules of Civil Procedure website.
Federal Mandate: Agency-wide Section 508 Policy
This Policy mandates equal access to information for people with disabilities. The program encourages establishment of an agency-wide information technology policy and includes accessibility guidelines around policy development, IT governance, training and technical assistance, and more. It also gives agencies suggestions for establishing roles and responsibilities to create effective accessibility programs. Read the full Policy.
Federal Mandate: 2010 Federal Data Center Consolidation Initiative
This Initiative, issued February 26, 2010, aims to help government agencies formulate consolidation plans for their data centers. Goals include reduced overall energy footprints of government data centers, along with lower costs, increased security, and more efficient computing platforms. Agencies are encouraged to create consolidation plans that include a technical roadmap, existing data center inventory, and attention to best practices from both the public and private sectors. Read the CIO.gov summary.
Federal Mandate: 25-Point Implementation Plan to Reform Federal Information Technology Management
This action plan, released December 9, 2010, aims to help agencies leverage information technology to create more efficient and effective government services and to deliver better value to taxpayers. The plan addresses the most persistent challenges to productivity and efficiency. Some highlights include recommendations to shift to "cloud first" policies within 12 to 18 months, to reduce the number of federal data centers, and to use specialized IT acquisition professionals when funding major IT programs. Read the full action plan.
Federal Mandate: E-Government Act of 2002
The E-Government Act, enacted December 17, 2002, recognizes that the Internet is changing the way people, businesses, and government agencies interact. It was written to promote the use of Internet-based information technology to enhance citizen access to government information and services and to increase citizen participation. It encourages better organization, improved collaboration, and more focused agency oversight of resource management. Read the full Act.
Federal Mandate: Federal Cloud Computing Strategy
This strategy, announced on February 8, 2011, can help government agencies to provide highly reliable and innovative services quickly, despite resource constraints. One of its major goals is to improve the federal government's ability to serve the public efficiently. The Federal Cloud Computing Strategy provides specific examples to guide agencies in migrating toward cloud computing, highlights implementation resources, and identifies government roles and responsibilities for cloud adoption. Read the CIO.gov summary.
Federal Mandate: Department of Defense Directive 5015.2 - Department of Defense Records Management Program
Department of Defense Directive 5015.2 (DoD 5015.2), issued March 6, 2000, establishes responsibility for the Department of Defense Records Management Program and updates policies for life-cycle management for information records. This program reinforces the Department of Defense policies to create, maintain, and preserve Department of Defense information and to manage records efficiently. It also offers specific guidelines about automated records management for the Department of Defense. Read the full Directive.
Federal Mandate: Federal Information Processing Standards
The Federal Information Processing Standards, also known as FIPS, are developed and issued by the National Institute of Standards and Technology (NIST) for federal computer systems. The authority was granted under the Information Technology Management Reform Act. NIST must develop FIPS (for use government-wide) when there are compelling requirements but no acceptable industry standards or solutions for federal technology issues, such as security, interoperability, or data portability. See all Federal Information Processing Standards documents.
Presidential Memorandum: Managing Government Records
This Presidential Memorandum, issued November 28, 2011, aims to reform records management policies and practices. Its goal is to better document executive agency actions, to improve agency performance, and to promote openness and accountability. Proper records management can also help agencies operate more efficiently and cut costs. Read the full Presidential Memorandum.
Environmental and Economic Responsibility
Executive Order: Federal Leadership In Environmental, Energy, and Economic Performance
This Executive Order (EO 13423), signed on January 24, 2007, guides federal government agencies toward more environmentally responsible practices, also known as green IT. It applies to all energy-related activities, including sustainable buildings, electronics stewardship, water conservation, and renewable energy, among others. The Order instructs agencies to conduct their business in a more efficient and sustainable manner. Read the full Executive Order.
Federal Mandate: Telework Enhancement Act of 2010
This Act, signed into law by President Barack Obama on December 9, 2010, defines training, monitoring, policy, and support for government agencies which are required to follow executive telework requirements. Telework can help support environmental sustainability, reduce travel costs, and maintain key agency operations during emergency situations. See the full text of the Act.