2013 US Code
Title 10 - Armed Forces
Subtitle A - General Military Law (§§ 101 - 2925)
Part IV - SERVICE, SUPPLY, AND PROCUREMENT (§§ 2201 - 2925)
Chapter 131 - PLANNING AND COORDINATION (§§ 2201 - 2229a)
Section 2223 - Information technology: additional responsibilities of Chief Information Officers
Publication Title | United States Code, 2012 Edition, Supplement 1, Title 10 - ARMED FORCES |
Category | Bills and Statutes |
Collection | United States Code |
SuDoc Class Number | Y 1.2/5: |
Contained Within | Title 10 - ARMED FORCES Subtitle A - General Military Law PART IV - SERVICE, SUPPLY, AND PROCUREMENT CHAPTER 131 - PLANNING AND COORDINATION Sec. 2223 - Information technology: additional responsibilities of Chief Information Officers |
Contains | section 2223 |
Date | 2013 |
Laws in Effect as of Date | January 16, 2014 |
Positive Law | Yes |
Disposition | standard |
Source Credit | Added Pub. L. 105-261, div. A, title III, §331(a)(1), Oct. 17, 1998, 112 Stat. 1967; amended Pub. L. 106-398, §1 [[div. A], title VIII, §811(a)], Oct. 30, 2000, 114 Stat. 1654, 1654A-210; Pub. L. 107-217, §3(b)(1), Aug. 21, 2002, 116 Stat. 1295; Pub. L. 109-364, div. A, title IX, §906(b), Oct. 17, 2006, 120 Stat. 2354. |
Statutes at Large References | 112 Stat. 1967, 1968 114 Stat. 1654 116 Stat. 1295 120 Stat. 2354 124 Stat. 4334 125 Stat. 1539 126 Stat. 1886, 1887 127 Stat. 833 |
Public Law References | Public Law 105-261, Public Law 106-398, Public Law 107-217, Public Law 109-364, Public Law 111-383, Public Law 112-81, Public Law 112-239, Public Law 113-66 |
Download PDF
(a)
(1) review and provide recommendations to the Secretary of Defense on Department of Defense budget requests for information technology and national security systems;
(2) ensure the interoperability of information technology and national security systems throughout the Department of Defense;
(3) ensure that information technology and national security systems standards that will apply throughout the Department of Defense are prescribed;
(4) provide for the elimination of duplicate information technology and national security systems within and between the military departments and Defense Agencies; and
(5) maintain a consolidated inventory of Department of Defense mission critical and mission essential information systems, identify interfaces between those systems and other information systems, and develop and maintain contingency plans for responding to a disruption in the operation of any of those information systems.
(b)
(1) review budget requests for all information technology and national security systems;
(2) ensure that information technology and national security systems are in compliance with standards of the Government and the Department of Defense;
(3) ensure that information technology and national security systems are interoperable with other relevant information technology and national security systems of the Government and the Department of Defense; and
(4) coordinate with the Joint Staff with respect to information technology and national security systems.
(c)
(1) The term "Chief Information Officer" means the senior official designated by the Secretary of Defense or a Secretary of a military department pursuant to section 3506 of title 44.
(2) The term "information technology" has the meaning given that term by section 11101 of title 40.
(3) The term "national security system" has the meaning given that term by section 3542(b)(2) of title 44.
(Added Pub. L. 105–261, div. A, title III, §331(a)(1), Oct. 17, 1998, 112 Stat. 1967; amended Pub. L. 106–398, §1 [[div. A], title VIII, §811(a)], Oct. 30, 2000, 114 Stat. 1654, 1654A–210; Pub. L. 107–217, §3(b)(1), Aug. 21, 2002, 116 Stat. 1295; Pub. L. 109–364, div. A, title IX, §906(b), Oct. 17, 2006, 120 Stat. 2354.)
AMENDMENTS2006—Subsec. (c)(3). Pub. L. 109–364 substituted "section 3542(b)(2) of title 44" for "section 11103 of title 40".
2002—Subsecs. (a), (b). Pub. L. 107–217, §3(b)(1)(A), (B), substituted "section 11315 of title 40" for "section 5125 of the Clinger-Cohen Act of 1996 (40 U.S.C. 1425)" in introductory provisions.
Subsec. (c)(2). Pub. L. 107–217, §3(b)(1)(C), substituted "section 11101 of title 40" for "section 5002 of the Clinger-Cohen Act of 1996 (40 U.S.C. 1401)".
Subsec. (c)(3). Pub. L. 107–217, §3(b)(1)(D), substituted "section 11103 of title 40" for "section 5142 of the Clinger-Cohen Act of 1996 (40 U.S.C. 1452)".
2000—Subsec. (a)(5). Pub. L. 106–398 added par. (5).
EFFECTIVE DATEPub. L. 105–261, div. A, title III, §331(b), Oct. 17, 1998, 112 Stat. 1968, provided that: "Section 2223 of title 10, United States Code, as added by subsection (a), shall take effect on October 1, 1998."
ADDITIONAL REQUIREMENTS RELATING TO THE SOFTWARE LICENSES OF THE DEPARTMENT OF DEFENSEPub. L. 113–66, div. A, title IX, §935, Dec. 26, 2013, 127 Stat. 833, provided that:
"(a)
"(1)
"(2)
"(A) include plans for implementing an automated solution capable of reporting the software license compliance position of the Department and providing a verified audit trail, or an audit trail otherwise produced and verified by an independent third party;
"(B) include details on the process and business systems necessary to regularly perform reviews, a procedure for validating and reporting deregistering and registering new software, and a mechanism and plan to relay that information to the appropriate chief information officer; and
"(C) a proposed timeline for implementation of the updated plan in accordance with paragraph (3).
"(3)
"(b)
Pub. L. 112–239, div. A, title IX, §935, Jan. 2, 2013, 126 Stat. 1886, provided that:
"(a)
"(1) are potentially scalable to the volume used by Tier 1 Internet Service Providers to collect and analyze the flow data across their networks;
"(2) will substantially reduce the cost and complexity of capturing and analyzing high volumes of flow data; and
"(3) support the capability—
"(A) to detect and identify cyber security threats, networks of compromised computers, and command and control sites used for managing illicit cyber operations and receiving information from compromised computers;
"(B) to track illicit cyber operations for attribution of the source; and
"(C) to provide early warning and attack assessment of offensive cyber operations.
"(b)
Pub. L. 112–239, div. A, title IX, §936, Jan. 2, 2013, 126 Stat. 1886, provided that:
"(a)
"(1)
"(2)
"(A) an analysis of the technical requirements and needs for large-scale software database and data analysis tools, including prioritization of key technical features needed by the Department of Defense; and
"(B) an assessment of the available sources from Government and commercial sources to meet such needs, including an assessment by the Deputy Assistant Secretary of Defense for Manufacturing and Industrial Base Policy to ensure sufficiency and diversity of potential commercial sources.
"(3)
"(b)
"(1)
"(2)
Pub. L. 112–239, div. A, title IX, §937, Jan. 2, 2013, 126 Stat. 1887, provided that:
"(a)
"(1)
"(2)
"(3)
"(A) An identification and explanation of the software licenses determined by the Chief Information Officer under paragraph (2) to be selected software licenses for purposes of this section, and a summary outline of the software licenses determined not to be selected software licenses for such purposes.
"(B) Means to assess the needs of the Department and the components of the Department for selected software licenses during the two fiscal years following the date of the issuance of the plan.
"(C) Means by which the Department can achieve the greatest possible economies of scale and cost savings in the procurement, use, and optimization of selected software licenses.
"(b)
Pub. L. 112–81, div. A, title IX, §924, Dec. 31, 2011, 125 Stat. 1539, provided that:
"(a)
"(b)
"(1) Improvements to the source code and documentation for the Ozone Widget Framework.
"(2) Alternative or compatible implementations of the published application programming interface specifications for the Framework.
"(c)
Pub. L. 111–383, div. A, title IX, §931, Jan. 7, 2011, 124 Stat. 4334, provided that:
"(a)
"(1) The continuous prioritization of the policies, principles, standards, and guidelines developed under section 20 of the National Institute of Standards and Technology Act (15 U.S.C. 278g–3) with agencies and offices operating or exercising control of national security systems (including the National Security Agency) based upon the evolving threat of information security incidents with respect to national security systems, the vulnerability of such systems to such incidents, and the consequences of information security incidents involving such systems.
"(2) The automation of continuous monitoring of the effectiveness of the information security policies, procedures, and practices within the information infrastructure of the Department of Defense, and the compliance of that infrastructure with such policies, procedures, and practices, including automation of—
"(A) management, operational, and technical controls of every information system identified in the inventory required under section 3505(c) of title 44, United States Code; and
"(B) management, operational, and technical controls relied on for evaluations under section 3545 of title 44, United States Code.
"(b)
"(1) The term 'information security incident' means an occurrence that—
"(A) actually or potentially jeopardizes the confidentiality, integrity, or availability of an information system or the information such system processes, stores, or transmits; or
"(B) constitutes a violation or imminent threat of violation of security policies, security procedures, or acceptable use policies with respect to an information system.
"(2) The term 'information infrastructure' means the underlying framework, equipment, and software that an information system and related assets rely on to process, transmit, receive, or store information electronically.
"(3) The term 'national security system' has the meaning given that term in section 3542(b)(2) of title 44, United States Code."
Disclaimer: These codes may not be the most recent version. The United States Government Printing Office may have more current or accurate information. We make no warranties or guarantees about the accuracy, completeness, or adequacy of the information contained on this site or the information linked to on the US site. Please check official sources.