Clinger-Cohen Act Compliance
Published, July 13, 2010
The DON CIO coordinates Clinger-Cohen Act reviews of confirmation packages for all DON Acquisition Category (ACAT) I and II programs.
The Federal Government's increased reliance on information technology was the impetus for enactment of the Clinger-Cohen Act. A 1994 report by Senator William Cohen highlighted long-standing, systematic problems associated with the Government's increasing reliance on IT. As a result, the 1996 CCA mandated Federal Chief Information Officers to address information management/information technology at the enterprise level. It also codifies best practices for management of IT programs and applies to all IT programs, including National Security Systems.
To ensure proper investment in IT programs and that they deliver what is intended, CCA confirmation is required of all Major Automated Information Systems (MAIS) programs, those in Acquisition Category (ACAT) IAM and ACAT IAC, prior to each milestone approval, full deployment decision reviews and contract award. Non-MAIS ACAT programs (i.e., ACAT ID, IC, II, III and IV) and Abbreviated Acquisition Programs (AAP) for IT, including National Security Systems, also require CCA confirmation prior to each milestone approval, full rate production decision review, and contract award. CCA Confirmation packages should be prepared in accordance with DoDI 5000.02 and SECNAVINST 5000.2E using a CCA Confirmation signature sheet. While it was the former policy of the DoD CIO to also confirm that MAIS and Major Defense Acquisition Programs (MDAP) are being developed in compliance with the CCA, after the Component CIO did so, the DoD CIO CCA Confirmation step has been eliminated. Elimination of the DoD CIO CCA Confirmation step was addressed in this policy memo.
DoD Instruction 5000.02, SECNAVINST 5000.2E, and the Acquisition Knowledge Sharing System all provide current guidance for complying with the CCA. SECNAVINST 5000.2E clarifies that the specific timing of "prior to each milestone approval" noted above is prior to release of the milestone request for proposal.
In the past, there was a requirement for the DoD CIO to certify (vice confirm) MAIS programs as CCA compliant to Congress. Though this certification requirement no longer applies, those interested may refer to DoD CIO memo: Clinger-Cohen Act Compliance Certification for Major Automated Information Systems for Fiscal Year 2008 and its attachment.