Statement of Organization, Functions, and Delegations of Authority, 14525-14527 [2012-5862]
Download as PDF
<![CDATA[
Federal Register / Vol. 77, No. 48 / Monday, March 12, 2012 / Notices
the assets to be divested, or that the
manner of the divestiture is not
acceptable, Western Digital must
unwind the divestiture and divest the
assets within 180 days of the date the
Order becomes final to another
Commission-approved acquirer. If
Western Digital fails to divest the assets
within the 180 days, the Commission
may appoint a trustee to divest the
relevant assets.
The purpose of this analysis is to
facilitate public comment on the
Consent Agreement, and it is not
intended to constitute an official
interpretation of the Consent Agreement
or to modify its terms in any way.
pmangrum on DSK3VPTVN1PROD with NOTICES
By direction of the Commission.
Donald S. Clark,
Secretary.
Statement of the Federal Trade
Commission Concerning Western
Digital Corporation/Viviti Technologies
Ltd. and Seagate Technology LLC/Hard
Disk Drive Assets of Samsung
Electronics Co. Ltd.
After a thorough investigation the
Federal Trade Commission has
challenged Western Digital
Corporation’s (‘‘Western Digital’’)
proposed acquisition of Viviti
Technologies Ltd., formerly known as
Hitachi Global Storage Technologies
(‘‘HGST’’). This challenge comes several
months after the Federal Trade
Commission closed its investigation of
Seagate Technology LLC’s (‘‘Seagate’’)
acquisition of Samsung Electronics Co.
Ltd.’s hard disk drive assets
(‘‘Samsung’’). The two proposed
transactions were announced within
weeks of each other, and both had
potential implications for competition
in the same product markets.
Commission staff reviewed both matters
at the same time in order to understand
the effects on competition resulting
from each transaction on its own, as
well as the cumulative effect on the
relevant markets if both transactions
were allowed to be consummated.
The evidence gathered in the
Commission’s investigation revealed
that the relevant product markets in
which to assess the competitive impact
of the proposed transactions are based
on specific end-uses for hard disk drives
(‘‘HDDs’’)—such as desktop, notebook,
and enterprise—because product
features, pricing, and competition differ
by end-use applications. For many of
these end-uses, we did not have reason
to believe that the proposed transactions
would result in effects that would have
justified a challenge. In the 3.5 inch
desktop HDD (‘‘desktop HDD’’) market,
however, we had reason to believe the
VerDate Mar<15>2010
14:55 Mar 09, 2012
Jkt 226001
consummation of both of these
acquisitions would result in likely
anticompetitive effects. The
Commission came to this conclusion
based on the evidence from interviews
with market participants, testimony of
the parties’ executives, and documents
produced by the parties and other
industry participants.
The Commission determined after its
investigation that there were significant
differences between the competitive
implications of the two proposed
mergers. Since in each case the
acquiring firm was a strong competitor,
attention turned to the characteristics of
the two firms that were to be acquired
in these proposed transactions—HGST
and Samsung. Based on this analysis, it
was clear that an independent HGST
was much more likely to be an effective
competitive constraint in the desktop
HDD market than would an
independent Samsung.
In particular, HGST has been a strong,
high quality and innovative competitor
in the desktop HDD market. Moreover,
HGST has been identified by a number
of industry participants as a key driver
of aggressive price competition in the
desktop HDD market in 2010, and was
well-positioned to grow its desktop
HDD business in the near future. In
contrast, Samsung had struggled to be
competitive in the desktop HDD market.
In a market for desktop HDDs
containing only Western Digital, HGST,
and the combined Seagate/Samsung
entity, HGST would retain the ability
and incentive to act as an effective
constraint on desktop HDD pricing. By
contrast, Samsung would be less likely
to serve as a meaningful constraint on
pricing in a desktop HDD market
consisting of Western Digital/Hitachi,
Seagate, and Samsung. Based on these
considerations, the Commission made
the decision to challenge the Western
Digital/HGST transaction while clearing
the Seagate/Samsung transaction, and to
preserve the competitiveness of the
desktop HDD market by requiring
Western Digital to divest HGST’s
desktop HDD assets to Toshiba
Corporation under the terms of a
proposed Consent Agreement.
As we have explained in other cases,
each merger that comes before the
Commission is investigated and
considered based on the particular facts
presented. These investigations bear out
the assertion in our Horizontal Merger
Guidelines that our review of mergers
‘‘is a fact-specific process through
which the Agencies, guided by their
extensive experience, apply a range of
analytical tools to the reasonably
available and reliable evidence to
PO 00000
Frm 00033
Fmt 4703
Sfmt 4703
14525
evaluate competitive concerns in a
limited period of time.’’ 2
In addition to the scrutiny they have
received from the Commission, many
other antitrust enforcement agencies
investigated these mergers. Commission
staff cooperated with agencies in
Australia, Canada, China, the European
Union, Japan, Korea, Mexico, New
Zealand, Singapore, and Turkey, and
worked closely with the agencies’
investigative teams on the timing of
review, substantive analyses, and
potential remedies, during the pendency
of these investigations. This close
cooperation with foreign antitrust
enforcers helped ensure an outcome that
benefited consumers in the United
States.
[FR Doc. 2012–5851 Filed 3–9–12; 8:45 am]
BILLING CODE 6750–01–P
DEPARTMENT OF HEALTH AND
HUMAN SERVICES
Centers for Disease Control and
Prevention
Statement of Organization, Functions,
and Delegations of Authority
Part C (Centers for Disease Control
and Prevention) of the Statement of
Organization, Functions, and
Delegations of Authority of the
Department of Health and Human
Services (45 FR 67772–76, dated
October 14, 1980, and corrected at 45 FR
69296, October 20, 1980, as amended
most recently at 77 FR 5804–5812, dated
February 6, 2012) is amended to reflect
the reorganization of the Office of the
Chief Operating Officer, Office of the
Director, Centers for Disease Control
and Prevention.
Section C–B, Organization and
Functions, is hereby amended as
follows:
Delete in its entirety the functional
statement for the Office of the Chief
Operating Officer (CAJ), and insert the
following:
Office of the Chief Operating Officer
(CAJ). (1) Provides mission and valuesbased leadership, direction, support and
assistance to CDC’s programs and
activities to enhance CDC’s strategic
position in public health; ensure
responsible stewardship; maintain core
values; optimize operational
effectiveness of business services; and
institutionalize accountability for
achieving management initiatives; (2)
directs the conduct of operational
2 U.S. Dep’t of Justice & Fed. Trade Comm’n,
Horizontal Merger Guidelines § 1 (2010), available
at https://www.ftc.gov/os/2010/08/100819hmg.pdf.
E:\FR\FM\12MRN1.SGM
12MRN1
pmangrum on DSK3VPTVN1PROD with NOTICES
14526
Federal Register / Vol. 77, No. 48 / Monday, March 12, 2012 / Notices
activities undertaken by Agency
program support and management
service staff, including, among others,
facilities and real property planning and
management; grants, procurement and
materiel management; human resources
management; information technology
and systems planning and support;
internal security and emergency
preparedness; and management analysis
and services; (3) manages the planning,
evaluation, and implementation of
continuous improvement and
reengineering initiatives and adoption
of innovations and technologies in these
areas and ensures that they are
undertaken in a comprehensive and
integrated manner and with
consideration of strategic implications
for human capital planning; (4)
maintains liaison with officials of DHHS
responsible for the direction and
conduct of DHHS program support and
management services functions; (5)
participates in the development of
CDC’s goals and objectives; (6) provides
assistance to DHHS officials and to
CDC’s Centers/Institute/Offices (CI0s) to
assure that the human resources of CDC
are sufficient in numbers, training, and
diversity to effectively conduct the
public health mission of CDC; (7)
provides direction for the Agency’s
ethics program and activities associated
with Departmental and Presidential
management initiatives; (8) provides
direction in establishing accountable
measures for financial management of
both budget estimating and execution
processes agencywide; and (9) provides
guidance and ensures compliance with
the budget priorities established by the
Office of the Director, CDC.
Delete in their entirety the title and
functional statement for the
Administrative Services and Program
Office (CAJ12).
After the functional statement for the
Office of the Director (CAJ1), Office of
the Chief Operating Officer (CAJ), insert
the following:
Office of the Chief Financial Officer
(CAJ1P). The Office of the Chief
Financial Officer (OCFO), located
within the Office of the Chief Operating
Officer (OCOO), addresses agency-wide
fiscal accountability and oversight. The
OCFO supports CDC’s mission to ‘‘save
money through prevention’’ by ensuring
appropriate fiscal stewardship of the tax
payer dollar while CDC accomplishes its
activities in the areas of disease
research, prevention, and early
detection. Accordingly, the OCFO: (1)
Manages the financial risk of the agency;
(2) provides oversight of the agency’s
financial activities and accounting
practices; (3) performs reviews and
training in high risk areas for both the
VerDate Mar<15>2010
14:55 Mar 09, 2012
Jkt 226001
agency and the Department where there
appears to be fiscal vulnerabilities; (4)
provides expertise in interpreting
appropriations law issues and financial
policy matters; (5) assists in the receipt,
distribution and monitoring of agency
issues submitted by the Office of the
Inspector General Hotline; (6) advises
and assists the CDC Director, the Chief
Operating Officer, and other key agency
officials (both in Program and Business
Service Offices) on all fiscal aspects of
the agency; and (7) provides support for
public health by ensuring that
appropriated funds provided to the
agency are utilized, in compliance with
Congressional mandate, for the sole
purpose of preventing and controlling
infectious diseases domestically and
globally.
Delete in its entirety the title for the
Human Capital Management Office
(CAJQ), and insert the title Human
Capital and Resources Management
Office (CAJQ).
After the title and functional
statements for the Human Capital and
Resources Management Office (CAJQ),
insert the following:
Office of the Chief Information Officer
(CAJR). The mission of the Office of the
Chief Information Officer (OCIO) is to
administer CDC’s information resources
and information technology programs
including collection, management, use,
and disposition of data and information
assets; development, acquisition,
operation, maintenance, and retirement
of information systems and information
technologies; IT capital planning;
enterprise architecture; information
security; education, training, and
workforce development in information
and IT disciplines; development and
oversight of information and IT policies,
standards, and guidance; and
administration of certain other general
management functions and services for
CDC.
Office of the Director (CAJR1). (1)
Provides leadership, direction, support
and assistance to CDC’s programs and
activities to enhance CDC’s strategic
position in public health informatics;
information technology, and other
information areas to optimize
operational effectiveness support of
CDC’s mission and business services; (2)
coordinates and oversees all CDC efforts
in these areas; (3) serves as the
accountable focus for CDC in these
program areas and represents CDC with
various external stakeholders,
collaborators, service providers,
oversight organizations, and others; (4)
maintains liaison with officials of HHS
responsible for the direction and
conduct of such functions; and (5)
directs the operations of offices within
PO 00000
Frm 00034
Fmt 4703
Sfmt 4703
the OCIO to ensure effective and
efficient service delivery and alignment
with CDC strategic direction.
Enterprise Information Technology
Portfolio Office (CAJR12). (1) Leads,
plans, and manages CDC’s information
technology (IT) budget development and
review processes; (2) plans and directs
the Capital Planning Investment Control
processes including investment
selection, control and evaluation,
business case analyses, lifecycle
reviews, portfolio development,
performance measures, and investment
prioritization procedures; (3) develops
and monitors earned value management
analyses of project cost, schedule and
deliverable commitments; (4) provides
guidance to program and project
managers on the use of the tools for
preparing investment documentation
that meet CDC, HHS, and OMB
requirements; (5) develops CDC IT
strategic and tactical plans; (6) leads
development of the enterprise
architecture and transition strategies; (7)
collaborates with CDC staff to develop
business process models for CDC public
health functions; (8) develops and
maintains a shared services catalog to
promote reuse of existing resources; (9)
supports CDC information resource
governance structures including
common processes, tools, techniques;
(10) identifies needs and develops
strategies and approaches to acquire and
manage enterprise statistical software
licenses; and (11) develops internal cost
allocation methods and coordinates
allocation of costs for annual license
renewal payments.
Freedom of Information Act Office
(CAJR13). (1) Leads and administers the
Freedom of Information Act (FOIA)
program for CDC and ATSDR; (2)
reviews, analyzes, redacts as necessary,
and releases documents to the public
under the provisions of the Act; (3)
tracks and monitors FOIA requests and
responses to ensure timely and
appropriate responses; (4) provides
guidance to employees, supervisors,
management, OGC and high-level
agency officials on various aspects of
the Act; (5) interprets and applies legal
and technical precedents, laws and
regulations relating to FOIA issues; and
(6) provides training to program staff
and management concerning FOIA
requirements and processing.
CIMS Program Management Office
(CAJR14). (1) Plans, develops, manages,
and conducts oversight of CDC’s
information services contracts; (2)
coordinates and facilitates contracts use
including requirements development,
specifications, performance needs,
quality assurance and service delivery,
and contract administration; and (3)
E:\FR\FM\12MRN1.SGM
12MRN1
pmangrum on DSK3VPTVN1PROD with NOTICES
Federal Register / Vol. 77, No. 48 / Monday, March 12, 2012 / Notices
provides guidance and assistance to
programs on the various aspects of the
contracts to meet their requirements.
Remove all CAJD standard
administrative codes for the Information
Technology Services Office (CAJD), and
replace with the following:
Information Technology Services
Office (CAJRB), Office of the Director
(CAJRB1), Operations Branch (CARBB),
Network Technology Branch (CAJRBC),
Customer Services Branch (CAJRBD).
Remove all CAJG standard
administrative codes for the
Management Analysis and Services
Office (CAJG), and replace with the
following:
Management Analysis and Services
Office (CAJRC), Office of the Director
(CAJRC1), Management Assessment
Branch (CAJRCB), Information Services
Branch (CAJRCC), Business Process
Analysis Branch (CAJRCD), Federal
Advisory Committee Management
Branch (CAJRCE),
Remove the CAJN standard
administrative code for the Management
Information Systems Office (CAJN), and
replace with Management Information
Systems Office (CAJRD).
After the functional statement for the
Management Information Systems
Office (CAJRD), insert the following:
Office of the Chief Information
Security Officer (CAJRE). The mission of
the Office of the Chief Information
Security Officer (OCISO) is to
administer CDC’s information security
program to protect CDC’s information,
information systems, and information
technology commensurate with the risk
and magnitude of harm resulting from
the unauthorized access, use,
disclosure, disruption, modification, or
destruction of information collected or
maintained by or on behalf of the
agency.
Office of the Director (CAJRE1). (1)
Manages and directs the activities and
functions of the Office of the Chief
Information Security Officer; (2)
develops and maintains a CDC-wide
information security program; (3)
develops and maintains information
security policies, procedures and
control techniques to address the
responsibilities assigned to the CDC
under the Federal Information Security
Management Act of 2002 (FISMA) and
other governing statutes, regulations,
and policies; (4) coordinates the
professional development and operating
procedures of CDC staff substantially
involved in information security
responsibilities; (5) assists CDC senior
management concerning their FISMA
responsibilities; and (6) ensures privacy
VerDate Mar<15>2010
14:55 Mar 09, 2012
Jkt 226001
management so personally identifiable
information is appropriately collected,
processed, stored and protected.
Operations, Analysis and Response
Branch (CAJREB). (1) Performs
continuous monitoring functions
including enterprise security log
correlation, vulnerability and
compliance scanning and risk
assessments; (2) performs network
monitoring, security event correlation,
forensic investigations, data recovery
and malware analysis; (3) develops and
maintains the CDC Computer Security
Incident Response Team; (4) performs
cyber security incident reporting
according to US–CERT reporting
guidelines; (5) facilitates cyber security
incident remediation; (6) coordinates
with law enforcement agencies and
participates in cyber security
intelligence activities; (7) develops
enterprise security architecture, firewall
management, cyber security tool
management and CDC information
resource governance—security
component; and (8) supports OCISO IT
operations; and (9) performs security
product research and development,
evaluation and testing.
Policy and Planning Branch
(CAJREC). (1) Coordinates compliance
and audit reviews; (2) develops cyber
security policies and standards; (3)
conducts system security tests and
evaluations and identifies, assesses,
prioritizes, and monitors the progress of
corrective efforts for security
weaknesses found in programs and
systems; (4) maintains the Security
Awareness Training program and
coordinates significant security
responsibilities and IT security training;
(5) reviews and approves security and
privacy related elements of OMB
business cases; (6) conducts OCISO
internal audit program and contract
language reviews for information
security and privacy act clearance
decisions; (7) coordinates critical
infrastructure protection continuity
operations plans, data call management,
E-Authentication and security
requirements of CDC information
system development; (8) conducts
security reviews of non-standard
software for use at CDC; and (9)
coordinates FISMA security milestone
oversight reporting and is the Office of
Inspector General and Government
Accounting Office Audit Liaison.
Dated: March 5, 2012.
Thomas R. Frieden,
Director, Centers for Disease Control and
Prevention.
[FR Doc. 2012–5862 Filed 3–9–12; 8:45 am]
DEPARTMENT OF HEALTH AND
HUMAN SERVICES
Administration for Children and
Families
Proposed Information Collection
Activity; Comment Request
Proposed Projects
Title: Performance Measures for
Community-Centered Healthy Marriage,
Pathways to Responsible Fatherhood
and Community-Centered Responsible
Fatherhood Ex-Prisoner Reentry grant
programs.
OMB No.: 0970–0365.
Description: The Office of Family
Assistance (OFA), Administration for
Children and Families (ACF), U.S.
Department of Health and Human
Services (HHS), intends to request
approval from the Office of Management
and Budget (OMB) to renew OMB Form
0970–0365 for the collection of
performance measures from grantees for
the Community-Centered Healthy
Marriage, Pathways to Responsible
Fatherhood and Community-Centered
Responsible Fatherhood Ex-Prisoner
Reentry discretionary grant programs.
The performance measure data obtained
from the grantees will be used by OFA
to report on the overall performance of
these grant programs.
Data will be collected from all 61
Community-Centered Healthy Marriage,
53 Pathways to Responsible Fatherhood
and 4 Community-Centered Responsible
Fatherhood Ex-Prisoner Reentry
grantees in the OFA programs. Grantees
will report on program and participant
outcomes in such areas as participants’
improvement in knowledge skills,
attitudes, and behaviors related to
healthy marriage and responsible
fatherhood. Grantees will be asked to
input data for selected outcomes for
activities funded under the grants.
Grantees will extract data from program
records and will report the data twice
yearly through an on-line data
collection tool. Training and assistance
will be provided to grantees to support
this data collection process.
Respondents: Office of Family
Assistance Funded CommunityCentered Healthy Marriage, Pathways to
Responsible Fatherhood and
Community-Centered Responsible
Fatherhood Ex-Prisoner Reentry
Grantees.
BILLING CODE 4160–18–M
PO 00000
Frm 00035
Fmt 4703
Sfmt 4703
14527
E:\FR\FM\12MRN1.SGM
12MRN1
]]>Agencies
[Federal Register Volume 77, Number 48 (Monday, March 12, 2012)]
[Notices]
[Pages 14525-14527]
From the Federal Register Online via the Government Printing Office [www.gpo.gov]
[FR Doc No: 2012-5862]
=======================================================================
-----------------------------------------------------------------------
DEPARTMENT OF HEALTH AND HUMAN SERVICES
Centers for Disease Control and Prevention
Statement of Organization, Functions, and Delegations of
Authority
Part C (Centers for Disease Control and Prevention) of the
Statement of Organization, Functions, and Delegations of Authority of
the Department of Health and Human Services (45 FR 67772-76, dated
October 14, 1980, and corrected at 45 FR 69296, October 20, 1980, as
amended most recently at 77 FR 5804-5812, dated February 6, 2012) is
amended to reflect the reorganization of the Office of the Chief
Operating Officer, Office of the Director, Centers for Disease Control
and Prevention.
Section C-B, Organization and Functions, is hereby amended as
follows:
Delete in its entirety the functional statement for the Office of
the Chief Operating Officer (CAJ), and insert the following:
Office of the Chief Operating Officer (CAJ). (1) Provides mission
and values-based leadership, direction, support and assistance to CDC's
programs and activities to enhance CDC's strategic position in public
health; ensure responsible stewardship; maintain core values; optimize
operational effectiveness of business services; and institutionalize
accountability for achieving management initiatives; (2) directs the
conduct of operational
[[Page 14526]]
activities undertaken by Agency program support and management service
staff, including, among others, facilities and real property planning
and management; grants, procurement and materiel management; human
resources management; information technology and systems planning and
support; internal security and emergency preparedness; and management
analysis and services; (3) manages the planning, evaluation, and
implementation of continuous improvement and reengineering initiatives
and adoption of innovations and technologies in these areas and ensures
that they are undertaken in a comprehensive and integrated manner and
with consideration of strategic implications for human capital
planning; (4) maintains liaison with officials of DHHS responsible for
the direction and conduct of DHHS program support and management
services functions; (5) participates in the development of CDC's goals
and objectives; (6) provides assistance to DHHS officials and to CDC's
Centers/Institute/Offices (CI0s) to assure that the human resources of
CDC are sufficient in numbers, training, and diversity to effectively
conduct the public health mission of CDC; (7) provides direction for
the Agency's ethics program and activities associated with Departmental
and Presidential management initiatives; (8) provides direction in
establishing accountable measures for financial management of both
budget estimating and execution processes agencywide; and (9) provides
guidance and ensures compliance with the budget priorities established
by the Office of the Director, CDC.
Delete in their entirety the title and functional statement for the
Administrative Services and Program Office (CAJ12).
After the functional statement for the Office of the Director
(CAJ1), Office of the Chief Operating Officer (CAJ), insert the
following:
Office of the Chief Financial Officer (CAJ1P). The Office of the
Chief Financial Officer (OCFO), located within the Office of the Chief
Operating Officer (OCOO), addresses agency-wide fiscal accountability
and oversight. The OCFO supports CDC's mission to ``save money through
prevention'' by ensuring appropriate fiscal stewardship of the tax
payer dollar while CDC accomplishes its activities in the areas of
disease research, prevention, and early detection. Accordingly, the
OCFO: (1) Manages the financial risk of the agency; (2) provides
oversight of the agency's financial activities and accounting
practices; (3) performs reviews and training in high risk areas for
both the agency and the Department where there appears to be fiscal
vulnerabilities; (4) provides expertise in interpreting appropriations
law issues and financial policy matters; (5) assists in the receipt,
distribution and monitoring of agency issues submitted by the Office of
the Inspector General Hotline; (6) advises and assists the CDC
Director, the Chief Operating Officer, and other key agency officials
(both in Program and Business Service Offices) on all fiscal aspects of
the agency; and (7) provides support for public health by ensuring that
appropriated funds provided to the agency are utilized, in compliance
with Congressional mandate, for the sole purpose of preventing and
controlling infectious diseases domestically and globally.
Delete in its entirety the title for the Human Capital Management
Office (CAJQ), and insert the title Human Capital and Resources
Management Office (CAJQ).
After the title and functional statements for the Human Capital and
Resources Management Office (CAJQ), insert the following:
Office of the Chief Information Officer (CAJR). The mission of the
Office of the Chief Information Officer (OCIO) is to administer CDC's
information resources and information technology programs including
collection, management, use, and disposition of data and information
assets; development, acquisition, operation, maintenance, and
retirement of information systems and information technologies; IT
capital planning; enterprise architecture; information security;
education, training, and workforce development in information and IT
disciplines; development and oversight of information and IT policies,
standards, and guidance; and administration of certain other general
management functions and services for CDC.
Office of the Director (CAJR1). (1) Provides leadership, direction,
support and assistance to CDC's programs and activities to enhance
CDC's strategic position in public health informatics; information
technology, and other information areas to optimize operational
effectiveness support of CDC's mission and business services; (2)
coordinates and oversees all CDC efforts in these areas; (3) serves as
the accountable focus for CDC in these program areas and represents CDC
with various external stakeholders, collaborators, service providers,
oversight organizations, and others; (4) maintains liaison with
officials of HHS responsible for the direction and conduct of such
functions; and (5) directs the operations of offices within the OCIO to
ensure effective and efficient service delivery and alignment with CDC
strategic direction.
Enterprise Information Technology Portfolio Office (CAJR12). (1)
Leads, plans, and manages CDC's information technology (IT) budget
development and review processes; (2) plans and directs the Capital
Planning Investment Control processes including investment selection,
control and evaluation, business case analyses, lifecycle reviews,
portfolio development, performance measures, and investment
prioritization procedures; (3) develops and monitors earned value
management analyses of project cost, schedule and deliverable
commitments; (4) provides guidance to program and project managers on
the use of the tools for preparing investment documentation that meet
CDC, HHS, and OMB requirements; (5) develops CDC IT strategic and
tactical plans; (6) leads development of the enterprise architecture
and transition strategies; (7) collaborates with CDC staff to develop
business process models for CDC public health functions; (8) develops
and maintains a shared services catalog to promote reuse of existing
resources; (9) supports CDC information resource governance structures
including common processes, tools, techniques; (10) identifies needs
and develops strategies and approaches to acquire and manage enterprise
statistical software licenses; and (11) develops internal cost
allocation methods and coordinates allocation of costs for annual
license renewal payments.
Freedom of Information Act Office (CAJR13). (1) Leads and
administers the Freedom of Information Act (FOIA) program for CDC and
ATSDR; (2) reviews, analyzes, redacts as necessary, and releases
documents to the public under the provisions of the Act; (3) tracks and
monitors FOIA requests and responses to ensure timely and appropriate
responses; (4) provides guidance to employees, supervisors, management,
OGC and high-level agency officials on various aspects of the Act; (5)
interprets and applies legal and technical precedents, laws and
regulations relating to FOIA issues; and (6) provides training to
program staff and management concerning FOIA requirements and
processing.
CIMS Program Management Office (CAJR14). (1) Plans, develops,
manages, and conducts oversight of CDC's information services
contracts; (2) coordinates and facilitates contracts use including
requirements development, specifications, performance needs, quality
assurance and service delivery, and contract administration; and (3)
[[Page 14527]]
provides guidance and assistance to programs on the various aspects of
the contracts to meet their requirements.
Remove all CAJD standard administrative codes for the Information
Technology Services Office (CAJD), and replace with the following:
Information Technology Services Office (CAJRB), Office of the
Director (CAJRB1), Operations Branch (CARBB), Network Technology Branch
(CAJRBC), Customer Services Branch (CAJRBD).
Remove all CAJG standard administrative codes for the Management
Analysis and Services Office (CAJG), and replace with the following:
Management Analysis and Services Office (CAJRC), Office of the
Director (CAJRC1), Management Assessment Branch (CAJRCB), Information
Services Branch (CAJRCC), Business Process Analysis Branch (CAJRCD),
Federal Advisory Committee Management Branch (CAJRCE),
Remove the CAJN standard administrative code for the Management
Information Systems Office (CAJN), and replace with Management
Information Systems Office (CAJRD).
After the functional statement for the Management Information
Systems Office (CAJRD), insert the following:
Office of the Chief Information Security Officer (CAJRE). The
mission of the Office of the Chief Information Security Officer (OCISO)
is to administer CDC's information security program to protect CDC's
information, information systems, and information technology
commensurate with the risk and magnitude of harm resulting from the
unauthorized access, use, disclosure, disruption, modification, or
destruction of information collected or maintained by or on behalf of
the agency.
Office of the Director (CAJRE1). (1) Manages and directs the
activities and functions of the Office of the Chief Information
Security Officer; (2) develops and maintains a CDC-wide information
security program; (3) develops and maintains information security
policies, procedures and control techniques to address the
responsibilities assigned to the CDC under the Federal Information
Security Management Act of 2002 (FISMA) and other governing statutes,
regulations, and policies; (4) coordinates the professional development
and operating procedures of CDC staff substantially involved in
information security responsibilities; (5) assists CDC senior
management concerning their FISMA responsibilities; and (6) ensures
privacy management so personally identifiable information is
appropriately collected, processed, stored and protected.
Operations, Analysis and Response Branch (CAJREB). (1) Performs
continuous monitoring functions including enterprise security log
correlation, vulnerability and compliance scanning and risk
assessments; (2) performs network monitoring, security event
correlation, forensic investigations, data recovery and malware
analysis; (3) develops and maintains the CDC Computer Security Incident
Response Team; (4) performs cyber security incident reporting according
to US-CERT reporting guidelines; (5) facilitates cyber security
incident remediation; (6) coordinates with law enforcement agencies and
participates in cyber security intelligence activities; (7) develops
enterprise security architecture, firewall management, cyber security
tool management and CDC information resource governance--security
component; and (8) supports OCISO IT operations; and (9) performs
security product research and development, evaluation and testing.
Policy and Planning Branch (CAJREC). (1) Coordinates compliance and
audit reviews; (2) develops cyber security policies and standards; (3)
conducts system security tests and evaluations and identifies,
assesses, prioritizes, and monitors the progress of corrective efforts
for security weaknesses found in programs and systems; (4) maintains
the Security Awareness Training program and coordinates significant
security responsibilities and IT security training; (5) reviews and
approves security and privacy related elements of OMB business cases;
(6) conducts OCISO internal audit program and contract language reviews
for information security and privacy act clearance decisions; (7)
coordinates critical infrastructure protection continuity operations
plans, data call management, E-Authentication and security requirements
of CDC information system development; (8) conducts security reviews of
non-standard software for use at CDC; and (9) coordinates FISMA
security milestone oversight reporting and is the Office of Inspector
General and Government Accounting Office Audit Liaison.
Dated: March 5, 2012.
Thomas R. Frieden,
Director, Centers for Disease Control and Prevention.
[FR Doc. 2012-5862 Filed 3-9-12; 8:45 am]
BILLING CODE 4160-18-M
