Page:United States Statutes at Large Volume 121.djvu/1351

 121 STAT. 1330

Certification.

Notification.

dkrause on GSDDPC44 with PUBLAW

Notification.

VerDate Aug 31 2005

07:12 Jan 26, 2009

PUBLIC LAW 110–116—NOV. 13, 2007

SEC. 8068. (a) None of the funds appropriated in this Act may be used for a mission critical or mission essential financial management information technology system (including a system funded by the defense working capital fund) that is not registered with the Chief Information Officer of the Department of Defense. A system shall be considered to be registered with that officer upon the furnishing to that officer of notice of the system, together with such information concerning the system as the Secretary of Defense may prescribe. A financial management information technology system shall be considered a mission critical or mission essential information technology system as defined by the Under Secretary of Defense (Comptroller). (b)(1) During the current fiscal year, a financial management automated information system, a mixed information system supporting financial and non-financial systems, or a system improvement of more than $1,000,000 may not receive Milestone A approval, Milestone B approval, or full rate production, or their equivalent, within the Department of Defense until the Under Secretary of Defense (Comptroller) certifies, with respect to that milestone, that the system is being developed and managed in accordance with the Department’s Financial Management Modernization Plan. The Under Secretary of Defense (Comptroller) may require additional certifications, as appropriate, with respect to any such system. (2) The Chief Information Officer shall provide the congressional defense committees timely notification of certifications under paragraph (1). (c)(1) During the current fiscal year, a major automated information system may not receive Milestone A approval, Milestone B approval, or full rate production approval, or their equivalent, within the Department of Defense until the Chief Information Officer certifies, with respect to that milestone, that the system is being developed in accordance with the Clinger-Cohen Act of 1996 (40 U.S.C. 1401 et seq.). The Chief Information Officer may require additional certifications, as appropriate, with respect to any such system. (2) The Chief Information Officer shall provide the congressional defense committees timely notification of certifications under paragraph (1). Each such notification shall include a statement confirming that the following steps have been taken with respect to the system: (A) Business process reengineering. (B) An analysis of alternatives. (C) An economic analysis that includes a calculation of the return on investment. (D) Performance measures. (E) An information assurance strategy consistent with the Department’s Global Information Grid. (d) For purposes of this section: (1) The term ‘‘Chief Information Officer’’ means the senior official of the Department of Defense designated by the Secretary of Defense pursuant to section 3506 of title 44, United States Code. (2) The term ‘‘information technology system’’ has the meaning given the term ‘‘information technology’’ in section 5002 of the Clinger-Cohen Act of 1996 (40 U.S.C. 1401). SEC. 8069. During the current fiscal year, none of the funds available to the Department of Defense may be used to provide

Jkt 059194

PO 00002

Frm 00038

Fmt 6580

Sfmt 6581

M:\STATUTES\2007\59194PT2.001

APPS10

PsN: 59194PT2

�