Departmental Critical Infrastructure Protection
Planning for the Protection of Physical Infrastructure
Report No. 02-01
Office of the Inspector General
STATEMENT ON THE GOVERNMENT PERFORMANCE AND RESULTS ACT
In PDD 63, the OMB was instructed to direct federal agencies to include assigned infrastructure assurance functions within their Government Performance and Results Act (Results Act) strategic planning and performance measurement framework. However, an OMB official working in the critical infrastructure area told us that the OMB had not issued any directives implementing this requirement. Despite the absence of guidance, the Department's Summary Performance Plan for FY 2002 includes performance goals for IT security and protection of critical infrastructure. Specifically, the Department aims to have the components certify and accredit all information technology systems by the end of FY 2002 and to retest selected networks and systems to determine if the recommended corrective actions were taken by the component and if those actions produced the expected results. Additionally, the Department is to develop all necessary assets and capabilities to support operations aimed at disrupting and defeating threats to critical infrastructures. Key assets are to be identified; vulnerabilities assessed; and proactive techniques and countermeasures are to be developed. Key assets are organizations, systems, or physical plants, which, if lost, would have widespread or dire economic or social impact on a national, regional, or local basis.