Departmental Critical Infrastructure Protection
Planning for the Protection of Physical Infrastructure

Report No. 02-01
November 2001
Office of the Inspector General

STATEMENT ON THE GOVERNMENT PERFORMANCE AND RESULTS ACT

In PDD 63, the OMB was instructed to direct federal agencies to include assigned infrastructure assurance functions within their Government Performance and Results Act (Results Act) strategic planning and performance measurement framework. However, an OMB official working in the critical infrastructure area told us that the OMB had not issued any directives implementing this requirement. Despite the absence of guidance, the Department's Summary Performance Plan for FY 2002 includes performance goals for IT security and protection of critical infrastructure. Specifically, the Department aims to have the components certify and accredit all information technology systems by the end of FY 2002 and to retest selected networks and systems to determine if the recommended corrective actions were taken by the component and if those actions produced the expected results. Additionally, the Department is to develop all necessary assets and capabilities to support operations aimed at disrupting and defeating threats to critical infrastructures. Key assets are to be identified; vulnerabilities assessed; and proactive techniques and countermeasures are to be developed. Key assets are organizations, systems, or physical plants, which, if lost, would have widespread or dire economic or social impact on a national, regional, or local basis.