The DOC CIO Council is to serve as a decision-making body to establish policy and to provide guidance on IT management practices which will ensure effective collaboration and bring all DOC IT into the 21st Century.  

The Identity, Credential, and Access Management (ICAM) Advisory Council is a Sub-committee of the DOC CIO Council.  The ICAM Advisory Council oversees, governs, and coordinates ICAM related functionality and services across the DOC enterprise. It coordinates the technical, enterprise architecture, business, budgetary, and research aspects of ICAM services for the DOC enterprise. It represents those interests within the DOC IT governance processes as well as overseeing interagency, intergovernmental and external coordination on ICAM related issues. It supports this oversight and coordination through analysis, reports, studies, and other means conducted by the ICAM Advisory Council, designated workgroups, PMO support, other headquarters support, or component support.

The DOC CIO chairs the CITRB and has a membership that consists of both Departmental executive leadership and a sub-set of Bureau Chief Information Officers.  The Information Technology Review (ITR) Program Management Office supports the overall CITRB Program. The ITR Program ensures that an IT investment, program, or project reviewed is aligned with bureau and department strategic plans, supports mission requirements, complies with enterprise architecture guidance and IT policies, minimizes project risk including security risk, and demonstrates value as defined by the stakeholders of each initiative presented for review. Activities of the ITR Program satisfy risk management requirements of the Clinger-Cohen Act, drive effective oversight established by Federal Information Technology and Acquisition Reform Act, and leverage guidance from the Federal CIO Council, Chief Financial Officers Council, General Accountability Office, Office of Management and Budget, or other government-wide advisory bodies that address Capital Planning and IT Investment management.   There are three types of reviews conducted under the umbrella of the CITRB Program.  

1.)  ITR CITRB
The CITRB is part of the Department's investment review process and is focused on new or recompeted acquisitions required to support major, non-major, and standard IT investments with life-cycle costs at or above $10 million. The CITRB ensures reviewed IT investments have an acceptable IT acquisition strategy, a viable technical approach, a risk plan, and an acceptable business case.  The CITRB provides approval or disapproval by the CIO of requests for IT Investment Authority (ITIA) and the acquisition strategy. ITIA approval is contingent upon the bureau having budget approval. ITIA approval is required before a bureau /line office may enter into an IT contract. A formal memo with the ITIA decision is issued at the completion of the review.

2.) ITR Programmatic Review  
This review is focused on the programmatic review of existing IT programs or projects. Programmatic reviews are more formal and may be attended by the entire CITRB membership. These reviews ensure that an IT program or project is aligned with strategic plans, supports mission requirements, complies with enterprise architecture guidance and IT policies, minimizes project risk including security risk, and demonstrates value as defined by the stakeholders of the initiative. These reviews can be initiated at any time by the DOC CIO or CITRB members.
An ITR programmatic review may be scheduled due to a downgrade of scores received on the OMB CIO IT Dashboard (see Appendix 2 that provides details of this process) or may be triggered because of OMB CIO IT Dashboard deficiencies (indicated by a Red or Yellow score), risks, issues, or concerns. In addition, an ITR programmatic review can serve as a formal TechStat review, to which OMB will be invited. A formal memo will be issued at the completion of each review.
 
3.) ITR CIO Review  
The ITR CIO review is a less formal review that will take place as a focused discussion among the program/project team and the DOC CIO, Bureau CIO, and other invited participants. The discussion may focus on a wide variety of topics including programmatic concerns, challenges, status overview, inherent risks, or collaboration opportunities. ITR CIO reviews are scheduled on an "as-needed basis" at the request of the DOC CIO or by a program or project. Prior to the review, the DOC OCIO will provide specific guidance as to the expected content, discussion topics, and intended outcome of the review. At the completion of the ITR CIO review, a formal memo will be issued to the Bureau leadership and program/project teams.