Overview[]
The U.S. Office of Management and Budget has issued numerous memoranda that relate to information technology and information policies regarding Federal agencies.
OMB memoranda[]
The memoranda discussed in this wiki include the following (in reverse chronological order):
2018[]
- OMB Memorandum M-19-03: Strengthening the Cybersecurity of Federal Agencies by enhancing the High Value Asset Program (Dec. 10, 2018).
2017[]
- OMB Memorandum M-17-25: Reporting Guidance for Executive Order on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure (May 19, 2017).
- OMB Memorandum M-17-12: Preparing for and Responding to a Breach of Personally Identifiable Information (Jan. 3, 2017).
2016[]
- OMB Memorandum M-17-09: Management of Federal High Value Assets
- OMB Memorandum M-17-05: Fiscal Year 2016-2017 Guidance On Federal Information Security And Privacy Management Requirements (Nov 4, 2016).
- OMB Memorandum M-17-04: Additional Guidance for Data Act Implementation: Further Requirements For Reporting And Assuring Data Reliability (Nov 4, 2016).
- OMB Memorandum M-17-02: Precision Medicine Initiative Privacy and Security (Oct 21, 2016).
- OMB Memorandum M-16-24: Role and Designation of Senior Agency Officials for Privacy (Sept. 15, 2016).
- OMB Memorandum M-16-21: Federal Source Code Policy: Achieving Efficiency, Transparency, and Innovation through Reusable and Open Source Software (August 8, 2016).
- OMB Memorandum M-16-20: Improving the Acquisition and Management of Common Information Technology: Mobile Devices and Services (August 4, 2016).
- OMB Memorandum M-16-19: Data Center Optimization Initiative (DCOI) (August 1, 2016).
- OMB Memorandum M-16-17: Management's Responsibility for Enterprise Risk Management and Internal Control (July 2016).
- OMB Memorandum M-16-16: 2016 Agency Open Government Plans (July 14, 2016).
- OMB Memorandum M-16-15: Federal Cybersecurity Workforce Strategy (July 12, 2016).
- OMB Memorandum M-16-14: Providing Comprehensive Identity Protection Services, Identity Monitoring, and Data Breach Response (July 1, 2016).
- OMB Memorandum M-16-12: Improving the Acquisition and Management of Common Information Technology: Software Licensing (June 2, 2016).
- OMB Memorandum M-16-04, Cybersecurity Strategy and Implementation Plan (CSIP) for the Federal Civilian Government
2015[]
- OMB Memorandum M-15-19: Improving Government Efficiency and Saving Taxpayer Dollars Through Electronic Invoicing (July 17, 2015).
- OMB Memorandum M-15-16: Multi-Agency Science and Technology Priorities for the FY 2017 Budget (July 9, 2015).
- OMB Memorandum M-15-14: Management and Oversight of Federal Information Technology (June 10, 2015).
- OMB Memorandum M-15-13: Policy to Require Secure Connections across Federal Websites and Web Services (June 8, 2015).
- OMB Memorandum M-16-04: Cybersecurity Strategy and Implementation Plan (CSIP) for the Federal Civilian Government (Oct. 30, 2015).
- OMB Memorandum M-16-02: Improving the Acquisition and Management of Common Information Technology: Laptops and Desktops (Oct. 16, 2015).
2014[]
- OMB Memorandum M-14-16: Guidance on Managing Email (Sept. 15, 2014).
2013[]
- OMB Memorandum M-13-20, Protecting Privacy while Reducing Improper Payments with the Do Not Pay Initiative (Aug. 16, 2013).
- OMB Memorandum M-13-13, Open Data Policy-Managing Information as an Asset (May 9, 2013).
- OMB Memorandum M-13-09, Fiscal Year 2013 PortfolioStat Guidance: Strengthening Federal IT Portfolio Management (Mar. 27, 2013).
- OMB Memorandum M-14-04, Fiscal Year 2013 Reporting Instructions for the Federal Information Security Management Act and Agency Privacy Management (Nov. 18, 2013).
- OMB Memorandum M-14-03, Enhancing the Security of Federal Information and Information Systems (Nov. 18, 2013).
2012[]
- OMB Memorandum M-12-20, FY 2012 Reporting Instructions for the Federal Information Security Management Act and Agency Privacy Management (Sept. 27, 2012).
- OMB Memorandum M-12-18, Managing Government Records Directive (Aug. 24, 2012).
- OMB Memorandum M-12-10, Implementing PortfolioStat (Mar. 31, 2012).
2011[]
- OMB Memorandum M-11-33, FY 2011 Reporting Instructions for the Federal Information Security Management Act and Agency Privacy Management (Sept. 14, 2011).
- OMB Memorandum M-11-29, Chief Information Officer Authorities (Aug. 8, 2011).
- OMB Memorandum M-11-27, Implementing the Telework Enhancement Act of 2010: Security Guidelines (July 15, 2011).
- OMB Memorandum M-11-24, Guidance on Streamlining Service Delivery and Improving Customer Service (June 2011).
- OMB Memorandum M-11-20, Implementing Telework Enhancement Act of 2010 IT Purchasing Requirements (Apr. 28, 2011).
- OMB Memorandum M-11-19, Retrospective Analysis of Existing Significant Regulations (Apr. 25, 2011).
- OMB Memorandum M-11-15: Final Guidance on Implementing the Plain Writing Act of 2010 (Apr. 13, 2011).
- OMB Memorandum M-11-11, Continued Implementation of Homeland Security Presidential Directive 12 (HSPD-12) Policy for a Common Identification Standard for Federal Employees and Contractors (Feb. 3, 2011).
- OMB Memorandum M-11-08: Initial Assessments of Safeguarding and Counterintelligence Postures for Classified National Security Information in Automated Systems (Jan. 3, 2011).
2010[]
- OMB Memorandum M-11-06, WikiLeaks - Mishandling of Classified Information (Nov. 28, 2010).
- OMB Memorandum M-11-02, Sharing Data While Protecting Privacy (Nov. 3, 2010).
- OMB Memorandum M-10-32, Evaluating Programs for Efficacy and Cost Efficiency (July 2010).
- OMB Memorandum M-10-31, Immediate Review of Information Technology Projects (July 28, 2010).
- OMB Memorandum M-10-28, Clarifying Cybersecurity Responsibilities and Activities of the Executive Office of the President and the Department of Homeland Security (DHS) (July 6, 2010).
- OMB Memorandum M-10-27, Information Technology Investment Baseline Management Policy (June 28, 2010).
- OMB Memorandum M-10-26, Immediate Review of Financial Systems IT Projects (June 28, 2010).
- OMB Memorandum M-10-25, Reforming the Federal Government's Efforts to Manage Information Technology Projects (June 28, 2010).
- OMB Memorandum M-10-23, Guidance for Agency Use of Third-Party Websites and Applications (June 25, 2010).
- OMB Memorandum M-10-22, Guidance for Online Use of Web Measurement and Customization Technologies (June 25, 2010).
- OMB Memorandum M-10-15, FY 2010 Reporting Instructions for the Federal Information Security Management Act and Agency Privacy Management (Apr. 21, 2010).
- OMB Memorandum M-10-10, Federal Agency Coordination on Health Information Technology (HIT) (Feb. 19, 2010).
2009[]
- OMB Memorandum M-10-06, Open Government Directive (Dec. 8, 2009).
- OMB Memorandum M-09-32, Update on the Trusted Internet Connections Initiative (Sept. 17, 2009).
- OMB Memorandum M-09-29, Memorandum for Heads of Executive Departments and Agencies, Subject: FY 2009 Reporting Instructions for the Federal Information Security Management Act and Agency Privacy Management (Aug. 20, 2009).
- OMB Memorandum M-09-12, President's Memorandum on Transparency and Open Government - Interagency Collaboration (Feb. 26, 2009).
2008[]
- OMB Memorandum M-09-02, Information Technology Management Structure and Governance Framework (Oct. 21, 2008).
- OMB Memorandum M-08-27, Guidance for Trusted Internet Connection (TIC) Compliance (Sept. 30, 2008).
- OMB Memorandum M-08-26, Transition from FTS2001 to Networx (Aug. 28, 2008).
- OMB Memorandum M-08-23, Securing the Federal Government’s Domain Name System Infrastructure (Aug. 22, 2008).
- OMB Memorandum M-08-21, FY 2008 Reporting Instructions for the Federal Information Security Management Act and Agency Privacy Management (July 14, 2008).
- OMB Memorandum M-08-16, Guidance for Trusted Internet Connection Statement of Capability Form (SOC) (Apr. 4, 2008).
- OMB Memorandum M-08-15, Tools Available for Implementing Electronic Records Management (Mar. 31, 2008).
- OMB Memorandum M-08-09, New FISMA Privacy Reporting Requirements for FY 2008 (Jan. 18, 2008).
2007[]
- OMB Memorandum M-08-05, Implementation of Trusted Internet Connections (TIC) (Nov. 20, 2007).
- OMB Memorandum M-08-01, HSPD-12 Implementation Status (Oct. 2007).
- OMB Memorandum M-07-24, Updated Principles for Risk Analysis (Sept. 19, 2007).
- OMB Memorandum M-07-23, Requiring Agency Use of the International Trade Data System (Sept. 10, 2007).
- OMB Memorandum M-07-20, FY 2007 E-Government Act Reporting Instructions (Aug. 14, 2007).
- OMB Memorandum M-07-19, FY 2007 Reporting Instructions for the Federal Information Security Management Act and Agency Privacy Management (July 25, 2007).
- OMB Memorandum M-07-16, Safeguarding Against and Responding to the Breach of Personally Identifiable Information (May 22, 2007).
- OMB Memorandum M-07-11, Implementation of Commonly Accepted Security Configurations for Windows Operating Systems (Mar. 22, 2007).
- OMB Memorandum M-07-06, Validating and Monitoring Agency Issuance of Personal Identity Verification Credentials (Jan. 11, 2007).
2006[]
- OMB Memorandum M-06-20, FY 2006 Reporting Instructions for the Federal Information Security Management Act and Agency Privacy Management (July 17, 2006).
- OMB Memorandum M-06-19, Reporting Incidents Involving Personally Identifiable Information and Incorporating the Cost for Security in Agency Information Technology Investments (July 12, 2006).
- OMB Memorandum M-06-16, Protection of Sensitive Agency Information (June 23, 2006).
- OMB Memorandum M-06-15, Safeguarding Personally Identifiable Information (May 22, 2006).
- OMB Memorandum M-06-07, Designation of a Senior Agency Official for Geospatial Information (Mar. 3, 2006).
- OMB Memorandum M-06-06, Sample Privacy Documents for Agency Implementation of Homeland Security Presidential Directive (HSPD) 12 (Feb. 17, 2006).
2005[]
- OMB Memorandum M-06-04, Implementation of the President's Executive Order "Improving Agency Disclosure of Information" (Dec. 30, 2005).
- OMB Memorandum M-06-02, Improving Public Access to and Dissemination of Government Information and Using the Federal Enterprise Architecture Data Reference Model (Dec. 2005).
- OMB Memorandum M-05-24, Implementation of Homeland Security Presidential Directive (HSPD) 12 – Policy for a Common Identification Standard for Federal Employees and Contractors (Aug. 5, 2005).
- OMB Memorandum M-05-23, Improving Information Technology (IT) Project Planning and Execution (Aug. 4, 2005).
- OMB Memorandum M-05-22, Transition Planning for Internet Protocol Version 6 (IPv6) (Aug. 2, 2005).
- OMB Memorandum M-05-17, Allocation of Responsibilities For Security Clearances Under the Executive Order, Strengthening Processes Relating to Determining Eligibility for Access to Classified National Security Information (June 30, 2005).
- OMB Memorandum M-05-15, FY 2005 Reporting Instructions for the Federal Information Security Management Act and Agency Privacy Management (June 13, 2005).
- OMB Memorandum M-05-08, Designation of Senior Agency Officials for Privacy (Feb. 11, 2005).
2004[]
- OMB Memorandum M-05-05, Electronic Signatures: How to Mitigate the Risk of Commercial Managed Services (Dec. 20, 2004).
- OMB Memorandum M-05-04, Policies for Federal Agency Public Websites (Dec. 17, 2004).
- OMB Memorandum M-05-03, Final Information Quality Bulletin for Peer Review (Dec. 16, 2004).
- OMB Memorandum M-04-26, Personal Use Policies and "File Sharing" Technology (Sept. 8, 2004).
- OMB Memorandum M-04-25, Reporting Instructions for the Federal Information Security Management Act and Updated Guidance on Quarterly IT Security Reporting (Aug. 23, 2004).
- OMB Memorandum M-04-24, Expanded Electronic Government (E-Gov) President’s Management Agenda (PMA) Scorecard Cost, Schedule and Performance Standard for Success (Aug. 23, 2004).
- OMB Memorandum M-04-19, Information Technology (IT) Project Manager (PM) Qualification Guidance (July 21, 2004).
- OMB Memorandum M-04-16, Software Acquisition (July 1, 2004).
- OMB Memorandum M-04-15, Development of Homeland Security Presidential Directive (HSPD-7) Critical Infrastructure Protection Plans to Protect Federal Critical Infrastructures and Key Resources (June 17, 2004).
2003[]
- OMB Memorandum M-04-04, E-Authentication Guidance for Federal Agencies (Dec. 16, 2003).
- OMB Memorandum M-03-22, OMB Guidance for Implementing the Privacy Provisions of the E-Government Act of 2002 (Sept. 30, 2003).
- OMB Memorandum M-03-19, Reporting Instructions for the Federal Information Security Management Act and Updated Guidance on Quarterly IT Security Reporting (Aug. 6, 2003).
- OMB Memorandum M-03-18, Implementation Guidance for the E-Government Act of 2002 (Aug. 1, 2003).
- OMB Memorandum, Streamlining Authentication and Identity Management within the Federal Government (July 3, 2003) (no number).
- OMB Memorandum M-03-14, Reducing Cost and Improving Quality in Federal Purchases of Commercial Software (June 2, 2003).
2002[]
- OMB Memorandum M-02-12, Reducing Redundant IT Infrastructure to Homeland Security (July 19, 2002).
- OMB Memorandum M-02-08, Redundant Information Systems Relating to On-Line Rulemaking Initiative (May 6, 2002).
- OMB Memorandum M-02-07, Procurement of Printing and Duplicating through the Government Printing Office (May 3, 2002).
2001[]
- OMB Memorandum M-02-01, Guidance for Preparing and Submitting Security Plans of Action and Milestones (Oct. 17, 2001).
- OMB Memorandum M-01-28, Citizen-Centered E-Government: Developing the Action Plan (July 18, 2001).
- OMB Memorandum M-01-24, Reporting Instructions for the Government Information Security Reform Act (June 22, 2001).
- OMB Memorandum M-01-08, Guidance On Implementing the Government Information Security Reform Act (Jan. 16, 2001).
2000[]
- OMB Memorandum M-01-05, Guidance on Inter-Agency Sharing of Personal Data—Protecting Personal Privacy (Dec. 20, 2000).
- OMB Memorandum M-00-15, OMB Guidance on Implementing the Electronic Signatures in Global and National Commerce Act (Sept. 25, 2000).
- OMB Memorandum M-00-13, Privacy Policies and Data Collection on Federal Web Sites (June 22, 2000).
- OMB Memorandum M-00-10, OMB Procedures and Guidance on Implementing the Government (Apr. 25, 2000).
- OMB Memorandum M-00-07, Incorporating and Funding Security in Information Systems Investments (Feb. 28, 2000).
1999[]
- OMB Memorandum M-00-03, Reporting Y2K Compliance of Non-mission Critical Systems (Nov. 10, 1999).
- OMB Memorandum M-99-20, Security of Federal Automated Information Resources (June 23, 1999).
- OMB Memorandum M-99-18, Privacy Policies on Federal Web Sites (June 2, 1999).
- OMB Memorandum M-99-05, Instructions on Complying with President's Memorandum of May 14, 1998, "Privacy and Personal Information in Federal Records" (Jan. 7, 1999).
1995-1998[]
- OMB Memorandum M-98-14, Comprehensive Plans and Associated Funding Requirements for Achieving Year 2000 Computer Compliance (Aug. 13, 1998).
- OMB Memorandum M-98-09, Updated Guidance on Developing a Handbook for Individuals Seeking Access of Public Information (Apr. 23, 1998).
- OMB Memorandum M-98-02, Progress Reports on Fixing Year 2000 Difficulties (Jan. 20, 1998).
- OMB Memorandum M-97-16, Information Technology Architectures (June 18, 1997).
- OMB Memorandum M-97-15, Local Telecommunications Services Policy (June 12, 1997).
- OMB Memorandum M-97-13, Computer Difficulties Due to the Year 2000 - Progress Reports (May 7, 1997).
- OMB Memorandum M-97-10, Guidance on Developing a Handbook for Individuals Seeking Access to Public Information (Apr. 7, 1997).
- OMB Memorandum M-97-09, Interagency Support for Information Technology (Mar. 10, 1997).
- OMB Memorandum M-97-07, Multiagency Contracts Under the Information Technology Management Reform Act of 1996 (Feb. 26, 1997).
- OMB Memorandum M-97-02, Funding Information Systems Investments (Oct. 25, 1996).
- OMB Memorandum M-96-20, Implementation of the Information Technology Management Reform Act of 1996 (Apr. 4, 1996).
Pre-1995[]
- OMB Memorandum M-84-6, Computer Match Checklist and Model Control System and Resource Document for Conducting Computer Matching Projects Involving Individual Privacy Data (Dec. 29, 1983).
- OMB Memorandum M-83-11, Guidelines on the Relationship Between the Privacy Act of 1974 and the Debt Collection Act of 1982 (Mar. 30, 1983).
- OMB Memorandum M-82-5, Revised Supplemental Guidance for Conducting Matching Programs (May 11, 1982).