The Office of the Chief Information Officer -
(a) Plans, directs, and oversees the NRC's information resources, including technology infrastructure and delivery of information management services, to meet the mission and goals of the agency;
(b) Provides principal advice to the Chairman to ensure that information technology (IT) is acquired and information resources across the agency are managed in a manner consistent with Federal information resources management (IRM) laws and regulations;
(c) Assists senior management in recognizing where information technology can add value while improving NRC operations and service delivery;
(d) Directs the implementation of a sound and integrated IT architecture to achieve NRC's strategic and IRM goals;
(e) Monitors and evaluates the performance of information technology and information management programs based on applicable performance measures and assesses the adequacy of IRM skills of the agency;
(f) Provides guidance and oversight for the selection, control and evaluation of information technology investments;
(g) Provides oversight and quality assurance for the design and operation of the Licensing Support Network (LSN) services and for the completeness and integrity of the LSN database, ensures that the LSN meets the requirements of 10 CFR part 2, subpart J, concerning the use of the LSN in the Commission's high-level waste licensing proceedings, and provides technical oversight of DOE in the design, development, and operation of the LSN; and
(h) Plans, recommends, and oversees the NRC's Information Technology (IT) Security Program consistent with applicable laws, regulations, management initiatives, and policies;
(i) Provides principal advice to the NRC on the infrastructure, as well as the programmatic and administrative aspects of cybersecurity;
(j) Establishes NRC-wide cybersecurity guidelines;
(k) Guides security process maturity, as well as formulating and overseeing the cybersecurity program budget; and
(l) Ensures NRC-wide integration, direction, and coordination of IT security planning and performance within the framework of the NRC IT Security Program.
[70 FR 69422, Nov. 16, 2005, as amended at 80 FR 74978, Dec. 1, 2015]