The Office of the Chief Information Officer (OCIO) is the principal NIH Office responsible for NIH IT strategy, policy, and oversight to support NIH's mission as the Nation's steward of medical and behavioral research.
OCIO provides advice to the NIH Director and Institute, Center, and Office leadership on the strategic direction of IT management and cybersecurity.
OCIO is responsible for NIH's compliance with Federal legal and regulatory mandates, including the Federal Information Security Modernization Act (FISMA) and the Federal Information Technology Acquisition Reform Act (FITARA).
The Office of the CIO comprises four offices:
- Information Security and Awareness Office - Provides guidance to the NIH CIO and leadership on NIH's IT security/cyber posture and is responsible for NIH's cybersecurity operations and FISMA compliance. Director serves as the NIH Chief Information Security Officer.
- Information Technology Policy and Review Office - Advises and assists the NIH CIO and leadership in managing NIH IT resources and investments, including maintaining a capital planning and investment control program, mission-driven IT governance, IT policy, and digital accessibility (Section 508).
- Information Technology Acquisition Services Office - Advises the NIH CIO and leadership on IT contract management/strategy, FITARA IT acquisition strategy reviews, and administrative matters.
- Information Technology Architecture Office - Advises the CIO and leadership on IT enterprise architecture for NIH, including emerging technologies, adoption of NIH standards, and technology modernization.