IT Policy, Standards and Guidance

The OCIO provides the following services to the NIH community:

• Educates and guides the NIH community on the federal, HHS and other high-level policies, regulations, and laws that drive NIH-level IT requirements
• Collaborates with the IT and broader NIH communities to develop, vet, implement and administer NIH IT-related policy, standards and guidance
• Ensures that NIH management and staff have the proper information they need to effectively and efficiently use and protect valuable NIH IT resources and data.

A list of the current IT-related policies, standards and guidance is provided by subject area below.

•  HHS Policy for Information Technology Portfolio Management (PFM)
• HHS Enterprise Performance Life Cycle (EPLC) Policy
•  HHS Policy for Rules of Behavior for Use of Information and IT Resources
• HHS Section 508 and Accessibility of Technology Policy
• HHS Section 508 Homepage
• NIH Communications (E-mail and Internet)
  • NIH E-mail Accounts - Staff Departures Procedures
  • NIH Public Facing Web Management Policy
  • NIH Social and New Media Policy
  • NIH Staff E-Mail List and to use the NIH Staff List, access the NIH Staff List homepage
  • NIH Web Privacy Policy
• NIH Enterprise Architecture Policy
• NIH Information Security

The Information Security policies are geared towards users inside the NIH network. If you need any information related to Information Security policies please contact: nihisaopolicy@mail.nih.gov. If you have questions about general IT policies please contact: nihciocommunications@mail.nih.gov.

• File

  NIH Network Device Standard
• NIH Smart Card Authentication

More Information

IT policies, standards and guidance issued by external IT governance organizations and followed by NIH can be found at External IT Governance and Oversight under IT Governance & Policy.

Contact

General IT Policy
Email nihciocommunications@mail.nih.gov
Phone 301-496-1168

Information Security Policy
Email nihisaopolicy@mail.nih.gov