Implementation Guide: Supplemental Guidance on the Implementation of M-13-13, “Open Data Policy - Managing Information as an Asset”The purpose of this guidance is to provide additional clarification and detailed requirements to assist agencies in carrying out the objectives of Executive Order 13642 of May 9, 2013, Making Open and Machine Readable the New Default for Government Information and OMB Memorandum M-13-13 Open Data Policy-Managing Information as an Asset. Specifically, this document focuses on near-term efforts agencies must take to meet the following five initial requirements of M-13-13, which are due November 1, 2013 (six months from publication of M-13-13) ...Project Open DataPODThe White House developed Project Open Data – this collection of code, tools, and case studies – to help agencies adopt the Open Data Policy and unlock the potential of government data. Project Open Data will evolve over time as a community resource to facilitate broader adoption of open data practices in government. Anyone – government employees, contractors, developers, the general public – can view and contribute. Learn more about Project Open Data Governance and dive right in and help to build a better world through the power of open data. http://project-open-data.github.io/governance/Office of Management and BudgetProject Open Data is managed by the Office of Management and Budget (OMB) and Office of Science and Technology Policy (OSTP), both components of the Executive Office of the President. The Federal CIO and CTO will both be actively involved, along with members of their teams.Office of Science and Technology PolicyFederal CIO Federal CTOTo provide additional clarification and detailed requirements to assist agencies in carrying out the objectives of Executive Order 13642, Making Open and Machine Readable the New Default for Government Information and OMB Memorandum M-13-13, Open Data Policy-Managing Information as an Asset. Data InventoryCreate and maintain an Enterprise Data Inventory (Inventory)1Purpose: To develop a clear and comprehensive understanding of what data assets they possess, Federal Agencies are required to create an Enterprise Data Inventory (Inventory) that accounts for all data assets created or collected by the agency. This includes, but is not limited to, data assets used in the agency’s information systems. The Inventory must be enterprise-wide, accounting for data assets across programs [^2] and bureaus [^3], and must use the required common core metadata available on Project Open Data. After creating the Inventory, agencies should continually improve the usefulness of the Inventory by expanding, enriching, and opening the Inventory (concepts described in the framework below).The objectives of this activity are to: * Build an internal inventory that accounts for data assets used in the agency’ s information systems * Include data assets produced through agency contracts and cooperative agreements, and in some cases agency-funded grants; include data assets associated with, but not limited to, research, program administration, statistical, and financial activities * Indicate if the data may be made publicly available and if currently available * Describe the data with common core metadata available on Project Open Data.Framework to Create and Maintain the Enterprise Data Inventory: Expand, Enrich, Open: Since agencies have varying levels of visibility into their data assets, the size and maturity of agencies’ Enterprise Data Inventories will differ across agencies. OMB will assess agency progress toward overall maturity of the Enterprise Data Inventory through the maturity areas of “Expand,” “Enrich,” and “Open.”ExpansionAdding additional data assets to the Inventory.1.1Expand: Expanding the inventory refers to adding additional data assets to the Inventory. Agencies should develop their own strategy to expand the inventory and break down the work according to agency-defined classes of data [^4]. Agencies should communicate their plans for expanding the Inventory in the Inventory Schedule (described in the minimum requirements). As agencies develop an Inventory Schedule, they may find it helpful to group their data assets into classes of data. The following list provides examples of classes agencies may use as they schedule the expansion of the Inventory: * Agency operating units (for example, bureaus or offices) * Federal Program Inventory on Performance.gov * Common business areas or segments, such as those described in the Business Reference Model or the Budget Function Codes of budget accounts * Agency strategic objectives on Performance.gov and the Performance Reference Model * Types of data from [Data Reference Model] (http://www.whitehouse.gov/omb/e-gov/fea) * Existing listings of certain types of data assets, such as Information Collection Requests (ICR) submitted to OMB under the Paperwork Reduction Act (as listed on reginfo.gov [^5]) and/or files posted on the agency’s public website * Data assets already prioritized by the agency in response to other Administration initiatives [^6] * Primary related IT investments from the Federal IT Dashboard [^7] * Agency-defined prioritizations of data assets * Other classes or criteriaExample ways to evaluate “Expand” maturity: How has the Inventory expanded over time to include additional data assets? What “classes” of data (for example, financial, performance, scientific, regulatory, etc.) have been added or are planned to be added? Are all bureaus and programs represented in the Inventory? If not, what percentage is?*EnrichmentEnrich the Inventory over time by improving the quality of metadata describing each data asset.1.2Enrich: To improve the discoverability, management, and re-usability of data assets, agencies should enrich the Inventory over time by improving the quality of metadata describing each data asset. For example, agencies may:* increase the number of keyword tags,* clarify descriptions of data, or* add additional metadata fields consistent with existing communities of practice or use cases.Project Open Data provides metadata requirements, additional optional metadata fields, and examples of metadata areas (see Appendix for examples). To improve the management of IT systems through the Inventory, agencies are encouraged to include the Primary Related IT Investment Unique Investment Identifier (UII) as a metadata field. As they work to enrich data assets, agencies should carefully weigh the potential value of efforts to improve data description or increase the number of metadata fields against the potential associated burden. Agencies should work to avoid the risk of duplicative metadata and work toward adopting uniform schema. To that end, agencies should draw on the expertise of existing communities of practice [^8], review standard taxonomies [^9], and coordinate across the government to harmonize definitions when adopting additional metadata fields.Example ways to evaluate “Enrich” maturity: How has the agency improved the quality of metadata for each record? Are effective keywords and clear language used in data descriptions? Are additional metadata fields applying best practices from Project Open Data? Has the agency developed policies and procedures for populating these fields consistently? Has the agency linked the Inventory to federal IT management by including the Primary Related IT Investment Unique Investment Identifier (UII)?*KeywordsIncrease the number of keyword tags1.2.1Data DescriptionsClarify descriptions of data1.2.2MetadataAdd additional metadata fields consistent with existing communities of practice or use cases1.2.3OpennessImplement tools and processes that will accelerate the opening of additional valuable data assets1.3Open: Agencies should implement tools and processes that will accelerate the opening of additional valuable data assets by making them public and machine-readable, while ensuring adequate policy, process, and technical safeguards are in place to prevent against the release of sensitive data. Agencies are required to increase the number of public data assets included in the Public Data Listing (described in the next section) over time. Agencies should work toward increasing the ratio of data that are public and machine-readable to data that can be made public as measured in the Inventory.Example ways to evaluate “Open” maturity: How many releasable data assets have been released in the Public Data Listing? How have more data assets been released in accordance with the “open data” principles over time?*Public Data ListingCreate and maintain a Public Data Listing2Purpose: To improve the discoverability and usability of data assets, all federal agencies must develop a Public Data Listing, which contains a list of all data assets that are or could be made available to the public. This Public Data Listing, posted at www.[agency].gov/data.json, would typically be a subset of the agency’s Inventory. This will allow the public to view agencies’ open data assets and subsequent progress as additional data assets are published.Agencies, at their discretion, may choose to include entries for non-public data assets in their Public Data Listings, taking into account guidance in section D. For example, an agency may choose to list data assets with an ‘accessLevel’ of ‘restricted public’ to make the public aware of their existence and the process by which these data may be obtained.Agencies’ Public Data Listings will be used to dynamically populate the newly renovated Data.gov, the main website to find data assets generated and held by the U.S. Government. Data.gov allows anyone from the public to find, download, and use government data. The upcoming re-launch of Data.gov (currently in beta at next.data.gov) will automatically aggregate the agency-managed Public Data Listings into one centralized location, using the common core metadata standards and tagging to improve the user ability to find and use government data.The objectives of this activity are to: * List any data assets in the agency’s Enterprise Data Inventory that can be made publicly available * Publish Public Data Listing at www.[agency].gov/data.json * Include data assets produced through agency-funded grants, contracts, and cooperative agreementsCustomer EngagementCreate a process to engage with customers to help facilitate and prioritize data release3Purpose:Identifying and engaging with key data customers to help determine the value of federal data assets can help agencies prioritize those of highest value for quickest release. Data customers include public as well as government stakeholders [^17]. All Federal Agencies will be required to engage public input and reflect on how to incorporate customer feedback into their data management practices. Agencies may develop criteria at their discretion for prioritizing the opening of data assets, accounting for a range of factors, such as the quantity and quality of user demand, internal management priorities, and agency mission relevance. As customer feedback mechanisms and internal prioritization criteria will likely evolve over time and vary across agencies, agencies should share successful innovations in incorporating customer feedback through interagency working groups and Project Open Data to disseminate best practices. Agencies should regularly review the evolving customer feedback and public engagement strategy.The objectives of this activity are to: * Create a process to engage with customers through www.[agency].gov/data pages and other appropriate channels * Make data available in multiple formats according to customer needs * Help agencies prioritize data release through the Public Data Listing and management efforts to improve data discoverability and usabilityUnreleasible DataDocument if data cannot be released4PurposeThe Open Data Policy requires agencies to strengthen and develop policies and processes to ensure that only the appropriate data are made available publicly. Agencies should work with their Senior Agency Official for Privacy and other relevant officials to ensure a complete analysis of issues that could preclude public disclosure of information collected or created. If the agency determines the data should not be made publicly available because of law, regulation, or policy or because the data are subject to privacy, confidentiality, security, trade secret, contractual, or other valid restrictions to release, agencies must document the determination in consultation with their Office of General Counsel or equivalent. The agency should designate one of three “access levels” for each data asset listed in the inventory: public, restricted public, and non-public. The descriptions of these categories can be found below and on Project Open Data.The objectives of this activity are to: * Review information for valid restrictions to public release in order to ensure proper safeguarding of privacy, security, and confidentiality of government information * Document reasons why a data asset or certain components of a data asset should not be made public at this time * Consult with agency’s Senior Agency Official for Privacy and general counsel regarding the barriers identified * Encourage dialogue regarding resources necessary to make more data assets publicAs part of an agency’s analysis to assign a general access level to each data asset [^19], agencies should consult section ##III.4 of the OMB Memorandum M-13-13, and Executive Order 13556. Specifically, agencies are required to incorporate the National Institute of Standards and Technology (NIST) Federal Information Processing Standard (FIPS) Publication 199 “Standards for Security Categorization of Federal Information and Information Systems,” which includes guidance and definitions for confidentiality, integrity, and availability. Agencies should also consult with the Controlled Unclassified Information (CUI) program to ensure compliance with CUI requirements, the National Strategy for Information Sharing and Safeguarding and the best practices found in Project Open Data. In addition to complying with the Privacy Act of 1974, the Paperwork Reduction Act, the E-Government Act of 2002, the Federal Information Security Management Act (FISMA), and the Confidential Information Protection and Statistical Efficiency Act (CIPSEA), and other applicable laws, agencies should implement information policies based upon Fair Information Practice Principles, OMB guidance, and NIST guidance on Security and Privacy Controls for Federal Information Systems and Organizations.Roles & ResponsibilitiesClarify roles and responsibilities for promoting efficient and effective data release5Purpose:Agencies should identify points of contact for the following roles and responsibilities related to managing information as an asset: * Communicating the strategic value of open data to internal stakeholders and the public; * Ensuring that data released to the public are open, as appropriate, and a point of contact is designated to assist open data use and to respond to complaints about adherence to open data requirements; * Engaging entrepreneurs and innovators in the private and nonprofit sectors to encourage and facilitate the use of agency data to build applications and services; * Working with agency components to scale best practices from bureaus and offices that excel in open data practices across the enterprise; * Working with the agency’s Senior Agency Official for Privacy (SAOP) or other relevant officials to ensure that privacy and confidentiality are fully protected; and * Working with the Chief Information Security Officer (CISO) and mission owners to assess overall organizational risk, based on the impact of releasing potentially sensitive data, and make a risk-based determination.2013-08-20http://project-open-data.github.io/implementation-guide/OwenAmburOwen.Ambur@verizon.net