Current Information Directives

The directives listed on this page include their associated policies, procedures, standards and guidance. All directives on this page are in effect. Download the EPA IT Directives Archives (zip) .

IT/IM Program Management

CIO Number	Title	Related Documents
CIO 2101.1	Limited Personal Use of Government Office Equipment Policy	Not Applicable
CIO 2102.0	Senior Information Officials	Not Applicable
CIO 2103.0	Forms Management Policy	Procedures Forms Management Procedure
CIO 2104.2	Software Management and Piracy Policy	Procedures Software Management and Piracy Procedure
CIO 2105.1	Environmental Information Quality Policy	Procedures Environmental Information Quality Procedure EPA QA Field Activities Procedures CIO Notification for Environmental Data Quality Issues Procedure
CIO 2120.3	Interim Capital Planning and Investment Control Program Policy	Procedures Interim Capital Planning and Investment Control Procedures Earned Value Management Procedure
CIO 2121.2	System Life Cycle Management (SLCM) Policy	Procedures System Life Cycle Management (SLCM) Procedure
CIO 2122.1	Enterprise Architecture Policy	Procedures Enterprise Architecture Governance Procedure Information Technology Infrastructure Standards Procedure Data Exchange Procedure
CIO 2123.2	Configuration Management Policy	Procedures Configuration Management Procedure Standards Personal Computer Configuration and Management Standard (and Interim Update)
CIO 2124.1	Internet Protocol Version 6 (IPv6) Compliance Policy	Not Applicable

Information Management

CIO Number	Title	Related Documents
CIO 2130.2	Section 508 Policy	Procedures Section 508 Acquisition Procedure Section 508 Testing Procedure Section 508 Exceptions Procedure
CIO 2131	National Geospatial Data Policy	Procedures National Geospatial Data Procedures
CIO 2133.0	Data Standards	Procedures Data Standards Development Procedures Data Standards Maintenance Procedures Data Standards Implementation Procedures Data Standards Waiver Procedures
CIO 2134.0	Information Collection Policy	Procedures Cross-Media Electronic Reporting Regulation (CROMERR) Implementation Procedure
CIO 2135.1	Enterprise Information Management Policy (EIMP)	Procedures Enterprise Information Management (EIM) Cataloguing Information Procedure Standards Enterprise Information Management (EIM) Minimum Metadata Standards
CIO 2136.0	Electronic Signature Policy	Procedures Electronic Signature Procedure
CIO 2137.0	Unmanned Aircraft Systems (UAS) Policy	Not Applicable

Security & Privacy

CIO Number	Title	Related Documents
CIO 2150.5	Information Security Policy	Procedures Information Security – Access Control Procedures Information Security – Awareness and Training Procedures Information Security – Audit and Accountability Procedures Information Security – Security Assessment and Authorization Procedures Information Security – Interim Configuration Management Procedures Information Security – Contingency Planning Procedures Information Security – Identification and Authentication Procedure Information Security – Incident Response Procedures Information Security – Interim Maintenance Procedure Information Security – Media Protection Procedures Information Security – Information Security – Interim Physical and Environmental Protection Procedures Information Security – Interim Planning Procedures Information Security – Interim Personnel Security Procedures Information Security – Risk Assessment Procedures Information Security – Interim System and Services Acquisition Procedures Information Security – Interim System and Communications Protection Procedures Information Security – Information Security – Interim System and Information Integrity Procedures Information Security – Roles and Responsibilities Procedures Spillage of Classified Information onto Unclassified Systems Procedure Information Security – Privacy Procedures Information Security – Program Management Procedures Information Security - Data Loss Prevention Procedure Standards Information Security – National Rules of Behavior Guidance Information Security – Guidance for Manually Completing the Information Security Awareness Training
CIO 2151.1	Privacy Policy	Procedures Responding to Personally Identifiable Information (PII) Breach Procedure Procedures for Preparing and Publishing Privacy Act Systems of Records Notices Procedures for Preparing Privacy Impact Assessments Procedures for Preparing Privacy Act Statements Personally Identifiable Information (PII) Incident Handling & Response Procedure Conducting Privacy On-Site Reviews Procedure Processing Privacy Act Requests Procedure Computer Matching Agreement Procedure Protecting Sensitive Personally Identifiable Information (SPII)
CIO 2154.3	Mobile Computing Policy	Procedures International Travel Procedures for Mobile Devices Mobile Computing Management Procedure
CIO 2158.0	Interim Controlled Unclassified Information (CUI) Policy	Not Applicable

Records

CIO Number	Title	Related Documents
CIO 2155.5	Records Management Policy	Procedures Procedures for Electronic Management of Rulemaking and Other Docketed Records in the Federal Docket Management System Collection and Retention Procedures for Electronically Stored Information (ESI) Collected Using E-Discovery Tools Preservation of Separating, Transferring or Separated Personnel Records Digitization (Scanning) Procedure Digitization (Scanning) Standard Managing Social Media Records Procedure Essential Records Procedure Preserving Agency Information of Separating Personnel
CIO 2156.0	Preservation of Separated Personnel’s Electronically Stored Information Subject to Litigation Holds	Not Applicable
CIO 2159.0	Discovery Services Policy	Not Applicable

CIO Number

Title

Procedures

CIO 2156.0

Preservation of Separated Personnel’s Electronically Stored Information Subject to Litigation Holds

Not Applicable

CIO 2159.0

Discovery Services Policy

Not Applicable

Information Access

CIO Number	Title	Related Documents
CIO 2170.2	EPA National Library Network Policy	Procedures, Standards and Guidance EPA Library Disaster Response and Continuity of Operations (COOP) Procedures EPA Library Cataloging Procedures EPA Library Collection Development & Management Procedures EPA Library Network Communication Strategies Digitization Processes for EPA Libraries EPA Library Facility Management Procedures EPA Library Interlibrary Loan/Document Delivery Procedures EPA Library Materials Dispersal Procedures EPA Library Public Access Procedures EPA Library Reference and Research Services Procedures EPA Repository Library Management Procedures EPA National Library Network Standards for Core Library Services EPA Library Usage Statistics Procedures
CIO 2171.0	Information Access Policy	Procedures Information Access Procedures

CIO Number

Title

Procedures, Standards and Guidance

CIO 2171.0

Information Access Policy

Procedures

Information Access Procedures

Web

CIO Number	Title	Related Documents
CIO 2180.2	Web Governance and Management Policy	Procedures Cookies and Other Tracking Methods Procedure
CIO 2181.0	Posting Copyrighted Works on EPA Web Site	Guidance Posting Copyrighted Works on EPA Web Site "Copyright Policy" Guidance
CIO 2182.1	Children's Privacy and Children's Copyright Policy	Guidance Children's Privacy Notice Guidance
CIO 2184.0	Social Media Policy	Procedures Using Social Media to Communicate Internally at EPA Procedure Using Social Media to Communicate with the Public Procedure Representing EPA Online Using Social Media Procedure

General CIO Directives

CIO Number	Title	Related Documents
CIO 2190.0-P-01.0	Reviewing and Updating Agencywide Directives Administered by the EPA CIO	Not Applicable

Current Information Directives

On this page:

IT/IM Program Management

Procedures

Procedures

Procedures

Procedures

Procedures

Procedures

Procedures

Standards

Information Management

Procedures

Procedures

Procedures

Procedures

Procedures

Standards

Procedures

Security & Privacy

Procedures

Standards

Guidance

Procedures

Procedures

Records

Procedures

Information Access

Procedures, Standards and Guidance

Procedures

Web

Procedures

Guidance

Guidance

Procedures

General CIO Directives