standard and optional forms procedural handbook · form, using standard form 152, request for...

Standard and Optional Forms

Procedural Handbook

GSA, Standard and Optional Forms

Management Office

202.501.0581

STANDARD AND OPTIONAL FORMS PROCEDURES GENERAL TABLE OF CONTENTS

CHAPTER 1. WHAT IS THE STANDARD AND OPTIONAL FORMSMANAGEMENT PROGRAM?

CHAPTER 2. HOW DO I REQUEST THE CREATION, REVISION,CANCELLATION OR EXCEPTION OF A STANDARD OROPTIONAL FORM

CHAPTER 3. WHAT ARE ELECTRONIC/AUTOMATED STANDARD ANDOPTIONAL FORMS

CHAPTER 4. WHAT IS THE INTERAGENCY COMMITTEE ON MEDICALRECORDS

CHAPTER 5. WHAT OTHER INFORMATION SHOULD I KNOW ABOUT THESTANDARD AND OPTIONAL FORMS PROGRAM

APPENDIX A. WHAT STANDARD AND OPTIONAL FORMS CAN NOT BEAUTOMATED/ELECTRONICALLY GENERATED

APPENDIX B. WHAT ARE SOME GUIDELINES ON DESIGNING STANDARDAND OPTIONAL FORMS.

APPENDIX C. INSTRUCTIONS AND SAMPLES OF COMPLETING SF 152,CLEARANCE

APPENDIX D. GUIDELINES ON THE GOVERNMENT PAPERWORKELIMINATION ACT AND ELECTRONIC SIGNATURES

CHAPTER 1. WHAT IS THE STANDARD AND OPTIONAL FORMS MANAGEMENT PROGRAM?

1. What are the general provisions of this program?

a. What is the purpose of this program? This handbook prescribes the standards,methods, techniques, and operating procedures for the Standard and Optional FormsManagement Program. This will include procedures for: (1) obtaining approval for new,revised, or cancelled forms; (2) obtaining approval for exceptions to forms; and (3)generating electronic forms. It also specifies agencies' responsibilities for developing,issuing, sponsoring, and managing Governmentwide forms through the Standard andOptional Forms Management Program.

b. Who do these provisions apply? The provisions of this handbook apply to allFederal agencies engaged in (a) developing, writing, and reviewing procedures andsystems on Standard and Optional forms and (b) managing, reproducing or procuring,distributing, stocking, replenishing and controlling Standard and Optional formsprescribed by their agency.

c. What are the common definitions of forms management?

(1) "Content exception" means an addition, change to, or deletion of one or moredata elements on a Standard or Optional Form.

(2) "Electronic form" is an officially prescribed set of data residing in an electronicmedium that can be used to produce a mirror-like image or as near to a mirror-likeimage as the creation software will allow of the officially prescribed form or be purelyprescribed fields for collecting the data that can be integrated, managed, processed,and/or transmitted through an organization's information processing systems. There arebasically two types of electronic forms - one that is part of an automated transaction andone where the image/data elements reside on a computer.

(3) "Exception" means that an issuing or sponsoring agency approved a change tothe content, format, or printing of a Standard or Optional form.

(4) "Form" is a fixed arrangement of captioned spaces designed for gathering,organizing, and transmitting prescribed information quickly and efficiently. A form isconsidered a record and complies with all regulations cited in FMR 102-93, 44 USC3101 and 36 USC 1220.30.

(5) "Format" is a guide, table, template, sample, or exhibit that illustrates apredetermined arrangement or layout for presenting data.

(6) "Interagency report" means data collected from other Federal agencies.

(7) "Local reproduction" means an agency has permission to copy the formthemselves and does not have to purchase through the Federal Supply Service.

(8) "Mirror-like image" means a graphical replica of the official image created bycomputer software to the best exactness as the software will allow. Some variations willbe expected in fonts, margins, exact size of entry field.

(9) "Non-form item" means a printed product without spaces for entering information.Some non-form items are part of the Standard and Optional Forms Program so thatthey may be controlled Governmentwide.

(10) "Official Image" means the approved image issued for use throughout theFederal government.

(11) "Optional Form" means a form developed by a Federal agency for use in two ormore agencies and approved by GSA for non-mandatory Governmentwide use.

(12) "Overprinting" means the printing of pertinent identical entries (e.g., agencyname, accounting codes) in a captioned area on a Standard or Optional Form.Overprints are not exceptions.

(13) "Printing exceptions" means changes in the printing specifications of a Standardor Optional Form, i.e., changes to the color, size or type of paper; changes in color ortype of ink; the establishment of multi-part sets and marginally punched constructions inlieu of cut sheets; and use of an alternative printing technology (e.g., electronicallygenerated forms may require a printing exception or a format exception).

(14) "Promulgating agency" means any Federal agency that develops a Standard orOptional Form and prescribes the mandatory Governmentwide use of that form.

(15) "Public use report" means the collection of data from the public or state or localgovernments that follows Federal laws and regulations.

(16) "Standard Form" means a fixed or sequential order of data elements, assigneda Standard Form number, prescribed by a Federal agency through regulation, andapproved by GSA for mandatory Governmentwide use.

d. What are the acronyms used in this handbook?

CFR Code of Federal RegulationsFIPS Federal Information Processing StandardsFMR Federal Management RegulationGSA General Services AdministrationICMR Interagency Committee on Medical RecordsOMB Office of Management and BudgetGPEA Government Paperwork Elimination Act

e. What are the goals of this program? The objectives of the Standard and OptionalForms Management Program are to provide for:

(1) Increased productivity and economy through simplified, cost-effective practicesand procedures for designing, creating, printing, electronically generating, stocking,distributing, using and managing Governmentwide Standard and Optional Forms andexceptions.

(2) The creation of Standard and Optional Forms based on a valid need and incompliance with applicable laws and regulations, including the Freedom of InformationAct (5 U.S.C. 552), the Privacy Act of 1974 (5 U.S.C. 552a), and Federal InformationProcessing Standards (FIPS).

(3) The elimination of unnecessary forms, regardless of media.

(4) Improved Governmentwide communication and economies through coordinationof the program with other interagency information resources management activities andprograms.

(5) Conservation of natural resources through elimination of paper forms to themaximum extent possible.

2. What are GSA's responsibilities for this program? In carrying out its responsibilitiesunder the Standard and Optional Forms Management Program, GSA will:

a. Promote the simplification of Governmentwide procedures and improve officeproductivity through encouraging the development of new and revised Standard andOptional Forms.

b. Approve or disapprove requests for new or revised Standard and Optional Forms.

c. Maintain and distribute (via the internet) to all agencies a listing of current agencyliaison representatives and current information about the forms.

d. Issue copies of all Standard and Optional Forms on GSA's web site. This site willreplace the Standard and Optional Facsimile Handbook.

e. Coordinate with GSA's Interagency Reports Management program on theapproval of new and revised Standard and Optional Forms that are InteragencyReports.

f. Coordinate with GSA' Public Burden Reports Management program on theapproval of new and revised Standard and Optional Forms that are Public Use Reports.

g. Issue guidance on the design and development of Standard and Optional Formsfor both paper and electronic media.

3. What are the agency responsibilities under this program? FPASR requires eachagency to:

a. Promulgate Governmentwide Standard Forms pursuant to the agency's statutoryor regulatory authority. If more than one agency shares the responsibility of statutory orregulatory authority, establish guidelines on which agency (normally or a rotationsystem) will sponsor the forms. Establish and issue in the FEDERAL REGISTER,governmentwide procedures prescribing the use and availability of all Standard andOptional Forms which it promulgates or sponsors. When sponsoring Optional Forms,making sure two or more agencies will use the form.

b. Obtain GSA approval for each new, revised, or canceled Standard and Optionalform, using Standard Form 152, Request for Clearance or Cancellation of a Standard orOptional Form 60 days (if possible) prior to planned implementation. See chapter 2 forspecific instructions.

c. Provide GSA with [both an electronic and paper version of the ]an official image ofthe Standard or Optional Form the agency promulgates, prior to implementation. If formis generated electronically, contact GSA. See chapter 2 for further instructions.

d. Designate an agency-level Standard and Optional Forms liaison representativeand alternate to coordinate all matters relating to Standard and Optional Forms. GSA isto be notified in writing of each designee's name, title, mailing address, telephonenumber, and e-mail address. All communications concerning designees shall beforwarded to GSA at the following address:

General Services Administration (Forms-XR)1800 F Streets, NW; Room 7126Washington, DC 20405-0002

e. Annually review all Standard and Optional Forms which the agency promulgates,including exceptions, for improvement, consolidation, cancellation, or possibleautomation.

f. Request approval to overprint Standard and Optional Forms by contacting GSA.

g. Coordinate all matters concerning health care related Standard and OptionalForms through the Interagency Committee on Medical Records (ICMR). For additionalinformation on the ICMR, contact GSA at the address shown above.

h. Establish, issue, and implement internal procedures for compliance with theStandard and Optional Forms Management Program.

i. Ensure that new and revised Standard and Optional Forms and any exceptions donot duplicate forms already available under the Standard and Optional FormsManagement Program.

j. Make maximum use of electronically generated Standard and Optional Forms.Promote economic and efficient use of electronically generated forms. Ensure theagency complies with the provisions of the Government Paperwork Elimination Act(GPEA), and all guidance issued by OMB and other responsible agencies. In particular,

agencies should allow Standard and Optional forms to be electronic/automated unlessthe form cannot (see Chapter 3).

k. Maintain records documenting all agency Standard and Optional Forms actions.

l. Ensure that all agency electronically generated Standard and Optional Formsconform to the regulation and procedures prescribed in this handbook. Standard andOptional Forms not recommended for electronic generation are listed in Appendix A.

m. Make available for local reproduction those forms with an anticipated or actualGovernmentwide annual usage of 5,000 or less. Full size illustrations of these formsshould be included in the prescribing regulation or form announcement, or otherwise bemade available to users, and should be clearly annotated, "AUTHORIZED FOR LOCALREPRODUCTION."

n. Review, analyze, and approve or disapprove all requests for exceptions toStandard and Optional Forms, including electronic forms or automated formatspromulgated or sponsored by the agency. Standardize these requests at the Standardand Optional Forms Liaison Office level. In this way if different bureaus/offices within anagency want the same type of exception, one approval is granted for the use of thewhole agency/department. For example, a request originating in the Department of theArmy would be approved for the use by the entire Department of Defense. Thisexample covers all government agencies with major organizational break downs(bureau, services, etc.).

o. Coordinate the development, revision, or cancellation of Standard and OptionalForms with user agencies.

p. Prohibit the use of forms or exceptions which have been canceled.

q. Notify GSA of any problems with the printing, stocking, and disposal of Standardand Optional forms.

r. Coordinate with OMB on the approval of new and revised Standard and Optionalforms that are within OMB's paperwork burden clearance jurisdiction.

s. Notify other offices within the agency of all Standard and Optional formsinformation they receive (i.e., Standard and Optional Forms Clearance Registers).

t. Notify GSA of the replacement of any Standard or Optional form by an automatedformat or electronic form, and whether the paper form should continue to be stocked.

CHAPTER 2. HOW DO I REQUEST THE CREATION, REVISION, CANCELLATIONOR EXCEPTION OF A STANDARD OR OPTIONAL FORM?

PART 1. HOW ARE STANDARD AND OPTIONAL FORMS CREATED, REVISED, ORCANCELLED?

1. What are the basic procedures to create or revise a Standard or Optional form? Theagency's Standard and Optional Forms liaison officer submits to GSA, one copy ofeach of the following:

a. A Standard Form 152, Request for Clearance or Cancellation of a Standard orOptional Form.

b. A brief justification statement explaining the need for the new form or in thecase of a revision, all changes made. If the form should not be electronically generated,automated, or locally reproduced without the agency's permission, state this so thatGSA will add the form number and title to the list at Attachment A of this handbook.

c. The form and an electronic file of the form if available. Electronic file means theimage of the form was designed on the computer. Please contact Forms Management(GSA/Forms-XR) for acceptable electronic formats. If the form will be stocked in a papermedium, include either a draft if the Government Printing Office is composing/printing ora camera copy/printed image if the Federal Supply Service is stocking. When the formwill be locally reproduced, please place (preferrably in the lower left hand corner of theimage) the following statement: 'AUTHORIZED FOR LOCAL REPRODUCTION."Forms can be stocked by FSS/GPO or by the issuing agency as local reproduction orprinted. If the form will be strictly electronic (i.e, part of an electronic transaction),include a list of the mandatory data elements for agencies to use as a basis for a form.

d. A printing requisition (either SF 1 or SF 1C) and a copy of the specifications forforms being printed and stocked in the Federal Supply System. All proofs for printedforms are sent directly to the issuing agency for approval/disapproval.

e. Commitment from two potential user agencies of their projected annual usage.This requirement is only for Optional Forms that need stocking in the Federal SupplyService because of special distribution or control. Do not include the promulgator asone of the two potential users. This requirement is waived if: a. you are changing alarge demand Standard Form into an Optional Form (for example, SF 1012, TravelVoucher changed to OF 1012, Travel Voucher); or b. the form lends itself for "localreproduction".

f. A copy of the regulation/order/directive requiring the creation or revision of theform. Make sure this document mentions the use of this form. A final draft copy of theissuance is acceptable. The identifier of the regulation/order/directive (for example,FAR 48 CFR 53.229 or CSRS/FERS Handbook for Personnel and Payroll Office) mustappear on the form close to the form's number.

g. An announcement of the approved new or revised Standard or Optional Formsthat will be published in the FEDERAL REGISTER. The announcement should include:

(1) Form number, title, and purpose;

(2) Instructions of use (i.e., how to prepare, number of copies required, etc.) if notmentioned in the regulation/order/directive.

(3) No electronic generation, automation, or local reproduction without theagency's permission;

(4) Implementation date;

(5) Approximate availability date;

(6) Disposition of present stock (for revisions);

(7) Supply source (Federal Supply Service, local reproduction, or stocked byoriginator); and

(8) National Stock Number, when applicable.

h. Copies of other supporting documents as required, i.e., OMB approval notice,Interagency Report approval notice, etc.

i. Send the completed SF 152 package to:

General Services Administration (Forms-XR) 1800 F Street, NW; Room 7126 Washington, DC 20405-0002

2. What are the basic procedures to cancel a Standard or Optional form? Follow itemsa, b, and g above. For item g, only an announcement stating the form is cancelled andwhy is needed.

3. What will GSA do with the request? GSA has the following specific responsibilitiesfor forms approval:

a. Verify that the request contains all relevant information.

b. Review form for good design and compatibility for future automation. If theappearance of the form does not meet these criteria, a suggested image will be sent tothe promulgating agency. Also review prescribed data elements for flow and clarity forautomated forms. See Appendix B for guidance on forms design.

c. Ensure that approval will not result in duplicate forms or a repetitive collection ofsimilar data elements.

d. For approved requests, sign, assign an edition date, and a form number (for newforms).

e. Notify the requesting agency and GSA's Federal Supply Service of the decision onthe approved Standard Form 152.

f. Enter the approved form in the Standard and Optional Forms Inventory.

g. Notify all agencies of the action by issuing a Clearance Register notice.

h. Load image on GSA's Forms web page. For a cancelled form, only an entry aboutthe cancellation is loaded.

i. For requests that are disapproved, notify the requesting agency of the decision onthe submitted Standard Form 152.

Actions will be held for a predetermined time not to exceed 1 year. After that period, ifno status and/or action has occurred, Forms-XR will make a decision on the form.

4. How do I clear new or revised reporting forms?

a. Interagency Reports. When an agency creates or revises a Standard or OptionalForm in conjunction with an interagency reporting requirement, the agency shouldsubmit to GSA a Standard Form 360, Request for Clearance of an InteragencyReporting Requirement, before submitting the paperwork described in Item 1 above.Such a form will need current interagency reporting clearance before it is approved as aStandard or Optional Form.

b. Public Burden Reports. Under 5 CFR 1320, Standard and Optional Formsrequire approval by OMB (44 U.S.C. 3501-3513) when they are to be used to collectinformation from the public, or state or local governments, or are the basis of generalpurpose statistics. Agencies should submit the proper paperwork to OMB and receiveapproval before sending the SF 152 package (on new or revised forms) to GSA forapproval. When the burden is renewed on existing forms, submit to GSA a currentimage of the form along with the OMB approval notice. A form does not need to berevised if only the expiration date is being changed.

PART 2. HOW ARE EXCEPTIONS TO STANDARD FORMS REQUESTED?

5. What are exceptions to Standard Forms and what should I think about beforerequesting one?

a. Request an exception to a Standard Form only when the agency can demonstratethat the difference in the content, format, or printing specifications of the exception iscost-effective. Electronically generated versions of Standard Forms require exceptionapproval only when they do not comply with the guidelines in Chapter 3.

b. Use of an Optional form is non-mandatory unless adopted for use within aspecific agency. Therefore, if an agency elects not to use an optional form, noexception is required.

c. Agencies must arrange for reproduction and stocking of its approved exceptions.

6. How do I request an exception?

a. An agency's liaison officer should submit an exception request by letter/memo tothe promulgating agency's Standard and Optional Forms liaison officer. The requestshould include a justification statement and a copy of the proposed form. Thejustification statement should explain the reasons for the request, including why theexisting Standard or Optional Form cannot be used or is not economical as prescribed,and the proposed alterations or changes and the reasons for each. A copy of thisrequest should also be sent to GSA/Forms-XR at the address in paragraph 1h above.Agencies may electronically generate forms approved as exceptions without furtherapproval.

b. Exception requests will be reviewed and analyzed by the promulgating agency'sStandard and Optional Forms Liaison Officer to verify the need for the exception, thecompleteness of the documentation, compliance with promulgated regulations, and thegoals of the Standard and Optional Forms Management Program outlined in the FPASRand this handbook. The promulgating agency should also review the request to limitunnecessary variations of the form for economy of application and, in the case ofelectronic forms, for need of clearance; and work with the requesting office to clarify allissues.

c. The promulgating agency shall approve or disapprove exception requests byletter/memo. One copy of the response will be returned to the requested agency, and acopy will be sent to GSA/Forms-X at the address in paragraph 1i. above.

d. If the exception is approved, the following statement must appear on the form(preferably at the bottom): EXCEPTION TO SF XXX APPROVED BY [Issuing agencyname] [date of approval]. If the approved exception involves an "accountable" form, youwill need to request a block of numbers from the Federal Supply Service at the followingaddress:

General Services Administration (7FXM)General Products Commodity Center819 Taylor StreetFort Worth, TX 76102

7. What happens to my exception when the Standard or Optional form is revised orcancelled?

a. Content and format exceptions (including electronic versions) become void whenthe affected Standard or Optional form is revised or canceled by the promulgatingagency, or when the exception is altered.

b. Printing exceptions of a Standard or Optional Form are cancelled when therevised form meeting a user's need is stocked by GSA's Federal Supply Service.

c. If the form is revised and the agency still needs their exception, a justification inwriting should be sent to the promulgating agency (with a copy to GSA/Forms-XR)within 60 workdays after the revision of the Standard or Optional Form.

CHAPTER 3. WHAT ARE ELECTRONIC/AUTOMATED STANDARD AND OPTIONALFORMS?

1. With the advent of the microcomputer, graphic software, and other technologicaladvances, the work of forms design, printing, distribution, and completion has changed.The basic concepts of forms management, however, are still valid. The new techniquesand technologies do not change any of the basic forms management principles.

2. What is the definition of an electronic form? An electronic Standard or Optional formis an officially prescribed set of data residing in an electronic medium with exactsequence as prescribed by the issuing agency or that is used to produce a mirror-likeimage or as near to a mirror-like image as the creation software will allow of the officiallyprescribed form. There are basically two types of electronic forms - one that is part ofan automated transaction and one where the image/data elements reside on acomputer. These forms can be integrated, managed, processed, and/or transmittedthrough an organization's information processing workflow systems.

3. What are the guidelines for creating electronic Standard and Optional forms?Federal agencies may electronically generate Standard and Optional Forms withoutexception approval provided each form conforms to the following guidelines:

a. Review the "List of Standard and Optional Forms Not To Be ElectronicallyGenerated/Automated" in Attachment A. Forms listed in Attachment A may not becreated without exception approval. Agencies will provide GSA with updates to this listby making the decision on forms fall into this category.

b. Check with Forms Management, GSA on whether someone else has automatedthe form.

c. Try to create electronic forms that are used to collect information from the public.

d. An electronic reproduction must be complete, containing all instructions andquestions which appear on the current official form. The wording and punctuation of allitems, instructions, and identifying information must match. No data elements may beadded or deleted. The sequence and format for each item on the form must bereproduced to the highest degree possible.

(1) For electronic forms where the image resides on a computer, try to have eachitem appear on the same page in approximately the same location if at all possible.Forms printed face to back on the original may be printed on single sheets providedeach page is identified with the form number, page number (if applicable), and editiondate. Likewise, multiple part sets may be printed as single sheets. The final form mustbe created using the same dimensions (length and width) as the current approvededition. All blocks must remain approximately the same size and lines must remainapproximately the same length and width. Creation software may cause problems in thisarea. If fonts make a caption two lines instead of one, it is alright to either keep thecaption at two lines or widen the box slightly to create the one line caption. If minoradjustments to items are needed because of fonts or margins for printing, this is fine

also. What is not fine is to make items overly larger or smaller than the original imageor major rearrangement of items on the form

(2) For all electronic/automated forms, agencies should consult with promulgatingagencies for guidance on how instructions (normally located on the back of forms) canbe handled (either as part of the image or help buttons/lookups).

. (3) For forms that are part of an electronic transaction, all data elements must beincluded, fall in the exact prescribed sequence and are clearly described.

e. The name and producer/vendor (if any) of the software used to create theelectronic form must appear on the face page below or near the form number. Formusers and agencies need a way to identify electronic versions of forms from printedversions or camera copies, in determining the quality and accuracy of the software, andin the overall performance of the producer/vendor.

f. The accuracy of electronically generated/automated Standard and Optional Formsis the responsibility of each agencies' Forms Management staff. Revisions must beimplemented properly and promptly. System users complete the electronic form andoften have the capability through software to design, print, fill, and distribute electronicforms. Forms managers should advise these users of agency policy and provideadvice. A good way of doing this is to get involved with automated/electronictransaction projects in the beginning to make sure forms are included and properlycreated.

g. Information on the current version of the form can be obtained from the GSAForms web site (http://www.gsa.gov/forms/forms.htm) or (http://www.fillform.gov), theInventory of Standard and Optional Forms, and the Standard and Optional FormsManagement Program (GSA/Forms-XR) personnel at GSA.

h. In the case where electronic versions differ greatly from the prescribed officialimage, the Federal agency receiving this form has the right to reject it. Upon rejection,any problems regarding the acceptability of a specific electronic version of a particularStandard or Optional Form shall be brought to the attention of all concerned Federalagencies' Liaison Representatives, the vendor (if any), and the Standard and OptionalForms Management Program (GSA/Forms-XR).

i. Electronically generated/automated Standard and Optional Forms that do notconform to these procedures and the Federal Management Regulation must be clearedas exceptions.

j. For electronic "accountable" form, you will need to request a block of numbers fromthe Federal Supply Service at the following address:

General Services Administration (7FXM)General Products Commodity Center819 Taylor StreetFort Worth, TX 76102

4. How should I manage electronic/automated Standard and Optional forms? If we failto manage electronic forms we fall prey to the bootleg form virus, and lose control of thereview process. Without controls, offices might use bootleg forms and obsoleteversions of approved forms. These uncontrolled and unmanaged forms systems mayalso result in draft forms being distributed to many offices that have no need to reviewthem and bypassing offices that have a legitimate need. With the personal computer(PC), laser printer, and software that can create a "form", it is almost inevitable thatusers will attempt to employ them to produce forms. Forms managers should be awareof the problem and provide guidance in the form of guidelines or better yet directivesspelling out agency policies regarding the creation, maintenance, and disposition ofelectronic forms.

5. If I decide to issue guidance/directives on electronic forms, what should it contain?Some possible requirements that may be included in the guidance/directive to providethe form manager with more control over the agency's electronic forms system are:

a. The form manager should manage and control the creation of agency formswhether electronic or manual;

b. Users should get approval from the office with primary responsibility beforeduplicating an existing form;

c. Users should get approval from the forms manager and the office of primaryresponsibility before modifying existing forms.

d. Users should retain and dispose of electronic records in accordance withagency retention and disposition schedules and the General Records Schedulepublished by the National Archives and Records Administration (NARA).

e. Forms management should be involved with automated/electronic transactionprojects in the beginning to make sure forms are included and properly created.

CHAPTER 4. WHAT IS THE INTERAGENCY COMMITTEE ON MEDICALRECORDS?

1. What is the Interagency Committee on Medical Records (ICMR)? This committee isresponsible for reviewing all health care related Standard and Optional Forms to ensurequality, uniformity, and adequacy of health care records of the Federal Government.The ICMR is responsible for developing new and revising medical Standard andOptional Forms, requesting cancellation of obsolete medical forms and clearingexceptions to existing medical forms. GSA is responsible for providing assistance in thepromulgation process and for serving as an administrative consultant with the ICMR.

2. How do you do business with the ICMR?

a. Address requests for new forms, suggestions for revisions to existing forms, andexceptions to forms to the Chairperson of the ICMR. This request should be submittedby letter describing the suggestion and if applicable, a copy of the proposed form.

b. Submit the request to:

General Services Administration (Forms-XR)1800 F Streets, NW; Room 7126Washington, DC 20405-0002

GSA will present the request to the members of the Committee for decision.

c. When a decision is reached, the Chairperson of the Committee will respond inwriting to the requester.

CHAPTER 5. WHAT OTHER INFORMATION SHOULD I KNOW ABOUT STANDARDAND OPTIONAL FORMS.

1. How can I get Standard and Optional forms?

a. General procedures for procuring stocks of Standard and Optional Forms fromthe Federal Supply Service can be found in FPMR 41 CFR 101-26.2 , 101-26.302,Standard and Optional Forms and U.S.C. Title 44 26-1? These regulations state thatforms are stocked by FSS and must be purchased from them unless otherwiseauthorized by GSA. If forms are stocked by FSS, you can contact the following officefor information on prices and purchases:

General Services Administration - FSS General Products Commodity Center Attn.: 7FXM 819 Taylor Street Fort Worth, TX 76102 (817) 978-2508

Agencies should also refer to local procedures for ordering Federal Supply Service oragency centrally stocked forms.

b. Standard and Optional Forms are also available from the internet(http://www.gsa.gov/forms/forms.htm) or (http://www.fillform.gov). If you cannot find theform at FSS or on the internet, you can contact GSA, Forms Management on (202) 501-0581.

2. Is there any guidance on designing Standard and Optional Forms? Yes. SeeAppendix B.

a. Pick a font family and stick with it throughout the all your forms. This font shouldalso be common enough for all software and printers to recognize, i.e., Universe,Helvetica, Times, Courier.

b. Keep it simple. Don't use black background with white text captions, or a lot oflogos/graphics. Simple forms migrate easier when recreated with software or scanned.They also load faster from the web.

c. Stay with the box style for capturing data. This method lets the filler clearly seewhere the information should go.

d. Make image as database friendly as possible. For example, when asking for anaddress, create a separate item for each of the components (street, city, state, etc.).

APPENDIX AWHAT STANDARD AND OPTIONAL FORMS CANNOT BE

AUTOMATED/ELECTRONCIALLY GENERATED?

The following Standard and Optional Forms may not be automated/electronicallygenerated without approval from the issuing agency. For additions to this list, contactthe Standard and Optional Forms Management Office personnel at the address andtelephone number in Chapter 2, paragraph 1i.

Form Number Document Title

OF 11 Reference Request - Federal Records Center

OF 16 Sales Slip - Sale of Government Personal Property

OF 17 Offer Label

OF 23 Chargeout Record

OF 24 Shelf File Chargeout Record (Letter)

OF 25 Shelf File Chargeout Record (Legal)

OF 65A U.S. Government Messenger Envelope (Small)

OF 65B U.S. Government Messenger Envelope (Medium)

OF 65C U.S. Government Messenger Envelope (Large)

OF 70A Fragile (Pressure Sensitive Label)

OF 71A Fragile (Adhesive-Backed Label)

OF 73 Method 50 Package Label (Small)

OF 78 Caution - Magnetic Equipment (50 Feet)(Label)

OF 81 999 (Label)

OF 83 NMCS (Not Mission Capable Supply) (Label)

OF 84 NMCS (Not Mission Capable Supply) (Label)


OF 86 Personal Data (Warning) (Adhesive-Backed Label)

OF 86A Personal Data (Warning) (Adhesive-Backed Label)

OF 87 Attention - Electrostatic Sensitive Devices (Adhesive-Backed Label)

OF 88 Attention - Static Sensitive Devices (Adhesive-Backed Label)

OF 99 FAX Transmittal (Label)

OF 112 Classified Material Receipt

OF 120 Diplomatic Pouch Mail Registration

OF 124 Limited Official Use - Cover Sheet

OF 158 General Receipt

OF 204 Diplomatic Pouch Tag

OF 232 Unrecognized passport/Blank Waiver Cases

OF 233 Consular Cash Receipt and Record of Fees

OF 274 Equipment Warranty (Label)

OF 288 Emergency Firefighter Time Report

OF 291 Emergency Vehicle Identification

OF 297 Emergency Equipment Shift Ticket

OF 302 Excess Property Inspection Certification

OF 304 Emergency Equipment Fuel and Oil Issue

OF 305 Emergency Equipment Rental Use Envelope

OF 346 U.S. Government Motor Vehicle Operator's Identification Card

SF 44 Purchase Order-Invoice-Voucher

SF 66 Official Personnel Folder


SF 66C Merged Records Personnel Folder

SF 66D Employee Medical Folder

SF 76 Federal Post Card Registration and Absentee Ballot Request (FPCA)

SF 87 Fingerprint Chart

SF 87A Fingerprint Chart (Without ORI Number)

SF 97 The United States Government Certificate To Obtain Title To A Vehicle

SF 98 Notice Of Intention To Make A Service Contract And Response To Notice.

SF 186 Federal Write-In Absentee Ballot

SF 215 Deposit Ticket

SF 215A Deposit Ticket (IRS)

SF 215B Deposit Ticket (Customs)

SF 215C Deposit Ticket (EFT)

SF 215C Deposit Ticket

SF 215D Deposit Ticket

SF 260A-E Firefighter Personal Property Tag

SF 261 Crew Time Report

SF 519A Radiologic Consultation Request/Report

SF 519B Radiologic Consultation Request/Report

SF 545 Laboratory Report Display

SF 546 Chemistry I


SF 547 Chemistry II

SF 548 Chemistry III (Urine)

SF 549 Hematology

SF 550 Urinalysis

SF 552 Parasitology

SF 553 Microbiology I

SF 554 Microbiology II

SF 555 Spinal Fluid

SF 556 Immunohematology

SF 557 Miscellaneous (Lab Form)

SF 700 Security Container Information

SF 703 TOP Secret Coversheet

SF 704 SECRET Coversheet

SF 705 CONFIDENTIAL Coversheet

SF 706 TOP SECRET (Label)

SF 707 SECRET (Label)

SF 708 CONFIDENTIAL (Label)

SF 709 CLASSIFIED (Label)

SF 710 UNCLASSIFIED (Label)

SF 711 DATA DESCRIPTOR (Label)

SF 712 CLASSIFIED SCI (Label)

SF 1094/1094A U.S. Tax Exemption Form

SF 1103 U.S. Government Bill of Lading


SF 1165 Receipt for Cash - Voucher

SF 1166 OCR Voucher and Schedule of Payments

SF 1166A OCR Voucher and Schedule of Payments - Memorandum

SF 1167 OCR Voucher and Schedule of Payments (Continuation Sheet)

SF 1167A OCR Voucher and Schedule of Payments (Continuation Sheet) Memorandum

SF 1169 U.S. Government Transportation Request

SF 1203 U.S. Government Bill of Lading - Privately Owned Personal Property

SF 2805 Request for Recovery of Debt Due the United States

SF 2809 Health Benefits Registration Form (FERS)

SF 2810 Notice of Change in Health Benefits Enrollment

SF 3100A Individual Retirement Record (FERS)

SF 3102 Designation of Beneficiary (FERS)

SF 3104 Application for Death Benefits (FERS)

SF 3107 FERS Application for Immediate Retirement

SF 3107-1 Certified Summary of Federal Service (FERS)

SF 3109 Election of Coverage (FERS)

SF 3112 Documentation in Support of Disability Retirement Application

SF 5515 Debit Voucher

SF 5958 OCR Check Issue Transmittal

SF 5958A OCR Check Issue Transmittal

APPENDIX BWHAT ARE SOME GUIDELINES ON DESIGNING STANDARD AND OPTIONAL

FORMS?

This is a suggestion on how to design your forms:

1. Line Rule Weights:

a. Border (or heavy line): 1/32"b. Lines dividing primary sections (or medium line): 1/72"c. Fill-in boxes (or light line): 1/144"

2. Fonts:

a. Captions: 7/8 pt. Universeb. Section Titles: 9/10 pt. Universec. Form Title: 11/12 pt. Universe Boldd. Form Identification: (1) Agency Name or Acronym: 9/10 pt. Universe Bold (2) Form Number: 9/10 pt. Universe Bold (3) Form Edition Date: 7/8 pt. Universee. Data or Fill: 10 pt. Courier (Use 6 or 8 pt. font only when necessary due to box size)

3. Margins:

a. Form (This is the blank space that surrounds the image): (1) Left: .4" (2) Right: .4" (3) Top: .5" (4) Bottom: .6667"

b. Boxes: (With captions or text): (1) Left: .02" (2) Right: .00" (3) Top: .00" (4) Bottom: .00"

If text is centered in box, margins are .00" all the way around.

(Fillable with no caption): (1) Left: .05" (2) Right: .05" (3) Top: .00" (4) Bottom: .00"

4. Spacing: a. Text (i.e., instructions): Fixed point size of font

b. Boxes: (1) Single entry: Single (2) Multiple lines: Fixed point size of font, if no caption; with caption, single.

5. Check boxes:

a. Justification: (1) Design: Left, Top (2) Fill: Center, Middle

b. Fill: One character, automatic tab, checkbox format.

c. Margins: .00" on each side.

6. Tables: Line rule weights and fonts mentioned above apply to tables.

a. Margins: (1) Column headings: .00" all the way around (2) Fill entry: (a) Centered: .00" all the way around (b) Left/Top or Bottom: Left - .05" .00" for remaining margins (c) Right/Top or Bottom: Right - .05" .00" for remaining margins

a. Tables are used if there are only one set of captions. Otherwise each box is a separate fill box.

b. If a table has tiered captions, design table with no column headings. Do captionsas separate text boxes.

7. Intelligence:

a. Provide calculations, where possible, in appropriate fields. Result of calculationis a "no overwrite" field.

b. Currency Fields:(1) Length: Fixed (number only)(2) Decimal points: 2(3) Justification (fill): Right, bottom

c. Naming Conventions:(1) Do NOT start or end a field with a number. Numbers can be included anywhere else in the name.(2) Do NOT use spaces or strange characters, any punctuation marks or symbols. If needed, the underline character (_) is the only mark acceptable.(3) Length of Field Name: 8 characters (with will allow interaction with any type of database)(4) Use descriptive names and type with initial caps. A good rule is adjective/noun.

d. Dates:(1) Format: MM/DD/YYYY (or YYYYDDMM, if military), automatic fill-in (where applicable (i.e., current date, etc.)(2) Length: 10 characters (8 characters for military)

e. Signature fields: Make sure there is a field or separate block for the signer'sname. This is a requirement from the National Archives and RecordsAdministration.

APPENDIX C. INSTRUCTIONS AND SAMPLES OF COMPLETING SF 152,CLEARANCE

(APPENDIX IS PENDING)

The following figures are examples of how requests for forms actions are packaged.

The following items are mandatory fill-in on the SF 152:

All actions: Blocks 1, 3, 4, 5, 6, 7, 9, 10a, 11, 14a-134e, 15a-15e, 16b (This will alwaysbe the following: Barbara M. Williams, Deputy SF/OF Management Officer.)

New form actions: All of the above mentioned blocks plus 32, 33, 34, 35, 365, 37, 38,39.

Revised form actions: All of the "All actions" and "New form actions" blocks plus 19, 20,21, 22, 23, 24, 25, 26, 27, 28.

Cancelled form actions: All of the "All actions" blocks plus 19, 20, 21, 22, 23, 24, 25,26, 27, 28.

APPENDIX D. GUIDELINES ON THE GOVERNMENT PAPERWORKELIMINATION ACT AND ELECTRONIC SIGNATURES

25508 Federal Register / Vol. 65, No. 85 / Tuesday, May 2, 2000 / Notices

Week of May 29—Tentative

Tuesday, May 30

9:25 a.m.Affirmation Session (Public Meeting) (If

Needed)

Week of June 5

There are no meetings scheduled for theWeek of June 5.

The schedule for Commission meetings issubject to change on short notice. To verifythe status of meetings call (recording)—(301)—415–1292.CONTACT PERSONS FOR MOREINFORMATION: Bill Hill (301) 415–1661.

The NRC Commission MeetingSchedule can be found on the Internetat: http://www.nrc.gov/SECY/smj/schedule.htm

This notice is distributed by mail toseveral hundred subscribers; if you nolonger wish to receive it, or would liketo be added to it, please contact theOffice of the Secretary Attn: OperationsBranch, Washington, D.C. 20555 (301–415–1661). In addition, distribution ofthis meeting notice over the Internetsystem is available. If you are interestedin receiving this Commission meetingschedule electronically, please send anelectronic message to [email protected] [email protected].

Dated: April 28, 2000.William M. Hill, Jr.,Secy Tracking Officer, Office of the Secretary.[FR Doc. 00–11012 Filed 4–28–00; 2:18 pm]BILLING CODE 7590–01–M

NUCLEAR REGULATORYCOMMISSION

Termination of Agreement Between theU.S. Nuclear Regulatory Commissionand the State of Louisiana Pursuant toSection 274i of the Atomic Energy Actof 1954, as Amended

AGENCY: Nuclear RegulatoryCommission.ACTION: Notice of Termination ofSection 274i Agreement.

SUMMARY: Notice is hereby given thateffective April 26, 2000, the section 274iagreement between the State ofLouisiana and the U.S. NuclearRegulatory Commission (NRC orCommission) is terminated, in responseto the March 22, 2000 request fromLouisiana Governor M. J. ‘‘Mike’’ Foster.EFFECTIVE DATE: April 26, 2000.FOR FURTHER INFORMATION: ContactKevin Hsueh, Office of State and TribalPrograms, U.S. Nuclear RegulatoryCommission, Washington, DC 20555–0001, by telephone 301–415–2598 or byInternet electronic mail [email protected].

SUPPLEMENTARY INFORMATION:

Background

In 1967, the State of Louisiana and theUnited States Atomic EnergyCommission (now the U.S. NuclearRegulatory Commission) entered into anagreement for the discontinuance of theCommission’s regulatoryresponsibilities over the use andpossession of certain types ofradioactive material in Louisiana. Thisagreement was noticed in the FederalRegister on May 3, 1967 (32 FR 6806).The State of Louisiana, in turn, assumedauthority over these regulatory activitiesformerly exercised by the Commission.The Commission entered into thisagreement with the State of Louisianapursuant to section 274b of the AtomicEnergy Act of 1954, as amended. Thisagreement for the discontinuance of theCommission’s authority becameeffective May 1, 1967 and, at the sametime, established Louisiana as anAgreement State. Additionally, on May3, 1967 (32 FR 6807), the Commissionpublished in the Federal Register anotice of an agreement between theState of Louisiana and the Commissionwhich permitted the State to performinspections or other functions inoffshore waters adjacent to Louisiana onbehalf of the Commission. Thisinspection agreement, entered intopursuant to section 274i of the Act, didnot expand the State’s regulatoryauthority but rather specificallyauthorized the State to conductinspection activities and other functionson the Commission’s behalf.

The NRC has received a letter fromLouisiana Governor M. J. ‘‘Mike’’ Foster,Jr., dated March 22, 2000 requestingtermination of the section 274iagreement, effective 30 days fromreceipt of the letter. The request wasfiled in accordance with section 6 of theinspection agreement, which states

‘‘Sixth: This Agreement shall becomeeffective on May 1, 1967, and shall remainin effect so long as the 274b. Agreementremains in effect unless sooner terminated byeither party on 30 days’ prior written notice.’’

Governor Foster noted that difficultiesarranging transportation and a lack ofboth financial and personnel resourceshave made in burdensome to conductfield activities for the NRC. The Statehas concluded that the section 274iinspection agreement is no longerneeded and should be terminated.

Effective April 26, 2000, theinspection agreement entered into bythe State of Louisiana and theCommission has been terminated. Onthat date, the NRC, not the State, willconduct inspections of NRC-licensed

activities in offshore waters adjacent toLouisiana. In addition, NRC plans toissue a conforming amendment to itsreciprocity regulations at 10 CFR150.20(d) which will remove thespecific reference to the Commission’sinspection agreement with Louisiana.As part of the rulemaking or in aseparate communication, the NRC willprovide guidance to Louisiana licenseesregarding the impacts that thetermination of this agreement will haveon the notification and fee requirementsfor activities conducted in offshorewaters.

Termination of the section 274iinspection agreement, however, doesnot in any way affect the existingagreement between the Commission andthe State of Louisiana entered intopursuant to section 274b of the Act.Accordingly, termination of theinspection agreement does not affectLouisiana’s status as an AgreementState.

Dated at Rockville, Maryland, this 26th dayof April, 2000.Frederick C. Combs,Deputy Director, Office of State and TribalPrograms.[FR Doc. 00–10886 Filed 5–1–00; 8:45 am]BILLING CODE 7590–01–M

OFFICE OF MANAGEMENT ANDBUDGET

Procedures and Guidance;Implementation of the GovernmentPaperwork Elimination Act

AGENCY: Office of Management andBudget, Executive Office of thePresident.SUMMARY: The Office of Managementand Budget (OMB) provides proceduresand guidance to implement theGovernment Paperwork Elimination Act(GPEA). GPEA requires Federalagencies, by October 21, 2003, to allowindividuals or entities that deal with theagencies the option to submitinformation or transact with the agencyelectronically, when practicable, and tomaintain records electronically, whenpracticable. The Act specifically statesthat electronic records and their relatedelectronic signatures are not to bedenied legal effect, validity, orenforceability merely because they arein electronic form, and encouragesFederal government use of a range ofelectronic signature alternatives.

Electronic Availability: Thisdocument is available on the Internet inthe OMB library of the ‘‘Welcome to theWhite House’’ home page, http://www.whitehouse.gov/OMB/, theFederal CIO Council’s home page, http:/

VerDate 27<APR>2000 19:56 May 01, 2000 Jkt 190000 PO 00000 Frm 00045 Fmt 4703 Sfmt 4703 E:\FR\FM\02MYN1.SGM pfrm01 PsN: 02MYN1

25509Federal Register / Vol. 65, No. 85 / Tuesday, May 2, 2000 / Notices

/cio.gov/, and the Federal Public KeyInfrastructure Steering Committee homepage, http://gits-sec.treas.gov/.FOR FURTHER INFORMATION CONTACT:Jonathan Womer, Information Policyand Technology Branch, Office ofInformation and Regulatory Affairs,(202) 395–3785. Press inquiries shouldbe addressed to the OMBCommunications Office, (202) 395–7254. Inquiries may also be addressedto: Information Policy and TechnologyBranch, Office of Information andRegulatory Affairs, Office ofManagement and Budget, Room 10236New Executive Office Building,Washington, D.C. 20503.SUPPLEMENTARY INFORMATION:

Background

This document provides Executiveagencies the guidance required underSections 1703 and 1705 of theGovernment Paperwork Elimination Act(GPEA), Public Law 105–277, Title XVII,which was signed into law on October21, 1998. GPEA is an important tool toimprove customer service andgovernmental efficiency through the useof information technology. Thisimprovement involves transactingbusiness electronically with Federalagencies and widespread use of theInternet and its World Wide Web.

As public awareness of electroniccommunications and Internet usageincreases, demand for on-lineinteractions with the Federal agenciesalso increases. Moving to electronictransactions and electronic signaturescan reduce transaction costs for theagency and its partner. Transactions arequicker and information access can bemore easily tailored to the specificquestions that need to be answered. Asa result data analysis is easier. Theseaccess and data analysis benefits oftenhave a positive spillover effect into therest of the agency as awareness of theagency’s operations is improved. Inaddition, reengineering the workprocess associated with the transactionaround the new electronic format cangive rise to other efficiencies.

Public confidence in the security ofthe government’s electronic informationprocesses is essential as agencies makethis transition. Electronic commerce,electronic mail, and electronic benefitstransfer can require the exchange ofsensitive information withingovernment, between the governmentand private industry or individuals, andamong governments. These electronicsystems must protect the information’sconfidentiality, ensure that theinformation is not altered in anunauthorized way, and make it available

when needed. A corresponding policyand management structure must supportthe hardware and software that deliversthese services.

To provide for a broad framework forensuring the implementation ofelectronic systems in a secure manner,the Administration has taken a numberof actions. In February 1996, OMBrevised Appendix III of Circular A–130,which provided guidance to agencies onsecuring information as theyincreasingly rely on open andinterconnected electronic networks toconduct business. In May 1998, thePresident issued Presidential DecisionDirective 63, which set a goal of areliable, interconnected, and secureinformation system infrastructure by theyear 2003, and significantly increasedsecurity for government systems by theyear 2000 based on reviews by eachdepartment and agency. In September,1998, OMB and the Federal Public KeyInfrastructure Steering Committeepublished ‘‘Access With Trust’’(available at http://gits-sec.treas.gov/).This report describes the Federalgovernment’s goals and efforts todevelop a Public Key Infrastructure(PKI) to enable the widespread use ofcryptographically-based digitalsignatures. On December 17, 1999, thePresident issued a Memorandum,‘‘Electronic Government,’’ which calledon Federal agencies to use informationtechnology to ensure that governmentalservices and information are easilyaccessible to the American people(Weekly Compilation of PresidentialDocuments, vol. 35, pp. 2641–43,(December 27, 1999); also available athttp://cio.gov/). Among other things, thePresident charged the Administrator ofGeneral Services, in coordination withagencies, to assist agencies in thedevelopment of private, secure andeffective electronic communicationacross agencies and with the publicthrough the use of public keytechnology. This technology can offersignificant benefits in facilitatingelectronic commerce through a shared,interoperable, government-wideinfrastructure.

What is the Purpose of GPEA?GPEA seeks to ‘‘preclude agencies or

courts from systematically treatingelectronic documents and signaturesless favorably than their papercounterparts’’, so that citizens caninteract with the Federal governmentelectronically (S. Rep. 105–335). Itrequires Federal agencies, by October21, 2003, to provide individuals orentities that deal with agencies theoption to submit information or transactwith the agency electronically, and to

maintain records electronically, whenpracticable. It also addresses the matterof private employers being able to useelectronic means to store, and file withFederal agencies, information pertainingto their employees.

GPEA states that electronic recordsand their related electronic signaturesare not to be denied legal effect,validity, or enforceability merelybecause they are in electronic form. Italso encourages Federal government useof a range of electronic signaturealternatives.

This guidance implements GPEA,fosters a successful transition toelectronic government as contemplatedby the President’s memorandum, andemploys where appropriate the workdescribed in ‘‘Access with Trust.’’

What Were the Comments on theProposed Implementation?

On March 5, 1999, OMB publishedthe ‘‘Proposed Implementation of theGovernment Paperwork EliminationAct’’ for public comment. (64 FR10896). It was also sent directly toFederal agencies for comment and madeavailable via the Internet. In addition,OMB met with relevant committees andstaff of many interested organizationsincluding: American Bar Association(both the Business Law and the Scienceand Technology Sections); AmericanBankers Association; NationalAutomated Clearing House Association;National Governors Association;National Association of StateInformation Resource Executives;National Association of State Auditors,Controllers and Treasurers; NationalAssociation of State Purchasing Officers;the Government of Canada; theGovernment of Australia; and relevantindustry forums. All were uniformlypositive about the content and tone ofthe guidance. OMB received specificcomments from 24 organizations. Mostcomments proposed changes in clarityand detail. Where the comments addedclarity and did not contradict the goalsof the guidance, they were incorporated.The principal substantive issues raisedin the comments and our responses tothem are described below.

I. Comments Regarding Risks andBenefits

A number of comments, includingthose from the Justice Department andthe General Accounting Office,requested that the guidance containfurther information on how to conductthe assessments of practicability neededto determine the proper combination oftechnology and management controls tomanage the risk of convertingtransactions and record keeping to



electronic form, and then conductingtransactions electronically. Eachassessment should contain elements ofrisk analysis and measurements of othercosts and benefits. Most comments onassessment referred to the risk analysisportion.

Risk analyses provide decisionmakerswith information needed to understandthe factors that can degrade or endangeroperations and outcomes and to makeinformed judgments about what actionsneed to be taken to reduce risk.Consistent with the Computer SecurityAct (40 U.S.C. 759 note), Appendix IIIof OMB Circular No. A–130, ‘‘Securityof Federal Automated InformationResources,’’ (34 FR 6428, February 20,1996), Federal managers should designand implement their informationtechnology systems in a manner that iscommensurate with the risk andmagnitude of harm from unauthorizeduse, disclosure, or modification of theinformation in those systems. Todetermine what constitutes adequatesecurity, a risk-based assessment mustconsider all major risk factors, such asthe value of the system or application,threats, vulnerabilities, and theeffectiveness of current and proposedsafeguards. Low-risk informationprocesses may need only minimalconsideration, while high-risk processesmay need extensive analysis. OMBreiterated these principles on June 23,1999, in OMB Memorandum No. 99-20,‘‘Security of Federal AutomatedInformation Resources,’’ and remindedagencies to continually assess the risk totheir computer systems and maintainadequate security commensurate withthat risk, particularly as they takeincreasing advantage of the internet andthe world wide web in providinginformation and services to citizens.(Available at: http://cio.gov/ and http://whitehouse.gov/omb/memoranda/m-99–20.html).

The Commerce Department’s NationalInstitute of Standards and Technology(NIST) also recognizes the importance ofconducting risk analyses for securingcomputer-based resources. NISTprovides guidance on risk analysis(available at http://csrc.nist.gov/nistpubs):

• ‘‘Good Security Practices forElectronic Commerce, IncludingElectronic Data Interchange,’’ SpecialPublication 800–9 (December 1993);

• ‘‘An Introduction to ComputerSecurity: The NIST Handbook,’’ SpecialPublication 800-12 (December 1995);

• ‘‘Generally Accepted Principles andPractices for Securing InformationTechnology Systems,’’ SpecialPublication 800–14 (September 1996);and

• ‘‘Guide for Developing SecurityPlans for Information TechnologySystems,’’ Special Publication 800–18(December 1998).

More recently, the GeneralAccounting Office published‘‘Information Security Risk Assessment:Practices of Leading Organizations,’’GAO/AIMD–00–33 (November 1999)(Available at http://www.gao.gov/). Thisdocument is intended to help Federalmanagers implement an ongoinginformation security risk analysisprocess by suggesting practicalprocedures that have been successfullyadopted by organizations known fortheir good risk analysis practices. Thisdocument describes various models andmethods for analyzing risk, andidentifies factors that are important in arisk analysis.

A quantitative risk analysis generallyattempts to estimate the monetary costof risk compared with that of riskreduction techniques based on (1) thelikelihood that a damaging event willoccur, (2) the costs of potential losses,and (3) the costs of mitigating actionsthat could be taken. Availability of dataaffects the extent to which risk analysisresults may be quantified reliably. TheGAO report recognizes, however, thatreliable data on likelihood and risksoften may not be available, in whichcase a qualitative approach can be takenby defining risk in more subjective andgeneral terms such as high, medium,and low. In this regard, qualitativeanalyses depend more on the expertise,experience, and good judgment of theFederal managers conducting theanalysis. It also may be possible to usea combination of quantitative andqualitative methods.

Other commenters wanted moreguidance on how to weigh the riskanalysis with other costs and benefits.In combination with the risk analysis,the results of a cost-benefit analysisshould be used to judge thepracticability of such a processtransformation. All major informationtechnology investments are evaluatedunder the Appendices of OMB CircularNo. A–130, ‘‘Management of FederalInformation Resources’’ and Part 3 ofOMB Circular No. A–11 ‘‘Planning,Budgeting, and Acquisition of CapitalAssets.’’ Specific guidance oninformation technology cost-benefitanalysis is available from the CapitalPlanning and IT Investment Committeeof the Federal CIO Council in therecently published ‘‘ROI and the ValuePuzzle.’’ (Available at: http://cio.gov/).When developing collections ofinformation under the PaperworkReduction Act, agencies currentlyaddress the practicality of electronic

submission, maintenance, anddisclosure. The GPEA guidance buildson the requirements and scope of thePRA; all transactions that involveFederal information collections coveredunder the PRA are also covered underGPEA. In addition, agencies shouldfollow OMB Memorandum 00–07‘‘Incorporating and Funding Security inInformation Systems Investments’’,issued February 28, 2000, whichprovides information on buildingsecurity into information technologyinvestments (also available at: http://cio.gov/).

The Department of Justice commentedon the need for each agency to considerthe broad range of legal risks involvedin electronic transactions. Justice’scomments are especially appropriate forparticularly sensitive transactions,including those likely to give rise tocivil or criminal enforcementproceedings and we expect them to befurther developed in Juctice’sforthcoming practical guidance. The riskanalysis process required by theComputer Security Act and by goodpractice must be tailored to the risksand related mitigation costs that pertainto each system, as understood by theFederal managers most knowledgeablewith the systems. When evaluating legalrisks, Federal managers should consultwith their legal counsel about anyspecific legal implications due to theuse of electronic transactions ordocuments in the application inquestion. Agencies should also keep inmind that GPEA specifically states thatelectronic records and their relatedelectronic signatures are not to bedenied legal effect, validity, orenforceability merely because they arein electronic form. We are not, therefore,prescribing specific ‘‘one size fits all’’requirements applicable to transactionsregardless of sensitivity.

In light of all the above comments, wehave added greater detail to thepracticability aspects of the guidance,and an expanded discussion of cost-benefit analysis and its relation to riskanalysis. We have also placed additionalemphasis on the need for risk analysesto identify and address the full range ofrisks, including reasonably expectedlegal and enforcement risks, andtechnological risks. Further, weincluded a reporting mechanism in PartI Section 3 to facilitate the assessmentof practicability. Although many of thecomments concern the costs and risks ofchanging to electronic transactions, it isalso important to consider the full rangeof benefits that electronic transactionscan provide. Possible benefits include:increased partner participation andcustomer satisfaction; reduced



transaction costs and increasedtransaction speed; improved recordkeeping and new opportunities foranalysis of information; and greateremployee productivity and enhancedquality of their output. An agency’sconsideration of risks needs to bebalanced with a full consideration ofbenefits.

II. Comments Regarding TechnologyNeutrality

A number of comments concerned theemphasis on technology neutrality withregard to the various electronicsignature alternatives. They suggestedwe endorse one electronic signaturetechnology in order to promoteinteroperability and ease of use. Othercommenters disagreed. They expressedconcern that promoting one technologyrequires predicting the direction andfuture of information technologystandards and practices, which is anotoriously difficult task. Further, thereare sometimes technologies thatnaturally fit particular electronictransactions and are easier to implementfrom a security, privacy, technical, oroperational perspective than others. Forexample, implementing a technologythat is easy to use would naturally fitwhen encouraging citizens to participatein electronic transactions.

We do not believe it would beappropriate to endorse one technology,and we share the concerns of thosecommenters who argued against such anendorsement. At the same time, werecognize that cryptographically-baseddigital signatures (i.e., public keytechnology) hold great promise forensuring both authentication andprivacy in networked interactions, andmay be the only technology availablethat can foster interoperability acrossnumerous applications. There are,however, applications where personalidentification numbers (PINs) and othershared secret techniques may well beappropriate. These are generallyrelatively low risk applications whereinteroperability is of lesser importance.A number of agencies have successfullyused PINs in groundbreakingapplications, particularly the Securitiesand Exchange Commission forregulatory filings and the InternalRevenue Service for tax filings. Theyhave recognized the benefits of usingPINs, but at the same time they areplanning for an eventual transfer todigital signatures.

Accordingly, the final guidancemaintains the basic policy of technologyneutrality for automated transactionswhile recognizing that agencies shouldselect an alternative relative to the riskof the application, and calls on agencies

to consider all of the available electronicsignature technologies (including theadvantages of public key technology) aspart of their assessments.

III. Comments Regarding RecordsManagement

Several comments suggested that theguidance should give further emphasisto the role of the National Archives andRecords Administration in working withthe agencies to address themaintenance, preservation, and disposalof Federal records that are associatedwith electronic governmenttransactions. We agree. The finalguidance explicitly addresses NARA’srole in the area of electronic recordsmanagement, particularly as it relates tothe use of electronic signaturetechnologies.

IV. Comments regarding privacyprotection

Some commenters were concernedwith the privacy implications of theguidance. They want to ensure that anymove to electronic transactions does notencourage the gathering of unnecessaryinformation, and that Federal agenciesadequately protect the personalinformation that does need to becollected. We agree that agencies mustincorporate privacy protections whendeveloping electronic processes. Severalhelpful suggestions were made that havebeen incorporated into the finalguidance. With respect to a commenters’concern that agencies not collectunnecessary information, the PrivacyAct requires an agency to ‘‘maintain inits records only such information aboutan individual as is relevant andnecessary to accomplish a purpose ofthe agency.’’ 5 U.S.C. 552a(e)(1); see e.g.Reuber v. United States, 829 F. 2d 133,138–40 (D.C.C. 1987). Furthermore, thecollection by agencies of unnecessaryinformation would be contrary to thePaperwork Reduction Act’s mandatethat agencies collect only informationthat is ‘‘necessary for the properperformance of the functions of theagency’’ and ‘‘has practical utility.’’ 44U.S.C. 3508.

V. State, Local and Non-governmentalConcerns

A number of comments were receivedfrom non-Federal entities. Thesecomments were primarily concernedwith the broader implications of the Actitself rather than the draft guidance.Specifically, some governmental entitiesexpressed concern that Federal adoptionof routine electronic transactions wouldrequire state and local governments toprovide equivalent access for citizens.Some commenters were also concerned

that they would be required to make allfuture transactions with the Federalgovernment in an electronic format.Consultations with the state governmentgroups identified above, during andsubsequent to the comment period,seem to have alleviated these concernssignificantly, particularly as weexplained that GPEA contemplatesoptional rather than mandatoryelectronic transactions with the Federalgovernment. Agencies are required toprovide the option to their transactionpartners. Transaction partners are notrequired to use the electronic option.

What Are the Future Plans for thisGuidance?

We intend to place this guidance intoan appendix of OMB Circular A–130 asit is updated. OMB’s final proceduresand guidance on implementing theGovernment Paperwork Elimination Actare set forth below.

John T. Spotila,Administrator, Office of Information andRegulatory Affairs.April 25, 2000M–00–10

Memorandum for the Heads ofDepartments and Agencies

From: Jacob J. Lew, DirectorSubject: OMB Procedures and Guidanceon Implementing the GovernmentPaperwork Elimination Act

This document provides Executiveagencies with the guidance requiredunder Sections 1703 and 1705 theGovernment Paperwork Elimination Act(GPEA), Public Law 105–277, Title XVII.

GPEA requires agencies, by October21, 2003, to provide for the (1) optionof electronic maintenance, submission,or disclosure of information, whenpracticable as a substitute for paper; and(2) use and acceptance of electronicsignatures, when practicable. GPEAspecifically states that electronic recordsand their related electronic signaturesare not to be denied legal effect,validity, or enforceability merelybecause they are in electronic form.

GPEA is an important tool in fulfillingthe vision of improved customer serviceand governmental efficiency through theuse of information technology. Thisvision contemplates widespread use ofthe Internet and its World Wide Web,with Federal agencies transactingbusiness electronically as commercialenterprises are doing. Members of thepublic who wish to do business thisway may avoid traveling to governmentoffices, waiting in line, or mailing paperforms. The Federal government can alsosave time and money transactingbusiness electronically.



This guidance also implements part ofthe President’s memorandum ofDecember 17, 1999, ‘‘ElectronicGovernment,’’ which calls on Federalagencies to use information technologyin ensuring that governmental servicesand information are easily accessible tothe American people. Among otherthings, the President charged theAdministrator of General Services, incoordination with appropriate agenciesand organizations, to assist agencies indeveloping private, secure, and effectivecommunication across agencies andwith the public through the use ofdigital signature technology.

Creating more accessible and efficientgovernment requires public confidencein the security of the government’selectronic information communicationand information technology systems.

Electronic commerce, electronic mail,and electronic benefits transfer caninvolve the exchange of sensitiveinformation within government,between government and privateindustry or individuals, and amonggovernments. Electronic systems mustbe able to protect the confidentially ofcitizens’ information, authenticate theidentity of the transacting parties to thedegree required by the transaction,guarantee that the information is notaltered in an unauthorized way, andprovide access when needed.

To reach these goals, agencies mustmeet objectives outlined by GPEAguidance. First, each agency must buildon their existing efforts to implementelectronic government by developing aplan and schedule that implement, bythe end of Fiscal Year 2003, optionalelectronic maintenance, submission, ortransactions of information, whenpracticable as a substitute for paper,including through the use of electronicsignatures when practicable.

Agencies must submit a copy of theplan to OMB by October 2000 andcoordinate the plan and schedule withtheir strategic IT planning activities thatsupport program responsibilitiesconsistent with the budget process (asrequired by OMB Circular A–11).Attachment

Implementation of the GovernmentPaper Work Elimination Act contains:

Part I. What policies and procedures shouldagencies follow?

Section 1. What GPEA policies shouldagencies follow?

Section 2. What GPEA procedures shouldagencies follow?

Section 3. How should agencies implementthese policies and procedures?

Part II. How can agencies improve servicedelivery and reduce burden through the useof electronic signatures and electronictransactions?

Section 1. Introduction and background

Section 2. What is an ‘‘electronic signature?’’

Section 3. How should agencies assess therisks, costs, and benefits?

Section 4. What benefits should agenciesconsider in planning and implementingelectronic signatures and electronictransactions?

Section 5. What risk factors should agenciesconsider in planning and implementingelectronic signatures or electronictransactions?

Section 6. What privacy and disclosure issuesaffect electronic signatures and electronictransactions?

Section 7. What are current electronicsignature technologies?

Section 8. How should agencies implementelectronic signatures and electronictransactions?

Section 9. Summary of the procedures andchecklist

Part I. What policies and proceduresshould agencies follow?

Section 1. What GPEA policies shouldagencies follow?

The Government PaperworkElimination Act (GPEA) requiresFederal agencies, by October 21, 2003,to provide individuals or entities theoption to submit information or transactwith the agency electronically and tomaintain records electronically whenpracticable. GPEA specifically statesthat electronic records and their relatedelectronic signatures are not to bedenied legal effect, validity, orenforceability merely because they arein electronic form. It also encouragesFederal government use of a range ofelectronic signature alternatives.

Sections 1703 and 1705 of GPEAcharge the Office of Management andBudget (OMB) with developingprocedures for Executive agencies tofollow in using and accepting electronicdocuments and signatures, includingrecords required to be maintained underFederal programs and information thatemployers are required to store and filewith Federal agencies about theiremployees. These procedures reflect

and are to be executed with dueconsideration of the following policies:

a. maintaining compatibility withstandards and technology for electronicsignatures generally used in commerceand industry and by State governments;

b. not inappropriately favoring oneindustry or technology;

c. ensuring that electronic signaturesare as reliable as appropriate for thepurpose in question;

d. maximizing the benefits andminimizing the risks and other costs;

e. protecting the privacy oftransaction partners and third partiesthat have information contained in thetransaction;

f. ensuring that agencies comply withtheir recordkeeping responsibilitiesunder the FRA for these electronicrecords. Electronic record keepingsystems reliably preserve theinformation submitted, as required bythe Federal Records Act andimplementing regulations; and

g. providing, wherever appropriate,for the electronic acknowledgment ofelectronic filings that are successfullysubmitted.

Section 2. What GPEA proceduresshould agencies follow?

a. GPEA recognizes that building anddeploying electronic systems tocomplement and replace paper-basedsystems should be consistent with theneed to ensure that investments ininformation technology areeconomically prudent to accomplish theagency’s mission, protect privacy, andensure the security of the data.Moreover, a decision to reject the optionof electronic filing or record keepingshould demonstrate, in the context of aparticular application and uponconsidering relative costs, risks, andbenefits given the level of sensitivity ofthe process, that there is no reasonablycost-effective combination oftechnologies and management controlsthat can be used to operate thetransaction and sufficiently minimizethe risk of significant harm.Accordingly, agencies should developand implement plans, supported by anassessment of whether to use and acceptdocuments in electronic form and toengage in electronic transactions. Theassessment should weigh costs andbenefits and involve an appropriate riskanalysis, recognizing that low-riskinformation processes may need onlyminimal consideration, while high-riskprocesses may need extensive analysis.

b. Performing the assessment toevaluate electronic signaturealternatives should not be viewed as anisolated activity or an end in itself.Agencies should draw from and feed



into the interrelated requirements of thePaperwork Reduction Act, the PrivacyAct, the Computer Security Act, theGovernment Performance and ResultsAct, the Clinger-Cohen Act, the FederalManagers’ Financial Integrity Act, theFederal Records Act, and the ChiefFinancial Officers Act, as well as OMBCircular A–130 and PresidentialDecision Directive 63.

c. The assessment should developstrategies to mitigate risks and maximizebenefits in the context of availabletechnologies, and the relative total costsand effects of implementing thosetechnologies on the program beinganalyzed. The assessment also shouldbe used to develop baselines andverifiable performance measures thattrack the agency’s mission, strategicplans, and tactical goals, as required bythe Clinger-Cohen Act.

d. In addition to serving as a guide forselecting the most appropriatetechnologies, the assessment of costsand benefits should be designed so thatit can be used to generate a businesscase and verifiable return on investmentto support agency decisions regardingoverall programmatic direction,investment decisions, and budgetarypriorities. In doing so, agencies shouldconsider the effects on the public, itsneeds, and its readiness to move to anelectronic environment.

Section 3. How should agenciesimplement these policies andprocedures?

a. To ensure a smooth and cost-effective transition to an electronicgovernment that provides improvedservice to the public, each agency must:

(1) Develop a plan (including aschedule) by October, 2000 thatprovides for continued implementation,by the end of Fiscal Year 2003, ofoptional electronic maintenance,submission, or transaction ofinformation when practicable as asubstitute for paper, including throughthe use of electronic signatures whenpracticable. The plan must address,among other things (and whereapplicable), the optional use byemployers of electronic means to storeand file with Federal agenciesinformation about their employees. Theplan should prioritize agencyimplementation of systems or modulesof systems based on achievability andnet benefit. The plan must be anaddition to the agency’s strategic ITplanning activities supporting programresponsibilities, as required by OMBCircular A–11. A copy of the planshould be provided to OMB.

(2) For each agency informationsystem identified in the plan required in

#1 above, consider relative costs, risks,and benefits given the level ofsensitivity of the process(es) that thesystem supports. Agency considerationsof cost, risk, and benefit, as well as anymeasures taken to minimize risks,should be commensurate with the levelof sensitivity of the transaction. Low-risk information processes may needonly minimal consideration, while high-risk processes may need extensiveanalysis.

(3) Based on the considerations in #2each agency in its plan must include:

(a) The name of the informationprocess or group of processes beingautomated.

(b) A brief description of theinformation processes being automated.In addition, the description must:

1. Indicate whether further riskmanagement measures are appropriate.

2. Where such measures areappropriate, indicate when and how acombination of information securitypractices, authentication technologies,management controls, or other businessprocesses for each application will bepracticable. In addition, if a particularapplication is not practicable forconversion to electronic interaction aspart of the plan, agencies should explainthe reasons and report any strategy tomake such conversion practicable.

(c) The date of automation for theinformation process(es). If theimplementation is judged to be notpracticable by October 2003, thatconclusion may be noted instead of thedate. The dates should reflect theprioritization based on achievability andnet benefit as discussed in #1 above.

(4) Consistent with the plan takemeasures (including, if necessary,amending regulations or policies toremove impediments to electronictransactions) to: (a) implement optionalelectronic submission, maintenance, ordisclosure of information and the use ofany necessary electronic signaturealternatives; and (b) permit privateemployers who have record keepingresponsibilities imposed by the Federalgovernment to store and file informationpertaining to their employeeselectronically.

(5) Ensure that measures taken underthe plan reflect appropriate informationsystem confidentiality and security inaccordance with the Privacy Act, theComputer Security Act, as amended,and the guidance contained in OMBCircular A–130, Appendices I and III;and ensure that these measures use, tothe maximum extent practicable,technologies that are either prescribedin Federal Information ProcessingStandards promulgated by the Secretaryof Commerce or are supported by

voluntary consensus standards asdefined in OMB Circular A–119,‘‘Federal Participation in theDevelopment and Use of VoluntaryConsensus Standards and ConformityAssessment Activities,’’ (63 FR 8546;February 19, 1998).

(6) Report progress annually againstthe plan (including any appropriaterevisions to the schedule) above alongwith annual performance reportingrequired under OMB Circular A–11.

(7) Consider the record keepingfunctionality of any systems that storeelectronic documents and electronicsignatures, to ensure users haveappropriate access to the informationand can meet the agency’s recordkeeping needs.

(8) In developing collections ofinformation under the PaperworkReduction Act, address whetheroptional electronic submission,maintenance, or disclosure ofinformation (including the electronicstorage and filing by employers ofinformation about their employees)would be practicable as a means ofdecreasing the burden and/or increasingthe practical utility of the collection.

b. Department of CommerceThe Department of Commerce must

promulgate, in consultation with theagencies and OMB, Federal InformationProcessing Standards as appropriate tofurther the specific goals of GPEA. TheDepartment should also developguidance in the area of authenticationtechnologies and implementations,including cryptographic digitalsignature technology, with assistancefrom the Chief Information OfficersCouncil and the Public KeyInfrastructure Steering Committee.

c. Department of the TreasuryThe Department of the Treasury must

develop, in consultation with theagencies and OMB, policies andpractices for the use of electronictransactions and authenticationtechniques for use in Federal paymentsand collections and ensure that theyfulfill the goals of GPEA.

d. Department of JusticeThe Department of Justice must

develop, in consultation with theagencies and OMB, practical guidanceon legal considerations related to agencyuse of electronic filing and recordkeeping.

e. National Archives and RecordsAdministration

The National Archives and RecordsAdministration must develop, inconsultation with the agencies andOMB, policies and guidance on themanagement, preservation, and disposalof Federal records associated withelectronic government transactions, and



must give particular consideration torecords issues associated with the use ofelectronic signature technologies.

f. General Services AdministrationThe General Services Administration

must support agencies’ implementationof digital signature technology andrelated electronic service delivery.

g. Office of Management and BudgetOMB must provide continuing

guidance and oversight for theimplementation of GPEA, includingthrough its review of collections ofinformation under the PaperworkReduction Act.

Part II. How can agencies improveservice delivery and reduce burdenthrough the use of electronic signaturesand electronic transactions?

This part provides Federal managerswith basic information to assist inplanning for an orderly and efficienttransition to electronic government.Agencies should begin their planningpromptly to ensure compliance with thetimetable in GPEA.

Section 1. Introduction and Backgrounda. As required by GPEA, this Part

provides guidance to agencies fordeciding whether to use electronicsignature technology for a particularapplication. GPEA requires Federalagencies, by October 21, 2003, to allowindividuals or entities the option tosubmit information or transact with theagencies electronically and to maintainrecords electronically, when practicable.It specifically states that electronicrecords and their related electronicsignatures are not to be denied legaleffect, validity, or enforceability merelybecause they are in electronic form. Italso encourages Federal government useof a range of electronic signaturealternatives. The guidance helpsagencies consider which electronicsignature technology may be mostappropriate and suggests methods tomaximize the benefit of electronicinformation while minimizing riskwhen implementing a particularelectronic signature technology tosecure electronic transactions.

The guidance builds on therequirements and scope of thePaperwork Reduction Act of 1995(PRA). According to the PRA agenciesmust, ‘‘consistent with the ComputerSecurity Act of 1987 (CSA) (40 U.S.C.759 note), identify and afford securityprotections commensurate with the riskand magnitude of the harm resultingfrom the loss, misuse, or unauthorizedaccess to or modification of informationcollected or maintained by or on behalfof an agency.’’ 44 U.S.C. 3506(g)(3). Inaddition, we note that all transactions

that involve Federal informationcollections covered under the PRA arealso covered under GPEA.

b. As GPEA, PRA, CSA, and thePrivacy Act recognize, the goal ofinformation security is to protect theintegrity and confidentiality ofelectronic records and transactions thatenable business operations. Differentsecurity approaches offer varying levelsof assurance in an electronicenvironment and are appropriatedepending on a balance between thebenefits from electronic informationtransfer and the risk of harm if theinformation is compromised. Amongthese approaches (in an ascending levelof assurance) are:

(1) so-called ‘‘shared secrets’’ methods(e.g., personal identification numbers orpasswords),

(2) digitized signatures or biometric meansof identification, such as fingerprints, retinalpatterns, and voice recognition, and

(3) cryptographic digital signatures(discussed in more detail in Section 7).

Combinations of approaches (e.g.,digital signatures with biometrics) arealso possible and may provide evenhigher levels of assurance than singleapproaches by themselves. Decidingwhich to use in an application dependsfirst upon finding a balance between therisks associated with the loss, misuse, orcompromise of the information, and thebenefits, costs, and effort associatedwith deploying and managing theincreasingly secure methods to mitigatethose risks. Agencies must strike abalance, recognizing that achievingabsolute security is likely to be highlyimprobable in most cases andprohibitively expensive if possible.

Section 2. What is an ‘‘electronicsignature?’’

a. GPEA defines ‘‘electronicsignature’’ as follows:

‘‘* * * a method of signing anelectronic message that—

(A) identifies and authenticates aparticular person as the source of theelectronic message; and

(B) indicates such person’s approvalof the information contained in theelectronic message.’’ (GPEA, section1709(1)).

This definition is consistent withother accepted legal definitions ofsignature. The term ‘‘signature’’ has longbeen understood as including ‘‘anysymbol executed or adopted by a partywith present intention to authenticate awriting.’’ (Uniform Commercial Code,1–201(39)(1970)). The ‘‘UniformElectronic Transactions Act,’’ recentlyadopted by the National Conference ofCommissioners of Uniform State Laws,and which is being enacted by the

States, contains a similar definition (seehttp://www.nccusl.org). These flexibledefinitions permit the use of differentelectronic signature technologies, suchas digital signatures, personalidentifying numbers, and biometrics(section 7 provides more detail onelectronic signature technologies).While it is the case that, for historicalreasons, the Federal Rules of Evidenceare tailored to support the admissibilityof paper-based evidence, the FederalRules of Evidence have no actual biasagainst electronic evidence.

b. In enacting GPEA, Congressaddressed the legal effect and validity ofelectronic signatures or other electronicauthentication:

‘‘Electronic records submitted ormaintained in accordance withprocedures developed under this title,or electronic signatures or other forms ofelectronic authentication used inaccordance with such procedures, mustnot be denied legal effect, validity, orenforceability because such records arein electronic form’’ (GPEA, section1707).

Section 3. How should agencies assessthe risks, costs, and benefits?

To evaluate the suitability ofelectronic signature alternatives for aparticular application, the agency needsto perform an assessment. Theassessment should include a riskanalysis, in cases where the sensitivityof the transaction is sufficiently great,and a cost-benefit analysis. Theassessment identifies the particulartechnologies and management controlsbest suited to minimizing the risk andcost to acceptable levels, whilemaximizing the benefits to the partiesinvolved. Often parts of the assessmentcan be quantified, but some factors—particularly the risk analysis usually canonly be estimated qualitatively.

Availability of data affects the extentto which risk can be reliably quantified.A quantitative approach to risk analysisgenerally attempts to estimate themonetary cost of risk compared to thecost of risk reduction techniques basedon:

(i) the likelihood that a damagingevent will occur,

(ii) the costs of potential losses, and(iii) the costs of mitigating actions that

could be taken.Reliable data on likelihood and costs

may not be available. In this case aqualitative approach can be taken bydefining risk in more subjective andgeneral terms such as high, medium,and low. In this regard, qualitativeanalyses depend more on the expertise,experience, and good judgment of the



Federal managers conducting them thanon quantified factors.

The same can be true with other costsand benefits. Some factors, such as thevalue of deterring fraud, are difficult toquantify. If a new automated system isless secure than an old, paper-basedsystem, attempts to commit fraud or torepudiate transactions may increase. Itusually is not possible to quantify inmonetary terms attitudes such asincreased customer satisfaction andwillingness to cooperate with an agency,which may result from electronicprocesses designed to be user-friendly.However, many costs (design,development, and implementation) andbenefits (reduced transaction costs,saved time etc.) can be quantified, as isthe case for other IT projects. Clearly,then, the assessment should use acombination of quantitative andqualitative methods to judge thepracticability of any electronictransaction method and should includea comprehensive risk analysis whenwarranted by the sensitivity of the dataand/or the transaction.

Those alternatives that minimize riskto an acceptable level should beassessed in terms of net benefit to theagency and the customer in order todetermine the electronic signature mostappropriate for the transaction. If the netbenefits are negative, the agency maydetermine that using an electronicprocess is not practicable at this time. Inany event, all risk analyses are exercisesin managerial judgment.

a. Consider the costs of riskmitigation. The assessment mustrecognize that neither handwrittensignatures nor electronic signatures aretotally reliable and secure. Everymethod of signature, whether electronicor on paper, can be compromised withenough skill and resources, or due topoor security procedures, practices, orimplementation. Setting up a verysecure, but expensive, automatedsystem may in fact buy only a marginalbenefit of deterrence or risk reductionover other alternatives and may not beworth the extra cost. For example, pastexperience with fraud risks, and acareful analysis of those risks, showsthat exposure is often low. If this is thecase a less expensive system thatsubstantially deters fraud is warranted,and not an absolutely secure system.Overall, security determination shouldconform to the Computer Security Act:the level of security should becommensurate with the level ofsensitivity of the transaction.

b. Conduct a cost-benefit analysis todetermine if an electronic transaction ispracticable. The primary goal of a cost-benefit analysis should be to find a cost-

effective package of securitymechanisms and management controlsthat can support automated systemsusing electronic communications. Inestimating the cost of any system,agencies should include costs associatedwith hardware, software,administration, and support of thesystem, both short-term and long-term.Agencies should consider the followingissues when framing the cost-benefitanalysis:

(1) Offering more than one way tocommunicate electronically may enablemore people to conduct electronictransactions. If different partners havedifferent skills and differing securityconcerns, providing a combination ofmechanisms will meet the needs of agreater number of possible partners.While admittedly adding cost, offeringmultiple alternatives can add greaterbenefit, as well. Under GPEA, theagency must considered this optionwhenever it expects to receive over50,000 electronic submittals (per year)of a particular form.

(2) Electronic transactions can imposecosts on the transaction partners. Manyelectronic signature techniques requirespecialized computer hardware andtechnical knowledge. The higher thesethreshold costs are, the higher theparticipation costs are for users. Highercosts will tend to narrow the range ofpotential users, which in turn limits thebenefits of electronic communications.

(3) Agencies should assess the costs ofdeveloping and maintaining electronictransactions. Information technologycosts continue to fall and electronicsignature techniques continue to evolve.As a result, the agency shouldperiodically redo its risk and cost-benefit analyses on those programswhere electronic transactions wereinitially deemed impracticable todetermine whether costs and/ortechnologies have changed enough sothat electronic transactions have becomepracticable.

(4) If the cost-benefit analysis of aproposed solution indicates that theelectronic solution is not cost effective,the agency should seek to identifyopportunities to reengineer theunderlying process being automated.Occasionally, practices and rules underthe control of an agency are based onfactors or circumstances that may nolonger apply. In these cases newpractices and rules should be proposedif the changes do not undermine theobjective or impair security, and if thechanges lead to a more efficient process.

c. Document the decision. TheComputer Security Act gives agencymanagers the responsibility to select anappropriate combination of

technologies, practices, andmanagement controls to minimize riskcost-effectively while maximizingbenefits to all parties to the transaction.Agency managers should documentthese decisions, however qualitative, inthe system security plan (see the NIST‘‘Guide for Developing Security Plansfor Information Technology Systems,’’Special Publication 800–18 (December1998)) for later review and adjustment.

Section 4. What benefits shouldagencies consider in planning andimplementing electronic signatures andelectronic transactions?

Benefits from moving to electronictransactions and electronic signaturesinclude reduction in transaction costsfor the agency and the transactionpartner. Transactions are quicker and itis often easier to access informationrelated to the transaction because it is inelectronic form. The electronic formoften allows more effective data analysisbecause the information is easier toaccess. Better data analysis oftenimproves the operation of the newlyelectronic transaction. In addition, ifmany transactions are electronic anddata analysis can be done acrosstransactions the benefits can spilloverinto the rest of the agency as operationalawareness of the entire organization isimproved. Moreover, business processreengineering should accompany allattempts to facilitate a transactionthrough information technology. Oftenthe full benefits will be realized only byrestructuring the process to takeadvantage of the technology. Merelymoving an existing paper based processto an electronic one is unlikely to reapthe maximum benefits from theelectronic system.

In order to account for all the benefitsassociated with electronic transactions,agencies should keep commoninformation technology benefits in mindand look at the benefits realized byother agencies.

a. What are the benefits? Agenciesshould identify all the benefits ofautomating program transactions andmaking those transactions secure, suchas:

(1) Increased speed of the transaction.The partner and the agency may spendless time completing the transaction.The quicker speed combined withputting the transaction online allowsreal-time help to the transaction partner,providing a benefit not found in a paperbased transaction.

(2) Increased partner participationand customer satisfaction. Often adecrease in partner transaction costsleads to more partners completing thetransaction. In addition, partners tend to



have a more positive view of the processgiven its speed and ease of use.

(3) Improved record keepingefficiency and data analysisopportunities. If data are easier to accessand store then they can enhanceprogram evaluation and expandawareness of the effects of thegovernment program in question.

(4) Increased employee productivityand improved quality of the finalproduct. Electronic transactions tend tohave fewer errors because often thesystem minimizes retyping andautomatically detects certain errors.These benefits allow the employees toconcentrate more time on other matters.

(5) Greater information benefits to thepublic. Moving to electronictransactions and electronic signaturesoften can make the related informationmore accessible to the public andFreedom of Information Act requests.

(6) Improved security. Designed,implemented, and managed properly,electronic transactions can have feweropportunities for fraud and more robustsecurity measures than paper andenvelope transactions.

(7) Extensive security for highlysensitive information. Even thoughimplementing a more secure electronicsignature option often is more expensiveinitially than implementing less securealternatives, there could be largerexpected benefits if the informationbeing protected is particularly sensitive.

b. What are examples of benefits fromelectronic signatures and transactions?The following examples highlightagencies’ experience in gainingsignificant benefits from electronictransactions and electronic signatures.

(1) The Internal Revenue Service useselectronic identification to strengthenvalidation by incorporating electroniclinks between the user and preexistingdata about that user in the agency’srecords in its TeleFile program. Itenables selected taxpayers to file1040EZs with a touch-tone phone.Taxpayers get Customer ServiceNumbers (CSNs, i.e., PINs) that theythen use to sign their returns and whichhelp to validate their identities to theagency. Even though a CSN is notunique to an individual taxpayer (sinceit is only five digits long), the IRSauthenticates the filer by using otheridentifying factors, such as thetaxpayer’s date of birth, taxpayeridentification number, and by usingadditional procedures. This approach isnot used over the Internet. Instead, itoccurs in short-term connections overtelephone lines, an environment whereit is comparatively difficult for personsto eavesdrop and steal information orsubstitute false information.

(2) Taxpayers who transmit their taxreturns electronically give high marks tothe Internal Revenue Service’selectronic filing programs. TheAmerican Customer Satisfaction Index(ACSI) shows customer satisfactionscores for IRS e-file exceed those forboth the government and retail sectorsand rival those of the financial servicessector. For electronic tax return filers,the overall ACSI customer satisfactionindex is 74. This surpasses the ratingamong paper return filers and compareswith a government-wide satisfactionrating of 68.6. In addition, 78% ofcustomers with electronic filingexperiences say they are more satisfiednow than two years ago. Other benefitsof the electronic filing program include:

(a) Refunds are received in half thetime and even faster with DirectDeposit.

(b) Its accuracy rate of over 99%reduces the chance of getting an errornotice from the IRS.

(c) It provides an IRSacknowledgment within 48 hours thatthe return has been received.

(3) The General ServicesAdministration, Federal TechnologyService conducted the FTS2001Procurement in a totally paperlessenvironment. Beginning with theRequest for Proposals (RFP) release,which was digitally signed and postedon the internet along with a utility forverifying the signature, through theissuance of the contracts to the winningbidders in an electronic signingceremony, no paper changed hands atany time during the process. Bids fromthe offerors were delivered on a singleCD, in contrast with the previousFTS2000 solicitation that requiredseveral pallets of documentation foreach submission. It is estimated that thepaper equivalent of this bid would haveresulted in a stack of paperapproximately 5 stories high. Thiselectronic process resulted inefficiencies and savings to thegovernment of approximately$1,500,000 in time previously requiredto process paperwork. The paperlessprocess was enabled by issuing eachpotential bidder a cryptographically-based digital signature certificatehoused on a hardware token.

(4) EDGAR, the Electronic DataGathering, Analysis, and Retrievalsystem, performs automated collection,validation, indexing, acceptance, andforwarding of submissions bycompanies and others who are requiredby law to file forms with the U.S.Securities and Exchange Commission(SEC). Its primary purpose is to increasethe efficiency and fairness of thesecurities market for the benefit of

investors, corporations, and theeconomy by accelerating the receipt,acceptance, dissemination, and analysisof time-sensitive corporate informationfiled with the agency. Other benefitsinclude:

(a) Elimination of the burdens anddelays associated with microfiching 10–12 million pages of informationannually in a paper format.

(b) Free SEC web site experiencesover half a million hits daily, many fromindividuals trying to improve thequality of their investment decisions byexamining disclosure documents. Priorto EDGAR, individuals simply could notafford the typical, minimum cost of $25per document.

(c) Full search capability allowsimproved ability to identify incidents ofnew or unusual conditions in thereports that are filed and allow rapidaccess to the information.

(5) The U.S. Customs Serviceautomated much of the informationtransactions with its import-exportpartners. It has allowed improvedaccuracy, efficiency, speed, and theability to analyze the electronically fileddata which has led to enforcementimprovements. The AutomatedCommercial System (ACS) is the systemused to track, control, and process allcommercial goods imported into theUnited States. ACS facilitatesmerchandise processing, significantlycuts costs, and reduces paperworkrequirements for both Customs and thetrade community.

Section 5. What risk factors shouldagencies consider in planning andimplementing electronic signatures orelectronic transactions?

Properly implemented electronicsignature technologies can offer degreesof confidence in authenticating identitythat are greater than a handwrittensignature can offer. These digital toolsshould be used to control risks in a cost-effective manner. In determiningwhether an electronic signature issufficiently reliable for a particularpurpose, agency risk analyses need at aminimum to consider the relationshipsbetween the parties, the value of thetransaction, the risk of intrusion, andthe likely need for accessible,persuasive information regarding thetransaction at some later date. Inaddition, agencies should consider anyother risks relevant to the particularprocess. Once these factors areconsidered separately, an agency shouldconsider them together to evaluate thesensitivity to risk of a particular process,relative to the benefit that the processcan bring.



a. What is the relationship betweenthe parties? Agency transactions fallinto seven general categories, each ofwhich may be vulnerable to differingsecurity risks:

(1) Intra-agency transactions (i.e.,those which remain within the sameFederal agency).

(2) Inter-agency transactions (i.e.,those between Federal agencies).

(3) Transactions between a Federalagency and state or local governmentagencies.

(4) Transactions between a Federalagency and a private organization suchas: contractor, business, university, non-profit organization, or other entity.

(5) Transactions between a Federalagency and a member of the generalpublic.

(6) Transactions between a Federalagency and a foreign government,foreign private organization, or foreigncitizen.

Risks tend to be relatively low incases where there is an ongoingrelationship between the parties.Generally speaking, there will be littlerisk of a partner later repudiating inter-or intra-governmental transactions of arelatively routine nature, and almost norisk of the governmental trading partnercommitting fraud. Similarly,transactions between a regulatoryagency and a publicly tradedcorporation or other known entityregulated by that agency can often beara relatively low risk of repudiation orfraud, particularly where the regulatoryagency has an ongoing relationshipwith, and enforcement authority over,the entity. For the same reasons, riskstend to be relatively low withinrulemaking contexts, as all parties canview the submissions of others so therisk of imposture is minimized. Othertypes of transactions, involving anongoing relationship between an agencyand non-governmental entities andpersons, can have varying degrees ofrisk depending on the nature of therelationship between the parties; thesame would apply in the case of thoseFederal programs in which the ongoingrelationship is between entities that areacting (and collecting information underthe PRA) on behalf of an agency andsuch non-governmental entities andpersons—e.g., transactions between alender, guaranty agency, or otherinstitution participating in a Federalloan or financial aid program andanother program participant or amember of the general public, such asa borrower or grant recipient. On theother hand, the highest risk of fraud orrepudiation is for a one-time transactionbetween a person and an agency thathas legal or financial implications.

Agencies should also pay attention totransactions with non-Federal entities,where the agency has a law enforcementresponsibility but does not have anongoing relationship. Transactionsbetween a Federal agency and a foreignentity may entail unique legal risks dueto varying national laws andregulations. In all cases, the relativevalue of the transaction needs to beconsidered as well.

b. What is the value of thetransaction? Agency transactions fallinto five general categories, each ofwhich may be vulnerable to differentsecurity risks:

(1) Transactions involving the transferof funds.

(2) Transactions where the partiescommit to actions or contracts that maygive rise to financial or legal liability.

(3) Transactions involvinginformation protected under the PrivacyAct or other agency-specific statutes, orinformation with national securitysensitivity, obliging that access to theinformation be restricted.

(4) Transactions where the party isfulfilling a legal responsibility which, ifnot performed, creates a legal liability(criminal or civil).

(5) Transactions where no funds aretransferred, no financial or legal liabilityis involved and no privacy orconfidentiality issues are implicated.

Agency risk analyses should attemptto identify the relative value of the typeof transaction being automated andfactor that against the costs associatedwith implementing technological andmanagement controls to mitigate risk.Note that the value of the transactiondepends on the perspective of theagency and the transaction partner. Ingeneral, electronic signatures are leastnecessary in very low value transactionsand need not be used unless specificallyrequired by law or regulation (i.e. #5).Where authentication is necessary, themethod of electronic signature shouldbe appropriate to the level of risk.

c. What is the risk of intrusion? Theprobability of a security intrusion on thetransaction can depend on the benefit tothe potential attackers and theirknowledge that the transaction will takeplace. Agency transactions fall intothree categories:

(1) Regular or periodic transactionsbetween parties are at a higher risk thanintermittent transactions because oftheir predictability, causing higherlikelihood that an outside party wouldknow of the scheduled transaction andbe prepared to intrude on it.

(2) The value of the information tooutside parties could also determinetheir motivation to compromise theinformation. Information relatively

unimportant to an agency may havehigh value to an outside party.

(3) Certain agencies, because of theirperceived image or mission, may bemore likely to be attacked independentof the information or transaction. Theact of disruption can be an end in itself.

d. What is the likely need foraccessible, persuasive informationregarding the transaction at a laterpoint? Agency transactions fall intoseven general categories:

(1) Transactions where theinformation generated will be used fora short time and discarded;

(2) Transactions where theinformation generated may later besubject to audit or compliance;

(3) Transactions where theinformation will be used for research,program evaluation, or other statisticalanalyses;

(4) Transactions where theinformation generated may later besubject to dispute by one of the parties(or alleged parties) to the transaction;

(5) Transactions where theinformation generated may later besubject to dispute by a non-party to thetransaction;

(6) Transactions where theinformation generated may later beneeded as proof in court;

(7) Transactions where theinformation generated will be archivedlater as permanently valuable records.

When analyzing the benefits ofconverting from paper systems toelectronic systems, agencies shouldreflect on what information would belost in the conversion, e.g., an envelopecontaining a postmark and the sender’sfingerprints and handwriting, or thespecific questions that were asked on aquestionnaire. Agencies shoulddetermine whether collecting thepotentially lost information is trulyimportant and whether an electronicsystem could cost-effectively collect andstore similarly useful information.

In some paper transactions requiringa party’s signature, the signature bothidentifies the party and establishes thatparty’s intent to submit a truthfulanswer. Sometimes a notary or otherthird party signs as witness to thesignature. When converting thesetransactions to electronic systems,agencies should ensure that the selectedtechnology and its implementation areable to provide similar functions.

Section 6. What privacy and disclosureissues affect electronic signatures andelectronic transactions?

Section 1708 of GPEA limits the useof information collected in electronicsignature services to communicationswith a Federal agency. It directs



agencies and their staff and contractorsnot to use such information for anypurpose other than for facilitating thecommunication. Exceptions exist if theperson (or entity) that is the subject ofthe information provides affirmativeconsent to the additional use of theinformation, or if such additional use isotherwise provided by law.Accordingly, agencies should followseveral privacy principles:

a. Electronic signatures should onlybe required where needed. Manytransactions do not need, and shouldnot require, identifying or otherinformation about an individual. Forexample, individuals generally shouldnot be required to provide personalinformation in order to download publicdocuments.

b. When electronic signatures arerequired for a transaction, agenciesshould not collect more informationfrom the user than is required for theapplication of the electronic signature.When appropriate, agencies areencouraged to use methods of electronicsigning that do not require individualsto disclose their identity. This includesthe ability of individuals in a group tobe identified by a group identifier ratherthan an individual identifier if the onlyinformation needed to authenticate isthe fact that the individual is a memberof the group.

c. Users should be able to decide how,when, and what type of electronicauthentication to use of those madeavailable by the agency. If none areacceptable the user should be able to optout to a paper process. If a user wantsa certain mechanism for authenticationto apply only to a single agency or to asingle type of transaction, the user’sdesires should be honored, ifpracticable. Conversely, if the userwishes the authentication to work withmultiple agencies or for multiple typesof transactions, that should also bepermitted where practicable.Specifically, it should be consistentwith how the agency employs suchmeans of authentication and withrelevant statute and regulation and onlyif it conforms to practicable costs andrisks.

d. Agencies should ensure, and usersshould be informed, that informationcollected for the purpose of issuing orusing electronic means of authenticationwill be managed and protected inaccordance with applicablerequirements under the Privacy Act, theComputer Security Act, and any agency-specific statute mandating theprotection of such information, as wellas with any relevant Executive Branchand agency specific privacy policies.

Section 7. What are current electronicsignature technologies?

Questions regarding the followingshould be directed to the Department ofCommerce. This section addresses twocategories of security: (1) Non-cryptographic methods of authenticatingidentity; and (2) cryptographic controlmethods. The non-cryptographicapproach relies solely on anidentification and authenticationmechanism that must be linked to aspecific software platform for eachapplication. Cryptographic controls maybe used for multiple applications, ifproperly managed, and may encompassboth authentication and encryptionservices. A highly secureimplementation may combine bothcategories of technologies. The spectrumof electronic signature technologiescurrently available is described below.

a. Non-Cryptographic Methods ofAuthenticating Identity. (1) PersonalIdentification Number (PIN) orpassword: A user accessing an agency’selectronic application is requested toenter a ‘‘shared secret’’ (called ‘‘shared’’because it is known both to the user andto the system), such as a password orPIN. When the user of a system entersher name, she also enters a password orPIN. The system checks that passwordor PIN against data in a database toensure its correctness and thereby‘‘authenticates’’ the user. If theauthentication process is performedover an open network such as theInternet, it is usually essential that atleast the shared secret be encrypted.This task can be accomplished by usinga technology called Secure SocketsLayer (SSL), which uses a combinationof public key technology and symmetriccryptography to automatically encryptinformation as it is sent over theInternet by the user and decrypt itbefore it is read by the intendedrecipient. SSL currently is built intoalmost all popular Web browsers, insuch a fashion that its use is transparentto the end user. Assuming the passwordis protected during transmission, asdescribed above, impersonating the userrequires obtaining the user’s password.This may be relatively easy if users donot follow appropriate guidelines forpassword creation and use. Agenciesshould establish adequate guidelines forpassword creation and protection.

(2) Smart Card: A smart card is aplastic card the size of a credit cardcontaining an embedded integratedcircuit or ‘‘chip’’ that can generate,store, and/or process data. It can be usedto facilitate various authenticationtechnologies also embedded on thesame card. By having different

authentication choices the user can pickthe authentication technique that meetsbut does not exceed the informationrequirement for the transaction. A userinserts the smart card into a card readerdevice attached to a computer ornetwork input device. Information fromthe card’s chip is provided to thecomputer only when the user also entersa PIN, password, or biometric identifierrecognized by the card. Thus, the userauthenticates to the card, makingavailable electronic credentials whichcan then be used by the computer ornetwork to strongly authenticate theuser for transactions. This method offersfar greater security than the typical useof a PIN or password, because theshared secret is between the user andthe card, not with a remote server ornetwork device. Moreover, toimpersonate the user requirespossession of the card as well asknowledge of the shared secret thatactivates the electronic credentials onthe card. Thus, proper security requiresthat the card and the PIN or passwordused to activate it be kept separate. Thisis not a concern if a biometric is usedfor the latter purpose.

(3) Digitized Signature: A digitizedsignature is a graphical image of ahandwritten signature. Someapplications require an individual tocreate his or her hand-written signatureusing a special computer input device,such as a digital pen and pad. Thedigitized representation of the enteredsignature may then be compared to apreviously-stored copy of a digitizedimage of the handwritten signature. Ifspecial software judges both imagescomparable, the signature is consideredvalid. This application of technologyshares the same security issues as thoseusing the PIN or password approach,because the digitized signature isanother form of shared secret knownboth to the user and to the system. Thedigitized signature can be more reliablefor authentication than a password orPIN because there is a biometriccomponent to the creation of the imageof the handwritten signature. Forging adigitized signature can be more difficultthan forging a paper signature since thetechnology digitally compares thesubmitted signature image with theknown signature image, and is betterthan the human eye at making suchcomparisons. The biometric elements ofa digitized signature, which help makeit unique, are in measuring how eachstroke is made—duration, pen pressure,etc. As with all shared secrettechniques, compromise of a digitizedsignature image or characteristics file



could pose a security (impersonation)risk to users.

(4) Biometrics: Individuals haveunique physical characteristics that canbe converted into digital form and theninterpreted by a computer. Among theseare voice patterns (where anindividual’s spoken words areconverted into a special electronicrepresentation), fingerprints, and theblood vessel patterns present on theretina (or rear) of one or both eyes. Inthis technology, the physicalcharacteristic is measured (by amicrophone, optical reader, or someother device), converted into digitalform, and then compared with a copy ofthat characteristic stored in thecomputer and authenticated beforehandas belonging to a particular person. Ifthe test pattern and the previouslystored patterns are sufficiently close (toa degree which is usually selectable bythe authenticating application), theauthentication will be accepted by thesoftware, and the transaction allowed toproceed. Biometric applications canprovide very high levels ofauthentication especially when theidentifier is obtained in the presence ofa third party to verify its authenticity,but as with any shared secret, if thedigital form is compromised,impersonation becomes a serious risk.Thus, just like PINs, such informationshould not be sent over open networksunless it is encrypted. Moreover,measurement and recording of aphysical characteristic could raiseprivacy concerns where the biometricidentification data is shared by two ormore entities. Further, if compromised,substituting a different, new biometricidentifier may have limitations (e.g., youmay need to employ the fingerprint ofa different finger). Biometricauthentication is best suited for accessto devices, e.g. to access a computerhard drive or smart card, and less suitedfor authentication to software systemsover open networks.

b. Cryptographic Control. Creatingelectronic signatures may involve theuse of cryptography in two ways:symmetric (or shared private key)cryptography, or asymmetric (publickey/private key) cryptography. Thelatter is used in producing digitalsignatures, discussed further below.

(1) Shared Symmetric KeyCryptography

In shared symmetric key approaches,the user signs a document and verifiesthe signature using a single key(consisting of a long string of zeros andones) that is not publicly known, or issecret. Since the same key does thesetwo functions, it must be transferredfrom the signer to the recipient of the

message. This situation can undermineconfidence in the authentication of theuser’s identity because the symmetrickey is shared between sender andrecipient and therefore is no longerunique to one person. Since thesymmetric key is shared between thesender and possibly many recipients, itis not private to the sender and hencehas lesser value as an authenticationmechanism. This approach offers noadditional cryptographic strength overdigital signatures (see below). Further,digital signatures avoid the need for theshared secret.

(2) Public/Private Key (Asymmetric)Cryptography—Digital Signatures

(a) To produce a digital signature, auser has his or her computer generatetwo mathematically linked keys—aprivate signing key that is kept private,and a public validation key that isavailable to the public. The private keycannot be deduced from the public key.In practice, the public key is made partof a ‘‘digital certificate,’’ which is aspecialized electronic file digitallysigned by the issuer of the certificate,binding the identity of the individual tohis or her private key in an unalterablefashion. The whole system thatimplements digital signatures andallows them to be used with specificprograms to offer securecommunications is called a Public KeyInfrastructure, or PKI.

(b) A ‘‘digital signature’’ is createdwhen the owner of a private signing keyuses that key to create a unique mark(the signature) on an electronicdocument or file. The recipient employsthe owner’s public key to validate thatthe signature was generated with theassociated private key. This process alsoverifies that the document was notaltered. Since the public and privatekeys are mathematically linked, the pairis unique: only the public key canvalidate signatures made using thecorresponding private key. If the privatekey has been properly protected fromcompromise or loss, the signature isunique to the individual who owns it,that is, the owner cannot repudiate thesignature. In relatively high-risktransactions, there is always a concernthat the user will claim someone elsemade the transaction. With public keytechnology, this concern can bemitigated. To claim he did not make thetransaction, the user would have tofeign loss of the private key. By creatingand holding the private key on a smartcard or an equivalent device, and byusing a biometric mechanism (ratherthan a PIN or password) as the sharedsecret between the user and the smartcard for unlocking the private key tocreate a signature this concern can be

mitigated. In other words, combiningtwo or three distinct electronic signaturetechnology approaches in a singleimplementation can enhance thesecurity of the interaction and lower thepotential for fraud to almost zero.Furthermore, by establishing clearprocedures for a particularimplementation of digital signaturetechnology, so that all parties knowwhat the obligations, risks, andconsequences are, agencies can alsostrengthen the effectiveness of a digitalsignature solution.

The reliability of the digital signatureis directly proportional to the degree ofconfidence one has in the link betweenthe owner’s identity and the digitalcertificate, how well the owner hasprotected the private key fromcompromise or loss, and thecryptographic strength of themethodology used to generate thepublic-private key pair. Thecryptographic strength is affected by keylength and by the characteristics of thealgorithm used to encrypt theinformation. Further information ondigital signatures can be found in‘‘Access with Trust’’ (September 1998)(http://gits-sec.treas.gov/).

c. Technical Considerations of theVarious Electronic SignatureAlternatives. (1) To be effective, each ofthese methods requires agencies todevelop a series of policy documentsthat provide the important underlyingframework of trust for electronictransactions and which facilitate theevaluation of risk. The frameworkidentifies how well the user’s identity isbound to his authenticator (e.g., hispassword, fingerprint, or private key).By considering the strength of thisbinding, the strength of the mechanismitself, and the sensitivity of thetransaction, an agency can determine ifthe level of risk is acceptable. If anagency has experience with thetechnology, existing policies anddocuments may be available for use asguidance. Where the technology is newto an agency, this may requireadditional effort.

(2) While digital signatures (i.e. publickey/private key) are generally the mostcertain method for assuring identityelectronically, the policy documentsmust be established carefully to achievethe desired strength of binding. Theframework must identify how well thesigner’s identity is bound to his or herpublic key in a digital certificate(identity proofing). The strength of thisbinding depends on the assumption thatonly the owner has sole possession ofthe unique private key used to makesignatures that are validated with thepublic key. The strength of this binding



also reflects whether the private key isplaced on a highly secure hardwaretoken, such as a smart card, or isencapsulated in software only; and howdifficult it is for a malefactor to deducethe private key using cryptographicmethods (which depends upon the keylength and the cryptographic strength ofthe key-generating algorithm).

A Public Key Infrastructure (PKI) isone mechanism to support the bindingof public keys with the user’s identity.A PKI can provide the entire policy andtechnical framework for the systematicand diligent issuance, management andrevocation of digital certificates, so thatusers who wish to rely on someone’scertificate have a firm basis to checkthat the certificate has not beenmaliciously altered, and to confirm thatit remains active (i.e., has not beenrevoked because of loss or compromiseof the corresponding private key). Thissame infrastructure provides the basisfor interoperability among differentagencies or entities, so that a person’sdigital certificate can be accepted fortransactions by organizations external tothe one that issued it.

(3) By themselves, digitized (notdigital) signatures, PINs, biometricidentifiers, and other shared secrets donot directly bind identity to the contentsof a document as do digital signatureswhich actually use the documentinformation to make the signature. Forshared secrets to bind the user’s identityto the document, they must be used inconjunction with some othermechanism. Biometric identifiers suchas retinal patterns used in conjunctionwith digital signatures can offer fargreater proof of identify than pen andink signatures.

(4) While not as robust as biometricidentifiers and digital signatures, PINshave the decided advantage of provencustomer and citizen acceptance, asevidenced by the universal use of PINsfor automated teller machinetransactions. PINs combined withencrypted Internet sessions, particularlythrough the use of Secure Sockets Layertechnology on the World Wide Web, arevery popular for retail consumertransactions requiring credit card orother personal authenticatinginformation. This may well be suited fora variety of government applications.Also, secure Web browsers areincreasingly being designed toaccommodate digital signatures, makingthis approach a possible interim steptowards implementing the more robustauthentication provided by digitalsignatures.

(5) It is important to remember thattechnical factors are but one aspect to beconsidered when an agency plans to

implement electronic signature-basedapplications. Other important aspectsare considered in the following sections.

Section 8. How should agenciesimplement electronic signatures andelectronic transactions?

After the agency has conducted theassessment and identified anappropriate electronic signaturetechnology alternative that may be usedto secure an automated businessprocess, the agency will proceed toimplement this decision. For anyelectronic transaction, agencies shouldcollect and record adequate informationregarding the content, process, andidentities of the parties involved. Indoing so, agencies should consider thefollowing:

a. Build from a policy framework.GPEA applies to interactions betweenoutside entities and the Federalgovernment, as well as to transactionsand record keeping required by partiesunder Federal programs. Accordingly,agencies should consider whether theirpolicies or programmatic regulationssupport the use and enforceability ofelectronic signature alternatives tohandwritten signatures as well as toelectronic record keeping under Federalprograms. If necessary, agencies shoulddevelop a strategy to make any revisionsneeded to achieve this goal. In addition,by clearly informing the transactionpartners that electronic signatures andrecords will be acceptable and used forenforcement purposes, their legalstanding is enhanced. Several agencieshave already chosen to promulgatepolicies or regulations on this issue,including:

(1) Securities and ExchangeCommission (17 C.F.R. Part 232),electronic regulatory filings;

(2) Environmental Protection Agency(55 FR 31,030 (1990)), policy onelectronic reporting;

(3) Food and Drug Administration (21C.F.R. Part 11), electronic signatures andrecords;

(4) Internal Revenue Service (TreasuryReg. 301.6061–1), signature alternativesfor tax filings;

(5) Federal Acquisition Regulation (48C.F.R. Parts 2 and 4), electroniccontracts;

(6) General Services AcquisitionRegulation (48 C.F.R. Part 552.216–73),electronic orders;

(7) Federal Property ManagementRegulations (41 C.F.R. Part 101–41),electronic bills of lading.

(8) Administrative Committee of theFederal Register (1 C.F.R. Part 18.7),electronic signatures on documentssubmitted for publication in the FederalRegister.

(9) Commodity Futures TradingCommission (17 C.F.R. Part 1.4 and Part1.3(tt)), electronic signatures for filings.

When specifying the requirements forelectronic record keeping by regulatedentities or government business partners(e.g. contractors or grantees),particularly the maintenance ofelectronic forms pertaining toemployees by employers, agenciesshould consult the ‘‘PerformanceGuideline for the Legal Acceptance ofRecords Produced by InformationTechnology Systems,’’ developed by theAssociation for Information and ImageManagement (ANSI/AIIM TR31). Thisset of documents offers suggestions formaximizing the likelihood thatelectronically filed and stored recordswill be accorded full legal recognition.If an agency chooses to use digitalsignature technology, a regulation mightspecify that each individual will beissued a unique digital signaturecertificate to use, agree to keep theprivate key confidential, agree to acceptresponsibility for anything that issubmitted using that key, or acceptother conditions under which theagency will accept electronicsubmissions.

b. Where necessary, use a mutuallyunderstood, signed agreement betweenthe person or entity submitting theelectronically-signed information andthe receiving Federal agency. As amatter of efficiency, arrangements withlarge numbers of customers may be bestaccomplished by setting forth anagency’s terms and conditions in apolicy or regulation. Arrangements withsmaller numbers of customers may lendthemselves to one or more agreements,using a document referred to as a ‘‘termsand conditions’’ agreement. Theseagreements can ensure that allconditions of submission and receipt ofdata electronically are known andunderstood by the submitting parties.This is particularly the case where termsand conditions are not spelled out inagency programmatic regulations.

c. Minimize the likelihood ofrepudiation. Agencies should developwell-documented mechanisms andprocedures to tie transactions to anindividual in a legally binding way. Forexample, the integrity of even the mostsecure digital signature rests on thecontinuing confidentiality of the privatekey, so instituting procedures forensuring the confidentiality of theprivate key would be in an agency’sinterest. Similarly, in the case ofelectronic signatures based on the use ofshared secrets like PINs or passwords,the integrity of the transaction dependson the user not disclosing the sharedsecret, so an agency should have



procedures for encouraging themaintenance of the PIN’s integrity. If adefendant is later charged with a crimebased on an electronically signeddocument, he or she would have everyincentive to show a lack of control over(or loss of) the private key or PIN, or inthe case of a PIN, that the governmentfailed to protect the PIN on its computersystem. Indeed, if that defendant plansto commit fraud, he or she mayintentionally compromise the secrecy ofthe key or PIN, so that the governmentwould later have a more difficult timeuniquely linking him or her to theelectronic transaction. Promulgatingpolicies and procedures that ensure theintegrity of security tools helps countersuch fraudulent attempts.

Thus, transactions which appear to beat high risk for fraud, e.g., one-timehigh-value transactions with personsnot previously known to an agency, mayrequire extra safeguards or may not beappropriate for electronic transactions.One way to mitigate this risk might beto require that private keys be generatedand kept on hardware tokens, makingpossession of the token a criticalrequirement. Another way to guardagainst fraud is to include otheridentifying data in the transaction thatlinks the key or PIN to the individual,preferably something not readilyavailable to others.

It is also important to establish thatthe user of the digital signature or PIN/password is fully aware of obligationshe or she is agreeing to by signing at thetime of signature. This can be ensuredby programming appropriate ceremonialbanners into the software applicationthat alert the individual of the gravity ofthe action she is about to undertake. Thepresence of such banners can later beused to demonstrate to a court that theuser was fully informed of and aware ofwhat he or she was signing.

d. Carefully control access to theelectronic data, after receipt, yet make itavailable in a meaningful and timelyfashion. Security measures should be inplace that ensure that no one is able toalter a transaction, or substitutesomething in its place, once it has beenreceived by the agency unless thealteration is a valid correction containedin an electronically certified re-transmission. This can be achieved witha digital signature because it binds theidentity of the individual making thesignature to the entire document, so anysubsequent change would be detected.Thus, the receiving agency needs to takeprudent steps to control access to theelectronic transaction through suchmethods as limiting access to thecomputer database containing thetransaction, and performing processing

with the data using copies of thetransaction rather than the original. Theinformation may be needed for audits,disputes, or court cases many years afterthe transaction itself took place.Agencies should make plans for storingdata and providing meaningful andtimely access to it for as long as suchaccess will be necessary.

e. Ensure the ‘‘Chain of Custody.’’Electronic audit trails must provide achain of custody for the secureelectronic transaction that identifiessending location, sending entity, dateand time stamp of receipt, and othermeasures used to ensure the integrity ofthe document. These trails must besufficiently complete and reliable tovalidate the integrity of the transactionand to prove, (a) that the connectionbetween the submitter and the receivingagency has not been tampered with, and(b) how the document was controlledupon receipt.

f. Consider providing anacknowledgment of receipt. Theagency’s system for receiving electronictransactions may be required by statuteto have a mechanism for acknowledgingreceipt of transactions received andacknowledging confirmation oftransactions sent, with specificindication of the party with whom theagency is dealing.

g. Obtain legal counsel during thedesign of the system. Collection and useof electronic data may raise legal issues,particularly if it is information thatbears on the legality of the process, mayeventually be needed for proof in court,or involves questions of privacy,confidentiality, or liability.

Section 9. Summary of the Proceduresand Checklist

To summarize the process and restatethe principles that agencies shouldemploy to evaluate authenticationmechanisms (electronic signatures) forelectronic transactions and documents,the following steps apply:

a. Examine the current businessprocess that is being considered forconversion to employ electronicdocuments, forms or transactions,identifying customer needs anddemands as well as the existing risksassociated with fraud, error or misuse.

b. Identify the benefits that mayaccrue from the use of electronictransactions or documents.

c. Consider what risks may arise fromthe use of electronic transactions ordocuments. This evaluation should takeinto account the relationships of theparties, the value of the transactions ordocuments, and the later need for thedocuments.

d. Consult with counsel about anyagency specific legal implications aboutthe use of electronic transactions ordocuments in the particular application.

e. Evaluate how each electronicsignature alternative may minimize riskcompared to the costs incurred inadopting an alternative.

f. Determine whether any electronicsignature alternative, in conjunctionwith appropriate process controls,represents a practicable trade-offbetween benefits on the one hand andcost and risk on the other. If so,determine, to the extent possible at thetime, which signature alternative is thebest one. Document this determinationto allow later reevaluation.

g. Develop plans for retaining anddisposing of information, ensuring thatit can be made continuously available tothose who will need it, for managerialcontrol of sensitive data andaccommodating changes in staffing, andfor ensuring adherence to these plans.

h. Develop management strategies toprovide appropriate security forphysical access to electronic records.

i. Determine if regulations or policiesare adequate to support electronictransactions and record keeping, or if‘‘terms and conditions’’ agreements areneeded for the particular application. Ifnew regulations or policies arenecessary, disseminate them asappropriate.

j. Seek continuing input of technologyexperts for updates on the changingstate of technology and the continuingadvice of legal counsel for updates onthe changing state of the law in theseareas.

k. Integrate these plans into theagency’s strategic IT planning andregular reporting to OMB.

l. Perform periodic review and re-evaluation, as appropriate.

[FR Doc. 00–10801 Filed 5–1–00; 8:45 am]BILLING CODE 3110–01–U

SECURITIES AND EXCHANGECOMMISSION

[Investment Company Act Release No.24404; 812–11734]

Marshall Funds, Inc. et al.; Notice ofApplication

April 25, 2000.AGENCY: Securities and ExchangeCommission (‘‘Commission’’).ACTION: Notice of an application undersection 17(d) of the InvestmentCompany Act of 1940 (the ‘‘Act’’) andrule 17d–1 under the Act to permitcertain joint transactions.
