`(A) The term `covered agency' means an agency listed in section 901(b)(1) or 901(b)(2) of title 31.

`(B) The term `major information technology investment' means an investment within a covered agency information technology investment portfolio that is designated by the covered agency as major, in accordance with capital planning guidance issued by the Director.

`(C) The term `national security system' has the meaning provided in section 3542 of title 44.'; and

`(A) IN GENERAL- The Director shall make available to the public a list of each major information technology investment, without regard to whether the investments are for new information technology acquisitions or for operations and maintenance of existing information technology, including data on cost, schedule, and performance.

`(B) AGENCY INFORMATION-

`(C) INVESTMENT EVALUATION- For each major information technology investment listed under subparagraph (A), the Chief Information Officer of the covered agency, in consultation with other appropriate agency officials, shall categorize the investment according to risk, in accordance with guidance issued by the Director.

`(D) CONTINUOUS IMPROVEMENT- If either the Director or the Chief Information Officer of a covered agency determines that the information made available from the agency's existing data systems and processes as required by subparagraph (B) is not timely and reliable, the Chief Information Officer, in consultation with the Director and the head of the agency, shall establish a program for the improvement of such data systems and processes.

`(E) WAIVER OR LIMITATION AUTHORITY- The applicability of subparagraph (A) may be waived or the extent of the information may be limited by the Director, if the Director determines that such a waiver or limitation is in the national security interests of the United States.

`(F) ADDITIONAL LIMITATION- The requirements of subparagraph (A) shall not apply to national security systems or to telecommunications or information technology that is fully funded by amounts made available--

`(A) the Chief Information Officer of the covered agency and the program manager of the investment within the covered agency, in consultation with the Administrator of the Office of Electronic Government, shall conduct a review of the investment that shall identify--

`(B) the Administrator of the Office of Electronic Government shall communicate the results of the review under subparagraph (A) to--

`(C) in the case of a major information technology investment of the Department of Defense, the assessment required by subparagraph (A) may be accomplished in accordance with section 2445c of title 10, provided that the results of the review are provided to the Administrator of the Office of Electronic Government upon request and to the committees identified in subsection (B); and

`(D) for a covered agency other than the Department of Defense, if on the date that is one year after the date of completion of the review required under subsection (A), the investment is rated as high risk under paragraph (3)(C), the Director shall deny any request for additional development, modernization, or enhancement funding for the investment until the date on which the Chief Information Officer of the covered agency determines that the root causes of the high level of risk of the investment have been addressed, and there is sufficient capability to deliver the remaining planned increments within the planned cost and schedule.