Federal Information Technology Acquisition Reform Act (FITARA)

The objective of FITARA policy is to improve the management of IT within an agency.

What is FITARA

The Federal Information Technology Acquisition Reform Act (FITARA) was enacted on December 19, 2014, and outlines specific requirements related to: 1. CIO authority enhancements 2. Enhanced transparency and improved risk management in IT investments 3. Portfolio reviews 4. Expansion of training and use of IT cadres 5. Federal Data Center Consolidation Initiative (FDCCI), more recently known as the Data Center Optimization Initiative (DCOI) 6. Maximizing the benefit of the federal strategic sourcing initiative (SSI) 7. Government-wide software purchasing program The goal of FITARA is to eliminate duplication and waste in information technology acquisition for the federal government. The goals of the legislation – reduction of duplicative systems, examine software licensing options, making the business case for acquisition, and the consolidation of data centers.

The objective of FITARA is to improve the management of IT within an agency and hence, improve the ability for that agency to deliver its mission and conduct its business.

OMB Guidance: FITARA

The Office of Management and Budget (OMB) has drafted guidance to implement FITARA, Management and Oversight of Federal Information Technology M-15-14.
The objectives of the requirements outlined in this memorandum are to: 1. Assist agencies in establishing management practices that align IT resources with agency missions, goals, programmatic priorities, and statutory requirements; 2. Establish government-wide IT management controls that will meet FIT ARA requirements while providing agencies with the flexibility to adapt to agency processes and unique mission requirements; 1 Title VIII, Subtitle D of the National Defense Authorization Act (NOAA) for Fiscal Year 2015, Pub. L. No. 11 3-29 1. Further references in the text that refer to “FIT ARA” refer to these sections. 1 3. Establish a “Common Baseline” for roles, responsibilities, and authorities of the agency CIO and the roles and responsibilities of other applicable Senior Agency Officials2 in managing IT as a strategic resource; 4. Enable the CIO’s role, with respect to the development, integration, delivery, and operations of any type of IT, IT service, or information product to enable integration with the capabilities they support wherever IT may affect functions, missions, or operations; 5. Strengthen the agency CIO ‘s accountability for the agency’s IT cost, schedule, performance, and security; 6. Strengthen the relationship between agency CIOs and bureau CIOs; 7. Establish consistent governmentwide interpretation of FITARA terms and requirements; 8. Assist agencies in establishing an inclusive governance process that will enable effective planning, programming, budgeting, and execution for IT resources; 9. Provide transparency on IT resources across entire agencies and programs; and 10. Provide appropriate visibility and involvement of the agency CIO in the management and oversight of IT resources across the agency to support the successful implementation of cybersecurity policies to prevent interruption or exploitation of program services.

OCIO Guidance: FITARA

OCIO policy has been drafted and is under review. Final policy is expected to be finalized June/July 2017.

TTS Guidance: FITARA

TTS issued policy effective February 28, 2017, implementing the policy and process for GSA Chief Information Officer FITARA review, TTS Policy and Process for GSA Chief Information Officer FITARA Review:

*TO: Vladlen Zvenyach, Acting Assistant Commissioner, 18F Alla Seiffert, Acting Assistant Commissioner, Office of Acquisitions Nathan Olson, Acting Assistant Commissioner, Presidential Innovation Fellows Sarah Crane, Acting Assistant Commissioner, Office of Products and Platforms Crystal Philcox, Assistant Commissioner, Operations

FROM: Rob Cook, Commissioner, Technology Transformation Service (TTS)

CC: David Shive, GSA Chief Information Officer Navin Vembar, GSA Chief Technology Officer

DATE: February 28, 2017

RE: TTS Policy and Process for GSA Chief Information Officer FITARA Review

1.0 Purpose To establish a clear internal TTS policy and process to obtain required GSA Chief Information Officer (CIO) FITARA review of TTS contracts and agreements. Additionally, this policy fulfills the GSA Inspector General’s recommendation that TTS ensure compliance with the Federal Information Technology Reform Act (FITARA) and the terms of the June 2, 2015, Memorandum of Agreement that requires CIO review and approval of all contracts or other agreements entered into by 18F to acquire information technology (IT) or IT services. This policy applies to all internal TTS contracts or agreements, as well as external TTS contracts or agreements that leverage GSA IT’s platforms, security or infrastructure.

2.0 Policy and Process a. Internal contracts or agreements. TTS will submit for review to the GSA IT Chief of Staff and to the GSA TTS Liaison (currently the GSA Chief Technology Officer) all contracts or agreements entered into by TTS to acquire IT or IT services for internal purposes. The GSA IT Chief of Staff and GSA TTS Liaison will review the contract or agreement. Upon resolution, TTS will route the document for review and approval by the GSA CIO. By way of example, this includes all contracts or agreements where TTS is providing IT products or services to TTS or another part of GSA.

b. External contracts or agreements. When TTS is providing IT products or services to another agency, TTS will submit for review to the GSA IT Chief of Staff and to the GSA TTS Liaison (currently the GSA Chief Technology Officer) all contracts or agreements entered into by TTS to acquire IT or IT services if GSA owns the Authority to Operate (ATO) or a GSA-owned platform /infrastructure is being used. The GSA IT Chief of Staff and GSA TTS Liaison will review the contract or agreement, and provide comments to TTS on whether the proposed solution fits within the GSA IT standards and security model. Upon resolution, TTS will route the document for review and approval by the GSA CIO.

If the external contract or agreement does not involve a GSA-owned platform and/or GSA does not own the ATO, no approval from GSA IT is required.

3.0 Applicability This policy applies to all TTS Offices unless otherwise amended or revoked.*


Still have questions?

Ask in Slack: #infrastructure