The Federal Information Technology Acquisition Reform Act (FITARA), passed by Congress in December 2014, is a historic law that represents the first major overhaul of Federal information Technology (IT) in almost 20 years. It became law as a part of the National Defense Authorization Act for Fiscal Year 2015 (Title VIII, Subtitle D, H.R. 3979.) and is extended under the 2017 FITARA Enhancement Act.
The goal of FITARA is to promote Federal IT modernization and strengthen the Federal IT workforce. FITARA outlines specific requirements related to:
- Agency Chief Information Officer (CIO) authority enhancements
- Enhanced transparency and improved risk management in IT Investments
- Portfolio review
- Federal Data Center Consolidation Initiative (DCOI)
- Expansion of training and use of IT Cadres
- Maximizing the benefit of the Federal Strategic Sourcing Initiative (FSSI)
- Governmentwide software purchasing program
The Making Electronic Government Accountable By Yielding Tangible Efficiencies Act of 2016 (or the MEGABYTE Act of 2016) is a United States federal law which requires the Director of the Office of Management and Budget (OMB) to issue a directive on the management of software licenses by the US federal government.
The MEGABYTE Act requires CIOs to develop a comprehensive software licensing policy that shall:
- Identify clear roles, responsibilities, and central oversight authority within the agency for managing enterprise software license agreements and commercial software licenses;
- Provide software license management training;
- Establish goals and objectives of the agencys software license management program;
- Inventory 80 percent of software license spending and enterprise licenses;
- Regularly track and maintain licenses; and
- Embrace metrics such as software usage data to make cost-effective decisions.
Each agency CIO must subsequently report after one year and then at five-yearly intervals of the financial savings which have resulted from improved software license management. In accordance with the act requirements, OMB published:
- M-16-12 Category Management Policy 16-1: Improving the Acquisition and Management of Common Information Technology: Software Licensing
- MEGABYTE Act of 2016
- Category Management Policy - Software Licensing
On December 9, 2010, the Office of Management and Budget (OMB) released 25 Point Implementation Plan to Reform Federal Information Technology Management. Point 3 under this plan created the Cloud First Policy, which requires Agencies to use cloud-based solutions whenever a secure, reliable, cost-effective cloud option exists. In follow-up to the 25 Point Plan, on February 8, 2011, OMB released the Federal Cloud Computing Strategy, giving agencies practical guidance on considerations and practical methodologies for moving to the cloud. Finally, on December 8, 2011, OMB released the Security Authorization of Information Systems in Cloud Computing Environments - also known also as the FedRAMP Policy Memo - mandating that for all agency use of cloud services, the agencies use FedRAMP for their risk assessments, security authorizations, and granting of ATOs, and ensure applicable contracts require CSPs to comply with FedRAMP requirements.
The 2018 Federal Cloud Computing Strategy, Cloud Smart, is a long-term, high-level strategy to drive cloud adoption in federal agencies. This is the first cloud policy update in seven years, offering a path forward for agencies to migrate to a safe and secure cloud infrastructure. Cloud Smart encompasses several key components of IT modernization including security, procurement, and workforce. Historically, policies have isolated these areas, creating confusion and a misunderstanding of requirements, mission, and needs. However, they are deeply linked, and require an integrated, interdisciplinary approach, rather than a one-size-fits-all approach to IT modernization. Cloud Smart combines these disciplines together into a cohesive strategy that provides savings, security, and faster delivery of mission-serving solutions.
Agencies will need to share their transformative experiences with their peers, so that Government can leverage collectively-gained knowledge. The ability to evaluate, consume, and share knowledge is the driver of success in private sector IT modernization efforts - the Federal Government's approach should be no different. By investing in these capabilities now, agencies will ensure the best, and smartest, approach to serving missions and being stewards of taxpayer dollars.'
DATA CENTER OPTIMIZATION INITIATIVE (DCOI)
The Data Center Optimization Initiative (DCOI) established in OMB Memorandum M-16-19 super cedes the Federal Data Center Consolidation Initiative (FDCCI) and fulfills the data center requirements of the Federal Information Technology Acquisition Reform Act (FITARA).'
The DCOI requires agencies to:
- Develop and report on their data center strategies;
- Transition to more efficient infrastructure, such as cloud services and inter-agency shared services;
- Leverage technology advancements to optimize infrastructure; and
- Provide quality services for the public good.
- Data Center Optimization Initiative (cio.gov)
- Data Center Optimization Initiative (gsa.gov)
- DCOI - Collaborate
- Cloud Readiness: Preparing Your Agency for Migration, April 2018
- IaaS Considerations for the Data Center Community: DCOI PMO Cloud Series, March 2017
- Key Cost Considerations for Agencies Planning Cloud Migrations, November 2017
The Federal Risk and Authorization Management Program (FedRAMP) is a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. FedRAMP enables Agencies to rapidly adapt from old, insecure legacy IT to mission-enabling, secure, and cost effective cloud-based IT. FedRAMP created and manages a core set of processes to ensure effective, repeatable cloud security for the government. FedRAMP established a mature marketplace to increase utilization and familiarity with cloud services while facilitating collaboration across government through open exchanges of lessons learned, use cases, and tactical solutions.'
- FedRAMP Policy Memo
- Defense Information Systems Agency (DISA) Memorandum of Reciprocity for FedRAMP Authorized Moderate Baseline Cloud Service Offerings (CSO) at Impact Level 2 (2019 08 15)
Executive Order (EO) 13800 tasks the Director of the American Technology Council (ATC) to coordinate a report to the President from the Secretary of the Department of Homeland Security (DHS), the Director of the Office of Management and Budget (OMB), and the Administrator of the General Services Administration (GSA), in consultation with the Secretary of Commerce (Commerce), regarding the modernization of Federal Information Technology (IT). In accordance with EO 13,800, the IT Modernization report was submitted to the President.'
CENTER OF EXCELLENCE (COE)
Accelerate IT modernization to improve the citizen experience, improve outcomes and reduce legacy IT spending across the government. The Centers of Excellence (CoEs) are accelerating the modernization of IT infrastructure across government by leveraging private sector innovation and existing government services, and by centralizing best practices and expertise. Key activities undertaken with USDA, our Lighthouse Agency, include:
- Accelerating cloud adoption
- Consolidating data centers
- Optimizing call centers with the latest technology
- Developing metrics and dashboards to drive process improvement
- Helping to stand up the new customer experience office
CLOUD ADOPTION AND INFRASTRUCTURE CENTER OF EXCELLENCE
Will assist the analysis of current systems and applications to provide recommendations for planning migration to the cloud, including balancing tactical "lift and shift" imperatives with more strategic "fix and shift" possibilities.
UNITED SHARED SERVICES MANAGEMENT (USSM)
Established in October of 2015, the United Shared Services Management (USSM) initiative oversees the shared service ecosystem and provides the strategy and leadership to make mission enabling services better, faster and cheaper. USSM, in coordination with the White House Office of Management and Budget (OMB) and the Shared Solutions Governance Board, works to achieve three strategic goals:'
- Enable the Federal government to make better decisions by making performance and cost data transparent.
- Reduce duplication & cost across government for shared administrative functions.
- Propose and reform policies/guidance to enable the vision for shared services, increase the likelihood of successful migrations, and reduce the barriers to adoption.