Exhibit 300 FY2009
PART I: SUMMARY INFORMATION AND JUSTIFICATION
In
Part I, complete Sections A, B, C, and D for all capital assets (IT and
non-IT). Complete Sections E and F for IT capital assets.
Section
A: Overview (All Capital Assets)
The
following series of questions are to be completed for all investments.
I.
A. 1. Date of Submission:
2007-09-10
I.
A. 2. Agency:
018
I.
A. 3. Bureau:
24
I.
A. 4. Name of this Capital Asset:
(short
text - 250 characters)
Combined
Office Automation (EDUCATE) : Education Department Utility for
Communications, Applications and Technical Environment (EDUCATE) formerly
known as EDNet. NOTE: PROCUREMENT SENSITIVE Until Released. FOR INTERNAL
USE ONLY Until Released.
I.
A. 5. Unique Project (Investment) Identifier:
For
IT investment only, see section 53. For all other, use agency ID system.
018-24-02-00-01-1020-00
I.
A. 6. What kind of investment will this be in FY2009?
Please
NOTE: Investments moving to O&M in FY2009, with Planning/Acquisition
activities prior to FY2009 should not select O&M. These investments
should indicate their current status.
Operations
and Maintenance
I.
A. 7. What was the first budget year this investment was submitted to OMB?
FY2001
or earlier
I.
A. 8. Provide a brief summary and justification for this investment,
including a brief description of how this, closes in part or in whole, an
identified agency performance gap:
(long
text - 2500 characters)
Currently,
IT infrastructure services at the Department of Education are supported
through a multi-faceted contract (EDNet) that consists of a fixed price
portion and specific vehicles involving both fixed priced projects and time
and material activities. The Department will transition to a Contractor
Owned-Contractor Operated (COCO) Managed IT infrastructure service model
model to: 1) Source a contractor owned and contractor operated Managed
Services IT Infrastructure that is Performance Based, and Firm Fixed
Priced; 2) Improve ED's services to students and customers; 3) Enable ED to
become a more effective business partner; 4) Reduce operational risk of
ED's operations; 5) Improve the performance of ED's operations and the
ability to measure that performance and establish accountability; 6)
Resolve audit findings. The COCO Managed IT Infrastructure service model
will provide the following Operational Services: 1. Security & Privacy Operations
(SP); 2. Desktop Services (DS); 3. Helpdesk Support (HS); 4. Systems/Data
Center Operations (SD); 5. E-Mail (EM); 6. Network Services /
Telecommunications / Multimedia Services (NS) ; 7. Disaster Recovery (DR);
8. Special Services (SS); 9. Printer Services (PS) The EDUCATE scope
encompasses the IT infrastructure optimization initiatives as defined by
OMB's E-Gov Infrastructure Optimization Line of Business and fully supports
the goals established by the President's Management Agenda (PMA) and the
Federal Enterprise Architecture. Furthermore, funding for EDUCATE is also
important because it provides a common technology platform for business
applications (such as HSPD-12, IPv6 and others). The 21 investments in COA:
1)ccmMercury IT Equipment & Software; 2)Communications - Cell
Phones/Blackberries; 3)Group Systems Hardware/Software Upgrades; 4)HQ IT
Equipment Upgrades; 5)IT Services; 6)Labor for Installs, Moves, Additions,
and Changes (IMAC); 7)NAGB IT Refresh; 8)OCO/OPA Webcasting; 9)ODS IT
Equipment and Software; 10)Office Automation Acquisition; 11)OPEPD/BS IT
Equipment and Software; 12)OPEPD/PPSS IT Equipment and Software; 13)OS Cell
Phones and BlackBerrys; 14)OS IT Equipment and Software; 15)OS/WHITCU IT
Equipment and Software; 16)OUS/IT Equipment and Software; 17)Regional IT
Equipment Upgrades; 18) Telecommunications; 19)OSERS-Office Automation
Acquisition; 20)OPEPD-OPEPD-PIMS IT Equipment and Software (S&E Funded)
21)OS- Secretary's Conf Room Upgrades (SBC)
I.
A. 9. Did the Agency's Executive/Investment Committee approve this request?
yes
I.
A. 9. a. If "yes," what was the date of this approval?
2007-06-14
I.
A. 10. Did the Project Manager review this Exhibit?
yes
I.
A. 11. Contact information of Project Manager
Name
(short
text - 250 characters)
Phone
Number
(short
text - 250 characters)
E-mail
(short
text - 250 characters)
I.
A. 11. a. What is the current FAC-P/PM certification level of the project/program
manager?
I.
A. 12. Has the agency developed and/or promoted cost effective,
energy-efficient and environmentally sustainable techniques or practices
for this project?
I.
A. 12. a. Will this investment include electronic assets (including
computers)?
I.
A. 12. b. Is this investment for new construction or major retrofit of a
Federal building or facility? (answer applicable to non-IT assets only)
no
I.
A. 12. b. 1. If "yes," is an ESPC or UESC being used to help fund
this investment?
I.
A. 12. b. 2. If "yes," will this investment meet sustainable
design principles?
I.
A. 12. b. 3. If "yes," is it designed to be 30% more energy
efficient than relevant code?
I.
A. 13. Does this investment directly support one of the PMA initiatives?
yes
I.
A. 13. a. If "yes," check all that apply:
Human Capital
Financial Performance
Expanded E-Government
Competitive Sourcing
Eliminating Improper Payments
I.
A. 13. b. Briefly and specifically describe for each selected how this
asset directly supports the identified initiative(s)? (e.g. If E-Gov is
selected, is it an approved shared service provider or the managing
partner?)
(medium
text - 500 characters)
EDUCATE
formerly known as EDNet is an eGov service that is an enterprise-wide IT
platform by which ED offers services at lower cost to meet high public
demand. This technical infrastructure delivers core services to internal
& external customers employing economies of scale while providing
common enabling services for decision-making, financial benefits, customer
service, fulfilling external requests, improved timeliness with reduced
cycle time while reducing cost to the department.
I.
A. 14. Does this investment support a program assessed using the Program
Assessment Rating Tool (PART)? (For more information about the PART, visit
www.whitehouse.gov/omb/part.)
no
I.
A. 14. a. If "yes," does this investment address a weakness found
during the PART review?
I.
A. 14. b. If "yes," what is the name of the PARTed Program?
(short
text - 250 characters)
I.
A. 14. c. If "yes," what PART rating did it receive?
I.
A. 15. Is this investment for information technology?
yes
I.
A. 16. What is the level of the IT Project? (per CIO Council PM Guidance)
Level
1 - Projects with low-to-moderate complexity and risk. Example:
Bureau-level project such as a stand-alone information system that has low-
to-moderate complexity and risk.
Level 2 - Projects with high complexity and/or risk which are critical to
the mission of the organization. Examples: Projects that are part of a
portfolio of projects/systems that impact each other and/or impact mission
activities. Department-wide projects that impact cross-organizational
missions, such as an agency-wide system integration that includes large
scale Enterprise Resource Planning (e.g., the DoD Business Mgmt
Modernization Program).
Level 3 - Projects that have high complexity, and/or risk, and have
government-wide impact. Examples: Government-wide initiative (E-GOV,
President's Management Agenda). High interest projects with Congress, GAO,
OMB, or the general public. Cross-cutting initiative (Homeland Security).
Level
3
I.
A. 17. What project management qualifications does the Project Manager
have? (per CIO Council's PM Guidance):
(1)
Project manager has been validated as qualified for this investment;(2)
Project manager qualification is under review for this investment;(3)
Project manager assigned to investment, but does not meet requirements;(4)
Project manager assigned but qualification status review has not yet
started;(5) No Project manager has yet been assigned to this investment
(1)
Project manager has been validated as qualified for this investment
I.
A. 18. Is this investment identified as "high risk" on the Q4-FY
2007 agency high risk report (per OMB Memorandum M-05-23)?
yes
I.
A. 19. Is this a financial management system?
no
I.
A. 19. a. If "yes," does this investment address a FFMIA
compliance area?
no
I.
A. 19. a. 1. If "yes," which compliance area
(short
text - 250 characters)
I.
A. 19. a. 2. If "no," what does it address?
(medium
text - 500 characters)
I.
A. 19. b. If "yes," please identify the system name(s) and system
acronym(s) as reported in the most recent financial systems inventory
update required by Circular A-11 section 52
(long
text - 2500 characters)
I.
A. 20. What is the percentage breakout for the total FY2009 funding request
for the following? (This should total 100%)
I.
A. 20. c. Services
100
I.
A. 21. If this project produces information dissemination products for the
public, are these products published to the Internet in conformance with
OMB Memorandum 05-04 and included in your agency inventory, schedules and
priorities?
n/a
I.
A. 22. Contact information of individual responsible for privacy related
questions:
I.
A. 22. a. Name
(short
text - 250 characters)
I.
A. 22. b. Phone Number
(short
text - 250 characters)
I.
A. 22. c. Title
(short
text - 250 characters)
I.
A. 22. d. E-mail
(short
text - 250 characters)
I.
A. 23. Are the records produced by this investment appropriately scheduled
with the National Archives and Records Administration's approval?
no
I.
A. 24. Does this investment directly support one of the GAO High Risk
Areas?
Question
24 must be answered by all Investments:
no
Section B: Summary of Spending (All Capital Assets)
I.
B. 1. Provide the total estimated life-cycle cost for this investment by
completing the following table. All amounts represent budget authority in
millions, and are rounded to three decimal places. Federal personnel costs
should be included only in the row designated "Government FTE
Cost," and should be excluded from the amounts shown for
"Planning," "Full Acquisition," and
"Operation/Maintenance." The "TOTAL" estimated annual
cost of the investment is the sum of costs for "Planning,"
"Full Acquisition," and "Operation/Maintenance." For
Federal buildings and facilities, life-cycle costs should include long term
energy, environmental, decommissioning, and/or restoration costs. The costs
associated with the entire life-cycle of the investment should be included
in this report.
Note:
For the cross-agency investments, this table should include all funding
(both managing and partner agencies).
Government FTE Costs should not be included as part of the TOTAL
represented.
| |
PY-1
and Spending Prior to 2007 |
PY
2007 |
CY
2008 |
BY
2009 |
BY+1
2010 |
BY+2
2011 |
BY+3
2012 |
BY+4
2013 and Beyond |
|
Planning |
0.000 |
0.200 |
0.000 |
0.000 |
|
|
|
|
| Acquisition |
0.000 |
0.000 |
0.000 |
0.000 |
|
|
|
|
| Subtotal
Planning & Acquisition |
|
|
|
|
|
|
|
|
| Operations
& Maintenance |
38.356 |
36.495 |
52.154 |
52.154 |
|
|
|
|
| Total |
|
|
|
|
|
|
|
|
| Government
FTE Costs |
1.116 |
1.147 |
1.202 |
1.259 |
|
|
|
|
| Number
of FTE represented by cost |
10 |
10 |
14 |
14 |
|
|
|
|
|
I.
B. 2. Will this project require the agency to hire additional FTE's?
no
I.
B. 2. a. If "yes," How many and in what year?
(medium
text - 500 characters)
I.
B. 3. If the summary of spending has changed from the FY2008 President's
budget request, briefly explain those changes.
(long
text - 2500 characters)
Section C: Acquisition/Contract Strategy (All Capital Assets)
I.
C. 1. Complete the table for all (including all non-Federal) contracts
and/or task orders currently in place or planned for this investment. Total
Value should include all option years for each contract. Contracts and/or
task orders completed do not need to be included.
SIS
- Share in Services contract; ESPC - Energy savings performance contract ;
UESC - Utility energy efficiency service contract; EUL - Enhanced use lease
contract; N/A - no alternative financing used.
(Character Limitations: Contract or Task Order Number - 250 Characters;
Type of Contract/Task Order - 250 Characters; Name of CO - 250 Characters;
CO Contact Information - 250 Characters)
| |
Type
of Contract/Task Order |
Has
the contract been awarded? |
If
so what is the date of the award? If not, what is the planned award date? |
Start
date of Contract/Task Order |
End
date of Contract/Task Order |
Total
Value of Contract/Task Order ($M) |
Is
this an Interagency Acquisition? |
Is
it performance based? |
Competitively
awarded? |
What,
if any, alternative financing option is being used? |
Is
EVM in the contract? |
Does
the contract include the required security & privacy clauses? |
Name
of CO |
CO
Contact Information (phone/email) |
Contracting
officer certification level |
If
N/A, has the agency determined the CO assigned has the competencies and
skills necessary to support this aquistion? |
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
I.
C. 2. If earned value is not required or will not be a contract requirement
for any of the contracts or task orders above, explain why:
(long
text - 2500 characters)
I.
C. 3. Do the contracts ensure Section 508 compliance?
I.
C. 3. a. Explain Why:
(medium
text - 500 characters)
I.
C. 4. Is there an acquisition plan which has been approved in accordance
with agency requirements?
I.
C. 4. a. If "yes," what is the date?
I.
C. 4. b. If "no," will an acquisition plan be developed?
I.
C. 4. b. 1. If "no," briefly explain why:
(medium
text - 500 characters)
Section
D: Performance Information (All Capital Assets)
In
order to successfully address this area of the exhibit 300, performance
goals must be provided for the agency and be linked to the annual
performance plan. The investment must discuss the agency's mission and
strategic goals, and performance measures (indicators) must be provided.
These goals need to map to the gap in the agency's strategic goals and
objectives this investment is designed to fill. They are the internal and
external performance benefits this investment is expected to deliver to the
agency (e.g., improve efficiency by 60 percent, increase citizen
participation by 300 percent a year to achieve an overall citizen
participation rate of 75 percent by FY 2xxx, etc.). The goals must be
clearly measurable investment outcomes, and if applicable, investment
outputs. They do not include the completion date of the module, milestones,
or investment, or general goals, such as, significant, better, improved
that do not have a quantitative measure.
I.
D. 1. Table 1. Performance Information Table
In
order to successfully address this area of the exhibit 300, performance
goals must be provided for the agency and be linked to the annual
performance plan. The investment must discuss the agency's mission and
strategic goals, and performance measures (indicators) must be provided.
These goals need to map to the gap in the agency's strategic goals and
objectives this investment is designed to fill. They are the internal and
external performance benefits this investment is expected to deliver to the
agency (e.g., improve efficiency by 60 percent, increase citizen participation
by 300 percent a year to achieve an overall citizen participation rate of
75 percent by FY 2xxx, etc.). The goals must be clearly measurable
investment outcomes, and if applicable, investment outputs. They do not
include the completion date of the module, milestones, or investment, or
general goals, such as, significant, better, improved that do not have a
quantitative measure.
Agencies must use the following table to report performance goals and
measures for the major investment and use the Federal Enterprise
Architecture (FEA) Performance Reference Model (PRM). Map all Measurement
Indicators to the corresponding "Measurement Area" and
"Measurement Grouping" identified in the PRM. There should be at
least one Measurement Indicator for each of the four different Measurement
Areas (for each fiscal year). The PRM is available at www.egov.gov. The
table can be extended to include performance measures for years beyond FY
2009.
| |
Strategic
Goal(s) Supported |
Measurement
Area |
Measurement
Grouping |
Measurement
Indicator |
Baseline |
Target |
Actual
Results |
|
2008 |
Cross-goal
Strategy on Management: Obejctive 1: Maintain and strengthen financial
integrity and management and internal controls. |
Mission
and Business Results |
Disaster
Preparedness and Planning |
Managed
DR Services (Hot Services) |
100%
& immediate |
Maintain
100%" |
TBD |
| 2008 |
Cross-goal
Strategy on Management: Objective 1: Maintain and strengthen financial
integrity and management and internal controls. |
Mission
and Business Results |
Disaster
Preparedness and Planning |
Managed
DR Services (Disaster & Recovery Testing) |
100% |
Maintain
100%" |
TBD |
| 2008 |
Cross-goal
Strategy on Management: Objective 1: Maintain and strengthen financial
integrity and management and internal controls. |
Technology |
Availability |
Electronic
Messaging Services Availability |
99.60%
|
Maintain
99.60% |
TBD |
| 2008 |
Cross-goal
Strategy on Management: Objective 1: Maintain and strengthen financial
integrity and management and internal controls. |
Technology |
Availability |
General
Availability |
99.60%
|
Maintain
99.60% |
TBD |
| 2008 |
Cross-goal
Strategy on Management: Objective 1: Maintain and strengthen financial
integrity and management and internal controls. |
Processes
and Activities |
Service
Efficiency |
RCA
Delivery |
99.90%
delivered within the specified time |
Maintain
99.90% |
TBD |
| 2008 |
Cross-goal
Strategy on Management: Objective 1: Maintain and strengthen financial
integrity and management and internal controls. |
Technology |
Availability |
Managed
Network Services Availability |
Latency
120 ms |
Maintain
Latency 120 ms |
TBD |
| 2008 |
Cross-goal
Strategy on Management: Objective 1: Maintain and strengthen financial
integrity and management and internal controls. |
Technology |
Availability |
Network
Services Availability |
99.60% |
Maintain
99.60% |
TBD |
| 2008 |
Cross-goal
Strategy on Management: Objective 1: Maintain and strengthen financial
integrity and management and internal controls. |
Processes
and Activities |
Reliability |
Deployment
of Server Updates |
100
% |
Maintain
100 % |
TBD |
| 2008 |
Cross-goal
Strategy on Management: Objective 1: Maintain and strengthen financial
integrity and management and internal controls. |
Technology |
Availability |
ISP
Hosting Services Availability |
99.6%
availability |
Maintain
99.6% availability |
TBD |
| 2008 |
Cross-goal
Strategy on Management: Objective 1: Maintain and strengthen financial
integrity and management and internal controls. |
Technology |
Availability |
ED.gov
Services Availability |
99.9%
availability |
Maintain
99.9% availability |
TBD |
| 2008 |
Cross-goal
Strategy on Management: Objective 1: Maintain and strengthen financial
integrity and management and internal controls. |
Technology |
Availability |
connectED
Services Availability |
99.6%
availability |
Maintain
99.6% availability |
TBD |
| 2008 |
Cross-goal
Strategy on Management: Objective 1: Maintain and strengthen financial
integrity and management and internal controls. |
Mission
and Business Results |
Disaster
Monitoring and Prediction |
Intrusion
Detection/Protection Monitoring/Log Analysis |
99.9%
detection & prevention |
Maintain
99.9% detection & prevention |
TBD |
| 2008 |
Cross-goal
Strategy on Management: Objective 1: Maintain and strengthen financial
integrity and management and internal controls. |
Processes
and Activities |
Disaster
Preparedness and Planning |
Enterprise
Vulnerability Management Service/Analysis/Remediation Recommendations |
99.9%
Successful Remediation |
Maintain
99.9% Successful Remediation |
TBD |
| 2009 |
Cross-goal
Strategy on Management: Objective 1: Maintain and strengthen financial
integrity and management and internal controls. |
Mission
and Business Results |
Disaster
Preparedness and Planning |
Managed
DR Services (Hot Services) |
100%
& immediate |
Maintain
100% & immediate |
TBD |
| 2009 |
Cross-goal
Strategy on Management: Objective 1: Maintain and strengthen financial
integrity and management and internal controls. |
Mission
and Business Results |
Disaster
Preparedness and Planning |
Managed
DR Services (Disaster & Recovery Testing) |
100% |
Maintain
100% |
TBD |
| 2009 |
Cross-goal
Strategy on Management: Objective 1: Maintain and strengthen financial
integrity and management and internal controls. |
Technology |
Availability |
Electronic
Messaging Services Availability |
99.60% |
Maintain
99.60% |
TBD |
| 2009 |
Cross-goal
Strategy on Management: Objective 1: Maintain and strengthen financial
integrity and management and internal controls. |
Technology |
Availability |
General
Availability |
99.60% |
Maintain
99.60% |
TBD |
| 2009 |
Cross-goal
Strategy on Management: Objective 1: Maintain and strengthen financial
integrity and management and internal controls. |
Processes
and Activities |
Service
Efficiency |
RCA
Delivery |
99.90%
delivered within the agreed upon time |
Maintain
99.90 |
TBD |
| 2009 |
Cross-goal
Strategy on Management: Objective 1: Maintain and strengthen financial
integrity and management and internal controls. |
Technology |
Availability |
Managed
Network Services Availability |
Latency
120 ms |
Maintain
Latency 120 ms |
TBD |
| 2009 |
Cross-goal
Strategy on Management: Objective 1: Maintain and strengthen financial
integrity and management and internal controls. |
Technology |
Availability |
Network
Services Availability |
99.60% |
Maintain
99.60% |
TBD |
| 2009 |
Cross-goal
Strategy on Management: Objective 1: Maintain and strengthen financial
integrity and management and internal controls. |
Processes
and Activities |
Reliability |
Deployment
of Server Updates |
100% |
Maintain
100% |
TBD |
| 2009 |
Cross-goal
Strategy on Management: Objective 1: Maintain and strengthen financial
integrity and management and internal controls. |
Technology |
Availability |
ISP
Hosting Services Availability |
99.6%
Availability |
Maintain
99.6% Availability |
TBD |
| 2009 |
Cross-goal
Strategy on Management: Objective 1: Maintain and strengthen financial
integrity and management and internal controls. |
Technology |
Availability |
ED.gov
Services Availability100 % currency maintained on all items listed in the
ED Services Catalog. |
99.9%
Availability |
Maintain
99.9% Availability |
TBD |
| 2009 |
Cross-goal
Strategy on Management: Objective 1: Maintain and strengthen financial
integrity and management and internal controls. |
Technology |
Availability |
connectED
Services Availability |
99.6%
availability |
Maintain
99.6% availability |
TBD |
| 2009 |
Cross-goal
Strategy on Management: Objective 1: Maintain and strengthen financial
integrity and management and internal controls. |
Mission
and Business Results |
Disaster
Repair and Restore |
Incident
Response and Problem Management |
100%
Response within the rquirement |
Maintain
100% |
TBD |
| 2009 |
Cross-goal
Strategy on Management: Objective 1: Maintain and strengthen financial
integrity and management and internal controls. |
Mission
and Business Results |
Disaster
Monitoring and Prediction |
Intrusion
Detection/Protection Monitoring/Log Analysis |
99.9%
detection & prevention |
Maintain
99.9% detection & prevention |
TBD |
| 2009 |
Cross-goal
Strategy on Management: Objective 1: Maintain and strengthen financial
integrity and management and internal controls. |
Processes
and Activities |
Disaster
Preparedness and Planning |
Enterprise
Vulnerability Management Service/Analysis/Remediation Recommendations |
99.9%
successful remediation |
Maintain
99.9% successful remediation |
TBD |
| 2010 |
Cross-goal
Strategy on Management: Objective 1: Maintain and strengthen financial
integrity and management and internal controls. |
Mission
and Business Results |
Disaster
Preparedness and Planning |
Managed
DR Services (Hot Services) |
100%
& immediate |
Maintain
100% and immediate |
TBD |
| 2010 |
Cross-goal
Strategy on Management: Objective 1: Maintain and strengthen financial
integrity and management and internal controls. |
Mission
and Business Results |
Disaster
Preparedness and Planning |
Managed
DR Services (Disaster & Recovery Testing) |
100% |
Maintain
100% |
TBD |
| 2010 |
Cross-goal
Strategy on Management: Objective 1: Maintain and strengthen financial
integrity and management and internal controls. |
Technology |
Availability |
Electronic
Messaging Services Availability |
99.60% |
Maintain
99.60% |
TBD |
| 2010 |
Cross-goal
Strategy on Management: Objective 1: Maintain and strengthen financial
integrity and management and internal controls. |
Technology |
Availability |
General
Availability |
99.60% |
Maintain
99.60% |
TBD |
| 2010 |
Cross-goal
Strategy on Management: Objective 1: Maintain and strengthen financial
integrity and management and internal controls. |
Processes
and Activities |
Service
Efficiency |
RCA
Delivery |
99.90%
delivered within the specified time |
Maintain
99.90% |
TBD |
| 2010 |
Cross-goal
Strategy on Management: Objective 1: Maintain and strengthen financial
integrity and management and internal controls. |
Technology |
Availability |
ISP
Hosting Services Availability |
99.6%
availability |
Maintain
99.6% availability |
TBD |
| 2010 |
Cross-goal
Strategy on Management: Objective 1: Maintain and strengthen financial
integrity and management and internal controls. |
Technology |
Availability |
ED.gov
Services Availability |
99.9%
availability |
Maintain
99.9% availability |
TBD |
| 2010 |
Cross-goal
Strategy on Management: Objective 1: Maintain and strengthen financial
integrity and management and internal controls. |
Technology |
Availability |
connectED
Services Availability |
99.6%
availability |
Maintain
99.6% availability |
TBD |
| 2010 |
Cross-goal
Strategy on Management: Objective 1: Maintain and strengthen financial
integrity and management and internal controls. |
Mission
and Business Results |
Disaster
Repair and Restore |
Incident
Response and Problem Management |
100%
Response within the required time |
Maintain
100% |
TBD |
| 2010 |
Cross-goal
Strategy on Management: Objective 1: Maintain and strengthen financial
integrity and management and internal controls. |
Mission
and Business Results |
Disaster
Monitoring and Prediction |
Intrusion
Detection/Protection Monitoring/Log Analysis |
99.9%
detection & prevention |
Maintain
99.9% |
TBD |
| 2010 |
Cross-goal
Strategy on Management: Objective 1: Maintain and strengthen financial
integrity and management and internal controls. |
Processes
and Activities |
Disaster
Preparedness and Planning |
Enterprise
Vulnerability Management Service/Analysis/Remediation Recommendations |
99.9%
successful remediation |
Maintain
99.9% |
TBD |
| 2007 |
Cross-goal
Strategy on Management: Objective 1: Maintain and strengthen financial
integrity and management and internal controls. |
Customer
Results |
Delivery
Time |
Priority
1 Customer Support |
95% |
99% |
98.23% |
| 2007 |
Cross-goal
Strategy on Management: Objective 1: Maintain and strengthen financial
integrity and management and internal controls. |
Customer
Results |
Delivery
Time |
Priority
2 Customer Support |
98.88% |
95% |
98.33% |
| 2007 |
Cross-goal
Strategy on Management: Objective 1: Maintain and strengthen financial
integrity and management and internal controls. |
Customer
Results |
Delivery
Time |
Priority
3 Customer Support |
98.32% |
90% |
99.80% |
| 2007 |
Cross-goal
Strategy on Management: Objective 1: Maintain and strengthen financial
integrity and management and internal controls. |
Mission
and Business Results |
Corrective
Action |
Network
Availability during core hours |
99.00% |
99.60% |
100% |
| 2007 |
Cross-goal
Strategy on Management: Objective 1: Maintain and strengthen financial
integrity and management and internal controls. |
Mission
and Business Results |
Information
Management |
Messaging
Availability (Outlook) |
99.00% |
99.00% |
99.98% |
| 2007 |
Cross-goal
Strategy on Management: Objective 1: Maintain and strengthen financial
integrity and management and internal controls. |
Processes
and Activities |
Efficiency |
Timeliness
of Backups Performed |
97.40% |
96% |
99.87% |
| 2007 |
Cross-goal
Strategy on Management: Objective 1: Maintain and strengthen financial
integrity and management and internal controls. |
Processes
and Activities |
Efficiency |
Notification
of Issues & Security Notification |
98.8 |
100% |
100% |
| 2007 |
Cross-goal
Strategy on Management: Objective 1: Maintain and strengthen financial
integrity and management and internal controls. |
Technology |
Availability |
Server
Availability During Core Hours |
99.00% |
99.60% |
100% |
| 2007 |
Cross-goal
Strategy on Management: Objective 1: Maintain and strengthen financial
integrity and management and internal controls. |
Technology |
Availability |
Virus
Penetrations of Network |
100% |
100% |
100% |
| 2008 |
Cross-goal
Strategy on Management: Objective 1: Maintain and strengthen financial
integrity and management and internal controls. |
Mission
and Business Results |
Disaster
Repair and Restore |
Incident
Response and Problem Management |
100%
within the specified timeframe |
100% |
TBD |
| 2010 |
Cross-goal
Strategy on Management: Objective 1: Maintain and strengthen financial
integrity and management and internal controls. |
Technology |
Availability |
Managed
Network Services |
Latency
120 ms |
Maintain
Latency 120 ms |
TBD |
| 2010 |
Cross-goal
Strategy on Management: Objective 1: Maintain and strengthen financial
integrity and management and internal controls. |
Technology |
Availability |
Network
Services Availability |
99.60% |
Maintain
99.60% |
TBD |
| 2010 |
Cross-goal
Strategy on Management: Objective 1: Maintain and strengthen financial
integrity and management and internal controls. |
Processes
and Activities |
Reliability |
Deployment
of Server Updates |
100% |
Maintain
100% |
TBD |
| 2006 |
Cross-goal
Strategy on Management: Objective 1: Maintain and strengthen financial integrity
and management and internal controls. |
Customer
Results |
Delivery
Time |
Priority
1 Customer Support |
95% |
99% |
80.33% |
| 2006 |
Cross-goal
Strategy on Management: Objective 1: Maintain and strengthen financial
integrity and management and internal controls. |
Customer
Results |
Delivery
Time |
Priority
2 Customer Support |
88.88% |
95% |
34.67% |
| 2006 |
Cross-goal
Strategy on Management: Objective 1: Maintain and strengthen financial
integrity and management and internal controls. |
Customer
Results |
Delivery
Time |
Priority
3 Customer Support |
98.32% |
90% |
92.67% |
| 2006 |
Cross-goal
Strategy on Management: Objective 1: Maintain and strengthen financial
integrity and management and internal controls. |
Mission
and Business Results |
Corrective
Action |
Network
Availability during core hours |
99.00%
|
99.6%
|
100.00% |
| 2006 |
Cross-goal
Strategy on Management: Objective 1: Maintain and strengthen financial
integrity and management and internal controls. |
Mission
and Business Results |
Information
Management |
Messaging
Availability (Outlook) |
99.00% |
99.00% |
99.99% |
| 2006 |
Cross-goal
Strategy on Management: Objective 1: Maintain and strengthen financial
integrity and management and internal controls. |
Processes
and Activities |
Efficiency |
Timeliness
of Backups Performed |
97.4
% |
96% |
99.87% |
| 2006 |
Cross-goal
Strategy on Management: Objective 1: Maintain and strengthen financial
integrity and management and internal controls. |
Processes
and Activities |
Efficiency |
Notification
of Issues & Security Notification |
98.8% |
100% |
100% |
| 2006 |
Cross-goal
Strategy on Management: Objective 1: Maintain and strengthen financial
integrity and management and internal controls. |
Technology |
Availability |
Server
Availability During Core Hours |
99.00% |
99.6% |
100% |
| 2006 |
Cross-goal
Strategy on Management: Objective 1: Maintain and strengthen financial integrity
and management and internal controls. |
Technology |
Availability |
Virus
Penetrations of Network |
100% |
100% |
100% |
|
Section
E: Security and Privacy (IT Capital Assets only)
In
order to successfully address this area of the business case, each question
below must be answered at the system/application level, not at a program or
agency level. Systems supporting this investment on the planning and
operational systems security tables should match the systems on the privacy
table below. Systems on the Operational Security Table must be included on
your agency FISMA system inventory and should be easily referenced in the
inventory (i.e., should use the same name or identifier).
For existing Mixed-Life Cycle investments where enhancement, development,
and/or modernization is planned, include the investment in both the
"Systems in Planning" table (Table 3) and the "Operational Systems" table
(Table 4). Systems which are already operational, but have enhancement,
development, and/or modernization activity, should be included in both
Table 3 and Table 4. Table 3 should reflect the planned date for the system
changes to be complete and operational, and the planned date for the
associated C&A update. Table 4 should reflect the current status of the
requirements listed. In this context, information contained within Table 3
should characterize what updates to testing and documentation will occur
before implementing the enhancements; and Table 4 should characterize the
current state of the materials associated with the existing system.
All systems listed in the two security tables should be identified in the
privacy table. The list of systems in the "Name of System" column of the
privacy table (Table 8) should match the systems listed in columns titled
"Name of System" in the security tables (Tables 3 and 4). For the Privacy
table, it is possible that there may not be a one-to-one ratio between the
list of systems and the related privacy documents. For example, one PIA
could cover multiple systems. If this is the case, a working link to the
PIA may be listed in column (d) of the privacy table more than once (for
each system covered by the PIA).
I.
E. 1. Have the IT security costs for the system(s) been identified and
integrated into the overall costs of the investment?
I.
E. 1. a. If "yes," provide the "Percentage IT Security"
for the budget year:
I.
E. 2. Is identifying and assessing security and privacy risks a part of the
overall risk management effort for each system supporting or part of this
investment?
I.
E. 3. Systems in Planning and Undergoing Enhancement(s) – Security Table:
The
questions asking whether there is a PIA which covers the system and whether
a SORN is required for the system are discrete from the narrative fields.
The narrative column provides an opportunity for free text explanation why
a working link is not provided. For example, a SORN may be required for the
system, but the system is not yet operational. In this circumstance, answer
"yes" for column (e) and in the narrative in column (f), explain that
because the system is not operational the SORN is not yet required to be
published.
| |
Agency/or
Contractor Operated System |
Planned
Operational Date |
Date
of Planned C & A update (for existing mixed life cycle systems) or
Planned Completion Date (for new systems) |
|
I.
E. 4. Operational Systems - Security:
| |
Agency/or
contractor Operated System? |
NIST
FIPS 199 Risk Impact level (High, Moderate, Low) |
Has
C & A been Completed, using NIST 800-37? (Y/N) |
Date
Completed: C & A |
What
standards were used for the Security Controls tests? (FIPS 200/NIST 800-53,
Other, N/A) |
Date
Completed: Security Control Testing |
Date
the contingency plan tested |
| |
|
|
|
|
|
|
|
|
I.
E. 5. Have any weaknesses related to any of the systems part of or
supporting this investment been identified by the agency or IG?
I.
E. 5. a. If "yes," have those weaknesses been incorporated into
the agency's plan of action and milestone process?
I.
E. 6. Indicate whether an increase in IT security funding is requested to
remediate IT security weaknesses?
I.
E. 6. a. If "yes," specify the amount, provide a general
description of the weakness, and explain how the funding request will
remediate the weakness.
(long
text - 2500 characters)
I.
E. 7. How are contractor security procedures monitored, verified, and
validated by the agency for the contractor systems above?
(long
text - 2500 characters)
I.
E. 8. Planning & Operational Systems - Privacy Table:
Details
for Text Options:
Column (d): If yes to (c), provide the link(s) to the publicly posted
PIA(s) with which this system is associated. If no to (c), provide an
explanation why the PIA has not been publicly posted or why the PIA has not
been conducted.
Column (f): If yes to (e), provide the link(s) to where the current and up
to date SORN(s) is published in the federal register. If no to (e), provide
an explanation why the SORN has not been published or why there isn't a
current and up to date SORN.
Note: Links must be provided to specific documents not general privacy
websites.
| |
(b)
Is this a new system? (Y/N) |
(c)
Is there a Privacy Impact Assessment (PIA) that covers this system? (Y/N) |
(d)
Internet Link or Explanation |
(e)
Is a System of Records Notice (SORN) required for this system? (Y/N) |
(f)
Internet Link or Explanation |
| |
|
|
|
|
|
|
Section
F: Enterprise Architecture (EA) (IT Capital Assets only)
In
order to successfully address this area of the business case and capital
asset plan you must ensure the investment is included in the agency's EA
and Capital Planning and Invesment Control (CPIC) process, and is mapped to
and supports the FEA. You must also ensure the business case demonstrates the
relationship between the investment and the business, performance, data,
services, application, and technology layers of the agency's EA.
I.
F. 1. Is this investment included in your agency's target enterprise
architecture?
yes
I.
F. 1. a. If "no," please explain why?
(long
text - 2500 characters)
I.
F. 2. Is this investment included in the agency's EA Transition Strategy?
yes
I.
F. 2. a. If "yes," provide the investment name as identified in
the Transition Strategy provided in the agency's most recent annual EA
Assessment.
(medium
text - 500 characters)
EDNet
I.
F. 2. b. If "no," please explain why?
(long
text - 2500 characters)
I.
F. 3. Is this investment identified in a completed (contains a target
architecture) and approved segment architecture?
yes
I.
F. 3. a. If "yes," provide the name of the segment architecture.
(medium
text - 500 characters)
"Infrastructure
and Optimization Initiative (IOI)".
I.
F. 4. Service Component Reference Model (SRM) Table :
Identify
the service components funded by this major IT investment (e.g., knowledge
management, content management, customer relationship management, etc.).
Provide this information in the format of the following table. For detailed
guidance regarding components, please refer to http://www.egov.gov.
a. Use existing SRM Components or identify as "NEW". A "NEW" component is
one not already identified as a service component in the FEA SRM.
b. A reused component is one being funded by another investment, but being
used by this investment. Rather than answer yes or no, identify the reused
service component funded by the other investment and identify the other
investment using the Unique Project Identifier (UPI) code from the OMB Ex
300 or Ex 53 submission.
c. 'Internal' reuse is within an agency. For example, one agency within a
department is reusing a service component provided by another agency within
the same department. 'External' reuse is one agency within a department
reusing a service component provided by another agency in another
department. A good example of this is an E-Gov initiative service being
reused by multiple organizations across the federal government.
d. Please provide the percentage of the BY requested funding amount used
for each service component listed in the table. If external, provide the
percentage of the BY requested funding amount transferred to another agency
to pay for the service. The percentages in this column can, but are not
required to, add up to 100%.
| |
Agency
Component Description |
FEA
SRM Service Type |
FEA
SRM Component (a) |
Service
Component Reused - Component Name (b) |
Service
Component Reused - UPI (b) |
Internal
or External Reuse? (c) |
BY
Funding Percentage (d) |
|
Desktop
Services (DS) |
Consists
of a suite of core applications and office automation tools which shall be
applied to all user workstations |
Asset
/ Materials Management |
Asset
Cataloging / Identification |
|
|
No
Reuse |
2 |
| Systems/Data
Center Operations (SD) |
Data
Centers to support the ED IT Infrastructure and its associated assets |
Asset
/ Materials Management |
Asset
Cataloging / Identification |
|
|
No
Reuse |
1 |
| Desktop
Services (DS) |
Consists
of a suite of core applications and office automation tools which shall be
applied to all user workstations |
Asset
/ Materials Management |
Computers
/ Automation Management |
|
|
No
Reuse |
2 |
| Systems/Data
Center Operations (SD) |
Data
Centers to support the ED IT Infrastructure and its associated assets |
Asset
/ Materials Management |
Computers
/ Automation Management |
|
|
No
Reuse |
1 |
| Systems/Data
Center Operations (SD) |
Data
Centers to support the ED IT Infrastructure and its associated assets |
Asset
/ Materials Management |
Facilities
Management |
|
|
No
Reuse |
1 |
| Desktop
Services (DS) |
Consists
of a suite of core applications and office automation tools which shall be
applied to all user workstations |
Asset
/ Materials Management |
Asset
Transfer, Allocation, and Maintenance |
|
|
No
Reuse |
2 |
| Systems/Data
Center Operations (SD) |
Data
Centers to support the ED IT Infrastructure and its associated assets |
Asset
/ Materials Management |
Asset
Transfer, Allocation, and Maintenance |
|
|
No
Reuse |
1 |
| Network
Services/Telecommunications/Multimedia Services |
Information
and communications technology infrastructure (voice, video, data solutions,
multimedia services) |
Asset
/ Materials Management |
Asset
Transfer, Allocation, and Maintenance |
|
|
No
Reuse |
2 |
| Systems/Data
Center Operations (SD) |
Data
Centers to support the ED IT Infrastructure and its associated assets |
Data
Management |
Data
Recovery |
|
|
No
Reuse |
1 |
| Disaster
Recovery (DR) |
Services
to support Disaster Recovery, Continuity of Operations, and IT/Network
emergency backup |
Data
Management |
Data
Recovery |
|
|
No
Reuse |
2 |
| Systems/Data
Center Operations (SD) |
Data
Centers to support the ED IT Infrastructure and its associated assets |
Data
Management |
Loading
and Archiving |
|
|
No
Reuse |
1 |
| Systems/Data
Center Operations (SD) |
Data
Centers to support the ED IT Infrastructure and its associated assets |
Development
and Integration |
Enterprise
Application Integration |
|
|
No
Reuse |
1 |
| Systems/Data
Center Operations (SD) |
Data
Centers to support the ED IT Infrastructure and its associated assets |
Development
and Integration |
Legacy
Integration |
|
|
No
Reuse |
1 |
| Systems/Data
Center Operations (SD) |
Data
Centers to support the ED IT Infrastructure and its associated assets |
Development
and Integration |
Instrumentation
and Testing |
|
|
No
Reuse |
1 |
| Systems/Data
Center Operations (SD) |
Data
Centers to support the ED IT Infrastructure and its associated assets |
Data
Management |
Extraction
and Transformation |
|
|
No
Reuse |
1 |
| Systems/Data
Center Operations (SD) |
Data
Centers to support the ED IT Infrastructure and its associated assets |
Data
Management |
Data
Cleansing |
|
|
No
Reuse |
1 |
| Helpdesk
Support (HS) |
Media
agnostic Helpdesk service, equipment and software |
Customer
Initiated Assistance |
Assistance
Request |
|
|
No
Reuse |
1 |
| Systems/Data
Center Operations (SD) |
Data
Centers to support the ED IT Infrastructure and its associated assets |
Customer
Initiated Assistance |
Assistance
Request |
|
|
No
Reuse |
1 |
| Desktop
Services (DS) |
Consists
of a suite of core applications and office automation tools which shall be
applied to all user workstations |
Customer
Initiated Assistance |
Assistance
Request |
|
|
No
Reuse |
2 |
| Helpdesk
Support (HS) |
Media
agnostic Helpdesk service, equipment and software |
Customer
Relationship Management |
Call
Center Management |
|
|
No
Reuse |
0 |
| Helpdesk
Support (HS) |
Media
agnostic Helpdesk service, equipment and software |
Customer
Relationship Management |
Customer
/ Account Management |
|
|
No
Reuse |
0 |
| Systems/Data
Center Operations (SD) |
Data
Centers to support the ED IT Infrastructure and its associated assets |
Customer
Relationship Management |
Customer
/ Account Management |
|
|
No
Reuse |
1 |
| Network
Services/Telecommunications/Multimedia Services |
Information
and communications technology infrastructure (voice, video, data solutions,
multimedia services) |
Customer
Relationship Management |
Customer
/ Account Management |
|
|
No
Reuse |
2 |
| Helpdesk
Support (HS) |
Media
agnostic Helpdesk service, equipment and software |
Customer
Relationship Management |
Contact
and Profile Management |
|
|
No
Reuse |
0 |
| Helpdesk
Support (HS) |
Media
agnostic Helpdesk service, equipment and software |
Customer
Relationship Management |
Customer
Feedback |
|
|
No
Reuse |
0 |
| Helpdesk
Support (HS) |
Media
agnostic Helpdesk service, equipment and software |
Customer
Relationship Management |
Surveys |
|
|
No
Reuse |
0 |
| Network
Services/Telecommunications/Multimedia Services |
Information
and communications technology infrastructure (voice, video, data solutions,
multimedia services) |
Customer
Preferences |
Alerts
and Notifications |
|
|
No
Reuse |
2 |
| Network
Services/Telecommunications/Multimedia Services |
Information
and communications technology infrastructure (voice, video, data solutions,
multimedia services) |
Customer
Initiated Assistance |
Scheduling |
|
|
No
Reuse |
2 |
| Helpdesk
Support (HS) |
Media
agnostic Helpdesk service, equipment and software |
Customer
Initiated Assistance |
Scheduling |
|
|
No
Reuse |
0 |
| Desktop
Services (DS) |
Consists
of a suite of core applications and office automation tools which shall be
applied to all user workstations |
Customer
Initiated Assistance |
Scheduling |
|
|
No
Reuse |
3 |
| Printer
Services (PS) |
Printer
Services including installation, repair, disposal, networking, and supplies |
Customer
Initiated Assistance |
Scheduling |
|
|
No
Reuse |
0 |
| Systems/Data
Center Operations (SD) |
Data
Centers to support the ED IT Infrastructure and its associated assets |
Customer
Relationship Management |
Scheduling |
|
|
No
Reuse |
1 |
| Helpdesk
Support (HS) |
Media
agnostic Helpdesk service, equipment and software |
Tracking
and Workflow |
Case
Management |
|
|
No
Reuse |
0 |
| Desktop
Services (DS) |
Consists
of a suite of core applications and office automation tools which shall be
applied to all user workstations |
Management
of Processes |
Change
Management |
|
|
No
Reuse |
3 |
| Network
Services/Telecommunications/Multimedia Services |
Information
and communications technology infrastructure (voice, video, data solutions,
multimedia services) |
Management
of Processes |
Change
Management |
|
|
No
Reuse |
2 |
| Desktop
Services (DS) |
Consists
of a suite of core applications and office automation tools which shall be
applied to all user workstations |
Management
of Processes |
Configuration
Management |
|
|
No
Reuse |
3 |
| Network
Services/Telecommunications/Multimedia Services |
Information
and communications technology infrastructure (voice, video, data solutions,
multimedia services) |
Management
of Processes |
Configuration
Management |
|
|
No
Reuse |
2 |
| Systems/Data
Center Operations (SD) |
Data
Centers to support the ED IT Infrastructure and its associated assets |
Management
of Processes |
Configuration
Management |
|
|
No
Reuse |
1 |
| Network
Services/Telecommunications/Multimedia Services |
Information
and communications technology infrastructure (voice, video, data solutions,
multimedia services) |
Management
of Processes |
Quality
Management |
|
|
No
Reuse |
2 |
| Helpdesk
Support (HS) |
Media
agnostic Helpdesk service, equipment and software |
Management
of Processes |
Quality
Management |
|
|
No
Reuse |
0 |
| Disaster
Recovery (DR) |
Services
to support Disaster Recovery, Continuity of Operations, and IT/Network
emergency backup |
Management
of Processes |
Risk
Management |
|
|
No
Reuse |
2 |
| Network
Services/Telecommunications/Multimedia Services |
Information
and communications technology infrastructure (voice, video, data solutions,
multimedia services) |
Management
of Processes |
Risk
Management |
|
|
No
Reuse |
2 |
| Network
Services/Telecommunications/Multimedia Services |
Information
and communications technology infrastructure (voice, video, data solutions,
multimedia services) |
Organizational
Management |
Network
Management |
|
|
No
Reuse |
2 |
| Network
Services/Telecommunications/Multimedia Services |
Information
and communications technology infrastructure (voice, video, data solutions,
multimedia services) |
Visualization |
Multimedia |
|
|
No
Reuse |
2 |
| Network
Services/Telecommunications/Multimedia Services |
Information
and communications technology infrastructure (voice, video, data solutions,
multimedia services) |
Knowledge
Discovery |
Modeling |
|
|
No
Reuse |
2 |
| Network
Services/Telecommunications/Multimedia Services |
Information
and communications technology infrastructure (voice, video, data solutions,
multimedia services) |
Reporting |
Standardized
/ Canned |
|
|
No
Reuse |
2 |
| Systems/Data
Center Operations (SD) |
Data
Centers to support the ED IT Infrastructure and its associated assets |
Reporting |
Standardized
/ Canned |
|
|
No
Reuse |
1 |
| Security
and Privacy Operations (SP) |
Continuous
real-time even monitoring and incident management |
Security
Management |
Intrusion
Detection |
|
|
No
Reuse |
3 |
| Security
and Privacy Operations (SP) |
Continuous
real-time even monitoring and incident management |
Security
Management |
Audit
Trail Capture and Analysis |
|
|
No
Reuse |
3 |
| Network
Services/Telecommunications/Multimedia Services |
Information
and communications technology infrastructure (voice, video, data solutions,
multimedia services) |
Security
Management |
Access
Control |
|
|
No
Reuse |
2 |
| Systems/Data
Center Operations (SD) |
Data
Centers to support the ED IT Infrastructure and its associated assets |
Security
Management |
Access
Control |
|
|
No
Reuse |
1 |
| Network
Services/Telecommunications/Multimedia Services |
Information
and communications technology infrastructure (voice, video, data solutions,
multimedia services) |
Security
Management |
Identification
and Authentication |
|
|
No
Reuse |
2 |
| Security
and Privacy Operations (SP) |
Continuous
real-time even monitoring and incident management |
Security
Management |
Digital
Signature Management |
|
|
No
Reuse |
3 |
| E-Mail
(EM) |
Stable
enterprise e-mail system providing standard mailbox features |
Collaboration |
Email |
|
|
No
Reuse |
1 |
| E-Mail
(EM) |
Stable
enterprise e-mail system providing standard mailbox features |
Collaboration |
Shared
Calendaring |
|
|
No
Reuse |
0 |
| E-Mail
(EM) |
Stable
enterprise e-mail system providing standard mailbox features |
Collaboration |
Task
Management |
|
|
No
Reuse |
0 |
| Network
Services/Telecommunications/Multimedia Services |
Information
and communications technology infrastructure (voice, video, data solutions,
multimedia services) |
Communication |
Audio
Conferencing |
|
|
No
Reuse |
2 |
| Network
Services/Telecommunications/Multimedia Services |
Information
and communications technology infrastructure (voice, video, data solutions,
multimedia services) |
Communication |
Event
/ News Management |
|
|
No
Reuse |
2 |
| Network
Services/Telecommunications/Multimedia Services |
Information
and communications technology infrastructure (voice, video, data solutions,
multimedia services) |
Communication |
Computer
/ Telephony Integration |
|
|
No
Reuse |
2 |
| Network
Services/Telecommunications/Multimedia Services |
Information
and communications technology infrastructure (voice, video, data solutions,
multimedia services) |
Communication |
Video
Conferencing |
|
|
No
Reuse |
2 |
| Network
Services/Telecommunications/Multimedia Services |
Information
and communications technology infrastructure (voice, video, data solutions,
multimedia services) |
Communication |
Voice
Communications |
|
|
No
Reuse |
2 |
| Systems/Data
Center Operations (SD) |
Data
Centers to support the ED IT Infrastructure and its associated assets |
Systems
Management |
License
Management |
|
|
No
Reuse |
0 |
| Network
Services/Telecommunications/Multimedia Services |
Information
and communications technology infrastructure (voice, video, data solutions,
multimedia services) |
Systems
Management |
License
Management |
|
|
No
Reuse |
2 |
| Network
Services/Telecommunications/Multimedia Services |
Information
and communications technology infrastructure (voice, video, data solutions,
multimedia services) |
Systems
Management |
Remote
Systems Control |
|
|
No
Reuse |
3 |
| Network
Services/Telecommunications/Multimedia Services |
Network
Services/Telecommunications/Multimedia Services |
Systems
Management |
System
Resource Monitoring |
|
|
No
Reuse |
3 |
| Systems/Data
Center Operations (SD) |
Data
Centers to support the ED IT Infrastructure and its associated assets |
Systems
Management |
System
Resource Monitoring |
|
|
No
Reuse |
0 |
| Desktop
Services (DS) |
Consists
of a suite of core applications and office automation tools which shall be
applied to all user workstations |
Systems
Management |
Software
Distribution |
|
|
No
Reuse |
3 |
| Helpdesk
Support (HS) |
Media
agnostic Helpdesk service, equipment and software |
Systems
Management |
Issue
Tracking |
|
|
No
Reuse |
3 |
|
I.
F. 5. Table 1. Technical Reference Model (TRM) Table:
To
demonstrate how this major IT investment aligns with the FEA Technical
Reference Model (TRM), please list the Service Areas, Categories,
Standards, and Service Specifications supporting this IT investment.
a. Service Components identified in the previous question should be entered
in this column. Please enter multiple rows for FEA SRM Components supported
by multiple TRM Service Specifications
b. In the Service Specification field, agencies should provide information
on the specified technical standard or vendor product mapped to the FEA TRM
Service Standard, including model or version numbers, as appropriate.
| |
FEA
TRM Service Area |
FEA
TRM Service Category |
FEA
TRM Service Standard |
Service
Specification (i.e., vendor and product name) |
|
Call
Center Management |
Component
Framework |
Data
Management |
Reporting
and Analysis |
Contractor-provided
Call Center Management application |
| Data
Exchange |
Component
Framework |
Data
Management |
Database
Connectivity |
Open
Database Connectivity (ODBC); Microsoft SQL Server; Oracle SQL Net |
| Network
Management |
Component
Framework |
Security |
Certificates
/ Digital Signatures |
Secure
Sockets Layer (SSL); ITU-T X.509 standards |
| Network
Management |
Component
Framework |
Security |
Supporting
Security Services |
Transport
Layer Security (TLS); Secure Shell (SSH); Web Services Security (WS
Security) |
| Email |
Service
Access and Delivery |
Access
Channels |
Collaboration
/ Communications |
Microsoft
Exchange Server; BlackBerry Enterprise Server; METAmessage Conversion
Server |
| Network
Management |
Service
Access and Delivery |
Access
Channels |
Other
Electronic Channels |
Web
Service and URL |
| Network
Management |
Service
Access and Delivery |
Delivery
Channels |
Intranet |
Microsoft
Windows Server |
| Network
Management |
Service
Access and Delivery |
Service
Requirements |
Authentication
/ Single Sign-on |
Microsoft
Active Directory; IBM Tivoli Identity Manager, Federal Identity Manager,
Tivoli IBM Directory Integrator |
| Network
Management |
Service
Access and Delivery |
Service
Requirements |
Legislative
/ Compliance |
Section
508 |
| Network
Management |
Service
Access and Delivery |
Service
Transport |
Service
Transport |
Transmission
Control Protocol (TCP); Internet Protocol (IP); HyperText Transfer Protocol
(HTTP); HTTP Secure (HTTPS); Wireless Application Protocol (WAP); File
Transfer Protocol (FTP); IP Security (IPSec) |
| Network
Management |
Service
Access and Delivery |
Service
Transport |
Supporting
Network Services |
Microsoft
Internet Information Server; IMAP/POP3; MIME; SMTP; T.120; H.323 (IP);
H.320 (ISDN); SNMP; LDAP; DHCP; X.500; X.400; BGP; DNS |
| Network
Management |
Service
Interface and Integration |
Interoperability |
Data
Format / Classification |
eXtensible
Markup Language (XML) |
| Network
Management |
Service
Interface and Integration |
Interoperability |
Data
Transformation |
eXtensible
Stylesheet Language |
| Data
Recovery |
Service
Platform and Infrastructure |
Database
/ Storage |
Storage |
EMC
Symmetrix NAS/HP SAN/StorageWorks Storage Arrays |
| Network
Management |
Service
Platform and Infrastructure |
Delivery
Servers |
Application
Servers |
Macromedia
Cold Fusion MX (Web App Dev); Lsoft ListServ (Email List Management);
Verity Content Classification Engine; Microsoft Internet Information
Services |
| Network
Management |
Service
Platform and Infrastructure |
Delivery
Servers |
Application
Servers |
Microsoft
Windows Server; erwoven Teamsite Server; OpenDeploy Server; Templating and
Development Suite (Content Management); Verity Ultraseek (Spider &
Search); Elsop LinkScan (Link Validation and Error Checking); Urchin (Web
Log An |
| Multimedia |
Service
Platform and Infrastructure |
Delivery
Servers |
Media
Servers |
Microsoft
Windows Server; Real Audio; RealNetworks Helix Universal Server (Streaming Media) |
| Email |
Service
Access and Delivery |
Delivery
Channels |
Internet |
Microsoft
Outlook Web Access (OWA) |
| Voice
Communications |
Service
Access and Delivery |
Access
Channels |
Wireless
/ PDA |
BlackBerry
smartphones; cellular phones |
| Computer
/ Telephony Integration |
Service
Access and Delivery |
Access
Channels |
Collaboration
/ Communications |
IP
Telephony including: IP Private Branch Exchange (PBX); Automated Call
Distribution (ACD); Interactive Voice Response (IVR); PC-based Softphones,
Telephony Application Program Interface (TAPI) |
| Audio
Conferencing |
Service
Access and Delivery |
Access
Channels |
Collaboration
/ Communications |
IP
Telephony |
| Voice
Communications |
Service
Access and Delivery |
Access
Channels |
Collaboration
/ Communications |
Desktop
phones including: IP-based phones, IP-based softphones, analog phones, ISDN
phones. Mobile phones including BlackBerry smartphones and cell phones. |
| Network
Management |
Service
Platform and Infrastructure |
Hardware
/ Infrastructure |
Network
Devices / Standards |
Switch;
Router; Firewall; Network Interface Card (NIC); Gateway; T1/DS3/OC3; VPN
Concentrator; RADIUS; TACACS |
| Video
Conferencing |
Service
Platform and Infrastructure |
Hardware
/ Infrastructure |
Video
Conferencing |
Multipoint
Conference Unit (MCU); Bridges; H.323-to-H.320 Gateways; Codecs |
|
I.
F. 6. Will the application leverage existing components and/or applications
across the Government (i.e., FirstGov, Pay.Gov, etc)?
yes
I.
F. 6. a. If "yes," please describe.
(long
text - 2500 characters)
EDUCATE
will leverage government wide common solutions from the Infrastructure
optimization LoB.
PART
II: PLANNING, ACQUISITION AND PERFORMANCE INFORMATION
Part
II should be completed only for investments identified as "Planning" or
"Full Acquisition," or "Mixed Life-Cycle" investments in response to
Question 6 in Part I, Section A above
Section
A: Alternatives Analysis (All Capital Assets)
In
selecting the best capital asset, you should identify and consider at least
three viable alternatives, in addition to the current baseline, i.e., the
status quo. Use OMB Circular A-94 for all investments and the Clinger Cohen
Act of 1996 for IT investments to determine the criteria you should use in
your Benefit/Cost Analysis.
II.
A. 1. Did you conduct an alternatives analysis for this project?
yes
II.
A. 1. a. If "yes," provide the date the analysis was completed?
2007-04-27
II.
A. 1. b. If "no," what is the anticipated date this analysis will
be completed?
II.
A. 1. c. If no analysis is planned, please briefly explain why:
(medium
text - 500 characters)
II.
A. 2. Use the results of your alternatives analysis to complete the
following table:
(Character
Limitations: Alternative Analyzed - 250 characters; Description of
Alternative - 500 Characters)
| |
Description
of Alternative |
Risk
Lifecycle Cost Estimate |
Risk
Lifecycle Benefits Estimate |
|
Alternative
#1: COCO 100% Contractor Maintained with w/Single Prime Contractor owning
HW/SW w/Gov't PMs oversight |
Single
Prime Contractor maintains EDUCATE. Partial responsibility resides with the
contractor in this COCO model with oversight provided by OCIO. Minimal risk
associated with this alternative. Contract is firm-fixed price. |
|
|
| Alternative
#2: COCO 100% Contractor Maintained with Multiple Prime Contractors owning
HW&SW w/Gov't PMs oversight |
Multiple
Prime Contractors maintain EDUCATE. Overall responsibility resides with the
contractor in this COCO model with oversight provided by OCIO. Minimal risk
associated with this alternative. Contract is firm-fixed price. |
|
|
| Alternative
#3: GOCO 100% Single Prime Contractor Maintained with w/Gov't PMs oversight
and the Government owning HW/SW |
Single
Prime Contractor maintains EDUCATE. Partial responsibility resides with the
contractor in services provided. Government responsible for all HW and SW.
Medium risk associated with this alternative. Contract is firm-fixed price.
|
|
|
| Alternative
#4: GOGO 100% Gov't Maintained with Gov't owning HW&SW |
This
approach uses 100% government resources to maintain EDUCATE. This approach
requires hiring and or training approximately 228 FTEs and shifts all risk
on to the government. With this approach accommodations will have to be
made for shift-worker required to operate EDUCATE 24X7.The government would
likely incur additional costs for Subject Matter Experts to deal with
infrastructure issues requiring ever-changing technical skills. |
|
|
| Alternative
#5: GOCO 100% Contractor Maintained with Multiple Prime Contractors w/Gov't
PMs oversight and the Government owning HW/SW |
Multiple
Prime Contractors maintain EDUCATE. Partial responsibility resides with the
contractor in services provided. Government owning and responsible for all
HW and SW. Medium risk associated with this alternative. Contract is
firm-fixed price. |
|
|
|
II.
A. 3. Which alternative was selected by the Agency's Executive/Investment
Committee and why was it chosen?
(long
text - 2500 characters)
Alternative
#1: COCO with Single Prime Contractor was recommended. The EDUCATE
alternative analysis is built on an assessment of the risks associated with
each of the five principal IT environments (GOGO, GOCO multiple primes,
GOCO single prime, COCO multiple primes and COCO single prime). The process
was to assess each of OMB's 19 "risk areas" against cost and
against EDUCATES? benefit values which then tie to the Federal CIO Council
best practice VMM values, by assessing both the probability (likelihood)
and magnitude (impact) of the risk. Multiplying the probability time the
magnitude for each risk and then summing the results, yielded a risk
factor, which was applied to cost estimates and benefit values generating a
risk-adjusted cost and risk adjusted benefit value for each option. COCO
single prime yielded the best most effective ratios of cost, benefit
values, and risk.
II.
A. 4. What specific qualitative benefits will be realized?
(long
text - 2500 characters)
The
contract is Firm-Fixed priced with an incentive/disincentive clause. COCO
contracts encourage the contractor to perform at their optimal best to meet
the performance standards set forth in the Service Level Agreements that
triggers the yearly bonus in the incentive clause and increase
profitability through effective consolidation and process improvement.
Internal and external EDUCATE customers can expect the following:1) HW and
SW refreshed on an ongoing basis, 2) improved customer service measured by
customer surveys & 3) measurement of SLA performance standards.
Management can expect the following: 1) private investment capital is
utilized 2) Reduced environmental liability (contractor disposes of HW) 3)
staff focused on mission critical performance measurement of SLA
performance standards 4) economies of scale 5) risk is reduced for government
6) enhanced network performance for services provided are continually
measured and incentive driven 7) cost avoidance for regulatory requirements
like e-Discovery 8) Cost avoidance related to the anticipated reduction of
requisitioning costs associated with processing over 400 requisitions
annually 9) improvement in overall operational security costs.
II.
A. 5. Will the selected alternative replace a legacy system in-part or
in-whole?
II.
A. 5. a. If "yes," are the migration costs associated with the migration to
the selected alternative included in this investment, the legacy
investment, or in a separate migration investment?
II.
A. 5. b. Table 1. If "yes," please provide the following
information:
| |
UPI
if available |
Date
of the System Retirement |
| |
|
|
|
Section
B: Risk Management (All Capital Assets)
You
should have performed a risk assessment during the early planning and
initial concept phase of this investment's life-cycle, developed a
risk-adjusted life-cycle cost estimate and a plan to eliminate, mitigate or
manage risk, and be actively managing risk throughout the investment's
life-cycle.
II.
B. 1. Does the investment have a Risk Management Plan?
yes
II.
B. 1. a. If "yes," what is the date of the plan?
2007-04-27
II.
B. 1. b. Has the Risk Management Plan been significantly changed since last
year's submission to OMB?
yes
II.
B. 1. c. If "yes," describe any significant changes:
(long
text - 2500 characters)
Changes
to the Risk Assessment\Management Plan (the 19 OMB Risk Categories) to
respond to the EDUCATE procurement currently being undertaken at ED. Risk
now have been added that take into account the new COCO Business Model.
II.
B. 2. If there currently is no plan, will a plan be developed?
II.
B. 2. a. If "yes," what is the planned completion date?
II.
B. 2. b. If "no," what is the strategy for managing the risks?
(long
text - 2500 characters)
II.
B. 3. Briefly describe how investment risks are reflected in the life cycle
cost estimate and investment schedule:
(long
text - 2500 characters)
ED
completed an analysis of the OMB risks. Each risk was assigned a score
(low-high) for probability of occurrence and magnitude (low-high). A final
score was derived and reflected in the alternative analysis document.
Section
C: Cost and Schedule Performance (All Capital Assets)
EVM
is required only on DME portions of investments. For mixed lifecycle
investments, O&M milestones should still be included in the table
(Comparison of Initial Baseline and Current Approved Baseline). This table
should accurately reflect the milestones in the initial baseline, as well
as milestones in the current baseline.
II.
C. 1. Does the earned value management system meet the criteria in ANSI/EIA
Standard - 748?
II.
C. 2. Is the CV or SV greater than 10%?
II.
C. 2. a. If "yes," was it the CV or SV or both ?
II.
C. 2. b. If "yes," explain the causes of the variance:
(long
text - 2500 characters)
II.
C. 2. c. If "yes," describe the corrective actions:
(long
text - 2500 characters)
II.
C. 3. Has the investment re-baselined during the past fiscal year?
II.
C. 3. a. If "yes," when was it approved by the agency head?
II.
C. 4. Comparison of Initial Baseline and Current Approved Baseline
Complete
the following table to compare actual performance against the current
performance baseline and to the initial performance baseline. In the
Current Baseline section, for all milestones listed, you should provide
both the baseline and actual completion dates (e.g., "03/23/2003"/
"04/28/2004") and the baseline and actual total costs (in $ Millions). In
the event that a milestone is not found in both the initial and current
baseline, leave the associated cells blank. Note that the 'Description of
Milestone' and 'Percent Complete' fields are required. Indicate '0' for any
milestone no longer active. (Character Limitations: Description of
Milestone - 500 characters)
| |
Initial
Baseline - Planned Completion Date |
Initial
Baseline - Total Cost |
Current
Baseline - Planned Completion Date |
Current
Baseline - Actual Completion Date |
Current
Baseline - Planned Total Cost |
Current
Baseline - Actual Total Cost |
Current
Baseline Variance - Schedule |
Current
Baseline Variance - Cost |
Percent
Complete |
| |
|
|
|
|
|
|
|
|
|
|
PART
III: FOR "OPERATION AND MAINTENANCE" INVESTMENTS ONLY
(STEADY-STATE)
Part
III should be completed only for investments identified as "Operation
and Maintenance" (Steady State) in response to Question 6 in Part I,
Section A above.
Section
A: Risk Management (All Capital Assets)
You
should have performed a risk assessment during the early planning and
initial concept phase of this investment's life-cycle, developed a
risk-adjusted life-cycle cost estimate and a plan to eliminate, mitigate or
manage risk, and be actively managing risk throughout the investment's
life-cycle.
III.
A. 1. Does the investment have a Risk Management Plan?
yes
III.
A. 1. a. If "yes," what is the date of the plan?
2007-04-27
III.
A. 1. b. Has the Risk Management Plan been significantly changed since last
year's submission to OMB?
yes
III.
A. 1. c. If "yes," describe any significant changes:
(long
text - 2500 characters)
Changes
to the Risk Assessment\Management Plan (the 19 OMB Risk Categories) to
respond to the EDUCATE procurement currently being undertaken at ED. Risk
now have been added that take into account the new COCO Business Model.
III.
A. 2. If there currently is no plan, will a plan be developed?
III.
A. 2. a. If "yes," what is the planned completion date?
III.
A. 2. b. If "no," what is the strategy for managing the risks?
(long
text - 2500 characters)
The
Department of Education is in the process and planning stage to conduct
Operational Analysis in the next 6 months.
Section
B: Cost and Schedule Performance (All Capital Assets)
III.
B. 1. Was operational analysis conducted?
no
III.
B. 1. a. If "yes," provide the date the analysis was completed.
III.
B. 1. b. If "yes," what were the results?
(long
text - 2500 characters)
An
IG audit was conducted. As part of the corrective action plan, ED is
recompeting EDNet as EDUCATE.
III.
B. 1. c. If "no," please explain why it was not conducted and if
there are any plans to conduct operational analysis in the future:
(long
text - 2500 characters)
The
Department of Education is in the process and planning stage to conduct
Operational Analysis in the next 6 months.
III.
B. 2. Complete the following table to compare actual cost performance
against the planned cost performance baseline. Milestones reported may
include specific individual scheduled preventative and predictable
corrective maintenance activities, or may be the total of planned annual
operation and maintenance efforts).
(Character
Limitations: Description of Milestone - 250 Characters)
III.
B. 2. a. What costs are included in the reported Cost/Schedule Performance
information (Government Only/Contractor Only/Both)?
Contractor
Only
III.
B. 2. b. Comparison of Planned and Actual Cost
| |
Planned
Completion Date |
Planned
Total Cost |
Actual
Completion Date |
Actual
Total Cost |
Variance
- Schedule |
Variance
- Cost |
|
Security
& Privacy Operations (SP) Support |
2008-09-30 |
|
|
|
|
|
| Desktop
Services (DS) |
2008-09-30 |
|
|
|
|
|
| Helpdesk
Support (HS) |
2008-09-30 |
|
|
|
|
|
| Systems/Data
Center Operations (SD) Support |
2008-09-30 |
|
|
|
|
|
| E-Mail
(EM) support |
2008-09-30 |
|
|
|
|
|
| Network
Services (NS)\Telecommunications\Multimedia Services (NS) Support |
2008-09-30 |
|
|
|
|
|
| Disaster
Recovery (DR) |
2008-09-30 |
|
|
|
|
|
| Security
& Privacy Operations (SP) Support |
2009-09-30 |
|
|
|
|
|
| Desktop
Services (DS) |
2009-09-30 |
|
|
|
|
|
| Helpdesk
Support (HS) |
2009-09-30 |
|
|
|
|
|
| Systems/Data
Center Operations (SD) |
2009-09-30 |
|
|
|
|
|
| E-Mail
(EM) Support |
2009-09-30 |
|
|
|
|
|
| Network
Services (NS)\Telecommunications\Multimedia Services (NS) Support |
2009-09-30 |
|
|
|
|
|
| Disaster
Recovery (DR) |
2009-09-30 |
|
|
|
|
|
|
PART
IV: Planning For "Multi-Agency Collaboration" ONLY
Part
IV should be completed only for investments identified as an E-Gov
initiative, an Line of Business (LOB) Initiative, or a Multi-Agency
Collaboration effort., selected the "Multi-Agency Collaboration" choice in
response to Question 6 in Part I, Section A above. Investments identified
as "Multi-Agency Collaboration" will complete only Parts I and IV of the
exhibit 300.
Section
A: Multi-Agency Collaboration Oversight (All Capital Assets)
Multi-agency
Collaborations, such as E-Gov and LOB initiatives, should develop a joint
exhibit 300.
IV.
A. 1. Stakeholder Table
As
a joint exhibit 300, please identify the agency stakeholders. Provide the
partner agency and partner agency approval date for this joint exhibit 300.
| |
Joint
exhibit approval date |
| |
|
|
IV.
A. 2. Partner Capital Assets within this Investment
Provide
the partnering strategies you are implementing with the participating
agencies and organizations. Identify all partner agency capital assets supporting
the common solution (section 300.7); Managing Partner capital assets should
also be included in this joint exhibit 300. These capital assets should be
included in the Summary of Spending table of Part I, Section B. All partner
agency migration investments (section 53.4) should also be included in this
table. Funding contributions/fee-for-service transfers should not be
included in this table. (Partner Agency Asset UPIs should also appear on
the Partner Agency's exhibit 53)
| |
Partner
Agency Asset Title |
Partner
Agency Exhibit 53 UPI |
| |
|
|
|
IV.
A. 3. Partner Funding Strategies ($millions)
For
jointly funded initiative activities, provide in the "Partner Funding
Strategies Table": the name(s) of partner agencies; the UPI of the partner
agency investments; and the partner agency contributions for CY and BY.
Please indicate partner contribution amounts (in-kind contributions should
also be included in this amount) and fee-for-service amounts. (Partner
Agency Asset UPIs should also appear on the Partner Agency's exhibit 53.
For non-IT fee-for-service amounts the Partner exhibit 53 UPI can be left
blank) (IT migration investments should not be included in this table)
Return to OMB Exhibit 300 page
