5 FAH-5 H-100
INFORMATION TECHNOLOGY SYSTEMS
5 FAH-5 H-110
PROCEDURES FOR DEVELOPING AND MANAGING DEPARTMENT OF
STATE PROJECTS
(CT:ITS-6 12-15-2016)
(Office of Origin: IRM/BMP/GRP/GP)
5 FAH-5 H-111 INTRODUCTION
5 FAM-5 H-111.1 Purpose
(CT:ITS-2; 07-13-2007)
a. The purpose of this handbook is to:
(1) Implement policy in 5 FAM 611,
Developing and Managing Information Technology (IT) Systems (see 5 FAM 600);
(2) Support policy described in 5 FAM 620,
Information Technology (IT) Project Management; and
(3) Address the requirements for project development,
integration, modification, and maintenance of the Departments IT systems,
products and services.
b. Department personnel involved in project development
must follow the procedures outlined in this handbook. Projects covered by this
guidance include, but are not limited to:
(1) Development of new IT services, systems and
applications, feature and maintenance enhancements; and
(2) Integration and modification efforts of both
commercial off-the-shelf (COTS) and government off-the-shelf (GOTS) products.
5 FAH-5 H-111.2 Objective
(CT:ITS-2; 07-13-2007)
a. The objective of this handbook is to outline the
minimum requirements and procedures for:
(1) Project Management, as prescribed in 5 FAM 620;
(2) Data Management, as prescribed in 5 FAM 630;
(3) Project Quality Management, as prescribed in 5 FAM 640;
(4) Configuration Management, as prescribed in 5 FAM 650;
(5) Benefit Cost Analysis (BCA), as prescribed in 5 FAM 660;
(6) IT Performance Measures, as prescribed in 5 FAM 670; and
(7) Earned Value Management, as prescribed in 5 FAM 680.
b. Managers must meet the objectives for managing State
projects (MSP), as generally defined in 5 FAM 610. In
addition, project managers must:
(1) Plan and manage records effectively;
(2) Prepare for program reviews; and
(3) Build an historical archive that assists in
accurately estimating costs on future projects.
5 FAH-5 H-111.3 Authorities
(CT:ITS-2; 07-13-2007)
The authorities establishing the procedures in this
handbook are covered in 5 FAM 612.
5 FAH-5 H-111.4 General
(CT:ITS-6; 12-15-2016)
a. Department projects must be defined by a project
plan prior to beginning any work on the project, and project plans must include
the name of the project manager (see 5 FAM 615, The
Project Plan, and 5 FAH-5 H-213).
b. The Office of Management and Budget (OMB) mandates
strict evaluation of major and non-major projects through the Electronic
Capital Planning and Investment Control Process (e-CPIC) tool, and major
projects must be justified based on certain criteria (see the e-Gov Web site).
c. Project managers must:
(1) Adhere to policy established in 5 FAM 620 for
managing State projects (MSP), the implementation procedures in this handbook
for project management techniques, and the technical disciplines associated
with managing projects throughout the life cycle; and
(2) Service contracts (including, but not limited to,
the development of software) and develop and supply to the contracting officer
a performance work statement (PWS) that defines what objectives are to be
achieved rather than dictates how the contractor will achieve those
objectives. Incentives should be included to better ensure that the objectives
will be achieved with high quality and in a timely fashion. Appropriate
deliverables, standards and control gates must also be included in the PWS.
Project managers must also monitor contractor performance to ensure that the objectives
are achieved as stated in the contract, and include contractor-earned
incentives in payments to the contractor when those incentives are included in
the contract (see 5 FAM 915.4).
d. Pilots for Department projects must undergo
pre-approval by the Office of Information Assurance (IRM/IA) before their
operational implementation (see 5 FAM 619).
e. To ensure consistency with the Departments
enterprise data model (EDM), all major application and general support system
development projects must have data management support coordinated with the Systems Development Division (IRM/OPS/SIO/SDD) (see 5 FAM 637.1).
f. A benefit cost analysis (BCA) is required for all
projects whose cost exceeds $100K (see 5 FAM 662 and 5 FAH-5 H-610).
g. A simplified BCA is required for all projects with
life-cycle costs under $10M (see 5 FAM 662 and 5 FAH-5 H-610).
h. Project managers must incorporate records management
and archival functions into the design, development, and implementation of
information systems (see OMB Circular A-130, paragraph 8a(1)(k)).
5 FAH-5 H-111.5 Definitions
(CT:ITS-2; 07-13-2007)
Accreditation: See 5 FAH-11 H-014.
Attribute: An item of data, a
fact, or a single piece of information about an entity that quantifies,
identifies, classifies, or describes that entity.
Benefit cost analysis (BCA):
The process of weighing the total expected costs against the total expected
benefits of one or more actions to choose the best or most profitable option.
Commercial off-the-shelf (COTS)
software: Software that has been developed at private expense and later
sold to the U.S. Government. The license for the software is owned by the
software vendor. The U.S. Government generally pays a licensing fee to the
vendor for use of this software, as well as a periodic software maintenance fee
to have the vendor fix software bugs and update the software to keep its
technology with what is then in the market, including U.S. Government
requirements (such as standardization, etc.) rather than solely at the specific
request of the agency. The Office of Management and Budget (OMB) has stated
that agencies are to prefer COTS software over GOTS and other software since
(among other things) the responsibility for maintenance and continued
development is on the vendor rather then the U.S. Government. COTS are also
preferred since continuing maintenance and development are done at fixed
(usually monthly) prices, at reduced risk to the U.S. Government.
Data element: A named
identifier of each of the entities and their attributes represented in a
database.
Data element standardization:
The process of documenting, reviewing, and approving unique names, definitions,
characteristics, and representations of data elements according to established
procedures and conventions.
Enterprise data model (EDM):
See 5 FAM 637.1.
Government off-the-shelf software
(GOTS): Software that is developed at U.S. Government expense. The
license for the software is owned by the U.S. Government rather than the
software vendor. While the U.S. Government does not pay license fees for this
type of software, it does pay vendors for each individual bug fix or software
enhancement, generally on a cost-reimbursement or time-and-materials basis. It
is the U.S. Governments responsibility to discover bugs and determine its
requirements for enhancements, often without sensitivity towards capabilities
then available in the marketplace. The U.S. Government must then pay the
vendor for each fix or enhancement. Generally, these costs exceed the costs
encountered when fulfilling the same requirements using COTS software. The
risk to the U.S. Government is also greater with GOTS software than COTS
software, since the U.S. Government also has a greater software testing
responsibility with GOTS than with COTS. For these and other reasons, COTS
software is preferred over GOTS.
Performance work statement (PWS):
A statement of work (SOW) tells the contractor what the U.S.
Government wants done and how the U.S. Government wants it done. It dictates
both the problem and the solution the contractor is to provide. A PWS is a
performance-based SOW that tells the contractor what to do, but not how to do
it. A PWS allows the contractor to provide the contractors own solution to a
problem stated in the PWS rather than be forced to provide only the
government-dictated solution to that problem. A PWS should include incentives
that are tied to solving the stated problems in a high quality way (as defined
in the PWS) and in a timely fashion. PWSs are preferred to regular SOWs.
Project risk management: See 5 FAM 613.
Records management: The
planning, controlling, directing, organizing, training, promoting, and other
managerial activities involved in records creation, maintenance and use, and
disposition in order to achieve adequate and proper documentation of the
policies and transactions of the Federal Government and effective and
economical management of agency operations (44 U.S.C. 2901).
Work breakdown structure (WBS):
An actual plan and account of all the elements involved in building a project
from the beginning to the end by defining, organizing, scheduling, budgeting,
and controlling each task associated with the project.
5 FAH-5 H-112 ROLES AND
RESPONSIBILITIES
(CT:ITS-2; 07-13-2007)
a. Well-defined roles and responsibilities ensure a
projects success. The roles and responsibilities listed in the following
sub-paragraphs may require one person to perform multiple roles or several
members of the project team may work together to fulfill one role. Duties may
vary based on the project phase, nature of the project, as well as scope and
risk changes that may be identified throughout the project life cycle.
b. Although the sponsor or user and/or customer is
identified and executive management must approve and commit funds for the
project, the project manager is the focal point through the projects life
cycle for managing project resources and tasks to meet project objectives,
satisfy user requirements, and manage and control well-defined cost and
scheduled allowances.
c. Most of the roles and responsibilities associated
with new or enhanced projects are predetermined based on organizational
structure and business need. The requirements, rules and responsibilities will
vary from project to project. The project manager is responsible for ensuring
the appropriate roles and responsibilities associated with the project are
documented, available, and acquire the skill sets required to complete the
project. Resource requirements and their roles and responsibilities must be communicated
to the sponsor and stakeholders. The resources roles and responsibilities,
rules, and requirements will vary from project to project.
d. Other roles and responsibilities for a U.S.
Government project office, functional managers, contractors, source evaluation
board, and other personnel are identified during the acquisition phase when
contractors are required (see 5 FAH-5
H-217.2, Acquisition Period).
5 FAH-5 H-113 REVIEW BOARDS
(CT:ITS-2; 07-13-2007)
a. Review boards collectively ensure accountability for
IT projects through formal reviews of defined performance measures:
(1) E-Gov Program Board is an advisory board to the
Under Secretary for Management comprised of Assistant Secretaries representing
Department-wide interests (see 5 FAM 115.3);
(2) E-Gov Advisory Group (see 5 FAM 115.3-1);
and
(3) E-Gov PM/E-Gov Working Group provides business and
technical assistance.
b. E-Gov also supplies project managers and sponsors
with project data and documentation generated from management processes that
are used to justify, plan and deliver the IT initiative on schedule, within
cost, and to specification.
5 FAH-5 H-114 project certification and
accreditation requirements
(CT:ITS-2; 07-13-2007)
a. Department projects for developing new systems or
upgrading existing ones must ensure that these systems undergo certification
and accreditation (C&A) in accordance with Department policy (see 5 FAM 1060,
Information Assurance Management).
b. C&A must be obtained prior to system operational
deployment.
c. During project development, proper security
measures must be in place to:
(1) Determine applicable requirements, standards,
procedures, and guidelines;
(2) Ensure the system has required security functions
and features; and
(3) Conduct and document security reviews and
walkthroughs, ensuring compliance.
5 FAH-5 H-115 ACQUISITION
(CT:ITS-2; 07-13-2007)
a. During the acquisition phase, project managers must:
(1) Ensure that contracting activities are reviewed
and analyzed; and
(2) Evaluate incoming procurement requests for
selections based on results-oriented, service-based contracts that specifically
respond to the U.S. Governments Statement of Work (SOW) and define the
requirements in terms of measurable deliverables (see 5 FAM 900 for overall
acquisition policies).
b. The final acquisition plan must prove the new
project efforts are developed in accordance with the Departments acquisition
reform initiative (see 5 FAH-5
Exhibit H-217.2(1)).
5 FAH-5 H-116 RISK MANAGEMENT
(CT:ITS-2; 07-13-2007)
a. Risk management is the method of identifying,
analyzing, and responding to risk(s) throughout the life of a project in the
best interests of meeting project objectives. Risk management practices are
extremely helpful to the project team in determining potential problems that
might occur on the project and how they might impede project success. The elements
of risk management (i.e., risk analysis and risk assessment and development of
a risk plan) will focus the project team on planning for and measuring
potential risks to improve the success rate by:
(1) Identifying problems and solutions early;
(2) Documenting and prioritizing risks based on their
probability and impact occurrence;
(3) Avoiding surprises and failures; and
(4) Minimizing scheduling slips through effective
monitoring and controls of risks, and implementing a risk plan and evaluating
the effectiveness of risk strategies through the project life cycle.
b. Effective planning should provide a general
understanding of how to manage technical costs and schedule risks.
c. Project managers must factor into the WBS the
necessary steps to mitigate risks that have been identified, and incorporate
them into the project plan. Managers should also seek ways to avoid or
mitigate those same risks in other areas of the project.
d. Project Management, 5 FAH-5 H-200,
provides all the elements involved in effective project requirement
management. The chapter also includes information on how to minimize risk and
improve planning through the application of MSP principles.
5 FAH-5 H-117 through H-119 unassigned