5 Fam 620

INFORMATION TECHNOLOGY (IT)
PROJECT MANAGEMENT

(CT:IM-248; 11-20-2018)
(Office of Origin: IRM/BMP/SPO)

5 FAM 621 GENERAL

(CT:IM-248; 11-20-2018)

a. The strategic importance of Information Technology (IT) to the mission of the State Department and the U.S. Government is increasing, and projects are becoming more complex. This means that the IT project/program managers role must now shift from a peripheral function to that of a more demanding career discipline. The Office of Management and Budget (OMB) requires the Department to use qualified project/program managers to manage its major IT projects in accordance with Federal guidance to ensure the successful achievement of cost, schedule, and performance goals. In response to these Government-wide requirements, the Department expanded its IT Project Management Program to include qualifications and continuing education requirements for managers responsible for managing both major and non-major IT projects.

b. All IT project/program managers of major and non-major IT investments must be qualified in accordance with the Departments IT Project Manager Program guidance.

c. Project/program managers must be selected by the senior management responsible for each bureaus major or non-major IT investments.

d. The E-Government Program Management Office (E-Gov PMO) determines the classification of IT projects/programs as major or non-major in accordance with OMB Circular A-11.

e. Project/Program managers are responsible for complying with the reporting requirements for major and non-major IT investments administered by the E-Gov PMO.

f. Project/program managers must complete the Department approved Project management course training as required. (Project Management Training Requirements.)

g. Managing State Projects is the preferred System Development Lifecycle Management methodology in the Department for the development, and the operations and maintenance of IT projects and programs. See 5 FAH-5 H-210 Managing Department of State Projects.

h. Project/program managers must not begin a new IT project without the formal approval from the bureau's Executive Director.

i. Project/program managers must complete and maintain required Federal and Department Information Security Courses to meet Federal Information Security Modernization Act (FISMA) role-based training requirements.

j. Project/program Managers must complete and maintain required Federal and Department Information Technology and Acquisitions Courses to ensure project and program compliance with the Federal Enterprise Architecture Framework (FEAF) and Federal Acquisitions Regulation (FAR).

5 FAM 622 SCOPE AND AUTHORITY

(CT:IM-248; 11-20-2018)

a. This policy applies to all Department organizations and entities as the authority governing management of major and non-major IT investments. The policy provides requirements for project development, integration, modification, and maintenance of the Department IT systems, products, and services. This policy applies to all Department personnel, as well as contractors involved in Department systems and program planning, development, modification, integration, operation, and maintenance.

b. The authorities establishing this policy include:

(1) Paperwork Reduction Act, Public Law 104-13;

(2) Clinger-Cohen Act, Public Law 104-106 (formerly known as the Information Technology Reform Act);

(3) Government Performance and Results Modernization Act of 2010, Public Law 111-352;

(4) E-Government Act of 2002, Public Law 107-347;

(5) Federal Information Security Modernization Act of 2014 (FISMA), Public Law 113-283;

(6) Government Paperwork Elimination Act of 1998, Public Law 105-277;

(7) Electronic Signatures in Global and National Commerce Act, June 30, 2000, Public Law 106-229;

(8) OMB Circular A-130, Managing Information as a Strategic Resource;

(9) Federal Information Technology Acquisition Reform (FITARA) is Title VIII Subtitle D Sections 831-837 of Public Law 113-291 - Carl Levin and Howard P. "Buck" McKeon National Defense Authorization Act for Fiscal Year 2015;

(10) OMB Memorandum (M-15-14); Management and Oversight of Federal Information Technology;

(11) HSPD-7, 7 Critical Infrastructure Protection Plans to Protect Federal Critical Infrastructures and Key Resources;

(12) Federal Acquisition Regulation (FAR) Sections 7.102, 10.002 and 11.105;

(13) FAR, Subpart 34.2;

(14) ANSI/EIA-STD-748-A;

(15) Section 508 of the Rehabilitation Act of 1973 (29 U.S.C. 794d);

(16) Executive Order 13011 (Federal Information Technology);

(17) NIST SP 800-64 Revision 2, Security Considerations in the System Development Life Cycle, October 2008;

(18) NIST SP 800-65, Integrating IT Security into the Capital Planning and Investment Control Process;

(19) Privacy Act of 1974, (5 U.S.C. and 552a), as amended;

(20) M-07-16, Safeguarding Against and Responding to the Breach of Personally Identifiable Information (May 22, 2007);

(21) M-06-15, Safeguarding Personally Identifiable Information (May 22, 2006);

(22) M-06-16, Protection of Sensitive Agency Information (June 23, 2006);

(23) M-06-19, Reporting Incidents Involving Personally Identifiable Information (July 1, 2006);

(24) M-17-26, Reducing Burden for Federal Agencies by Rescinding and Modifying OMB Memoranda (June 15, 2017);

(25) M-10-27, Information Technology Investment Baseline Management Policy (June 28, 2010);

(26) M-12-18, Managing Government Records Directive (August 24, 2012);

(27) M-13-09, Fiscal Year 2013 PortfolioStat Guidance: Strengthening Federal IT Portfolio Management (March 27, 2013);

(28) M-13-13, Open Data Policy, Managing Information as an Asset;

(29) Homeland Security Presidential Directive 12 (HSPD-12) (5 FAM 100);

(30) OMB, A Common Approach to Federal Enterprise Architecture (May 2, 2012);

(31) OMB, Revisions to the Federal Acquisitions Certification for Program and Project Managers (FAC-P/PM) (December 16, 2013);

(32) OMB Circular A-11, Preparation, Submission and Execution of the Budget (July 26, 2013);

(33) OMB, Guidance for Specialized Information Technology Acquisitions Cadres (July 13, 2011); and

(34) OPM, Competency Model for IT Program Management (July 12, 2011).

5 FAM 623 IT PROJECT MANAGEMENT PROGRAM

5 FAM 623.1 Investment Categories

(CT:IM-160; 04-01-2015)

The Department IT projects are classified into two categories, major and non-major, and are categorized below based on the following IT project management standards:

(1) Major IT investment refers to an IT investment requiring special management attention because of its importance to the mission or function to the government; significant program or policy implications; high executive visibility; high development, operating, or maintenance costs; unusual funding mechanism; or definition as major by the agencys capital planning and investment control process. OMB may work with the agency to declare IT investments as major investments. The Department will consult with the assigned OMB analysts regarding which investments are considered major. Investments not considered major are non-major; and

(2) Non-Major IT Investment refers to any IT investment in the Department's IT portfolio that does not meet the definition of Major IT investment. All non-major investments must be reported in the Agency IT Portfolio Summary.

5 FAM 623.2 Project Manager Training Requirements

(CT:IM-160; 04-01-2015)

a. Project/program managers must meet the five basic requirements for managing any IT projects. These requirements are:

(1) Acceptable levels of experience, education, and training;

(2) Successful completion of the Managing State Projects (MSP) course;

(3) Successful completion of the Departments contracting course;

(4) Successful completion of the Departments mandatory leadership training program; and

(5) Successful completion of continuing education requirements of 40 hours or more on an annual basis. The 40 hours are tracked using FAITAS as verified by an employees supervisor.

b. Project management training may be classroom, distance learning, or blended learning (combination of classroom and distance learning) as made available through the Departments Foreign Service Institute (FSI) Skillsoft General Library. FSI courses are aligned with the industrys leading Project Management Body of Knowledge (PMBOK) project management curriculum.

c. Non-FSI training costs must be paid using funds from the sponsoring Bureau requiring the training.

5 FAM 624 PROJECT CYCLE

(CT:IM-160; 04-01-2015)

a. By using the project cycle, project/program managers can establish project goals, provide direction, and encourage teamwork more effectively. A project cycle consists of periods, phases, and activities. Regardless of the type or development model used, the following are common to any project:

(1) Benefit and/or cost and requirements analyses;

(2) Formal review and approval procedures;

(3) Schedule of activities;

(4) Standard documentation;

(5) Quality assurance; and

(6) Configuration management.

b. As an example, the MSP cycle consists of three distinct periods: study, acquisition, and operations, explained in 5 FAH-5 H-210 Managing Department of State Projects. The periods, phases, and activities within a project cycle can be tailored depending upon the projects type, size, and complexity.

5 FAM 625 THROUGH 629 UNASSIGNED