GSA Integrated Information Technology Management

Purpose

This Order establishes a comprehensive agency-wide policy for the management of all General Services Administration (GSA) Information Technology (IT) solutions, resources, and shared services throughout their entire lifecycle from planning and architecture through development, operation, and disposal.

Background

This policy is established under the Federal Information Technology Acquisition Reform Act (FITARA), the Clinger-Cohen Act of 1996, the E-Government Act of 2002, the Federal Information Security Modernization Act (FISMA) of 2014, and OMB Circular A-130 “Managing Information as a Strategic Resource.” These authorities mandate comprehensive IT governance and lifecycle management to ensure effective stewardship of federal IT resources.

Applicability

This policy applies to:

1. All GSA SSOs, including Regional Offices, and all GSA Federal employees and contractors;
2. The Office of Inspector General (OIG) to the extent that the OIG determines it is consistent with the OIG’s independent authority under the IG Act, and it does not conflict with other OIG policies or the OIG mission; and
3. The Civilian Board of Contract Appeals (CBCA) to the extent that the CBCA determines it is consistent with the CBCA’s independent authority under the Contract Disputes Act, and it does not conflict with other CBCA policies or the CBCA mission.

Cancellation

This Order cancels CIO 2110.4 GSA Enterprise Architecture Policy, CIO 2101.2 GSA Enterprise Information Technology Management Policy, CIO 2140.4 Systems Development Life Cycle Policy, and CIO 2130.2 CHGE 1 Enterprise IT Governance.

Summary of Changes

1. This Order consolidates and supersedes four prior policies into one to eliminate duplication and redundancy.
2. This Order removes extraneous sections and outdated material.

Roles and Responsibilities

1. Chief Information Officer (CIO)
   1. Develops IT policy covering leadership, strategic planning, workforce development, budgeting, and security management.
   2. Reviews and approves all IT contracts, agreements, and budget requests while providing oversight of IT governance and performance management.
   3. Maintains responsibility for GSA IT Strategic plan supporting the agency’s overall strategic direction.
2. Chief Enterprise Architect (CEA) or designee
   1. Provides strategic direction for Enterprise Architecture (EA) development and maintenance while ensuring coordination with the Federal Enterprise Architecture and GSA partner organizations.
   2. Maintains the authoritative GSA EA repository and ensures data accuracy and accessibility for agency decision-making.
3. Chief Information Security Officer (CISO)
   1. Ensures compliance with FISMA requirements and ensures appropriate security measures are integrated into all enterprise and segment architectures in coordination with the CEA.
4. Chief Financial Officer (CFO)
   1. The CFO ensures EA and Capital Planning and Investment Control (CPIC) processes are properly integrated with strategic and budget planning activities and maintains responsibility for architectural considerations required under the Chief Financial Officers Act.
5. Heads of Service and Staff Offices (HSSOs)
   1. Ensure appropriate business planning and management of business requirements to guarantee transparency, accountability, and coordination with the CIO, and/or appointed delegate(s), throughout the IT lifecycle.
   2. Implement standardized processes to ensure that: (a) Before entering into any contract or other agreement for IT or IT services, the contract or agreement has undergone the required CIO review and obtained the required approval. (See ADM 5450.39D, GSA Delegations of Authority Manual); (b) Before requesting the allocation or reprogramming of any funds made available for IT programs, systems, solutions, resources, and/or shared services, the request has undergone the required CIO review and obtained the required approval.