1 / 10

The Big Picture Baked-in versus Brushed-on Integrating IA into Major Programs

The Big Picture Baked-in versus Brushed-on Integrating IA into Major Programs. Art King IBM Business Consulting Services Acquisition Team, DIAP 703.604.1480 ext. 104 arthur.king@osd.mil. 8 th Annual IA Workshop 3 February 2004 Atlanta, Georgia. Purpose.

eddy
Download Presentation

The Big Picture Baked-in versus Brushed-on Integrating IA into Major Programs

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. The Big PictureBaked-in versus Brushed-onIntegrating IA into Major Programs Art King IBM Business Consulting Services Acquisition Team, DIAP 703.604.1480 ext. 104 arthur.king@osd.mil 8th Annual IA Workshop 3 February 2004 Atlanta, Georgia

  2. Purpose • A high level look at what we are trying to communicate to the acquisition community, including: • Governing policy and guidance • Determining the IA compliance requirement [Does this program need IA? How much?] • Relationship between IA Strategy and DITSCAP & DCID/6-3 • IA considerations in other Acquisition Documentation (Requirements documents/Acquisition Strategy/TEMP)

  3. IA in Acquisition Where we were… • The Good: Program A (ACAT-IAM) • Early IA involvement; IA included in WIPT tasking • Comprehensive IA Strategy • DITSCAP C&A in progress; C&A activities integrated in TEMP • The Bad: Program B (ACAT-ID) • Transitioned from Advanced Concept Technology Demonstration (ACTD) • Mission Essential system in IT registry (CCA applicable) • First sought CCA certification 3 days prior to MS B DAB review • PPP only; no IA Strategy • The Ugly: Program C (ACAT-IAM) • Key program - extends info services from strategic to tactical environment • Fielded and in operation • No IA Strategy; DITSCAP C&A not completed In a NetCentric world, risk accepted by one is shared by all

  4. Acquisition CommunityIA Guidance/Engagement • In Place: • Clinger Cohen Act • IA policy and implementation guidance of DoDD 8500.1 and DoDI 8500.2 • Increased involvement of IA in MAIS/MDAP program IIPTs and OIPTs • Increased IA focus within DoD 5000-series regulations and CJCS publications • Integrated IA stream in the Enterprise Integration Toolkit (for COTS/ERP acquisitions) • Net Ready-KPP • Net-Centric Operations and Warfare Reference Model (NCOW RM) • Near Term: • Draft DoDI 8580.bb “IA in the Acquisition System” • IA guidance to acquisition programs in the “Defense Acquisition Guidebook,” including refined IA strategy guidance • New DAU Learning Module “IA for PMs” • Development of the IA Architecture within the GIG Architecture • Software Security Initiative

  5. PM Big Picture Question #1 “Does this program and system need IA?” “If yes, how much?” • Answering this question is about to get easier • Draft DoDI 8580.bb “IA in the Acquisition System” • IA guidance to acquisition programs in the “Defense Acquisition Guidebook” • New DAU Learning Module “IA for PMs” • Answer is based on the characteristics of the system being acquired: • Mission Critical/Mission Essential • Type of IT • None • AIS/MAIS • Platform • IT Interconnection • Internal Network • Outsourced IT-Based Process • Brief, acquisition-focused answer is provided in the Guidebook, which also helps in understanding more detailed information in DoDI 8500.2

  6. “Does your program and system need IA?” Source: DRAFT Defense Acquisition Guidebook

  7. PM Big Picture Question #2 “Why do we need an IA strategy? After all, we’re going to use the DITSCAP…” • For Mission Critical/Mission Essential IT, it’s the LAW (CCA) • Beyond the statutory requirement, the IA strategy: • Helps the program organize and coordinate its approach to identifying and satisfying IA requirements • Documents the Mission Assurance Category and Confidentiality Level determinations • Outlines the intended security architecture • Provides high-level information needed to begin Phase I SSAA • Provides guidance to other future program planning and execution activities, including: • Procurement • Testing • Resourcing • IA strategy review process facilitates buy-in from PEO/MAJCOM/SYSCOM, Component CIO and DoD CIO on all of the above A good IA Strategy should result in a better DITSCAP or DCID 6/3 C&A process.

  8. PM Big Picture Question #3 “We submitted an IA strategy – as far as acquisition documents go, we’re done, right?” • The value of an IA strategy is in its impact on program decision making and planning. There should be recognizable synchronization between the IA strategy and other key acquisition documents: • Capability/Requirements Documents (ORD, CDD, etc.) should address • Specified IA requirements, including IA related KPPs • Acquisition Strategy – should address • IA Technical considerations (e.g. COTS/NSTISSP 11) • IA Schedule considerations (e.g. C&A timeline and milestones) • IA Cost considerations (e.g. operations and maintenance) • IA Funding considerations (for full life cycle) • IA Staffing and Support considerations (e.g. organic, matrixed or contracted) • Test & Evaluation Master Plan (TEMP) should address: • C&A roles/responsibilities (e.g. DAA, CA, OTA) • Integration of IA testing in DT and OT • Key events (e.g. IATO, ATO, IATT) • IA related KPPs, MOPs and COIs

  9. For your consideration • Sea Sparrow Missile – What IA is really needed? • Joint STARS – Protect everything, or just the data link? • JTRS – is a waveform a “system”? • Extended Range Munition – is a munition a “Weapons System”?

  10. DIAP Acquisition TeamPoints of Contact Mr. Eustace King ASD(NII)/DIAP-Technologies and Capabilities (703) 602-9969 eustace.king@osd.mil Mr. Art King (IBM) (703) 604-1480 ext. 104 arthur.king@osd.mil Mr. Dominic Cussatt (IBM) (703) 604-1480 ext. 119 Dominic.cussatt.ctr@osd.mil

More Related