Federal Information Technology Acquisition Reform Act (FITARA)
The objective of FITARA policy is to improve the management of IT within an agency.
What is FITARA
The Federal IT Acquisition Reform Act, or FITARA, is U.S. legislation enacted on December 19, 2014 that puts federal agency CIOs in control of IT investments. What does that mean? It means that the CIO (Chief Information Officer) and CTO (Chief Technology Officer) need to give documented approval of an IT purchase to remain compliant with this act.
More broadly, FITARA outlines specific requirements related to:
- CIO authority enhancements
- Enhanced transparency and improved risk management in IT investments
- Portfolio reviews
- Expansion of training and use of IT cadres
- Federal Data Center Consolidation Initiative (FDCCI), more recently known as the Data Center Optimization Initiative (DCOI)
- Maximizing the benefit of the federal strategic sourcing initiative (SSI)
- Government-wide software purchasing program The goal of FITARA is to eliminate duplication and waste in information technology acquisition for the federal government. The goals of the legislation – reduction of duplicative systems, examine software licensing options, making the business case for acquisition, and the consolidation of data centers.
The objective of FITARA is to improve the management of IT within an agency and hence, improve the ability for that agency to deliver its mission and conduct its business.
What requires FITARA review?
Want to know if your software request requires FITARA? That’s easy, almost all of them do! According to the CTO, at GSA we require FITARA approval for every single purchase you make.
For all TTS acquisitions, it is critical to obtain FITARA approval prior to releasing the solicitation and when exercising option years on existing contracts. Note: For Non-OA (Office of Acquisitions) acquisitions, when the acquisition plan and Statement of Work (SOW) have been finalized, please send an email to firstname.lastname@example.org. The TTS Tech Portfolio will conduct their initial review of the acquisition and initiate the FITARA review with the CTO office.
Note: There are some exceptions and blanket approvals, such as Dotgov domains or Professional Services (ex. Gengo Translation Services is an online subscription that bills monthly but is essentially a professional services). But it is up to the CTO to determine on a case-by-case basis if it is necessary and CIO to ultimately agree.
Now, how to get that approval? Enter the software on the CIO’s trello board on FITARA (Resources including guides and templates are provided in the last column of the board). The CTO will reply with their approval to route to the CIO. You will need to enter the information into a PDF template and route it to the CIO via DocuSign. Once they complete the package, you have FITARA approval. Upload the PDF from DocuSign into the agreement folder, contract file, or purchase record.
If you are curious where your software is in terms of review, check out the CIO’s trello board on FITARA.
The Office of Management and Budget (OMB) has drafted guidance to implement FITARA, Management and Oversight of Federal Information Technology M-15-14.
Reference the FITARA Rules Matrix. Note: this matrix does not represent all possible scenarios. When necessary, consult with your oganization’s FITARA representative accordingly for further guidance.
TTS issued policy effective February 28, 2017, implementing the policy and process for GSA Chief Information Officer FITARA review, TTS Policy and Process for GSA Chief Information Officer FITARA Review. Excerpt below:
RE: TTS Policy and Process for GSA Chief Information Officer FITARA Review
1.0 Purpose To establish a clear internal TTS policy and process to obtain required GSA Chief Information Officer (CIO) FITARA review of TTS contracts and agreements. Additionally, this policy fulfills the GSA Inspector General’s recommendation that TTS ensure compliance with the Federal Information Technology Reform Act (FITARA) and the terms of the June 2, 2015, Memorandum of Agreement that requires CIO review and approval of all contracts or other agreements entered into by 18F to acquire information technology (IT) or IT services. This policy applies to all internal TTS contracts or agreements, as well as external TTS contracts or agreements that leverage GSA IT’s platforms, security or infrastructure.
2.0 Policy and Process a. Internal contracts or agreements. TTS will submit for review to the GSA IT Chief of Staff and to the GSA TTS Liaison (currently the GSA Chief Technology Officer) all contracts or agreements entered into by TTS to acquire IT or IT services for internal purposes. The GSA IT Chief of Staff and GSA TTS Liaison will review the contract or agreement. Upon resolution, TTS will route the document for review and approval by the GSA CIO. By way of example, this includes all contracts or agreements where TTS is providing IT products or services to TTS or another part of GSA.
b. External contracts or agreements. When TTS is providing IT products or services to another agency, TTS will submit for review to the GSA IT Chief of Staff and to the GSA TTS Liaison (currently the GSA Chief Technology Officer) all contracts or agreements entered into by TTS to acquire IT or IT services if GSA owns the Authority to Operate (ATO) or a GSA-owned platform /infrastructure is being used. The GSA IT Chief of Staff and GSA TTS Liaison will review the contract or agreement, and provide comments to TTS on whether the proposed solution fits within the GSA IT standards and security model. Upon resolution, TTS will route the document for review and approval by the GSA CIO.
If the external contract or agreement does not involve a GSA-owned platform and/or GSA does not own the ATO, no approval from GSA IT is required.
3.0 Applicability This policy applies to all TTS Offices unless otherwise amended or revoked.