Federal Information Technology Acquisition Reform Act (FITARA)

The objective of FITARA policy is to improve the management of IT within an agency.

What is FITARA

The , external,Federal IT Acquisition Reform Act, or FITARA, is U.S. legislation enacted on December 19, 2014 that puts federal agency CIOs in control of IT investments. What does that mean? It means that the CIO (Chief Information Officer) and CTO (Chief Technology Officer) need to give documented approval of an IT purchase to remain compliant with this act.

More broadly, FITARA outlines specific requirements related to:

1. CIO authority enhancements
2. Enhanced transparency and improved risk management in IT investments
3. Portfolio reviews
4. Expansion of training and use of IT cadres
5. Federal Data Center Consolidation Initiative (FDCCI), more recently known as the Data Center Optimization Initiative (DCOI)
6. Maximizing the benefit of the federal strategic sourcing initiative (SSI)
7. Government-wide software purchasing program The goal of FITARA is to eliminate duplication and waste in information technology acquisition for the federal government. The goals of the legislation – reduction of duplicative systems, examine software licensing options, making the business case for acquisition, and the consolidation of data centers.

The objective of FITARA is to improve the management of IT within an agency and hence, improve the ability for that agency to deliver its mission and conduct its business.

What requires FITARA review?

Want to know if your software request requires FITARA? That’s easy, almost all of them do! According to the CTO, at GSA we require FITARA approval for every single IT purchase/investment you make.

For all TTS acquisitions, it is critical to obtain FITARA approval prior to releasing the solicitation and when exercising option years on existing contracts. Note: For Non-OA (Office of Acquisitions) acquisitions, when the acquisition plan and Statement of Work (SOW) have been finalized, please send an email to devops@gsa.gov. The TTS Tech Portfolio will conduct their initial review of the acquisition and initiate the FITARA review with the CTO office.

Note: There are some exceptions and blanket approvals, such as Dotgov domains or Professional Services (ex. Gengo Translation Services is an online subscription that bills monthly but is essentially a professional services). But it is up to the CTO to determine on a case-by-case basis if it is necessary and CIO to ultimately agree.

Approval Process

Now, how to get that approval? Please send a message within the , external,TTS-only, #tts-fitara-reviews Slack channel in order to initiate the process. A representative will work with you to ensure the FITARA review is conducted and routed to the GSA-CIO for final approval. Once you have received a signed and approved FITARA form, please file this within your records and proceed with remaining procurement/acquisition activities.

OMB guidance

The Office of Management and Budget (OMB) has drafted guidance to implement FITARA, , external,Management and Oversight of Federal Information Technology M-15-14.

OCIO guidance

When necessary, consult with your organization's FITARA representative accordingly for further guidance or visit the , external,TTS-only, #tts-fitara-reviews Slack channel and post your questions there.

TTS guidance

TTS issued policy effective February 28, 2017, implementing the policy and process for GSA Chief Information Officer FITARA review, , external,TTS-only, TTS Policy and Process for GSA Chief Information Officer FITARA Review. Excerpt below:

RE: TTS Policy and Process for GSA Chief Information Officer FITARA Review

1.0 Purpose To establish a clear internal TTS policy and process to obtain required GSA Chief Information Officer (CIO) FITARA review of TTS contracts and agreements. Additionally, this policy fulfills the GSA Inspector General’s recommendation that TTS ensure compliance with the Federal Information Technology Reform Act (FITARA) and the terms of the June 2, 2015, Memorandum of Agreement that requires CIO review and approval of all contracts or other agreements entered into by 18F to acquire information technology (IT) or IT services. This policy applies to all internal TTS contracts or agreements, as well as external TTS contracts or agreements that leverage GSA IT’s platforms, security or infrastructure.

2.0 Policy and Process a. Internal contracts or agreements. TTS will submit for review to the GSA IT Chief of Staff and to the GSA TTS Liaison (currently the GSA Chief Technology Officer) all contracts or agreements entered into by TTS to acquire IT or IT services for internal purposes. The GSA IT Chief of Staff and GSA TTS Liaison will review the contract or agreement. Upon resolution, TTS will route the document for review and approval by the GSA CIO. By way of example, this includes all contracts or agreements where TTS is providing IT products or services to TTS or another part of GSA.

b. External contracts or agreements. When TTS is providing IT products or services to another agency, TTS will submit for review to the GSA IT Chief of Staff and to the GSA TTS Liaison (currently the GSA Chief Technology Officer) all contracts or agreements entered into by TTS to acquire IT or IT services if GSA owns the Authority to Operate (ATO) or a GSA-owned platform /infrastructure is being used. The GSA IT Chief of Staff and GSA TTS Liaison will review the contract or agreement, and provide comments to TTS on whether the proposed solution fits within the GSA IT standards and security model. Upon resolution, TTS will route the document for review and approval by the GSA CIO.

If the external contract or agreement does not involve a GSA-owned platform and/or GSA does not own the ATO, no approval from GSA IT is required.

3.0 Applicability This policy applies to all TTS Offices, unless otherwise amended or revoked.

Still have questions?

Ask the Tech Portfolio.