WikiLeaks Document Release http://wikileaks.org/wiki/CRS-RS22194 February 2, 2009 Congressional Research Service Report RS22194 Federal Enterprise Architecture and Information Technology Management: A Brief Overview Jeffrey W. Seifert, Resources, Science, and Industry Division July 15, 2005 Abstract. Congressional policymakers are concerned about potential inefficiencies and inefficacies in the operation of the federal government, particularly as it relates to decisions regarding information technology (IT) investments. These concerns have increased as federal IT spending has grown to more than $60 billion annually. One approach being implemented to address this issue is the use of enterprise architecture (EA) planning across the federal government. An EA serves as a blueprint of the business operations of an organization, and the information and technology needed to carry out these functions. As an information technology management and planning tool, EA planning represents a business-driven approach to information technology management that emphasizes interoperability and information sharing. The Federal Enterprise Architecture (FEA) was started in 2002 by the Office of Management and Budget (OMB) and continues to be developed today. The FEA is composed of five reference models; Performance, Business, Service, Data, and Technical. Each of the reference models represent specific aspects of the FEA and provide a "common language" for departments and agencies to use in developing common technology solutions. Some of the congressional oversight issues related to the FEA include, but are not limited to, ongoing updates of the reference models, progress in aligning the EAs of individual departments with the FEA, and the role of the FEA in developing a second generation of e-government initiatives. Order Code RS22194 Updated July 15, 2005 CRS Report for Congress Received through the CRS Web Federal Enterprise Architecture and Information Technology Management: A Brief Overview Jeffrey W. Seifert Analyst in Information Science and Technology Policy Resources, Science and Industry Division http://wikileaks.org/wiki/CRS-RS22194 Summary Congressional policymakers are concerned about potential inefficiencies and inefficacies in the operation of the federal government, particularly as it relates to decisions regarding information technology (IT) investments. These concerns have increased as federal IT spending has grown to more than $60 billion annually. One approach being implemented to address this issue is the use of enterprise architecture (EA) planning across the federal government. An EA serves as a blueprint of the business operations of an organization, and the information and technology needed to carry out these functions. As an information technology management and planning tool, EA planning represents a business-driven approach to information technology management that emphasizes interoperability and information sharing. The Federal Enterprise Architecture (FEA) was started in 2002 by the Office of Management and Budget (OMB) and continues to be developed today. The FEA is composed of five reference models; Performance, Business, Service, Data, and Technical. Each of the reference models represent specific aspects of the FEA and provide a "common language" for departments and agencies to use in developing common technology solutions. Some of the congressional oversight issues related to the FEA include, but are not limited to, ongoing updates of the reference models, progress in aligning the EAs of individual departments with the FEA, and the role of the FEA in developing a second generation of e-government initiatives. This report will be updated as events warrant. What is the Purpose of the Federal Enterprise Architecture? The Federal Enterprise Architecture (FEA) is a planning and management tool used to guide federal information technology (IT) investments, with a specific focus on improving efficiency and identifying common applications that can be used government- wide. It is designed to ensure that IT investments support the functions of government, rather than allowing technology choices determine how the government carries out its operations. As a whole, the FEA is intended to "enable the federal government to identify opportunities to leverage technology to: Congressional Research Service ~ The Library of Congress CRS-2 ! reduce redundancy; ! facilitate horizontal (cross-federal) and vertical (federal, state, and local) information sharing; ! establish a direct relationship between IT and mission/program performance to support citizen-centered, customer-focused government; and ! maximize IT investments to better achieve mission outcomes."1 What is an Enterprise Architecture? An enterprise architecture (EA) serves as a blueprint of the business operations of an organization, and the information and technology needed to carry out these functions, both currently and prospectively. As such, it is an information technology management and planning tool. It is designed to be comprehensive and scalable, to account for future growth needs. EA planning represents a business-driven approach to IT management that emphasizes interoperability and information sharing. The creation of EAs long predates the development of the Federal Enterprise Architecture (FEA). In the mid-1980s, John Zachman, a business planning consultant who worked for IBM at the time, developed the http://wikileaks.org/wiki/CRS-RS22194 Zachman Framework, which was designed to serve as a blueprint, or an architecture, to facilitate the integration of IT systems.2 The "enterprise," for which an architecture is created, refers to either a "single organization or mission area that transcends more than one organizational boundary (e.g., financial management, homeland security)."3 Since the development of the Zachman Framework, various parts of the federal government have attempted to work with EAs. For example, the Clinger-Cohen Act, passed in 1996, tasked agency chief information officers (CIOs) with, among other responsibilities, "developing, maintaining, and facilitating the implementation of a sound and integrated information technology architecture for the executive agency."4 The Clinger-Cohen Act defined information technology architecture as: an integrated framework for evolving or maintaining existing information technology and acquiring new information technology to achieve the agency's strategic goals and information resources management goals.5 In September 1999, the Federal CIO Council issued its FEA Framework, which was described as a "conceptual model that begins to define a documented and coordinated 1 Office of Management and Budget, Expanding E-Government: Partnering for a Result- Oriented Government, December 2004, p. 2; Office of Management and Budget, Analytical Perspectives, Budget of the United States Government, Fiscal Year 2006, February 2005, p. 178. 2 J.A. Zachman, "A Framework for Information Systems Architecture," IBM Systems Journal, vol. 26, no. 3, 1987. 3 U.S. General Accounting Office, Information Technology: The Federal Enterprise Architecture and Agencies' Enterprise Architectures are Still Maturing, GAO Testimony GAO-04-798T, May 19, 2004, p. 4. 4 110 STAT. 685. 5 110 STAT. 686. CRS-3 structure for cross-cutting businesses and design developments in the Government."6 In the glossary of the document, the FEA itself is defined as: A strategic information asset base, which defines the business, the information necessary to operate the business, the technologies necessary to support the business operations, and the transitional processes necessary for implementing new technologies in response to the changing business needs. It is a representation or blueprint.7 The E-Government Act, passed in 2002, tasked the Administrator of the Office of E-Government with overseeing the development of EAs, both within and across agencies. The act defined enterprise architecture as: (A) means -- (i) a strategic information asset base, which defines the mission; (ii) the information necessary to perform the mission; (iii) the technologies necessary to perform the mission; and (iv) the transitional processes for implementing new technologies in response to changing mission needs; and (B) includes -- (i) a baseline architecture; (ii) a target architecture; and (iii) a sequencing plan.8 http://wikileaks.org/wiki/CRS-RS22194 State governments are also active in developing their own enterprise architectures. The National Association of State Chief Information Officers (NASCIO) released the third version of its Enterprise Architecture Development Tool-Kit in October 2004, to serve as a guide for state and local government agencies. NASCIO's Adaptive Enterprise Architecture Development Program has received funding from the Department of Justice to support state EA efforts, with a particular emphasis on facilitating the development of state information sharing capabilities.9 Reference Models The FEA is composed of five reference models; Performance, Business, Service, Data, and Technical. Each of the reference models represents specific aspects of the FEA, and provide a "common language" for departments and agencies to use in developing common technology solutions. The reference models are updated to reflect changes in applications and services. Brief descriptions of the five reference models, drawn from the EA website, are included below: ! Performance Reference Model - a framework for measuring the output of major IT investments and their contributions toward achieving organizational goals.10 6 Chief Information Officers Council, Federal Enterprise Architecture Framework, Version 1.1 September 1999 p. 2. 7 Ibid., p. C-5 8 116 STAT. 2902. 9 See [http://www.nascio.org/hotissues/EA/]. 10 For more detail, see [http://www.whitehouse.gov/omb/egov/a-2-prm.html]. CRS-4 ! Business Reference Model - a framework for describing the federal government business operations independent of the agencies that perform them.11 ! Service Component Reference Model - a framework to identify information technology service components (applications) used to support government business functions.12 ! Data Reference Model - a framework that, at an aggregate level, describes the data and information used to support government program and business operations.13 ! Technical Reference Model - a framework used to describe the standards, specifications, and technologies used to support and facilitate the delivery of service components (applications).14 The FEA reference models were developed by OMB, through its FEA Program Management Office (PMO), in conjunction with the Federal CIO Council and the General Services Administration (GSA), for federal agencies and departments to use in their IT budget and planning process.15 The Performance Reference Model (PRM) provides a standardized framework for measuring the contribution of major IT initiatives being http://wikileaks.org/wiki/CRS-RS22194 utilized to fulfill existing legislatively-mandated management processes. These processes that the PRM emphasizes are drawn primarily from the E-Government Act of 2002, the Clinger-Cohen Act of 1996, and the Government Performance and Results Act (GPRA) of 1993.16 While the PRM emphasizes government performance goals applicable to nearly all executive branch agencies, OMB describes the Business Reference Model (BRM) as the foundation of the FEA itself.17 The BRM is based on a functional view of government operations, rather than an organizational view. This orientation reflects the business- focused nature of enterprise architecture IT management. The Service Component Reference Model (SRM), in turn, is intended to identify applications and components that, independent of their business function, can provide a foundation of technologies that are reusable government-wide. The Technical Reference Model (TRM) and the Data Reference Model (DRM) focus on the technologies, data, and standards that can "support and enable the delivery of Service components and capabilities."18 11 For more detail, see [http://www.whitehouse.gov/omb/egov/a-3-brm.html]. 12 For more detail, see [http://www.whitehouse.gov/omb/egov/a-4-srm.html]. 13 For more detail, see [http://www.whitehouse.gov/omb/egov/a-5-drm.html]. 14 For more detail, see [http://www.whitehouse.gov/omb/egov/a-6-trm.html]. 15 Office of Management and Budget, Enabling Citizen-Centered Electronic Government, March 31, 2005, p. 6, available at [http://www.whitehouse.gov/omb/egov/documents/2005_NDU.pdf]. 16 Office of Management and Budget, Federal Enterprise Architecture Program Management Office, The Performance Reference Model Version 1.0, p. 11, available at [http://www.whitehouse.gov/omb/egov/documents/fea-prm1.PDF]. 17 See [http://www.whitehouse.gov/omb/egov/a-1-fea.html]. 18 Office of Management and Budget, FY07 Budget Formulation: FEA Consolidated Reference Model Document, May 2005, pp. 5-6. CRS-5 A graphical representation of the relationship of the five reference models to each other, as it appears in various OMB documents and presentations, is included below. The Federal Enterprise Architecture19 Goals of the Federal Enterprise Architecture The federal government spends more than $60 billion annually on IT goods and services. The FEA has the potential to serve as a critical IT management tool for http://wikileaks.org/wiki/CRS-RS22194 achieving greater efficiencies and breaking down the so-called "stove pipes" that separate individual departments and agencies. The OMB has described the FEA as playing a central role to "ultimately transform the Federal government into a citizen-centered, results-oriented, and market-based organization as set forth in the President's Management Agenda (PMA)."20 The FEA's emphasis on developing interoperable standards, facilitating information sharing, and increasing cross-agency collaboration the FEA is also expected to play a significant role in the future development of federal e- government initiatives. In attempting to develop a second generation of e-government projects, OMB has expressed an interest in moving beyond the somewhat limited nature of the cross-agency collaboration of some of the first generation Quicksilver projects21 toward initiatives that have a truly government-wide character. To that end, in spring 2004, after reviewing data collected from agencies for the development of the FEA, and formulating the annual federal budget, OMB identified "five major collaborative initiatives" that represent core business functions common to many departments and agencies. These five so-called "Lines of Business" (LoB) initiatives include Financial Management, Human Resources Management, Grants Management, Case Management, and Federal Health Architecture. These initiatives are currently in their operational phases, and are predicted to create $5 billion in savings over 19 Source: [http://www.whitehouse.gov/omb/egov/a-1-fea.html]. 20 Office of Management and Budget, FY07 Budget Formulation: FEA Consolidated Reference Model Document, May 2005, p. 4. 21 Pursuant to the July 18, 2001 OMB Memorandum M-01-28, an E-Government Task Force was established to create a strategy for achieving the Bush Administration's e-government goals. In doing so, the Task Force identified 23 interagency initiatives designed to better integrate agency operations and information technology investments. A twenty-fourth initiative, a government- wide payroll process project, was subsequently added by the President's Management Council. These initiatives are sometimes referred to as the Quicksilver projects. A list of the projects is available at [http://www.gpoaccess.gov/usbudget/fy06/pdf/ap_cd_rom/9_3.pdf]. CRS-6 10 years.22 In March 2005, OMB established a task force for a sixth project, the Information Technology (IT) Security LoB initiative. This new IT Security initiative is intended to address common security weaknesses faced by many agencies, and generally improve the state of federal information security. This initiative is currently in the planning phase.23 With these activities in mind, OMB describes the three primary objectives, or goals, of the FEA as: ! improve the utilization of information resources to achieve a citizen- centered government, resulting in proactive policy and improved decision-making; ! increase EA practice maturity government-wide, resulting in better alignment of IT investments with mission performance; and ! increase cross-agency, intergovernment, and public-private sector collaboration, resulting in increased common solutions and cost savings.24 http://wikileaks.org/wiki/CRS-RS22194 Oversight Issues for Congress As the federal enterprise architecture initiative continues to evolve, there are several issues Congress may decide to consider related to implementation and oversight. These issues include, but are not limited to: ! the progress of ongoing efforts to update and enhance the five reference models; ! how well the enterprise architectures of the individual departments and agencies are in alignment with the federal enterprise architecture; ! potential collaboration opportunities and/or lessons to be learned from state government EA efforts; ! how the federal enterprise architecture is being used to address federal information security problems; ! how the federal enterprise architecture is facilitating and benefitting large-scale IT projects such as agency-level technology modernization efforts, the 24 Quicksilver e-government initiatives, and government- wide information sharing; and ! the development and efficacy of a second generation of collaborative e- government initiatives based on the Lines of Business (LoB), as identified in the federal enterprise architecture. 22 Office of Management and Budget, Enabling Citizen-Centered Electronic Government 2005- 2006 FEA PMO Action Plan, March 2005, pp. 11-12. 23 Office of Management and Budget, Implementing the President's Management Agenda for E- Government, E-Government Strategy, Simplified Delivery of Services to Citizens, April 2003, p. 12, available at [http://www.whitehouse.gov/omb/egov/2003egov_strat.pdf]. 24 Office of Management and Budget, Enabling Citizen-Centered Electronic Government 2005- 2006 FEA PMO Action Plan, March 2005, p. 17.