Office of Information Management and Technology

Information Technology Strategic Plan

20152018
Version 1.0, September 2015

Current State & Customer Perception

Multiple fragmented IT environments, lacking defined interconnecting processes and workflows and a mission aligned
enterprise architecture. This has led to reactive, unpredictable outputs, increased complexity, a lack of
standardization, role misalignment and costly and unfocused system duplication.

OIMT does not

understand our
business needs

OIMT does not

communicate
effectively or deliver
consistent results

Though the challenges

are real, both OIMT staff
and the Centers
recognize great strides
overs the past few years

OIMT costs too

much and moves too
slow
OIMT does not
keep up with the
latest technologies

To provide effective and fiscally responsible technology

services in a manner which promotes high standards.

Improve Customer
Satisfaction

Improve Program Outcomes

Increase Security

Improve Awareness and

Accountability of Services
Improve Collaboration and
Communication
Improve Delivery of Service
Improve Partnership with
Customers
Improve Skill Sets of Staff

Reduce Costs

Improve FISMA Compliance

Improve Asset
Management
Fully Leverage Consumption
Based Cost Model
Improve Internal Process
Efficiency and Effectiveness
Improve Communication
Improve Utilization of
Technology
3

OIMT Balanced Scorecard

Mission: To provide effective and fiscally responsible technology services in a manner which promotes high standards.
Vision: It is the vision of OIMT to be the Federal model of a successful IT organization.
Strategic Themes:
Security

Quality Service
Strategy Map
STAKEHOLDER

Measures

Improve customer satisfaction

% of respondents who rate OIMT services as satisfactory via a customer >= 75%
satisfaction survey
% of help desk calls resolved on the first call
>= 80%

Increase security

# of weaknesses identified via FISMA audit

% of systems with ATO compliance
% of systems that are PIV compliant
% of POAMS resolved

Improve Customer
Satisfaction

Improve Program
Outcomes

Improve Awareness
& Accessibility of
Services

Increased
Collaboration

FINANCIAL STEWARDSHIP
Reduce costs

Improve physical
& virtual asset
management

INTERNAL PROCESS
Improve Delivery
of Services

Improve
Communications

Improve
Partnerships with
Centers

Improve Internal
Process Efficiencies &
Effectiveness

Improve FISMA
Compliance

ORGANIZATIONAL CAPACITY

Increase Quality of
Staff

Improve Utilization
of Technology

Targets

< weakness by 20% annually

100%
>= 85%
100%

% of completed projects on the IT Portfolio of Projects completed on

time and on budget
Improve awareness and accountability of % of projects on the IT Portfolio of Projects reviewed through project
services
review process

>= 90%

Improve collaboration and communication % of respondents who rate questions related to collaboration and
communcation via a customer satisfaction survey as satisfactory

>= 75%

Reduce costs

% reduction in O&M expenses

% of identified duplicate applications/systems decommissioned

>= 2%
>= 10%

Improve asset management

% of assets accounted for

% of information collected through automated means

>= 90%
>= 60%

Fully leverage consumption based cost

model

Transparancy of costs result in cost reduction based on providing

Centers with consumption information.

reduction of cost

Improve delivery of service

% of existing SLAs being met

>= 80%

Improve FISMA compliance

Decrease ATO completion time

>=25%

Improve internal process efficiency and

effectiveness

% of identified policies, processes, and workflows that are developed,

approved and communicated

>= 75%

Improve communication

% of respondents who rate questions related to communcation of

processes via a customer satisfaction survey as satisfactory

increase 5% yearly

Improve partnership with customers

% of ADCIOs and CITLs who rate questions related to communcation of increase 5% yearly
processes via a customer satisfaction survey as satisfactory

Improve skill sets of staff

% of staff attending rolebased training

>= 65%

Improve utilization of technology

% of applications with automated deployments

% of projects on the IT Portfolio of Projects reported through
automated Project and Portfolio management tool

>= 50%
>= 90%

Improve program outcomes

Increase
Security

Efficiency

Objectives

Initiatives
ADCIO Collaboration
Contract Management
Openness & Transparency
Governance
Cybersecurity
Customer Service
Project Management

>=75% annually

ADCIO Collaboration
Contract Management
Openness & Transparency
Governance
Uniform & Shared Capabilities
Infrastructure Stabilization &
Modernization
Cloud
Application Development
Enterprise Architecture
Role Alignment
Training & Development
Staffing
Openness & Transparency
Governance
Cybersecurity
Customer Service
Project Management

Contract Management
Role Alignment
Training & Development
Staffing

OIMT Approach
Our strategic initiatives can be bundled into three general areas:

ADCIO Collaboration

PEOPLE

Contract Management
Role Alignment
Training & Development
Staffing
Field Offices

Internal Milestone
External Milestone

ADCIO Collaboration

PROBLEM:

OIMT customers do not trust us as a business partner.

SOLUTION:

OIMT will develop a transparent and customer centric approach with the ADCIOs, designed to
identify and satisfy their requirements, as well as allow the ADCIOs to drive the strategic direction.
We need to focus on results, driving value, lowering costs and improving service. OIMT will allow
business to drive IT, and leverage the expertise of the ADCIOs and their respective teams.

MILESTONES:

Utilize a Project Management Methodology that begins with defining business requirements and
ends with an expected result.

Develop Subcommittees that tactically execute and identify business process innovations and
deliver innovative business solutions; not simply IT solutions.
Develop a balanced scorecard quarterly to report on different areas of the IT environments.

Internal Milestone
External Milestone

Contract Management

PROBLEM:

OIMT does not have centralized management, defined processes and the appropriate skillsets to manage
all IT contracts.

SOLUTION:

OIMT will implement a repeatable, centralized process for all IT contracts to facilitate the efficient and
transparent acquisition of IT services and prevent duplicative contracts.

MILESTONES:

Enhance IT Contracts Team that will be responsible for managing contract acquisitions. The team will
work with the Office of Acquisitions and Grants (OAGS) to make the acquisitions process more
efficient, and ensure that CORS are managing contracts to defined performance service levels.

Streamline Procurement Activities by developing workflows and processes to promote efficient,

transparent and effective management of IT acquisitions and contracts.

Build a Procurement Portfolio to streamline our approach and consolidate the number of contracts
and contract vehicles. OIMT will assess the IT contracts inventory to find opportunities for
consolidation and ways to leverage buying power. OIMT will continue to collaborate with OAGs on
alternate contracting approaches and strategic sourcing opportunities.

Develop standard templates for procurement documents such as SOWs, IGCEs, etc. as well as
templates for measuring contract performance.

Develop a comprehensive, centralized contract management model that focuses on management,

oversight and accountability.
8

Internal Milestone

Role Alignment

External Milestone

PROBLEM:

OIMT has not adequately defined functional roles and the required skillsets needed to support IT
projects and services.

SOLUTION:

OIMT will perform resource planning activities to include a functional gap analysis and role definition
in order to align the skills and abilities of the staff to those roles.

MILESTONES:

Develop an organizational chart based on the functional role for each position that can be used to align functions
and improve OIMTs effectiveness and efficiency.

Develop a skills matrix to give managers greater visibility of employees strengths and developmental needs, and
enable them to provide more targeted and timely coaching and training.

Perform an organization assessment and staff rationalization to identify and redeploy staff with the requisite
skills. Develop a roles and responsibilities matrix based on primary, secondary and tertiary expertise.

Conduct a comprehensive review of critical IT positions including the ones that may become vacant in the next 35
years.

Develop a rolebased competency model to meet future business needs, and create a process to track progress
and update succession plans on an ongoing basis.

Assess and refine performance work plans to ensure that they accurately reflect the expected performance in
order to ensure accountability.

Internal Milestone
External Milestone

Training & Development

PROBLEM:

OIMT lacks a consistent, holistic approach to ensure that training and development appropriately
align with mission, roles and responsibilities.

SOLUTION:

OIMT will establish a centralized rolebased training and development management program with
a training roadmap that identifies training needs by role and technology, and is monitored to
ensure progress and compliance.

MILESTONES:

Leverage FDA University to help implement and execute new and ongoing training for OIMT staff,
and work with them to build a professional development program.

Develop a mentoring program which will provide new hires with the opportunity to understand the
complexities that exist within FDA, as well as have the opportunity for collaboration. The ability to
connect with IT professionals will establish a strong foundation for a fulfilling career at FDA.

Establish a mandatory rolebased curriculum to provide guidance for staff to take essential training
such as FAC COR, FAC P/PM, CISSP, MCSE, etc.

Develop an Individual Development Plan (IDP) for each employee that offers employees greater
opportunity for career development and crosstraining.

10

Internal Milestone
External Milestone

Staffing

PROBLEM:

OIMT lacks a comprehensive, enterprisewide succession and retention plan and approach.

SOLUTION:

OIMT will develop and consistently maintain a comprehensive recruitment, retention and succession
plan and approach. At a minimum, the plan will account for prioritizing and hiring the skill sets that
are missing, and ensure that position descriptions and communication plans are up to date.

MILESTONES:

Develop a catalog of IT resources and perform a skills gap analysis that will assist managers in
developing existing employees, as well as assist in recruitment efforts.

Develop a career growth program that will provide transparent and clearly defined IT career paths
with criteria for progression to the next level in both technical and leadership positions.

Right size the staff level and FTE to contractor ratio for cost savings and agility. Identify areas that do
not have at least one backup, provide cross training and hire additional staff as appropriate.

Review Position Descriptions (PD) for updates, using common PDs where applicable (for similar
positions).

Provide support for a position management system that will provide a consistent, standard tool for
managing all FDA positions.

11

Internal Milestone
External Milestone

Field Offices

PROBLEM:

OIMT focuses more on headquarters and less on the field offices.

SOLUTION:

OIMT will maintain a balanced focus on headquarters and field offices to ensure they can meet their
mission in an equivalent manner.

MILESTONES:

Implement VOIP in 100% of the field offices to ensure consistency and mitigate phone related issues.
Develop high speed connections to remote offices to facilitate data transfer to and from the
laboratories and field offices.
Schedule quarterly meetings to increase communication and provide better customer service to the
field.

12

Openness and Transparency

PROCESSES

Governance
Uniform and Shared Capabilities
Cybersecurity
Customer Service
Project Management

13

Level5
Level4
Level3

Defined
Level2

WEAREHERE

Managed

Level1

Initial

Process
characterizedfor
projectsandisoften
reactive.

Quantitatively
Managed

Optimizing
Focusonprocess
improvement

Processmeasuredand
controlled.

Processcharacterized
fortheorganizationand
isproactive.
Projectstailortheir
processfrom
organizationalstandard.

Processes
unpredictable,
poorly
controlledand
reactive.
14

Internal Milestone
External Milestone

Openness and Transparency

PROBLEM:

OIMT doesnt have systematic processes and procedures to track and communicate with customers
and OIMT Staff.

SOLUTION:

OIMT will develop a two way communication approach with the Centers through a comprehensive
catalog of systems, technologies, and projects that is updated regularly, monitored and available to
all.

MILESTONES:

Develop Service Level Agreements (SLAs) and Operation Level Agreements (OLAs) to ensure that
customers are provided services in a timely manner.

Employ a balanced scorecard methodology to inform our customers about IT initiatives and ongoing
activities, and measure our adherence to the established SLAs and OLAs.

Build a reporting mechanism, in the form of executive dashboards and high level reports, that will
provide endtoend monitoring and reporting of important key metrics.

Provide transparency of cost via the cost allocation model using refined consumptionbased billing.

15

Internal Milestone
External Milestone

Governance

PROBLEM:

FDA lacks IT policies and endtoend processes and procedures that facilitate consistency, and
ensure that the products delivered meet predefined integrity standards.

SOLUTION:

OIMT will develop an effective FDAwide IT governance structure that includes the Centers, and
promotes accountability and adherence to governmentwide capital planning directives such as
ClingerCohen, FITARA and FISMA.

MILESTONES:

Establish an Office of Enterprise Portfolio Management to provide oversight for all IT projects and
investments, using standard review and reporting procedures to measure the performance and
compliance of projects.

Institutionalize an Investment Review Board (IRB) to improve acquisition and fiscal management
accountability for capital planning execution.

Develop processes, policies, SOPs and constructs that ensure consistent and quality results.
Implement quality management processes to baseline, and begin routine reporting on the
performance of projects, key metrics and budget formulation activities.

Enforce a project management methodology to ensure that IT projects are managed using a standard
methodology.

Develop a documented governance model that drives quality, consistency and integrity into the
service and project delivery processes.
16

Internal Milestone
External Milestone

Uniform and Shared Capabilities

PROBLEM:

FDA lacks a unified IT strategic direction, governance policies and communication methods to
prevent redundancies and duplication of efforts.

SOLUTION:

OIMT will establish an IT strategic direction using a target architecture that leverages the
business capability model and the CIO Council and subcommittees to deliver uniform and shared
solutions.

MILESTONES:

Assess existing enterprise architecture to determine existing capabilities that can be shared.

Empower Center ITIRBs to redirect Center development efforts to leverage shared capabilities
when possible.

Rationalize capabilities to reduce redundant systems.

Establish a comprehensive, holistic, standardized approach to multifunctional printers to
reduce costs, such as maintenance and supplies.

17

Internal Milestone
External Milestone

PROBLEM:
SOLUTION:

Cybersecurity

Cybersecurity compliance requirements are perceived as an impediment to agility and

IT innovation.
Improve Center engagement to address cybersecurity and IT challenges by developing innovative
solutions, providing effective communications of Federal statutory requirements, and enhancing
collaboration and situational awareness.

MILESTONES:

Implement Continuous Diagnostics and Mitigation (CDM) using governmentwide Information Security Continuous
Monitoring (ISCM) tools to enhance our ability to identify and respond, in real time or near real time, to the risk of emerging
cyber threats.

Implement Independent Verification and Validation (IV&V) for highrisk systems, taking advantage of the wealth of

information security expertise.

Enhance the FDA security posture by moving to a nextgeneration network security architecture that accommodates public
and private cloud services.

Develop a comprehensive patch management governance strategy.

Review and streamline the Security Authorization process.
Build a cadre of cybersecurity professionals ready to engage and implement a synchronized response across the enterprise.
Develop an account management policy.
Integrate cybersecurity governance requirements into the service and project management workflows and OIMT

governance model.

18

Internal Milestone
External Milestone

Cybersecurity (continued)

MILESTONES:

Develop data a loss prevention strategy for end point systems.

Develop an Identity and Access management strategy for internal and external users to address long standing audit

weaknesses.

Develop both a dynamic and static application security testing and validation strategy to allow system developers the
ability to test their systems and applications through all phases of the lifecycle.

Develop an enterprise wide encryption policy for both internal and external data at rest and in transit.

Establish best practices for implementation of security control requirements to assist system owners on security control
implementation.

19

Internal Milestone
External Milestone

Customer Service

PROBLEM:

OIMT is a customer service organization that does not always consider and account for customer
service delivery, customers expectations and perceptions in our daytoday activities,
communications and method of service delivery to the FDA community.

SOLUTION:

Enhance outreach to our customers in an effort to identify customer needs earlier, and provide an
interactive method that invites constructive criticism, comments and suggestions.

MILESTONES:

Develop multiple levels of communication to help OIMT deliver the appropriate level of customer
service.

Enhance the centralized internal knowledgebase that documents issues or problems, and how the
support agents solved them.

Create an interactive selfhelp portal to allow users to identify solutions themselves.

Enhance processes and procedures to provide timely updates to customers about any disruptions
and outages.

20

Internal Milestone
External Milestone

Project Management

PROBLEM:

IT Project Managers do not use a standard method of tracking and reporting for their projects. IT
Project Managers do not have a formal forum to present their projects and escalate high probability
risks and high impact issues.

SOLUTION:

OIMT will establish a PMO to develop and implement project management policies that require
project managers and project leads to track and report status in a consistent manner and in a
centralized location. Conduct regular project reviews to review risks, issues and schedules.

MILESTONES:

Develop a project review process to ensure that projects are within scope, on time, and on budget,
and help mitigate high probability risks and high impact issues.

Enforce the use of the Clarity application as a centralized repository for tracking and reporting on all
IT projects and contracts.

Develop an Enterprise Project Management team to manage select strategic enterprise programs,
and provide oversight, guidance and mentorship to other OIMT projects.

Develop a project management process that governs intake through delivery and ensures that
customers receive the highest quality and expected results.

21

Infrastructure Stabilization & Modernization

Business Continuity

TECHNOLOGY

Mobility

Cloud

Application Development

Enterprise Architecture

Data

Scientific Computing
22

Internal Milestone
External Milestone

Infrastructure Stabilization

PROBLEM:

OIMT does not have a systematic approach for monitoring and managing the current infrastructure,

and lacks a plan to streamline processes and procedures, perform capacity management and

modernize the infrastructure to meet our customers increasing needs.

SOLUTION:

OIMT will define, manage, and quantify performance and customer expectations. OIMT will

identify the parts of the infrastructure that are unstable and create a plan to systematically improve.

OIMT will establish and communicate SLAs, as well as, proactively manage infrastructure through

better monitoring, cross team reporting and root cause analysis.

MILESTONES:

Hire a Chief Technology Officer.

Adopt a capacity on demand model to support evolving technology based on business needs.
Leverage enterprise architecture and asset management tools to collect a complete inventory of
assets and applications to enhance asset management.

Develop an infrastructure stabilization plan by identifying areas of the infrastructure that need
improvements in order to provide better services.

Adopt ITIL methodologies for release management, configuration management and unified
monitoring.

Develop a strategy to provide Network as a Service by using network carriers that provide secure
network connections.
23

Internal Milestone
External Milestone

Business Continuity

PROBLEM:

FDA lacks a comprehensive disaster recovery strategy that would ensure the continuity of business
operations and maintain the availability of mission critical systems, infrastructure and vital records.

SOLUTION:

OIMT will develop a strategy that includes a disaster recovery solution that provides business
continuity for critical applications and vital records.

MILESTONES:

Build redundancy at server and application levels to ensure business continuity.

Develop a disaster recovery strategy to enable the FDA to withstand a regional disaster.

Enhance and improve backup processes to ensure that OIMT can meet business needs to return to
operations.
Move applications to the Ashburn Data Center to reduce operational complexity.
Perform capacity management and IT forecasting to ensure that the IT infrastructure is able to meet
anticipated business growth.

Ensure that continuity is integrated into the OIMT governance strategy and embedded in the service
and project workflow so that continuity will be assured in every deliverable.

Improve knowledge of and use of telework tools.

24

Internal Milestone
External Milestone

Mobility

PROBLEM:

FDA lacks a comprehensive mobility strategy and the capabilities to support the increasing mobile
work needs of FDA staff as well as address changing technologies.

SOLUTION:

OIMT will develop, communicate and implement a comprehensive, standardized mobility strategy
that accounts for business requirements.

MILESTONES:

Provide internal and external stakeholders with timely access to information and data to support
the need for access to Agency data at any time, from any place, on any FDA approved device.

Implement enhanced mobile device management functionality to provide a Choose Your Own
Device option for customers.

Build an enterprise wide mobile application program to provide a mechanism to develop mobile
applications that adhere to OIMT standards.

Create a mobility security team to develop strategies and polices to protect and secure mobile
assets.

Develop a framework for a records management strategy for mobile devices, including texts and
voicemails.

25

Internal Milestone
External Milestone

Cloud

PROBLEM:

OIMT is not providing enough cloud services to meet our customers needs. OIMT lacks an overall
strategy for the resources, policies, processes, acquisition vehicles, governance and security
approval process to fully support cloud solutions.

SOLUTION:

OIMT will develop and implement a comprehensive cloud strategy, including funding,
acquisitions and a cost allocation model, processes and procedures for obtaining resources and
security approvals, and governance processes to meet the requirements of our customers.

MILESTONES:

Build a secure provisioning solution to allow provisioning of servers in a hybrid cloud environment.

Leverage Software as a Service (SaaS) to provide a platform for hosting FISMA low applications in the
cloud (Salesforce).

Develop a consumption based model strategy where the customer pays according to the resources
used.

Establish secure connections to allow for the use of government community cloud options.

Perform an assessment of available cloudbased services to identify solutions to meet business

requirements at a lower cost. Evaluate and implement Platform as a Service (PaaS).

Continue to implement public and private Infrastructure as a Service (IaaS) to increase mission
effectiveness and efficiency and meet OMB mandates.
26

Internal Milestone
External Milestone

Application Development
ApplicationDevelopment

PROBLEM:

FDA lacks a comprehensive application portfolio and development management process (intake
through delivery) which leads to duplication of business capabilities. This lack of governance and
standards has led to applications being developed using a wide variety of technologies that are
difficult and expensive to maintain.

SOLUTION:

OIMT will perform application rationalization, and create a standardized approach and framework
for application development and application and technologies governance.

MILESTONES:

Build an application portfolio to identify all applications across the enterprise.

Establish software metering to track and maintain software licenses in use.

Identify and maintain key artifacts necessary to support our customers which include system documentation,
toolsets, application catalog and access control lists.

Identify and automate key paper dependent business processes (ex. field inspections and sample collections).

Create application development standards to reduce the complexity of the application technology footprint.
Perform application rationalization to identify unused, redundant and out of date applications, and trim down
the portfolio through application modernization and decommissioning.
Develop an application development process that governs intake from concept through delivery, and ensures
that customers receive the expected results.

27

Internal Milestone

Enterprise Architecture (EA)

External Milestone

PROBLEM:

SOLUTION:

FDA lacks integration between the HHS EA Repository (HEAR) framework and other FDA processes
and disciplines which support FDAs IT Portfolio, such as solutions architecture, and Systems Design.
Additional challenges exist in integrating the HEAR with Information Security Staffs (ISS) Trusted
Agent FISMA (TAF) repository due to the disparate views and definitions of IT systems between ISS
and EA. Finally, FDAs Target Architecture updates lack integration with new IT Governance
bodies now emerging at FDA.
OIMT will build a strategy that will adjust the HEAR modeling and ISS TAF update activities toward
greater integration. OIMT will also work with the Platform Subcommittee to adjust and leverage the
target architecture, to help ensure stabilization, modernization, and process improvement
across the enterprise. Additionally, the plan will work towards greater alignment of the business
requirements with the technology direction.

MILESTONES:

Utilize enterprise architecture methodologies to stabilize and modernize the infrastructure.

Streamline an intake process for the HHS Enterprise Architecture Repository (HEAR) to ensure
that all systems are accounted for.
Develop a technology roadmap to modernize and more effectively plan for technology refresh.
Align technology to the business needs to allow business to drive technology.
28

Internal Milestone
External Milestone

Data

PROBLEM:

FDA does not have a comprehensive data governance model. FDA lacks data standards and
supporting technologies to ensure availability and integrity in our data. Our current data resides in
disparate database systems with no integrated strategy for storing and accessing these data sets.

SOLUTION:

Develop a governance model and a master data management approach that aligns with the
governance strategy and integrates with the Agency's enterprise architecture.

MILESTONES:

Develop a Master Data Management strategy to handle business data and Big Data requirements.
Modernize the business objects environment to enhance reporting capabilities.
Develop a data governance model and approach to standardize data across the Agency and promote
interoperability.
Hire a Chief Data Officer to lead Master Data Management efforts.
Develop and implement a SharePoint governance strategy.
Implement digitalization project across the enterprise.

29

Internal Milestone

Scientific Computing

External Milestone

PROBLEM:

FDAs scientific computing program is not integrated into the enterprise architecture, and
the advanced computing needs in support of Regulatory Science are changing and increasing.

SOLUTION:

OIMT will include the Scientific Computing community into the overall target architecture in order
to achieve greater harmonization of needs. This will help ensure customer satisfaction as well as
the delivery of quality solutions in a globalized, transforming market place.

MILESTONES:

Establish a support plan for Scientific Computing to allow FDA to meet its regulatory mission.
Develop a plan for Next Generation Sequencing (NGS) to allow for on demand access to

needed processing capacity.

Define enterprise requirements for statistical support & enterprise SAS to increase awareness
of the capabilities, and improve the benefits of the tools.

Define requirements for a sandbox using nonpublic regulatory / scientific data to evaluate

new technological solutions prior to purchase.

Design a high speed, secure infrastructure to accommodate scientific requirements for data
exchange.

Integrate the scientific image into OIMTs image management process.

30

Supporting Documents
A. Strategic Plan Milestone Tracking

B. CIO Council Roadmap

31

OIMSTRATEGICPLANMILESTONETRACKING
sortedbyTargetDate

MILESTONE
ID

INITIATIVE
CATEGORY

OBCA01

Technology

OBCA02

People

INITIATIVE

MILESTONE

INTERNALOIMTor
EXTERNAL
MILESTONE

INPUTNEEDED
FROM
CIOCOUNCIL
SUBCOMMITTEES?

RESPONSIBLE(external)/
SUPPORTING(internal)
SUBCOMMITEE

RESPONSIBLE
OIMTTDIVISION
(internal)

SORTABLE
TARGET
DATE

MILESTONE
STATUS

ITFC

OBCA

Sep12

Complete

SharePointGovernanceBoardis
charteredandoperationaland
continuestoimproveasneeded.

OBCA

Feb15

Complete

DMScontractdeveloped
templates.
Subcommitteesoperationaland
chartered.
FarhanKhan

Data

DevelopandimplementaSharePointgovernancestrategy.

Internal

YES

ContractManagement

DevelopstandardtemplatesforprocurementdocumentssuchasSOWs,IGCEs,etc.as
wellastemplatesformeasuringcontractperformance.
DevelopSubcommitteesthattacticallyexecuteandidentifybusinessprocessinnovations
anddeliverinnovativebusinesssolutions;notsimplyITsolutions
HireaChiefTechnologyOfficer

Internal

NO

External

YES

BUS01

People

CIO01

Technology

OEPM04

Processes

Infrastructure
Stabilization
Governance

ADCIOCollaboration

OEPM05

Processes

Business

Jul15

Complete

Jul15

Complete

NOTES

Internal

NO

CIO

EstablishanOfficeofEnterprisePortfolioManagementtoprovideoversightforallIT
projectsandinvestments,usingstandardreviewandreportingprocedurestomeasurethe
performanceandcomplianceofprojects.

Internal

NO

OEPM

Jul15

Complete

TheOfficeofEnterprisePortfolio
Management(OEPM)becamean
officialorganizationinJuly2015.

ProjectManagement

DevelopanEnterpriseProjectManagementteamtomanageselectstrategicenterprise
programs,andprovideoversight,guidance,andmentorshiptootherOIMTprojects.

Internal

NO

OEPM

Jul15

Complete

Oneofthreeteamsinthenew
OEPM.

EnterpriseArchitecture

Internal

NO

Internal

YES

Internal

Ongoing

Processforpolicy,processand
workflowmanagementbytarget
date

CTO17

Technology

OEPM06

People

OEPM08

Processes

Openness&
Transparency

StreamlineanintakeprocessfortheHHSEnterpriseArchitectureRepository(HEAR)to
ensurethatallsystemsareaccountedfor.
DevelopabalancedscorecardquarterlytoreportondifferentareasoftheIT
environments
EmployabalancedscorecardmethodologytoinformourcustomersaboutITinitiatives
andongoingactivities,andmeasureouradherencetotheestablishedSLAsandOLAs.

OEPM09

Processes

Openness&
Transparency

Buildareportingmechanism,intheformofexecutivedashboardsandhighlevelreports,
thatwillprovideendtoendmonitoringandreportingofimportantkeymetrics.

OBCA03

People

RoleAlignment

OEPM10

Processes

AD01

Technology

ISS01
ITFC01

CTO

Sep15

OEPM

Sep15

NO

OEPM

Sep15

Internal

NO

OEPM

Sep15

Developanorganizationalchartbasedonthefunctionalroleforeachpositionthatcanbe
usedtoalignfunctionsandimproveOIMTseffectivenessandefficiency.

Internal

NO

OBCA

Oct15

Governance

Developprocesses,policies,SOPsandconstructsthatensureconsistentandquality
results.

Internal

YES

Business

OEPM

Oct15

Buildanapplicationportfoliotoidentifyallapplicationsacrosstheenterprise.

External

YES

ApplicationDevelopment

Processes

Application
Development
Cybersecurity

Developanaccountmanagementpolicy

CustomerService

Enhanceprocessesandprocedurestoprovidetimelyupdatestocustomersaboutany
disruptionsandoutages.
Schedulequarterlymeetingstoincreasecommunicationandprovidebettercustomer
servicetothefield.
Developaprojectreviewprocesstoensureprojectsarewithinscope,ontime,andon
budget,andhelpmitigatehighprobabilityrisksandhighimpactissues.
Developacomprehensivepatchmanagementgovernancestrategy.

Internal
External

YES
YES

INFOSEC

Processes

Internal

NO

ADCIOCollaboration

FieldOffices

OBCA19

People

OEPM11

Processes

ProjectManagement

OTD02

Processes

Cybersecurity

CTO11

Technology

Cloud

ISS03

Processes

ISS04

Technology

Mobility

Cybersecurity

PLAT03

Technology

BusinessContinuity

OEPM01

Processes

OEPM02

Technology

Performanassessmentofavailablecloudbasedservicestoidentifysolutionstomeet
businessrequirementsatalowercost.EvaluateandimplementPlatformasaService
(PaaS).
ReviewandstreamlinetheSecurityAuthorizationprocess
Createamobilesecurityteamtodevelopstrategiesandpolicestoprotectandsecure
mobileassets.
DevelopdisasterstrategytoenabletheFDAtowithstandaregionaldisaster.

Cybersecurity

Integratecybersecuritygovernancerequirementsintotheserviceandproject
managementworkflowsandOIMTgovernancemodel.

BusinessContinuity

EnsurethatcontinuityisintegratedintotheOIMTgovernancestrategyandembeddedin
theserviceandprojectworkflowsothatcontinuitywillbeassuredineverydeliverable.

Version1.0,September2015

Business

Internal

YES

Internal
Internal

NO
YES

Platform

Internal
Internal

NO
NO
YES
NO

Internal

NO

ISS

ITFC

Business

External
Internal

Nov15
Nov15
Nov15
OBCA

Nov15

OEPM

Nov15

OTD

Nov15

CTO

Dec15

ISS

Dec15

ISS

Dec15

Platform

Dec15
OEPM

Feb16

Securityprocessand
documentationintegratedintothe
EPLCprojectmanagementprocess.

OEPM

Feb16

EPLCprojectmanagementprocess
incorporatesgovernancethrough
stagegateprocess.Detailsrelated
tocontinuityarecontainedinthe
EPLCdocumentation.Willbe
continuouslyimprovedasits
dependentmilestonesare
completed.

1of4

OIMSTRATEGICPLANMILESTONETRACKING
sortedbyTargetDate

MILESTONE
ID

INITIATIVE
CATEGORY

OEPM03

Technology

OEPM07

People

OEPM12

Processes

OEPM13

Processes

OEPM14

Technology

OTD01

Technology

OTD03

Technology

CTO01

Processes

INITIATIVE

MILESTONE

YES

Business

OEPM

Feb16

Internal

YES

ApplicationDevelopment

OEPM

Feb16

Internal

YES

Platform

OTD

Feb16

Internal

NO

Internal

YES

Internal

NO

Cybersecurity
Cybersecurity

Developenterprisewideencryptionpolicy

ISS02

Processes

OBCA04

People

OBCA05

Processes

PLAT01

Technology

CTO18

Technology

ITFC03

Processes

ITFC04

Technology

ImplementIndependentVerificationandValidation(IV&V)forhighrisksystems,taking
advantageofthewealthofinformationsecurityexpertise.
Training&Development Developamentoringprogramwhichwillprovidenewhireswiththeopportunityto
understandthecomplexitiesthatexistwithinFDA,aswellashavetheopportunityfor
collaboration.TheabilitytoconnectwithITprofessionalswillestablishastrong
foundationforafulfillingcareeratFDA.
CustomerService
Enhancethecentralizedinternalknowledgebasethatdocumentsissuesorproblems,and
howthesupportagentssolvedthem.
Mobility
Provideinternalandexternalstakeholderswithtimelyaccesstoinformationanddatato
supporttheneedforaccesstoAgencydataatanytime,fromanyplace,onanyFDA
approveddevice.
EnterpriseArchitecture Developatechnologyroadmaptomodernizeandmoreeffectivelyplanfortechnology
refresh.
CustomerService
DevelopmultiplelevelsofcommunicationtohelpOIMTdelivertheappropriatelevelof
customerservice.
BusinessContinuity
Improveknowledgeofanduseofteleworktools.

OBCA06

Technology

Mobility

OBCA11

People

Technology

CTO15

Technology

Feb16

Internal

ProjectManagement
Application
Development
Infrastructure
Stabilization
BusinessContinuity

Processes

CTO12

OEPM

YES

Processes

Technology

Feb16

Internal

Governance

INFOSEC01

CTO09

OEPM

NO

INFOSEC04

Technology

Feb16

Internal

Cloud

CTO05

OEPM

Developaskillsmatrixtogivemanagersgreatervisibilityofemployees'strengthsand
developmentalneeds,andenablethemtoprovidemoretargetedandtimelycoachingand
training.
Developadocumentedgovernancemodelthatdrivesquality,consistencyandintegrity
intotheserviceandprojectdeliveryprocesses.
Developaprojectmanagementprocessthatgovernsintakethroughdelivery,andensures
thatcustomersreceivethehighestqualityandexpectedresults.
Developanapplicationdevelopmentprocessthatgovernsintakefromconceptthrough
delivery,andensuresthatcustomersreceivetheexpectedresults.
Developaninfrastructurestabilizationplanbyidentifyingareasoftheinfrastructurethat
needimprovementsinordertoprovidebetterservices.
MoveapplicationstotheAshburnDataCentertoreduceoperationalcomplexity.

Technology

Technology

Business

RoleAlignment

Technology

OTD05

SORTABLE
TARGET
DATE

YES

CTO08

People

RESPONSIBLE
OIMTTDIVISION
(internal)

Internal

CTO13

Technology

RESPONSIBLE(external)/
SUPPORTING(internal)
SUBCOMMITEE

Identifyandmaintainkeyartifactsnecessarytosupportourcustomerstoincludesystem
documentation,toolsets,applicationcatalogandaccesscontrollists.

Assessexistingenterprisearchitecturetodetermineexistingcapabilitiesthatcanbe
shared.
ImplementenhancedmobiledevicemanagementfunctionalitytoprovideaChooseYour
OwnDeviceoptionforcustomers.
Developaconsumptionbasedmodelstrategywherethecustomerpaysaccordingtothe
resourcesused.
Developdatalosspreventionstrategyforendpointsystems

OTD04

INPUTNEEDED
FROM
CIOCOUNCIL
SUBCOMMITTEES?

Application
Development

Uniform&Shared
Capabilities
Mobility

OEPM17

INTERNALOIMTor
EXTERNAL
MILESTONE

Cybersecurity

ContractManagement

Developaframeworkforarecordsmanagementstrategyformobiledevices,including
textsandvoicemails.
StreamlineProcurementActivitiesbydevelopingworkflowsandprocessestopromote
efficient,transparentandeffectivemanagementofITacquisitionsandcontracts.

Training&Development Establishamandatoryrolebasedcurriculumtoprovideguidanceforstafftotakeessential
trainingsuchasFAC COR,FAC P/PM,CISSP,MCSE,etc.
AdoptITILmethodologiesforreleasemanagement,configurationmanagementand
unifiedmonitoring.
Createapplicationdevelopmentstandardstoreducethecomplexityoftheapplication
technologyfootprint.
DevelopastrategytoprovideNetworkasaServicebyusingnetworkcarriersthatprovide
securenetworkconnections.
Buildanenterprisewidemobileapplicationprogramtoprovideamechanismtodevelop
mobileapplicationsthatadheretoOIMTstandards.
Cloud
LeverageSoftwareasaService(SaaS)toprovideaplatformforhostingFISMAlow
applicationsinthecloud(Salesforce).
Cloud
ContinuetoimplementpublicandprivateInfrastructureasaService(IaaS)toincrease
missioneffectivenessandefficiencyandmeetOMBmandates.

Infrastructure
Stabilization
Application
Development
Infrastructure
Stabilization
Mobility

Version1.0,September2015

Business

Platform

Internal

YES

Platform

External
External
Internal

YES
YES
NO

INFOSEC

Internal

OTD

Feb16

CTO

Mar16

CTO

Mar16

CTO

Mar16

EPLCProjectProcessAgreementis
usedtoidentifytheartifacts
neededforaproject.FDAEPLC
continuestobeimprovedasits
subordinateprocessesare
created/refined.

Mar16
ISS

Mar16

NO

OBCA

Mar16

Internal

NO

OBCA

Mar16

External

YES

Platform

Internal

YES

Platform

External

YES

ITFC

External
Internal

YES
YES

ITFC
Platform

OBCA

Apr16

Internal

YES

IntegratedAcquisitionsTeam

OBCA

Apr16

Internal

NO

OEPM

Apr16

Internal

NO

OTD

Apr16

Internal

YES

Mar16

CTO

Apr16
Apr16
Apr16

OTD

Apr16

CTO

May16

Internal

NO

Internal

YES

ApplicationDevelopment

CTO

May16

Internal

YES

Platform

CTO

May16

YES

Platform

CTO

May16

Internal

NOTES

Mar16

INFOSEC

ApplicationDevelopment

MILESTONE
STATUS

Ongoing

2of4

OIMSTRATEGICPLANMILESTONETRACKING
sortedbyTargetDate

MILESTONE
ID

INITIATIVE
CATEGORY

OBCA07

People

ContractManagement

OBCA08

People

RoleAlignment

OEPM22

Processes

OEPM23

Processes

INITIATIVE

Openness&
Transparency
ProjectManagement

ITFC02

People

OBCA14

People

Staffing

OEPM15

People

Staffing

OEPM19

People

ADCIOCollaboration

Technology
Processes

OTD06

Technology

OTD07

Processes

OEPM20

Processes

EnhanceITContractsTeamthatwillberesponsibleformanagingcontractacquisitions.
TheteamwillworkwiththeOAGStomaketheacquisitionsprocessmoreefficient,and
ensurethatCORSaremanagingcontractstodefinedperformanceservicelevels.

Internal

ConductacomprehensivereviewofcriticalITpositionsincludingtheonesthatmay
becomevacantinthenext35years.
DevelopServiceLevelAgreements(SLAs)andOperationLevelAgreements(OLAs)to
ensurethatcustomersareprovidedservicesinatimelymanner.
EnforcetheuseoftheClarityapplicationasacentralrepositoryfortrackingandreporting
onallITprojectsandcontracts.

MILESTONE

PerformcapacitymanagementandITforecastingtoensurethattheITinfrastructureis
abletomeetanticipatedbusinessgrowth.
Buildasecureprovisioningsolutiontoallowprovisioningofserversinahybridcloud
environment.
Training&Development LeverageFDAUniversitytohelpimplementandexecutenewandongoingtrainingfor
OIMTstaff,andworkwiththemtobuildaprofessionaldevelopmentprogram.

Technology
Technology

OTD09

INPUTNEEDED
FROM
CIOCOUNCIL
SUBCOMMITTEES?

BusinessContinuity

CTO07
CTO10

INFOSEC02

INTERNALOIMTor
EXTERNAL
MILESTONE

RESPONSIBLE
OIMTTDIVISION
(internal)

SORTABLE
TARGET
DATE

NO

OBCA

May16

Internal

NO

OBCA

May16

Internal

YES

Business

OEPM

May16

Ongoing

Internal

YES

Business

OEPM

May16

Ongoing

Internal

NO

CTO

Jun16

CTO

Jun16

RESPONSIBLE(external)/
SUPPORTING(internal)
SUBCOMMITEE

Internal

YES

Platform

External

YES

ITFC

DevelopacareergrowthprogramthatwillprovidetransparentandclearlydefinedIT
careerpathswithcriteriaforprogressiontothenextlevelinbothtechnicalandleadership
positions.
DevelopacatalogofITresources,andperformaskillsgapanalysisthatwillassist
managersindevelopingexistingemployees,aswellasassistinrecruitmentefforts.

Internal

NO

OBCA

Jun16

Internal

NO

OEPM

Jun16

Internal

YES

Business

OEPM

Jun16

BusinessContinuity

UtilizeaProjectManagementMethodologythatbeginswithdefiningbusiness
requirementsandendswithanexpectedresult.
Buildredundancyatserverandapplicationlevelstoensurebusinesscontinuity.

NO
YES

Jun16

DevelopanIdentityandAccessmanagementstrategyforinternalandexternalusers

Internal
External

OTD

Cybersecurity

INFOSEC

Internal
Internal

YES
YES

Cloud

Data

Modernizethebusinessobjectsenvironmenttoenhancereportingcapabilities.

Uniform&Shared
Capabilities
Governance

Establishacomprehensive,holistic,standardizedapproachtomultifunctionalprintersto
reducecosts,suchasmaintenanceandsupplies.
Implementqualitymanagementprocessestobaseline,andbeginroutinereportingonthe
performanceofprojects,keymetricsandbudgetformulationactivities.

Infrastructure
Stabilization
Cloud

ApplicationDevelopment

OTD

ITFC

OTD

Jul16
Aug16

Jul16

Internal

NO

OEPM

Internal

NO

CTO

Sep16

Internal

NO

CTO

Sep16

Internal
Internal

NO
YES

ISS

Sep16

ITFC

OBCA

Sep16

IntegratedAcquisitionsTeam

OBCA

Sep16

ISS07

Processes

Cybersecurity

Processes

CustomerService

Createainteractiveselfhelpportaltoallowuserstoidentifysolutionsthemselves.

OBCA12

People

ContractManagement

BuildaProcurementPortfoliotostreamlineourapproachandconsolidatethenumberof
contractsandcontractvehicles.OIMTwillassesstheITcontractsinventorytofind
opportunitiesforconsolidationandwaystoleveragebuyingpower.OIMTwillcontinueto
collaboratewithOAGsonalternatecontractingapproachesandstrategicsourcing
opportunities.
Developacomprehensive,centralizedcontractmanagementmodelthatfocuseson
management,oversightandaccountability.
Performanorganizationassessmentandstaffrationalizationtoidentifyandredeploystaff
withtherequisiteskills.Developarolesandresponsibilitiesmatrixbasedonprimary,
secondaryandtertiaryexpertise.
Developarolebasedcompetencymodeltomeetfuturebusinessneeds,andcreatea
processtotrackprogressandupdatesuccessionplansonanongoingbasis.

Internal

YES

Internal

NO

OBCA

Sep16

Internal

NO

OEPM

Sep16

Internal

NO

OEPM

Sep16

IntegratethescientificimageintoOIMTsimagemanagementprocess.

Internal
Internal

NO
NO

OTD

Sep16

OBCA

Nov16

Internal

NO

OBCA

Nov16

Internal

NO

OBCA

Nov16

OBCA16

People

ContractManagement

OEPM16

People

RoleAlignment

OEPM18

People

RoleAlignment

OTD12

Technology

OBCA09

People

OBCA13

People

OBCA15

People

ScientificComputing
RoleAlignment

Assessandrefineperformanceworkplanstoensurethattheyaccuratelyreflectthe
expectedperformanceinordertoensureaccountability.
Training&Development DevelopanIndividualDevelopmentPlan(IDP)foreachemployeethatoffersemployees
greateropportunityforcareerdevelopmentandcrosstraining.
Staffing
RightsizethestafflevelandFTEtocontractorratioforcostsavingsandagility.Identify
areasthatdonothavealeastonebackup,providecrosstrainingandhireadditionalstaff
asappropriate.

Version1.0,September2015

ProcessforSLAsandOLAs
managementbytargetdate
Target:100%ofITprojects
reportingthroughClaritybyMay
2016.

Jul16

OBCA10

Technology
Technology

NOTES

Jun16

Adoptacapacityondemandmodeltosupportevolvingtechnologybasedonbusiness
needs.
Establishsecureconnectionstoallowfortheuseofgovernmentcommunitycloud
options.
Establishbestpracticesonimplementationofsecuritycontrolrequirements.

CTO03
CTO14

MILESTONE
STATUS

3of4

OIMSTRATEGICPLANMILESTONETRACKING
sortedbyTargetDate

MILESTONE
ID

INITIATIVE
CATEGORY

OTD08

Technology

OTD10

Technology

CTO04

Technology

INFOSEC03

Processes

Infrastructure
Stabilization
Cybersecurity

INFOSEC06

Processes

Cybersecurity

OEPM21

Processes

OBCA17

People

INITIATIVE
Application
Development
BusinessContinuity

Governance
Staffing

INFOSEC05

Processes

SC02

Technology

ScientificComputing

Cybersecurity

CTO02

Processes

SC03

Technology

Uniform&Shared
Capabilities
ScientificComputing

CTO19

Technology

ScientificComputing

ISS06

Processes

OI01

Technology

Cybersecurity

ScientificComputing

OTD14

People

FieldOffices

AD02

Technology

Application
Development

OTD13

Technology

OBCA18

Technology

Application
Development
Data

SC01

Technology

ScientificComputing

OTD15

People

FieldOffices

INTERNALOIMTor
EXTERNAL
MILESTONE

INPUTNEEDED
FROM
CIOCOUNCIL
SUBCOMMITTEES?

RESPONSIBLE(external)/
SUPPORTING(internal)
SUBCOMMITEE

RESPONSIBLE
OIMTTDIVISION
(internal)

SORTABLE
TARGET
DATE

Establishsoftwaremeteringtotrackandmaintainsoftwarelicensesinuse.

Internal

YES

ApplicationDevelopment

OTD

Nov16

EnhanceandimprovebackupprocessestoensurethatOIMTcanmeetbusinessneedsto
returntooperations.
Leverageenterprisearchitectureandassetmanagementtoolstocollectacomplete
inventoryofassetsandapplicationstoenhanceassetmanagement.
Developadynamic&staticapplicationsecuritytesting&validationstrategy

Internal

YES

ApplicationDevelopment

OTD

Nov16

Internal

NO

CTO

Dec16

External
External

YES
YES

INFOSEC

Dec16

INFOSEC

Dec16

Internal

YES

Business

MILESTONE

Buildacadreofcybersecurityprofessionalsreadytoengageandimplementa
synchronizedresponseacrosstheenterprise
EnforceProjectManagementMethodologytoensurethatITprojectsaremanagedusinga
standardmethodology.
ReviewPositionDescriptions(PD)forupdates,usingcommonPDswhereapplicable(for
similarpositions).
EnhancetheFDAsecurityposturebymovingtoanextgenerationnetworksecurity
architecturethataccommodatespublicandprivatecloudservices.
Defineenterpriserequirementsforstatisticalsupport&enterpriseSAStoincrease
awarenessofthecapabilities,andimprovethebenefitsofthetools.
Rationalizecapabilitiestoreduceredundantsystems.

External

YES

INFOSEC

Mar17

External

YES

ScientificComputing

Apr17

Internal

YES

ApplicationDevelopment

Definerequirementsforasandboxusingnonpublicregulatory/scientificdatatoevaluate
newtechnologicalsolutionspriortopurchase.
Designahighspeed,secureinfrastructuretoaccommodatescientificrequirementsfor
dataexchange.
ImplementContinuousDiagnosticsandMitigation(CDM)usinggovernmentwide
InformationSecurityContinuousMonitoring(ISCM)toolstoenhanceourabilitytoidentify
andrespond,inrealtimeornearrealtime,totheriskofemergingcyberthreats.

External

YES

ScientificComputing

Internal

YES

Platform

Internal

NO

EstablishasupportplanforScientificComputingtoallowFDAtomeetitsregulatory
mission.
ImplementVOIPin100%ofthefieldofficestoensureconsistencyandmitigatephone
relatedissues.
Performapplicationrationalizationtoidentifyunused,redundantandoutofdate
applications,andtrimdowntheportfoliothroughapplicationmodernizationand
decommissioning.
Identifyandautomatekeypaperdependentbusinessprocesses

Internal

YES

Internal

NO

Implementdigitalizationprojectacrosstheenterprise.
DevelopaplanforNextGenerationSequencing(NGS)toallowforondemandaccessto
neededprocessingcapacity.
Develophighspeedconnectionstoremoteofficestofacilitatedatatransfertoandfrom
thelaboratoriesandfieldoffices.

Technology

Data

HireaChiefDataOfficertoleadMasterDataManagementefforts.

Technology

Data

EDM02

Technology

Data

OTD16

People

BUS02

Processes

DevelopaMasterDataManagementstrategytohandlebusinessdataandBigData
requirements.
DevelopadatagovernancemodelandapproachtostandardizedataacrosstheAgency
andpromoteinteroperability.
Providesupportforapositionmanagementsystemwillprovideaconsistent,standard
toolformanagingallFDApositions.
Providetransparencyofcostviathecostallocationmodelusingrefinedconsumption
basedbilling.

BUS03

Processes

Governance

BUS04

Processes

CTO16

Technology

Uniform&Shared
Capabilities
EnterpriseArchitecture

Version1.0,September2015

Feb17

NO

CIO03

Openness&
Transparency

Dec16

OBCA

Internal

EDM01

Staffing

OEPM

InstitutionalizeanInvestmentReviewBoard(IRB)toimproveacquisitionandfiscal
managementaccountabilityforcapitalplanningexecution.
EmpowerCenterITIRBstoredirectCenterdevelopmenteffortstoleverageshared
capabilitieswhenpossible.
Utilizeenterprisearchitecturemethodologiestostabilizeandmodernizethe
infrastructure.

ScientificComputing

CTO

MILESTONE
STATUS

NOTES

May17
May17

CTO

Jun17

ISS

Jun17

OI

Jun17

OTD

Oct17

External

YES

ApplicationDevelopment

Internal

YES

ApplicationDevelopment

OTD

Internal
External

YES
YES

Platform

OBCA

Internal

NO

Internal
External

NO
YES

DataStandards

TBD

External

YES

DataStandards

TBD

External

NO

Business

TBD

External

YES

Business

Ongoing

External

YES

Business

Ongoing

External

YES

Business

Ongoing

Internal

NO

Nov17

ScientificComputing

Nov17
Jan18
Sep18

OTD

Oct18

CIO

ASAP

CTO

DependentofhiringChiefData
Officer
DependentofhiringChiefData
Officer

CostAllocationmodeloperational
andcontinuouslyimproved

Ongoing

4of4

CIO Council Strategic Roadmap

Acquisitions
Council IT
Workgroup

Develop
Develop
Build
Records Mgmt
Access to
Design
Assess
Align
Consumption
Infrastructure Develop a Secure
Perform
Develop Technology Info & Data High Speed, Existing EA
Based Continue to Strategy
Secure
For Shared
Cloud
Leverage Model Implement For Mobile Technology To Business Anytime,
Develop Stabilization Disaster Provisioning
Plan
Devices
Anyplace Infrastructure Capabilities
IaaS
Roadmap
Needs
Strategy Solution Assessment SaaS
Charter
Strategy

Business
Subcommittee
Joe Montgomery

App Dev
Subcommittee
Brad Wintermute

OTD-01

Develop
Charter

Build
Application
Portfolio
AD-01

Develop
Charter

Develop
Sub
`
committees

Enterprise Data
Management
Subcommittee
Cory Milam

INFOSEC
Subcommittee
Alan McClelland

IT Functional
Subcommittee
(ITFC)
Angel Hebert

BUS-01

CTO-10

CTO-11

Develop
Create
Application Application
Development Development
Process
Standards
OEPM-14

OTD-05

Develop
Develop
Balanced Governance
Scorecard
Model
OEPM-01

OEPM-12

CTO-12

Modernize
Business
Objects
Environment
OTD-06

CTO-13

CTO-15

OBCA-06

Rationalize
Build
Capabilities Enterprise
to Reduce
Wide
Redundant Mobile App
Systems
Program
CTO-02

Develop Project
Intake, Review,
Management &
Reporting
Processes

Identify &
Maintain
Artifacts

OEPM-11/13/19

OEPM-03

CTO-09

CTO-18

Establish
Software
Metering
OTD-08

PLAT01

PLAT02

CTO-19

OTD-10

OTD-13

AD-02

Enforce
Provide
Develop
Develop
Improve
Project
Transparency
Processes, Management
SLAs
Acquisition&
of Cost via
Policies & Methodology &
and
Fiscal Mgmt Cost Allocation
SOPs
OLAs Accountability
Reporting
Model
OEPM-10

OEPM-21/23

CTO-01

Identify &
Automate
Enhance
Key Paper
Perform
Backup
Dependent
Application
Processes Business Processes Rationalization

OEPM-22

BUS-03

BUS-02

Empower
ITIRBs to
Leverage
Shared
Capabilities
BUS-04

Establish
Develop Enhance processes Develop
Create an
Improve
Standardized
to update
Multiple
interactive Leverage Knowledge and
Review / SharePoint
Approach to
customers on Levels of
Use of
FDA
Refine Governance
Multi Functional self-help
Strategy
disruptions Communication
portal
Telework
Tools
University
Charter
Printers

Review /
Refine
Charter

OBCA-01

ITFC-01

ITFC-03

OTD-07

Develop
Acct Mgmt
Policy

Develop
Enterprise
Encryption
Policy

Enhance
the FDA
Security
Posture

Build
Cadre of
Security
Professionals

ISS-01

INFOSEC-04

INFOSEC-05

Develop
Review / Master Data
Refine Management
Strategy
Charter
EDM-01

Scientific Computing
Board
Dr. ShaAvhre
Buckman

PLAT-03

Establish
Review / Scientific
Refine Computing
Charter Support Plan
OITI-01

INFOSEC-06

OBCA-10

ITFC-02

ITFC-04

INFOSEC-02

INFOSEC-03

Data
Governance
Model and
Approach
EDM-02

Plan for Next

Generation
Sequencing
(NGS)
SC-01

Enterprise
Requirements
Requirements
for sandbox
for statistical
using non-public
support
regulatory/scientific
and SAS
data
SC-02

SC-03

OBCA-11

Build
Procurement
Portfolio To
Consolidate
# of Contracts
and Contract
Vehicles
OBCA-12

Develop
Develop
Develop
Data Loss
Identity & App Security
Prevention Access Mgmt
Testing
Strategy
Strategy
Strategy
INFOSEC-01

Streamline
Procurement
Activities

KEY
Internal OIMT Milestone

Milestone In-Process

External Milestone

Milestone Completed

ID maps to Strategic Plan

Milestone tracking

Improve Cost Model and Transparency --- Communication, User Outreach and Training --Continuous Governance and Improvement Initiatives

Platform
Subcommittee
Farhan Khan

Version 1.0, September 2015