GSA Policy for Information Technology (IT) Capital Planning and Investment Control (CPIC)

1.  Purpose. This Order establishes agency-wide policies, roles, and responsibilities for GSA’s IT Capital Planning and Investment Control (CPIC) process. In concert with GSA’s CPIC Playbooks (available only to those on GSA's network), which focus on monthly control reporting as well as annual budget and passback submissions, this policy serves as the official employee reference regarding CPIC at GSA.

2.  Cancellation. This Order cancels CIO 2135.2C, GSA Information Technology (IT) Capital Planning and Investment Control, dated October 31, 2018.

3.  Applicability. This Order applies to:

     a.  All GSA Service and Staff Offices (SSOs) including Regional Offices. All IT investments within GSA are to be managed as set forth in this Order. This Order includes IT investments in which we receive fees for the services we provide to other agencies. However, this Order does not apply to non-IT programs or an interagency agreement for the program in which we perform acquisition activities on behalf of other agencies, such as awarding a contract, task order, or delivery order.

     b.  The Office of Inspector General (OIG) only to the extent that the OIG determines it is consistent with the OIG’s independent authority under the IG Act, and it does not conflict with other OIG policies or the OIG mission.  

     c.  The Civilian Board of Contract Appeals (CBCA) only to the extent that the CBCA determines it is consistent with the CBCA's independent authority under the Contract Disputes Act and other authorities and it does not conflict with the CBCA's policies or the CBCA mission. 

4.  Explanation of Changes. This order provides for consistency with Federal requirements and program implementation changes. This order:

     a.  Updates outdated links; 

     b.  Simplifies language;

     c.  Updates references; and

     d.  Clarifies that specific roles and responsibilities are described in the CPIC Playbooks

5.  Background. This order is governed by several Public Laws and national policies, including:

• The Clinger-Cohen Act of 1996 (CCA), P.L. 104-106. 
• Federal Information Technology Reform Act (FITARA), P.L. 113-291.
• OMB Circular A-130, Managing Information as a Strategic Resource.
• OMB Circular A-11, Preparation, Submission, and Execution of the Budget, Section 55, Information Technology Investments.
• The Federal Information Security Modernization Act of 2014 – P. L. 113-28.
• The Government Performance and Results Act (GPRA) of 1993 and 2010  – P.L. 103-62 and P.L. 111-352.
• The Federal Acquisition Streamlining Act of 1994 – P.L. 103-355.
• The E-GOV Act of 2002 – P.L. 107-347.
• The Paperwork Reduction Act of 1995 – P.L. 104-13. 
• The Services Acquisition Reform Act of 2003 – P.L. 108-136.
• Chief Financial Officers Act of 1990 – P.L. 101-576.

6.  Linkages between CPIC and other management processes. The CPIC process includes all stages of capital programming, including planning, budgeting, procurement, management, and assessments. CPIC’s role in these management processes is explained in detail in the CPIC Playbooks.

7.  Objectives. CPIC is a decision-making process for ensuring that information technology (IT) investments support the agency’s mission and business needs. The CPIC process integrates strategic planning, architecture, security, budgeting, procurement, assessing, and the management of IT. The goal of CPIC is to achieve the best balance in IT investments at the lowest cost with the least risk while ensuring the mission and business goals are met.

8.  CPIC Responsibilities. CPIC is managed by GSA IT through the Office of Digital Management’s Policy and Investment Management Division. Questions may be directed to ocio-cpicteam@gsa.gov. Responsibility for CPIC is shared among GSA’s: 

     a.  Chief Information Officer

     b.  Chief Financial Officer

     c.  Senior Agency Official for Privacy

     d.  Heads of Service and Staff Offices (or equivalent)

     e.  Program/Project Managers 

Specific roles and responsibilities are described in the CPIC Playbooks. 

9.  Policy. GSA will conduct CPIC activities in accordance with all applicable legislation and OMB guidance. CPIC will involve all GSA offices in an effort to leverage technology investment in support of the GSA mission and strategic objectives. GSA will actively evaluate best practices from sources internal and external to the agency, for the purpose of improving the CPIC process where significant business value can be realized for stakeholders, customers, and citizens. 

10.  Waivers. To learn more about, or to initiate a CPIC waiver please contact  ocio-cpicteam@gsa.gov. 

11.  References.  

• GSA Order CIO 2200.1, GSA Privacy Act Program 
• GSA Order CIO 2101.2, Enterprise Information Technology Management (ITM) Policy 
• GSA Order CIO 2110.4, GSA Enterprise Architecture Policy 
• GSA Order CIO 2130.2, CIO Enterprise IT Governance 
• GSA Order CIO 2100.1M, GSA Information Technology (IT) Security Policy 
• GSA Manual (GSAM) Part 507 - Acquisition Planning