IT Portfolio Management FAQs
ITPM is a risk based approach to the selection and management of IT projects integrating business and IT planning, budgeting, standards, processes and governance.
The application of ITPM helps the agency achieve mission goals and accomplish agency business/performance objectives by selecting, controlling and evaluating information system projects to determine the best mix of projects and the right level of investment to make in each. Similarly, ITPM helps to balance the IT portfolio between ongoing maintenance initiatives and development/strategic (Development/Modernization/Enhancement - DME) initiatives.
1. Strategic planning establishes the long-term vision for the agency and the supporting functions, activities, objectives and outcomes of subordinate business lines. Strategic planning also defines and communicates the goals and objectives to be served by the IT portfolio.
2. Capital Planning and Investment Control (CPIC) establishes the processes and tools for selecting, controlling and evaluating IT projects that comprise the IT portfolio.
3. Enterprise Architecture (EA) provides IT portfolio managers and governance bodies with a better understanding of IT investment opportunities and impacts. The EA is used to help formulate and target IT initiatives, information management and sharing, application development, deployment, ongoing operation and maintenance by defining and documenting processes, technical standards, etc., which define the agency operating environment.
4. Performance management documents and tracks achievement against the outputs/outcomes/goals/objectives which define agency success.
5. Budget formulation establishes the funding baseline for approved IT projects across the agency, in accordance with agency priorities and Service/Staff Office business plans and approved IT project business cases.
6. Budget execution monitors funding expenditures against the planned expenditures.
7. IT Governance defines and enables a structured set of processes and the decision making responsibility and authority needed to formulate, manage and maintain an effective and efficient IT portfolio.
8. IT Project Management provides the planning and oversight of each IT project within the portfolio, and reporting of progress, status and results. Effective IT project management provides accountable performance monitoring and control. Periodic IT project management reporting feeds all of the ITPM processes.
IT portfolio management is a central element of good IT investment management. GAO’s IT Investment Management Framework places portfolio management at the center of its model of investment management. Portfolio analysis provides information demonstrating the impact of alternative IT investment strategies and funding levels, identifies opportunities for sharing resources and considers the agency’s inventory of information resources.
Defining goals and objectives (strategic planning, performance management);
Understanding, accepting and making tradeoffs (governance);
Identifying, eliminating, minimizing and diversifying risk (CPIC, IT Project Management, budget formulation, governance);
Monitoring portfolio performance (IT Project Management, CPIC, budget execution, performance management, governance);
Revisiting and adjusting portfolio mix, based on goals, objectives, risk and performance (performance management, CPIC, budget formulation, governance).
An IT portfolio is comprised of a set of IT initiatives or projects. Project management is a process that focuses on the extent to which a specific initiative establishes, maintains and achieves its intended objectives within cost, schedule, technical and performance baselines. Portfolio management focuses attention at the aggregate level; its primary objective is to identify, select, finance, monitor and maintain the appropriate mix of initiatives to achieve organizational goals and objectives. Portfolio management also involves consideration of the aggregate costs, risks and returns of all projects within the portfolio.
These stages include:
1. Select Annually - during budget formulation, business cases will be prepared for proposed major IT initiatives. The business cases will be evaluated through enacted Service/Staff Office (SSO) IT governance processes, and submitted to the GSA OCIO for agency-level assessment, along with SSO-approved non-Major IT initiatives. The Information Technology Executive Council (ITEC), in conjunction with GSA’s CFO and Controllers, will examine the proposed SSO portfolios from an enterprise perspective, including validating alignment with the GSA EA, with the agency strategic plan and goals, and with anticipated budget constraints. The ITEC will recommend a proposed IT portfolio to the Business Systems Council (BSC) for concurrence and submission to the GSA Administrator for approval.
2. Control - major IT initiatives in the planning, acquisition, or operations phases of the CPIC lifecycle are monitored to track actual progress against planned results. The type of monitoring and level of reporting required will vary, depending on the CPIC and System Design Life Cycle (SDLC) phase/stage of the initiative. Earned Value Management (EVM) reporting is required for major IT initiatives conducting Development/Modernization/Enhancement. Operational Analysis (OA) is required for Major IT initiatives.
3. Evaluate - IT initiatives that reach the operational phase of the SDLC will be assessed using Post Implementation Reviews (PIRs). PIRs are conducted to validate estimated benefits and costs against actual performance, and to document effective management practices for future use
1. What is the Cloud First policy? Agencies must give priority to web-based applications and services. Cloud computing will allow more people to share a common infrastructure, cutting technology and support costs.
2. How is Cloud First implemented? Cloud computing should be compatible with secure, certified platforms currently provided in the private sector. Migration will build capabilities and momentum in the federal government, encourage industry to more rapidly develop initiatives and reduce operating costs.
3. What are Integrated Program Teams? Integrated Program Teams are small multi-disciplinary teams consisting of business process owners who have a clear vision of the problem they are solving. An Integrated Program Team is required prior to beginning of the investment review process. A full-time manager supported by an Information Technology Acquisition Specialist should be in place for all major programs before Office of Management & Budget approves program budgets.
4. What are data centers? A data center is a facility used to house computer systems and associated components, such as telecommunications and storage systems. It generally houses redundant or backup power supplies, redundant data communications connections, environmental controls (e.g., air conditioning, fire suppression) and security devices.
5. What are IRBs? Investment Review Boards, or IRBs, approve or disapprove funding for new systems/investments, or major modifications to existing systems/investments. The IRBs also make recommendations for continuing, modifying, or terminating existing systems or investments based on performance, cost, or schedule criteria
6. What is Modular Development? How is it implemented? Modular Development is the timeline implemented through the entire IT development process – concept, through requirement analysis development, test and delivery.
Modular Development is implemented by making sure program and business objectives have clear quantitative outcome measures for success; awarding contracts incorporating clear business objectives; delivering new working functionality to users at least every 12 months; and moving resources from one release phase to the next.
7. What is TechStat? A TechStat is a face-to-face, evidence-based review of an IT investment. A TechStat is triggered when an agency, using data from the IT Dashboard and other sources, determines that a project is under-performing. In the review session, the agency CIO and other members of an agency’s leadership team meet for one focused hour. They review a briefing that highlights the management of the investment, examines program performance data and explores opportunities for corrective action. TechStat sessions conclude with clear next steps formalized in a memo and tracked to completion. Tech Stats award contracts which incorporate clear business objectives, deliver new working functionality to users at least every 12 months and move resources from one release phase to the next.
8. What is SPI (SaaS, PaaS, IaaS)? SPI is an acronym for the most common cloud computing service models: Software as a Service, Platform as a Service and Infrastructure as a Service.
Software as a Service (SaaS) is a software distribution replication in which applications are hosted by a vendor or service provider and made available to customers over a network, typically the Internet. Platform as a Service (PaaS) is a model for delivering operating systems and associated services over the Internet without downloads or installation. Infrastructure as a Service (IaaS) involves outsourcing the equipment used to support operations, including storage, hardware, servers and networking components.