1.13 The COHEN Bill of 1996

Formally known as the Information Technology Management Reform Act of 1996, this law became effective on August 8, 1996. It places strong focus on the life cycle management processes used in IT and on the processes supporting a given technology, rather than simply on the processes and procedures used to acquire IT technologies. Although it applies mostly to federal development and government-contracted efforts, the act emphasizes the management of IT as a 'capital investment' and establishes new requirements related to the management of IT resources, including the following:

• Developing and using performance metrics that measure how well the IT resources used or acquired by an agency support their respective programs

• Determining whether the functions supported by the IT resources should be performed by the private sector

• Reviewing planned IT initiatives to ensure that

  • High-risk projects receive closer scrutiny and more points of review and evaluation

  • Out-of-date, ineffective, or inefficient procedures and work processes are not automated

  • They proceed, on a timely basis, toward agreed-upon milestones within the system life cycle, meet user requirements, and deliver intended benefits

The ITMRA also emphasizes requirements previously established in the Paperwork Reduction Act of 1995 (PRA) and implemented by the Office of Management and Budget (OMB) in revisions to OMB A-130. These requirements include the following:

• IT Planning: establishing and maintaining a strategic IT management plan that is linked to an agency strategic plan (required by the Government Performance and Results Act [GPRA], Public Law 103-62), this ensures that IT resources support the achievement of mission goals

• Cost-Benefit Analysis: preparing an analysis for IT initiatives to demonstrate how the IT resource will meet mission requirements, support ongoing management oversight processes, maximize return on investment, and minimize financial and operational risk

• Security Plan: preparing a plan for the IT initiative to meet security requirements and controls for all information collected, processed, transmitted, stored, or disseminated by the proposed IT resources

This law is significant for individuals in the private sector in that much effort in government migrates into the private sector over time. As processes are developed within government, they frequently find their way into mainstream thinking through cross-pollination of ideas, publications, and individuals transferring from government to private-sector positions. Historically, much of the evolution of the software industry has followed government impetus in areas where funded research has taken place. A good example of this is seen in some of the work coming out of the Software Engineering Institute (SEI) at Carnegie-Mellon University. Through government funding, many novel and innovative ideas transition into the private sector.

So far, we have covered the fundamental aspects of an SPMO operation, albeit at a very high level. As we progress through each of the eight phases of the SEP process, we will go into much greater detail about what actually gets done by the Core Team at each stage in the process. At this point, let's go to the next chapter, where we begin our discussion of the SEP Phase 1 roadmap and review the initial responsibilities of the Core Team during the kickoff meeting.