1 FAM 270†

BUREAU OF INFORMATION RESOURCE MANAGEMENT (IRM)

(CT:ORG-480;†† 09-28-2018)
(Office of Origin:† IRM/BMP/GRP)

NOTE: The Department has issued an interim directive superseding the text in this section regarding the Office of Foreign Operations (IRM/FO).† Please reference Department Notice 2014_09_164 for more information.

1 FAM 271 †CHIEF INFORMATION OFFICER (CIO)

1 FAM 271.1 †Policy

(CT:ORG-225;†† 03-05-2010)

The Chief Information Officer:

(1)† Establishes effective information resource management planning and policies;

(2)† Ensures availability of information technology systems and operations, including information technology (IT) contingency planning, to capably support the Departmentís diplomatic, consular, and management operations;

(3)† Exercises management responsibility for ensuring that the Departmentís information resources meet the business requirements of the Departmentís business practitioners and provide an effective basis for knowledge sharing and collaboration within the Department and with other foreign affairs agencies and partners; and

(4)† Exercises designated approving authority (DAA) for development and administration of the Departmentís computer and information security programs and policies.† The Bureau of Diplomatic Security (DS) is the designated approving authority (DAA) for State systems that fall under the requirements of the DCI Directive for Protecting Sensitive Compartmented Information (SCI) Within Information Systems (DCI Directive dated 6/3).

1 FAM 271.2 †Responsibilities

(CT:ORG-458;†† 06-14-2018)

a. The Chief Information Officer (CIO) holds a rank equivalent to that of an Assistant Secretary.

b. The CIO fulfills the responsibilities of the Chief Information Officer pursuant to section 5125 of the Clinger-Cohen Act, 40 U.S.C. 11315, Chapter 35 of 44 U.S.C., the Federal Information Security Modernization Act of 2014 (FISMA) (Public Law 113-283), and other applicable law, regulations, and directives.

c.† The CIO serves as the principal adviser to the Secretary of State, the Under Secretary for Management (M), and other senior officials on matters pertaining to developing, implementing, and as necessary, revising policies, plans, and programs to facilitate and strengthen the cost-effective, efficient, and timely application of information systems, knowledge management, and technology resources to comply with applicable requirements and achieve strategic Department missions.

d. The CIO, in performing his or her responsibilities, exercises functional authority on behalf of the Under Secretary for Management (M).† Pursuant to 44 U.S.C. 3506(a)(2)(A), in carrying out his or her statutory responsibilities, the CIO reports directly to the Secretary of State.

e. With respect to the subject matter described in subparagraph e(6) of this section, and taking into account applicable statutes, executive branch instructions, and Department policies, the CIO:

(1)† Manages and coordinates the Departmentís information resources and technology infrastructure and provides core information, knowledge management, and technology (IT) services;

(2)† Co-chairs the Departmentís e-Government Program Board with the Chief Financial Officer and coordinates on IT capital planning matters regarding enterprise-wide information resource management and establishes IT program priorities;

(3)† Ensures that user requirements and business practices, as well as knowledge management objectives, are reflected in information resource management decisions;

(4)† Represents the Department in the Federal CIO Council and other organizations;

(5)† Assures that Department information resource policies and programs fulfill Federal Enterprise Architecture and e-Government objectives;

(6)† Establishes policies, plans, and programs and oversees specific operations to ensure that the Departmentís information resource management, information systems, and information technology is designed, acquired, operated, maintained, monitored, and evaluated so as to comply with all applicable requirements and support the efficient, cost-effective, and timely achievement of strategic Department missions to include, but not be limited to:

(a)† Security, in coordination with DS;

(b)† Configuration management, in coordination with DS;

(c)† Workforce planning;

(d)† Knowledge management;

(e)† Modernization of the Departmentís information systems;

(f)†† Development, implementation, and maintenance of a sound and integrated information technology architecture for the Department;

(g)† Establishment and promulgation of technical and operating standards for application to Department information systems; and

(h)† Analysis, prior to significant information technology investments, of the Departmentís mission-related and administrative processes, with due consideration to restructuring and outsourcing, as appropriate;

(7)† Is the designated approving authority (DAA) for development and administration of the Departmentís computer and information security programs and policies.† The Bureau of Diplomatic Security (DS) is the DAA for State systems that fall under the requirements of the DCI Directive for Protecting Sensitive Compartmented Information (SCI) Within Information Systems (DCI Directive dated 6/3);

(8)† Provides advice, guidance, and direction to Department elements responsible for preparing information resource management plans required by statutes, executive branch instructions, and Department policies;

(9)† Recommends funding priorities with respect to the acquisition, operation, maintenance, and improvement of Department information resource, programs, and projects, including the discontinuance or termination of such programs and projects;

(10) Initiates the development, implementation, and evaluation of training plans, in coordination with affected bureaus, to ensure that Department personnel acquire skills needed to manage and use existing and planned information resources;

(11) Establishes, or otherwise ensures, that a process is in place to evaluate fairly whether proposed collections of information should be approved, and to certify such proposed collections of information to OMB for review and approval;

(12) Maintains liaison, in coordination with affected Department elements, with members and staffs of Congressional committees having oversight responsibilities for the Departmentís information resources and information resources management;

(13) Exercises substantive responsibility for following the Departmentís regulatory publications:† Foreign Affairs Manual Volume 5, Information Management, and its related Foreign Affairs Handbooks in their entirety; and

(14) Performs such other functions as may be delegated by the Secretary of State or Under Secretary for Management (M).

1 FAM 271.3 †Organization

(CT:ORG-225;†† 03-05-2010)

See 1 FAM Exhibit 271.3 for an organization chart of the Bureau of Information Resource Management (IRM).

1 FAM 271.4 †Definitions

(CT:ORG-477;†† 09-19-2018)

Access Control Facility, Version 2 (ACF2):† A National Security Agency (NSA)-approved, C-2 rated software product.† It provides security for data stored on computer systems using the IBM Multiple Virtual System/Enhanced Services Architecture (MVS/ESA) operating system.

Alternate communications site:† Established by the Department of Stateís Critical Infrastructure Committee, this site serves as the alternate communications and command and control center in the event of a major interruption of service, due to such things as a terrorist attack, fire, natural disaster, or catastrophic failure of the Departmentís primary facilities in Washington, DC and Beltsville, Maryland.† These services include networking for all ClassNet and OpenNet Communications.

Call accounting:† The process by which call detail records for specific or groups of telephone extensions are collected and recorded for billing and traffic-monitoring purposes.

Capital planning:† An integrated management process that provides for the continuous identification, selection, control, life-cycle management, and evaluation of an information technology investment program designed to achieve a desired business outcome.

Central office of record (COR):† The office of a Federal department or agency that keeps records of accountable communications security (COMSEC) material held by elements subject to its oversight.

Combined bureau processing centers:† The combined bureau processing centers (CBPCs) are classified network centers that provide a centralized infrastructure to support bureau foreign affairs information systems (FAIS) requirements.† These systems provide classified electronic e-mail capabilities for the bureaus.† The AF, PM, EAP, EB, NEA, and EUR bureaus have information-processing equipment located in the CBPC.

Communications security (COMSEC) account:† An administrative entity, identified by an account number, used to maintain accountability, custody, and control of COMSEC material.

Computer technologies:† The technology employed in developing and using computers, computer peripherals, operating systems, software, and communications systems.

Configuration management (CM):† The process of identifying and defining the configuration items in a system; controlling the release and change of these items throughout the system life cycle; recording and reporting the status of configuration items and change requests; and verifying the completeness and correctness of configuration items.

Data administration:† The organization responsible for the definition, management, organization, and supervision of data within an enterprise or organization.† A business function responsible for identifying, documenting, and modeling business information requirements and for maintaining the businessís set of data definitions and standards.

Database administration (DBA):† Technical support and configuration management of a data base management system.† DBA functions include system maintenance, user access control, review of new data base designs, data base change control, data base replication, and security issues and procedures.

Data replication:† The process of, or facilities for, maintaining multiple copies, subsets, or versions of data (copy management).† This process is normally managed by the data base administrator and can be primary-site (single location) or multi-site (multiple locations) in nature.

Department of State publications (DOSPUB):† A list of routing indicators and security levels for every post.

Desktop browser:† A suite of programs located in a desktop PC that allows both viewing and navigation from one node on the Internet or OpenNet, to another.

Desktop systems:† Typically, personal computer hardware, software, and other peripheral devices, that users have on their desks.

e-Government:† The use by the U.S. Government of Web-based Internet applications and other information technologies, combined with processes that implement these technologies.

Enterprise architecture (EA):† Enterprise architecture is defined by three unique groups:

(1)† The Department level business function and information flow;

(2)† The supporting technologies; and

(3)† The crosscutting security architecture.

The business is defined through the functions performed and supporting information flows; the technology by the data, application, and technical infrastructure layers; and the security architecture that affects all layers.† In the architecture, the existing state is the ďas isĒ or current architecture, whereas anticipated changes to meet the Departmentís future needs are represented in the ďto beĒ or target architecture.† A transition plan is included in the enterprise architecture to identify how the gap between the ďas isĒ and the ďto beĒ states will be closed.† Finally, a technical reference model and standards profile is included to provide the supporting technology with appropriate technical standards.

Field surety:† A full life-cycle approach to verification of the integrity of post classified information-processing equipment.

Graphical user interface (GUI):† An interactive screen display by which the user can move a mouse to point the screen cursor at symbols representing data or instructions to the machine, reducing the need for keyboard typing.

Hardware assurance:† Hardware assurance is provided through investigatory procedures that review the technology safeguards applied to classified information-processing equipment for signs of tampering.

Information resources:† Information and related resources, such as personnel, equipment, funds, and information technology (IT).

Information security:† Protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide:† Integrity, which means guarding against improper information modification or destruction, and includes ensuring information nonrepudiation and authenticity; confidentiality, which means preserving authorized restrictions on access and disclosure, including protecting personal privacy and proprietary information; and availability, which means ensuring timely and reliable access to and use of information.

Information system security officer program (corporate):† Designed to plan, implement, and coordinate the Departmentís information system security program for corporate applications and networks and to provide support for the worldwide information system security officerís activities.

Information technology architecture:† An integrated framework for evolving or maintaining existing, and acquiring new, information technology to achieve the Departmentís strategic and information resource management goals.

Infrastructure:† (Also reference network infrastructure, telecommunications infrastructure, telecommunications systems.)† Infrastructure is hardware, software, and cabling that provides high-speed data and voice services to all users within the Department, connectivity among the Departmentís domestic locations and access to the Diplomatic Telecommunications Service Program Office (DTS-PO) international gateway or other communications connectivity.

Key management:† Key management is the supervision and control of the process whereby encryption-keying material, to include fortezza-type certificate, is generated, stored, protected, transferred, loaded, used, and destroyed.

Life-cycle management:† Life-cycle management is the ordered sequential process of planning, applying, and controlling the use of funds, human resources and physical resources from the inception of a project throughout the operational life of the program.† This includes defining user requirements, concepts, and systems specifications; acquisition planning, source selection, system implementation, deployment, operations and maintenance, and deactivation.

Local area networks (LANs):† A user-owned and operated data transmission facility connecting a number of communicating devices such as computers, terminals, printers, and storage devices within a single building or a campus of buildings to provide a capability to share files and other resources among several users.

Message broker:† A middleware product to support program-to program communication between existing heterogeneous (i.e., not designed to work together) applications.† Message brokers are based on three principles:

(1)† Program-to-program connections are more manageable, effective, and durable than database-sharing strategies;

(2)† Many applications must exchange data every few seconds, minutes, or hours, rather than waiting for a nightly batch run; and

(3)† Connections cost less if arranged on a many-to-many basis, so messages and the development effort required to fit interfaces into application programs can be reused.

Messaging:† The electronic transfer of official and unofficial correspondence including e-mail.

Metadata:† Literally, ďdata about data.Ē† Information relating to business processes, data sources, and ownership, helping users to navigate through the data.

Middleware:† The set of software facilities that resides between a clientís application software and the server.† Middleware enables the application software to communicate with the server software.† Middleware includes remote procedure calls, message queuing, object request brokers, inter-process communications, remote file access, remote database access, message routing services, directory services, conversational services, time service, terminal services, and security services.

Mission-essential infrastructure (MEI):† This infrastructure consists of the Department's core network communication array designed to share data with posts and annexes around the world.† This array or backbone includes the networking and telecommunication systems within Main State, the Beltsville Communications Center, and all other facilities, annexes, and posts that relay or bridge communications directly between two or more facilities.† The MEI within the Department serves to support the Department's mission-essential business processes that consist of telecommunications (i.e., OpenNet, ClassNet, and voice systems), mainframe operations and access controls, and official and unofficial messaging.

OpenNet:† OpenNet is a physical and logical Internet Protocol (IP)-based global network that links the Department of State's Local Area Networks (LANs) domestically and abroad.† The physical aspect of the network uses DTS circuits for posts abroad, FTS-2001-provided circuits, leased lines, and dial-up public switch networks.† This includes interconnected hubs, routers, bridges, switches, and cables.† The logical aspect of the network uses Integrated Enterprise Management System (NMS) and TCP/IP software, and other operational network applications.† OpenNet is a Sensitive But Unclassified (SBU) network, which supports e-mail and data applications.

PBX:† Abbreviation for private branch exchange.† A private telephone exchange that provides on-premises dial service and may provide connections to local and trunked communications networks.

Premise distribution system:† Cabling and associated equipment installed in a facility, including the main distribution frame (MDF), intermediate distribution frames (IDFs), and telecommunications closets (TCs).† Protectors and grounding systems are included.

Repository:† A specialized type of database containing metadata.

Standards:† An established basis of performance used to determine quality and acceptability.† As applied to information technology, standards characteristically address the implementation of technical and operating functions, and interfaces between equipment, between software packages, and between equipment and software packages.† Standards become rules when an appropriate authority so determines.

Systems assurance:† Ensuring availability, currency, and responsiveness over the system life cycle, it incorporates the disciplines of:

(1)† Change management;

(2)† Quality assurance;

(3)† Configuration management; and

(4)† Disaster recovery and contingency planning.

Systems integrity:† Systems integrity applies and provides resources and procedures to prevent unauthorized access to Department information and to ensure data integrity.

Technology safeguards:† Technology safeguards include the defensive counterintelligence methods and techniques that are applied to equipment to counter potential hostile threats.

Web technology:† The software and services including Telnet, file Transfer Protocol (FTP) and Web servers used to build applications, other than e-mail, that work on the Internet or OpenNet.

Wide area network (WAN):† A data transmission facility that connects geographically dispersed sites using long-haul networking facilities.

Wireless communications:† Radio, cellular telephone, and satellite communications, including Tactical Satellite (TACSAT), and International Maritime Satellite (INMARSAT).

1 FAM 271.5 †Authorities

(CT:ORG-458;†† 06-14-2018)

Authorities include:

(1)† Annual authorization and appropriation acts, including the Budget Enforcement Act;

(2)† Freedom of Information Act of 1966, Public Law 89-554 (5 U.S.C. 552);

(3)† Privacy Act of 1974, Public Law 93-579 (5 U.S.C. 552a);

(4)† Federal Managersí Financial Integrity Act of 1982, Public Law 97-255;

(5)† Omnibus Diplomatic Security and Antiterrorism Act of 1986, Public Law 99-399;

(6)† Computer Security Act of 1987, Public Law 100-235;

(7)† Computer Matching and Privacy Protection Act of 1988, Public Law 100-503;

(8)† Chief Financial Officers (CFO) Act of 1990, Public Law 101-576;

(9)† Government Performance and Results Act of 1993, Public Law 103-62;

(10) Federal Acquisition Streamlining Act of 1994 (FASA), Public Law 103-355;

(11) Government Management Reform Act of 1994, Public Law 103-356;

(12) Paperwork Reduction Act of 1995, Public Law 104-13;

(13) Information Technology Management Reform Act of 1996 Division E, (ITMRA) (Clinger-Cohen Act of 1996), Public Law 104-106;

(14) Federal Financial Management Improvement Act of 1996, Public Law 104-208;

(15) Electronic Freedom of Information Act Amendments of 1996, Public Law 104-231;

(16) Workforce Investment Partnership Act of 1998, Public Law 105-220;

(17) Title XVII, Government Paperwork Elimination Act of 1998, Public Law 105-277;

(18) Federal Information Security Modernization Act of 2014 (FISMA), Public Law 113-283, amending 44 U.S.C. Chapter 35);

(19) Declassification of State Department Records, 22 U.S.C. 4354;

(20) Fees and Charges for Government Services and Things of Value, 31 U.S.C. 9701;

(21) Architectural and Transportation Barriers Compliance Board, Electronic and Information Technology Accessibility Standards, 36 CFR Part 1194;

(22) Federal Property Management Regulations, 41 CFR Chapter 101;

(23) Federal Management Regulation System, 41 CFR Chapter 102;

(24) Federal Acquisition Regulations, 48 CFR Chapter 1, Subpart 39.2, Electronic and Information Technology;

(25) Department of State Acquisition Regulation (DOSAR), 48 CFR Chapter 6;

(26) E.O. 12656, Assignment of Emergency Preparedness Responsibilities;

(27) E.O. 13618, Assignment of National Security and Emergency Preparedness Communications Functions;

(28) E.O. 12656, Assignment of Emergency Preparedness Responsibilities, E.O. 12656;

(29) E.O. 12862, Setting Customer Service Standards;

(30) E.O. 12931, Federal Procurement Reform;

(31) E.O. 13526, Classified National Security Information;

(32) E.O. 12999, Educational Technology: Ensuring Opportunity for all Children in the Next Century;

(33) E.O. 13010, Critical Infrastructure Protection;

(34) E.O. 13403, Amendments to Executive Orders 11030, 13279, 13339, 13381, and 13389, and Revocation of 13011;

(35) E.O. 13048, Improving Administrative Management in the Executive Branch;

(36) E.O. 13693, Planning for Federal Sustainability in the Next Decade dated March 19, 2015;†

(37) E.O. 13103, Computer Software Piracy;

(38) Capital Programming Guide, Version 1.0, Supplement to OMB Circular A-11, Part 3: Planning Budgeting, Acquisition, and Management of Capital Assets;

(39) OMB Circular A-76, Performance of Commercial Activities;

(40) OMB Circular A-109, Acquisition of Major Systems;

(41) OMB Circular A-119, Federal Participation in the Development and Use of Voluntary Consensus Standards;

(42) OMB Circular A-123, Management Accountability and Control;

(43) OMB Circular A-123, Appendix D, Financial Management Systems;

(44) OMB Circular A-130, Managing Federal Information as a Strategic Resource;

(45) OMB Circular A-131, Value Engineering;

(46) OMB Memorandum 96-22, Implementation of the Government Performance and Results Act of 1993;

(47) National Security Decision Directive 145;

(48) PDD 62, Protection Against Unconventional Threats to the Homeland and Americans Overseas;

(49) PDD 63, Critical Infrastructure Protection;

(50) PDD 67, Enduring Constitutional Government and Continuity of Government Operations;

(51) Federal Preparedness Circular 60, Continuity of the Executive Branch of the Federal Government at the Headquarters Level During National Security Emergencies;

(52) Federal Preparedness Circular 65, Federal Executive Branch Continuity of Operations;

(53) SECY-00-0088, National Plan for Information Systems Protection; and

(54) Other guidance and authorities, as appropriate.

1 FAM 271.6 †Offices Attached Directly to the Chief Information Officer (CIO)

1 FAM 271.6-1 †Strategic Communications Management Unit (IRM/SCM)

(CT:ORG-445;†† 05-09-2018)

The IRM Strategic Communications Management Unit (IRM/SCM) develops and executes the strategic communications goals of the Departmentís Chief Information Officer (CIO) and Head of the Bureau of Information Resource Management (IRM).† In addition to developing and disseminating unified messages and marketing campaigns to both internal and external customers of the Department, the SCM Unit strengthens IRMís ability to effectively communicate and fulfill the Departmentís IT Strategic Plan (ITSP) Goals and Objectivesóas identified by the CIO. In furtherance of these objectives, IRM/SCM:

(1)† Collaborates with experts and stakeholders throughout the Department to develop, monitor, and manage communication policies, procedures, and standards in order to ensure the Department maintains a consistent, accurate, and appropriate official presence in its internal and external digital environments;

(2)† Conducts internal customer engagement outreach, using the appropriate vehicles, with the Department to communicate and drive stakeholder involvement in the Departmentís collaborative effort required to achieve its IT goals and digital initiatives;

(3)† Conducts external customer engagement outreach (Federal agencies, private sector industry partners, the Hill, etc.), using appropriate vehicles to communicate the IT goals, initiatives, and relevant experiences of the CIO and the Department; and stays appraised of external best practices; and††

(4)† Evaluates the effectiveness of communication and marketing campaign efforts through data analyses and customer feedback mechanisms, among other methods.

1 FAM 272 †principal DEPUTY chief information officer for information resource management (IRM/PDCIO)

(CT:ORG-417;†† 06-15-2017)

a. The Principal Deputy Chief Information Officer (PDCIO):

(1)† Advises the Chief Information Officer (CIO) on all matters related to the formulation and implementation of information technology (IT) programs and policies in support of the Departmentís IT Strategic Plan and Foreign Affairs community;

(2)† Monitors the coordination and progress of all IRM activities to ensure developing IT projects are mutually supportive; providing synergies, meeting established goals, making the best use of resources, and avoiding duplication.††

(3)† Oversees those responsible for integrating effective information security in all enterprise IT systems and networks, protecting them from cybersecurity vulnerabilities, and the preparation of countermeasures and contingency planning in the event of systems and network penetrations; and the establishment and operations of IT Governance and project management measures to monitor and assess their status and effectiveness;

(4)† Ensures the accurate flow of communication needed by a large, hierarchal organization to effect the efficient and constructive exchange of ideas and proposals; provide communications of leadership to promote a unified sense of purpose and direction;

(5)† Chairs the IRM Executive Committee (EC), the Cloud Computing Governance Board (CCGB), and the IRM Steering Committee at the Department of State.

b. IRM/PDCIO also provides direct management oversight to the following offices and Deputy Chief Information Officer (DCIO) organizations, which make up the Bureau of Information Resource Management:

(1)† External Affairs Office (IRM/EA);

(2)† Vendor Management Office (IRM/VMO);

(3)† Deputy Chief Information Officer for Information Assurance/Chief Information Security Officer (DCIO/IA);

(4)† Deputy Chief Information Officer for Business Management and Planning/Chief Knowledge Officer (DCIO/BMP);

(5)† Deputy Chief Information Officer for Operations/Chief Technology Officer (DCIO/OPS); and

(6)† Deputy Chief Information Officer for Foreign Operations (DCIO/FO).

1 FAM 272.1 †Office of External Affairs (IRM/EA)

(CT:ORG-417;†† 06-15-2017)

The Office of External Affairs (IRM/EA):

(1)† Represents IRM and/or the Department on intra and inter-agency efforts regarding IRM external affairs issues such as† the National Security/ Emergency Preparedness Communications Executive Committee, the Emergency Communications Planning Center, the Cyber Response Group, the Cyber Coordinating Group, the Inter-department Radio Advisory Committee, and the U.S. NATO Civil Emergency Planning community; ensures that the CIO is represented on interagency committees addressing IRM matters, as directed; coordinates issues as they relate to information security and cybersecurity with the CISO office;

(2)† Supports the CIO by serving as a central point of contact for Other Government Agencies (OGAs), when appropriate, to facilitate requests across IRM, particularly at overseas diplomatic and consular posts; acts as liaison and provides IRM continuity to requesting agencies, working with other IRM entities to ensure consistency between tenant agencies at post, their respective Headquarters, post Information Management Officers, and IRM initiatives which affect OGA requirements at post;

(3)† Supports CIO to ensure Department senior management is aware of OGAsí special requests and potential obstacles to meeting requirements; provides advice and guidance, as appropriate;

(4)† Ensures that agreements with other foreign affairs agencies, including those covering the terms and conditions under which the Department will provide information services, both domestically and at diplomatic and consular posts abroad, are consistent with the Departmentís foreign affairs policies, goals, and objectives, as well as relevant IRM and federal information management policies by working collaboratively across IRM on behalf of the CIO;†

(5)† Consults, coordinates, and negotiates agreements with foreign governments, foreign telecommunications service providers, and international organizations encompassing the full range of the Departmentís international information resources management requirements, including, as appropriate, reciprocal arrangements for wireless communications;

(6)† Provides guidance and support regarding the negotiation, implementation, monitoring, and improvement of secure communications between the United States and foreign senior national leadership;

(7)† Ensures the Departmentís spectrum management responsibilities are met, including:

(a)† Represents the CIO and participates in the National Telecommunications and Information Administration (NTIA) Interdepartmental Radio Advisory Committee (IRAC) meetings;††

(b)† Conducts frequency assignment reviews and confirmations that support critical Department communications;

(c)† Responds to frequency requests from international communities;

(d)† Maintains a relationship with the interagency spectrum management community and the Departmentís foreign missions;

(e)† Coordinates and maintains national frequency requests and assignments; and

(f)†† Secures frequency authorization for foreign missions.

(8)† Coordinates and implements high-level strategies for OIG engagements on behalf of the CIO; serves as the primary adviser to the CIO for coordinating senior-level communications with the OIG; works collaboratively with the IRM Strategic Planning Office to ensure day to day operations are aligned with IRMís OIG engagement strategy;

(9)† As designated, ensures coordinated interagency development and reliable implementation of policies and minimum standards regarding Executive Order 13587 (Structural Reforms to Improve the Security of Classified Networks and the Responsible Sharing and Safeguarding of Classified Information);

(a)† Represents and/or supports the CIO at monthly Senior Information Sharing and Safeguarding Steering Committee meetings;

(b)† Advises the CIO on the development of an effective program to monitor compliance with established policies and standards needed to achieve classified information sharing and safeguarding goals;

(c)† Coordinates the submission of the quarterly Key Information Sharing and Safeguarding Indicators (KISSI) reporting on progress made to secure classified networks; and

(d)† Coordinates efforts with bureaus to assess compliance with established policies and standards, and recommends corrective actions needed to ensure compliance.

(e)† Represents IRM and the CIO as a primary stakeholder of the Insider Threat Hub in coordination with the Bureau of Diplomatic Security (DS).† The Insider Threat Hub is responsible for addressing operational aspects of the Insider Threat Program, including gathering and analyzing insider threat information, identifying potential insider threat concerns, and ensuring that an appropriate inquiry is conducted to resolve the concern.

1 FAM 272.2 †Vendor Management Office (VMO)

(CT:ORG-417;†† 06-15-2017)

The Vendor Management Office (VMO):

(1)† Supports IRM in the execution of the Vanguard Acquisition Strategy.† The VMO was created to support IRM in governing, managing, and maximizing the value to the government of Vanguard contracts.

(2)† Provides contract oversight and management for IRM programs, projects, and contracts on behalf of IRM Leadership.

(3)† Establishes the framework, policies and processes to manage contractor resources across the organization.

(4)† Directs IRM organizations in the execution of their responsibilities for following established policies and procedures.

(5)† Catalogs and evaluates Vanguard vendor best practices that aid in gaining efficiencies and achieving cost savings.

(6)† Measures and manages contract performance to maximize contract value to IRM.

1 FAM 273 †DCIO for INFORMATION ASSURANCE/Office of the CHIEF INFORMATION SECURITY OFFICER (IRM/IA) (CISO)

(CT:ORG-458;†† 06-14-2018)

The DCIO for Information Assurance/Office of the Chief Information Security Officer (IRM/IA) (CISO):

(1)† Serves as Chief Information Security Officer (CISO) for the Department;

(2)† Serves as the Chief Information Officerís (CIO) primary adviser concerning Department information security issues. †The IRM/IA CISO serves as the CIOís representative on intra- and inter-agency issues regarding information security;

(3)† Serves as designated senior agency information security official as specified in the Federal Information Security Modernization Act of 2014 (FISMA) (44 U.S.C. 35) or other applicable law;

(4)† Serves under the supervision of the CIO, carrying out the CIOís responsibilities under 44 U.S.C. 3544;

(5)† Heads the Office of Information Assurance (IRM/IA) with the mission and resources to assist in ensuring agency compliance with Federal Information Security Modernization Act of 2014 (FISMA) and other applicable national requirements and mandates;

(6)† Develops and maintains an agency-wide information security program as required by 44 U.S.C. 3544(b);

(7)† Coordinates the design and implementation of processes and practices that assess and quantify risk with respect to information resources;

(8)† Develops and maintains information security policies, procedures, and control techniques to address all applicable information security requirements, including those issued under 44 U.S.C. 3543 and 40 U.S.C. 11331;

(9)† Trains and oversees personnel with significant responsibilities for information security with respect to those responsibilities and provides liaison with information systems security officers domestically and abroad;

(10) Advises and assists Department senior management with their information security responsibilities;

(11) Reports Department compliance status with program-related Federal mandates to Department leadership, OMB, and Congress; and

(12) Serves as co-chair of the Departmentís Information Security Steering Committee.

1 FAM 273.1 †Office of Information System Security Officer Oversight (IRM/IA/ISSO)

(CT:ORG-443;†† 04-09-2018)

The Office of Information System Security Officer (ISSO) Oversight oversees the Department ISSO Program. †This Office is comprised of two Divisions as follows:

(1)† Regional and Domestic (RD) Division: The RD Division is responsible for ensuring that guidance to the ISSO community, system administrators and Information Management Officers at regional posts and offices worldwide is consistent with Department, Federal and Industry best practices for information security standards.† This office is responsible for directing the coordination of ISSO activities through the DOS enterprise that includes its domestic facilities and overseas missions.

(2)† ISSO Operations (OPS) Division: The OPS Division initiates and delivers to posts new IT security solutions sets. OPS Division implements the Departmentís technology toolsets to support the ISSO program worldwide and domestically, and is responsible for coordinating efforts between IRM Operations and DS, and for developing the appropriate tools within the Enterprise (Domestically and at Posts).† This Division also coordinates Penetration Testing and remediation efforts through IT security planning, evaluation, analysis, guidance, verification, and validation of Plan of Actions and Milestones (POA&M) closures and remediation.† This Division also collaborates with other INFOSEC professionals within IRM/IA and with DS to review, establish, and/or approve qualifications for the Departmentís Information System Security Officers.

1 FAM 273.2 †Office of Policy, Liaison and Training (IRM/IA/PLT)

(CT:ORG-417;† †06-15-2017)

a. The Office of Policy, Liaison and Training (PLT) oversees and addresses Departmental policy and governance issues related to integrating current Federal cyber security technology requirements and compliance policies into emerging technology initiatives, and plans, analyzes and evaluates a variety of sensitive high-profile IA actions that are of direct and immediate concern to the Department.† Additionally, PLT manages all IT security policy and training aspects of the major technology initiatives undertaken by IRM and the Department.

b. The Information Security Engineer (ISE) within PLT develops enterprise wide system concepts and works on the capabilities phases of the systems development lifecycle; and translates technology and environmental conditions (e.g., law and regulation) into information system security designs and processes.† PLT plans, designs, monitors and coordinates Department-wide information security policy and training.

1 FAM 273.3 †Office of Information Technology Security Compliance (IRM/IA/ITSC)

(CT:ORG-417;†† 06-15-2017)

The Office of ITSC oversees the implementation of the Departmentís IT Risk Management Framework (RMF).† This work is accomplished within the two Divisions supported by the office.

(1)† Assessment and Authorization (A&A) Division:

††††† The A&A Division is responsible for developing guidance and providing oversight to systems owners ensuring the Departmentís systems are compliant with FISMA 2014.† This Division is primarily responsible for assuring DOS Bureausí compliance with FISMA 2014 including the implementation of the A&A process, Department-wide Common Control Management, Contingency plan testing, review and verification and secure systems development as required for FISMA compliance.

(2)† Compliance Reporting (CR) Division:

††††† The CR Division is responsible for providing consistent, accurate, and timely reporting on IT security activities and managing the Plans of Action and Milestones (POA&M) that are identified during the systemís A&A process or by other sources. This division manages the delivery of program and project management artifacts to support Departmentís Cybersecurity compliance reporting for FISMA, Office of Inspector General (OIG), Government Accountability Office (GAO), Presidentís Management Council (PMC), and other internal and external entities.† CR is also responsible for overseeing the life cycle POA&M and information security related audit findings in support of the Departmentís Information Security Program and provides federal oversight of the verification, and validation of POA&M closures and remediation.

1 FAM 274 †STATE MESSAGING AND ARCHIVE RETRIEVAL TOOLSET PROGRAM MANAGEMENT OFFICE (IRM/SMART)

(CT:ORG-417;†† 06-15-2017)

The State Messaging and Archive Retrieval Toolset Program Management Office (IRM/SMART):

(1)† Re-engineers, consolidates, and modernizes Department corporate messaging, collaboration and archiving processes and systems to satisfy business needs and legal requirements;

(2)† Provides ability to search, manage, archive, and retrieve the information and knowledge contained in Working and Archival messages;

(3)† Plans and manages critical special programs related to IRM-wide missions;

(4)† Manages SMART strategic project activities including planning, budget, and coordination with Department long-range vision priorities, and legal requirements;

(5)† Manages SMART tactical program including finance, schedule, personnel, acquisition, risk, and quality;

(6)† Determines requirements for Command and Control Messaging and designs solutions to meet Department business and legal requirements.† IRM/SMART develops and integrates SMART core messaging solutions with other Department and external systems and ensures that solutions meet configuration, security, and statutory requirements;

(7)† Defines SMART architecture and ensures performance, integration and interoperability with related IT investments;

(8)† Manages test and quality control for the SMART system;

(9)† Develops and operates the SMART system laboratories; and

(10) Deploys SMART worldwide and provides technical support and training.

1 FAM 275 †Deputy Chief Information Officer for Business Management and Planning/Chief Knowledge Officer (IRM/BMP)

(CT:ORG-417;†† 06-15-2017)

The Deputy Chief Information Officer for Business Management and Planning/Chief Knowledge Officer (IRM/BMP):

(1)† The DCIO/CKO assists and advises the Chief Information Officer (CIO) in the execution of his or her responsibilities;

(2)† Ensures that the Departmentís information resource management decisions reflect the needs of the Departmentís business practitioners.† IRM/BMP anticipates changes in both technology and the business practices of the Department to ensure that the Departmentís information resource programs fully meet information, e-Government, and knowledge management objectives;

(3)† Manages overall liaison, interface, and outreach functions within the bureau and Department to provide information resource management policies and programs that best support the Departmentís business practitioners and business practices;

(4)† Exercises strategic responsibility to ensure that State IT projects are developed and delivered on time, within budget, and in accordance with customer business needs;

(5)† Exercises leadership and provides management guidance to ensure that IRM products and services delivered are accessible to internal and external customers around the globe are an efficient and cost effective use of IT resources;

(6)† Exercises leadership on IT architecture, engineering and planning, and e-Government.† IRM/BMP ensures that IT architectures and plans provided by IRM are effective and consistent with Federal IT architecture programs and requirements;

(7)† Exercises strategic responsibility in the Department for developing and implementing improvements in information technology infrastructure, systems, and programs to improve communication and collaboration among U.S. foreign affairs agencies domestically and at posts and missions abroad;

(8)† Exercises leadership regarding the development and communication of IT procedural and IRM Bureau functional policies to ensure clear, concise communication of IT processes, roles, and responsibilities;

(9)† As Chief Knowledge Officer, provides strategic direction and advocacy to manage knowledge assets and programs throughout the Department; ensures the availability of collaborative technologies that support knowledge leadership goals and objectives; and guides and supports knowledge management initiatives within State and between State and other agencies and foreign affairs partners;

(10) Provides liaison and fosters cooperation with other Federal agencies, educational institutions, nongovernmental, not-for-profit, and private-sector organizations regarding knowledge management and workforce planning initiatives, practices, and standards;

(11) Provides overall leadership of the Departmentís e-Government initiatives and programs; and

(12) Represents the Business Practices and Programs office in the e-Government Program Board.

1 FAM 275.1 †Project Services Office (IRM/BMP/PSO)

(CT:ORG-417;†† 06-15-2017)

The Project Services Office (IRM/BMP/PSO):

(1)† Acts as a single entity within IRM to coordinate project management (PM) functions for supported IT projects to enable consistency, standardization, and the ultimate success of the projects;

(2)† Is accountable to the PSO Executive Sponsor Ė the Deputy CIO for Business Management and Planning (BMP) Ė to ensure that IT projects assigned to PSO are being delivered on time, within budget and in accordance with customer business needs and the Departmentís target enterprise and segment architectures;

(3)† Provides guidance and support in project management processes and methodologies in a manner that is efficient, consistent, and standardized;

(4)† Acts as point of coordination for IRMís PM processes that includes highlighting current PM excellence that can be applied to other IRM offices;

(5)† Coordinates with IRM/BMP/SPOís Portfolio Management Division to ensure all new projects go through the pre-select process and comply with IT investment reporting requirements such as, their strategic value in support of the customerís business needs, and their impact on resources, costs, schedule, performance and workload;

(6)† Manages sponsored IT projects to include project planning, reporting, and coordination of PM activities;

(7)† In support of customer business requirements, works with the customer and senior management to determine the appropriate service level for each IT project.† Project management support is provided at two levels (depending on customersí requirements).

(a)† Managing the Project Ė Acts as the Project Manager overseeing all aspects of the IT project from start to finish including responsibility and accountability for managing the project's scope, schedule, and budget to meet the customerís business needs;

†(b) Project Management Coordination Ė Provides project management templates, examples, and methodologies that are readily available for teams to use to accomplish project goals.

(8)† In addition to the three PM service levels, PSO provides ongoing services that are not tied to specific projects but rather support the Project Community as a whole.† Coordinates project management-related events to promote, knowledge of project management discipline within the Department.† PSO also provides mentoring on Project Management to include maintenance of other project management support/resources and ensures these are aligned with and complementary to official project management guidance and governance from IRM/BMP/SPO;

(9)† For PSO assigned projects, PSO collaborates with its customers and senior managers to define the scope and business requirements of IT projects.† Tailors project management activities to the size and scope of each project and ensures that each project is reviewed by IRM/BMP/SPO from a strategy, portfolio management, and enterprise architecture perspective;

(10) Manages and maintains appropriate control of project management resources, including but not limited to physical resources such PM toolkits and methodologies, and ensures these are aligned with and complementary to official project management guidance and governance from IRM/BMP/SPO, as well as human resources and project personnel;

(11) Keeps the PSO Executive Sponsor and individual project stakeholders abreast of the status and relevant IT project issues, as appropriate;

(12) Fulfills IT project management reporting requirements, and if a Major investment, complies with OMB A-11 reporting requirements as necessary; and

(13) Provides mentoring and coaching in an effort to raise the PM maturity level of IRM and improve the quality of IT project management services delivered.

1 FAM 275.1-1 †Methodologies and Processes Division (IRM/BMP/SPO/MAP)

(CT:ORG-468;†† 08-20-2018)

The Methodologies and Processes Division (IRM/BMP/SPO/MAP):

(1)† Acts as point of coordination for IRMís PM processes highlighting current PM excellence that can be applied to other IRM offices;

(2)† Establishes IT project management processes, tools, and a common reporting framework;

(3)† Communicates and advises on project management standards, best practices, news, and methodologies; and

(4)† Serves as a project management knowledge center which includes development and maintenance of a centralized knowledge repository containing templates, toolkits, and other project management resources, and ensures these are aligned with any project management guidance and governance from IRM/BMP/SPO.

1 FAM 275.1-2 †Solution Delivery Division (IRM/BMP/OCA/SD)

(CT:ORG-468;†† 08-20-2018)

The Solution Delivery Division (IRM/BMP/OCA/SD):

(1)† Provides day-to-day project management support to sponsored projects for services including, but not limited to:

(a)† Scope management;

(b)† Schedule management;

(c)† Cost management;

(d)† Communications management;

(e)† Risk management;

(f) † Quality management;

(g) Procurement management

(h)† Requirements management; and

(i)†† Integration management.

(2)† Manages sponsored IT projects to include project planning, reporting, and coordination of PM activities;

(3)† Organizes and manages IT project resources and ensures that projects are completed within the defined scope, quality, time and cost constraints;

(4)† Collaborates with other IT project managers to coordinate project management activities;

(5)† Collaborates and coordinates with IRM/BMP/SPO on capital planning, portfolio management, enterprise architecture and project management related policies, mandates and compliance requirements to ensure consistency across IRM IT project initiatives; and

(6)† Collaborates with other IRM offices to effectively transition post-project activities from the project team to operations and maintenance groups, as needed.

1 FAM 275.2 †Strategic Planning Office (IRM/BMP/SPO)

(CT:ORG-417;†† 06-15-2017)

The Strategic Planning Office (IRM/BMP/SPO):

(1)† Serves the State Department as a central decision support service for effective business, management and planning decisions for the efficient use of technology in the execution of our foreign affairs mission.  SPO manages the activities of the Enterprise Architecture, Financial Management, Portfolio Management and Strategic Planning Divisions and ensures that the IT architectures, budget, plans and strategies they produce are fully, effectively, and successfully integrated to meet the Departmentís business needs;

(2)† Acts as the State Departmentís senior authority on Enterprise Architecture. Ensures IT investments and initiatives are aligned with IT strategies and the State Departmentís strategic objectives.  In accordance with regulations, IT directives, industry best practices and provides a line-of-site view of IT investments for effective decision making;

(3)† Performs the IRM Bureauís financial planning and management function, including budget formulation and funds control functions.† The office provides senior bureau management with a clear, transparent, and current financial reporting that reflects Departmental and IRM budget decisions;

(4)† Manages the State Departmentís Information Technology (IT) Portfolio Management function, and IT Capital Planning processes (Pre-Select, Select, Control and Evaluation) and maintains the capital planning tools.† Serves as the executive secretariat of the e-Gov Program Board (e-GovPB), which functions as the Departmentís senior managementís governance board for IT investments and serves as the secretariat to the e-GovPBís associated organizations, the e-Gov Advisory Group (e-GovAG);

(5)† Leads the formulation of the State Departmentís Information Technology (IT) Strategic Plan, providing a strategic framework for IRM, functional, management and regional bureaus to align IT investments to the mission of the State Department.  The IT Strategic Plan establishes the Departmentís IT mission, vision and goals and associated performance indicators, in direct alignment with the Departmentís Strategic Plan;

(6)† Leads the formulation of the State Departmentís Information Technology (IT) Tactical Plan, which specifies the activities, milestones, deliverables, roles and responsibilities to implement the IT Strategic Plan; and

(7)† Represents the State Department to the CIO Council, OMB, and Congress and other regulatory bodies regarding IT initiatives, investment and various regulatory issues.  Prepares reports, presentations and other responses to internal and external inquiries regarding the State Departmentís enterprise-wide IT portfolio.

1 FAM 275.2-1 †For future use

(CT:ORG-417;†† 06-15-2017)

1 FAM 275.2-2 †Financial Management Division (IRM/BMP/SPO/FMD)

(CT:ORG-417;†† 06-15-2017)

The Financial Management Division (IRM/BMP/SPO/FMD):

FMD is responsible for the control of bureau funds, financial planning, budget formulation, budget execution, the IT Working Capital Fund (WCF) Business Management Center, and IRM Emergency Management Planning and Coordination.

1 FAM 275.2-2(A) †IRM Budget Formulation and Budget Execution Branch (IRM/BMP/SPO/FMD/BGT)

(CT:ORG-480;†† 09-28-2018)

The IRM Budget Formulation and Budget Execution Branch (IRM/BMP/SPO/FMD/BGT):

(1)† Decision Support and Analysis

(a)† Collects and reviews all bureau budget requests for CIO review;

(b)† Does all IRM budget related data entry and validation in BP application systems (BSS, BFEM);

(c)† Provides Financial Plan preparation and oversight for all IRM Bureau appropriations;

(d)† Works with SPOís Enterprise Architecture Division (EAD), Strategic Planning Division (SPD), Portfolio Management Division (PMD) and BP to provide input and oversight for the State Departmentís IT Capital Investment Fund Financial Plan;

(e)† Provides responses to BP on OMB inquiries;

(f)†† Acts as the central Point of Contact (POC) for IRM Financial Management policies.† Ensures compliance with the Department of State CFO Act and Regulatory agency requirements;

(g)† Oversees all IRMís Financial Management practices, processes and associated systems; and

(h)† Acts as the central authority on all staff access to IRM Budget systems and the State Departmentís COR accounting system, GFMS;

(2)† IRM Funds Control;

(a)† Reconciles and validates all allotments from BP;

(b)† Manages, reconciles and validates all reimbursements and transfers, both internal and external; and

(c)† Provides reporting to IRM management on the status and use of all bureau funding;

(3)† Monitoring, Oversight and Reporting;

(a)† Manages all reports to the BP for Spend Plans, reimbursements, transfers and funds control related to all IRM IT WCF and IRM IT fee-for service activities;

(b)† Oversees all financial, business, and contractual aspects of the IT WCF for all services to Bureaus across the State Department;

(c)† Monitors and assesses all IT SLAís relating to WCF charges and services provided to customer Bureaus to ensure that the charges track with services rendered;

(d)† Provides transparent reporting of cost and services to Bureauís receiving services from IRM;

(e)† Monitor funds of all IRM Program Offices, ensuring allocations are not exceeded, preventing anti-deficiency; and

(f)†† Oversees all IRM ULOís for validation.

(4)† Emergency Management planning and coordination for IRM Bureau;

(a)† Serves as the liaison with other Bureaus and Department of State emergency planning and response programs.† Coordinates and develops information and responses to special or unique inquiries and requirements from the CIO, Deputy CIO for Operations and Deputy CIO for BMP;

(b)† Responsible for the annual Bureau Emergency Action Plan;

(c)† Responsible for the Federal Emergency Action Plan for State; and

(d)† Annex Ė 9, which is also the American Red Cross building.

(5)† Oversees contract administration of all SPOís contracts and task orders and manages SPO Program Budget Formulation and Execution; manages IRMís Representation Fund.

1 FAM 275.2-2(B) †Working Capital Fund Branch (IRM/BMP/SPO/FMD/WCF)

(CT:ORG-417;†† 06-15-2017)

The Working Capital Fund Branch (IRM/BMP/SPO/FMD/WCF):

(1)† Provides financial governance and guidance, gathers customer requirements, develops overall IRM WCF business plans, reviews and reports on Service Level Agreements (SLAís), provides Customer Advocacy and continuous improvement, and serves as the central POC/liaison with A/EX/WCF;

(2)† WCF develops and maintains the IRM WCF budget, serves as the central POC for all interaction with A/EX/WCF as financial liaison for WCF Operational Service Centers (OSCs), ensures appropriate spending against spend plans, ensures adherence to the objectives of the OSC Plans, and provides cost impact analysis of requirements and change requests;

(3)† WCF reconciles issues regarding bills and invoices, resolves disputes, prepares revenue and expense reports, and provides financial management support to each IRM WCF OSC; and

(4)† WCF provides financial reporting transparency and consistency, develops and manages streamlined service ordering processes, and develops and maintains a consolidated and scalable WCF billing system and calendar that supports each IRM WCF OSC.

1 FAM 275.2-3 †Portfolio Management Division (IRM/BMP/SPO/PMD)

(CT:ORG-417;†† 06-15-2017)

The Portfolio Management Division (IRM/BMP/SPO/PMD):

(1)† PMD provides an enterprise view, assessment, and governance for the State Departmentís IT portfolios, investments, programs, and projects.  This oversight service provides financial transparency and alignment of IT initiatives with the Departmentís IT Strategic Plan.  PM also serves as the e-Government Program Management Office (e-Gov PMO), established under the State Departmentís e-Government Program Board (e-GovPB) charter, providing enterprise-wide governance for the State Departmentís decentralized IT Portfolio;

(2)† Implements the pre-select, select, control and evaluation functions of the State Departmentís IT Capital Planning and Investment Control (CPIC) process for managing risks and IT investment returns associated with State Departmentís IT initiatives;

(a)† Pre-Select: screens proposed IT solutions for unmet Department business requirements before funding is provided;

(b)† Select: reviews, scores and selects well-founded business cases; and

(c)† Control/Evaluation:

(i)†††† Ensures the State Departmentís major IT portfolios, investments, programs, and projects are performing as expected to meet the State Departmentís business and strategic goals;

(ii)††† Regularly monitors and analyzes IT business case performance measures, costs and schedules, to identify at-risk IT projects/investments for TechStat review.  Assists project managers to develop remediation plans to mitigate identified investment risks;

(iii)††† Conducts Control Phase Portfolio Reviews and recommends the realignment of the IT portfolio based on any changes in mission, statutory or business requirements.† The e-GovPB makes final decisions on changes to the composition of funding levels within the portfolio;

(iv)†† Manages all phases of the State Departmentís Internal Verification and Validation (IV&V) processes;

(v)††† Conducts performance reviews of major projects in the State Departmentís current fiscal year IT capital asset plan;

(vi)†† Ensures IT business case information posted on the OMBís web site (IT Dashboard) is current and accurate; and

(vii)†† Conducts State Department TechStat reviews on underperforming IT projects and reports its findings to the CIO and the e-Gov Boards.

(3)† Supports the e-GovPB by coordinating the State Departmentís IT Capital Planning activities:

(a)† Manages the formulation, preparation, guidance, and dissemination of the State Departmentís IT Capital Asset Plans, in accordance with OMBís Circular A-11 regarding IT budget reporting requirements for the Departmentís IT investments;

(b)† Provides guidance to project managers on OMB-Circular A-11 project manager training requirements for certifications, and manages the State Departmentís PM certification program;

(c)† Manages the operation, maintenance, enhancement, and training of the capital planning tools and participates in the inter-agency working group, which updates the tool (i.e., electronic Capital Planning Investment Control-eCPIC and IT Asset Inventory-ITAB); and

(d)† Develops procedures for selecting, monitoring, and evaluating IT investments and provides reports to senior management on the State Departmentís IT portfolio;

(4)† Provides staff and administrative support for the meetings of the e-GovPB and associated organizations:

(a)† Develops and coordinates the State Departmentís e-Gov/IT Project Management Support Program by establishing a comprehensive project management curriculum; and

(b)† Provides recommendations to E-GovPB on State Department IT proposals; and

(5)† Serves as the State Departmentís point of contact (POC) for coordinating State Department representation at inter-agency meetings, working groups, conferences, and other forums.

1 FAM 275.2-4 †Strategic Planning Division (IRM/BMP/SPO/SPD)

(CT:ORG-458;†† 06-14-2018)

The Strategic Planning Division (IRM/BMP/SPO/SPD):

(1)† Formulates the Departmentís IT Strategic and Tactical Plans and IRMís Bureau Strategic Resource Plan to align IT investments to Stateís mission.† In addition, it analyzes emerging technologies to determine their applicability to the Departmentís IT strategic direction and coordinates Department-wide responses to OMB, Federal CIO Council and interagency IT initiatives.  Finally, SPD serves as IRM POC with the Office of the Inspector General and the Office of the Legal Advisor and for Freedom of Information, Privacy Act and e-Discovery requests;

(2)† Develops the State Departmentís Information Technology and e- Government Strategic and Tactical Plans and coordinates them with the State Departmentís strategic planning activities;

(3)† Formulates the IT portion of the State Departmentís overall Strategic Plan;

(4)† Formulates the annual Bureau Strategic and Resource Plan for the IRM bureau which contributes to the State Departmentís overall annual performance report;

(5)† Ensures that the Department of Stateís interests are represented on CIO Council products (i.e. Federal Strategic Plan);

(6)† Employs the State Department's Quadrennial Diplomacy and Development Review (QDDR) in IRM Bureau and also IT Strategic Planning efforts;

(7)† For the IRM Bureau, and other bureaus and offices throughout the State Department:

(a)† Reviews information technology plans and programs, including applications, data, networks, architectures, and platforms, for conformance with the IT Strategic Plan;

(b)† Investigates the implications of emerging technologies to determine how they affect the strategic direction of the State Department; and

(c)† Assists in ensuring compatibility of proposed applications, data, networks, and platforms with the IT Strategic Plan.

(d)† Coordinates Department-wide IT Symposiums outreach program in partnership with the private sector and small business community to introduce emerging technologies and solutions that align with the IT strategy, mission and vision.

(8)† Serves as the State Departmentís point of contact (POC) for implementing interagency initiatives such as e-Government (e-Gov), the Federal Information Security Modernization Act of 2014 (FISMA), the Government Paperwork Elimination Act, and other related statutes. Represents the State Department at inter-agency meetings, working groups and conferences, regarding these issues;

(9)† Serves as the State Departmentís POC for Coordinating State Department-wide responses to OMB, Federal CIO Council, and other interagency IT issues, directives, and guidance.† Coordinates State Department representation at inter-agency meetings, working groups, conferences, and other forums on inter-agency initiatives such as Clinger Cohen, Open Government, and Data.Gov initiatives;

(10) Acts as IRM Bureauís POC for the Office of the Inspector General, and coordinates official responses to inspection and audit reports and other requests for information;

(11) Manages the bureauís program for processing requests for Bureau of Information Resource Management (IRM) documents under the Freedom of Information (FOIA) and Privacy Acts; and

(12) Acts as IRM Bureau's POC with the Office of the Legal Adviser and Department of Justice, and coordinates official responses to eDiscovery requests, litigation holds, and other requests for information.

1 FAM 275.3 †eDiplomacy Office (IRM/BMP/EDIP)

(CT:ORG-417;†† 06-15-2017)

Reserved pending IRM action.

1 FAM 275.4 †Governance, Resource and Performance Management Office (IRM/BMP/GRP)

(CT:ORG-417;†† 06-15-2017)

The Governance, Resource and Performance Management Office (IRM/BMP/GRP):

(1)† Ensures that the Bureau of Information Resource Management (IRM) services are supported with clear, concise, and effective policies, processes, and governance structures to advance Government and Department of State objectives; develops and implements uniform and consistent information resource management policies; oversees the development and promotes the use of information management principles, standards, and guidelines; evaluates agency information resource management practices in order to determine their adequacy and efficiency;

(2)† Adds value through achievable goals and objectives by employing policies, processes, performance measurements, and sourcing strategies based on customer and regulatory requirements; evaluates all aspects of service delivery to improve the customerís experience and ensures IRM services are efficient, effective, and compliant with governance structures and methodologies for customers worldwide; and

(3)† Comprises four divisions: Governance and Policy (GP); Performance Management (PFM); Process Management (PMD); and Sourcing Management (SM).

1 FAM 275.4-1 †Governance and Policy Division (IRM/BMP/GRP/GP)

(CT:ORG-417;†† 06-15-2017)

The Governance and Policy Division (IRM/BMP/GRP/GP):

(1)† Assists in the development and revision of the content of Volume 5 of the Foreign Affairs Manual (FAM) and associated Foreign Affairs Handbooks (FAHs):

(a)† Ensures that 5 FAM/FAH policies and procedures are accurate, complete, and timely;

(b)† Addresses cross-cutting Department policies, regulations, and procedures concerning Department-wide 5 FAM information resource management issues; and

(c)† Initiates and coordinates publication of 5 FAM subjects and includes all relevant stakeholders in the clearance process;

(2)† Serves as a repository for Department-wide Information Resource Management (IRM) documents, including:

(a)† Regulations;

(b)† Procedures; and

(c)† Guidelines;

(3)† Reviews proposed new Federal information resource and information technology (IT) management statutes and regulations; provides comments and interpretations, as appropriate, to IRM and other Department Bureau managers and ensures Department-wide dissemination of these materials;

(4)† Assesses the effectiveness of 5 FAM policies through regularly scheduled reviews and analyses; recommends policy changes and works with stakeholders and subject matter experts (SMEs) to identify relevant operational issues;

(5)† Serves as the Departmentís liaison to the U.S. Government Accountability Office (GAO) regarding IRM-related engagements in coordination with the Departmentís central GAO liaison, the Bureau of the Comptroller and Global Financial Services (CGFS):

(a)† Initiates, coordinates, reviews, and develops Department-wide input;

(b)† Prepares and comments on Department correspondence to various congressional committees and subcommittees responding to GAO IT related recommendations; and

(c)† Prepares the official response for CIO approval and final Department GAO liaison clearance;

(6)† Serves as the Departmentís primary resource on governance for all IT related policy that defines how Department employees and managers use IT to accomplish goals of accountability, performance measurement, and transparency:

(a)† Assists the Departmentís business and management organizations in developing disciplined IT process governance;

(b)† Reviews the effectiveness, efficiency, and economy of Department actions to implement 5 FAM/FAH and other information resource management policies and procedures; and

(c)† Ensures that input is obtained from IRM and other Bureau stakeholders to accomplish process governance;

(7)† Coordinates the initiation, update, and revision of IRM 1 FAM organizational statements:

(a)† Drafts, reviews, revises, and provides recommendations regarding new or proposed changes to IRM organizational roles and responsibilities;

(b)† Evaluates organizational structures and functions as well as strategies for organizational change to ensure that they support the global organizational mission, encompass sound management practices, and meet relevant regulatory policies and criteria requirements;

(c)† Facilitates the necessary external clearance processes and, subsequent, codification of the documented material;

(d)† Facilitates information resource management organizational development to align structures and functions with the mission, as necessary; and

(e)† Coordinates with internal and external officials, as appropriate.

(8)† Serves as IRMís Bureau Records Coordinator (BRC) in accordance with 5 FAM 414.4(b);

(a)† Coordinates IRM's records activities with the Office of Information Programs and Services (A/GIS/IPS) and IRM records manager(s);

(b)† Responds to routine records management inquiries on behalf of IRM, coordinating with other IRM entities, as necessary; remains abreast of emerging issues and changing records management requirements; coordinates with and refers inquires, as needed, to A/GIS/IPS;

(c)† Acts as the bureauís primary point of contact for information on records management updates, news, and training; provides records management information via IRM notices and web; and

(d)† Represents IRM at BRC meetings and other records management meetings, as appropriate.

1 FAM 275.4-2 †Performance Management Division (IRM/BMP/GRP/PFM)

(CT:ORG-417;†† 06-15-2017)

The Performance Management Division (IRM/BMP/GRP/PFM):

(1)† Develops performance management/measurement policies and procedures related to IT Service Management (ITSM) in accordance with Federal statutes and the Office of Management and Budget (OMB) Performance Reference Model (PRM);

(2)† Negotiates and coordinates with customer representatives and IRM offices to document IRM Service Level Agreements (SLAs); partners with customers to ensure that customer needs are met and measurable results are achieved;

(3)† Manages service agreements between IRM and its customers, ensuring that appropriate performance management/measurement techniques are applied to IRM products and services to ensure that accurate metrics produce tangible results in IRM products and services:

(a)† Manages the IRM agreement repository, which includes Memoranda of Agreement (MOA), Memoranda of Understanding (MOU), and Interagency Agreements (IAA), Interconnection Security Agreements (ISA), SLAs, Operational Level Agreements (OLAs) and supporting documents; and

(b)† Develops standards and processes for monitoring, tracking and improving the life cycle management of agreements and supporting documents;

(4)† Provides reports for senior management, individual IRM offices, and external customers to address overall organizational and customer ITSM requirements; emphasizes transparency, quality management and improved customer service; and coordinates, as necessary, to identify specific performance gaps by conducting analyses;

(5)† Coordinates workforce planning initiatives for IRM and the IT skill codes with HR; provides subject matter expertise to the Overseas Staffing Model maintained by HR/RMA; reviews current staffing levels of Foreign Service and Civil Service personnel working in IM job codes;  provides oversight, specifically within IT skill codes, of Eligible Family Member (EFM) employment programs overseas; provides assistance to the CIO and DCIO with regards to personnel and staffing requests; creates regular and ad hoc reports to support IRM programs and objectives; and

(6)† Serves as the process owner for the Service Level Management Working Group (SLMWG); authorizes a collaborative team of IRM Subject Matter Experts (SMEs) and government functional leads to:

(a)† Develop Service Level Management (SLM) policies;

(b)† Oversee the development and improvement of the SLM process;

(c)† Ensure standard templates for agreements such as Service Level Agreements (SLAs) and Operational Level Agreements (OLAs) are developed;

(d)† Ensure that all services are defined and documented;

(e)† Ensure that all defined services are properly stored in a central repository which will be used as the Enterprise Service Portfolio and Enterprise Service Catalog; and

(f)†† Manage the authoritative Enterprise Service Portfolio and Enterprise Service Catalog.

1 FAM 275.4-3 †Process Management Division (IRM/BMP/GRP/PMD)

(CT:ORG-417;†† 06-15-2017)

The Process Management Division (IRM/BMP/GRP/PMD):

(1)† Provides bureau-wide, process-related guidelines and procedures to ensure IRMís delivery of products and services meets or exceeds customer expectations;

(2)† Recommends process-related policies and standards which support the goals and vision of IRM;

(3)† Continually aligns IRMís services with customer needs by evaluating processes and proposing improvements to those processes;

(4)† Adopts the Information Technology Infrastructure Library (ITIL) Framework through the recommendation of best practices that meet the needs of IRM and its customers;

(5)† Supports IT knowledge management (KM) solutions that facilitate rapid problem resolution for self-service end users and support analysts;

(6)† Supports the Information Technology Infrastructure Library (ITIL) framework within the IRM bureau through the operation of a continual service improvement function. Identifies opportunities for continual service improvement;

(7)† Ensures that the implementation of IRM service delivery functions, (e.g., incident management, problem management, change management, service request management, configuration management, asset management, etc.), are customer-oriented and driven by service standards and established performance metrics; and

(8)† Manages and facilitates the IRM Process Improvement Governance Board (PIGB) and the process improvement working groups (e.g., Incident Management, Change Management, Service Level Management and Knowledge Management) that develop and implement IRM service delivery processes.

1 FAM 275.4-4 †Sourcing Management Division (IRM/BMP/GRP/SM)

(CT:ORG-417;†† 06-15-2017)

The Sourcing Management Division (IRM/BMP/GRP/SM):

(1)† The primary functions of IRM/BMP/GRP/SM fall within four discrete categories: Information Technology Configuration Control Board (IT CCB) Management; Enterprise Licensing and Strategic Sourcing; IT Workforce Recruitment and Analysis; and IRM Program for Accessible Computer/Communication Technology (IMPACT);

(2)† Collaborates with the IT CCB Chairperson and IT CCB Membership to oversee and manage new hardware and software requests to modify the Departmentís global IT baseline, including unclassified and classified infrastructures:

(a)† Manages the overall IT CCB process, including documentation, voting, and Local CCB oversight. IT CCB Change Requests (CRs) and Local CCB approvals encompass all hardware and software applications put on OpenNet and ClassNet;

(b)† Maintains the IT CCB Baseline of approved products through IT CCB, GITM or Local CCBs;

(c)  Conducts testing of hardware and commercial off-the-shelf (COTS) software and submission of CRs to reduce the workload of Local CCBs exclusive of enterprise patch management support which continues to be provided by the IRM/OPS/ENM office; and

(d)† Provides training and advice on the process for clearing changes to the global IT environment and pending IT CCB approval requests;

(3)† Manages the Departmentís Microsoft and Oracle Blanket Purchase Agreements (BPAs) and Enterprise License Agreements (ELAs); and establishes and manages other enterprise hardware and software agreements as designated by the Department:

(a)† Monitors the Departmentís Microsoft and Oracle contracts; tracks license assignments and accounts for the specific products identified in the each of the contract ELAs to ensure overall license compliance; and reviews and certifies payment for purchase orders under the individual ordering capability of the Microsoft BPA; and

(b)† Coordinates with bureaus and posts to identify requirements for establishing new BPAs, ELAs, and other procurement vehicles offering cost savings/avoidance; prepares required budget estimates and acquisition strategy supporting funding requests for future enterprise agreements and re-competes:

(i)†††† Collaborates with A/LM/AQM to develop new acquisition vehicles supporting software and hardware procurements; prepares required documentation to include the Acquisition Plan, Justification and Approval for Other Than Full and Open Competition (JOFOC) when applicable, and Statement of Work (SOW);

(ii)††† Maintains a centralized software license information repository for the enterprise software agreements that it manages for the Department; and

(iii)††† Provides customer service/support regarding entitlements and use of the hardware and software agreements that it manages for the Department;

(4)† Collaborates with Human Resources (HR) to provide guidance and outreach to maximize the Department's IT Workforce pool of candidates available to meet the Department and IRM Bureau needs:

(a)† Analyzes the Departmentís strategic IT workforce requirements, demographics, diversity reports, labor market pressures, skills required, and separation trend analysis to ensure the Departmentís IT workforce is balanced and equipped to meet constantly evolving information technology practices;

(b)† Manages the IRM outreach program to recruit U.S. citizens worldwide for Information Technology Specialists Foreign Service and Civil Service careers;  actively participates in the recruiting, vetting, and interviewing process ensuring the most qualified candidates are accepted; and

(c)† Manages the IRM Application, Qualifications Evaluation Panel (QEP) Selection Process, and Board of Examiner (BEX)/Interview Process to ensure they meet constantly evolving information technology practices and industry standards.

(5)† Serves as the Departmentís resource for achieving electronic and information technology (EIT) accessibility for all employees and customers, providing assistance to all Department bureaus in their implementation of Section 508 of the Rehabilitation Act:

(a)† Participates in Configuration Control Board approval processes such as the IT CCB which includes conducting technical reviews of Voluntary Product Accessibility Templates (VPATs) and Government Product Accessibility Templates (GPATs), working with vendors and DOS developers, respectively, to improve the effectiveness and efficiency of their VPAT and GPAT documentation;

(b)† Provides training and presentations to customers about Section 508 accessibility requirements, and use of IT accessibility products relative to Section 508;

(c)† Conducts analysis, tests, and provides recommendations for software, web-based applications and hardware developed, used, maintained, or procured by bureaus in accordance with Section 508 requirements;

(d)† Acts as the Departmentís Section 508 subject matter expert (SME) for reporting requirements to Federal oversight committees; and

(e)† Section 508 Coordinator reviews all requests for general exceptions under Section 508 and obtains documented approvals.

1 FAM 276 †DEPUTY CHIEF INFORMATION OFFICER FOR OPERATIONS/CHIEF TECHNOLOGY OFFICER (IRM/OPS)

(CT:ORG-417;†† 06-15-2017)

The Deputy Chief Information Officer for Operations/Chief Technology Officer (IRM/OPS):

(1)† Provides overall liaison, interface, and outreach functions within the Department to supply the information resources management operations that best support the Departmentís mission and functions;

(2)† Provides direction and policy guidance on substantive operational activities in the IRM Bureau to ensure that the Department and other foreign affairs agencies receive the full range of worldwide rapid, reliable, responsive, secure, classified, and unclassified voice and data information management operating systems, networks, programs, and support services in a cost-effective, customer service-oriented manner.† IRM/OPS ensures that people with disabilities have access to information technology;

(3)† Provides enterprise-wide business systems, system integration, mainframes, and client/server operations, consistent with the principles embodied in the Information Technology Management Reform Act of 1996 (Clinger-Cohen Act);

(4)† Implements U.S. Government information management directives and directs IRMís providing of operational products and support services to the Department and to other foreign affairs agencies as information resource management operating programs are implemented under Department inter-bureau and U.S. Government interagency agreements, as appropriate;

(5)† Provides leadership and technical experts for the U.S.-Russian Federation and Newly Independent States Direct Communications Link (DCL), the Nuclear Risk Reduction Center (NRRC), and the Government-to-Government Communications Link (GGCL), and such other similar systems, as may be established;

(6)† Provides technical guidance, consistent with the ďDepartment of State Enterprise Architecture and Information Technology Strategic and Performance Measurement PlanĒ to bureaus and offices so that they can implement appropriate information technology operations;

(7)† Accounts for the management and overall security of the classified and unclassified mainframe systems; and

(8)† Oversees the Defense Liaison Office reporting to the IRM Bureau.

1 FAM 276.1 †Enterprise Network Management Office (IRM/OPS/ENM)

(CT:ORG-443;†† 04-09-2018)

The Enterprise Network Management Office (IRM/OPS/ENM), in conjunction with other IRM offices and DTS/PO, the ENM office is responsible for managing and overseeing the design, operation, and life-cycle management of the Departmentís worldwide networks.† The office is comprised of three divisions and one staff office.

1 FAM 276.1-1 †Network Engineering and Design Division (IRM/OPS/ENM/NED)

(CT:ORG-417;†† 06-15-2017)

The Network Engineering and Design Division (IRM/OPS/ENM/NED):

(1)† Provides technical guidance and support for the design, development, and engineering of the Departmentís enterprise network;

(2)† Provides technical guidance and support for the design, development, and engineering of the Departmentís server and client operating systems;

(3)† Validates applications to run on the Departmentís network, as appropriate;

(4)† Performs capacity planning and ensures optimum performance of the Departmentís networks;

(5)† Supports the IRM Customer Center in consolidating wide-area network and operating system requirements; and

(6)† Oversees the development, implementation, and maintenance of the Integrated Enterprise Management System (IEMS), which includes proactive network monitoring, problem resolutions, escalation, troubleshooting, and trouble-ticketing.

1 FAM 276.1-2 †Operations Division (IRM/OPS/ENM/OPS)

(CT:ORG-417;†† 06-15-2017)

The Operations Division (IRM/OPS/ENM/OPS):

(1)† Oversees and provides 24-hour management and administrative support for the Departmentís networks;

(2)† Ensures the reliable operations and performance of classified/unclassified internet-working systems and network services;

(3)† Provides operational, administrative, and management support for the worldwide internet protocol (IP) network through the Departmentís Enterprise Network Management Operations Center (ENMOC);

(4)† Provides operational support for the Departmentís server and client operating systems; and

(5)† Provides technical support and coordination for detecting and correcting IT security vulnerabilities.

1 FAM 276.1-3 †Networks Life-Cycle Management Division (IRM/OPS/ENM/NLM)

(CT:ORG-417;†† 06-15-2017)

The Networks Life-Cycle Management Division (IRM/OPS/ENM/NLM):

(1)† Provides oversight and management responsibility for developing and maintaining technical baselines for the network infrastructure;

(2)† Provides technical assistance in the form of testing, evaluating, and reviewing the enterprise network equipment, systems, services, and technical support for the Departmentís Configuration Control Board (CCB);

(3)† Establishes and maintains a network configuration management plan (CMP) to monitor, track, and approve engineering changes, upgrades, modifications, procedures, precepts, and criteria.† IRM/OPS/ENM/NLM maintains an accurate database of hardware, firmware, software, and documentation for the Departmentís networking assets;

(4)† Conducts integration testing and evaluation for new or modified hardware or software for the enterprise network; coordinates software distribution, new releases, updates, fixes, and version controls;

(5)† Provides enterprise patch management support.† Provides patch support to mitigate vulnerabilities or provide alternate patch solutions for the DOS environment;

(6)† Provides asset management services (i.e., life-cycle replacement schedules) for Department IT Infrastructure; and

(7)† Provides acquisition and procurement support for products, labor, and services required for enterprise-wide IT management, operations, and maintenance responsibilities.

1 FAM 276.2 †Information Technology Infrastructure Office (IRM/FO/ITI)

(CT:ORG-467;†† 08-13-2018)

The Information Technology Infrastructure Office (IRM/FO/ITI):

(1)† Advises the Deputy Chief Information Officer for Information Resource Management Operations and other high-level officials in the Department regarding infrastructure issues;

(2)† Directs and manages the development, maintenance, installation, and operations of the Departmentís telephone, radio, and wireless communications programs.† IRM/FO/ITI provides for systems integrity and technology safeguards in conformance with established Bureau of Diplomatic Security standards and policies;

(3)† Implements policies, standards, and procedures to conform with established Department of State architecture standards and policies to ensure effective and efficient infrastructure; and

(4)† Evaluates the utilization of new technology as it applies to the Departmentís infrastructure.

1 FAM 276.2-1 †LAN and WAN Service Division (IRM/FO/ITI/LWS)

(CT:ORG-467;†† 08-13-2018)

The LAN and WAN Service Division (IRM/FO/ITI/LWS):

(1)† Advises the Director for Information Technology Infrastructure on all matters concerning the installation and maintenance of local and wide-area network (LAN/WAN) infrastructure;

(2)† Administers policy, standards, and procedures to conform with established Department enterprise architecture, and in regards to maintaining and installing LAN/WAN infrastructure;

(3)† Maintains the Departmentís LAN/WAN infrastructure and associated supporting technologies;

(4)† Provides LAN/WAN infrastructure security to conform with Department security standards;

(5)† Develops acquisition plans for new requirements; serves as contracting officer representative; and performs contract administration for all existing contacts for labor, equipment, maintenance, and spare parts in support of LAN/WAN services; and

(6)† Provides oversight and management for the Departmentís Radio Program, Foreign Posts Telephone Program, and the Liaison Office to the Bureau of Overseas Buildings Operations (OBO).

1 FAM 276.2-1(A) †Liaison Branch/OBO (IRM/FO/ITI/LWS/LOBO)

(CT:ORG-467;†† 08-13-2018)

The Liaison Branch/OBO (IRM/FO/ITI/LWS/LOBO):

(1)† Provides OBO with IRM's IT requirements for space, environmental systems, cabling, and information security systems at new office buildings, (NECs), interim office buildings (IOBs), and temporary office buildings (TOBs) at posts abroad;

(2)† Continuously reviews architectural, mechanical, and electrical drawings for NECs to ensure that IT facilities and environmental systems are adequate to accommodate IRM's information, communications systems, and personnel; and

(3)† Tracks the progress of all NEC, IOB, and TOB projects and coordinates all of IRM's technical plans for acquisitions and installations and informs the appropriate program office of all project changes, schedule delays, and engineering changes.

1 FAM 276.2-1(B) †Installation Branch (IRM/FO/ITI/LWS/ITL)

(CT:ORG-468;†† 08-20-2018)

The Installation Branch (IRM/FO/ITI/LWS/ITL):

(1)† Implements policy standards and procedures regarding the installation of LAN/WAN infrastructure;

(2)† Plans, designs, installs, and documents installation of LAN/WAN infrastructure and related technologies;

(3)† Provides enterprise integrity and remediation for the Departmentís installed information technology infrastructure; and

(4)† Provides technical training and oversight for information management technical specialist to develop a core base of communications specialists (COMPSPECS).

1 FAM 276.2-1(C) †Maintenance Branch (IRM/FO/ITI/LWS/MNT)

(CT:ORG-480;†† 09-28-2018)

The Maintenance Branch (IRM/FO/ITI/LWS/MNT):

(1)† Implements policies, standards, and procedures as they apply to maintaining the classified LAN/MAN/WAN infrastructure abroad;

(2)† Provides onsite preventative and remedial services for the continued operations or restoration of classified IT systems at posts abroad;

(3)† Establishes and administers service contracts for repairing and returning failed IT hardware, firmware, or software, including INMARSATS, and for procuring new requirements;

(4)† Manages the Departmentís International Maritime Satellite communications contingency program (INMARSATS);

(5)† Conducts regular visits to posts abroad to troubleshoot and repair defective equipment and software for unclassified IT systems;

(6)† Conducts regular visits to posts abroad to provide operations and maintenance support for unclassified IT systems in accordance with manufacturerís recommendations, IRM, and DS guidance and policies; and

(7)† Performs depot-level maintenance and testing on failed IT equipment for posts abroad.

1 FAM 276.2-1(D) †Foreign Posts Telephone Branch (IRM/FO/ITI/LWS/FPT)

(CT:ORG-467;†† 08-13-2018)

The Foreign Posts Telephone Branch (IRM/FO/ITI/LWS/FPT):

(1)† Implements policies, standards, and procedures for maintaining and operating PBX telecommunications systems at all foreign posts;

(2)† Plans, installs, and maintains PBX systems at foreign posts; and

(3)† Establishes and administers service contracts for repairing and returning failed telephone hardware, firmware, or software and for procuring telephone systems.

1 FAM 275.2-1(E) †Radio Programs Branch (IRM/FO/ITI/LWS/RPB)

(CT:ORG-467;†† 08-13-2018)

The Radio Programs Branch (IRM/FO/ITI/LWS/RPB):

(1)† Implements policies, standards, and procedures for maintaining and installing HF, UHF, and VHF radio systems, including TACSATS;

(2)† Engineers, designs, plans, installs, and maintains radio systems;

(3)† Provides emergency communications systems to posts in crisis situations and communications support for special operations;

(4)† Manages the Departmentís Tactical Satellite Communications contingency program (TACSATS); and

(5)† Supports the Coordinator for Counter-terrorism (S/CT) in deploying, operating, and maintaining the Foreign Emergency Support Team's (FEST) deployment packages for exercises and missions abroad.

1 FAM 276.2-2 †Telecommunications, Wireless and Data Services Division (IRM/OPS/ENM/TWD)

(CT:ORG-468;†† 08-20-2018)

The Telecommunications, Wireless and Data Services Division (IRM/OPS/ENM/TWD):

(1)† Advises the Director of Information Technology Infrastructure regarding all matters concerning voice, video-conferencing, voice/data, wireless services, and telecommunications infrastructure;

(2)† Develops and administers policy, standards, and procedures to conform with established Department architecture regarding voice, video-conferencing, voice/data, wireless services, and telecommunications infrastructure;

(3)† Maintains the Departmentís voice, video-conferencing, voice/data, wireless services, and telecommunication services infrastructure, and associated support telecommunications systems;

(4)† Provides voice, video-conferencing, voice/data, wireless, data, and telecommunications services support to the Office of the Secretary for special infrastructure requirements; and

(5)† Serves as program manager for the Department's Enterprise Network Program (E-Net), which is modernizing State's data networking in the metropolitan area.† Program management includes responsibility for designing, developing, operating, and network managing premise networks (LANs), and for the metropolitan area network interconnecting the main State Department building and the annexes (MAN).

1 FAM 276.2-2(A) †Business Operations Management Branch (IRM/OPS/ENM/TWD/BOM)

(CT:ORG-468;†† 08-20-2018)

The Business Operations Management Branch (IRM/OPS/ENM/TWD/BOM):

(1)† Develops and implements policies, standards, and procedures regarding domestic telecommunications service to include call accounting, private branch exchanges (PBXs), domestic circuit acquisitions, and charge-back programs;

(2)† Administers acquisition of telecommunications service to include PBXs, domestic circuits, and premise distribution systems; and

(3)† Manages programs that provide for detailed call-accounting information, including long-distance calling activity.

1 FAM 276.2-2(B) †Domestic Telephone and Data Services Branch (IRM/OPS/ENM/TWD/DTD)

(CT:ORG-468;†† 08-20-2018)

The Domestic Telephone and Data Services Branch (IRM/OPS/ENM/TWD/DTD):

(1)† Develops and implements policies, standards, and procedures regarding domestic circuits, PBX operations, enterprise network (E-Net) operations, and telecommunications infrastructure; and

(2)† Plans, installs, and maintains the Departmentís domestic circuits, PBXs, telecommunications infrastructure, and associated supporting telecommunications systems.

1 FAM 276.2-2(C) †Domestic Technical Services Branch (IRM/FO/ITI/SI/DTS)

(CT:ORG-467;†† 08-13-2018)

The Domestic Technical Services Branch (IRM/FO/ITI/SI/DTS):

(1)† Implements policies, standards, and procedures for maintaining Domestic LAN/WAN infrastructure;

(2)† Provides technical services support for the Departmentís command and control systems, which includes the fifth floor Communications Center, the Operations Center, the Secure Voice Center, and classified data networks;

(3)† Provides 7x24-hour operations and maintenance services for the Secure Voice Center and the red switch telephones systems;

(4)† Provides Tier III engineering and maintenance support for the continuous operations and rapid restoration of classified networks in the fifth floor Communications Center;

(5)† Provides installation, configuration, and maintenance support for the Departmentís classified networks cryptographic systems/equipment; and

(6)† Provides installation and maintenance support for the activation and mobilization of the Departmentís contingency operations at alternate sites.

1 FAM 276.2-3 †Systems Integrity Division (IRM/FO/ITI/SI)

(CT:ORG-467;†† 08-13-2018)

The Systems Integrity Division (IRM/FO/ITI/SI):

(1)† Advises the Director of Information Technology Infrastructure on all key management infrastructure (KMI) matters; secure voice; PKI/biometric; and anti-virus programs used to implement and maintain information assurance and systems integrity;

(2)† Administers KMI policy, standards, and procedures regarding cryptography, information assurance, and systems integrity to conform with national and Department policy and regulations;

(3)† Provides comment(s) concerning the development of related national policy;

(4)† Provides technical security oversight and management for mainframe security, cryptographic services, and Information Integrity for the Departmentís PKI/biometric and anti-virus programs; and

(5)† Coordinates IRM integration, verification, and interoperability (IV&V) testing for the Departmentís IT assets using or supported by anti-virus, cryptographic, mainframe, PKI, and biometric security systems.

1 FAM 276.2-3(A) †Cryptographic Services Branch (IRM/FO/ITI/SI/CSB)

(CT:ORG-467;†† 08-13-2018)

The Cryptographic Services Branch (IRM/FO/ITI/SI/CSB):

(1)† Advises all Department bureaus of encryption devices and technology necessary to comply with national and Department information assurance (IA) practices;

(2)† Implements key management infrastructure (KMI) policies, standards, and procedures as they apply to Type I, II, III encryption devices to include symmetrical and asymmetrical algorithms;

(3)† Manages the Departmentís communications security (COMSEC) programs (i.e., COMSEC material control system (CMCS) and central office of record (COR)) to meet national cryptographic management and audit policy requirements;

(4)† Manages the Departmentís cryptographic clearance (access) office and procedures and associated services to include maintaining 5 FAH-6, Communications Security Handbook; and

(5)† Manages the Department's secure voice program.

1 FAM 276.2-3(B) †Information Integrity Branch (IRM/FO/ITI/SI/IIB)

(CT:ORG-467;†† 08-13-2018)

The Information Integrity Branch (IRM/FO/ITI/SI/IIB):

(1)† Implements policies, standards, and procedures regarding information systems security to conform with Department regulations;

(2)† Manages the Departmentís Mainframe Security Program to ensure compliance with Department security policies and industry best practices. †IRM/FO/ITI/SI/IIB develops, implements, and administers, policies, standards, and procedures regarding mainframe security, with specific emphasis on amplifying and correlating workstation and network-centric Department policies to the mainframe environment.† IRM/FO/ITI/SI/IIB installs, tailors, configures, and operates all software packages designed to establish, facilitate, augment, and/or control:

(a)† User identification and authorization;

(b)† Data and resource access control;

(c)† Security event monitoring and auditing; and

(d)† Cryptographic services support on mainframe hardware platforms regardless of the operating system;

(3)† Serves as COMSEC custodian for mainframe based cryptographic service systems.† IRM/FO/ITI/SI/IIB monitors and advises on, as appropriate, the installation and operation of mainframe interfaces with the OpenNet, Internet, or dedicated interagency communication links to ensure compliance with Department security guidelines; provides procedural safeguards for data transiting these boundaries;

(4)† In a custodial capacity, implements technical security controls on behalf of all mainframe system and application owners; advises on the secure design, installation, and operation of systems and applications; serves as a voting member on the SIO/EOC CCB on suitability of mainframe hardware and software selection and configuration; and monitors and advises on security matters for IT/CCB change records relevant to, or concerning interfaces with, the mainframes.† The Information Integrity Branch conducts internal system security reviews and renders internal audit reports to all Department mainframe systems and applications owners; conducts real-time security event monitoring and mainframe network intrusion detection; and serves as a first-level CIRT for security incidents originating on any mainframe platform or at its boundary interfaces;

(5)† Manages and coordinates the mainframe application ISSO program, in cooperation with CIO/IA and DS; advises on all mainframe security relevant policies; coordinates intra- and inter-agency computer security issues; and supports certification and accreditation of mainframe resident applications or general support systems.† IRM/FO/ITI/SI/IIB works with the PKI program and IRM/OPS/ENM to facilitate and integrate PKI with the mainframe as a single sign-on methodology;

(6)† Implements anti-virus policies, standards, and procedures to conform with established DOS architecture to ensure effective and efficient operations that protect critical automated information systems (AIS) against the threat of virus infection.† Through these safeguards, computer and communications resources, including the data they store, are available and free of malicious code virus infection.† The Information Integrity Branch manages a Virus Incident Response Team (VIRT) capable of responding to virus alerts Department-wide and provides 7X24 on-call assistance and an 8-hour, 5-day Help Desk in support of anti-virus software products.† It maintains an anti-virus intranet Web site (accessible via the OpenNet) where the user community may obtain the latest versions of anti-virus software, virus signature files, virus alert information, and policy guidance 7X24.† Also, IRM/FO/ITI/SI/IIB develops policy that mandates reporting virus discoveries to this office;

(7)† Administers and implements policies, standards, and procedures regarding public key infrastructure (PKI), including digital signature and asymmetric public key encryption technology, to conform with Department regulations.† IRM/FO/ITI/SI/IIB manages the Departmentís PKI program, including establishing and operating the PKI Root Certificate Authority (CA) and all subordinate certificate authorities on all Department classified and unclassified networks, domestic and abroad;

(8)† Coordinates and manages the Departmentís cross-certification with the Federal PKI Steering Committee Federal Bridge Certification Authority (FBCA) for classified and unclassified automated information systems digital signature and public key encryption interfaces to other Federal agencies, State and local governments, foreign governments, and the public, domestic and abroad.† IRM/FO/ITI/SI/IIB represents the IRM Bureau in all department-level and the Department of State in all Federal-level forums, working groups, standing committees, and boards relative to using public key technology and infrastructure, and acts as the PKI technical advisor to all such groups within the Department.† IRM/FO/ITI/SI/IIB coordinates IRM integration, verification, and interoperability testing for the Department; and

(9)† Manages the Departmentís Biometric Logical Access program, including the integration with the Department and Federal PKI programs, for all Department classified and unclassified networks, domestic and abroad.† IRM/FO/ITI/SI/IIB represents IRM Bureau in all department-level and the Department of State in all Federal-level forums, working groups, standing committees, and boards relative to using biometrics for logical access control, and acts as the technical advisor to all such groups within the Department.

1 FAM 276.2-4 †Technical Security and Safeguards Division (IRM/FO/ITI/TSS)

(CT:ORG-467;†† 08-13-2018)

The Technical Security and Standards Division (IRM/FO/ITI/TSS):

(1)† Advises the Director of Information Technology Infrastructure about all matters concerning hardware assurance and field surety program operations; and

(2)† Administers policy, standards, and procedures regarding hardware assurance and field surety programs to conform with Department regulations.

1 FAM 276.2-4(A) †Hardware Assurance Team (IRM/FO/ITI/TSS/HAT)

(CT:ORG-480;†† 09-28-2018)

The Hardware Assurance Team (IRM/FO/ITI/TSS/HAT):

(1)† Implements policies, standards, and procedures regarding hardware assurance to conform with Department regulations;

(2)† Investigates new hardware assurance technologies; and

(3)† Performs assurance procedures on newly acquired equipment.

1 FAM 276.2-4(B) †Field Surety Team (IRM/FO/ITI/TSS/FST)

(CT:ORG-480;†† 09-28-2018)

The Field Surety Team (IRM/FO/ITI/TSS/FST):

(1)† Implements policies, standards, and procedures regarding field surety programs to conform with Department regulations;

(2)† Performs technical counterintelligence processes for foreign posts; and

(3)† Provides hardware safeguard services for foreign posts.

1 FAM 276.2-4(C) †Systems Safeguards Team (IRM/FO/ITI/TSS/SST)

(CT:ORG-480;†† 09-28-2018)

The Systems Safeguards Team (IRM/FO/ITI/TSS/SST):

(1)† Implements policies, standards, and procedures regarding hardware issues to deploy and use analog and digital nonsecure telephone systems to conform with national and Departmental regulations;

(2)† Implements policies, standards, and procedures regarding the hardware integrity of cryptographic systems and their peripherals; and

(3)† Performs assurance procedures, certification, and/or validation of the Department's systems.

1 FAM 276.2-5 †Global Information Technology Modernization Division (IRM/FO/ITI/GITM)

(CT:ORG-467;†† 08-13-2018)

The Global Information Technology Modernization Division (IRM/FO/ITI/GITM):

(1)† Manages the Department's information technology-approved programs by utilizing industry-standard project management methodologies.† A core staff, trained in program management practices, effectively executes and implements information technology (IT) programs globally, domestically, and abroad;

(2)† Manages either an entire program's life cycle or specific program life-cycle segments.† When managing the entire program life-cycle process, GITM conducts a complete program management review and acquisition strategy review and executes the actual program operations that include survey, design, building, delivery, installation, and transition to operations, maintenance, and customer service;

(3)† When managing only specific segments of a program's life cycle, GITM coordinates and interfaces with multiple Department organizational elements to ensure that the program management methodologies are applied effectively;

(4)† Ensures that industry-standard program management methodologies are being effectively executed for all IRM information technology programs conducted outside the GITM office and provides guidance and direction to all other IRM elements for adhering to the concepts of program management, project scope planning, project time activities, financial accounting, project quality assurance and tracking, production control planning, project resource requirements determination, project risk management, configuration management requirements, and procurement strategies;

(5)† Provides management oversight; directs and implements major IRM information technology programs (domestically and abroad); and advises the Deputy CIO for Operations, as required;

(6)† Ensures that GITM-managed programs comply with Federal legislation guiding agencies such as the Federal Enterprise Architecture Framework (FEAF), the Federal Information Security Modernization Act of 2014 (FISMA), NSA guidance, OMB Circular A-130, and National Information Assurance Certification and Accreditation Process (NIACAP), as well as other legislation directing Federal IT programs;

(7)† Establishes a technical operations function for baseline configuration, site-specific requirements, and systems design and provides technical coordination with all customers;

(8)† Establishes a deployment function to coordinate installation schedules, logistical deployment of material and personnel to customer sites, site preparation, install team preparation, and customer training;

(9)† Establishes a production control function to effectively manage multidisciplinary processes, control gates, quality audits, internal reviews, and production goals to ensure a reliable and timely workflow so that the deployment schedule is met within cost constraints and technical and quality criteria;

(10) Establishes a quality-control function to define and execute system performance measures, contract performance, and configuration management and baselines and ensures that process documentation standards are developed during the program's life and adhered to; and

(11) Establishes a program management function to ensure that life-cycle phases of a program are documented and coordinated in the following areas:† requirements definition, cost analysis, planning, financial management, reporting, automated management information system, and customer website development.

1 FAM 276.3 †Messaging Systems Office (IRM/OPS/MSO)

(CT:ORG-417;†† 06-15-2017)

The Messaging Systems Office (IRM/OPS/MSO):

(1)† Advises the Deputy Chief Information Officer for Information Resources Management Operations and other high-level officials about messaging;

(2)† Has full responsibility for developing, implementing, and operating all Department-wide messaging;

(3)† Manages the integration of emerging technologies with existing and planned messaging programs;

(4)† Ensures messaging services are accessible to all offices of the Department and to other agencies; and

(5)† Provides technical experts for the U.S.-Russian Federation and Newly Independent States direct communications link (DCL), the Nuclear Risk Reduction Center (NRRC), the government-to-government communications link (GGCL), the foreign affairs link (FAL), and other such initiatives.

1 FAM 276.3-1 †Management Analysis Staff (IRM/OPS/MSO/MAS)

(CT:ORG-417;†† 06-15-2017)

The Management Analysis Staff (IRM/OPS/MSO/MAS):

(1)† Advises the director regarding all resource issues affecting the managing and administrating of the messaging systems office; coordinates resource requirements among all program elements within an office; and prepares and recommends resource proposals to be submitted to IRM/EX;

(2)† Manages the messaging systems office professional development program, ensuring that its employees are appropriately trained for their responsibilities;

(3)† Manages, coordinates, and performs building and environmental maintenance in conjunction with IRM/EX and A/OPR offices;

(4)† Acts as the messaging systems officeís contracting officer representative for its mission-critical contracts;

(5)† Coordinates program resources and is liaison to IRM/EX for all office administrative and management issues such as budget, planning, staffing, training, equipment, space, desktop systems, inventory, procurement, etc.;

(6)† Prepares and monitors office performance measures and tracks the accomplishment of goals and objectives; keeps the office director informed of progress toward achieving the programís mission; and

(7)† Manages the communications security (COMSEC) account for the Communications Center and Secure Voice Center (i.e., COMSEC), cryptographic Clearance (Access) procedures, and associated services according to 5 FAH-6, Communications Security Handbook.† IRM/OPS/MSO/MAS manages the STU III/STEís program for distribution, operations, and control for the IRM Bureau.

1 FAM 276.3-2 †Messaging Systems Products Division (IRM/OPS/MSO/MRA)

(CT:ORG-468;†† 08-20-2018)

The Messaging Systems Products Division (IRM/OPS/MSO/MRA):

(1)† Oversees the Departmentís new messaging programs and identifies enhancements for existing systems, providing project management and quality assurance expertise;

(2)† Explores new messaging technologies of potential value to the Department, in conjunction with IRM/BMP, and departmental foreign affairs messaging consolidation initiatives;

(3)† Formulates, coordinates, and recommends messaging policies concerning new messaging technologies for Internet initiatives and their applications to existing and planned systems, in coordination with the other IRM Bureau offices; and

(4)† Provides central management and operational support for electronic mail and the combined bureau processing centers (CBPCs) core messaging applications.

1 FAM 276.3-2(A) †Design and Build Branch (IRM/OPS/MSO/MSP/DB)

(CT:ORG-417;†† 06-15-2017)

The Design and Build Branch (IRM/OPS/MSO/MSP/DB):

(1)† Participates in the finalization of messaging system requirements;

(2)† Develops, presents design concepts, and participates in the selection process;

(3)† Builds prototype systems for the customer and provides security and operational reviews; and

(4)† Finalizes prototype and builds beta systems.

1 FAM 276.3-2(B) †Operational Program Branch (IRM/OPS/MSO/MSP/OP)

(CT:ORG-417;†† 06-15-2017)

The Operational Program Branch (IRM/OPS/MSO/MSP/OP):

(1)† Manages and directs programs supporting worldwide classified and unclassified messaging systems, as appropriate;

(2)† Provides expert guidance for formulating tactical plans, policy, goals, and objectives for messaging systems;

(3)† Plans, implements, budgets, contracts, procures, and arranges training for full-systems deployment following operational acceptance of new messaging systems;

(4)† Provides application support, including guidance, troubleshooting and program resolution, concerning matters pertaining to support messaging systems, in cooperation with the Customer Service Center (IRM/BMP/CST); and

(5)† Evaluates program operations and develops proposals for deactivation or modernization of messaging systems.

1 FAM 276.3-2(C) †Quality Assurance Branch (IRM/OPS/MSO/MT/QA)

(CT:ORG-468;†† 08-20-2018)

The Quality Assurance Branch (IRM/OPS/MSO/MT/QA):

(1)† Develops configuration methods, procedures, and standards to support the development and implementation of messaging systems products;

(2)† Ensures quality and consistency of software and documentation;

(3)† Conducts internal configuration control board meetings, document reviews, and platform audits to define product content, predict user comprehension, and ensure delivery of product;

(4)† Ensures compliance with established validation and verification procedures; and

(5)† Manages the SA-34 computer network in support of development, test, and operation activities. Responsibilities include providing user support and conducting software and hardware inventory.

1 FAM 276.3-2(D) †Project Management Branch †(IRM/OPS/MSO/MSP/PM)

(CT:ORG-417;†† 06-15-2017)

The Project Management Branch (IRM/OPS/MSO/MSP/PM):

(1)† Is the responsible authority for defining and coordinating life-cycle activities for Department-wide messaging projects, from validation of user requirements through operational and customer acceptance; and

(2)† Organizes, plans, and aligns measurable project objectives in accordance with established project management methodologies.

1 FAM 276.3-2(E) †Test and Deploy Branch (IRM/OPS/MSO/MSP/TD)

(CT:ORG-417;†† 06-15-2017)

The Test and Deploy Branch (IRM/OPS/MSO/MSP/TD):

(1)† Is responsible for testing, accepting, and deploying messaging projects and system enhancements;

(2)† Prepares messaging systems for installation at beta sites, including the installation, operational training, and final system validation; and

(3)† Performs user product acceptance review and reports on product readiness for production deployment.

1 FAM 276.3-3 †Special Messaging Operations Division (IRM/OPS/MSO/SMO)

(CT:ORG-417;†† 06-15-2017)

The Special Messaging Operations Division (IRM/OPS/MSO/SMO):

(1)† Manages and oversees the operations of the Intelligence and Special Communications (ISC) Center Branch and the Nuclear Risk Reduction Center (NRRC) Branch.† This includes:

(a)† Maintaining program management responsibilities and technical/operational liaison with the Departmentís Executive Secretariat Operations Center (S/ES-O), Bureau of Intelligence and Research (INR), White House Communications Agency (WHCA), Central Intelligence Agency (CIA), National Security Agency (NSA), Defense Information System Agency (DISA), Department of Defense (DOD) and other DOS bureaus and offices to coordinate operation, maintenance and installation of voice, data and emergency messaging systems;

(b)† Maintaining special, direct communications channels between the Department and foreign governments via secure voice programs (Foreign Affairs Links Ė FAL), and data links (Government-to-Government Communications Links (GGCL), between the Nuclear Risk Reduction Center and foreign governments; and

(c)† Providing direct support to the Department of Stateís Chief Information Officer (CIO) including negotiating interagency agreements, memoranda of understandings (MOUs), bilateral agreements and protocols;

(2)† Provides daily operational and technical support to the Executive Secretariatís Operations Center (S/ES-O) for specialized communications and requirements.† This includes:

(a)† In the arena of the ISC, directly supporting the Secretary of State (the Secretary) and other Department principals with secure voice and video requirements both domestically and abroad;

(b)† Being responsible for the operation of the Departmentís interface to the Defense Red Switch Network; and operation of the Ultra High Frequency (UHF) and satellite communications used to support the Secretary while traveling; and

(c)† Providing Tier 1 service, defined as daily operational and technical support, to the Staff Secretariatís Operations Center (S/S-O) for specialized communications and requirements;

(3)† Manages the operation of the NRRC communications facility and related bilateral GGCL.† This includes providing coordination with foreign governments regarding maintenance and upgrades to equipment and telecommunications links, and maintaining currency of and updates to required international agreements; and

(4)† Provides technical counsel to the Departmentís head of delegation, the Chief Information Officer (CIO) for U.S. Ė Russian technical expert.† IRM/OPS/MSO/SMO negotiates international agreements or treaties with foreign governments in support of the NRRC, Foreign Affairs Link (FAL), Direct Communications Link (DCL), Direct Voice Link (DVL), and Direct Telephone Link (DTL).† IRM/OPS/MSO/SMO provides program management and negotiates with host country regarding the Departmentís FAL and NRRC programs, including drafting/reviewing talking points and bilateral protocols.

1 FAM 276.3-3(A) †Intelligence and Special Communications Center Branch (IRM/OPS/MSO/SMO/ISC)

(CT:ORG-417;†† 06-15-2017)

The Intelligence and Special Communications Center Branch (INR/OPS/MSO/SMO/ISC):

(1)† Manages and operates the ISC, a 24x7 operation.† This includes providing secure voice and data communications support to the Secretary and other principal officers;

(2)† Serves as the Departmentís liaison and interface with the special intelligence community for data, voice, and message traffic.† This includes;

(a)† Providing operations and maintenance support for sensitive compartmented information (SCI); and

(b)† Being responsible for receiving and transmitting Critical Communication (CRITIC-COM) and SCI sensitive record traffic;

(3)† Through the Secure Voice Center (SVC), provides the Secretary and other Department principals with accurate, reliable, and secure communicationsí support when traveling worldwide.† This includes installing, operating, and troubleshooting an array of secure data, video, voice, and facsimile communications terminal equipment and transmission links for the Secretary and the traveling party between site locations and the Department;

(4)† Operates and maintains a secure video conference facility for all Department principals;

(5)† Manages the CRITIC Network operations for the Department, which is the sole access and exit point for the Departmentís CRITIC traffic; and

(6)† Performs other critical-sensitive classified communications activities.

1 FAM 276.3-3(B) †NRRC Messaging Center Branch (IRM/OPS/MSO/SMO/NRRC)

(CT:ORG-417;†† 06-15-2017)

The NRRC Messaging Center Branch (IRM/OPS/MSO/SMO/NRRC):

(1)† Manages and operates the NRRC, a 24x7 operation;

(2)† Maintains liaison and conducts communications facility and related bilateral technical negotiations with foreign counterparts to maintain GGCL and continuous communications links (CCL);

(3)† Serves as technical expert representative for the NRRC Communications on various inter-agency working groups (IWG), the Configuration Control Board (CCB), Engineering Working group (EWG) and the Standing Subcommittee on Upgrade (SSU); and

(4)† Performs other critical-sensitive classified communications activities.

1 FAM 276.3-4 †E-Mail Division (IRM/OPS/MSO/EML)

(CT:ORG-417;†† 06-15-2017)

The E-Mail Division (IRM/OPS/MSO/EML):

(1)† Provides program management and direction for classified and unclassified electronic messaging (e-mail) processing systems, internet, OpenNet, Network Control Center (NCC), and Combined Bureau Processing Center (CBPC) operations;

(2)† Serves as a senior Department representative at inter-agency working group meetings on e-mail, firewalls, electronic directories, and associated technologies;

(3)† Coordinates, reviews, and monitors the operational life cycle of e-mail, Internet, SIPRNET, Open Source Information System (OSIS), OpenNet, NCC, and CBPC activities and recommends enhancements;

(4)† Provides information systems security support for the Departmentís global classified, unclassified, and SBU e-mail systems and networks;

(5)† Provides management oversight and direction to on-site Microsoft Corporation support to the Department; and

(6)† Serves as the day-to-day manager of the worldwide Department mobile computing programs that support the Foreign Affairs community remote access requirements.† Mobile computing is defined as any program that includes technologies or applications designed to provide classified or unclassified access to Department networks by devices that are not continuously connected to one of the networks.

1 FAM 276.3-4(A) †Network Control Center Branch (IRM/OPS/MSO/EML/NCC)

(CT:ORG-417;†† 06-15-2017)

The Network Control Center Branch (IRM/OPS/MSO/EML/NCC):

(1)† Manages and operates the Departmentís 24x7 Sensitive But Unclassified (SBU) and unclassified enterprise e-mail network central infrastructures, a worldwide interconnection of local LAN-based systems that connect the Department to all U.S. embassies, consulates, and missions abroad;

(2)† Manages and operates the Departmentís 24x7 unclassified internet support services;

(3)† Manages and operates the Departmentís 24x7 Sensitive But Unclassified (SBU) remote access system platforms and firewall systems platforms; and

(4)† Manages and operates information systems security infrastructure, including Data Encryption Standard (DES) and Type 1 encryption devices.

1 FAM 276.3-4(B) †Combined Bureau Processing Center Branch (IRM/OPS/MSO/EML/CBPC)

(CT:ORG-477;†† 09-19-2018)

Combined Bureau Processing Center Branch (IRM/OPS/MSO/EML/CBPC):

(1)† Manages and operates the Department's 24x7 Secret classified enterprise e-mail network central infrastructure, connecting the Department to all U.S. embassies, consulates, and missions abroad;

(2)† Manages and operates the central infrastructure for the Department's 24x7 domestic Secret classified distribution systems;

(3)† Manages and operates information systems security infrastructure for classified e-mail delivery systems with Type 1 encryption devices; and

(4)† Manages and operates the Department's 24x7 Secret classified firewall systems platforms.

1 FAM 276.3-4(C) †Mobile Computing Branch (IRM/OPS/MSO/EML/MC)

(CT:ORG-417;†† 06-15-2017)

The Mobile Computing Branch (IRM/OPS/MSO/EML/MC):

(1)† Manages and operates worldwide Department mobile computing programs that support Foreign Affairs community remote access requirements;

(2)† Provides technical network, operational, and administrative support to the Department of State and numerous Federal Agencies for Global OpenNet (GO), Blackberry, Secure Dial-In (SDI), and other mobile computing programs; and

(3)† Serves as the Department of Stateís primary mobile computing site responding to a wide array of customer queries via the IT Service Centerís Universal Trouble Ticket (UTT) system and direct contact.

1 FAM 276.3-5 †Main State Messaging Center Division (IRM/OPS/MSO/MSMC)

(CT:ORG-477;†† 09-19-2018)

The Main State Messaging Center Division (IRM/OPS/MSO/MSMC):

(1)† Manages and operates the Main State messaging center (MSMC), the remote messaging center in State Annex 44, and maintains technical and operational liaison with the Departmentís Executive Secretariatís Operations Center (S/ES-O), INR, other bureaus, offices, and agencies, to coordinate ongoing and emergency messaging;

(2)† Responsible for 7x24-hour message processing, message analysis and distribution, traffic research, and network management for Department enterprise messaging systems;

(3)† Serves as the primary technical and operational liaison between IRM and the White House Communications agency, the Executive Secretariatís Operations Center (S/ES-O), the Bureau of Diplomatic Security (DS), and other government entities for routine emergency messaging and telecommunications operational support; and

(4)† Provides operational life-cycle management for the Departmentís Main State messaging center and satellite bureau message centers, supporting core-messaging applications in accordance with prevailing Federal statutes, regulations, and applicable legislation.

1 FAM 276.3-5(A) †Messaging Operations Branch (IRM/OPS/MSO/MSMC/MOB)

(CT:ORG-477;†† 09-19-2018)

The Messaging Operations Branch (IRM/OPS/MSO/MSMC/MOB):

(1)† Maintains 7x24-hour messaging liaison with bureaus, S/ES-O, posts, and other Federal agencies;

(2)† Performs high-level coordination of critical-sensitive messaging support functions with the Executive Secretariat (S/ES) Staff, White House, Pentagon, and other offices, bureaus, and Federal agencies;

(3)† Provides telecommunications guidance to MSMC shift chiefs and communications personnel at posts;

(4)† Serves on telecommunication procedural, development, and operations planning groups within the IRM Bureau;

(5)† Manages the worldwide messaging collective address and CRITIC test programs;

(6)† Performs message handling, processing and analysis, and distribution functions, 7x24 hours;

(7)† Operates the MSMC Help Desk;

(8)† Manages the Department of State publications (DOSPUB) routing indicator program;

(9)† Operates core messaging and peripheral equipment to retrieve, correct, re-enter, and research messages and continuity journals;

(10) Operates the Defense Messaging System (DMS) Help Desk; and

(11) Performs world-wide management of various State Messaging Archive Retrieval Toolset (SMART) message validation and management queues for Department and other agency customers both domestically and abroad.

1 FAM 276.3-5(B) †Communications Systems Branch (IRM/OPS/MSO/MSMC/CSB)

(CT:ORG-417;†† 06-15-2017)

The Communications Systems Branch (IRM/OPS/MSO/MSMC/CSB):

(1)† Operates mainframe and ancillary message-processing systems, 7x24 hours;

(2)† Performs telecommunications technical and network control, trouble analysis, and circuit management functions; and

(3)† Performs trouble analysis and circuit management functions to maintain cryptographic operations.

1 FAM 276.3-5(C) †Programming Branch (IRM/OPS/MSO/MSMC/PRG)

(CT:ORG-477;†† 09-19-2018)

The Programming Branch (IRM/OPS/MSO/MSMC/PRG):

(1)† Performs automated terminal system (ATS), State terminal automated relay system (STARS), and PC hardware and software maintenance for Main State and Beltsville, Maryland 7x24 hours;

(2)† Oversees, manages, and performs the contracting officerís representative function for the contract that provides programming and system maintenance for IRM/OPS/MSO/MSMC and some of IRM/OPS/MSO/BMC system computers and peripheral equipment;

(3)† Performs LAN administration and hardware/software configuration management for PC and mainframe processing systems; and

(4)† Serves on the system development, technical, and operations planning group within the IRM Bureau.

1 FAM 276.3-6 †Beltsville Messaging Center Division (IRM/OPS/MSO/BMC)

(CT:ORG-417;†† 06-15-2017)

The Beltsville Messaging Center Division (IRM/OPS/MSO/BMC):

(1)† Manages and operates the Beltsville Messaging Center and the alternate Nuclear Risk Reduction Center (NRRC) messaging system.† Maintains technical and operational liaison with the Departmentís Executive Secretariatís Operations Center (S/ES-O), White House Communications Agency (WHCA), Diplomatic Telecommunications Service Programs Office (DTS-PO), CIA, NSA, and other agencies, bureaus, and offices to coordinate ongoing and emergency messaging 7 days x 24 hours;

(2)† Provides program oversight for the Departmentís messaging systems worldwide;

(3)† Manages the Departmentís primary global telecommunications network center and regional messaging relay facility;

(4)† Serves as designated alternate site facility for emergency messaging operations and the State Archiving System (SAS);

(5)† Provides management oversight of the entire State Annex 26 facility to include building operations and maintenance support for the tenant organizations; and

(6)† In accordance with policies and procedures established by A/OEM/PPD and the Domestic Emergency Action Committee, is solely responsible for all emergency operations and relocation facilities within the complex.† IRM/OPS/MSO/BMC is responsible for classified operations, support, and memoranda of understanding (MOUs) related to the forwarded activities.

1 FAM 276.3-6(A) †Communications Operations Branch (IRM/OPS/MSO/BMC/OPS)

(CT:ORG-477;†† 09-19-2018)

The Communications Operations Branch (IRM/OPS/MSO/BMC/OPS):

(1)† Manages and operates the State automated relay system (STARS) red message switching computers and ancillary systems;

(2)† Performs telecommunications network management of the domestic communications links that support the diplomatic telecommunications service (DTS) network;

(3)† Serves as the Departmentís on-site facilitator for interagency and inter-office network service requests;

(4)† Plans, develops, and implements the telecommunications operational methods and procedures used by the Department of State and other U.S. Government agencies; and

(5)† Directs and coordinates the development of system and data circuit requirements between the Department and other U.S. Government agencies.† IRM/OPS/MSO/BMC/OPS maintains liaison with officials of other U.S. Government agencies concerning common telecommunications programs.†

1 FAM 276.3-6(B) †Technical Services Branch (IRM/OPS/MSO/BMC/TS)

(CT:ORG-468;†† 08-20-2018)

The Technical Services Branch (IRM/OPS/MSO/BMC/TS):

(1)† Provides primary technical control and maintenance support for BMC primary operations, including circuit, multiplexer, and cryptographic analysis and troubleshooting;

(2)† Liaises with IRM/ENM/GTS on circuit troubleshooting and installations for all overseas and domestic circuits that terminate into the STARS;

(3)† Provides COMSEC control for the BMC COMSEC accounts;

(4)† Provides site security support for managing and controlling physical access to the Beltsville locations to include:

(a)† Usage;

(b)† Handling;

(c)† Disposition; and

(d)† Control of classified equipment and materials; and

(5)† Provides guidance and assistance for the security programs and coordinates with SA-26 tenant organizationsí unit security officers, facilities management services, Diplomatic Security, and other U.S. Government security agencies to ensure physical security, communications, personnel, information systems, and TEMPEST security are maintained in accordance with National Institute of Standards and Technology (NIST), Federal Information Processing Standards (FIPS), and Diplomatic Securityís Office of Cybersecurity Guidance.

1 FAM 276.3-6(C) †Interagency Communications Support Activity Branch (IRM/OPS/MSO/BMC/ICSA)

(CT:ORG-417;†† 06-15-2017)

The Interagency Communications Support Activity Branch (IRM/OPS/MSO/BMC/ICSA):

(1)† Provides central program management, operational, application, and diagnostic services for all interagency communications activities supported out of SA-26 and other selected DOS annexes;

(2)† Responsible for logistical services (warehousing and shipping) for worldwide interagency communications activities supported by the Department; and

(3)† Performs high-level coordination related to the support of critical-sensitive interagency communications.

1 FAM 276.4 †Office of Consolidated Customer Support (IRM/OPS/CCS)

(CT:ORG-417;†† 06-15-2017)

The Office of Consolidated Customer Support (IRM/OPS/CCS):

(1)† Provides rapid, reliable delivery of quality products and services to all IRM consolidated bureau OpenNet and ClassNet users and serves as the primary interface and facilitator for all IRM products and services;

(2)† Implements long-range operational policies and plans in a highly dynamic and ever-changing environment;

(3)† Provides coordination and direction for desktop support services and helpdesk operations for facilities at domestic and overseas posts; and

(4)† Oversees the operations and management of two walk-in IT centers (the ďIT MartĒ), governed by the principle of ďone-stop shoppingĒ to provide rapid, reliable services to IRMís OpenNet and ClassNet users. †

IRM/OPS/CCS receives, logs, tracks, and manages service requests or queries received by walk-in customers and distributes requests to the appropriate IRM action office (e.g., PKI, mobile computing, or user accounts). †IRM/OPS/CCS manages the IT Marts and expedites trouble calls when deemed necessary, to achieve speedy resolution and ensures that timely, coordinated responses/solutions are provided to all of IRMís consolidated bureau OpenNet and ClassNet users.

1 FAM 276.4-1 †Information Technology Service Center (IRM/OPS/CCS/ITSC)

(CT:ORG-417;†† 06-15-2017)

The Information Technology Service Center (IRM/OPS/CCS/ITSC):

(1)† Provides a single point of contact for IRM Bureau approved Department of State information technology (IT) products and services worldwide;

(2)† Manages the centralized IRM IT Service Center for the Department, providing daily 24-hour IT helpdesk support. †IRM/OPS/CCS/ITSC provides domestic and overseas employees with a single point of contact for information or assistance on IRM bureau products, services, and standard commercial off-the-shelf (COTS) products, as well as specialized support for applications and services typically provided by other Department of State organizations when required;

(3)† Provides IRM management and other Department bureaus with reports relating to operational event management, from preparing initial requests for services and records management to performing, monitoring, and closure;

(4)† Operates and manages specialized IT hardware, software, and peripherals for the bureau, division, and Department, supporting customers worldwide;

(5)† Provides operational event recording, tracking, and follow-up for all requests received at the IRM IT Service Center from Department OpenNet and ClassNet users;

(6)† Provides first-level support (Tier-1) to Department OpenNet and ClassNet users, and when required, transfers and monitors completion-of-service requests to other IRM service providers (Tier-2 and Tier-3) and Department technical support functions for resolution;

(7)† Provides ďearly warningĒ and other notifications of core outages and other events when necessary; and

(8)† Provides remote domestic IT support services for consolidated offices and/or bureaus requesting assistance.

1 FAM 276.4-2 †Desktop Support Services† (IRM/OPS/CCS/DSS)

(CT:ORG-417;†† 06-15-2017)

The Desktop Support Services Division (IRM/OPS/CCS/DSS):

(1)† Provides operations and technical support to domestic workstations;

(2)† Provides all systems integration, account administration, and network administration for consolidated bureaus and offices. †IRM/OPS/CCS/DSS coordinates installation and administration of computer systems to other government agencies on OpenNet and ClassNet;

(3)† Coordinates imaging and continuing technical support for consolidated bureaus systems;

(4)† Conducts Tier-2 support from ďdesktop to wall plateĒ for all operation and maintenance (O&M) measures concerned with or directly related to user workstations for consolidated domestic bureaus.

(5)† Coordinates consolidated bureaus user requirements and schedules for desktop-related projects such as workstation refresh, local area network (LAN) integration, software upgrades, and office moves;

(6)† Ensures consolidated bureau workstations are functioning under and compliant with the guidelines set forth by the Department of State Standard Operating Environment (SOE-D);

(7)† Installs, updates, and configures IT Configuration Control Board (ITCCB)-approved desktop applications and hardware for supported domestic bureaus;

(8)† Supplies and maintains active directory (AD) accounts for supported consolidated bureau customers;

(9)† Supplies classified and unclassified e-mail accounts to consolidated bureau customers and conducts maintenance for desktop email applications;

(10) Supports mobile devices such as GO RSA tokens and BlackBerry for Department consolidated bureau customers;

(11) Coordinates with other domestic Department offices and bureaus to resolve any in-scope desktop support-related issues;

(12) Identifies and recommends to consolidated bureau customers appropriate training materials pertaining to the use of Department IT resources in coordination with the School of Applied Information Technology (SAIT) of the Foreign Service Institute (FSI) and bureau-specific IT training programs; and

(13) Issues and responds to relevant change-management actions within the Department of State to resolve desktop support issues.

1 FAM 276.4-3 †Operational Support Services† (IRM/OPS/CCS/OSS)

(CT:ORG-417;†† 06-15-2017)

The Operational Support Services Division (IRM/OPS/CCS/OSS):

(1)† Provides quality control and oversight for IRMís customer support efforts via the Information Technology Infrastructure Library (ITIL) model;

(2)† Conducts oversight and monitoring of operational events and service requests to ensure they comply with established operational event management processes and procedures;

(3)† Conducts trending analysis and reporting on the operational event management process;

(4)† Is responsible for all activities required to diagnose the root cause of operational events and to determine the resolution of problems;

(5)† Controls and coordinates change, and ensures that standardized methods and procedures are used for the efficient handling of all changes;

(6)† Identifies, controls and verifies the attributes of desktop-related configuration items (CIs) and maintains a configuration management database, recording all CIs and their relationships;

(7)† Provides IT asset management for all consolidated bureau workstations under IRM/OPS/CCS ownership;

(8)† Conducts annual IT inventory reconciliation under the guidance of A/LM/PMP/PM and provides desktop numbers for IT consolidation invoices;

(9)† Provides replacement and warranty services for broken desktop equipment for bureaus participating in the Global Information Technology Modernization (GITM) program;

(10) Is responsible for design and implementation procedures, management of customer expectations, and quality control of the distribution and installation of changes to the desktop;

(11) Enforces policies, processes, and procedures to ensure that the Office of Consolidated Customer Support, Desktop Support Services Division (IRM/OPS/CCS/DSS) service environment is in compliance with Department of State security guidelines (i.e., 12 FAM/FAH). IRM/OPS/CCS/OSS monitors supported domestic bureausí systems for security risks and re-evaluates the effectiveness of measures currently in place on a regular basis, as well as monitors all changes to the environment to determine risk;

(12) Provides information security for network resources and fulfills Information Systems Security Officer (ISSO) responsibilities with regard to maintaining requirements for all workstations on all Department network(s) and all users as defined by the service-level agreement (SLA) for fully consolidated bureaus and ISSO appointment memos;

(13) Installs patches and updates as they pertain to the Department of State SOE-D security posture; and

(14) Resolves the root cause of operational events to minimize the adverse impact of problems caused by errors within the IT infrastructure, and to prevent a reoccurrence of operational events related to these errors.

1 FAM 276.5 †Systems and Integration Office (IRM/OPS/SIO)

(CT:ORG-417;†† 06-15-2017)

The Systems and Integration Office (IRM/OPS/SIO):

(1)† In conjunction with other IRM offices, the SIO Office is responsible for:

(a)† Providing enterprise technology-based solutions and services in the areas of managerial, collaboration, compensation, post-specific administration, Web sites, and Web-based applications;

(b)† Developing and implementing Department-wide systems integration and data management standards, policies, and procedures; and

(c)† Managing and operating the Departmentís Enterprise Server Operations Centers (ESOCs); and

(2)† The office is comprised of five divisions and one major staff function:

(a)† Systems Strategy, Governance and Service Delivery Division (SGS);

(b)† Systems Development Division (SDD);

(c)† Systems Operations Division (SOD);

(d)† Enterprise Server Operations Center-Operations and Maintenance (ESOC-O&M);

(e)† Enterprise Server Operations Center-Design and Build (ESOC-D&B); and

(f)†† Process and Performance Management Staff (SIO/PPM).

1 FAM 276.5-1 †Systems Strategy, Governance and Service Delivery Division (IRM/OPS/SIO/SGS)

(CT:ORG-417;†† 06-15-2017)

The Systems Strategy, Governance and Service Delivery Division (IRM/OPS/SIO/SGS) Division is composed of three teams:

(1)† Financial Management (FM);

(2)† Systems Integration Portfolio Management (PM) (Note: IRM/OPS/SIO/SGS/PM supports Portfolio Management within SIO/SGS.† IRM/BMP/SPO/PM is responsible for Portfolio Management of the State Departmentís IT portfolios enterprise-wide as defined in 1 FAM 275.2-3); and

(3)† Security Management (SM).

1 FAM 276.5-1(A) †Financial Management Team (IRM/OPS/SIO/SGS/FM)

(CT:ORG-417;†† 06-15-2017)

The Financial Management Team (IRM/OPS/SIO/SGS/FM):

(1)† Develops, monitors, and executes the SIO budget;

(2)† Monitors and executes SIO approved budget based on program and project requirements;

(3)† Monitors and executes all SIO license and maintenance agreements; coordinates, tracks, and submits SIO inventory reporting; and

(4)† Tracks and executes all contract costs and ULO (Unliquidated Obligation) reporting.

1 FAM 276.5-1(B) †Portfolio Management Team (IRM/OPS/SIO/SGS/PM)

(CT:ORG-417;†† 06-15-2017)

The Portfolio Management Team (IRM/OPS/SIO/SGS/PM):

(1)† Oversees SIOís IT Portfolio, including management and support of programs and projects to meet SDLC (Systems Development Life Cycle) requirements;

(2)† Coordinates and facilitates all SIO PRB (Program Review Board) meetings and activities and SIOís input to the MSP-IT (Managing State Projects-Information Technology) process;

(3)† Supports programs and projects to meet the Departmentís IT policies and reporting requirements, provides support to meet the Departmentís Capital Planning and Investment Control requirements; serves as the SIO IT Investment Coordinators; and

(4)† Serves as the SIO Customer Engagement liaison; coordinates with SIO customers to ensure requirements are documented, customer agreements for requested services are established and tracked, and service costs are provided.

1 FAM 276.5-1(C) †Security Management Team (IRM/OPS/SIO/SGS/SM)

(CT:ORG-417;†† 06-15-2017)

The Security Management Team (IRM/OPS/SIO/SGS/SM):

(1)† Ensures systems are configured, operated, maintained, and disposed of pursuant to Department guidance; works closely with system administrators to ensure security related functions are performed; and

(2)† Serves as the SIO ISSO by working with system administrators to meet all system security requirements.

1 FAM 276.5-2 †Systems Development Division (IRM/OPS/SIO/SDD)

(CT:ORG-417;†† 06-15-2017)

The Systems Development Division (IRM/OPS/SIO/SDD) is composed of three teams:

(1)† Project Management (PM);

(2)† Compensation Applications (CA); and

(3)† Systems Development (SD).

1 FAM 276.5-2(A) †Project Management Team (IRM/OPS/SIO/SDD/PM)

(CT:ORG-417;†† 06-15-2017)

The Project Management Team (IRM/OPS/SIO/SDD/PM:

(1)† Provides project management and process definition for all SIO development activities;

(2)† Oversees project initiation and all start-up activities;

(3)† Provides project planning, coordination, and project control for all SIO development projects;

(4)† Provides project reporting, communication and transition management oversight;

(5)† Provides alternative analysis and ROI (Return on Investment) analysis for all new and/or anticipated projects; and

(6)† Provides service validation and testing, and knowledge and training development for development units within SIO.

1 FAM 276.5-2(B) †Compensation Applications Team (IRM/OPS/SIO/SDD/CA)

(CT:ORG-417;†† 06-15-2017)

The Compensation Application Team (IRM/OPS/SIO/SDD/CA):

(1)† Provides requirements analysis, design, development, maintenance, enhancement, technical support, and user acceptance test plans for the payroll and retirement application mainframe information systems; work priorities are defined by the customer for each application;

(2)† Monitors on-going payroll processes to ensure that all systems are functioning as designed and all deadlines are being met;

(3)† Creates test plans for all system modifications, including unit, system, regression, and user acceptance testing;

(4)† Develops and periodically tests, backup and disaster recovery plans;

(5)† Develops and regularly exercises change management plan;

(6)† Supports reports development and responds to financial audits; and

(7)† Administers the Table-Driven Online Foundation Software (TOFS) library.

1 FAM 276.5-2(C) †Systems Development Team (IRM/OPS/SIO/SDD/SD)

(CT:ORG-417;†† 06-15-2017)

The Systems Development Team (IRM/OPS/SIO/SDD/SD):

(1)† Works with clients to develop system requirements documents;

(2)† Creates detailed system design documents;

(3)† Oversees the complete SDLC (System Development Life Cycle);

(4)† Ensures source control and management of all software modules;

(5)† Oversees the quality control and change management of all software modules prior to release; and

(6)† Provides all project support functions during entire SDLC.

1 FAM 276.5-3 †Systems Operations Division (IRM/OPS/SIO/SOD)

(CT:ORG-417;†† 06-15-2017)

The System Operations Division (IRM/OPS/SIO/SOD) is composed of two teams:

(1)† Enterprise Service Support (ESS); and

(2)† Enterprise Service Operations (ESO).

1 FAM 276.5-3(A) †Enterprise Service Support Team (IRM/OPS/SIO/SOD/ESS)

(CT:ORG-417;†† 06-15-2017)

The Enterprise Service Support Team (IRM/OPS/SIO/SOD/ESS):

(1)† Responsible for overall customer satisfaction, by ensuring all service support and service delivery actions, both at the business requirement and IT requirement level, are being met;

(2)† Oversees the asset management function by tracking and controlling all IT assets in the SIO infrastructure;

(3)† Oversees the configuration management function by tracking and controlling all configuration items in the SIO infrastructure;

(4)† Controls the release and deployment of all IT upgrades, software releases, and/or installations;

(5)† Oversees the measuring, analyzing, and reporting of all performance metrics to determine ways to improve capacity;

(6)† Oversees incident response activities by communicating internally and externally, and ensuring customer conflict resolution and customer satisfaction; and

(7)† Manages the knowledge base and training delivery required for current services.

1 FAM 276.5-3(B) †Enterprise Service Operations Team (IRM/OPS/SIO/SOD/ESO)

(CT:ORG-417;†† 06-15-2017)

The Enterprise Service Operations Team (IRM/OPS/SIO/SOD/ESO):

(1)† Oversees the day-to-day infrastructure operations to provide delivery of systems and service at agreed levels;

(2)† Provides overall management of all infrastructure devices such as servers, hosts, and networking devices to ensure proper operation;

(3)† Provides the management of all assets necessary to ensure reliable data base services;

(4)† Provides maintenance, monitoring, reporting, and event remediation of all security related tools and security logs; and

(5)† Provides management of all assets necessary to ensure proper operation and availability of the SIO DevLAN (Development Local Area Network).

1 FAM 276.5-4 †Enterprise Server Operations CenterĖ Operations and Maintenance Division (IRM/OPS/SIO/ESOC-O&M)

(CT:ORG-417;†† 06-15-2017)

The Enterprise Server Operations Center-Operations and Maintenance Division (IRM/OPS/SIO/ESOC-O&M):

(1)† Manages and operates the Departmentís Enterprise Server Operations Centers and is comprised of three branches:

(a)† The Configuration and Asset Management Branch (ESOC-O&M/AMB) provides overall Configuration Management, Asset Management and IT Facilities Management for the ESOC Centers;

(b)† The Legacy Systems Support Branch (ESOC-O&M/LEG) provides operational support for the mainframe legacy applications; and

(c)† The Level 1 Operations Support Branch (ESOC-O&M/OPS) provides the first line (Level 1) of operational support for the open systems servers used for the majority of Departmentís applications;

(2)† Provides the full range of activities related to the Operations and Maintenance of an enterprise operations center including configuration management, change control, quality assurance, data center disaster recovery and contingency planning, data center security controls and compliance, budget preparation and control, contract administration, acquisitions, SIO customer support services, and project reporting; and

(3)† Supports the Departmentís need for customer lights out data center services by providing 24x7 server monitoring, problem escalation, enterprise backup and restore, data mirroring, virtual infrastructure, storage area network/network attached storage (SAN/NAS) storage (data base or file/print), patch application, and compliance reporting.

1 FAM 276.5-4(A) †Configuration and Asset Management Branch (IRM/OPS/SIO/ESOC-O&M/AMB)

(CT:ORG-417;†† 06-15-2017)

The Configuration and Asset Management Branch (IRM/OPS/SIO/ESOC-O&M/AMB):

(1)† Provides configuration management for all ESOC software and products;

(2)† Provides asset management for all ESOC equipment and accountable property; and

(3)† Provides oversight of all facilities issues associated with the various ESOC sites.

1 FAM 276.5-4(B) †Legacy Systems Support Branch (IRM/OPS/SIO/ESOC-O&M/LEG)

(CT:ORG-417;†† 06-15-2017)

The Legacy Systems Support Branch (IRM/OPS/SIO/ESOC-O&M/LEG):

(1)† Ensures that mainframe operations centers at ESOC sites are fully supported with appropriate and sufficient enterprise mainframe computer processors, and that environmental systems are monitored, controlled, and maintained on a normal operating schedule;

(2)† Manages, maintains, and controls the SIOís mainframe backup solution at all ESOC sites;

(3)† Manages and directs the activities required to generate, reproduce, store, control, and distribute computer-generated information;

(4)† Analyzes and plans the most efficient workload for the mainframe computers, including developing job schedules, task assignments, timetables, priorities, and modifying job schedules to meet urgent demands or changing requirements;

(5)† Maintains and tracks any documents produced by the Departmentís enterprise mainframe computers and maintains accurate up-to-date records of deliveries, pickups, and authorized Department customer offices;

(6)† Operates, maintains, and troubleshoots mainframe communications by recording events, detecting problems, and restoring services to communication equipment;

(7)† Manages operating systems, utility software development, installation, and maintenance for the Departmentís mainframe computers; and

(8)† Provides the required analyses, design, development, maintenance, and deployment of mainframe communications control programs in order to facilitate open exchange of information between the enterprise mainframe computers and the Departmentís customer systems, in conformance with established Department security architecture standards and policies.

1 FAM 276.5-4(C) †Level 1 Operations Support Branch (IRM/OPS/SIO/ESOC-O&M/OPS)

(CT:ORG-417;†† 06-15-2017)

The Level 1 Operations Support Branch (IRM/OPS/SIO/ESOC-O&M/OPS):

(1)† Ensures that the open-systems operations centers at ESOC sites are fully supported with appropriate and sufficient server capabilities and that all environmental systems are monitored, controlled, and maintained on a 24x7 basis;

(2)† Ensures that all open systems are backed up in accordance with Department standards and conducts periodic tests to verify that all backup and restore procedures are working as designed;

(3)† Monitors all servers and the various connectivity points and interfaces to ensure systems are operating.† When outages occur, escalates the problem to Level 2 support and/or the appropriate system owner;

(4)† Manages the configuration elements of all systems owned by SIO that are within the ESOC;

(5)† Manages placement and inventory of all systems owned by bureaus that are placed within the ESOC;

(6)† Analyzes and plans the most efficient workload for the various ESOC servers, including monitoring production systems to identify trouble spots or bottle necks before actual failures occur and responding to urgent demands to make configuration modifications;

(7)† Operates, maintains, and troubleshoots communications equipment by recording events, detecting problems, and restoring services to communication equipment;

(8)† Manages operating systems, utility software, installation, and maintenance for the Departmentís ESOC-based servers; and

(9)† Coordinates the facilities management activities for all ESOC server locations.

1 FAM 276.5-5 †Enterprise Server Operations Center Ė Design and Build Division (IRM/OPS/SIO/ESOC-D&B)

(CT:ORG-417;†† 06-15-2017)

The Enterprise Server Operations Center-Design and Build Division (IRM/OPS/SIO/ESOC-D&B):

(1)† Provides the overall design and direction for new or refurbished Enterprise Server Operations Centers (ESOC);

(2)† Provides the project management to oversee the build-outs of new or refurbished ESOC facilities;

(3)† Provides the design for new and upgraded virtual infrastructure capabilities;

(4)† Researches and makes recommendations for upgrades to storage area network/network attached storage (SAN/NAS) storage capabilities;

(5)† Provides the overall technical recommendations for the open systems direction, selects hardware/software/firmware products, evaluates virtual processing capabilities, and provides management with the blueprint for future enhancements;

(6)† Provides the technical guidance for selecting, evaluating, implementing, and monitoring the standard operating systems used on all ESOC open systems;

(7)† Identifies technical solutions for the Departmentís storage solutions, evaluates software, makes selections, oversees the implementation, and monitors the ongoing storage processes for accuracy and efficiency;

(8)† Plans the most efficient server configuration, server virtualization strategies, and utilization of computer-room space, backup configuration, and continuity of operations plans; and

(9)† Provides managed services support to ESOC customers including patch management, system upgrades, security compliance reporting, information assurance support, and product production testing and rollout.

1 FAM 276.5-6 †Process and Performance Management Staff (IRM/OPS/SIO/PPM)

(CT:ORG-417;†† 06-15-2017)

The Process and Performance Management Staff (IRM/OPS/SIO/PPM) is responsible for three major functions:

(1)† Process Management - Analyzes current processes across the various SIO divisions, producing best practices and identifying gaps or inefficiencies; incorporates ITIL (Information Technology Infrastructure Library) practices across SIO; develops workflows and processes to support internal and external projects; standardizes SDLC (System Development Life Cycle), Standard Operating Procedures (SOPs), Configuration Control Board (CCBs), and (Service Level Agreement (SLA) processes across SIO; map and represent team processes including business engagement; review processes periodically to ensure efficiency and relevancy; and Support the IRM Process Improvement Workgroup.

(2)† Performance Management - Documents existing baseline of performance metrics; analyzes metrics and data for compliancy, relevancy and improvements; provides recommendations for improvement based on best practices, industry and/or economies of scale; gathers and reports data on key performance metrics; develops plans for performing performance inspections; and manages performance of labor contracts and provides analysis to GTMs (Government Technical Managers) and CORs (Contracting Officer Representative.

(3)† Contract Management - Maintains a centralized Contracting Officer Representative (COR) function for various VanGuard and related contracts; responds to contract questions, and accepts and approves invoices; coordinates with GTMs via status reports, and coordinates and conducts status and progress meetings with GTMs, VanGuard Management Office (VMO), and (Contracting Officer (CO); conducts incentive assessments in conjunction with GTMs and offices; performs as liaison to VMO office; and manages VanGuard contract modifications.

1 FAM 277 †REGIONAL INFORMATION MANAGEMENT CENTERS (RIMCs)

(CT:ORG-417;†† 06-15-2017)

IRM/OPS manages four regional information management centers (RIMCs) worldwide.† They perform the following duties:

(1)† Provide technical and operational assistance on all information management programs to the posts within their geographic region;

(2)† Formulate information management programs in the field, develop supporting budget and financial reports, and submit required administrative, technical, and analytical reports;

(3)† Provide direction to the information management technical specialists (IMTS) under their supervision and monitor technical program performance;

(4)† Examine and assess the effectiveness of ongoing communications and information systems programs and provide expertise necessary for enhancing area diplomatic missions' overall information management posture.† RIMCs recommend improvements to achieve maximum efficiency and security on information management projects and programs;

(5)† Conduct technical site surveys and develop plans for constructing or upgrading communications and data processing facilities.† RIMCs assist other foreign affairs agencies with their communications requirements;

(6)† Coordinate Diplomatic Telecommunication Service (DTS) operations and policies with the area telecommunications office (ATO); and

(7)† IRM RIMCs are located in:

(a)† U.S. Embassy Bangkok, RIMC/EAP/SA with satellite offices in Beijing, Canberra, Manila, New Delhi, and Tokyo;

(b)† U.S. Embassy Pretoria, RIMC/AF with satellite offices in Lome and Harare;

(c)† Fort Lauderdale Regional Center, RIMC/WHA; and

(d)† U.S. Consulate General Frankfurt, RIMC/EUR/NEA/AFW with a satellite office in Cairo.

1 FAM 278 through 279 †UNASSIGNED



1 FAM Exhibit 271.3
BUREAU OF INFORMATION RESOURCE MANAGEMENT (IRM)

(CT:ORG-417;†† 06-15-2017)

Title: IRM High-Level Org Chart - Description: IRM High-Level Org Chart