5 FAM 150
SERVICE AGREEMENTS
(CT:IM-321; 06-07-2024)
(Office of Origin: DT/BMP/SPB/FM)
5 FAM 151 PURPOSE AND SCOPE
(CT:IM-321; 06-07-2024)
a. Service agreements provide the Department of State (DOS) and the Bureau of Diplomatic Technology (DT) with the insights and expectations required to deliver services to the DOS bureaus, federal agencies, or other organizations.
b. This policy applies to all agreements to which DT is a party, pertain to DT services, or involve systems and networks for which DT is the information system owner, domestically and abroad.
c. Domestically, agreements are routed through the Performance Management Division (DT/BMP/GRP/PFM). PFM coordinates and manages all aspects of DT agreements including the drafting and clearance process. PFM’s agreements team can be reached at DTAgreements@state.gov. Overseas posts should coordinate with DT/Foreign Operations at DT/FO_FTES_DL@state.gov.
5 FAM 152 AUTHORITIES
(CT:IM-179; 07-07-2016)
The authorities for this policy are found in:
(1) Subpart 617.500 of the DOS Acquisition Regulation (DOSAR);
(2) Economy Act of 1932, 31 U.S.C. 1535 and Section 632(b) of the Foreign Assistance Act (FAA) of 1961 as amended;
(3) Section 405 of the Government Reform Act of 1994 (31 U.S.C. 331(b) (1));
(4) Procurement Information Bulletin (PIB), 2013-3 Acquisition Agreements, January 30, 2013;
(5) PIB 2014-5 Non-Acquisition Interagency Agreements, January 23, 2014;
(6) Treasury Financial Manual, Volume I, Part 2, Chapter 4700 and Chapter 4706 Appendix 10, Intragovernmental Business Rules, as revised;
(7) Statement of Federal Financial Accounting Standards (SFFAS), Number 4; and
(8) Delegation of Authorities from the Chief Information Officer (CIO) to the Deputy Chief Information Officer (DCIOs), August 19, 2013.
5 FAM 153 DEFINITIONS
(CT:IM-321; 06-07-2024)
Interagency Agreement: An Interagency Agreement (IAA) defines the financial details of an order, terms of reimbursement, itemized costs, and financial obligations when one agency performs services or provides items to another agency. Services and items are either provided directly or by contract with a private party then charged for reimbursement. An IAA is often used with a corresponding Memorandum of Agreement (MOA), which describes the general terms and conditions (GT&C) of the service. All parties must agree to the IAA’s terms and conditions, and an authorized official from each agency involved must sign it.
Interconnection Security Agreement: An Interconnection Security Agreement (ISA) documents and formalizes a network or communications interconnection between parties and specifies any security safeguards needed to protect the interconnected systems. An ISA supports the MOA or Memorandum of Understanding (MOU) between the parties. (See 5 FAH-11 H-820, Establishing Connectivity)
DT Steering Committee: The DT Steering Committee (SC) is the governing body for review and disposition of all control gates for DT projects. The DT SC approves project charters, baselines, tailoring requests, and baseline change requests. Accordingly, the DT SC establishes SLAs, governance policies and processes for DT. (Charter approved July 2013)
Master Service Level Agreement: A Master Service Level Agreement (MSLA) is an SLA that defines the core services available to a customer by virtue of the customers’ affiliation with an organization, in this case the Department of State. Generally, these are the underlying services provided to customers at no charge, but which are required for value-added business services to function. These are often provided on a best effort basis.
Memorandum of Agreement: A Memorandum of Agreement (MOA) defines an agreement between parties to work together on a project or meet an objective where funds for services are anticipated. MOAs do not obligate funds themselves, but rather establish the terms of service. MOAs are often more specific in nature than MOUs and pertain to the goods and/or services identified in the agreement. Generally, the responsibilities of each party within the MOA are dependent on those of the other parties.
Memorandum of Understanding: A Memorandum of Understanding (MOU) defines an agreement between parties. It captures an end-state goal that is agreed to by the parties involved but does not involve fund transfers. MOUs are a means to coordinate and support programs between DT, the DOS, and other federal agencies domestically and abroad. Generally, the responsibilities of each party within the MOU are independent of those of the other parties.
Operational Level Agreement: An Operational Level Agreement (OLA) is an agreement between the service provider and another part of DT that supports and defines the service provider’s delivery of services to customers.
Process Improvement Governance Board: The Process Improvement Governance Board (PIGB) is a governing body that sets objectives and priorities, charters and sponsors process working groups, monitors their results, and manages change throughout the life of the working groups.
Service Level Agreement: A Service Level Agreement (SLA) defines the performance targets required to deliver services based on customer requirements. SLA performance targets provide a basis of understanding that allows the DOS to determine the necessary resources required to meet those targets and define the method of reimbursement for the service. SLAs are established per the Service Design Package approved through the Process Improvement Governance Board (PIGB).
5 FAM 154 GUIDELINES FOR ESTABLISHING MOUS, MOAS, IAAS, AND ISAS
(CT:IM-321; 06-07-2024)
a. The OMB Circular A-130 requires that system interconnections be supported by written management authorizations based on acceptance of risk to the systems. The DOS and other agency officials must implement technical and non-technical safeguards in accordance with guidance issued by the National Institute of Standards and Technology (NIST).
b. Installation and operation of the DOS network extensions and applicable hardware are established in 5 FAM 1064.1-2(A), 12 FAM 642.4-4, and supplemented by 5 FAH-11 H-830.
c. Performance measures and standard reporting techniques documented in service agreements must be implemented to keep DT management abreast of service performance in response to the OMB and the NIST guidelines, and Government Accountability Office (GAO) and the Office of Inspector General (OIG) audits. (See 5 FAM 130).
d. An MOU may only be effective indefinitely when required by a treaty or obligation. Agreements should be effective for as short a period as is practical, often five (5) years, but not to exceed nine (9) years absent a determination of need by the CIO.
e. DT is typically the service provider for MOAs it signs. With technology and budgets changing frequently, MOA effective dates must not exceed three (3) fiscal years absent a determination of need by the CIO.
f. The effective dates of an IAA must not exceed one (1) fiscal year. If the Department of Treasury's Financial Management and Budget Standardization (FMS) forms are used, the GT&C should not exceed three (3) fiscal years absent a determination of need by the CIO.
g. An ISA must be reviewed annually from date of signature, including a review of the interconnection’s system security plans and controls, or whenever a significant modification (as defined in the agreement) to the interconnection or the party’s system occurs. ISA effective dates should not exceed three (3) fiscal years absent a determination of need by the CIO.
h. All agreements must maintain Federal Information Security Management Act (FISMA) and related Federal compliance standards. If standards cannot be met and the risk to the DOS’s infrastructure can be documented, DT may consider the agreement null and void if the customer cannot comply.
i. Procedures established by DT are used in the drafting and clearance process for all MOUs, MOAs, IAAs, and ISAs.
5 FAM 154.1 Approval and Signature Authority for MOUs, MOAs, IAAs, and ISAs
(CT:IM-321; 06-07-2024)
a. The CIO or Acting CIO approves and signs all agreements that:
(1) Have an impact on policy initiatives or contain significant policy change;
(2) Have an impact on relations between or among the DOS, bureaus, state and local governments, other organizations, or the public;
(3) Are controversial in nature; or
(4) Require a financial reimbursement above $50,000.
b. The DCIOs and acting DCIOs have the authority to:
(1) Approve and sign renewals of existing agreements and their supporting documents; and
(2) Approve and sign new agreements and their supporting documents to provide DT services for which the annual reimbursable costs do not exceed $50,000.
c. The CIO approves and signs all new ISAs and the Chief information security officer (CISO) approves and signs ISA renewals.
d. IAAs may be signed by the DCIOs, the DT Executive Director, or a Contracting Officer. (See PIB 2013-3 Page 1 through 5, GT&C Remainder of Attachment 5, and PIB 2014-5)
e. Signature authority may not be re-delegated.
f. Go to the Fillable InterAgency Agreement (IAA) form for instructions on who should sign reimbursable interagency agreements first.
5 FAM 155 Guidelines for establishing SLAs
(CT:IM-321; 06-07-2024)
a. All SLAs are overseen by the designated PIGB working group.
b. The SLA remains active for the term documented within the agreement or until the DOS retires the service.
c. Procedures developed by PFM and approved by the PIGB are used in the drafting and clearance process for all SLAs.
d. SLA reviews are documented within the SLA along with a review schedule to establish standard review periods. The SLA reviews include all relevant service stakeholders. A review also occurs if the service, or any aspect of service delivery, incurs modifications that may affect the documented service targets. The review ensures that the service and service targets remain relevant to the delivery of the service.
e. Performance targets documented in the SLA originate from the requirements gathered from DT customers. The SLA targets define the necessary levels of achievement required to deliver the DT service balancing customer needs, security, cost, state of current technology, and the physical time it takes to actually complete work.
5 FAM 155.1 Approval and Signature Authority for SLAs
(CT:IM-321; 06-07-2024)
SLAs are approved by the DT Steering Committee or its designee.
5 FAM 156 GUIDELINES FOR ESTABLISHING OLAS
(CT:IM-321; 06-07-2024)
a. The OLA is reviewed on a regular basis by all stakeholders per the review schedule documented in the SLA for the service. A review also occurs if any party incurs or implements a change that may affect the supported service. The review ensures that the relationship between the parties and the tasks and activities performed in support of the service(s) remain relevant to the delivery of the service(s).
b. Performance targets documented in the OLA align with the targets documented in the supported SLA. The OLA targets define the necessary levels of achievement and the associated party required to deliver the DT service.
c. All OLAs are overseen by the designated PIGB working group.
d. The OLA remains active for the term documented within the agreement or until the DOS retires the service.
e. Procedures developed by PFM and approved by the PIGB are used in the drafting and clearance process for all OLAs.
f. Where services are provided in coordination with an office in another bureau, OLAs will be treated as MOUs or MOAs, as appropriate.
5 FAM 156.1 Approval and Signature Authority for OLAs
(CT:IM-164; 07-24-2015)
The Office Directors for the program offices responsible for service delivery have signature authority.
5 FAM 157 through 159 UNASSIGNED