UNCLASSIFIED (U)

1 FAM 270

BUREAU OF DIPLOMATIC TECHNOLOGY (DT)

(CT:ORG-662;   05-24-2024)
(Office of Origin:  DT/BMP)

1 FAM 271  Scope and Authority

1 FAM 271.1  Policy

(CT:ORG-662;   05-24-2024)

1 FAM 271 is the policy of the Department of State that provides a uniform handling of diplomatic technology programs and responsibilities.

1 FAM 271.2  Chief Information Officer (CIO) Responsibilities

(CT:ORG-662;   05-24-2024)

The Chief Information Officer:

(1)  Holds a rank equivalent to that of an Assistant Secretary.

(2)  Fulfills the responsibilities of the Chief Information Officer pursuant to subtitle III of the Clinger-Cohen Act, 40 U.S.C. Subtitle III, Chapter 35 of 44 U.S.C., the Federal Information Security Modernization Act of 2014 (FISMA) (Public Law 113-283), the Federal Information Technology Acquisition Reform Act (FITARA), and other applicable law, regulations, and directives.

(3)  Is designated the head of the Bureau of Diplomatic Technology (DT) under the Under Secretary for Management (M). The CIO reports directly to M when carrying out these functions in accordance with 1 FAM 044.2(4).

(4)  Delegates to the Assistant Secretary for Administration (A) management of the Department’s process for collection of information from the public, as mandated in the Paperwork Reduction Act while retaining oversight authority. See Delegation of Authority 226.

(5)  Exercises Authorizing Officer (AO) authority for development and administration of the Department’s computer and information security programs and policies except for Department systems that fall under the requirements of the Intelligence Community Directive (ICD) for Protecting Sensitive Compartmented Information (SCI) within Information Systems (ICD 503). For these systems the Bureau of Intelligence and Research (INR) is the Authorizing Officer (AO) and the Bureau of Diplomatic Security (DS) the Security Assessor.

(6)  Oversees the Department’s information communications technology (ICT) capabilities and operations, encompassing IT policy, planning, programming, budget formulation/execution, acquisition, architecture, cybersecurity workforce, strategy, software, and application development.

(7)  Ensures compliance with IT strategic planning, workforce, budget, investment management and information security statutory requirements and accomplishes mandated compliance reporting to the Secretary of State, the Under Secretary for Management (M), Department senior officials, Office of Management and Budget (OMB), and others as required by statutory requirements, including Federal Enterprise Architecture and e-Government objectives.

(8)  Represents the Department in Federal forums including the CIO Council, with members and staffs of Congressional committees, OMB, and other organizations having ICT and diplomatic technology oversight or impact in coordination with affected Department elements.

(9)  Serves as the principal adviser to the Secretary of State, the Under Secretary for Management (M), and other senior officials on matters pertaining to developing, implementing, and revising policies, plans, and programs to facilitate and strengthen the cost-effective, efficient, and timely application of information and communication systems, knowledge management, and technology resources to comply with applicable requirements and achieve strategic Department missions.

(10) Designates a senior agency information security officer pursuant to 44 U.S.C. 3554(a)(3)(A) that carries the title of Enterprise Chief Information Security Officer (E-CISO) and carries out the Chief Information Officer’s responsibilities under that subparagraph.

(11) Exercises substantive responsibility for following the Department’s regulatory publications related to IT and information resource management.

(12) Is responsible and accountable for IT Investments, funding priorities and IT Budget.

(a)  Participates in the decision process for annual, multi-year planning, programming, budgeting, and decisions with the Chief Financial Officer (CFO), the Procurement Executive Bureau of Budget and Planning (BP), the Under Secretary for Management, the Secretary of State, and other Department senior officials.

(b)  Provides the OMB Director with information for each major IT investment on at least a semi-annual basis.

(c)  Categorizes IT investments according to risk and conducts reviews of high-risk investments. 

(d)  Reviews annually the portfolio of IT investments using the criteria in FITARA. (see 5 FAM 1040)

(13) Chairs the agency’s strategic IT governing board

(14) Ensures DT participation in the Department’s Category Management Council chaired by the Procurement Executive in the Bureau of Administration (A/OPE).  See 14 FAM 250.  Ensures DT participation in the Department’s Category Management Council chaired by the Procurement Executive in the Bureau of Administration (A/OPE). See 14 FAM 250.

(15) Approves the selection of Deputy CIO’s and provides input into their performance evaluations.

(16) Approves any bureau CIO or individual who serves in a like role without the title as specified in 40 U.S.C. 11319(b)(2).

(17) Establishes critical element(s) in the performance evaluations for all bureau CIO’s or individuals who serve in a like role without the title as specified in 40 U.S.C. 11315(c)(3).

(18) Ensures availability of IT systems and operations, including IT contingency planning, to capably support the Department’s diplomatic, consular, and management operations.

(19) Exercises management responsibility for ensuring that the Department’s information resources meet the business requirements of the Department’s business practitioners.

(20) Provides an effective basis for knowledge sharing and collaboration within the Department and with other foreign affairs agencies and partners.

(21) Develops, implements, and maintains a sound and integrated information technology architectures for the Department.

(22) Establishes effective IT and information resource management policies, plans, and programs, and oversees IT management, governance, and oversight processes.

(23) Oversees IT, cybersecurity, and information resource management operations to ensure that the Department’s information and IT resources are designed, acquired, operated, maintained, monitored, and evaluated so as to comply with all applicable requirements and support the effective, cost-efficient, and timely achievement of the Department’s strategic missions to include, but not limited to:

(a)  IT security;

(b)  IT configuration management;

(c)  Workforce planning;

(d)  Knowledge management;

(e)  Modernization of the Department’s information systems;

(f)   Information technology architecture for the Department;

(g)  Establishment and promulgation of technical and operating standards for application to Department information systems; and

(h)  Analysis, prior to significant information technology investments, of the Department’s missions-related and administrative processes, with due consideration to restructuring and outsourcing, as appropriate.

(24) Maintains liaison, in coordination H Bureau and other affected Department elements, with members and staffs of Congressional committees having oversight responsibilities for the Department’s information resources and information resources management;

(25) Exercises substantive responsibility for following the Department’s regulatory publications:  Foreign Affairs Manual Volume 5, Information Management, and its related Foreign Affairs Handbooks in their entirety;

(26) Oversees the development, implementation, and evaluation of training plans with affected bureaus, to ensure that Department personnel acquire skills needed to manage and use existing and planned information resources;

(27) Performs such other functions as may be delegated by the Secretary of State or Under Secretary for Management (M).

(28) Exercises designated authority assigned to the CIO in FITARA and as outlined in OMB Memorandum M-15-14: Management and Oversight of Federal Information Technology, which includes requirements related to IT strategic planning and IT program performance monitoring and evaluation.

1 FAM 271.3  Organization

(CT:ORG-662;   05-24-2024)

See DT's website for an organization chart of the Bureau of Diplomatic Technology (DT).

1 FAM 271.4  Definitions

(CT:ORG-642;   10-31-2023)

Access Control Facility, Version 2 (ACF2):  A National Security Agency (NSA)-approved, C-2 rated software product.  It provides security for data stored on computer systems using the IBM Multiple Virtual System/Enhanced Services Architecture (MVS/ESA) operating system.

Alternate communications site:  Established by the Department of State’s Critical Infrastructure Committee, this site serves as the alternate communications and command and control center in the event of a major interruption of service, due to such things as a terrorist attack, fire, natural disaster, or catastrophic failure of the Department’s primary facilities in Washington, DC and Beltsville, Maryland.  These services include networking for all ClassNet and OpenNet Communications.

Call accounting:  The process by which call detail records for specific or groups of telephone extensions are collected and recorded for billing and traffic-monitoring purposes.

Capital planning:  An integrated management process that provides for the continuous identification, selection, control, life-cycle management, and evaluation of an information technology investment program designed to achieve a desired business outcome.

Central office of record (COR):  The office of a federal department or agency that keeps records of accountable communications security (COMSEC) material held by elements subject to its oversight.

Combined bureau processing centers:  The combined bureau processing centers (CBPCs) are classified network centers that provide a centralized infrastructure to support bureau foreign affairs information systems (FAIS) requirements.  These systems provide classified electronic e-mail capabilities for the bureaus.  The AF, PM, EAP, EB, NEA, and EUR bureaus have information-processing equipment located in the CBPC.

Communications security (COMSEC) account:  An administrative entity, identified by an account number, used to maintain accountability, custody, and control of COMSEC material.

Computer technologies:  The technology employed in developing and using computers, computer peripherals, operating systems, software, and communications systems.

Configuration management (CM):  The process of identifying and defining the configuration items in a system; controlling the release and change of these items throughout the system life cycle; recording and reporting the status of configuration items and change requests; and verifying the completeness and correctness of configuration items.

Data administration:  The organization responsible for the definition, management, organization, and supervision of data within an enterprise or organization.  A business function responsible for identifying, documenting, and modeling business information requirements and for maintaining the business’s set of data definitions and standards.

Database administration (DBA):  Technical support and configuration management of a data base management system.  DBA functions include system maintenance, user access control, review of new data base designs, data base change control, data base replication, and security issues and procedures.

Data Center:  A closet, room, floor, or building used for the storage, management, and dissemination of data and information and [used to house] computer systems and associated components, such as database, application, and storage systems and data stores [excluding facilities exclusively devoted to communications and network equipment (e.g., telephone exchanges and telecommunications rooms)]. A data center generally includes redundant or backup power supplies, redundant data communications connections, environmental controls, and special security devices housed in leased, owned, collocated, or stand-alone facilities.

Data replication:  The process of, or facilities for, maintaining multiple copies, subsets, or versions of data (copy management).  This process is normally managed by the data base administrator and can be primary-site (single location) or multi-site (multiple locations) in nature.

Department of State publications (DOSPUB):  A list of routing indicators and security levels for every post.

Desktop browser:  A suite of programs located in a desktop PC that allows both viewing and navigation from one node on the Internet or OpenNet, to another.

Desktop systems:  Typically, personal computer hardware, software, and other peripheral devices, that users have on their desks.

e-Government:  The use by the U.S. Government of web-based Internet applications and other information technologies, combined with processes that implement these technologies.

Enterprise Architecture (EA):  Enterprise architecture is defined by three unique groups:

(1)  The Department level business function and information flow;

(2)  The supporting technologies; and

(3)  The crosscutting security architecture.

    The business is defined through the functions performed and supporting information flows; the technology by the data, application, and technical infrastructure layers; and the security architecture that affects all layers.  In the architecture, the existing state is the “as is” or current architecture, whereas anticipated changes to meet the Department’s future needs are represented in the “to be” or target architecture.  A transition plan is included in the enterprise architecture to identify how the gap between the “as is” and the “to be” states will be closed.  Finally, a technical reference model and standards profile is included to provide the supporting technology with appropriate technical standards.

Field security:  A full life-cycle approach to verification of the integrity of post classified information-processing equipment.

Graphical user interface (GUI):  An interactive screen display by which the user can move a mouse to point the screen cursor at symbols representing data or instructions to the machine, reducing the need for keyboard typing.

Hardware assurance:  Hardware assurance is provided through investigatory procedures that review the technology safeguards applied to classified information-processing equipment for signs of tampering.

Information resources:  Information and related resources, such as personnel, equipment, funds, and information technology (IT).

Information resource management:  the process of managing information resources to accomplish Department missions and to improve agency performance, including through the reduction of information collection burdens on the public;

Information security:  Protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide:  Integrity, which means guarding against improper information modification or destruction, and includes ensuring information nonrepudiation and authenticity; confidentiality, which means preserving authorized restrictions on access and disclosure, including protecting personal privacy and proprietary information; and availability, which means ensuring timely and reliable access to and use of information.

Information system:  A discrete set of information resources organized for the collection, processing, maintenance, use, sharing, dissemination, or disposition of information.

Information system security officer program (corporate):  Designed to plan, implement, and coordinate the Department’s information system security program for corporate applications and networks and to provide support for the worldwide information system security officer’s activities.

Information Technology:  Any equipment or interconnected system or subsystem of equipment used in the automatic acquisition, storage, analysis, evaluation, manipulation, management, movement, control, display, switching, interchange, transmission, or reception of data or information by the executive agency, if the equipment is used by the Department directly or is used by a contractor under a contract with the Department that requires the use of that equipment; or of that equipment to a significant extent in the performance of a service or the furnishing of a product. Includes computers, ancillary equipment (including imaging peripherals, input, output, and storage devices necessary for security and surveillance), peripheral equipment designed to be controlled by the central processing unit of a computer, software, firmware and similar procedures, services (including support services), and related resources; but does not include any equipment acquired by a federal contractor incidental to a federal contract.

Information technology architecture:  An integrated framework for evolving or maintaining existing, and acquiring new, information technology to achieve the Department’s strategic and information resource management goals.

Infrastructure:  (Also reference network infrastructure, telecommunications infrastructure, telecommunications systems.)  Infrastructure is hardware, software, and cabling that provides high-speed data and voice services to all users within the Department, connectivity among the Department’s domestic locations and access to the Diplomatic Telecommunications Service Program Office (DTS-PO) international gateway or other communications connectivity.

Key management:  Key management is the supervision and control of the process whereby encryption-keying material, to include Fortezza-type certificate, is generated, stored, protected, transferred, loaded, used, and destroyed.

Key Mission Facilities:  Data centers that are physically inseparable from non-IT hardware (e.g., simulation and modeling devices, sensors, etc.) and perform a specific, non-standard sets of tasks (e.g., do not provide general purpose computing or storage services to Federal facilities). Separation of data collection, storage, and processing is technically possible but increases latency beyond a reasonable limit (e.g., MRI machines, weather stations, air traffic control systems, supervisory control and data acquisitions (SCADA) systems, etc.). Systems in remote locations where consolidation of the data center is detrimental to the Department mission; these range from embassy file servers in foreign countries to dam floodgate controls. Data centers where consolidation would create unacceptable negative impact on performance (e.g., Federal labs and research facilities, special processing nodes (SPPNs), high performance computing (HPC) nodes, and other similar systems). Data centers required for legal or logistical reasons.

Life-cycle management:  Life-cycle management is the ordered sequential process of planning, applying, and controlling the use of funds, human resources, and physical resources from the inception of a project throughout the operational life of the program.  This includes defining user requirements, concepts, and systems specifications; acquisition planning, source selection, system implementation, deployment, operations and maintenance, and deactivation.

Local area networks (LANs):  A user-owned and operated data transmission facility connecting a number of communicating devices such as computers, terminals, printers, and storage devices within a single building or a campus of buildings to provide a capability to share files and other resources among several users.

Major IT Investment:  An IT investment requiring special management attention because of its importance to the mission or function to the government, significant program or policy implications, high executive visibility, high development, operating, or maintenance costs, unusual funding mechanism, or definition as major by the Department’s capital planning and investment control process. Agencies should also include all “major automated information system” as defined in 10 U.S.C. 2445 and all “major acquisitions” as defined in the OMB Circular A-11 Capital Programming Guide consisting of information resources. OMB may work with the agency to declare IT investments as major IT investments. Agencies must consult with assigned OMB desk officers and resource management offices (RMOs) regarding which investments are considered “major.” Investments not considered “major” are “non-major.”

Message broker:  A middleware product to support program-to program communication between existing heterogeneous (i.e., not designed to work together) applications.  Message brokers are based on three principles:

(1)  Program-to-program connections are more manageable, effective, and durable than database-sharing strategies;

(2)  Many applications must exchange data every few seconds, minutes, or hours, rather than waiting for a nightly batch run; and

(3)  Connections cost less if arranged on a many-to-many basis, so messages and the development effort required to fit interfaces into application programs can be reused.

Messaging:  The electronic transfer of official and unofficial correspondence including e-mail.

Metadata:  Literally, “data about data.”  Information relating to business processes, data sources, and ownership, helping users to navigate through the data.

Middleware:  The set of software facilities that resides between a client’s application software and the server.  Middleware enables the application software to communicate with the server software.  Middleware includes remote procedure calls, message queuing, object request brokers, inter-process communications, remote file access, remote database access, message routing services, directory services, conversational services, time service, terminal services, and security services.

Mission-Essential Infrastructure (MEI):  This infrastructure consists of the Department's core network communication array designed to share data with posts and annexes around the world.  This array or backbone includes the networking and telecommunication systems within State Department Headquarters, the Beltsville Communications Center, and all other facilities, annexes, and posts that relay or bridge communications directly between two or more facilities.  The MEI within the Department serves to support the Department's mission-essential business processes that consist of telecommunications (i.e., OpenNet, ClassNet, and voice systems), mainframe operations and access controls, and official and unofficial messaging.

National Security Systems (NSS): Any information system (including any telecommunications system) used or operated by an agency or by a contractor of an agency, or other organization on behalf of an agency, whereas the function, operation, or use of which involves intelligence activities, involves cryptologic activities related to national security, involves command and control of military forces, involves equipment that is an integral part of a weapon or weapons system, or subject to note*, is critical to the direct fulfillment of military or intelligence missions; or is protected at all times by procedures established for information that have been specifically authorized under criteria established by an Executive order or an Act of Congress to be kept classified in the interest of national defense or foreign policy. Note* does not include a system that is to be used for routine administrative and business applications (including payroll, finance, logistics, and personnel management applications).

OpenNet:  A physical and logical Internet Protocol (IP)-based global network that links the Department of State's Local Area Networks (LANs) domestically and abroad.  The physical aspect of the network uses Diplomatic Telecommunications Service (DTS) circuits, leased lines, public and private internet Virtual Private Network (VPNs), and satellite networks both on premise and cloud.  This includes interconnected hubs, routers, bridges, switches, and cables.  The logical aspect of the network uses Integrated Enterprise Management System (NMS) and Transmission Control Protocol (TCP)/ Internet Protocol (IP) software, and other operational network applications.  OpenNet is a Sensitive But Unclassified (SBU) network, which supports e-mail and data applications.

Non-tiered Data Center:  Small server closets, telecom closets, individual print and file servers, and single computers acting as servers.

PBX:  Abbreviation for private branch exchange.  A private telephone exchange that provides on-premises dial service and may provide connections to local and trunked communications networks.

Premise distribution system:  Cabling and associated equipment installed in a facility, including the main distribution frame (MDF), intermediate distribution frames (IDFs), and telecommunications closets (TCs).  Protectors and grounding systems are included.

Repository:  A specialized type of database containing metadata.

Shadow or Hidden IT:  Refers to spending on IT that is not fully transparent to the  CIO and/or IT resources included as a portion of a program that is not primarily of an “information technology” purpose but delivers IT capabilities or contains IT resources. For example, a grants program that contains a portion of its spending on equipment, systems, or services that provide IT capabilities for administering or delivering the grants.

Standards:  An established basis of performance used to determine quality and acceptability.  As applied to information technology, standards characteristically address the implementation of technical and operating functions, and interfaces between equipment, between software packages, and between equipment and software packages.  Standards become rules when an appropriate authority so determines.

Systems assurance:  Ensuring availability, currency, and responsiveness over the system life cycle, it incorporates the disciplines of:

(1)  Change management;

(2)  Quality assurance;

(3)  Configuration management; and

(4)  Disaster recovery and contingency planning.

Systems integrity:  Systems integrity applies and provides resources and procedures to prevent unauthorized access to Department information and to ensure data integrity.

Technology safeguards:  Technology safeguards include the defensive counterintelligence methods and techniques that are applied to equipment to counter potential hostile threats.

Tiered Data Center:  Purpose-built physically separate and dedicated spaces with an uninterruptible power supply, a dedicated cooling system or zone, and a backup power generator for a prolonged power outage providing general compute resources to the enterprise.

Web technology:  The software and services including Telnet, file Transfer Protocol (FTP) and web servers used to build applications, other than email, that work on the Internet or OpenNet.

Wide area network (WAN):  A data transmission facility that connects geographically dispersed sites using long-haul networking facilities.

Wireless communications:  Radio, cellular telephone, and satellite communications, including Tactical Satellite (TACSAT), and International Maritime Satellite (INMARSAT).

1 FAM 271.5  Authorities

(CT:ORG-662;   05-24-2024)

a. A wide range of statutes and regulations govern the activities of the Bureau of Diplomatic Technology (DT). These include: The biennial State Department authorization acts and annual appropriations acts, as well as existing bodies of organic law, including the State Department Basic Authorities Act, as amended; the Budget Enforcement Act; the Foreign Service Act of 1980; and the Federal Managers’ Financial Integrity Act.

b. Other authorities that govern the DT Bureau include:

(1) Clinger-Cohen Act, as amended;

(2) Federal Information Security Modernization Act (FISMA), as amended, 44 U.S.C. Chapter 35;

(3) Federal Information Technology Acquisition Reform Act (FITARA), as amended, Title 40 U.S.C., Title 41 U.S.C. and Title 44 U.S.C.;

(4) E-Government Act, as amended, 44 U.S.C. Chapter 36;

(5) Government Performance and Results Modernization Act (GPRA) of 2010, P.L. 111-352;

(6) Federal Cybersecurity Workforce Assessment Act, 5 U.S.C. §301;

(7) Freedom of Information Act, 5 U.S.C. §552 and eFOIA amendments;

(8) Privacy Act, 5 U.S.C. §552a;

(9) Federal Records Act, 44 U.S.C. Chapter 31;

(10) Records Disposal Act, 44 U.S.C. Chapter 33;

(11) Paperwork Reduction Act, as amended, 44 U.S.C. 3501 - 3521;

(12) Federal Acquisition Streaming Act (FASA), as amended in Title 31 U.S.C. and Title 41 U.S.C.;

(13)  Declassification of State Department Records, 22 U.S.C. 4354;

(14) Department of State Delegation of Authority No. 466;

(15) Working Capital Fund for Department of State, 22 U.S.C. 2684;

(16) Increasing Opportunities and Access for Disadvantaged Businesses, 15 U.S.C. 644;

(17) Executive Order 13833;

(18) Code of Federal Regulations (CFR) Title 22-Foreign Relations, Chapter 1 Department of State;

(19) CFR Title 36-Parks, Forests, and Public Property, Chapter 6 section 1194 Section 508;

(20) CFR Title 41-Public Contracts and Property Management, Subtitle C 101 & 102; Subtitle E (reserved);

(21) CFR Title 48-Federal Acquisitions Regulations System, Chapter 6 Department of State Subchapter A, and Subchapter F, and Chapter 1 Federal Acquisition Regulation Subchapter F;

(22) OMB Circular A-130 Managing Information as a Strategic Resource;

(23) OMB Memoranda M-19-19 Update to Data Center Optimization Initiative;

(24) National Institute of Standards and Technology (NIST) Special Publications (SP) 800 series and Federal Information Processing Standards FIPS;

(25) Department of State Acquisition Regulation (DOSAR), 48 CFR Chapter 6;

(26) OMB memo m-15-14: Management and Oversight of Federal Information Technology;

(27) OMB memo M-21-30: Protecting Critical Software Through Enhanced Security Measures;(28) Other guidance and authorities, as appropriate.

1 FAM 271.6  Offices Attached Directly to the Chief Information Officer (CIO)

(CT:ORG-662;   05-24-2024)

DT/CIO provides direct management oversight to the Principal Deputy CIO (PDCIO) who manages all DT DCIO organizations, the Enterprise Chief Information Security Officer (E-CISO), the Chief Technology Officer, Office of the Chief Architect, Strategic Communications Management Unit, and External Affairs.

1 FAM 272  principal DEPUTY chief information officer for DIPLOMATIC TECHNOLOGY (DT/PDCIO)

(CT:ORG-662;   05-24-2024)

a. The Principal Deputy Chief Information Officer (PDCIO):

(1)  Advises the Chief Information Officer (CIO) on all matters related to the formulation and implementation of information technology (IT) programs and policies in support of the Department’s IT Strategic Plan and Foreign Affairs community;

(2)  Monitors the coordination and progress of all DT activities to ensure developing IT projects are mutually supportive; providing synergies, meeting established goals, making the best use of resources, and avoiding duplication;  

(3)  Oversees those responsible for integrating effective information security in all enterprise IT systems and networks, protecting them from cybersecurity vulnerabilities, and the preparation of countermeasures and contingency planning in the event of systems and network penetrations; and the establishment and operations of IT Governance and project management measures to monitor and assess their status and effectiveness;

(4)  Ensures the accurate flow of communication needed by a large, hierarchal organization to affect the efficient and constructive exchange of ideas and proposals; provide communications of leadership to promote a unified sense of purpose and direction;

(5)  Chairs the IT Executive Committee (ITEC) and all DT bureau governance boards and committees. Represents DT at Department of State and external forums that require Principal Deputy Assistant Secretary level participation.

b. DT/PDCIO also provides direct management oversight to the following offices and Deputy Chief Information Officer (DCIO) organizations, which make up the Bureau of Diplomatic Technology:

(1)  External Affairs Office (DT/EA);

(2)  Strategic Communications Management Unit (DT/PDCIO/SCM);

(3)  Office of the Chief Architect (DT/PDCIO/OCA);

(4)  Chief Technology Officer (DT/PDCIO/CTO);

(5)  Enterprise Chief Information Security Officer (DT/PDCIO/E-CISO)

(6)  Deputy Chief Information Officer for Cyber Operations (DCIO/CO);

(7)  Deputy Chief Information Officer for Business Management and Planning/Chief Knowledge Officer (DCIO/BMP);

(8)  Deputy Chief Information Officer for Operations (DCIO/OPS); and

(9)  Deputy Chief Information Officer for Foreign Operations (DCIO/FO).

1 FAM 272.1  Office of External Affairs (DT/PDCIO/EA)

(CT:ORG-662;   05-24-2024)

a. The Office of External Affairs (DT/EA):

(1)  Represents DT and/or the Department and the U.S. Government on intra, inter-agency and international efforts regarding DT external affairs issues such as the Emergency Communications Preparedness Center, the Cyber Coordinating Group, the Inter-department Radio Advisory Committee, and the U.S. NATO Civil Communications Planning Group; ensures that the CIO is represented on interagency committees addressing DT matters, as directed; coordinates issues as they relate to information security and cybersecurity with the DT Cyber Operations and E-CISO offices;

(2)  Supports the CIO by serving as a central point of contact for Other Government Agencies (OGAs), when appropriate, to facilitate requests across DT, particularly at overseas diplomatic and consular posts; acts as liaison and provides DT continuity to requesting agencies, working with other DT entities to ensure consistency between tenant agencies at post, their respective Headquarters, post Information Management Officers, and DT initiatives which affect OGA requirements at post;

(3)  Supports CIO to ensure Department senior management is aware of OGAs’ special requests and potential obstacles to meeting requirements; provides advice and guidance, as appropriate;

(4)  Ensures that agreements with other foreign affairs agencies, including those covering the terms and conditions under which the Department will provide information services, both domestically and at diplomatic and consular posts abroad, are consistent with the Department’s foreign affairs policies, goals, and objectives, as well as relevant DT and federal information management policies by working collaboratively across DT on behalf of the CIO;  

(5)  Consults, coordinates, and negotiates agreements with foreign governments, foreign telecommunications service providers, and international organizations encompassing the full range of the Department’s international information resources management requirements, including, as appropriate, reciprocal arrangements for wireless communications;

(6)  Provides guidance and support regarding the negotiation, implementation, monitoring, and improvement of secure communications between the United States and foreign senior national leadership;

(7)  Ensures the Department’s spectrum management responsibilities are met, including:

(a)  Represents the CIO and participates in the National Telecommunications and Information Administration (NTIA) Interdepartmental Radio Advisory Committee (IRAC) meetings;  

(b)  Conducts frequency assignment reviews and confirmations that support critical Department communications;

(c)  Responds to frequency requests from international communities;

(d)  Maintains a relationship with the interagency spectrum management community and foreign missions;

(e)  Coordinates and maintains national frequency requests and assignments; and

(f)   Secures frequency authorization for foreign missions.

(8)  Coordinates and implements high-level strategies for OIG engagements on behalf of the CIO; serves as the primary adviser to the CIO for coordinating senior-level communications with the OIG for IT management and operations; works collaboratively with the DT Strategic Planning Office to ensure day to day operations are aligned with DT’s OIG engagement strategy;

(9)  Coordinates and implements high-level strategies for Office of Inspector General (OIG) engagements on behalf of the CIO; serves as the primary adviser to the CIO for coordinating senior-level communications with the OIG; works collaboratively with the DT Strategic Planning Office and other DT entities to ensure day to day operations are aligned with DT’s OIG engagement strategy;

(10) Serves as the Department’s liaison to the U.S. Government Accountability Office (GAO) regarding DT-related engagements in coordination with the Department’s central GAO liaison, the Bureau of the Comptroller and Global Financial Services (CGFS); coordinates and implements high-level strategies for General Accounting Office (GAO) engagements on behalf of the CIO; serves as the primary adviser to the CIO for coordinating senior-level communications with the GAO; works collaboratively with other DT entities to ensure day to day operations are aligned with DT’s GAO engagement strategy;

(11) Plans and coordinates Emergency Management for DT Bureau, serves as the liaison with other Bureaus and Department of State emergency planning and response programs, coordinates and develops information and responses to special or unique inquiries and requirements from the CIO and PDCIO,  responsible for the annual Bureau Emergency Action Plan,  the Federal Emergency Action Plan for State, and State Annex – 9.

1 FAM 272.2  Strategic Communications Management Unit (DT/PDCIO/SCM)

(CT:ORG-662;   05-24-2024)

The DT Strategic Communications Management Unit (DT/SCM) develops and executes the strategic communications goals of the Department’s Chief Information Officer (CIO) and Head of the Bureau of Diplomatic Technology (DT). In addition to developing and disseminating unified messages and marketing campaigns to both internal and external customers of the Department, the SCM Unit strengthens DT’s ability to effectively communicate and fulfill the Department’s IT Strategic Plan (ITSP) Goals and Objectives—as identified by the CIO. In furtherance of these objectives, DT/PDCIO/SCM:

(1)  Collaborates with experts and stakeholders throughout the Department to develop, monitor, and manage communication policies, procedures, and standards to ensure the Department maintains a consistent, accurate, and appropriate official presence in its internal and external digital environments;

(2)  Conducts internal customer engagement outreach, using the appropriate vehicles, with the Department to communicate and drive stakeholder involvement in the Department’s collaborative effort required to achieve its IT goals and digital initiatives;

(3)  Conducts external customer engagement outreach (Federal agencies, private sector industry partners, Congress, etc.), using appropriate vehicles to communicate the IT goals, initiatives, and relevant experiences of the CIO and the Department; and stays appraised of external best practices; and   

(4)  Evaluates the effectiveness of communication and marketing campaign efforts through data analyses and customer feedback mechanisms, among other methods.

1 FAM 272.3  Office of the Chief Architect (DT/PDCIO/OCA)

(CT:ORG-662;   05-24-2024)

a. The Office of the Chief Architect develops and maintains four key segments of the Department’s Enterprise Architecture (EA) that will be used to ensure IT modernization efforts across the Department are mission aligned and strategically and tactically leverage modern IT capabilities and platforms.  The four EA Segments are:

(1) Business Architecture;

(2) Data Architecture;

(3) Technology Architecture; and

(4) Security Architecture.

b. The Office of the Chief Architect is comprised of:

(1) Enterprise Architecture Services Unit;

(2) Data Management Unit; and

(3) Innovation Services Unit.

c.  The Enterprise Architecture Services Unit (DT/OCA/EAS):

(1)  EAS develops and maintains Enterprise Architecture products and services in partnership with stakeholders across the Department to ensure IT modernization alignment with CIO initiatives, the Department’s goals, strategies, and IT service lines.  EAS’s technical architecture includes cloud platform roadmaps based on the Department’s Cloud Strategy and supports the IT Executive Council (ITEC) through the Enterprise Architecture working group. 

(2)  Oversees the IT Change Control Board (ITCCB) process, documentation, voting, and approvals. Incorporates all changes into the Department’s IT asset system of record for all hardware and software assets operating in production environments.  Provides overarching governance for the Local Change Control Boards (LCCBs).

(3)  Develops target architectures and security architecture frameworks through close coordination with the Cyber Operations (DT/CO), the Enterprise CISO (DT/PDCIO/E-CISO), the Bureau of Diplomatic Security (DS), and other key stakeholders.

d. Data Management Unit (DT/PDCIO/OCA/DM):

(1)  The Data Management Unit (DM) establishes data management policies and standards for the Department and facilitates data interoperability throughout the IT modernization process.  DM utilizes best practices to collect, store, tag, refine, and manage data for use across the Department.

(2)  Facilitates the implementation of various data related federal policies and mandates by maintaining the Enterprise Data Catalog (EDC). The EDC provides significant value in productivity and cost savings for the Department.

e. Innovation Services Unit (DT/PDCIO/OCA/IS):

(1)  Evaluates emerging technologies and solutions that support diverse business needs across the Department and matches these capabilities with customer needs and requirements.

(2)  Architecting new technology enablement, proofs of concept, and solutions through a standard development, modeling, simulation, and testing methodology and provides guidance to customers requiring new IT capabilities.

(3)  Provides centralized development lab service and research that is based on current and future technology standards and is based on industry best practices to ensure that technology innovation concepts are examined for applicability to support the diplomatic mission. 

1 FAM 272.4  Chief Technology Officer (DT/PDCIO/CTO)

(CT:ORG-662;   05-24-2024)

The Chief Technology Officer:

(1)  Explores, tracks, and tests emerging, disruptive Information Technologies relevant to the Department of State;

(2)  Advises the PDCIO, CIO, and other senior officials on technological developments impacting the Department’s IT operations;

(3)  Partners with DT Offices, Bureaus, and Posts to pilot maturing technologies, ensuring that training plans, governance, metrics, and adoption plans are ready as part of the technology transfer;

(4)  Coordinates new initiatives with the Chief Architect (OCA) to bring in new technologies in the Department’s IT architecture;

(5)  Works with the partner Information System Security Officers (ISSOs) to develop (IT Configuration Control Board) ITCCB and Authority to Operate (ATO) paperwork for the new products;

(6)  Provides a representative for the interagency CTO Council; and

(7)  Maintains extensive ties with peers in government and the private sector to identify and expand emerging technology solutions that support the Department’s broader mission.

1 FAM 272.5  Office Of The Enterprise-Chief Information Security Officer (DT/PDCIO/E-CISO)

(CT:ORG-662;   05-24-2024)

a. The Office of the Enterprise Chief Information Security Officer (DT/PDCIO/E-CISO):

(1)  Serves as Enterprise Chief Information Security Officer (E-CISO) for the Department

(2)  The E-CISO is the Department official designated to carry out the CIO’s responsibilities for ensuring agency compliance with the law, including development, documentation, and implementation of the agency-wide information security program under FISMA as defined by Federal Law and Guidance

b. E-CISO responsibilities consist of:

(1)  Providing information security governance commensurate with the risk and magnitude of the harm resulting from unauthorized access, use, disclosure, disruption, modification, or destruction of:

(a)  Information collected or maintained by or on behalf of the Department on information systems;

(b)  Information systems used or operated by an agency or by a contractor of an agency or other organizations on behalf of the Department;

(2)  Ensuring Department compliance with cybersecurity Executive Orders/Presidential Memoranda and Office of Management and Budget (OMB) policies & guidance;

(3)  Guiding the Department, in coordination with DS/CTS/TIE, to ensure systems and networks meet the minimum-security requirements and standards promulgated by the National Institute of Standards and Technology (NIST);

(4)  Conducting periodic risk assessments

(a)  FISMA requires agencies to conduct periodic assessments of the risk and magnitude that could result from unauthorized access, use, disclosure, disruption, modification, or destruction of information or information systems;

(5)  Develop, maintain, and implement policies & procedures;

(6)  Develop, document, and implement policies and procedures that are based on risk assessments;

(7)  Cost-effectively reduce information security risk to acceptable levels;

(8)  Ensure information security is addressed throughout the life cycle of a system or network;

(9)  Develop security plans for providing adequate information security for networks and systems or groups of information systems with a process for an annual review/update to the plans;

(10) Provide Security awareness training: In coordination with DS/CTS must provide security awareness training to personnel, including contractors and other users of the agency’s information systems to support operations and assets of the agency;

(11) Conduct periodic testing:

(a)  The Department is required to periodically test and evaluate the effectiveness of their information security policies, procedures, and practices as part of an agency-wide security program;

(b)  Frequency is determined by risk as published in Department policy.

(12) Conduct contingency planning: Implement plans and procedures to ensure continuity of operations for information systems that support the operations and assets of the agency;

(13) Assemble Security Architecture: In coordination with DT/DCIO/OCA, assemble a security ecosystem that delivers operational efficiencies while ensuring their vast—and expanding—infrastructure is protected that integrates with the Enterprise Architecture;

(14) Security Design.

c.  E-CISO additional roles & responsibilities:

(1)  Contribute to the design and approval of the comprehensive security strategy;

(2)  Incorporate provided asset, threat and vulnerability assessments to develop policy in order to reduce risk;

(3)  Oversee compliance initiatives in coordination with DS/CTS;

(4)  Develop and implement Cybersecurity Policy;

(a)  CISOs oversee and contribute to security policy development, to include:

·         Governance

·         Risk management

·         Compliance

(5)  HR management / involvement (in coordination with appropriate HR authorities);

(6)  Develop and track enterprise Cyber Metrics;

(7)  Develop and implement Identity and Access Management (IAM) policies;

(8)  Lead organization for the Department’s Cross Domain Support Office (CDSO) and coordinates with NSA on Cross Domain System (CDS) activities.

1 FAM 272.6  Compliance Reporting Unit (DT/PDCIO/E-CISO/CR)

(CT:ORG-662;   05-24-2024)

Compliance Reporting (CR) Unit is responsible for

(1)  Providing consistent, accurate, and timely reporting on IT security activities and managing the Plans of Action and Milestones (POA&M) that are identified during the system’s A&A process or by other sources.

(2)  Managing the delivery of program and project management artifacts to support the Department’s Cybersecurity compliance reporting for FISMA, Office of Inspector General (OIG), Government Accountability Office (GAO), President’s Management Council (PMC), and other internal and external entities.  

(3)  Overseeing the life cycle POA&M and information security related audit findings in support of the Department’s Information Security Program and provides federal oversight of the verification, and validation of POA&M closures and remediation.

1 FAM 272.7  Division of Policy, Liaison and Training (DT/PDCIO/E-CISO/PLT)

(CT:ORG-662;   05-24-2024)

a. PLT manages enterprise-wide cybersecurity policy, liaison, and training activities under CIO or E-CISO authorities;

b. PLT oversees the development of department-wide policy, provides policy advice, governance, and support to ensure compliance with federal cybersecurity programs and requirements;

c.  PLT’s liaison function facilitates collaboration among Department offices and Bureaus in support of cybersecurity initiatives, technical development, architecture security, and policy development; 

d. PLT plans, designs, monitors and coordinates the department Tips of the Day program and additional training programs in collaboration with department stakeholders for cybersecurity information and contingency planning.

1 FAM 272.8  Division of Global Information Technology Risk (DT/PDCIO/E-CISO/GITR)

(CT:ORG-662;   05-24-2024)

a. The Division of Global Information Technology Risk (DT/PDCIO/E-CISO/GITR):

(1)  Guides the Department in evaluating and taking calculated risks arising from the use of IT in support of the conduct of diplomacy to enable the prosperity and security of our Nation in compliance with 2 FAM 30, 31;

(2)  Provides risk advisory tools, services, and solutions to assess and analyze information risk arising from and affecting the Department’s global IT operations at the direction of, and under the authorities exercised by the Chief Information Officer (CIO) and Chief Information Security Officer (CISO), to better equip Departmental staff worldwide in practicing integrated risk management to promote the resiliency of the US Diplomatic mission;

(3)  Manages the Department’s cyber risk program and coordinates the identification, assessment and reporting of other IT risk;

(4)  Executes the risk executive function for the Department as outlined in NIST SP 800-37, at the direction of the CISO under the authorities of the Federal Information Security Modernization Act of 2014 (FISMA 2014), as delegated to the CIO;

(5)  Oversees and manages cyber risk at the bureau and Department levels in coordination with other Department offices;

(6)  Coordinates IT risk efforts with the Risk and Resiliency work group and cyber risk efforts with the Cyber Security work group of the Information Technology Executive Committee (ITEC); Maintains the IT risk register;

(7)  Advises IT governance boards and Department leadership on matters of IT and cyber risk by recommending escalations to the CIO through the Information Technology Executive Committee and as appropriate to the Enterprise Governance Board (EGB) through the Under Secretary of Management (M);

(8)  Establishes and governs the policies and procedures for managing enterprise IT risk;

(9)  Integrates IT risk management guidance on ranges of acceptable risk with the Department’s IT governance; produces DOS Cyber Scorecards; maintains DOS Cyber Dashboard;

(10) Enables a culture, at all levels throughout the Department of State, where IT risk is valued and intrinsic to decision making and resource allocation; and

(11) Represents the High Value Asset Program on behalf of the Department to the Department of Homeland Security (DHS) and the Office of Management and Budget (OMB).  Guides, coordinates, and oversees Department compliance with DHS and OMB HVA requirements.

(12) Maintains the Enterprise Cyber Risk Register; oversees the Cyber Risk Register Working Group forum;

b. GITR has two branches. Risk Solutions Branch (RS) and Risk Management Branch.

1 FAM 272.8-1  Risk Management Branch (DT/PDCIO/E-CISO/GITR/RM)

(CT:ORG-662;   05-24-2024)

The Risk Management Branch (DT/PDCIO/E-CISO/GITR/RM) Division:

(1)  Adds Department context to the IT risk approach through framing;

(2)  Consults with management across the Department on how to manage IT risk;

(3)  Tracks and guides the effort to implement the Department Cyber Risk Management Strategy;

(4)  Ensures required policies, procedures, and practices are developed and maintained to support the operation of the IT risk management program; and

(5)  Identifies the escalation and management of Key Risk Indicators (KRIs) to management and communicates responses to partners.

1 FAM 272.8-2  Risk Solutions Branch (DT/PDCIO/E-CISO/GITR/RS)

(CT:ORG-662;   05-24-2024)

The Risk Solutions Branch (DT/PDCIO/E-CISO/GITR/RS):

(1)  Recommend Departmental and Bureau risk tolerance levels which are composites of critical areas such as financial loss and harm to people;

(2)  Completes risk assessments for organizations across the Department;

(3)  Collaborates with the Information Systems Security Officer Oversight office on  system assessments to incorporate risk concepts in recommendations on requested deviations from policy and standards;

(4)  Reviews and provides guidance for applying risk determinations to system(s) authorization decisions;

(5)  Identifies sources of Key Risk Indicators (KRIs) and recommends solutions to fill information gaps;

(6)  Establishes processes to analyze input data to identify areas of change;

(7)  Develops informational dashboards for management;

(8) Tracks risks in a risk register and coordinates with partners to remediate risk where necessary; and

(9)  Assists in developing response and remediation actions across the Department.

1 FAM 273  DCIO for Cyber Operations (DT/DCIO/CO)

(CT:ORG-662;   05-24-2024)

The DCIO for Cyber Operations (DT/CO) serves under the supervision of the Principal Deputy Chief Information Officer (PDCIO), in the performance of operational cybersecurity responsibilities as specified under 44 U.S.C. 3544.

1 FAM 273.1  Office of Information System Security Officer Oversight (DT/CO/ISSO)

(CT:ORG-662;   05-24-2024)

The Office of Information System Security Officer (ISSO) Oversight oversees the Department ISSO Program and works with programs, posts, and bureaus to remediate vulnerabilities and ensure a high-level of cyber hygiene.  This Office is comprised of two Divisions as follows:

(1)  Regional and Domestic (RD) Division: The RD Division is responsible for ensuring that guidance to the ISSO community, system administrators and Information Management Officers at regional posts and offices worldwide is consistent with Department, Federal and Industry best practices for information security standards.  This division is responsible for directing the coordination of ISSO activities through the DOS enterprise that includes its domestic facilities and overseas missions. This division also works with E-CISO/PLT and FSI/SAIT to ensure ISSO training is adequate.

(2)  ISSO Operations (OPS) Division: The OPS Division initiates and delivers to posts new IT security solutions sets. OPS Division implements the Department’s technology toolsets to support the ISSO program worldwide and is responsible for coordinating efforts between DT Operations and DS/CTS, and for developing the appropriate ISSO tools within the Enterprise.  This Division coordinates remediation efforts through IT security planning, evaluation, analysis, guidance, verification, and validation of Plan of Actions and Milestones (POA&M) closures and remediation.

1 FAM 273.2  Cybersecurity Integrity Center (DT/DCIO/CO/CIC)

(CT:ORG-662;   05-24-2024)

a. Leads and oversees cybersecurity operations including preventative control monitoring and cybersecurity hygiene analysis and remediation  within and across Enterprise operated and managed infrastructure;

b. Collaborates and shares information with Diplomatic Security (DS) in fulfillment of DT’s obligations under the Joint Security Operations Center (JSOC) Memorandum of Understanding (MOU);  

c.  Ensures the confidentiality, integrity, and availability of networks and information systems and data consistent with CIO FISMA responsibilities and requirements, and in support of DT/CO’s responsibilities relevant to the Department’s information security program goals;

d. Leads, plans, organizes, conducts, and participates in working groups, committees and other related sessions between the DCIO/CO and other organizations to improve the quality of the Department’s cybersecurity operations;

e. Provides guidance to IT system owners, domestic and overseas, regarding execution of and adherence to federal and Department level cybersecurity directives concerning cyber hygiene monitoring, detection, and remediation response.

f.  Advises and assists Department senior management with cybersecurity objectives and responsibilities in concert with DS/CTS, DT/PDCIO/E-CISO, and other Federal intelligence and cybersecurity organizations.

1 FAM 273.3  Office of Assessment and Authorization (DT/CO/A&A)

(CT:ORG-662;   05-24-2024)

The Office of Assessment and Authorization is responsible for:

(1)  Ensuring the Department’s systems are compliant with FISMA, OMB A-130, NIST Risk Management Framework (RMF) NIST SP 800-37, Federal Information Systems Modernization Act 2014 (FISMA), Homeland Security Presidential (HSPD) and the NIST security controls in SP 800-53 by developing and providing all federal and NIST/FIPS-related guidance and training for system owners who are navigating the assessment and authorization process.

(2)  Management of the Department’s common controls program, including guidance development and oversight of common control providers, to ensure the common controls are compliant with Department standards, FISMA, OMB A-130, and NIST RMF NIST SP 800-37.

(3)  Appointing Authorizing Official Designated Representatives (AODR) for each Bureau and all Department information systems and external services such as cloud services.

(4)  Ensuring that Bureaus and system owners use all required DT/CO/AA tools and services to successfully implement the RMF and comply with FISMA.

(5)  Performing independent security control assessment for Low, Moderate and High impact systems to support initial authorization, continuous monitoring, or reauthorization of Department information systems.  DT/CO/AA may approve other qualified parties/organizations to perform the security control assessment.

(6)  Providing oversight of Bureaus’ development and testing of contingency plan testing, as required by NIST SP 800-53 and 800-34.

(7)  Ensuring system authorization is performed on all Department information systems, both classified and unclassified at the Low, Moderate and High impact levels.  (See 1 FAM 262.7-1 for SCI systems.)

(8)  Ensuring system authorization is performed in accordance with the approved Department’s implementation of the NIST Risk Management Framework, which is specified in 5 FAM 1066.1, 5 FAH-11, the Cyber Operations RMF Playbook, the Common Controls Playbook, and the Ongoing Authorization Playbook.

(9)  Reviewing updates and new issues of OMB, NIST and DHS guidance regarding NIST RMF, assessment and authorization (such as NIST SP 800-53 revisions) to determine timeframe for adoption, communicating requirements to system owners and common control providers, and coordinating updates to DT/CO/AA tools to support adoption.

1 FAM 274  Deputy Chief Information Officer for Business Management and Planning/Chief Knowledge Officer (DT/BMP)

(CT:ORG-662;   05-24-2024)

The Deputy Chief Information Officer for Business Management and Planning/Chief Knowledge Officer (DT/BMP):

(1)  Assists and advises the CIO in the execution of his or her responsibilities;

(2)  Ensures that the Department’s diplomatic technology decisions reflect the needs of the Department’s business practitioners.  DT/BMP anticipates changes in both technology and the business practices of the Department to ensure that the Department’s diplomatic technology programs fully meet information, e-Government, and knowledge management objectives;

(3)  Manages overall liaison, interface, and outreach functions within the bureau and Department to provide diplomatic technology policies and programs that best support the Department’s business practitioners and business practices;

(4)  Exercises strategic responsibility to ensure that State IT projects are developed and delivered on time, within budget, and in accordance with customer business needs;

(5)  Exercises leadership and provides management guidance to ensure that DT products and services delivered are accessible to internal and external customers around the globe are an effective and cost-efficient use of IT resources;

(6)  Exercises leadership on IT strategic planning, portfolio and project management, acquisitions, budget planning and execution, customer engagement and relationship management, strategic workforce planning, and e-Government;

(7)  Exercises strategic responsibility in the Department for developing and implementing improvements in information technology infrastructure, systems, and programs to improve communication and collaboration among U.S. foreign affairs agencies domestically and at posts and missions abroad;

(8)  Exercises leadership regarding the development and communication of IT procedural and DT Bureau functional policies to ensure clear, concise communication of IT processes, roles, and responsibilities;

(9)  As Chief Knowledge Officer, provides strategic direction and advocacy to manage knowledge assets and programs throughout the Department; ensures the availability of collaborative technologies that support knowledge leadership goals and objectives; and guides and supports knowledge management initiatives within State and between State and other agencies and foreign affairs partners;

(10) Provides liaison and fosters cooperation with other Federal agencies, educational institutions, nongovernmental, not-for-profit, and private-sector organizations regarding knowledge management and workforce planning initiatives, practices, and standards;

(11) Provides overall leadership of the Department’s e-Government initiatives and programs;

(12) Represents the Business Practices and Programs office in the IT Executive Council (ITEC);

(13) Provides budget formulation and execution guidance and support across BMP offices through the BMP budget unit;

(14) Provides overall leadership to the Strategic Workforce Planning Unit (DT/BMP/SWP);

(15)Plans, develops, and executes Diversity, Equity, Inclusion, and Accessibility (DEIA) programing for integration into DT organizational policies and practices spanning its talent management cycle to accomplish its diplomatic support mission. The DEIA function is led by DT’s DEIA Officer, who reports to the DCIO BMP, with an additional reporting line to the CIO and PDCIO. The DEIA Officer derives their authority, roles, and responsibilities from: The Department of State Authorization Bill S. 1635; Section 717 of the Civil Rights Act of 1964, as amended, 42 U.S.C. Section 2000e-16; Section 717 of Title VII and Section 501 of the Rehabilitation Act of 1973, as amended by Pub. L. 99-506, 100 Stat. 1807; U.S. Equal Employment Opportunity Commission (EEOC) Management Directive 715 (October 2003). DEIA functions include:

(a)  Delegate the role of DEIA officer to a full-time staff member;

(b)  Establish effective DEIA policy, goals, guidance, regulations, guidelines, plans, initiatives, and programs to advance and accomplish a diverse, inclusive, transparent, and collaborative work culture for DT and its employees;

(c)  Advise DT leadership, managers, business processes, and systems to ensure compliance with DEIA-related Executive Orders, regulations, guidance and requirements, including but not limited to: Presidential, Federal, and Department sources;

(d)  Establish, operate, maintain, support/engage with coordination infrastructure to align employee engagement toward infusion of DEIA principles into organization processes and systems (e.g. DEIA Advisory Council, Employee Affinity Groups, Department DEIA Working Groups, etc.);

(e)  Build a culture of learning through the identification, development, and delivery of education and training opportunities for targeted segments of the workforce, identified as solutions aligned to strategic goals to address organizational and cultural areas of improvement;

(f)   Establish measures of success for infusing DEIA across DT; collect and track data, and develop and circulate results through publication for stakeholders;

(g)  Collaborate with internal and external stakeholders including the White House, OPM, OMB, peer Federal agencies, academic and non-profit organizations, research institutions and private companies to keep pace with industry practices and methods.

1 FAM 274.1  Strategic Workforce Planning Unit (DT/BMP/SWP)

(CT:ORG-662;   05-24-2024)

a. The Strategic Workforce Planning Unit (SWP) develops strategies and initiatives to improve the recruitment, development, and retention of Foreign Service (FS), Civil Service (CS), and Locally Employed Staff (LE Staff) IT staff across the Department.  SWP works collaboratively and in partnership with the A/DT Executive Office (A-DT/EX), Global Talent Management Bureau (GTM) and Foreign Service Institute’s School of Applied Information Technology (FSI/SAIT).  In addition to leadership advisory and strategic support, SWP is responsible for developing IT workforce programs that focus on the recruiting, retaining, training, and developing of all IT professionals at the Department of State.

b. The Strategic Workforce Planning Unit (SWP):

(1)  Identifies IT workforce trends in government and related private industry sectors and conducts workforce competency studies/analysis to identify competency gaps at the Department;

(2)  Analyzes annual FS, CS and LE Staff IT workforce data to inform leadership on demographic trends and to report on strategic recommendations and initiatives;

(3)  Provides human capital strategies to close workforce gaps and promote an IT workforce equipped for future IT challenges;

(4)  Identifies new skills, knowledge, talents, and abilities needed to maintain a modern IT workforce and ensures they are integrated into the Department’s recruitment, training, and retention programs;

(5)  Defines the Department’s IT workforce objectives, analyzes the current state, and identifies future trends to establish workforce priorities, implement talent management strategies, and measure the outcomes of human capital initiatives for the IT workforce;

(6)  Manages the Experiential Training Program (ETP) to provide on-the-job development opportunities for IT employees at private and public sector organizations (e.g., NSA and Cisco);

(7)  Manages the Department’s IT Skills Incentive and Cybersecurity Skills Incentive Programs designed to develop and retain IT staff through incentive pay tied to maintaining critical and current skills, certifications and credentials;

(8)  Manages the FSI/FAIT Fellowship Program, in partnership with GTM, to recruit college students pursuing IT related degrees into the Foreign Service as entry-level Information Management Specialist (IMS).

(9)  Manages the Expanded Professional Associates Program – Information Management (EPAP-IM) with the GTM/Global Community Liaison Office (GCLO) to employ Eligible Family Members (EFMs) at post in information management positions;

(10) Works with FSI/SAIT to ensure that the Department’s IT training program aligns with the Department’s IT Strategic Workforce Plan and addresses critical skills gaps;

(11) Develops a recruitment strategy that aligns to the Department’s IT Strategic Workforce Plan; and

(12) Works with GTM Office of Talent Acquisition (TAC) to develop a marketing and social media strategy for Foreign Service IT recruitment and ensures Subject Matter Experts (SMEs) are identified to assist the Board of Examiners on oral assessments.

1 FAM 274.2  Strategy, Planning and Budget Office (DT/BMP/SPB)

(CT:ORG-662;   05-24-2024)

The Strategy, Planning, and Budget Office (DT/BMP/SPB):

(1)  Serves the State Department as a central decision support service for effective business, management, and planning decisions for the efficient use of technology in the execution of our foreign affairs mission.  SPB manages the activities of the Financial Management (FMD), Portfolio Management PMD), Governance and Process Improvement (GPI), and Strategic Planning (SPD) Divisions ensure that the IT budget, plans, processes, and strategies they produce are fully, effectively, and successfully integrated to meet the Department’s business needs;

(2)  Acts as the State Department’s senior advisor on strategic IT investment and planning. Ensures IT investments and initiatives are aligned with IT strategies and the State Department’s strategic objectives.  In accordance with regulations, IT directives, industry best practices SBP provides a line-of-site view of IT investments for effective decision making;

(3)  Performs the DT Bureau’s financial planning and management function, including budget formulation and funds control functions.  The office provides senior bureau management with a clear, transparent, and current financial reporting that reflects Departmental and DT budget decisions;

(4)  Manages the State Department’s Information Technology (IT) Portfolio Management function, and IT Capital Planning processes (Pre-Select, Select, Control and Evaluation) and maintains the capital planning tools;

(5)  Oversees the executive secretariat of the Information Technology Executive Council (ITEC) and ITEC working groups, which function as the Department’s executive governance board for IT investments, addressing enterprise IT challenges, solutions, budget formulation/execution, planning, architecture, cybersecurity, workforce, operations and standards;

(6)  Leads the formulation of the State Department’s Information Technology (IT) Strategic Plan, providing a strategic framework for DT, functional, management and regional bureaus to align IT investments to the mission of the State Department.  The IT Strategic Plan establishes the Department’s IT mission, vision and goals and associated performance indicators, in direct alignment with the Department’s Strategic Plan;

(7)  Leads the formulation of the DT’s Functional Bureau Strategy (FBS), which specifies the activities, milestones, deliverables, roles and responsibilities needed to implement the IT Strategic Plan;

(8)  Represents the State Department to the CIO Council, OMB, and Congress and other regulatory bodies regarding IT initiatives, investment and various regulatory issues.  Prepares reports, presentations, and other responses to internal and external inquiries regarding the State Department’s enterprise-wide IT portfolio; and

(9)  Supports DT's financial and portfolio management activities such as, but not limited to, tracking of bureau funds, financial planning, budget formulation, and budget execution by strategically developing, implementing, and maintaining automated and customer-friendly tools and business processes.

1 FAM 274.2-1  Financial Management Division (DT/BMP/SPB/FM)

(CT:ORG-662;   05-24-2024)

The Financial Management Division (DT/BMP/SPB/FMD) is responsible for the control of bureau funds, financial planning, budget formulation, budget execution, and the IT Working Capital Fund (WCF) Business Management Center.

1 FAM 274.2-1(A)  DT Budget Formulation and Budget Execution Branch (DT/BMP/SPB/FM/BGT)

(CT:ORG-662;   05-24-2024)

The DT Budget Formulation and Budget Execution Branch (DT/BMP/SPB/FMD/BGT):

(1)  Decision Support and Analysis

(a)  Collects and reviews all bureau budget requests for CIO review;

(b)  Conducts all DT budget related data entry and validation in the Bureau of Budget and Planning (BP) application systems;

(c)  Provides Financial Plan preparation and oversight for all DT Bureau appropriations;

(d)  Works with SPB’s Strategic Planning Division (SPD), Portfolio Management Division (PMD), Governance and Process Improvement Division (GPI), and BP to provide input and oversight for the DT’s IT Capital Investment Fund Financial Plan;

(e)  Provides responses to BP on DT Bureau related IT and other OMB and other inquiries;

(f)   Acts as the central Point of Contact (POC) for DT Financial Management policies.  Ensures compliance with the Chief Financial Officers (CFO) Act of 1990 and regulatory agency requirements;

(g)  Oversees all Financial Management practices, processes, and associated systems for the DT Bureau; and

(h)  Acts as the central authority on all staff access to DT Budget systems and the State Department’s COR accounting system, GFMS;

(2)  DT Funds Control;

(a)  Reconciles and validates all allotments from BP;

(b)  Manages, reconciles, and validates all reimbursements and transfers, both internal and external; and

(c)  Provides reporting to DT management on the status and use of all bureau funding;

(3)  Monitoring, Oversight and Reporting;

(a)  Monitors and reports to BP on Spend Plans, reimbursements, transfers, and funds control related to all DT IT WCF, direct appropriations, and DT IT fee-for service activities;

(b)  Oversees all financial, business, and contractual aspects of the IT WCF for all services to Bureaus across the State Department;

(c)  Monitors and assesses all IT Service Level Agreements (SLAs) relating to WCF charges and services provided to customer Bureaus to ensure that the charges track with services rendered;

(d)  Provides transparent reporting of cost and services to Bureau’s receiving services from DT;

(e)  Monitors and reports on the status of funds for all DT Program Offices, ensuring allocations are not exceeded, preventing anti-deficiency; and

(f)   Oversees all DT ULO’s for validation.

(4)  Manages DT’s Representation Funds.

1 FAM 274.2-1(B)  Working Capital Fund Branch (DT/BMP/SPB/FM/WCF)

(CT:ORG-662;   05-24-2024)

The Working Capital Fund Branch (DT/BMP/SPB/FMD/WCF):

(1)  Provides financial governance and guidance, gathers customer requirements, develops overall DT WCF business plans, reviews and reports on Service Level Agreements (SLA’s), provides Customer Advocacy and continuous improvement, and serves as the central POC/liaison with the Bureau of Administration Working Capital Fund (A/EX/WCF) generally and for WCF Operational Service Centers (OSCs);

(2)  WCF develops and maintains the DT WCF budget, ensures appropriate spending against spend plans, ensures adherence to the objectives of the OSC Plans, and provides cost impact analysis of requirements and change requests;

(3)  WCF reconciles issues regarding bills and invoices, resolves disputes, prepares revenue and expense reports, and provides financial management support to each DT WCF OSC; and

(4)  WCF provides financial reporting transparency and consistency, develops and manages streamlined service ordering processes, and develops and maintains a consolidated and scalable WCF billing system and calendar that supports each DT WCF OSC.

1 FAM 274.2-2  Portfolio Management Division (DT/BMP/SPB/PMD)

(CT:ORG-662;   05-24-2024)

The Portfolio Management Division (DT/BMP/SPB/PMD):

(1)  PMD provides an enterprise view, assessment, and governance for the State Department’s IT portfolios, investments, programs, and projects.  This oversight service provides financial transparency and alignment of IT initiatives with the Department’s IT Strategic Plan.

(2)  Implements the pre-select, select, control and evaluation functions of the State Department’s IT Capital Planning and Investment Control (CPIC) process for managing risks and IT investment returns associated with State Department’s IT initiatives;

(a)  Pre-Select: screens proposed IT solutions for unmet Department business requirements before funding is provided;

(b)  Select: reviews, scores, and selects well-founded business cases; and

(c)  Control/Evaluation:

(i)     Ensures the State Department’s major IT portfolios, investments, programs, and projects are performing as expected to meet the State Department’s business and strategic goals;

(ii)    Regularly monitors and analyzes IT business case performance measures, costs, and schedules, to identify at-risk IT projects/investments for TechStat review.  Assists project managers to develop remediation plans to mitigate identified investment risks;

(iii)    Conducts portfolio reviews and recommends the realignment of the IT portfolio based on any changes in mission, statutory or business requirements.

(iv)   Conducts performance reviews of major projects in the State Department’s current fiscal year IT capital asset plan;

(v)    Ensures IT business case information posted on the OMB’s web site (IT Dashboard) is current and accurate; and

(vi)   Conducts State Department reviews on underperforming IT projects and reports its findings to the CIO and the IT governance board.

(3)  Manages and coordinates the State Department’s IT Capital Planning activities:

(a)  Manages the formulation, preparation, guidance, and dissemination of the State Department’s IT Capital Asset Plans, in accordance with OMB’s Circular A-11 regarding IT budget reporting requirements for the Department’s IT investments;

(b)  Provides guidance to project managers on OMB-Circular A-11 project manager training requirements for certifications, and manages the State Department’s PM certification program;

(c)  Manages the operation, maintenance, enhancement, and user training of the capital planning tools and participates in the inter-agency working group, which updates the tool (i.e., electronic Capital Planning systems/tools and (I)TBM); and

(d)  Develops procedures for selecting, monitoring, and evaluating IT investments and provides reports to senior management on the State Department’s IT portfolio; and

(e)  Establishes, maintains, and improves comprehensive project management curricula in support of IT governance and project management support across the Department.

(4)  Serves as the State Department’s point of contact (POC) for coordinating State Department representation at OMB facilitated inter-agency meetings, working groups, conferences, and other forums.

1 FAM 274.2-3  Strategic Planning Division (DT/BMP/SPB/SPD)

(CT:ORG-662;   05-24-2024)

The Strategic Planning Division (DT/BMP/SPB/SPD) ensures Department and DT bureau policies and strategic planning documents align with and support stated goals.  SPD works in collaboration with DT offices and Department organizations to develop and report on performance related metrics that offer senior leadership insights into the effectiveness of selected programs and provide input to IT investment strategy decisions.  In furtherance of these objectives, DT/BMP/SPB/SPD:

(1)  Formulates and drafts the Department’s IT Strategic Plan (ITSP) and DT’s Functional Bureau Strategy (FBS) to align IT investments and budget with the Department’s mission.

(2)  Develops the ITSP and DT FBS performance plans and coordinates them with the State Department’s strategic planning activities in addition to monitoring and reporting progress made toward these plans;

(3)  Analyzes strategic and performance plans for DT and other bureaus and offices to ensure alignment to the Department’s IT Strategic Plan;

(4)  Formulates and provides input for the IT portion of the Department of State and United States Agency for International Development Joint Strategic Plan (JSP);

(5)  Formulates the annual Functional Bureau Strategy for the DT which contributes to the State Department’s overall annual performance report;

(6)  Tracks and reports on IT performance measures to internal and external stakeholders base on published plans;

(7)   Ensures that the Department of State’s interests are represented on CIO Council products (i.e., Federal Strategic Plan);

(8)  Coordinates and conducts the review, development, and revision of the content of Volume 5 of the Foreign Affairs Manual (FAM) and associated Foreign Affairs Handbooks (FAHs):

(a)  Ensures that 5 FAM/FAH policies and procedures are accurate, complete, applicable, and timely;

(b)  Addresses cross-cutting Department policies, regulations and procedures concerning Department-wide 5 FAM/FAH diplomatic technology issues; and

(c) Initiates and coordinates the publication of 5 FAM subjects and includes all relevant stakeholders in the clearance process;

(9)  Coordinates the initiation, update, and revision of 1 FAM 270 (DT) organizational statements:

(10) Coordinates the DT response to all Department FAM/FAH updates requiring DT clearance or input;

(11) Investigates the strategic and tactical implications, and the impact of emerging technologies on the delivery of IT and digital services to the Department;

(12) Serves as the State Department’s POC for coordinating State Department-wide responses to OMB, Federal CIO Council, and other interagency IT issues, directives, and guidance such as Clinger-Cohen, eGov Act, FITARA, Data Act, Open Government, Data.Gov, and various IT-related executive orders;

(13) Coordinates and acts as the DT Bureau POC for Office of the Legal Adviser, and requests for official DT bureau responses to eDiscovery requests, litigation holds, and other related requests for information;

(14) Serves as a repository for Department Information Resource Management documents, including regulations, procedures, and guidelines;

(15) Reviews proposed Federal information resource and information technology management statutes and regulations to provide comments and interpretations, as appropriate, to DT and other Department Bureau managers; and

(16) Analyzes emerging technologies to determine their applicability to the Department’s IT strategic direction.

1 FAM 274.2-4  Governance and Process Improvement Division (DT/BMP/SPB/GPI)

(CT:ORG-662;   05-24-2024)

The Governance and Process Improvement Division (DT/BMP/SPB/GPI):

(1)  GPI serves as the executive secretariat for the Information Technology Executive Council (ITEC) and ITEC working groups.  Supports DT bureau activities and participation in enterprise governance at the Management Undersecretariat level and above;

(a)  Providing staff and administrative support for ITEC and other enterprise governance meetings and workgroups;

(b)  Facilitates open and transparent information sharing and tracking of deliverables and accomplishments across all IT governance bodies;

(c)  Provides recommendations to ITEC on State Department IT proposals; and

(d)  Serves on and supports governance, process improvement, and project management ITEC working groups.

(2)  Continuously optimizes DT’s methods and project management process ensuring alignment with budget formulation and execution and the Capital Planning and Investment Controls (CPIC) process.

(a)  Introduces best practices, project management standards, and methodologies and data analytics;

(b)  Establishes IT project management tools that are based on a common framework;

(c)  Serves as a project management knowledge center which includes development and maintenance of a centralized knowledge repository containing templates, toolkits, and other project management resources, and ensures these are aligned with any project management guidance and governance from DT/BMP/SPB;

(3)  Provides Business Process Re-engineering (BPR) and Management service focusing on the analysis and design of optimized customer focused workflows and business processes.   

(a)  Adopts and supports the Information Technology Infrastructure Library (ITIL) framework, best practices through the recommendation of best practices that meet customer needs;

(b)  Continuously aligns and optimizes governance boards, working groups and committees;

(c)  Ensures all IT Governance initiatives appropriately incorporate Key Performance Indicators (KPIs) and Objectives and Key Results (OKRs) that are measurable and inspire desired action;

(d)  Leads the development of the governance and process-related policies in support of the Department’s IT strategic plan and CIO’s IT modernization initiatives; and

(e)  Leverages industry best practices and state-of-the-art Continuous Process Improvement (CPI) methodologies to ensure all automation initiatives result in optimized organizational solutions.

1 FAM 274.3  eDiplomacy Office (DT/BMP/EDIP)

(CT:ORG-662;   05-24-2024)

a. The Office of eDiplomacy (DT/BMP/EDIP) ensures the United States’ diplomats can leverage cloud, mobile, data, and other technology to support U.S. leadership in a freer and more prosperous world.  EDIP:

(1)  Advocates for diplomatic colleagues’ business and mission needs in IT investments, policies, and services with a focus on human-centered design (HCD) and user experience (UX) methodologies;

(2)  Partners with diplomatic colleagues to understand their business and mission needs, and the emerging trends and challenges associated with internal and external collaboration and information sharing, at all security levels; 

(3)  Supports the effective use of collaborative and knowledge sharing technologies for the Department personnel;

(4)  Provides analysis of evolving trends and evaluation of emerging issues in innovation and information technology to DT from the perspective of diplomatic practitioners;

(a)  Provides a center to consider, support, advocate for, and model innovation in both business practices and the use of information resources in the formulation and conduct of U.S. diplomacy;

(b)  Ensures that end-users’ needs and business practices are fully reflected in the Department’s information resource decisions;

(c)  Improves intra-Departmental, interagency, and intergovernmental communication and collaboration;

(d)  Develops and implements a knowledge management strategy for the Department;

(e)  Conducts information resource management activities with internal Department and external organizations, including other U.S. foreign affairs agencies, foreign governments, and foreign information technology providers;

(f)   Provides advocacy and advice in its areas of responsibility as a member of relevant Department boards, committees and working groups; and interagency and international forums; and

(g)  Develops and supports enterprise-wide knowledge tools, programs and networks, such as Diplopedia, Communities@State, and SearchState; as well as managing/operating the innovative Virtual Student Federal Service (VSFS) online, federal government-wide online internship program.

b. EDIP comprises four organizational units/divisions: the Diplomatic Innovation Division (DID), the Knowledge Leadership Division (KLD), the Customer Liaison Division (CLD), and the Business Requirements Unit (BRU).

1 FAM 274.3-1  Diplomatic Innovation Division (DID) (DT/BMP/EDIP/DID)

(CT:ORG-662;   05-24-2024)

The Diplomatic Innovation Division’s (DT/BMP/EDIP/DID) mission is to:

(1)  Cultivate relationships with public, private, academic, and think tank experts in design thinking, information technology (IT), and innovation, to identify best practices for human-centered design, user experience, and innovation, and apply these practices to help DT deliver advantageous, information age, IT-empowered diplomatic initiatives.

(2)  Through the DT Design Lab's training and interactive services, acculturate DT staff who provide IT products and services to effective human-centric methodologies, user experience techniques, and agile IT practices, thereby facilitating improvement in DT support to the Department and its mission.

1 FAM 274.3-2  Knowledge Leadership Division (KLD) (DT/BMP/EDIP/KLD)

(CT:ORG-662;   05-24-2024)

The Knowledge Leadership Division’s (DT/BMP/EDIP/KLD) mission is to:

(1)  Lead the Department’s knowledge management strategy, promoting programs that allow Department personnel to more effectively find and share knowledge; and

(2)  Support a variety of platforms that provide Department employees with innovative tools for knowledge sharing and collaboration. It also promotes collaboration and communication within the Department using latest cloud-based technologies.

1 FAM 274.3-3  Customer Liaison Division (CLD) (DT/BMP/EDIP/CLD)

(CT:ORG-662;   05-24-2024)

The Customer Liaison Division’s (DT/BMP/EDIP/CLD) mission is to:

(1)  Serve as the central DT point of contact for all domestic regional and functional bureaus; and

(2)  Provide liaison support services, information, and advocacy to all bureaus, DT services providers, and domestic and international user communities to ensure that the planning, design and delivery of IT products and services reflect clearly articulated business requirements and result in efficiency gains, and customer satisfaction, and optimized mission delivery.

1 FAM 274.3-4  Business Requirements Unit (BRU) (DT/BMP/EDIP/BRU)

(CT:ORG-662;   05-24-2024)

The Business Requirements Unit (BRU) engages with Department personnel to capture specific business requirements and coordinates across DT to identify solutions that meet the business owner’s needs.  BRU will:

(1)  Partner with internal and external customers to understand and capture business needs and detailed requirements;

(2)  Maintain a dialogue with customers to drive improved alignment between needs and development and ensure customer satisfaction; and

(3)  Develop and communicate best practices, use cases, and solutions that will support the mission of the Department.

1 FAM 274.4  Information Technology Acquisitions Office (DT/BMP/ITA)

(CT:ORG-662;   05-24-2024)

a. The Information Technology Acquisitions (ITA) Office centrally manages all IT acquisitions to modernize and streamline the full life cycle IT acquisitions process and improve the way in which IT services are delivered across the Department in the execution of our foreign affairs mission. ITA establishes a dedicated IT acquisitions cadre of experts that will improve the CIO’s ability to manage IT spending as mandated by FITARA and other federal mandates.  ITA’s focus is to establish a best-in-class acquisitions process with an emphasis on acquisition planning, industry engagement, and contract oversight and management.  ITA’s outcomes on acquisition include reduced cost, improved milestone planning to increase speed to award, fewer redundant contracts, increased transparency, and implementation of consistent contract standards. Any offices with new IT service or commodity IT contract requirements, or changes to existing contracts, must submit their acquisition needs to ITA for review.

b. The Information Technology Acquisitions Office:

(1)  Serves the State Department as a cadre of centralized IT acquisition expertise to address emerging IT acquisition complexities, technology, industry changes, and new service delivery models.  Identifies ways to improve how IT acquisitions support the delivery of IT solutions and services;

(2)  Leads the formulation of the State Department’s Information Technology Acquisition Plan, providing a strategic framework for DT, functional, management, and regional bureaus to acquire IT contract services that are centrally monitored and managed;

(3)  Manages the expanded use of Department-wide contractual vehicles such as Enterprise License Agreements (ELAs), Blanket Purchase Agreements (BPA), Indefinite Delivery, Indefinite Quantity (IDIQ) vehicles, and Government-Wide Acquisitions Contracts (GWAC) to optimize pricing, lower administrative cost, eliminate redundant contracts, provide administrative support, and improve transparency;

(4)  Provides overall leadership in the development of IT acquisition standards and best practices to ensure that procurement vehicles provide an effective and efficient means of delivering technology and services;

(5)  Ensures the Department’s information technology contracts integrate IT cybersecurity and applicable legislation, regulations and requirements including supply chain risk management principles, consistently;

(6)  Exercises strategic responsibility in the Department for preparing independent government cost estimates and total life-cycle cost estimates to support future enterprise agreements and re-competes;

(7)  Provides central management of all DT IT contracts. Provides tools and resources to track, analyze and manage vendor performance to control costs, mitigate risks, and drive continuous improvement.

(8)  Develops, manages, and maintains a centralized repository of flexible contract vehicles maximizing self-service use, consumption-based models, and commodity ordering options;

(9)  Manages overall liaison, interface, and outreach functions within the Bureau and Department to provide information technology contract management policies, programs, and training that best support the Department’s IT needs and mission; and

(10) Reviews all IT contract acquisitions and transactions covered under policies that require prior approval to ensure alignment with approved IT investment and strategic sourcing objectives.

1 FAM 274.4-1  IT Contracting Services (CS) Division (DT/BMP/ITA/CS)

(CT:ORG-662;   05-24-2024)

In collaboration with the Chief Information Officer and Bureau of Administration’s Office of the Procurement Executive (A/OPE), the Contracting Services Division develops and implements policies and recommends procedures related to the procurement of IT commodities and services.  ITA/CS develops, maintains, and implements a training plan for DT’s Contracting Officer’s Representatives (CORs) and Government Technical Monitors (GTMs).  The trainings expand the minimum training requirements cited in 14 FAH H-143.1 to improve the customer experience in the DOS program offices and increase the capability of CORs and GTMs to provide oversight and better position the contractors to meet the government’s needs.  ITA/CS:

(1)  Determines the effects of standard regulatory contract language based upon statutory requirements (e.g., FITARA, FISMA), and brief DT senior leaders on impact of compliance with new regulatory requirements with the goal of providing a clear structure within which Department employees can be empowered to innovate;

(2)  Develops DT’s IT procurement policy and collaborates with A/OPE and industry regarding IT acquisition standards and procedures; performs updates to FAM/FAH; ensures higher-level policies, laws and regulations are included in updates to DT’s IT procurement policy and implemented throughout the Bureau and/or the Department with the goal of making procurement policy lean and enabling;

(3)  Analyzes new and existing IT contracts and develop strategies to innovate and adopt best practices quickly;

(4)  Develops and maintains internal Standard Operating Procedures (SOPs) for creating and distributing IT Acquisitions strategies and policies; developing and maintaining SOPs for updating training materials and systematically promulgating updated information to the CORs and GTMs.

(5)  Maintains a library of standard templates, checklists, articles, results of pilot programs, lessons learned/retrospectives, and innovative approaches that are informed by end-user requests for market research and Request for Proposal (RFP) packages for re-use including Performance Work Statements (PWS), Statements of Work (SOW), Statement of Objectives (SOO), evaluation criteria, and other contract-related documentation;

(6)  Directs and oversees the creation of an extended training plan that includes lessons learned, best practices, and recent changes to the FAM/FAH, Federal Acquisition Regulations (FAR), and OMB guidance; develop guidance, instructions, and tutelage to CORs and DT GTMs (as an augmentation to the formal COR training requirements) to improve the employee’s knowledge and skills;

(7)  Write authoritative policy for all IT acquisitions to ensure that, per OMB M-15-14, IT acquisitions are:

(a)  Led by personnel with appropriate Federal Acquisition Certifications (FACs), including specialized IT certifications as appropriate;

(b)  Reviewed for opportunities to leverage acquisition initiatives such as shared services, category management, strategic sourcing, and incremental or modular contracting, and use such approaches as appropriate;

(c)  Supported by cost estimates that have been reviewed by the CIO;

(d)  Purchased using the approved vehicles; and

(e)  Inclusive of appropriate metrics, reporting, data, and security requirements.

1 FAM 274.4-2  IT Services Contract Management (DT/BMP/ITA/CM)

(CT:ORG-662;   05-24-2024)

The IT Services Contract Management Division (CM) provisions IT service contracts that meet customer needs for functionality, innovation, speed of delivery, and cost effectiveness.  ITA/CM supports IT service contract requirements throughout the acquisition life cycle (pre-award, award, and post award).  ITA/CM centrally manages IT service contracts under the CIO’s purview.  ITA/CM is comprised of Contracting Officer’s Representatives (CORs) that, upon designation by the cognizant Contracting Officer, will monitor, manage, and oversee IT services contracts.  ITA/CM:

(1)  Assists and advises the Chief Information Officer (CIO) in the establishment of IT service acquisition strategies and execution of IT service contracts;

(2)  Develops standard processes and requirements for CORs and Government Technical Monitors (GTMs) to follow that will modernize and streamline the full life cycle IT services acquisitions process with the goal of improving the way in which IT services are delivered across the Department and the cost associated with its delivery;

(3)  Leads requirements gathering and analysis for new or existing IT service contracts by meeting with customers, bureaus, posts, and stakeholders to define requirements and desired outcomes;

(4)  Reviews IT services technical requirements data and establishes new IT service contracts as required and appropriate;

(5)  Coordinates with bureaus, offices, and posts to determine requirements for shared IT service opportunities and establish new procurement vehicles as appropriate;

(6)  Provides comprehensive pre- and post-award contract strategy, sourcing, monitoring, and management services in the establishment and use of centralized IT services contracts;

(7)  Provides expert advice and guidance in the preparation of required documentation such as technical and business/functional requirements, the Acquisition Plan, market research, Justifications for Other Than Full and Open Competition (JOFOC), and other ancillary documentation for identified procurement requirements;

(8)  Directs, oversees, and manages the Department’s IT Services and labor contracts centralized within ITA/CM. Manages the administration and technical oversight of IT services and labor contracts in their portfolio, providing access and use of centralized IT service contracts;

(9)  Regularly meets with IT service customers, A/OPE, and vendors, to discuss service delivery and performance, including any issues;

(10) Establishes Contract Management Reviews (CMRs) with IT service customers, A/OPE, stakeholders, and vendors to identify challenges and opportunities, monitor non-performance/poor performance issues, and work to resolve service delivery and/or performance issues; and

(11) Build Government - vendor partnership for continuous communication and feedback to ensure accountability and identify areas for improvement.  Identify potential overlaps/redundancy in services delivered and recommend areas of consolidation in order to deliver value to the Government.

1 FAM 274.4-3  Software and Sourcing Management Division (DT/BMP/ITA/SSM)

(CT:ORG-662;   05-24-2024)

The Software and Sourcing Management Division (SSM) provides pre- and post-award maintenance and oversight for all Department IT enterprise license agreements, software contracts, and hardware commodity contracts.  SSM will consolidate and house IT software and hardware commodity Contracting Officer’s Representatives (CORs), designated by the cognizant Contracting Officer, to monitor, manage, and administer IT software and hardware commodity contracts that are centrally managed.  ITA/SSM:

(1)  Manages DT’s IT Blanket Purchase Agreements (BPAs), Catalogs, and Enterprise License Agreements (ELAs) and other contracts for IT commodities (i.e., software, hardware, and licenses).   CORs provide administration and technical oversight of IT commodity contracts within their portfolios; CORs also provide customer service/support regarding entitlements and use of the IT hardware and software and enterprise agreements that they manage; 

(2)  Reviews DT technical requirements data and establishes new commodities contracts as required and appropriate;

(3)  Provides comprehensive pre- and post-award procurement customer support and administrative services regarding access and use of centralized IT commodities contracts;

(4)  Coordinates with bureaus and posts to identify requirements for establishing new Enterprise Agreements;

(5)  Leads requirements gathering and analysis for new or existing IT software and hardware contracts by meeting with customers, bureaus, posts, and stakeholders to define requirements and desired outcomes;

(6)  Provides expert advice and guidance with the preparation of required documentation such as technical and business requirements, the Acquisition Plan, market research, Justifications for Other Than Full and Open Competition (JOFOC) and other ancillary documentation for identified procurement requirements;

(7)  Establishes and maintains a centralized software and enterprise license asset database as the system of record for software managed by ITA; and

(8)  Maintains accountability and adjudicates issues of compliance, leads negotiations and true-up initiatives on behalf of ITA customers.

1 FAM 274.4-4  Vendor Performance Management Division (DT/BMP/ITA/VPM)

(CT:ORG-662;   05-24-2024)

The Vendor Performance Management Division reviews contract performance measures and metrics and analyzes data to develop insights and recommendations into strategies that enhance vendor delivery to meet or exceed required performance levels.  The division coordinates with CORs to capture and report on contractor performance in delivery of IT services, resulting in optimizing best value to the Department.  ITA/VPM:

(1)  Establishes and maintains the framework for assessing vendor performance and contract utilization, developing contract performance monitoring frameworks, metrics, and measures for reporting contract performance and make recommendations on renewals and/or option year awards based on performance reports;

(2)  Leads or assists in performance requirements analysis, by collaborating with CORs, customers and stakeholders—expanding beyond program managers to define performance metrics;

(3)  Maintains a central repository of IT acquisitions managed by ITA, and related Department contract data;

(4)  Maintains a knowledge base of lessons learned, best practices around metrics received and collected, scorecards and areas for continuous improvement;

(5)  Performs data analytics to assess IT contracts and publishes performance data and analysis for use in enhanced decision making by customers and leadership. Establishes Service Level Agreements and reports on performance results;

(6)  Guides CORs and ITA customers in the development of Quality Assurance Surveillance Plans (QASPs), reviews vendor Quality Control Plans (QCP), Incentive and/or Disincentive Plans and reports findings as appropriate; measures and reports performance to Service Level Agreements;

(7)  Establishes regular Government-only outreach with ITA customers and stakeholders to ensure that the metrics provided for the products and or services delivered by the vendors are being met and are in alignment with the documented requirements;

(8)  Participates in Contract Performance Reviews with IT service/product contract stakeholders to report on performance metric status; and

(9)  Build Government - vendor partnership for establishing and reporting accurate and timely contract performance data to all stakeholders.

1 FAM 275  DEPUTY CHIEF INFORMATION OFFICER FOR OPERATIONS (DT/OPS)

(CT:ORG-662;   05-24-2024)

The Deputy Chief Information Officer for Operations (DT/OPS):

(1)  Provides overall liaison, interface, and outreach functions within the Department to supply the diplomatic technology operations that best support the Department’s mission and functions;

(2)  Provides direction and policy guidance on substantive operational activities in the DT Bureau to ensure that the Department and other foreign affairs agencies receive the full range of worldwide rapid, reliable, responsive, secure, classified, and unclassified voice and data information management operating systems, networks, programs, and support services in a cost-effective, customer service-oriented manner.  DT/OPS ensures that people with disabilities have access to information technology;

(3)  Provides enterprise-wide business systems, system integration, mainframes, and client/server operations, consistent with the principles embodied in the Information Technology Management Reform Act of 1996 (Clinger-Cohen Act);

(4)  Implements U.S. Government information management directives and directs DT’s providing of operational products and support services to the Department and to other foreign affairs agencies as diplomatic technology operating programs are implemented under Department inter-bureau and U.S. Government interagency agreements, as appropriate;

(5)  Provides leadership and technical experts for the U.S.-Russian Federation and Newly Independent States Direct Communications Link (DCL), the Nuclear Risk Reduction Center (NRRC), and the Government-to-Government Communications Link (GGCL), and such other similar systems, as may be established;

(6)  Provides technical guidance, consistent with the Department of State Enterprise Architecture and Information Technology Strategic and Performance Measurement Plans to bureaus and offices so that they can implement appropriate information technology operations;

(7)  Accounts for the management and overall security of the classified and unclassified mainframe systems; and

(8)  Oversees the Defense Liaison Office reporting to the DT Bureau.

1 FAM 275.1  Enterprise Network Management Office (DT/OPS/ENM)

(CT:ORG-662;   05-24-2024)

The Enterprise Network Management Office (DT/OPS/ENM), in conjunction with other DT offices and Diplomatic Telecommunication Service Program Office (DTS/PO), the ENM office is responsible for managing and overseeing the design, operation, and life-cycle management of the Department’s worldwide networks.  The office is comprised of three divisions and one staff office.

1 FAM 275.1-1  Network Engineering and Design Division (DT/OPS/ENM/NED)

(CT:ORG-662;   05-24-2024)

The Network Engineering and Design Division (DT/OPS/ENM/NED):

(1)  Provides technical guidance and support for the design, development, and engineering of the Department’s enterprise network;

(2)  Provides technical guidance and support for the design, development, and engineering of the Department’s server and client operating systems;

(3)  Validates applications to run on the Department’s network, as appropriate;

(4)  Performs capacity planning and ensures optimum performance of the Department’s networks;

(5)  Supports the DT Customer Center in consolidating wide-area network and operating system requirements; and

(6)  Oversees the development, implementation, and maintenance of the Integrated Enterprise Management System (IEMS), which includes proactive network monitoring, problem resolutions, escalation, troubleshooting, and trouble-ticketing.

1 FAM 275.1-2  Operations Division (DT/OPS/ENM/OPS)

(CT:ORG-662;   05-24-2024)

The Operations Division (DT/OPS/ENM/OPS):

(1)  Oversees and provides 24-hour management and administrative support for the Department’s networks;

(2)  Ensures the reliable operations and performance of classified/unclassified internet-working systems and network services;

(3)  Provides operational, administrative, and management support for the worldwide internet protocol (IP) network through the Department’s Enterprise Network Management Operations Center (ENMOC);

(4)  Provides operational support for the Department’s server and client operating systems; and

(5)  Provides technical support and coordination for detecting and correcting IT security vulnerabilities.

1 FAM 275.1-3  Networks Life-Cycle Management Division (DT/OPS/ENM/NLM)

(CT:ORG-662;   05-24-2024)

The Networks Life-Cycle Management Division (DT/OPS/ENM/NLM):

(1)  Provides oversight and management responsibility for developing and maintaining technical baselines for the network infrastructure;

(2)  Provides technical assistance in the form of testing, evaluating, and reviewing the enterprise network equipment, systems, services, and technical support for the Department’s Configuration Control Board (CCB);

(3)  Establishes and maintains a network configuration management plan (CMP) to monitor, track, and approve engineering changes, upgrades, modifications, procedures, precepts, and criteria.  DT/OPS/ENM/NLM maintains an accurate database of hardware, firmware, software, and documentation for the Department’s networking assets;

(4)  Conducts integration testing and evaluation for new or modified hardware or software for the enterprise network; coordinates software distribution, new releases, updates, fixes, and version controls;

(5)  Provides enterprise patch management support.  Provides patch support to mitigate vulnerabilities or provide alternate patch solutions for the DOS environment;

(6)  Provides asset management services (i.e., life-cycle replacement schedules) for Department IT Infrastructure; and

(7)  Provides acquisition and procurement support for products, labor, and services required for enterprise-wide IT management, operations, and maintenance responsibilities.

1 FAM 275.1-4  Telecommunications, Wireless and Data Services Division (DT/OPS/ENM/TWD)

(CT:ORG-662;   05-24-2024)

The Telecommunications, Wireless and Data Services Division (DT/OPS/ENM/TWD):

(1)  Advises the Director of Information Technology Infrastructure regarding all matters concerning voice, video-conferencing, voice/data, wireless services, and telecommunications infrastructure;

(2)  Develops and administers policy, standards, and procedures to conform with established Department architecture regarding voice, video-conferencing, voice/data, wireless services, and telecommunications infrastructure;

(3)  Maintains the Department’s voice, video-conferencing, voice/data, wireless services, and telecommunication services infrastructure, and associated support telecommunications systems;

(4)  Provides voice, video-conferencing, voice/data, wireless, data, and telecommunications services support to the Office of the Secretary for special infrastructure requirements; and

(5)  Serves as program manager for the Department's Enterprise Network Program (E-Net), which is modernizing State's data networking in the metropolitan area.  Program management includes responsibility for designing, developing, operating, and network managing premise networks (LANs), and for the metropolitan area network interconnecting the State Department Headquarters building and the annexes (MAN).

1 FAM 275.1-4(A)  Business Operations Management Branch (DT/OPS/ENM/TWD/BOM)

(CT:ORG-662;   05-24-2024)

The Business Operations Management Branch (DT/OPS/ENM/TWD/BOM):

(1)  Develops and implements policies, standards, and procedures regarding domestic telecommunications service to include call accounting, private branch exchanges (PBXs), domestic circuit acquisitions, and charge-back programs;

(2)  Administers acquisition of telecommunications service to include PBXs, domestic circuits, and premise distribution systems; and

(3)  Manages programs that provide for detailed call-accounting information, including long-distance calling activity.

1 FAM 275.1-4(B)  Domestic Telephone and Data Services Branch (DT/OPS/ENM/TWD/DTD)

(CT:ORG-662;   05-24-2024)

The Domestic Telephone and Data Services Branch (DT/OPS/ENM/TWD/DTD):

(1)  Develops and implements policies, standards, and procedures regarding domestic circuits, PBX operations, enterprise network (E-Net) operations, and telecommunications infrastructure; and

(2)  Plans, installs, and maintains the Department’s domestic circuits, PBXs, telecommunications infrastructure, and associated supporting telecommunications systems.

1 FAM 275.2  Messaging Systems Office (DT/OPS/MSO)

(CT:ORG-662;   05-24-2024)

The Messaging Systems Office (DT/OPS/MSO):

(1)  Advises the Deputy Chief Information Officer for Information Resources Management Operations and other high-level officials about messaging;

(2)  Has full responsibility for developing, implementing, and operating all Department-wide messaging;

(3)  Manages the integration of emerging technologies with existing and planned messaging programs;

(4)  Ensures messaging services are accessible to all offices of the Department and to other agencies; and

(5)  Provides technical experts for the U.S.-Russian Federation and Newly Independent States direct communications link (DCL), the Nuclear Risk Reduction Center (NRRC), the Government-to-Government Communications Link (GGCL), the Foreign Affairs Link (FAL), and other such initiatives.

1 FAM 275.2-1  Management Analysis Staff (DT/OPS/MSO/MAS)

(CT:ORG-662;   05-24-2024)

The Management Analysis Staff (DT/OPS/MSO/MAS):

(1)  Advises the director regarding all resource issues affecting the managing and administrating of the messaging systems office; coordinates resource requirements among all program elements within an office; and prepares and recommends resource proposals to be submitted to DT/EX;

(2)  Manages the messaging systems office professional development program, ensuring that its employees are appropriately trained for their responsibilities;

(3)  Manages, coordinates, and performs building and environmental maintenance in conjunction with DT/EX and A Office of Operations (OPR) offices;

(4)  Acts as the messaging systems office’s Government Technical Monitor (GTM) for its mission-critical contracts;

(5)  Coordinates program resources and is liaison to DT/EX for all office administrative and management issues such as budget, planning, staffing, training, equipment, space, desktop systems, inventory, procurement, etc.;

(6)  Prepares and monitors office performance measures and tracks the accomplishment of goals and objectives; keeps the office director informed of progress toward achieving the program’s mission; and

(7)  Manages the communications security account for the Communications Center and Secure Voice Center (i.e., COMSEC), cryptographic clearance (Access) procedures, and associated services according to 5 FAH-6, Communications Security Handbook.  DT/OPS/MSO/MAS manages the STU III/STE’s program for distribution, operations, and control for the DT Bureau.

1 FAM 275.2-2  Messaging Systems Products Division (DT/OPS/MSO/MRA)

(CT:ORG-662;   05-24-2024)

The Messaging Systems Products Division (DT/OPS/MSO/MRA):

(1)  Oversees the Department’s new messaging programs and identifies enhancements for existing systems, providing project management and quality assurance expertise;

(2)  Explores new messaging technologies of potential value to the Department, in conjunction with DT/BMP, and departmental foreign affairs messaging consolidation initiatives;

(3)  Formulates, coordinates, and recommends messaging policies concerning new messaging technologies for Internet initiatives and their applications to existing and planned systems, in coordination with the other DT Bureau offices; and

(4)  Provides central management and operational support for electronic mail and the combined bureau processing centers (CBPCs) core messaging applications.

1 FAM 275.2-2(A)  Quality Assurance Branch (DT/OPS/MSO/MT/QA)

(CT:ORG-662;   05-24-2024)

The Quality Assurance Branch (DT/OPS/MSO/MT/QA):

(1)  Develops configuration methods, procedures, and standards to support the development and implementation of messaging systems products;

(2)  Ensures quality and consistency of software and documentation;

(3)  Conducts internal configuration control board meetings, document reviews, and platform audits to define product content, predict user comprehension, and ensure delivery of product;

(4)  Ensures compliance with established validation and verification procedures; and

(5)  Manages the Department’s SA-34 computer network in support of development, test, and operation activities. Responsibilities include providing user support and conducting software and hardware inventory.

1 FAM 275.2-3  Special Messaging Operations Division (DT/OPS/MSO/SMO)

(CT:ORG-662;   05-24-2024)

The Special Messaging Operations Division (DT/OPS/MSO/SMO):

(1)  Manages and oversees the operations of the Intelligence and Special Communications (ISC) Center Branch and the Nuclear Risk Reduction Center (NRRC) Branch.  This includes:

(a)  Maintaining program management responsibilities and technical/operational liaison with the Department’s Executive Secretariat Operations Center (S/ES-O), Bureau of Intelligence and Research (INR), White House Communications Agency (WHCA), Central Intelligence Agency (CIA), National Security Agency (NSA), Defense Information System Agency (DISA), Department of Defense (DOD) and other DOS bureaus and offices to coordinate operation, maintenance and installation of voice, data and emergency messaging systems;

(b)  Maintaining special, direct communications channels between the Department and foreign governments via secure voice programs (Foreign Affairs Links – FAL), and data links (Government-to-Government Communications Links (GGCL), between the Nuclear Risk Reduction Center and foreign governments; and

(c)  Providing direct support to the Department of State’s Chief Information Officer (CIO) including negotiating interagency agreements, memoranda of understandings (MOUs), bilateral agreements and protocols;

(2)  Provides daily operational and technical support to the Executive Secretariat’s Operations Center (S/ES-O) for specialized communications and requirements.  This includes:

(a)  In the arena of the ISC, directly supporting the Secretary of State (the Secretary) and other Department principals with secure voice and video requirements both domestically and abroad;

(b)  Being responsible for the operation of the Department’s interface to the Defense Red Switch Network; and operation of the Ultra High Frequency (UHF) and satellite communications used to support the Secretary while traveling; and

(c)  Providing Tier 1 service, defined as daily operational and technical support, to the Staff Secretariat’s Operations Center (S/S-O) for specialized communications and requirements;

(3)  Manages the operation of the NRRC communications facility and related bilateral GGCL.  This includes providing coordination with foreign governments regarding maintenance and upgrades to equipment and telecommunications links, and maintaining currency of and updates to required international agreements; and

(4)  Provides technical counsel to the Department’s head of delegation, the CIO for the U.S. – Russian technical expert.  DT/OPS/MSO/SMO negotiates international agreements or treaties with foreign governments in support of the NRRC, Foreign Affairs Link (FAL), Direct Communications Link (DCL), Direct Voice Link (DVL), and Direct Telephone Link (DTL).  DT/OPS/MSO/SMO provides program management and negotiates with host country regarding the Department’s FAL and NRRC programs, including drafting/reviewing talking points and bilateral protocols.

1 FAM 275.2-3(A)  Intelligence and Special Communications Center Branch (DT/OPS/MSO/SMO/ISC)

(CT:ORG-662;   05-24-2024)

The Intelligence and Special Communications Center Branch (DT/OPS/MSO/SMO/ISC):

(1)  Manages and operates the ISC, a 24x7 operation.  This includes providing secure voice and data communications support to the Secretary and other principal officers;

(2)  Serves as the Department’s liaison and interface with the special intelligence community for data, voice, and message traffic.  This includes;

(a)  Providing operations and maintenance support for sensitive compartmented information (SCI); and

(b)  Being responsible for receiving and transmitting Critical Communication (CRITIC-COM) and SCI sensitive record traffic;

(3)  Through the Secure Voice Center (SVC), provides the Secretary and other Department principals with accurate, reliable, and secure communications’ support when traveling worldwide.  This includes installing, operating, and troubleshooting an array of secure data, video, voice, and facsimile communications terminal equipment and transmission links for the Secretary and the traveling party between site locations and the Department;

(4)  Operates and maintains a secure video conference facility for all Department principals;

(5)  Manages the CRITIC Network operations for the Department, which is the sole access and exit point for the Department’s CRITIC traffic; and

(6)  Performs other critical-sensitive classified communications activities.

1 FAM 275.2-3(B)  NRRC Messaging Center Branch (DT/OPS/MSO/SMO/NRRC)

(CT:ORG-662;   05-24-2024)

The NRRC Messaging Center Branch (DT/OPS/MSO/SMO/NRRC):

(1)  Manages and operates the NRRC, a 24x7 operation;

(2)  Maintains liaison and conducts communications facility and related bilateral technical negotiations with foreign counterparts to maintain GGCL and continuous communications links (CCL);

(3)  Serves as technical expert representative for the NRRC Communications on various inter-agency working groups (IWG), the Configuration Control Board (CCB), Engineering Working group (EWG) and the Standing Subcommittee on Upgrade (SSU); and

(4)  Performs other critical-sensitive classified communications activities.

1 FAM 275.2-4  E-Mail Division (DT/OPS/MSO/EML)

(CT:ORG-662;   05-24-2024)

The E-Mail Division (DT/OPS/MSO/EML):

(1)  Provides program management and direction for classified and unclassified electronic messaging (e-mail) processing systems, internet, OpenNet, Network Control Center (NCC), and Combined Bureau Processing Center (CBPC) operations;

(2)  Serves as a senior Department representative at inter-agency working group meetings on e-mail, firewalls, electronic directories, and associated technologies;

(3)  Coordinates, reviews, and monitors the operational life cycle of e-mail, Internet, SIPRNET, Open Source Information System (OSIS), OpenNet, NCC, and CBPC activities and recommends enhancements;

(4)  Provides information systems security support for the Department’s global classified, unclassified, and SBU e-mail systems and networks;

(5)  Provides management oversight and direction to on-site Microsoft Corporation support to the Department; and

(6)  Serves as the day-to-day manager of the worldwide Department mobile computing programs that support the Foreign Affairs community remote access requirements.  Mobile computing is defined as any program that includes technologies or applications designed to provide classified or unclassified access to Department networks by devices that are not continuously connected to one of the networks.

1 FAM 275.2-5  Main State Messaging Center Division (DT/OPS/MSO/MSMC)

(CT:ORG-662;   05-24-2024)

The Main State Messaging Center Division (DT/OPS/MSO/MSMC):

(1)  Manages and operates the Main State messaging center (MSMC), the remote messaging center in State Annex 44, and maintains technical and operational liaison with the Department’s Executive Secretariat’s Operations Center (S/ES-O), INR, other bureaus, offices, and agencies, to coordinate ongoing and emergency messaging;

(2)  Responsible for 24x7 message processing, message analysis and distribution, traffic research, and network management for Department enterprise messaging systems;

(3)  Serves as the primary technical and operational liaison between DT and the White House Communications agency, the Executive Secretariat’s Operations Center (S/ES-O), the Bureau of Diplomatic Security (DS), and other government entities for routine emergency messaging and telecommunications operational support; and

(4)  Provides operational life-cycle management for the Department’s Main State messaging center and satellite bureau message centers, supporting core-messaging applications in accordance with prevailing Federal statutes, regulations, and applicable legislation.

1 FAM 275.2-5(A)  Messaging Operations Branch (DT/OPS/MSO/MSMC/MOB)

(CT:ORG-662;   05-24-2024)

The Messaging Operations Branch (DT/OPS/MSO/MSMC/MOB):

(1)  Maintains 24x7 messaging liaison with bureaus, S/ES-O, posts, and other Federal agencies;

(2)  Performs high-level coordination of critical-sensitive messaging support functions with the Executive Secretariat (S/ES) Staff, White House, U.S. Department of Defense, and other offices, bureaus, and Federal agencies;

(3)  Provides telecommunications guidance to MSMC shift chiefs and communications personnel at posts;

(4)  Serves on telecommunication procedural, development, and operations planning groups within the DT Bureau;

(5)  Manages the worldwide messaging collective address and CRITIC test programs;

(6)  Performs message handling, processing and analysis, and distribution functions, 24x7;

(7)  Operates the MSMC Help Desk;

(8)  Manages the Department of State publications (DOSPUB) routing indicator program;

(9)  Operates core messaging and peripheral equipment to retrieve, correct, re-enter, and research messages and continuity journals;

(10) Operates the Defense Messaging System (DMS) Help Desk; and

(11) Performs world-wide management of various State Messaging Archive Retrieval Toolset (SMART) message validation and management queues for Department and other agency customers both domestically and abroad.

1 FAM 275.2-5(B)  Communications Systems Branch (DT/OPS/MSO/MSMC/CSB)

(CT:ORG-662;   05-24-2024)

The Communications Systems Branch (DT/OPS/MSO/MSMC/CSB):

(1)  Operates mainframe and ancillary message-processing systems, 24x7;

(2)  Performs telecommunications technical and network control, trouble analysis, and circuit management functions; and

(3)  Performs trouble analysis and circuit management functions to maintain cryptographic operations.

1 FAM 275.2-5(C)  Programming Branch (DT/OPS/MSO/MSMC/PRG)

(CT:ORG-662;   05-24-2024)

The Programming Branch (DT/OPS/MSO/MSMC/PRG):

(1)  Performs automated terminal system (ATS), State terminal automated relay system (STARS), and computer hardware and software maintenance for Department of State Headquarters and Beltsville, Maryland 24x7;

(2)  Performs the GTM functions for the contract that provides programming and system maintenance for DT/OPS/MSO/MSMC and some of DT/OPS/MSO/BMC system computers and peripheral equipment;

(3)  Performs LAN administration and hardware/software configuration management for PC and mainframe processing systems; and

(4)  Serves on the system development, technical, and operations planning group within the DT Bureau.

1 FAM 275.2-6  Beltsville Messaging Center Division (DT/OPS/MSO/BMC)

(CT:ORG-662;   05-24-2024)

The Beltsville Messaging Center Division (DT/OPS/MSO/BMC):

(1)  Manages and operates the Beltsville Messaging Center and the alternate Nuclear Risk Reduction Center (NRRC) messaging system.  Maintains technical and operational liaison with the Department’s Executive Secretariat’s Operations Center (S/ES-O), White House Communications Agency (WHCA), Diplomatic Telecommunications Service Programs Office (DTS-PO), Central Intelligence Agency (CIA), National Security Agency (NSA), and other agencies, bureaus, and offices to coordinate ongoing and emergency messaging 24x7;

(2)  Provides program oversight for the Department’s messaging systems worldwide;

(3)  Manages the Department’s primary global telecommunications network center and regional messaging relay facility;

(4)  Serves as designated alternate site facility for emergency messaging operations and the State Archiving System (SAS);

(5)  Provides management oversight of the entire State Annex 26 facility to include building operations and maintenance support for the tenant organizations; and

(6)  In accordance with policies and procedures established by A Office of Emergency Management, Policy and Planning Division (A/OEM/PPD) and the Domestic Emergency Action Committee, is solely responsible for all emergency operations and relocation facilities within the complex.  DT/OPS/MSO/BMC is responsible for classified operations, support, and memoranda of understanding (MOUs) related to the forwarded activities.

1 FAM 275.2-6(A)  Communications Operations Branch (DT/OPS/MSO/BMC/OPS)

(CT:ORG-662;   05-24-2024)

The Communications Operations Branch (DT/OPS/MSO/BMC/OPS):

(1)  Manages and operates the State automated relay system (STARS) red message switching computers and ancillary systems;

(2)  Performs telecommunications network management of the domestic communications links that support the diplomatic telecommunications service (DTS) network;

(3)  Serves as the Department’s on-site facilitator for interagency and inter-office network service requests;

(4)  Plans, develops, and implements the telecommunications operational methods and procedures used by the Department of State and other U.S. Government agencies; and

(5)  Directs and coordinates the development of system and data circuit requirements between the Department and other U.S. Government agencies.  DT/OPS/MSO/BMC/OPS maintains liaison with officials of other U.S. Government agencies concerning common telecommunications programs.

1 FAM 275.2-6(B)  Technical Services Branch (DT/OPS/MSO/BMC/TS)

(CT:ORG-662;   05-24-2024)

The Technical Services Branch (DT/OPS/MSO/BMC/TS):

(1)  Provides primary technical control and maintenance support for BMC primary operations, including circuit, multiplexer, and cryptographic analysis and troubleshooting;

(2)  Liaises with DT/ENM/GTS on circuit troubleshooting and installations for all overseas and domestic circuits that terminate into the STARS;

(3)  Provides COMSEC control for the BMC COMSEC accounts;

(4)  Provides site security support for managing and controlling physical access to the Beltsville locations to include:

(a)  Usage;

(b)  Handling;

(c)  Disposition; and

(d)  Control of classified equipment and materials; and

(5)  Provides guidance and assistance for the security programs and coordinates with SA-26 tenant organizations’ unit security officers, facilities management services, Diplomatic Security, and other U.S. Government security agencies to ensure physical security, communications, personnel, information systems, and TEMPEST security are maintained in accordance with National Institute of Standards and Technology (NIST), Federal Information Processing Standards (FIPS), and Diplomatic Security’s Office of Cybersecurity Guidance.

1 FAM 275.2-6(C)  Interagency Communications Support Activity Branch (DT/OPS/MSO/BMC/ICSA)

(CT:ORG-662;   05-24-2024)

The Interagency Communications Support Activity Branch (DT/OPS/MSO/BMC/ICSA):

(1)  Provides central program management, operational, application, and diagnostic services for all interagency communications activities supported out of Department Annex SA-26 and other selected DOS annexes;

(2)  Responsible for logistical services (warehousing and shipping) for worldwide interagency communications activities supported by the Department; and

(3)  Performs high-level coordination related to the support of critical-sensitive interagency communications.

1 FAM 275.3  Office of Consolidated Customer Support (DT/OPS/CCS)

(CT:ORG-662;   05-24-2024)

a. The Office of Consolidated Customer Support (DT/OPS/CCS):

(1)  Provides rapid, reliable delivery of quality products and services to all DT consolidated bureau OpenNet and ClassNet users and serves as the primary interface and facilitator for all DT products and services;

(2)  Implements long-range operational policies and plans in a highly dynamic and ever-changing environment;

(3)  Provides coordination and direction for desktop support services and helpdesk operations for facilities at domestic and overseas posts; and

(4)  Oversees the operations and management of two walk-in IT centers (IT Mart), governed by the principle of “one-stop shopping” to provide rapid, reliable services to DT’s OpenNet and ClassNet users.  

b. DT/OPS/CCS receives, logs, tracks, and manages service requests or queries received by walk-in customers and distributes requests to the appropriate DT action office (e.g., Public Key Infrastructure (PKI), mobile computing, or user accounts).  DT/OPS/CCS manages the IT Marts and expedites trouble calls when deemed necessary, to achieve speedy resolution and ensures that timely, coordinated responses/solutions are provided to all of DT’s consolidated bureau OpenNet and ClassNet users.

1 FAM 275.3-1  Information Technology Service Center (DT/OPS/CCS/ITSC)

(CT:ORG-662;   05-24-2024)

The Information Technology Service Center (DT/OPS/CCS/ITSC):

(1)  Provides a single point of contact for DT Bureau approved Department of State information technology (IT) products and services worldwide;

(2)  Manages the centralized DT IT Service Center for the Department, providing daily 24x7 IT helpdesk support.  DT/OPS/CCS/ITSC provides domestic and overseas employees with a single point of contact for information or assistance on DT bureau products, services, and standard commercial off-the-shelf (COTS) products, as well as specialized support for applications and services typically provided by other Department of State organizations when required;

(3)  Provides DT management and other Department bureaus with reports relating to operational event management, from preparing initial requests for services and records management to performing, monitoring, and closure;

(4)  Operates and manages specialized IT hardware, software, and peripherals for the bureau, division, and Department, supporting customers worldwide;

(5)  Provides operational event recording, tracking, and follow-up for all requests received at the DT IT Service Center from Department OpenNet and ClassNet users;

(6)  Provides first-level support (Tier-1) to Department OpenNet and ClassNet users, and when required, transfers and monitors completion-of-service requests to other DT service providers (Tier-2 and Tier-3) and Department technical support functions for resolution;

(7)  Provides “early warning” and other notifications of core outages and other events when necessary; and

(8)  Provides remote domestic IT support services for consolidated offices and/or bureaus requesting assistance.

1 FAM 275.3-2  Desktop Support Services (DT/OPS/CCS/DSS)

(CT:ORG-662;   05-24-2024)

The Desktop Support Services Division (DT/OPS/CCS/DSS):

(1)  Provides operations and technical support to domestic workstations;

(2)  Provides all systems integration, account administration, and network administration for consolidated bureaus and offices.  DT/OPS/CCS/DSS coordinates installation and administration of computer systems to other government agencies on OpenNet and ClassNet;

(3)  Coordinates imaging and continuing technical support for consolidated bureaus systems;

(4)  Conducts Tier-2 support from “desktop to wall plate” for all operation and maintenance (O&M) measures concerned with or directly related to user workstations for consolidated domestic bureaus;

(5)  Coordinates consolidated bureaus user requirements and schedules for desktop-related projects such as workstation refresh, local area network (LAN) integration, software upgrades, and office moves;

(6)  Ensures consolidated bureau workstations are functioning under and compliant with the guidelines set forth by the Department of State Standard Operating Environment (SOE-D);

(7)  Installs, updates, and configures IT Configuration Control Board (ITCCB)-approved desktop applications and hardware for supported domestic bureaus;

(8)  Supplies and maintains active directory (AD) accounts for supported consolidated bureau customers;

(9)  Supplies classified and unclassified e-mail accounts to consolidated bureau customers and conducts maintenance for desktop email applications;

(10) Supports mobile devices such as GO RSA tokens and BlackBerry for Department consolidated bureau customers;

(11) Coordinates with other domestic Department offices and bureaus to resolve any in-scope desktop support-related issues;

(12) Identifies and recommends to consolidated bureau customers appropriate training materials pertaining to the use of Department IT resources in coordination with the School of Applied Information Technology (SAIT) of the Foreign Service Institute (FSI) and bureau-specific IT training programs; and

(13) Issues and responds to relevant change-management actions within the Department of State to resolve desktop support issues.

1 FAM 275.3-3  Operational Support Services  (DT/OPS/CCS/OSS)

(CT:ORG-662;   05-24-2024)

The Operational Support Services Division (DT/OPS/CCS/OSS):

(1)  Provides quality control and oversight for DT’s customer support efforts via the Information Technology Infrastructure Library (ITIL) model;

(2)  Conducts oversight and monitoring of operational events and service requests to ensure they comply with established operational event management processes and procedures;

(3)  Conducts trending analysis and reporting on the operational event management process;

(4)  Is responsible for all activities required to diagnose the root cause of operational events and to determine the resolution of problems;

(5)  Controls and coordinates change, and ensures that standardized methods and procedures are used for the efficient handling of all changes;

(6)  Identifies, controls, and verifies the attributes of desktop-related configuration items (CIs) and maintains a configuration management database, recording all CIs and their relationships;

(7)  Provides IT asset management for all consolidated bureau workstations under DT/OPS/CCS ownership;

(8)  Conducts annual IT inventory reconciliation under the guidance of A/LM/PMP/PM and provides desktop numbers for IT consolidation invoices;

(9)  Provides replacement and warranty services for broken desktop equipment for bureaus participating in the Global Information Technology Modernization (GITM) program;

(10) Is responsible for design and implementation procedures, management of customer expectations, and quality control of the distribution and installation of changes to the desktop;

(11) Enforces policies, processes, and procedures to ensure that the Office of Consolidated Customer Support, Desktop Support Services Division (DT/OPS/CCS/DSS) service environment is in compliance with Department of State security guidelines (i.e., 12 FAM/FAH).  DT/OPS/CCS/OSS monitors supported domestic bureaus’ systems for security risks and re-evaluates the effectiveness of measures currently in place on a regular basis, as well as monitors all changes to the environment to determine risk;

(12) Provides information security for network resources and fulfills Information Systems Security Officer (ISSO) responsibilities with regard to maintaining requirements for all workstations on all Department network(s) and all users as defined by the service-level agreement (SLA) for fully consolidated bureaus and ISSO appointment memos;

(13) Installs patches and updates as they pertain to the Department of State SOE-D security posture; and

(14) Resolves the root cause of operational events to minimize the adverse impact of problems caused by errors within the IT infrastructure, and to prevent a reoccurrence of operational events related to these errors.

1 FAM 275.4  Systems and Integration Office (DT/OPS/SIO)

(CT:ORG-662;   05-24-2024)

The Systems and Integration Office (DT/OPS/SIO):

(1)  In conjunction with other DT offices, the SIO Office is responsible for:

(a)  Providing enterprise technology-based solutions and services in the areas of managerial, collaboration, compensation, post-specific administration, websites, and web-based applications;

(b)  Developing and implementing Department-wide systems integration and data management standards, policies, and procedures; and

(c)  Managing and operating the Department’s Enterprise Server Operations Centers (ESOCs); and

(2)  The office is comprised of five divisions and one major staff function:

(a)  Systems Strategy, Governance and Service Delivery Division (SGS);

(b)  Systems Development Division (SDD);

(c)  Systems Operations Division (SOD);

(d)  Enterprise Server Operations Center-Operations and Maintenance (ESOC-O&M);

(e)  Enterprise Server Operations Center-Design and Build (ESOC-D&B); and

(f)   Process and Performance Management Staff (SIO/PPM).

1 FAM 275.4-1  Systems Strategy, Governance and Service Delivery Division (DT/OPS/SIO/SGS)

(CT:ORG-661;   05-20-2024)

The Systems Strategy, Governance and Service Delivery Division (DT/OPS/SIO/SGS) Division is composed of three teams:

(1)  Financial Management (FM);

(2)  Systems Integration Portfolio Management (PM) (Note: DT/OPS/SIO/SGS/PM supports Portfolio Management within SIO/SGS.  DT/BMP/SPB/PM is responsible for Portfolio Management of the State Department’s IT portfolios enterprise-wide as defined in 1 FAM 274.2-3); and

(3)  Security Management (SM).

1 FAM 275.4-1(A)  Configuration and Asset Management Branch (DT/OPS/SIO/ESOC-O&M/AMB)

(CT:ORG-662;   05-24-2024)

The Configuration and Asset Management Branch (DT/OPS/SIO/ESOC-O&M/AMB):

(1)  Provides configuration management for all ESOC software and products;

(2)  Provides asset management for all ESOC equipment and accountable property; and

(3)  Provides oversight of all facilities issues associated with the various ESOC sites.

1 FAM 275.4-1(B)  Legacy Systems Support Branch (DT/OPS/SIO/ESOC-O&M/LEG)

(CT:ORG-662;   05-24-2024)

The Legacy Systems Support Branch (DT/OPS/SIO/ESOC-O&M/LEG):

(1)  Ensures that mainframe operations centers at ESOC sites are fully supported with appropriate and sufficient enterprise mainframe computer processors, and that environmental systems are monitored, controlled, and maintained on a normal operating schedule;

(2)  Manages, maintains, and controls the SIO’s mainframe backup solution at all ESOC sites;

(3)  Manages and directs the activities required to generate, reproduce, store, control, and distribute computer-generated information;

(4)  Analyzes and plans the most efficient workload for the mainframe computers, including developing job schedules, task assignments, timetables, priorities, and modifying job schedules to meet urgent demands or changing requirements;

(5)  Maintains and tracks any documents produced by the Department’s enterprise mainframe computers and maintains accurate up-to-date records of deliveries, pickups, and authorized Department customer offices;

(6)  Operates, maintains, and troubleshoots mainframe communications by recording events, detecting problems, and restoring services to communication equipment;

(7)  Manages operating systems, utility software development, installation, and maintenance for the Department’s mainframe computers; and

(8)  Provides the required analyses, design, development, maintenance, and deployment of mainframe communications control programs to facilitate open exchange of information between the enterprise mainframe computers and the Department’s customer systems, in conformance with established Department security architecture standards and policies.

1 FAM 275.4-1(C)  Level 1 Operations Support Branch (DT/OPS/SIO/ESOC-O&M/OPS)

(CT:ORG-662;   05-24-2024)

The Level 1 Operations Support Branch (DT/OPS/SIO/ESOC-O&M/OPS):

(1)  Ensures that the open-systems operations centers at ESOC sites are fully supported with appropriate and sufficient server capabilities and that all environmental systems are monitored, controlled, and maintained 24x7;

(2)  Ensures that all open systems are backed up in accordance with Department standards and conducts periodic tests to verify that all backup and restore procedures are working as designed;

(3)  Monitors all servers and the various connectivity points and interfaces to ensure systems are operating.  When outages occur, escalates the problem to Level 2 support and/or the appropriate system owner;

(4)  Manages the configuration elements of all systems owned by SIO that are within the ESOC;

(5)  Manages placement and inventory of all systems owned by bureaus that are placed within the ESOC;

(6)  Analyzes and plans the most efficient workload for the various ESOC servers, including monitoring production systems to identify trouble spots or bottle necks before actual failures occur and responding to urgent demands to make configuration modifications;

(7)  Operates, maintains, and troubleshoots communications equipment by recording events, detecting problems, and restoring services to communication equipment;

(8)  Manages operating systems, utility software, installation, and maintenance for the Department’s ESOC-based servers; and

(9)  Coordinates the facilities management activities for all ESOC server locations.

1 FAM 275.4-2  Enterprise Server Operations Center – Design and Build Division (DT/OPS/SIO/ESOC-D&B)

(CT:ORG-662;   05-24-2024)

The Enterprise Server Operations Center-Design and Build Division (DT/OPS/SIO/ESOC-D&B):

(1)  Provides the overall design and direction for new or refurbished Enterprise Server Operations Centers (ESOC);

(2)  Provides the project management to oversee the build-outs of new or refurbished ESOC facilities;

(3)  Provides the design for new and upgraded virtual infrastructure capabilities;

(4)  Researches and makes recommendations for upgrades to storage area network/network attached storage (SAN/NAS) storage capabilities;

(5)  Provides the overall technical recommendations for the open systems direction, selects hardware/software/firmware products, evaluates virtual processing capabilities, and provides management with the blueprint for future enhancements;

(6)  Provides the technical guidance for selecting, evaluating, implementing, and monitoring the standard operating systems used on all ESOC open systems;

(7)  Identifies technical solutions for the Department’s storage solutions, evaluates software, makes selections, oversees the implementation, and monitors the ongoing storage processes for accuracy and efficiency;

(8)  Plans the most efficient server configuration, server virtualization strategies, and utilization of computer-room space, backup configuration, and continuity of operations plans; and

(9)  Provides managed services support to ESOC customers including patch management, system upgrades, security compliance reporting, information assurance support, and product production testing and rollout.

1 FAM 275.4-3  Process and Performance Management Staff (DT/OPS/SIO/PPM)

(CT:ORG-662;   05-24-2024)

The Process and Performance Management Staff (DT/OPS/SIO/PPM) is responsible for two major functions:

(1)  Process Management - Analyzes current processes across the various SIO divisions, producing best practices and identifying gaps or inefficiencies; incorporates ITIL (Information Technology Infrastructure Library) practices across SIO; develops workflows and processes to support internal and external projects; standardizes SDLC (System Development Life Cycle), Standard Operating Procedures (SOPs), Configuration Control Board (CCBs), and (Service Level Agreement (SLA) processes across SIO; maps and represents team processes including business engagement; reviews processes periodically to ensure efficiency and relevancy; and Supports the DT Process Improvement Workgroup.

(2)  Performance Management - Documents existing baseline of performance metrics; analyzes metrics and data for compliancy, relevancy, and improvements; provides recommendations for improvement based on best practices, industry and/or economies of scale; gathers and reports data on key performance metrics; develops plans for performing performance inspections; and provides analysis to GTMs (Government Technical Managers) and CORs (Contracting Officer Representative).

1 FAM 276  DEPUTY CHIEF INFORMATION OFFICER FOR Foreign OPERATIONS (DT/FO)

(CT:ORG-662;   05-24-2024)

The Deputy Chief Information Officer for Foreign Operations (DT/FO):

(1)  Implements technology programs and services to support the conduct of diplomacy at foreign posts;

(2)  In conjunction with the other DT principals, provides direction and policy guidance on substantive operational activities in the DT bureau to ensure that the Department and other foreign affairs agencies receive the full range of worldwide rapid, reliable, responsive, secure, classified and unclassified voice and data information management systems, networks, programs, and support services in a cost-effective, customer service-oriented manner.  

(3)  Ensures that enterprise-wide business systems, systems integration, and client/server operations function at foreign posts, and are implemented in accordance with the principles embodied in the Information Technology Management Reform Act of 1996 (Clinger-Cohen Act);

(4)  In conjunction with other DT principals, implements U.S. government information management directives and directs DT’s providing of operational products and support services to the Department and to other foreign affairs agencies as diplomatic technology operating programs are implemented under Department inter-bureau and U.S. government interagency agreements, as appropriate;

(5)  Provides technical guidance, consistent with the Department of State Enterprise Architecture and Information Technology Strategic and Performance Measurement Plans to bureaus and offices so that they can implement appropriate information technology operations;

(6)  In conjunction with other DT principals, ensures the proper management, function, and overall security of the classified and unclassified systems and networks at foreign posts; and

(7)  Oversees the Defense Liaison Office reporting to the DT bureau.

1 FAM 276.1  Information Technology Infrastructure Office (DT/FO/ITI) CT:ORG-661;   05-20-2024

(CT:ORG-662;   05-24-2024)

The Office of Information Technology Infrastructure (DT/FO/ITI):

(1)  Advises the Deputy Chief Information Officer for Foreign Operations and other high-level officials in the Department regarding information and communications technology (ICT) infrastructure issues;

(2)  Directs and manages the development, maintenance, installation, and operations of the Department’s unclassified and classified information systems, telephone, radio, and wireless communications programs.  DT/FO/ITI provides for systems integrity and technology safeguards in conformance with established Bureau of Information Resource Management and Diplomatic Security standards and policies;

(3)  Implements policies, standards, and procedures to conform with established Department of State standards and policies to ensure effective and efficient ICT infrastructure; and

(4)  Evaluates the utilization of new technology as it applies to the Department’s ICT infrastructure.

1 FAM 276.1-1  LAN and WAN Service Division (DT/FO/ITI/LWS)

(CT:ORG-662;   05-24-2024)

The LAN and WAN Service Division (DT/FO/ITI/LWS):

(1)  Advises the Director for Information Technology Infrastructure on all matters concerning the installation and maintenance of local and wide-area network (LAN/WAN) infrastructure;

(2)  Administers policy, standards, and procedures to conform with established Department enterprise ICT architecture, and maintaining and installing LAN/WAN infrastructure;

(3)  Maintains the Department’s LAN/WAN infrastructure and associated supporting technologies;

(4)  Provides LAN/WAN infrastructure security to conform with Department security standards;

(5)  Develops acquisition plans for new requirements in partnership with BMP/ITA/CS and BMP/ITA/SCM in support of LAN/WAN services; and

(6)  Provides oversight and management for the Department’s Radio Program, Foreign Posts Telephone Program, and the Liaison Office to the Bureau of Overseas Buildings Operations (OBO).

1 FAM 276.1-1(A)  Liaison Branch/OBO (DT/FO/ITI/LWS/LOBO)

(CT:ORG-662;   05-24-2024)

The Liaison Branch/OBO (DT/FO/ITI/LWS/LOBO):

(1)  Provides OBO with DT's ICT requirements for space, environmental systems, cabling, and information security systems at new office buildings, New Embassy Compounds (NECs), interim office buildings (IOBs), and temporary office buildings (TOBs) at foreign posts;

(2)  Continuously reviews architectural, mechanical, and electrical drawings for NECs to ensure that IT facilities and environmental systems are adequate to accommodate DT's information, communications systems, and personnel; and

(3)  Tracks the progress of all NEC, IOB, and TOB projects and coordinates DT’s technical plans for acquisitions and installations and informs the appropriate program office of all project changes, schedule delays, and engineering changes.

1 FAM 276.1-1(B)  Installation Branch (DT/FO/ITI/LWS/ITL)

(CT:ORG-662;   05-24-2024)

The Installation Branch (DT/FO/ITI/LWS/ITL):

(1)  Implements policy standards and procedures regarding the installation of LAN/WAN infrastructure;

(2)  Plans, designs, installs, and documents installation of LAN/WAN infrastructure and related technologies;

(3)  Provides enterprise integrity and remediation for the Department’s installed information technology infrastructure; and

(4)  Provides technical training and oversight for information management technical specialists to develop a core base of communications specialists (COMPSPECS).

1 FAM 276.1-1(C)  Maintenance Branch (DT/FO/ITI/LWS/MNT)

(CT:ORG-662;   05-24-2024)

The Maintenance Branch (DT/FO/ITI/LWS/MNT):

(1)  Implements policies, standards, and procedures as they apply to maintaining the classified LAN/WAN infrastructure abroad;

(2)  Provides onsite preventative and remedial services for the continued operations or restoration of classified ICT systems at posts abroad;

(3)  Coordinates with BMP/ITA/CS and ITA/SCM in establishing service contracts for repairing and returning failed ICT hardware, firmware, or software, including International Maritime Satellite (INMARSAT), and for procuring new requirements;

(4)  Manages the Department’s INMARSAT communications contingency program;

(5)  Conducts regular visits to foreign posts to troubleshoot and repair defective equipment and software for unclassified ICT systems;

(6)  Conducts regular visits to foreign posts to provide operations and maintenance support for unclassified ICT systems in accordance with manufacturer’s recommendations, DT, and DS guidance and policies; and

(7)  Performs depot-level maintenance and testing on failed ICT equipment for foreign posts.

1 FAM 276.1-1(D)  Foreign Posts Telephone Branch (DT/FO/ITI/LWS/FPT)

(CT:ORG-662;   05-24-2024)

The Foreign Posts Telephone Branch (DT/FO/ITI/LWS/FPT):

(1)  Implements policies, standards, and procedures for maintaining and operating Private Branch Exchange (PBX) telecommunications systems at all foreign posts;

(2)  Plans, installs, and maintains PBX systems at foreign posts; and

(3)  Coordinates with BMP/ITA/CS and ITA/SCM in establishing service contracts for repairing and returning failed telephone hardware, firmware, or software and for procuring telephone systems.

1 FAM 276.1-1(E)  Radio Programs Branch (DT/FO/ITI/LWS/RPB)

(CT:ORG-662;   05-24-2024)

The Radio Programs Branch (DT/FO/ITI/LWS/RPB):

(1)  Implements policies, standards, and procedures for maintaining and installing high-frequency (HF), Ultra-high frequency (UHF), and very high frequency (VHF) radio systems, including TACSATS;

(2)  Engineers, designs, plans, installs, and maintains radio systems;

(3)  Provides emergency communications systems to posts in crisis situations and communications support for special operations;

(4)  Manages the Department’s Tactical Satellite Communications contingency program (TACSATS); and

(5)  Supports the Coordinator for Counterterrorism (S/CT) in deploying, operating, and maintaining Foreign Emergency Support Team (FEST) deployment packages for exercises and missions abroad.

1 FAM 276.1-2  Systems Integrity Division (DT/FO/ITI/SI)

(CT:ORG-662;   05-24-2024)

The Systems Integrity Division (DT/FO/ITI/SI):

(1)  Advises the Director of Information Technology Infrastructure on all key management infrastructure (KMI) matters, secure voice, PKI/biometric, and anti-virus programs used to implement and maintain information assurance and systems integrity;

(2)  Administers KMI policy, standards, and procedures regarding cryptography, information assurance, and systems integrity to conform with national and Department policy and regulations;

(3)  Provides comments concerning the development of national policy related to PKI, ICAM, COMSEC, including:  Federal Information Processing Publication Standard (FIPS) 201, Committee on National Security Systems (CNSS) 1300, 4009, and 4005, and others;

(4)  Provides technical security oversight and management for mainframe security, cryptographic services, and information integrity for the Department’s PKI/biometric and anti-virus programs; and

(5)  Coordinates DT integration, verification, and interoperability (IV&V) testing for the Department’s IT assets using or supported by anti-virus, cryptographic, mainframe, PKI, and biometric security systems.

1 FAM 276.1-2(A)  Domestic Technical Services Branch (DT/FO/ITI/SI/DTS)

(CT:ORG-662;   05-24-2024)

The Domestic Technical Services Branch (DT/FO/ITI/SI/DTS):

(1)  Implements policies, standards, and procedures for maintaining Domestic LAN/WAN infrastructure;

(2)  Provides technical services support for the Department’s command and control systems, which includes the Department’s Communications Center, Operations Center, Secure Voice Center, and classified data networks;

(3)  Provides 24x7 operations and maintenance services for the Secure Voice Center and the red switch telephones systems;

(4)  Provides Tier III engineering and maintenance support for the continuous operations and rapid restoration of classified networks in the Department’s Communications Center;

(5)  Provides installation, configuration, and maintenance support for the Department’s classified networks cryptographic systems/equipment; and

(6)  Provides installation and maintenance support for the activation and mobilization of the Department’s contingency operations at alternate sites.

1 FAM 276.1-2(B)  Cryptographic Services Branch (DT/FO/ITI/SI/CSB)

(CT:ORG-661;   05-20-2024)

The Cryptographic Services Branch (DT/FO/ITI/SI/CSB):

(1)  Advises all Department bureaus of encryption devices and technology necessary to comply with national and Department information assurance (IA) practices;

(2)  Implements key management infrastructure (KMI) policies, standards, and procedures as they apply to Type I, II, III encryption devices to include symmetrical and asymmetrical algorithms;

(3)  Manages the Department’s communications security (COMSEC) programs (i.e., COMSEC material control system (CMCS) and central office of record (COR)) to meet national cryptographic management and audit policy requirements;

(4)  Manages the Department’s cryptographic clearance (access) procedures and associated services to include maintaining 5 FAH-6, Communications Security Handbook; and

(5)  Manages the Department's secure voice program.

1 FAM 276.1-2(C)  Information Integrity Branch (DT/FO/ITI/SI/IIB)

(CT:ORG-662;   05-24-2024)

The Information Integrity Branch (DT/FO/ITI/SI/IIB):

(1)  Implements policies, standards, and procedures regarding information systems security to conform with Department regulations;

(2)  Manages the Department’s Mainframe Security program to ensure compliance with Department security policies and industry best practices.  DT/FO/ITI/SI/IIB develops, implements, and administers, policies, standards, and procedures regarding mainframe security, with specific emphasis on amplifying and correlating workstation and network-centric Department policies to the mainframe environment.  

(3)  Installs, tailors, configures, and operates all software packages designed to establish, facilitate, augment, and/or control:  

(a)  User identification and authorization;

(b)  Data and resource access control;

(c)  Security event monitoring and auditing; and

(d)  Cryptographic services support on mainframe hardware platforms regardless of the operating system;

(4)  Serves as COMSEC custodian for mainframe based cryptographic service systems.  DT/FO/ITI/SI/IIB monitors and advises on, as appropriate, the installation and operation of mainframe interfaces with the OpenNet, internet, or dedicated interagency communication links to ensure compliance with Department security guidelines; provides procedural safeguards for data transiting these boundaries;

(5)  In a custodial capacity:

(a)  Implements technical security controls on behalf of all mainframe system and application owners;

(b)  Advises on the secure design, installation, and operation of systems and applications;

(c)  Serves as a voting member on the SIO/EOC CCB on suitability of mainframe hardware and software selection and configuration;

(d)  Monitors and advises on security matters for ITCCB change records relevant to, or concerning interfaces with, the mainframes;

(e)  Conducts internal system security reviews and renders internal audit reports to all Department mainframe systems and applications owners;

(f)   Conducts real-time security event monitoring and mainframe network intrusion detection, and serves as a first level CIRT for security incidents originating on any mainframe platform or at its boundary interfaces;

(6)  Manages and coordinates the mainframe application ISSO program, in cooperation with CIO and DS, advises on all mainframe security relevant policies, coordinates intra- and inter-agency computer security issues, and supports certification and accreditation of mainframe resident applications or general support systems.  DT/FO/ITI/SI/IIB works with the PKI program and DT/OPS/ENM to facilitate and integrate PKI with the mainframe as a single sign-on methodology;

(7)  Implements anti-virus policies, standards, and procedures to conform with established Department of State architecture to ensure effective and efficient operations that protect critical automated information systems (AIS) against the threat of virus infection.  Through these safeguards, computer and communications resources, including the data they store, are available and free of malicious code virus infection.  The IIB:

(a)  Manages a Virus Incident Response Team (VIRT) capable of responding to virus alerts Department-wide and provides 24x7 on-call assistance and an 8-hour, 5-day Help Desk in support of anti-virus software products;

(b)  Maintains an anti-virus intranet Web site (accessible via the OpenNet) where the user community may obtain the latest versions of anti-virus software, virus signature files, virus alert information, and policy guidance 24x7;

(c)  Develops policy that mandates reporting virus discoveries to the VIRT;

(8)  Administers and implements policies, standards, and procedures regarding PKI, including digital signature and asymmetric public key encryption technology, to conform with Department regulations.  DT/FO/ITI/SI/IIB manages the Department’s PKI program, including establishing and operating the PKI Root Certificate Authority (CA) and all subordinate certificate authorities on all Department classified and unclassified networks, domestic and abroad;

(9)  Coordinates and manages the Department’s cross-certification with the Federal PKI Steering Committee Federal Bridge Certification Authority (FBCA) for classified and unclassified automated information systems digital signature and public key encryption interfaces to other federal agencies, state and local governments, foreign governments, and the public, domestic and abroad;

(10) Represents the DT bureau in all Department of State forums, and the Department of State in all federal forums, working groups, standing committees, and boards relative to the use of public key technology and infrastructure, and acts as the PKI technical advisor to all such groups within the Department.  DT/FO/ITI/SI/IIB coordinates DT integration, verification, and interoperability testing for the Department; and

(11) Manages the Department’s Biometric Logical Access program, including the integration with the Department and federal PKI programs, for all Department classified and unclassified networks, domestic and abroad.  

(12) Represents DT bureau in all Department of State forums, and the Department of State in all federal forums, working groups, standing committees, and boards relative to using biometrics for logical access control, and acts as the technical advisor to all such groups within the Department.

1 FAM 276.1-3  Technical Security and Safeguards Division (DT/FO/ITI/TSS)

(CT:ORG-662;   05-24-2024)

The Technical Security and Standards Division (DT/FO/ITI/TSS):

(1)  Advises the Director of Information Technology Infrastructure about all matters concerning hardware assurance and field surety program operations; and

(2)  Administers policy, standards, and procedures regarding hardware assurance and field surety programs to conform with Department regulations.

1 FAM 276.1-3(A)  Hardware Assurance Team (DT/FO/ITI/TSS/HAT)

(CT:ORG-662;   05-24-2024)

The Hardware Assurance Team (DT/FO/ITI/TSS/HAT):

(1)  Implements policies, standards, and procedures regarding hardware assurance to conform with Department regulations;

(2)  Investigates new hardware assurance technologies; and

(3)  Performs assurance procedures on newly acquired equipment.

1 FAM 276.1-3(B)  Field Surety Team (DT/FO/ITI/TSS/FST)

(CT:ORG-662;   05-24-2024)

The Field Surety Team (DT/FO/ITI/TSS/FST):

(1)  Implements policies, standards, and procedures regarding field surety programs to conform with Department regulations;

(2)  Performs technical counterintelligence processes for U.S. diplomatic missions abroad; and

(3)  Provides hardware safeguard services for U.S. diplomatic missions abroad .

1 FAM 276.1-3(C)  Systems Safeguards Team (DT/FO/ITI/TSS/SST)

(CT:ORG-662;   05-24-2024)

The Systems Safeguards Team (DT/FO/ITI/TSS/SST):

(1)  Implements policies, standards, and procedures regarding the deployment of nonsecure analog and digital telephone systems to conform with national and Departmental regulations;

(2)  Implements policies, standards, and procedures regarding the hardware integrity of cryptographic systems and their peripherals; and

(3)  Performs assurance procedures, certification, and/or validation of the Department's systems.

1 FAM 276.1-4  Global Information Technology Modernization Division (DT/FO/ITI/GITM)

(CT:ORG-662;   05-24-2024

The Global Information Technology Modernization Division (DT/FO/ITI/GITM):

(1)  Manages the Department's information technology (IT) programs by utilizing industry-standard project management methodologies.  A core staff, trained in program management practices, effectively executes and implements IT programs domestically and abroad;

(2)  Manages either an entire program's life cycle or specific program life-cycle segments.  When managing the entire program life-cycle process, GITM conducts a complete program management and acquisition strategy review and executes the actual program operations that include survey, design, building, delivery, installation, and transition to operations, maintenance, and customer service;

(3)  When managing only specific segments of a program's life cycle, GITM coordinates and interfaces with multiple Department organizational elements to ensure that the program management methodologies are applied effectively;

(4)  Ensures that industry standard program management methodologies are being effectively executed for all DT information technology programs conducted outside the GITM office and provides guidance and direction to all other DT elements for adhering to the concepts of program management, project scope planning, project time activities, financial accounting, project quality assurance and tracking, production control planning, project resource requirements determination, project risk management, configuration management requirements, and procurement strategies;

(5)  Provides management oversight, directs and implements major DT information technology programs (domestically and abroad), and advises the Deputy CIO for Foreign Operations, as required;

(6)  Ensures that GITM-managed programs comply with federal legislation guiding agencies such as the Federal Enterprise Architecture Framework (FEAF), FISMA. NSA guidance, OMB Circular A-130, and National Information Assurance Certification and Accreditation Process (NIACAP), as well as other legislation directing federal IT programs;

(7)  Establishes a technical operations function for baseline configuration, site-specific requirements, and systems design and provides technical coordination with all customers;

(8)  Establishes a deployment function to coordinate installation schedules, logistical deployment of material and personnel to customer sites, site preparation, install team preparation, and customer training;

(9)  Establishes a production control function to effectively manage multidisciplinary processes, control gates, quality audits, internal reviews, and production goals to ensure a reliable and timely workflow so that the deployment schedule is met within cost constraints and technical and quality criteria;

(10) Works with BMP/ITA/VPM to ensure that quality-control functions are defined and follow system performance measures, contract performance, and configuration management and baselines, and ensures that process documentation standards are developed during the program's life and adhered to; and

(11) Works with BMP/ITA/VPM to establish a program management function to ensure that life-cycle phases of a program are documented and coordinated in the following areas:  requirements definition, cost analysis, planning, financial management, reporting, automated management information system, and customer website development.

1 FAM 276.2  Regional Information Management Centers (RIMCs)

(CT:ORG-662;   05-24-2024)

DT/FO manages the regional information management centers (RIMCs) worldwide.  They perform the following duties:

(1)  Provide technical and operational assistance on all information management programs to the posts within their geographic region;

(2)  Formulate information management programs in the field, develop supporting budget and financial reports, and submit required administrative, technical, and analytical reports;

(3)  Provide direction to the information management technical specialists (IMTS) under their supervision and monitor technical program performance;

(4)  Examine and assess the effectiveness of ongoing communications and information systems programs and provide expertise necessary for enhancing area diplomatic missions' overall information management posture.  RIMCs recommend improvements to achieve maximum efficiency and security on information management projects and programs;

(5)  Conduct technical site surveys and develop plans for constructing or upgrading communications and data processing facilities.  RIMCs assist other foreign affairs agencies with their communications requirements; and

(6)  Coordinate Diplomatic Telecommunication Service (DTS) operations and policies with the area telecommunications office (ATO).

1 FAM 277  through 279  UNASSIGNED

UNCLASSIFIED (U)