Description ISC Oversight Roles and Responsibilities

ISC Oversight Roles and Responsibilities

  • DIT documented the ISC Oversight Committee’s general duties and responsibilities in memoranda to FEDSIM officials. However, a formal charter had not been developed that described, among other things, the committee’s purpose, reporting responsibilities, and meetings schedule.
  • Minutes for committee meetings had not been prepared.
  • The committee’s membership consisted of the Chief Information Officer (CIO), the Deputy CIO for Infrastructure, and a Division of Administration (DOA) Associate Director. DIT could benefit by expanding the committee’s membership to obtain greater user representation.
  • Subsequent to our field work, and based on the preliminary results of our audit, the FDIC formally adopted an ISC Oversight Committee Charter and expanded the membership of the committee during a January 29, 2008 meeting of the CIO Council. The ISC Oversight Committee charter requires, among other things, the appointment of a Secretariat who is responsible for scheduling meetings and recording minutes. Because these actions address our concerns, we are making no recommendation in this area.

The ISC Oversight Committee is a component of the ISC Governance Structure. Read the following text for a description of this structure.

The first level of governance is made up of three parts, the Award Fee Evaluation Board, FEDSIM, and SRA. The Millennia Contract for the ISC is between FEDSIM and SRA. FEDSIM also provides input to the Award Fee Evaluation Board.

FEDSIM has an interagency agreement with the FDIC, while SRA provides IT services and reports to the FDIC.

The second level of governance and all following levels are within the FDIC. The second level consists of the ISC Oversight Committee.

The third level of governance consists of ISC Program Management (Program Manager and supporting Subject Matter Experts), DIT’s Procurement Management Board, and the Division of Administration Acquisition Services Branch (ASB). The ISC Oversight Committee (from the second level of governance), ISC Program Management and ASB all provide input to the Award Fee Evaluation Board (in the first level of governance). ISC Program Management and ASB also participate in the ISC Oversight Committee.

The fourth and final level of governance consists of four groups that provide input to ISC Program Management (in the third level of governance). The four groups are Operations, Security, Engineering, and Asset Management and Procurement. Each group has a technical monitor and supporting subject matter experts.