Expanded Electronic Government


Green

Yellow

Red

Agency:

  • Has an Enterprise Architecture with a score of 4 in the “Completion” section and 3 in both the “Use” and “Results” sections;
  • Has acceptable business cases for all major systems investments and no business cases on the “management watch list;”
  • Has demonstrated appropriate planning, execution, and management of major IT investments, using EVM or operational analysis and has portfolio performance within 10% of cost, schedule, and performance goals;
  • Inspector General or Agency Head verifies the effectiveness of the Department-wide IT security remediation process and rates the agency certification and accreditation process as “Satisfactory” or better;
  • Has 90% of all IT systems properly secured (certified and accredited);
    AND
  • Adheres to the agency-accepted and OMB-approved implementation plan for all of the appropriate EGov/ Lines of Business/SmartBuy initiatives and has transitioned and/or shut down investments duplicating these initiatives in accordance with the OMB-approved implementation plan.

To maintain green status, agency:

  • Has ALL IT systems certified and accredited;
  • Has IT systems installed and maintained in accordance with security configurations;
  • Has demonstrated for 90% of applicable systems a Privacy Impact Assessment has been conducted and is publicly posted; AND
  • Has demonstrated for 90% of systems with personally identifiable information a system of records has been developed and published.

Agency:

  • Has an Enterprise Architecture with a score of 4 in the “Completion” section and 3 in either the “Use” or “Results” sections;
  • Has acceptable business cases for more than 50% of its major IT investments;
  • Submits security reports to OMB that document consistent security improvement and either:
    • 80% of all IT systems are properly secured; OR
    • Inspector General or Agency Head verifies the effectiveness of the Department-wide IT Security Plan of Action and Milestone Remediation Process;
  • Has demonstrated appropriate planning, execution, and management of major IT investments, using EVM or operational analysis, and has IT portfolio performance operating within 30% of cost, schedule, and performance goals;
    AND
  • Has an up-to-date agency-accepted and OMBapproved implementation plan for all of the appropriate E-Gov/Lines of Business/SmartBuy initiatives rather than creating redundant or agency unique IT projects.

Agency:

  • Does not have an Enterprise Architecture with a score of 4 in the “Completion” section and 3 in either the “Use” or “Results” sections;
  • Does not have acceptable business cases for more than 50% of its major IT investments;
  • Has not submitted Security Reports to OMB that document consistently security improvement and cannot demonstrate that:
    •80% of all IT systems are properly secured; OR
    • Inspector General or Agency Head has verified the effectiveness of the Department-wide IT Security Plan of Action and Milestone Remediation Process;
  • Has cost and schedule overruns, and performance shortfalls, that average 30% or more; OR
  • Does not have an up-to-date agency-accepted and OMB-approved implementation plan for all of the appropriate E-Gov/Lines of Business/SmartBuy initiatives rather than creating redundant or agency unique IT projects.