US Department of Education Principal Office Functional Statements
Office of Federal Student Aid

Functional Statements > Federal Student Aid

B. Office of Principal Deputy to the Chief Operating Officer:
B5. Enterprise Technology Directorate

The Enterprise Technology Directorate has primary responsibility for providing information technology services for all FSA systems, promoting the effective and secure use of technology to achieve FSA’s strategic objectives through sound planning, investments, integrated technology architectures and standards, effective systems development, production support, and cybersecurity services. The Enterprise Technology Office’s core business functions and processes are organized into the following organizational groups:

  • Immediate Office of Enterprise Technology Directorate
  • Application Development Group
  • Infrastructure Operations Group
  • Architecture Group
  • Enterprise Cybersecurity Group

Immediate Office of the Enterprise Technology Directorate

The immediate office coordinates technology support to meet customer needs by executing efficient and effective customer service, IT governance, IT investment portfolio management, IT strategic planning and reporting, budget and administrative services, and IT acquisition management solutions.

IT governance:

  • Develops and maintains the enterprise vision, sequencing plan, and related integration artifacts.
  • Coordinates and tracks integration activities.
  • Ensures that the developed and deployed capabilities align with FSA's performance goals.
  • Develops the IT Strategic Plan.

IT acquisition management solutions:

  • Develops and ensures the use of essential technology requirements for acquisition awards and procurements through Information Resources Program Elements (IRPE).

IT investment portfolio management:

  • Provides a structured and integrated approach to managing IT investments and Federal IT Acquisition Reform Act (FITARA) requirements.
  • Consolidates and eliminates duplicative spending on commodity IT.
  • Identifies opportunities for modernization and shared services.

Budget and administrative services:

  • Provides management and guidance in areas of staffing, personnel administration, Enterprise Technology Directorate initiatives, IT training, staff development, and liaison with other business units.

Customer service:

  • Provides enterprise support as an escalation point for IT service requests and issue resolution.

IT strategic planning and reporting:

  • Defines the goals and objectives to better support and enable the execution of the FSA Mission.
  • Provides periodic updates and reporting on the IT Strategic Plan, FSA Strategic Plan, ED Strategic Plan, and the Department’s goals and priorities.

Application Development Group

The Application Development Group provides software development lifecycle and collaboration services that support FSA business initiatives and develops technologies to help achieve FSA strategic objectives.

IT Project Management Division:

  • Provides leadership and direction for implementation activities.
  • Provides direction and oversight to the Integrated Project Team (IPT), manages scope, costs, schedule, risks, and performance through the lifecycle of the project; ensures compliance and delivery of Lifecycle Management Methodology (LMM) artifacts based on the approved tailoring plan; and assists with investment and acquisition planning.

Application Software Development Division

  • Manages and oversees all application design, development, operation and maintenance initiatives in support of the Application Development Production Portfolio, which includes external systems (Electronic Cohort Default Rate (eCDR) and Experimental Sites (xSites)) and internal systems (Performance Award Tracking System (PATS and FOIA Integrity Management Solution (FIMS)).

Enterprise Testing and Business Analysis Division

  • Creates requirements management plans, conducts requirements gathering sessions, develops high-level and detailed requirements, conducts stage gate reviews, provides guidance to business units on requirements standards, and supports projects through test phases.
  • Creates master test plans, ensures test environment is ready for testing, creates test suites (system and user acceptance) using Rational Quality Manager or other tools, facilitates testing needs with other teams for testing phases as appropriate, conducts and manages system and user acceptance, provides business users training support on solution prior to user acceptance testing, creates test data for system and user acceptance testing, and facilitates and conducts test readiness reviews (TRRs) and stage gate reviews.

Collaboration Services Division

  • Provides enterprise collaboration services to enable employees to effectively and securely collaborate with and share information with each other or with the Department’s partners in an effective and secure way.

Infrastructure Operations Group

The Infrastructure Operations Group (IOG) is responsible for planning, managing, operating, and maintaining FSA’s Next Generation Data Center (NGDC) production and non-production environments for FSA business applications and FSA’s internet and intranet network infrastructure. The Infrastructure Operations Group is responsible for the following major functions and activities:

Data Center Division:

Provides technical support associated with NGDC, including:

  • Database management.
  • Business continuity and continuity of operations planning.
  • Operation security management.
  • Network engineering and telecommunications support services.
  • Service management.
  • Enterprise software management.

Operations & Scheduling Division:

  • Provides operations change, incident, and problem management.
  • Coordinates production job schedules across FSA major systems.
  • Provides system processing activities and production support to meet the needs of the business areas.
  • Develops operational policies and procedures for data processing activities.
  • Reviews and evaluates processing activities to ensure compliance with established standards.
  • Performs contract-related functions and monitors contractor performance for enterprise-wide systems.
  • Plans, develops, and implements internal quality control and productivity analysis.

Network Support Division:

  • Provides liaison with the Department’s Office of the Chief Information Officer (OCIO) to ensure appropriate data and telecommunication services are provided to support program delivery.

Identity and Access Management Division:

  • Provides identity and access management for FSA systems for privileged users (FSA employees and partners) and non-privileged users (students/borrowers).
  • Provides operational support for Next Gen data systems that includes three components:
    • Person Authentication Service (PAS) is the authentication mechanism for the over 64 million students, parents, and borrowers who access FSA's public user facing systems
    • Access and Identity Management System (AIMS) provides the platform for authorization, authentication, and identity management for FSA applications and a consistent and scalable set of security services for provisioning and managing partner, employee, and contractor access to enterprise assets
    • Two Factor Authentication (TFA) implements a security protocol through which all authorized users are required to enter two forms of authentication to access Federal Student Aid systems and environments via the internet.

Architecture Group

The Architecture Group is responsible for technology planning, usage, and development at FSA, providing processes and discipline to ensure FSA is using information technology wisely and cost-effectively. The Architecture Group develops and promotes FSA’s technology standards.

Technology Planning Division:

  • Develops and communicates a consolidated, consistent IT vision and strategy for FSA.
  • Researches, analyzes, tests, and plans for the implementation of new techniques.
  • Provides expert analysis, advice, guidance, and support for the acquisition of technologies and technology related services.
  • Conducts in-depth research and analysis and forms partnerships with industry experts, other Federal agencies, and Departmental staff, to identify proven "best practice" processes and tools.
  • Facilitates the transition of proven tools and services to FSA applications and systems.
  • Keeps current with emerging technology and trends and acts on the implications of technological changes prior to and when they occur.

Technology Architecture Division:

  • Provides underlying middleware architecture services for key FSA applications potentially to include future cloud-based and/or next-generation applications.
  • Develops and maintains the FSA enterprise information technology architecture.
  • Works with functional areas to ensure the FSA architecture supports business requirements.
  • Ensures new technologies comply with the established architecture and approves exceptions.
  • Provides expert analysis, advice, and guidance to functional areas in evaluating and selecting appropriate technologies to meet their business needs.

Technology Standards Division:

  • Develops, defines, and promulgates information technology standards, principles, and protocols to ensure interoperability of technologies across FSA.
  • Evaluates and recommends technologies to be used in business solutions within functional areas that are consistent with established standards and protocols.

Enterprise Cybersecurity Group

The Enterprise Cybersecurity Group (ECG) is responsible for FSA cybersecurity activities ensuring the confidentiality, integrity and availability of FSA information for compliance with the Federal Information Security Management Act (FISMA). To accomplish this, the ECG ensures the deployment and integration of standards, guidance, and technical measures to prevent and detect security incidents and assist with the recovery of adverse events. The ECG assesses information systems and assures that they comply with the FISMA by using independent verification and standards-based validation of information systems. The ECG performs the following major roles, functions, and activities in coordination with FSA’s Chief Information Officer (i.e., the Director, Enterprise Technology Directorate) and the Department’s Office of the Chief Information Officer (OCIO):

Information Security Division

  • Serves as FSA’s senior cybersecurity expert.
  • Responsible for maintaining, validating, and monitoring security compliance of FSA information systems.

Cybersecurity Operations Division:

  • Provides people, process, and technology to operate the FSA Security Operations Center (SOC).
  • Performs continuous cybersecurity diagnostics and monitoring for FSA information systems.
  • Performs cybersecurity incident response, which includes sensitive information breaches.
  • Supports schools and acts as the FSA cybersecurity interface as part of the post-secondary institution assessments/breach response process.

Security Risk Management Division:

  • Develops and maintains organizational metrics as well as develops remediation strategies for security vulnerabilities.
  • Performs onsite and automated security assessments of Guaranty Agencies.
  • Performs privacy oversight for compliance with the Privacy Act and OMB Requirements.
  • Provides information system security assessments and authorization for FISMA reportable systems and high-value assets.
  • Manages the FSA Plan of Action and Milestones (POA&M) Program.
  • Responds to audit findings and compliance checks from the Department, OIG, DHS, and OMB.
  • Develops and implements security processes and procedures.

Information Systems Security Division:

  • Provide for a centralized Information System Security Officer (ISSO) team.
  • Work with FSA business units on security requirements and solutions.
  • Enforce compliance with FISMA, the Department’s policies, and FSA guidance.

   
Printable view
Last Modified: 04/29/2020