FDA STAFF MANUAL GUIDES, VOLUME III - GENERAL ADMINISTRATION
INFORMATION RESOURCES MANAGEMENT
INFORMATION SYSTEMS ARCHITECTURE (ISA)
INFORMATION SYSTEMS ARCHITECTURE
Transmittal Number 99-14 -- Date: 12/15/1998
Effective Date: 01/01/1999
|7. Effective Date|
This guide sets forth policies, objectives, and responsibilities for implementing and sustaining a comprehensive Information Systems Architecture (ISA) program within the Food and Drug Administration (FDA).
Clinger-Cohen Act of 1996 (CCA). The CCA establishes a broad mandate for agencies to perform information management activities. It requires the head of each executive agency to design and implement a process for maximizing the value, and assessing and managing the risk, of information technology (IT) acquisitions. It requires agencies to designate a Chief Information Officer (CIO) responsible for: (1) providing advice and other assistance to the head of the agency and other senior management personnel to ensure that IT is acquired and information resources are managed in a manner that implements the policies and procedures of the CCA, (2) developing, maintaining, and facilitating the implementation of a sound and integrated IT architecture, and (3) promoting the effective and efficient design and operation of major information resources management processes.
Information technology as defined in the CCA means any equipment or subsystem of equipment that is used in the automatic acquisition, storage, manipulation, management, movement, control, display, switching, interchange, transmission, or reception of data or information by the Agency. The term ?information technology? includes computers, ancillary equipment, software, firmware and related resources.
Interoperability is the ability of two or more computer systems and their software to exchange information and to mutually use the information that has been exchanged.
Open standards are technical standards that ensure interoperability and reduce reliance on single hardware and software vendors. Products supporting open standards include Microsoft Exchange, Windows NT Server, Windows 95, and Microsoft's Systems Management Server.
Emerging Standards are those ISA standards that are not yet established but are intended to be developed.
Portability refers to the ease with which a software system or component can be transferred from one hardware or software environment to another.
The FDA ISA program was created to establish Agency-wide technology standards and guidelines to direct future IT investments and to insure interoperability and portability of the FDA systems. The ISA provides a blueprint for development and implementation of an Agency-wide common computing environment to provide a uniform capability to communicate and exchange information across platforms and organizations. It will reduce the cost of developing and maintaining applications that operate in multiple environments.
The ISA defines an infrastructure that will guide future information systems development and migration to a more consistent processing environment. It will emphasize open standards to ensure future improvements and investments are easily integrated. Adherence to widely supported open standards ensures interoperability and reduces reliance on single hardware and software vendors. Once a standards based architecture is in place, technology improvements can be incorporated more efficiently and economically.
Benefits of the ISA will be realized by the FDA, regulated industry, as well as by the consumer. From the user perspective, the ISA will provide a common user interface to many of the information systems, services, and databases within the Agency. It will also provide a uniform capability to communicate and exchange information electronically with any other user across the Agency. From the FDA systems perspective, it will define the standards for internal and external information access and systems interoperability. The FDA will also achieve benefits since the handling (storing, archiving, routing) of electronic submissions is more efficient than paper submissions. From the industry perspective, the ISA will define common approaches for preparing electronic submissions across mission areas. Additionally, FDA consumers may benefit from improved methods for disseminating information.
It is the policy of FDA to develop, maintain, and implement a sound and integrated IT architecture for the Agency and to procure and manage its IT resources within the framework of the ISA. Refer to the ISA Phase 1 Baseline Infrastructure, ISA Phase 1 Network Architecture, and subsequent ISA manuals to identify the established and emerging ISA standards.
In accordance with Staff Manual Guide 3240.1, Agency-wide Policy for Information Technology Purchases, the CIO retains the authority to approve any exceptions to the ISA standards for IT resources unless the following circumstances apply: acquisitions are for emergency needs or for those that are threats to the public health. Under these circumstances, the Office of the Chief Information Officer will be notified of the acquisitions, but waivers are not required.
It may be necessary to deviate from the ISA standards for specialized situations, e.g., laboratories. Prior to acquiring any IT resources in support of a non-ISA standard, a waiver must be granted. A business case (justification) must be developed for each planned acquisition and submitted to the Office of Chief Information Officer for consideration. Approval will be based on merit of the business case presented. The waiver procedures are outlined in Staff Manual Guide 3240.1.
Refer to SMG 3210.1, Implementation of the Clinger-Cohen Act, dated January 1, 1999, for detailed responsibilities for the following components:
A. Office of Chief Information Officer. The Office of the Chief Information Officer has the overall responsibility for the management and coordination of the ISA program.
B. Information Resources Management (IRM) Council. The IRM Council, in collaboration with the CIO, is responsible for developing, adopting, and implementing the overall Agency IT infrastructure, based on recommendations from the TWG. See below.
C. Technical Working Group (TWG). The TWG is responsible for addressing the technical issues and implementation concerns about emerging information technologies and recommending standards to the IRM Council for the IT architecture.
January 1, 1999