Procurement and Service Catalog Best Practices

NOAA OCIO IT

Services Catalog

Table of Contents

Introduction___________________________________________________________2

Desktop Management Services___________________________________________4

Desktop Management Service Levels___________________________________________5

Desktop Management Services Pricing_________________________________________6

Data and Voice Networks Services________________________________________8

Data and Voice Networks Service Levels________________________________________9

Data and Voice Networks Services Pricing_____________________________________11

Data Center Services__________________________________________________13

Data Center Service Levels__________________________________________________14

Data Center Services Pricing_________________________________________________17

End User Service Center (EUSC) Services_________________________________19

End User Service Center Service Levels_______________________________________20

Service Desk Services Pricing________________________________________________25

Collaboration Services_________________________________________________27

Collaboration Service Levels_________________________________________________28

Collaboration Services Pricing_______________________________________________28

Special Projects______________________________________________________30

Special Project Service Levels_______________________________________________31

Special Projects Services Pricing_____________________________________________33

Application Services___________________________________________________36

Application Service Levels__________________________________________________37

Application Services Pricing_________________________________________________38

Security Services_____________________________________________________40

Security Service Levels_____________________________________________________41

Security Services Pricing____________________________________________________44

Architecture Services__________________________________________________45

Enterprise Architecture Maturity Assessment (AMA)_____________________________46

Enterprise Architecture – Quality Measurement_________________________________47

Project Management Services___________________________________________52

Project Management Service Levels___________________________________________54

Project Management Services Pricing___________________________________________55

Page i of 61 4/10/2023

Page ii of 61 4/10/2023

document.doc

IntroductionThe National Oceanic and Atmospheric Administration (NOAA) OCIO and its Line Office OCIOs work closely with business partners throughout NOAA and the Department of Commerce to ensure the reliable delivery, support and use of leading edge technology that will better enable the NOAA mission. As part of these efforts, the OCIO is pleased to present its service offerings for the calendar year 2008. This service catalog covers all services offered by OCIO’s IT service organization to the NOAA.

The services defined within this catalog are structured into “benchmarkable” families so that comparisons can be made against peer companies and external service providers on a regular basis. Our services fall into nine major categories, described in this order:

Desktop Management Services

Data and Voice Network Services

Data Center Services

End User Service Center Services

Collaboration Services

Special Projects

Application Services

Security Services

Architecture Services

Project Management Services

Further description of the services is identified in the graphic below:

Figure 1. Service Description

Security

Architecture Services

Project Management

ServicesProcurement


Special Projects


End User Service Center


Data and Voice

Network

Desktop Management

SecurityArchitecture

Services

Project Management

ServicesProcurement


Special Projects




Data and Voice

Network

Desktop Management

Enterprise Data

Network

Voice/PBX/VoIP

IMAC

Desktop End-User

Computing Services

Desktop Application Services

Asset Management

Hosting Operations and Admin

Storage

COOP/DR

IMAC

Consolidation of NOAA

Help Desks

Tier 0/1 Service Desk Operations

Voice and Video

Conferencing

Web Conferencing and Webcast

Email Consolidation

Document / Records

Management

Training, Technical Services & Consulting

Application and Web

Development

Application and Web

Maintenance

Web Design and Content Management

Hardware

Software

Services

Order Management

SOC

Security Services e-Gov

Support

Emerging TechnologyResearch

On-site Project and

Program Support

PMO Technology Architecture

Support


Services

Project Management

ServicesProcurement


Special Projects




Data and Voice

Network

Desktop Management


Services

Project Management

ServicesProcurement


Special Projects




Data and Voice

Network

Desktop Management

Enterprise Data

Network

Voice/PBX/VoIP

IMAC

Desktop End-User

Computing Services


Asset Management

Hosting Operations and Admin

Storage

COOP/DR

IMAC

Consolidation of NOAA

Help Desks

Tier 0/1 Service Desk Operations

Voice and Video

Conferencing

Web Conferencing and Webcast

Email Consolidation

Document / Records

Management

Training, Technical Services & Consulting

Application and Web

Development

Application and Web

Maintenance

Web Design and Content Management

Hardware

Software

Services

Order Management

SOC

Security Services e-Gov

Support

Emerging TechnologyResearch

On-site Project and

Program Support

PMO Technology Architecture

Support

Each service description includes the applicable services, request procedures, service-level information and unit of charge or “driver” information. This structure was developed within the

Page 3 of 61 4/10/2023

document.doc

context of being able to provide services as a basis for assessing costs, service levels and opportunities for improvement.

While IT support services are familiar to our business partners, the NOAA OCIO has created these services and standardized the service descriptions in an effort to enhance and simplify the service environment. In limited instances, this may result in a financial impact to a particular customer. The prices in this document will be evaluated during the coming year to assess the potential impact to all customers, while not changing (or diverging) from the current cost allocation methodology for IT resources.

Page 4 of 61 4/10/2023

document.doc

Desktop Management ServicesDesktop management facilitates the delivery of desktop and laptop computing to the end user. The National Oceanic and Atmospheric Administration’s (NOAA) Desktop Management Services provisions a suite of services to support hardware purchase / lease and licensing for all desktop, end user devices, enterprise licensed software, productivity software and infrastructure.

Specifically included within Desktop Management Services are:

Desktop End User Computing services

Operations and Administration Services provides services associated with the day-to-day management of the installed desktop and end user hardware and software; hardware in scope includes desktops, laptops, personal digital assistants (PDA), printers (local and networked), scanners, monitors and data storage devices (e.g., hard drives, CD/DVD).

Data Backup, Storage and Recovery Services

Levels 2 and 3 hardware and software support

─ On-site Break/Fix Services

─ Installations, Moves, Adds and Changes (IMAC), which provides onsite and remote support for IMACs in all NOAA regions


─ NOAA-certified standard business productivity software

─ Image Configuration and Management, which provides image management services and works with NOAA to standardize NOAA images

Asset Management for desktops and end user devices

It is important to note that Desktop Management Services excludes the following, which are all delivered through other services (Collaboration, Output, Help Desk and Infrastructure):

E-mail and Instant Messaging

File and Print Services

Storage

Help Desk

LAN/WAN Connectivity

Page 5 of 61 4/10/2023

document.doc

Desktop Management Service LevelsThe following chart depicts the level of service provided for Desktop Management Services. These service-level targets are the basis for negotiated service-level agreements (SLAs) with the business units. Selection of level of service – customary or premium – is based on business unit needs.

Customary Desktop Management Service Levels

Service Level Description Objective Target Metric

Desktop / Laptop Installation

Acceptable time required to install a new desktop system upon appropriate service request

Normally, a service request for more than five installations is considered a project and is based on an agreed project timeframe

Number of business days from time system arrives at installation site, or 10 days end to end

95% of the time

Desktop / Laptop Move, Add, or Change (MAC)

Acceptable time required to move, add, or change software or hardware for a single desktop system upon appropriate service request

Normally a service request for more than five MACs is considered project and is based on an agreed project timeframe

Within the number of SLA business days from time of notification by Service Recipient for standard and non-standard product(s); 10 days

90% of the time

Image ManagementTime within which service provider will create, test, and document a new desktop / laptop image

< 10 days from receipt of request from Service Recipient

99.0%


Desktop / Laptop Installation

Acceptable time required to install a new desktop system upon appropriate service request

Normally, a service request for more than five installations is considered a project and is based on agreed project timeframe

Number of business days from time system arrives at installation site (4 hours or 10 days end to end)

95% of the time

Desktop / Laptop Move, Acceptable time required to move, add, or Within the number of SLA business days 95% of the time

Page 6 of 61 4/10/2023

document.doc

Add, or Change (MAC) change software or hardware for a desktop system upon appropriate service request

Normally a service request for more than five MACs is considered project and is based on an agreed project timeframe

from time of notification by Service Recipient for standard and non-standard product(s); 1 day,

Image Management Time within which service provider will create, test, and document a new desktop / laptop image

< 10 days from receipt of request from Service Recipient

99.5%

Desktop Management Services PricingThe following table describes the Desktop Management Services and the pricing for customary and premium services. Pricing for premium services will be on a case-by-case basis, based on business unit needs.

Customary Desktop Management Service Pricing

Service Description Monthly Price Comment

Desktop / Laptop Support Includes operating system and related software upgrades and fixes, electronic distribution of desktop/laptop software, backup and restoration of desktop/laptop data, access and security management, and image management

Per desktop / laptop

Standard Desktop / Laptop Provisioning

Includes asset purchasing, preparation, installation, warranty coordination, cleaning for disposal, and disposal

Per desktop / laptop Pricing based on customary service levels for standard equipment fulfillment, configuration, integration, shipping, installation, user account setup, user account deletion, MACs, and virus file release

Page 7 of 61 4/10/2023

document.doc

Premium Desktop Management Service Pricing


Desktop / Laptop Support with Premium Service Levels

Includes operating system and related software upgrades and fixes, electronic distribution of desktop/laptop software, backup and restoration of desktop/laptop data, access and security management, and image management


Non-standard Desktop / Laptop Provisioning


Per desktop / laptop Pricing based on premium service levels for non-standard equipment fulfillment, configuration, integration, shipping, installation, user account setup, user account deletion, MACs, and virus file release

Standard Desktop / Laptop Provisioning


Per desktop / laptop Pricing based on premium service levels for standard equipment fulfillment, configuration, integration, shipping, installation, user account setup, user account deletion, MACs, and virus file release

Unit Exchange Program (Loaners) Provide a backup device for use when primary device is being repaired


Page 8 of 61 4/10/2023

document.doc

Data and Voice Networks ServicesData and Voice Network requirements include providing advanced services for Enterprise Data Network (LAN/WAN), Network Operations Center, Remote Access, Voice/PBX/VoIP and Installs, Move, Add, or Changes (IMACs). Network Services consist of the following:

Enterprise Data Network

Enterprise Data Network services include the provisioning and management of a reliable, scalable, responsive and secure high-speed network infrastructure to all NOAA locations while providing Quality of Service (QoS) capabilities to guarantee bandwidth throughput.

NOAA will standardize networking processes as well as consolidate networks when possible to enable a consistent user experience across NOAA.

─ WAN Services

─ LAN Services

─ Network Operations Center

─ Remote Access (VPN) Services

Voice/PBX/VoIP Support

Voice/PBX/VoIP support or services to meet NOAA business needs for highly available, scalable, reliable and secure (unclassified) Voice Communications Services.

─ Voice/PBX/VoIP Devices

─ Voice Network Services

─ Voice Messaging

─ Directory Service

IMAC

On-site and remote support for Enterprise Data/Voice Network related IMACs in all NOAA Regions.

Scheduling, trouble ticket status updating and asset management system updating.

NOAA telecommunications hardware inventory support and services to achieve optimal service levels. Hardware inventory services include packaging, unpackaging, imaging, updating, re-imaging, hardware diagnostics, documentation, updating of the knowledge base, queue management and Level 2 and Level 3 support.

Page 9 of 61 4/10/2023

document.doc

Data and Voice Networks Service LevelsThe following chart depicts the level of service provided for Data and Voice Network Services. These service-level targets are the basis for negotiated SLAs with the business units. Selection of level of service – customary or premium – is based on business unit needs.

Customary Data and Voice Network Service Levels


Data Network AvailabilityThe percent of time that the data network is available for normal business operations

99.90% 99.90%

Internet AvailabilityThe percent of time that the Internet is available for normal business operations

99.90% 99.90%

Local Network AvailabilityThe percent of time that the local network is available for normal business operations

99.50% Availability 99.50%

Move, Add, Change, Delete Telecom: 1 to 25 Hardware and Wire

Average time to complete a move, add, change or delete for network system that requires a change for hardware and or wiring

5 days 95% of the time

Move, Add, Change, Delete Telecom: 1 to 25 Software

Average time to complete a move, add, change or delete for network system that only requires a change that can be completed by software

1 day 95% of the time

Wide Area Network Availability

The percent of time that the wide area network is available for normal business operationsIncludes voice and data as well as the equipment infrastructure

99.00% 99.00%

Response Time - NetworkTime required for a packet to go between an end user demarcation point and the host site FEP or similar device

0.5 seconds 0.5 seconds

Voice Mailbox AvailabilityThe percent of time that the voicemail system is available for normal business operations


Page 10 of 61 4/10/2023

document.doc

Voice Network AvailabilityThe percent of time that the voice network is available for normal business operations

99.90% 99.90%

WAN AvailabilityThe percent of time that the WAN is available for normal business operations


Premium Infrastructure Service Levels


Move, Add, Change, Delete Telecom: 1 to 25 Software

Average time to complete a move, add, change or delete for network system that only requires a change that can be completed by software

2 hours 80% of the time

Move, Add, Change, Delete Telecom: 1 to 25 Hardware and Wire

Average time to complete a move, add, change or delete for network system that requires a change for hardware and or wiring

1 day 80% of the time

Response Time - NetworkTime required for a packet to go between an end user demarcation point and the host site FEP or similar device

0.5 seconds 0.001 seconds

Page 11 of 61 4/10/2023

document.doc

Data and Voice Networks Services PricingThe following table describes the Data and Voice Network Services and the pricing for customary and premium services. Pricing for premium services will be on a case-by-case basis, based on business unit needs.

Customary Data and Voice Networks Service Pricing


Network Connectivity Support Includes all services relating to internetworking (WAN connectivity, hubs, routers, labor and monitoring, etc.) to support a LAN connected PCAlso includes conferencing services support and basic terminal server access for remote users

Required for every LAN connected seat and does not include special dedicated connections

Basic Line - Voice Standard Voice provides users with a handset and a dial tone through the Centrex or PBX-based services

Global Voice Mail Global Voice Messaging - Telephone Answering System with moves/adds /changes, global messaging capabilities, access to system distribution lists

Voice Network Local service and long distance service, to phone users with local, intrastate, interstate, and international calling from enterprise facilities

Page 12 of 61 4/10/2023

document.doc

Premium Data and Voice Networks Service Pricing


Custom Terminal Server Access Access to specific terminal servers that are not included in the base per seat charge; includes all costs associated with specific terminal servers including dedicated 800 lines, server hardware and software, floor space and all associated labor

Costs will be allocated based on actual usage and billed directly to user departments

The goal of this Service is to limit the excessive number of user defined terminal servers

Dedicated Lines Any specific dedicated connectivity required by a business unit (above and beyond standard backbone support)This may include large dedicated bandwidth or individual dedicated lines for specific users (e.g., dedicated home access)

Usage charges billed directly to business units

Dedicated Lines

Page 13 of 61 4/10/2023

document.doc

Data Center ServicesThe National Oceanic and Atmospheric Administration (NOAA) Data Center environment includes the administration and management of servers and storage such as: Mainframe, Unix-based, Windows-based systems and associated data storage and backup services and supporting systems software (e.g., operating systems, utilities, schedulers) from a centralized location. These environments support NOAA’s business applications/databases, file/print services, e-mail (including Blackberry) services, and other NOAA-specific infrastructure-related functions.

Data Center Services include the following:

Business Continuity and Disaster Recovery: Process of planning and managing organizational preparation for future incidents that could jeopardize the organization’s core mission and long-term health.

Configuration Management: Process of managing change controls placed on hardware, software, documentation, testing and test documentation during the development and operational life of a system.

Database Management: Process of managing database systems to ensure optimal delivery for all aspects of the organizational data infrastructure.

Facilities Management: Process of managing data center facilities to ensure efficient operations, flexibility and scalability. Key management parameters include site location, building selection, floor layout, electrical system design, mechanical design and modularity.

Monitoring: Process of proactively managing and monitoring operational systems to identify underperforming systems and other incidents which affect IT service delivery.

Performance Management: Process of managing IT infrastructure and operations (network performance) as an integrated part of business-relevant performance metrics.

Task Management – Output Management: Process of managing middleware that drives the output process and supports the automated creation and delivery of business process and ad hoc documents.

Task Management – Job Scheduling: Process of managing enterprise software applications that execute unattended background activities through a single point of control overseeing integration of real-time activities with background processing requirements.

Page 14 of 61 4/10/2023

document.doc

Data Center Service LevelsThe following chart depicts the level of service provided for Data Center Services. These service-level targets are the basis for negotiated service-level agreements (SLAs) with the business units.

Table 1. System Availability


Mainframe OS and Subsystems

Per System Availability Sun.–Sat., 0000–2400 99.99%

Unix Production Servers Per Server Availability Sun.–Sat., 0000–2400 99.99%

AS/400 Production Servers Per Server Availability Sun.–Sat., 0000–2400 99.99%

Windows Production Servers (Critical)

Per Server Availability Sun.–Sat., 0000–2400 99.99%

Windows Production Servers (Non-critical)

Per Server Availability Mon.–Fri., 0400–1900 99.5%

QA/Test Systems and Servers Per Server Availability Mon.–Sat., 0400–1900 99.5%

Development Servers Per Server Availability Mon.–Sat., 0400–1900 99.5%

Table 2. Batch Processing


Scheduled Production Batch Per Scheduled Time Complete core jobs per approved schedule 99.50%

Demand Production Batch Response Time 20 minutes to initiation from receipt of request 95%

Set up or modify job scheduler definition and dependencies

Response Time Next Business Day (all daily requests) 98%

One-time schedule change for existing scheduled jobs

Response Time 2 hours (all daily requests) 98%

Page 15 of 61 4/10/2023

document.doc

Table 3. General Administrative Functions


Set Up/Modify End-User ID or Authorization changes.

Response Time:

1–5 User IDs

6–10 User IDs

>10 User IDs

Objective:

2 Business Days 3 Business Days Per agreed-on time

95%

Table 4. System Administration


Advise need to allocate additional processing resources based on pre-defined parameters and observed growth patterns

Proactive monitoring and reporting of need to increase capacity

Sustained average daily CPU utilization approaches 70% of installed processor capacity—Inform within 1 Business Day

99%

On-Demand CPU Processing capability change requests

Elapsed TimeIncreases/decreases of 20% of baseline CPU processing capability within 2 days

99%

Advise need to allocate additional storage resources based on pre-defined parameters and observed growth patterns

Proactive monitoring and reporting of need to increase capacity

Total monthly storage capacity utilization measured in GBs used approaches 80% of installed capacity—Inform within 1 Business Day

99%

On-Demand disk storage capacity change requests

Elapsed Time

Increases/decreases of 10% of installed storage capacity within 7 Business Days of request/approval

If owns the assets, then metric is within 7 Business Days of delivery of equipment to data center

99%

System security requests (RACF, ACF2)

Response Time Next Business Day 99%

Deploy service/security patches/antivirus updates necessary to fix/repair

Response Time Same Business Day as signoff, subject to agreed-upon Change Management procedures

99%

Page 16 of 61 4/10/2023

document.doc


environment vulnerabilities

Restore of production datasets from on-site backups (non-DR)

Time to initiate restore Initiated within 20 minutes of request 95%

Table 5. Server Software and System Refresh


Notification of vendor Software upgrades and new releases

Response Time Within 30 days after Software vendor announcement 95%

Completion of implementation of service packs and updates to “dot” releases

Response TimeWithin 60 days following approval, or as otherwise mutually agreed

95%

Completion of implementation of version or major release updates

Response TimeWithin 120 days after approval, or as otherwise mutually agreed

95%

Refresh for midrange servers (Windows)

Response TimePopulation age greater than 3 years old based on business unit approval

95%

Individual patches and requisite patches per database

Elapsed TimeSame Business Day as signoff, completed within Availability SLRs

95%

Table 6. Restore


Restore Requests for production data

Response Time

Data 1 week old or less

Commence restore within 3 hours from request (assumes data are being restored from copies of on-site backups)

100%

Restore Requests for recovery of test data or data volume backups

Response TimeData 1 week old or less

Commence restore within 8 hours from request (assumes data are being restored from copies of on-site backups)

100%

Page 17 of 61 4/10/2023

document.doc


Restore Requests for recovery of data or data volume backups

>1 week old Commence restore within 3 Business Days 100%

Page 18 of 61 4/10/2023

document.doc

Data Center Services PricingThe following table describes the Data Center Services and the pricing for customary and premium services. Pricing for premium services will be on a case-by-case basis, based on business unit needs.

Table 7. Mainframe

Customary Mainframe Service Pricing


Disaster Recovery Services Regaining access to data, hardware and software necessary to resume, at a minimum, critical business operations

Fixed Monthly Charge

Mainframe CPU – MVS (z/OS) Maintaining operations in accordance with defined service level

Per installed MIP

Mainframe CPU – TPF Maintaining operations in accordance with defined service level

Per installed MIP

SAN Storage Maintaining operations of remote storage devices in accordance with defined service level

Per allocated terabyte

Tape Backup Maintaining backup operations in accordance with defined service level

Physical mounts


Per tape

Table 8. Midrange

Customary Midrange Service Pricing


Disaster Recovery Services Regaining access to data, hardware and software necessary to resume, at a minimum, critical business operations

Fixed Monthly Charge

Page 19 of 61 4/10/2023

document.doc

Customary Midrange Service Pricing


Solaris Servers Maintaining operations in accordance with defined service level

Price per Server

AIX Servers Maintaining operations in accordance with defined service level

Price per Server

WINTEL Servers Maintaining operations in accordance with defined service level

Price per Server

VMWare Maintaining operations in accordance with defined service level

Price per Virtual Host

AS400 Maintaining operations in accordance with defined service level

Price per Server

SAN Storage Maintaining operations of remote storage devices in accordance with defined service level

Per Allocated Terabyte


Physical Mounts


Per Tape

Page 20 of 61 4/10/2023

document.doc

End User Service Center (EUSC) ServicesEnd User Service Center service requirements include the Consolidation of NOAA Help Desks, Provision of Tier 0/1 Service Desk Operations, Single Point of Contact (SPOC), Incident Management, Remote Device and Software Management and Planning, Analysis and Reporting.

NOAA objectives for End User Service Center (EUSC) services are to:

Improve IT customer service and incident resolution speed through consolidation of NOAA help desks

Establish a single point of contact for IT support and services through the help desk to all users in accordance with agreed-upon performance standards

Provide timely and accurate initial assessment, root cause analysis and consistent incident and problem management

Improve NOAA efficiency and effectiveness by adopting Provider-leveraged knowledge databases and best practices in reporting critical information to customers (e.g., usage,

Page 21 of 61 4/10/2023

document.doc

End User Service Center Service LevelsThe following chart depicts the level of service provided for Service Desk Services. These service level targets are the basis for negotiated service-level agreements (SLAs) with the business units. Selection of level of service – customary or premium – is based on business unit needs.

Customary End User Service Center Service Levels


Break/Fix Critical Applications

Time to restore functionality of critical applications

4 hours 100%

Break/Fix Non-Critical Applications

Time to restore functionality of non-critical applications

24 hours 100%

Call Abandonment Rate

The call abandonment rate is the proportion of calls that come into the Service Desk that either hang up or are disconnected before the agent answers the phone

<5% of calls abandoned <5%

Call Closure within Eight Business Hours

Time between the opening of an incident and its final closure; final closure of the ticket often requires a waiting period or confirmation with the service recipient after the issue has been resolved; include the total time here from inception through post resolution closure

75% for the first two months with 5% monthly increases until first call resolution rate equals or exceeds 90%

90%

Call Closure within Next Business Day


85% for the first two months with 5% monthly increases until first call resolution rate equals or exceeds 99.5%

99.5%

Configuration Problem

Resolution of configuration issues within Service Recipient environment is and efficient and effective management/resolution, including documentation of problems relating to processing environment configurations

Within one business day from time of notification by Service Recipient 90% of the time (NOTE: May vary depending upon "campus" or "remote" unit location)

90%

Page 22 of 61 4/10/2023

document.doc



File Restoration (Disaster Recovery)

Begin process of restoring files when notified by Service Recipient or become aware of failure through self analysis or contact center

Number of business hours until completion from time of notification by Service Recipient

2 days

First Call Resolution RateThe servicing and closing of a IT related incident ticket by Service Desk when a service recipient places a call

50% for the first two months with 5% monthly increases until first call resolution rate equals or exceeds 68% (NOTE: Service level varies by I5 Through I5)

68%

Follow-on Calls Due to Problem Repeated after Initial Fix Failed

This is a measure of quality; it tracks repeat calls, or the number of calls initiated by an end user to correct the same problem that had been closed as resolved

10% for the first two months with a 1% reduction per month until 5% is achieved

5%, 99% of the time

Service Desk Call AnswerAnswer time is the number of seconds it takes any representative of service recipient to connect with contact center representative

90% of calls will be answered < 30 seconds by live person that is front-end directed by ACD

30 seconds, 90% of the time

Mean Time to Repair (MTTR) Applications

Time to restore functionality of applications 5 days 96%

Mean Time to Restore - Data Severity 1

The average time it takes to restore data network for critical systems

<4 hours95% of the time


The average time it takes to restore data network for multiple non-critical systems



The average time it takes to restore data network for single non-critical systems


Mean Time to Restore - Voice Severity 1

The average time it takes to restore voice service for a major user impact



The average time it takes to restore voice service for a work group or multiple users



The average time it takes to restore voice service for a single user


Password ResetReset end user authorizations based on end user request

Number of minutes until completion from time of notification by Service Recipient

1 hour, 95% of the time

Page 23 of 61 4/10/2023

document.doc



Priority 1 - Mission Critical Impact - Multiple Users Down

Acceptable time to resolve problems for hardware, software and system components within the desktop environment that are mission critical or effect significant number of end users

Number of hours until resolution2 hours, 95% of the time

Priority 2 - Major Impact Single User Down ,Other Users Affected

Acceptable time to resolve problems for hardware, software and system components within the desktop environment that are major impact or effect number of end users

Number of business hours until resolution8 hours, 85% of the time

Priority 3 - Moderate Impact Single User Down with a Few Others Capable of Performing Required Tasks

Acceptable time to resolve problems for hardware, software and system components within the desktop environment that are moderate impact or affect few end users

Number of business days until resolution2 days, 95% of the time

Priority 4 - Minor Impact User down with Many Others Capable of Performing Required Tasks

Acceptable time to resolve problems for hardware, software and system components within the desktop environment that are minor impact

Number of business days until resolution3 days, 90% of the time

Software ProblemMeasure performance in resolving software problems with servers, desktops, laptops, midrange computers, mainframe computers


90.00%

Individual User Accounts (including email)

Acceptable time for creation of access authorizations and codes for end user access to systems via desktop / laptop


5 minutes, 80% of the time

Deletion of Individual User Accounts (including email)

Acceptable time for deletion of access authorizations and codes


2 weeks

Page 24 of 61 4/10/2023

document.doc

Premium Service Desk Service Levels


Call Abandonment Rate The call abandonment rate is the proportion of calls that come into the Service Desk that either hang up or are disconnected before the agent answers the phone

<5% of calls abandoned

<2%

Call Closure within Four Business Hours



85%

Configuration Problem Resolution of configuration issues within Service Recipient environment is and efficient and effective management/resolution, including documentation of problems relating to processing environment configurations


95%

File Restoration (Disaster Recovery)

Begin process of restoring files when notified by Service Recipient or become aware of failure through self analysis or contact center


2 hours, 80% of the time

First Call Resolution Rate The desired percentage of total contacts planned for resolution at this level; first contact completion applies when the first person the customer reaches either answers the question, resolves the problem, or dispatches service where appropriate; warm transfers and call backs should be considered second or greater contact


80.81%

Follow-on Calls Due to Problem Repeated after Initial Fix Failed

This is a measure of quality; it tracks repeat calls, or the number of calls initiated by an end user to correct the same problem that had been closed as resolved

10% for the first two months with a 1% reduction per month until 5% is achieved

5%, 99% of the time

Service Desk Call Answer Answer time is the number of seconds it takes any representative of service recipient to connect with contact center representative

90% of calls will be answered < 30 seconds by live person that is front-end directed by ACD

5 seconds, 98% of the time

Page 25 of 61 4/10/2023

document.doc



Mean Time to Repair (MTTR) Applications

Time to restore functionality of applications 30 minutes 96% of the time


The average time it takes to restore data network for multiple non-critical systems



The average time it takes to restore data network for single non-critical systems



The average time it takes to restore voice service for a major user impact

<2 hours 95% of the time


The average time it takes to restore voice service for a work group or multiple users

<12 hours 95% of the time


The average time it takes to restore voice service for a single user


Mean Time to Restore e - Data Severity 1

The average time it takes to restore data network for critical systems


Password Reset Reset end user authorizations based on end user request

Number of minutes until completion from time of notification by Service Recipient

5 minutes, 80% of the time

Priority 1 - Mission Critical Impact - Multiple Users Down

Acceptable time to resolve problems for hardware, software and system components within the desktop environment that are mission critical or effect significant number of end users

Number of hours until resolution 1 hour

Priority 2 - Major Impact Single User Down ,Other Users Affected

Acceptable time to resolve problems for hardware, software and system components within the desktop environment that are major impact or effect number of end users

Number of business hours until resolution2 hours, 95% of the time

Priority 3 - Moderate Impact Single User Down with a Few Others Capable of Performing Required Tasks

Acceptable time to resolve problems for hardware, software and system components within the desktop environment that are moderate impact or affect few end users

Number of business days until resolution3 hours, 90% of the time

Priority 4 - Minor Impact Acceptable time to resolve problems for Number of business days until resolution 4 hours, 90% of the

Page 26 of 61 4/10/2023

document.doc



User down with Many Others Capable of Performing Required Tasks

hardware, software and system components within the desktop environment that are minor impact

time

Software Problem Measure performance in resolving software problems with servers, desktops, laptops, midrange computers, mainframe computers


95.00%

Individual User Accounts (including email)

Acceptable time for creation of access authorizations and codes for end user access to systems via desktop / laptop


5 days, 95% of the time

Deletion of Individual User Accounts (including email)

Acceptable time for deletion of access authorizations and codes


30 minutes

Service Desk Services PricingThe following table describes the Service Desk Services and the pricing for customary and premium services. Pricing for premium services will be on a case-by-case basis, based on business unit needs.

Page 27 of 61 4/10/2023

document.doc

Customary Service Desk Service Pricing


Infrastructure Service Desk Service

Telephone based first level support associated with workstations; includes remote diagnosis and resolution where possible, and escalation of issues with desktop hardware, operating systems, base application configurations, network administration, LAN/WAN, Printing, Mainframe, Servers, Voice, Audio Teleconferencing, Video Teleconferencing, and PDA; also includes support for requests for IT services

Per User

Premium Service Desk Service Pricing


Applications Service Desk Service Includes support for custom business applications; this may include configuration, "how to" support, or escalation of issues to appropriate personnel

Per User

Facilities Service Desk Service Support for facilities requests such as heating, air conditioning, and janitorial services

Per Employee

Page 28 of 61 4/10/2023

document.doc

Collaboration ServicesCollaboration enables people to work with each other on a non-routine cognitive task. As such, NOAA’s Collaboration Services will provide the tools and technology resources for associates to work together within NOAA and with external parties. Collaboration Services aims at delivering tools to increase the efficiency and effectiveness of staff to carry out a wide-range of business functions across a geographically dispersed area. These resources include basic collaboration in the form of e-mail and desktop Internet/intranet:

Video and Voice conferencing: Enables the communication for individuals or groups using systems that support image, voice and data transfer over digital networks or telephone circuits.

Web Conferencing: Spans presentation delivery, desktop and application sharing, whiteboards, instant messaging and chat, and is typically used to provide an interactive, collaborative exchange between smaller audiences in real-time

Webcasting: Provides for the ability to send multimedia content over the Internet, and is typically used to reach a large, passive audience with a one-way presentation.

Page 29 of 61 4/10/2023

document.doc

Collaboration Service LevelsThe following chart depicts the level of service provided for Collaboration Services. These service level targets are the basis for negotiated service-level agreements (SLAs) with the business units. Selection of level of service – customary or premium – is based on business unit needs.

Customary Collaboration Service Levels

Service Level Description Objective

Messaging Availability The percent of time that the messaging server is available

for normal business operations Includes Microsoft Exchange and Lotus Notes

99.0% Availability

Premium Collaboration Service Levels

Service Level Description Objective

Messaging Availability The percent of time that the messaging server is available for normal business operations

Includes Microsoft Exchange and Lotus Notes

99.5% Availability

Collaboration Services PricingThe following table describes the Collaboration Services and the pricing for customary and premium services. Pricing for premium services will be on a case-by-case basis, based on business unit needs.

Customary Collaboration Service Pricing

Service Description Monthly Price

Desktop Internet and Intranet Access

Allows the desktop Web Browser access to the external Internet "Web" via Internet gateways

This service includes authenticated, audited and secure browser access to the World Wide Web

Per User

Page 30 of 61 4/10/2023

document.doc

Customary Collaboration Service Pricing


Authentication Services Provides authentication to file and print infrastructures and directory services

Per User

E-Mail - Including Base Storage

Access to enterprise e-mail, the ability to send and receive Internet e-mail, and filtering of Internet e-mails using virus scanning, anti-spam scanning, and content filtering

Also includes any regulatory required retention of e-mails Includes up to 100MB of mailbox storage

Per Mailbox

Teleconferencing Teleconferencing incorporates the use of a specific ‘800’ number that participants call into with a conference ID code and access number

Unlike the standard conference call that connects two parties onto one line, this feature allows multiple parties, at different locations, to call into a dedicated line

Per Minute Charge

Premium Collaboration Service Pricing


Additional E-Mail Storage Additional mailbox storage above 100MB Per GB

Page 31 of 61 4/10/2023

document.doc

Special ProjectsNOAA seeks to establish a special projects service to provide the planning, support, or execution of customized IT projects. These projects may be sponsored by the NOAA CIO and/or NOAA Line Office CIOs, and may have enterprise-wide or Line Office-specific scope.

An augmentation (special projects) rather than traditional automation (standard operations) approach becomes the priority where IT organizations share ownership of major business objectives with the business units.

The IT organization will support clear delineation between automation and augmentation when split into an operations unit, which continues the traditional role of supporting automation, and a ‘special projects’ unit. The special projects unit will selectively devote its resources to the business teams addressing key business initiatives defined by the enterprise’s leaders. In some cases, the special projects team can lead the effort, but should operate independently of the business units.

Three NOAA special projects include the following:

E-mail Consolidation

Standardization on a single e-mail vendor and centralization of governance and management of enterprise-wide e-mail systems.

Document / Records Management

An enterprise-wide program for records management enabled through policies administered consistently across all departments and units and encompassing paper records, electronic documents, e-mail and instant messages.

Training, Technical Services and Consulting

On-site training

Computer Based Training

Training the Trainer

Instructor-led Training

Course Development

Training Planning

Page 32 of 61 4/10/2023

document.doc

Special Project Service Levels

E-mail Consolidation Service Levels

The following chart depicts the level of service provided for E-mail Consolidation Services. These service level targets are the basis for negotiated service-level agreements (SLAs) with the business units. Selection of level of service – customary or premium – is based on business unit needs.

Customary Email Consolidation Service Levels


Messaging Availability

The percent of time that the messaging/exchange server is available for normal business operations


99.0% Availability 90%

Premium Email Consolidation Service Levels


Messaging Availability The percent of time that the messaging/exchange server is available for normal business operations



Document and Records Management Service Levels

The following chart depicts the level of service provided for Document and Records Management Services. These service-level targets are the basis for negotiated service-level agreements (SLAs) with the business units. Selection of level of service – customary or premium – is based on business unit needs.

Page 33 of 61 4/10/2023

document.doc

Customary Document and Records Management Service Levels


Application Quality

Utilized by the service recipient to measure service provider correctness of applications - when installed with a desired result of reducing time to market, reducing error and re-work and improving end-user customer satisfaction

Average across all applications TBD

Availability - ApplicationsThe percent of time that the application is available for normal business operations

99.00% 99.00%

Small Maintenance Projects – Level 1

Time taken to perform minor maintenance on mission critical applications

15 days 95%

Small Maintenance Projects – Level 2 (all other)

Time taken to perform minor maintenance on mission non-critical applications

30 days 95%

Variance to Budget Total cost to complete program requirements will come in at the budgeted cost

Total will be +/- 10% of budget for projects 81.00%

Variance to Schedule Completed program requirements will be delivered at scheduled time

Total will be within +/- 5% of schedule for completion

80.00%

Premium Document and Records Management Service Levels






95.00%

Page 34 of 61 4/10/2023

document.doc

Training, Technical Services and Consulting Service Levels

The following chart depicts the level of service provided for Training, Technical Services and Consulting Services. These service-level targets are the basis for negotiated service-level agreements (SLAs) with external and internal services providers and the business units. Selection of level of service – customary or premium – is based on business unit needs.

Customary Professional Service Levels


Project Completed on Time and Within Budget

Targets established for each project for completion and budget

Adherence to those targets is the focus of this service level

On time, within budget

+/- 10%

Premium Professional Service Levels



Targets established for each project for completion and budget

Adherence to those targets is the focus of this service level

On time, within budget

+/- 10%

Special Projects Services Pricing

E-mail Consolidation Services Pricing

The following table describes the Collaboration Services and the pricing for customary and premium Collaboration Services. Pricing for premium services will be on a case-by-case basis, based on business unit needs.

Page 35 of 61 4/10/2023

document.doc

Customary Email Consolidation Service Pricing


E-Mail - Including Base Storage Access to enterprise e-mail, the ability to send and receive Internet e-mail, and filtering of Internet e-mails using virus scanning, anti-spam scanning, and content filtering

Also includes any regulatory required retention of e-mails

Includes up to 100MB of mailbox storage

Per Mailbox

Additional E-Mail Storage Additional mailbox storage above 100MB Per GB

Document and Records Management Services Pricing

The following table describes the Document and Records Management Services and the pricing for customary and premium services. Pricing for premium services will be on a case-by-case basis, based on business unit needs.

Customary Storage and Data Management Service Pricing


Monthly GB Online Storage Per GB of online storage

Typically represents 20% to 25% of mainframe charges; only includes “customer” usage (excludes system storage)

Training, Technical and Consulting Services Pricing

The following table describes the Professional Services commonly used to support Training, Technical and Consulting special projects and the pricing for customary and premium services. Pricing for services will be on a case-by-case basis, based on business unit needs. Hourly rates for project roles are presented below.

Professional Services Labor Rates

Description Hourly Rate

Technical Writer Hourly

Network Technician Hourly

Page 36 of 61 4/10/2023

document.doc

Professional Services Labor Rates


Project Manager Hourly

Senior Architect Hourly

Senior Programmer Hourly

Page 37 of 61 4/10/2023

document.doc

Application ServicesApplication development activities result in the delivery of web-based and desktop software and services. Within NOAA, Application Services will provide application development and like services; including design, custom development, deployment, testing, enhancement, maintenance, and/or customization of commercial off the shelf (COTS) or packaged applications. Application Services will also cover the management of the hardware and software toolsets that are used in creating software.

Application Services comprises of:

Application and Web Development: Includes activities associated with designing, developing, deploying, enhancing and managing (on a per project basis) software assets; including custom developed and COTS software.

Application and Web Maintenance: Includes activities associated with maintaining desktop and web-based applications; including monitoring, tuning, fixing and decommissioning of applications and application servers. Also covered are the management activities needed to ensure optimal delivery of desktop and web-based applications; including configuration management, capacity planning, database management, release management, performance management, and problem management.

Web Design and Content Management: Includes the activities associated with authoring, designing, HTML encoding and delivering content to the web server; including content repository management.

Application Services does not comprise of the following:

Application software licensing and maintenance of software installed during the project

Hardware purchases (lease or depreciation), and any recurring maintenance

Special supplies and travel costs (if required)

Page 38 of 61 4/10/2023

document.doc

Application Service LevelsThe following chart depicts the level of service provided for Application Services. These service level targets are the basis for negotiated service level agreements (SLAs) with the business units. Selection of level of service – customary or premium – is based on business unit needs.

Customary Application Service Levels


Application Quality

Utilized by the service recipient to measure service provider correctness of applications - when installed with a desired result of reducing time to market, reducing error and re-work and improving end-user customer satisfaction

Average across all applications

Availability - ApplicationsThe percent of time that the application is available for normal business operations

99.00% 99.00%

Function Point Defect Density in Development

The number of defects per 1,000 function points that are acceptable while in development (first 90 days of production)

10.5 per 1,000 10.5 per 1,000

Function Point Defect Density in Support

The number of defects per 1,000 function points that are acceptable while in support mode, development is a subset of support

15.7 per 1,000 15.7 per 1,000

Productivity ImprovementExpected productivity improvement from one year to next based on function points (decrease in rate of defects)

20% 20%

Small Maintenance Projects – Level 1

Time taken to perform minor maintenance on mission critical applications

15 days 95%

Small Maintenance Projects – Level 2 (all other)

Time taken to perform minor maintenance on mission non-critical applications

30 days 95%



Page 39 of 61 4/10/2023

document.doc

Customary Application Service Levels




80.00%

Premium Application Service Levels






95.00%

Application Services PricingHourly rates for application development, enhancement, and maintenance roles are listed below. These rates are used to determine the Application Services fees.

Application Development/Enhancement Labor Rates


Programmer Hourly

Senior Programmer Hourly

Project Manager Hourly

Senior Business Analyst Hourly

Database Administrator Hourly

The following table describes the Application Services and the pricing for customary and premium Application Services. Pricing for premium services will be on a case-by-case basis, based on business unit needs.

Page 40 of 61 4/10/2023

document.doc

Customary Application Services Pricing


Application Development Development of new applications Fixed fee or FTE based charge

Cost depends on the resource assigned to the application, adjusted periodically

Application Enhancement Enhancement of existing applications Fixed fee or FTE based charge


Application Maintenance Maintenance and ongoing support of existing applications

Fixed fee or FTE based charge


Premium Application Services Pricing

Service Component Description Monthly Price Comment

------------- Case by case – based on business unit needs

-------------

Page 41 of 61 4/10/2023

document.doc

Security ServicesSecurity service requirements include providing support for Security Planning and Information Assurance. It includes support for development, administration and ongoing execution of a security program for all NOAA facilities and systems. Specific areas for support include physical security, security firewall, security intrusion detection and security penetration.

Effective IT security stands on security policies and architecture, security infrastructure, and security administration:

Security Administration: Effective execution and implementation of security planning and policy development enables satisfactory returns on enterprise investment in security activities. Sound security administration focuses on operational technologies and best practices that maintain secure access to applications and resources, and on ensuring the integrity of system definitions and configurations.

Security Risk, Organization, Policies and Architecture: Effective IT security risk management identifies exposures and potential costs so that security policies — and an overall security architecture — can be developed to minimize these exposures and costs. Security policies should also enable an enterprise to take the greatest amount of risk necessary to support business requirements. Effective security risk management is not fully enabled until security policies and architectures are implemented and supported by effective security governance model. Enterprises must determine the aspects of security to be centralized, the implementation of regional or departmental aspects of security, the methods to obtain funding, and the ways IS organizations and business units will be accountable for security.

Security Infrastructure: Security infrastructure is made up of the tools, technologies and tactics that are deployed to protect the network perimeter and internal resources. Traditional security infrastructure focuses on hardening the perimeter, but internal resources are now increasingly exposed to external access by outward-facing applications require a hardened interior and a layered approach to security.

Page 42 of 61 4/10/2023

document.doc

Security Service LevelsThe following chart depicts the level of service provided for Security Services. These service-level targets are the basis for negotiated service-level agreements (SLAs) with the business units.

Table 9. Customary Security Service Levels

Customary Security Service Levels


Installation of virus signature / definition / policy files on servers

Time from software supplier’s release until final installation on servers

144 hours real time 99%

Critical security updates and patches of servers



Non-critical security updates and patches of servers

Time taken to inform Application Owner after release by software supplier

4 business days 99%

Non-critical updates and patches of servers

Time from Application Owner’s order until published

10 business days 99%

Critical changes of settings in the virus protection and firewall environment

Time from order until complete 16 hours real time 99%

Non-critical changes of settings in the virus protection and firewall environment

Time from order until completed 10 business days 99%

Preparing and presenting reports

Time from order until completed 4 business days 99%

Correct detected deviations from the security standards.

Time to deliver correction of known errors 10 business days 99%

Correct detected deviations from the

Time to deliver plan for corrective action for new errors

10 business days 99%

Page 43 of 61 4/10/2023

document.doc

Customary Security Service Levels


security standards.

Report critical security defects and short comings

Elapsed time 8 hours real time from identification 99%

Table 10. Premium Security Service Levels

Premium Security Service Levels


Installation of virus signature / definition / policy files on servers



Critical security updates and patches of servers



Non-critical security updates and patches of servers

Time taken to inform Application Owner after release by software supplier

2 business days 90%

Non-critical updates and patches of servers

Time from Application Owner’s order until published

5 business days 90%

Critical changes of settings in the virus protection and firewall environment

Time from order until complete8 hours real time 90%

Non-critical changes of settings in the virus protection and firewall environment

Time from order until completed5 business days 90%

Preparing and presenting reports

Time from order until completed2 business days 90%


Time to deliver correction of known errors 5 business days 90%

Page 44 of 61 4/10/2023

document.doc

Premium Security Service Levels



Time to deliver plan for corrective action for new errors

5 business days 90%

Report critical security defects and short comings

Elapsed time 1 hours real time from identification 95%

Page 45 of 61 4/10/2023

document.doc

Security Services PricingThe following table describes Security Services commonly used to support Training, Pricing for services will be on a case-by-case basis, based on business unit needs. Hourly rates for Security Services are presented below.

Table 11. Security Pricing

Security Services Labor Rates


Provisioning qualified, appropriately skilled staff with applicable certifications, clearances, and background checks

Hourly

CISSP Hourly

CISM Hourly

Page 46 of 61 4/10/2023

document.doc

Architecture ServicesArchitecture Services includes the capability to offer technology architecture services and support for the National Oceanic and Atmospheric Administration (NOAA) e-Gov initiatives. NOAA is constantly seeking to introduce new technology solutions and processes to enable users to meet their objectives and improve their efficiency. The NOAA Office of the Chief Information Officer (OCIO) and the Line Office CIOs play a critical role in introducing technologies into the NOAA environment.

Enterprise architecture work and services originating from the architecture are guided by a framework of different viewpoints on the enterprise. Heavily influenced and guided by the input of the business context, holistic enterprise architecture can be described with a minimum of three viewpoints:

Business Architecture Viewpoint

Business functions

Processes

Organization

Information Architecture Viewpoint

Information structure

Assets

Flow

Technology Architecture Viewpoint

Standards for software, hardware, middleware and infrastructure

Application code

Within the above framework, services are found in any area. For business architecture, this would be shared business processes or services that serve other business areas from an enterprise (corporate) perspective. Information services define the information that is shared. Technical services define the technology that is shared.

Page 47 of 614/10/2023

document.doc

Enterprise Architecture Maturity Assessment (AMA)The following chart identifies Federal Government and Gartner Enterprise Architecture assessment frameworks. These EA assessment frameworks support attainment of Federal Government mandates and policies and describe various approaches to rating the maturity of an Enterprise Architecture.

Table 12. Various EA Architectures

GAO Enterprise Architecture Management Framework (EAMMF) v1.1

OMB EA Assessment v2.1 Gartner AMA

Definition Assess and improve the maturity of EA processes

Assess the capability of EA programs to guide and inform IT investments’ support of the agency strategic objectives

Provides an organizations’ position against an idea envisioned by Gartner Research and also compares the organization to existing EA programs (best practice benchmarking)

Fundamentals Hierarchical stages of management maturity – five (5) levels

4 categories of attributes critical to success: Demonstrate organizational

commitment Provision capability to meet

commitment Demonstrate attainment of commitment Verify satisfaction of commitment

31 core elements

Three (3) Capability AreasCompletionUseResults

17 Assessment Criteria

8 Dimensions:

Architecture Scope and Maturity

Stakeholder Involvement and Support

Architecture Development Business Context Architecture Content Future State Realization Architecture Team Resources Architecture Impact

Scoring Discrete, all elements in one level must be met to earn that level

Discrete for each assessment criterion, then average across

Scores for each dimension are an average across criteria, total score an average of dimension scores

Rating Category 5 Stages of Maturity 0 - 5 1 - 5

Where Used Federal Federal Worldwide (Commercial and Public Sector)

Page 48 of 61 4/10/2023

document.doc

Enterprise Architecture – Quality Measurement Measurement enables enterprise architecture teams to collect multiple measures that enable quality assessments of an EA program against multiple dimensions defined by the assessment area and measurement categories.

Table 13. EA Measurements

Basic Financial Measures

Productivity/Efficiency Quality/Effectiveness Delivery Process

Reuse of Hardware Components

Hardware costs per project — trend over time

Percentage of capacity used or volume of unused capacity

Percentage of projects compliant with enterprise technical and solution architecture (ETA/ESA) and number of platform types

Number of projects to raise EA exemption

Percentage reduction in number of support/infrastructure products

Improvement in downtime/availability measures

Reduction in total number of standard technologies/products

Reduction in rate of urgent infrastructure projects

Reuse of Software Components

Percentage reduction in number of applications

Number of new products licensed vs. existing licenses leveraged

Number of solutions reused without change

Percentage of application functionality assessed and documented

Consistency of interfaces — amount of downtime due to interface faults

Number of patterns reused and/or number of products reused

Reduction in design time achieved by leveraging existing solutions

Reduction in number of manual interfaces

Total investment in new applications (bought or built) over time

Reuse and repeat of common designs that speed decision making in projects, resulting in less time to complete design

Reduced Time to Delivery

Time taken to complete a project solution from inception to delivery — average time taken and total time spent

Number or percentage of projects reviewed and at what level

Percentage of projects compliant

Number of architects per project and vice versa

Page 49 of 61 4/10/2023

document.doc



Time taken to complete specific phases of the software delivery life cycle

Project completion times and performance improvement (less last-minute work due to poor planning)

Reduction in rate of urgent infrastructure projects

More-Efficient Program

Management

Percentage of projects identified through EA process compared to ad hoc identification

Percentage of projects reviewed

Percentage of successful projects in which EA team participated

Reduction in the number ad hoc project requests

Amount of architect time per project

Number of rejections per project reviewed

Percentage of successful projects

Reduced Support Costs

Number of applications and platforms reduced over time

Amount of data reuse Number of configured items

Number of retirement and containment targets reduced over time

Number of calls to help desk

Amount of customization — fit to build, customize, configure, install and reuse

Savings by configuration area, year and application

Number of changes to applications over time

Total cost of AD staff and tools to modify those applications over time

Percentage of interfaces accessed by more than one application

Lower Acquisition Costs

Percentage reuse of existing assets

Percentage of common product sets defined and reduction in purchase contract costs

Reduction in number of special purchases required

Number of changes/revisions during implementation

Number of volume discounts negotiated and purchased

Total enterprise IT cost because of reduced redundancy, complexity and portfolio size

Technical Adaptability

Percentage reduction in the number of compliance waivers issued

Number of infrastructure change management requests

Number of single authoritative data sources for key information assets

Number of patterns, domains and services defined and amount of

Page 50 of 61 4/10/2023

document.doc



reuse

Number of outages per domain

Tighter Alignment to Business

Strategy

Percentage of IT initiatives aligned, as identified through EA process

Number of projects funded and implemented, as identified by EA process

Number of business plans with IT initiatives included

Number of IT trends planned for in the future-state architecture

Number of cases where new technology was not adopted; some where it was

Number of new business plans with EA involvement

Percent of "business-aligned" projects

Number of environmental/ industry trends articulated in future-state architecture

Business Agility

Percentage increase in market share

Decrease in time to market for new products

Number of business projects defined by EA process

Number of new processes identified and improved

Number of business processes documented and optimized

Improvement in "anytime, anywhere, any way" access to information

Improvement in frontier analysis and response to environmental change

Knowledge Development

Improvement (over time) in the time for report products and accuracy of information

Reduction in the number of authoritative sources for critical information assets

Percentage of time EA group and business are engaged

Increase in EA's role in strategic and business planning process

More-Sophisticated Asset Management

Reduction in number of assets requiring maintenance

Number of assets retired and/or improved per year

Number of times assets are assessed for value per year

Number of asset status reviews annually

Reduced Risk

Number of unauthorized access and changes to information and applications

Usage of EA Web site by business

Amount of time EA group spends supporting critical business planning activity and decision making

Number of new solutions aligned with EA future state

Reduction in number of risk management issues recorded in projects

Number of devices and channels for user access

Number of projects that comply with risk management guidelines

Tighter Strategic Alignment With

Reduction in number of vendors

Engagement with outsourcer — time spent

Number of externally extended business

Anecdotal documentation that the EA process

Page 51 of 61 4/10/2023

document.doc



Partners

by EA team processes that are documented and optimized

improved business-to-business innovation

Number of volume discounts negotiated and purchased

Business Context

Time from strategy announcement until a prioritized project pipeline is presented to review and funding bodies

Time from identification of trend to implementation

Number of identified emerging technologies implemented

Number of times environment, industry and IT trend information is delivered per year

Time from identification of enterprise business strategy (EBS) to implementation

Number of EBSs implemented

Future-State Architecture

Percentage of EA compliance waivers due to future-state architecture not meeting business needs

Number of projects that leverage EA repository for future-state designs

Number of projects that use and are compliant with EA principles

Satisfaction survey results — extent to which projects have been able to leverage EA information

Number of business lines that consult EA team

Number of new projects that trigger a change in the EA

Overall project success in achieving business requirements

Refresh of cycle times for each domain

Current-State Architecture

Number of diverse technologies and products supported

Number of deliverables produced

Age distribution of applications

IT customer satisfaction survey results

Reduction in number of IT assets within the portfolio over time

Amount of downtime (outage) during "go live" phases of projects

Number of IT assets and business areas that have their architecture well-documented

Extent to which EA information on IT assets and business process is easily available

Gap Analysis — Migration Plan

Percentage of change initiatives identified that are funded

Alignment of IT initiatives with business strategy

Number of EA artifacts used in budget and program planning activity

Number of initiatives identified that have been funded and initiated

Page 52 of 61 4/10/2023

document.doc



cycles

Number of projects sponsored by business

Number of projects where EA assistance was requested/provided

Governance and Management

Number of projects that complete self-certification in all stages

Number of full-time equivalents (FTE) and project IT spending, as a measure of influence

Extent to which a governance process is clearly defined and the percentage of projects that follow it

Number of projects progressed with EA review required

Number of projects that pass EA compliance

Level of input to other organizational planning processes

General EA Success

Number of times EA teams are consulted for advice and guidance

Number of EA artifacts produced and circulated yearly

Number of EA Web site visitors

Number of attendees at EA-initiated meetings over time

Number of domains (business, information, technical and solution) that have future states defined

Number of artifacts replaced/refreshed yearly

Number of business and IT capabilities delivered against those defined through the EA process

Surveyed number of employees who know what the EA team does

Page 53 of 61 4/10/2023

document.doc

Project Management ServicesProject Management Services include providing expertise in project management to ensure that projects fulfill their given set of requirements and achieve their overall objectives. The service consists of the following:

On-Site Project Management:

Providing individuals with experience and expertise in various areas of project management to include on-site project and program management support for various projects within NOAA.

Support various NOAA project managers and assist these managers with the day-to-day execution of the project.

Advise managers and incorporate any of the standards and processes communicated from the NOAA PMO in addition to injecting continuous process improvements and financial planning to utilize industry best practices.

Development and Implementation of a Project Management Office

Provide support and expertise to develop, implement and staff an enterprise-level Program Management Office (PMO).

Utilize a Program Management Plan (PMP) to describe a turn-key PMO solution in addition to processes and quality assurance steps to ensure that the PMO seamlessly integrates with the NOAA PMO and other critical NOAA IT environmental touch points.

Develop solutions for integrating the PMO reporting and monitoring tools with the NOAA financial system. This support shall include the development of a concept of operations, roles and responsibility matrix, organizational structure and status reporting.

Establish and implement standard policies and procedures based on industry best practices for use by various IT projects and programs within NOAA. Examples include Project Management Institute’s Project Management Body of Knowledge (PMBOK), Control Objectives for Information and related Technology (COBIT), Information Technology Infrastructure Library (ITIL), and Capability Maturity Model Integration (CMMI).

Support various enterprise-level program management tasks including the creation of executive dashboards and reporting on projects to governance bodies and senior staff.

Provide services to project managers in the area of mentoring/coaching and the issuance of standards and guidelines, to include support for the COTR that will include, but not be limited to trade-off analysis and other general administrative functions.

Promote the success of projects by enhancing the maturity of project management throughout the project life cycle.

The following functions will be performed by the PMO:

Page 54 of 614/10/2023

document.doc

Project Value Measurement: Provide expertise in the development of evaluation criteria to determine the value of a proposed project. This information will be used in the ongoing evaluation of a project to determine its success and contribution to the organization.

Project Portfolio Management: Provide capabilities and expertise to perform project portfolio management at an enterprise level. This will require being able to periodically capture information on projects and report on the status of projects based on varying criteria such as size, type, risk and performance.

Methodology Development: Provide the necessary capabilities and expertise to develop mature standardized project management practices across all IT services within NOAA. These practices should be repeatable and based on industry best practices (e.g., LEAN, Six Sigma, International Standards Organization (ISO), PMBOK, ITIL, COBIT, CMMI, etc.). These practices must also align with Federal, Department and Agency requirements.

Quality and Performance Assessments: Provide methodologies and capabilities to track and evaluate the performance of projects from initiation to completion. This may include the tracking and reporting of financial management metrics such as Earned Value Management (EVM) as well as solution quality indicators such as customer satisfaction and achievement of all defined requirements.

Risk Management: Provide support for all areas of risk management including identification, evaluation, tracking, management and resolution. Also, support the development of effective mitigation strategies to reduce areas of high risk. It is expected that this risk management will be needed at both a project level and a more aggregate enterprise level.

Resource Management: Support at an enterprise level the development of a resource management plan and its execution to ensure projects are appropriately staffed, and to ensure that expertise is sufficiently positioned to support current and future requirements.

Page 55 of 614/10/2023

document.doc

Project Management Service LevelsThe following chart depicts the level of service provided for Project Management Services. These service-level targets are the basis for negotiated SLAs with the business units.

Table 14. Customary Project Management Service Levels

Customary Project Management Service Levels



Targets established for each project for completion and budget; adherence to those targets is the focus of this service level

Maintain controls on: Earned Value Cost Variance Schedule Variance Cost Performance Index Schedule Performance Index Estimate at Completion Estimate to Complete Variance at Completion

+/- 2-10%

Table 15. Customary Large-Scale Program Management Office Service Levels

Customary Large-Scale Program Management Office Service Levels

Measure Threshold Action State

Net Present Value (NPV)

<2% variance No action required Green

2% - 5% variance Independent audit/assessment to identify root causes of variance; review results in 8 weeks

Yellow

5% - X% variance Re-evaluate business case to ensure still valid; take immediate action on root causes of variance; review results in 4 weeks

Red

>X% variance Discontinue project; no longer achieving the returns needed to justify the investment

Stop

4/10/2023

document.doc

Project Management Services PricingThe following table describes the Project Management Services and the pricing for customary and premium services. Pricing for premium services will be on a case-by-case basis, based on business unit needs.

Customary Project Management Service Pricing


Apprentice Project Manager $XXX.XX

Journeyman Project Manager $XXX.XX

Master Project Manager $XXX.XX

Development and Implementation of a Project Management Office Case by Case Basis

4/10/2023

document.doc

4/10/2023