BUSINESS MANAGEMENT MODERNIZATION PROGRAM (BMMP)
Upcoming SlideShare
Loading in...5
×
 

BUSINESS MANAGEMENT MODERNIZATION PROGRAM (BMMP)

on

  • 1,352 views

 

Statistics

Views

Total Views
1,352
Views on SlideShare
1,352
Embed Views
0

Actions

Likes
0
Downloads
10
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Microsoft Word

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

BUSINESS MANAGEMENT MODERNIZATION PROGRAM (BMMP) BUSINESS MANAGEMENT MODERNIZATION PROGRAM (BMMP) Document Transcript

  • DRAFT BUSINESS MANAGEMENT MODERNIZATION PROGRAM SYSTEM COMPLIANCE CERTIFICATION PROCESS FOR DOMAINS AND PROGRAM MANAGERS May 18, 2004
  • BMMP System Compliance Certification Process Table of Contents Purpose...............................................................................................................................1 1.0 References......................................................................................................................1 2.0 Applicability and Scope.................................................................................................1 3.0 Definitions.....................................................................................................................2 3.1 Architecture Criteria...............................................................................................2 3.2 Acquisition Program ..............................................................................................2 3.3 Benefit to Cost Ratio (BCR)...................................................................................2 3.4 Breakeven Point......................................................................................................3 3.5 Business Case .........................................................................................................3 3.6 Business System......................................................................................................3 3.7 Comptroller Certification .......................................................................................3 3.8 Certification Decision Package...............................................................................3 3.9 Compliance ............................................................................................................3 3.10 Domains................................................................................................................3 3.10.1 Lead Domain.....................................................................................................3 3.10.2 Partner Domain.................................................................................................4 3.10.3 Domain Owner..................................................................................................4 3.11 Investment Program..............................................................................................4 3.12 Net Present Value (NPV)......................................................................................4 3.13 Planned obligation................................................................................................4 3.14 Program Manager/Sponsor...................................................................................4 4.0 System Complaince certification Process......................................................................4 4.1 Certification Review Process..................................................................................5 4.1.1 Assess..................................................................................................................5 4.1.1.1 Certification Trigger....................................................................................5 4.1.1.2 Initiate Action to Certify..............................................................................5 4.1.1.3 Contact Lead Domain..................................................................................6 4.1.1.4 Certification Required?................................................................................6 4.1.1.5 End Certification Process ............................................................................7 4.1.1.6 Identify Criteria/Procedures ........................................................................7 i
  • BMMP System Compliance Certification Process 4.1.1.7 Perform Self-Assessment.............................................................................8 4.1.1.8 Submit Self-Assessment for Evaluation......................................................8 4.1.2 Evaluate ..............................................................................................................8 4.1.2.1 Review Submission for Completeness.........................................................9 4.1.2.2 Evaluate Architecture Self-Assessment.......................................................9 4.1.2.3 BEA/TP Compliant .....................................................................................9 4.1.2.4 Propose Resolution Strategy........................................................................9 4.1.3 Decision............................................................................................................10 4.1.3.1 Recommend Certification..........................................................................10 4.1.3.2 End Certification Process...........................................................................10 4.1.3.3 Prepare Certification Recommendation Package.......................................11 4.1.3.4 Review Certification Recommendation Package.......................................11 4.1.3.5 Complete Package....................................................................................11 4.1.3.6 Provide Certification Recommendation.....................................................11 4.1.3.7 Approved for Certification ........................................................................12 4.1.3.8 End Certification Process ..........................................................................12 4.1.3.9 Sign Out Certification Memo ...................................................................12 4.2 Comliance Certification Documentation by Life CycLe Phase............................13 4.2.1 Evaluation objectives by Phase.........................................................................13 4.2.1.1 Milestone A (or equivalent) ......................................................................13 4.2.1.2 Milestone B (or equivalent).......................................................................13 4.2.1.3 Milestone C or Full Rate Production (or equivalent).................................13 4.2.2 Certification Requirements by Life Cycle Phase..............................................14 4.2.2.1 Pre-Milestone A Certification ...................................................................14 4.2.2.2 Milestone A Certification .........................................................................14 4.2.2.3 Milestone A Certification Package............................................................14 a) Domain Compliance Certification Request Memorandum (Appendix B)....15 b) Comptroller Briefing Charts (Appendix C) ..................................................15 c) Program/Initiative Compliance Certification Workbook (Appendix D).......15 4.2.2.4 Milestone B Certification ..........................................................................15 4.2.2.5 Milestone C or Full Rate Production (FRP) Certification ........................15 4.2.2.6 Program/initiatives in Sustainment............................................................16 5.0 Roles and Responsibilities...........................................................................................16 ii
  • BMMP System Compliance Certification Process 5.1 Program Manager .................................................................................................16 5.2 Lead Domain.........................................................................................................16 5.3 Partner Domain(s).................................................................................................16 5.4 Business Modernization and Systems Integration (BMSI) Office ......................17 5.5 Under Secretary of Defense (Comptroller)...........................................................17 5.6 Component Acquisition Executive (CAE): ........................................................17 5.7 Milestone Decision Authority (MDA). ................................................................17 5.8 Integrated Product Team (IPT). ..........................................................................17 Appendix A: Acronyms......................................................................................................1 Appendix B: Domain Compliance Certification Request Memorandum...........................1 Appendix D: Program/Initiative Compliance Certification Workbook..............................1 iii
  • BMMP System Compliance Certification Process PURPOSE The Secretary of Defense established the Business Management Modernization Program (BMMP) to effect significant improvements in the Department of Defense (DoD) business operations and systems. Toward that end, the BMMP is developing and implementing an enterprise architecture that will prescribe how the Department’s business systems and processes will interact. The BMMP is comprised of the Business Modernization and Systems Integration (BMSI) office, the Business Domains, and the Enterprise Information Environment (EIE) Mission Area. As part of this effort the BMSI was tasked to establish a governance process to control business modernization investments. The BMMP system compliance certification process is implemented in context of, and is consistent with DoDI 5000.2 in order to meet the public law requirements established in references (a) – (c), and improve collaboration among the Business Domain Owners and sponsors of modernization programs and initiatives. This document provides program managers and sponsors the guidance needed to obtain the Under Secretary of Defense (Comptroller) (USD(Comptroller)) certification. 1.0 REFERENCES (a) Defense Appropriations Act of 2004, Public Law 108-87, Section 8084(b)(1) (b) Defense Authorization Act of 2004, Public Law 108-132 (c) Defense Authorization Act of 2003, Public Law 107-314, Section 1004(d) (d) Public Law 104-106, Clinger-Cohen Act of 1996, February 10, 1996. (e) DoD Instruction 5000.2, Operation of the Defense Acquisition System, May 12, 2003 (f) DoD Policy Memorandum, Information Technology Portfolio Management, March 22, 2004. DoD Policy Memorandum, Business Management Modernization Program – System Investment Approval, April xx, 2004 2.0 APPLICABILITY AND SCOPE Congress mandated stricter oversight of the DoD financial management system investments. By law (references a-c) the USD(Comptroller) approval is required before obligation of funds for system improvements or milestone approvals of financial management automated information systems or mixed information systems supporting financial and non-financial functions. 1
  • BMMP System Compliance Certification Process A key element for BMMP to successfully transform business processes is aggressive management of the business system investments. Since the scope of the BMMP includes many non-financial business systems, the Deputy Secretary of Defense directed all non- financial business systems shall satisfy the same requirements as those imposed by law on financial and mixed systems. Non-financial business systems include those systems supporting the Business Domains operations (Accounting and Finance, Acquisition, Human Resources Management, Installations and Environment, Logistics, and Strategic Planning and Budgeting). Each Business Domain Owner will determine if a non- financial system is business-related as part of its portfolio management responsibility. Accordingly, the following categories of systems and system initiatives are covered by this guidance: a) All new business system initiatives with projected pre-Milestone A (or equivalent) costs greater than $1,000,000. b) All business systems in development, with program costs greater than $1,000,000 and requiring a Milestone A, Milestone B, Milestone C, Full Rate Production, or fielding decision, or requesting a change to approved functional or technical baselines. The costs greater than $1,000,000 are the total system investment through Full Rate Production; this includes all fiscal years and all appropriations. c) All business systems in sustainment with obligations greater than $1,000,000 for upgrades or enhancements. The $1,000,000 threshold is the total annual investment needed to fund improvements to a system currently in production; this includes all appropriations. System improvements do not include the routine maintenance and operation of a system. 3.0 DEFINITIONS 3.1 ARCHITECTURE CRITERIA The set of checks and examinations used to assess consistency with the Business Enterprise Architecture (BEA) and Transition Plan. 3.2 ACQUISITION PROGRAM A directed, funded effort that provides a new, improved, or continuing materiel, weapon or information system or service capability in response to an approved need. (DODD 5000.1) 3.3 BENEFIT TO COST RATIO (BCR) The BCR is a measurement of the benefits in relation to the costs. The BCR is calculated by dividing the discounted benefits by the discounted costs to develop the system. Except under exceptional circumstances, a BCR greater than 1.0 is required for the USD (Comptroller) certification. 2
  • BMMP System Compliance Certification Process 3.4 BREAKEVEN POINT The Breakeven Point is the number of years required to recover the system investment. The Breakeven Point is calculated by subtracting the first year’s discounted savings from the cumulative discounted costs through that year. The residual costs are added to the second’s years discounted costs from which the second year’s discounted savings are subtracted. The number of years it takes to recover all cumulative costs is the Breakeven Point. 3.5 BUSINESS CASE Documentation that provides economic justification for a planned obligation, e.g. Business Case Analysis (BCA), Economic Analysis (EA), IT300 budget exhibit. 3.6 BUSINESS SYSTEM A budgetary, strategic planning, accounting, finance, financial management, logistics, acquisition, human resource, real property/personal property, mixed information system supporting financial and non-financial functions, or any information system that accepts or creates a transaction that results in a financial event or maintains the source data for a financial event for the Department of Defense. 3.7 COMPTROLLER CERTIFICATION A signed decision memorandum from the USD(Comptroller) that a planned obligation has a sound business case and is either compliant with the Business Enterprise Architecture (BEA) and Transition plan, or has an approved strategy for resolving compliance issues. 3.8 CERTIFICATION DECISION PACKAGE A decision memo and briefing charts recommending certification supported by a documented business case, compliance evaluation results, strategy for resolving compliance issues (if necessary), and proof of Federal Financial Management Integrity Act (FFMIA) certification. 3.9 COMPLIANCE Functional alignment to the BEA and the Transition Plan (TP) based on an evaluation using established architecture criteria and consistency with the BMMP objectives. 3.10 DOMAINS The Business Areas of the Department are divided into six Business Domains: Accounting and Finance, Acquisition, Human Resource Management, Logistics, Strategic Planning and Budgeting, and Installations and Environment. The Enterprise Information Environment (EIE) Mission Area is sometimes considered a seventh domain. 3.10.1 Lead Domain Business Domain to which a business system is assigned for management oversight based on its primary function. 3
  • BMMP System Compliance Certification Process 3.10.2 Partner Domain Business Domain(s) not identified as lead domain but with stakeholder interest in the functionality of a given business system. 3.10.3 Domain Owner The individual responsible for leading the Business Domain’s transformation activities. 3.11 INVESTMENT PROGRAM The investment program includes all funds Research Development Test and Evaluation (RDT&E), Procurement, Operation and Maintenance, Working Capital Fund (WCF), etc. used for the acquisition, enhancement, or improvement of a business system. 3.12 NET PRESENT VALUE (NPV) The NPV is the net benefit of the system in terms of discounted dollars. The NPV is calculated by subtracting the discounted costs from the discounted benefits. A positive net present value is required for the USD (Comptroller) certification. 3.13 PLANNED OBLIGATION A proposed release of funds to initiate, improve or sustain a business system or process. 3.14 PROGRAM MANAGER/SPONSOR The designated program manager for an acquisition program or the proponent for a business program/initiative. 4.0 SYSTEM COMPLAINCE CERTIFICATION PROCESS The BMMP system compliance certification process increases visibility of the Department’s investments in business systems modernization and satisfies statutory requirements associated with milestone approvals and system improvements of $1,000,000 or more in a fiscal year. The certification process ensures that proposed business systems improvements are justified based on architecture compliance, the business case, and other program factors. Specifically, the process provides a multi-level review process to assess whether a proposed improvement is compliant with the BMMP objectives and to develop strategies for resolving issues of non-compliance as prerequisites for USD (Comptroller) certification. The process tailors the scope of the assessment criteria and documentation requirements based on where an initiative/program is in its life cycle. Figure 1 depicts a high level view of the compliance certification process, which consists of three stages: assess, evaluate and decide. The process facilitates collaboration among lead and supporting organizations in each stage. The process flow is the same regardless of size the type of program/initiative (i.e., Major Automated Information System (MAIS) program, Non-MAIS program, or planned improvement to business system in sustainment) or life cycle phase except as noted in Section 5.1, Certification Review Process. Certification assessment criteria and documentation requirements may vary as described in Section 5.2, Compliance Certification Documentation by Life Cycle Phase. 4
  • BMMP System Compliance Certification Process Lead Entity Project/Component Domain OUSD (Comptroller) Compliance Requirement Assess Evaluate Decide Certification Support Entity Component Project/Component Domain OUSD (Comptroller) (BMSI) Figure 1 BMMP Compliance Certification Process 4.1 CERTIFICATION REVIEW PROCESS 4.1.1 Assess The assessment stage, shown in Figure 2, includes the steps to initiate the certification through the evaluation of the BMMP objectives, as described in the following sections. 4.1.1.1 Certification Trigger Once a system milestone or improvement, as identified in Section 3.0 is required, the program manager should initiate actions to certify. Recommend advance planning of the expected milestone decision review or required commitment date for obligating funds. For planning purposes, allocate 90 days to complete the compliance certification process beginning with initiate action to certify as described below. 4.1.1.2 Initiate Action to Certify The program manager, in coordination with the Component Acquisition Executive (CAE) or equivalent, evaluates the program, obtains Component sponsorship, and determines BMMP compliance certification is required. The BMMP Home Page, http://www.dod.mil/comptroller/bmmp/pages/index.html, provides general system compliance guidance and Business Domain point of contact(s). 5
  • BMMP System Compliance Certification Process 4.1.1.3 Contact Lead Domain The program manager shall notify the Lead Business Domain that BMMP compliance certification is required. This notification shall be made via signed memorandum and shall include the information identified in Table 1. Program Managers should info BMSI and partner domain(s) on the notification correspondence. Domain Owner point(s) of contact(s) (POCs) are posted on the BMMP portal website, https://207.133.244.10/cgi-bin/bv70portal.dll/portal/ep/ home.do. The program manager should contact BMSI if the Lead Domain cannot be determined based on the posted guidance. In that situation, BMSI will work with the Business Domains to determine the lead and partner domain(s) and will inform the program manager. Thereafter, the program manager will coordinate certification activities with the Lead Business Domain. Note that at any time during program execution, the Lead and/or Partner Domains may require interim certification actions. Requests for such certification actions fall outside of the scope of this process and will be managed under the purview of the requesting Domain. End 5.1.1.5 Certification Process A No Yes Perform Initiate Identify Certification Contact Lead Certification Architecture Action to Criteria/ Trigger Domain required? Self- Certify Procedures Assessment 5.1.1.1 5.1.1.2 5.1.1.3 5.1.1.6 5.1.1.7 5.1.1.4 A Submit Self- Evaluate No Review Propose Assessment Architecture BEA/TP for Submission for Self- Compliant Resolution A Completeness Strategy Evaluation Assessment 5.1.1.8 5.12.1 5.1.2.2 Yes 5.1.2.3 5.1.2.4 Figure 2: BMMP Compliance Certification Process: Assessment and Evaluation Stages 4.1.1.4 Certification Required? The Lead Domain, in coordination with Partner Domain(s), will review the certification request, verify the requirement to certify based on thresholds and criteria identified in Section 3.0, Applicability and Scope, and determine advocacy of the program/initiative to proceed with the compliance certification process. 6
  • BMMP System Compliance Certification Process Item Description Program Title Formal Title for the Program/Initiative. Program Acronym Program acronym. Program Description A brief overview of the scope of the efforts associated with the program. Component Sponsor Sponsoring Component (i.e., Army, Navy, Air Force, DLA, DFAS, etc.) Program POC The individual within the program office responsible for data collection, documentation and representation of the program at certification reviews. Milestone Decision Identify the Milestone Decision Authority responsible for the program/initiative Authority and confirm they are in concurrence with the proposed certification request. Required Date The date the program/initiative requires certification. Date will be established through negotiation between the Lead Domain and the Program POC. Under no circumstances will the required date be less than 45 days from the request date. Acquisition Type MDAP, MAIS ACAT I, II, or III, or Non-MAIS DOD IT Registry ID Information Technology Registry identifier number (if known) Certification Event The current certification event (e.g., Milestone A, Milestone B, etc, or request for authority to operate). Lead Domain Identification of Lead Domain Partner Domains Identification of Partner Domain(s) with a stakeholder interest in the functionality of the program/initiative. Related Programs The identification of known programs that are related programmatically, or impacted technically or operationally by the program/initiative. Table 1 Compliance Certification Notification Elements 4.1.1.5 End Certification Process Program/initiatives(s) not requiring compliance certification will be notified via memorandum that the Comptroller’s certification is not applicable and the program/initiative may proceed with acquisition activities without Compliance certification. Likewise, program/initiatives(s) that do not have the Lead/Partner Domains(s) advocacy for continuance will be notified that the Comptroller’s certification is not required. BMSI shall be copied on such correspondence. 4.1.1.6 Identify Criteria/Procedures For program/initiative requiring the Comptroller certification, the Lead Domain, working in coordination with the Partner Domain(s), will provide the assessment procedures and applicable BMMP programmatic and architecture compliance criteria. As part of this effort the Lead Domain will ensure that the Program Manager is aware of: a) Requirements for coordinating evaluation feedback and reviews. b) Comptroller programmatic, BEA, and Transition Plan compliance criteria and briefing charts. 7
  • BMMP System Compliance Certification Process c) Lead/Partner Domain specific compliance criteria. d) Supporting Documentation requirements. The Comptroller briefing chart template is at Appendix C. The Comptroller compliance criteria is outlined in the certification workbook in Appendix D. The Comptroller briefing chart template and the Comptroller compliance certification workbook criteria are maintained by BMSI and can be accessed at https://207.133.244.10/cgi-bin/bv70 portal.dll/portal/ep/home.do. 4.1.1.7 Perform Self-Assessment The Program Manager will assess how the program/initiative meets the BMMP compliance criteria. In addition, the Program Manager will provide supporting documentation on how the program/initiative meets the compliance criteria. Examples of supporting documentation include the life-cycle management documentation required by Department of Defense Instruction (DoDI) 5000.2, architectural documentation required by the Department of Defense Architecture Framework (DoDAF), and the IT Exhibit 300. When approaching Milestone A, the program/initiative cannot “meet” all the compliance criteria. The Program Manager is to understand what’s expected at future milestones and demonstrate intent to comply. When the program/initiative reaches the next milestone, the compliance certification criteria will be reviewed and updated accordingly. Systems in sustainment requiring improvements will address all the compliance criteria, however, it’s recognized many sustainment systems will not meet the stringent compliance criteria. If the program/initiative is non-compliance with any criteria, the Program Manager shall formulate a resolution strategy to resolve or mitigate the deficiencies. The Lead and Partner Domains will work with the Program Manager to develop mitigation plans. Sustainment systems that are planned for replacement may not be required to develop mitigation plans. 4.1.1.8 Submit Self-Assessment for Evaluation The Program Manager shall assemble the BMMP compliance criteria, supporting documentation, any mitigation plans, and the Comptroller briefing charts and provide the original to the Lead Domain with copies to the Partner Domain. Upon receipt of the package the Lead Domain shall notify BMSI of the certification request and the estimated date BMSI will receive. 4.1.2 Evaluate The evaluation stage of the BMMP Compliance Certification Process (Figure 2) focuses on the verification of the program/initiative self-assessment by the Lead and Partner Business Domains. This is a collaborative activity among Domain(s), Component(s), BMSI, and the Program Manager. 8
  • BMMP System Compliance Certification Process 4.1.2.1 Review Submission for Completeness If the Lead and Partner Domain(s) determine that the documentation provided by the Program Manager is incomplete or insufficient to support a certification recommendation the Program Manager will be notified in writing. If the program initiative wishes to continue pursuit of certification they may reinitiate certification activities at the “Identify Certification Criteria/Procedures” process step. BMSI shall be copied on correspondence returning the submission. 4.1.2.2 Evaluate Architecture Self-Assessment The Lead Domain, in coordination with the Partner Domain(s) shall review and validate the program/initiative’s conformance with the BEA, Domain architectures, and Transition Plan compliance criteria for consistency with the BMMP’s objectives. During the course of this review the Domain(s) will work with the Program Manager to resolve architecture issues. 4.1.2.3 BEA/TP Compliant The Lead Domain will facilitate a consensus among the Business Domains regarding compliance with the BEA and Transition Plan. This shall be a collaborative activity among Domain owners and the Program Manager. Issue resolution will leverage existing processes such as Integrated Process Teams (IPTs) or their equivalents. During the Domain compliance deliberations, no program/initiative shall proceed further with the certification process until all issues are resolved. Possible outcomes of their deliberations are: • Compliant – the program/initiative is compliant the BEA/Transition Plan and no compliance issues exist; • Non-Compliant - Viable Mitigation – the program/initiative is non-compliant, however the Domain(s) accept as mitigations exist to resolve identified issues; • Non Compliant – the Domain(s) will not support based on non-compliance with BEA/Domain architectures, transition plans, or unacceptable issue resolution and/ or mitigations. If the program/initiative is determined Non-Compliant the Program Manager will be notified in writing. If the Program Manager wishes to continue pursuit of certification they retain the option to reinitiate the certification request. 4.1.2.4 Propose Resolution Strategy The Domain(s) will work with the Program Manager to document the resolution and related compliance schedule for program/initiative’s that are deemed Non-Compliant with a Viable Mitigation strategy. 9
  • BMMP System Compliance Certification Process Business End Case Certification 5.1.3.2 Process Other Program No No Factors MDAP/MAIS Only Yes Prepare Review Yes Provide Recommend Certification Certification Complete A Certification? Recommendation Recommendation Package? Certification Recommendation B Package Package 5.1.3.3 5.1.3.4 5.1.3.6 5.1.3.1 5.1.3.5 Figure 3: BMMP Compliance Certification Process: Certification Recommendation 4.1.3 Decision The Decision phase of the BMMP Compliance Certification Review process (Figures 3 and 4) l addresses the Business Domains, BMSI, and the OSD (Comptroller) approval or disapproval of certification for a program/initiative. 4.1.3.1 Recommend Certification The Domain portfolio management boards will make the certification recommendation upon review of the BEA/Domain architecture and Transition Plan compliance, as well as considering other factors such as the business case, other relevant program information, and other program/initiatives performing the same functionality. This is a collaborative activity among Domains and the Program Manager, as appropriate. Issue resolution will leverage existing processes such as Integrated Process Teams (IPTs) or their equivalents. 4.1.3.2 End Certification Process If the Lead Domain, in conjunction with partner Domains, determines that the program/initiative is not viable or does not meet the Department’s needs, the Program Manager will be notified in writing. 10
  • BMMP System Compliance Certification Process 4.1.3.3 Prepare Certification Recommendation Package For those programs/initiatives deemed compliant or non-compliant with a viable mitigation, the Lead Domain will prepare and submit a certification package that justifies the recommendation. The package includes: a consolidated Lead and Partner Domain Compliance Certification Request Memorandum (Appendix B), Comptroller Briefing Charts (Appendix C), and Program/Initiative Compliance Certification Workbook (Appendix D). 4.1.3.4 Review Certification Recommendation Package Upon final coordination and content concurrence between domains, the Lead Domain shall forward the certification package to the BMSI office at bmsi.sysreview@osd.mil for evaluation. Upon receipt BMSI will send a confirmation notice to the Lead Domain. 4.1.3.5 Complete Package BMSI, working in consultation with the Domain(s) will review the certification package to ensure that it is complete, addresses cross-domain impacts, and supports the Department’s enterprise business objectives. Integral with the review, BMSI will evaluate submitted documentation to ensure that it is complete and sufficient to support a certification recommendation to the Comptroller. If deficiencies are identified BMSI will work through the Domain Compliance Lead to resolve identified issues. In the event BMSI and the Domain(s) are unable to resolve outstanding critical issues the program/initiative will be deemed non-compliant with the BMMP and the compliance certification process will be suspended and the Lead Domain will notify the Program Manager. 4.1.3.6 Provide Certification Recommendation The outcome of the BMSI review shall be a BMSI Compliance Recommendation Memorandum requesting the Comptroller certify the program/initiative. This memorandum also serves to inform the Comptroller that BMSI has reviewed the program/initiative’s submission, coordinated with the Domain(s) and reviewed all pertinent documentation in rendering a compliance recommendation. Submission to the USD (Comptroller) will be via the office of the Department’s Deputy Chief Financial Officer (DCFO). For Major Defense Acquisition Programs (MDAP) or Major Automated Information System (MAIS) initiatives the Lead Domain (supported by Partner Domain(s) and BMSI) shall brief the Integrated Product Team (IIPT) and Overarching Integrated Product Team (OIPT) on the BMMP Compliance Certification review findings and certification recommendation. For MAIS and MDAP systems, BMSI will withhold submission for Comptroller certification approval until such time that the OIPT has made a determination to recommend the program proceed. 11
  • BMMP System Compliance Certification Process 4.1.3.7 Approved for Certification Upon receipt of the recommendations, the DCFO shall perform a review of the BMSI/Domain recommendation to ensure all aspects of the program are vetted prior to Comptroller review. Identified issues will be resolved through BMSI, who will ensure requisite modifications are made to the Compliance Recommendation Package. If approved, the DCFO will coordinate on the package and forward to the USD (Comptroller) for certification. End 5.1.3.8 Certification Authority External Process Guidance Process to Obligate No Funds Approve Yes Sign out Non-MDAP/MAIS for B Certification? Certification Memo Hold Coordinate Signed Milestone 5.1.3.9 Review ADM ADM 5.1.3.7 MDAP/MAIS Figure 4: BMMP Compliance Certification Process: Comptroller Decision The Comptroller will review the Compliance Recommendation package and make a decision based on BEA/TP compliance, viability of mitigation strategies, the viability of the business case, compliance and adherence with other Department requirements, and/or whether the program/initiative is in the best interest of the Department. 4.1.3.8 End Certification Process If the Comptroller determines not to certify the program/initiative, he/she will direct that a letter of Compliance Certification Denial be formulated. Certification denial correspondence will be addressed to the Lead Domain. 4.1.3.9 Sign Out Certification Memo If the Comptroller confers compliance certification, he/she will sign the memorandum of Compliance Certification. Certification correspondence will be addressed to the Lead Domain. 12
  • BMMP System Compliance Certification Process 4.2 COMLIANCE CERTIFICATION DOCUMENTATION BY LIFE CYCLE PHASE BMMP Program/initiative compliance reviews will vary depending on life-cycle phase. As programs progress, the amount and granularity of data available is enhanced. Consequently, as a program/initiative matures, the information to be evaluated will be expanded. In general, BMMP will strive to use the following criteria when assessing a program. 4.2.1 Evaluation objectives by Phase 4.2.1.1 Milestone A (or equivalent) • Has the program identified all its requisite functionality and mapped them in a compliant manner to the BEA? • Has the program/domain considered the investment in light of Portfolio Management goals and are these goals in consonance with the Department of Defense Business Enterprise Architecture goals? • Has a program been put in place to ensure the as built program/initiative is compliant with originally authorized goals (i.e., is there a validation program in place)? 4.2.1.2 Milestone B (or equivalent) (Detail required by a production program/initiative requesting an investment program greater than $1M.) a) Are programs architectural products aligned with the BMMP? b) Are business rules compliant with the BMMP? c) Are BMMP data standards enforced? d) Have the program/initiative and Domain(s) considered the investment in light of Portfolio Management goals and are these goals in consonance with the Department of Defense Business Enterprise architecture goals? e) Has a program been put in place to ensure the as built program/initiative is compliant with originally authorized goals (i.e., is there a validation program in place)? 4.2.1.3 Milestone C or Full Rate Production (or equivalent) a) Do the architectural products remain aligned with the BMMP? b) Do business rules remain compliant with the BMMP? c) Have the Program/initiative and Domain(s) considered the investment in light of Portfolio Management goals and are these goals in consonance with the Department of Defense Business Enterprise Achitecture goals? d) Have all BMMP functional requirements been validated as part of the test program? 13
  • BMMP System Compliance Certification Process Pre-Milestone A Milestone A Milestone B Full Rate Prod. Existing Initiative ICD Program Self Program Self Program Self Program Self Assessment and Assessment and Assessment and Assessment and AoA Plan Supporting Supporting Supporting Supporting Briefing Charts Documentation Documentation Documentation Documentation Business Case Business Case Business Case Business Case IT 300 Exhibit IT 300 Exhibit IT 300 Exhibit IT 300 Exhibit Briefing Charts Briefing Charts OT&E Results Briefing Charts FFMIA Assessment Briefing Charts Table 2 Compliance Certification Supporting Documentation Requirements 4.2.2 Certification Requirements by Life Cycle Phase 4.2.2.1 Pre-Milestone A Certification The compliance certification process must be executed for proposed initiatives that anticipate incurring investment costs of more than $1,000,000 prior to reaching a Milestone A decision point. The target goal of Pre-Milestone A activities is to ensure early program actions consider BMMP compliance requirements. 4.2.2.2 Milestone A Certification Compliance certification efforts remain the same as those identified for Pre-Milestone A with the exception that the depth and breadth of required documentation is increased commensurate with the maturity of the program/initiative. Note that programs entering the acquisition process at Milestone A must provide all documentation normally associated with the Pre-Milestone A decision as well as unique documentation required to support the Milestone A decision. An initiative approaching a Milestone A decision must obtain USD (Comptroller) certification prior to receiving an approval from the Milestone Decision Authority (MDA). At a minimum the program manager will: a) Perform a Self-Assessment in accordance to the BMMP process (Appendix F). b) Provide any ancillary documentation to support BMMP certification efforts as identified by the Domain, BMSI, or USD (Comptroller) c) Generate a Business Case (Appendix G) that quantifies business investment. This analysis will identify the initiative’s Net Present Value, Benefit to Cost Ratio, and Breakeven Point. d) Submit documentation in accordance with Table 2. 4.2.2.3 Milestone A Certification Package For business modernization initiatives recommended for approval, a package will be prepared by the Lead Domain and submitted to the BMSI office for review. The Domain package will include a: 14
  • BMMP System Compliance Certification Process a) Domain Compliance Certification Request Memorandum (Appendix B) b) Comptroller Briefing Charts (Appendix C) c) Program/Initiative Compliance Certification Workbook (Appendix D) 4.2.2.4 Milestone B Certification An initiative approaching a Milestone B decision must re-certify their initiative prior to commencement of the milestone decision process. As such the documentation identified in Table 2 shall be provided. At a minimum the program shall: a) Revalidate information submitted in support of the Milestone A decision. b) Perform a BEA Self-Assessment in accordance with BMMP processes. c) Provide any ancillary documentation to support BMMP certification efforts as identified by the Domain(s), BMSI, or USD (Comptroller). Compliance certification efforts remain the same as those identified for Milestone A with the exception that the depth and breadth of required documentation is increased commensurate with the maturity of the program/initiative. Note that programs entering the acquisition process at Milestone B must provide all documentation normally associated with the Milestone A decision as well as unique documentation required for the Milestone B decision. 4.2.2.5 Milestone C or Full Rate Production (FRP) Certification An initiative approaching a FRP decision must re-certify their initiative prior to commencement of the milestone decision process. As such the documentation identified in Table 2 will be provided. At a minimum the program shall: a) Revalidate information submitted in support of the Milestone B decision. b) Provide third party assessment of Federal Financial Management Integrity Act (FFMIA) compliance. c) Update the BEA Self-Assessment to reflect any changes since Milestone B decision. d) Provide any ancillary documentation to support BMMP certification efforts as identified by the Domain(s), BMSI, or USD (Comptroller). Compliance certification efforts remain the same as those identified for Milestone B with the exception that the depth and breadth of required documentation is increased commensurate with the maturity of the program/initiative. In addition, the package submitted to BMSI will include the program’s third party assessment of compliance with FFMIA requirements. 15
  • BMMP System Compliance Certification Process 4.2.2.6 Program/initiatives in Sustainment Operational business management program/initiatives that have an investment program over $1,000,000 are required to obtain USD (Comptroller) determination that the program is being managed in accordance with the BMMP prior to the obligation of funds. The process for this certification shall be the same as that identified for a new start initiative requesting a Milestone B decision. 5.0 ROLES AND RESPONSIBILITIES 5.1 PROGRAM MANAGER During the course of program development and execution the Program Manager shall ensure that all program activities are compliant with BMMP guidance. In the event that a program deviates from approved certifications/determinations, the PM shall immediately document the deviation from the approved baseline and submit changes for review and approval in accordance with the instructions contained in this guide. In no event shall deviant program activities be pursued prior to Comptroller approval. Prior to entering into program activities the Program Manager shall initiate actions required to obtain Domain approval and Comptroller certification in accordance with the compliance certification process. 5.2 LEAD DOMAIN The domain to which a business program/initiative is assigned for functional oversight based on its primary function is the Lead Domain. Acting as the governance authority for the specific DoD business area, the Lead Domain shall: a) Perform program/initiative reviews, develop mitigation strategies, and recommend initiative funding. b) Enforce compliance with the BMMP. c) Coordinate activity for all Partner Domain evaluations. d) Generate coordinated Domain Decision package requesting Compliance Certification Approval from OSD (Comptroller). e) Provide input to Configuration Control Board /Architecture Review Board processes for changes needed to the BEA. f) Monitor program/initiative implementation progress. 5.3 PARTNER DOMAIN(S) A Partner Domain is a domain with stakeholder interest in a program/initiative based on the other functionality performed. Acting as the governance authority for the specific DoD business area, the Partner Domain(s) shall: g) Enforce compliance with the BMMP. h) Provide input to Configuration Control Board /Architecture Review Board processes for changes needed to the BEA. 16
  • BMMP System Compliance Certification Process i) Perform program/initiative reviews and coordinate mitigation strategies and initiative funding. j) Monitor program/initiative implementation progress. 5.4 BUSINESS MODERNIZATION AND SYSTEMS INTEGRATION (BMSI) OFFICE As the office of responsible for the development and maintenance of the BEA the BMSI office shall: a) Review program/initiative initiative packages and acquisition strategies to ensure proposed activities are consistent with the Department’s and BMMP's objectives. b) Assist with coordination of cross domain issues. c) Participate in the Integrated Product Team structure established under the DoD 5000-series. d) Prepare USD (Comptroller) certification approval packages. e) Participate in the Configuration Control Board /Architecture Review Board process for changes to the architecture. f) Maintain archival of Certification inputs and actions. 5.5 Under Secretary of Defense (Comptroller) As the designated DoD official responsible for BEA certification the Comptroller shall review the approval package for compliance with the BMMP. Upon approval the comptroller will issue a certification memorandum. 5.6 COMPONENT ACQUISITION EXECUTIVE (CAE): DoD CAE, the Head of Contracting Activity (HCA) (for those DoD Components without a CAE), or such designated officials in each Service/Agency as identified by the CAE or HCA. 5.7 MILESTONE DECISION AUTHORITY (MDA). Designated individual with responsibility to determine a program is ready to proceed to the next life-cycle stage. 5.8 INTEGRATED PRODUCT TEAM (IPT). Facilitates program communication and issue resolution, and supports the MDA, for ACAT I and IA programs. Includes Integrating IPTs (IIPT) and Overarching IPTs (OIPT). 17
  • BMMP System Compliance Certification Process APPENDIX A: ACRONYMS ACAT Acquisition Category AoA Analysis of Alternatives BCA Business Case Analysis BCR Benefit to Cost Ratio BEA Business Enterprise Architecture BMMP Business Management Modernization Program BMSI Business Modernization & Systems Integration CAE Component Acquisition Executive DCFO Deputy Chief Financial Officer DoD Department of Defense DoDAF Department of Defense Architecture Framework DoDD Department of Defense Directive DoDI Department of Defense Instruction EA Economic Analysis EIE Enterprise Information Environment FFMIA Federal Financial Management Integrity Act FRP Full Rate Production ICD Initial Capabilities Document IPT Integrated Product Team MAIS Major Automated Information System MDA Milestone Decision Authority MDAP Major Defense Acquisition Program NPV Net Present Value OIPT Overarching Integrated Product Team OUDE Office of the Undersecretary of Defense PM Program Manager POC Point of Contact RDT&E Research Development Test & Evaluation TP Transition Plan USD Under Secretary of Defense WCF Working Capital Fund 1
  • BMMP System Compliance Certification Process APPENDIX B: DOMAIN COMPLIANCE CERTIFICATION REQUEST MEMORANDUM Requesting Domain Header Date MEMORANDUM FOR DIRECTOR, BUSINESS MODERNIZATION AND SYSTEMS INTEGRATION SUBJECT: Business Management Modernization Program (BMMP) System Investment Approval for the {Program/Initiative Title} The {Lead Domain} requests the Under Secretary of Defense (Comptroller) (USD(C)) provide BMMP system investment approval for the {Program/Initiative Title and Acronym} in accordance with Section 8084 of the Department of Defense Appropriations Act, 2004 and Section 1004 of the Bob Stump National Defense Authorization Act, 2003. The program is currently approaching {milestone x or decision review} on {date}. The {program/initiative} supports the Department by providing (short description of the program and its scope and how it supports Department initiatives or fixes problems/deficiencies). My staff, working in coordination with the {Partner Domain(s)}, reviewed all aspects of the program for compliance with BMMP goals and objectives and determined that the {program/initiative} [{is fully compliant with the BMMP} or {is substantially compliant with the BMMP and resolution strategies are in place to mitigate risk}}. {Support the preceding sentence with statements regarding: (1) Compliance with the architecture and transition plan; (2) Compliance with, or plan for compliance with, the Federal Financial Management Information Act (FFMIA); and (3) Program/initiative economic analysis that support the proposed investment.} A synopsis of our evaluation and the USD(C) briefing charts are attached. In order to proceed with scheduled program execution, request USD(C) BMMP certification and the authority to [{proceed with milestone x} or {obligate funds in the amount of $XXX,XXXm.}] The point of contact for this action is {Name}, {Office}. {He/She} may be reached by e-mail at {email address} or by telephone at {phone number}. Attachments: As Stated Coordination Sheet (with Partner Domain(s) coordination) cc: Partner Domain(s) Program Manager 1
  • BMMP System Compliance Certification Process APPENDIX C: COMPTROLLER BRIEFING 1
  • BMMP System Compliance Certification Process 2
  • BMMP System Compliance Certification Process 3
  • BMMP System Compliance Certification Process 4
  • BMMP System Compliance Certification Process APPENDIX D: PROGRAM/INITIATIVE COMPLIANCE CERTIFICATION WORKBOOK Item # System Identification Criteria Description Program Domain 1 What is the Program/Initiative Title? Formal Title for the Program/Initiative (System Name in the DoD IT Registry). Originate Validate 2 What is the Program/Initiative Acronym? Commonly used Program/Initiative acronym. Originate Validate 3 What is the DoD IT Registry Number? NII IT Registry identifier number. Originate Validate 4 What is the ITMA number? Information Technology Management Application Number - identifies the program/initiative in the ITMA; which contains the IT budgets. Multiple systems (if Originate Validate part of the same initiative) may have the same ITMA number. 5 What is the scope of the Program/Initiative? A brief overview of the scope of the efforts associated with the program. Originate Validate 6 Who is the Component Sponsor? Sponsoring Component (i.e., Army, Navy, Air Force, DLA, DFAS…). Originate Validate 7 Who is the Program Manager? Name, Office, phone number, and email address of the Program Manager. Originate Validate 8 Who is the MDA? Identify the Milestone Decision Authority responsible for the Program/Initiative (Name, Office, phone number, and email address) and confirm they are in concurrence with the certification request. The MDA for MAIS programs is the Originate Validate DoD CIO; the Component CIO may serve as the MDA for non-MAIS programs. 9 What is the Required Date? The date the program requires certification. Date established through negotiation between the Lead Domain and the Program Manager. XX days required for Originate Validate BMSI and OSD(C) actions. 10 What is the Acquisition Type? MAIS,MDAP, ACAT I, II, or III, or Non-MAIS Originate Validate 11 What event requires Certification? The current Milestone event (e.g., Milestone A, Milestone B…) or request for Originate Validate authority to obligate. 12 Who is the Lead Domain? Identification of Lead Domain. The Domain to which a business system is Originate Validate assigned for management oversight based on its primary function. 13 Who are the Partner Domains? Identification of Partner Domain(s). The Domain(s) not identified as lead domain but maintaining stakeholder interest in the functionality of the program/initiative. Originate 14 Who are the users and how many are there? Identification of the user base of the Program/Initiative and estimated number of users. Users are people who actually use the Program/Initiative's functionality in the performance of their business operations (e.g., DoD Component's, DoD Agencies, War fighters, Retirees, Survivors, Reserves (National Guard), Vendors, Originate Validate Congress, other Federal Agencies, State or Local government entities). *Source: PM = Program Manager; Domain = Business Domain 1
  • BMMP System Compliance Certification Process Item DoD Business Management Description Program Domain # Modernization Criteria 15 What are the System Capabilities (Entities and Identification of those System Entities (capability categories) and Functions (capabilities) to be Functions) performed by the subject Program/Initiative. Classification will be through the selection of all applicable BEA capabilities identified in the workbook pick list. In those instances where a Originate Validate Program/Initiative's functionality is not referenced by the standard list the program manager may identify the discrete function under the entry "Other". Additions and changes will be aligned to the FEA via the BEA SCR process. 16 What is the Program/Initiative Schedule and is Provide the Initial Operating Capability (IOC) / Full Operating Capability (FOC) dates by it consistent with the Domain(s) transition increment/phase and validation these dates are consistent with the Business Domain's Transition Originate Validate plan? Plan. 17 Is the Program/Initiative aligned to Business Program/Initiative is compliant with the BEA Business Rules and Regulations as attested by the Rules & conforming to applicable Policies, Business Domain. Laws, Regulations (Controls)? Originate Validate 18 Is the Program/Initiative Economically Sound? Supported by documented business case (e.g., Economic Analysis) and Analysis of Alternatives (AoA) when required. Business case verified by PA&E for MAIS programs or the MDA for non-MAIS Originate Validate programs. 19 Is the Program/Initiative fully funded through Provide documentation to support that the Program/Initiative is funded throughout the lifecycle. In Originate Validate the FYDP? years with a funding shortfall provide a mitigation plan to address the funding shortfalls. 20 Is the Program/Initiative compliant with the Program/Initiative meets the Department's technical standards as attested by NII for MAIS programs Originate Validate BMMP Technical direction? or the MDA for non-MAIS programs. 21 Is the Program/Initiative DITSCAP Compliant? Program/initiative is compliant with appropriate DITSCAP phase as attested by the certifying authority Originate Validate (Component CIO). 22 Is Program Initiative Compliant with the Program/initiative is CCA compliant as attested by the certifying CIO authority. Originate Validate Clinger-Cohen Act (CCA)? 23 Is Program/Initiative Federal Financial If pre-Milestone C, FFMIA requirements are identified and compliance actions incorporated into Management Improvement Act (FFMIA) program specifications, schedules, and test plans. Compliant? If requesting Milestone C, the program/initiative is FFMIA compliant as attested by an independent Originate Validate third-party. 24 What are the Program/Initiative Dependencies? 24a Are there programmatic/technical Identify dependencies on other Programs/Initiatives (e.g., that will sunset this program or require dependencies? upgrades/enhancements) and the potential impact on cost, schedule, or performance if not accomplished on schedule. Identify Programs/Initiatives this program will sunset or program Originate Validate functionality/modules this program will eliminate. Additionally, identify any technical issue that has a strong likelihood of impacting Program/Initiative execution. For each issue provide a recommended resolution. 24b Are the system interfaces identified and Identify the interfaces and validate that the interfaces development/modification are funded and will Originate Validate programmatically aligned? meet the schedule. 24c Are any receiving interfaces from a critical Validate that critical feeder system(s) is FFMIA compliant. feeder system and required to meet BEA Originate Validate Increment one objectives? 25 Is the program/initiative required to meet BEA Identify BEA increment objective(s) satisfied. Originate Validate Increment one objectives? *Source: PM = Program Manager; Domain = Business Domain 2
  • BMMP System Compliance Certification Process 3