Interface Control Agreement - DoD Procurement Toolbox



Defense Procurement and Acquisition PolicyClause Logic Service (CLS) Interface Control Document & Interconnection Security Agreement March 12, 2018Version: 1.0Table of Contents TOC \o "1-3" \h \z \u 1.Introduction PAGEREF _Toc508881217 \h 31.1.Purpose PAGEREF _Toc508881218 \h 31.2.Scope PAGEREF _Toc508881219 \h 31.3.Functional Requirement PAGEREF _Toc508881220 \h 32.System Description PAGEREF _Toc508881221 \h 42.1.System Functionality PAGEREF _Toc508881222 \h 42.2.CLS Application PAGEREF _Toc508881223 \h 42.2.1.System Description PAGEREF _Toc508881224 \h 42.2.2.Hardware PAGEREF _Toc508881225 \h 52.2.3.Software PAGEREF _Toc508881226 \h 52.3.WAWF e-Business Suite Applications PAGEREF _Toc508881227 \h 52.3.1.System Description PAGEREF _Toc508881228 \h 52.3.2.Hardware PAGEREF _Toc508881229 \h 72.3.3.Software PAGEREF _Toc508881230 \h 72.4.CWS (This section to be completed by the CWS Team) PAGEREF _Toc508881231 \h 82.4.1.System Description PAGEREF _Toc508881232 \h 82.4.2.Hardware PAGEREF _Toc508881233 \h 82.4.3.Software PAGEREF _Toc508881234 \h rmation Assurance PAGEREF _Toc508881235 \h 83.1.Security PAGEREF _Toc508881236 \h 83.1.1.System Names, Owners and Computing Centers PAGEREF _Toc508881237 \h 83.1.2.Accreditation Status PAGEREF _Toc508881238 \h 83.1.rmation Type PAGEREF _Toc508881239 \h 93.1.4.Authorization Officials PAGEREF _Toc508881240 \h 93.1.5.Security Categorization and Information Classification PAGEREF _Toc508881241 \h 93.1.6.Assertions PAGEREF _Toc508881242 \h 93.1.7.Protection Levels PAGEREF _Toc508881243 \h 103.2.Interconnection Graphic PAGEREF _Toc508881244 \h 113.3.SSO Authentication PAGEREF _Toc508881245 \h 123.3.1.CLS UI Direct Web Access PAGEREF _Toc508881246 \h 123.3.2.CLS UI CWS Web Access PAGEREF _Toc508881247 \h 143.4.CLS API Direct Access PAGEREF _Toc508881248 \h 163.5.Privacy PAGEREF _Toc508881249 \h 164.Regular Processing PAGEREF _Toc508881250 \h 164.1.Schedule Variance PAGEREF _Toc508881251 \h 164.2.Expected Volume PAGEREF _Toc508881252 \h 174.2.1.Regular PAGEREF _Toc508881253 \h 174.2.2.Seasonal PAGEREF _Toc508881254 \h 174.2.3.System Growth and Expansion PAGEREF _Toc508881255 \h 174.3.Recurring and Unexpected Maintenance Notification PAGEREF _Toc508881256 \h 184.3.1.CWS (This section to be completed by CWS Team) PAGEREF _Toc508881257 \h 184.3.2.CLS PAGEREF _Toc508881258 \h 184.3.3.WAWF e-Business Suite PAGEREF _Toc508881259 \h 184.4.Traceability Requirements PAGEREF _Toc508881260 \h 184.5.Validation Considerations PAGEREF _Toc508881261 \h 194.6.Error Handling PAGEREF _Toc508881262 \h 195.CWS PAGEREF _Toc508881263 \h 206.WAWF e-Business Suite POC PAGEREF _Toc508881264 \h 207.CLS POC PAGEREF _Toc508881265 \h 208.Notification of ISA Changes PAGEREF _Toc508881266 \h 228.1.General PAGEREF _Toc508881267 \h 228.2.Regulatory changes PAGEREF _Toc508881268 \h 228.3.Functional, technical, or procedural changes PAGEREF _Toc508881269 \h 228.4.Duration PAGEREF _Toc508881270 \h 228.5.Provisions for Review and Changes PAGEREF _Toc508881271 \h 229.Signatures PAGEREF _Toc508881272 \h 239.1.Interconnection Security Agreement PAGEREF _Toc508881273 \h 23IntroductionPurposeThis Interface Control Document (ICD) between Clause Logic Service (CLS) and a Contract Writing System (CWS) establishes the data interconnection relationship and requirements to ensure accurate and timely data exchanges. This ICD will also document the secure transfer of data between systems as per the Information Security guidelines presented in the current versions of the Department of Defense Instruction (DoDI) 8500.1, National Institute of Standards and Technology (NIST) Special Publication (SP) 800-47, (NIST) Special Publication (SP) 800-53. This Agreement is a commitment to objectives and requirements of CWS and CLS projects; it contains the necessary details to evaluate the full requirements of a CWS and CLS to develop, implement, and sustain these interconnections.As written in the Defense Procurement and Acquisition Policy (DPAP) Strategic Plan for Defense Wide Procurement Capabilities, the functional strategy for DoD in the contract writing area envisions leverage of the information technology environment, and DoD Contract Writing Systems (CWSs) used for defense wide procurement capabilities to ensure the use of functional and electronic exchange data standards (and associated business rules), enterprise services, common test criteria and internal controls for validation. Seamless use of data from authoritative sources is critical. CLS is a key part of that strategy and this document contains the necessary information for agencies to create the appropriate interfaces. ScopeThis ICD chronicles interconnection arrangements and information security features in place to protect the confidentiality, integrity, and availability of the data and the systems being interconnected for each party of this agreement. This ICD governs the management, operations, maintenance, and valid use of the connection; specifically defining the purpose for the connection. In addition, this agreement formalizes the system level roles and responsibilities in accordance with applicable Department of Defense (DoD) requirements and directives. The organizations directly involved in the management, operations, and maintenance of these systems are: CLS Program Management Office (PMO) CWS (PMO) WAWF Program Management Office (PMO) This ICD authorizes mutual permission to connect both parties and establishes a commitment to protect data exchanged between the networks or processed and stored on systems. Functional RequirementThis interface provides for a connection to the CLS User Interface (UI) in order to support Agency/Service user’s retrieval of FAR and DFARS clauses. The CWS user will be able to access through two approaches. First, users can access CLS through the DLA Wide Area Workflow (WAWF) e-Business Suite. This approach requires the user to be registered in the WAWF prior to being passed to CLS, which relies on WAWF to authenticate the user based on a predefined role assigned to the user. If authorized, a user is able to request additional CLS roles in WAWF.Second, a user can access CLS through their CWS via a link established by CWS PMO. CLS will rely on CWS to authenticate and authorize the user on behalf of CLS. All network communication between CWS and CLS will adhere to specification outlined in section 3. Information Assurance of this document. The CWS PMO will establish the appropriate code in their system to properly utilize the mechanisms stipulated in that section. Either approach will provide the user with role based access and use of the CLS functionality.System Description System FunctionalityCLS is a web service designed to aid in the procurement process within the Department of Defense and other federal agencies. The primary function of this service is to allow for consistent inclusion of provisions and clauses into procurement documents. The goal of CLS is to improve the integrity of contracts developed by providing a centralized, web based, intelligent business logic clause-generating service for the contracting workforce. CLS will leverage the Single Sign-On (SSO) capabilities of the WAWF e-Business Suite via a web browser graphical user interface and via a CWS implementing the system-to-system SSO. In any case, rendering of the clauses and their insertion into the contract action remain the provenance of the contracting officer. The CLS web service is processed at the US Army’s Acquisition, Logistics and Technology Enterprise System and Services (ALTESS) Data Center, which makes use of several enterprise ALTESS service offerings. It resides within the ALTESS Managed Virtual Environment and runs on a Linux Red Hat platform. The data repository is provided by an Oracle database managed within the ALTESS ‘Shared Oracle Environment’. CLS makes use of JAVA, JSON and XML to interface with the end user and CWS. DLA Transaction Services (DLATS) operate the CLS Application Programming Interface (API) to provide the business rules functionality. The system chooses provisions and clauses using a standard set of system logic rules for the current Federal Acquisition Regulation Supplement (FARS), the Defense Federal Acquisition Regulation Supplement (DFARS), and DFARS Procedures, Guidance, and Information (PGI) 201.301.CLS ApplicationSystem DescriptionThe current CLS application consists of a web based application and an API that deliver a single solution for the selection of clauses by providing a centralized, web based, intelligent business logic clause-generating service for DoD procurement professionals. The CLS application includes:CLS User Interface (UI)CLS Application Programming Interface (API)CLS User Interface. CLS UI is an interactive web application developed by DPAP specifically for DoD employees to obtain consistent selection of provisions and clauses for inclusion in procurement documents.CLS Application Programming Interface. CLS API is a web service that provides a standard set of business rules to select a consistent set of provisions and clauses for inclusion in procurement documents through the CLS UI and a system to system interface for the legacy DLA eProcurement CWS using a standard XML request/response method. HardwareThe CLS web service is hosted at the ALTESS Data Center. Within ALTESS CLS makes use of several enterprise ALTESS service offerings. CLS resides within the ALTESS Managed Virtual Environment and runs on a Linux Red Hat platform. The data repository is provided by an Oracle database managed within the ALTESS ‘Shared Oracle Environment’.The CLS API is hosted and operated at DLA Transaction Services within the DAAS Managed Virtual Environment and runs on a HP platform, running the Ab Initio Rules engine that provides the business selection and decision logic to select provisions and clauses via a webs service interface using a standard CLS XML request/response message. The CLS API currently interfaces with the CLS UI at ALTESS and the DLA eProcurement CWS.SoftwareCLS makes use of JAVA, JSON and XML to interface with end users and CWS. DLA Transaction Services operates the CLS API which uses the Ab Initio Rules engine used by legacy DLA CWS and CLS UI.WAWF e-Business Suite Applications System DescriptionThe current WAWF e-Business Suite environment consists of multiple web-based applications and a training site. The WAWF e-Business Suite system is the single face delivering access to a number of business applications and capabilities that are managed independently. This Family of Systems (FoS) operated within the WAWF e-Business Suite presently includes: Invoicing, Receipt, Acceptance, and Property Transfer (iRAPT)iRAPT Mobile AppsItem Unique Identifier (IUID) RegistryDepartment of Defense Contracting Officer Representative Tracking (CORT) ToolElectronic Military Interdepartmental Purchase Request (eMIPR)Electronic Document Access (EDA)Contract Closeout (CCO)National Industrial Security Program (NISP) Contract Classification System (NCCS)Portal Single Sign On (SSO) supporting Service Component and Agency Enterprise Resource Planning (ERP) implementations, and the Joint Contingency and Expeditionary Services (JCXS)Data Lake Single Sign On (SSO) Management Reporting System (MRS)myInvoiceContract Deficiency Reporting (CDR) Contracting Communication Module (CCM)Invoicing, Receipt, Acceptance, and Property Transfer (iRAPT). The Department of Defense (DOD) enterprise system for secure electronic submission, acceptance, and processing of invoices. It is mandated for use by all DOD Services and Agencies for electronic invoicing by DFARS 252.232-7003. iRAPT processes over 600,000 documents per month worth $28B per month and saves DOD millions of dollars annually in processing cost and avoided interest. iRAPT brings together the Invoice & the Receiving Report from iRAPT, and the contract from EDA to provide the entitlement systems with the ability to perform the three-way match needed to authorize payment. iRAPT is also the Enterprise data entry point for IUID and Passive Radio Frequency Identification (RFID) data for new acquisition items, the source of receipt and acceptance data for service component and agency Enterprise Resource Planning (ERPs) and is central for the Business Enterprise Architecture (BEA) enterprise solutions for Standard Financial Information Structure (SFIS) and Intra Governmental Transfer (IGT). The Property module of iRAPT is the Enterprise data entry point for the Paperless Government Furnished Property (GFP).Item Unique Identification (IUID)Registry application was reengineered and integrated into the WAWF e-Business Suite and deployed to production in October of 2014. The IUID Registry is a Department of Defense application that enables easy access to information about DOD possessions that makes acquisition, repair, and deployment of items faster and more efficient. myInvoicemyInvoice is an interactive web application developed by Defense Finance Accounting Services (DFAS) specifically for Contractors/Contractors and Government/Military employees to obtain invoice status, for invoices submitted through iRAPT or by other means. Contracting Officer’s Representative Tracking (CORT) Tool. A web-based management capability for the designation and maintenance of Contracting Officer’s Representatives (CORs) and reports by the CORs. This Tool allows prospective CORs, COR Supervisors and Contracting Officers and Contract Specialists to electronically process nominations of CORs for one or multiple contracts. It provides built in workflows for the nomination process to include email alerts/status reminders for monthly status report due-ins and delinquencies. The CORT Tool provides contracting personnel and requiring activities the means to track and manage COR designations across multiple contracts across DOD. Electronic Military Interdepartmental Purchase Request (eMIPR). eMIPR supports direct-cite MIPR processing. Using the WAWF e-Business Suite, these MIPRs are created and submitted in external activities’ systems or on the web by Requesting Activities, reviewed and funded, accepted or rejected by Servicing Activities, made available to Requesting Activities after acceptance/rejection, and forwarded on to EDA for storage and to contracting offices for action after acceptance. Electronic Document Access (EDA) EDA is a DOD Enterprise-wide system that combines Internet and Web technologies with electronic document management to provide secure online, electronic storage and retrieval of procurement information and documents across the DOD. EDA provides secure web-based access to contractual and procurement information used by the DOD services and agencies to streamline business processes. EDA provides users with an efficient method for storing, sharing, and retrieving official DOD contract data and documents. EDA facilitates increased accuracy of receipt and acceptance data by passing data electronically from the Standard Procurement System (SPS), and other DOD and Federal contract writing systems, to the WAWF e-Business Suite allowing for more efficient Contractor payment. DOD Enterprise Transition Plan Volume I designates EDA as an enabling program for the Common Supplier Engagement Capabilities. Benefits of the EDA system include aiding the reduction of unmatched disbursements, reducing paper consumption, and increasing convenience to contract specialists and other members of the user community.Contract Closeout (CCO)The CCO application was created and integrated into the WAWF e-Business Suite in July of 2015. Using data from the iRAPT, EDA, and myInvoice applications, the Contract Closeout application performs automated closeout and distributes the notifications. National Industrial Security Program (NISP) Contract Classification System (NCCS)The NCCS was created and integrated into the WAWF e-Business Suite in October of 2014. It was a coordinated application project between OUSD (ATL) and DSS. The application provides the ability for users to populate data onto form DD254 on the Web, and the DD254 is routed to DSS offices for analysis, in addition to Component contract writing systems and the Electronic Document Access (EDA) system based on the appropriate procurement instrument the DD 254 is associated with.Portal Single Sign On (SSO)The SSO provides DOD suppliers with a single point of entry to enable appropriate business transactions and data visibility as the Department pilots its efforts to increase efficiencies in the Procure to Pay (P2P) business process utilizing the Enterprise Resource Planning (ERP) Supplier Portal Commercial Off-the-Shelf (COTS) products to the maximum extent possible. WAWF e-Business Suite Management Reporting System (MRS)The MRS is a database repository of all the data from all the applications in the WAWF e-Business Suite and gives users the capability to run Business Intelligence Reports on the data.Web Based Training is provided for each application in the WAWF E-BUSINESS Suite. This consists of information about each application along with training videos with audio.Contract Deficiency Reporting (CDR)The CDR system permits the reporting and subsequent resolution of issues associated with contract deficiencies. Contracting Communication Module (CCM) CCM provides a secure repository for attachments and two-way communications for certain users in the iRAPT and CORT applications. The following are the types of interconnections with the WAWF e-Business Suite and other applications:Secure File Transfer Protocol (SFTP)Secure Database linkSSL\PKI over TCPPlease Choose the WAWF e-Business Suite Application (s) Interconnection requested:iRAPT FORMCHECKBOX IUID Registry FORMCHECKBOX CORT FORMCHECKBOX eMIPR FORMCHECKBOX EDA FORMCHECKBOX Contract Close Out FORMCHECKBOX NCCS FORMCHECKBOX SSO FORMCHECKBOX MRS FORMCHECKBOX myInvoice FORMCHECKBOX WBT FORMCHECKBOX CDR FORMCHECKBOX CCM FORMCHECKBOX HardwareThe WAWF e-Business Suite uses two SPARC M10 servers in an Oracle Real Cluster Application (RAC) environment for databases; there are 7 SPARC T4-4 LDOMs used as the front-end servers (4 for web server; 2 for support server; 1 as a portal server). There are two SafeNet Luna SA Hardware Signing Modules (clustered) for electronic signing of the documents.The EDA system uses a combination of COTS hardware.Database and Document Hardware: Hewlett PackardOS: HP-UX OS Version: 11.31Front End: SunOS: Solaris OS Version: 10SoftwareThe applications in the WAWF e-Business Suite are deployed as Java EE applications operating in an IBM WebSphere Application Server Network Deployment (WAS-ND) environment with an Oracle 12C back-end database operating on hardened UNIX operating systems configured using a dedicated Online Certificate Status Protocol (OCSP) responder aggregate certificate revocation list (CRL) from DOD PKICAs, DOD-managed ECAs, and DOD-approved and JITC certified external partner PKIs. EDA utilizes a COTS Relational Database Management System (RDBMS) to maintain and control schema, database, and table integrity. The RDBMS engine supporting EDA, Release 8.4, is Oracle 11g Enterprise Edition Release 11.2.0.2 – 64 bit. Stored within the database is an installation of Oracle Application Express (APEX) 4.2.1.00.08.CWS (This section to be completed by the CWS Team)System DescriptionHardwareSoftwareInformation AssuranceSecuritySystem Names, Owners and Computing CentersCWSDPAP is the functional and information owner of CLS. The US Army, Project Director ALTESS, hosts the application in a government data center in Radford, Virginia. A Service Level Agreement (SLA) governs all activities related to hosting and managing the application, as-well-as details the roles, and responsibilities between DPAP and ALTESS.DLA is the functional owner of Wide Area Workflow (WAWF) e-Business Suite. For purpose of this ICD only the WAWF SSO feature is relevant. While WAWF has many other features, they are independent of CLS. IBM hosts WAWF in the Allegany Ballistics Laboratory. A Service Level Agreement (SLA) governs all activities related to hosting and managing the application, as-well-as details the roles, and responsibilities between WAWF and IBM. Accreditation StatusCWS Accreditation Status valid thru {date} (check one): ATO FORMCHECKBOX ; IATO FORMCHECKBOX ; IATT FORMCHECKBOX ; DATO FORMCHECKBOX CLS Accreditation Status valid thru July 11, 2018: (check one): ATO FORMCHECKBOX ; IATO FORMCHECKBOX ; IATT FORMCHECKBOX ; DATO FORMCHECKBOX WAWF Accreditation Status valid thru May 17, 2018: (check one): ATO FORMCHECKBOX ; IATO FORMCHECKBOX ; IATT FORMCHECKBOX ; DATO FORMCHECKBOX Information Type The type of information being processed in this interconnection agreement is (check all that apply):PII FORMCHECKBOX HIPPA FORMCHECKBOX FOUO FORMCHECKBOX Financial Data FORMCHECKBOX Other (explain) FORMCHECKBOX User validation data – DoDID, and contract clauses. Authorization Officials CWS: (This section to be completed by the CWS Team)CLS: Kathy Cutler, 703-767-2100, Kathy.Cutler@dla.mil WAWF: Kathy Cutler, 703-767-2100, Kathy.Cutler@dla.milSecurity Categorization and Information ClassificationCWS Categorization and Information Classification: High FORMCHECKBOX Moderate FORMCHECKBOX or Low FORMCHECKBOX CLS is Security Categorization and Information Classification: High FORMCHECKBOX Moderate FORMCHECKBOX or Low FORMCHECKBOX WAWF is Security Categorization and Information Classification: High FORMCHECKBOX Moderate FORMCHECKBOX or Low FORMCHECKBOX AssertionsAppropriate security measures will be established between a CWS and CLS. These measures will involve appointing an Information Owner/Functional Information Owner (FIO) and a Terminal Area Security Officer (TASO), which will be representatives from CLS. This agreement creates a trust relationship between CWS and CLS. As such, CLS will honor the CWS authenticated user account prior to allowing connection to CLS. User-specific logon data is checked in the CWS trusted system and will not be revivified by CLS. Thus, the CWS will only pass a user to CLS that is logged into the CWS, which will assign each user to a role specified by CLS. The authentication process of the CWS must be compliant with DoD regulations. The CWS will pass through to CLS controls aligned with user validation, account maintenance, account monitoring, and security training as inheritable. The trust relationship will be built upon the OAuth and OpenID standards. CLS has implemented the OAuth and OpenID 2.0 version. CWS will need to go through a registration process before connection to CLS via OAuth and OpenID will be permitted. During the registration process the CWS will be provided with;Client ID – client identifier issued to CWS during the registration processClient Secret – shared secret between CWS and CLSCLS URL/URI (and redirects)Format of communication strings (JSON) CLS will not accept a connection from unregistered clients. CWS will provide server details during the registration process;Server name (host name) Server FQDMURL/URI (and any redirects)While each user is not revalidated, it is essential to verify the user is connecting from the CWS. Therefore, it will be verified with each connection. Client authentication (CWS validation) will occur over secure network communications. CLS network communications are via HTTPS (port 443) using DoD approved methods. The Client ID and Client Secret will always be encrypted in all communication streams (currently via TLS). CLS utilizes a roles based access control (RBAC) methodology; access will be provide based on user roles. The CWS will assign each user to a specific role commensurate with the user’s duties. It will provide a user name and DoDID in the communication string during the connection to facilitate reconnecting the user with stored activity. Users requiring elevated access to privileged functions as defined by CLS, will be required to request that role in WAWF.Upon accepting the connection, the user is issued a token (a sting denoting a specific role and having a limited lifetime for connection). Access tokens are issued by the server supporting CLS.CWS will support an idle connection timeout mechanism to protect against replay attacks. The timeout mechanism is to be compliant with DoD regulations. If the request fails due to a missing, invalid, or mismatching redirection URI, or if the client identifier is missing or invalid, CLS will reject the connection.CLS will maintain audit logs of successful and unsuccessful connections. Protection LevelsThis document is intended to comply with the SI-10: Information Input Validation and SI-11: Error Handling National Institute of Standards and Technology (NIST) 800-53r4 controls, as well as the corresponding Federal Information System Controls Audit Manual (FISCAM) control objectives IN-1: Implement an Effective Interface Strategy and Design, and IN-2: Implement Effective Interface Control Procedures. Interconnection Graphic1162050915035336232513970OAuth/OpenID Connect via JSON script00OAuth/OpenID Connect via JSON script4762500147320CLS UI 00CLS UI 2009775147320WAWF SSO00WAWF SSO847725130810User logged into WAWF SSO authenticated via smartcard, “”00User logged into WAWF SSO authenticated via smartcard, “”3380105248920CLS passes Token to user session00CLS passes Token to user session3648075781050Session00Session1019175841376003143250746125003141313212776003114675565150092011547096700CLS UI Direct Web Access 1230630352425033147009525OAuth/OpenID Connect via JSON script00OAuth/OpenID Connect via JSON script4762500145415CLS UI 00CLS UI 2009775146685Local network CWS00Local network CWS3380105248920CLS passes Token to user session00CLS passes Token to user session3648075788035Session00Session101917584137600314325074612500314131321277600311467556515001019175-172675User logged into local network authenticated via smartcard00User logged into local network authenticated via smartcard92011547096700CLS UI CWS Web Access 4762500142875CLS API 00CLS API 2009775142875 DLA eProcurement00 DLA eProcurement31432507461250011239506343015341820573025System to System certificate authentication00System to System certificate authentication339090043180XML Request/Response Message00XML Request/Response MessageCLS API Direct Access SSO AuthenticationCLS UI Direct Web Access CWS needn’t take any action to initiate this connection as this is between CLS and WAWF. CWS users will need to register in WAWF to avail themselves of this access. CLS UI CWS Web Access CWS must implement the following in their code to launch the connection. CLS API Direct Access PrivacyCLS contains no PII. CLS relies on public release data from the FAR and DFARS. During a session, users can save their work for completion later. Regular ProcessingCWS establishes connection with CLS via process defined in section 3 of this ICD for each user connecting. WAWF e-Business Suite processes user requests to CLS.CLS uses the SSO features of WAWF to grant role appropriate access to users. As such, processing is on demand. Given the worldwide placement of contracting personnel, requests for access processing will occur at all hours – 24x365. Schedule Variance The CLS PMO shall notify the CWS PMO and DLA System’s Operations POC for WAWF of scheduled outages. Unplanned outages will be communicated to the PMO for CWS and DLA System’s Operations POC for WAWF as soon as the outage is detected. In the same manner, the CWS PMO will notify DLA System’s Operations POC and CLS PMO if there is any interruption in the CWS. This notification will also occur if CWS has advance notice of expected outages or interruptions.Expected Volume RegularCWS (This section to be completed by CWS Team)CLSNear-term transaction activity is in the range of 3,000 to 4,500, however the majority of these are occurring within CLS. Activity traversing WAWF to CLS is marginal – in the range of 50 – 200 daily. These numbers will grow as additional CWSs come on board – refer to 4.2.3.SeasonalCWS (This section to be completed by CWS Team)CLSThe nature of CLS business, provision and clause development for solicitations and contracts, is given to a relatively even distribution of activity throughout the year. Higher activities may occur as precursors of heightened military action. WAWF e-Business SuiteDuring the last few weeks of both the end of the Fiscal Year and the End of the Calendar Year, the WAWF e-Business Suite system experiences a 15 – 20% surge in the volume of transactions processed. This is primarily due to the higher than normal volume of invoices prepared and processed for end of year payments to the vendors. In every month, the last weekend of the month is considered the “high volume” period due to end of month invoicing.System Growth and ExpansionCWS (This section to be completed by CWS Team)CLSActivity will jump around the advent of new CWSs coming on-board. All new CWSs within DoD are required to utilize CLS while existing ones are highly encouraged to use it.. CLS is a new web application in 2017, just beginning the process of integrating the CWSs of DoD, thus, volumes will grow over time. DLA – integrating 2018 - mostly automated interaction between the EBS CWS and CLS. This activity will not involve WAWF; however, DLA will have user need for direct interaction with CLS – ranging around 100 daily.Army – integration 2018 – 2019 – assessment of volume by Army. Navy – targeting 2020 – volumes to be assessed. Fourth estate – future – volumes to be assessed. WAWF e-Business SuiteThe WAWF e-Business Suite adds approximately 4000 new users every month.The WAWF e-Business Suite creates well over 7.5 million documents per year, and processes over 27 billion dollars’ worth of invoices per month.On a typical day the WAWF e-Business Suite generates 50,000 extracts.Document CountYear6135064201056983352011607022120126146129201360911272014675249220157012053201647650902017* * as of Aug 7, 2017Recurring and Unexpected Maintenance Notification CWS (This section to be completed by CWS Team)CLS ALTESS performs routine maintenance to the servers and to update operating system (OS) vulnerabilities. ALTESS manages the OS for CLS. The Test systems are patched and rebooted on the 3rd Thursday of every month at 10:00PM. The Production systems are patched and rebooted on the 4th Thursday of every month. Also per the ALTESS/OSD service agreement (SLA), monthly maintenances (MMW) are performed during scheduled time periods. Monthly maintenance typically starts on the scheduled Friday at 1730 and ends on Sunday morning. WAWF e-Business SuiteThe WAWF e-Business Suite PMO will only make the Suite unavailable for major releases and patches, scheduled downtime can begin on Friday night. Application users are notified of scheduled downtime 5 days prior to deployment via a splash message on the WAWF e-Business Suite home page, and 2 days via email for SFTP/EDI users.Traceability RequirementsIt is essential audit logging be turned on, capturing logon activity and compliant with DLA Audit policy. DLA Auditing Implementation Guide version 1.3 will dictate minimum level of auditing. Validation Considerations As CWS is providing authentication of users accessing CLS through CWS, it is essential validation complies with DoD enterprise smartcard regulations. As WAWF is providing SSO service to online direct CLS users, it is essential validation comply with DoD enterprise smartcard regulations. Error HandlingDue to involvement of multiple systems and middleware components, there are several potential points for error. These include:Between Vendor and WAWF e-Business SuiteIf an error is found in WAWF e-Business Suite during processing, the Vendor will receive an e-mail message notifying them of the errorCWS PositionNameEmail AddressProgram ManagerAudit LeadOperations ManagersIA ManagerProgram Office DistroWAWF e-Business Suite POCPositionNameEmail AddressProgram ManagerTwyman Bledsoe Twyman.Bledsoe@dla.mil Audit LeadMr. David R. HuntDavid.Hunt@dla.mil Operations ManagersMs. Yingfen HuMr Ket DerYingfen.Hu@dla.mil Ket.Der@dla.mil IA ManagerMr. Gene BormanGene.Borman@dla.mil Program Office DistroWAWF e Business Suite Distribution ListWAWF_eBiz_Suite@dla.mil CLS POCPositionNameEmail AddressProgram ManagerChristopher WebsterChris.Webster@dla.milDeputy Program ManagerKathleen LemmingKathleen.j.lemming.civ@mail.milOperations ManagerStephen ArthurStephen.m.arthur3.ctr@mail.milIA ManagerWarren LoosWarren.Loos.ctr@dla.milTechnical ManagerRobert BaughmanRobert.g.baughman2.ctr@mail.milProgram Management Office CLS PMOosd.pentagon.ousd-atl.mbx.dpap-clause-logic-service@mail.milNotification of ISA ChangesGeneralDuring the life cycle of this agreement, planned releases affecting the interconnection must be communicated to participating organizations 120 days prior to implementing the proposed or required change.Changes as a result of the testing will be addressed and remediated as needed. Furthermore, an annual review to ensure the data feed is adequate for the current needs of the user community.Regulatory ChangesCLS PMO, CWS PMO, and WAWF e-Business Suite PMO will concur on the implementation actions and an effective date of procedural changes required as the result of a Service or Agency regulatory change.Functional, Technical, or Procedural ChangesInterconnection changes resulting in functional, technical, or procedural changes will be initiated by the responsible PMO; they will propose a mutually acceptable implementation date for the change(s).Each responsible PMO will:Provide notice of proposed or pending changes to each other to include but not exclusively, mapping, interconnection and/or hardware change. Provide sufficient time of notification to the other system and will expect prompt responses (within 30 days).Take appropriate action in response to notification of security related events.Actively manage requests from the CLS Configuration Control Board (CCB) and the Defense Sourcing Execution Portfolio Board.DurationThis document will remain in force until either the signing parties, or their successors, provide a 90-day written notice of intent to nullify.Provisions for Review and ChangesThis ICD will be reviewed and revised annually upon mutual consent. Revisions will be noted and may include supplemental memoranda.SignaturesInterconnection Security AgreementThis Interconnection Security Agreement has been approved by:__________________________________________________ ________Name To be provided by CWS Team DateProject Manager/Title, CWS__________________________________________________ ________Christopher W WebsterDateProject Manager/Title, CLS__________________________________________________ ________Twyman BledsoeDateProgram Manager, WAWF e-Business Suite ................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download