Service Access and Delivery: These components are responsible for facilitating the end-to-end collection and distribution of data that is either entered or requested by a user. These components include all functions necessary to communicate in a client-server environment. Examples of these components include, but are not limited to: Web browsers Virtual Private Network (VPN) Remote Authentication Dial-In User Service (RADIUS) Peer-to-peer Section 508 compliance HyperText Transfer Protocol (HTTP) File Transfer Protocol (FTP) Simple Mail Transfer Protocol (SMTP)

Service Platform and Infrastructure: These components include all functions necessary for processing and storing data. These components provide and manage the resources available for Application Services. Examples of these components include, but are not limited to: Desktops, laptops, servers, mainframes, routers, switches, and printers. Asynchronous Transfer Mode (ATM) and T1 Digital Subscriber Line (DSL), Ethernet, Windows/UNIX, Java/.NET Web server/portal Database, data storage, data warehouse Software development tools Testing, modeling, versioning, and configuration management.

Component Framework: These components consist of the design of application or system software that incorporates interfaces for interacting with other programs and for future flexibility and expandability. These components define higher level logical functions to provide services in a way that is useful and meaningful to users and other Application Services. Examples of these components include, but are not limited to: Digital certificates, biometrics; Business logic: , Visual Basic Data interchange Simple Object Access Protocol (SOAP) Resource Description Framework (RDF) Data management Structured Query Language (SQL), Open DataBase Connectivity (ODBC), and OnLine Analytical Processing (OLAP).

Service Interface and Integration: These components define the discovery, interaction and communication technologies joining disparate systems and information providers. Application Services leverage and incorporate these components to provide interoperability and scalability. Examples of these components include, but are not limited to: Messaging-Oriented Middleware (MOM) Object Request Broker (ORB) Enterprise Application Integration (EAI) Extensible Markup Language (XML) Electronic Data Interchange (EDI) Web Services Description Language (WSDL) Universal Description, Discovery and Integration (UDDI).

Application Services: Application Services provide support for all applications and collaborative service capabilities. These services include support for developing and implementing enterprise and departmental-level applications. These applications may be "cross-cutting" in nature, with inter-related service processing components extending across/beyond the enterprise, or unique to a particular agency/department's mission requirements. Application Services include complete life cycle support, including planning, analysis, research and development, design, development, integration and testing, implementation, operations and maintenance, information assurance, and final disposition.

Customer Services: Customer Relationship Management (CRM): All aspects of the CRM process, including planning, scheduling, and control activities involved with service delivery. The service components facilitate agencies' requirements for managing and coordinating customer interactions across multiple communication channels and business lines. Customer Preferences: Customizing customer preferences relative to interface requirements and information delivery mechanisms (e.g., personalization, subscriptions, alerts and notifications). Customer Initiated Services: Initiating service requests and seeking assistance from government agencies via online communication channels (e.g., online help, tutorials, self-service, reservation/registration, multilingual support, scheduling).

Process Automation: Tracking and Workflow: Automated routing, tracking, and management of documents (e.g., process tracking, case management, and conflict resolution). Routing and Scheduling: Automated distribution and scheduling activities (e.g., inbound/outbound correspondence management).

Business Management: Process Management: Development and implementation of standard methodologies and automated process management systems, to facilitate agencies' requirements for managing and monitoring activities surrounding their core business operations (e.g., change management, configuration management, requirements management, program/project management, governance/policy management, quality management, risk management). Organizational Management: Collaboration and communication activities (e.g., workgroup/groupware, network management). Investment Management: Selecting, managing, and evaluating agencies' investments and capital asset portfolios (e.g., strategic planning/management, portfolio management, performance management). Supply Chain Management: All aspects of supply chain management, from the initial sourcing phase through customer delivery (e.g., procurement, sourcing management, inventory management, catalog management, ordering/purchasing, invoice tracking, storefront/shopping cart, warehouse management, returns management, logistics/transportation).

Digital Asset Services: Content Management: Content development, maintenance, updates, and distribution (e.g., content authoring, content review/approval, tagging/aggregation, content publishing/delivery, syndication management). Document Management: Capturing, indexing, and maintaining documents (e.g., document imaging, optical character recognition (OCR), document revisions, library/storage, review/approval, document conversion, indexing/classification). Knowledge Management: Collecting and processing data from multiple sources and generating information to support business requirements (e.g., information retrieval, information mapping/taxonomy, information sharing, categorization, knowledge engineering, knowledge capture/distribution/delivery, and smart documents). Records Management: Administration of official government records (record linking/association, record storage/archival, document classification, document retirement, digital rights management).

Business Analytical Services: Analysis and Statistics: Applying analysis and statistics to examine/resolve business issues (e.g., mathematical, structural/thermal, radiological, forensics). Visualization: Transforming data into graphical or image form (e.g., graphing/charting, imagery, multimedia, mapping/geospatial/elevation/global positioning systems (GPS), computer-aided design (CAD)). Knowledge Discovery: Identifying and extracting information from multiple data source containing files stored in various formats (e.g., data mining, modeling, simulation). Business Intelligence: Collecting information relevant to historical, existing, or future business needs (e.g., demand forecasting/management, balanced scorecard, decision support planning). Reporting: Generating reports derived from single or multiple data sources (e.g., ad hoc reporting, standardized/canned reporting, OLAP).

Back Office Services: Data Management: Creating, using, processing, and managing data resources (e.g., data exchange, data mart, data warehouse, metadata management, data cleansing, extraction and transformation, data recovery). Human Resources: Recruitment, training, and management of government personnel (e.g., recruiting, career development/retention, time reporting, awards/benefit management, retirement management, education/training, travel management). Financial Management: Government financing and accounting activities (e.g., billing and accounting, credit/charge, expense management, payroll, payment/settlement, debt collection, revenue management, internal controls, auditing, activity based management, currency translation). Asset/Material Management: Acquisition and management of Federal government assets (property/asset management, asset cataloging/identification, asset transfer/allocation/maintenance, facilities management, computers/automation management). Development and Integration: Development and integration of systems across diverse operating platforms (e.g., legacy integration, enterprise application integration, data integration, instrumentation/testing, software development). Human Capital/Workforce Management Development and Integration: Planning and supervisory operations surrounding government personnel (e.g., resource planning/allocation, skills management, workforce directory/locator, team/organization management, contingent workforce management).

Support Services: Security Management: Ensuring desired levels of protection for Federal systems, data, and related assets are achieved (e.g., identification/authentication, access control, encryption, intrusion detection, verification, digital signature, user management, role/privilege management, audit trail capture/analysis). Collaboration: Communications, messaging, information sharing, scheduling and task management activities (e.g., email, threaded discussions, document library, shared calendaring, task management). Search: Searching, querying, and retrieving data from multiple sources (e.g., precision/recall ranking, classification, pattern matching) Communications: Voice, data, and video communications in multiple formats and protocols (e.g., real time chat, instant messaging, audio/video conferencing, event/news management, community management support, computer/telephony integration, voice communications). Systems Management: All aspects of systems management (e.g., software distribution/license management, configuration/installation, remote systems control, enhancements/service updates, system resource monitoring, helpdesk support/issue tracking). Forms Management: Creating, managing, and processing online forms to support business operations (e.g., forms creation, modification).

DoD IEA Mission Area Support: The Master Contract provides support for the DoD IEA reference models relating DoD's specialized mission, business, and program areas. Though the DoD IEA is an emerging standard, policy and procedures have been formalized for maintaining, evolving, and using the DoD IEA reference models. The DoD IEA reference models leverage existing DoD standards and reflect the alignment with the FEA. The Master Contract includes IT support services for DoD's Global Information Grid (GIG) architecture, Business, Warfighter, Intelligence, and Enterprise Information Environment (EIE) mission areas.

IT Management Services: IT Management Services provide support for operations and IT resource management requirements across the Federal government. These services encompass support for all strategic planning, management, and control functions integral to IT initiatives. The IT Management Services provide the foundational support to effectively align IT requirements with Federal government business operations. IT Management Services provide support for all government lines of business, functions, and service components that comprise the FEA Performance Reference Model (PRM) and Business Reference Model (BRM)IT Management Services shall enable the development and implementation of enhanced governance capabilities, to efficiently and effectively support government agencies' mission requirements and service delivery operations. The services include, but shall not be limited to, support for the following functions:

Controls and Oversight: Development and implementation of management controls and systems required by agencies to evaluate, manage, and monitor program performance relative to IT initiatives (e.g., agency, program, and project-level performance plans for IT initiatives; performance measures to support evaluation and reporting requirements for IT initiatives in compliance with FEA/DoD IEA PRM standards, etc.).

Risk Management and Mitigation: Identification of risk and preparation of risk management plans for IT projects, initiatives, and ongoing operations. Contingency planning to ensure continuity of IT operations and service recovery during emergency events (e.g., risk assessments to determine contingency planning requirements for IT operating environments; develop/maintain contingency, Continuity of Operations (COOP), and disaster recovery plans for IT components, develop/implement emergency preparedness systems).

IT Regulatory Development: Facilitate the development of IT policies, guidelines and standards to facilitate implementation of Federal laws and regulations. The services include support for development, implementation and maintenance of systems to support agencies' IT regulatory development, compliance, and enforcement activities (e.g., monitoring/ inspection/auditing of IT regulated activities to ensure compliance).

IT Planning and Resource Allocation: Facilitate the planning of IT investments, as well as determine and manage managing overall IT resources to efficiently and effectively support agencies' mission operations. This service area includes, but shall not be limited to support for the following functions: Budget Formulation/Execution: Facilitate the integration of budgets and plans, at agency and departmental levels, to effectively link IT functions, activities, and resources with mission objectives. Capital Planning: Facilitate the selection, management, and evaluation of IT investments relative to Federal government agencies' overall capital asset portfolios. Enterprise Architecture (EA): Development and use of EA work products to manage current and future needs of Federal government business operations (i.e., "baseline" and "target" architectures). The services include transition planning and migration support for all EA components (e.g., business, information, application, and technology architectures), to advance the development and implementation of "core EA capabilities." The services shall provide support relative to Federal government mandates for measuring and reporting on the completion and usage of EA programs, as well as evaluating results for E-Gov alignment and implementation of Federal lines of business and other cross-governmental initiatives (e.g., SmartBUY, IPv6, and HSPD-12). Strategic Planning: Facilitate the effective alignment of IT requirements/ Information Resource Management (IRM) plans with strategic business plans and program initiatives. Management Improvements: Development and implementation of improved systems and business practices to optimize productivity and service delivery operations (e.g., analysis, and implementation of improvements in the flow of IT work and program processes and tool utilization, including business system analysis, identification of requirements for streamlining, re-engineering, or re-structuring internal systems/business processes for improvement, determination of IT solution alternatives, benchmarking).

IT Security and Cybersecurity: Development and implementation of management, operational, and technical security controls required by agencies to assure desired levels of protection for IT systems and data are achieved (e.g., establishment of policy/procedures in support of Federal IT security requirements, conduct risk assessments to identify threats/vulnerabilities for existing/planned systems; support Federal mandates for measuring and reporting compliance, perform certification and accreditation (C&A) activities; provide training services to promote awareness and knowledge of compliance responsibilities for Federal IT security requirements).

System and Network Controls: Facilitate the planning, development, implementation, and management of system and network control mechanisms to support communication and automated needs. Facilitate the planning, organizing, coordinating, and controlling of the arrangement of the elements of protection and monitoring capabilities, and incident recovery actions of the information environment. The process takes configuration orders; status reports; and operational and functional performance requirements as inputs and provides performance capabilities and service and infrastructure controls as outputs. System and network controls are controlled by environment standards such as policy and operational guidance. The service control requirements enable network controls and operational performance capabilities.

Cloud Computing: The following is an excerpt from the most recent National Institute of Standards and Technology (NIST) guidance: Special Publication 800-146, Cloud Computing Synopsis and Recommendations The full document can be obtained at http://csrc.nist.gov/publications/PubsSPs.html Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. This cloud model is composed of five essential characteristics, three service models, and four deployment models. Cloud Essential Characteristics On-demand self-service: A consumer can unilaterally provision computing capabilities, such as server time and network storage, as needed automatically without requiring human interaction with each service's provider. Broad network access: Capabilities are available over the network and accessed through standard mechanisms that promote use by heterogeneous thin or thick client platforms (e.g., mobile phones, tablets, laptops, and workstations). Resource pooling: The provider's computing resources are pooled to serve multiple consumers using a multi-tenant model, with different physical and virtual resources dynamically assigned and reassigned according to consumer demand. There is a sense of location independence in that the customer generally has no control or knowledge over the exact location of the provided resources but may be able to specify location at a higher level of abstraction (e.g., country, state, or datacenter). Examples of resources include storage, processing, memory, and network bandwidth. Rapid elasticity: Capabilities can be rapidly and elastically provisioned, in some cases automatically, to scale rapidly outward and inward commensurate with demand. To the consumer, the capabilities available for provisioning often appear to be unlimited and can be appropriated in any quantity at any time. Measured Service: Cloud systems automatically control and optimize resource use by leveraging a metering capability at some level of abstraction appropriate to the type of service (e.g., storage, processing, bandwidth, and active user accounts). Resource usage can be monitored, controlled, and reported, providing transparency for both the provider and consumer of the utilized service. Cloud Service Models Cloud Software as a Service (SaaS): The capability provided to the consumer is to use the provider's applications running on a cloud infrastructure. The applications are accessible from various client devices through a thin client interface such as a Web browser (e.g., Web-based email), or a program interface. The consumer does not manage or control the underlying cloud infrastructure including network, servers, operating systems, storage, or even individual application capabilities, with the possible exception of limited user-specific application configuration settings. Cloud Platform as a Service (PaaS). The capability provided to the consumer is to deploy onto the cloud infrastructure consumer-created or -acquired applications created using programming languages and tools supported by the provide. The consumer does not manage or control the underlying cloud infrastructure including network, servers, operating systems, or storage, but has control over the deployed applications and possibly application hosting environment configurations. Cloud Infrastructure as a Service (IaaS). The capability provided to the consumer is to provision processing, storage, networks, and other fundamental computing resources where the consumer is able to deploy and run arbitrary software, which can include operating systems and applications. The consumer does not manage or control the underlying cloud infrastructure but has control over operating systems, storage, deployed applications; and possibly limited control of select networking components (e.g., host firewalls). All currently emerging and future Cloud Computing as Service offerings, such as "X" as a Service, are within the Scope.

Big Data & Big Data Analytics: NIST is currently in working groups concerning this subject and released a preliminary definition during the October 2014 working Group conference. The following is excerpt from that preliminary release. The full content can be viewed at through the following web site: http://bigdatawg.nist.gov/ieee.php Big data consists of advanced techniques that harness independent resources for building scalable data systems when the characteristics of the datasets require new architectures for efficient storage, manipulation, and analysis. Big data is where the data volume, acquisition velocity, or data representation limits the ability to perform effective analysis using traditional relational approaches or requires the use of significant horizontal scaling (more nodes) for efficient processing.