3 Interoperability and Standards

The National Strategy places emphasis on improving information discovery and access through common standards; optimizing mission effectiveness through shared services and interoperability; and strengthening information safeguarding through structural reform, policy, and technical solutions.^[1] Establishing a fully operational ISE necessitates interoperability across strategic information infrastructures of federal, state, local, tribal and territorial entities with counterterrorism and national security missions and the appropriate private sector and foreign partners.

Interoperability is the ability of various operating and software systems, applications, and services to communicate and exchange data in an accurate, effective, and consistent manner.

U.S. CODE – TITLE 44: PUBLIC PRINTING AND DOCUMENTS

3.1 ISE Interoperability Framework (I²F)

OMB Circular A-130 tasks executive-level agencies with developing enterprise architectures (EA), defined as “the explicit description and documentation of the current and desired relationships among business and management processes and information technology. The EA must also provide a strategy that will enable the agency to support its current state and also act as the roadmap for transition to its target environment.”

PM-ISE, in consultation with the Information Integration Subcommittee (IISC) of the ISA IPC, continues to develop the ISE Interoperability Framework (I²F) to enable interoperability across multiple domains and stakeholder communities. The I²F delivers a framework for extensible, measurable, and implementable interoperability requirements throughout the lifecycle of an investment and thus it will serve as a platform to enhance implementation of priority objectives in NSISS. The I²F will not define EA concepts that are within the scope of an organization’s internal EA Framework but will focus on guiding ISE partners in incorporating sharing and safeguarding information principles into agency-level architectures. Together with this ISE Management Plan, the I²F answers the call for an enterprise architecture program management plan that reflects relevant activities, events, and timeframes for improving ISE architecture, provides a means to address gaps, and establishes a mechanism for accountability and progress.

The I²F links three business and technical management practices and disciplines: 1) Architecture Framework Alignment, 2) the ISE Common Profile, and 3) ISE Industry Standards and Specifications Framework, all of which are designed to support interoperability requirements within the context of independent operational capabilities. The I²F describes an Integrated Landscape (I²FIL), which is realized through the application of the three linked practices and disciplines of the I²F. The standards based acquisition initiative is supported by the adoption of the I²F and its integrated management disciplines outlined in this section and depicted in Figure 4.

Figure 4: The I2F Integrated Landscape

Benefits of Using the I²F

The I²F provides a flexible, common method to implementing information exchange across a broad spectrum of information systems and distributed IT architectures. Reference architectures, or template solutions, currently included in the I²F are data aggregation, geospatial information, and identity management.

The I²F enables the discovery, reuse, and development of capabilities. When implemented through governance structures such as outlined in Section 1, it provides a means to identify technologies, capabilities, and services that can be shared across the ISE.

Additional Resources

Executive Order 13642: Making Open and Machine Readable the New Default for Government Information, May, 2013
OMB Memorandum M-13-13: Open Data Policy – Managing Information as an Asset, May 2013
The Common Approach to Federal Enterprise Architecture, May 2012
ISE-G-108: Identity and Access Management Framework for the ISE, December 2008
ISE-G-109: ISE Enterprise Architecture Framework (EAF), September 2008
ISE-G-110: ISE Profile and Architecture Implementation Strategy (PAIS), May 2009

For more information, contact PM-ISE’s Standards and Architecture Division at ISE.gov/contact.

3.2 Standards Development Process and Governance

OMB Circular A-130 directs agencies to develop and maintain an EA Framework and to adopt and consistently enforce standards that support the entire EA.[2] Common standards can define and normalize processes, all of which support the planning, integration, and implementation activities that impact an organization’s internal and external information resources. Generally, information sharing standards are a combination of the data that needs to be shared and a technology or architectural environment that enables this sharing.

3.2.1 Standards Frameworks

The ISE Standards and Specifications Framework, part of the I²F, is a more finely grained categorization taxonomy that defines a framework for understanding standards, the function they serve, involved stakeholders, and relationships between standards. An appendix of the I²F, the Common Profile Framework^{^[3]} provides the characteristics of a “profile” that enables interoperability. A profile characterizes a base set of standards with options necessary to facilitate the accomplishment of the organization’s mission and provide a common methodology for referencing standards across multiple solutions. The Standards Working Group (SWG) and Standards Coordinating Council (SCC), both part of the ISA-IPC, are standing bodies of the IISC that evaluate existing standards and standards frameworks for reuse and also aid in the development of new standards. The process for identifying standards for reuse, and interaction between mission partners, governing bodies, industry, and standards development organizations is described in Figure 5.

Figure 5: Standards Engagement Process

ISE implementation requires effective partnering between government and industry so that government’s interoperability requirements are transparent to industry, resulting in vendor solutions that meet these requirements with the appropriate standards “built in”. Industry and government standards and certification programs exist to provide an environment for:

evaluating standards through a consensus process
testing standards, and
certifying projects through a conformance management process

Standards Conformance and Certification

In December 2012, the IJIS Institute Springboard[4] program conducted its first standards conformance test on the new Prescription Drug Monitoring Program (PDMP) Information Exchange (PMIX), to determine whether it met the required interoperability standards. PDMP is a web-based program that collects, analyzes, and reports information on the prescription, dispensation, and use of prescription drugs. Many states currently report problems with “pill mills”—doctors who prescribe large quantities of painkillers to people who do not need them medically—the sharing of information about prescription drugs is a crucial way to reduce prescription drug abuse.

Going forward, the IJIS Institute is prepared to test other standards through the Springboard program, to ensure conformance to the national standards for companies that create information sharing products for use in the areas of public safety and criminal justice. These standards not only improve information sharing across state, but they can save organizations and taxpayers money, by ensuring organizations (pharmacies, police departments, prisons) that use products that conform to standards do not create a new solution every time they want to share data.

3.2.1.1 National Information Exchange Model (NIEM)

One of the most widely adopted information sharing standards framework used by ISE partners is the National Information Exchange Model (NIEM). NIEM is a community driven, government-wide, standards-based approach that can support a community that requires interoperable information exchanges to advance their respective missions. For more information on the NIEM engagement process, contact the National Information Sharing Standards (NISS) help desk or visit the NIEM website.

3.2.1.2 Open Data Standards

Presidential Executive Order 13642, Making Open and Machine Readable the New Default for Government Information, and OMB’s Memorandum M-13-13 on Managing Information as an Asset establish a framework to help institutionalize the principles of effective information management at each stage of the information's life cycle to promote interoperability and openness. Whether or not particular information can be made public, agencies can apply this framework to all information resources to promote efficiency and produce value.

OMB M-13-13 requires agencies to collect or create information in a way that supports downstream information processing and dissemination activities. This includes:

Using machine readable and open formats, data standards, and common core and extensible metadata for all new information creation and collection efforts,
Information stewardship through the use of open licenses and review of information for privacy, confidentiality, security, or other restrictions to release, and
Building or modernizing information systems in a way that maximizes interoperability and information accessibility, maintains internal and external data asset inventories, enhances information safeguards, and clarifies information management responsibilities.

3.2.2 Additional Resources

ISE-AM 300: Common Terrorism Information Sharing Standards (CTISS) Program, 2007
Common Terrorism Information Sharing Standards (CTISS) Program Manual, 2007
ISE-G-106: Technical Standards – Information Assurance October, 2008
ISE-G-107: Technical Standards – Core Transport October, 2008
Links to existing standards: http://ise.gov/building-blocks/standards-and-interoperability [5]

3.3 Implementing Standards in Your Organization

3.3.1 Requirements

The elicitation and articulation of requirements is a core PM-ISE capability that helps ensure the success of solutions adopted across the community. This capability is necessary because organizational culture and mission requirements vary between organizations that should be sharing information. This can create friction that prevents information transactions or reduces the efficiency of transactions (e.g., because data formatted or modeled for one mission type may need to be transformed before it’s useful or legally permissible in another mission type). PM-ISE is in the position to facilitate the development of cross-organization technical and policy requirements that minimize organizational bias.

3.3.2 Standards-Based Acquisition

Responsible information sharing is dependent upon effective partnering between government and industry so that government’s requirements for interoperable exchange standards are transparent to industry. Vendors need these requirements in advance to build them into commercial products prior to responding to an acquisition. Consistent language throughout this evolving process will help ISE partners work with vendors and other agencies to promote interoperable products and services that enable information sharing and safeguarding.

Award vehicles—including acquisitions and grants—for ISE products and services must include appropriate and clear standards language identified as requirements prior to making investment decisions. This will provide solutions conformant to the appropriate, available, and approved interoperability standards, enabling easier information sharing across agencies.

The I²F’s Common Profile provides a tool that requirements and systems professionals can use to search for solutions to the business problem and to determine what technical solutions are immediately available and which consensus-based standards to incorporate into acquisitions and grants. Therefore program managers can use preapproved and specific language provided through the Common Profile to reuse in their requirements documents. This will significantly reduce time spent searching for interoperability standards, eliminate time spent writing standards language, and potentially reduce cost by reusing an interoperable IT solution.

GLOBAL Standards Used in Grants

The Bureau of Justice Assistance (BJA) has a Global Standards Council (GSC) to ensure that technical products developed in the national justice community evolve in a cohesive manner so that consumers find a single set of products that are known to work well together and reinforce one another. To achieve interoperability and cost savings, the GSC initiated a structured approach to leveraging standards which can be located at the “BJA“ website. In addition, BJA recently released a Pre-RFP Toolkit that was created to assist program managers on how to incorporate DOJ’s Global Standards Package (GSP) in to justice acquisitions.[6] The GSP is a collection of normative, independently versioned standards that are assembled into a package of composable, interoperable solutions specifically supporting the exchange of justice information. The GSC Grant Condition requires that grantee comply with GSP components (NIEM, GRA, and GFIPM) “Compliance to the GSP requires conformance to all components of the GSP whenever applicable”^{^[7]}. By requiring this language, it ensures that vendors develop systems in a consistent manner across the Justice Information Sharing spectrum.

Go to the next section: 4 Communciations and Partnerships

[1] White House, National Strategy for Information Sharing and Safeguarding, December 2012.

[2] OMB Circular No. A-130 Revised: Management of Federal Information Resources (8)(b)(2)(c)(ii).

[3] The ISE Common Profile is a construct based on the ISO/IEC Technical Recommendation 10000-1.

[4] http://ijis.org/_programs/springboard.html

[5] Click on “apply standards” and then “what standards exist.”

[6] IJIS Institute Releases Justice Information Sharing Pre-Request for Proposals Toolkit

[7] Global Standards Package Grant Condition