2020 census detailed operational plan for: 34. it ... · template. 2 v0.02 january 18, 2017 initial...
TRANSCRIPT
2020 Census Detailed Operational Plan for:
34. IT Infrastructure (ITIN) Operation
Issued: May 24, 2017
Version: 1.0
Prepared by: Decennial Census Management Division
Final
2020 Census Detailed Operational Plan for:
34. IT Infrastructure Operation (ITIN)
Page ii
Version 1.0 May 24, 2017 Final
[Page intentionally left blank.]
2020 Census Detailed Operational Plan for:
34. IT Infrastructure Operation (ITIN)
Page iii
Version 1.0 May 24, 2017 Final
Approvals
This ITIN Detailed Operational Plan has been reviewed and approved for use.
Electronically Approved March 21, 2017
Daniel Lewis
IPT Lead
Date Signed
NA
Branch Chief
Date Signed
Electronically Approved March 21, 2017
Pete Boudriault
IPT Program Manager
Date Signed
Electronically Approved April 27, 2017
Deborah M. Stempowski
Chief, Decennial Census Management Division
Date Signed
Electronically Approved by Atri Kalluri May 22, 2017
Lisa M. Blumerman
Associate Director for Decennial Census Programs
Chair, Portfolio Management Governance Board
Date Signed
2020 Census Detailed Operational Plan for:
34. IT Infrastructure Operation (ITIN)
Page iv
Version 1.0 May 24, 2017 Final
Document Change History
Revision # Version Date Description
1 v0.01 December
23, 2016
Initial Shell Version from 2020 Census DOP
template.
2 v0.02 January 18,
2017 Initial DRAFT Version for ITIN DOP.
3 v0.03 February 3,
2017
Updated DRAFT Version based on initial review
comments.
4 V1.0 March 21,
2017
Updated DRAFT Version with final IDEF0 diagrams
and created final draft for executive review.
Note: Edit the fields below to update the Document Version, Date and Status in the Page Footers
throughout the document.
Document Footer Information Control Table
Field Name Version, Date and Status
DocVersion: Version 1.0
DocDate: May 24, 2017
DocStatus: Final
2020 Census Detailed Operational Plan for:
34. IT Infrastructure Operation (ITIN)
Page v
Version 1.0 May 24, 2017 Final
Table of Contents
1. Document Purpose ............................................................................................. 1
2. Operational Overview ....................................................................................... 2
2.1 Operation Purpose ............................................................................................................ 2
2.2 Background ...................................................................................................................... 2
2.3 Detailed Operational Plan Scope...................................................................................... 2
2.3.1 ITIN Activity Areas .................................................................................................. 3
2.3.2 ITIN Operational Context ......................................................................................... 4
2.3.2.1 ITIN Operational Inputs .................................................................................... 7
2.3.2.2 ITIN Operational Controls................................................................................. 9
2.3.2.3 ITIN Operational Outputs ................................................................................ 10
2.3.2.4 ITIN Operational Mechanisms ........................................................................ 12
3. ITIN Operation Detailed Process Description ..............................................16
3.1 ITIN Activation Phase [ITIN 34-1] ................................................................................ 16
3.1.1 Production Readiness Process [ITIN 34-1.1] .......................................................... 18
3.1.2 eSDLC Artifact/Document Integration Process [ITIN 34-1.2]............................... 19
3.1.3 Release Activation Process [ITIN 34-1.3] .............................................................. 19
3.1.4 Capacity Activation Process [ITIN 34-1.4] ............................................................ 20
3.1.5 Qualification Process (Post Activation) [ITIN 34-1.5] ........................................... 21
3.2 ITIN Operation and Maintenance (O&M) Phase [ITIN 34-2] ....................................... 22
3.2.1 Continuous Monitoring Process [ITIN 34-2.1] ....................................................... 25
3.2.2 Daily Operational Management Process [ITIN 34-2.2] .......................................... 26
3.2.3 Incident Management & Escalation Process [ITIN 34-2.3].................................... 28
3.2.4 Backup and Recovery Process [ITIN 34-2.4] ......................................................... 29
3.2.5 Change Management Process [ITIN 34-2.5] .......................................................... 31
3.2.6 Configuration Management Process [ITIN 34-2.6] ................................................ 32
3.2.7 Scale-Up Process [ITIN 34-2.7] ............................................................................. 33
3.2.8 Scale-Down Process [ITIN 34-2.8]......................................................................... 35
3.2.9 Infrastructure Upgrade/Replacement Process (Hardware/Software) [ITIN 34-2.9] 36
2020 Census Detailed Operational Plan for:
34. IT Infrastructure Operation (ITIN)
Page vi
Version 1.0 May 24, 2017 Final
3.2.10 eSDLC Artifact/Document Maintenance Process [ITIN 34-2.10] ......................... 37
3.3 ITIN Disposition Phase [ITIN 34-3] .............................................................................. 37
3.3.1 Data Disposition Process [ITIN 34-3.1] ................................................................. 39
3.3.2 Hardware Disposition Process [ITIN 34-3.2] ......................................................... 40
3.3.3 Asset Disposition Process [ITIN 34-3.3] ................................................................ 41
3.3.4 eSDLC Artifact/Document Disposition Process [ITIN 34-3.4] .............................. 41
4. Cost Factors ......................................................................................................43
4.1 Background .................................................................................................................... 43
4.2 Cost Factors .................................................................................................................... 43
4.3 Relevant IDEF0 Mechanisms......................................................................................... 43
5. Measures of Success ........................................................................................45
Appendix A – Acronyms and Terminology .........................................................46
Appendix B – References .......................................................................................51
Appendix C – Activity Tree for IT Infrastructure Operation (ITIN) ..............52
List of Figures
Figure 1: IT Infrastructure Operation (ITIN) Context Diagram ..................................................... 6
Figure 2: ITIN Activation Phase [ITIN 3-1] Constituent Activities ............................................. 18
Figure 3: ITIN Operation and Maintenance (O&M) Phase [ITIN 3-2] Constituent Activities .... 24
Figure 4: ITIN Disposition Phase [ITIN 3-3] Constituent Activities ........................................... 39
List of Tables
Table 1: ITIN Operational Inputs ................................................................................................... 7
Table 2: ITIN Operational Controls ................................................................................................ 9
Table 3: ITIN Operational Outputs ............................................................................................... 11
Table 4: Staff Resources used within ITIN Operational Activities .............................................. 13
Table 5: Infrastructure Sites for ITIN Operational Activities ....................................................... 14
2020 Census Detailed Operational Plan for:
34. IT Infrastructure Operation (ITIN)
Page vii
Version 1.0 May 24, 2017 Final
Table 6: Systems used within ITIN Operational Activities .......................................................... 15
Table 7: Acronyms and Abbreviations List .................................................................................. 46
Table 8: Glossary of Terms........................................................................................................... 49
2020 Census Detailed Operational Plan for:
34. IT Infrastructure Operation (ITIN)
Page viii
Version 1.0 May 24, 2017 Final
[Page intentionally left blank.]
2020 Census Detailed Operational Plan for:
34. IT Infrastructure Operation (ITIN)
Page 1
Version 1.0 May 24, 2017 Final
1. Document Purpose
The 2020 Census Detailed Operational Plan for the Information Technology (IT) Infrastructure
Operation (ITIN) is intended for use by U.S. Census Bureau managers, staff, contractors, and other
internal and external stakeholders working on the 2020 Census. The document provides a high level
description of the production support processes for the 2020 Census ITIN Operation and includes a
summary of the operational processes involved, their inputs, outputs and controls, and the basic
mechanisms employed to conduct the operational work.
Anticipated uses of this document include the following:
Communication – Documents operational design details for internal and external stakeholders.
Planning – Documents planning assumptions and key milestones.
Staffing – Documents staffing needs and strategies.
This document complements the 2020 Census Operational Plan, which presents the 2020 Census
operational design and covers all operations required to execute the 2020 Census, starting with
precensus address and geographic feature updates and ending once census data products are
disseminated and coverage and quality are measured.
This document will be updated over time to reflect changes in strategies that result from 2020 Census
planning, research, and testing activities.
2020 Census Detailed Operational Plan for:
34. IT Infrastructure Operation (ITIN)
Page 2
Version 1.0 May 24, 2017 Final
2. Operational Overview
2.1 Operation Purpose
The purpose of the IT Infrastructure (ITIN) operation is to provide the IT-related infrastructure support
to the 2020 Census, including:
Enterprise systems and applications.
Decennial-specific systems, applications, and interfaces.
Field IT infrastructure (at National Processing Center (NPC), Regional Census Centers (RCC),
Area Census Offices (ACO), Paper Data Capture (PDC) centers, and Island Areas (IA) sites).
Mobile computing.
Cloud computing.
2.2 Background
For the 2010 Census, the Census IT infrastructure was distributed among separate IT installations,
which were specific to the data processing needs of contract service providers or Census Bureau
organizations. As a result, the management of the 2010 Census IT infrastructure was decentralized.
For the 2020 Census, the Census Bureau will be using an integrated IT environment with coordination
of IT management functions across the constituent IT installations which make up the 2020 Census IT
infrastructure.
Key innovations planned for the 2020 Census ITIN operation include:
Alignment to the Enterprise Architecture.
Early development of solutions architecture.
Use of enterprise solutions.
Iterative deployment of infrastructure aligned with and based on testing and the 2020 Census
Integration and Implementation Plan (IIP).
Use of workload demand models to size IT solutions appropriately.
Scalable solutions.
Agile development of applications (all systems supporting the 2020 Census).
Use of cloud computing.
2.3 Detailed Operational Plan Scope
This plan leverages the extensive body of research that exists on what constitutes IT operations
management. There are two major industry frameworks that provide a body of knowledge on IT
operational management: the Control Objectives for Information and Related Technologies (COBIT)
and the Information Technology Infrastructure Library (ITIL) frameworks. These frameworks define
the typical scope and activity set for managing IT operations, as well as best practices on their conduct.
2020 Census Detailed Operational Plan for:
34. IT Infrastructure Operation (ITIN)
Page 3
Version 1.0 May 24, 2017 Final
COBIT focuses on four IT domains of activity – Plan and Organize, Acquire and Implement, Deliver
and Support, and Monitor and Evaluate – and the processes and controls an organization needs to
define to manage their IT environment within these domains. ITIL focuses on the services an IT
organization provides, and describes those activities needed to guarantee service availability,
efficiency, security, and quality.
The major activity areas defined below are an amalgam of these frameworks, tailored to Census’
existing operational environment and the Census Enterprise Architecture.
ITIN Operation Production support is responsible for:
Production IT Infrastructure for National Networked Census Operations.
o Networking (Core, Edge, Access Points).
o Processing Resources (Data Centers, Cloud, Capacity/Availability).
o Storage (Data Centers, Cloud, Capacity/Availability).
Edge device provisioning and disposition (Desktops, Laptops, Mobile devices/Device as a
Service (DaaS)).
Security and Resource access (VDI, VPN, SecureID, etc.).
User Identity and Access Management (IDAM).
Software Image maintenance, version control, patching, availability.
2.3.1 ITIN Activity Areas
The design of the ITIN Operation for the 2020 Census includes three major operational activity areas:
ITIN Activation Phase
ITIN Operation and Maintenance (O&M) Phase
ITIN Disposition Phase
Each of these major activity areas is summarized below. Together, these activities represent the
complete set of work that needs to be performed by operation during the conduct of the 2020 Census.
ITIN Activation Phase
Provides support processes for Phased Activation ("Go-Live") of the Production IT Infrastructure
for 2020 operations and user needs, including:
Maintaining an operationally ready national networked environment throughout all IT
transition processes
o From core data centers to edge users.
Providing phase-in of IT capabilities to production operation status at the right time with
the right capacity, based on the 2020 Census production operation schedule. Examples
include:
2020 Census Detailed Operational Plan for:
34. IT Infrastructure Operation (ITIN)
Page 4
Version 1.0 May 24, 2017 Final
o In-Office Address Canvassing operations begin very early in the 2020 Decennial,
but have ongoing production needs and capacity demands.
o In-Field Address Canvassing operations will impose additional capacity demands
when operation is fully active in the field.
o Update Enumerate (UE) and Nonresponse Followup (NRFU) operations will
impose still more in terms of capacity demands with a peak field load when these
operations are fully active.
ITIN Operation and Maintenance (O&M) Phase
Provides support processes for Operation and Maintenance of the production IT Infrastructure
throughout the "conduct" of the 2020 Census, including:
Provisioning new users (IDAM setup, password resets, etc.).
Providing capacity for peak user demand (Infield AdCan, UE/NRFU).
Managing backup, restore, recovery/Continuity of Operations Planning (COOP).
Managing software maintenance, patches, version control (Note: minimal changes are
expected to occur in the O&M phase, and those changes that are incorporated into the
baseline are not expected to impact operations).
ITIN Disposition Phase
Provides support processes for disposition of the Production IT Infrastructure as the Census
Operations close out, including:
Rollback of capacity based on changes to demand
Outprocessing of users and user devices, including:
o Recover mobile devices, decommission laptops/desktops/user accounts, etc.
Disposition of Data and Physical resources, including:
o Wipe devices, returns/disposal, etc.
Decommissioning of residual Production IT Infrastructure following operations closeout
The full hierarchy of activities for the ITIN Operation is provided in Appendix C in the form of an
Activity Tree. In the Activity Tree, each major operational activity area listed above is numbered and
then decomposed into a numbered set of subactivities, some of which are further decomposed into
more detailed numbered subactivities or steps.
For a full description of the operational subactivities that comprise the ITIN Operation, see the
Detailed Process Description discussions in Section 3 below.
2.3.2 ITIN Operational Context
The ITIN operational activities described above are conducted within the context of other 2020 Census
operations and other programs or data sources that are external to the 2020 Census Program. One way
to depict an operational context is by using a “Context Diagram,” which shows the boundary of the
2020 Census Detailed Operational Plan for:
34. IT Infrastructure Operation (ITIN)
Page 5
Version 1.0 May 24, 2017 Final
operational process, the operational activities it contains, and the information exchanged with its
neighbor operations (or other entities) as well as the resources (mechanisms) needed to conduct the
operational work.
Figure 1 is a top-level context diagram for the ITIN Operation represented as an Integrated Definition,
Level 0 (IDEF0) model. An IDEF0 model of a process (or operation) shows the Inputs, Controls,
Outputs and Mechanisms of the process. These IDEF0 model elements are summarized below and
described further in the sections that follow.
The yellow box in the center of the IDEF0 model lists the major operational activity areas for the
operation, numbered as given in the ITIN Operation Activity Tree in Appendix C. Specific Information
Exchanges (IE) are shown in different colored boxes to represent the Inputs (green boxes on left side),
Outputs (orange boxes on right side), Controls (purple boxes on top) and Mechanisms (blue boxes on
the bottom). Boxes to the left of the Inputs indicate the Provider of the inputs to the operation
(typically another 2020 Census operation or an external source). The Provider of the Controls is noted
in the box itself. Boxes to the right of the Outputs indicate the Receiver of the outputs (typically
another 2020 Census operation or external entity). Each Information Exchange has a name and a
unique number for identification purposes.
2020 Census Detailed Operational Plan for:
34. IT Infrastructure Operation (ITIN)
Page 6
Version 1.0 May 24, 2017 Final
Figure 1: IT Infrastructure Operation (ITIN) Context Diagram
For the ITIN Operation, initial Inputs include requirements from PM/SEI, IT equipment and software
from IT vendors and mobile device kit related inputs from DLM and FLDI. Later in the ITIN
Operation, Inputs include support requests at Tier 2 and problem reports from DSC, FLDI and CQA as
well as COOP notifications from PM/SEI and security, privacy and confidentiality event info from
SPC. At the end of the ITIN Operation, Inputs are license and warranty/support expiry information
from IT Vendors and mobile device and Site IT installation returns from FLDI and DLM.
ITIN Operation Controls include basic program controls such as budget/schedule and SPC controls, as
well as kit specifications from DLM and processes/standards/plans/controls from the Census Bureau
and NIST.
Outputs for the ITIN Operation include problem/change status and deployment verification
information to PM/SEI as well as support request status/responses and general ITIN status information
to DSC, FLDI and CQA. Additional Outputs include mobile device kit and Site IT installation
shipments to FLDI and DLM and ITIN logs, events and monitoring data to SPC. At the end of the
2020 Census, ITIN inventory disposition is provided to Census Bureau Asset Management.
IE
34. IT Infrastructure Operation (ITIN)
34-1. ITIN Activation Phase
34-2. ITIN Operations and Maintenance (O&M) Phase
34-3. ITIN Disposition Phase
Staff: HQ Staff, TI Staff, NPC Staff, Field Staff, dDaaSContractor Staff
(3. SPC) IE484: Security, Privacy,
and Confidentiality Controls
(33. DLM) IE511: Mobile Device Kit
Specifications
(Census Bureau) COOP Plans, Asset
Management Controls
Sites: HQ, NPC, PDC Sites, CQA Sites, IA
Sites, FLD Sites (RCC, ACO), Data Centers
(BCC, TI, Cloud)
Systems: Decennial Systems, Enterprise
Systems, Field and IA Systems
1. PM, 2. SEI, Census DITD
Systems: Remedy, HP-ALM, ITIN Monitoring
Systems
Mechanisms: Resources Employed by Operation
Controls: Data to Guide Operation
Inputs: Data Consumed by Operation Outputs: Data Produced by Operation
2020 Census IT Users
(via 31. DSC)
NPC, RCC and ACO IT Staff
(via 32. FLDI)
• IE524: IT Support Requests (Tier 2)
• IE525: Problem Reports• IE526: Outage Reports
IT Vendors
• IE521: IT Equipment• IE522: Software Licenses and
License Expiry Info• IE523: Warranty/Support Expiry
Info
1. PM, 2. SEI
• IE546: ITIN Inventory Disposition
• IE542: Outage Notifications• IE543: COOP Notifications• IE544: ITIN Production Status
Info (incl. Problem Status)• IE545: IT Support Request
Status/Responses (Tier 2)
• IE536: Deployment Verification
• IE537: Change Status• IE538: Problem Status• IE539: Problem Escalations• IE540: Configuration Status• IE541: Architecture Artifacts
3. SPC• IE485: Security Incidents• IE486: Privacy/
Confidentiality Incidents
• IE471: Functional Requirements• IE472: Non-Functional
Requirements• IE473: COOP Notifications
(1. PM) Program Controls: incl.
Budget, Operational Plans and Schedule
(NIST) Special Publication
SP 800
Other: Networks, Mobile
Devices/dDaaS
Version v03 – 21 Mar 2017
Census Bureau Asset
Management
3. SPC• IE476: ITIN Logs• IE477: ITIN Events• IE478: ITIN Monitoring Data
(Census Bureau) eSDLC Process,EA Technology
Standards
2020 Census Respondents
(via 17. CQA)
• IE527: Problem Reports• IE528: Outage Reports
33. DLM
• IE512: Mobile Device Kit Documentation Content
• IE513: Site IT Installation Returns
2020 Census IT Users
(via 31. DSC)
NPC, RCC and ACO IT Staff (via 32. FLDI)
17. CQA
32. FLDI• IE357: Mobile Device Kit
Shipments
33. DLM
• IE501: Site IT Installation Shipments
• IE502: Site IT Readiness Notifications
32. FLDI
• IE370: Mobile Device Kit Needs by Role/Location
• IE371: Mobile Device Kit Shipping Addresses
• IE372: Mobile Device Returns
2020 Census Detailed Operational Plan for:
34. IT Infrastructure Operation (ITIN)
Page 7
Version 1.0 May 24, 2017 Final
Finally, ITIN Operation Mechanisms include the staff at various Census Bureau worksites, such as
Census Bureau Headquarters (HQ), and Technical Integrator (TI) sites, the National Processing Center
(NPC), Field Sites (RCCs, ACOs), and Data Centers as well as various systems and other IT
Infrastructure such as the Decennial/Enterprise/Field systems, ITIN Monitoring Systems and
Networks/Mobile Devices.
For detailed descriptions of the Inputs, Controls, Outputs and Mechanisms used by the ITIN Operation,
see the sections that follow.
2.3.2.1 ITIN Operational Inputs
Inputs are the data that are consumed by the operation. The inputs define the amount of operational
work that needs to be performed.
Table 1 lists the inputs to the ITIN Operation.
Table 1: ITIN Operational Inputs
Provider Information Exchange Description
External:
IT Vendors
• IE521: IT Equipment
• IE522: Software
Licenses and License
Expiry Info
• IE523:
Warranty/Support
Expiry Info
Vendor IT Equipment deliveries and
product licenses and warranty/support
expiration information for software and
equipment.
Used to inform ITIN operational
decisions regarding maintenance needs
during the O&M Phase and disposal
during the Disposition Phase.
2020 Census IT
Users
(via 31. DSC)
NPC, RCC and ACO
IT Staff
(via 32. FLDI)
• IE524: IT Support
Requests (Tier 2)
• IE525: Problem
Reports
• IE526: Outage Reports
•
Requests for IT Service and reports of IT
outages provided by Census IT users (to
DSC) or Site IT staff (FLDI), (e.g.
mobile device transmissions not
successful, Site IT network/router not
operational).
• Used during O&M Phase to inform
IT Management staff and plan for
needed actions.
2020 Census Detailed Operational Plan for:
34. IT Infrastructure Operation (ITIN)
Page 8
Version 1.0 May 24, 2017 Final
Provider Information Exchange Description
32. Field
Infrastructure
Operation (FLDI)
• IE370: Mobile Device
Kit Needs by
Role/Location
• IE371: Mobile Device
Kit Shipping Addreses
• IE372: Mobile Device
Returns
Identified needs for Mobile Device Kits
(kinds of kits, number of each kind
needed) by Role and Location.
Shipping Addresses for Mobile Device
Kits Shipments.
Returns of mobile devices after they are
no longer needed for 2020 Census
operations.
33. Decennial
Logistics
Management
Operation (DLM)
• IE512: Mobile Device
Kit Documentation
Content
• IE513: Site IT
Installation Returns
Documentation content needed to
produce DLM specified documentation
assets to be included in the mobile device
kits.
Returns of Site IT installation assets after
they are no longer need for 2020 Census
operations.
2020 Census
Respondents
(via 17. CQA)
• IE527: Problem
Reports
• IE528: Outage Reports
Reports of problems and apparent
outages provided by Census respondents
to CQA (e.g. Internet Self Response Web
site is not accessible).
• Used during O&M Phase to inform
IT Management staff and plan for
needed actions.
1. Program
Management
Operation (PM)
2. Systems
Engineering and
Integration Operation
(SEI)
• IE471: Functional
Requirements
• IE472: Non-Functional
Requirements
• IE473: COOP
Notifications
Functional and non-functional
requirements relating to ITIN operation.
Notification of COOP decisions from
2020 Census Program Management.
Used to identify required operational
behaviors and characteristics and plan for
COOP events.
2020 Census Detailed Operational Plan for:
34. IT Infrastructure Operation (ITIN)
Page 9
Version 1.0 May 24, 2017 Final
Provider Information Exchange Description
3. Security, Privacy,
and Confidentiality
Operation (SPC)
• IE485: Security
Incidents
• IE486: Privacy/
Confidentiality
Incidents
Notifications of ongoing Security
Incident or Privacy/Confidentiality
Incident status.
Used to inform IT Management staff of
ongoing conditions regarding Security
and Privacy/ Confidentiality.
2.3.2.2 ITIN Operational Controls
Controls are the data that guide the behavior of the operation. They are not consumed by the operation,
but rather they provide guidance, models, limits, criteria, cutoff dates, or other information that
controls the way in which the operational work is performed.
Table 2 lists the controls for the ITIN Operation.
Table 2: ITIN Operational Controls
Provider Information Exchange Description
1. Program
Management
Operation (PM)
Program Controls Program Control information including:
Budget
Operational Plans and Schedule
3. Security, Privacy
and Confidentiality
Operation (SPC)
• IE484: Security,
Privacy and
Confidentiality
Controls
Laws, policies, regulations, and
guidelines related to physical security, IT
security, data security and privacy and
confidentiality impacts, analyses, and
processes. These include but are not
limited to Title 13, Title 26, and other
laws and policies related to protection of
personally identifiable information.
33. Decennial
Logistics
Management
Operation (DLM)
IE511: Mobile Device Kit
Specifications
Approved specifications for mobile
device kits to be produced/distributed by
ITIN operation.
2020 Census Detailed Operational Plan for:
34. IT Infrastructure Operation (ITIN)
Page 10
Version 1.0 May 24, 2017 Final
Provider Information Exchange Description
Census Bureau eSDLC Process
EA Technology Standards
COOP Plans
Asset Management
Controls
Census Bureau Process, Standards,
Planning and Control Documentation.
Used to inform IT Management staff of
expected actions and behaviors and
provide information needed in the
formulation of IT Management
operational procedures.
National Institute of
Standards and
Technology (NIST)
NIST Special Publication
SP 800
NIST SP 800, Computer Security
Documentation Series (December 1990-
present):
NIST's primary mode of publishing
computer/cyber/information security
guidelines, recommendations and
reference materials
2.3.2.3 ITIN Operational Outputs
Outputs are the data produced by the operation. The outputs constitute the results of operational work
that has been performed. Outputs produced may be used as inputs or controls to other operations.
Table 3 lists the outputs from the ITIN Operation.
2020 Census Detailed Operational Plan for:
34. IT Infrastructure Operation (ITIN)
Page 11
Version 1.0 May 24, 2017 Final
Table 3: ITIN Operational Outputs
Consumer Information Exchange Description
1. Program
Management
Operation (PM)
2. Systems
Engineering and
Integration Operation
(SEI)
Decennial IT
Division (DITD)
• IE536: Deployment
Verification
• IE537: Change Status
• IE538: Problem Status
• IE539: Problem
Escalations
• IE540: Configuration
Status
• IE541: Architecture
Artifacts
Documentation provided by IT
Management staff to inform the 2020
Census Program (PM and SEI) and
Decennial IT Division (DITD) of routine
operations updates/changes and ITIN
problem/incident status.
2020 Census IT
Users
(via 31. DSC)
NPC, RCC and ACO
IT Staff
(via 32. FLDI)
17. CQA
• IE542: Outage
Notifications
• IE543: COOP
Notifications
• IE544: ITIN
Production Status Info
(incl. Problem Status)
• IE545: IT Support
Request Status/
Responses (Tier 2)
Notifications and status updates provided
by IT Management staff to inform the
2020 Census IT Users and Staff of
routine operations updates/changes and
ITIN problem/incident status (including
IT outages and COOP events).
Status and responses for Tier 2 IT
support requests from DSC, FLDI and
CQA.
32. Field
Infrastructure
Operation (FLDI)
• IE357: Mobile Device
Kit Shipments
Shipments of mobile device kits for use
by Field Staff.
33. Decennial
Logistics
Management
Operation (DLM)
• IE501: Site IT
Installation Shipments
• IE502: Site IT
Readiness Notifications
Shipments of Site IT installation assets to
RCCs and ACOs for subsequent
installation and activation.
Notifications of Site IT asset readiness at
RCCs and ACOs during and after
installation and activation.
2020 Census Detailed Operational Plan for:
34. IT Infrastructure Operation (ITIN)
Page 12
Version 1.0 May 24, 2017 Final
Consumer Information Exchange Description
3. Security, Privacy
and Confidentiality
Operation (SPC)
• IE476: ITIN Logs
• IE477: ITIN Events
• IE478: ITIN
Monitoring Data
Logs, events and monitoring data
provided to the SPC operation relating to
security, privacy and confidentiality
conditions within the IT Infrastructure
environment.
Census Bureau Asset
Management
• IE546: ITIN Inventory
Disposition
Inventory status and update information
provided to Census Bureau Asset
Management in support of ongoing ITIN
Infrastructure Environment Activation,
O&M and Disposition.
2.3.2.4 ITIN Operational Mechanisms
Mechanisms are the resources (persons, places and things) that are used to perform the operational
processes. They include Staff Resources, Infrastructure Sites, and Systems and other Technology
Infrastructure.
2020 Census Detailed Operational Plan for:
34. IT Infrastructure Operation (ITIN)
Page 13
Version 1.0 May 24, 2017 Final
Staff Resources
Table 4 identifies the Staff Resources employed for the ITIN Operation.
Table 4: Staff Resources used within ITIN Operational Activities
Staff Resources Description/Role
HQ Staff HQ Staff to manage overall ITIN Production operation and coordinate
activities with other sites for ITIN Activation, O&M and Disposition. HQ
Staff to conduct monitoring, analysis and ongoing IT O&M planning work.
TI Staff Technical Integrator (TI) Staff to manage and operate TI resources and assets
employed for 2020 ITIN Production work.
NPC Staff NPC Staff to manage and operate NPC resources and assets employed for
2020 ITIN Production work.
Field Staff Field Staff to manage ITIN Production operation within Field sites (RCCs
and ACOs) and coordinate activities with other sites for ITIN Activation,
O&M and Disposition. Field Staff to conduct monitoring, analysis and
ongoing IT O&M planning work.
dDaaS Contractor
Staff
dDaaS (Decennial Device as a Service) Contractor Staff to manage ITIN
Production operation activities related to preparation/distribution of mobile
device kits and replacement/disposition of mobile devices from Field users.
Infrastructure Sites
Table 5 identifies the Infrastructure Sites employed for the ITIN Operation.
2020 Census Detailed Operational Plan for:
34. IT Infrastructure Operation (ITIN)
Page 14
Version 1.0 May 24, 2017 Final
Table 5: Infrastructure Sites for ITIN Operational Activities
Infrastructure
Site
Description/Role
HQ HQ Sites for ITIN monitoring, analysis and planning work.
NPC National Processing Center site used for ITIN Production operation.
Paper Data
Capture (PDC)
Center Sites
PDC Center sites hosting Census IT assets used for ITIN Production
operation. Note: One of the PDC Center sites is located at the NPC.
Census
Questionnaire
Assistance (CQA)
Center Sites
CQA Center sites hosting Census IT assets used for ITIN Production
operation.
Island Areas (IA)
Sites
IA sites (e.g. IA ACOs) hosting Census IT assets used for ITIN Production
operation.
Field Sites
(Regional Census
Center (RCC),
Area Census
Office (ACO))
Field sites (RCCs and ACOs) hosting Census IT assets used for ITIN
Production operation.
Data Centers
(Bowie Computer
Center (BCC), TI,
Cloud)
Data Center sites hosting Census (BCC), TI or Cloud-based IT assets used
for ITIN Production operation.
Systems and other Technology Infrastructure
Table 6 identifies the Systems employed for the ITIN Operation.
2020 Census Detailed Operational Plan for:
34. IT Infrastructure Operation (ITIN)
Page 15
Version 1.0 May 24, 2017 Final
Table 6: Systems used within ITIN Operational Activities
System Description
Decennial Systems Decennial Systems in use for 2020 Census Production work
with IT Operations Management visibility and impact
Enterprise Systems Enterprise Systems in use for 2020 Census Production work
with IT Operations Management visibility and impact.
Field and IA Systems ITIN supported systems at Field sites (NPC, RCCs, ACOs,
Mobile Users) and Island Areas sites (IA ACOs) with IT
Operations Management visibility and impact.
Remedy Tool used for Service Request tracking and Trouble Ticketing
support.
Hewlett Packard Application
Lifecycle Management
(HP-ALM)
Tool used for management of IT related requirements and test
planning.
ITIN Monitoring Systems Systems employed by ITIN to monitor the ongoing operation,
health and status of the deployed 2020 Census Production IT
Infrastructure environment.
Other Technology Infrastructure employed for the ITIN Operation includes:
Networks
Mobile Devices/dDaaS
2020 Census Detailed Operational Plan for:
34. IT Infrastructure Operation (ITIN)
Page 16
Version 1.0 May 24, 2017 Final
3. ITIN Operation Detailed Process Description
The ITIN Operation [ITIN 34] is subdivided into the following constituent Activity Areas.
ITIN Activation Phase [ITIN 34-1].
ITIN Operation and Maintenance (O&M) Phase [ITIN 34-2].
ITIN Disposition Phase [ITIN 34-3].
The business processes for each of these ITIN Operation activity areas are discussed along with
their inputs and outputs in the following subsections.
3.1 ITIN Activation Phase [ITIN 34-1]
During the ITIN Activation phase, the various components of the 2020 Census Information
Technology and Infrastructure will be activated and instantiated immediately prior to the start of
the 2020 Census. This phase includes the activation of computer systems and networks used to
support the Decennial, as well as the activation of infrastructure components supporting these IT
elements.
The ITIN components will be activated according to the scheduled plans indicated in the
Decennial Architecture. Some components will be in continuous operation, such as background
investigations for new employees, fingerprinting, forms printing and distribution, and payroll.
Other components will be activated as they complete development and testing activities prior to
use on the 2020 Census, such as new features implemented in the PEGA environment (customer
engagement software platform). Still other components may be activated on an as needed basis
for use on the 2020 Census, such as existing applications that will be used to support only
specific Census operations. The types of capabilities included in the Activation Phase include the
following:
Enterprise Systems and Applications.
Decennial Specific Applications.
Field IT infrastructure (at National Processing Center (NPC), Regional Census Centers
(RCC), Area Census Offices (ACO), Paper Data Capture (PDC) centers, and Island Areas
(IA) sites).
Mobile Computing.
Cloud Computing.
Enterprise Systems and Applications include large-scale enterprise wide capabilities used to
support Census operations in general and the 2020 Census as well.
Decennial Specific Applications are capabilities that are intended for use on the 2020 Census in
particular. These may include custom applications, features added or extended to commercial of
2020 Census Detailed Operational Plan for:
34. IT Infrastructure Operation (ITIN)
Page 17
Version 1.0 May 24, 2017 Final
the shelf (COTS) platforms, or enterprise applications that are modified for 2020 Census specific
operations.
RCC and ACO IT Infrastructure includes all the information technology and facilities needed to
support field IT operations for the 2020 Census. This includes the Field IT computing
capabilities such as networks, servers, and workstations. Specifically, the ITIN operation is
responsible for providing and setting up the all of the cabling, printers and IT equipment at the
RCCs and the ACOs.
Mobile Computing includes portable computational devices intended for use by enumerators and
field supervisors during field operations such as In-Field Address Canvassing,
Update/Enumerate, Group Quarters, Nonresponse Followup, and Coverage Measurement.
Capabilities required to support mobile computing include the logistical chain necessary to
acquire, configure, ship, and manage large numbers of devices in the field. DLM is responsible
for approving kit specifications. ITIN produces the mobile device kits and ships to the Field Sites
and Field IT Users in accordance with dDaaS Contractor responsibilities under ITIN.
Cloud computing includes information technologies used to deploy applications and systems in a
virtualized and scalable environment, hosted and managed by a public or private cloud service
provider. Cloud services include Infrastructure-as-a-Service (IaaS), Platform-as-a-Service
(PaaS), and Software-as-a-Service (SaaS) offerings. Additionally, cloud computing includes the
capabilities and platforms used to manage any cloud-provisioned service for applications in the
2020 Census; for example, tools for deploying capacity would be included under the cloud
computing umbrella. Activation of cloud computing requires selection and acquisition of cloud
services from one or more commercial vendors capable of providing FedRamp certified
computing. The Census Bureau does not plan to acquire and operate a computing cloud for the
2020 Census, but rather intends to make use of approved commercial cloud vendors for this
purpose. Cloud services will be scalable, and as such will be acquired when necessary and
released when no longer needed in order to support 2020 Census operations during the course of
the decennial.
The ITIN Activation Phase activity area is subdivided into the following operational subactivities
(See Figure 2).
Production Readiness Process [ITIN 34-1.1]
eSDLC Artifact/Document Integration Process [ITIN 34-1.2]
Release Activation Process [ITIN 34-1.3]
Capacity Activation Process [ITIN 34-1.4]
Qualification Process (Post Activation) [ITIN 34-1.5]
2020 Census Detailed Operational Plan for:
34. IT Infrastructure Operation (ITIN)
Page 18
Version 1.0 May 24, 2017 Final
Figure 2: ITIN Activation Phase [ITIN 3-1] Constituent Activities
Subsequent sections describe the ITIN Activation Phase operational subactivities in detail.
3.1.1 Production Readiness Process [ITIN 34-1.1]
ITIN Activation serves as the transition of systems and applications from project design and
build to a production state. The Census Enterprise Systems Development Life-Cycle (eSDLC)
and PMO processes include phase gates to review the readiness of IT systems. These reviews, as
identified in the Census Bureau’s Systems Engineers Playbook, include:
Production Readiness Review.
Operational Readiness Review.
Production Readiness Review (PRR) – A PRR is a formal examination of a program to
determine if the design is ready for production and if the producer has accomplished adequate
production planning.
A PRR examines a program to determine if:
The design is ready for production.
The producer has accomplished adequate production planning and process – proofing.
The PRR attempts to verify that the production design and planning and the associated
preparations for producing the system have in fact progressed to the point where deployment to
the production environment can be made without incurring unacceptable risk of breaching the
34-1 ITIN Activation Phase
34-1.1 Production Readiness Process
34-1.2 eSDLC Artifact/Document Integration Process
34-1.3 Release Activation Process
34-1.4 Capacity Activation Process
34-1.5 Qualification Process (Post Activation)
2020 Census 34. IT Infrastructure Operation (ITIN) Operational Activity Structure for 34-1 ITIN Activation Phase
Includes: Production Readiness Review (PRR) Operational Readiness Review (ORR)
Includes: Alignment of documentation with new
Activation Phase configurations as needed.
Includes: New Releases Release Upgrades
Includes: Sizing/Configuration Deployment/Activation.
Includes: Post Activation Operational Validation
2020 Census Detailed Operational Plan for:
34. IT Infrastructure Operation (ITIN)
Page 19
Version 1.0 May 24, 2017 Final
established thresholds of cost, schedule and performance or other criteria. As part of the ITIN
Activation phase, ITIN operations staff will participate in these review sessions to ensure that the
proposed ITIN components are available or there is a plan to acquire them, that they meet ITIN
standards, and that ITIN operations staff understand and approve of the activation schedule.
Designated ITIN personnel will be part of the PRR sign off and approval process.
Operational Readiness Review (ORR) – An ORR is a disciplined, systematic, documented,
performance based examination of facilities, equipment, personnel, procedures, and management
control systems to ensure that a facility will be operated safely within its approved safety
envelope as defined by the facility safety basis. The ORR scope is defined based on the specifics
of the facility and/or the reason for the shutdown as related to a minimum set of core
requirements. A graded approach will be used in defining the depth of the ORR based on these
core requirements.
3.1.2 eSDLC Artifact/Document Integration Process [ITIN 34-1.2]
The effective documentation of changes in a tightly coupled System of Systems (SoS) is critical.
Included in the documentation process is identification and review of existing relevant
documentation to ensure that each system in the SoS that is impacted by the change is “aware” of
the change.
An important part of the eSDLC Artifact/Document Integration process is to ensure that as
changes are made to operational eSDLC artifacts (chiefly software, but potentially hardware as
well), the associated documentation for these artifacts is updated as well. This ensures that the
physical baselines and the documentation baselines are in sync, and avoids unnecessary
confusion and delays on the part of system administrators, users, and maintainers.
3.1.3 Release Activation Process [ITIN 34-1.3]
The Release Activation Process is used to manage the activation of Site IT installations and
software releases used to support the 2020 Census. This process includes management for the
following:
New Releases.
Release Upgrades.
New Releases are introduced into the 2020 Census operational environment according to a
release plan. This plan follows the conventional practice for operational software releases,
including development on one environment, building and testing and integration on another
environment, and operations on a third environment. The process of release migration proceeds
by completing development on the development environment and successfully completing unit
and other tests. When a package of capabilities has been completed, the group of changes are
2020 Census Detailed Operational Plan for:
34. IT Infrastructure Operation (ITIN)
Page 20
Version 1.0 May 24, 2017 Final
merged into the baseline on the build-test-integration environment, and a complete end-to-end
regression test is performed to ensure that the releases have not impacted baseline functionality
adversely. Upon completion of the regression test, the new release is transferred over to the
operational environment, typically during a pre-planned maintenance window of time, and the
new release is subjected to an initial check-out test prior to usage by the user community. For
Field sites (RCCs and ACOs), New Release Activation would be proceeded by shipment and
installation of required Site IT Installation assets by ITIN staff.
Release Upgrades proceed in a similar fashion. The main difference between Release Upgrades
and New Releases is that in the former case, the new capability affects a portion of the overall
system capabilities, whereas the latter typically involves a much more extensive or even total
replacement of prior capabilities.
The details of the release activation process, including the release plans, are found in the System
Architecture document, the Systems Engineering Master Plan (SEMP), and in the Test
Engineering Master Plan (TEMP).
3.1.4 Capacity Activation Process [ITIN 34-1.4]
Capacity activation is the process of assigning infrastructure resources to support specific
applications or services. As more and more of the traditional technology stack is abstracted via
cloud into infrastructure or platform as a service offerings, the definition of “infrastructure” is
blurring. For the purposes of this plan, IT Infrastructure includes computing resources (in the
form of servers or virtual machines), storage, networking services, and any other data center or
cloud provided services including database as a service, storage as a service, middleware as a
service, and other commercially available platforms. Regardless of where the infrastructure is
deployed, capacity activation follows these basic steps. Details for specific steps will be provided
by the systems administration team of each platform. Capacity activation is different from that
described in Section 3.2.7 [ITIN 34-2.7 Scale Up], as it represents the initial provisioning and
deployment of ITIN resources into the system of systems environment.
1. Establish capacity sizing requirements. These requirements originate from the results
of performance tests, or from existing deployments of similar or related applications.
Sizing includes benchmarks on the compute, storage and networking capacity and/or
throughput needed for the platform being provisioned. Sizing requirements also identify
growth rates of transactional volume and storage, as well as key periods of performance
for the infrastructure.
2. Establish deployment strategy. This includes whether to deploy the application into a
cloud or managed data center environment, as well as the scaling needs of the
environment (auto-scaling vs. manual scaling, scheduled capacity increases vs. steady-
state capacity, etc.). In addition, the deployment strategy must consider regulations
2020 Census Detailed Operational Plan for:
34. IT Infrastructure Operation (ITIN)
Page 21
Version 1.0 May 24, 2017 Final
regarding the protection of Title 13 and Title 26 data sets, which may influence the
decision to host in the cloud or on a managed data center environment.
3. Review and establish Service Level Agreements (SLA’s) and COOP specifications.
These include key metrics of availability, recovery time objectives and recovery point
objectives for systems and network resources. COOP specifications are necessary to
determine how and where the infrastructure should be deployed.
4. Identify data sensitivity. The nature of data to be stored or processed on systems will be
identified per FIPS 199 and FIPS 200 standards.
5. Activate capacity. The strategy identified in steps 2 and 3 will be executed. Additionally,
operational documentation indicating what application(s) are deployed on specific
infrastructure will be completed to support Scale-Down or other impact analyses.
6. Configure monitors. Monitoring tools will be configured for the infrastructure to ensure
that relevant SLAs are being met. Details on monitoring processes can be found Section
3.2.1 [ITIN 34-2.1 Continuous Monitoring Process].
7. Configure backup/redundancy solutions. Backup and redundancy solutions include
replication, active-active clustering, active-passive clustering, transactional logging, and
full and incremental system backups. Specifics are available in Section 3.2.4 [ITIN 34-
2.4 Backup and Recovery Process].
8. Notify stakeholders. Stakeholders should be notified about critical capacity issues.
Stakeholders include application teams, other ITIN teams, and business stakeholders. In
particular, teams performing ITIN qualification process testing and verification will be
notified.
3.1.5 Qualification Process (Post Activation) [ITIN 34-1.5]
A Post Activation Qualification Process is used to ensure run-time readiness of newly deployed
operational IT assets and confirm that they are able to operate at a certain standard during
sustained operation.
Data covering critical process parameters must be recorded and analyzed to ensure critical
quality attributes can be guaranteed throughout operation. This may include testing equipment at
maximum operating capacity to show quantity demands can be met. It should be noted that
equally important as the qualifying of processes and equipment is the qualifying of software and
personnel. Well-trained staff and accurate, thorough records helps ensure ongoing protection
from process faults and quick recovery from otherwise costly process malfunctions.
In software development, user acceptance testing (UAT) - also called beta testing, application
testing, and end user testing - is a phase of software development in which the software is tested
in the "real world" by the intended audience. During the Post Activation Qualification Process,
2020 Census Detailed Operational Plan for:
34. IT Infrastructure Operation (ITIN)
Page 22
Version 1.0 May 24, 2017 Final
selected subsets of UAT functions may be exercised to ensure operational readiness of the
activated deployment.
Once all processes have been qualified, their IT assets should be placed under control of IT
management with a framework in place to routinely monitor operations. Only after the
qualification process has been completed can the process begin operation.
See the Operational Readiness Process for more details on surrounding processes.
3.2 ITIN Operation and Maintenance (O&M) Phase [ITIN 34-2]
The ITIN O&M process includes activities necessary to operate the various 2020 Census
capabilities, as well as to maintain these activities.
Operation includes the people, processes, and technologies needed to ensure that enterprise
capabilities are functioning as needed for the Census in general and the 2020 Census in
particular. These capabilities include activities such as 24/7 operations and routine monitoring of
systems to ensure normal functioning capabilities.
Maintenance includes activities required to upgrade the capabilities in response to routine
scheduled needs or in response to unexpected emergency situations. Examples of the former
include installing operating system patches and security virus definition files. Examples of the
latter include emergency patches or bug fixes in response to unexpected failures or system
degradation.
The ITIN O&M Phase subject areas include the following:
Enterprise Systems and Applications.
Decennial Specific Applications.
Field IT infrastructure (at National Processing Center (NPC), Regional Census Centers
(RCC), Area Census Offices (ACO), Paper Data Capture (PDC) centers, and Island Areas
(IA) sites).
Mobile Computing.
Cloud Computing.
The O&M of Enterprise Systems and Applications will be handled using existing Census
business processes and life-cycle guidelines for enterprise capabilities to make sure that 2020
operations are not interrupted. This includes the use of formal change control processes,
architecture reviews, and integration and test processes before deployment.
2020 Census Detailed Operational Plan for:
34. IT Infrastructure Operation (ITIN)
Page 23
Version 1.0 May 24, 2017 Final
The O&M of Decennial Specific Applications will be handled similarly to enterprise systems
and applications. This involves the use of formal change control and architecture review
processes, as well as formal integration and test processes before deployment.
RCC and ACO O&M procedures will be standardized to ensure consistency across the field but
will typically be less formal and less extensive than the enterprise and application build
processes previously discussed. RCCs and ACOs are users of enterprise and decennial specific
capabilities but are not resourced to do maintenance activities for applications. The RCCs and
ACOs, however, are often the first to identify potential errors or bugs in applications, and as such
are a vital part of the overall O&M end-to-end process.
Mobile Computing O&M is centered around managing large numbers of small portable
computing devices for use in the field. Operations are focused on supporting the field users, and
ensuring that the devices are operating effectively to support often fast-paced field operations.
Maintenance is focused on the logistics of managing defective and replacement devices to and
from field users.
Cloud computing O&M is expected to be minimal, as this capability is expected to be provided
by a FedRamp certified cloud services provider. The operations capability is largely focused on
ensuring that the COTS vendor is providing the agreed-upon level of service. The maintenance
capabilities for the cloud computing capability will be entirely within the purview of the cloud
services provider.
The ITIN Operation and Maintenance (O&M) Phase activity area is subdivided into the
following operational subactivities (See Figure 3).
Continuous Monitoring Process [ITIN 34-2.1].
Daily Operational Management Process [ITIN 34-2.2].
Incident Management & Escalation Process [ITIN 34-2.3].
Backup and Recovery Process [ITIN 34-2.4].
Change Management Process [ITIN 34-2.5].
Configuration Management Process [ITIN 34-2.6].
Scale-Up Process [ITIN 34-2.7].
Scale-Down Process [ITIN 34-2.8].
Infrastructure Upgrade/Replacement Process (Hardware/Software) [ITIN 34-2.9].
eSDLC Artifact/Document Maintenance Process [ITIN 34-2.10].
2020 Census Detailed Operational Plan for:
34. IT Infrastructure Operation (ITIN)
Page 24
Version 1.0 May 24, 2017 Final
Figure 3: ITIN Operation and Maintenance (O&M) Phase [ITIN 3-2] Constituent Activities
2020 Census Detailed Operational Plan for:
34. IT Infrastructure (ITIN) Operation
(ITIN)
Page 25
Version 1.0 May 24, 2017 Final
Subsequent sections describe the ITIN Operation and Maintenance (O&M) Phase operational
subactivities in detail.
3.2.1 Continuous Monitoring Process [ITIN 34-2.1]
The Continuous Monitoring Process is designed to provide ongoing, real-time assessments of
key system performance attributes. The intent is to provide constant updates on system status to
support routine monitoring and also to provide early warning of potentially disruptive trends in
system performance. By monitoring key performance attributes, system administrators and
engineers can quickly intervene if conditions are warranted. This process is also supported by
event management. Event Management, as defined by ITIL, is the process that monitors all
events that occur through the IT infrastructure. It allows for normal operation and also detects
and escalates exception conditions. An event can be defined as any detectable or discernible
occurrence that has significance for the management of the IT Infrastructure or the delivery of IT
service and evaluation of the impact a deviation might cause to the services. Events are typically
notifications created by an IT service, Configuration Item or monitoring tool.
Activity areas will include:
Network monitoring.
Utilization monitoring.
Storage monitoring.
Availability monitoring.
Security monitoring.
For Census managed datacenters, the activity areas will be monitored by Census. For cloud-
provided activities, they will be managed by SLAs.
Network monitoring is focused on continuous, real-time evaluations of the network traffic. This
includes measuring traffic flows at various points in the network, assessing the load, and taking
active steps to intervene if the load begins to exceed the acceptable performance thresholds.
Utilization monitoring is focused on managing the utilization rates of key system components.
These typically include CPU, memory, disk, network, and input/output utilization for computing,
network, and storage elements of the system. Utilization monitoring is typically supported by
one or more automated monitoring systems with user-definable alarm capabilities.
Storage monitoring is focused on actively managing the amount of storage space used by the
system. Typical tasks include measuring total space utilization, I/O rates, I/O attempts and
completions, I/O errors, and developing trend lines for space utilization over time.
2020 Census Detailed Operational Plan for:
34. IT Infrastructure (ITIN) Operation
(ITIN)
Page 26
Version 1.0 May 24, 2017 Final
Availability monitoring is focused on measuring and managing the availability of the system.
Typical metrics for availability include number of sessions, uptime, downtime, MTBF, MTTR,
and other established measures of availability.
Security monitoring is concerned with managing the security access to the system. Typical
tasks include continuous, real-time threat detection monitoring such as virus/malware scanning,
login monitoring to ensure access is limited only to authorized users, and maintaining physical
security for system components.
3.2.2 Daily Operational Management Process [ITIN 34-2.2]
The objective of IT Operations Management is to monitor and control the IT services and IT
infrastructure. IT Operations Management executes day-to-day routine tasks related to the
operation of infrastructure components and applications and includes a daily/shift “stand up”
and/or NOC meeting to keep IT Operations Management staff appraised of current conditions
and any outstanding issued being worked.
Activity areas will include:
Database Administration.
Desktop and Mobile Support.
Directory Services Management.
Middleware Management.
Network Management.
Server Management and Support.
Storage Management and Archive Support.
Portal Support.
Infrastructure Environment Support.
Database Administration includes O&M activities related to Database Management Systems
(DBMS) which are in use to support applications. Monitoring of storage capacity in use,
efficiency of DBMS operation, distributed DBMS service operation, high-availability or
replication functions and routine updates to DBMS configurations and software are among the
tasks which will receive daily attention. Additionally, planned upgrades which may require
hardware and DBMS software maintenance functions with long lead times to ensure readiness
for Activation processes are supported as needed.
Desktop and Mobile Support is focused on providing ongoing user and device support for the
population of desktop computing and mobile device users. User requests and trouble reports are
entered in a ticketing system and managed through the designated Tier 1 IT Service Desk
support process under DSC. Tier 2 user requests and trouble reports relating to ITIN are routed
2020 Census Detailed Operational Plan for:
34. IT Infrastructure (ITIN) Operation
(ITIN)
Page 27
Version 1.0 May 24, 2017 Final
from DSC to ITIN for subsequent action. Tier 2 responses are returned to DSC as appropriate.
Desktop and Mobile Support also includes processes for provisioning new devices and
supporting device upgrades as necessary. Software patching for user devices is supported
through automation and routine monitoring of software version compliance is also performed to
ensure user systems are compliant.
Directory Services Management includes O&M activities related to systems used to provision,
manage and control identity and access management systems. This includes Microsoft Active
Directory, Microsoft Active Directory Federation Services, Lightweight Directory Access
Protocol Services, and tools used to provision and de-provision user and group accounts in these
systems. On an ongoing basis, these systems must be checked to make sure that accounts are
provisioned via the least-privileged access principle; accounts should be provisioned with the
least access required. Random audits of accounts will be performed to ensure accounts match
business rules established for access. On a daily basis, de-provisioning logs should be reviewed
to ensure that separated or re-assigned employees lose all or unnecessary access to systems and
data. Emergency terminations and de-provisioning should be reviewed and documented as
needed.
Middleware management includes monitoring of the Enterprise Service Bus, Managed File
Transfer, Enterprise Transform and Load, Application Gateway, Application Message Queues
and other infrastructure that facilitates the exchange of information across system boundaries.
O&M activities to be performed include monitoring of transaction throughput against metrics,
dropped or held transactions, and daily “pings” of configured end-points to guarantee delivery of
transactions at run time. Additionally, security configuration of these platforms, including
backup and verification of security certificates and encryption keys, will be checked routinely.
Network Management is focused on maintaining the operation and performance of network
resources (routers, switches, links, etc.) to ensure continuous availability and adequate
performance under load. Capacity changes in response to changing traffic load profiles and
routine device and software updates will need to be performed on an ongoing basis during
production operations. Ensuring connectivity and adequate capacity during these upgrades is a
function of the Network Management operations staff. Handling of network outages and
recovery from unforeseen reductions in capacity is also a responsibility of this IT Operations
Management area.
Server Management and Support is focused on activities to ensure proper operation of
computer servers. This will include both software support such as routine operating system patch
management, security support such as virus/malware prevention, and routine O&M such as
application software patches and upgrades.
2020 Census Detailed Operational Plan for:
34. IT Infrastructure (ITIN) Operation
(ITIN)
Page 28
Version 1.0 May 24, 2017 Final
Storage Management and Support is focused on activities to ensure proper operation of
computer storage devices. This will include management of physical storage arrays of disks,
such as routine systems administration and diagnostics, to ensure normal operations. This will
also include active management of disk utilization to ensure sufficient storage space is available
for normal operations to proceed without storage errors. For storage provided in non-physical
form such as via Cloud services, the Storage Management and Support effort is focused on
ensuring uninterrupted access to the cloud service provider assets. This will include monitoring
network access to cloud resources to ensure normal operations proceed without storage errors.
Portal Support is focused on activities to ensure proper operation of portal-based hardware and
software. This will include systems administration and hardware administration tasks for portal
hardware to ensure normal operations, as well as software administration to ensure portal
management software is functioning properly to support portal-based applications for operations.
Infrastructure Environment Support includes support for the O&M of the physical site
infrastructure which provides the operating environment (power; heating, ventilation, and air
conditioning (HVAC); physical perimeter; etc.) for the IT Infrastructure assets. Examples of
Infrastructure Environment support include:
Managing scheduled power outages.
Maintaining uninterruptable power supply (UPS) and HVAC installations.
Performing routine infrastructure health checks.
Performing application health checks.
Periodic review and exercise of startup and shut down procedures.
3.2.3 Incident Management & Escalation Process [ITIN 34-2.3]
Incident management is an IT service management (ITSM) process area. The first goal of the
incident management process is to restore a normal service operation as quickly as possible and
to minimize the impact on business operations, thus ensuring that the best possible levels of
service quality and availability are maintained. 'Normal service operation' is defined here as
service operation within SLA. It is one process area within the broader ITIL and International
Organization for Standardization (ISO) 20000 environment. Information from the Incident
Management and Escalation Process will be shared with other 2020 Census operations (PM/SEI,
FLDI, SPC, others) as appropriate to ensure timely distribution of information needed for these
operations to perform their functions.
Incident management includes:
Security Incident Management.
Unplanned Outage Management.
2020 Census Detailed Operational Plan for:
34. IT Infrastructure (ITIN) Operation
(ITIN)
Page 29
Version 1.0 May 24, 2017 Final
Problem (Root Cause Analysis) Management.
Because of the tightly coupled nature of the Census Bureau’s IT infrastructure an incident
starting in one area can, and often does, impact other areas. As a result, incident management
processes and process artifacts must be closely coordinated across all areas. Currently, the
Census Bureau has at least 4 separate divisions or programs (e.g., DITD, American Community
Survey (ACS), Center for Enterprise Dissemination Services and Consumer Innovation
(CEDSCI), Geography) with similar but different processes for Planned Outages and 2 (DITD
and ACS) with similar but different processes for Unplanned Outages. This DOP will provide
the overall framework to facilitate the identification and coordination of all IT incident
management processes with the Census Bureau. The following is the ITIL incident management
process that will be used as a model:
Create an incident ticket and assign priority using Remedy.
Open Incident Management & Escalation process.
o Identify and create an Incident Management Report (IMR).
o Update record.
o Determine resolution plan.
o Execute resolution plan.
o Close incident.
o Update documentation.
o Capture metrics for SLA.
o Determine impact on Disaster Recovery (DR) processes.
3.2.4 Backup and Recovery Process [ITIN 34-2.4]
The Census Bureau defines non-functional requirements for systems in the 2020 Census
architecture and develops SLAs to achieve them. In particular, the amount of data that can be lost
and the amount of time allowed before a system must be returned to service are specified. These
metrics – recovery point objective and recovery time objective, directly relate to the IT
Infrastructure operation: procedures must be established for the infrastructure to make sure these
key metrics are met. Additionally, the ability of the infrastructure to meet these requirements also
factors into COOP planning, as any outage or data loss event that will exceed these requirements
may require the declaration of a COOP event. Census is developing a COOP plan, separate and
out of scope of this document, for each operation and system in scope for 2020; the backup and
recovery procedures must be coordinated with these plans.
Backup and restore procedures are designed to meet recovery point objective requirements.
Infrastructure operations for backup and restore provide protection against the failure of
components. A combination of techniques will be used.
2020 Census Detailed Operational Plan for:
34. IT Infrastructure (ITIN) Operation
(ITIN)
Page 30
Version 1.0 May 24, 2017 Final
Full back up. Provides a comprehensive snapshot of the contents of a system, stored on
external media for Census managed datacenters and/or cloud provided backup services.
Backups are normally stored on different hardware or media, and replicated offsite to
provide recovery in the event of a disaster.
Incremental backup. Captures changes to the state of a system since the last backup.
Transactional logging. Each discrete transaction is stored and can be “replayed” to
restore a system to a pre-designated point in time.
Depending on the granularity of data recovery required, some or all of these techniques are
required. As an example, a database component of a system that needs to meet a one minute
recovery point objective may need a combination of full backups and transactional logging, as
snapshotting the entire database every minute may not be possible. It is also important to include
the time to restore from backup in the design of the backup process.
Disaster Recovery (DR) procedures are designed to meet recovery time objective requirements.
Deployment techniques including active-active, active-passive, or cold recovery are used as
disaster recovery procedures.
Active-active. Infrastructure is deployed in one or more locations and operated in
parallel. In this case, recovery from disaster is automatic: if a system component fails, the
remaining active node(s) assume processing. Replication of configuration and system
state is near-real-time. There is no “cut over” activity, but the system must be able to
detect failing nodes and redirect traffic to other active nodes to meet the recovery time
objective requirements.
Active-passive. Infrastructure is replicated in multiple location(s). If primary (active)
nodes fail, system load and processing are redirected to the passive nodes, which are
promoted to active status. Periodic replication of the configuration and state of active
nodes is replicated to the passive nodes. The time required to “cut over” must be
periodically tested to guarantee it can meet the recovery time objective.
Cold recovery. Infrastructure is available or easily provisioned, but the environment
must be re-built from backups or a re-deployment. The process must be periodically
tested to guarantee it can meet the recovery time objective.
The specific techniques used must be chosen based on the recovery time objective requirements
of the system in question. Additionally, the recovery time objective requirements will influence
how ITIN capacity is to be activated, and the deployment strategy for that capacity.
Choose deployment strategy. As an example, cloud service providers may not be able to
meet the recovery time objective or system availability requirement when infrastructure
is deployed in a single site or cloud designated availability zone. In some cases,
2020 Census Detailed Operational Plan for:
34. IT Infrastructure (ITIN) Operation
(ITIN)
Page 31
Version 1.0 May 24, 2017 Final
infrastructure will require active-active deployment across two or more geographic
locations to meet the recovery time objective requirement above specific thresholds.
Assess infrastructure availability metrics. Appropriate and realistic availability metrics
are determined. Some hardware and software components are only certified to operate up
to specific availability metrics.
Configure monitoring. System health checks must be configured to assess ITIN
components at least as frequently as the recovery time objective minus any needed time
to recover to give ample time to perform restoration activities.
In addition to backup and disaster recovery services, ITIN will play a key role in COOP/Business
Continuity Planning (BCP) for many of the operations in scope for the 2020 Census.
Additionally, an ITIN failure can cause a COOP designation.
When a COOP/BCP event is declared, ITIN needs to assess the following:
Affected operations. Depending on the operational calendar, different business
operations are more critical at various points in time than others. A disaster may be wide
in scope (in the case of a data center or telecommunications outage that serves ITIN
components), or localized (in the case of a field location). ITIN operations must assess
the impact and what is needed to restore operations. As an example, if ACOs are taken
offline and a replacement site is stood up, ITIN may require network configuration to
provide access.
Time to restore. How long the event is expected to occur is another important factor. If
the event is expected not to last as long as restoration activities, then COOP activities
may not be performed.
Restoration priority. Depending on the operational calendar and non-functional
requirements, specific systems will be designated with a higher restoration priority than
others. These requirements will come from the overarching COOP plan for the 2020
Census Enterprise Architecture.
An important part of any ITIN COOP procedure is to restore to the initial state. This will include:
Validation of restoration of infrastructure.
Transfer of data and application state back to original infrastructure.
Wind down of COOP infrastructure. Data disposition may be required to make sure no
sensitive data remains.
3.2.5 Change Management Process [ITIN 34-2.5]
The Change Management Process encompasses the activities used to manage changes to the
2020 Census hardware, software, and business process baselines. This includes the management
2020 Census Detailed Operational Plan for:
34. IT Infrastructure (ITIN) Operation
(ITIN)
Page 32
Version 1.0 May 24, 2017 Final
of proposed changes, as well as the actual implementation of such changes to the baselines.
During the 2020 Census, the intent is to minimize changes to operational capabilities in order to
maintain a stable hardware and software baseline. When changes are required, the formal
Change Management process will be used.
Change Management includes business processes to adjudicate and prioritize proposed changes
to the baseline. This process includes the use of formal Change Control Boards (CCBs), often
working closely with Architecture Review Board (ARB). The role of the ARB is to assess the
impact of proposed changes, but from a higher level of abstraction at the architectural level. The
ARB ensures that the proposed changes are consistent with the overall architectural design of the
system (and system of systems) in the overall architecture. Finally, the CCB plays the role of
business management, ensuring that the proposed change (which presumably has been approved
by the ARB) is financially achievable and fits within the scope of available delivery resources.
The two groups work together to ensure that changes are well considered and fit in the overall
direction of the program. For the 2020 Census, the objectives of the Change Management
Process will be defined by the Decennial Census Management Division, and the implementation
of the objectives will be achieved by the Information Technology Integration Contractor using
their tools and business practices.
In addition to managing the process of adjudicating proposed changes, the Change Management
process includes the actual activities involving people, processes, and technologies necessary to
implement the changes once they have been approved. Once changes are approved, the technical
aspects of change management come into play, such as various levels of unit, system and
integration testing. Additionally, the changes may require security review to obtain
Authorization to Operate in the production environment.
3.2.6 Configuration Management Process [ITIN 34-2.6]
The Configuration Management Process is a key component of the Change Management
Process, and defines the people, technology, and processes used to ensure that the configuration
of the 2020 Census baseline systems are effectively managed.
Configuration Management refers to the process of actively managing a technical baseline
through a series of incremental developments over the product life cycle. For the 2020 Census,
Configuration Management processes will be used to ensure that both enterprise and 2020
Census specific applications are developed and fielded in an orderly manner.
The specific configuration management processes may vary based on the application or hardware
configuration under consideration. The general process is to establish a fixed baseline with a
definite configuration (which may in turn include subcomponents each of which is also under
configuration management control), then increment the baseline as the result of successful
2020 Census Detailed Operational Plan for:
34. IT Infrastructure (ITIN) Operation
(ITIN)
Page 33
Version 1.0 May 24, 2017 Final
completion of a pre-established test, integration and check-out process. This ensures that the
production baseline is clearly defined, and that subsequent changes to the production baseline
can be precisely tracked. In the event of an unexpected failure, the program management may
elect to “roll-back” to a prior baseline release number, and such a process is expedited by having
precise details of how each release was constructed. The configuration management process is
essential for this to be successful.
The actual configuration management processes used for specific applications, tools, and devices
will vary based on the contractor(s) managing these components and the configuration
management tools used to support their processes. Nevertheless, the general model for
configuration management conforms to the discussion above.
3.2.7 Scale-Up Process [ITIN 34-2.7]
Many systems in the 2020 architecture require the ITIN infrastructure to scale appropriately to
handle “spiky” system utilization. As an example, when heavy system utilization is expected or
measured, the ITIN operation may be expected to add additional compute, storage and/or
networking resources to handle the additional load.
There are two ways infrastructure may scale. In some cases, the system can be designed to scale
automatically to adapt to current conditions. In others, the system can be scaled manually to meet
anticipated demand or when automatic adaption isn’t possible. The procedure for each follows.
Auto-scaling
In an auto-scaling infrastructure environment, most of the procedures to follow are pre-scaling
procedures. The basic steps to support auto-scaling are:
Build scaling deployment units. In an auto-scaling environment, infrastructure is almost
always scaled horizontally, by adding additional nodes to a cluster of machines. These
scaling units may consist of a machine image pre-built to include all operating system
and application or platform components. Or they may consist of a deployment “recipe”
that can be executed to configure a virtual machine with the appropriate software.
Examples include the automated configuration management tools Puppet or Chef and
their ability to install software, run commands, and deploy code and updates from version
control repositories.
Decide on performance metrics. In an auto-scaling environment, infrastructure
administrators decide on what metrics or combinations of metrics are important when it
comes to scaling. Typically, these are based on one or more of virtual machine metrics,
including CPU utilization, memory utilization, disk utilization, or system response time,
measured via a synthetic transaction (e.g., a “health check”). Additional or more fine
2020 Census Detailed Operational Plan for:
34. IT Infrastructure (ITIN) Operation
(ITIN)
Page 34
Version 1.0 May 24, 2017 Final
grained metrics may be used, but this is dependent on the application, platform and
operating system’s ability to provide them. As an example, some web application servers
can provide details on the number of user sessions. The specific metric(s) will be agreed
on based on the scaling needs of the system.
Establish metric monitors and thresholds. Based on the relevant performance metrics,
monitors will be established to check for the performance of the infrastructure against
specific thresholds that indicate the need to scale. These capabilities are typically services
provided by a cloud service provider. As an example, the Amazon Cloud Watch service
monitors various metrics across Amazon Web Services (AWS) platforms and can
produce logs, alerts and event triggers.
Configure auto-scaling. Based on the above steps, configure the environment to add
additional deployment units based on exceeding metric thresholds.
Notify of scaling event. Because auto-scaling is typically done in a cloud service
provider environment, it is important to notify relevant stakeholders of the need to scale.
Deploying additional cloud services incurs additional costs. Large increases in
infrastructure demand could indicate a security incident, such as a denial-of-service
attack, or a problem with application performance. The additional infrastructure must be
included in any other standard maintenance activities (e.g., backup and recovery,
intrusion detection, etc.). For these reasons, relevant stakeholders should be identified
and notified, at an appropriate frequency, of events that triggered ITIN auto-scaling.
Manual scaling
For systems that will not be deployed on infrastructure capable of auto-scaling, manual scaling
processes will be used. Manual scaling is similar to that of the initial Capacity Activation
process, except that capacity is being added to an existing environment. Manual scaling may be
done as part of a planned increase in capacity. For instance, the Response Processing operation
will mostly consist of nightly batch processing of response data received during the day.
Hypothetically, the Response Processing operation may want to scale up the infrastructure each
night to have the capacity needed to process the large data sets it will receive, but scale down at
the start of the business day to make resources available for other operations. Alternately, manual
scaling may be used to respond to capacity events similar to those of the auto-scaling process,
but on infrastructure platforms that cannot be scaled automatically. Finally, manual scaling may
be used for vertical scaling of an environment. Manual scaling follows these steps.
Establish scaling requirements. These requirements can originate from an established
scaling schedule derived from other operational plans that identify when and how much
capacity is required. Alternately, scaling requirements may come in the form of an ad hoc
request based on prior system performance.
2020 Census Detailed Operational Plan for:
34. IT Infrastructure (ITIN) Operation
(ITIN)
Page 35
Version 1.0 May 24, 2017 Final
Assess scaling strategy and approach. Depending on the platform and requirements, the
infrastructure may use a horizontal or vertical scaling approach. As an example, a
database that is running out of storage may need to scale its storage vertically – adding
additional nodes to a cluster would not alleviate storage issues. In instances where
horizontal scaling will be used, the approach for how to add additional nodes needs to be
identified. Replicating an existing node or building a new node for a cluster are possible
approaches. Some platforms, such as the Oracle RAC distributed database platform,
provide tools to add capacity when infrastructure is made available. Regardless, the
approach for adding capacity should be established and agreed upon.
Identify needed outages. If scaling requires the environment to take an outage, ITIN
administrators need to work with stakeholders to identify the duration and ideal
window(s) for the outage.
Add capacity. The identified scaling strategy and approach will be executed.
Additionally, operational documentation indicating what application(s) are deployed on
specific infrastructure will be completed to support Scale-Down or other impact analyses.
Notify of scaling event. Just as in auto-scaling, if capacity has been added when not
previously planned for, stakeholders will be notified.
3.2.8 Scale-Down Process [ITIN 34-2.8]
The ITIN Operational Plan includes a Scale-Down Process that is similar to the Scale-Up
Process. As infrastructure is no longer required to meet capacity demands, resources should be
removed from the environment to contain costs – particularly in cloud service provider
environments - and reduce the scope and complexity of other operational processes (patching,
monitoring, etc.). However, there are additional factors to consider in scaling down.
First and foremost is the effect that removing infrastructure from the environment will have on
users or processes running on them. Applications that are stateful (user session activity is
preserved from one request or function to the next) or long running processes require careful
monitoring to determine when it is safe to remove capacity. As an example, if a user on a web
application is in the middle of a stateful session running on infrastructure that is removed before
the request is completed, the user’s session will be erroneously terminated. Depending on how
the application using the infrastructure is architected, this could result in data loss and a poor
user experience. Likewise, long-running processes that are terminated can result in data loss or
data errors.
For these reasons, it is critical to follow a specific sequence of events when removing capacity –
or “Scaling Down” – ITIN resources.
2020 Census Detailed Operational Plan for:
34. IT Infrastructure (ITIN) Operation
(ITIN)
Page 36
Version 1.0 May 24, 2017 Final
Assess current infrastructure usage. At the desired time of removal, administrators
must understand what application functions and batch processes are running on the
infrastructure to avoid disruption to service. Ideally, some operational documentation was
completed during Capacity Activation or manual Scale-Up to allow administrators to
make these assessments. If not, process level examination will be performed to assess
what processes are running on infrastructure components and why before removing any
capacity from the environment.
Check health of other nodes if applicable. After all remaining nodes have assumed any
remaining user activity, their health will be assessed to make sure that they will be able to
continue to operate within operational thresholds.
Redirect user traffic and processes. This may include pausing or rescheduling
scheduled batch processes. Active user sessions/processes should either be allowed to
terminate naturally or transitioned to other nodes if possible (e.g., if a web application
server cluster supports session replication). New user sessions and processes will be
directed to other infrastructure nodes.
Stop/terminate infrastructure. This includes operating systems, applications, monitors,
back up processes, etc. The environment will be fully shut down before proceeding.
Remove infrastructure from application environment(s). As an example, if the
infrastructure is supporting a node in a cluster, the node needs to be removed from the
cluster so it is not restarted.
Release network resources. If the nodes are assigned static IP addresses or domain
name service names, these will be freed to avoid future collisions and to make available
for infrastructure.
Notify stakeholders. This may include internal IT teams including those who perform
configuration management, monitoring, security, networking, and backup. It may also
include external teams including application owners and business teams.
These processes may be implemented differently depending on the environment the
infrastructure is deployed in. Cloud environments may perform many of these steps
automatically, including releasing capacity, load balancing/clustering and networking
configurations, backup processes, and monitoring. In managed data centers, the degree to which
these processes require manual activities will depend on the sophistication of the tooling
available.
3.2.9 Infrastructure Upgrade/Replacement Process (Hardware/Software) [ITIN 34-2.9]
As previously discussed in Section 3.2.5, minimal changes are expected in the Census 2020
capabilities after 2018, and a key design goal of the Census Enterprise Architecture Transition
Plan is to minimize changes to the IT environment after the start of the 2018 End-to-End Census
Test. This test is designed to be a large scale test of all the operations and their supporting
2020 Census Detailed Operational Plan for:
34. IT Infrastructure (ITIN) Operation
(ITIN)
Page 37
Version 1.0 May 24, 2017 Final
systems in their target state for the 2020 Census. To accomplish this, ITIN personnel are
expected to perform all needed and planned ITIN upgrades and replacements prior to the start of
the 2018 End-to-End Census Test that may be required until 2020 Census operations conclude.
It is unrealistic, however, to expect that an IT computing environment can be maintained in an
unchanged state for 3+ years. Therefore, ITIN upgrades and replacements will be required. The
operational procedures for the upgrade or replacement of infrastructural components are detailed
below. The two types of upgrade/replacement operations include:
Planned Replacement.
o Includes scheduled upgrades and hardware end-of-life contingency planning.
Emergency Replacement.
o Handles incidents from a component failure or emergency security fix.
Associated processes include:
Perform Infrastructure Change.
Verify Infrastructure Change.
Compare and synchronize infrastructure configuration.
Communicate with system and business owners.
3.2.10 eSDLC Artifact/Document Maintenance Process [ITIN 34-2.10]
In a tightly coupled environment such as a System of Systems that the Census Bureau is
developing, updating information artifacts upon completion of O&M changes is critical. A server
configuration change in one system could have a major impact on an up or down stream system.
Incident Management diagnosis relies heavily on accurate and current data.
The eSDLC Artifact/Document Maintenance Process is focused on ensuring that the eSDLC
artifacts (mostly software, but potentially hardware as well) are properly synchronized with the
associated documentation as changes are made during the O&M process. The purpose of this
process is to ensure that products and supporting documentation are aligned, avoiding confusion
and delays on the part of system administrators, users, and O&M staff.
3.3 ITIN Disposition Phase [ITIN 34-3]
The ITIN Disposition Phase includes activities required to terminate capabilities used for the
2020 Census. The two main parts of disposition include asset maintenance and information
persistence. Each of these will be addressed in the specifics below.
The Disposition Phase Subject Areas include the following:
Enterprise Systems and Applications.
2020 Census Detailed Operational Plan for:
34. IT Infrastructure (ITIN) Operation
(ITIN)
Page 38
Version 1.0 May 24, 2017 Final
Decennial Specific Applications.
o Including potential for re-use for 2030 Census or ongoing operations
Field IT infrastructure (at National Processing Center (NPC), Regional Census Centers
(RCC), Area Census Offices (ACO), Paper Data Capture (PDC) centers, and Island Areas
(IA) sites).
Mobile Computing.
Cloud Computing.
The Disposition Phase for Enterprise Systems and Applications will be largely managed and
implemented by the particular programs that provide the enterprise capabilities, and as such may
not be particularly aligned with 2020 Census schedule milestones. For example, the hardware
and software assets for an enterprise capability may have planned upgrades beyond the 2020
Census timeframe, in which case certain versions may support the 2020 Census, but later
versions will proceed independently from the 2020 Census. Disposition of the obsolete version is
solely the responsibility of the hosting program office. Similarly, the information persistence
requirements for data collected and processed by this enterprise capability are also the sole
responsibility of the hosting program office. Data required for National Archives and Record
Administration is handled by the Archiving Operation (ARC).
The Disposition Phase for Decennial Specific applications is similar to that for the Enterprise
Systems and Applications, however, in this case the Decennial specific program office is
responsible for disposition of hardware/software assets as well as information persistence.
Given the large investment in hardware, software, and other assets for the 2020 Census, it is
prudent to seek opportunities for re-use of these capabilities for ongoing operations and the 2030
decennial census. Planning for such potential reuse should occur prior to acquisitions for the
2020 Census, in that procurement decisions may be affected if there is a decision to invest for the
long-term as opposed to 2020 Census specific purposes. The actual engineering and architectural
decisions about reuse of 2020 Census specific applications and resources will be made by
architecture review boards (ARB) and other planning groups to ensure that such reuse is
technically viable and cost effective as well. It should be noted, however, that the rapid pace of
technological evolution may make hardware and software reuse ineffective. The potential for
cost savings should be carefully balanced against the potential for reduced productivity
experienced using systems beyond their operational effective life spans.
The Disposition Phase for RCC and ACO Sites is focused on the disposition of temporary assets
acquired by the Census Bureau to support the 2020 Census. Examples include disposition of
Census Bureau owned Site IT installation assets at RCCs and ACOs in coordination with the
FLDI and DLM operations. Disposition of information assets will be handled by the existing
enterprise and 2020 Census specific systems.
2020 Census Detailed Operational Plan for:
34. IT Infrastructure (ITIN) Operation
(ITIN)
Page 39
Version 1.0 May 24, 2017 Final
The Disposition Phase for Mobile Computing is focused on effective stewardship of large
numbers of small mobile computing devices used by field workers during the 2020 Census.
The Disposition Phase for Cloud Computing is largely focused on how to manage information
disposition. As the cloud computing capability is expected to be provided by a FedRamp
certified COTS cloud vendor, the physical and virtual hardware will be managed by the cloud
vendor and as such is not in scope for Census disposition. The information stored in the cloud
environment, however, should be managed and disposed of appropriately, which will involve
extraction from the cloud environment to a long-term Census managed environment, and/or
submission of some or all data for archival purposes (done by the Archiving Operation) as
required by regulation and statutes. The ITIN Disposition Phase activity area is subdivided into
the following operational subactivities (See Figure 4).
Data Disposition Process [ITIN 34-3.1].
Hardware Disposition Process [ITIN 34-3.2].
Asset Disposition Process [ITIN 34-3.3].
eSDLC Artifact/Document Disposition Process [ITIN 34-3.4].
Figure 4: ITIN Disposition Phase [ITIN 3-3] Constituent Activities
Subsequent sections describe the ITIN Disposition Phase operational subactivities in detail.
3.3.1 Data Disposition Process [ITIN 34-3.1]
Whenever hardware or virtual environments are decommissioned, care must be taken to make
sure that all sensitive data is disposed of properly in accordance with policies and procedures for
handling Title 13 and Title 26 data. Data should be categorized per the standards outlined in
FIPS 199 - Standards for Security Categorization of Federal Information and Information
34-3 ITIN Disposition Phase
34-3.1 Data Disposition Process
34-3.2 Hardware Disposition Process
34-3.3 Asset Disposition Process
34-3.4 eSDLC Artifact/Document Disposition Process
2020 Census 34. IT Infrastructure Operation (ITIN) Operational Activity Structure for 34-3 ITIN Disposition Phase
Includes: Sensitive Data Non-sensitive Data
Includes: Repurposing Retirement
Includes: Maintenance & Support Termination Asset Accounting
Includes: Final changes for Disposition Phase as
needed.
2020 Census Detailed Operational Plan for:
34. IT Infrastructure (ITIN) Operation
(ITIN)
Page 40
Version 1.0 May 24, 2017 Final
Systems. FIPS 199 specifies data sensitivity across three dimensions: confidentiality, integrity
and availability. For the purposes of disposing of data, the confidentiality dimension is most
important.
Based on how confidential the data to be disposed of is, different controls are recommended. In
general, NIST 800-53 control baselines will be applied to appropriate levels of confidential data.
Additionally, an Information Owner, as defined by NIST 800-53 will be identified for data stored
on infrastructure, and relevant artifacts for the disposal of data must be completed by this
Information Owner. Additionally, NIST 800-53, section MP 6 Media Sanitization controls will
be established and followed pursuant to the degree of confidentiality of the data in question.
Finally, all data will be evaluated against whether or not it includes federal records that must be
retained before being disposed. The Archiving business operation will be included in the data
disposition process.
3.3.2 Hardware Disposition Process [ITIN 34-3.2]
Hardware disposition refers to the removal of hardware or virtual compute resources
permanently from the ITIN environment. The mechanics are different depending on which
managed computing environment (cloud, data center, etc.) the ITIN resource is deployed in, but
the high level processes are the same. The removal activities of NIST 800-53, PE-16 Delivery
and Removal will be followed. Additionally, physical assets will be assessed for their re-use
potential. In this case, all steps except for decommissioning of physical equipment will be
followed.
Final backup. The hardware to be disposed of will have a final backup taken in case it
needs to be quickly restored or the hardware is being replaced with different hardware.
Data disposition. All relevant processes related to the disposal of data identified in 34-
3.1 will be performed.
Asset disposition. All relevant processes related to the disposal of capital assets
identified in 34-3.3 will be performed.
Remove administrative tools and accounts. All security, monitoring and administrative
tools will be removed. This includes administrator usernames/passwords, security
certificates, etc.
Complete removal artifacts. All relevant artifacts (equipment logs, etc.) will be
completed, per 3.3.4, eSDLC Artifact/Document Disposition Process.
Decommission equipment. If physical compute resources, this includes the removal of
the hardware from the data center. If virtual, this includes removal of the virtual machine
from the virtualized environment.
2020 Census Detailed Operational Plan for:
34. IT Infrastructure (ITIN) Operation
(ITIN)
Page 41
Version 1.0 May 24, 2017 Final
3.3.3 Asset Disposition Process [ITIN 34-3.3]
Asset disposition refers to the removal of capital assets from the ITIN environment. It is largely
an accounting function, and its performance is critical to help reduce costs and complexity.
In particular, when ITIN Infrastructure is decommissioned, specific activities will be performed,
including:
Documenting end-of-service dates. In cases where hardware or equipment has an
ongoing cost from an accounting perspective (e.g., depreciation), tracking end-of-service
dates is vital.
Maintenance and Support Agreement termination. Equipment and software normally
have maintenance and support contracts. In cases where these contracts must be revised
periodically, or where equipment or software can be removed from a support contract,
tracking decommissioning allows Census to reduce costs.
License termination or transfer. Software licenses and subscriptions are normally paid
for on a per-processing-unit or per-user basis. Licenses are sometimes transferrable to
other hardware or users. The disposition process will include tracking of licensed
software to be decommissioned.
Cloud environments. Cloud-based ITIN resources are charged based on usage. Tracking
when services are decommissioned is necessary to audit and reconcile cloud services
billing.
3.3.4 eSDLC Artifact/Document Disposition Process [ITIN 34-3.4]
The eSDLC Artifact/Document Disposition process is focused on end-of-life activities for
eSDLC artifacts (mostly software, but potentially hardware or other equipment as well). The
process is intended to ensure proper disposition of assets is made, in accordance with policies
from Census Bureau and other applicable authorities.
It is important to ensure that all relevant documentation is updated to reflect the repurposing or
retirement of IT infrastructure items. This includes final changes for Disposition Phase as needed
for:
Inventories.
Architecture artifacts (System/Solution architecture diagrams, plans, etc.).
Inventories include physical assets used for operations as well as spare parts. Inventories also
include software assets such as COTS, government owner off-the-shelf products (GOTS), and/or
custom software applications developed to support operations. Disposition of hardware assets
can include outright disposal, or declaration as government surplus with associated transfer of
custody.
2020 Census Detailed Operational Plan for:
34. IT Infrastructure (ITIN) Operation
(ITIN)
Page 42
Version 1.0 May 24, 2017 Final
Architecture artifacts include information technology assets such as system/solution architecture
diagrams, plans, database designs, record layouts, and so forth. Disposition of these assets can
include destruction, disposal, and/or archival for future reference.
2020 Census Detailed Operational Plan for:
34. IT Infrastructure (ITIN) Operation
(ITIN)
Page 43
Version 1.0 May 24, 2017 Final
4. Cost Factors
4.1 Background
The investment in ITIN is projected to influence (reduce or increase ) the 2020 Census
overall costs in the following ways:
Leveraging enterprise solutions. ().
Leveraging cloud computing to address peak performance requirements. ().
4.2 Cost Factors
A list of major cost factors related to the ITIN Operation include the following:
Design, development and testing of 2020 Census software applications.
Design, implementation, and testing of 2020 Census information technology
infrastructure.
IT operations and maintenance.
This information is preliminary and will be updated as the 2020 Census Life-Cycle Cost
Estimate Model continues to mature.
4.3 Relevant IDEF0 Mechanisms
The following mechanisms from the IDEF0 Context Diagram represent the resources used to
support this operation and will therefore impact its cost:
Staff
HQ Staff.
TI Contractor Staff.
FLD Staff.
Sites
HQ.
NPC.
Paper Data Capture (PDC) Center Sites.
Census Questionnaire Assistance (CQA) Center Sites.
Island Area (IA) Sites.
FLD Sites (RCCs, ACOs).
Data Centers (BCC, TI, Cloud).
2020 Census Detailed Operational Plan for:
34. IT Infrastructure (ITIN) Operation
(ITIN)
Page 44
Version 1.0 May 24, 2017 Final
Systems
Decennial Systems.
Enterprise Systems.
Field and IA Systems.
Remedy.
HP-ALM.
ITIN Monitoring Systems.
Other
Networks.
Mobile Devices/DaaS.
2020 Census Detailed Operational Plan for:
34. IT Infrastructure (ITIN) Operation
(ITIN)
Page 45
Version 1.0 May 24, 2017 Final
5. Measures of Success
For the 2020 Census operations, the corresponding Measures of Success will be documented in
the operational assessment study plans and final reports. The operational assessment study plan
documents the criteria that will be used to define successful completion of the operation. The
operational assessment report will provide results on whether the criteria were met.
In general, operational assessments report on planned to actual variances in budget, schedules,
and production and training workloads. The corresponding Measures of Success (as documented
in the operational assessment study plan) include variances that exceed established thresholds.
See Content Guidelines for the 2020 Census Operational Assessments for the potential scope of
assessment.
Types of success measures include:
Process Measures that indicate how well the process works, typically including
measures related to completion dates, rates, and productivity rates.
Cost Measures that drive the cost of the operation and comparisons of actual costs to
planned budgets. Costs can include workload as well as different types of resource costs.
Measures of the Quality of the results of the operation, typically including things such
as rework rates, error rates, and coverage rates.
See the corresponding operational assessment study plan and report for the IT Infrastructure
Operation (ITIN) for details on the measures of success.
2020 Census Detailed Operational Plan for:
34. IT Infrastructure (ITIN) Operation
(ITIN)
Page 46
Version 1.0 May 24, 2017 Final
Appendix A – Acronyms and Terminology
Table 7 lists the acronyms and abbreviations used within this Detailed Operational Plan
document.
Table 8 lists a Glossary of Terms used within this Detailed Operational Plan document.
Additional Decennial terminology can be found on the Census Intranet under the [TBD] portal.
Table 7: Acronyms and Abbreviations List
Acronym Meaning
ACO Area Census Office
ACS American Community Survey
ARB Architecture Review Board
ARC Archiving Operation
AWS Amazon Web Services
BCC Bowie Comoputer Center
BCP Business Continuity Planning
CCB Change Control Board
CEDSCI Center for Enterprise Dissemination Services and Consumer Innovation
2020 Census Detailed Operational Plan for:
34. IT Infrastructure (ITIN) Operation
(ITIN)
Page 47
Version 1.0 May 24, 2017 Final
Acronym Meaning
COBIT Control Objectives for Information and Related Technologies
COOP Continuity of Operations Planning
COTS Commercial Off-the-shelf Products
CQA Census Questionnaire Assistance
DBMS Database Manegement System
DITD Decennial Infromation Technology Division
DLM Decennial Logistics Management Operation
DOP Detailed Operational Plan
DSC Decennial Service Center
FIPS Federal Information and Information Systems
FLD Field
FLDI Field Infrastructure Operation
GOTS Government Owner Off-the-shelf Products
HP-ALM Hewlett Packard Application Lifecycle Management
HQ Headquarters
HVAC Heating, Ventilation, and Air Conditioning
IA Island Areas
IIP Integration and Implementation Plan
IMR Incident Management Report
IPT Integrated Product Team
ISO International Organization for Standardization
ITIL Information Technology Infrastructure Library
2020 Census Detailed Operational Plan for:
34. IT Infrastructure (ITIN) Operation
(ITIN)
Page 48
Version 1.0 May 24, 2017 Final
Acronym Meaning
ITIN Information Technology Infrastructure
ITSM Information Technology Service Management
NIST National Institute of Standards and Technology
NOC Network Operating Center
NPC National Processing Center
NRFU Non-Response Follow-up
ORR Opertional Readiness Review
PDC Paper Data Capture
PM Program Management
PMO Program Management Office
PRR Production Readiness Review
RCC Regional Census Centers
SEI Systems Engineering and Integration
SEMP Systems Engineering Master Plan
SLA Service Level Agreement
SPC Security, Privacy and Confidentiality Operation
TEMP Test Engineering Master Plan
TI Technical Integrator
UAT User Acceptance Test
UE Update Enumerate Operation
UPS Uninterruptable Power Supply
2020 Census Detailed Operational Plan for:
34. IT Infrastructure (ITIN) Operation
(ITIN)
Page 49
Version 1.0 May 24, 2017 Final
Table 8: Glossary of Terms
Term Meaning
Business Continuity
Planning
Business Continuity Planning (BCP) is the process of creating systems
of prevention and recovery to deal with potential threats to a company
or organization. Any event that could negatively impact operations is
included in the plan, such as supply chain interruption, loss of or
damage to critical infrastructure (major machinery or computing
/network resource). As such, BCP is a subset of risk management. In
the US, government entities refer to the process as continuity of
operations (COOP) planning.
Capacity Activation Capacity activation is the process of assigning infrastructure resources
to support specific capacity demands of applications or services. This
may include traditional or cloud-based capabilities.
Cloud Computing Cloud Computing is a collection of services for deploying systems,
infrastructure, or platforms via a shared pool of on-demand and elastic
computing resources. This includes three service models: Software-as-
a-Service, where the cloud provider provides the entire application;
Platform-as-a-Service, where the cloud provider provides platforms
used to run an application, such as a pre-configured database
environment; Infrastructure-as-a-Service, where the cloud provider
provides processing, storage, and network resources to run platforms
and applications on.
2020 Census Detailed Operational Plan for:
34. IT Infrastructure (ITIN) Operation
(ITIN)
Page 50
Version 1.0 May 24, 2017 Final
Term Meaning
Continuity of
Operations
Continuity of Operations (COOP), as defined in the National
Continuity Policy Implementation Plan (NCPIP) and the National
Security Presidential Directive-51/Homeland Security Presidential
Directive-20 (NSPD-51/HSPD-20), is an effort within individual
executive departments and agencies to ensure that Primary Mission
Essential Functions (PMEFs) continue to be performed during a wide
range of emergencies, including localized acts of nature, accidents, and
technological or attack-related emergencies.
Decennial Device-
as-a-Service
Decennial Device-as-a-Service (dDaaS) is a Census Bureau acquisition
program approach. The dDaaS approach will be used to provide mobile
devices, accessories, cellular connectivity, and device provisioning for
each 2020 operation beginning with the 2018 End-to-End Census Test
through 2020 Coverage Measurement.
Disaster Recovery Disaster recovery (DR) involves a set of policies and procedures to
enable the recovery or continuation of vital technology infrastructure
and systems following a natural or human-induced disaster. Disaster
recovery focuses on the IT or technology systems supporting critical
business functions, as opposed to business continuity, which involves
keeping all essential aspects of a business functioning despite
significant disruptive events. Disaster recovery is therefore a subset of
business continuity.
Portal A portal is a website considered as an entry point to other websites,
often by being or providing access to a search engine.
Recovery Point
Objective
A Recovery Point Objective is the maximum acceptable data loss a
system can sustain per business requirements. This implies that some
form of backup or replication of a system's data must occur at least as
frequently as the recovery point objective.
Recovery Time
Objective
A Recovery Time Objective is the maximum length of any outage a
system can sustain per business requirements. This describes the
maximum amount of time the business can accept to restore a system to
its operational state after an outage occurs.
2020 Census Detailed Operational Plan for:
34. IT Infrastructure (ITIN) Operation
(ITIN)
Page 51
Version 1.0 May 24, 2017 Final
Term Meaning
Root Cause
Analysis
Root Cause Analysis is a problem solving method used to identify the
root causes of faults or problems. A factor is considered a root cause if
removal thereof from the problem-fault-sequence prevents the final
undesirable event from recurring; whereas a causal factor is one that
affects an event's outcome, but is not a root cause.
System of Systems A System of Systems is a collection of task-oriented or dedicated
systems that pool their resources and capabilities together to create a
new, more complex system which offers more functionality and
performance than simply the sum of the constituent systems.
2020 Census Detailed Operational Plan for:
34. IT Infrastructure (ITIN) Operation
(ITIN)
Page 52
Version 1.0 May 24, 2017 Final
Appendix B – References
Appendix B lists the documents or other resources used during the development of this Detailed
Operational Plan document.
U.S. Census Bureau (2016), “2020 Census Operational Plan,” Version 2.0, October 28, 2016.
U.S. Census Bureau (2016), “Operational Assessment Content Guidelines for the 2018 End-to-
End Census Test and the 2020 Census,” Draft, May 10, 2016.
2020 Census Detailed Operational Plan for:
34. IT Infrastructure (ITIN) Operation
(ITIN)
Page 53
Version 1.0 May 24, 2017 Final
Appendix C – Activity Tree for IT Infrastructure Operation (ITIN)
This appendix presents the Activity Tree for the ITIN Operation. An Activity Tree uses an
outline structure to reflect the decomposition of the major operational activities in the operation.
Each activity is numbered according to its position in the outline. For example, for the current
operation numbered “34”, the first activity would be numbered 34-1. Subactivities under this
activity would be numbered sequentially, starting again with the number one. For example, the
first subactivity under the first activity would be numbered 34-1.1 the second subactivity as 34-
1.2. The second activity would be numbered 34-2, and so on.
ITIN Activity Tree:
34-1 ITIN Activation Phase.
Activation Phase Subject Areas include:
o Enterprise Systems and Applications.
o Decennial Specific Applications.
o RCC and ACO IT Infrastructure.
o Mobile Computing.
o Cloud Computing.
34-1.1 Production Readiness Process.
34-1.2 eSDLC Artifact/Document Integration Process.
34-1.3 Release Activation Process.
34-1.4 Capacity Activation Process.
34-1.5 Qualification Process (Post Activation).
34-2 ITIN Operation and Maintenance (O&M) Phase.
O&M Phase Subject Areas include:
o Enterprise Systems and Applications.
o Decennial Specific Applications.
o RCC and ACO IT Infrastructure.
o Mobile Computing.
o Cloud Computing.
34-2.1 Continuous Monitoring Process.
34-2.2 Daily Operational Management Process.
34-2.3 Incident Management & Escalation Process.
34-2.4 Backup and Recovery Process.
34-2.5 Change Management Process.
34-2.6 Configuration Management Process.
34-2.7 Scale-Up Process.
34-2.8 Scale-Down Process.
34-2.9 Infrastructure Upgrade/Replacement Process (Hardware/Software).
2020 Census Detailed Operational Plan for:
34. IT Infrastructure (ITIN) Operation
(ITIN)
Page 54
Version 1.0 May 24, 2017 Final
34-2.10 eSDLC Artifact/Document Maintenance Process.
34-1 ITIN Disposition Phase.
Disposition Phase Subject Areas include:
o Enterprise Systems and Applications.
o Decennial Specific Applications.
o RCC and ACO IT Infrastructure.
o Mobile Computing.
o Cloud Computing.
34-3.1 Data Disposition Process.
34-3.2 Hardware Disposition Process.
34-3.3 Asset Disposition Process.
34-3.4 eSDLC Artifact/Document Disposition Process.