Do deployed MAIS Defense Business Systems (with no modernization requirements) have to meet with the IRB before obligating FY2012 funding? How would one know when the section is talking about a modernization or all systems? My guess is: my deployed system doesn't go to the IRB unless we have a requirement for modernization or unless the DCMO flags our system to have a review performed by the IRB, but I am required to follow enterprise architecture. Otherwise, how would large, deployed systems obligate funding in FY12 before the establishment of the investment review board and investment management process required by March 15, 2012?
CAVEAT!! we are not DoD JAGs/acq law experts that interpret new US code and how it should be/will be implemented within DoD, the services and their programs. That is the official job of OSD policy, USD AT&L policy and the service's acquisition policy experts and offices (to include JAGs). We highly recommend that you seek Acquisition Legal advice from your Headquarters Legal division.
Assuming this is a program that falls within the Navy CIO's purview, included at https://acc.dau.mil/CommunityBrowser.aspx?id=498216&lang=en-US is a 15 Dec 2011 IT Policy Guidance memo from the DON CIO (http://www.doncio.navy.mil/PolicyView.aspx?ID=3543). From what can be read in DoD Instruction 5000.02, Enclosure 11, Management of Defense Business Systems, the DON CIO Policy memo and a scan of the FY12 NDAA Sec 901, Revision of Defense Business Systems Requirements, it appears the intent of restricting the obligating funds without proper IRB/IM-IT Certification/Review applies to modernization DBS programs only and not those in the Operations and Sustainment phase as described by the question.
Open full Question Details
It appears that the FY12 NDAA was amended and passed by the Senate on 1 Dec (so DON CIO memo was published after the FY12 NDAA was passed).
The DON CIO policy memo specifically states on page 3, (proceeding "all-caps" are for emphasis):
"4. IM/IT Certification and Annual Review Requirements: a.) Certification of Tier 1-3 MODERNIZATIONS: 10 United States Code (U.S.c.) 2222 (available at: http://uscode.house.govl) prohibits obligation of funds for any Defense Business System (DBS) MODERNIZATION with a total cost exceeding $1 million (i.e., Tier 1, 2 or 3 MODERNIZATION) without DON Chief Management Officer (CMO) determination that:..."
Additionally, there is a section on page 4 of the DON CIO memo that addresses the "Annual Review of Tier 4 Modernizations and Non-Tier DBSs". There may be nuances regarding the different "Tiers" of IT modernizations that it refers to, but this section may have some applicability since this program apparently is currently NOT executing modernization funding and therefore is not a modernization program. The memo states:
"10 U.S.C. 2222 established the requirement for annual review of all DBSs, including those with total dev/mod funding of $1 million or less (Tier 4 modernizations) and those with no dev/mod funding (Non-Tier systems). Per OSD guidance, Tier 4 and Non-Tier annual reviews are Defense Component responsibilities. Accordingly, it is DON policy that no dev/mod funding may be obligated during FY 2012 for any Tier 4 modernization without prior approval by the applicable DON Deputy CIO (Navy or Marine Corps)."
Note again that in the last sentence of this paragraph, the memo states the restriction on obligating funds without proper approval specifically applies to "dev/mod" (development/modernization) funding--"Accordingly, it is DON policy that no dev/mod funding may be obligated during FY 2012 for any Tier 4 modernization...".
The memo cited above contains several pertinent POC’s which will likely benefit you in further clarifying Navy policy.