Sign-up today to see an in-depth, click-by-click demo of Feith software and solutions.

Home / Government
DD Form 2875 Update, May 2022

DD Form 2875 Update, May 2022

DD Form 2875 Update, May 2022

After 13 years, the DD 2875 SAAR form has been modified by the Federal government to include additional fields.

What is a SAAR form?

Department of Defense’s System Authorization Access Request (SAAR) form, or DD Form 2875, is used to request access to computer systems.  The SAAR form includes:

  • The name, title, and contact information of the individual requesting access
  • The name, title, and contact information of the supervisor
  • The reason for requesting access to the system
  • The level of access requested

Once the SAAR form is completed and signed, it must be submitted for approvals. Approvers can be the owners of the information requested, the Information Assurance group, and the Security Manager.

 

How does Feith handle SAAR forms?

Historically, agencies handled the DD 2875 process with paper forms.  Now, Feith Systems has developed entirely electronic forms and workflows to manage the SAAR process.

  • An online form that can be completed and submitted electronically
  • Feith’s Workflow routes the SAAR to the appropriate authorities for approval
  • Electronic authorization is issued to the individual once access is approved
  • Feith maintains a complete list of authorizations requested per user and per system

It starts with a simplified online version of the SAAR form.  Known fields fill automatically.     

Once the requestor fills in and signs their portions of the form, Feith converts it into a working Adobe PDF file.  Workflow sends the SAAR the right person or people for signature with their CAC Card. 

Powers of authority can then either approve or deny the staff member’s request.  If they deny it, Feith sends the form back for corrections.  If the power of authority approves it, Feith marks the requestor as having access to the system or information requested.  The system saves each version of the SAAR form for auditing purposes and keeps a record of every action taken on it.

Feith’s SAAR solution keeps a running list of all the groups, systems, and information a staff member has access to throughout their time at the organization.  When the person leaves the agency, Feith makes it easy for IT to deactivate them everywhere.

LinkedIn
Twitter
Email
Print
Shannon Heim

Shannon Heim

Helping others is what Shannon loves most, making her a great fit for outreach at Records Management University. She is in charge of credits and certificates as well as the RMU email account. When Shannon isn’t talking with students, she edits the on-demand classes to make them as high quality as possible.

Improving FOIA Software by Aligning Agency Goals

Improving FOIA Software by Aligning Agency Goals

It is critical for agencies to come together to form FOIA technology standards and alignment. Feith is dedicated to bringing Federal FOIA leadership together to have broad discussions about what they need, and what is available in the market.

Last spring, Feith took our first step to help drive that alignment in how our customers process FOIA requests. Feith FOIA customers came together for a roundtable discussion about FOIA process requirements between the DoD, Intelligence Community, and VA. Our FOIA SMEs delved deep into the unique needs of our agencies, and developed strategies to incorporate that feedback into our FOIA software.

Feith was ecstatic to see new progress towards the goal of standardizing FOIA this year. In the last month Feith was invited to participate in both the Chief FOIA Officer Council’s NexGen FOIA Technology Showcase, and the EPA’s FOIAonline workshops. These events allowed Feith and other FOIA vendors to present technology and ask questions of federal FOIA leaders. We gained insight into what the agencies are trying to accomplish and how we can continue to improve and automate as much of the process as possible.

Feith is looking forward to continuing this productive process with a wider variety of agencies. While no one-size fits all standard will ever work for FOIA; ideally, we can partner with agencies, move forward towards alignment by establishing overall goals, needs, and methods for agencies, and create ever more innovative FOIA management solutions.

LinkedIn
Twitter
Email
Print
Marshall Findley

Marshall Findley

Marshall Findley is a member of the technical staff with a focus on Records Management and FOIA. As a writer by day and reader by nature, Marshall is responsible for facilitating RFP processes. He specializes in aligning deliverables with Feith software capabilities.

NARA Releases Machine-Readable GRS

NARA Delivers Holiday Gift in the Form of a Machine-Readable GRS

An accurate and up-to-date Agency Records Management File Plan has always been and continues to be a necessary tool in the Records Management toolbox.  It provides specific guidance to bureaus and offices to ensure that all employees properly manage records under their care and control.

Maintenance of that Agency Records Management File plan also represents a continuing challenge.  Trying to keep the mix of existing GRS categories, disposition instructions, transmittals of GRS updates, and requests for Agency specific categories (in the form of SF 115s) accurate has always been a serious and time-consuming challenge.

Of late, Records Management automation was made much easier and efficient through the introduction of the Holiday Gift from NARA, specifically the machine-readable version of the General Records Schedule in comma separated value (CSV) format.  Since the CSV format is software agnostic, agencies have been enabled to convert data fields as needed for implementation in their specific applications.

With this modern version of the GRS as a holiday gift, agencies and Records Management software providers can ensure that their automated file plans are current, accurate, and maintainable.

Many thanks to our friends at NARA for this timely and modern holiday present.

LinkedIn
Twitter
Email
Print
Shannon Heim

Shannon Heim

Helping others is what Shannon loves most, making her a great fit for outreach at Records Management University. She is in charge of credits and certificates as well as the RMU email account. When Shannon isn’t talking with students, she edits the on-demand classes to make them as high quality as possible.

Defense Commissary Agency’s rollout of Feith RMA IQ receives prestigious DoD CIO Award

Defense Commissary Agency’s rollout of Feith RMA IQ receives prestigious DoD CIO Award

FOR IMMEDIATE RELEASE

WASHINGTON, DC 

Pentagon leadership has awarded the Defense Commissary Agency with the prestigious DoD CIO Award for their world-wide rollout of the Feith Systems electronic records management platform, RMA IQ.

The DoD CIO Awards Program recognizes outstanding achievements in Digital Modernization from across the Department of Defense.

“The recipients of this award have demonstrated how technology truly enables our nation to perform critical missions despite the COVID-19 global pandemic,” said the Honorable Dana Deasy, Chief Information Officer of the DoD, introducing the awards.

This year the DoD CIO leadership selected Feith customer DeCA as the winner of the Electronic Records Management modernization award.

A team of eighteen from the Defense Commissary Agency were recognized at the Pentagon for their successful rollout of the Feith ERM platform.

Describing DeCA’s successful project, Mr. Deasy celebrated the agency’s “successful transition to electronic records with a fully integrated, fully automated, and cost savings records management solution that fosters rapid information sharing across the Defense Commissary Agency.”

Director of DeCA’s IT Management and Oversight directorate, Neville Gallimore, celebrated the win with the directorate, “It took a team effort from multiple functional areas and the IT Group to achieve one of the core pillars of our congressionally mandated IT modernization goals.”

“We are extremely proud of DeCA’s accomplishment winning this well-deserved award, especially during the COVID outbreak when IT Modernization was so critically important. We couldn’t be prouder to have been a part of it. We’re continuing our important work ensuring agencies are compliant with M-19-21 and becoming the standard for Federal Electronic Records Management.” said Daniel Feith, Executive Vice President of Feith Systems.

You can watch the presentation of the award here:
https://dodcio.defense.gov/

Learn more

LinkedIn
Twitter
Email
Print
Kris Pettie

Kris Pettie

Kris is Feith’s Principal Government Business Analyst who provides analysis, sales engineering, proposal development, oversight of compliance with government contracting, and records management policy expertise for Feith's Government Division. Kris brings over 15 years of experience in government management consulting and policy analysis. Kris is a contributor to Feith’s Records Management University and continually seeks out new ways to engage and empower Feith’s government customers.

Video: Transform the Agency, with RMA IQ

Video: Transform the Agency, with RMA IQ

Describing DeCA’s successful project, Mr. Deasy celebrated the agency’s “successful transition to electronic records with a fully integrated, fully automated, and cost savings records management solution that fosters rapid information sharing across the Defense Commissary Agency.”

LinkedIn
Twitter
Email
Print
Richard Long

Richard Long

"This is an incredible software company with 40 years of pushing the envelope in information technology, and I couldn't be happier to be a part of it. If you have valuable information that is getting lost, is disorganized, separated into too many separate systems, or just isn't bringing value to your organization's mission, you should reach out to Feith." - Richard Long

Protecting FCI and CUI – Federally Compliant Record Repository

Protecting FCI and CUI – Federally Compliant Record Repository

Duration: 22 Minutes
Industry:  Government
Speaker:  Ray Davis

Conducting business with the government and its agencies comes with requirements.  The requirements to manage FCI and CUI are growing.  It started with the requirements of NIST 800-171 and has expanded to FAR 52.204-21 and FAR 4.7.  But the changes don’t stop there.  We’ll dive into the CMMC, the Cybersecurity Maturity Model Certification. This is a new certification that has eliminated the federal contractor self-assessments in favor of a 3rd Party Assessment to ensure your compliance.  Yes, you’re going to have to pass an assessment now!

Along with that we’ll discuss how to properly store your sensitive FCI and CUI. Storage isn’t a one-day thing.  You’ll need to manage the storage of your records through the entire information management lifecycle. Once you bring your records into the system, you’ll need to properly tag them and mark them so that only those people that should have access, does.  Yes, that’s a part of the regulatory requirements.

Do you know the difference between a single-tenant system and a multi-tenant system and just what does that mean to the access and security of your information?  We’ll delve into that as well.   By the end of the webinar you’ll be able to self-assess your ability to comply with the new regulations, the new certification, and decide whether it’s a challenge you want to accept on your own or engage with Feith Systems and Software to manage your FCI and CUI.

LinkedIn
Twitter
Email
Print
Ray Davis

Ray Davis

Ray Davis has been a Records Management and Information Governance Professional for over 30 years. His background is in the Financial Services Industry where he has created programs from the ground up. Ray is the current Region Director for the ARMA Mid-Atlantic Region and has just completed his term as a Trustee for the ARMA International Educational Foundation. He also hosted his own radio/internet talk show, Inside The Records Room for 12 years. In his spare time, Ray likes to wreak havoc on the racquetball court and tries to keep his golf shots in the middle of the fairway.

5 reasons why agencies struggle to meet their FOIA goals

5 reasons why agencies struggle to meet their FOIA goals

When it comes to Freedom of Information Act requests, it is mandatory to disclose information on time.  Content must be collected, reviewed, and packaged as a response.  That is easier said than done when agency data is scattered, hard to search through, or difficult to collaborate around.   Deadlines are missed, critical records are lost, and sensitive information can spill.

When agencies work their FOIA caseload manually, they struggle to meet their objectives. Here are 5 main reasons why agencies fall short of their goals.

 

1.  There is no uniform solution across the agency.

Many agencies leave staff without a uniform solution to create FOIA deliverables.  If organizations use legacy desktop clients to house that information, systems can’t communicate with each other, and staff are left to sift through them for content.

Even if systems are connected, IT needs to continuously integrate them to ensure knowledge workers’ access.  That much administrative work consumes human resources.   Documents are searched through manually, information gets lost, and budgets are strained. 

Agencies need a centralized system to meet FOIA deadlines.  The single workbench approach allows knowledge workers to access anything and everything they need to manage FOIA cases.

 

2.  There are too many complexities to handle FOIA requests manually

The sheer volume of data that agencies capture, process, and archive increases every day.  It is time-consuming to manually search through that much information.  Once captured, agency rules mandate different kinds of redaction for different types of content.  Without the right tools to create a pixel-by-pixel replacement, redacted information may not be redacted at all.  Sensitive data is left visible and released by accident.

When there are hundreds of FOIA requests to create, package, and deliver, it is a challenge to track all of their statuses. There is no way to pinpoint which of those hundreds of requests are more urgent, and which of those due dates are closer.

Automation is the only way to fix this. When cases are automatically created and the content in them can be automatically redacted, time is freed up for knowledge workers to focus on more critical tasks.

 

3.  Collaboration Challenges

The outcome of a FOIA request is dependent on the communication among those assigned to the case.  The past year has challenged the government to do a large portion of this work from home.  Often the contents of FOIA requests are cross-departmental or even cross-agency, which creates a line of communication between SME’s in different locations.   When there are problems or questions, knowledge workers must ask SME’s for assistance via email.  These emails are often left for several days in the SME’s inbox without an answer, and dead stops put the agency at risk of missed deadlines. 

Knowledge workers must be able to communicate with each other and with the requestor.  When the case is opened, the team assigned to it must keep up communication with the requestor and give them estimates, status updates, and the ability to track the case through its lifecycle.  When this process is done through phone or email, communication is not transparent.  No one knows what the FOIA team has already communicated to the requestor, or what still needs to be said. 

Another hurdle that agencies struggle over is collaborative access.  With no system in place to allow group work, team members will not be able to interact with systems at the same time for collection.  Without the tools to control access, FOIA teams can’t permission content or control who can see what within the case.  When agencies can’t control who can see what sensitive information, FOIA goals are not met.

 

4.  Poor Access to Data

It is a challenge to keep information organized when there are multiple data types and sources.  Email is a source now, with social media and chat to become sources in the future.  Email search and retrieval is sub-par and will take a considerable amount of time when compared to advanced search features.  Once the information is collected, there is also no way to see both text and metadata at the same time.  If knowledge workers find that they need more information from the eDiscovery side, they have fallen short of their FOIA goals.

When workers cannot interact with their cases, time is wasted.  SME’s should be able to connect to their workstation from any location and on any device.  If they know where they need to work and can get into their cases, the collection process can start immediately.   

A lack of a real Records Management system lives at the heart of this challenge.  With a repository in place, knowledge workers have access to collect and create deliverables.

 

5.  No Oversight/Accountability

At the end of every FOIA case is a potential audit process.  The work that FOIA teams complete should be entirely defensible. There needs to be a visual tally of everything done to create the deliverable.  Vaughn indexes display that tally of case actions and guarantee transparency.  Certain solutions can create Vaughn indexes automatically, but if there is no solution in place then it is up to an individual to create one by hand.  That process can take up mission-critical time and put the agency at risk of falling short of its FOIA objectives.

Supervisors need oversight tools to be able to meet their own FOIA goals.  When they are unable to see who completed what task or what the status of their case is, there is no accountability.  Cases are not tracked across their lifecycles, and there is no way to tell which action officers are busy and which can take on more work.

 

 

Take Control of the FOIA Process

Agencies that manage their FOIA requests with outdated systems and manual practices are in a situation where it is difficult to meet their turn-around time goals.  When it takes hours to search for content and days to hear back from SME’s, time is wasted.

When agencies utilize FOIA solutions to manage their caseloads, their goals are achievable.  Information can be accessed, searched for, collected, redacted on, and packaged for delivery before the deadline.  Teams can work together on content at the same time.  Security features keep sensitive information from the wrong hands, and oversight features allow supervisors to monitor their workers progress and steer them in the right direction.

LinkedIn
Twitter
Email
Print
Shannon Heim

Shannon Heim

Helping others is what Shannon loves most, making her a great fit for outreach at Records Management University. She is in charge of credits and certificates as well as the RMU email account. When Shannon isn’t talking with students, she edits the on-demand classes to make them as high quality as possible.

Video: DON Data Management

Video: DON Data Management

Tom Sasala
Chief Data Officer
US Department of the Navy

“You can’t feed the algorithms if you don’t have data.”
— DOD Chief Data Officer

Great talk at Active Navigation‘s FEDSpace 2020 by the DON Chief Data Officer, Tom Sasala.  Active Navigation is a premiere Feith technology partner.

LinkedIn
Twitter
Email
Print
Richard Long

Richard Long

"This is an incredible software company with 40 years of pushing the envelope in information technology, and I couldn't be happier to be a part of it. If you have valuable information that is getting lost, is disorganized, separated into too many separate systems, or just isn't bringing value to your organization's mission, you should reach out to Feith." - Richard Long

Checking the Forecast on Government Cloud Contracts

Checking the Forecast on Government Cloud Contracts

Government in the Cloud

In November 2010, OMB announced the US Federal Government’s first Cloud First policy.

Jeff Zients, CIO of OMB at the time, said this:
“What this means is that going forward, when evaluating options for new IT deployments, OMB will require that agencies default to cloud-based solutions whenever a secure, reliable, cost-effective cloud option exists,”

President Trump’s Executive Order 13800, further directs agency heads to show preference in procurement for shared services, with a focus on cloud services.  OMB shortly after published the “Cloud Smart” proposal which has sought to open mature commercial cloud services to federal customers by eliminating rules which stifled these initiatives.

Both the DoD and IC have invested heavily in making these cloud strategies a reality by leveraging the government’s bulk purchasing power in the JEDI and C2S contracts.

Joint Enterprise Defense Infrastructure

The force is strong with Microsoft after winning the heavily contested JEDI contract on October 25th, 2019.  The 10-year, $10 billion dollar deal is the biggest information technology procurement in government history.  Amazon Web Services was widely considered the front runner for the award, making the decision a disputed one.  The contract process continues to be under review by the DoD’s inspector general and is currently stuck in federal court.  Experts inside DoD remain confident that the project will move forward as planned.

The major focus of the initiative is to modernize the country’s warfighting operations.  Microsoft is tasked with overhauling DoD’s entire IT infrastructure, creating a world-wide responsive network. The first step in the project is centralizing everything on one cloud. In the words of DoD’s Acquisition Chief Ellen Lorde, “We are, no kidding, right now writing the contract to get everything moved to one cloud to begin with and then go from there.” 

Military officers have stood their ground that JEDI is needed to give DoD IT systems a much needed advantage. By driving speed to implement new systems, disaster recovery technology, and ease of provisioning systems, DoD hopes gain the upper hand through cloud infrastructure.

“The National Defense Strategy dictates that we must improve the speed and effectiveness with which we develop and deploy modernized technical capabilities to our women and men in uniform,” the Department of Defense CIO Dana Deasy noted. “The DoD Digital Modernization Strategy was created to support this imperative. This award is an important step in execution of the Digital Modernization Strategy.”

C2S (Commercial Cloud Services)

In August of 2014, CIA awarded a $600 million dollar contract to Amazon Web Services for 10 years of work.  AWS assisted the organization in building a private cloud computing setting within the secure firewalls of the intelligence environment.  The demands of the project were that it promoted greater integration, information sharing, and information safeguarding through a common IT approach that substantially reduced costs. The long-term goal was to keep up with emerging technologies like big data in ways not previously possible. 

The contract exceeded expectations and is widely considered by CIA as a success, having a material impact on both CIA and the IC at large with the potential to benefit other departments as well. 

According to John Edwards, CIO of CIA, “It used to take CIA 180 days to provision a single server. We got that down to 60 days, and thought, ‘we’re doing pretty good.’ Now through AWS and C2S, we’re down to minutes. That’s amazing.” 

C2E (Commercial Cloud Enterprise)

The 2014 Commercial Cloud Service contract worked so well that CIA is now hungry for more.  As of February 2020, the contract is a pending acquisition worth potentially tens of billions of dollars.  There is no word yet on a future deadline, but a decision could be made as early as September 2020.    The intelligence community needs to adopt a multi-cloud ecosystem with different levels of classifications based on content.  The goal of this acquisition will be to use different CSP’s unique specializations in technology, cyber security strategy, and services. 

The statement of work notes that “The IC requires an integrated, interoperable cloud ecosystem that promotes mission success through reliable, available, dynamic, and innovative information technology services with secure access to functions, capabilities, and data anywhere, anytime, and under all conditions.  Based on the IC strategic plan, the IC will leverage Government and multiple commercial cloud capabilities that are interoperable and support workflows within and across multiple security fabrics. The goal is to maximize rapid reuse of data and sharing of data in mission systems to support these capabilities.”

LinkedIn
Twitter
Email
Print
Shannon Heim

Shannon Heim

Helping others is what Shannon loves most, making her a great fit for outreach at Records Management University. She is in charge of credits and certificates as well as the RMU email account. When Shannon isn’t talking with students, she edits the on-demand classes to make them as high quality as possible.

Social Media Records Management

Social Media Records Management

Federally-compliant Records Management for Social Media

Since the first presidential tweet in January 2010, sent by then President Barack Obama, the medium has exploded as a way for government officials to make public announcements.  Since his inauguration in 2017, President Trump has made Social Media not just a means, but perhaps the means, for his office’s announcements.

This shift follows the trends at large, as Social Media overtakes print for the first time in global advertising revenue earlier this year. Traditional radio announcements, TV ads and print media, are still useful ways to reach out to the broader public, but many budgets simply can’t afford traditional media’s high-cost per impression, and its comparative effectiveness is increasingly up for debate.

Social media is now recognized as a powerful and inexpensive tool for engaging the public, to make announcements, and to educate, no matter what size the agency or their budget.  It’s no wonder that every agency and office up to the President has begun to leverage these effective tools for low-cost/high-impact outreach.   

But be forewarned — many agencies forget that Social Media posts constitute official government records and need to be managed according to the letter of the law. 

NARA Bulletin, ‘Guidance on Managing Social Media Records’
The Federal Records Act (44 U.S.C. 3301) defines Federal records as any material that is recorded, made or received in the course of Federal business, regardless of its form or characteristics, and is worthy of preservation. Social media content that meets this definition must be managed according to the applicable laws and regulations.” 

NARA makes the point very clearly, but it may underplay the concrete importance of Social Media as record.

As of March 2019, 73% of Americans interviewed by Pew Research Center report that they get some or all of their news from Social Media.  It’s clear that Social Media constitutes a strategically significant method for agencies to make announcements to the public, but if they’re going to use Social Media for official business they’ll have to align with NARA’s guidance.

Feith will ensure your social media presence remains compliant with all federal records regulations and guidelines.  Reach out today to learn more about our new Social Media archive solution, backed by our complete Government Records platform:  more-info@feith.com

LinkedIn
Twitter
Email
Print
Kris Pettie

Kris Pettie

Kris is Feith’s Principal Government Business Analyst who provides analysis, sales engineering, proposal development, oversight of compliance with government contracting, and records management policy expertise for Feith's Government Division. Kris brings over 15 years of experience in government management consulting and policy analysis. Kris is a contributor to Feith’s Records Management University and continually seeks out new ways to engage and empower Feith’s government customers.