IT Project Manager

Work that involves directly managing information technology projects to provide a unique service or product.

Tasks

The concrete work activities defined for this role in the DCWF v5.1 spreadsheet. Core tasks are required for the role; additional tasks are associated but not mandatory.

• T1003 additional Develop and document supply chain risks for critical system elements, as appropriate.
• T1017A additional Participate in the acquisition process as necessary.
• T1018 additional Ensure all acquisitions, procurements, and outsourcing efforts address information security requirements consistent with organization goals.
• T1143A additional Conduct import/export reviews for acquiring systems and software.
• T1148A additional Develop supply chain, system, network, performance, and cyber security requirements.
• T1148B additional Ensure supply chain, system, network, performance, and cyber security requirements are included in contract language and delivered.
• T5010 additional Act as a primary stakeholder in the underlying information technology (IT) operational processes and functions that support the service, provide direction and monitor all significant activities so the service is delivered successfully.
• T5150 additional Coordinate and manage the overall service provided to a customer end-to-end.
• T5310 additional Ensure that appropriate SLAs and underpinning contracts have been defined that clearly set out for the customer a description of the service and the measures for monitoring the service.
• T537 additional Develop methods to monitor and measure risk, compliance, and assurance efforts.
• T5380 additional Gather feedback on customer satisfaction and internal service performance to foster continual improvement.
• T5410 additional Manage the internal relationship with information technology (IT) process owners supporting the service, assisting with the definition and agreement of operating level agreements (OLAs).
• T5610 additional Review service performance reports identifying any significant issues and variances, initiating, where necessary, corrective actions and ensuring that all outstanding issues are followed up.
• T5660 additional Work with other service managers and product owners to balance and prioritize services to meet overall customer requirements, constraints, and objectives.
• T629A additional Identify and address cyber workforce planning and management issues (e.g. recruitment, retention, and training).
• T680A additional Lead and oversee budget, staffing, and contracting.
• T760 additional Perform needs analysis to determine opportunities for new and improved business process solutions.
• T797 additional Provide advice on project costs, design concepts, or design changes.
• T801 additional Provide enterprise cybersecurity and supply chain risk management guidance for development of the Continuity of Operations Plans.
• T811 additional Provide ongoing optimization and problem solving support.
• T813 additional Provide recommendations for possible improvements and upgrades.
• T834 additional Resolve conflicts in laws, regulations, policies, standards, or procedures.
• T840B additional Review or conduct audits of programs and projects.
• T949 additional Evaluate the effectiveness of procurement function in addressing information security requirements and supply chain risks through procurement activities and recommend improvements.
• T955A additional Draft and publish supply chain security and risk management documents.

Knowledge, Skills, and Abilities

KSA statements define what a person filling this role knows or can do. "Knowledge" is what they must know, "Skill" is what they can perform, and "Ability" is a durable capacity they bring to the work.

• A1039A ability core Ability to evaluate/ensure the trustworthiness of the supplier and/or product.
• A325A ability core Ability to ensure security practices are followed throughout the acquisition process.
• K0016 knowledge core Knowledge of capabilities and requirements analysis.
• K0068 knowledge core Knowledge of information technology (IT) architectural concepts and frameworks.
• K0129 knowledge core Knowledge of system life cycle management principles, including software security and usability.
• K0143 knowledge core Knowledge of the organization’s enterprise information technology (IT) goals and objectives.
• K069A knowledge core Knowledge of risk management processes and requirements per the Risk Management Framework (RMF).
• K088B knowledge core Knowledge of new and emerging control systems technologies.
• K0979 knowledge core Knowledge of supply chain risk management standards, processes, and practices.
• K1004A knowledge core Knowledge of information technology (IT) acquisition/procurement requirements.
• K1037 knowledge core Knowledge of information technology (IT) supply chain security and risk management policies, requirements, and procedures.
• K1127 knowledge core Knowledge of Import/Export Regulations related to cryptography and other security technologies.
• K1130 knowledge core Knowledge of organizational process improvement concepts and process maturity models (e.g., Capability Maturity Model Integration (CMMI) for Development, CMMI for Services, and CMMI for Acquisitions).
• K1133 knowledge core Knowledge of service management concepts for networks and related standards (e.g., Information Technology Infrastructure Library, current version [ITIL]).
• S203 skill core Skill in identifying measures or indicators of system performance and the actions needed to improve or correct performance, relative to the goals of the system.
• A1122 ability additional Ability to apply supply chain risk management standards.
• A6160 ability additional Ability to oversee the development and update of the lifecycle cost estimate.
• K0062 knowledge additional Knowledge of industry-standard and organizationally accepted analysis principles and methods.
• K0107 knowledge additional Knowledge of resource management principles and techniques.
• K0296 knowledge additional Knowledge of how information needs and collection requirements are translated, tracked, and prioritized across the extended enterprise.
• K0942 knowledge additional Knowledge of the organization's core business/mission processes.
• K0954 knowledge additional Knowledge of import/export control regulations and responsible agencies for the purposes of reducing supply chain risk.
• K1005 knowledge additional Knowledge of functionality, quality, and security requirements and how these will apply to specific items of supply (i.e., elements and processes).
• K1021 knowledge additional Knowledge of risk threat assessment.
• K1061A knowledge additional Knowledge of the acquisition/procurement life cycle process.
• K1125 knowledge additional Knowledge of Cloud-based knowledge management technologies and concepts related to security, governance, procurement, and administration.
• K6290 knowledge additional Knowledge of how to leverage government research and development centers, think tanks, academic research, and industry systems.

Other roles in this element