Key Benefits:
On 9 December 2011 (State 1 Er January 2016)
The Swiss Federal Council,
Having regard to art. 43 and 47 of the Act of 21 March 1997 on the Organization of Government and Administration (LOGA) 1 ,
Stops:
This Order sets out the tasks and competencies related to the piloting and management of the use of information and communication technologies (ICTs) within the federal government.
1 This order applies to the administrative units of the federal central government within the meaning of s. 7 of the Order of 25 November 1998 on the Organisation of Government and Administration (OLOGA) 1 .
2 The following authorities and offices may, subject to other organizational provisions contained in federal law, commit themselves by means of an agreement to comply with this order and the directives based on it:
1 A ICT strategy Has the following elements:
2 The Piloting ICT Understands the design, curse and updating of ICT strategies as framework conditions, as well as the enactment and updating of ICT guidelines that are derived from and subordinate to them.
3 The term ICT management Performance of operational tasks by benefit recipients (needs management, acquisition, projects, management control, portfolio management, management of service level agreements, etc.) in accordance with the directives in Vigor.
4 The Subordinate directives The ICT strategy is:
5 The ICT processes Determine how ICT-related tasks are to be accomplished.
6 THE ICT architecture Determines the components of ICT and their articulation in support of business processes.
7 The ICT standards Derive from the ICT architecture, and through them, in terms of cost-effectiveness, interoperability, flexibility and security, the functions, interfaces and IT products that need to be developed, or Used similarly.
8 The ICT security Includes measures to protect the integrity and availability of ICT systems, as well as the confidentiality, integrity, availability and traceability of data saved, processed and transferred to these systems.
9 The Control of ICT management Includes the collection, processing, verification and interpretation of information used for piloting and managing the use of ICT.
10 A Standard service Is a centrally managed ICT benefit that is frequently used in the federal government and meets the same or similar requirements of benefit recipients.
11 The Information security Includes measures to protect vital infrastructure such as energy supply systems, logistics systems and the health system.
ICTs are designed and used to provide optimal support to the business processes of administrative units. In so doing, the principles of opportunity, profitability and security must be respected.
1 The Federal Council defines the Confederation's ICT strategy.
2 The Federal Department of Finance (DFF) is responsible for the implementation of the Confederation ICT strategy.
3 In their respective fields, the departments and the Federal Chancellery regulate the piloting and management of ICT, within the framework of the directives in force.
The use of ICTs presupposes:
ICT projects and applications must meet the objectives and guidelines of the Federal Council's Information Society Strategy.
1 When implementing ICT strategies and guidelines, project and application managers ensure organizational and methodological coordination.
2 In particular, they shall ensure that the manner in which the conditions laid down in art are taken into account is recorded in an updated form and for each project or application. 6, as well as the objectives and guidelines provided for in s. 7.
1 The departments and the Federal Chancellery, or the administrative units, manage the use of ICT in their respective fields.
2 After consultation with the benefit recipients concerned and the relevant internal benefit providers and through market analysis and external comparative analyses, the department or the Federal Chancellery decides:
3 The Federal Council decides on the market model for standard services.
4 The provisions of the legislation on public procurement are reserved.
1 The administrative units are responsible for the protection of their ICT systems and applications and the data to be protected (objects to be protected).
2 They regularly review the objects to be placed under protection and take the necessary security measures.
1 Any administrative unit, organization or person subject to this order who is aware of events relating to the safety of objects to be placed under protection shall inform:
2 At the end of the year, the departments and the Federal Chancellery report to the UPIC on the implementation of security measures.
3 On the basis of these reports, the UPIC informs the Federal Council of the state of security in ICT every year.
1 The DFF establishes a special staff for the security of information, made up of representatives of the federal, cantonal and economic sectors.
2 The Special Staff assists the supreme governing bodies of politics and the economy in crises triggered by major disruptions affecting the information infrastructure.
3 The delegate to the computerised steering committee of the Confederation took the chair.
4 The Special Staff develops an internal regulation that defines the details of its organisation and work.
1 The Confederation services that manage specialized police applications work with the cantons to harmonize these applications.
2 The arrangements for such cooperation, in particular the creation of bodies common to the Confederation and the cantons, are laid down in an agreement concluded with the cantons.
3 Pursuant to this order and in accordance with the agreement with the cantons, the relevant departments may conclude implementing conventions for the various projects. In so doing, they shall ensure compliance with the directives of this Order.
4 They shall inform the joint bodies of current and future projects in the field of specialised police applications and ensure that they are in accordance with the decisions taken by the common bodies.
The Federal Council:
1 The Conference of Secretaries General (CSG) evaluates ICT issues at the Confederation level from the point of view of operational business management (interest in business processes from the perspective of ICT).
2 In particular, it participates in the preparation of important Federal Council cases relating to ICT.
1 The DFF is developing the Confederation's ICT strategy.
2 It enacts administrative orders as part of its duties.
1 One of the tasks of the UPIC is:
2 It collaborates with the cantons, the relevant organisations, the economic circles and foreign partners; it represents the Confederation in the organisations concerned.
3 It establishes bodies as part of its tasks. The departments and the Federal Chancellery designate their representatives, who must meet the requirements and have the necessary expertise.
4 It may delegate minor decisions concerning, inter alia, derogations from its ICT guidelines, requirements for the exploitation of ICT or the conduct of projects and programmes:
1 [ RO 2006 5613 , 2009 6149 ch. III 2, 2010 3175 Annex 3 c. 3, 2011 6093 Annex c. 2. RO 2012 5935 art. 39 al. 1]. See currently the O of 24 Oct. 2012 on the organization of government procurement (RS 172.056.15 ).
1 The Confederation Informatics Council (IC) is made up of the Chief Information Officer for ICT (art. 20 A From the O of 17 Feb 2010 on the organization of the Federal Department of Finance 1 ) And a named representative from each department and the Federal Chancellery. The delegate took the chair.
2 A representative of the Federal Administration of Finance (AFF), the Federal Data Protection and Transparency Plan (PPDT), internal benefit providers and Parliamentary Services can participate with a consultative voice. It is possible to appeal to other persons on an advisory basis, if necessary.
3 The CI is the advisory body of the UPIC for ICT cases requiring the agreement of the departments and the Federal Chancellery, in particular for the enactment of directives and the approval of derogations from their application.
1 The Information Technology Security Committee (C-SI) includes the computer security delegates of the departments and the Federal Chancellery.
2 A representative of the Federal Audit Office (CFO), TDP and Parliamentary Services may participate with a consultative vote. It is possible to appeal to other persons on an advisory basis, if necessary.
3 The C-SI is headed by the Chief Information Officer of the Confederation.
4 It is the UPIC's advisory body on all ICT security issues.
1 The Support Process Steering Committee (SCOC) is composed of a representative of the UPIC and a representative:
2 The representative of UPIC chaired the meeting.
3 A representative of the Federal Office of Information Technology and Telecommunications and a representative of the Command Aid Base (LAC) participate with a consultative voice.
4 It coordinates the decisions between the AFF, the OFPER, the OFCL, the logistics and real estate of the DDPS and the UPIC in support, by ICT, of the support processes used throughout the federal administration for finance, staff, Construction, logistics, purchasing control and real estate management. 1
1 New content according to the c. III 2 of the O of 18 Nov 2015, in force since 1 Er Jan 2016 ( RO 2015 4873 ).
1 Benefit recipients are the units and services referred to in s. 2.
2 Benefit recipients are responsible for compliance with the ICT guidelines and decisions of the Federal Council, DFF, UPIC and the departments or the Federal Chancellery in their respective fields of competence.
1 Benefit recipients use ICTs in an economic sense and budget accordingly.
2 They conclude project agreements and benefit agreements with benefit providers and establish a portfolio of their studies, projects and applications (ICT portfolio).
3 They shall ensure, through appropriate management control, that the services of the upper echelons at all times have the information necessary for management and pilotage.
1 Each department has an internal benefit provider at most.
2 Internal service providers are responsible for compliance with the ICT guidelines and decisions of the Federal Council, DFF, UPIC and the departments or the Federal Chancellery in their areas of competence Respective.
1 Internal service providers provide beneficiaries with ICT benefits in accordance with the project agreements and benefit agreements concluded.
2 They shall maintain complete analytical accounting and shall submit to UPIC, on a periodic basis and in a transparent manner, the costs and revenues relating to the standard services.
3 They guarantee the operational supply of the standard services for which they assume the roles defined by the Federal Council in the market model. In this context, they are responsible for the operation, including operational coordination with other required benefit providers.
1 The procedure for acquiring ICT benefits from external suppliers is governed by:
2 In the case of acquisitions of benefits from an external supplier, the ICT guidelines form an integral part of the tender file.
3 The beneficiary of the benefits checks appropriately the compliance with the directives concerning ICT by the external supplier.
1 RS 172.056.1
2 RS 172.056.11
3 [ RO 2006 5613 , 2009 6149 ch. III 2, 2010 3175 Annex 3 c. 3, 2011 6093 Annex c. 2. RO 2012 5935 art. 39 al. 1]. See currently the O of 24 Oct. 2012 on the organization of government procurement (RS 172.056.15 ).
4 RS 172.010.21
For the acquisition of ICT benefits from external suppliers, the contracting authority complies with the existing standard contracts.
1 The budgeting and accounting of ICT resources is carried out in principle in a decentralised manner, in accordance with the provisions of the Finance Act of 7 October 2005 1 .
2 The UPIC manages centrally budgeted resources for the provision of standard services. As a general rule, the operation of the standard services is budgeted in a decentralised manner by the beneficiaries of benefits and is billed to them on the basis of the benefits acquired. Benefit recipients take into account the quantitative and qualitative aspects of standard services in the framework of service level agreements (benefit agreements).
3 The UPIC manages centrally budgeted resources for IT projects which, according to planning, cannot be financed by the administrative units.
4 It manages centrally budgeted resources for unplanned projects.
1 The September 26, 2003 Order on Informatics in the Federal Government 1 Is repealed.
2 The amendment to the existing law is set out in the schedule.
1 [ RO 2003 3687 , 2007 3401 art. 22 al. 2, 2010 635 Annex c. 2, 2011 4491]
This order shall enter into force on 1 Er January 2012.