Government Glossary

Help improve this content

A glossary of common government IT and procurement terms, abbreviations and acronyms


Authority To Operate, generally granted by a CIO or DAA, is a term describe the granting of approval for an IT system to be used by an agency


Certifications and Accreditations or C&A’s are standardized statements regarding a vendor’s compliance with common contract requirements


Competition in Contracting Act of 1984


Chief Information Security Officer


Contracting Officer, the non-technical government representative charged with administering a contract


Contacting Officer’s Technical Representative, the technical government representative on a government contract, often akin to a project or program manager in the private sector


The Designated Approving Authority/Designated Accrediting Authority/Delegated Accrediting Authority has ultimate responsiblity for running a system at a particular level of risk.


(Department of) Defense Information Assurance Certification and Accreditation Process for risk management of information systems. The process by which an ATO is achieved in DoD.


The Federal Acquisition Regulation or FAR is the primary law government federal procurement in the United States


The Federal Risk and Authorization Management Program is a framework for certifying the security of cloud service providers for government-wide use


The Federal Information Security Management act lays out a common framework for an agency to evaluate the risk associated with a government IT system

GSA Schedules

General Services Administration establishes long-term governmentwide contracts (Schedules) with commercial firms to provide access to millions of commercial products and services at volume discount pricing. See Schedule 70.


Interim Authority/Authorization To Operate, is a provisional approval for a system whose deficiencies prevent a formal ATO from being issued.


Procurement Instrument ID. The unique identifier for each contract, agreement or order. is a centralized registry for vendor information including certification and accreditations

Schedule 70

Schedule 70 of the GSA Schedules is where the General Services Administration lists government-wide information technology contracts it has negotiated with common vendors. Listed offerings can be purchased through a simplified acquisition process.

Section 508

Section 508 of the US Rehabilitation Act lays out accessibility requirements all US Government Websites must meet

SP 800-53

A catalog of security controls published by NIST. Used to describe a system’s security measures in FISMA and FedRAMP approvals.


Secure Technical Implementation Guidelines. These are DISA’s security requirements for running certain kinds of software in the DOD.