EPA Requirements and Development Considerations

EPA systems/applications must comply with federal statutes, regulations, and policies. EPA's System Life Cycle Management (SLCM) Directives establish the Agency's approach for planning, developing and managing IT systems and applications in alignment with these requirements and in support of the Agency’s mission and business goals. The six SLCM Phases include the following:

• Phase 1: Pre-Definition – Includes documenting the business need for a new system/application.
• Phase 2: Definition – Solidifies understanding of alternatives, costs, and benefits for new systems/applications or modernizations and the recommended path forward.
• Phase 3: Acquisition/Development – Results in the acquisition or development of the system/application that satisfies the mission need defined in the Definition Phase.
• Phase 4: Implementation – Includes installation and operation of the application or modifications in a production environment.
• Phase 5: Operations and Maintenance - Ensures the system operates properly in the production environment and routine maintenance takes place.
• Phase 6: Termination – Results in removing a system from the production environment at the end of the lifecycle process.

EPA Information Directives apply at each lifecycle phase and provide additional detail on EPA’s policies and procedures for governing EPA’s IT investments and ensuring compliance with federal and Agency requirements. Following are some of the key requirements and EPA operational considerations that development teams must follow when developing systems/applications on behalf of the Agency.

In this section:

• Security Requirements
• Privacy Requirements
• Information Collection Requirements
• Electronic Signature Requirements
• Web Application Development Requirements
• Section 508/Accessibility Requirements
• Open-Source Software and EPA Code Repository Requirements
• EPA Application Development/Hosting Environments
• Data and Data Products