IT Investment/Portfolio Manager

IT Investment/Portfolio Manager Work Role ID: 804 (NIST: OV-PM-004) Category/Specialty Area: Oversee & Govern / Acquisition and Program/Project Management Workforce Element: Cyberspace Enablers / Acquisition

Manages a portfolio of IT capabilities that align with the overall needs of mission and business enterprise priorities.


Items denoted by a * are CORE KSATs for every Work Role, while other CORE KSATs vary by Work Role.

Core KSATs

KSAT ID Description KSAT
22

* Knowledge of computer networking concepts and protocols, and network security methodologies.

Knowledge
108

* Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).

Knowledge
1004A

Knowledge of information technology (IT) acquisition/procurement requirements.

Knowledge
1018

Ensure all acquisitions, procurements, and outsourcing efforts address information security requirements consistent with organization goals.

Task
1148B

Ensure supply chain, system, network, performance, and cyber security requirements are included in contract language and delivered.

Task
1157

* Knowledge of national and international laws, regulations, policies, and ethics as they relate to cybersecurity.

Knowledge
1158

* Knowledge of cybersecurity principles.

Knowledge
1159

* Knowledge of cyber threats and vulnerabilities.

Knowledge
6900

* Knowledge of specific operational impacts of cybersecurity lapses.

Knowledge

Additional KSATs

KSAT ID Description KSAT
69

Knowledge of Risk Management Framework (RMF) requirements.

Knowledge
107

Knowledge of resource management principles and techniques.

Knowledge
296

Knowledge of how information needs and collection requirements are translated, tracked, and prioritized across the extended enterprise.

Knowledge
680A

Lead and oversee budget, staffing, and contracting.

Task
834

Resolve conflicts in laws, regulations, policies, standards, or procedures.

Task
840

Review or conduct audits of information technology (IT) programs and projects.

Task
942

Knowledge of the organization’s core business/mission processes.

Knowledge
955A

Draft and publish supply chain security and risk management documents.

Task
979

Knowledge of supply chain risk management standards, processes, and practices.

Knowledge
1021

Knowledge of risk threat assessment.

Knowledge
1037

Knowledge of information technology (IT) supply chain security and risk management policies, requirements, and procedures.

Knowledge
1061A

Knowledge of the acquisition/procurement life cycle process.

Knowledge
1148

Develop contract language to ensure supply chain, system, network, and operational security are met.

Task
5380

Gather feedback on customer satisfaction and internal service performance to foster continual improvement.

Task
6160

Ability to oversee the development and update of the lifecycle cost estimate.

Ability
6290

Knowledge of how to leverage government research and development centers, think tanks, academic research, and industry systems.

Knowledge