Agreement Types

ADMINISTRATIVE AGREEMENTS

CMPPA - Computer Matching and Privacy Protection Agreement

Purpose: (also known as a CMA) A type of data exchange agreement for which the Computer Matching and Privacy Protection Act (CMPPA) applies.
Initiator: Various (can be SSA or other federal or state agency).
Dependencies: Usually accompanied by an Inter-Agency Agreement (IAA) or Reimbursable Agreement. (RA)
Renewal Process/Timeframe: Initial period 18 months with 12 month extension.

IEA - Information Exchange Agreement

Purpose: A type of data exchange agreement for which the CMPPA does not apply.
Initiator: Various (can be SSA or other federal or state agency).
Dependencies: Usually accompanied by an Inter-Agency Agreement (IAA) or Reimbursable Agreement. (RA)
Renewal Process/Timeframe: Generally 5 year duration

MOU/MOA - Memorandum of Understanding/Memorandum of Agreement

Purpose: A formal written agreement signed by both parties that spells out the terms and conditions.
Initiator: Various (can be SSA or other federal or state agency).
Dependencies: Usually accompanied by an Inter-Agency Agreement (IAA) or Reimbursable Agreement (RA).
Renewal Process/Timeframe: May vary, likely 5 year duration.

FINANCIAL AGREEMENTS

IAA - Inter-Agency Agreement

Purpose: An Interagency Agreement (IAA) is established when a federal agency agrees to perform work for SSA and is reimbursed by SSA for that work. The IAA package includes an Interagency Agreement Data Sheet (Form SSA-429), a Memorandum of Understanding (MOU) identifying the provisions of the agreement, and a clearance memorandum from the Office of the General Counsel.
Initiator: SSA
Dependencies: Economy Act
Renewal Process/Timeframe: Annual; lead time varies.

RA - Reimbursable Agreement

Purpose: A Reimbursable Agreement (RA) is a contract between SSA and another entity which obligates SSA to commit resources to perform work at a mutually agreed upon price. It sets forth each party's responsibilities and the terms and conditions under which SSA will provide information or services to the requesting entity, as well as each party's legal and financial obligations. The term "Reimbursable Agreement" includes both an administrative agreement and the appropriate financial form (e.g., SSA-1235 or SSA-40).
Initiator: Project Coordinator (PC) of Sponsoring component
Dependencies: Compliance with numerous laws and regulations, that govern the process for establishing and executing RAs as well as Agency guidance. Legal, financial, and privacy protections. Economy Act; OMB Circulars A-11, A-25 and A-130.
Renewal Process/Timeframe: Annual; lead time varies but agreement must be in place before beginning of fiscal year or before work begins

SECURITY AGREEMENTS

ISA - Interconnection Security Agreement

Purpose: An agreement that documents the technical requirements for interconnections between system boundaries (e.g., security authorization or accreditation boundaries) that have different Designated Approval Authorities (DAA).
Initiator: Varies, but is written in support of security mandates defined by Office of Information Security.
Dependencies: Agreement must be in place to substantiate the need for direct access to SSA's systems.
Renewal Process/Timeframe: Must be completed whenever a new connection is being implemented or modified.

STC – State Transmission/Transfer Component

Purpose: An agreement that documents the data flow, as well as outlines the terms, conditions, and safeguards of transferring SSA data to another state agency(s).
Initiator: Varies, but is written in support of security mandates defined by Office of Information Security.
Dependencies: State agency is not able to receive SSA data directly and must have an approved and signed CMA in place
Renewal Process/Timeframe: Generally 5 year duration.