For instructions on using this template, please see Notes to Author/Template Instructions on page 16.

Notes on accessibility: This template has been tested and is best accessible with JAWS 11.0 or higher.
For questions about using this template or to request changes to the template, please contact CMS IT
Governance ([email protected]).

<Project Name/Acronym>
Interface Control Document
Version X.X
MM/DD/YYYY

ICD Version X.X i <Project and release name>

CMS TLC List of Tables

Table of Contents
1. Introduction.................................................................................................................1
1.1 Overview..............................................................................................................1
2. Assumptions/Constraints/Risks...............................................................................2
2.1 Assumptions........................................................................................................2
2.2 Constraints..........................................................................................................2
2.3 Risks....................................................................................................................2
3. Interface Overview.....................................................................................................3
3.1 Interface Overview..............................................................................................3
3.1.1 Interface Controls..........................................................................................3
3.2 Functional Allocation...........................................................................................4
3.3 Data Transfer......................................................................................................4
3.4 Transactions........................................................................................................4
3.5 Security and Integrity...........................................................................................4
4. Detailed Interface Requirements..............................................................................6
4.1 Requirements for <Given Interface Name>........................................................6
4.1.1 Assumptions..................................................................................................6
4.1.2 Technical Interface Requirements................................................................7
4.1.3 General Processing Steps............................................................................7
4.1.4 Interface Processing Time Requirements....................................................7
4.1.5 Message Format (or Record Layout) and Required Protocols.....................7
4.1.6 Communication Methods..............................................................................9
4.1.7 Security Requirements..................................................................................9
4.2 Requirements for <Given Interface Name>......................................................10
5. Quality Assurance....................................................................................................11
Appendix A: Record of Changes..................................................................................12
Appendix B: Glossary...................................................................................................13
Appendix C: Referenced Documents..........................................................................14
Appendix D: Approvals.................................................................................................15
Appendix E: Notes to the Author/Template Instructions..........................................16

List of Figures
No table of figures entries found.

ICD Version X.X ii <Project and release name>

CMS TLC List of Tables

List of Tables
Table 1 - OSI Application Layer.........................................................................................3
Table 2 - OSI Presentation Layer......................................................................................3
Table 3 - OSI Session Layer..............................................................................................3
Table 4 - OSI Transport Layer...........................................................................................3
Table 5 - OSI Network Layer.............................................................................................4
Table 6 - OSI Data Layer...................................................................................................4
Table 7 - OSI Physical Layer.............................................................................................4
Table 8 - Record of Changes...........................................................................................12
Table 10 - Glossary..........................................................................................................13
Table 11 - Referenced Documents..................................................................................14
Table 12 - Approvals........................................................................................................15

ICD Version X.X iii <Project and release name>

CMS TLC Introduction

1. Introduction
Instructions: Provide identifying information for the source and target systems
participating in the interface. A separate paragraph should be included for each system
that comprises the interface, providing sufficient description to definitively identify the
systems participating in the interface. Also describe any security or privacy
considerations associated with use of the ICD.
This ICD describes the relationship between the <Source System Name (Acronym)> (the
source system) and the <Target System Name (Acronym)> (the target system).
This ICD specifies the interface requirements the participating systems must meet. It describes
the concept of operations for the interface, defines the message structure and protocols that
govern the interchange of data, and identifies the communication paths along which the project
team expects data to flow.
For each interface, the ICD provides the following information:
 A description of the data exchange format and protocol for exchange
 A general description of the interface
 Assumptions where appropriate
 Estimated size and frequency of data exchange

1.1 Overview
Instructions: Briefly describe the purpose of each interface to another external system
at a functional level and the data exchanged between the interfaces. Further
information on the functionality and architecture of the participating systems is given in
the subsequent sections. In particular, each system should be briefly summarized with
special emphasis on the functionality related to the interface. The hardware and
software components of each system are also identified.

ICD Version X.X 4 <Project and release name>

CMS TLC Introduction

2. Assumptions/Constraints/Risks
2.1 Assumptions
Instructions: Describe any assumptions or dependencies regarding the interfaces of the
system. These may concern such issues as: related software or hardware, operating
systems, or end-user characteristics.

2.2 Constraints
Instructions: Describe any limitations or constraints that have a significant impact on the
system interfaces. Such constraints may be imposed by any of the following (the list is
not exhaustive):
 Hardware or software environment
 End-user environment
 Availability of resources
 Interoperability requirements
 Interface/protocol requirements
 Data repository and distribution requirements

2.3 Risks
Instructions: Describe any risks associated with the system interfaces and proposed
mitigation strategies.

ICD Version X.X 5 <Project and release name>

CMS TLC Introduction

3. Interface Overview
3.1 Interface Overview
Instructions: Describe the functionality and architecture of the interfacing systems as
they relate to the proposed interface. Briefly summarize the system, placing special
emphasis on functionality, including identification of key hardware and software
components, as they relate to the interface. If more than one external system is to be
part of the interface being defined, then include additional sections at this level for each
additional external system.

3.1.1 Interface Controls

Instructions: Include a detailed description of the required interface controls below.
Remove layers as applicable.
Table 1 - OSI Application Layer
Description of
Interface Type Interface From Interface To Other Information
Interface
<Interface <Interface <Interface <Interface Description> <Other
Type> From> To> Information>

Table 2 - OSI Presentation Layer

Description of
Interface Type Interface From Interface To Other Information
Interface
<Interface <Interface <Interface <Interface Description> <Other
Type> From> To> Information>

Table 3 - OSI Session Layer

Description of
Interface Type Interface From Interface To Other Information
Interface
<Interface <Interface <Interface <Interface Description> <Other
Type> From> To> Information>

Table 4 - OSI Transport Layer

Description of
Interface Type Interface From Interface To Other Information
Interface
<Interface <Interface <Interface <Interface Description> <Other
Type> From> To> Information>

ICD Version X.X 6 <Project and release name>

CMS TLC Introduction

Table 5 - OSI Network Layer

Description of
Interface Type Interface From Interface To Other Information
Interface
<Interface <Interface <Interface <Interface Description> <Other
Type> From> To> Information>

Table 6 - OSI Data Layer

Description of
Interface Type Interface From Interface To Other Information
Interface
<Interface <Interface <Interface <Interface Description> <Other
Type> From> To> Information>

Table 7 - OSI Physical Layer

Description of
Interface Type Interface From Interface To Other Information
Interface
<Interface <Interface <Interface <Interface Description> <Other
Type> From> To> Information>

3.2 Functional Allocation

Instructions: Briefly describe what operations are performed on each system involved in
the interface and how the end users will interact with the interface being defined. If the
end user does not interact directly with the interface being defined, describe the events
that trigger the movement of information using the interface being defined.

3.3 Data Transfer

Instructions: Briefly describe how data will be moved among component systems of the
interface being defined. Include descriptions and diagrams of how connectivity among
the systems will be implemented and of the type of messaging or packaging of data that
will be used to transfer data among the systems. If more than one interface between
these two systems is defined by this ICD, each should be identified in this section. A
separate subsection may be included for each interface.

3.4 Transactions
Instructions: Briefly describe the types of transactions that will be used to move data
among the component systems of the interface being defined. If multiple types of
transactions will be used for different portions of the interface, a separate section may
be included for each interface.

3.5 Security and Integrity

Instructions: If the interface defined has security and integrity requirements, briefly
describe how access security will be implemented and how data transmission security

ICD Version X.X 7 <Project and release name>

CMS TLC Introduction

will be implemented for the interface being defined. Include a description of the
transmission medium to be used and whether it is a public or a secure line. Include a
brief description of how data will be protected during transmission and how data
integrity will be guaranteed. Include a description of how the two systems can be certain
they are communicating with each other and not with another system masquerading as
one of them. Describe how an individual on one system can be audited and held
accountable for resulting actions on the other component of the interface. Normally, this
section should be an overview of how security and integrity will be implemented.
An interface that is completely self-contained, such as movement of data between
systems resident in the same computer room, may not have any security requirements.
In this case it should be so stated with an explanation of why the interface has no
security and integrity requirements.

ICD Version X.X 8 <Project and release name>

CMS TLC Introduction

4. Detailed Interface Requirements

Instructions: This section specifies the requirements for one or more interfaces between
two systems. This includes explicit definition of the content and format of every
message or file that may pass between the two systems, and the conditions under
which each message or file is to be sent. If an interface between the two systems is to
be implemented incrementally, identify the implementation phase in which each
message will be available. The structure in the “Requirements for <Given Interface>”
section should be replicated for each defined interface between the two participating
systems.
The template contained in the section named Requirements for <Given Interface>
(including subsections) provides a generic approach to interface requirements
definition. The specific interface definition should include only subsections relevant to
the interface being defined, and liberty may be taken in the organization of subsections
under the section named the section named Requirements for <Given Interface>.
Where types of information not specified in the section named Requirements for <Given
Interface> are required to clearly define the interface, additional subsections should be
added. Other readily available documents (such as data dictionaries, standards for
commercial protocols, and standards for user interfaces) may be referenced instead of
stating the information here. It may be useful to include copies of such documentation
as appendices to the ICD. Where possible, the use of tables and figures is encouraged
to enhance the understandability of the interface definition. In defining interface
requirements, clearly state which of the interfacing systems the requirement is being
imposed upon.

4.1 Requirements for <Given Interface Name>

Instructions: Briefly summarize the interface for the name given above. Indicate what
data protocol, communication methods, and processing priority are used by the
interface. Data protocols may include messages and custom ASCII files.
Communication methods may include electronic networks or magnetic media.

4.1.1 Assumptions
Instructions: Identify any assumptions that specify organizational responsibilities for
specific activities or decisions, or that defines specific constraints. Assumptions might
include:
 Data acceptance constraints
 Responsibility for establishing and managing the communication protocol
 Responsibility for providing and/or accepting file feeds for test and production
processing
 Allowable file sizes
 Responsibility for decisions on acceptance of test results

ICD Version X.X 9 <Project and release name>

CMS TLC Introduction

4.1.2 Technical Interface Requirements

Instructions: Describe the technical solution for how the systems will interface and
exchange information (e.g. API, SFTP, etc). Identify specific ports, protocols and
system interoperability requirements that must be met to establish and support the
interface.

4.1.3 General Processing Steps

Instructions: Describe the daily, weekly, monthly, etc., and threshold processing.
Discuss the process to be used to confirm successful file transmission. Identify steps to
be taken if all records in a file are received and the steps to be taken if all records are
not received. Identify the reports to be used to document the results of daily, weekly,
monthly, etc., processing. Describe any special processing that will be performed if a
certain percentage (threshold) of the records is rejected.

4.1.4 Interface Processing Time Requirements

Instructions: If information is required to be formatted and communicated as the data is
created, as a batch of data is created by operator action, or in accordance with some
periodic schedule, indicate processing priority. Requirements for specific messages or
files to be delivered to the communications medium within a set interval of time should
be included in Subsection named “Message Format (or Record Layout) and Required
Protocols”. State the priority that the interfacing entities must assign to the interface.
Priority may be stated as performance or response time requirements defining how
quickly incoming traffic or data requests must be processed by the interfacing system to
meet the requirements of the interface. Considerable latitude should be given in
defining performance requirements to account for differences in hardware and
transaction volumes at different installation sites of the interfacing systems. Response
time requirements, which are impacted by resources and beyond the control of the
interfacing systems (i.e., communication networks) are beyond the scope of an ICD.

4.1.5 Message Format (or Record Layout) and Required Protocols

Instructions: Specify the explicit definitions of and the conditions under which each
message is to be sent. Describe the definition, characteristics, and attributes of the
command; also, document query and response descriptions.

4.1.5.1 File Layout

Instructions: This section should contain diagrams and short descriptions of both the
header and detail layouts. This information may be included in an appendix to the
document that is referenced here.

4.1.5.2 Data Assembly Characteristics

Instructions: Define the content and format of every message, file, or other data
element assembly (records, arrays, displays, reports, etc.) specified in Subsection
named “Message Format (or Record Layout) and Required Protocols”. In defining
interfaces where data is moved among systems, define the packaging of data to be

ICD Version X.X 10 <Project and release name>

CMS TLC Introduction

utilized. The origin, structure, and processing of such packets will be dependent on the
techniques used to implement the interface. Define required characteristics of data
element assemblies that the interfacing entities must provide, store, send, access,
receive, etc. When relevant to the packaging technique used, the following information
should be provided:
 Names/identifiers
 Project-unique identifier
 Non-technical (natural language) name
 Technical name (e.g., record or data structure name in code or database)
 Abbreviations or synonymous names
 Structure of data element assembly (e.g., field name, type, length, valid values,
etc.)
 Visual and auditory characteristics of displays and other outputs (e.g., colors,
layouts, fonts, icons, and other display elements, beeps, lights) where relevant
 Relationships among different types of data element assemblies used for the
interface
 Priority, timing, frequency, volume, sequencing, and other constraints (e.g.,
whether the assembly may be updated and whether business rules apply)
 Sources (setting/sending entities) and recipients (using/receiving entities).

4.1.5.3 Field/Element Definition

Instructions: Define the characteristics of individual data elements that comprise the
data packets defined in Subsection named “Data Assembly Characteristics”. Sections
“Data Assembly Characteristics” and “Field/Element Definition” may be combined into
one section in which the data packets and their component data elements are defined
in a single table. Data element definitions should include only features relevant to the
interface being defined and may include such features as:
 Names/identifiers
 Project-unique identifier
 Priority, timing, frequency, volume, sequencing, and other constraints (e.g.,
whether the data element may be updated and whether business rules apply)
 Non-technical (natural language) name
 Technical name (e.g., variable or field name in code or database)
 Abbreviation or synonymous names
 Data type (alphanumeric, integer, etc.)
 Size and format (e.g., length and punctuation of a character string)
 Units of measurement (e.g., meters, dollars, nanoseconds)
 Range or enumeration of possible values (e.g., 0-99)
 Accuracy (how correct) and precision (number of significant digits)

ICD Version X.X 11 <Project and release name>

CMS TLC Introduction

 Security and privacy constraints

 Sources (setting/sending entities) and recipients (using/receiving entities)
 Validation rule(s)
If there is a need to reformat data before they are transmitted or after incoming data is
received, include descriptions of the tools and/or methods for the reformatting process.

4.1.6 Communication Methods

Instructions: Communication requirements include all aspects of the presentation,
session, network, and data layers of the communication stack to which both systems
participating in the interface must conform. Document the specifications for hand-
shaking protocols between the two systems. Include the content and format of the
information to be included in the hand-shake messages, the timing for exchanging
these messages, and the steps to be taken when errors are identified. The following
subsections should be included in this discussion as appropriate to the interface being
defined and may be supplemented by additional information as appropriate.

4.1.6.1 Interface Initiation

Instructions: Define the sequence of events by which the connections between the
participating systems will be initiated. Include the minimum and maximum number of
conceptions that may be supported by the interface. Also include availability
requirements for the interface (e.g., 24 hours a day, 7 days a week) that are dependent
on the interfacing systems. Availability requirements beyond the control of the
interfacing systems (e.g., network availability) are beyond the scope of an ICD.

4.1.6.2 Flow Control

Instructions: Specify the sequence numbering, legality checks, error control, and
recovery procedures that will be used to manage the interface. Include any
acknowledgement (ACK/NAK) messages related to these procedures. Address the
format(s) for error reports exchanged between the systems and their disposition (e.g.,
retained in a file, sent to a printer, flag/alarm sent to the operator, etc.)

4.1.7 Security Requirements

Instructions: Specify the security features that are required to be implemented within the
message or file structure or in the communications processes. Specify the security of
the communication methods used (Include safety/security/privacy considerations, such
as encryption, user authentication, compartmentalization, and auditing). For interactive
interfaces, security features may include identification, authentication, encryption, and
auditing. Simple message broadcast or ASCII file transfer interfaces are likely to rely on
features provided by communication services. Do not specify the requirements for
features that are not provided by the systems to which the ICD applies. Specifically
state if the interface relies solely on physical security or on the security of the networks
and firewalls through which the systems are connected.

ICD Version X.X 12 <Project and release name>

CMS TLC Introduction

4.2 Requirements for <Given Interface Name>

Instructions: All of the applicable characteristics described in section “Requirements for
<Given Interface>” should be replicated for each defined interface between the two
participating systems. There is no limit on the number of unique interfaces that can be
defined in a single ICD. In general, all interfaces defined should involve the same two
systems.
If there is only one defined interface between the two participating systems, delete this
section.

ICD Version X.X 13 <Project and release name>

CMS TLC Introduction

5. Quality Assurance
Instructions: This section defines a set of Quality Assurance (QA) methods to be used
to verify that the requirements for the interfaces defined in Section “Detailed Interface
Requirements” have been met. QA methods include:
Demonstration - The operation of interfacing entities that relies on observable
functional operation not requiring the use of instrumentation, special test
equipment, or subsequent analysis
 Test - The operation of interfacing entities using instrumentation or special test
equipment to collect data for later analysis
 Analysis - The processing of accumulated data obtained from other qualification
methods (e.g., reduction, interpretation, or extrapolation of test results)
 Inspection - The visual examination of interfacing entities, documentation, etc.
 Special Qualification Methods - Any special qualification methods for the
interfacing entities (e.g., special tools, techniques, procedures, facilities, and
acceptance limits)
Describe how the interfaces will be tested / verified, any resources that are required,
and any associated lead time and coordination required to prepare and conduct testing.

ICD Version X.X 14 <Project and release name>

CMS TLC Appendix E: Notes to the Author/Template Instructions

Appendix A: Record of Changes

Instructions: Provide information on how the development and distribution of the
Interface Control Document will be controlled and tracked. Use the table below to
provide the version number, the date of the version, the author/owner of the version,
and a brief description of the reason for creating the revised version.
Table 8 - Record of Changes
Version Number Date Author/Owner Description of Change
<X.X> <MM/DD/ CMS <Description of
YYYY> Change>
<X.X> <MM/DD/ CMS <Description of
YYYY> Change>
<X.X> <MM/DD/ CMS <Description of
YYYY> Change>
<X.X> <MM/DD/ CMS <Description of
YYYY> Change>
<X.X> <MM/DD/ CMS <Description of
YYYY> Change>

ICD Version X.X 15 <Project and release name>

CMS TLC Appendix E: Notes to the Author/Template Instructions

Appendix B: Glossary
Instructions: Provide clear and concise definitions for terms used in this document that
may be unfamiliar to readers of the document. Terms are to be listed in alphabetical
order.
Table 9 - Glossary
Term Acronym Definition
<Term <Acronym <Definition
> > >
<Term <Acronym <Definition
> > >
<Term <Acronym <Definition
> > >
<Term <Acronym <Definition
> > >
<Term <Acronym <Definition
> > >

ICD Version X.X 16 <Project and release name>

CMS TLC Appendix E: Notes to the Author/Template Instructions

Appendix C: Referenced Documents

Instructions: Summarize the relationship of this document to other relevant documents.
Provide identifying information for all documents used to arrive at and/or referenced
within this document (e.g., related and/or companion documents, prerequisite
documents, relevant technical documentation, etc.).
Table 10 - Referenced Documents
Document Name Document Location and/or URL Issuance Date
<Document <Document Location and/or <MM/DD/
Name> URL> YYYY>
<Document <Document Location and/or <MM/DD/
Name> URL> YYYY>
<Document <Document Location and/or <MM/DD/
Name> URL> YYYY>
<Document <Document Location and/or <MM/DD/
Name> URL> YYYY>
<Document <Document Location and/or <MM/DD/
Name> URL> YYYY>

ICD Version X.X 17 <Project and release name>

CMS TLC Appendix E: Notes to the Author/Template Instructions

Appendix D: Approvals
The undersigned acknowledge that they have reviewed the ICD and agree with the information
presented within this document. Changes to this ICD will be coordinated with, and approved by,
the undersigned, or their designated representatives.
Instructions: List the individuals whose signatures are desired. Examples of such
individuals are Business Owner, Project Manager (if identified), and any appropriate
stakeholders. Add additional lines for signature as necessary.
Table 11 - Approvals
Document Approved By Date Approved

Name: <Name>, <Job Title> - <Company> Date

Name: <Name>, <Job Title> - <Company> Date

Name: <Name>, <Job Title> - <Company> Date

Name: <Name>, <Job Title> - <Company> Date

ICD Version X.X 18 <Project and release name>

CMS TLC Appendix E: Notes to the Author/Template Instructions

Appendix E: Notes to the Author/Template Instructions

This document is a template for creating an Interface Control Document for a given
investment or project. The final document should be delivered in an electronically
searchable format. The Interface Control Document should stand on its own with all
elements explained and acronyms spelled out for reader/reviewers, including reviewers
outside CMS who may not be familiar with CMS projects and investments.
This template was designed based on best practices and information to support CMS
governance and IT processes. Use of this template is not mandatory, rather programs
are encouraged to adapt this template to their needs by adding or removing sections as
appropriate. Programs are also encouraged to leverage these templates as the basis
for web-based system development artifacts.
This template includes instructions, boilerplate text, and fields. The author should note
that:
 Each section provides instructions or describes the intent, assumptions, and
context for content included in that section. Instructional text appears in blue
italicized font throughout this template.
 Instructional text in each section should be replaced with information specific to
the particular investment.
 Some text and tables are provided as boilerplate examples of wording and
formats that may be used or modified as appropriate.
When using this template, follow these steps:
1. Table captions and descriptions are to be placed left-aligned, above the table.

2. Modify any boilerplate text, as appropriate, to your specific project.

3. All documents must be compliant with Section 508 requirements.

4. Figure captions and descriptions are to be placed left-aligned, below the

figure. All figures must have an associated tag providing appropriate
alternative text for Section 508 compliance.

5. Delete this “Notes to the Author/Template Instructions” page and all

instructions to the author before finalizing the initial draft of the document.

ICD Version X.X 19 <Project and release name>