Ask the CIO Podcasts – Federal News Network https://federalnewsnetwork.com Helping feds meet their mission. Tue, 05 Jul 2022 18:15:12 +0000 en-US hourly 1 https://federalnewsnetwork.com/wp-content/uploads/2017/12/cropped-icon-512x512-1-60x60.png Ask the CIO Podcasts – Federal News Network https://federalnewsnetwork.com 32 32 FEMA’s enterprise cloud services potentially could lower costs by 30%-to-40% https://federalnewsnetwork.com/ask-the-cio/2022/07/femas-enterprise-cloud-services-potentially-could-lower-costs-by-30-to-40/ https://federalnewsnetwork.com/ask-the-cio/2022/07/femas-enterprise-cloud-services-potentially-could-lower-costs-by-30-to-40/#respond Tue, 05 Jul 2022 18:15:12 +0000 https://federalnewsnetwork.com/?p=4135617 var config_4135498 = {"options":{"theme":"hbidc_default"},"extensions":{"Playlist":[]},"episode":{"media":{"mp3":"https:\/\/dts.podtrac.com\/redirect.mp3\/pdst.fm\/e\/chrt.fm\/track\/E2G895\/aw.noxsolutions.com\/launchpod\/federal-drive\/mp3\/070522_Jason_web_anr9_d10d653f.mp3?awCollectionId=1146&awEpisodeId=b00324aa-8642-4860-b6da-9689d10d653f&awNetwork=322"},"coverUrl":"https:\/\/federalnewsnetwork.com\/wp-content\/uploads\/2018\/12\/FD1500-150x150.jpg","title":"A look at how the cloud will help FEMA","description":"[hbidcpodcast podcastid='4135498']nn<em>Best listening experience is on Chrome, Firefox or Safari. Subscribe to Federal Drive\u2019s daily audio interviews on\u00a0<\/em><a href="https:\/\/itunes.apple.com\/us\/podcast\/federal-drive-with-tom-temin\/id1270799277?mt=2"><i>Apple Podcasts<\/i><\/a><em>\u00a0or\u00a0<a href="https:\/\/www.podcastone.com\/federal-drive-with-tom-temin?pid=1753589">PodcastOne<\/a>.<\/em>nnThe Federal Emergency Management Agency is expanding its footprint in the cloud. And they are doing it in a bit of a usual way.nnFEMA is partnering with the Agriculture Department and developing a charge-back model to its mission areas.nnJim Rodd, FEMA\u2019s cloud portfolio manager, said as part of modernizing the National Flood Insurance Program, the agency and USDA are using the Google Cloud platform.nn\u201cThey're actually doing it in conjunction with USDA. NFIP is bringing it up in a methodology that will allow us to absorb it into the FEMA enterprise cloud with no issue. It's all our standards and everything,\u201d Rodd said at the recent ACT-IAC Emerging Technology and Innovation Conference.nnRodd said the reason FEMA looked to partner with USDA is two-fold. First, the two agencies partner to help citizens impacted by floods. But secondly, and maybe most important to the discussion around cloud, is Rodd found USDA among the most mature organizations in applying the charge-back model for enterprise cloud services.nn\u201cWhen I first took the position over, I wanted to speak to some other cloud brokers that were in the federal government, and three that popped up was two at DHS, which were U.S. Citizenship and Immigration Service and the Customs and Border Protection directorates. I've talked to them, but neither one of them have a multi cloud solution with a chargeback methodology. So we wanted to make sure we were speaking to somebody in that realm as well. And USDA was pretty much the big dog on the block,\u201d Rodd said. \u201cThey had a very mature cloud doing chargeback and it was multi cloud, so it only made sense to go and talk to them.\u201dn<h2>Buying cloud services in a new way<\/h2>nThis idea of a chargeback model for enterprise services hasn\u2019t been easy for agencies over the last 50-plus years. Federal shared services for financial management and human resources have been out in front of this effort, but the agencies providing these services have struggled to make their case to large agencies for the most part.nnThe General Services Administration\u2019s Cloud Information Center highlights <a href="https:\/\/cic.gsa.gov\/acquisitions\/acquisition-challenges" target="_blank" rel="noopener">several acquisition challenges<\/a>, including advanced metering services from vendors and governance focused on who holds the responsibility of assessing cloud utilization reports for chargeback incentive purposes.nnThe Office of Management and Budget and the Federal CIO Council have been pushing <a href="https:\/\/federalnewsnetwork.com\/reporters-notebook\/2020\/08\/cio-council-reawakens-push-to-use-technology-business-management-standards\/">agencies to implement<\/a> the Technology Business Management (TBM) framework to measure the cost and value of IT services, not necessarily just cloud services. Agencies had to fully implement TBM cost towers as part of their 2023 budget requests that went to OMB earlier this year. But challenges around <a href="https:\/\/federalnewsnetwork.com\/reporters-notebook-jason-miller\/2021\/06\/data-remains-biggest-obstacle-to-meeting-2023-deadline-for-tbm\/">data quality and quantity<\/a> have slowed down this effort over the last five years.nnBut <a href="https:\/\/federalnewsnetwork.com\/reporters-notebook-jason-miller\/2021\/06\/gsa-set-to-alter-cloud-buying-landscape-with-new-policy\/">understanding the costs<\/a> in a multi-cloud environment is why FEMA is pushing forward with the chargeback model.nnRodd said with FEMA already is using Amazon Web Services and Microsoft\u2019s Azure cloud instances and now adding the Google Cloud, it wanted to ensure it knew where and how much it was spending on these services. Former FEMA CIO Lytwaive Hutchinson said earlier this year that the <a href="https:\/\/federalnewsnetwork.com\/ask-the-cio\/2022\/05\/fema-sets-self-imposed-deadline-for-moving-more-applications-to-the-cloud\/">agency\u2019s goal<\/a> to have at least 50% of all of their systems and services that are cloud ready moved into the cloud by the end of 2022.nn\u201cThe thing with the chargeback model is being able to offset cost. That's the name of the game,\u201d he said. \u201cAll sudden our current cloud footprint is probably about $2 million-to-$3 million a year. If we can offset some of that, rather than what is happening right now where we're carrying all of it, as we ingest more clients and more services, we should start to see an offset in costs.\u201dn<h2>Big savings over time<\/h2>nRodd said FEMA mission areas who have turned off on-premise or legacy technology are seeing costs reductions of 30% to 40%.nn\u201cIt's giving our internal and external OCIO clients, the opportunity to really be able to plan efficiently by having all of that in one place,\u201d he said. \u201cThere's obviously a massive cultural shift with moving to the cloud and FEMA is just as aware of that need for a culture shift as anybody else. We try to sell it on the scalability and flexibility, the ability to convert our redundant possibilities East Coast, West Coast, north, south, across this CSP, that CSP. We try to show all that, but they don't really see it because that's the back end. One of the things we like to do when we are briefing to a prospective client who has no knowledge of the cloud, I don't make any promises on price because here's the reality in any government agency for that first year or two, you're running hybrid. You have to maintain that physical environment, especially for somebody with a mission like ours, where we have to be up no matter what. During that time, obviously, you're costs are going to be substantially higher. So I actually stay away from that, or I brutally tell them look, this first year or two, it's actually going to be more expensive. But as soon as we can start turning off your stuff in the physical environment, and shutting that stuff down and killing those contracts, that's when you're going to start to see your costs go down.\u201dnnRodd added in a perfect world, he would like his cloud broker office to break even in terms of costs of providing the enterprise services and receiving funding from mission users.nn\u201cI don't really ever think we're going to get there, but even if we got to 50%, that'd be outstanding,\u201d he said. \u201cWe developed a cost model. What we wanted is a one-stop shop so if a client comes to us and tells us their need, or we help them to develop a solution, we didn't want them to then have to talk to the sustainment folks and get a price and then talk to the license folks and get a price. We tried to make our cost model as inclusive as possible. It covers everything from your basic compute needs, your migration, your authority to operate and your licensing. We're actually adding cyber to it right now.\u201dnnRodd said FEMA wanted to get a third-party expert to confirm its chargeback model would work, and received solid reviews from Gartner. He called it \u201celegant.\u201d"}};

Best listening experience is on Chrome, Firefox or Safari. Subscribe to Federal Drive’s daily audio interviews on Apple Podcasts or PodcastOne.

The Federal Emergency Management Agency is expanding its footprint in the cloud. And they are doing it in a bit of a usual way.

FEMA is partnering with the Agriculture Department and developing a charge-back model to its mission areas.

Jim Rodd, FEMA’s cloud portfolio manager, said as part of modernizing the National Flood Insurance Program, the agency and USDA are using the Google Cloud platform.

“They’re actually doing it in conjunction with USDA. NFIP is bringing it up in a methodology that will allow us to absorb it into the FEMA enterprise cloud with no issue. It’s all our standards and everything,” Rodd said at the recent ACT-IAC Emerging Technology and Innovation Conference.

Rodd said the reason FEMA looked to partner with USDA is two-fold. First, the two agencies partner to help citizens impacted by floods. But secondly, and maybe most important to the discussion around cloud, is Rodd found USDA among the most mature organizations in applying the charge-back model for enterprise cloud services.

“When I first took the position over, I wanted to speak to some other cloud brokers that were in the federal government, and three that popped up was two at DHS, which were U.S. Citizenship and Immigration Service and the Customs and Border Protection directorates. I’ve talked to them, but neither one of them have a multi cloud solution with a chargeback methodology. So we wanted to make sure we were speaking to somebody in that realm as well. And USDA was pretty much the big dog on the block,” Rodd said. “They had a very mature cloud doing chargeback and it was multi cloud, so it only made sense to go and talk to them.”

Buying cloud services in a new way

This idea of a chargeback model for enterprise services hasn’t been easy for agencies over the last 50-plus years. Federal shared services for financial management and human resources have been out in front of this effort, but the agencies providing these services have struggled to make their case to large agencies for the most part.

The General Services Administration’s Cloud Information Center highlights several acquisition challenges, including advanced metering services from vendors and governance focused on who holds the responsibility of assessing cloud utilization reports for chargeback incentive purposes.

The Office of Management and Budget and the Federal CIO Council have been pushing agencies to implement the Technology Business Management (TBM) framework to measure the cost and value of IT services, not necessarily just cloud services. Agencies had to fully implement TBM cost towers as part of their 2023 budget requests that went to OMB earlier this year. But challenges around data quality and quantity have slowed down this effort over the last five years.

But understanding the costs in a multi-cloud environment is why FEMA is pushing forward with the chargeback model.

Rodd said with FEMA already is using Amazon Web Services and Microsoft’s Azure cloud instances and now adding the Google Cloud, it wanted to ensure it knew where and how much it was spending on these services. Former FEMA CIO Lytwaive Hutchinson said earlier this year that the agency’s goal to have at least 50% of all of their systems and services that are cloud ready moved into the cloud by the end of 2022.

“The thing with the chargeback model is being able to offset cost. That’s the name of the game,” he said. “All sudden our current cloud footprint is probably about $2 million-to-$3 million a year. If we can offset some of that, rather than what is happening right now where we’re carrying all of it, as we ingest more clients and more services, we should start to see an offset in costs.”

Big savings over time

Rodd said FEMA mission areas who have turned off on-premise or legacy technology are seeing costs reductions of 30% to 40%.

“It’s giving our internal and external OCIO clients, the opportunity to really be able to plan efficiently by having all of that in one place,” he said. “There’s obviously a massive cultural shift with moving to the cloud and FEMA is just as aware of that need for a culture shift as anybody else. We try to sell it on the scalability and flexibility, the ability to convert our redundant possibilities East Coast, West Coast, north, south, across this CSP, that CSP. We try to show all that, but they don’t really see it because that’s the back end. One of the things we like to do when we are briefing to a prospective client who has no knowledge of the cloud, I don’t make any promises on price because here’s the reality in any government agency for that first year or two, you’re running hybrid. You have to maintain that physical environment, especially for somebody with a mission like ours, where we have to be up no matter what. During that time, obviously, you’re costs are going to be substantially higher. So I actually stay away from that, or I brutally tell them look, this first year or two, it’s actually going to be more expensive. But as soon as we can start turning off your stuff in the physical environment, and shutting that stuff down and killing those contracts, that’s when you’re going to start to see your costs go down.”

Rodd added in a perfect world, he would like his cloud broker office to break even in terms of costs of providing the enterprise services and receiving funding from mission users.

“I don’t really ever think we’re going to get there, but even if we got to 50%, that’d be outstanding,” he said. “We developed a cost model. What we wanted is a one-stop shop so if a client comes to us and tells us their need, or we help them to develop a solution, we didn’t want them to then have to talk to the sustainment folks and get a price and then talk to the license folks and get a price. We tried to make our cost model as inclusive as possible. It covers everything from your basic compute needs, your migration, your authority to operate and your licensing. We’re actually adding cyber to it right now.”

Rodd said FEMA wanted to get a third-party expert to confirm its chargeback model would work, and received solid reviews from Gartner. He called it “elegant.”

]]>
https://federalnewsnetwork.com/ask-the-cio/2022/07/femas-enterprise-cloud-services-potentially-could-lower-costs-by-30-to-40/feed/ 0
To improve its customer experience, SSA found an unusual partner from the NFL https://federalnewsnetwork.com/ask-the-cio/2022/06/to-improve-its-customer-experience-ssa-found-an-unusual-partner-from-the-nfl/ https://federalnewsnetwork.com/ask-the-cio/2022/06/to-improve-its-customer-experience-ssa-found-an-unusual-partner-from-the-nfl/#respond Thu, 30 Jun 2022 16:58:09 +0000 https://federalnewsnetwork.com/?p=4130152 var config_4130501 = {"options":{"theme":"hbidc_default"},"extensions":{"Playlist":[]},"episode":{"media":{"mp3":"https:\/\/dts.podtrac.com\/redirect.mp3\/pdst.fm\/e\/chrt.fm\/track\/E2G895\/aw.noxsolutions.com\/launchpod\/adswizz\/1128\/063022_askciossafema_web_on85_4c4d04a7.mp3?awCollectionId=1128&awEpisodeId=8841da2d-8e4a-4de8-ac4f-b1d04c4d04a7&awNetwork=322"},"coverUrl":"https:\/\/federalnewsnetwork.com\/wp-content\/uploads\/2018\/12\/AsktheCIO1500-150x150.jpg","title":"To improve its customer experience, SSA found an unusual partner from the NFL","description":"[hbidcpodcast podcastid='4130501']nnThe Baltimore Ravens football team may be better known for its winning ways on the field and its rabid fans in the stands.nnBut the Social Security Administration turned to the NFL team because of its prowess in using data to drive customer experience decisions. It also didn\u2019t hurt that SSA headquarters is located in Baltimore County, Maryland, and many of the staff are big fans of the team.nnPatrick Newbold, the assistant deputy commissioner and deputy chief information officer at SSA, said the Ravens are known for providing a great customer experience for their fans so it just made sense that the agency would reach out.nn[caption id="attachment_4130296" align="alignright" width="300"]<img class="size-medium wp-image-4130296" src="https:\/\/federalnewsnetwork.com\/wp-content\/uploads\/2022\/06\/patrick-newbold-300x300.jpg" alt="" width="300" height="300" \/> Patrick Newbold is the assistant deputy commissioner and deputy chief information officer at the Social Security Administration.[\/caption]nn\u201cOne of the questions we asked the Baltimore Ravens was how business intelligence analytics changed their service delivery model?\u201d Newbold said on <a href="https:\/\/federalnewsnetwork.com\/category\/radio-interviews\/ask-the-cio\/">Ask the CIO<\/a>. \u201cThe Ravens shared an excellent use case with us on how data was able to challenge one of their assumptions on fan demographics. Early on, when they started to aggregate that data, that data disproved assumptions they had about their season ticket holders. Their fans were a lot younger than the marketing assumed. So that led them to change the music they played, the food and drinks they served and how they engaged those fans. The data provided the Ravens with some insights to fan demographics that they weren\u2019t necessarily tracking and allow them to market to a growing demographic fan base be exposed.\u201dnnThe Ravens brought their chief data officer or equivalent position to the table to meet with executives from SSA\u2019s CIO, CDO and mission offices.nnLike the way Ravens use data to drive decisions about how they serve their fans, SSA is looking to apply the same concepts to how they deliver their services.nn\u201cWe want to use data to monitor and improve the way we do business and services, and deliver our services to our citizens,\u201d Newbold said. \u201cWe also shared several challenges. One was the importance of data collection. The Baltimore Ravens leverage NFL-wide data as well as their Baltimore Ravens-specific data. They use that data to inform decisions. We, at SSA, want to create a primary source of SSA-wide data that is beyond assumptions and that supports that ad hoc, cross-cutting capability to do some data analytics. While we are completely different organizations, we have the same goals and mission desire when it comes to how we can use data to really inform the way we want to move forward.\u201dn<h2>SSA's scores better than average<\/h2>nThe Ravens, Newbold said, have a mature data and business intelligence practice so gleaming lessons learned can only help SSA, which scored a 64 on the 2021 <a href="https:\/\/www.theacsi.org\/industries\/government\/">American Customer Service Index ratings<\/a>. The federal government\u2019s overall score was 63.4, while the Interior Department received the highest score under the ACSI with a 77.nnSSA\u2019s data for 2020 based on its surveys found 93% of the almost 1,700 respondents rated their field office experience as "satisfactory," but only 47% called it "excellent."nnNewbold said among the biggest lessons learned from the conversation with the Ravens were about the importance of data governance, because the business intelligence platforms and tools are only as good as the data being put into those capabilities.nn\u201cKey points that we learned from Baltimore Ravens and throughout the discussions is really having that strong governance, but also they highlighted how they use data as a tool, not as the final answer,\u201d he said. \u201cThat resonates with us because as we invest more beyond technologies as an agency, we also must recognize that other factors inform decisions, so data is critical and important, but not the only factor.\u201dnnThe Ravens are just one of several public and private sector organizations SSA is meeting with to learn more about how they serve their customers.nnNewbold said SSA also has met with JP MorganChase, the Federal Retirement Thrift Investment Board, Fannie Mae and the Target Corp.nn\u201cWe also met with a couple of thought leaders since June, the former General Motors CIO Ralph Szygenda and the former IRS Commissioner Charles Rossotti,\u201d he said. \u201cWe take these conversations and we've highlighted about three important lessons learned from these conversations, and we are baking those into our strategy. They are around governance, data and culture.\u201dn<h2>New strategy coming<\/h2>nNewbold said SSA is updating its digital transformation strategy to include the customer experience lessons learned from all of these conversations.nnSSA is partnering with the U.S. Digital Service on their modernization strategy and effort.nnNewbold said his office and the mission areas are working with USDS to further expand their understanding of their customers and their journey to use SSA services.nn\u201cA key objective and expansion of our digital service offerings is a redesign of our website to enhance the user experience. To improve the customer service, we plan to deepen our understanding of our customers, including what drives their evolving service. We will learn about our customers\u2019 journeys from various service channels and touch points, and one of those is a voice of the customer feedback. We want to capture real-time customer feedback, not only to use that feedback to assess what we have in place that is working, but to identify customer pain points to help us design those future digital services.\u201dnnTo better understand those customer journeys, SSA and USDS held about 65 different sessions with multiple groups of people. This led to SSA using human-centered design techniques for the new <a href="https:\/\/blog.ssa.gov\/building-a-better-ssa-gov\/">beta version<\/a> of their website that launched in April.nn\u201cFor many of our services, and especially on mobile devices, we really want to ensure that we offer more digital capabilities that can be leveraged on mobile devices and from any location in it. We released an application that allows customers to express a protective intent to file for Social Security supplemental security income benefits online,\u201d he said. \u201cWe have also prioritized within our plan the design and the mobile accessible online process that will upload forms and other documentation.\u201dnnNewbold added SSA has received positive feedback so far from the upgrades and plans to expand its interactions and testing with customers.n<h2>Reducing the burden on customers<\/h2>nGoing forward, Newbold said SSA plans to continue to meet with the Ravens and other private sector organizations on a regular basis.nnHe said all the different public and private sector organizations help the agency learn more about how they can drive better customer experience. SSA also has begun to implement a customer relationship management (CRM) platform to further its efforts.nn\u201cBy reducing the burden on the public, we want to eliminate requirements to conduct business in person, present hard copies of original documents, remove requirements for signatures on a document or provide electronic signing options. These objectives will require SSA to reimagine business processes, program policies and enabling technologies,\u201d Newbold said. \u201cWe also want to modernize our enterprise IT systems. For example, our system that administers benefits have been cited by GAO as one of the 10 IT systems across the executive branch in most need of modernization. We have begun to modernize the claims intake and adjudication software. But we want [to] continue to finish that work and retire the legacy systems and modernize our benefits system remains a focus to us.\u201dnn "}};

The Baltimore Ravens football team may be better known for its winning ways on the field and its rabid fans in the stands.

But the Social Security Administration turned to the NFL team because of its prowess in using data to drive customer experience decisions. It also didn’t hurt that SSA headquarters is located in Baltimore County, Maryland, and many of the staff are big fans of the team.

Patrick Newbold, the assistant deputy commissioner and deputy chief information officer at SSA, said the Ravens are known for providing a great customer experience for their fans so it just made sense that the agency would reach out.

Patrick Newbold is the assistant deputy commissioner and deputy chief information officer at the Social Security Administration.

“One of the questions we asked the Baltimore Ravens was how business intelligence analytics changed their service delivery model?” Newbold said on Ask the CIO. “The Ravens shared an excellent use case with us on how data was able to challenge one of their assumptions on fan demographics. Early on, when they started to aggregate that data, that data disproved assumptions they had about their season ticket holders. Their fans were a lot younger than the marketing assumed. So that led them to change the music they played, the food and drinks they served and how they engaged those fans. The data provided the Ravens with some insights to fan demographics that they weren’t necessarily tracking and allow them to market to a growing demographic fan base be exposed.”

The Ravens brought their chief data officer or equivalent position to the table to meet with executives from SSA’s CIO, CDO and mission offices.

Like the way Ravens use data to drive decisions about how they serve their fans, SSA is looking to apply the same concepts to how they deliver their services.

“We want to use data to monitor and improve the way we do business and services, and deliver our services to our citizens,” Newbold said. “We also shared several challenges. One was the importance of data collection. The Baltimore Ravens leverage NFL-wide data as well as their Baltimore Ravens-specific data. They use that data to inform decisions. We, at SSA, want to create a primary source of SSA-wide data that is beyond assumptions and that supports that ad hoc, cross-cutting capability to do some data analytics. While we are completely different organizations, we have the same goals and mission desire when it comes to how we can use data to really inform the way we want to move forward.”

SSA’s scores better than average

The Ravens, Newbold said, have a mature data and business intelligence practice so gleaming lessons learned can only help SSA, which scored a 64 on the 2021 American Customer Service Index ratings. The federal government’s overall score was 63.4, while the Interior Department received the highest score under the ACSI with a 77.

SSA’s data for 2020 based on its surveys found 93% of the almost 1,700 respondents rated their field office experience as “satisfactory,” but only 47% called it “excellent.”

Newbold said among the biggest lessons learned from the conversation with the Ravens were about the importance of data governance, because the business intelligence platforms and tools are only as good as the data being put into those capabilities.

“Key points that we learned from Baltimore Ravens and throughout the discussions is really having that strong governance, but also they highlighted how they use data as a tool, not as the final answer,” he said. “That resonates with us because as we invest more beyond technologies as an agency, we also must recognize that other factors inform decisions, so data is critical and important, but not the only factor.”

The Ravens are just one of several public and private sector organizations SSA is meeting with to learn more about how they serve their customers.

Newbold said SSA also has met with JP MorganChase, the Federal Retirement Thrift Investment Board, Fannie Mae and the Target Corp.

“We also met with a couple of thought leaders since June, the former General Motors CIO Ralph Szygenda and the former IRS Commissioner Charles Rossotti,” he said. “We take these conversations and we’ve highlighted about three important lessons learned from these conversations, and we are baking those into our strategy. They are around governance, data and culture.”

New strategy coming

Newbold said SSA is updating its digital transformation strategy to include the customer experience lessons learned from all of these conversations.

SSA is partnering with the U.S. Digital Service on their modernization strategy and effort.

Newbold said his office and the mission areas are working with USDS to further expand their understanding of their customers and their journey to use SSA services.

“A key objective and expansion of our digital service offerings is a redesign of our website to enhance the user experience. To improve the customer service, we plan to deepen our understanding of our customers, including what drives their evolving service. We will learn about our customers’ journeys from various service channels and touch points, and one of those is a voice of the customer feedback. We want to capture real-time customer feedback, not only to use that feedback to assess what we have in place that is working, but to identify customer pain points to help us design those future digital services.”

To better understand those customer journeys, SSA and USDS held about 65 different sessions with multiple groups of people. This led to SSA using human-centered design techniques for the new beta version of their website that launched in April.

“For many of our services, and especially on mobile devices, we really want to ensure that we offer more digital capabilities that can be leveraged on mobile devices and from any location in it. We released an application that allows customers to express a protective intent to file for Social Security supplemental security income benefits online,” he said. “We have also prioritized within our plan the design and the mobile accessible online process that will upload forms and other documentation.”

Newbold added SSA has received positive feedback so far from the upgrades and plans to expand its interactions and testing with customers.

Reducing the burden on customers

Going forward, Newbold said SSA plans to continue to meet with the Ravens and other private sector organizations on a regular basis.

He said all the different public and private sector organizations help the agency learn more about how they can drive better customer experience. SSA also has begun to implement a customer relationship management (CRM) platform to further its efforts.

“By reducing the burden on the public, we want to eliminate requirements to conduct business in person, present hard copies of original documents, remove requirements for signatures on a document or provide electronic signing options. These objectives will require SSA to reimagine business processes, program policies and enabling technologies,” Newbold said. “We also want to modernize our enterprise IT systems. For example, our system that administers benefits have been cited by GAO as one of the 10 IT systems across the executive branch in most need of modernization. We have begun to modernize the claims intake and adjudication software. But we want [to] continue to finish that work and retire the legacy systems and modernize our benefits system remains a focus to us.”

 

]]>
https://federalnewsnetwork.com/ask-the-cio/2022/06/to-improve-its-customer-experience-ssa-found-an-unusual-partner-from-the-nfl/feed/ 0
CMMC early adopter program to further spur vendor cyber actions https://federalnewsnetwork.com/ask-the-cio/2022/06/cmmc-early-adopter-program-to-further-spur-vendor-cyber-actions/ https://federalnewsnetwork.com/ask-the-cio/2022/06/cmmc-early-adopter-program-to-further-spur-vendor-cyber-actions/#respond Mon, 27 Jun 2022 20:45:07 +0000 https://federalnewsnetwork.com/?p=4124265 var config_4124488 = {"options":{"theme":"hbidc_default"},"extensions":{"Playlist":[]},"episode":{"media":{"mp3":"https:\/\/dts.podtrac.com\/redirect.mp3\/pdst.fm\/e\/chrt.fm\/track\/E2G895\/aw.noxsolutions.com\/launchpod\/adswizz\/1128\/062322_askciododfletchercmmcpanel_we_gxhy_a0b38306.mp3?awCollectionId=1128&awEpisodeId=973483b5-75b4-45d9-bccc-22dfa0b38306&awNetwork=322"},"coverUrl":"https:\/\/federalnewsnetwork.com\/wp-content\/uploads\/2018\/12\/AsktheCIO1500-150x150.jpg","title":"CMMC early adopter program to further spur vendor cyber actions","description":"[hbidcpodcast podcastid='4124488']nnThe Defense Department has been talking about the Cybersecurity Maturity Model Certification (CMMC) standards for more than three years.nnAnd while the final version 2.0 standards aren\u2019t going to be ready until next summer, the impact of just talking about improving cybersecurity among contractors is real.nnStacy Bostjanick, the chief of implementation and policy and deputy CIO for cybersecurity for the Defense Department, said contractors are definitely more accepting of the need to protect their data. But, she quickly admitted, they may not have fully embraced CMMC.nn\u201cThe 7012 [Defense acquisition regulations] clause started that in earnest in 2013. We got a ton of pushback and finally got it into a rule in 2017. And then after that, we had a few incidents like SolarWinds, the Colonial pipeline, and now people are like, \u2018Oh, yeah, maybe people are coming after me. Oh, maybe it is an issue,\u2019\u201d Bostjanick said at the recent AFCEA NOVA Small Business IT Day.nnDr. Kelly Fletcher, the principal deputy chief information officer for the Defense Department, said the current approach, based on self-attestation, creates a potentially unleveled playing field for contractors who choose to take the right steps to secure their data and those that just say they do.nn\u201cWe know we have totally divergent compliance. If you're complying now with what is in your contract, you're competing against folks that aren't, and I think CMMC is trying to get after that,\u201d Fletcher said. \u201cI don't think CMMC is perfect. I think any solution we come up with isn't going to be perfect. But it is our first attempt to get after that.\u201dn<h2>25% of DIB met cyber requirements<\/h2>nWhile the problem may not be new, the data collected by the Defense Contract Management Agency (DCMA) shows just how troubling it is.nnJohn Ellis, the technical directorate's software division director at DCMA, said out of 300 assessments the Defense Industrial Base Cybersecurity Assessment Center (DIBCAC) did over the last few years, only 25% of the companies were compliant with the 110 requirements in the National Institute of Standards and Technology\u2019s Special Publication 800-171.nn\u201cIf roughly 25% of companies were fully compliant when we assess them, now, if you extrapolate that across the DIB, that's why we're informing some of the decisions. So if what CMMC is going to do for us in the future that we can't do today is what we do today is largely a post-assessment activity. There are holes in those mechanisms, things are not fully implemented,\u201d Ellis said at the Coalition for Government Procurement spring conference in Falls Church, Virginia. \u201cCMMC is going to let us address some of that stuff that does lead to stronger prevention of ransomware attacks because it's going to require companies to become far more fully compliant. If 75% of your companies can't meet the requirements and they're required to meet all of those before they can be awarded a contract, what does that mean, in terms of who can compete for contracts? It doesn't bode well.\u201dnnEllis said the DIB\u2019s shortcoming based on their assessments and the need to bring more companies up to par faster is why DCMA is launching the early adopter program for CMMC. This is for defense companies to work with certified third-party assessment organizations (C3PAOs) before the CMMC 2.0 is finalized. Ellis said DCMA auditors would look over the C3PAO\u2019s shoulder and offer feedback and insights, but not an official DIBCAC review.nn\u201cWe started the planning for the early adopter program a couple of months ago, but we haven\u2019t started the assessments yet. I expect us to start them later this summer,\u201d Ellis said. \u201cThe assessments are on site, but also include a lot of coordination ahead of time with the company, the C3PAO and our folks. It\u2019s a 45-60 day process that happens at the company\u2019s site.\u201dnnEllis said the C3PAO and the DCMA auditors will conduct a medium or high confidence assessment, which is more like a document review, where they, with the company, to through the system security plan to ensure that they've documented their requirements in a way that that articulates that they understand the requirements.n<h2>Benefits for DoD, vendors alike<\/h2>nThe early adopter program is part of several ongoing initiatives DoD is pursuing to get a head start on CMMC. Bostjanick said earlier this year that DoD will do a <a href="The%20early%20adopter%20program%20is%20part%20of%20several%20ongoing%20intiatives">series of tabletop exercises<\/a> to test out the cyber standards.nnBostjanick said the early adopter program benefits the C3PAOs, DCMA and the DIB because all <a href="https:\/\/federalnewsnetwork.com\/defense-main\/2021\/12\/congressional-auditors-point-to-challenges-ahead-for-pentagons-cmmc-program\/">will get experience<\/a> with CMMC standards.nn\u201cYou will be given a DIBCAC high assessment in supplier performance risk system (SPRS), and our intent, which means our hope because lawyers told me we can't promise anything because rulemaking is that, when CMMC becomes a thing, either as an interim thing next May or a final thing the following May, that companies certifications will still be good for an additional three years,\u201d she said. \u201cOne of the things that you're going to see in CMMC 2.0 is each company has a requirement to do an annual affirmation. Which states \u2018Yep, I'm still good. I'm still in compliance. Nothing has changed. Nothing has caused me to go out of compliance. I affirm I still meet the requirements.\u2019\u201dnnEllis said there are about <a href="https:\/\/federalnewsnetwork.com\/cybersecurity\/2022\/02\/more-companies-may-have-to-get-a-cmmc-assessment-after-all\/">20,000 companies<\/a> in SPRS today and if, based on the DCMA review of about 300 companies, approximately 75% are not in compliance with the 110 controls detailed in NIST 800-171 today, there is a lot of work that still needs to be done.nn\u201cThe data is in SPRS says the opposite. We see an awful lot of scores that are very, very, very high, and we're a little concerned about that for a couple of reasons,\u201d Ellis said. \u201cOne, we're concerned about companies not really doing the things that they said they were going to do. And two, it gives a false sense of security both to the companies and to the government in the procuring activities that are relying upon that information.\u201dnnDoD is facing similar questions about its own systems\u2019 compliance. A recent Government Accountability Office <a href="https:\/\/federalnewsnetwork.com\/defense-main\/2022\/06\/is-dod-holding-to-same-cmmc-standards-as-contractors\/">highlighted<\/a> in late May the Pentagon\u2019s struggles in meeting the same NIST 800-171 standards for internal systems.nnEllis said DCMA started reviewing about 300 contractors\u2019 compliance to the NIST standards in 2019 and the hope is that those companies that were among the first, would be part of the early adopter program.nnHe said the NIST reviews alone have improved vendor cybersecurity.nn\u201cWe had one company that was in the negative 200 range and now they are in the mid-two digit range, meaning they have improved remarkable over the last few years,\u201d he said. \u201cIt's really important that folks understand, this is not meant as a threat. We're looking at it to derive knowledge and insight. We're going to anonymize the results, unless we were to stumble into something that's fraudulent and then that's a whole another can of worms, by the way. But what we will do is share that information of what we learned with the companies that we've assessed so that people can see the goodness of the information that's actually in the system. It should inform both government folks and quite honestly, it should inform the DIB. You don't ever want to be in a position where you think you're much better than you are, and then either the DIBCAC shows up or a C3PAO assessment is conducted, and you find that you've missed the mark, significantly. That's not good for you as a company. And it's certainly not good for us to rely upon somebody that doesn't have that understanding.\u201dnnTo prepare for the influx of work coming from CMMC, the DIBCAC is staffing up. DCMA plans to grow its staff in the DIBCAC to about 150 employees from 50 a few years ago."}};

The Defense Department has been talking about the Cybersecurity Maturity Model Certification (CMMC) standards for more than three years.

And while the final version 2.0 standards aren’t going to be ready until next summer, the impact of just talking about improving cybersecurity among contractors is real.

Stacy Bostjanick, the chief of implementation and policy and deputy CIO for cybersecurity for the Defense Department, said contractors are definitely more accepting of the need to protect their data. But, she quickly admitted, they may not have fully embraced CMMC.

“The 7012 [Defense acquisition regulations] clause started that in earnest in 2013. We got a ton of pushback and finally got it into a rule in 2017. And then after that, we had a few incidents like SolarWinds, the Colonial pipeline, and now people are like, ‘Oh, yeah, maybe people are coming after me. Oh, maybe it is an issue,’” Bostjanick said at the recent AFCEA NOVA Small Business IT Day.

Dr. Kelly Fletcher, the principal deputy chief information officer for the Defense Department, said the current approach, based on self-attestation, creates a potentially unleveled playing field for contractors who choose to take the right steps to secure their data and those that just say they do.

“We know we have totally divergent compliance. If you’re complying now with what is in your contract, you’re competing against folks that aren’t, and I think CMMC is trying to get after that,” Fletcher said. “I don’t think CMMC is perfect. I think any solution we come up with isn’t going to be perfect. But it is our first attempt to get after that.”

25% of DIB met cyber requirements

While the problem may not be new, the data collected by the Defense Contract Management Agency (DCMA) shows just how troubling it is.

John Ellis, the technical directorate’s software division director at DCMA, said out of 300 assessments the Defense Industrial Base Cybersecurity Assessment Center (DIBCAC) did over the last few years, only 25% of the companies were compliant with the 110 requirements in the National Institute of Standards and Technology’s Special Publication 800-171.

“If roughly 25% of companies were fully compliant when we assess them, now, if you extrapolate that across the DIB, that’s why we’re informing some of the decisions. So if what CMMC is going to do for us in the future that we can’t do today is what we do today is largely a post-assessment activity. There are holes in those mechanisms, things are not fully implemented,” Ellis said at the Coalition for Government Procurement spring conference in Falls Church, Virginia. “CMMC is going to let us address some of that stuff that does lead to stronger prevention of ransomware attacks because it’s going to require companies to become far more fully compliant. If 75% of your companies can’t meet the requirements and they’re required to meet all of those before they can be awarded a contract, what does that mean, in terms of who can compete for contracts? It doesn’t bode well.”

Ellis said the DIB’s shortcoming based on their assessments and the need to bring more companies up to par faster is why DCMA is launching the early adopter program for CMMC. This is for defense companies to work with certified third-party assessment organizations (C3PAOs) before the CMMC 2.0 is finalized. Ellis said DCMA auditors would look over the C3PAO’s shoulder and offer feedback and insights, but not an official DIBCAC review.

“We started the planning for the early adopter program a couple of months ago, but we haven’t started the assessments yet. I expect us to start them later this summer,” Ellis said. “The assessments are on site, but also include a lot of coordination ahead of time with the company, the C3PAO and our folks. It’s a 45-60 day process that happens at the company’s site.”

Ellis said the C3PAO and the DCMA auditors will conduct a medium or high confidence assessment, which is more like a document review, where they, with the company, to through the system security plan to ensure that they’ve documented their requirements in a way that that articulates that they understand the requirements.

Benefits for DoD, vendors alike

The early adopter program is part of several ongoing initiatives DoD is pursuing to get a head start on CMMC. Bostjanick said earlier this year that DoD will do a series of tabletop exercises to test out the cyber standards.

Bostjanick said the early adopter program benefits the C3PAOs, DCMA and the DIB because all will get experience with CMMC standards.

“You will be given a DIBCAC high assessment in supplier performance risk system (SPRS), and our intent, which means our hope because lawyers told me we can’t promise anything because rulemaking is that, when CMMC becomes a thing, either as an interim thing next May or a final thing the following May, that companies certifications will still be good for an additional three years,” she said. “One of the things that you’re going to see in CMMC 2.0 is each company has a requirement to do an annual affirmation. Which states ‘Yep, I’m still good. I’m still in compliance. Nothing has changed. Nothing has caused me to go out of compliance. I affirm I still meet the requirements.’”

Ellis said there are about 20,000 companies in SPRS today and if, based on the DCMA review of about 300 companies, approximately 75% are not in compliance with the 110 controls detailed in NIST 800-171 today, there is a lot of work that still needs to be done.

“The data is in SPRS says the opposite. We see an awful lot of scores that are very, very, very high, and we’re a little concerned about that for a couple of reasons,” Ellis said. “One, we’re concerned about companies not really doing the things that they said they were going to do. And two, it gives a false sense of security both to the companies and to the government in the procuring activities that are relying upon that information.”

DoD is facing similar questions about its own systems’ compliance. A recent Government Accountability Office highlighted in late May the Pentagon’s struggles in meeting the same NIST 800-171 standards for internal systems.

Ellis said DCMA started reviewing about 300 contractors’ compliance to the NIST standards in 2019 and the hope is that those companies that were among the first, would be part of the early adopter program.

He said the NIST reviews alone have improved vendor cybersecurity.

“We had one company that was in the negative 200 range and now they are in the mid-two digit range, meaning they have improved remarkable over the last few years,” he said. “It’s really important that folks understand, this is not meant as a threat. We’re looking at it to derive knowledge and insight. We’re going to anonymize the results, unless we were to stumble into something that’s fraudulent and then that’s a whole another can of worms, by the way. But what we will do is share that information of what we learned with the companies that we’ve assessed so that people can see the goodness of the information that’s actually in the system. It should inform both government folks and quite honestly, it should inform the DIB. You don’t ever want to be in a position where you think you’re much better than you are, and then either the DIBCAC shows up or a C3PAO assessment is conducted, and you find that you’ve missed the mark, significantly. That’s not good for you as a company. And it’s certainly not good for us to rely upon somebody that doesn’t have that understanding.”

To prepare for the influx of work coming from CMMC, the DIBCAC is staffing up. DCMA plans to grow its staff in the DIBCAC to about 150 employees from 50 a few years ago.

]]>
https://federalnewsnetwork.com/ask-the-cio/2022/06/cmmc-early-adopter-program-to-further-spur-vendor-cyber-actions/feed/ 0
New House Digital Services Office seeks to fill gaps to modernize Congress https://federalnewsnetwork.com/ask-the-cio/2022/06/new-house-digital-services-office-seeks-to-fill-gaps-to-modernize-congress/ https://federalnewsnetwork.com/ask-the-cio/2022/06/new-house-digital-services-office-seeks-to-fill-gaps-to-modernize-congress/#respond Fri, 17 Jun 2022 22:18:20 +0000 https://federalnewsnetwork.com/?p=4108466 var config_4108574 = {"options":{"theme":"hbidc_default"},"extensions":{"Playlist":[]},"episode":{"media":{"mp3":"https:\/\/dts.podtrac.com\/redirect.mp3\/pdst.fm\/e\/chrt.fm\/track\/E2G895\/aw.noxsolutions.com\/launchpod\/adswizz\/1128\/061622_ask-cio-cao_web_uhp2_7a69b51c.mp3?awCollectionId=1128&awEpisodeId=5758df8c-339d-4c23-ad3f-d1017a69b51c&awNetwork=322"},"coverUrl":"https:\/\/federalnewsnetwork.com\/wp-content\/uploads\/2018\/12\/AsktheCIO1500-150x150.jpg","title":"New House Digital Services Office seeks to fill gaps to modernize Congress","description":"[hbidcpodcast podcastid='4108574']nnThe House of Representatives Chief Administrative Office is close to adding another shared service to the 100 or so it already provides.nnThese range from <a href="https:\/\/cao.house.gov\/about\/business-units">acquisition support to human resources<\/a> to finance and logistics. But the one area where those services were missing and sorely needed was around digital transformation.nn[caption id="attachment_4108481" align="alignright" width="300"]<img class="size-medium wp-image-4108481" src="https:\/\/federalnewsnetwork.com\/wp-content\/uploads\/2022\/06\/alan-thompson-300x300.jpg" alt="" width="300" height="300" \/> Alan Thompson is the chief information officer for the House of Representatives.[\/caption]nnSo in the coming months, the CAO will launch its new digital services office.nnAlan Thompson, the House\u2019s chief information officer, said over the last decade, and specifically over the last two-plus years, a lot of member offices, committees and caucuses have been trying to take advantage of technology in new ways. But many times their staff had limited knowledge or brought in consultants that cost a lot of money.nn\u201cWe'd like to fill that gap for them,\u201d Thompson said on Ask the CIO. \u201cWe're going to have several different roles in this team. We'll have a product manager role. We'll have a user experience designer as well as software engineers. We really hope to bring in the capability to rapidly develop or maybe just consult on how an organization within the House member, committee or leadership office or a conference or caucus wants to achieve something. Really the hope is to be that resource there that can help them do that.\u201dnnThe CAO, which first announced its plan to create a digital services office in March at a hearing of the House Select Committee on the <a href="https:\/\/federalnewsnetwork.com\/congress\/2022\/01\/some-members-of-congress-are-working-to-make-things-more-civil-in-a-congress-that-works-better\/">Modernization of Congress<\/a>, is hiring both new employees but also bringing in experts from the U.S. Digital Service as well as TechCongress, an innovation fellowship that places technologists with Congress for a year.nnCatherine Szpindor, the House of Representatives chief administrative officer, said members or committees are trying to solve a specific problem, but don\u2019t know exactly how to do that.nnThe CAO offers almost 100 cloud approved services, for example, and the new digital services team will be able to do more than just point them in the right direction, but help get offices from idea to implementation.nn[caption id="attachment_4108483" align="alignleft" width="300"]<img class="size-medium wp-image-4108483" src="https:\/\/federalnewsnetwork.com\/wp-content\/uploads\/2022\/06\/Catherine-Szpindor-300x300.jpg" alt="" width="300" height="300" \/> Catherine Szpindor is the House of Representatives chief administrative officer.[\/caption]nn\u201cWe have traditionally been a typical IT support group. We support major applications like PeopleSoft in our HR and payroll applications, these large Oracle and other products that have been traditional, and that\u2019s served us well,\u201d Szpindor said. \u201cBut I think just since we really started integrating Office 365 and going to the cloud with so many other things, we started realizing that there was a real need for us to be able to provide consultative services and help with the development of some of these newer products that are automated in a way in which you don't have to know a lot about the standard way to program. They're low code, no code type applications. Allen's bringing in Appian as one of those that we could possibly use. We are looking at robotics process automation. This was just a good time to do that. The time was right, the enthusiasm is there, and I think industry experts are backing us with ideas and how it's being used in other places.\u201dnnThe House started implementing Microsoft O365 in 2019 and brought in other cloud products like WebEx from Cisco and Zoom to address the fast growing need for remote work during the pandemic.nnThese tools have made hearings more accessible, but they have also help improve the connection between Washington, D.C. office and members\u2019 district offices.nn\u201cI will point out that these the members have gotten very good at using these tools, which I've been very happy to see,\u201d Thompson said. \u201cI attended an event the other night hosted by Rep. [Eric] Swalwell (D-Calif.) when he was at home with his new baby in his arms while he was doing this meeting. The members have really taken to and, I think, have gotten used to this and have a lot more flexibility now. We required a lot of hands on from my team to support these meetings, and now we're finding that, they're like, \u2018Oh, we got this, we can make this work.\u2019\u201dnnThat feeling of \u201cwe got this,\u201d is part of the reason why the CAO is taking the next step with digital services.nnThompson said the digital services office will work directly with digital directors, who work for committee and member offices. While the CAO continues to set the office up, Thompson and his team are meeting with the digital directors to better understand what the trends, challenges and broad needs are across the House.nn\u201cThere's a lot of outreach going on reaching out to even chiefs of staff in member offices, trying to understand what problems are they having, where's the gaps so you can consider it a listening tour, if you will, doing a lot of research about what kinds of tools or things or initiatives that they're trying to perform,\u201d he said.nnThompson said as a pre-cursor of sorts to the digital services office, the CAO has been improving the technology infrastructure for the House over the last few years.nnHe said from improving Wi-Fi access in the office buildings to a new pilot in the district offices to improve their wireless connectivity, the goal is to make it easier to connect offices and people.nn\u201cWe've also put a virtual private network (VPN) concentrator out on the West Coast, this is all about are trying to improve service for the district offices. They're those satellite offices that two or three people are sometimes one person in them, but still having them be connected and being able to collaborate use all the same tools that we do here on the Hill,\u201d Thompson said. \u201cWe opened up two new pops, or point of presence, if you think for a national backbone in the Southwest and the Midwest. We have about 900 plus district offices out there in the members\u2019 home districts that need to be connected, just like they would be here. Now, these offices can jump on our network faster and have less latency getting to our infrastructure services.\u201dnnSzpindor added since the CAO put the network and infrastructure upgrades in place, the number of calls they receive from member offices about dropped network connections or latency issues has dropped significantly.nn\u201cThe thing that we have to do better with is when the offices have issues, whether it's with their technology or their network, they have to know who to call to get help,\u201d she said. \u201cIt breaks my heart when one of the district office directors or someone talks about all the network issues that they have in our office, and we were never contacted. I don't know who she was talking to, but it never got down to our network staff. We are willing to do whatever it needs to improve, including getting on a plane and flying to the office to check things out or doing monitoring by checking the bandwidth or whatever to make it better. The communication on what we can do and how we can help is something we're working on.\u201dnnSzpindor said the digital services office also will help current staff upskill through short or medium term assignments on projects.nn\u201cI try to look at the employee side of things, there will be a shift, and some of the work that's been done to where maybe there's a certain percentage of the work that we have been doing on our back end systems, that will shift here. So we want to keep in mind, the needs of our dedicated employees to try to help them to get to where they can be part of this as well,\u201d she said."}};

The House of Representatives Chief Administrative Office is close to adding another shared service to the 100 or so it already provides.

These range from acquisition support to human resources to finance and logistics. But the one area where those services were missing and sorely needed was around digital transformation.

Alan Thompson is the chief information officer for the House of Representatives.

So in the coming months, the CAO will launch its new digital services office.

Alan Thompson, the House’s chief information officer, said over the last decade, and specifically over the last two-plus years, a lot of member offices, committees and caucuses have been trying to take advantage of technology in new ways. But many times their staff had limited knowledge or brought in consultants that cost a lot of money.

“We’d like to fill that gap for them,” Thompson said on Ask the CIO. “We’re going to have several different roles in this team. We’ll have a product manager role. We’ll have a user experience designer as well as software engineers. We really hope to bring in the capability to rapidly develop or maybe just consult on how an organization within the House member, committee or leadership office or a conference or caucus wants to achieve something. Really the hope is to be that resource there that can help them do that.”

The CAO, which first announced its plan to create a digital services office in March at a hearing of the House Select Committee on the Modernization of Congress, is hiring both new employees but also bringing in experts from the U.S. Digital Service as well as TechCongress, an innovation fellowship that places technologists with Congress for a year.

Catherine Szpindor, the House of Representatives chief administrative officer, said members or committees are trying to solve a specific problem, but don’t know exactly how to do that.

The CAO offers almost 100 cloud approved services, for example, and the new digital services team will be able to do more than just point them in the right direction, but help get offices from idea to implementation.

Catherine Szpindor is the House of Representatives chief administrative officer.

“We have traditionally been a typical IT support group. We support major applications like PeopleSoft in our HR and payroll applications, these large Oracle and other products that have been traditional, and that’s served us well,” Szpindor said. “But I think just since we really started integrating Office 365 and going to the cloud with so many other things, we started realizing that there was a real need for us to be able to provide consultative services and help with the development of some of these newer products that are automated in a way in which you don’t have to know a lot about the standard way to program. They’re low code, no code type applications. Allen’s bringing in Appian as one of those that we could possibly use. We are looking at robotics process automation. This was just a good time to do that. The time was right, the enthusiasm is there, and I think industry experts are backing us with ideas and how it’s being used in other places.”

The House started implementing Microsoft O365 in 2019 and brought in other cloud products like WebEx from Cisco and Zoom to address the fast growing need for remote work during the pandemic.

These tools have made hearings more accessible, but they have also help improve the connection between Washington, D.C. office and members’ district offices.

“I will point out that these the members have gotten very good at using these tools, which I’ve been very happy to see,” Thompson said. “I attended an event the other night hosted by Rep. [Eric] Swalwell (D-Calif.) when he was at home with his new baby in his arms while he was doing this meeting. The members have really taken to and, I think, have gotten used to this and have a lot more flexibility now. We required a lot of hands on from my team to support these meetings, and now we’re finding that, they’re like, ‘Oh, we got this, we can make this work.’”

That feeling of “we got this,” is part of the reason why the CAO is taking the next step with digital services.

Thompson said the digital services office will work directly with digital directors, who work for committee and member offices. While the CAO continues to set the office up, Thompson and his team are meeting with the digital directors to better understand what the trends, challenges and broad needs are across the House.

“There’s a lot of outreach going on reaching out to even chiefs of staff in member offices, trying to understand what problems are they having, where’s the gaps so you can consider it a listening tour, if you will, doing a lot of research about what kinds of tools or things or initiatives that they’re trying to perform,” he said.

Thompson said as a pre-cursor of sorts to the digital services office, the CAO has been improving the technology infrastructure for the House over the last few years.

He said from improving Wi-Fi access in the office buildings to a new pilot in the district offices to improve their wireless connectivity, the goal is to make it easier to connect offices and people.

“We’ve also put a virtual private network (VPN) concentrator out on the West Coast, this is all about are trying to improve service for the district offices. They’re those satellite offices that two or three people are sometimes one person in them, but still having them be connected and being able to collaborate use all the same tools that we do here on the Hill,” Thompson said. “We opened up two new pops, or point of presence, if you think for a national backbone in the Southwest and the Midwest. We have about 900 plus district offices out there in the members’ home districts that need to be connected, just like they would be here. Now, these offices can jump on our network faster and have less latency getting to our infrastructure services.”

Szpindor added since the CAO put the network and infrastructure upgrades in place, the number of calls they receive from member offices about dropped network connections or latency issues has dropped significantly.

“The thing that we have to do better with is when the offices have issues, whether it’s with their technology or their network, they have to know who to call to get help,” she said. “It breaks my heart when one of the district office directors or someone talks about all the network issues that they have in our office, and we were never contacted. I don’t know who she was talking to, but it never got down to our network staff. We are willing to do whatever it needs to improve, including getting on a plane and flying to the office to check things out or doing monitoring by checking the bandwidth or whatever to make it better. The communication on what we can do and how we can help is something we’re working on.”

Szpindor said the digital services office also will help current staff upskill through short or medium term assignments on projects.

“I try to look at the employee side of things, there will be a shift, and some of the work that’s been done to where maybe there’s a certain percentage of the work that we have been doing on our back end systems, that will shift here. So we want to keep in mind, the needs of our dedicated employees to try to help them to get to where they can be part of this as well,” she said.

]]>
https://federalnewsnetwork.com/ask-the-cio/2022/06/new-house-digital-services-office-seeks-to-fill-gaps-to-modernize-congress/feed/ 0
Quick pivot during the pandemic highlighted DIU’s ability to solve DoD problems https://federalnewsnetwork.com/ask-the-cio/2022/06/quick-pivot-during-the-pandemic-highlighted-dius-ability-to-solve-dod-problems/ https://federalnewsnetwork.com/ask-the-cio/2022/06/quick-pivot-during-the-pandemic-highlighted-dius-ability-to-solve-dod-problems/#respond Fri, 10 Jun 2022 16:13:48 +0000 https://federalnewsnetwork.com/?p=4097576 var config_4097689 = {"options":{"theme":"hbidc_default"},"extensions":{"Playlist":[]},"episode":{"media":{"mp3":"https:\/\/dts.podtrac.com\/redirect.mp3\/pdst.fm\/e\/chrt.fm\/track\/E2G895\/aw.noxsolutions.com\/launchpod\/adswizz\/1128\/060922_askciodiumadsen_web_xafo_9aa421bd.mp3?awCollectionId=1128&awEpisodeId=73947db9-20a0-4177-ad53-d4359aa421bd&awNetwork=322"},"coverUrl":"https:\/\/federalnewsnetwork.com\/wp-content\/uploads\/2018\/12\/AsktheCIO1500-150x150.jpg","title":"Quick pivot during the pandemic highlighted DIU\u2019s ability to solve DoD problems","description":"[hbidcpodcast podcastid='4097689']nn<em>Best listening experience is on Chrome, Firefox or Safari. Subscribe to Ask the CIO on <\/em><a href="https:\/\/itunes.apple.com\/us\/podcast\/federal-drive-with-tom-temin\/id1270799277?mt=2"><em><span style="color: #0070c0;">Apple Podcast<\/span><\/em><span style="color: #0070c0;">s<\/span><\/a><em>\u00a0or\u00a0<a href="https:\/\/www.podcastone.com\/federal-drive-with-tom-temin?pid=1753589">PodcastOne<\/a>.<\/em>nnThe impact of the Defense Innovation Unit shouldn\u2019t be measured in the number of agreements awarded or the amount of dollars obligated. Both, by the way, are breaking new records each year.nnRather, the impact of DIU should be measured in number of problems it helps solve for the Defense Department.nnMike Madsen, the deputy director of Defense Innovation Unit, said one of the best examples came during the early days of the COVID-19 pandemic. DIU was overseeing the development of a new application called the rapid the assessment of the threat environment (RATE).nn[caption id="attachment_1813513" align="alignright" width="300"]<img class="wp-image-1813513" src="https:\/\/federalnewsnetwork.com\/wp-content\/uploads\/2018\/03\/Mike-Madsen-index.jpg" alt="" width="300" height="300" \/> Mike Madsen is the deputy director of Defense Innovation Unit.[\/caption]nn\u201cIt was a prototype used to predict when men and women in uniform are going to come down with an infectious disease like flu. This was pre-pandemic,\u201d Madsen said on <a href="https:\/\/federalnewsnetwork.com\/category\/radio-interviews\/ask-the-cio\/">Ask the CIO<\/a>. \u201cThose kinds of things that would impact readiness and can spread potentially through your organization. Well, we were almost complete with that prototype when the COVID pandemic started. Instead of going back through a requirements process, we just pivoted, and applied it to COVID environment and ran the prototype of RATE in the COVID environment.\u201dnnMadsen said about 10,000 service members participated and the app collected data from devices like wearable watches and other on-person devices.nnThe application detects biometric measurements of various the service members and feeds the information into a database where it applies artificial intelligence to predict when folks would get sick.nn\u201cWe were able to perfect it to the point where we were able to identify folks who are going to get sick with COVID 48 hours before testing or symptoms indicated that they actually had COVID,\u201d Madsen said. \u201cFrom a unit perspective, if I'm a commander, now I have awareness of someone who is potentially going to bring that into the larger unit and we can pull them out, isolate them before they're even infectious. From our DIU operations perspective, [the pandemic] was relatively seamless, but there were opportunities to help leverage commercial technology to solve Defense Department problems.\u201dn<h2>Record year in 2021<\/h2>nSolving those problems for warfighters is DIU\u2019s ultimate goal, and that by which is the organization constantly is proving its value.nnMadsen said this is why DIU is always looking for the companies that are on the leading edge and doing innovative work that could help some solve some of <a href="https:\/\/federalnewsnetwork.com\/ask-the-cio\/2021\/06\/diu-rethinking-cyber-endpoint-protections-through-advanced-deception-tools\/">DoD\u2019s biggest challenges<\/a>.nnSince 2016, when DoD launched the innovation office, it has awarded 279 contracts and brought in 240 non-traditional vendors, based on the definition in the law.nnIn <a href="https:\/\/assets.ctfassets.net\/3nanhbfkr0pc\/5JPfbtxBv4HLjn8eQKiUW9\/cab09a726c2ad2ed197bdd2df343f385\/Digital_Version_-_Final_-_DIU_-_2021_Annual_Report.pdf">2021<\/a>, DIU published 26 solicitations for commercial solutions for which it received 1,100 proposals. The solicitations on average received 43 proposals each.nnDIU says 86% of companies that have received awards are considered <a href="https:\/\/federalnewsnetwork.com\/defense-main\/2022\/05\/gsa-diu-working-together-to-get-non-traditional-contractors-on-board\/">nontraditional vendors<\/a> with 73% being small businesses and 33% being first-time DoD vendors.nnMadsen said 2022 also is looking strong. As of March, DIU has awarded $1.5 billion in total contract value. Between 2016 and 2021, DIU obligated $893 million.nn\u201cWhat that tells me is that we have proven our value to our DoD partners as a way to rapidly bring in that commercial technology to bear on DoD problems and provided our return on investment to them,\u201d he said. \u201cIt also tells me that not only have we proven value to our DoD partners, but we're proving value to our commercial partners as well as a way to simplify that process of working with the department. So we're pretty excited about that.\u201dnnMadsen said DIU is seeking to continue to improve its process and prove its value. He said currently it takes about 100 days to award a prototype, but DIU would like to get that timeline down to as little as 60 days.nn\u201cWe increase the transparency with a commercial partner. We increase competition for our DoD partners, lower the time the vendor has to obligate to the solicitation,\u201d he said. \u201cWe're able to get more solicitations in, which is great because we can cast a pretty wide net. We're able to use our commercial engagement team to go out into the ecosystem and really understand where is that that large magnitude of commercial investment taking place in the technology ecosystem, who are the companies that are really on the leading edge and doing really some of the fantastic innovation and development in that areas that we think are going to help some solve some of DoD problems.\u201dn<h2>Expanding DIU's reach<\/h2>nDIU is expanding its reach with offices in Silicon Valley, in Mountain View, California, in Austin, Texas, Boston, Washington, D.C. and the <a href="https:\/\/federalnewsnetwork.com\/defense-main\/2022\/04\/diu-opens-latest-innovation-outpost-expanding-its-presence-to-the-midwest\/">newest regional office<\/a> in Chicago.nnThe reason for the six regional offices is two-fold. First, DIU wants to search out companies that are outside the typical technology corridors. Second is to promote more competition.nn\u201cWe also accelerate cooperation. In this era of the broader strategic competition, demands collective cooperation so we are shifting to a regional focus to align government innovation entities within those geographic regions to make sure we're getting the best technology from across the country, not just the technology hubs,\u201d Madsen said. \u201cWe want to find the best technology that the U.S. has to offer. We also want to demystify the complex procurement process. If we can get all the government innovation folks together and rowing in the same direction, and engaging with our commercial partners, in one voice that it's going to help us demystify that.\u201dnnOver the last few years, DIU has moved several projects that are showing promising results in the prototype phase.nnMadsen highlighted the development of a 5G tactical network for the California Air National Guard.nn\u201cWe're able to rapidly set up a secure 5G mesh network for humanitarian assistance, disaster relief and first responders. If you think about forest fires, now we're able to set up a very rapidly a 5G network for cellular coverage for those folks that is discreet and secure for them to continue executing their activities,\u201d he said. \u201cWe're using AI for predictive maintenance. The commercial sector saw this a long time ago, not just the airline industry, but other industries that use very, very expensive machines with a lot of moving parts and failure of any of those parts would result in a catastrophic outcome. What we've been able to do is apply predictive maintenance using AI to multiple platforms across the Air Force. We've seen an increase in machine capable rates and a decrease in unscheduled maintenance time. We are looking to continue scaling that one across all the platforms.\u201dnnA third example is around drones and making sure they are both built securely from a cyber perspective and by American-owned companies.nn\u201cWe've had several prototypes with the Army that resulted in CyberSecure drones,\u201d he said. \u201cWe were able to field those in less than 48 hours in response to the humanitarian refugee situation in Germany when the US pulled out of Afghanistan.\u201d"}};

Best listening experience is on Chrome, Firefox or Safari. Subscribe to Ask the CIO on Apple Podcasts or PodcastOne.

The impact of the Defense Innovation Unit shouldn’t be measured in the number of agreements awarded or the amount of dollars obligated. Both, by the way, are breaking new records each year.

Rather, the impact of DIU should be measured in number of problems it helps solve for the Defense Department.

Mike Madsen, the deputy director of Defense Innovation Unit, said one of the best examples came during the early days of the COVID-19 pandemic. DIU was overseeing the development of a new application called the rapid the assessment of the threat environment (RATE).

Mike Madsen is the deputy director of Defense Innovation Unit.

“It was a prototype used to predict when men and women in uniform are going to come down with an infectious disease like flu. This was pre-pandemic,” Madsen said on Ask the CIO. “Those kinds of things that would impact readiness and can spread potentially through your organization. Well, we were almost complete with that prototype when the COVID pandemic started. Instead of going back through a requirements process, we just pivoted, and applied it to COVID environment and ran the prototype of RATE in the COVID environment.”

Madsen said about 10,000 service members participated and the app collected data from devices like wearable watches and other on-person devices.

The application detects biometric measurements of various the service members and feeds the information into a database where it applies artificial intelligence to predict when folks would get sick.

“We were able to perfect it to the point where we were able to identify folks who are going to get sick with COVID 48 hours before testing or symptoms indicated that they actually had COVID,” Madsen said. “From a unit perspective, if I’m a commander, now I have awareness of someone who is potentially going to bring that into the larger unit and we can pull them out, isolate them before they’re even infectious. From our DIU operations perspective, [the pandemic] was relatively seamless, but there were opportunities to help leverage commercial technology to solve Defense Department problems.”

Record year in 2021

Solving those problems for warfighters is DIU’s ultimate goal, and that by which is the organization constantly is proving its value.

Madsen said this is why DIU is always looking for the companies that are on the leading edge and doing innovative work that could help some solve some of DoD’s biggest challenges.

Since 2016, when DoD launched the innovation office, it has awarded 279 contracts and brought in 240 non-traditional vendors, based on the definition in the law.

In 2021, DIU published 26 solicitations for commercial solutions for which it received 1,100 proposals. The solicitations on average received 43 proposals each.

DIU says 86% of companies that have received awards are considered nontraditional vendors with 73% being small businesses and 33% being first-time DoD vendors.

Madsen said 2022 also is looking strong. As of March, DIU has awarded $1.5 billion in total contract value. Between 2016 and 2021, DIU obligated $893 million.

“What that tells me is that we have proven our value to our DoD partners as a way to rapidly bring in that commercial technology to bear on DoD problems and provided our return on investment to them,” he said. “It also tells me that not only have we proven value to our DoD partners, but we’re proving value to our commercial partners as well as a way to simplify that process of working with the department. So we’re pretty excited about that.”

Madsen said DIU is seeking to continue to improve its process and prove its value. He said currently it takes about 100 days to award a prototype, but DIU would like to get that timeline down to as little as 60 days.

“We increase the transparency with a commercial partner. We increase competition for our DoD partners, lower the time the vendor has to obligate to the solicitation,” he said. “We’re able to get more solicitations in, which is great because we can cast a pretty wide net. We’re able to use our commercial engagement team to go out into the ecosystem and really understand where is that that large magnitude of commercial investment taking place in the technology ecosystem, who are the companies that are really on the leading edge and doing really some of the fantastic innovation and development in that areas that we think are going to help some solve some of DoD problems.”

Expanding DIU’s reach

DIU is expanding its reach with offices in Silicon Valley, in Mountain View, California, in Austin, Texas, Boston, Washington, D.C. and the newest regional office in Chicago.

The reason for the six regional offices is two-fold. First, DIU wants to search out companies that are outside the typical technology corridors. Second is to promote more competition.

“We also accelerate cooperation. In this era of the broader strategic competition, demands collective cooperation so we are shifting to a regional focus to align government innovation entities within those geographic regions to make sure we’re getting the best technology from across the country, not just the technology hubs,” Madsen said. “We want to find the best technology that the U.S. has to offer. We also want to demystify the complex procurement process. If we can get all the government innovation folks together and rowing in the same direction, and engaging with our commercial partners, in one voice that it’s going to help us demystify that.”

Over the last few years, DIU has moved several projects that are showing promising results in the prototype phase.

Madsen highlighted the development of a 5G tactical network for the California Air National Guard.

“We’re able to rapidly set up a secure 5G mesh network for humanitarian assistance, disaster relief and first responders. If you think about forest fires, now we’re able to set up a very rapidly a 5G network for cellular coverage for those folks that is discreet and secure for them to continue executing their activities,” he said. “We’re using AI for predictive maintenance. The commercial sector saw this a long time ago, not just the airline industry, but other industries that use very, very expensive machines with a lot of moving parts and failure of any of those parts would result in a catastrophic outcome. What we’ve been able to do is apply predictive maintenance using AI to multiple platforms across the Air Force. We’ve seen an increase in machine capable rates and a decrease in unscheduled maintenance time. We are looking to continue scaling that one across all the platforms.”

A third example is around drones and making sure they are both built securely from a cyber perspective and by American-owned companies.

“We’ve had several prototypes with the Army that resulted in CyberSecure drones,” he said. “We were able to field those in less than 48 hours in response to the humanitarian refugee situation in Germany when the US pulled out of Afghanistan.”

]]>
https://federalnewsnetwork.com/ask-the-cio/2022/06/quick-pivot-during-the-pandemic-highlighted-dius-ability-to-solve-dod-problems/feed/ 0
FEMA sets self-imposed deadline for moving more applications to the cloud https://federalnewsnetwork.com/ask-the-cio/2022/05/fema-sets-self-imposed-deadline-for-moving-more-applications-to-the-cloud/ https://federalnewsnetwork.com/ask-the-cio/2022/05/fema-sets-self-imposed-deadline-for-moving-more-applications-to-the-cloud/#respond Thu, 26 May 2022 21:43:51 +0000 https://federalnewsnetwork.com/?p=4077269 var config_4077562 = {"options":{"theme":"hbidc_default"},"extensions":{"Playlist":[]},"episode":{"media":{"mp3":"https:\/\/dts.podtrac.com\/redirect.mp3\/pdst.fm\/e\/chrt.fm\/track\/E2G895\/aw.noxsolutions.com\/launchpod\/adswizz\/1128\/052622_askciofemapanel_web_tert_061815c4.mp3?awCollectionId=1128&awEpisodeId=f55e6982-7168-41a4-8d04-0a18061815c4&adwNewID3=true&awNetwork=322"},"coverUrl":"https:\/\/federalnewsnetwork.com\/wp-content\/uploads\/2018\/12\/AsktheCIO1500-150x150.jpg","title":"FEMA sets self-imposed deadline for moving more applications to the cloud","description":"[hbidcpodcast podcastid='4077562']nnFor FEMA, cloud services are a lifeline to disaster survivors.nnThere may be no better uses cases than when a hurricane or tornado strikes and FEMA must scale up its grants management or flood insurance program to tens of thousands of users in a matter of hours.nnLytwaive Hutchinson, the outgoing FEMA chief information officer, said the scalability and flexibility of cloud services along with the innovation from providers means the agency continually adapt to the changing needs of citizens.nn\u201cOur goal is to, by the end of this year, have at least 50% of all of our systems and services that are cloud ready to be moved into the cloud,\u201d Hutchinson said during a recent panel sponsored by ACT-IAC, an excerpt of which was part of the <a href="https:\/\/federalnewsnetwork.com\/category\/radio-interviews\/ask-the-cio\/">Ask the CIO<\/a> program. \u201cI've had conversations with some vendors and some folks about lift-and-shift, lift-and-shift is my last resort. That is not something that's viable. My first look is to take capability and actually either modernize them and\/or move them into the cloud because they are cloud ready or if they are not, then they should remain on-premise.\u201dnnHutchinson, who announced in March that she is <a href="https:\/\/federalnewsnetwork.com\/cio-news\/2022\/03\/femas-cio-moving-to-private-sector\/">retiring from federal service<\/a> after 41 years, said some systems are better suited to remain on FEMA or Homeland Security Department data centers, while others systems are ready today or could be ready in the short term.nn[caption id="attachment_2343136" align="alignright" width="400"]<img class="wp-image-2343136" src="https:\/\/federalnewsnetwork.com\/wp-content\/uploads\/2019\/05\/hutchinson-300x227.jpg" alt="" width="400" height="303" \/> Lytwaive Hutchinson is the CIO at FEMA until she retires in the coming weeks.[\/caption]nn\u201cWe do have upwards of, I think, 53 systems that are cloud ready so that will be 50% of 53 for this fiscal year. We have another set of systems that are not cloud ready and will have to go through a modernization phase,\u201d she said. \u201cOur goal is by fiscal 2026 to have all of our systems and services in the cloud. That is inclusive of our financial systems. We will address each of our systems on a case-by-case basis.\u201dnnShe said this <a href="https:\/\/federalnewsnetwork.com\/cme-event\/federal-insights\/ask-the-cio-department-of-homeland-security\/">IT modernization initiative<\/a> must be part of how FEMA does business every day and responds to every disaster. This means the services must be less about the greatest and latest technology and more about ensuring citizens have access to FEMA\u2019s services whether they have internet connections or not.nn\u201cOur goal is to ensure that our services do not become obsolete by just adding on a building on to current technology, but embracing new technology as that technology availed itself,\u201d Hutchinson said. \u201cYou also heard us talk a little bit about our theme for this year, which is delivering digital equities. I know it\u2019s a really nice little catchphrase, but it really does mean something to us. It is about delivering equity to our IT partners and to our citizens to be able to access being this data, not just access it, but access it securely. We also want to make sure that we are taking care of our disabled community, and that we're ensuring that our systems, our services, our websites are ready for them to also be able to utilize. We have a lot going on across FEMA as it relates to systems and services that we would like to deliver to our partners and to our citizens to be able to take advantage of the capability that FEMA brings to bear especially during the time of need in a disaster.\u201dn<h2>Securing software earlier on<\/h2>nOne way FEMA is taking on this challenge is through a \u201csecure by design\u201d approach to developing new services.nnGreg Edwards, the FEMA chief information security officer, said this is how the agency brings security closer to the acquisition process so they address potential and real vulnerabilities on the front end of the development phase.nn\u201cWe spent a lot of time in terms of zero trust with our users and thinking about how they access our services and devices in a protected and a secure manner. In that area, we've made some improvements in terms of how we control our mobile devices and made some modernization in the network and in the applications,\u201d Edwards said on the panel. \u201cIn terms of our network, we've done a heck of a lot of modernization of the assets themselves. That's all about our journey to our FEMA enterprise cloud. Then there is the data from a cyber perspective, where we are focusing very heavily on data being encrypted at-rest, and also data being encrypted in-transit.\u201dnnThe move to the cloud and the focus on zero trust is forcing FEMA to rethink more than just their internal protections, but also how the public must access the data and applications.nnEdwards said this is where the secure-by-design framework comes in.nn\u201cWhat that is going to allow us to do is closely align our system development lifecycle with the acquisition lifecycle. So step-by-step, we'll be looking at cyber activities from when you're doing some software development to when you're doing some critical design testing to when you're implementing to when you are decommissioning the system,\u201d he said. \u201cWe think this framework, secure-by-design, will be helpful to govern our overall processes and help us tighten the reins in that area.\u201dnnThrough the secure-by-design approach, Edwards said FEMA is fixing vulnerabilities faster, reducing the cost of security and improving collaboration between the technology and mission areas of the agency.n<h2>Getting governance right<\/h2>nThe biggest impact of <a href="https:\/\/federalnewsnetwork.com\/cybersecurity\/2022\/02\/officials-say-log4j-response-proves-out-promise-of-new-public-private-partnership\/">secure-by-design<\/a>, however, may be in how the system operates to serve the mission and citizens.nnEdwards said by looking at problems more holistically, FEMA can ensure changes or updates don\u2019t have downstream effects that may make one element less secure or more complex to use.nn\u201cWe're at the governance point still, and then we want to communicate the governance framework to our governance board so we get the buy-in from the whole community about the concept and methodology. We want them to have a good understanding of it before we start saying that we're actually implementing anything in that regard,\u201d he said. \u201cBut in our business, we're always working in parallel. We'll be partnering with our major programs so we do some prototyping, some understanding of some of the impacts of actually implementing this, and getting to a goal of ongoing authorization and things of that nature. While we work on the governance, we're also working with programs to prototype how this would actually work. By the end of this year, we would expect to have our governance process solidly in place, and my boss has asked me to make sure that I have about three processes that we've fully implemented by the end of this year as well.\u201dnnEdwards said there are nine processes within secure-by-design and FEMA is looking at three of them, such security planning to auditing."}};

For FEMA, cloud services are a lifeline to disaster survivors.

There may be no better uses cases than when a hurricane or tornado strikes and FEMA must scale up its grants management or flood insurance program to tens of thousands of users in a matter of hours.

Lytwaive Hutchinson, the outgoing FEMA chief information officer, said the scalability and flexibility of cloud services along with the innovation from providers means the agency continually adapt to the changing needs of citizens.

“Our goal is to, by the end of this year, have at least 50% of all of our systems and services that are cloud ready to be moved into the cloud,” Hutchinson said during a recent panel sponsored by ACT-IAC, an excerpt of which was part of the Ask the CIO program. “I’ve had conversations with some vendors and some folks about lift-and-shift, lift-and-shift is my last resort. That is not something that’s viable. My first look is to take capability and actually either modernize them and/or move them into the cloud because they are cloud ready or if they are not, then they should remain on-premise.”

Hutchinson, who announced in March that she is retiring from federal service after 41 years, said some systems are better suited to remain on FEMA or Homeland Security Department data centers, while others systems are ready today or could be ready in the short term.

Lytwaive Hutchinson is the CIO at FEMA until she retires in the coming weeks.

“We do have upwards of, I think, 53 systems that are cloud ready so that will be 50% of 53 for this fiscal year. We have another set of systems that are not cloud ready and will have to go through a modernization phase,” she said. “Our goal is by fiscal 2026 to have all of our systems and services in the cloud. That is inclusive of our financial systems. We will address each of our systems on a case-by-case basis.”

She said this IT modernization initiative must be part of how FEMA does business every day and responds to every disaster. This means the services must be less about the greatest and latest technology and more about ensuring citizens have access to FEMA’s services whether they have internet connections or not.

“Our goal is to ensure that our services do not become obsolete by just adding on a building on to current technology, but embracing new technology as that technology availed itself,” Hutchinson said. “You also heard us talk a little bit about our theme for this year, which is delivering digital equities. I know it’s a really nice little catchphrase, but it really does mean something to us. It is about delivering equity to our IT partners and to our citizens to be able to access being this data, not just access it, but access it securely. We also want to make sure that we are taking care of our disabled community, and that we’re ensuring that our systems, our services, our websites are ready for them to also be able to utilize. We have a lot going on across FEMA as it relates to systems and services that we would like to deliver to our partners and to our citizens to be able to take advantage of the capability that FEMA brings to bear especially during the time of need in a disaster.”

Securing software earlier on

One way FEMA is taking on this challenge is through a “secure by design” approach to developing new services.

Greg Edwards, the FEMA chief information security officer, said this is how the agency brings security closer to the acquisition process so they address potential and real vulnerabilities on the front end of the development phase.

“We spent a lot of time in terms of zero trust with our users and thinking about how they access our services and devices in a protected and a secure manner. In that area, we’ve made some improvements in terms of how we control our mobile devices and made some modernization in the network and in the applications,” Edwards said on the panel. “In terms of our network, we’ve done a heck of a lot of modernization of the assets themselves. That’s all about our journey to our FEMA enterprise cloud. Then there is the data from a cyber perspective, where we are focusing very heavily on data being encrypted at-rest, and also data being encrypted in-transit.”

The move to the cloud and the focus on zero trust is forcing FEMA to rethink more than just their internal protections, but also how the public must access the data and applications.

Edwards said this is where the secure-by-design framework comes in.

“What that is going to allow us to do is closely align our system development lifecycle with the acquisition lifecycle. So step-by-step, we’ll be looking at cyber activities from when you’re doing some software development to when you’re doing some critical design testing to when you’re implementing to when you are decommissioning the system,” he said. “We think this framework, secure-by-design, will be helpful to govern our overall processes and help us tighten the reins in that area.”

Through the secure-by-design approach, Edwards said FEMA is fixing vulnerabilities faster, reducing the cost of security and improving collaboration between the technology and mission areas of the agency.

Getting governance right

The biggest impact of secure-by-design, however, may be in how the system operates to serve the mission and citizens.

Edwards said by looking at problems more holistically, FEMA can ensure changes or updates don’t have downstream effects that may make one element less secure or more complex to use.

“We’re at the governance point still, and then we want to communicate the governance framework to our governance board so we get the buy-in from the whole community about the concept and methodology. We want them to have a good understanding of it before we start saying that we’re actually implementing anything in that regard,” he said. “But in our business, we’re always working in parallel. We’ll be partnering with our major programs so we do some prototyping, some understanding of some of the impacts of actually implementing this, and getting to a goal of ongoing authorization and things of that nature. While we work on the governance, we’re also working with programs to prototype how this would actually work. By the end of this year, we would expect to have our governance process solidly in place, and my boss has asked me to make sure that I have about three processes that we’ve fully implemented by the end of this year as well.”

Edwards said there are nine processes within secure-by-design and FEMA is looking at three of them, such security planning to auditing.

]]>
https://federalnewsnetwork.com/ask-the-cio/2022/05/fema-sets-self-imposed-deadline-for-moving-more-applications-to-the-cloud/feed/ 0
IRS’ quick wins by procurement, finance demonstrate power, value of RPA https://federalnewsnetwork.com/ask-the-cio/2022/05/irs-quick-wins-by-procurement-finance-demonstrate-power-value-of-rpa/ https://federalnewsnetwork.com/ask-the-cio/2022/05/irs-quick-wins-by-procurement-finance-demonstrate-power-value-of-rpa/#respond Fri, 20 May 2022 14:11:35 +0000 https://federalnewsnetwork.com/?p=4068284 var config_4068406 = {"options":{"theme":"hbidc_default"},"extensions":{"Playlist":[]},"episode":{"media":{"mp3":"https:\/\/dts.podtrac.com\/redirect.mp3\/pdst.fm\/e\/chrt.fm\/track\/E2G895\/aw.noxsolutions.com\/launchpod\/adswizz\/1128\/051922_askcioirsrpa_web_opnt_7eb59eb8.mp3?awCollectionId=1128&awEpisodeId=619dd298-9599-488d-9d53-e19c7eb59eb8&awNetwork=322"},"coverUrl":"https:\/\/federalnewsnetwork.com\/wp-content\/uploads\/2018\/12\/AsktheCIO1500-150x150.jpg","title":"IRS\u2019 quick wins by procurement, finance demonstrate power, value of RPA","description":"[hbidcpodcast podcastid='4068406']nnFor the last few years, the IRS has been changing its external reputation and internal culture of an agency that doesn\u2019t take technology risks.nnThe <a href="https:\/\/federalnewsnetwork.com\/it-modernization\/2022\/03\/innovation-for-irs-customer-experience-hangs-on-cost-effectiveness\/">Pilot IRS program<\/a> may be one of the most well-known examples of this external evolution, reaching out to vendors to bring in innovation and new approaches to contracting.nnInternally, the use of robotics process automation in the procurement and financial offices has been a strong influence on the workforce\u2019s culture.nnShanna Webbers, the assistant deputy commissioner for operations support at the IRS, said a combination of short-term wins and agencywide collaboration helped drive two major changes.nn[caption id="attachment_3127846" align="alignright" width="300"]<img class="size-medium wp-image-3127846" src="https:\/\/federalnewsnetwork.com\/wp-content\/uploads\/2020\/10\/Shanna-Webbers-SQUARE-300x284.jpg" alt="" width="300" height="284" \/> Shanna Webbers is the assistant deputy commissioner for operations support at the IRS.[\/caption]nn\u201cThe technology enables our staff do other things or things that they may find more interesting, instead of just mundane, repetitive tasks. That's really what we want to do. We want to create an environment where our staff want to come to work, where they're excited to come to work, where they feel like they are making a tremendous amount of value to executing our mission at the IRS,\u201d Webbers said on <a href="https:\/\/federalnewsnetwork.com\/category\/radio-interviews\/ask-the-cio\/">Ask the CIO<\/a>. \u201cHow do we create that and beyond just upskilling and rescaling in areas with human resources-related to technology or robotic process automation? We really are looking at the whole person. How do we ensure that every individual in the organization has the right skill set, the right experience and the right knowledge to take on positions of greater responsibility?\u201dnnWebbers said that meant changing how they trained the workforce. Instead of focusing 80% of the training on the technical aspects of procurement, the use of RPA and automation has let the IRS refocus the training to 50% on technical and 50% on other skills like critical thinking, writing, leadership and collaboration.n<h2>Agency collaboration<\/h2>nThe second initiative to drive the culture change is to create a partnership with the agency\u2019s chief information officer\u2019s office.nnWebbers said the CIO\u2019s office must give its final \u201cblessing\u201d before the bot can launch, the office has provided acquisition and financial with liaisons to help work through the documentation and security processes.nn\u201cWe have a process in place where when we have ideas, we, through an intake form, submit them to the CIO and they get reviewed. There's an IT advisory board that makes recommendations for how to move forward,\u201d she said. \u201cIf we don't have the capacity or the funding to move forward, the CIO\u2019s office helps to prioritize the RPA investments.\u201dnnAcross procurement and financial, the IRS has implemented a small amount of RPA bots so far, but <a href="https:\/\/federalnewsnetwork.com\/automation\/2022\/02\/rpa-helps-irs-make-fundamental-shift-in-procurement-finance-operations\/">expect to increase the number<\/a> over the next year.nn\u201cWe have other ones that are in the queue right now. In the next six to 12 months we are \u00a0focusing on RPA implementation that's working around data reconciliation and management for our manual adjustments for refunds and deposits, that could save up to 35,000 hours per year,\u201d said Teresa Hunter, the IRS\u2019s CFO. \u201cThere's a significant opportunity. We are a very paper-based organization. It's just a matter of our IT organization having the capacity and the funding to keep up with the demand that is going to be coming their way. The CIO has a big job of making sure that we are secure and safe. It's a balance between having a good relationship with your CIO office and understanding their perspective as well as the needs of the businesses.\u201dnnHunter, like many CFOs, are seeing the value of bots for financial operations.nn[caption id="attachment_4068312" align="alignleft" width="300"]<img class="size-medium wp-image-4068312" src="https:\/\/federalnewsnetwork.com\/wp-content\/uploads\/2022\/05\/teresa-hunter-300x300.jpg" alt="" width="300" height="300" \/> Teresa Hunter is the CFO at the IRS.[\/caption]nnShe said she is encouraging the staff to take a new way of looking at how they could do their work, which areas are repetitive and require mundane tasks that somebody had to do that.nn\u201cWe know it does save time and effort on our staffs\u2019 part,\u201d Hunter said. \u201cAs we're working on the automation, the innovation, the efficiency effort within CFO, we're also looking at skill sets of our staff and how can we upskill or reskill them? What are the core areas that we want to focus on of making sure our staff are being trained to develop and grow in their role as we move forward with some of these shifts and changes? We aren't looking to reduce full-time equivalents (FTE), but we're looking at being able to be more analytical in our decision making and how we are approaching the work that we have to do so that we can be more successful and how we're making decisions, how we're coming to conclusions, and really getting ahead of any type of like audit issues or anything like that, where we're really understanding our data and our workforce is really growing and developing along that path that would get us to the future of finance and the skill sets that are going to be required for people in a CFO organization.\u201dn<h2>Relying on the innovation team<\/h2>nFor both Hunter and Webbers, the continued <a href="https:\/\/federalnewsnetwork.com\/automation\/2021\/03\/irs-procurement-chief-pushes-intelligent-risk-taking-in-bot-rollout\/">move toward automation<\/a> and using bots will be a balance of enthusiasm from the early adopters and managing those who remain cautious about it.nn\u201cOne of the things that I believe helped us in that was just being open to hearing what they have to say about using bots. Every viewpoint was critically important to understanding the risk that may be associated with using a robotic process automation on a process that we had not proven out. So trying to take all of that input, letting them know that their input was important and mitigating the particular risks or accepting those risks, or coming up with a different approach to eliminate the risk, was our approach,\u201d Webbers said. \u201cAt the end of the day, because I was in charge, I said, \u2018Okay, let's do it, we're going to try and see.\u2019 Fortunately, it worked out really well, and I think that those instances where we got those quick wins was important for people to gain confidence.\u201dnnShe said the IRS looks back at every RPA implementation to create lessons learned and figure out where they can improve upon the process for next time.nnHunter added the CFO\u2019s office created an innovation team to which employees can submit ideas for how to automate or improve a process.nn\u201cWhat I wanted to do was make folks a part of the process, where, I'll steal a quote from procurement, can you tell me what you hate so that I can make you love it?\u201d she said. \u201cWhat are those opportunities that you just dislike doing every day? Let's take a look at it because maybe there's opportunity to do the work in a different way or automated it or whatever the solution may be, but there's got to be an answer. We've focused on that as well as the change management portion of it as we're thinking about how we're looking at our work products. It's really the mindset of how can a bot help me in my day-to-day life?\u201d"}};

For the last few years, the IRS has been changing its external reputation and internal culture of an agency that doesn’t take technology risks.

The Pilot IRS program may be one of the most well-known examples of this external evolution, reaching out to vendors to bring in innovation and new approaches to contracting.

Internally, the use of robotics process automation in the procurement and financial offices has been a strong influence on the workforce’s culture.

Shanna Webbers, the assistant deputy commissioner for operations support at the IRS, said a combination of short-term wins and agencywide collaboration helped drive two major changes.

Shanna Webbers is the assistant deputy commissioner for operations support at the IRS.

“The technology enables our staff do other things or things that they may find more interesting, instead of just mundane, repetitive tasks. That’s really what we want to do. We want to create an environment where our staff want to come to work, where they’re excited to come to work, where they feel like they are making a tremendous amount of value to executing our mission at the IRS,” Webbers said on Ask the CIO. “How do we create that and beyond just upskilling and rescaling in areas with human resources-related to technology or robotic process automation? We really are looking at the whole person. How do we ensure that every individual in the organization has the right skill set, the right experience and the right knowledge to take on positions of greater responsibility?”

Webbers said that meant changing how they trained the workforce. Instead of focusing 80% of the training on the technical aspects of procurement, the use of RPA and automation has let the IRS refocus the training to 50% on technical and 50% on other skills like critical thinking, writing, leadership and collaboration.

Agency collaboration

The second initiative to drive the culture change is to create a partnership with the agency’s chief information officer’s office.

Webbers said the CIO’s office must give its final “blessing” before the bot can launch, the office has provided acquisition and financial with liaisons to help work through the documentation and security processes.

“We have a process in place where when we have ideas, we, through an intake form, submit them to the CIO and they get reviewed. There’s an IT advisory board that makes recommendations for how to move forward,” she said. “If we don’t have the capacity or the funding to move forward, the CIO’s office helps to prioritize the RPA investments.”

Across procurement and financial, the IRS has implemented a small amount of RPA bots so far, but expect to increase the number over the next year.

“We have other ones that are in the queue right now. In the next six to 12 months we are  focusing on RPA implementation that’s working around data reconciliation and management for our manual adjustments for refunds and deposits, that could save up to 35,000 hours per year,” said Teresa Hunter, the IRS’s CFO. “There’s a significant opportunity. We are a very paper-based organization. It’s just a matter of our IT organization having the capacity and the funding to keep up with the demand that is going to be coming their way. The CIO has a big job of making sure that we are secure and safe. It’s a balance between having a good relationship with your CIO office and understanding their perspective as well as the needs of the businesses.”

Hunter, like many CFOs, are seeing the value of bots for financial operations.

Teresa Hunter is the CFO at the IRS.

She said she is encouraging the staff to take a new way of looking at how they could do their work, which areas are repetitive and require mundane tasks that somebody had to do that.

“We know it does save time and effort on our staffs’ part,” Hunter said. “As we’re working on the automation, the innovation, the efficiency effort within CFO, we’re also looking at skill sets of our staff and how can we upskill or reskill them? What are the core areas that we want to focus on of making sure our staff are being trained to develop and grow in their role as we move forward with some of these shifts and changes? We aren’t looking to reduce full-time equivalents (FTE), but we’re looking at being able to be more analytical in our decision making and how we are approaching the work that we have to do so that we can be more successful and how we’re making decisions, how we’re coming to conclusions, and really getting ahead of any type of like audit issues or anything like that, where we’re really understanding our data and our workforce is really growing and developing along that path that would get us to the future of finance and the skill sets that are going to be required for people in a CFO organization.”

Relying on the innovation team

For both Hunter and Webbers, the continued move toward automation and using bots will be a balance of enthusiasm from the early adopters and managing those who remain cautious about it.

“One of the things that I believe helped us in that was just being open to hearing what they have to say about using bots. Every viewpoint was critically important to understanding the risk that may be associated with using a robotic process automation on a process that we had not proven out. So trying to take all of that input, letting them know that their input was important and mitigating the particular risks or accepting those risks, or coming up with a different approach to eliminate the risk, was our approach,” Webbers said. “At the end of the day, because I was in charge, I said, ‘Okay, let’s do it, we’re going to try and see.’ Fortunately, it worked out really well, and I think that those instances where we got those quick wins was important for people to gain confidence.”

She said the IRS looks back at every RPA implementation to create lessons learned and figure out where they can improve upon the process for next time.

Hunter added the CFO’s office created an innovation team to which employees can submit ideas for how to automate or improve a process.

“What I wanted to do was make folks a part of the process, where, I’ll steal a quote from procurement, can you tell me what you hate so that I can make you love it?” she said. “What are those opportunities that you just dislike doing every day? Let’s take a look at it because maybe there’s opportunity to do the work in a different way or automated it or whatever the solution may be, but there’s got to be an answer. We’ve focused on that as well as the change management portion of it as we’re thinking about how we’re looking at our work products. It’s really the mindset of how can a bot help me in my day-to-day life?”

]]>
https://federalnewsnetwork.com/ask-the-cio/2022/05/irs-quick-wins-by-procurement-finance-demonstrate-power-value-of-rpa/feed/ 0
Former deputy federal CIO Roat leaned on her relationships to achieve results https://federalnewsnetwork.com/ask-the-cio/2022/05/former-deputy-federal-cio-roat-leaned-on-her-relationships-to-achieve-results/ https://federalnewsnetwork.com/ask-the-cio/2022/05/former-deputy-federal-cio-roat-leaned-on-her-relationships-to-achieve-results/#respond Mon, 09 May 2022 15:01:34 +0000 https://federalnewsnetwork.com/?p=4049066 var config_4049192 = {"options":{"theme":"hbidc_default"},"extensions":{"Playlist":[]},"episode":{"media":{"mp3":"https:\/\/dts.podtrac.com\/redirect.mp3\/pdst.fm\/e\/chrt.fm\/track\/E2G895\/aw.noxsolutions.com\/launchpod\/adswizz\/1128\/050522_askcioombroatexit_web_jmp8_24f5d6d7.mp3?awCollectionId=1128&awEpisodeId=a3bde83f-2c1c-4f4a-b309-242024f5d6d7&awNetwork=322"},"coverUrl":"https:\/\/federalnewsnetwork.com\/wp-content\/uploads\/2018\/12\/AsktheCIO1500-150x150.jpg","title":"Former deputy federal CIO Roat leaned on her relationships to achieve results","description":"[hbidcpodcast podcastid='4049192']nnBefore Maria Roat retired at the end of March, she made sure one important initiative was well on its way.nnThe <a href="https:\/\/federalnewsnetwork.com\/cio-news\/2022\/01\/deputy-federal-cio-roat-to-retire\/">former deputy federal chief information officer<\/a> said the effort to create shared calendar and collaboration tools across all agencies is on the right track.nn\u201cWhen you talk about changing federal IT, we have to continue that work around interagency collaboration and communication. We have to keep in mind the federal enterprise, but also really getting things out of the way around data, using each other's data, to make things better for the public. That's ultimately about what we're doing,\u201d Roat said on <a href="https:\/\/federalnewsnetwork.com\/category\/radio-interviews\/ask-the-cio\/">Ask the CIO<\/a>.nn[caption id="attachment_3516327" align="alignright" width="300"]<img class="size-medium wp-image-3516327" src="https:\/\/federalnewsnetwork.com\/wp-content\/uploads\/2021\/06\/maria-roat-300x205.jpg" alt="" width="300" height="205" \/> Maria Roat retired in March after 41 years of federal service, including the last two as the deputy federal CIO.[\/caption]nnThis is why the next federal deputy CIO needs not only to pick up this collaboration initiative and others, including modernizing the IT workforce, but also establish strong connections and understandings on the budget side and with agency CIOs. The Office of Management and Budget named Drew Myklegard as the acting deputy federal CIO when Roat retired in March and is reviewing resumes for a permanent deputy federal CIO after putting out the <a href="https:\/\/www.usajobs.gov\/job\/642931200">job announcement<\/a> in mid March.nn\u201cWhoever's coming in, really needs to pay attention to the budget cycle. It's not moving the needle for just next year, it's moving the needle for the out years, when you're thinking through budget,\u201d said Roat, who became the deputy federal CIO <a href="https:\/\/federalnewsnetwork.com\/cio-news\/2020\/05\/its-official-roat-is-the-new-deputy-federal-cio\/">in 2020<\/a>. \u201cI would also tell whoever's coming in to really build out the relationship with OMB, the desk officers in the Office of the Federal CIO. Their relationships with the agencies is so important, not just the desk officers, but for the deputy, whoever comes in to build the relationship across the federal community. I think that's really important to stay connected and stay in touch with them. It's about working on the relationships, have those relationships with the CIOs and keep in touch with them. I always had half of them on speed dial. I was texting them and things like that because the community is so strong and it is so connected, and certainly I could not be successful without having the relationships with the CIOs.\u201dn<h2>Collaboration tools from pilot to production<\/h2>nThose relationships are how Roat was able to move the collaboration tools from idea to pilot. Today, the General Services Administration is leading the effort with a program management office stood up in October. It is working with agencies to implement the broad set of calendar and chat capabilities.nnOMB oversaw the <a href="https:\/\/federalnewsnetwork.com\/it-modernization\/2021\/11\/governmentwide-chat-calendar-collaboration-tools-coming-in-2022\/">nine-month pilot<\/a> effort with four agencies, the National Science Foundation, the Small Business Administration, NASA and the Education Department, in 2021 to prove out the value of this interagency collaboration capability.nnRoat said in February at an FCW event that the PMO has a scorecard keeping track of the progress through weekly meetings.nn\u201cThe technical part is really easy around interagency collaboration. Right now, agencies are already working on their white lists so they can chat and share calendars with other agencies,\u201d she said. \u201cThere was a lot of discussion out of the pilot that they needed a memorandum of understanding to talk to another agency. But it makes no sense to do a MOU with 30 different agencies so how about if we just do one? So we are working on that.\u201dnnRoat said this initial effort is a baby step of a much larger project that would let agencies collaborate, share data and information.nn\u201cThis is one little thing that I think is hugely impactful,\u201d she said. \u201cI love what the Defense Department\u2019s done using Office 365 and opening that up. On the federal civilian side, this is where we are heading, not just for Microsoft. We know we have other collaboration capabilities, whether it\u2019s Google or pick your tool. We\u2019ve got testing on with calendar sharing between Microsoft and Google. It\u2019s much more than that. It\u2019s much more than just the technology. We are looking holistically at what are the policies and things that need to be addressed because people always ask questions about FOIA and things like that. This is much bigger that just doing chat and calendar sharing. This is the first baby step into a much bigger vision of having broad interagency capabilities around collaboration across the federal government.\u201dn<h2>Too many workforce initiatives<\/h2>nThe other big initiative the next federal deputy CIO should consider is consolidating the IT and cyber workforce initiatives.nnRoat said there are too many disparate initiatives whether at the CIO Council or from the Cybersecurity and Infrastructure Security Agency or from the U.S. Digital Service in OMB.nn\u201cI always thought that if there was a federalwide IT and cyber workforce strategic plan that brought a lot of this together, that incorporated recruiting, marketing, not just USAJobs or LinkedIn, but true marketing like the way DoD recruits for the military,\u201d she said. \u201cIt would require agencies to be part of the strategic workforce plan to convert some of the higher graded GS-14 or -15 positions, turn them into career ladders for GS-5, -7, -9 grades or -7, -9, -11, -12 grades. It would bring in digital native high school and college students at the beginning of their careers and put them in a career ladder. While they're digital natives, you have got to teach and train them. But you could trade in two GS-15 positions in and with that money get three or four GS-5, -7, -9 levels.\u201dnnRoat pointed to the data from OMB in the <a href="https:\/\/federalnewsnetwork.com\/budget\/2022\/03\/for-feds-white-house-2023-budget-request-is-more-than-just-the-4-6-pay-raise\/">2023 budget request<\/a> that showed federal IT workers under 30 make up about 3.5% of the total workforce, while the number of workers under 30 years old is 8.1% across the entire federal government.nnThe White House is trying to address the low rate of young people by encouraging agencies to hire more interns. Agencies say they plan to hire 35,000 interns in 2023, which the administration said will be an increase over 2022 plans.nn\u201cHow do they grow their career when they they're a 30-year-old who has been working in government for a few years?\u201d Roat said. \u201cCan they move around inside the government or do they go back to the private sector? I think that's about having that career path and being able to do something. I think it's great to bring people into the federal government and infusing a lot of that talent in agencies. But we can't forget about growing people in the government, who maybe like myself or others really love what they do and maybe want to stay and not jump back and forth with the private sector.\u201dnnRoat\u2019s federal career started in the Navy as a 17-year-old working in a computer tape library. She continued to advance by working on mainframes and getting into operations and networking. She then rose through the ranks working at the Department of Homeland Security, later became the Transportation Department\u2019s chief technology officer, and eventually she launched the Federal Risk Authorization Management (FedRAMP) cloud security program. All those experiences led her to be the CIO at the Small Business Administration and, finally, the deputy federal CIO.nn\u201cI don't know that I've had the same job twice. It's always been different. In my career, I\u2019ve certainly zigzagged and I think that's what allowed me to get to where I am, just having the exposure to so many different roles and so many jobs, and not always technical,\u201d she said. \u201cI\u2019ve always just did a lot of different things and I really think that helped me to get to where I am today. And being curious, certainly, and moving around and learning and staying on top of technology as technology changed.\u201d"}};

Before Maria Roat retired at the end of March, she made sure one important initiative was well on its way.

The former deputy federal chief information officer said the effort to create shared calendar and collaboration tools across all agencies is on the right track.

“When you talk about changing federal IT, we have to continue that work around interagency collaboration and communication. We have to keep in mind the federal enterprise, but also really getting things out of the way around data, using each other’s data, to make things better for the public. That’s ultimately about what we’re doing,” Roat said on Ask the CIO.

Maria Roat retired in March after 41 years of federal service, including the last two as the deputy federal CIO.

This is why the next federal deputy CIO needs not only to pick up this collaboration initiative and others, including modernizing the IT workforce, but also establish strong connections and understandings on the budget side and with agency CIOs. The Office of Management and Budget named Drew Myklegard as the acting deputy federal CIO when Roat retired in March and is reviewing resumes for a permanent deputy federal CIO after putting out the job announcement in mid March.

“Whoever’s coming in, really needs to pay attention to the budget cycle. It’s not moving the needle for just next year, it’s moving the needle for the out years, when you’re thinking through budget,” said Roat, who became the deputy federal CIO in 2020. “I would also tell whoever’s coming in to really build out the relationship with OMB, the desk officers in the Office of the Federal CIO. Their relationships with the agencies is so important, not just the desk officers, but for the deputy, whoever comes in to build the relationship across the federal community. I think that’s really important to stay connected and stay in touch with them. It’s about working on the relationships, have those relationships with the CIOs and keep in touch with them. I always had half of them on speed dial. I was texting them and things like that because the community is so strong and it is so connected, and certainly I could not be successful without having the relationships with the CIOs.”

Collaboration tools from pilot to production

Those relationships are how Roat was able to move the collaboration tools from idea to pilot. Today, the General Services Administration is leading the effort with a program management office stood up in October. It is working with agencies to implement the broad set of calendar and chat capabilities.

OMB oversaw the nine-month pilot effort with four agencies, the National Science Foundation, the Small Business Administration, NASA and the Education Department, in 2021 to prove out the value of this interagency collaboration capability.

Roat said in February at an FCW event that the PMO has a scorecard keeping track of the progress through weekly meetings.

“The technical part is really easy around interagency collaboration. Right now, agencies are already working on their white lists so they can chat and share calendars with other agencies,” she said. “There was a lot of discussion out of the pilot that they needed a memorandum of understanding to talk to another agency. But it makes no sense to do a MOU with 30 different agencies so how about if we just do one? So we are working on that.”

Roat said this initial effort is a baby step of a much larger project that would let agencies collaborate, share data and information.

“This is one little thing that I think is hugely impactful,” she said. “I love what the Defense Department’s done using Office 365 and opening that up. On the federal civilian side, this is where we are heading, not just for Microsoft. We know we have other collaboration capabilities, whether it’s Google or pick your tool. We’ve got testing on with calendar sharing between Microsoft and Google. It’s much more than that. It’s much more than just the technology. We are looking holistically at what are the policies and things that need to be addressed because people always ask questions about FOIA and things like that. This is much bigger that just doing chat and calendar sharing. This is the first baby step into a much bigger vision of having broad interagency capabilities around collaboration across the federal government.”

Too many workforce initiatives

The other big initiative the next federal deputy CIO should consider is consolidating the IT and cyber workforce initiatives.

Roat said there are too many disparate initiatives whether at the CIO Council or from the Cybersecurity and Infrastructure Security Agency or from the U.S. Digital Service in OMB.

“I always thought that if there was a federalwide IT and cyber workforce strategic plan that brought a lot of this together, that incorporated recruiting, marketing, not just USAJobs or LinkedIn, but true marketing like the way DoD recruits for the military,” she said. “It would require agencies to be part of the strategic workforce plan to convert some of the higher graded GS-14 or -15 positions, turn them into career ladders for GS-5, -7, -9 grades or -7, -9, -11, -12 grades. It would bring in digital native high school and college students at the beginning of their careers and put them in a career ladder. While they’re digital natives, you have got to teach and train them. But you could trade in two GS-15 positions in and with that money get three or four GS-5, -7, -9 levels.”

Roat pointed to the data from OMB in the 2023 budget request that showed federal IT workers under 30 make up about 3.5% of the total workforce, while the number of workers under 30 years old is 8.1% across the entire federal government.

The White House is trying to address the low rate of young people by encouraging agencies to hire more interns. Agencies say they plan to hire 35,000 interns in 2023, which the administration said will be an increase over 2022 plans.

“How do they grow their career when they they’re a 30-year-old who has been working in government for a few years?” Roat said. “Can they move around inside the government or do they go back to the private sector? I think that’s about having that career path and being able to do something. I think it’s great to bring people into the federal government and infusing a lot of that talent in agencies. But we can’t forget about growing people in the government, who maybe like myself or others really love what they do and maybe want to stay and not jump back and forth with the private sector.”

Roat’s federal career started in the Navy as a 17-year-old working in a computer tape library. She continued to advance by working on mainframes and getting into operations and networking. She then rose through the ranks working at the Department of Homeland Security, later became the Transportation Department’s chief technology officer, and eventually she launched the Federal Risk Authorization Management (FedRAMP) cloud security program. All those experiences led her to be the CIO at the Small Business Administration and, finally, the deputy federal CIO.

“I don’t know that I’ve had the same job twice. It’s always been different. In my career, I’ve certainly zigzagged and I think that’s what allowed me to get to where I am, just having the exposure to so many different roles and so many jobs, and not always technical,” she said. “I’ve always just did a lot of different things and I really think that helped me to get to where I am today. And being curious, certainly, and moving around and learning and staying on top of technology as technology changed.”

]]>
https://federalnewsnetwork.com/ask-the-cio/2022/05/former-deputy-federal-cio-roat-leaned-on-her-relationships-to-achieve-results/feed/ 0
With Operation Allies Welcome, DHS reaps benefits of ‘as a service’ model https://federalnewsnetwork.com/cme-event/federal-insights/ask-the-cio-department-of-homeland-security/ Wed, 04 May 2022 16:02:28 +0000 https://federalnewsnetwork.com/?post_type=cme-event&p=4043298 Date: On demand
Duration: 1 hour
Cost: 
No Fee

Description:

In August, the White House laid a monumental task on the the Homeland Security Department. Through Operation Allies Welcome, President Joe Biden charged DHS to lead and coordinate ongoing efforts across the federal government to resettle Afghans in the United States.

DHS took over the program from the State Department, which led the effort to transition Afghan nationals to the U.S. The interagency initiative found success vetting and settling more than 80,000 evacuees, in part through the use of a technology approach that could be updated and developed on the fly.

“This work that was really largely DHS, State and the Defense Department, along with many other agencies that played a role required us to stand up a new processes in almost real time,” said Eric Hysen, DHS chief information officer, on Ask the CIO. “There were areas where we couldn’t go through a normal IT development cycle to build software to support them. We were able to leverage some platform as a service tools to stand something up very quickly. That really enabled and accelerated that work. I was thrilled to see that.”

DHS took over the platform from State and put the development into what Hysen called “hyperdrive.” He said the “as a service” model that State initially used meant DHS stepped right in and didn’t miss a beat.

The cloud approach “also required us to rethink our governance of some of these platforms and our as a service offerings. They enable work that gets much, much closer to this ideal of citizen development or whatever term you want to call it,” Hysen said. “But it’s also important for us to be mindful of how we are governing and overseeing that work, how we are ensuring that we are still rigorously testing and understanding what functionality we are putting out there.”

Additionally, he said it led the team working on the program to think about what DHS’ long-term dependency on various platforms and offerings might be over time and how it can think avoid lock-in scenarios. ” It’s an area that I think will only become more and more important,” Hysen added.

Three Homeland Security priorities drive technology change

In the 15 months since he became Homeland Security CIO, Hysen, who previously was executive director of digital service, has been focusing on three priorities: cybersecurity, customer experience and using data to drive decisions.

Each of these priorities is about the continued maturation of technology and services to support DHS mission areas, which Hysen said  has been one of the biggest, but also most pleasing, surprises that he experienced in coming back to the agency.

Most recently, DHS completed the first bug bounty program, during which vetted cyber researchers helped find vulnerabilities in key agency systems. Hysen said 450, researchers participated, finding 122 vulnerabilities, including 27 deemed critical, across five departmentwide systems. DHS paid over $125,000 in bounties to those researchers.

“This is something that has made a demonstrable improvement in security across the network and across the department,” he said. “The initial phase where we were collecting information from researchers was, I think, just under two months. So really the pace that we found these was just much more than we were expecting. The value we got out of this was so significant. Then our teams were hard at work as soon as we were getting things confirmed and working to remediate them as quickly as we could.”

The success of the bug bounty program led DHS to issue a new draft solicitation at the end of April to expand the effort.

“We’re still working out the exact schedule, but it’s something that we want to be a regular occurrence, given what we saw,” he said. “We’re looking at different parts of the department, different critical systems and also , in some cases, even introducing in person elements to this as we think about interacting with the operational technology environments as well.”

Improving internal and external customer experience

Under the customer experience priority, DHS is taking a multi-pronged approach.

Hysen partnered with Stacy Marcott, who is performing the duties of the chief financial officer, on proposals to win funding from the Technology Modernization Fund (TMF). The two offices brought together different component business cases to create one agencywide proposal for the Southwest border and won $50 million.

“Our Southwest border technology integration program is not just Customs and Border Protection, actually, it also includes work at Immigration and Customs Enforcement and U.S. Citizenship and Immigration Services. We did that deliberately. Each of them had their own projects that they wanted to seek TMF funding for, and we said we’re not going to do that. We’re going to put them all together. It caused a lot of learning across our teams,” he said. “Ultimately, it allowed us and forced us to really think about how we were working together across our organizations and agencies to deliver on the same mission.”

Although DHS hasn’t received any of the $50 million award yet, Hysen said DHS expects to shortly and it will help accelerate the connection among disparate systems, improve cross-agency collaboration and support data-driven decision-making.

New DHS-wide steering committee

Even without the additional funding, Hysen said CBP, ICE and USCIS are making progress. For instance, almost three-quarters of all Title 8 immigration encounters are signed digitally by Border Patrol agents and almost three-quarters of those as well are transferred digitally and reviewed digitally by ICE, which means that people are spending less time in custody and moving through the system more efficiently, he said.

“Our border patrol agents and our other law enforcement officers are spending less time working through systems and signing paperwork and more time out in the field doing their jobs,” Hysen said. “That’s been incredibly exciting and rewarding work so far, and we have a ways to go. That will only intensify over the coming months.”

DHS also is awaiting word from the TMF Board about several other proposals, including one focused on modernizing the Homeland Security Information Network (HSIN) to further develop a mobile application that lets state and local law enforcement partners access intelligence from DHS on their iPhones and soon on their Android devices. A second proposal would to help the Transportation Security Administration modernize the traveler experience through smarter use of technology.

On the external customer experience side, Hysen said, DHS has several ongoing initiatives, but isn’t trying to take a one-size-fits-all approach given the breadth and depth of its customer base.

“We’ve launched a Customer Experience Steering Committee across the department that Deputy Secretary John Tien kicked off for us. That brings senior operational and IT leaders from each of our operating components together,” he said. “I’ve established a team under my office that’s grown out of the great work that the U.S. Digital Service has been doing at DHS, since I was last here, to drive this forward and provide resources to all of our all of our organizations.”

As an example, he pointed to the Federal Emergency Management Agency. It is rebuilding its individual disaster assistance experience so that it is faster for people to get support from the government to rebuild following disasters.  The goal is to make it easier for FEMA to provide citizens information that they need, Hysen said, adding “that it’s more equitable and that we are ensuring that what we’re asking for is equally accessible to all of our all of our customers.”

DHS looks to reduce burden on citizens in additional ways

In another effort, TSA and DHS in April announced a partnership with Apple to roll out mobile driver’s licenses on the iPhone’s Apple wallet feature. Right now, DHS and Apple are testing this concept in Arizona.

“We’re excited to see that expand more broadly,” Hysen said. “Then, we also are looking at ways that we can use biometrics so that you’re not handing over a document, you’re not touching your phones or anything. Your face can be your identity in a responsible private, respectful way from curb to gate at the airport which is something that Delta and TSA are working to pilot in a few airports right now.”

Finally, DHS also is looking internally to reduce the burden on its citizens by addressing challenges under the Paperwork Reduction Act. The department found it puts 190 million hours of administrative burden on the public every year, Hysen said.

“I just signed a challenge to our departments to say that by the middle of next year, we want to cut that number by 20 million hours,” he said. “All of our agencies across DHS are now working to look at how we can use technology, how we can use human-centered design and how we can really use just smart policy process practices to significantly reduce the burden that we place on the public in the form of paperwork. … It’ll be the first time that number goes down instead of up, which is really, really the intent of that effort.”

Learning objectives:

  • IT progress at DHS
  • Cybersecurity initiatives
  • TMF support at DHS
  • Examining customer experience and workforce
  • Industry analysis

In partnership with   

Complimentary Registration
Please register using the form on this page or call (202) 895-5023.

]]>
Federal CIO Martorana says agencies adjusting to TMF 2.0 model https://federalnewsnetwork.com/ask-the-cio/2022/05/federal-cio-martorana-says-agencies-adjusting-to-tmf-2-0-model/ https://federalnewsnetwork.com/ask-the-cio/2022/05/federal-cio-martorana-says-agencies-adjusting-to-tmf-2-0-model/#respond Mon, 02 May 2022 13:59:52 +0000 https://federalnewsnetwork.com/?p=4039071 var config_4039142 = {"options":{"theme":"hbidc_default"},"extensions":{"Playlist":[]},"episode":{"media":{"mp3":"https:\/\/dts.podtrac.com\/redirect.mp3\/pdst.fm\/e\/chrt.fm\/track\/E2G895\/aw.noxsolutions.com\/launchpod\/adswizz\/1128\/042822_askcioombgsatmfafermrisk_w_f7dr_c3916a02.mp3?awCollectionId=1128&awEpisodeId=e56c1af3-006f-4f4c-a4c3-8a01c3916a02&awNetwork=322"},"coverUrl":"https:\/\/federalnewsnetwork.com\/wp-content\/uploads\/2018\/12\/AsktheCIO1500-150x150.jpg","title":"Federal CIO Martorana says agencies adjusting to TMF 2.0 model","description":"[hbidcpodcast podcastid='4039142']nnDon\u2019t call the $10.5 million infusion of funding the Department of Veterans Affairs received to modernize its identity management platform an "award" or a "loan."nnFederal Chief Information Officer Clare Martorana prefers to call it an "investment" by the Technology Modernization Fund Board.\u00a0Martorana said the TMF Board is making an investment in VA to help veterans have seamless and secure access to digital services and benefits.nn[caption id="attachment_2244172" align="alignright" width="300"]<img class="size-medium wp-image-2244172" src="https:\/\/federalnewsnetwork.com\/wp-content\/uploads\/2019\/02\/clare-martorana-linkedin-300x232.jpg" alt="" width="300" height="232" \/> Clare Martorana is the federal chief information officer.[\/caption]nn\u201cWe are used to simple and seamless interactions in our personal lives. I can log into Grubhub or I can do multiple things and utilize some of the technology available on my devices to have a simple experience. It isn't that way in a lot of federal enterprises. We can't transit from agency to agency and have that same identity move with us,\u201d Martorana said on <a href="https:\/\/federalnewsnetwork.com\/category\/radio-interviews\/ask-the-cio\/">Ask the CIO<\/a>. \u201cPart of the opportunity is in agencies that have multiple identity systems, making those seamless, safe and secure. We know that we can then build on those lessons learned and actually start to have them help us as we transit across agencies.\u201dnnThis is why the TMF has evolved from a \u201cloan\u201d or an \u201caward\u201d to that investment, especially given the $1 billion it received under the American Rescue Act Plan in 2021.nnRaylene Yung, the executive director of the TMF program management office at the General Services Administration, said an investment like the one in VA is as much about modernizing an agency\u2019s services as it is demonstrating the power of shared services across government.nn\u201cThe first part of it is really building out that shared service, making sure that it works and can scale. That's a great example of login.gov, which actually is used by over 40 million users across a few dozen federal agencies,\u201d she said. \u201cThen there's that other side of the agency adoption of a shared service and that's a great example of what the VA is doing. You have the two sides of the coin, and together through developing the shared service and then agencies adopting the shared service, that's when you really get that governmentwide benefit. You can kind of have that build once and use many leverage that you get out of every taxpayer dollar that goes into both sides.\u201dnnThrough the TMF investment, VA will move away from a fragmented identity and access management approach for veterans and their care givers. VA will use the TMF to implement Login.gov as a single, modern and easy to use sign-in service.nn\u201c[T]his project will support the seamless transition of existing users to Login.gov. Second, VA will create an in-person identity verification option for veterans unable to sign up online. Finally, VA will pilot physical security keys for multi-factor authentication to improve accessibility and make digital services more secure,\u201d the <a href="https:\/\/tmf.cio.gov\/projects\/#veteran-identity-modernization" target="_blank" rel="noopener">TMF website<\/a> stated. \u201cThis investment will not only improve the experience of veterans accessing VA benefits and services, but also reduce VA costs and the risk of fraud.\u201dn<h2>Ninth award under TMF since September<\/h2>nThe award to VA is the TMF Board\u2019s ninth award to seven agencies from that $1 billion windfall. The board made <a href="https:\/\/federalnewsnetwork.com\/it-modernization\/2021\/09\/5-agencies-win-311m-to-modernize-it-cybersecurity\/">six awards totaling $311 million<\/a> to four agencies in September, and then <a href="https:\/\/federalnewsnetwork.com\/it-modernization\/2022\/03\/two-small-agencies-win-awards-from-technology-modernization-fund-board\/">made two others<\/a> totaling another $9 million.nnYung said the board received 130 proposals from 60 agencies and components totaling over $2.5 billion demonstrating a huge demand to accelerate projects.nnThe influx of proposals were both good and bad for the board.nnOn the good side, Yung said the board continually evolves its processes and is hiring more staff to help agencies be more successful with their submissions.nnThe program management office now includes more than 15 employees and more are on the way. Yung said her office now offers more experience and expertise in building technology systems, user research and design, and, of course, cybersecurity.nn\u201cWe're continuously learning from engaging with agencies, the new proposals that we read and the new investments that we make. This unprecedented influx of proposals really taught us a lot more about what agencies are seeking to do, which then informed our criteria, our guidance and all of that,\u201d Yung said. \u201cWe really do have this emphasis on not just the older proposals that may have focused on the technology modernization itself, saying we're going to take that system from the old one to the new one. I think now what we're really thinking and really asking agencies to show is what is that end user impact? It's not just about the technical system improving, but it's what does that achieve? How does the public's experience with government meaningfully improve?\u201dn<h2>Money moving slowly<\/h2>nBut on the bad side, the proposal submissions were not always up to par causing some delays in getting the money out the door, which, in turn, is <a href="https:\/\/federalnewsnetwork.com\/reporters-notebook-jason-miller\/2022\/03\/in-a-reversal-of-roles-congress-tells-the-tmf-to-show-me-the-money\/">frustrating lawmakers<\/a> and agency leaders.nnMartorana said when the Office of Management and Budget issued new TMF guidance in May that changed the repayment requirements, the quality of proposals declined.nn\u201cWe went from a 1.0 model that was in existence for three-and-a-half years and did those 11 investments to a 2.0 model. Our 2.0 model puts technologists at the front end of the investment review process and partnering with the board. The technologists are ensuring that these proposals are really worthy from a technical perspective of the investment that they're going in the right strategic direction, that they're utilizing best practices, that the teams are capable of actually delivering, that they have acquisition vehicles in place and all of the fundamentals that are needed for an investment, not only to get up and running, but to be capable of delivering the impact for the mission or for the customers,\u201d she said. \u201cWe've really been able to see agencies making some internal investments, like doing a minimum viable product, doing some rapid prototyping, then coming to us and saying, \u2018we have these key learnings now we need to actually accelerate our IT modernization.\u2019 That makes it a lot easier for the board to make an investment decision because there's a proven model at an agency.\u201dnnShe added the initial set of projects lacked coordination within agencies.nn\u201cWe had several agencies that submitted component submissions that didn't go through a process with their CIO. We\u2019d call the CIO to ask and they didn't know anything about the proposal,\u201d Martorana said. \u201cThere was a lot of enthusiasm from agencies and from programs in agencies that didn't have that same upfront rigor that a prior TMF proposal went through.\u201dn<h2>More transparency with Congress<\/h2>nThe board\u2019s long timeframe in making the awards or investments hasn\u2019t gone on unnoticed by Congress.nnIn the 2022 omnibus bill, Congress zeroed out the TMF pointing to the more than $700 million remaining in the fund in March before the last three awards.nnMartorana said OMB and the board recognize they need to focus on transparency and accountability to demonstrate the fund\u2019s impact and why continued investment is important.nn\u201cWe put a process in place that we announce in advance of making the investment award. We do stop at the Hill and make sure that our stakeholder partners there are aware of the investment and understand the thesis,\u201d she said. \u201cWe do a lot of work prior to going to the Hill to make sure we're working inside OMB to make sure we don't, we aren't making duplicate investments and are really rigorous in that process because we want to make sure that the TMF funding is a partnership between Congress and the executive branch.\u201dnnShe added OMB also is briefing committees and lawmakers to share insights into the trends they are seeing from agency submissions.nn\u201cIt gives us a really good indication of what some of the demand is, what that pent up demand is across agencies, and then making sure that we are able to think about that as we're going through our normal budgeting and appropriations process,\u201d Martorana said."}};

Don’t call the $10.5 million infusion of funding the Department of Veterans Affairs received to modernize its identity management platform an “award” or a “loan.”

Federal Chief Information Officer Clare Martorana prefers to call it an “investment” by the Technology Modernization Fund Board. Martorana said the TMF Board is making an investment in VA to help veterans have seamless and secure access to digital services and benefits.

Clare Martorana is the federal chief information officer.

“We are used to simple and seamless interactions in our personal lives. I can log into Grubhub or I can do multiple things and utilize some of the technology available on my devices to have a simple experience. It isn’t that way in a lot of federal enterprises. We can’t transit from agency to agency and have that same identity move with us,” Martorana said on Ask the CIO. “Part of the opportunity is in agencies that have multiple identity systems, making those seamless, safe and secure. We know that we can then build on those lessons learned and actually start to have them help us as we transit across agencies.”

This is why the TMF has evolved from a “loan” or an “award” to that investment, especially given the $1 billion it received under the American Rescue Act Plan in 2021.

Raylene Yung, the executive director of the TMF program management office at the General Services Administration, said an investment like the one in VA is as much about modernizing an agency’s services as it is demonstrating the power of shared services across government.

“The first part of it is really building out that shared service, making sure that it works and can scale. That’s a great example of login.gov, which actually is used by over 40 million users across a few dozen federal agencies,” she said. “Then there’s that other side of the agency adoption of a shared service and that’s a great example of what the VA is doing. You have the two sides of the coin, and together through developing the shared service and then agencies adopting the shared service, that’s when you really get that governmentwide benefit. You can kind of have that build once and use many leverage that you get out of every taxpayer dollar that goes into both sides.”

Through the TMF investment, VA will move away from a fragmented identity and access management approach for veterans and their care givers. VA will use the TMF to implement Login.gov as a single, modern and easy to use sign-in service.

“[T]his project will support the seamless transition of existing users to Login.gov. Second, VA will create an in-person identity verification option for veterans unable to sign up online. Finally, VA will pilot physical security keys for multi-factor authentication to improve accessibility and make digital services more secure,” the TMF website stated. “This investment will not only improve the experience of veterans accessing VA benefits and services, but also reduce VA costs and the risk of fraud.”

Ninth award under TMF since September

The award to VA is the TMF Board’s ninth award to seven agencies from that $1 billion windfall. The board made six awards totaling $311 million to four agencies in September, and then made two others totaling another $9 million.

Yung said the board received 130 proposals from 60 agencies and components totaling over $2.5 billion demonstrating a huge demand to accelerate projects.

The influx of proposals were both good and bad for the board.

On the good side, Yung said the board continually evolves its processes and is hiring more staff to help agencies be more successful with their submissions.

The program management office now includes more than 15 employees and more are on the way. Yung said her office now offers more experience and expertise in building technology systems, user research and design, and, of course, cybersecurity.

“We’re continuously learning from engaging with agencies, the new proposals that we read and the new investments that we make. This unprecedented influx of proposals really taught us a lot more about what agencies are seeking to do, which then informed our criteria, our guidance and all of that,” Yung said. “We really do have this emphasis on not just the older proposals that may have focused on the technology modernization itself, saying we’re going to take that system from the old one to the new one. I think now what we’re really thinking and really asking agencies to show is what is that end user impact? It’s not just about the technical system improving, but it’s what does that achieve? How does the public’s experience with government meaningfully improve?”

Money moving slowly

But on the bad side, the proposal submissions were not always up to par causing some delays in getting the money out the door, which, in turn, is frustrating lawmakers and agency leaders.

Martorana said when the Office of Management and Budget issued new TMF guidance in May that changed the repayment requirements, the quality of proposals declined.

“We went from a 1.0 model that was in existence for three-and-a-half years and did those 11 investments to a 2.0 model. Our 2.0 model puts technologists at the front end of the investment review process and partnering with the board. The technologists are ensuring that these proposals are really worthy from a technical perspective of the investment that they’re going in the right strategic direction, that they’re utilizing best practices, that the teams are capable of actually delivering, that they have acquisition vehicles in place and all of the fundamentals that are needed for an investment, not only to get up and running, but to be capable of delivering the impact for the mission or for the customers,” she said. “We’ve really been able to see agencies making some internal investments, like doing a minimum viable product, doing some rapid prototyping, then coming to us and saying, ‘we have these key learnings now we need to actually accelerate our IT modernization.’ That makes it a lot easier for the board to make an investment decision because there’s a proven model at an agency.”

She added the initial set of projects lacked coordination within agencies.

“We had several agencies that submitted component submissions that didn’t go through a process with their CIO. We’d call the CIO to ask and they didn’t know anything about the proposal,” Martorana said. “There was a lot of enthusiasm from agencies and from programs in agencies that didn’t have that same upfront rigor that a prior TMF proposal went through.”

More transparency with Congress

The board’s long timeframe in making the awards or investments hasn’t gone on unnoticed by Congress.

In the 2022 omnibus bill, Congress zeroed out the TMF pointing to the more than $700 million remaining in the fund in March before the last three awards.

Martorana said OMB and the board recognize they need to focus on transparency and accountability to demonstrate the fund’s impact and why continued investment is important.

“We put a process in place that we announce in advance of making the investment award. We do stop at the Hill and make sure that our stakeholder partners there are aware of the investment and understand the thesis,” she said. “We do a lot of work prior to going to the Hill to make sure we’re working inside OMB to make sure we don’t, we aren’t making duplicate investments and are really rigorous in that process because we want to make sure that the TMF funding is a partnership between Congress and the executive branch.”

She added OMB also is briefing committees and lawmakers to share insights into the trends they are seeing from agency submissions.

“It gives us a really good indication of what some of the demand is, what that pent up demand is across agencies, and then making sure that we are able to think about that as we’re going through our normal budgeting and appropriations process,” Martorana said.

]]>
https://federalnewsnetwork.com/ask-the-cio/2022/05/federal-cio-martorana-says-agencies-adjusting-to-tmf-2-0-model/feed/ 0
DISA’s milCloud replacement is open for business https://federalnewsnetwork.com/ask-the-cio/2022/04/disas-milcloud-replacement-is-open-for-business/ https://federalnewsnetwork.com/ask-the-cio/2022/04/disas-milcloud-replacement-is-open-for-business/#respond Fri, 22 Apr 2022 16:06:31 +0000 https://federalnewsnetwork.com/?p=4022146 var config_4022244 = {"options":{"theme":"hbidc_default"},"extensions":{"Playlist":[]},"episode":{"media":{"mp3":"https:\/\/dts.podtrac.com\/redirect.mp3\/pdst.fm\/e\/chrt.fm\/track\/E2G895\/aw.noxsolutions.com\/launchpod\/adswizz\/1128\/042122_askciodisawoods_web_6jky_cd91b3b7.mp3?awCollectionId=1128&awEpisodeId=01382c52-f3f3-4a6d-b541-c40fcd91b3b7&awNetwork=322"},"coverUrl":"https:\/\/federalnewsnetwork.com\/wp-content\/uploads\/2018\/12\/AsktheCIO1500-150x150.jpg","title":"DISA\u2019s milCloud replacement is open for business","description":"[hbidcpodcast podcastid='4022244']nn<em>Best listening experience is on Chrome, Firefox or Safari. Subscribe to Ask the CIO on <\/em><a href="https:\/\/itunes.apple.com\/us\/podcast\/federal-drive-with-tom-temin\/id1270799277?mt=2"><em><span style="color: #0070c0;">Apple Podcast<\/span><\/em><span style="color: #0070c0;">s<\/span><\/a><em>\u00a0or\u00a0<a href="https:\/\/www.podcastone.com\/federal-drive-with-tom-temin?pid=1753589">PodcastOne<\/a>.<\/em>nnWhen the Defense Information Systems Agency decided to end its milCloud offering, it didn\u2019t mean the end of on-premise cloud options for its Defense customers.nnDISA is replacing that long-time, possibly underutilized offering with something new called Stratus.nnSharon Woods, the director of Hosting and Compute Center at DISA, said Stratus is taking the best of milCloud and improving it to help military services and defense agencies meet their ever-changing IT modernization needs.nn[caption id="attachment_3738203" align="alignleft" width="300"]<img class="size-medium wp-image-3738203" src="https:\/\/federalnewsnetwork.com\/wp-content\/uploads\/2021\/11\/sharon-woods-2-300x300.jpg" alt="" width="300" height="300" \/> Sharon Woods is the director of the Hosting and Compute Center at DISA.[\/caption]nn\u201cIt's its own offering in its entirety. The idea with any kind of on-premise cloud capabilities that you want it to mirror commercial cloud as much as you can. You want it to be elastic. You want it to be automated. You want it to be self-service, and self-provisioning. I think the self-service component gives control to mission owners so that they can go in there and very quickly spin something up and spin something down. Everyone associates that with commercial cloud,\u201d Woods said on <a href="https:\/\/federalnewsnetwork.com\/category\/radio-interviews\/ask-the-cio\/">Ask the CIO<\/a>. \u201cThe idea with an on-premise cloud is to replicate those characteristics as much as you possibly can, except that the servers are in our data centers because some applications are not ready to operate in commercial cloud. Stratus is this nice in-between step where they can get their applications and workloads more virtualized and operating in a way that can actually consume and use that technology where it's not so tied to the hardware, which often is what happens now that this application only works if you have this very specific piece of hardware.\u201dnnDISA decided to <a href="https:\/\/federalnewsnetwork.com\/defense-main\/2021\/12\/disa-to-let-milcloud-2-0-expire-in-may\/">end the milCloud initiative<\/a> in December after Lt. Gen. Robert Skinner, the director, decided it <a href="https:\/\/federalnewsnetwork.com\/defense-main\/2021\/10\/disa-launches-clean-sheet-budget-review-to-help-advance-new-strategic-priorities\/">no longer made financial<\/a> or operational sense. Users of milCloud 2.0 and 1.0 must move off of the platform by May.nnDISA awarded a contract to CSRA in June 2017 to develop and run the commercial cloud offering. GDIT bought CSRA in April 2018 for $9.7 billion.nnThe milCloud 2.0 contract included a three-year base with five one-year options, and it was worth as much as $498 million. This June would have been the third option period for the program.n<h2>Best value for hybrid cloud<\/h2>nWoods said Stratus will help DISA customers improve how they manage data, particularly around the cost of moving data between on-premise and commercial clouds.nn\u201cStratus lets you say, \u2018OK, this is the dedicated hardware for you, you're going to put your data here so that you know how much it costs and then you will do your transactions accordingly.\u2019 There's a number of use cases or Stratus makes a lot of sense. As mission owners get smarter and smarter and smarter about working in commercial cloud,\u201d she said. \u201cWe're focused on delivering of best value capability. It needs to make sense in terms of how the requirements are met. It needs to make sense in terms of the price. And if it doesn't, then it needs to be sunset, and Stratus is no exception. We'll certainly be managing it and watching it closely. But I do think a hybrid cloud capability is a requirement that exists now and will for a while. And so we have to deliver something and right now Stratus is the capability that we think is best value.\u201dnnStratus is already operational, received its authority to operate (ATO) at the unclassified, classified and secret levels and is open for use by DoD customers.nnWoods said DISA is making Stratus as self-service as users want it to be, meaning they can ask for help or just send money and take care of standing up a virtual machine instance on their own.nnAs for milCloud, Woods said all users must be out of the platform by May 20.nn\u201cWe are involved with every single mission partner that is in the milCloud 2 environment to help them get to whatever target environment they want to get to. It\u2019s all about being an honest broker. We did not push them to go in any particular place. I'd love to see them go to Stratus, but some folks were ready to go to commercial cloud. And we absolutely had a number of mission partners go to commercial cloud or they are going to commercial cloud instead of Stratus,\u201d she said. \u201cAnything and everything that mission partners need to get out of the environment, we are there a phone call away. We're trying to be really aggressive about making sure we're are providing the support and not just hanging back and waiting to see if there's a problem.\u201dn<h2>Two other cloud services<\/h2>nWhile Stratus is their latest initiative, the HACC also has been pursuing <a href="https:\/\/federalnewsnetwork.com\/defense-main\/2022\/03\/dod-cloud-exchange-disas-sharon-woods-on-technicians-of-the-future\/">several other cloud-related efforts<\/a>, including infrastructure-as-code and containers-as-a-service offerings.nnWoods said these and other pilots are part of how the HACC is creating hybrid capabilities that helps customers modernize applications and take advantage of commercial-like technologies.nnIn DISA\u2019s <a href="https:\/\/federalnewsnetwork.com\/reporters-notebook-jason-miller\/2022\/01\/disa-to-industry-resellers-system-integrators-need-not-apply-to-provide-cloud-services\/">strategic plan<\/a> released in December, the HACC received 10 lines of effort across the five broad lines of effort. The HACC released its own action plan to meet those goals.nnWoods said few of their goals focus on automation to enable and accelerator the use of cloud services, whether on-premise or in the commercial sector.nnThe containers-as-a-service and infrastructure-as-code are two examples of how the HACC is doing that.nnWoods called the containers-as-a-service a \u201cbellwether\u201d for their entire cloud strategy.nn\u201cI'm extremely excited about and I'm really proud of the team because one of my mantras is that we need these microsuccesses where you're delivering minimum viable products from ideation to the delivery of an initial prototype in six months or less. That's not necessarily something that people are used to seeing within the federal government,\u201d she said. \u201cBut that's what the HACC is going to be doing. Containers-as-a-service is an example where that is, in fact, what happened. The premise, and why I say it's a bellwether for the HACC strategy, is that it's taking Kubernetes, OpenShift in particular, and rather than deploying it in the cloud, it's deploying it in the traditional data centers.\u201dn<h2>DISA's offering Infrastructure-as-code<\/h2>nShe said DISA customers are deploying web servers as part of the pilot using virtual machines that come secure and ready to be used.nn\u201cBy using a web server that's containerized, we can take the container and can make sure that it's configured as well as it can be. That becomes the thing that you deploy, and if a mission partner has a presence in the cloud as well, you've created a situation where now the technologies are standard and they're able to communicate across each other from data center to commercial cloud,\u201d she said. \u201cWe've given them a capability that gives them a really awesome jumpstart to integrate with commercial cloud services. That started in November as an idea and we've already delivered a prototype. We're working right now to implement it with our first customer.\u201dnnThe infrastructure-as-code effort is a bit further ahead from an operational standpoint.nnThe Army Corps of Engineers already tested it out with the HACC developing an application in a few hours instead of something that may have taken as much as 38 weeks to do previously.nn\u201cIt was automated. It was validated. You start removing some that human error component as well, which just improves security and improves speed to mission and all these things,\u201d Woods said. \u201cThat's what infrastructures code is, these automated pre-configured cloud environments with privileged identity and continuous monitoring security policies around it. We have well over a dozen customers so it is one of the success stories because we took it from ideation to delivery in less than six months. We've had well over a dozen different customers consume it both in a research capacity as well as production.\u201d"}};

Best listening experience is on Chrome, Firefox or Safari. Subscribe to Ask the CIO on Apple Podcasts or PodcastOne.

When the Defense Information Systems Agency decided to end its milCloud offering, it didn’t mean the end of on-premise cloud options for its Defense customers.

DISA is replacing that long-time, possibly underutilized offering with something new called Stratus.

Sharon Woods, the director of Hosting and Compute Center at DISA, said Stratus is taking the best of milCloud and improving it to help military services and defense agencies meet their ever-changing IT modernization needs.

Sharon Woods is the director of the Hosting and Compute Center at DISA.

“It’s its own offering in its entirety. The idea with any kind of on-premise cloud capabilities that you want it to mirror commercial cloud as much as you can. You want it to be elastic. You want it to be automated. You want it to be self-service, and self-provisioning. I think the self-service component gives control to mission owners so that they can go in there and very quickly spin something up and spin something down. Everyone associates that with commercial cloud,” Woods said on Ask the CIO. “The idea with an on-premise cloud is to replicate those characteristics as much as you possibly can, except that the servers are in our data centers because some applications are not ready to operate in commercial cloud. Stratus is this nice in-between step where they can get their applications and workloads more virtualized and operating in a way that can actually consume and use that technology where it’s not so tied to the hardware, which often is what happens now that this application only works if you have this very specific piece of hardware.”

DISA decided to end the milCloud initiative in December after Lt. Gen. Robert Skinner, the director, decided it no longer made financial or operational sense. Users of milCloud 2.0 and 1.0 must move off of the platform by May.

DISA awarded a contract to CSRA in June 2017 to develop and run the commercial cloud offering. GDIT bought CSRA in April 2018 for $9.7 billion.

The milCloud 2.0 contract included a three-year base with five one-year options, and it was worth as much as $498 million. This June would have been the third option period for the program.

Best value for hybrid cloud

Woods said Stratus will help DISA customers improve how they manage data, particularly around the cost of moving data between on-premise and commercial clouds.

“Stratus lets you say, ‘OK, this is the dedicated hardware for you, you’re going to put your data here so that you know how much it costs and then you will do your transactions accordingly.’ There’s a number of use cases or Stratus makes a lot of sense. As mission owners get smarter and smarter and smarter about working in commercial cloud,” she said. “We’re focused on delivering of best value capability. It needs to make sense in terms of how the requirements are met. It needs to make sense in terms of the price. And if it doesn’t, then it needs to be sunset, and Stratus is no exception. We’ll certainly be managing it and watching it closely. But I do think a hybrid cloud capability is a requirement that exists now and will for a while. And so we have to deliver something and right now Stratus is the capability that we think is best value.”

Stratus is already operational, received its authority to operate (ATO) at the unclassified, classified and secret levels and is open for use by DoD customers.

Woods said DISA is making Stratus as self-service as users want it to be, meaning they can ask for help or just send money and take care of standing up a virtual machine instance on their own.

As for milCloud, Woods said all users must be out of the platform by May 20.

“We are involved with every single mission partner that is in the milCloud 2 environment to help them get to whatever target environment they want to get to. It’s all about being an honest broker. We did not push them to go in any particular place. I’d love to see them go to Stratus, but some folks were ready to go to commercial cloud. And we absolutely had a number of mission partners go to commercial cloud or they are going to commercial cloud instead of Stratus,” she said. “Anything and everything that mission partners need to get out of the environment, we are there a phone call away. We’re trying to be really aggressive about making sure we’re are providing the support and not just hanging back and waiting to see if there’s a problem.”

Two other cloud services

While Stratus is their latest initiative, the HACC also has been pursuing several other cloud-related efforts, including infrastructure-as-code and containers-as-a-service offerings.

Woods said these and other pilots are part of how the HACC is creating hybrid capabilities that helps customers modernize applications and take advantage of commercial-like technologies.

In DISA’s strategic plan released in December, the HACC received 10 lines of effort across the five broad lines of effort. The HACC released its own action plan to meet those goals.

Woods said few of their goals focus on automation to enable and accelerator the use of cloud services, whether on-premise or in the commercial sector.

The containers-as-a-service and infrastructure-as-code are two examples of how the HACC is doing that.

Woods called the containers-as-a-service a “bellwether” for their entire cloud strategy.

“I’m extremely excited about and I’m really proud of the team because one of my mantras is that we need these microsuccesses where you’re delivering minimum viable products from ideation to the delivery of an initial prototype in six months or less. That’s not necessarily something that people are used to seeing within the federal government,” she said. “But that’s what the HACC is going to be doing. Containers-as-a-service is an example where that is, in fact, what happened. The premise, and why I say it’s a bellwether for the HACC strategy, is that it’s taking Kubernetes, OpenShift in particular, and rather than deploying it in the cloud, it’s deploying it in the traditional data centers.”

DISA’s offering Infrastructure-as-code

She said DISA customers are deploying web servers as part of the pilot using virtual machines that come secure and ready to be used.

“By using a web server that’s containerized, we can take the container and can make sure that it’s configured as well as it can be. That becomes the thing that you deploy, and if a mission partner has a presence in the cloud as well, you’ve created a situation where now the technologies are standard and they’re able to communicate across each other from data center to commercial cloud,” she said. “We’ve given them a capability that gives them a really awesome jumpstart to integrate with commercial cloud services. That started in November as an idea and we’ve already delivered a prototype. We’re working right now to implement it with our first customer.”

The infrastructure-as-code effort is a bit further ahead from an operational standpoint.

The Army Corps of Engineers already tested it out with the HACC developing an application in a few hours instead of something that may have taken as much as 38 weeks to do previously.

“It was automated. It was validated. You start removing some that human error component as well, which just improves security and improves speed to mission and all these things,” Woods said. “That’s what infrastructures code is, these automated pre-configured cloud environments with privileged identity and continuous monitoring security policies around it. We have well over a dozen customers so it is one of the success stories because we took it from ideation to delivery in less than six months. We’ve had well over a dozen different customers consume it both in a research capacity as well as production.”

]]>
https://federalnewsnetwork.com/ask-the-cio/2022/04/disas-milcloud-replacement-is-open-for-business/feed/ 0
GSA using data, analytics to push agencies to accelerate move to EIS https://federalnewsnetwork.com/ask-the-cio/2022/03/gsa-using-data-analytics-to-push-agencies-to-accelerate-move-to-eis/ https://federalnewsnetwork.com/ask-the-cio/2022/03/gsa-using-data-analytics-to-push-agencies-to-accelerate-move-to-eis/#respond Fri, 25 Mar 2022 15:27:05 +0000 https://federalnewsnetwork.com/?p=3978193 var config_3978310 = {"options":{"theme":"hbidc_default"},"extensions":{"Playlist":[]},"episode":{"media":{"mp3":"https:\/\/dts.podtrac.com\/redirect.mp3\/pdst.fm\/e\/chrt.fm\/track\/E2G895\/aw.noxsolutions.com\/launchpod\/adswizz\/1128\/032422_askciogsaeis_web_aq04_e6d80289.mp3?awCollectionId=1128&awEpisodeId=08bafc78-dace-4e9b-9dbb-22e3e6d80289&awNetwork=322"},"coverUrl":"https:\/\/federalnewsnetwork.com\/wp-content\/uploads\/2018\/12\/AsktheCIO1500-150x150.jpg","title":"GSA using data, analytics to push agencies to accelerate move to EIS","description":"[hbidcpodcast podcastid='3978310']nnIt\u2019s been clear for some time that most agencies were not going to meet the March 31 deadline of moving at least 90% of their telecommunications inventory to the Enterprise Infrastructure Solutions (EIS) contract.nnThe General Services Administration, which oversees the EIS program, reported that as of Jan. 31 only 50%, or 111 of 222 agencies, have met the deadline. Most of those, however, are small or very small agencies.nnOf the 17 large agencies, nine have met the goal of moving between 50% and 90% of their inventory to EIS. That goal, however, was for March 31, 2021.nn[caption id="attachment_3978194" align="aligncenter" width="1132"]<img class="wp-image-3978194 size-full" src="https:\/\/federalnewsnetwork.com\/wp-content\/uploads\/2022\/03\/gsa-eis-graphic-march-2022.png" alt="" width="1132" height="544" \/> Source: GSA EIS report for Jan. 31, 2022.[\/caption]nnAs the next deadline nears \u2014 by Sept. 30, 2022 agencies must move 100% of all inventory to EIS \u2014 GSA is offering agencies access to new and improved tools to accelerate EIS implementation.nnAmy Haseltine, the deputy assistant commissioner for acquisitions in the Office of the IT Category in the Federal Acquisition Service at GSA, said along with a host of interagency meetings, specifically with senior procurement executives, her office is bringing agencies through the RAFT \u2014 risk assessment for transition \u2014 analysis.nn\u201cIt's a project that GSA put together to leverage data analytics to help our agencies understand where they are at a point in time, and what it's actually going to take to get where they need to go. What makes this so cool is the data analytics that we use really were derived in partnership with our industry partners on the EIS vehicle. We did some consultations with them, did some pilot testing, and ask them some foundational questions like, 'if you have this many TDM lines, how many months is it going to take you to get to wherever you need to be?'\u201d Haseltine said during a recent panel discussion sponsored by Granite Telecommunications and Capitol Technology University, an excerpt of which was played on <strong><em><a href="https:\/\/federalnewsnetwork.com\/category\/radio-interviews\/ask-the-cio\/">Ask the CIO<\/a><\/em><\/strong>. \u201cThat information from our industry partners is vital because it helps give our agency customers insight into what that time is.\u201dnn[caption id="attachment_2373401" align="alignright" width="176"]<img class="size-full wp-image-2373401" src="https:\/\/federalnewsnetwork.com\/wp-content\/uploads\/2019\/06\/hhs-haseltine2.jpg" alt="" width="176" height="176" \/> Amy Haseltine is the deputy assistant commissioner for acquisitions in the Office of the IT Category at GSA.[\/caption]nnShe said agencies can schedule a RAFT consultation, free of charge, with GSA\u2019s technical team and the agency\u2019s acquisition and technology teams to take a deep dive into their current EIS transition activities.nn\u201cWe provide them with an independent view, an estimate of how long it's going to take to get them to be completed. Our goal there is not really any judgment at all, but it's simply to give you an independent set of data that then an agency can take back and factor into their senior leadership C-suite conversations,\u201d Haseltine said.nnGSA has conducted more than a dozen RAFT consultations with agencies since last year.nnAllen Hill, the deputy assistant commissioner for category management also in the Office of the IT Category at GSA, said creating that dialogue across the CIO, CFO and CAO communities as well as vendors helps to address short and long term challenges.nn\u201cFrom the vendor perspective, we need to understand when at the technical level where things are not going right. We've had agencies reach out to us and say, \u2018Hey, we're having a challenge.\u2019 We talked with the vendors\u2019 executives and they got in and they get them back on track. That's extremely important to keep that dialogue going,\u201d he said. \u201cThose agencies who really understand at the executive level what needs to be accomplished, the resources they need to apply and the path forward to achieving the success and transition to EIS, those who understand those basics have been very successful. We've had agencies that have met the transition timelines and are moving forward. They're getting those on the Federal IT Acquisition Reform Act (FITARA) scorecard. Those who are challenged, we really, really encourage them to reach out to us; let's have those discussions.\u201dn<h2>18 solicitations remaining<\/h2>nThe RAFT exercise comes at a key time for agencies as GSA recently <a href="https:\/\/federalnewsnetwork.com\/reporters-notebook-jason-miller\/2022\/02\/transition-to-new-telecom-contract-hits-wall-forcing-gsa-to-extend-timetable\/">decided to extend<\/a> the current telecommunications contracts \u2014 specifically the continuity of services (CoS) piece under Networx \u2014 because an assortment of factors was <a href="https:\/\/federalnewsnetwork.com\/congress\/2020\/03\/risk-is-high-that-gsas-latest-telecom-contract-suffers-same-fate-as-last-two\/">making the deadlines<\/a> impossible to reach for most agencies and turning off the Networx and other legacy contracts would put their missions at risk.nnGSA reported in January that agencies, mostly the departments of Defense and Homeland Security, still have to award 18 solicitations under EIS, including three that still must go to industry to bid.nnThis is why GSA is expanding the RAFT process.nnAfter understanding and assessing their current status, GSA is helping agencies use their acquisition decision framework developed specifically for EIS transition. The framework also helps agencies address contingency planning and mitigation strategies as the transition to EIS takes longer than expected.nn\u201cGSA is simply trying to create a framework or a method that gives agencies ideas for how to approach acquisitions through its own lens. They've got limitations based on their own internal regulatory framework requirements, appropriations requirements, etc., so we're not telling folks go left, go right, go center. But what we do want to provide them with is a decision tree that allows them to walk through it with us, if they wish, but also to allow them to walk through it with their agency C-suite executives and their broader team, so that they are empowered with all of what we know. They can then overlay that knowledge with their own agency specific sets of parameters and processes,\u201d she said. \u201cAt least what we found so far, and it\u2019s an incredibly enlightening discussion, time is of the essence and frankly the longer it takes for agencies to accelerate their progress, the harder it will be to get where they need to go and the more limited the choices may become in terms of designing those acquisition contingency strategies.\u201dnnShe added the faster agencies go through the RAFT process, the more empowered they are then to go have <a href="https:\/\/federalnewsnetwork.com\/reporters-notebook-jason-miller\/2020\/07\/lacking-teeth-gsa-creates-alliances-to-spur-transition-to-new-telecommunications-program\/">other kinds of conversations<\/a> within the space of their own agency.nn\u201cWe recognize that given where we are, and I think this is really embracing reality, there are some agencies are going to do great and make it there are other agencies that are going to really have to push very, very, very, very hard [to meet these deadlines],\u201d she said. \u201cThe decision framework for acquisition is really intended to give people a tool to take back and go \u2018okay, now that we know where we are at this point in time, what are the 50-60 different steps that need to take place? Now that we understand our risks, what are the conversations we can have within the agency to make good choices about acquisitions so that we don't run into the risk of having mission interrupted?\u2019\u201dn<h2>EIS trends so far<\/h2>nHill said despite the slow progress on EIS, particularly by large agencies, there are several important trends that are emerging.nnHe said wireless capabilities, broadband, software-defined wide area network (SD-WAN),which is the foundation of where agency infrastructure need to move to take advantage of artificial intelligence and machine learning to address the need to surge capabilities, are among the most popular technologies in the EIS contracts.nn\u201cSome of the services we're adding on to EIS are a secure access service edge (SASE), which is extremely important, as is that zero trust, 5G, WiFi 6 and any technology that doesn't require that large infrastructure of technologists to support it,\u201d Hill said. \u201cThe other dialogue we're having with both industry and agency is that lean-forward thinking approach of how they do transition and what are the types of activities they can do now in this transition that sets them up for that future state network infrastructure and that's necessary to support that zero trust architecture framework. That's extremely important because if I'm putting the TDM circuit in again, I'm not moving the ball. Why do that? Let's not make it to where we're having to do rework, the more we do like-for-like in terms of technologies without a pathway to the to the future state, the more work we're going to add in future modernization.\u201d"}};

It’s been clear for some time that most agencies were not going to meet the March 31 deadline of moving at least 90% of their telecommunications inventory to the Enterprise Infrastructure Solutions (EIS) contract.

The General Services Administration, which oversees the EIS program, reported that as of Jan. 31 only 50%, or 111 of 222 agencies, have met the deadline. Most of those, however, are small or very small agencies.

Of the 17 large agencies, nine have met the goal of moving between 50% and 90% of their inventory to EIS. That goal, however, was for March 31, 2021.

Source: GSA EIS report for Jan. 31, 2022.

As the next deadline nears — by Sept. 30, 2022 agencies must move 100% of all inventory to EIS — GSA is offering agencies access to new and improved tools to accelerate EIS implementation.

Amy Haseltine, the deputy assistant commissioner for acquisitions in the Office of the IT Category in the Federal Acquisition Service at GSA, said along with a host of interagency meetings, specifically with senior procurement executives, her office is bringing agencies through the RAFT — risk assessment for transition — analysis.

“It’s a project that GSA put together to leverage data analytics to help our agencies understand where they are at a point in time, and what it’s actually going to take to get where they need to go. What makes this so cool is the data analytics that we use really were derived in partnership with our industry partners on the EIS vehicle. We did some consultations with them, did some pilot testing, and ask them some foundational questions like, ‘if you have this many TDM lines, how many months is it going to take you to get to wherever you need to be?’” Haseltine said during a recent panel discussion sponsored by Granite Telecommunications and Capitol Technology University, an excerpt of which was played on Ask the CIO. “That information from our industry partners is vital because it helps give our agency customers insight into what that time is.”

Amy Haseltine is the deputy assistant commissioner for acquisitions in the Office of the IT Category at GSA.

She said agencies can schedule a RAFT consultation, free of charge, with GSA’s technical team and the agency’s acquisition and technology teams to take a deep dive into their current EIS transition activities.

“We provide them with an independent view, an estimate of how long it’s going to take to get them to be completed. Our goal there is not really any judgment at all, but it’s simply to give you an independent set of data that then an agency can take back and factor into their senior leadership C-suite conversations,” Haseltine said.

GSA has conducted more than a dozen RAFT consultations with agencies since last year.

Allen Hill, the deputy assistant commissioner for category management also in the Office of the IT Category at GSA, said creating that dialogue across the CIO, CFO and CAO communities as well as vendors helps to address short and long term challenges.

“From the vendor perspective, we need to understand when at the technical level where things are not going right. We’ve had agencies reach out to us and say, ‘Hey, we’re having a challenge.’ We talked with the vendors’ executives and they got in and they get them back on track. That’s extremely important to keep that dialogue going,” he said. “Those agencies who really understand at the executive level what needs to be accomplished, the resources they need to apply and the path forward to achieving the success and transition to EIS, those who understand those basics have been very successful. We’ve had agencies that have met the transition timelines and are moving forward. They’re getting those on the Federal IT Acquisition Reform Act (FITARA) scorecard. Those who are challenged, we really, really encourage them to reach out to us; let’s have those discussions.”

18 solicitations remaining

The RAFT exercise comes at a key time for agencies as GSA recently decided to extend the current telecommunications contracts — specifically the continuity of services (CoS) piece under Networx — because an assortment of factors was making the deadlines impossible to reach for most agencies and turning off the Networx and other legacy contracts would put their missions at risk.

GSA reported in January that agencies, mostly the departments of Defense and Homeland Security, still have to award 18 solicitations under EIS, including three that still must go to industry to bid.

This is why GSA is expanding the RAFT process.

After understanding and assessing their current status, GSA is helping agencies use their acquisition decision framework developed specifically for EIS transition. The framework also helps agencies address contingency planning and mitigation strategies as the transition to EIS takes longer than expected.

“GSA is simply trying to create a framework or a method that gives agencies ideas for how to approach acquisitions through its own lens. They’ve got limitations based on their own internal regulatory framework requirements, appropriations requirements, etc., so we’re not telling folks go left, go right, go center. But what we do want to provide them with is a decision tree that allows them to walk through it with us, if they wish, but also to allow them to walk through it with their agency C-suite executives and their broader team, so that they are empowered with all of what we know. They can then overlay that knowledge with their own agency specific sets of parameters and processes,” she said. “At least what we found so far, and it’s an incredibly enlightening discussion, time is of the essence and frankly the longer it takes for agencies to accelerate their progress, the harder it will be to get where they need to go and the more limited the choices may become in terms of designing those acquisition contingency strategies.”

She added the faster agencies go through the RAFT process, the more empowered they are then to go have other kinds of conversations within the space of their own agency.

“We recognize that given where we are, and I think this is really embracing reality, there are some agencies are going to do great and make it there are other agencies that are going to really have to push very, very, very, very hard [to meet these deadlines],” she said. “The decision framework for acquisition is really intended to give people a tool to take back and go ‘okay, now that we know where we are at this point in time, what are the 50-60 different steps that need to take place? Now that we understand our risks, what are the conversations we can have within the agency to make good choices about acquisitions so that we don’t run into the risk of having mission interrupted?’”

EIS trends so far

Hill said despite the slow progress on EIS, particularly by large agencies, there are several important trends that are emerging.

He said wireless capabilities, broadband, software-defined wide area network (SD-WAN),which is the foundation of where agency infrastructure need to move to take advantage of artificial intelligence and machine learning to address the need to surge capabilities, are among the most popular technologies in the EIS contracts.

“Some of the services we’re adding on to EIS are a secure access service edge (SASE), which is extremely important, as is that zero trust, 5G, WiFi 6 and any technology that doesn’t require that large infrastructure of technologists to support it,” Hill said. “The other dialogue we’re having with both industry and agency is that lean-forward thinking approach of how they do transition and what are the types of activities they can do now in this transition that sets them up for that future state network infrastructure and that’s necessary to support that zero trust architecture framework. That’s extremely important because if I’m putting the TDM circuit in again, I’m not moving the ball. Why do that? Let’s not make it to where we’re having to do rework, the more we do like-for-like in terms of technologies without a pathway to the to the future state, the more work we’re going to add in future modernization.”

]]>
https://federalnewsnetwork.com/ask-the-cio/2022/03/gsa-using-data-analytics-to-push-agencies-to-accelerate-move-to-eis/feed/ 0
After 40 years of service, Vogel offers ways to make federal IT better https://federalnewsnetwork.com/ask-the-cio/2022/03/after-40-years-of-service-vogel-offers-ways-to-make-federal-it-better/ https://federalnewsnetwork.com/ask-the-cio/2022/03/after-40-years-of-service-vogel-offers-ways-to-make-federal-it-better/#respond Fri, 18 Mar 2022 16:32:15 +0000 https://federalnewsnetwork.com/?p=3966651 var config_3967104 = {"options":{"theme":"hbidc_default"},"extensions":{"Playlist":[]},"episode":{"media":{"mp3":"https:\/\/dts.podtrac.com\/redirect.mp3\/pdst.fm\/e\/chrt.fm\/track\/E2G895\/aw.noxsolutions.com\/launchpod\/adswizz\/1128\/031722_askciohhsvogelexit_web_424r_7c67a8b7.mp3?awCollectionId=1128&awEpisodeId=59de67fd-0f96-43ca-8ae0-f3c07c67a8b7&awNetwork=322"},"coverUrl":"https:\/\/federalnewsnetwork.com\/wp-content\/uploads\/2018\/12\/AsktheCIO1500-150x150.jpg","title":"After 40 years of service, Vogel offers ways to make federal IT better","description":"[hbidcpodcast podcastid='3967104']nnFrom futuristic telephones with screens on desks in the 1990s, to punch card mainframes using FORTRAN, Janet Vogel, the former acting chief information officer and chief information security officer at the Department of Health and Human Services, has seen significant change in the federal technology sector.nnVogel <a href="https:\/\/federalnewsnetwork.com\/reporters-notebook-jason-miller\/2021\/12\/cios-at-hhs-tsa-cto-at-justice-leaving-federal-service\/">recently retired<\/a> after 40 years of federal service.nnShe said her experiences, from\u00a0HHS\u00a0and\u00a0the U.S. Agency for International Development,\u00a0to her\u00a0political science background\u00a0and\u00a0learning technology,\u00a0taught her several things about how to be successful in the federal sector.nn[caption id="attachment_3966659" align="alignright" width="226"]<img class="size-full wp-image-3966659" src="https:\/\/federalnewsnetwork.com\/wp-content\/uploads\/2022\/03\/Janet-Vogel.png" alt="" width="226" height="288" \/> Janet Vogel, the former acting CIO and CISO at the Department of Health and Human Services, recently retired after 40 years of federal service.[\/caption]nn\u201cI would definitely recommend that they think big and lean forward. It's a big job. There are so many moving pieces that you really have to focus on both compliance and operations at the same time because we do operate things departmentwide, and compliance can eat your lunch, and your dinner,\u201d Vogel said during an \u201cexit\u201d interview on <a href="https:\/\/federalnewsnetwork.com\/category\/radio-interviews\/ask-the-cio\/">Ask the CIO<\/a>. \u201cSo I would say think big, get views that are not just techie so that you understand the impact of choices. Listen, get the input, think about it, lean forward and definitely focus on resiliency. What's your plan B? What's your plan C? Because HHS holds critical infrastructure capabilities, and that's on the shoulders of the IT and the cyber people. It really is, and everyone else, if you believe cyber is everything.\u201dnnAnd to that end about cyber, Vogel said the next HHS CISO and incoming CIO Karl Mathias\u00a0\u2014\u00a0Vogel\u2019s interview occurred before he was named the <a href="https:\/\/federalnewsnetwork.com\/cio-news\/2022\/03\/mathias-to-become-the-8th-cio-in-last-7-years-at-hhs\/">new CIO at HHS<\/a> \u2014 should continue its focus on implementing the updates in Special Publication 800-53 from the National Institute of Standards and Technology as part of the move to zero trust.nn\u201cWe put together a new HHS policy on zero trust, so that needs to be front and center. Zero trust and defense-in-depth are very important, so I would definitely focus on that kind of thing,\u201d she said. \u201cThe skills of the people that are involved is also really important. When you have high performing employees, they like to be challenged. So take advantage of that. Take advantage of that as a resource, but also think about how to ask skill and make sure that everybody stays current on their skills.\u201dn<h2>Landed in IT by accident<\/h2>nVogel\u2019s words of wisdom about training and cybersecurity were ones she lived by. She came to the federal government from a small farming community in Oregon. She studied political science at Colorado State University. After graduating in 1978, she earned an internship at HHS in Washington, D.C, and her career took off.nnAfter her first stint at HHS, she worked for USAID, the Federal Aviation Administration, the Treasury Department and then the Centers for Medicare and Medicaid Services.nnVogel spent her last four years working as the HHS CISO and then acting CIO since May. She got her start in IT almost by accident.nn\u201cIt was an HHS program, and I worked for the Office of Information Services, I believe it was called at the time. IT was called ADP, automated data processing, and I got a lot of experience there with great mentors,\u201d she said. \u201cI moved to the Office of the Assistant Secretary for Health, and I went through all of the process of how do you get an authority or an approval for an ADP project? I worked mostly with the National Institutes of Health at that time. It was really exciting because I got to see what it takes to put together a program and what it takes to manage it. We went through every acquisition, and went to GSA for approval for every IT acquisition at that time so it really gave me a thorough understanding.\u201dnnShe said one of her first projects was to get approval for HHS to buy a supercomputer in the 1980s.nnVogel built on that experience while at USAID, where she worked on a project to help Pakistan with hardware and software development for their census.nn\u201cWith USAID, the money has to be spent on U.S. products, and so I was able to see the companies, the quality of their proposals and help show the people there how to look for those things and what to do next. So it was helping them actually implement the technology in their country and a little bit of education,\u201d she said.n<h2>Too many IT regulations, laws<\/h2>nAll of her experiences left an indelible imprint on her about how difficult federal acquisition and technology can be.nn\u201cThe federal IT sector is governed by over 100 laws, rules and regulations, and it is weighed down by that. I would simplify the compliance and the auditing so that we could focus being more effective with IT and cyber. That said, it's not one office that can do this. We need to make sure that others are engaged. So I would simplify the oversight and all of the legislation that we're constantly reporting on,\u201d she said. \u201cI think that the evolving nature of cyber makes it a little more difficult because it's not quite as mature yet. I'm not sure it'll ever get there because we have a lot of bad actors and all they want to do is disrupt some things that are important.\u201dnnVogel also said agency CIOs need more authority and direct funding for cybersecurity.nn\u201cIt really does make a difference if you have multi-year funding in your ability to plan and execute strategic operational activities. That would be a big improvement,\u201d she said.nnDuring her time at HHS, Vogel said she was proud of the work the team did to reimagine the <a href="https:\/\/federalnewsnetwork.com\/ask-the-cio\/2018\/11\/hhs-remakes-cyber-threat-center-to-have-external-focus\/">Health Sector Cybersecurity Coordination Center<\/a> (HC3).nn\u201cThe HC3 takes cyber information that we know about threats or vulnerabilities and puts it into a language that is understandable to the medical community,\u201d she said. \u201cWe send out those bulletins to the cyber contacts in the health care industry, we have thousands of them, telling them about a threat, what it means to you, here's how you could identify this if you have the problem and here's what you do. Our outreach to the health care sector has been enormous, and, I think, it's been very beneficial. We're able to put things in more medical and operational terms than just techie talk.\u201dn<h2>HHS CIO council matchmaking<\/h2>nNow HHS receives more requests for cyber information to the HC3 than ever before and it\u2019s reaching more cyber and non-cyber experts because the information is more easily accessible and understood.nnAnother area where HHS has changed is the internal coordination among bureau CIOs. Vogel said she reinvigorated HHS CIO council meetings to create connections across the bureaus to improve sharing, specifically of cyber data.nn\u201cOne of the things in our council meetings that I did was how I sponsored what I called speed matching. The instructions were each of you bring three things that you do really well, and three things you want to improve on. And through our meeting, we paired folks up and had sessions where each of them in that pair would talk about the things that they did well and share information,\u201d she said. \u201cAs a result, we were able to improve the sharing of everything from training on privacy or security to products so we don\u2019t have to reinvent the wheel.\u201dnnVogel said she has no plans for what comes next after some much-deserved rest and relaxation. She said she may do some volunteering.nn\u201cIt definitely is hard to step away from because I have real, deeply-rooted sense of patriotism and dedication. And so stepping away to make a change was a really hard decision,\u201d she said. \u201cI did think about it over the last couple years, and this time just seemed opportune for me to try something new. I like to learn something new every day, and this gives me the opportunity to do a lot of that. So [a] difficult decision, but it's just the right time.\u201d"}};

From futuristic telephones with screens on desks in the 1990s, to punch card mainframes using FORTRAN, Janet Vogel, the former acting chief information officer and chief information security officer at the Department of Health and Human Services, has seen significant change in the federal technology sector.

Vogel recently retired after 40 years of federal service.

She said her experiences, from HHS and the U.S. Agency for International Development, to her political science background and learning technology, taught her several things about how to be successful in the federal sector.

Janet Vogel, the former acting CIO and CISO at the Department of Health and Human Services, recently retired after 40 years of federal service.

“I would definitely recommend that they think big and lean forward. It’s a big job. There are so many moving pieces that you really have to focus on both compliance and operations at the same time because we do operate things departmentwide, and compliance can eat your lunch, and your dinner,” Vogel said during an “exit” interview on Ask the CIO. “So I would say think big, get views that are not just techie so that you understand the impact of choices. Listen, get the input, think about it, lean forward and definitely focus on resiliency. What’s your plan B? What’s your plan C? Because HHS holds critical infrastructure capabilities, and that’s on the shoulders of the IT and the cyber people. It really is, and everyone else, if you believe cyber is everything.”

And to that end about cyber, Vogel said the next HHS CISO and incoming CIO Karl Mathias — Vogel’s interview occurred before he was named the new CIO at HHS — should continue its focus on implementing the updates in Special Publication 800-53 from the National Institute of Standards and Technology as part of the move to zero trust.

“We put together a new HHS policy on zero trust, so that needs to be front and center. Zero trust and defense-in-depth are very important, so I would definitely focus on that kind of thing,” she said. “The skills of the people that are involved is also really important. When you have high performing employees, they like to be challenged. So take advantage of that. Take advantage of that as a resource, but also think about how to ask skill and make sure that everybody stays current on their skills.”

Landed in IT by accident

Vogel’s words of wisdom about training and cybersecurity were ones she lived by. She came to the federal government from a small farming community in Oregon. She studied political science at Colorado State University. After graduating in 1978, she earned an internship at HHS in Washington, D.C, and her career took off.

After her first stint at HHS, she worked for USAID, the Federal Aviation Administration, the Treasury Department and then the Centers for Medicare and Medicaid Services.

Vogel spent her last four years working as the HHS CISO and then acting CIO since May. She got her start in IT almost by accident.

“It was an HHS program, and I worked for the Office of Information Services, I believe it was called at the time. IT was called ADP, automated data processing, and I got a lot of experience there with great mentors,” she said. “I moved to the Office of the Assistant Secretary for Health, and I went through all of the process of how do you get an authority or an approval for an ADP project? I worked mostly with the National Institutes of Health at that time. It was really exciting because I got to see what it takes to put together a program and what it takes to manage it. We went through every acquisition, and went to GSA for approval for every IT acquisition at that time so it really gave me a thorough understanding.”

She said one of her first projects was to get approval for HHS to buy a supercomputer in the 1980s.

Vogel built on that experience while at USAID, where she worked on a project to help Pakistan with hardware and software development for their census.

“With USAID, the money has to be spent on U.S. products, and so I was able to see the companies, the quality of their proposals and help show the people there how to look for those things and what to do next. So it was helping them actually implement the technology in their country and a little bit of education,” she said.

Too many IT regulations, laws

All of her experiences left an indelible imprint on her about how difficult federal acquisition and technology can be.

“The federal IT sector is governed by over 100 laws, rules and regulations, and it is weighed down by that. I would simplify the compliance and the auditing so that we could focus being more effective with IT and cyber. That said, it’s not one office that can do this. We need to make sure that others are engaged. So I would simplify the oversight and all of the legislation that we’re constantly reporting on,” she said. “I think that the evolving nature of cyber makes it a little more difficult because it’s not quite as mature yet. I’m not sure it’ll ever get there because we have a lot of bad actors and all they want to do is disrupt some things that are important.”

Vogel also said agency CIOs need more authority and direct funding for cybersecurity.

“It really does make a difference if you have multi-year funding in your ability to plan and execute strategic operational activities. That would be a big improvement,” she said.

During her time at HHS, Vogel said she was proud of the work the team did to reimagine the Health Sector Cybersecurity Coordination Center (HC3).

“The HC3 takes cyber information that we know about threats or vulnerabilities and puts it into a language that is understandable to the medical community,” she said. “We send out those bulletins to the cyber contacts in the health care industry, we have thousands of them, telling them about a threat, what it means to you, here’s how you could identify this if you have the problem and here’s what you do. Our outreach to the health care sector has been enormous, and, I think, it’s been very beneficial. We’re able to put things in more medical and operational terms than just techie talk.”

HHS CIO council matchmaking

Now HHS receives more requests for cyber information to the HC3 than ever before and it’s reaching more cyber and non-cyber experts because the information is more easily accessible and understood.

Another area where HHS has changed is the internal coordination among bureau CIOs. Vogel said she reinvigorated HHS CIO council meetings to create connections across the bureaus to improve sharing, specifically of cyber data.

“One of the things in our council meetings that I did was how I sponsored what I called speed matching. The instructions were each of you bring three things that you do really well, and three things you want to improve on. And through our meeting, we paired folks up and had sessions where each of them in that pair would talk about the things that they did well and share information,” she said. “As a result, we were able to improve the sharing of everything from training on privacy or security to products so we don’t have to reinvent the wheel.”

Vogel said she has no plans for what comes next after some much-deserved rest and relaxation. She said she may do some volunteering.

“It definitely is hard to step away from because I have real, deeply-rooted sense of patriotism and dedication. And so stepping away to make a change was a really hard decision,” she said. “I did think about it over the last couple years, and this time just seemed opportune for me to try something new. I like to learn something new every day, and this gives me the opportunity to do a lot of that. So [a] difficult decision, but it’s just the right time.”

]]>
https://federalnewsnetwork.com/ask-the-cio/2022/03/after-40-years-of-service-vogel-offers-ways-to-make-federal-it-better/feed/ 0
VA’s digital transformation is the new CIO’s ‘North Star’ goal https://federalnewsnetwork.com/ask-the-cio/2022/03/vas-digital-transformation-is-the-new-cios-north-star-goal/ https://federalnewsnetwork.com/ask-the-cio/2022/03/vas-digital-transformation-is-the-new-cios-north-star-goal/#respond Fri, 11 Mar 2022 22:41:01 +0000 https://federalnewsnetwork.com/?p=3955681 var config_3955759 = {"options":{"theme":"hbidc_default"},"extensions":{"Playlist":[]},"episode":{"media":{"mp3":"https:\/\/dts.podtrac.com\/redirect.mp3\/pdst.fm\/e\/chrt.fm\/track\/E2G895\/aw.noxsolutions.com\/launchpod\/adswizz\/1128\/031022_askcioVAbriefing_web_4zwg_656d2301.mp3?awCollectionId=1128&awEpisodeId=54cc156c-2c37-4c9b-8ad1-32d4656d2301&awNetwork=322"},"coverUrl":"https:\/\/federalnewsnetwork.com\/wp-content\/uploads\/2018\/12\/AsktheCIO1500-150x150.jpg","title":"VA\u2019s digital transformation is the new CIO\u2019s \u2018North Star\u2019 goal","description":"[hbidcpodcast podcastid='3955759']nn<em>Best listening experience is on Chrome, Firefox or Safari. Subscribe to Federal Drive\u2019s daily audio interviews on\u00a0<\/em><a href="https:\/\/itunes.apple.com\/us\/podcast\/federal-drive-with-tom-temin\/id1270799277?mt=2"><i>Apple Podcasts<\/i><\/a><em>\u00a0or\u00a0<a href="https:\/\/www.podcastone.com\/federal-drive-with-tom-temin?pid=1753589">PodcastOne<\/a>.<\/em>nnThe Department of Veterans Affairs wants to be a leader in digital transformation for the federal government.nnBoth the size and scope of the agency, VA leaders believe, gives it a unique opportunity to demonstrate just how change could work.nnKurt DelBene, the VA\u2019s assistant secretary for information and technology and chief information officer, said he plans to build on and accelerate the progress VA has made over the last decade.nn[caption id="attachment_3955693" align="alignright" width="351"]<img class="wp-image-3955693" src="https:\/\/federalnewsnetwork.com\/wp-content\/uploads\/2022\/03\/kurt-delbene-241x300.png" alt="" width="351" height="437" \/> Kurt DelBene is the VA\u2019s assistant secretary for information and technology and chief information officer.[\/caption]nn\u201cAs we begin to do some modernization of our core stack, we are engaged in a huge number of system transformations a colossal number from commercial standards alone. Currently, we're updating our financial management and logistics systems. We're enabling support for caregivers through enhancements to our benefit systems. And we're undergoing transformation of our electronic health record system as well,\u201d DelBene said during a recent discussion with reporters. \u201cOur focus is on innovation and bringing industry best practices and cutting edge technology to the VA. We're also driving really hard on the having a world class veterans digital experience. We have significantly improved both our veterans\u2019 online customer satisfaction as well as usage, allowing veterans to streamline their health care disabilities and education benefits, payments and other information that impacts their daily lives.\u201dnnDelBene doesn\u2019t underestimate the challenge that is in front of him either. VA employees 400,000 doctors, nurses, healthcare professionals, benefit processes, and a host of other professions. It owns nearly 6,300 buildings, which include 1,200 health care facilities, many of which are 60 years old on average.nnVA\u2019s IT budget alone is <a href="https:\/\/federalnewsnetwork.com\/reporters-notebook-jason-miller\/2021\/06\/for-it-cyber-policy-goals-dig-beneath-the-numbers-of-bidens-2022-request\/">over $8 billion<\/a> and more than $1 billion in <a href="https:\/\/federalnewsnetwork.com\/veterans-affairs\/2020\/01\/1b-in-technical-debt-driving-vas-massive-it-modernization-efforts\/">technical debt<\/a> that will force DelBene to strike a balance of keeping the current technology running and secured, while also modernizing.nn\u201cModernizing is a key challenge that we must face on a daily basis with sustained effort,\u201d said DelBene, who the Senate confirmed in December. \u201cI aspire to bring what I've learned to the commercial sector and work with what VA OIT has already done to continue our digital transformation. VA OIT has become a leader not only in the VA, but throughout the federal space. And I want to keep us at the forefront at the foundation. That means working with stakeholders on a clearly articulated vision of what they do to deliver for veterans, caregivers and their families, and then bring that and interpret that into an agenda for our technology innovation. We then need to develop clear plans of action that are agile and adapt as our needs change. We need to have measures of success or metrics that measure end user outcomes. And then our resources need to be clearly allocated based on these priorities in a way that it's clear how they tick and tie together.\u201dn<h2>Deliver benefits to veterans<\/h2>nDelBene is not the first CIO to come to VA with a big vision and set of goals. Over the last 13 years, VA has seen its <a href="https:\/\/federalnewsnetwork.com\/reporters-notebook\/2021\/10\/va-has-had-more-acting-cios-than-permanent-ones-since-2009\/">share of IT executives<\/a> come in and leave out the door \u2014 now four Senate confirmed assistant secretaries and CIOs since 2009 with the average tenure of 18 months.nnCongress and other VA customers have decried the inconsistent leadership around technology at the political level. Rep. Matt Rosendale (R-Mont.), ranking member of the Veterans Affairs Subcommittee on IT Modernization, said in October that the inconsistent leadership is one of the main reasons why VA continually struggles with major IT projects.nnDelBene, to his credit, seems keenly aware of the challenges VA is facing. This is his second stint in government, working as a senior advisor to the secretary of the Department of Health and Human Services in December 2013 as part of the team to help fix Healthcare.gov. He also was part of the Defense Innovation Board in 2020 and 2021.nn\u201cIf there's one thing I hope to hang my hat on at the end of the day, it's\u00a0 being a part of that transformation. It just delivers benefits across the entire spectrum. What you deliver is more focused. You're agile and that you respond as needs change. Your resource allocation is better, outcomes are better because they're tied to what the end user needs. It just delivers benefits across the line,\u201d he said. \u201cThat's where\u00a0 that's something I think I know a bunch about, and. hopefully as you can tell, it just gets me excited.\u201dnnPart of that excitement comes from the progress VA made during the pandemic. The agency proved how agile it could be when implementing new and modern technology, such as expanding and securing its network to handle more than 16 million telehealth visits and moving 400,000 employees to remote work over the last two years.nn\u201cWe were doing about 40,000 telehealth visits a month, and now we're doing about 40,000 telehealth visits a day. One other caveat, we've quadrupled our bandwidth, and that bandwidth has been built into our sustainment. So we're counting on that in the out years,\u201d said Todd Simpson, VA\u2019s deputy assistant secretary for development, security and operations. \u201cJust in my limited travels, talking with clinicians and others that work at the medical centers, there is no way culturally they want to step backwards. With some of the technologies that have come out of our Dev\/Sec\/Ops shop and out of the CTO shop, I don\u2019t think we will. We've created some really cool tools that have virtually eliminated the need for a physical waiting room.\u201dn<h2>Agile development is the best option<\/h2>nDelBene said the pandemic and other efforts over the last few years has given VA a \u201cNorth Star\u201d of sorts. He said that means expanding more <a href="https:\/\/federalnewsnetwork.com\/cme-event\/2021-ask-the-cio-department-of-veterans-affairs\/">agile development practices<\/a> so VA can create new or update applications in a matter of hours or days instead of weeks or months.nnHe said VA is looking at low code, no code platforms, using more containers to shift applications from one cloud or data center to another, and creating a software factory to oversee all of these efforts.nn\u201cThe foundation exists within the organization that we just need to ramp up on the whole, having a DevSecOps mentality is a really powerful approach. I think that the team\u00a0 organized around that is the way they deliver solutions. Another one that I think is transformative is we have a very deep investment in security. That's one of the first places I went when I got here saying, \u2018Tell us what your security posture looks like.\u2019 We're building a modern infrastructure in terms of bringing all of our logging together. So we can do inference across that about potential security threats. I feel good about the foundation, but there's more that we can do there,\u201d DelBene said. \u201cI think we have a very active cloud migration strategy, which I want to build upon as well. It\u2019s about triaging the portfolio of apps you have and deciding which ones you're going to modernize which ones you're going to actually containerize and bring to the cloud. Which ones do you want sunset? I think we can build on that as well.\u201dnnVA also already moved 133 applications to the cloud and has another 82 in progress. It still has about 400 in-house developed apps, but the CIO\u2019s office has worked to reduce the use of custom development from 57% in 2019 to 45% in 2021.n<h2>Customer experience\u00a0 a primary focus<\/h2>nDelBene also is inheriting a <a href="https:\/\/federalnewsnetwork.com\/veterans-affairs\/2021\/11\/nominee-to-be-vas-new-cio-would-inherit-new-cyber-strategy\/">new cyber strategy<\/a> released in October that outlines five goal areas and dozens of subgoals. VA has struggled to fix long-standing issues ranging from patching to centralized management, to governance and risk management, to a lack of documentation and accounting to fix more than 15,000 plans of actions and milestones. The latest Federal Information Security Management Act <a href="https:\/\/www.va.gov\/oig\/pubs\/VAOIG-20-01927-104.pdf" target="_blank" rel="noopener">(FISMA) report<\/a> from VA\u2019s inspector general found the Enterprise Cybersecurity Strategy Program (ECSP) is making progress to close gaps and fix problems.nn\u201cCybersecurity is always at the forefront. Protecting the department's information resources is a critical priority, which includes safeguarding veterans\u2019 information and systems that store process and transmit information. We're leveraging a balanced risk management approach to do so, just as is done in the industry as well. Here we need to establish clear, clear internal vision for securing the organization leveraging frameworks like zero trust in the NIST framework, while enhancing our compliance with mandates such as FISMA and OMB\u2019s recent regulation 140208,\u201d he said. \u201cData management and analytics is another key getting to modern data infrastructure with great data management will help us better serve vets and leverage emerging technologies like artificial intelligence algorithms that can create new insights to again\u00a0 help us better serve our customer. Process Automation is also key just as it is in the commercial sector. This includes getting great at process analysis, identifying the key leverage points, and then using great tools such as low code, no code platforms to automate these key processes.\u201dnnUnderpinning all of these efforts is continuing to improve VA\u2019s customer experience. Over the last 15 years, VA has gone from a 45% customer satisfaction rate to closer to 75% today.nnDelBene said he\u2019d like to bring in the concept of a Net Promoter score, which is a way to measure customer experience and predict business growth.nn\u201cThe Net Promoter score has particular benefits that we like in the industry sector, and I think it has applicability here as well. I mean, at its foundation, though, it's a little bit like you see an experience and you see what the experience looks like in the consumer space, and then what the experience looks like when you go to VA.gov. The ease of use on consumer basis should be similar,\u201d he said. \u201cThere should be a simple login. There should be a pleasant experience that you see first and foremost like here's the journey map of the things that you can do on this site. We'll use standard methodologies and then\u00a0 talk to veterans and see what the gaps are and incrementally deliver on those gaps.\u201d"}};

Best listening experience is on Chrome, Firefox or Safari. Subscribe to Federal Drive’s daily audio interviews on Apple Podcasts or PodcastOne.

The Department of Veterans Affairs wants to be a leader in digital transformation for the federal government.

Both the size and scope of the agency, VA leaders believe, gives it a unique opportunity to demonstrate just how change could work.

Kurt DelBene, the VA’s assistant secretary for information and technology and chief information officer, said he plans to build on and accelerate the progress VA has made over the last decade.

Kurt DelBene is the VA’s assistant secretary for information and technology and chief information officer.

“As we begin to do some modernization of our core stack, we are engaged in a huge number of system transformations a colossal number from commercial standards alone. Currently, we’re updating our financial management and logistics systems. We’re enabling support for caregivers through enhancements to our benefit systems. And we’re undergoing transformation of our electronic health record system as well,” DelBene said during a recent discussion with reporters. “Our focus is on innovation and bringing industry best practices and cutting edge technology to the VA. We’re also driving really hard on the having a world class veterans digital experience. We have significantly improved both our veterans’ online customer satisfaction as well as usage, allowing veterans to streamline their health care disabilities and education benefits, payments and other information that impacts their daily lives.”

DelBene doesn’t underestimate the challenge that is in front of him either. VA employees 400,000 doctors, nurses, healthcare professionals, benefit processes, and a host of other professions. It owns nearly 6,300 buildings, which include 1,200 health care facilities, many of which are 60 years old on average.

VA’s IT budget alone is over $8 billion and more than $1 billion in technical debt that will force DelBene to strike a balance of keeping the current technology running and secured, while also modernizing.

“Modernizing is a key challenge that we must face on a daily basis with sustained effort,” said DelBene, who the Senate confirmed in December. “I aspire to bring what I’ve learned to the commercial sector and work with what VA OIT has already done to continue our digital transformation. VA OIT has become a leader not only in the VA, but throughout the federal space. And I want to keep us at the forefront at the foundation. That means working with stakeholders on a clearly articulated vision of what they do to deliver for veterans, caregivers and their families, and then bring that and interpret that into an agenda for our technology innovation. We then need to develop clear plans of action that are agile and adapt as our needs change. We need to have measures of success or metrics that measure end user outcomes. And then our resources need to be clearly allocated based on these priorities in a way that it’s clear how they tick and tie together.”

Deliver benefits to veterans

DelBene is not the first CIO to come to VA with a big vision and set of goals. Over the last 13 years, VA has seen its share of IT executives come in and leave out the door — now four Senate confirmed assistant secretaries and CIOs since 2009 with the average tenure of 18 months.

Congress and other VA customers have decried the inconsistent leadership around technology at the political level. Rep. Matt Rosendale (R-Mont.), ranking member of the Veterans Affairs Subcommittee on IT Modernization, said in October that the inconsistent leadership is one of the main reasons why VA continually struggles with major IT projects.

DelBene, to his credit, seems keenly aware of the challenges VA is facing. This is his second stint in government, working as a senior advisor to the secretary of the Department of Health and Human Services in December 2013 as part of the team to help fix Healthcare.gov. He also was part of the Defense Innovation Board in 2020 and 2021.

“If there’s one thing I hope to hang my hat on at the end of the day, it’s  being a part of that transformation. It just delivers benefits across the entire spectrum. What you deliver is more focused. You’re agile and that you respond as needs change. Your resource allocation is better, outcomes are better because they’re tied to what the end user needs. It just delivers benefits across the line,” he said. “That’s where  that’s something I think I know a bunch about, and. hopefully as you can tell, it just gets me excited.”

Part of that excitement comes from the progress VA made during the pandemic. The agency proved how agile it could be when implementing new and modern technology, such as expanding and securing its network to handle more than 16 million telehealth visits and moving 400,000 employees to remote work over the last two years.

“We were doing about 40,000 telehealth visits a month, and now we’re doing about 40,000 telehealth visits a day. One other caveat, we’ve quadrupled our bandwidth, and that bandwidth has been built into our sustainment. So we’re counting on that in the out years,” said Todd Simpson, VA’s deputy assistant secretary for development, security and operations. “Just in my limited travels, talking with clinicians and others that work at the medical centers, there is no way culturally they want to step backwards. With some of the technologies that have come out of our Dev/Sec/Ops shop and out of the CTO shop, I don’t think we will. We’ve created some really cool tools that have virtually eliminated the need for a physical waiting room.”

Agile development is the best option

DelBene said the pandemic and other efforts over the last few years has given VA a “North Star” of sorts. He said that means expanding more agile development practices so VA can create new or update applications in a matter of hours or days instead of weeks or months.

He said VA is looking at low code, no code platforms, using more containers to shift applications from one cloud or data center to another, and creating a software factory to oversee all of these efforts.

“The foundation exists within the organization that we just need to ramp up on the whole, having a DevSecOps mentality is a really powerful approach. I think that the team  organized around that is the way they deliver solutions. Another one that I think is transformative is we have a very deep investment in security. That’s one of the first places I went when I got here saying, ‘Tell us what your security posture looks like.’ We’re building a modern infrastructure in terms of bringing all of our logging together. So we can do inference across that about potential security threats. I feel good about the foundation, but there’s more that we can do there,” DelBene said. “I think we have a very active cloud migration strategy, which I want to build upon as well. It’s about triaging the portfolio of apps you have and deciding which ones you’re going to modernize which ones you’re going to actually containerize and bring to the cloud. Which ones do you want sunset? I think we can build on that as well.”

VA also already moved 133 applications to the cloud and has another 82 in progress. It still has about 400 in-house developed apps, but the CIO’s office has worked to reduce the use of custom development from 57% in 2019 to 45% in 2021.

Customer experience  a primary focus

DelBene also is inheriting a new cyber strategy released in October that outlines five goal areas and dozens of subgoals. VA has struggled to fix long-standing issues ranging from patching to centralized management, to governance and risk management, to a lack of documentation and accounting to fix more than 15,000 plans of actions and milestones. The latest Federal Information Security Management Act (FISMA) report from VA’s inspector general found the Enterprise Cybersecurity Strategy Program (ECSP) is making progress to close gaps and fix problems.

“Cybersecurity is always at the forefront. Protecting the department’s information resources is a critical priority, which includes safeguarding veterans’ information and systems that store process and transmit information. We’re leveraging a balanced risk management approach to do so, just as is done in the industry as well. Here we need to establish clear, clear internal vision for securing the organization leveraging frameworks like zero trust in the NIST framework, while enhancing our compliance with mandates such as FISMA and OMB’s recent regulation 140208,” he said. “Data management and analytics is another key getting to modern data infrastructure with great data management will help us better serve vets and leverage emerging technologies like artificial intelligence algorithms that can create new insights to again  help us better serve our customer. Process Automation is also key just as it is in the commercial sector. This includes getting great at process analysis, identifying the key leverage points, and then using great tools such as low code, no code platforms to automate these key processes.”

Underpinning all of these efforts is continuing to improve VA’s customer experience. Over the last 15 years, VA has gone from a 45% customer satisfaction rate to closer to 75% today.

DelBene said he’d like to bring in the concept of a Net Promoter score, which is a way to measure customer experience and predict business growth.

“The Net Promoter score has particular benefits that we like in the industry sector, and I think it has applicability here as well. I mean, at its foundation, though, it’s a little bit like you see an experience and you see what the experience looks like in the consumer space, and then what the experience looks like when you go to VA.gov. The ease of use on consumer basis should be similar,” he said. “There should be a simple login. There should be a pleasant experience that you see first and foremost like here’s the journey map of the things that you can do on this site. We’ll use standard methodologies and then  talk to veterans and see what the gaps are and incrementally deliver on those gaps.”

]]>
https://federalnewsnetwork.com/ask-the-cio/2022/03/vas-digital-transformation-is-the-new-cios-north-star-goal/feed/ 0
Two-year effort to upgrade Federal IT Dashboard almost complete https://federalnewsnetwork.com/ask-the-cio/2022/03/two-year-effort-to-upgrade-federal-it-dashboard-almost-complete/ https://federalnewsnetwork.com/ask-the-cio/2022/03/two-year-effort-to-upgrade-federal-it-dashboard-almost-complete/#respond Fri, 04 Mar 2022 16:40:10 +0000 https://federalnewsnetwork.com/?p=3942056 var config_3942200 = {"options":{"theme":"hbidc_default"},"extensions":{"Playlist":[]},"episode":{"media":{"mp3":"https:\/\/dts.podtrac.com\/redirect.mp3\/pdst.fm\/e\/chrt.fm\/track\/E2G895\/aw.noxsolutions.com\/launchpod\/adswizz\/1128\/030322_askciogsaitdashboardrpa_web_og6w_edf86bad.mp3?awCollectionId=1128&awEpisodeId=c9aec442-1cde-4bd6-b2b4-73acedf86bad&awNetwork=322"},"coverUrl":"https:\/\/federalnewsnetwork.com\/wp-content\/uploads\/2018\/12\/AsktheCIO1500-150x150.jpg","title":"Two-year effort to upgrade Federal IT Dashboard almost complete","description":"[hbidcpodcast podcastid='3942200']nn<em>Best listening experience is on Chrome, Firefox or Safari. Subscribe to Federal Drive\u2019s daily audio interviews on\u00a0<\/em><u><span style="color: #0070c0;"><a href="https:\/\/itunes.apple.com\/us\/podcast\/federal-drive-with-tom-temin\/id1270799277?mt=2"><em>Apple Podcast<\/em>s<\/a><\/span><\/u><em>\u00a0or\u00a0<a href="https:\/\/www.podcastone.com\/federal-drive-with-tom-temin?pid=1753589">PodcastOne<\/a>.<\/em>nnNow that President Joe Biden delivered the State of the Union, the next shoe to drop will be his fiscal 2023 budget request.nnWhen that happens in the coming weeks, the General Services Administration will make a quieter, but possibly more impactful splash of its own.nnGSA is ready to launch an updated and revamped Federal IT Dashboard.nnDan York, the director of data transparency for Office of Governmentwide Policy at GSA, said this will be the first major change to the portal since the Office of Management and Budget released it in 2009.nn[caption id="attachment_3942070" align="alignright" width="282"]<img class="size-full wp-image-3942070" src="https:\/\/federalnewsnetwork.com\/wp-content\/uploads\/2022\/03\/dan-york.jpg" alt="" width="282" height="282" \/> Dan York is the director of data transparency for Office of Governmentwide Policy at GSA.[\/caption]nn\u201cWe went ahead and actually split it up. We split up the back end data input from agency facing [and] from the public consumption, the external facing. So it'll wind up being two applications. The public will only ever see the one,\u201d York said on <a href="https:\/\/federalnewsnetwork.com\/category\/radio-interviews\/ask-the-cio\/">Ask the CIO<\/a>. \u201cBut behind the scenes, there'll be two. The IT Collect API, which will be agency-facing API-only application that is the data ingester. Then the front end will be the visualization platform, which what the public will know is the Federal IT Dashboard. When they go to ITdashboard.gov, you'll see all the pretty pictures that the visualization platform has to offer.\u201dnnYork said the new portal will follow the best practices in terms development as outlined by the U.S. Digital Services. It will use web standards, ensure 508 accessibility compliance and it should be easier to navigate, have a much improved search capability and an advanced search capability that lets users type in a keyword and then filter down by agency or by cost or by CIO rating, or whatever they want.nn\u201cIf you don't know quite what you're looking for, but you want to see more about a thing, you can search the whole federal government\u2019s IT portfolio for a couple of keywords and filter down to interactive visualizations. There's the agency analysis pages that will allow the user to select data points within a set that they want to see, and which agencies they want to see the data for and then toggle on and off,\u201d he said. \u201cYou can also create some custom visualizations or custom data sets within a range. We're hoping it will be of great value as users will have the ability to access the data directly because we will post the API publicly.\u201dnnYork added the broad goal is to make the data that the government already collects more available, more transparent, more visible and, hopefully, a little more ingestible.n<h2>An end to the data debate?<\/h2>nOver the years, the complaints about the IT Dashboard have mostly centered on the data, particularly the accuracy and timeliness. The Government Accountability Office and OMB <a href="https:\/\/federalnewsnetwork.com\/congress\/2014\/01\/gao-omb-still-not-seeing-eye-to-eye-on-pace-of-it-dashboard-updates\/">sparred over the data<\/a> because of OMB\u2019s decision to withhold updates until the annual budget is made public. GAO previously said that hurt the overall effectiveness of the tool.nnYork said GSA hopes the new dashboard will solve some of these challenges because the previous portal basically froze during the months around annual budget process development.nn\u201cThe new IT dashboard will allow agencies and OMB to more regularly update the site and allow the public to see that data,\u201d he said. \u201cAs opposed to submitting your whole Exhibit 53 like they do now, they can send an update for just the thing that needs to be corrected or just the part that needs to be updated. Then the public can see those updates over time.\u201dnnGSA developed the new dashboard after receiving $3.5 million in the fiscal 2020 Defense authorization bill, which was part of the Office of Management and Budget\u2019s plan to move the control and management of the dashboard to GSA.nn\u201cWe spent the next year, 2021, both keeping the legacy site going and making sure it can still do its function and accepting submissions as well as planning and developing the new site. Then in 2022, we'll be releasing the new site to the public and turning off the old one,\u201d York said. \u201cThe most direct impact to the public will probably start in mid-March when the new site is launched.\u201dn<h2>OMB added minor updates<\/h2>nThe new Federal IT Dashboard will replace the one OMB <a href="https:\/\/federalnewsnetwork.com\/technology-main\/2010\/09\/agencies-see-it-dashboard-as-starting-point\/">launched in 2009<\/a> during the early days of the Obama administration. Over the next 12 years, OMB made <a href="https:\/\/federalnewsnetwork.com\/technology-main\/2012\/03\/omb-upgrades-it-dashboard-with-new-tools-better-data\/">some minor updates<\/a>, but many believed a facelift was more than necessary.nnKris Rowley, the former chief data officer at GSA, said the dashboard is important to ensure there is transparency for IT organizations across government.nn\u201cFrom what I can tell, it will be more visually appealing and offer more ways to slice and dice the data,\u201d said Rowley, who now is the chief data officer at the Conference of State Bank Supervisors. \u201cIt hopefully will give users multiple ways to see and consume data. The fact they are modernizing to use an application programming interface (API) for data collections is huge step forward. I imagine with all agencies trying to develop data standards, that had to be challenging.\u201dnnRowley said by improving the overall visualization approach, the dashboard should be more customer friendly, whether those customers are agency CIOs or other executives, or the general public.nn\u201cIf their target is to be able to make this information more consumable, they are doing the right thing. It\u2019s knowing your audience, and that is hard,\u201d he said. \u201cWhen it started, remember it was all pie charts. There are better ways to provide information today.\u201dnnYork said GSA took an agile, customer-centric approach to the upgrade.nn\u201cIt was really meeting with our stakeholders and customers, testing wireframes, testing new user acceptance testing, bringing the feedback back to the developer and making changes,\u201d he said. \u201cWe identified three primary user groups of agencies, OMB, even different factions within themselves, which is the management side and the budget side, as well as GAO. We went through wireframes with these three different user groups and various sessions. We built the wireframes into a test site and they tested it, and then we iterated on that.\u201dnnWhen new Federal IT Dashboard goes live soon after the White House releases President Joe Biden\u2019s 2023 budget request, it will feature mostly capital planning and investment control (CPIC) data.n<h2>Streamlining data transparency<\/h2>nBut York said GSA is working with OMB and agencies to identify additional data sets to add over time and connect to as a way to provide a more complete picture of federal IT spending.nn\u201cI should mention that we don't we don't want to be the one system to rule them all. You don't need one dashboard that has every possible data set you could ever imagine. We do want to be the place where you can go and if we have the data great, if we don't, we can show you where it is,\u201d he said. \u201cThe data that we can ingest via API and display is great, otherwise hopefully we can streamline the transparency efforts more broadly.\u201dnnRowley said he is most interested in seeing the criteria for the CIO ratings of projects using the green, yellow and red criteria.nn\u201cIdentifying the risk factors that make something yellow is hard, and how do they report it publicly and how do they articulate that it\u2019s yellow? Are they going to put information out that for how they will course correct?\u201d he said. \u201cToo often projects go from green to red, but yellow is critical to how you course correct. It also tells you a lot about the IT organization in how they course correct. To have so many green and red projects is not as useful if they don\u2019t articulate what makes something yellow and what is process for improving health of the project.\u201dnnYork said GSA will continue to iterate the dashboard after the initial launch, including offering an advanced version for agencies using Technology Business Management (TBM) framework and other data."}};

Best listening experience is on Chrome, Firefox or Safari. Subscribe to Federal Drive’s daily audio interviews on Apple Podcasts or PodcastOne.

Now that President Joe Biden delivered the State of the Union, the next shoe to drop will be his fiscal 2023 budget request.

When that happens in the coming weeks, the General Services Administration will make a quieter, but possibly more impactful splash of its own.

GSA is ready to launch an updated and revamped Federal IT Dashboard.

Dan York, the director of data transparency for Office of Governmentwide Policy at GSA, said this will be the first major change to the portal since the Office of Management and Budget released it in 2009.

Dan York is the director of data transparency for Office of Governmentwide Policy at GSA.

“We went ahead and actually split it up. We split up the back end data input from agency facing [and] from the public consumption, the external facing. So it’ll wind up being two applications. The public will only ever see the one,” York said on Ask the CIO. “But behind the scenes, there’ll be two. The IT Collect API, which will be agency-facing API-only application that is the data ingester. Then the front end will be the visualization platform, which what the public will know is the Federal IT Dashboard. When they go to ITdashboard.gov, you’ll see all the pretty pictures that the visualization platform has to offer.”

York said the new portal will follow the best practices in terms development as outlined by the U.S. Digital Services. It will use web standards, ensure 508 accessibility compliance and it should be easier to navigate, have a much improved search capability and an advanced search capability that lets users type in a keyword and then filter down by agency or by cost or by CIO rating, or whatever they want.

“If you don’t know quite what you’re looking for, but you want to see more about a thing, you can search the whole federal government’s IT portfolio for a couple of keywords and filter down to interactive visualizations. There’s the agency analysis pages that will allow the user to select data points within a set that they want to see, and which agencies they want to see the data for and then toggle on and off,” he said. “You can also create some custom visualizations or custom data sets within a range. We’re hoping it will be of great value as users will have the ability to access the data directly because we will post the API publicly.”

York added the broad goal is to make the data that the government already collects more available, more transparent, more visible and, hopefully, a little more ingestible.

An end to the data debate?

Over the years, the complaints about the IT Dashboard have mostly centered on the data, particularly the accuracy and timeliness. The Government Accountability Office and OMB sparred over the data because of OMB’s decision to withhold updates until the annual budget is made public. GAO previously said that hurt the overall effectiveness of the tool.

York said GSA hopes the new dashboard will solve some of these challenges because the previous portal basically froze during the months around annual budget process development.

“The new IT dashboard will allow agencies and OMB to more regularly update the site and allow the public to see that data,” he said. “As opposed to submitting your whole Exhibit 53 like they do now, they can send an update for just the thing that needs to be corrected or just the part that needs to be updated. Then the public can see those updates over time.”

GSA developed the new dashboard after receiving $3.5 million in the fiscal 2020 Defense authorization bill, which was part of the Office of Management and Budget’s plan to move the control and management of the dashboard to GSA.

“We spent the next year, 2021, both keeping the legacy site going and making sure it can still do its function and accepting submissions as well as planning and developing the new site. Then in 2022, we’ll be releasing the new site to the public and turning off the old one,” York said. “The most direct impact to the public will probably start in mid-March when the new site is launched.”

OMB added minor updates

The new Federal IT Dashboard will replace the one OMB launched in 2009 during the early days of the Obama administration. Over the next 12 years, OMB made some minor updates, but many believed a facelift was more than necessary.

Kris Rowley, the former chief data officer at GSA, said the dashboard is important to ensure there is transparency for IT organizations across government.

“From what I can tell, it will be more visually appealing and offer more ways to slice and dice the data,” said Rowley, who now is the chief data officer at the Conference of State Bank Supervisors. “It hopefully will give users multiple ways to see and consume data. The fact they are modernizing to use an application programming interface (API) for data collections is huge step forward. I imagine with all agencies trying to develop data standards, that had to be challenging.”

Rowley said by improving the overall visualization approach, the dashboard should be more customer friendly, whether those customers are agency CIOs or other executives, or the general public.

“If their target is to be able to make this information more consumable, they are doing the right thing. It’s knowing your audience, and that is hard,” he said. “When it started, remember it was all pie charts. There are better ways to provide information today.”

York said GSA took an agile, customer-centric approach to the upgrade.

“It was really meeting with our stakeholders and customers, testing wireframes, testing new user acceptance testing, bringing the feedback back to the developer and making changes,” he said. “We identified three primary user groups of agencies, OMB, even different factions within themselves, which is the management side and the budget side, as well as GAO. We went through wireframes with these three different user groups and various sessions. We built the wireframes into a test site and they tested it, and then we iterated on that.”

When new Federal IT Dashboard goes live soon after the White House releases President Joe Biden’s 2023 budget request, it will feature mostly capital planning and investment control (CPIC) data.

Streamlining data transparency

But York said GSA is working with OMB and agencies to identify additional data sets to add over time and connect to as a way to provide a more complete picture of federal IT spending.

“I should mention that we don’t we don’t want to be the one system to rule them all. You don’t need one dashboard that has every possible data set you could ever imagine. We do want to be the place where you can go and if we have the data great, if we don’t, we can show you where it is,” he said. “The data that we can ingest via API and display is great, otherwise hopefully we can streamline the transparency efforts more broadly.”

Rowley said he is most interested in seeing the criteria for the CIO ratings of projects using the green, yellow and red criteria.

“Identifying the risk factors that make something yellow is hard, and how do they report it publicly and how do they articulate that it’s yellow? Are they going to put information out that for how they will course correct?” he said. “Too often projects go from green to red, but yellow is critical to how you course correct. It also tells you a lot about the IT organization in how they course correct. To have so many green and red projects is not as useful if they don’t articulate what makes something yellow and what is process for improving health of the project.”

York said GSA will continue to iterate the dashboard after the initial launch, including offering an advanced version for agencies using Technology Business Management (TBM) framework and other data.

]]>
https://federalnewsnetwork.com/ask-the-cio/2022/03/two-year-effort-to-upgrade-federal-it-dashboard-almost-complete/feed/ 0