The head of the General Services Administration’s Technology Transformation Service tried to allay any lingering concerns about the management and oversight at 18F.
Rob Cook, the commissioner of TTS, said most, if not all, of the six recommendations GSA’s inspector general made in the recent critical report on the digital services organization were implemented.
“We really appreciate the role of the IG and the importance of this individual audit. The findings are valuable. The IG gave us a heads up last summer with a management alert and that was good,” Cook said in an interview with Federal News Radio. “The report covers a period of a year ago and since then we’ve made a lot of changes in the way we work.”
Cook, who joined TTS in October, said TTS leadership—Dave Shive, the GSA chief information officer and acting TTS commissioner last fall—has been leading an effort to emphasize and focus on doing a better job of following the policies and regulations of the agency and of the government.
The issue of following federal policies, regulations and laws has been the trend among two IG reports on 18F. The most recent report on Feb. 21 found management and oversight failures in meeting the IT and cybersecurity standards and policies at GSA. In October, auditors found 18F disregarded acquisition, hiring and financial management rules.
Cook emphasized that these events took place more than a year ago and 18F is a much different place today.
“We certainly take the report seriously,” he said. “We are a group charging against the boundaries of government, and we will not stop doing that. We just have to do it in smarter way.”
Cook said the smarter approach means instead of trying to get around or ignoring policies or regulations that may cause inefficiencies or barriers, they will try to change them.
“We have a renewed emphasis on that. If we go find policies that are in the way and we work to change them, then everyone benefits from that There is an appreciation that this is important for us to do and take this seriously,” he said. “We also have a renewed emphasis on creating partnerships with other parts of GSA. I have a long history of working with other functions and appreciate the value. This is a start-up level set of issues.”
David Zvenyach, the acting executive director of 18F, said in an email to staff on Feb. 21 that the organization has made “major changes” to how it operates and ensure proper compliance.
“Additionally, 18F engagement managers will be proactively reaching out to their agency partners regarding the report,” Zvenyach wrote in the email obtained by Federal News Radio. “For those of you who may be new to government, this whole process is normal and part of doing business. In fact, it’s a positive thing that the IG reviews our practices and policies, as good checks and balances are integral to our ability to deliver quality work to our agency partners and value to the American public.”
While Cook wasn’t dismissive of the IG’s report, he was quick to explain the difference between the problems in the report and the cyber approach 18F has been taking.
He said the most recent IG report is mainly about compliance of IT regulations rather than on security vulnerabilities.
“We take security very seriously and we are not aware of any data personal information that has been lost,” Cook said. “On the compliance side, we understand better the importance of that. We are working closely with GSA’s IT and CIO’s office and looping them in more to make sure we are getting it right.”
Cook would not attribute the compliance problems at 18F to a culture issue. He said there has been a shift in the recognition that complying with policies and regulations is important.