Best listening experience is on Chrome, Firefox or Safari. Subscribe to Federal Drive’s daily audio interviews on Apple Podcasts or PodcastOne.

The government hasn’t had a permanent chief financial officer, or in government talk, a controller, for more than two years.

Dave Mader, now at Deloitte, was the last person to hold the title of Office of Management and Budget controller and he left in January 2017.

The Trump administration is now considering its nominee, Fred Nutt, who had been waiting since September 2017 for Senate confirmation, for another position in the government, according to a senior administration official.

This means the administration will be three years old before it has a permanent CFO.

A Senate Homeland Security and Government Affairs Committee staff member said Nutt never received a vote in the full Senate because there were concerns about his qualifications. The aide offered no further details about the concerns. The committee held Nutt’s confirmation hearing in May 2018.

And like I said with the administrator of the Office of Federal Procurement Policy last summer, and the Federal Chief Information Officer before that, Where art thou, OMB controller?

“Not having a controller has a very negative effect when it lasts so long,” said Mark Reger, who worked in the federal financial management community for more than 40 years. “The controller is the financial community’s window into Congress. If Congress wants to know what’s going in the financial management community, the controller is intimately involved in issues, develops a relationship and fosters better communications and understanding, especially in these times when we want to do things differently and we have great opportunities to streamline, gain efficiency and combine operations. Right now, we don’t have that advocate. We just miss that advocate.”

The controller’s role is even more significant when you consider that nearly every initiative under the President’s Management Agenda has a financial component to it.

These include the obvious ones like getting payments right or federal IT spending transparency, but there also ones like moving from low-value to high value work where so much of that work is being done in the financial management community through robotics process automation (RPA) at places like the General Services Administration and the Department of Housing and Urban Development, or sharing quality services, where key milestones are around things like payroll modernization and other back-office functions.

“The PMA is one of the best ones in terms of what it covers and I’ve been impressed with Margaret Weichert’s leadership. But I would like to see more about financial management in the PMA. It’s heavy on IT and other areas,” said one federal financial management official, who requested anonymity because they didn’t get permission to speak to the press. “What the financial management community has done is the Treasury’s vision for financial management and that has filled one gap. But it’s not ideal to have that vacancy open for so long.”

Treasury released that document in August seeking to improve federal financial management across four areas.

Another federal financial management official said the CFO community is tightly coordinated and understands the path it must follow.

Is the OMB controller even necessary anymore?

So that leads us to the question of whether a Senate-confirmed controller is even needed anymore?

Similar to what I heard from the procurement community, federal financial management experts say there are definitely things having a Senate confirmed controller helps with, but CFOs and deputy CFOs know what they have to do to get the job done and move things forward.

Experts praised deputy OMB controller Tim Soltis for both is leadership and accessibility to the community.

“Tim has been an invaluable asset to not only OMB but also to the entire government financial management community. In the absence of a controller, Tim has stepped in to fill both the role of controller and deputy controller of OMB,” said Ann Ebberts, CEO of the Association of Government Accountants. “There is a lot going on and he’s bound to be pulled in multiple directions to fulfill the needs of both roles. He does a great job at balancing the external and internal demands of the job, but I do remember in prior administrations both controller and deputy controller being extremely busy working with other CFOs across the government to push new initiatives in financial management.”

Reger said while Nutt, serving as a senior advisor to the OMB director, can participate in meetings and can influence priorities and plans, he can’t, however, draw people together, be the public face of the financial management community or lead the CFO community like a permanent controller would be able to.

“CIOs are making great progress, but other administration initiatives containing cost, about being more efficient, federal financial people have lot of information that can help with that,” Reger said. “I’m not sure how well those things being married because there is no controller to help direct, coordinate and foster those changes. I don’t see it as a position that particularly effects the day-to-day operations of the government, but it’s a position that effects directional things, enforces and encourages change, and puts the initiatives in the face of people. The financial community acts well when asked to do something, but they need a leader.”

Move out of the compliance mindset

The first federal financial management executive said having that leadership in the community would be especially critical right now.

“There is a big opportunity for us to get away from being so heavy on compliance by using innovative technologies. We need to define what high-value work is for the financial management community and that’s where the controller position is pivotal,” the executive said. “Now more than ever, a federal CFO is needed. We need that leadership to take the community to the next level. Right now we are a little too heavy on compliance and not doing enough to emphasize the value that a strong controller could bring.”

Add to the need for a leader becomes more critical now that the Government Accountability Office is performing a review of the CFO Act of 1990.

“As part of our study, we are seeking information from the CFOs and deputy CFOs of federal agencies to assist us in obtaining information on progress in federal financial management as we approach the 30th year anniversary of the CFO Act and in identifying challenges and leading practices,” the GAO letter to the financial community states, which Federal News Network obtained.

And to take this discussion one step further, the lack of permanent CFOs across the agencies is dramatic.

Of the 24 CFO Act agencies, at least six agencies don’t have permanent CFOs.

AGA’s Ebberts said the lack of permanent CFOs across the government is as big of a problem as not having a permanent controller.

So the question comes back to whether the Trump administration will comprehend the importance of the OMB controller and get someone in place before 2020, or will it continue to under estimate the impact and critical role this and other management positions play in making the government run well?

Forgive me for a minute while I play a little semantics. What does the term “best-in-class contracts” really mean?

If you are NASA and your SEWP contract is “best-in-class” does that mean the rest of your contracts are, say, “worst-in-class” or “meh-in-class?”

I bring this up now because the new category management memo from the Office of Management and Budget strongly encourages agencies to use “best-in-class” contracts to help meet the initiative’s goals.

Among the things OMB told agencies to do is: “Annually establish plans to reduce unaligned spend and increase the use of BIC solutions for common goods and services, consistent with small business and other statutory socioeconomic responsibilities.”

Additionally through the President’s Management Agenda, OMB is setting specific spending goals for each agency to use those vehicles like NASA SEWP or the General Services Administration’s enterprise infrastructure solutions (EIS) contract.

“The BIC goal is a reflection of the many benefits that have been realized from increasing the visibility and use of model contract solutions – including billions in cost avoidance aided by reduced contract duplication for identical products at wide price variations, increased use of common specifications, and greater reliance on government and industry best practices,” the memo states.

There currently are 38 BICs, including 25 that GSA runs, ranging from IT services to IT products to leasing cars to booking hotel rooms to body armor to hearing aids.

Several are duplicates, including four different “best-in-class” contracts for IT products and seven for IT services as well as seven BICs that OMB decided were “mandatory.”

OMB put out a definition of “best-in-class” when the term first came up a few years ago. Best-in-class criteria is:

• Rigorous requirements definitions and planning processes
• Appropriate pricing strategies
• Data-driven strategies to change buying and consumption behavior (i.e., demand management)
• Category and performance management strategies
• Independently validated reviews

I — and real procurement experts — contend that the term “best-in-class” in-and-of itself is problematic for many reasons.

“What are you buying when you use a BIC?” Roger Waldron, president of the Coalition for Government Procurement and host of the Federal News Network podcast Off the Shelf, asked. “The use of BIC is confusing for contracting officers. The Federal Acquisition Regulations have priorities already, and this is another way to articulate priorities? The language around BIC, I think, sends the wrong message. A single agency contract might provide better outcomes than a governmentwide vehicle or vice versa. So much of this really depends on the agency’s mission and what they are trying to accomplish through the procurement action.”

And even OMB admits the definition could be improved.

“Initial designations of BIC contracts have been based largely on demonstrated use of strong contract management strategies. Designations will become more outcome-based as prices paid, performance and other information about agency vehicles within a given category becomes more readily available,” OMB writes in a footnote of the memo.

Same mistakes as strategic sourcing?

Larry Allen, president of Allen Federal Business Partners, took the question about “best-in-class” one step further, asking if the use of BIC is an attempt to reduce the supplier base, similarly to what started as strategic sourcing and eventually turned into category management.

“If you follow logic of the memo, it will result in a reduced supplier base in the federal market. What you are really talking about is reducing channels for acquisition and reducing the lanes where contractors have to supply services and products,” he said. “Just like there are winners and losers when bidding on acquisition vehicles there will be winners and losers among contractors because of the BIC designation. The administration has to be okay with that.”

In the memo, OMB was clear about giving agencies flexibility to consider BIC contracts first and then others as needed to meet small business or other mission-related goals.

But experts warn that aggregation of contracts around this term “best-in-class” could lead to unintended consequences like what happened with strategic sourcing where the office supplies industrial base dropped by 24 percent over six years.

“If the goals of category management is to buy smarter through the use of preexisting vehicles, then those are all good goals and things industry shares and are worth pursuing. The question still gets to process and how the government should go about buying smarter,” Waldron said. “How does that translate into requirements development? I’m not sure it does. Perhaps BIC should be a concept around requirements development where OMB is identifying organizations and processes that deliver sound requirements development. I think getting to that fundamental level is where BIC should evolve to at some point.”

Without a doubt category management is evolving. The thinking behind this concept initially was governmentwide strategic sourcing, which failed under the office supplies effort and had limited other successes around wireless and desktop/laptops bulk purchases.

Over the last few years, OMB brought in the concepts of spend under management (SUM), addressing inefficient buying methods and finally workforce development—all areas where OMB provides agencies with new goals around in the memo.

Memo replaces the 2016 circular

The new category management policy was more than a year in the making. The Trump administration is putting its mark on the initiative that started in 2014 with a series of pilots.

At one point, the Obama administration wanted to make category management a circular so it would be more institutionalized than just a memo. But that draft circular never got any legs in the Trump administration.

This memo, for all intents-and-purposes, replaces that circular and carries with it many of the same goals.

“Teams of experts in each category of spending help agencies increase their use of common contract solutions and practices and bring decentralized spending into alignment with organized agency- and government-level spending strategies by sharing market intelligence, government and industry best practices, prices paid data, and other information to facilitate informed buying decisions,” the policy states. “This memorandum is designed to build on these activities in order to help the government buy as a coordinated enterprise and avoid the waste associated with duplicative contract actions.”

OMB is hosting a question and answer session this Thursday on the new memo and category management with industry.

Jack Coley, president and CEO of Coley and Associates, which consults with small businesses on government contracting, said while he doesn’t have too much concern about the term “best-in-class;” the potential impact on small businesses is similar to that of strategic sourcing.

“Under the Office Supplies 3 vehicle, GSA was able to claim and did meet all small business and socio-economic goals, but tens of millions of dollars went to only a limited number of small businesses. We saw a number of small businesses going out of business who were doing well before getting shutout of strategic sourcing,” Coley said in an interview with Federal News Network. “My concern is that any effort by the government that starts to consolidate spending like category management using BIC contracts, what they are going to do to ensure they aren’t just funneling contracts to fewer and fewer small businesses. That will limit the number of small businesses available, which will negatively impact bringing new and innovative solutions to the government.”

Coley said OMB needs to improve how it defines what common goods are and services as well as what is threshold for a common good or service.

“It’s like the definition of a commodity, are we talking about something like printing paper or pens, if so, buying them on lowest price is fine. But when you get to services and solutions, those need to be defined clearly as what’s commodity,” he said. “I know they have category definitions for many of these services and products, but not everything fits into the category nice and clean, and agencies need some flexibility to create their own contracts.”

Hard to commoditize services

Give credit to OMB for recognizing the one-size-fits all approach of the previous administration doesn’t work.

In the memo, OMB told agencies that they still must meet their statutory small business goals and that the agency’s Office of Small and Disadvantaged Business Utilization (OSDBU) should use the small business dashboard and other information to help the agency achieve the best balance of BIC, governmentwide, agencywide and local contracts.

Additionally, agencies must develop a vendor management plan that includes pre-award and post-award strategies as well as a communication plan.

The bigger question is how OMB will hold agencies accountable. The latest data on category management shows agencies achieved several goals last year, including exceeding governmentwide goals around spend under management, using BICs and cumulative cost avoidance through more efficient buying.

Another big question is the prices paid portal and the inherent problems that comes with creating such as database and promoting widespread use.

Coley said data leakage is especially concerning particularly around proprietary information for vendors.

Allen tagged back to the Coley’s concerns around commoditization of services and no two purchases are exactly alike.

“This memo and this decision making process does raise questions about whether or not we are regulating by memo. Much of what’s going on here was articulated in circular back end of last administration and we continue to have questions that we raised back then,” Waldron said. “At the core of one of those questions is whether this type of micro management of agency procurement is consistent with the Office of Federal Procurement Policy Act and administrative authority. Asking to give comments before issuing memos is a fair thing to ask for, especially on something that directly impacts contractors and frames their opportunities to bid and win work. OMB should’ve put the memo out for comment first.”

At first glance, the Technology Modernization Fund Board’s $20.7 million loan to the General Services Administration made perfect sense. GSA’s proposal to modernize its federal payroll system checked off many of the boxes the board was looking for — updating legacy IT and processes, improving a shared service and addressing a high-value program that others could learn and benefit from.

But when you dig a little deeper into the board’s decision to lend GSA money that by law they have to pay back, it seems as though something bigger and possibly more disruptive is at play.

Industry and former government officials said all signs point to the Office of Management and Budget consolidating several existing federal payroll providers either into GSA or through the use of quality service management offices through GSA.

Experts said the fact is GSA can only pay the loan back through a limited number of ways:

• Fewer people
• Greater IT efficiencies
• More customers

And many also said it’s only through the third option that GSA can attain the savings necessary to pay back almost $21 million over the next five years.

“I think it will be major consolidation of payroll providers in civilian market because I’m not sure how you go any other way,” a former federal official with knowledge of payroll and shared services, who requested anonymity because they didn’t get permission to speak to the press, said. “I could see either a movement of agencies onto a new platform or GSA is going to contract with companies A and B and set up these platforms and agencies are going to move to it and then charge agencies a fee. The fee usually is per head for all processing, and that would create a revenue stream to include a payback percentage for the TMF loan. They clearly cannot take it from appropriated funds or the revolving funds at GSA. So to pay back the loan it’s either through more customers or fewer people, so it very much looks like consolidation of payroll providers.”

GSA did not respond to repeated requests for details on how it plans to pay back the TMF loan or what are its plans for NewPay.

A senior administration official said in an email to Federal News Network that GSA submitted its proposal last summer to the TMF Board to help with the implementation of NewPay.

“As was evidenced during the lapse, the current complexity of the payroll environment showcased a critical need for modernization. We hope to apply the success of the NewPay program across the government and to other payroll providers,” the official said. “For many years agencies have been directed to develop strategic plans regarding specific common administrative functions. As agencies continuously evaluate performance, security and status of their current solutions for these functions, they will consider more modern solutions as part of their individual strategic planning processes. In the example of payroll, accelerating the availability of modern payroll solutions through NewPay will provide more timely solution alternatives for consideration.”

Margaret Weichert, the deputy director for management at OMB and acting Office of Personnel Management director, said in an interview with Federal News Network it’s too early to know exactly how many payroll providers will exist in the end, but it will be fewer than the four today.

“There are agencies today who provide services that don’t want to be in that business and want to focus on that mission. So GSA, their core mission is to support others in government,” Weichert said. “NewPay is an absolute priority. The proof will be in the pudding in terms of how quickly and how effectively we can roll out the new program before I can answer the final question about how many.”

Draft RFI for payroll modernization

Another industry source highlighted a potential fourth way GSA could pay the money back, which is through appropriations.

A little known provision in the Modernizing Government Technology (MGT) Act lets agencies restructure their appropriations requests.

The law states, “An agency may reduce out-year budget requests in existing IT accounts and restructure the agency’s request to instead include an appropriations request in the IT WCF that will then be used to repay the TMF.”

Of course that approach may not be too popular with folks on Capitol Hill given Reps. Will Hurd (R-Texas) and Gerry Connolly (D-Va.) push to save money and use it for IT modernization efforts.

This theory of consolidation is underscored in the recent draft request for information GSA issued to the two teams of payroll modernization providers under the $2.5 billion blanket purchase agreement it awarded in September.

The draft RFI to the two teams, which Federal News Network obtained, states a potential forthcoming task order would be limited to “GSA and a component of a second shared service provider, to be identified. The scope of this acquisition is to migrate federal employees from the agencies…to modern, secure, cost-effective SaaS solutions.”

Later on in the RFI, the consolidation plan becomes clearer with GSA asking for services ranging from its 21,000 customers up to hundreds of thousands of customers.

“The contractor shall provide approximately 300,000 Integrated Payroll and WSLM software-as-a-service subscription for a to-be identified SSP and its customers,” the RFI states.

GSA only has about 21,000 customers under its payroll and time-and-attendance services, meaning the other 279,000 customers must come from one of two places: The National Finance Center at the Agriculture Department or the Interior Business Center. NFC currently serves more than 600,000 federal employees, while IBC serves about 150 large and small agencies.

NFC bracing for change

An industry source familiar with the NFC said the shared services provider has been bracing for big changes over the last six months.

“The NFC has been under a hiring freeze of sorts. It may not be official, but they haven’t been able to fill open positions and there is a feeling that the NFC as they know it is going away,” the industry source said. “If you just changed the NFC’s reporting structure, but it still continues to be NFC, I don’t think it’s a big deal. But it could take five to 10 years to move into NewPay based on the current complexities of the system that is run on mainframes and serves more than 100 different types of payroll functions.”

This source and others said the most likely first step of consolidation is through the quality service management organization approach outlined in the President’s Management Agenda, which also would give GSA additional revenue to pay back the TMF loan.

“GSA could charge NFC or IBC for those NewPay services and act as a third party of sort,” the source said.

Another industry source, who also requested anonymity because their current company is involved in federal shared services, said a good way to describe the QSM approach is IBC or NFC would be subcontractors to GSA, which is acting as the prime contractor with the NewPay vendors.

“I don’t know if the end game is consolidation, but they have to get started someplace and this hub-and-spoke model where IBC will still be part of Interior or NFC will still be part of Agriculture, but they will work closely with GSA,” the third industry source said. “Historically, no one has owned oversight over the federal shared service providers. The agency CFOs didn’t want them. They were orphans in some sense. This new model at GSA gives them a home where they can work together to improve.”

To that end, Hill and government sources confirmed the Office of Management and Budget is expected to issue a new shared services memo in the coming month or so that details this QSM strategy.

A Hill source said the memo also coincides with IBC, NFC, the Defense Financial Accounting Service and GSA had to submit plans in 2018 for how they would improve their shared service offerings through NewPay.

More than $20M requested for modernization

And add to that, the 2020 budget request that went to Capitol Hill earlier this month, IBC and NFC asked for money to modernize their payroll services.

USDA asked Congress for an increase of $7.5 million in 2020 “to begin to transition USDA employee payroll accounts from the current legacy system to the NewPay system, which will be more user friendly, improve data security, and save future costs.”

Interior, meanwhile, requested $12.5 million “to support implementation planning and transition activities for the governmentwide payroll and Work Schedule and Leave Management modernization initiative entitled NewPay.”

This takes us back to the TMF loan. GSA’s request for any extra funding for NewPay in 2020 is unclear.

“The request includes $5.2 million to support agency reform priorities including the OPM transition and the NewPay million to support initiative, offset by a decrease in the working capital fund contribution,” GSA budget justification states. “OPM and GSA will be one of the first agencies to join under the blanket purchase agreement in FY 2019, which will start the configuration phase of NewPay, followed by migrations scheduled for FY 2020.”

But how much of that $5.2 million is for going for NewPay isn’t known, and even if a majority of it goes to NewPay, it will not provide for enough efficiencies to pay back the $20.9 million loan.

Now add to the fact that GSA states in the budget document that each of the payroll shared service providers will migrate “at least one agency (approximately 10,000 employees) to the new platform, and adoption of a Talent Management suite by four agencies.”

It becomes clearer that GSA will pay back the TMF loan through the management of the QSM organizations.

The irony in all of this is GSA got out of the financial management line of business services business in 2015, moving its financial management solution to USDA, and it wanted to stop providing human resources services in 2013. Now through the QSMs, it looks like GSA is getting deeper into providing these services and managing the future of shared services both at the tactical and operational levels.

“GSA will leverage the new-shared service model that focuses on data standardization, modernization and security into service offerings. This will benefit the American people by transitioning government back office operations to modern technology, reducing costs and risk, and leveraging commercial best practice,” GSA states in its budget justification.

Experts said there are definite concerns about consolidating to one major payroll provider for civilian agencies as DFAS and the State Department — the other two providers — will continue to serve their specific customer bases.

But at the same time, GSA has to get started because no one argues that federal payroll systems are working well.

“To move 2 million accounts and move it in a way that no one can screw it up will take five or six years. So the TMF giving them the ability to get started now as opposed to waiting for the 2020 or 2021 budget is good, but I don’t know how far $21 million will go,” one industry source said. “I know people are concerned about the change, but when I look at the physical placement of the providers, it makes sense they are and continue to be distributed in different parts of the country. This is for a number of reasons including for continuity of operations and for workforce considerations because you can over-saturate an area in terms of finding workers. So the QSM is an ideal model in many ways.”

Best listening experience is on Chrome, Firefox or Safari. Subscribe to Federal Drive’s daily audio interviews on Apple Podcasts or PodcastOne.

The news that CenturyLink passed the last major hurdle to begin offering services under the $50 billion Enterprise Infrastructure Solutions (EIS) contract isn’t necessarily going to set off a tidal wave of solicitations from agencies.

CenturyLink is the first vendor to receive its authority to operate for its business systems, meaning it can accept and process task orders or service orders, provision or deliver services and bill for services. Other incumbent vendors such as Verizon and AT&T aren’t far behind, and the six other “new” companies should be completed in the coming month or two.

Until those vendors receive their ATOs, EIS will remain on a slow roll as agencies are hesitant, maybe even a little fearful of bid protests, to make awards until they feel like there is adequate competition.

“We can award before the ATOs are done, but we can’t execute the order until the ATOs are done. I think most organizations will wait until most or all the ATOs are done to award,” said one agency EIS transition executive, who requested anonymity because they didn’t get permission to speak to the press. “If you don’t wait for all nine vendors, there is a chance you will you go into a protest situation. I think there is some anxiety for how vendors will handle that. Some say only the incumbents have advantage in dealing with ATO, but I think that thinking is full of crap. All the vendors have known what the requirements are to get an ATO for years. But at the same time if I’m going to award, then I want to execute and not wait until there is an ATO because I’m still paying higher rates while I’m waiting for the approval.”

While this is only one expert’s opinion, others in and out of government believe most agencies will wait until the vendors have their ATOs, thus putting the General Services Administration’s March 31 deadline for agencies to release their EIS solicitations further in doubt.

As you may remember, GSA changed the transition timeline for agencies with the caveat of March 31 and Sept. 30 deadlines for releasing solicitations and making awards, respectively. GSA is extending the current Networx contract to May 2023.

“Agencies need to release their solicitations to industry and make timely task order awards so they can make the transition within the four-year window to modernize their IT infrastructure,” writes Bill Zielinski, the acting assistant commissioner in GSA’s Office of Information Technology Category in the Federal Acquisition Service, in a March 14 blog post. “To be clear, GSA intends to extend expiring telecommunications contracts so agencies have enough time to complete the transition and modernize, not to extend the time for the solicitation and task order award process. Agencies need to keep their foot on the gas to ensure they have time to transition their telecom services from their existing contracts and providers to EIS. For example, agencies should issue their solicitations to industry by March 31, 2019. If you don’t issue your solicitations to industry by this date, GSA may cease providing one of our transition support tools for solicitation development — the Transition Ordering Assistance program.”

Additionally, Zielinski said since the 35-day government shutdown didn’t impact most agencies, GSA is keeping to its schedule, but will work with agencies on a case-by-case basis if they need additional help or time.

Bob Woods, a former GSA telecommunications official and now president of Topside Consulting, said GSA should instill and agencies should have a sense of urgency into the entire EIS effort.

“Sometimes you have to create a crisis and that hasn’t happened yet,” Woods said at the recent Independent Telecommunications Pioneer Association (ITPA) lunch in Vienna, Virginia. “GSA has the tools to help agencies, but they can’t issue an edict. They tend to go through the Office of Management and Budget and/or the President’s Management Council (PMC). When the secretary or deputy secretary comes back and asks, ‘why are we behind?’ that’s brings the pressure and gets the attention on the transition.”

Multiple government sources involved in the transition say OMB hasn’t sent any memos, guidance or instructions related to EIS transition, and it hasn’t come up too often during CIO Council meetings.

“The last time for Networx, the communications were more frequent and more structured from OMB,” said another government official involved in EIS transition. “GSA, I think, is getting pushed really hard by OMB to meet the transition dates. GSA said it would work with agencies who are behind.”

And so far as of Jan. 31—the last time GSA updated the transition chart—large agencies released 25 out of an expected 104 solicitations. The Defense Department accounts for 58 out of those 104 total RFPs.

The medium-sized agencies are further behind with only 5 of 40 solicitations out to vendors.

“There is a tsunami of solicitations coming because you are taking Networx, Washington Interagency Telecommunications Services (WITS), the regional contracts and saying we will combine them all into EIS, and that creates the tsunami in-and-of itself. Then GSA is saying do it fast,” the second federal executive said. “Then there are the changes in terms of how GSA is able to handle ordering and billing of the services, which is not nearly as flexible from a workload standpoint than it was previously under Networx.”

The federal executive added their agency is having to hire more people and processing the orders and dealing with the billing will be more costly for the agency.

“I can’t say enough about how well it worked before and how efficient it was,” the executive said. “We are not sure how many more people we will need. We hope we can keep it to 10 people, but some of the estimates say it may be more than that. We previously had about three people doing the ordering and maybe two doing the billing, and we had a defined and automated workflow in with GSA’s workflow.”

The first executive said they expect their transition to EIS to take two years in part because they expect the provisioning of services to take longer due to the complexity of the EIS contract’s approach using task orders.

Experts also say whenever the tsunami of solicitations come out, vendors and GSA alike likely will be overwhelmed.

“Some of industry struggled on Networx to put together quality packages. It was a little embarrassing. We knew we couldn’t call them out and tell them the bids were horrible, but they weren’t good,” said the second executive. “We want everyone bidding, but we may not get that as vendors will have to make hard choices on which opportunities they will cherry pick.”

Quietly, two agencies are making moves in their chief information officer shops.

The Transportation Department didn’t wait long to fill its vacant CIO role, hiring Ryan Cote without much fanfare. Cote, who started Feb. 4, came to DOT from Gartner where he was an executive partner.

He replaces Vicki Hildebrand, who left in December after just over a year on the job.

While Transportation filled its role quickly, the State Department hasn’t had a permanent CIO for more than 15 months, and now its acting CIO, Karen Mummaw, is retiring in April.

Sources confirm to Federal News Network that Mummaw announced her plans to leave in February.

State hasn’t had a permanent CIO since Frontis Wiggins retired in December 2017, and may not until the Senate confirms State’s undersecretary of management nominee, Brian Bulatao, who has been stuck in the nomination process since July.

Cote comes to Transportation after spending four years in the Marines and then his entire career in the private sector. He worked as the CIO and senior vice president of IT at iForce, a staffing and recruiting company, and for IBM as a senior practice consultant.

As the DOT CIO, Cote likely is picking up where Hildebrand left off in reshaping how the agency uses technology through the nine BHAGs—big, hairy, audacious goals—that focused on everything from cybersecurity to shrinking the IT footprint to implementing intelligent software.

DOT has a $3.7 billion IT budget, with 78 percent of all projects are on schedule and 68 percent are on budget, according to the federal IT dashboard.

Among his biggest challenges will be to continue the partnership with the modal organizations, particularly the Federal Aviation Administration.

Over at State, Mummaw caps a 31-year career at State where she spent her first 10 years as part of the Foreign Service working in technology and telecommunications roles at various embassies around the world and has spent the next 21 years working at both headquarters and overseas as an IT executive.

During her tenure, Mummaw helped led State’s continued transformation to the cloud. State has two main goals as part of its modernization plan: the centralization of back-office or commodity IT and consuming IT-as-a-service.

State still faces several challenges with its $2.2 billion IT budget, of which Mummaw’s office controls only about $725 million. The federal IT dashboard says 84 percent of State’s projects are on schedule, but only 52 percent are on budget. Additionally, State continues to recover from a recent breach of its unclassified email system.

CIA, NIST put out help wanted signs

The National Institute of Standards and Technology and the CIA also are looking for new CIOs. NIST posted a job opening on USAJobs.gov in late February. Resumes are due March 27.

The CIA announced its CIO, John Edwards, received a promotion to be the deputy chief operating officer. On March 19, the agency named Juliane Gallina, a former CIA officer currently at IBM, as its new CIO.

She will start April 1.

Gallina served as a naval officer with a specialization in cryptology and information warfare. In 2013, she retired from the Navy (Reserve) as a commander. Gallina graduated with honors from the U.S. Naval Academy in 1992. She graduated from the Naval Postgraduate School in 1998 with a Masters Degree in Space Systems. She earned a Masters Degree in Electrical Engineering from George Washington University in 2006

NextGov first reported the CIA’s hiring of Gallina.

Edwards has been the CIA CIO since March 2016 and served 14 years as a communications and technical operations officer within the Directorate of Science and Technology (DS&T) and five years serving as the chief of staff to the CIA’s executive director.

During his tenure, Edwards led the CIA’s move into the commercial cloud hosted by Amazon Web Services, and making it a part of the broader intelligence community IT modernization effort.

Additionally, he implemented what he has called a “franchise” model for IT where CIA offices must adhere to a strict set of standards and security requirements, but are able to operate their own IT infrastructures.

Among his long-term priorities, Edwards focused on mobility, interoperability, data management and ensuring capabilities at the edge.

Additionally, the Government Accountability Office is looking for a chief data scientist, the Agriculture Department’s Agriculture Research Service is looking for an assistant CIO to run its technology efforts, and Washington Headquarters Services in the Defense Department is seeking a new CIO.

Finally, Somer Smith is the new permanent chief of staff for Federal CIO Suzette Kent. She had been acting chief of staff since August.

Smith had been a performance analyst for the Office of Management and Budget since August 2017.

This also means OMB is hiring a new supervisory policy analyst.

“The position performs duties related to IT reform efforts, consistent with the Information Technology Oversight and Reform (ITOR) fund. Additionally, the incumbent will collaborate with agencies and policy teams in terms of the CIO Act, cyber policy initiatives, Evidence Based Policy and relevant executive orders,” the job listing states.

A single tweet on Thursday about something Rep. Will Hurd (R-Texas) said at the IBM ThinkGov event in Washington, D.C. created quite a bit of discussion and debate.

Hurd said he’d like to see the government be able to complete a security clearance in a week instead of six months or, in many cases, more than a year.

We should be able to do a security clearance in 1 week. Why are we doing security clearance the same way as we did 100 years ago? asks @HurdOnTheHill Received an applause from #THINKGOV2019 crowd

— Jason Miller (@jmillerWFED) March 14, 2019

 

“Why does it take 10 months? Does talking to my neighbor who lived next to me 10 years ago have a better idea of me versus what I’ve clicked on over the past few weeks?” Hurd asked. “Why are we doing security clearances the same way as we did 100 years ago? We should be able to do a security clearance in one week. If you do that, you must make sure people [they’re] collaborating with in the private sector have the ability to share information.”

That single comment and ensuing tweet opened a torrent of frustration about the security clearance process that, while the feelings aren’t new, contractors and agencies seem to be getting less patient with the government’s efforts.

It’s not like the last three administrations haven’t recognized this problem, trying an assortment of approaches. The most recent statistics show progress against the backlog, which is a good sign, but far from a fix.

The National Background Investigations Bureau said the number of pending investigative matters stands at 542,000, down from 725,000 a year ago.

The Trump administration is transferring the NBIB to the Defense Security Service any day now, an executive order has been stuck in the ubiquitous “soon” of government talk for what seems like six months.

At the same time, agencies from the Air Force to the Office of the Director for National Intelligence to the Defense Information Systems Agency are testing new approaches or fixing the technology to accelerate the security clearance process but not lose any rigor.

The Air Force, for example, worked with the NBIB to establish temporary centralized interview hubs at 11 key locations where there is a high concentration of investigator case work and the mission in those areas needs immediate relief. Hubs are areas where security clearance interviews can take place without requiring someone to go to Washington to be vetted.

ODNI started to use a continuous evaluation approach in 2017 to supplement and enhance the current process, but not replace it.

While these two examples show change is possible, Hurd wants to transform the security clearance process even more quickly.

“I’ve had some conversations with smart people in the government about whether we can do a pilot project to try to streamline this process, and do it alongside people who already are getting their clearances to see if we can make it work,” Hurd, who became member of the Intelligence committee this session, said in an interview after his speech. “When I look at my initiative on the cyber national guard, one of the things that is getting in the way is the security clearance process.”

Hurd said the arduous clearance process impacts many of the issues he works on, which is why the he asked whether a week to get a security clearance is possible.

“My goal and my time will be spent on going out there to figure out a test case to do this and let’s introduce this,” he said.

Public, transparent standards needed

Hurd’s comments came as two other initiatives — one on Capitol Hill and the other from the Defense Department — kicked off to put more focus on security clearances.

Sens. Mark Warner (D-Va.) and Susan Collins (R-Maine) introduced the Integrity in Security Clearance Determinations Act to “ensure that the security clearance process is fair, objective, transparent, and accountable by requiring decisions to grant, deny or revoke clearances to be based on published criteria. It explicitly prohibits the executive branch from revoking security clearances based on the exercise of constitutional rights, such as the right to freely express political views, or for purposes of political retaliation. It also bans agencies from using security clearances to punish whistleblowers or discriminate on the basis of sex, gender, religion, age, handicap, or national origin.”

Warner and Collins said the bill also lets federal employees appeal decisions to deny or revoke a security clearance, and requires agencies to be more accountable and transparent about the results of those appeals.

Finally, the bill would apply more rigor and accountability of to the process to prevent abuses.

“The security clearance system is critical to protecting our country from harm and safeguarding access to our secrets. Americans should have the utmost confidence in the integrity of the security clearance process,” Collins said in a press release. “This bipartisan bill would make the current system more fair and transparent by ensuring that decisions to grant, deny or revoke clearances are based solely on established adjudicative guidelines.”

A major reason why Collins and Warner introduced this bill can be traced back to the Trump administration’s handling of security clearances for the president’s son-in-law Jared Kushner as well as the administration’s decision to withdraw security clearances from former intelligence officials over political disagreements.

But if you take a step back from the big “p” politics of the bill, the move to continuous evaluation or using social media and other public information as part of the basis for a decision requires more transparency and accountability in the process.

And the need for transparency leads us to the second initiative around security clearances from last week. The Defense Digital Service released a request for white papers to collect ideas to develop a prototype for automated background and reviews.

DDS wants help transforming the process

“The Defense Digital Service (DDS), in coordination with OUSD(I), will direct the creation of a prototype system that successfully collects a subject’s information, executes a background investigation (with automated and manual parts), and records an adjudication decision,” the request states. “This prototype will require integration with a wide variety of U.S. government and commercial databases to verify the subject’s identity and background information. Development of the prototype will be rapid and agile in nature, fielding new functionality to users for feedback every two weeks.”

Questions are due March 19 and white papers are due March 26.

DDS said it eventually will award a nine-month contract worth no more than $5 million to a vendor to build the prototype system.

The DDS efforts come as DISA has been modernizing the current online background investigation form for the last nine months and has been working on new technology to support the security clearance process since 2016. DISA recently transferred the technology infrastructure and employees to the Defense Security Service in early March as part of the consolidation effort.

With all this attention, the administration must not only make progress, but communicate how the security clearance process is improving while not losing any rigor. The opaqueness of NBIB’s efforts over the last year — aside from a recent update from ODNI’s Bill Evanina — has undoubtedly led to the frustration we saw when Hurd’s comments were spread to a broader audience.

The Trump administration’s initiative to reskill and retrain federal workers is picking up steam.

Federal Chief Information Officers Suzette Kent announced last week that the Federal Cyber Reskilling Academy received more than 1,500 applications, of which half of the employees were GS-5 to GS-11s.

Federal Cyber Reskilling Academy applicants are completing assessments through the end of the day today and we look forward to having the inaugural class begin April 15th!

— Suzette Kent (@SuzetteKent45) March 1, 2019

Kent launched the academy in November to address the shortage of cybersecurity expertise across government through hands-on training. The first class is expected to hold 25 people who will be given a “cyber essentials” course, followed by four weeks of “follow-on learning, exercises and exams” over a four-month period.

At the same time, the Defense HR Activity issued a RFI for industry and other experts to submit white papers around six topics:

• An approach to talent acquisition, talent development, talent analytics and talent management.
• Describing software/technologies used to support talent acquisition, talent development, talent analytics and talent management.
• Using advance technologies such as machine learning, artificial intelligence, simulations, virtual advisors, interactive autonomous programs, mobile applications and gaming.
• Addressing Federal Risk Authorization and Management Program (FedRAMP) certifications, federal cloud computing, security and interoperability with existing federal IT systems.
• Approaches to career pathing, competency identification and management, job roles, progression models and management, workforce and succession management, position management, performance management.
• Providing operations and maintenance for software, mitigation and contingency operations.

“The key area of focus for this requirement is to gather information on industry best practices in the talent management and talent development arena and explore the new and future technology to support competency gap identification, employee re-skilling and agile workforce career management, while enacting best practices to elevate employee experience and engagement,” the RFI states.

Responses are due March 15.

The Defense HR Activity may be a part of the Trump administration’s broader effort to modernize the workforce, which is a key cross-agency priority goal under the President’s Management Agenda.

In December, the cross-agency goal leaders reported “OMB and the Office of Personnel Management are working with agencies to analyze workforce data and develop reskilling plans and test methods to reskill and redeploy existing federal talent. Interactive tools to assist executives, managers and employees are currently under development including a reshaping playbook, a reskilling toolkit and video vignettes featuring agency successful practices.”

Additionally, the goal leaders say agencies want better technology and automation tools to make career paths easier to understand for employees.

“Respondents noted that career paths have the potential to yield improved outcomes in recruitment, retention, succession planning, talent development and reskilling. An industry day is planned for January 2019 to engage leading private sector career-pathing providers to explore how to better serve agency and employee needs, preferably through an enterprise service available to all agencies,” the goal leaders write.

Additionally, the National Science Foundation launched a reskilling challenge soliciting prototypes that NSF — and later all of government — can use to match existing federal employees and their skills to other kinds of work.

Public and private sector experts say agencies can move thousands of people out of low-value work and use automation to make up for that work.

OMB estimated in 2018 that about five percent of all federal occupations could be automated entirely, while 60 percent of all occupations could have at least 30 percent of their work automated. Overall, OMB says 45 percent of all “total work activities” could be automated.

Deloitte’s Center for Government Insights found government has the potential to free up anywhere from 266 million hours to 1.1 billion hours a year by retraining employees and using automation.

The appetite and potential for federal employees to move into new fields, whether it’s cybersecurity, data science or many of the other emerging occupations is real. The administration shouldn’t waste this opportunity because of big “P” politics and reach out to House lawmakers and employee union officials. The reality is change is happening, it’s just a matter of how quickly it can come and if OMB and OPM aren’t inclusive and strategic about all of this potentially impactful and needed work, agencies either will be stuck manually inputting data into Excel spreadsheets or they will make change on their own, which tends miss the important point of moving everyone forward together.

The Homeland Security Department spends billions of dollars a year on technology products and services, and for much of the past 14 years through its EAGLE and FirstSource vehicles.

While Soraya Correa, DHS’ chief procurement officer, signaled a change in approach for the third version of EAGLE late last year, a new procurement notice details DHS’s plans.

“DHS spent several months collaborating across the information technology and procurement communities in identifying DHS’s IT priorities, evaluating the IT services requirements needed to support those priorities, and in establishing an overarching acquisition strategy that enables continued mission success,” Correa writes in a Feb. 27 notice. “EAGLE I and II have served their purpose. The department will not pursue a re-competition of EAGLE II. DHS will, however, continue to utilize EAGLE II until the expiration of its period of performance.”

Instead of version three of EAGLE, Correa said DHS will call its next step “EAGLE Next Gen,” where it will create a portfolio of DHS IT services contract vehicles with specialized, targeted scope in conjunction with balancing the use of existing governmentwide acquisition contracts (GWACs).

Correa said those GWACs include the General Services Administration’s Alliant 2, Alliant 2 Small Business, 8(a) STARS II and VETS 2, as well as the National Institutes of Health’s CIO-SP3 and CIO-SP3 Small Business.

Additionally, DHS plans to establish “a phased approach, DHS-specific contract which could include agile, cloud services, data center optimization, independent verification and validation and systems integration services.”

At the same time, Correa said DHS will decide by the end of March what the future holds for the FirstSource, IT products multiple award contract.

On the surface, the decision by DHS to move away from a duplicative indefinite delivery, indefinite quantity, multiple award IT services contract is a good thing. This is especially true given that GSA specifically designed Alliant 2 to be flexible enough to address current, emerging and future technologies and IT processes.

Contract duplication has long been a concern for the Office of Federal Procurement Policy. Two of the past three OFPP administrators attempted to address this issue, going as far as requiring a business case for any new multiple award contract worth more than $50 million over the life of the deal. The Obama administration also seemed to make some progress as Bloomberg Government found in 2017 that the number of MACs dropped by about 200 from 2012 to 2016.

More recently, OMB has pressed agencies to use governmentwide contracts designated “best-in-class” at GSA, NIH and NASA, and stop developing or renewing their own—we can save a discussion about what “best-in-class” really means for another time. The FBI, the Air Force and now DHS has committed to using GSA schedules or other vehicles.

But at the same time, Correa’s comments about creating DHS-specific contracts for what seems to be commodity IT services is disconcerting.

It will be interesting to see why Correa believes DHS needs its own contracts for things like agile, cloud and systems integration services. These services rely on the same basic concepts whether your agency’s mission is law enforcement, immigration or agriculture so the reason for DHS not to use these GWACs, GSA’s schedules, or other similar MACs from NASA and NIH should be telling about whether the message from the Office of Management and Budget about reducing duplication and taking advantage of the government’s size is truly getting through, or is DHS just pulling the wool over the federal market’s eyes?

The Federal Housing Finance Agency has faced six audit reports from its inspector general since 2015 highlighting a host of challenges ranging from governance to business functions to supervisory activities related to risk.

Basically, FHFA, which oversees Fannie Mae, Freddie Mac and the federal home loan bank system, has many of the same problems protecting its systems and data like most of its federal brethren.

This is why FHFA’s recent contract notice detailing a potential award to a small women-owned business stands out. FHFA says it plans to hire Living Security, Inc. to “design, build, and operate a customized hands-on two day cybersecurity-themed escape room training on-site at [FHFA’s] headquarters” in Washington, D.C.

FHFA issued a intent to sole source to Living Security, but industry has until March 7 to respond and make the agency aware their similar capabilities before it finalizes the award.

That’s a pretty innovative approach to training employees at all levels how to deal with cybersecurity challenges, which impact nearly everything every agency does.

Living Security’s website describes its escape room as an “intelligence-driven security awareness training platform that leverages gamified learning to make cybersecurity training fun and effective.”

The Smallwood, Texas-based company said the game creates storylines and teaches lessons in security, safety and online privacy.

Under the four-month deal — a total cost figure wasn’t provided — Living Security will create an escape room that is customized to the FHFA’s IT and security policies, according to the sole-source notice. There isn’t a whole lot of other details about what the room will look like or what the challenges will address.

But if you’ve ever participated in an escape room with friends, your kids or through team building, you probably can see potential for cybersecurity. But for those of you who may not be familiar, the escape room concept is innovative because it teaches several important traits needed to address cyber challenges: Team building, critical thinking and problem solving.

FHFA not the only one

There are a handful of other federal cyber companies offering similar experiences. The Thales Group offers a “mobile box” that is a 10-minute experience that uses clues, hints and strategy to help participants complete the puzzle.

The SANS Institute also offers a similar experience to reinforce and teach cybersecurity best practices and principles.

“In many ways, a well designed escape room can represent an attack kill-chain and poor defense-in-depth. Each puzzle represents a vulnerability that the participant is exploiting, and if best practices were followed, the puzzle could not have been solved,” SANS wrote in an online presentation about its escape room concept.

This concept also is gaining some momentum in other areas of government. A team from the Washington State Department of Revenue won a statewide contest last November.

“The Office of Cybersecurity’s escape room challenged players to solve a variety of high-tech and low-tech puzzles to uncover clues needed to access information on a laptop,” the office wrote in a press release. “The purpose of the competition was to heighten awareness about common bad practices many people fall into when it comes to securing their digital information.”

This type of approach to cybersecurity training just makes sense given the ever-increasing need to keep employees engaged and familiar with the latest cybersecurity threats. And maybe even more important, typical cyber training at your desk through webinars or through half-day classes are boring and too often tuned out by employees.

Kudos to the FHFA for trying something different to not only fix long-standing cyber challenges, but also for finding a way to hopefully get employees to remember why  cybersecurity matters and how to protect themselves and their agency.

Best listening experience is on Chrome, Firefox or Safari. Subscribe to Federal Drive’s daily audio interviews on Apple Podcasts or PodcastOne.

The Defense Department inspector general and the FBI have launched a preliminary investigation into the DoD’s $10 billion Joint Enterprise Defense Infrastructure (JEDI) program and the Washington Headquarters Services’ role in this and other acquisitions.

A source confirmed to Federal News Network that they have met with the DoD IG and the FBI’s Public Corruption Squad recently to discuss a host of issues around DoD procurement.

The source, who requested anonymity in order to discuss an ongoing law enforcement matter, said the discussion centered on times and dates of meetings, and the Cloud Executive Steering Group and its role in drafting the solicitation for JEDI.

The source said the DoD IG and FBI also asked about relationships of contractors and government personnel as it relates to JEDI and other procurements.

Neither the DoD IG nor the FBI would confirm or deny the existence of an investigation.

While there are several unanswered questions about what the FBI and DoD IG are looking into, a former FBI agent and lawyers not associated with JEDI or the DoD cloud efforts — but familiar with how IG and FBI investigations typically work — said it’s not unusual for these two investigative organizations to work together on a case.

“Often when it comes to government contracting investigations, the FBI will not take over the case, and they often will enlist other people who are experts,” said Thomas Baker, a retired FBI special agent who worked in a variety of investigative and management positions at the bureau.

But if the FBI is involved in interviews on any topic, the experts say it implies there potentially is some sort of wrongdoing involving DoD civilian personnel and/or DoD procurement procedures.

“The FBI and the DOD IG are both very talented and professional law enforcement agencies, who each have overlapping legal authority to investigate matters. The two agencies have learned how to avoid stepping on each other’s turf, and to ‘work’ matters jointly when appropriate. There may be an aspect of any case that is important to the FBI, which most often takes investigation of public corruption cases, although that may not be the case here, and the DoD IG which has expertise on government procurement matters,” said Stephen Ryan, a former general counsel to the Senate Committee on Governmental Affairs, a former assistant U.S. attorney and now a partner with McDermott Will & Emery. “One may be focusing on a part of an investigation while the other maybe focused on another issue, but it makes sense to collaborate.”

Additionally, experts say the DoD IG is one of the most well-resourced, well-trained units across the government, meaning they typically don’t need the FBI’s help. And if the FBI is involved, agents aren’t just participating because they don’t have better things to do.

Experts say if the FBI is involved in a case like JEDI or more broadly around potential public corruption, they are looking at any sort of crime that falls under 18 U.S. Code, 201, the federal bribery statute, and other similar statutes that cover unlawful acts by public officials.

Ryan stated that if it is established that both the DoD IG and the FBI are working together on any matter, one cannot infer the case has greater weight or importance legally until there is a court filing or other lawful public disclosure of the matter.

And Baker added that many times the FBI looks into something and finds there isn’t enough evidence for it to be a criminal matter and administratively closes the case. He said the FBI could very easily be at the beginning of an inquiry where they are just gathering information.

The fact that the DoD IG is looking at JEDI, however, isn’t surprising. Reps. Steve Womack (R-Ark.) and Tom Cole (R-Okla.) asked the agency to dig into the much anticipated and highly controversial contract in October. The House Appropriations Subcommittee on Defense members said they were most concerned that JEDI restricted competition.

Womack’s spokeswoman told Federal News Network that the DoD IG hasn’t given the lawmaker “an official response in writing yet.” Emails to Cole’s office seeking comment were not returned.

DoD has been under heavy scrutiny for much of the past 18 months as it developed its plan and solicitation for JEDI.

Since the release of the request for proposals last summer, industry has turned up the pressure with multiple bid protests, first to the Government Accountability Office and now to the Court of Federal Claims.

The news of the preliminary investigation comes as DoD announced its own investigation into a possible conflict of interest that compromised the procurement.

What is surprising, however, is the FBI’s involvement. Several industry and Hill sources expressed outward surprise when told of the bureau’s interest. One Hill staff member chuckled out-loud, as if to say “it figures” rather than to express glee or shock.

While it’s difficult to know exactly what the FBI and DoD IG are working on, it’s clear there is enough concern to warrant them asking questions and digging into the details. No matter what comes from this, it’s just another factor that will impact JEDI and DoD’s plans in the near term.