Nine states already allow for sports betting and 19 others have some sort of legislative action underway to make it legal, according to ESPN’s Oct. 30 sports betting tracker.

Betting on sport is so popular that the American Gambling Association estimates that all four major sports leagues would earn a collective $4.2 billion from legalized sports betting.

So what does this all have to do with federal government management issues?

Well, thanks for asking.

The Office of Management and Budget’s Office of Information and Regulatory Affairs (OIRA) recently released its semi-annual regulatory agenda and it got me thinking about the proposed and final Federal Acquisition Regulation (FAR) rules.

What are the chances of any of these rules getting past the finish line?

Well given the fact that over the last two years, the number of FAR rules that were either proposed or finalized was scarce, and there doesn’t seem to be any change on the horizon, I thought we might have some fun with the federal acquisition by putting some odds on how likely the most significant of the 36 proposed and nine final FAR rules would come to fruition.

The oddsmakers should keep in mind that George Washington University professor Bridget Dooling found the number of significant regulatory activity has fallen 74 percent since the Trump administration took office. During the first 18 months of the administration, agencies launched fewer than 250 big rules, compared to 807 in the first year of Barack Obama’s administration and more than 700 in George W. Bush’s first year.

I brought in my own version of a sports oddsmaker in Larry Allen, the president of Allen Federal Business partners and long-time federal acquisition observer and expert, to help me explain the odds we set:

Proposed rules

1.  Determination of fair and reasonable prices on orders under multiple award contracts

Odds: 5 to 1

Rationale: This one has a pretty good chance because several agencies already wrote deviations to the FAR that directs contracting officers to determine price reasonableness on their own. Allen said the next phase would be to bring this concept down to the task order level.

2.  Use of Acquisition 360 to encourage vendor feedback

Odds: 25 to 1

Rationale: This proposed rule goes back to 2016 under the Obama administration so the likelihood of it getting through is not good. At the same time, Allen said it hasn’t gone away either in almost three years. “How would you regulate the feedback? There are a lot of things to get a 360 view of a transparent acquisition that doesn’t require a new rule, but changes in the processes and reminders to follow the rules on the books, including encouraging vendor feedback would be helpful,” he said. “I’m not sure there is a really strong regulatory case for it.”

3. Section 508-based standards in information and communication technology

Odds: 6 to 1

Rationale: The Access Board recently finalized updated Section 508 standards so this FAR update is almost an important formality. Allen said agencies still struggle to get Section 508 right in contracts so changing the FAR shouldn’t be too difficult.

4. Incremental funding of fixed-price contracting actions

Odds: 30 to 1

Rationale: This 2016 proposal isn’t likely to break through after almost three years. Allen said there has been a big push for much of the last decade to bring some uniformity to fixed price contracts as there already are regulations on the books for incremental funding for cost-plus type contracts. “This rule may end up being superseded by other happening with the Section 809 panel and the Defense Department going back to the drawing board on incremental funding for its contracts,” Allen said.

5. Definition of a “commercial” item

Odds: 15 to 1

Rationale: This one comes out of the 2018 Defense authorization bill where lawmakers wanted to expand and clarify what it means for agencies to buy commercial products and services. Allen said while this is an important proposal, there will be a lot of interest and that could slow down the process. This is why the odds of the council finalizing it in the next year are low.

6. Increasing task-order level competition

Odds: 7 to 2

Rationale: This is another one coming from the NDAA, but the most recent one signed into law in August. The proposed rule is a key piece to the General Services Administration’s goal of moving to unpriced schedules, which is why the odds are lower than most others. Allen said while the concept is limited to services contracts, which do account for a majority of federal acquisition spending, the broad goal is for agencies to get better pricing at the time of purchase. “It could create more burden on contracting officers, but it would mean they get more real time pricing based on scope of work,” he said.

7. Governmentwide and other interagency contracts

Odds: 10 to 1

Rationale: The goal of this rule would be to do away with requirements for DoD to need a written determination and finding before using non-Defense contracts. Allen said this requirement is a huge stumbling block for military services and Defense agencies. “Getting a D&F to use GSA’s Alliant or the schedules slows things down and requires more paperwork. Even when the services have an agreement to use Oasis or Alliant,” he said. “Section 875 is being read by industry as eliminating that requirement. It could streamline DoD acquisition and improve the use of non-DoD contracts across the govt.” At the same time, Allen said the odds are lower than some might think as the possibility of push back from DoD is real while the Pentagon waits for Section 809 panel recommendations and/or they want more analysis on how DoD is using non-Defense contracts.

Latest Contracting News

DoJ's Georgia Tech lawsuit a ‘warning’ to contractors on cyber compliance Cybersecurity
Big or small business, 'this' type of federal contractor does the best job Contracting
DoD set to start ramping up new military moving contract Defense

Final rules

1. Set-asides under multiple award contracts

Odds: 50 to 1

Rationale: The chances of this final rule finally cross the finish line remains long, particularly considering the council has been sitting on it since 2014. Allen said recent court decisions — the 2016 Kingdomware case requiring the Veterans Affairs Department to abide by the “rule of two” for small veteran-owned firms — has slowed down the progress of the proposed rule, causing the council to rethink whether they have to apply the “rule of two” to all task order contracts. “The odds are low and the rule may become irrelevant as we get Section 846 [e-commerce marketplace pilot] up and running,” he said. “It is more likely that the FAR case will be closed and a new one will be opened up that reflects all of these changes. This is not to say this isn’t important, but time may have overcome the current rule.”

2. Effective communication between government and industry

Odds: 3 to 1

Rationale: Of the 47 final and proposed rules, this one is the most likely to make it across home plate. Allen said this is one of those cases where OMB issued guidance, but until the FAR regulations change, there are a host of government acquisition people who are more conservative and need regulations to change. There is a lot of support across the government and industry acquisition communities for the use of tools such as reverse industry days, the “show, don’t tell me” approach to bids and other “innovations,” thus making this rule popular and an easy one to agree upon.

3. Prohibition on certain telecommunications and video surveillance services or equipment

Odds: 4 to 1

Rationale: This one also gets good odds because it’s part of the ongoing and increasingly strong focus on supply chain risk management. The FAR Council will implement the 2019 NDAA provision that prohibits agencies from buying products from China-based companies ZTE and Huawei Technologies. “Prohibiting agencies from buying from these companies because of the potential and real impact on the security of their supply chains is a big deal for industry and an even bigger deal for the government,” Allen said. “The rule is putting industry on notice saying technology from these companies are walled off to you whether you can save money or not. The biggest use of this is around the training on supply chain security.”

Prop bet

What are the chances of the Trump administration naming a permanent administrator in the Office of Federal Procurement Policy over the next 12 months?

Odds: 250 to 1

Rationale: It’s been more than two years since OFPP has had a permanent administrator and so far four candidates haven’t made it through the process for a variety of reasons. Allen said he doesn’t see any change on the horizon, either. “The administration has gone this long so they may be saying ‘why do we need one?’” he said. “And even if you named someone, it would be nine to 12 months before they got confirmed and then would only be in the position for nine to 12 months, so why measure for new curtains?”

Read more of the Reporter’s Notebook

The federal chief information officer’s council is restocking its committees after a wave of agency volunteer leaders moved to new positions across government or left government altogether.

Steve Hernandez, the Education Department’s chief information security officer, Dorothy Aronson, the National Science Foundation’s CIO, and Ron Bewtra, the Justice Department’s chief technology officer, stepped up to take on new leadership roles.

Hernandez now is the co-chairman of the federal CISO committee, joining Federal CISO Grant Schneider.

Aronson will join Education CIO Jason Gray as the head of the workforce committee. She replaces Beth Killoran, who moved to a new role in August.

Bewtra joins Maria Roat, the Small Business Administration’s CIO, to co-lead the innovation committee.

Along with these changes in the CIO community, a few others caught my eye.

Chris Lowe, the former Agriculture Department CISO, started a new position as CISO at USDA’s Agricultural Research Service (ARS).

The rumor mill heated up back in March that USDA leadership wanted to reassign Lowe to a new position. It’s unclear whether that happened or if Lowe found a new role on his own. Lowe recently updated his LinkedIn page with the new ARS role.

Over at the Department of Housing and Urban Development, former acting CIO Chad Cowan received a promotion to acting assistant secretary for administration and principal deputy assistant secretary for administration

Cowan was acting CIO for six months after Johnson Joy suddenly resigned and was senior advisor to the CIO from August to October. HUD Secretary Ben Carson named David Chow as the new CIO in August.

Over at the General Services Administration, Rob Coen now is the new One Acquisition Solution for Integrated Services (OASIS) program manager, moving over after spending the last two years as the FedSIM and Express strategy director.

Additionally, GSA named Penny Grout to be the Federal Acquisition Services regional commissioner in Region 8 and Tom Meiron to be the Regional Commissioner in Region 4, according to an Oct. 29 email from FAS Commissioner Alan Thomas obtained by Federal News Network.

Finally, GSA announced on Oct. 31 that Administrator Emily Murphy named Jeffrey Post as the associate administrator for its Office of Congressional and Intergovernmental Affairs (OCIA) where he will serve as the chief policy advisor.

Over at the Labor Department, Dennis Johnson has been selected as the director of Office of the Assistant Secretary for Administration and Management’s (OASAM) Performance Management Center. He had been acting in the role for the past 23 months where he developed a new four-year strategic plan, expanded the department’s continuous process improvement (CPI) program, and strengthened the connections between the department’s budget and performance functions. That’s according to an email from Bryan Slater, Labor’s assistant secretary for administration and management, obtained by Federal News Network.

One retirement of note has come to our attention: Mike Butler, who spent the last eight years with the Defense Manpower Data Center and has been a leader in the federal identity management community for the last 18 years, decided to try out the private sector.

Butler now is a director with Dignari, LLC where he will lead the emerging technology team to create new and innovative capabilities for clients. Dignari is a woman-owned small business serving national security and defense agencies by providing biometrics, identity management, emerging technologies and data analytics services and technologies.

Butler spent 15 years in the Navy before retiring in 1995. He joined DoD as a civilian helping to stand up the Defense Access Card Office. He also worked at GSA to begin the implementation of Homeland Security Presidential Directive-12 (HSPD-12), served on a seven month detail with the Office of Management and Budget’s e-government office and spent just over a year at the National Institute of Standards and Technology working on smartgrid cybersecurity before going back to DMDC.

Read more of the Reporter’s Notebook

Best listening experience is on Chrome, Firefox or Safari. Subscribe to Federal Drive’s daily audio interviews on Apple Podcasts or PodcastOne.

If you read through the new Federal Information Security Management Act (FISMA) guidance for fiscal 2019, the letter from Suzette Kent, the federal chief information officer, to the Senate Homeland Security and Governmental Affairs Committee, and listen to what the Office of Management and Budget has been saying about the upcoming Trusted Internet Connections (TIC) memo, the message to agencies is clear.

Agencies can no longer point to the Homeland Security Department as the excuse for why improvements to the security of their networks and data aren’t happening fast enough.

OMB is giving agencies a stronger voice and driving accountability back to CIOs, chief information security officers and deputy secretaries.

In the FISMA guidance and letter to the committee, which Federal News Network obtained, OMB is adding flexibilities in how agencies meet the requirement of governmentwide programs like the continuous diagnostics and mitigation (CDM) and the intrusion detection and protection program called EINSTEIN. At the same time, OMB seems to be telling agencies that what’s most important is not adhering a specific method or approach, but achieving the final result of using advanced tools and techniques to secure their systems and data.

“The Office of Management and Budget (OMB) acknowledges that there is a need to enhance existing capabilities and programs to better safeguard federal information systems and data, and we plan to convey this vision as part of the President’s 2020 Budget,” Kent writes in a Sept. 14 letter to the Senate committee. “In order to inform future investment decisions, the Department of Homeland Security’s National Protection and Programs Directorate (NPPD) is working on a threat-based security architecture assessment. This threat-based security approach, adopted from the Department of Defense, will provide a holistic assessment of existing federal cybersecurity capabilities and creates a common framework to discuss and assess cybersecurity capabilities related to threats. The results are being used to inform DHS’ cybersecurity investment priorities across federal civilian departments and agencies in order to enhance enterprise cybersecurity and reduce risk.”

The underlying message in the letter is clear. The fiscal 2020 budget request will propose more money for agencies to implement cyber capabilities more quickly and effectively whether through CDM or EINSTEIN or in other ways.

FISMA guidance continues CDM evolution

OMB goes even further in the FISMA guidance, released Oct. 25, around the need for more flexibility and accountability at the agency level.

The administration is opening the door for agencies to acquire continuous monitoring tools and capabilities outside of CDM. The memo is part of the continued evolution of CDM.

“[H]owever, they are required to provide sufficient justification should they pursue acquisition of tools with continuous monitoring capabilities that are not aligned with current or future CDM acquisition vehicles (includes CDM Dynamic and Evolving Federal Enterprise Network Defense [DEFEND], GSA IT Schedule 70 CDM Tools Special Item Number, etc.). Prior to purchasing these tools, a justification memorandum must be sent from the agency CISO to the CDM PMO, the respective OMB Resource Management Office (RMO), and the Office of the Federal Chief Information Officer (OFCIO) Cybersecurity Team,” the guidance states.

Additionally, OMB is telling agencies they can continue to use existing tools or capabilities that meet CDM requirements, but were purchased outside the contracts run by the General Services Administration.

Then if you add to what we know about the upcoming TIC guidance, the theme of moving more toward flexibility and accountability continues.

Margie Graves, the federal deputy CIO, said at the 2018 ELC conference in Philadelphia on Oct. 15 that the TIC policy will move toward a risk based approach based on the cyber framework from the National Institute of Standards and Technology.

“The policy doesn’t push us all the way to right in terms of mandating the use of controls. It opens up the aperture in terms of what commercial cloud services already are built into the environments that are meeting the controls. If it’s like-for-like, we’re not going to prescript how as long as it’s meeting the security requirements,” Grave said. “We are doing the same thing for CDM as well. If we can get to the point where we are doing continuous authorization through automated controls and automated use of data, then suddenly all the authority to operate (ATO) paperwork and approach becomes totally different. There is more veracity and more accurate because it’s based on data in the environment. That’s where we are going.”

All of these changes signal a major change in how OMB is involved with and views cybersecurity.

During most of the Obama administration, OMB passed to DHS the responsibility and some of the authority for federal cybersecurity efforts.

Part of the reason for OMB is increasing its oversight and giving agencies more flexibility may be agency frustration with the slowness of the rollout of CDM tools and capabilities as well as the perceived ineffectiveness of EINSTEIN.

EINSTEIN must be operationally relevant

In Kent’s letter to the Senate committee, she said the “National Cybersecurity Protection System (NCPS) detected 379 of the 39,171 incidents across federal civilian networks via the EINSTEIN sensor suite from April 2017 to present.” That is less than a 1 percent detection rate of all cyber incidents. This doesn’t mean EINSTEIN is ineffective, but it means the program isn’t being the proactive tool once envisioned.

Jeanette Manfra, DHS assistant secretary in the Office of Cybersecurity and Communications, said the goal this year and next is to make sure the tools under EINSTEIN are operationally relevant.

“We have been working with agencies to better understand challenges they may have in making sure how best to use the tools under the NCPS,” Manfra said in an interview on Ask the CIO. “Two areas we have been looking at for some time is can we implement some behavior analytics, looking at developments in non-signature based detection capabilities. We’ve had some success in that, what I would call a limited deployment so we will be expanding that.”

She said the goal of the non-signature based detection capabilities is looking for abnormal behavior based on a baseline of normal behavior.

She said DHS also is looking at how EINSTEIN’s on-premise model, similar to the TIC policy, integrates with cloud services.

The question that emerges from all of these changes is how can OMB and DHS ensure CDM, EINSTEIN and other cyber initiatives continue to push agencies down a similar path so there are fewer cyber breaches, unpatched vulnerabilities and a better understanding the government’s overall cyber risk while at the same time not letting the inertia of government prevent real progress?

Read more of the Reporter’s Notebook

Agencies may just remember fiscal years 2017 through 2019 as the best of times. Money was flush — generally speaking — with some agencies actually not being able to spend everything they received in 2018. Congress and the president actually got spending bills done almost on time and not six months into the fiscal year. The threat of shutdown was minor.

So as agencies finalize their 2020 budget requests—agency passback guidance usually is ready by Thanksgiving—there is a real expectation that the “do more with less” mantra will return in force.

The evidence, at least for now, is coming from multiple places. First, President Donald Trump announced he would ask each agency for a 5 percent budget cut in 2020. Deputy Defense Secretary Pat Shanahan said last week at the Military Reporter’s Conference that the Defense Department is developing two budget requests, one without the 5 percent cut and one with it.

“The way I would think about those two budgets and the approach — there are certain things that you can’t change. There are near term costs that we are going to expend in the next year that are on contract and for all intent and purposes are fixed,” Shanahan said. “There are other investments that we will make in science and technology and procurement and we have knobs in terms of timing. The exercise we are going through is there is prioritization we can make. We have a number of options going on with hypersonic missiles. In these projects we can decide to do them or to defer them.”

Shanahan said he is working with the DoD comptroller and the Office of Cost Assessment and Program Evaluation (CAPE) team on what projects could be deferred, and then Secretary James Mattis will make a decision based on those trade offs.

Second is the feeling on the ground. For that, just look at the comments and expectations coming from the Professional Services Council’s 54^th annual Vision Forecast. In interviews with hundreds of federal technology and acquisition officials and in analyzing spending data, PSC’s team of industry volunteers found 2019 is likely to be the “high water mark” for spending.

“There are couple of things that caused the team to look at that. Number one, is the sheer magnitude of the federal budget and the challenges we are facing in the next few years in terms of deficits, interest payments and the outlook for economic growth coming up here all tend to indicate we have about as much headroom in the budget as we can possibly stand right now,” said Lou Crenshaw, a Vision volunteer and team lead for the DoD topline and macroeconomic research. “We are starting to see pressure from OMB and other places for people to begin to reduce spending. I think part of that is the realization that we have some real serious problems we will have to deal with. I think the topline will stay the same and there may be movement between defense and non-defense because of the security situation.”

Now, of course, all of this good feeling about budget and shutdown threats could change in November if the House and/or Senate switches parties. Oh and that nasty “s” word — sequestration — could return in 2020 and beyond if Congress doesn’t raise the spending caps.

The PSC Vision Forecast — for those of you who can still make the annual conference it takes place Monday and Tuesday in Falls Church, Virginia —offered several other significant trends around technology and acquisition for 2019 and beyond. Here are just a few that stood out:

Services remain king

The PSC team found agencies expect to continue to increase spending on knowledge-based services and IT services spending continues to see a steady growth. But the biggest difference this year than in past surveys is the discussion around mission priorities.

“In past we’ve seen a lot of emphasis on support services, but not necessarily driving toward how they support the overall mission for the agency,” Kirste Webb, the Vision civilian chairwoman. “One of the biggest messages we are hearing across the board is that all of the agencies are now shifting to everything is about their mission, and if procurement or acquisition is not directly supporting that mission they are taking a second look at how it’s being procured and what’s being done with it.”

Webb said agencies are looking at alternative contracting practices such as Other Transaction Authority (OTAs), best-in-class contracts and sole source awards with a goal of getting to the market faster and bringing innovation to help meet mission goals better.

Interestingly, the use of shared services did not come up as an alternative or even as an option agencies are seriously considering.

O&M equals operations and modernization

The Office of Management and Budget is entering is fourth year where IT modernization is its top priority because of how everything from cybersecurity to citizen services to workforce branch off from it.

The PSC team found the discussion on IT modernization shifted from straight numbers highlighting technical debt or continued support of legacy systems to managing the IT modernization.

“It’s really about Technology Business Management. We’ve seen that changes are being attempted at an unprecedented scale across the federal enterprise. It’s going to improve the quality of the data. These are culture challenges that are extremely daunting but the outlook is promising,” said Steve Vetter, one of the two federal IT and budget Vision chairmen.

Greg Lobbin, the other federal IT and budget Vision chairman, said agencies seen an opportunity because of cloud computing to use operational expenditures (OpEx) for modernization efforts.

This may be part of the reason the impact of the Modernizing Government Technology (MGT) Act is slow to materialize. Agencies are finding ways to modernize without the need to apply for a loan from the Technology Modernization Fund, or by setting up a working capital fund.

A changing industry, government relationship

One of the most positive changes that came from the discussions with agencies is the desire for a better working relationship with contractors.

Webb said the cautious message coming from the government is how can industry and government work to evolve the mission together.

“I think what we are seeing is agencies are trying to get industry involved earlier to avoid what’s been happening which are a lot of protests during the acquisition process. We are seeing an increased exchange across the civilian agencies in terms of industry days, industry exchanges, one-on-one opportunities well in advance of a final solicitation coming out as part of the critical steps in trying to partner more with industry across the board,” she said. “Once the acquisition is complete and a contractor is in place, agencies are recognizing working together is far better to achieve the mission.”

Webb said partnership agreements, such as those used extensively by the Department of Energy, are becoming more common.

“What we are seeing is rather than trying to fight against each other, we are seeing more going toward working with each other to resolve challenges that may occur and trying to identify potential risks and how to solve those risks before they even occur,” she said.

The best and most well-known examples of the change that PSC is highlighting are the IRS’ reverse industry days, the Homeland Security Department’s Procurement Innovation Lab’s efforts and the General Services Administration’s interact site.

4 forces driving federal acquisition

Of all the trends that emerged from the 22 study teams, which conducted more than 300 interviews, the drivers of federal acquisition became clear.

Alan Chvotkin, PSC’s executive vice president and general counsel, said the President’s Management Agenda cross-agency goals continue to be the North Star that agencies are heading toward. But that also means a few other things including a tightening of the market for some vendors and an increased set of opportunities for others, particularly those in the cybersecurity and IT modernization.

“There is no doubt increased focus on IT. Cybersecurity is clearly a high risk and high spend area so we think there will be a lot of business opportunities,” he said.

Agencies are continuing to emphasize and push toward commercial services and nontraditional contractors. But, Chvotkin said, there is a mixed message because agencies also want to push government unique requirements down into the supply chain security and security clearances.

Finally, the competition for workforce talent will remain strong among industry and government alike.

Read more of the Reporter’s Notebook

PHILADELPHIA — The Federal Acquisition Service at the General Services Administration spends $100 million a year on systems that are outdated, disliked by their users and arduous to use. There is something like 70 applications that interface with the contract writing system alone.

The IRS wants to replace systems that require tens of thousands of manual hours to process basic procurement actions like contractor determinations.

The debate over the use of Other Transaction Authority remains strong over whether it’s just another tool in the procurement toolbox, or has the Defense Department discovered the “Holy Grail” of contracting because Congress gave them production authority.

All of these examples really are just symptoms to the larger disease — the need to reimagine the entire job of a contracting officer. With the move to automation happening more quickly, contracting officers soon will finally achieve the business acumen and partnership role that has been long talked about.

The good news is the change is starting to happen. One of the major themes that emerged from the 2018 ImagineNation ELC conference sponsored by ACT-IAC was around the evolution hitting the federal acquisition process.

GSA Administrator Emily Murphy said reconceiving how a contracting officer works is one of her main goals for FAS as it modernizes its schedules program by reducing the number of overall of contracts, by moving toward an unpriced schedule and pushing competition down to the task order level.

“When I’ve talked to our 1102 community and when I talk to our vendor community, one of the questions I always ask is, ‘What value are we driving from setting ceiling prices?’” Murphy said after her speech at ELC. “When we are reimaging how the schedules work, if we incorporate things like the e-commerce platform, which deals with the very low dollar value purchases, and we focus on services being an unpriced contract where we actually focus on pricing at the task order level, that frees up our 1102s. They no longer are negotiating the same ceiling prices again and again. They are instead focusing on how to make sure task order competition is real, vigorous and it’s dynamic.”

Murphy said the combination of technology, such as robotics process automation and machine learning, and business process reengineering, contracting officers can spend more time on finding the right solutions based on data and business needs.

“Think about when we awarded OASIS, it required labor hour prices per category, but it really focused a lot more on the technical qualifications of the vendors,” she said. “This gives us the ability to focus on those technical qualifications, what makes each vendor successful, unique and what can they bring to the table as a solution, instead of focusing on that contract hour price. That contract hour price becomes relatively meaningless until you get to an actual scope of work. Then you have dynamic competition at the task order level and drive down prices with a real solution behind those prices.”

GSA CIO helping with acquisition modernization

To get where Murphy wants to go, FAS needs better technology that runs its assorted contracting systems.

Alan Thomas, the FAS commissioner, said its internal systems such as E-Buy, GSA Advantage, the FSS 19 and many others that make up their core business systems are expensive to maintain and not customer friendly.

Thomas and David Shive, the GSA chief information officer, are co-leading an effort to modernize and consolidate systems. He said FAS will lean on GSA’s CIO application maintenance, enhancements and operations (CAMEO) re-compete. The agency held an industry day in early August and plans to issue a request for information and hold a reverse industry day.

“We have picked the capabilities we want to have like the ability to write, modify and manage contracts or to manage catalog information, instead of modernizing system by system,” Thomas said after his panel at ELC. “Within six months, we will have the requirements for our new contracting writing system out to industry, and by the back half of 2019, we expect to begin delivering new capabilities.”

Thomas emphasized that the business system modernization effort is a multi-year strategy and it integrates with other initiatives such as schedules consolidation to reach its full potential.

Like GSA, the IRS is facing antiquated systems as well as a shrinking workforce. The tax agency spends about $2.6 billion a year on 10,000 transactions.

Tim Shaughnessy, a senior program analyst at the IRS, said a new strategic framework for the agency includes the procurement process for the first time.

“We are recognized as partners who create and buy emerging technologies and do acquisition planning,” he said at ELC. “We spend a lot of time at the end of the fiscal year trying to secure dollars early enough to set up process to buy emerging technologies.”

IRS testing first bot

Shaughnessy said for the staff of 300 procurement professionals to do that more effectively, the IRS is turning to robotics process automation to reduce the amount of time spent on basic transactions.

The IRS awarded its first contract for RPA at the end of September for a bot to do contractor responsibility determinations.

“We do about 10,000 of those actions a year and the RPA is our way of dipping our toe in the RPA water,” he said. “We think this will save contracting officers about 10,000-to-15,000 FTE hours a year.”

The bot will go to public facing websites such as SAM.gov or  Dun & Bradstreet to analyze data on vendors to review overall contractor financial resources, integrity and business ethics and anything that that would not otherwise exclude a vendor from bidding.

“The bot gives us the ability to quickly look at the System for Award Management (SAM) and other systems and give the contracting officer a report back on a vendor’s status,” Shaughnessy said. “The contracting officer can analyze the data that the bot brings back and pivot off that in case they need to do more investigations. We also don’t have to wait until a proposal comes in or there is an apparent winner to do a contractor responsibility determination. The bot could bring back data on all the companies who proposed.”

Along with RPA, Shaughnessy said the IRS procurement shop also is testing out a new program under Parts 12 and 13 of the Federal Acquisition Regulation to pilot emerging technologies. The IRS doesn’t have OTA authority so this is the next best thing.

Under FAR Parts 12 and 13, agencies can use streamlined evaluation procedures as long as the awards are under $7 million and it’s not to deploy new systems, and only to test and pilot.

“We haven’t picked which programs we will use this for yet. We are socializing and working with stakeholders as well as partnering with the CIO’s organization,” he said. “One of the things we are trying to do is develop, along with the CIO, a capability for us to take a concept from a white paper to initial deployment.”

Shaughnessy said one possible option is with document imaging and data capture through optical character recognition. The IRS has as many as 27 different document imaging systems. Using this pilot program, it could consolidate and modernize the entire document imaging effort.

The IRS, GSA and other agencies are making it clear the status quo around acquisition isn’t working and working within the system to change is not only possible, but happening every day. This is why the aggressive move to OTAs is disturbing to so many because instead of fixing the procurement system, like GSA, the IRS and others are trying to do, agencies are looking for a way around it.

Read more of the Reporter’s Notebook

Best listening experience is on Chrome, Firefox or Safari. Subscribe to Federal Drive’s daily audio interviews on Apple Podcasts or PodcastOne.

If you wanted to track the government’s progress on IT modernization, there may not be a better approach than following the bouncing metrics of the data center consolidation initiative.

The Obama administration started out with a goal to reduce the overall number across the government. Then the Office of Management and Budget said optimization of current data centers was as important as reducing the overall number.

Then somewhere in there, OMB changed the definition of what a data center, is causing a huge increase in the overall number and a nose dive in success, followed by a quick rebound when closing a 3×3 closet with two servers counted.

Now OMB is expected to release yet another memo around data centers that, once again, will move the goal posts — whether they are forward, back or sideways it’s unclear. The data center memo is one of several expected in the coming weeks or months from OMB, which also is working on new Trusted Internet Connections (TIC) requirements and new guidance for protecting high value assets.

The good news is through the Centers of Excellence (CoE) initiative with the Agriculture Department and the move to Technology Business Management (TBM) standards, this may be the last data center memo for awhile.

Dan Pomeroy, the acting deputy associate administrator in the Office of Governmentwide Policy at the General Services Administration, said OMB recognized the government needed a new and better way to calculate costs and therefore savings when it came to data centers.

Pomeroy, who led the data center optimization initiative as well as the infrastructure optimization CoE before taking on this new role in September, said GSA worked with USDA to come up with eight categories to calculate the costs of data centers.

“We are looking at things like the cost of labor that will continue, but maybe it will be less as you reduce the number of data centers,” Pomeroy said. “We are asking what can you save across multiple parameters? Based on the square footage of a data center, there are different levels of savings. If you shut down a closet, there will be less savings then if you shut down a tier 3 data center.”

At the same time, GSA is ensuring the data center metrics are integrating with the TBM cost towers process. OMB is requiring agencies to implement TBM by 2022 under the President’s Management Agenda and as part of its effort to improve the capital planning and investment control (CPIC) processes.

Pomeroy said agencies needed a tool set to calculate savings and return on investment, and whose data would easily fit into the TBM structure.

USDA will further test out these new metrics as part of its effort to close 39 data centers under the CoE initiative. The agency already closed 21 data centers and expects to save $6.9 million to $8.5 million a year.

SSA bringing in industry best practices

On the other side of the IT modernization spectrum is the Social Security Administration. While SSA remained dogged by antiquated systems and processes, IT modernization is happening in some pockets.

For example, SSA expects most states to move to its new and improved Disability Case Processing System (DCPS) by the end of fiscal 2019. The DCPS rollout stands out as a major project in SSA’s five-year, $700 million IT modernization strategy, which it launched last year.

Rajive Mathur, the SSA CIO, said he’s borrowing an approach from his industry days where IT capabilities are based on a business-centric view.

To that end, Mathur said he’s implementing a product management and product manager approach across SSA’s IT efforts.

Mathur said a product owner asks the business or program managers questions such as: What is the strategy? How do we deliver on value? What are the planned product versions?

“We are not investing in a one-year, one product program. It will always be a multi-year view where we are creating value and delivering new capabilities early and often” Mathur said at the conference. “There is a big culture change I’m asking for by moving to product management.”

Mathur said under this approach, the program office and CIO’s office will develop a one-page outline of the project plan, which includes funding, current spend rate, team structure, timeline for delivery of capabilities, any market research and other data that will lead us to a buy or build decision.

This concept is not necessarily new. CIOs over the years have moved toward having business or program connections in their offices. But what Mathur is doing come more from the venture capital world where companies are held to specific metrics to produce results.

Mathur said the product manager is like a mini-CEO who knows everything about their program.

“This is IT modernization at different levels where we are changing the relationships with the business offices,” he said. “The product function is in the CIO shop today, but over time I’d like to migrate it to the business shops.”

Read more of the Reporter’s Notebook

Best listening experience is on Chrome, Firefox or Safari. Subscribe to Federal Drive’s daily audio interviews on Apple Podcasts or PodcastOne.

The Homeland Security Department’s initiatives over the past year to address supply chain risks aren’t even close to hitting a crescendo. But the pace and volume of the drumbeat is distinctly mounting.

If the efforts to ban Kaspersky Lab, ZTE and Huawei products were just the prelude to the symphony, then the National Risk Management Center’s initial sprint topics, the business due diligence request for information and the latest effort to use the power of federal procurement are the opening sonata.

“There is a growing awareness and understanding to this issue. Our biggest challenge today is not having a national strategy around it while other countries do,”  said Jennifer Bisceglie, president and  CEO of Interos Solutions, which provides risk assessment services.  “Until we have a national strategy, you will have pop up policies or programs or studies, like the one from MITRE. The time is beyond here to have a national strategy.”

The White House’s National Cyber Strategy gave a brief mention to supply chain risk management, saying the government should “improve awareness of supply chain threats and reduce duplicative supply chain activities within the United States government, including by creating a supply chain risk assessment shared service.” But it offered no specific details or initiatives.

Only now are those starting to emerge through a series of DHS-led efforts.

Chris Krebs, the DHS undersecretary of NPPD, offered further insights at several events over the last few weeks, setting up bigger expectations for 2019.

The National Risk Management Center seems to be one major hub of activity for many of the supply chain initiatives.

Among the first sprints the NRMC is undertaking is around information and communications technology (ICT) with a new task force. Krebs said the kick-off meeting is this week where it will convene under the critical infrastructure partnership advisory council. He said it will be the nexus for the government for addressing supply chain risks.

A fact sheet on the task force provided by DHS details some of its initial goals and plans.

DHS said the group will “examine and develop consensus recommendations for action to address key strategic challenges to identifying and managing risk associated with the global ICT supply chain and related third-party risk.” It also will “focus on potential near- and long-term solutions to manage strategic risks through policy initiatives and opportunities for innovative public-private partnership.”

DHS formally announced plans for the task force in July. Without a doubt one major focus area in 2019 will be around reducing risk in federal acquisition.

“On the one hand, we have to make sure in the procurement cycle we are enabling the contracting officers to write the contracts the right way with cybersecurity in mind. But also as the decision process comes through it can be intelligence and threat informed so that we can knock off the bad options if and when they are presented,” Krebs said at the CyberNext conference. The event was sponsored by the Coalition for Cybersecurity Policy & Law, the Cyber Threat Alliance, and the National Security Institute at George Mason University’s Antonin Scalia School of Law in Washington on Oct. 4. “We also are looking at when are in the deployment phase and something is out there, how do we operationalize what we know so if we have information about a compromise or some other sort of actions, how can we take the appropriate risk management steps to protect federal networks.”

Krebs said DHS wants to get out of reactive mode when it comes to addressing these real and potential risks. The entire situation to ban Kaspersky Lab products, which several cyber experts have said DHS and the intelligence community knew were a problem for years, required nearly a year-long effort to get the software off of federal networks, and left the government embroiled in a lawsuit.

“I don’t ever want to be in a position to have to issue a [bill of distribution] like that ever again. We want to stop those deployments from happening in the first place so how do we operationalize intelligence, how do we get it into the procurement cycle as earlier as possible to write smart contracts and inform the decisions makers,” Krebs said. “We must have good options on the table when [we] take bad ones off the table. One of things the ICT task force will consider is what are those incentives to drive more trustworthy options? The federal government has a great incentive package through the procurement cycle and the power of the purse.”

New details on DHS RFI

The idea of writing smarter procurements is behind the request for information DHS released Aug. 17, and recently made public questions and answers from the Sept. 27 industry day.

In the RFI, DHS wants to see what capabilities exist to provide ICT information through “due diligence” research based on publicly and commercially available unclassified data.

“DHS seeks information about capabilities that address risk as a function of threat, vulnerability, likelihood, and consequences, and aggregate multiple data sets into structured archives suitable for analysis and visualization of the relationships of businesses, individuals, addresses, supply chains, and related information,” the RFI states. “The information generated through the due diligence capability will be shared between organizations and may be used in combination with other information to broadly address supply chain risks to federal, state, local, tribal and territorial governments, and critical infrastructure owners and operators.”

The General Services Administration ran a similar effort several years ago, but it didn’t get a lot of traction.

Interos’ Bisceglie said the recent RFI is addressing many of the same issues as the GSA pilot, but what’s changed is the understanding of the supply chain risks agencies and industry are facing. Interos ran four of the pilots under the GSA effort in 2016 and 2017. GSA also tried to stand up a business due diligence shared service for agencies, but it didn’t get consistent long-term support.

“They had several civilian agencies used it and those that did, they made defendable acquisition or market decisions based on the GSA pilot. The challenge was we couldn’t get executive leadership support or get the program resourced correctly,” she said. “There is a clear need and clear void for a due diligence program. I think DHS will see how the market has matured in four years, and then put out larger multi-year contract for these services. It will be interesting to have multi-year program that is shared between DHS, GSA, NASA SEWP, the National Institutes of Health’s acquisition organization and others. That would get a lot of the large IT acquisition buying under one program where you could collect once and share often.”

DHS said in the questions and answers that it has not yet determined if there will be a solicitation in 2019.

“The Commerce, Justice, and Science Appropriations Act has a requirement that certain agencies (e.g. Commerce, Justice, NASA and National Science Foundation) conduct supply chain risk assessments for all of their FIPS high and moderate IT purchases. DHS is engaged with these stakeholders and reached out to them for help when drafting the RFI,” DHS states in its answers. “There is no way to ingest all data feeds but the desired outcome is to improve awareness. DHS wants to be able to calibrate the risk assessment to the risk tolerance of the end user/company.”

DHS said one less rigorous example of this type of effort already in place is with the continuous diagnostics and mitigation (CDM) program. In August 2017, DHS and GSA updated the CDM cyber supply chain risk management plan, requiring vendors to answer some basic questions related to manufacturing and tracking of the product before being added to the approved products list.

DHS states that it is  working with agencies this year to discover “actionable information” that would be shared across government.

Connected to National Cyber Strategy

“For each risk indicator, we need to figure out what the appropriate shelf life is. Continuous data monitoring will also have an impact. Veracity: we want data from an authoritative source,” DHS states.

And both the business due diligence and NRMC supply chain sprint tag back to the National Cyber Strategy.  In the document, the White House makes a specific point to say DHS will have greater insight and oversight of contractor systems from a cyber perspective if they hold federal data, particularly high value assets.

Krebs said while it’s still too early to determine the exact direction of this effort, he said there are several questions and facets to this effort.

“This is a longer term cycle that we have to look at whether GSA has the appropriate authorities? Do we have the appropriate authorities under FISMA? Do we need other federal acquisition authorities to ensure the supply chain is secure. We have a suite of tools capabilities at NPPD, things like cyber hygiene scanning, things like Automated Indicator Sharing (AIS) so what sort of umbrella can we extend across the contractor base particularly those who touch high value assets,” Krebs said. “Alternatively what are the security outcomes we really want to achieve through contracting and we expect of our contractors, not just in the first tier but second, third and fourth tier and how do they attest to that. There is a lot more to come here. This is a significant opportunity space.”

It’s been over a year since agencies, and DHS more specifically, started to apply a much finer and public focus on supply chain risks. The signs are clear from the White House, from DHS and from Congress that contractors and agencies can no longer be passive participants in this effort.

Read more of the Reporter’s Notebook

If you were to rank the three most important roles in government management today, Margaret Weichert currently holds two of them — the deputy director for management at the Office of Management and Budget and the director of the Office of Personnel Management.

Weichert, who took over the OPM role on an acting basis just over a week ago when Jeff Pon suddenly resigned or was asked to resign or was dismissed — nobody is really sure what happened including most of those inside OPM as its email was conveniently down for most of four days when the change happened and the White House has talked little about the reasons for Pon’s departure. But that’s a story for a different time (hint, hint: DM @jmillerwfed me if you want to talk).

The third role, of course, is the administrator of the General Services Administration, which Emily Murphy currently holds.

For this discussion, let’s just focus on Weichert’s role as DDM. Over the eight months since the Senate confirmed her, Weichert has rolled out the full President’s Management Agenda, initiated the Government Effectiveness Advanced Research (GEAR) effort to create an applied research effort to tackle management challenges, and is spearheading a major reorganization and reform effort across the government.

And on top of these and many other initiatives, more importantly is that Weichert has garnered widespread respect from Capitol Hill, industry experts and inside agencies. As we saw time and again during the Obama administration, the lack of a consistent DDM stunted far-reaching management changes over the last eight years.

The benefits of consistent messaging and leadership were probably the biggest messages from the former DDMs who took the stage Oct. 10 to help commemorate and recognize the IBM Center for the Business of Government’s 20-year anniversary.

Clay Johnson, who served six years as the DDM during the George W. Bush administration, is standard bearer when it comes to consistency in the role. Many times during his tenure from 2003 to 2009, the OMB leaders underneath him whether Karen Evans or Robert Shea or Paul Dennett knew Johnson had their back and they routinely used him to address grumblings at the agency level.

Johnson’s consistency in the position meant the Bush administration’s PMA had one voice to continually push progress.

The longer Weichert stays, the better for federal management

If Weichert does nothing else, staying in the DDM position for 3-4 years will make the kind of impact on federal management areas like IT modernization, better use of data and a reskilled workforce that the Trump administration hopes to achieve.

Weichert said one of her biggest surprises over the last eight months is the size of the appetite for change there is in the federal workforce.

“We can connect to the power of 2.1 million civilian workers in our workforce, who are dedicated, have passed our background investigations and have been here and know all the problems,” she said at IBM Center event in Washington. “We have to enable the power of the people in government. They are our best brand actors. They are our best storytellers. They are the emblems of what we are all trying to do.”

So how can Weichert continue to harness the power of the federal civilian workers and enable them to power government? Here is what the former DDMs said she and others should keep in mind as the government reform effort continues to evolve:

“The way [the PMA] was designed to be done made it successful, which I think is a huge lesson for DDMs of the future. It was not done as a separate deal. Some deal across the street from OMB where a bunch of smart people were trying to figure out how the government ought to work and then go in and do it to the agencies. It was done within OMB. Most intelligently and brilliantly, it was done with the resource management officers (RMOs) at OMB. One of the most important facts of fiscal life is everybody wants their budget officer to be really happy. So if the budget officer was involved in the management programs, they were going to be paying a lot of attention at the agencies on what the management folks wanted done because it almost certainly will impact what kind of budget they got.” — Clay Johnson, DDM from 2003 to 2009.

“I think OMB is uniquely situated to provide conventional wisdom to sometimes unconventional senior people to say exactly what could or should be done maybe by taking your idea and saying, ‘We tried that once and it failed miserably. That doesn’t mean you have to abandon your idea, but it does mean you have to come to grips with the sources of the failure and you can learn from that.’ The thing I did when I was in the Obama transition was to preach nonstop, ‘LISTEN to the civil service for god’s sake. Bring them in and ask them questions.’ I kept saying the same thing because it was critically important.” — Sally Katzen, DDM from 1999 to 2001.

“Be creative and be creative also by embracing your career colleagues, in particular, as you work with them on your creative ideas. I go back to the U.S. Digital Service (USDS) example in that, one could’ve planned and drafted legislation and a whole detailed approach to this concept, then put it in a budget and asked Congress for the money and maybe some authorizing legislation to go try to pursue this thing. Or, one could just go do it within existing authorities. One had to look at that authority, look at OPM and find the right kind of hiring authorities that existed and put all the pieces together to create out of basically whole cloth this group of basically 200-plus technologists that came in overnight and worked for a couple of years. As we found out over the couple of years, that concept was validated by Congress by bringing more money to the table as they did their work and Congress bringing even broader authority through the form of legislation.” — Andrew Mayock, DDM 2016-2017.

And, of course, Weichert and other DDMs always can rely on the IBM Center for the Business of Government. Over the last 20 years, it has issued more than 350 reports, published 23 books and conducted more than 500 radio and podcast interviews with government leaders who shared their insights about the challenges and opportunities agencies face.

As the DDMs said time and again, federal management is a non-partisan issue and good government is easy to coalesce around so let’s hope Weichert sticks around long enough to accomplish some of these important tasks.

Best listening experience is on Chrome, Firefox or Safari. Subscribe to Federal Drive’s daily audio interviews on Apple Podcasts or PodcastOne.

Google will not submit a bid for the Defense Department’s $10 billion cloud procurement known as JEDI.

Alieen Black, Google’s executive director, industry lead and group leader for US Government, said in an exclusive interview with Federal News Network that the Joint Enterprise Defense Infrastructure (JEDI) solicitation was not right for the company for several different reasons.

“We couldn’t be assured that it would be aligned with our artificial intelligence (AI) principles. There is one single cloud vendor,” she said. “We determined there were portions of the contract that were out of scope given current government certifications and requirements. Had JEDI allowed the opportunity to have multiple vendors we could’ve submitted a very compelling solution for portions of it. Google believes a multi-cloud approach is in the best interest of government agencies because it allows them to choose the right cloud for the right workload. At a time when new technology is constantly becoming available, customers really should, like DoD, take advantage of that innovation.”

Black said Google will continue to go after cloud opportunities within DoD as well as with other federal agencies that are more open and more multi-cloud oriented.

While not surprising to industry observers, the decision by the Mountain View, California, company is a clear signal to the Pentagon that the JEDI strategy is well outside of the norm.

Alfred Rivera, the former principal director of enterprise services for the Defense Information Systems Agency and now a principal at Breakwater Solutions, said Google’s decision wasn’t surprising for several reasons.

First, he said, the company has been reluctant to “even consider offering a separate infrastructure beyond what they currently have. With JEDI, the fact that a separate dedicated infrastructure for DOD would be required doesn’t seem to fit their delivery model.”

Second, because JEDI would require some level of cybersecurity oversight by DoD, Google also hasn’t been keen on giving direct access to their systems either through the review of code or management of infrastructure components.

DoD not following cloud trends

As far as the signal that DoD is outside the norm, just take a look at what CompTIA reported in its May 2018 report on cloud computing. It found a “vast majority of companies — 83 percent — have performed some type of secondary migration [to the cloud]. Most of those have been a move of either infrastructure or applications to a second cloud provider. There are a variety of motivations here. Better offerings or features top the list, with 44 percent of companies saying this was the reason for their move. Security followed close behind, with 41 percent of companies citing concerns with their original provider. Other common reasons for a move are high costs (37 percent), more open standards (35 percent), and problems with outages (30 percent).”

Going one step further to talk just about the federal market, Nutanix found in a recent survey of federal IT managers that 20 percent of all respondents are using a multi-cloud approach, and of them, 75 percent say it’s working well or very well. Additionally, 44 percent of the respondents recognized that using multiple clouds makes them more secure.

And Deltek, the market research firm, says on average each military department already has 77 cloud providers. DoD officials have been clear that JEDI will not be the only cloud instance across the services and agencies, but account for only about 15 percent-to-20 percent of all cloud services.

So this takes us back to Google’s decision about which Black said was pretty straight forward once her team reviewed the strategy.

“We are aligning ourselves to contract vehicles that allow a multi-cloud approach and we are heavily pursuing those,” she said. “This certainly wasn’t an opportunity that very many cloud vendors took to support Google. Leaning forward and looking at the overall, the fact of the matter is the DoD is a multi-cloud environment and will continue to be one, and Google will pursue those multi-cloud, open source type environments because we believe that’s the right thing for our customers.”

The other big issue for Google, and possibly for other vendors, is there are requirements in the JEDI solicitation that the company couldn’t meet.

One of those was being certified as a level 6 under the DoD Cloud Computing Security Requirements Guide.

It seems only Amazon Web Services has met the Level 6 requirement. Microsoft has received the Level 5 certification.

“Our plans are to continue to meet some of the requirements, but Google is well known for our ability to provide secure solutions,” Black said. “We are continuing to scale the compliance regimes required throughout the government, however at this time in the way JEDI was currently positioned, there were some compliance or specifications that we do not meet.”

Google’s AI principles at risk

Another issue for Google, Black said, was a single cloud approach may violate the company’s AI principles. Google released its AI principles in June after employees raised concerns about its work with DoD on Project Maven.

Black said while the decision not to bid on JEDI isn’t related to Project Maven, but DoD’s strategy to go with a single vendor could put Google in a tough situation.

An industry observer, who requested anonymity since their company does business with DoD, said it’s clear that with Google deciding not to bid, JEDI will come down to AWS or Microsoft.

“The CIA chose AWS so a lot of people seem to think that makes it the favorite to win JEDI.  If that happens, two questions come to mind: First, does the U.S. government care that it is on course to effectively creating a cloud monopoly?  And second, and this is probably more urgent, what are the security and insider threat implications of entrusting so much of the nation’s national security data to one cloud provider?” the observer said. “For the sake of competition and national security, I hope someone is considering both. If a top-three member of the cloud industrial base has decided not to bid on a premier opportunity like JEDI, what does that say about the DoD’s ability to leverage the breadth of American innovation the way the Chinese leverage their own?”

One question Google’s decision immediately brings up is how it will impact Oracle’s bid protest of the JEDI solicitation. Oracle submitted three amendments to its protest, including one as recently as Oct. 1.

Sources say with Google dropping out the likely bidders are Microsoft, AWS, IBM and Oracle.

Rivera said Google’s decision to withdraw likely will not impact the overall competition.

“First of all, a key part of providing the cloud solution would be support of a migration approach for DoD’s current systems (both legacy apps and current cloud based systems).  I’m not confident that Google is positioned to support a strategy to assist in migrating legacy systems into their cloud-based solution.  If Google doesn’t provide such an approach, each component would have to acquire these services through other means, thus making transitions more complex. That defeats the purpose of having a single cloud solution approach,” he said. “Finally, I think the other players that are potential candidates do have all these back-end services in place to support a single-cloud solution as well as a migration strategy for DoD‘s mission application.”

Black said while Google would’ve liked to support DoD on JEDI, it knows there are plenty of other opportunities in DoD and across the civilian sector to work on.

“Certainly large contracts like that are something every company wants to pursue. But under these circumstances, it makes sense for Google, for where we are in the market, our go-to-market model and our principles, to pursue support of the government in other ways,” she said.

Read more of the Reporter’s Notebook

Best listening experience is on Chrome, Firefox or Safari. Subscribe to Federal Drive’s daily audio interviews on Apple Podcasts or PodcastOne.

For the Agriculture Department, everything about its IT modernization effort is different this time.

Over the course of the last 15 years, USDA has tried to reduce, consolidate and upgrade its networks, its web services and other facets of its technology infrastructure. But agency chief information officers have found only limited success.

Gary Washington, the chief information officer at the Agriculture Department said he has so much faith in the Centers of Excellence approach to IT modernization that this time has to be different.

“There is an extraordinary amount of support and commitment. The employees see that. The team here at [General Services Administration] sees that. The team here USDA sees that,” Washington said in an interview with Federal News Network. “I think probably in the past we’ve talked a lot about modernization, but I think there is a very strong commitment to modernization. Whether it is the technology itself, the policy or funding, the relationship between GSA and OMB has been phenomenal for USDA. At every level you can actually see there is a team effort to make it successful.”

It’s also more than just a commitment to change. If you look back at what previous USDA CIOs have said, whether it was Jonathan Alboum or Cheryl Cook or Chris Smith, the pledge to move to better technology and services has been a traditional talking point. In fact in 2011, then Secretary Tom Vilsack approved a report detailing 379 recommendations for improving agency operations and saving administrative money to reinvest into citizen services.

And each CIO made some progress. Smith took USDA’s email to the cloud becoming an early adopter in 2010.

Cook consolidated tier one help desk services in 2014.

During his tenure, Alboum developed a cloud strategy and reduced duplicative software by reworking its email archiving contract and consolidating the contract for the agency’s emergency notification system subscription service and saved or avoided spending $9 million.

58 percent of USDA’s IT projects on schedule

Despite all of these efforts, USDA continued to struggle with modernization efforts. The Federal IT Dashboard says only 58 percent of all agency projects are on schedule, while 70 percent are on  budget. The IT Dashboard in 2017 reported USDA is spending about 80 percent of its IT budget on legacy IT and the remaining 20 percent on either development, modernization or enhancement, or provisioned services. Data for 2018 is not yet available.

Washington said USDA, OMB and other agencies know what the challenges are so it’s time to find a solution.

“This is modernization on a massive scale. It’s challenging, it’s hard, but it’s fun and I think, we as a government, will benefit from this,” he said.

While fun may not be the word most CIOs would use for an IT modernization initiative, Washington clearly understands all eyes are on USDA.

That started with the Phase 1 of the Centers of Excellence initiative, which focused on developing an updated view of the current state of USDA, a transition plan to the new technology infrastructure and services and a cost-benefit analysis.

And recently, GSA and USDA recently made contract awards under Phase 2 of the CoE effort that will implement the recommendations made under Phase 1.

USDA picked 12 companies across all five CoEs, including 10 firms to provide cloud adoption and infrastructure optimization services. Additionally, USDA awarded a contract to run its Business Modernization Office Support Services contract.

“Over the next 12-to-18 months we be implementing modern solutions in those five CoEs,” Washington said. “Some of the activities we have already started implementing. Some of the quick wins will be the closure of our data centers. We were slotted to close 39 and we’ve closed 21 of the 39 already. In the data analytics CoE, we’ve rolled out a dashboard on our administrative areas across the department. In the next fiscal year, we will be focusing on program data and putting program data in the dashboard so executives and managers can make informed decisions on the same data. We will continue to improve on Farmers.gov to make the customer experience better for our farmers in the field, and we have some other functional areas we plan to address as well.”

Washington said he expects the new vendor partners to hit the ground running as they begin arriving in the agency anywhere between Oct. 11 and Oct. 18 —unless there is a bid protest on the awards, which wouldn’t at all be surprising.

“We don’t have a lot of time and this is an aggressive schedule. We already have defined goals in mind that have been laid out in an approach,” he said. “The vendors have already been made aware that they have to come in here and it’s going to be an intense pace.”

CoEs to rely on agile development

That pace and the expectations of the vendors and CoE teams making change quickly is another big difference. Unlike many federal IT programs, the pace tends to be slower and there is more discovery over the initial 30 days.

“This pace makes people focus on why we are here to conduct business properly,” he said. “In this environment, in Phase 1 and Phase 2, the goal posts has been set and you have to meet your marks. People are really focused on making sure we implement these solutions, they work and they provide value to our customers and citizens, and to the USDA employees. There is not a lot of wiggle room to sit down and analyze things forever. It makes you think about what you are doing very quickly and rolling things out in an expedient manner.”

Washington said Agriculture is leaning on the agile or iterative methodology particularly through the customer experience CoE, to roll out functionality in short time frames.

“We measure success on a monthly basis, however, we meet weekly to discuss where we are. We have defined metrics going into this. We know what we want to achieve, and we manage toward those goals and performance metrics,” he said. “We already know what we want to look like and where we want to go, now it’s just about getting there and take the steps to realize those goals.”

Another way this IT modernization effort is different than previous attempts is the oversight and attention senior leadership at the agency and in the White House is paying to the CoE initiative. This is especially true considering the centers of excellence is a Trump administration invention.

“I have a weekly meeting with the CoE management team. I meet with my deputy secretary on a biweekly basis. I meet with the secretary once a month,” Washington said. “We meet with the Office of American Innovation and we brief them monthly on where we are on the milestones, what we are implementing and does it bring value. We have a steering committee.”

40 percent of USDA’s apps ready for the cloud

Even with the oversight, Washington knows quite well that any IT modernization effort is really all about change management.

He said getting the mission and program offices to understand and accept the new ways of doing business, which includes moving applications and systems to the cloud.

“We have identified systems and applications that we are going to move, and have partnered with our business folks. Beyond that, we have to be in lock-steps with any larger migrations because there is a capacity part of this too. I don’t see cloud being a problem. We have a plan moving forward.”

Washington said about 40 percent of all systems and applications are ready to move the cloud today, while for the remaining 60 percent, USDA needs to decide if they are duplicative, necessary or what would it take to modernize them.

Washington said the ultimate goal is for USDA to deliver digital services that is driven by data and rides on a modern infrastructure that includes commercial cloud and internal cloud providers.

It seems USDA has all the internal and external pieces in place to finally make major changes to the direction of its technology systems and services. There are a lot of eyes in other agencies, across the administration, in industry and on Capitol Hill watching closely making the pressure to succeed even higher. Let’s hope Washington and the team of CoEs are up to it.

Read more of the Reporter’s Notebook