The use of Other Transaction Authority (OTA) may be getting a lot of attention across the federal community as a way to address the shortcomings of the Federal Acquisition Regulations, but the Veterans Affairs Department may have found a better way that doesn’t raise as many red flags.

VA is one of the first agencies to use the concept of microconsulting to help develop apps.

The department announced a beta platform called Lighthouse Lab for developers to access “tools for creating mobile and web applications that will help Veterans better manage their care, services and benefits.”

VA said the agency plans on developing Lighthouse through a series of small contracts, less than $10,000, which is the current micro-purchase threshold.

As part of the final 2018 Defense Authorization bill, Congress raised the micro-purchase threshold to $10,000, and the Civilian Agency Acquisition Council issued a FAR deviation on Feb. 22 to enable agencies to begin buying at the higher level.

Chris Cairns, a partner at Skylight Digital, and a former Presidential Innovation Fellow and co-founder of the 18F digital services group at the General Services Administration, said this concept of micro-consulting, which Skylight Digital provides to agencies, is growing across the government and private sector.

“With my experience at 18F, we had a lot of clients with different needs, and we couldn’t serve all of them because of the small dollar value, we needed interagency agreements and agencies couldn’t use their credit cards with us, and it was just unwieldy after a while,” Cairns said in an interview. “But there were some case where clients had specific needs that if you just focused on supporting them for a few days or weeks, especially acquisition projects in the pre-award stage where the agency was thinking about crafting the solicitation, it would greatly increase the probability of success. Sometimes clients just need targeted advice. This is a model in general is not something the government uses often.”

Cairns said the increase in the micro-purchase threshold gives agencies a new opportunity to make a bigger impact on its acquisition planning without a huge investment.

“If you are a new vendor in this government space trying to break into the market, this is a great model to get exposure for you and the government,” he said. “You can readily start interacting with government and they can try before they buy.”

This is exactly the same thought process behind OTAs, but the risk with micro-consulting is much less and, as Cairns said, the rules around the micro-purchase threshold are well understood whereas with OTAs, they are not.

Take VA, for example. It plans on starting with an initial user group to help test application programming interfaces (APIs), build out documentation, development governance standards and test developer supported workflows.

“Lighthouse’s architecture supports VA’s move toward adopting commercial off-the-shelf (COTS) products and innovative acquisition approaches, such as micro-purchasing agreements with a $3,500 threshold for technology solutions that can be rapidly deployed to Veterans,” the VA said in a release.

Cairns said this approach presents a much lower risk, and there is plenty of well-established regulations and understanding of how the micro-purchase threshold works in government.

“This is a safer approach to experimenting and getting to different types of providers,” he said. “VA probably has specific use cases in mind that are consumer oriented and targeted to the veteran audience.”

On the Lighthouse Lab Github page, VA says the platform is about bringing revolutionary changes to veterans’ healthcare.

“We need even smarter communication tools, information systems, patient-facing applications and predictive analytics. We also need to foster a culture and environment that attracts inventive companies and developers that can build even better solutions going forward. This kind of innovative ecosystem requires a digital platform strategy leveraging open application programming interfaces (APIs) to fully support healthcare interoperability and the next generation of care for Veterans,” the agency stated. “The central nervous system to VA’s digital transformation strategy is leveraging a strategic open API program called Lighthouse that adopts an outside-in, value-to-business driven approach to create API’s that are managed as products to be consumed by developers internal and external to VA. Such an approach serves as a change catalyst that will allow VA to decouple systems and continue to leverage its investment in various digital assets, support application rationalization and allow it to absorb new, commercial software-as-a-solution (SaaS) to replace homegrown, outdated systems. This strategy calls for a clearly defined operating model for managing the complete life cycle of API’s and will include the planning, design, implementation, publication, maintenance, and retirement of APIs as well the operation of the API Gateway platform on a VA private cloud.”

VA Secretary David Shulkin took this commitment to open APIs even further on Friday by pledging that the agency “will provide API access to developers for Veteran-designated mobile and web-based apps, clinician-designated applications for those who serve them and Choice Act partners responsible for coordinating their care via ‘bulk’ access.”

In the past, VA maintained closed systems, which made it more difficult to bring in new technologies.

By setting up Lighthouse Lab, VA said its following industry best practices through a flexible and reusable framework.

“This will provide our organization with a foundation where resources can come together — sometimes very quickly and temporarily, sometimes in a relatively fixed way — to create value. Some resources may be inside, permanently owned by the organization; some will be shared; and some can come from outside. The value largely comes from connecting the resources, and the network effects between them,” VA stated. “We will also be able to effectively shift technology development to commercial electronic health record (EHR) and administrative systems vendors that can integrate modular components into the enterprise through open API’s. This will allow VA to leverage these capabilities to adopt more efficient and effective care management processes while fostering an interoperable, active, and innovative ecosystem of solutions and services through its open API framework. This will enable the next generation of healthy living and care models that are more precise, personalized, outcome-based, evidence-based, tiered and connected across the continuum of care regardless of where and how care is delivered. This API-enabled, open and accessible platform can be used not only for veterans’ care but also for advanced knowledge sharing, clinical decision support, technical expertise, and process interoperability with organizations throughout the U.S. care delivery system.”

VA is holding a lot of hope in the promise of open APIs through Lighthouse Lab, and at least if they use the micro-consulting approach, it is keeping its risk low and potential reward high.

Read more of the Reporter’s Notebook.

Subscribe to Federal Drive’s daily audio interviews on Apple Podcasts or PodcastOne.

Agriculture Department chief information security officer Chris Lowe is shutting the door on more than 400 social media sites after repeated instances of employees and contractors watching pornography on agency computers.

Lowe sent a memo to staff detailing the sites to be blocked, which include popular sites such as Facebook, Snapchat and What’sApp as well as dozens of incomprehensible URLs.

“In response to a Management Alert Memo from the Office of the Inspector General (OIG) regarding the “Misuse of the U.S. Department of Agriculture’s Information Technology Networks”, the Office of the Chief Information Officer (OCIO) will be implementing a block on social media websites not related to official Department communications or business on March 7th, 2018,” Lowe said in the Feb. 23 email message to staff obtained by Federal News Radio. “The websites that are included in this block are attached to this message and should be reviewed to ensure official USDA business and communications is not impacted.  We have worked with the Office of Communications to ensure this list does not conflict with official USDA channels of communication, however, we ask that you review to check for impact to your mission areas and agencies.”

This might be one of Lowe’s last acts as CISO. Multiple sources confirm Lowe will be reassigned to another position in the department, making him the third high-ranking USDA technology executive to be moved out of his position over the last seven months.

Multiple LinkedIn messages and an email to Lowe seeking comment were not returned.

Multiple emails to USDA press asking for confirmation on changes to Lowe’s job were not answered.

Sources say Lowe, who has been USDA CIO since 2012, will be a cyber security officer for the new bureau of Research, Education and Economics (REE).

Additionally, sources say Tacy Summersett, the deputy CISO,  will be the acting CISO.

Lowe’s reassignment along with those of former USDA CIO Jonathan Alboum and deputy CIO Doug Nash would mean a total house cleaning of the agency’s top IT officials. Alboum spent six months as USDA’s deputy senior procurement executive before leaving for the private sector firm, Vertias. Nash moved to the Agriculture Marketing Service as its CIO,

USDA named Gary Washington as its permanent CIO in February.

In addition to Lowe, sources say Ray Coleman, who was chosen to lead the National IT Center earlier this year, is leaving for new job in the Defense Department. Details about what Coleman will be doing or where in the DoD he landed are unclear. A LinkedIn email to Coleman was not returned.

Sources say Victoria Turley will be the acting head of NITC after Coleman leaves.

So as USDA’s leadership shuffles the CIO’s office it has to deal with what seems to be a growing problem of inappropriate website usage.

Sources say there is no connection between this management alert and the response, and Lowe’s reassignment.

USDA’s inspector general issued a management report on Sept. 29 saying the Agriculture Security Operations Center (ASOC), which Lowe set up, has seen a “significant increase in the number of referrals of potentially unlawful and/or inappropriate network traffic (i.e. employee misconduct). The majority of referrals involve some type of pornography (i.e. USDA employee or contracting viewing and/or sharing unlawful or otherwise inappropriate pornographic content using their government-issued computers or other communications devices.”

An OIG spokesman confirmed Lowe’s memo from Feb. 23 is fulfilling the September management alert.

The spokesman said the OIG sees the rationale for listing the sites and that the agency is open to discussing any potential changes if needed for official activities.

“USDA continues to actively work to ensure appropriate usage of government resources as part of meeting Secretary Perdue’s commitment to making USDA the most efficient, most effective, best managed department in the federal government,” a USDA spokesman said in an email to Federal News Radio.

The IG says since 2015, the security operations center referred 225 cases of inappropriate usage to its office.

Concerns about USDA employees visiting pornography websites garnered the attention of Congress, which included a provision in the fiscal 2017 Consolidated Appropriations Act saying the agency had to block the ability of employees to view, download or exchange pornography in order to spend any funding on the IT infrastructure.

“We note that in October 2016, USDA installed the Department of Homeland Security’s EINSTEIN 3A software,” the OIG wrote in the alert. “The software has in-line network-based cyber security monitoring tools to protect USDA’s data and systems. It does not appear, however, to be effectively blocking access to these prohibited websites. Since October 2016, USDA OIG has received 81 referrals from the ASOC of potentially improper usage.”

It’s unclear from the memo why it took USDA five months to block these sites. As one federal security professional told me, why not just block them and don’t tell anyone about it? The expert said it seems odd to send out a memo alerting staff of the changes.

Unfortunately, USDA is not the first, nor will be the last agency, to find its employees looking at pornography during the work day or on federal equipment.

For each of the last three sessions of Congress, Rep. Mark Meadows (R-N.C.) introduced a bill to require OMB to issue guidelines that prohibit accessing a pornographic or other explicit website from a federal computer, except for investigative purposes. The current bill has moved out of committee.

USDA has been struggling with its cyber posture for some time.

The IG found in its 2017 Federal Information Security Management Report to Congress that cybersecurity remains a material weakness at USDA.

“[W]e found that the department’s maturity level for the five function areas (identify, protect, detect, respond and recover) to be at Level 2, “Defined.” Based on these criteria, the department’s overall score would indicate an ineffective cybersecurity program,” the IG stated in the report. “The department needs to implement its controls and determine that they are operating as intended and are producing the desired outcome.

Read more of the Reporter’s Notebook.

The White House remains hopeful that the appropriators will heed its request and open up its wallet to fund the Technology Modernization Fund.

The Trump administration asked for $228 million for fiscal 2018 for a central fund to help push IT modernization projects over the top. That sliver of hope remains because of the copious number of continuing resolutions that are piling up.

Nowhere is that optimism more apparent than in the Office of Management and Budget’s new memo detailing how agencies should apply for that central fund, and the interagency board will oversee those proposals, and how the agency-wide working capital fund (WCF) will work. Both were authorized in the Modernizing Government Technology (MGT) Act, passed by Congress as part of the 2018 Defense authorization bill.

“A thoughtful IT modernization strategy prioritizes projects based on impact and probability of success. Impact can be measured by effect on users, risk reduction, opportunity enablement, and common solutions. Probability of success can be measured by team and project strategy strength,” OMB Director Mick Mulvaney writes in the Feb. 27 memo. “Agencies submitting Initial Project Proposals are encouraged (though not required) to address these considerations, including citing or attaching evidence that their project meets any applicable considerations. Agency project sponsors should also be able to address these issues as part of the evaluation process, should a project merit additional examination by the board.”

The real meat of the MGT Act is the individual working capital funds each agency can set up to “bank” money to put toward future modernization efforts.

Agencies have until March 27 to tell OMB whether they will set up internal working capital funds. If they decide not to immediately but later on choose to, they have to give OMB 30-days notice.

Meanwhile, OMB set up the interagency board on March 1 that will review agency proposals.

Suzette Kent, the Federal CIO, will be the chairwoman of the board. It will also include Alan Thomas, the commissioner of the Federal Acquisition Service at the General Service Administration; Mark Knidienger, director of the Federal Network Resilience division in the Department of Homeland Security; Matt Cutts, acting administrator of the U.S. Digital Service; Rajive Mathur, the Social Security Administration’s CIO; Maria Roat, the Small Business Administration’s CIO; and Charles Worthington, the chief technology officer at the Department of Veterans Affairs.

Former federal IT executives praised OMB for writing fairly clear and straight forward guidelines.

At the same time, these experienced CIOs and technology experts say there are several things agencies should keep in mind as they start to go down this path.

“I’m pleased how they are hitting the ground running with the quick issuance of the guidance that gives a detailed roadmap. It shows the level of commitment and seriousness of OMB to make the MGT Act a useful and viable tool,” said Rich Beutel, president of Cyrrus Analytics and a former House staff member, who helped shepherd the Federal IT Acquisition Reform (FITARA) Act into law. “I hope CIO will leverage the MGT Act fully and to their advantage. Those who pooh-pooh the MGT Act are doing a disservice to their agency and should give it a chance. This isn’t going to happen overnight, especially the working capital funds. They will take two years before they can populate those WCFs with enough money.”

Beutel said the key to the WCFs is ensuring agencies have the broad operational flexibility needed to deploy the funds saved or found to modernize IT.

And that operational flexibility is even more important when you consider how long modernization efforts can take.

John Owens, the former CIO at the U.S. Patent and Trademark Office and now vice president of solution development group at CGI, said he worked for a decade in government and left his replacement with plenty of work to do.

Additionally, he said because agencies are not good at forecasting savings three-or-five years down the road, coming up with money to replace major systems more difficult than they realize.

Owens said the answer is to use more private sector best practices by embracing cloud services and cutting off funding to legacy systems.

Operational flexibility also is the reason why Jonathan Alboum, the former Agriculture Department CIO and now chief technology officer of U.S. public sector for Veritas Technologies LLC, said agencies have to connect the data to the modernization efforts.

“Agencies will want to have quick access to data to drive decision-making, especially when it moves to a public cloud or a software -as-a-service environment. They have to have a plan for how it will be protected or integrated with data from other systems in multiple locations,” he said. “I think it’s important that this guidance helps agencies to digitally transform successfully. If you have a mature organization that is focused on advanced topics like workload migrations and data protection in the cloud, they are going to have very different needs than an organization that is still largely working in an on-premise data center with many legacy systems. The guidance needs to speak to both and provide support to the less mature organization to get started with IT modernization.”

Dave McClure, the former associate administrator for Citizen Services and Innovative Technologies at GSA and now the principal director of CIO Advisory Services at Accenture, said agencies will need to be clear and concise when submitting business cases to the board.

“The TMF comes with regular reporting and lots of milestones. I would expect these things to be run in an agile way so you may get funding monthly or quarterly based on the outcomes you’ve achieved,” he said. “It’s an interesting world for IT projects, and probably will create some turmoil if projects go through the CR process.”

Charlie Armstrong, the former CIO at the U.S. Customs and Border Protection directorate at DHS and now CEO of Globe2Delta, added to what McClure said by suggesting CIOs understand it’s not just the board who will add more requirements to obtaining money from the central fund, but the parent agency also is likely to come up with a set of requirements.

“We can anticipate next will come departmental policy on the review and approval for sub agencies,” he said. “Most cabinet level departments will want to rack and stack requests before they go forward to OMB for consideration.  By doing so, departments will be able to apply portfolio management to consolidate requests and to apply enterprise services (replace several systems across the department with one).”

He said this is why CIOs should ensure their plans align not just with mission priorities, but those outlined by the CFO and other senior leaders in strategic plans.

“Agencies should seek input from industry on options going forward to presenting a plan. A good alternatives analysis will go a long way to strengthen the plan,” Armstrong said.

McClure said CIOs who use the working capital fund to modernize should keep in mind how to define cost avoidance versus cost savings.

“The memo makes reference to the difference between the two and sites guidance,” he said. “I did find it odd that there wasn’t a lot in memo about cost estimation guidelines or approaches that OMB or the board expected to be used. The memo makes reference GAO’s cost estimation process so maybe GAO’s process will be adopted. But cost estimation is something that can slow the entire process down by creating more paperwork and analysis to get needed funding. There is not absolute agreement or lot of confusion that rains over the real difference between the two. It’s an area where the board will learn and clarify things to get it done in a competent way.”

Of course, the central fund remains a wish as appropriators haven’t been fully convinced of its need.

Beutel said appropriators also have to understand that putting unreasonable restrictions on how agencies reprogram funds would make IT modernization more difficult.

McClure added this effort isn’t dependent on the central fund, but rather how agencies take advantage of all the new tools in front of them.

“The measure of success for this whole approach is whether projects result in lower costs, better services to citizens and businesses and improved services of government as a whole. It also matters if agency cyber postures  are improved too by replacing legacy systems. Those are outcomes that need to be focused on,” he said.

Read more of the Reporter’s Notebook.

Too often over the last year or so, this space has been taken up with a story about another federal technology or acquisition executive leaving. So it’s nice when there’s a story about a federal IT executive moving up to better things.

Todd Simpson, the Food and Drug Administration’s forward thinking and turnaround specialist chief information officer, is taking a new job at the Department of Health and Human Services.

Simpson starts March 5 as the HHS’s new chief product officer.

Beth Killoran, the HHS CIO, said this type of CPO will be in charge of building new technology for the mission areas.

“This is part of how we are restructuring the CIO’s office,” Killoran said at a panel discussion at Federal News Radio’s offices on March 1 sponsored by Okta. “It’s a pilot with the CPO role where Todd will be building micro services, using innovative technologies like artificial intelligence, robotics and other capabilities. How do we incorporate these technologies faster while making sure we are having some of these enterprise products built in from the ground up? Todd will take the great things he did at the FDA to the departmental level.”

Craig Taylor, the FDA’s chief information security officer, will be the acting CIO until the bureau names a new one.

Simpson turned around the FDA’s technology infrastructure. He put in foundational infrastructure services over the last 18 months, including implementing a cloud broker approach and setting up blanket purchase agreements (BPAs) to more easily buy infrastructure-, platform- and software-as-a-service from and begin the move to microservices.

Within a microservices architecture, organizations build apps that are independently deployable, easy to replace, often times organized around specific capabilities, can be implemented using different programming languages and build using automated processes.

Simpson also addressed long-standing cyber issues at FDA. He closed down almost every major cybersecurity vulnerability detailed by the agency’s inspector general, upgrading 62 firewalls in the process and adding cyber automation tools as part of the move to the continuous diagnostics and mitigation (CDM) program.

The piece that ties all of these efforts together for the FDA and why moving to the bigger job within HHS is an important step is Simpson figured out how to begin to pay for these changes.

Simpson has been maturing a charge-back model for IT services for the mission areas. The idea of understanding what it costs for the CIO’s shop to provide services for the mission is intriguing, especially as the Trump administration is signaling a push for reducing spending on back-office and administrative functions.

Simpson said most CIO organizations “charge” a flat fee to all mission areas to pay for technology. But what happens many times is one mission area uses the technology, say 80 percent of the time, but is only playing 10 percent of the costs.

The move of Simpson to HHS headquarters is part of Killoran’s goal to promote innovation. She updated the department’s IT strategic plan in 2017 with a focus on governance, IT cost savings and avoidance, the Federal IT Acquisition Reform Act milestones and implementation and several other areas.

Give credit to Killoran for developing a new position for Simpson as too often when good employees find success at one part of an agency, they end up finding a new home somewhere else in or out of government.

Army , FBI faces changes in technology management

There were a couple of other notable personnel changes worth mentioning.

The Army’s CIO/G6 tweeted a congratulations to Dean Pfoltzer, who retired after 33 years of federal service.

Pfoltzer was the CIO/G-6 Director for Policy and Resources and CFO for the last five-plus years.

According to his LinkedIn page, Pfoltzer said he oversaw “major information technology (IT) policy, Armywide resourcing for $10.3 billion in IT programs, execution management of $800 million in enterprise level financial resources, implementation oversight of Armywide enterprise services, implementation of enterprise license agreements, and Armywide career field management of over 11,000 civilian IT professionals.”

He said he developed “business case logic for Army IT Management Reform and identification of savings with a goal of achieving $1.5 billion per year in savings. Efforts to date have achieved $340 million in savings per year. Built business cases and return on investment analysis underpinning Senior Army leader decisions to invest $420 million for network modernization above baseline budgets.”

During his career, Pfoltzer also worked for the Naval Air Systems Command, the Marines Corps headquarters and in the Office of the Secretary of Defense.

The FBI also appointed John Adams as the new executive assistant director for the Information and Technology Branch. Adams most recently served as the assistant director of the Directorate of Intelligence.

Adams, who started his new role in February, has been with the bureau since 1997, and has held several positions in the counterterrorism division.

The FBI says the IT Branch is composed of three divisions and about 1,800 government and contract employees. It oversees the divisions of IT enterprise services, IT applications and data and IT infrastructure.

The bureau’s website said the branch oversees the effort to modernize the FBI’s aging IT infrastructure.

Multiple emails to the FBI asking where Adams’ role fits in with the CIO’s responsibilities were not answered. Wikiapedia says this role used to the assistant director and CIO, but the FBI split the two positions when it named current CIO Gordon Bitko in April 2016.

Adams likely will work with Bitko to help move the FBI to the cloud. The bureau issued a request for information in February seeking answers from vendors around five broad areas. The FBI is interested in moving to infrastructure, platform and software-as-a-service so it wants details about data center solutions, physical and access security approaches and services to host third party apps across multiple operating systems. Responses to the RFI were due March 2.

Read more of the Reporter’s Notebook.

For the most part, agencies have released few details about how they are reforming and reorganizing as required under President Donald Trump’s April memo.

With the exception of the Agriculture and Interior departments, nearly every other agency has kept the details under wraps. And the plans from USDA and Interior have been disconcerting at best.

The Department of Health and Human Services, however, may just be bucking both of the trends when it comes to reorganization. The department launched ReImagine HHS in May 2017 and seems to be hitting many of the right notes by including career employees and giving them ownership of the process.

“From the outset, HHS leadership has engaged our workforce in this endeavor. In May 2017, over 150 senior level career members of the department came together, serving on workgroups to discuss specific ideas for how HHS might improve its ability to serve the American people,” said an HHS spokesman in an email to Federal News Radio. “Additionally, HHS employees have been encouraged to submit ideas and comments through other channels as well, generating thousands of ideas and pieces of feedback.”

This is not to say HHS’ efforts are perfect by any means, or these efforts don’t come with some questionable decisions. But the difference on the surface is HHS seems to be doing the changes with employees, and not to employees like what seems to be happening at USDA and Interior.

The spokesman added ReImagine HHS is organized around six strategic shifts, informed by the work of the workgroups in May, including:

• Leveraging the power of data to implement a better data governance structure to enable accessible, integrated data as an enterprise asset that drives insight and action.
• Restoring market forces to empower partners and catalyze activities of all stakeholders to obtain better end results.
• Putting people at the center of HHS programs to shift investments toward integrated health and human services, expanding tools available for coordinated, holistic, consumer-centered service designs, and to provide opportunities for choice and streamlined engagement across cross-disciplinary programs.
• Turning HHS into a more innovative and responsive organization by driving organizational transformation, including revolutionizing the agency’s technology and creating new resource deployment and innovative models that reward collaboration.
• Generating efficiencies through streamlined processes by simplifying and enhancing acquisitions, grants management and the appropriations process to lead to smarter spending and better health outcomes.
• Moving to a 21^st century workforce to create best-in-class human capital management policies and programs to recruit, retain and develop high-performing leaders and business service providers.

“Under the six strategic shifts are 10 initiatives, each led by a career staffer,” the spokesman said. “The initiatives are in the process of building teams and researching their tasks. In some cases, the initiative teams are beginning pilot projects, including, under an initiative to examine the acquisitions process, two integrated product teams (IPTs).”

The evidence that HHS seems to be heading down a more inclusive and accepted reorganization path comes from one of those pilots.

Andrea Brandon, the deputy assistant secretary for HHS Office of Grants and Acquisition Policy and Accountability, said a cross-agency group is looking at artificial intelligence, blockchain and robotics as ways to make grant and acquisition processes more effective and efficient.

“For the grants process, we are just kicking off. We still are looking to see what parts of the business process lifecycle we might want to innovate,” Brandon said at the recent Association of Government Accounts Federal Systems Summit in Washington, D.C. “On the acquisition side, they are a little bit more farther advanced with the pilots. Several of the pilots have actually already finished and gone to the advisory committee to make recommendations. The recommendations to date have been to extend the pilots and widen the actual transaction field they are looking at and running through the robotics and AI pilots.”

She said more operating divisions will take part in the pilot to give HHS a better sense of how the technology capabilities will work.

“We are very cohesively working together in a collaborative way and we work diligently on the integrated product teams,” Brandon said. “My office is here to make sure we adhere to any compliance to any regulatory processes that we need to make sure as we are reimagining or reinventing a particular process we don’t break any internal controls. It’s very collaborative. We meet and talk on a regular basis. The IPTs meet on a regular basis as well.”

HHS is using the Lean Six Sigma methodology to figure out where the opportunities are to eliminate, streamline and standards processes and data elements.

Then, the agency will consider where it can apply AI, robotics and other innovative technologies to reduce staff time, reduce staff or other efficiencies.

“We have a very open environment that is coming in from the secretary’s office so it is coming from top down,” Brandon said. “Then we have the buy-in coming in from the bottom up because they are at the operations level and they are on the teams. And then we have the program people who sometimes get left out so we have the grants officers, contracting officers, human resources, chief information officers, finance and the program people who are looking at spending the programmatic dollars. They usually aren’t at the table for things like this, but they are at the table. And it’s making it easier for change management processes.”

Brandon said grants especially need the benefit of new technologies as HHS still uses too many manual processes that include spreadsheets and word processing documents.

“I don’t see us losing people right away, but maybe 10 years down the road once we get all of this technology where it needs to be,” she said. “We are looking for work stream and infrastructure changes first.”

It’s those kinds of changes that will have the biggest impact from both an employee morale and overall budget perspective.

Subscribe to Federal Drive’s daily audio interviews on Apple Podcasts or PodcastOne.

This summer will be three years since the massive breach of the personal data of federal employees and retirees at the Office of Personnel Management, and the status of the new technology and processes for federal background investigations is unknown.

What we do know is the Defense Information Systems Agency issued a request for information in September explaining its goal of reaching initial operating capability by September 2018 and full operational capability by September 2019.

But since that RFI, the actual work went into the blackhole of contracting known from here on out as Other Transaction Authority (OTA).

DISA decided to use an OTA to buy an “innovative” case management solution to vet individual’s trustworthiness and ensure they remain trustworthy during the person’s relationship with the government for the new National Background Investigation Services (NBIS).

After the OPM breach, the Obama administration decided that the Defense Department would oversee the IT modernization effort. Since then, Congress mandated DoD take back the process to investigate its employees and contractors.

But since all agencies will use the new NBIS technology, DISA continues to lead the modernization effort. To get there, DISA used the U.S. Army’s Armament Research, Development, and Engineering Center’s (ARDEC) Consortium for Command, Control and Communications in Cyberspace (C5) to run the OTA through.

“We’ve received whitepapers and they are being analyzed as we speak,” said Tony Montemarano, DISA’s executive deputy director at a recent AFCEA DC event.  “It will only have that as a contract action. The rest of it will be existing contracts. We are exploiting the current capabilities Defense Manpower Data Center (DMDC) has deployed. It’s not a major new development.”

Montemarano said DISA realized as it was planning the new NBIS that many of the technology capabilities it needed existed inside the DoD infrastructure.

“We are in the downselect mode as we speak,” he said. “We are looking at operational releases starting in late spring or early summer that will provide meaningful capabilities.”

DISA and whichever contractor or team of contractors eventually wins the OTA prototype competition will be under additional pressure as the Government Accountability Office recently added security clearances to its High-Risk List.

“Our objective for the High-Risk List is to bring attention to policymakers of the need for action sooner, rather than later,” Comptroller General Gene Dodaro said in a statement back in January. “Renewed and strong top leadership commitment will be critical to facilitate progress in reducing the backlog and completing key improvements to the personnel security clearance process.”

The real issue here isn’t so much the one contract or the fact that NBIS remains nine months from IOC despite the OPM breach reaching the three-year anniversary.

The bigger problem is the use of the OTA for these services. Other Transactional Authority is becoming quite popular within DoD and now it’s quickly moving into the civilian market.

OTAs are an approach to acquisition outside the normal requirements of the Federal Acquisition Regulations (FAR). The goal is to find innovative companies who may not normally do business with the government and use a more “commercial-like” acquisition process to reach them.

OTAs are supposed to be for prototypes and similar research and development work. Contracts and awards cannot be protested to GAO or the Court of Federal Claims.

Vendors create groups or consortia to bid on OTAs. The consortia requires memberships so there is a fee and an application process to join.

Take the C5 consortia “bidding” on the NBIS case management system, there are more than 500 companies, including every major vendor from Amazon to VMWare to Accenture to Esri and many small ones in between.

So much for the need to attract non-traditional companies?

Along with DoD, the Federal Aviation Administration, the National Institutes of Health, NASA and several other agencies are dipping their toes into the OTA pool.

Congress gave DoD the ability to use OTAs in 1994, but in 2016 lawmakers expanded the Pentagon’s authority to quickly move into follow-on production transactions without the need to go through a traditional contracting action.

So to sum up, OTAs are outside the FAR process, cannot be protested and DoD can do follow-on actions with little or no oversight or public transparency.  What’s wrong with this picture?

Bloomberg Government looked at spending data around the use of OTAs and found spending across government through this process more than doubled in the past five years, to $2.3 billion in fiscal 2017 from $1 billion in 2012. Bloomberg found DoD’s use of OTAs grew from $695 million to $2.1 billion between 2015 and 2017 — and after Congress made the change to the law letting the military quickly move from prototype to production.

In fact, DoD recently awarded a contract for cloud support services that has a ceiling of $950 million through an OTA.

Bloomberg says the three vendors who have won the most work through OTAs are Analytic Services Inc. (ANSER), Boeing, and Space Exploration Technologies Corp. (SpaceX). But ANSER has won three times more than the second ranked contractor over the last five years.

“That’s because ANSER manages 10 consortia. Consortia are business focused contracts where the winner manages the administrative requirements that come with OTAs, including ensuring that nontraditional defense contractors, small-business participants, and nongovernmental funds are included in each contract,” Bloomberg Government reports.

OTAs are becoming so popular that Bloomberg found 19 consortia that already exist or are under development.

Montemarano said DISA likes the flexibility and timeliness of the OTA versus the using the FAR process, which is much more rigid.

“Our processes in the past were somewhat restrictive and what has happened, and forgive me for this comment, but the fact is with the wonderful world of protesting, everybody is dotting every ‘i’ and crossing every ‘t’ so it makes the process much more rigid,” he said. “The people that are actually running the process are very, very careful about what they are doing. With OTAs, we are still careful but there is more flexibility and not so much rigidity, and it is not protestable.”

And while few will argue with Montemarano’s candid observation of the federal procurement system, the answer to that challenge many in DoD and now civilian agencies are receiving from Congress is to go around, and not fix the acquisition process.

OTAs are a tool that have been around for a long time and is valuable. But now with the growth of their popularity, is the time for the acquisition community, maybe even the Office of Federal Procurement Policy — once an administrator is in place — to consider issuing guidance before we have one of those “$750 toilet seats” or $500 hammer” incidents.

The federal community often talks about the need for more innovation. Acquisition professionals are encouraged at conferences and on Capitol Hill to take “smart risks” as they figure out how best to meet agency mission needs.

The reality is there is a lot of talk and not enough action. That’s no surprise. This risk adverse nature of federal contracting has led the Defense Department and now several other civilian agencies to go outside the normal Federal Acquisition Regulations procedures and use Other Transactional Authority — See this notebook item about why you should be paying close attention to OTAs.

The one way innovation does break through the federal acquisition morass is through leadership. I know it sounds trite to say that, but the evidence at places like the Homeland Security Department, the General Services Administration and even the IRS is striking.

DHS’ Procurement Innovation Lab (PIL) may be the most well-known and revolutionary acquisition approach.

Eric Cho, the Acquisition Innovation Advocate in the PIL within the Office of the Chief Procurement Officer at DHS, said the first step was to address the risk-adverse culture. The PIL conducted a survey and found 70 percent of the people said they aren’t innovating because of fear and culture resistance within their own offices.

“We intentionally chose to take these lower, more grassroot approach to empower these local teams and people and then support them and give them protection so they can make good procurement decisions, so that their lessons learned can be shared across the community. That was our intentional decision,” Cho said at the ACT-IAC Reverse Industry day event on Feb. 21 in Washington, D.C. “We need to find ways to overcome that barrier and slowly, but profoundly change the culture within the procurement community so it can become long-lasting changes.”

The data seems to show innovation evolution is occurring through DHS.

First off, the PIL has awarded 18 procurement projects and currently has 21 more underway.

Polly Hall, the strategy and planning lead for the PIL, said the goal with all of these initiatives is to reduce the time to award so they can deliver mission capabilities sooner.

Hall pointed to two recent examples that show how DHS is trying to meet these goals.

The first is a procurement for a new service management tool, which handles workflow requests such as those that go to an IT helpdesk. DHS wanted to migrate multiple instances from its data center to one software tool in the cloud.

DHS awarded a $58 million contract to Deloitte last summer using a two-phased approach in 42 days. Hall said the agency estimates it saved $13 million as compared to the government’s internal cost analysis.

Hall said phase 1 was a self-certification based on technical evaluation factors, and then phase 2 was interactive oral presentations that lasted 30 minutes.

The second example is for services to modernize DHS’ financial systems.

Hall said the PIL used the Eagle 2 contract. Again, the PIL used a two-phased acquisition that included the self-evaluation and on-the-spot oral presentation model.

She said the entire process from RFP to award took 57 days. DHS hired IBM under an $82 million deal. Again, the PIL helped cut tens of millions off of the government estimate with IBM’s bid coming in $45 million less than expected.

“What was really important here is that they took the evaluation process, streamlined it and required a very collaborative team based approach. They met daily in person,” Hall said. “The contracting officer said the streamlined process was tremendously valuable. She was able to learn from that, it gave her insight for how to accomplish this for future procurements.”

Hall added the contracting officer said the team-based engagement, consensus documentation done in real time with the contracting officer, legal and technical evaluators in the same room “was secret sauce for this procurement.”

Moreover, the PIL’s efforts, which includes 36 webinars over the last two years including one recently that had 700 attendees, aren’t just happening in a silo.

Cho said the PIL created an internal to DHS Acquisition Innovation Advocate (AIA) council to further train the trainers. The council includes acquisition advocates from all the components, who then can bring back best practices or lessons learned, and maybe most importantly, drive innovative concepts down to the contracting levels.

“We measure our progress quantitatively and qualitatively,” Cho said. “Quantitatively, we are measuring time to award and whether we decrease the time while also getting better competition. Qualitatively, it’s more nuanced. We are looking at customer satisfaction, particularly after the award is made so is the solution meeting the mission a year or more later.”

The federal AIA Council, run by the Office of Federal Procurement Policy, also is driving these concepts on a broader scale.

Cho said it’s a forum for agencies to come together, share best practices and solutions as well as case studies.

Matt Blum, the associate administrator for OFPP, said more details about the role the AIA Council can play to promote innovation will come from the administration’s management agenda, which it expects to release more details about in March.

OFPP encouraged agencies to name an AIA in March 2016 as part of its effort to generate more innovations in the acquisition community.

“It was critically important to have support structure for the AIAs and a way for them to interface with OFPP,” he said. “The council meets usually monthly.”

Blum said OFPP also wants to reinvigorate the Acquisition 360 reviews. In the semi-annual regulatory agenda published Jan. 12, the FAR Council said it will issue an advanced notice of proposed rulemaking in April.

OFPP published a memo in March 2015 encouraging agencies to seek customer feedback from contractors and internal stakeholders on how well the contracting process went for specific procurements.

Blum also said OFPP, GSA and the Office of Personnel Management are reinvigorating an initiative called Open Opportunities. The site, first developed by GSA for digital services expertise and now is housed by OPM, lets agencies ask for help from acquisition experts for a short period of time.

“Instead of these experts going on a detail for six months, maybe they can coach a team for a few days,” he said. “The goal is to build the bandwidth by developing talent in the agencies.”

As DHS is experiencing, the only way to change the culture is to start small and prove its value, and then build the talent. Let’s hope OFPP’s actions match its words.

Subscribe to Federal Drive’s daily audio interviews on Apple Podcasts or PodcastOne.

The ongoing saga between the government and Kaspersky Lab took a series of turns over the last few weeks, casting doubt about whether the executive and legislative branch bans will hold up.

Kaspersky filed an initial lawsuit in December seeking to stop the Homeland Security Department’s Binding Operational Directive. Then on Feb. 12, Kaspersky filed a second lawsuit in the Washington, D.C. District Court to overturn the provision in the 2018 Defense Authorization bill that prohibits federal agencies from using the company’s products or services.

And it’s this second lawsuit that, according to legal experts, gives Kaspersky a strong foot to stand on.

Kaspersky argued that the NDAA provision is an “unconstitutional bill of attainder.”

“The Bill of Attainder Clause forbids Congress from enacting laws which impose individualized deprivations of life, liberty, and property and inflict punishment on individuals and corporations without a judicial trial,” Kaspersky’s lawyers wrote in the complaint. “The clause ensures that Congress accomplishes legitimate and non-punitive objectives by establishing rules of general applicability which do not specify persons to be sanctioned. The clause is intended to prevent Congress from assuming the power of the executive and judiciary branches and then determining for itself conduct it regards as blameworthy and deserving of punishment, what evidence will suffice as proof, whether to pronounce a disfavored person guilty and what manner and degree of punishment to impose.”

Eric Crusis, a partner with Holland & Knight in Washington, D.C., said the concept of Attainder hasn’t been an areas of focus for the Supreme Court or the lower courts, so it’s not a well-developed part of the law.

“Some of the recent rulings are in conflict with each other,” he said. “If Congress sought to eliminate certain software characteristics, then that may have been on stronger legal ground. But because they called out Kaspersky specifically, that may face a tougher legal challenge. It’s a pretty strong argument. The legal issues in these cases are a law school professor’s dream. Any law student would need about six months to complete a final exam on Attainder because there are unprecedented issues on top of unprecedented issues. I could see this as a case make its way up to Supreme Court if both parties are motivated to do that.”

Kaspersky argued to the court that the NDAA provision was more for political reasons than national security concerns.

“Those sections were introduced and adopted hastily by Congress in the context of mounting animosity towards Russia and substantial political pressure on all branches of government to be seen as reacting to the apparent Russian interference in the 2016 presidential elections. However, Congress’s action against plaintiffs through the NDAA is based solely on vague and inflammatory allegations directed at Plaintiffs unsubstantiated by any legislative fact finding,” Kaspersky’s lawyers wrote. “These sections of the NDAA singularly and unfairly name and punish Kaspersky Lab, one of the world’s leading antivirus software companies, by prohibiting the federal government from using any Kaspersky Lab products or services and permanently depriving Kaspersky Lab of any direct or indirect federal government business.”

The legislative ban on Kaspersky is scheduled to take place in October.

Kaspersky initially argued in December that DHS’ Binding Operational Directive from September didn’t give the company a fair opportunity to address the government’s accusations.

“The company did not undertake this action lightly, but maintains that DHS failed to provide Kaspersky Lab with adequate due process and relied primarily on subjective, non-technical public sources like uncorroborated and often anonymously sourced media reports and rumors in issuing and finalizing the directive,” Kaspersky states in the letter from December. “DHS has harmed Kaspersky Lab’s reputation and its commercial operations without any evidence of wrongdoing by the company. Therefore, it is in Kaspersky Lab’s interest to defend itself in this matter.”

Ross Nodurft, the vice president of risk management at One World Identity and the former Office of Management and Budget unit chief for the cyber and national security unit, was in government when DHS drafted the BOD and said he isn’t surprised by Kaspersky’s actions.

“We all assumed this could lead to a court order and court action. We took the time to craft the BOD so it was defensible in court,” he said. “If we aren’t able to use the tools and authorities that Congress gave DHS and OMB to protect our networks and systems, then they are not useful to the government.”

Nodurft said DHS cyber executives and lawyers did as much due diligence as possible ahead of releasing the BOD to make sure it was “unimpeachable.”

Joe Stuntz, another former policy lead for OMB’s cyber and national security unit and now vice president for cybersecurity at One World Identity, added the process to reach a final version of the BOD was a long one and included a level of due diligence and awareness that this would likely be challenged in court.

Stuntz, who left the government in October, and Nodurft declined to offer any further details about the process or the case against Kaspersky citing the classified nature of the process.

But it’s that classified nature of the rationale behind the BOD that may ultimately need to come out for this case to stand up in court.

Crusis said the government’s de facto debarment of Kaspersky without due process is at the crux of the case.

“Just because the government may have an issue with the company, it doesn’t excuse the government from going through the process to afford due process and to make sure it conforms to regulatory and legal requirements” he said. “It appears the government found a way to get to the end without using the tools to get there. We will see how this tug-of-war plays out in the courts.”

Kaspersky’s court filings come as federal intelligence community leaders started laying the ground work for a potential similar ban of Chinese companies, ZTE and Huawei.

Sens. Tom Cotton (R-Ark.) and Marco Rubio (R-Fla.) introduced a bill on Feb. 7 that would prohibit agencies from buying or leasing equipment from Huawei Technologies or ZTE Corp. because of concern that the Chinese companies could spy on federal officials.

“I think probably the simplest way to put it in this setting, would be that we’re deeply concerned about the risks of allowing any company or entity that is beholden to foreign governments that don’t share our values to gain positions of power inside our telecommunications networks,” said FBI Director Christopher Wray at the Feb. 13 Senate Intelligence Committee hearing on worldwide threats. “That provides the capacity to exert pressure or control over our telecommunications infrastructure. It provides the capacity to maliciously modify or steal information. And it provides the capacity to conduct undetected espionage. So, at a 100,000-foot level, at least in this setting, those are the kinds of things that worry us.”

Crusis said vendors should continue to pay close attention to the Kaspersky court case in light of legislative actions against the Huawei and ZTE.

“If DHS is successful, they could look at other companies that aren’t American and find a basis not to do business with them and issue de facto bans,” he said. “The actions against Huawei and ZTE may start a larger trend and that conforms nicely to the administration’s America first agenda.”

Crusis said the issue of supply chain management and transparency, especially around counterfeit parts and cybersecurity, has been a focus of the government procurement community over the past few years and is expected to increase.

In fact, DHS’ Jeanette Manfra, the assistant secretary for the office of cybersecurity and communications at the National Protection and Programs Directorate (NPPD), announced Feb. 14 that the agency launched a supply chain security initiative earlier this year.

Nodurft said the DHS BOD is an attempt to address supply chain risks.

Stuntz added recent cyber incidents by a nation state targeting military technology is part of the ever-growing case for better supply chain security.

“We are not just talking about products, but how do we work with companies that are critical to accomplish the agency’s mission as they are being targeted to get to the government’s mission systems and data?” he said. “If the government is not looking at supply chain then they are missing a critical area.”

Read more of the Reporter’s Notebook.

Office of Management and Budget Director Mick Mulvaney may have said it best during his Feb. 12 press conference about the fiscal 2019 budget request: “I’m going to deal, up front, with the question that everybody wants to ask — and I don’t know who would’ve gotten a chance to ask it first — is this dead on arrival? That’s the popular question that everybody asks. In fact, they were asking it this morning on television. And the answer is absolutely not. It simply highlights the fact that this is a messaging document. The executive budget has always been a messaging document.”

And that is no more true than in the world of federal IT. The actual requests for federal IT spending are nice to know, but OMB has used the budget process over the last 15 years to publicize to agencies and contractors their policy priorities.

A perfect example in OMB’s prospectus on federal IT is around IT modernization where the administration is requesting $210 million for the Technology Modernization Fund.

But if you dig deeper into that section, you will find out how OMB plans to turn that $210 million request into an IT modernization progress.

“In fiscal 2019, the administration will continue driving federal governmentwide adoption of the Technology Business Management (TBM) framework and release implementation guidance to agencies,” OMB writes in the budget section on IT. “This will increase the strategic value of IT and empower chief information officers (CIOs) to better support agency missions through more effective IT management. The TBM framework is a powerful tool that can enhance Federal Information Technology Acquisition Reform Act (FITARA) implementation by helping agency CIOs better understand, manage and demonstrate value from the money spent on IT resources. This will also help the government benchmark IT spending, improve acquisitions and procurement practices, and better understand IT investment costs, providing an opportunity to improve budgeting for IT.”

The General Services Administration requested $1.5 million to help pay for four full-time employees to create a TBM program management office to help with the further implementation by coordinating across the government.

Todd Tucker, the vice president of research, standards and education for the TBM Council, said a small office of just four employees can have a big impact.

“We’ve seen this with Washington State where a small group in the central technology services who are responsible for the program. They worked with about 44 agencies and have done amazing things to adopt TBM and make better decisions,” Tucker said. “Many times it’s more complicated than it should be when it comes to using TBM. It’s an analytics driven exercise where you are using data sets to understand the costs of IT services or applications.”

In the federal sector, the Education Department is one agency that is ahead of the pack in using TBM.

Jason Gray, the Education CIO, said the TBM tool to ingest data received its authority to operate recently.

“We are configuring it and tweaking it so the tool provides reports and information that we need,” Gray said. “We have a core financial management system that falls under the CIO, so we have all the data sets we need to get started. A lot of the effort will be tweaking the data fields and tables and making sure it’s giving us what we want. We know it is an iterative process and we may need more granularity.”

Gray said he’s starting with TBM by applying TBM standards to his $120 million budget, and then over time as they improve the processes, Education will expand the use of TBM to other spending data.

“Over the last 2 ½ months since we started, we have our ‘to-be’ environment done and the cost transparency of what we are spending money on,” he said. “The next phase is making smarter and more efficient decisions to save money, reduce risk and make sure our systems are the right systems. Then, the third phase is going into more of a value-add where we will make sure every single system is providing value add to the department. We want to directly tie the cost to what is spent to what is performed and demonstrated value. I see our phased approach to TBM.”

Tucker pointed to Education, GSA and the Environmental Protection Agency as a few of the agencies that are taking advantage of TBM already.

But GSA’s program management office could help those agencies that are just in the initial stages.

“We would love to see GSA start establishing some TBM-related services that other agencies could benefit from,” Tucker said. “Whether it is delivering TBM analytics for other agencies or professional services to help those agencies adopt it on their own or improve what they have in place, there is a lot that this small team can do.”

Tucker added over the last year the council trained 400 employees or contractors for federal agencies from every civilian and Defense agency at the departmental level and many components.

“It’s been really good to see that kind of traction, education and awareness,” he said. “That’s not adoption, but there are many who have engaged in TBM. There is a community of practice as well that was established for TBM through the CIO Council.”

MGT and IT dashboard changes

Through the budget, OMB also detailed initial guidance for the Modernizing Government Technology (MGT) Act.

“The TMF pioneers a new model for federal technology modernization projects. Agencies must apply to and compete for TMF funds,” the budget request states. “Effective evaluation, selection, and monitoring of approved projects by the TMF board will provide strong incentives for agencies to develop comprehensive, high quality modernization plans. Agencies will provide plans that meet key criteria defined by the TMF board, which will likely include: having a high probability of success, a strong team, and a substantial impact on mission and citizen service delivery. Funds will be distributed in an incremental manner, tied to milestones and objectives.”

Part of that $210 million request is for $1.4 million for a MGT program office with six employees.

While there is much uncertainty around the $210 million request — Congress hasn’t yet supported the $228 million request for fiscal 2018 — the value of the MGT Act will come from each agency’s working capital fund.

Education’s Gray said while the agency has to wait for further OMB guidance before setting up its fund, he knows there is money to be found.

“We have looked for extra funding and the opportunities to do modernization without additional funding. We have numerous systems with development, modernization and enhancement efforts ongoing and now we have a picture of those efforts. For example, should we really be spending money to enhance five systems when we could take enhancement funding from four systems and put them into one and then sunset the other four systems? I had a meeting a few weeks ago with our CFO, so we’ve have had some discussions internally. I think we are closely aligned with what we need to do to leverage the MGT Act.”

Gray said Education also was one of several agencies who participated in a pilot program of sorts with OMB for how to apply for the centralized fund.

He said Education went to OMB a few weeks ago to discuss its opportunities for modernization.

“Now that we have a complete and comprehensive view of our ‘as-is’ environment, we can visually show, for instance, how we are using the cloud,” Gray said. “We have a contractor-owned, contractor-operated externally hosted commercial and government cloud environment. Through this system assessment and visualization, it showed me the breadth of the cloud we have and the opportunities to consolidate.”

Gray said if Education can reduce and consolidate the number of cloud services it’s using, he could use that money for other modernization projects as well as reduce the threat of cyber attacks.

The spirit and intent of the MGT Act is to get agencies to stop spending so much on legacy systems. OMB estimated in budget request that spending on operations and maintenance will rise to 80 percent next year.

But more importantly, federal IT programs are experiencing more challenges.

“The IT Dashboard shows slight decreases in the general health of IT investments across government, as denoted by the decreased proportion of CIO-rated “Green” (“Low Risk” to “Moderately Low Risk”) investments on the IT Dashboard, which comprised 58 percent of all rated investments in 2018 compared to 79 percent in 2012 (assessments based on total life cycle of investments),” the budget states.

Acquisition Services Fund to rise

GSA expects agencies to spend more money through its schedules and assisted acquisition services program in 2019, and that in turn could give a boost to the IT modernization initiatives.

So much so that it is alerting Congress that it expects the ASF to increase by $536 million to $13.2 billion, and 132 more employees for a total of 3,454 above 2018 levels.

GSA says it expects agencies to spend $712 million more on assisted acquisitions and $11 million more related to increased use of the Human Capital and Training Solutions (HCaTS) governmentwide acquisition contract and the continued implementation of the One Acquisition Solution for Integrated Services (OASIS) GWAC.

GSA also expects the Technology Transformation Service, including the 18F organization, to move into the black with $447,000 of net operating revenue. This comes after TTS is expected to have lost more than $12 million in 2017 and $2.8 million in 2018. The GSA IG reported in 2016 that 18F wouldn’t cover its expenses until 2019 and lost about $32 million between 2014 and 2016.

GSA said it expects to spend $10.8 million on 18F in 2018 and $10 million in 2019.

TTS and 18F are slated to play important roles in the administration’s IT modernization effort, including creating Centers of Excellence that, like 18F, will be fee-for-service organizations dependent on the ASF for startup funding.

“GSA has implemented significant changes in the management approach for 18F to improve the operations of individual business units and TTS as a whole. In addition, TTS has implemented all OIG recommendations,” GSA wrote in its budget justification document. “The Federal Acquisition Service is monitoring the pipeline of actual and potential work orders to ensure that expenses are managed and the workforce is utilized efficiently. Resources are added only when there is assurance of future work and a corresponding need for capacity expansion. Orders, pipeline status, utilization, and expenses are all closely monitored on a weekly and monthly basis. These processes are steps towards achieving cost recovery.”

GSA has used the ASF to build up and support TTS and 18F, and now as the Centers of Excellence effort get started it will be interesting to see whether the administration decides to use these funds as startup capital, especially considering the ASF is expected to  grow in 2019.

Read more of the Reporter’s Notebook.

Agencies and industry alike are closely watching the Agriculture Department’s IT modernization plan and how it will interact with the new Centers of Excellence initiative announced by the White House’s Office of American Innovation.

Since USDA is the first agency to use this approach, which the White House unveiled in December, agencies want to know if it really will work and how they should prepare, while vendors are watching for potential opportunities.

One of the first steps is the General Services Administration’s expected awards under the CoE initiative for support services across the five focus areas — cloud adoption, IT infrastructure optimization, customer experience, service delivery analytics and contact center — that should come any day now.

In the meantime, USDA is starting to lay out its strategy of where the CoEs can help immediately.

The first piece came Feb. 1 with the launch of a new website, Farmers.gov . The agency says the site is an “interactive one-stop website for producers” and will add multiple features over the coming months to let agricultural producers make appointments with USDA offices, file forms and apply for USDA programs.

Gary Washington, the USDA chief information officer, said at the ServiceNow Federal Forum last week that Farmers.gov is part of the customer experience improvement strategy.

“This is where we are putting a lot of focus to. We want to make sure our business systems that we have are modernized so it’s like a self-service activity, and the customer can engage USDA from a technology and a business perspective all everything is fluid, seamless and it’s quick,” he said. “We have started with our farm production and conservation mission area where we are rolling out solutions that will allow that vision to be realized.”

Along with farmers, USDA is focusing on improving services to the scientific communities it serves.

Washington said this means giving more data and computing power to researchers to enable easier sharing of data sets.

“They want to be in the cloud and work with their academic partners to share these large data sets. We want to provide them with the opportunity to be able to have an infrastructure that will allow them to be able to do some of those things and provide efficiencies to the public,” he said. “We want to make sure our employees and our customers have a pleasant experience right on that farm and they are able to apply for loans, get technical assistance and financial assistance right on the farm.”

To that end, Washington said USDA begin to address the “tremendous duplicity and overlap” across the agency to simplify and improve services.

This means Washington will become at least the fourth CIO to try to consolidate data centers and networks, and to push toward shared services.

Washington said he plans to consolidate data centers from 39 to 2, with an eye to giving bureaus the option of using commercial cloud, and consolidate and modernize the end-user support services using robotics and artificial intelligence.

“That’s a huge undertaking for us but we are up to the task and our component CIOs and our leadership are right there with us to take this on,” he said. “We made a decision that we are going to do whatever we can to get down to two, a backup and a primary data center, and provide the best services we can and really focus on the service part of this.”

USDA My Services portal

Data is driving many of these strategies and USDA’s information was far from consistent and standardized. So under the digital services analytics CoE, Washington said this effort will make sure everyone is making decisions from the same data and through an online dashboard.

“Our Secretary looks at our human resources posture, our IT portfolio and makes decisions based on information he has online, not on paper,” he said. “We are expanding on that in fiscal year 2018 to all of our mission areas, and in 2019, we will expand on this even further so everybody has access to this data and know exactly what we are discussing.”

Washington said the agency is taking the data piece one-step further for employees with the creation of a new portal called USDA My Services, a one-stop shop for all administrative service needs.

USDA says the portal is an employee-centric system of engagement that integrates with other applications and data sources to let employees enter requests once, regardless of the service they need from human resources, IT, facilities, security or from multiple areas.

Employees also will be able to create personal dashboards for analytics to focus on the information they need for their jobs.

“We are putting a lot of emphasis on not just the IT workforce, bur preparing the entire workforce for these changes,” he said. “We are asking people to do business a different way and asking IT professionals to support more modern technologies. One step we have taken with our partnership with OAI is we are trying to prepare our young men and women by having them join the team and learn from them as we go through this journey. We are working with our HR colleagues at USDA to look strategically for how we prepare all these men and women for this huge undertaking.”

Spotlight on CoE efforts

Without a doubt, USDA is undertaking a major transformation and by being first out of the gate using the CoE concepts, the spotlight on their strategies is even brighter.

There are several factors Washington should be cognizant of as he leads these efforts, say several former federal agency CIOs who went through similar high-profile transformations.

David Bray, the former CIO of the Federal Communications Commission and now the executive director of the People-Centered Internet (PCI) coalition, said one of the biggest things people miss with digital transformation is changing how results are done by people using the new technology.

“The biggest hurdle is how you take separate teams and functions and merge them into one team, one mission while at the same time meeting all the needs of your stakeholders in and out of government,” Bray said. “That is a massive culture change, and can be the undoing much more than the new technology.”

Bray, who moved the FCC’s data center and applications to the cloud as part of the agency’s modernization effort, said organizations need to convince people of the credibility of the effort by demonstrating early successes.

“That gives you enough fuel and proof points to show you have momentum because once you lose momentum, it’s hard to get back,” he said. “You can modernize technology and move to the cloud or a better commercial service, but if you don’t also come up with a better process, which falls under the program or mission area, then your success will be minimal.”

Rob Klopp, the former Social Security Administration CIO and now working as a consultant with the State of California, described similar challenges he faced in modernizing major mission applications.

But the first piece of advice he’d offer is for USDA or any organization to take on modernization efforts that have a strong potential of lasting longer than any one CIO will be in their position.

“If you start with loosey-goosey,  touchy-feely workforce transformation things and then you go away in four years, if you haven’t found a way to make it stick, then it may not have been useful,” he said. “For all of these things, I think that you can accomplish more by trying to be really focused on delivering something to a state where you can be absolutely sure it will stay. A lot of times what that means is you have to focus on a smaller number of things that you know will stay and leave the other ones to the next person. I got some of it right when I was at SSA and didn’t get some of the things right. I’m sure if you went back to SSA today, you’d find things that stuck and find things that are in the process of decaying. So by focusing on the things that you can get to point where you make them stick is important, and that doesn’t mean you can’t take on something that will run beyond your lifespan as a CIO, but it means if you take on longer term things, you have to make sure you focus on some part that will stick.”

Quick wins equals money

Klopp, who made real progress at SSA in modernizing legacy systems, some more than 30-years-old, added each of the initiatives need strategies that aren’t just short term improvements, but how they will look in 5 or 10 years.

Both Klopp and Bray say finding funding for these modernization efforts always stresses these initiatives.

Klopp said he was lucky enough get support from SSA leadership to find money, but most agency IT budgets are stuck in the operations and maintenance rut.

Bray added that the first step to finding the money to modernize is like ripping off a Band-Aid, move to the cloud and then turn off the old systems.

Both say by using a commercial or outsourced model, agencies don’t have to worry about having money to modernize going forward and can just focus on ensuring the right capabilities exist on the modern infrastructure.

Bray said no one should be surprised by how hard digital transformation can be, which is why communication plans are so important.

“At some point you will need to pivot in your strategy and then you will need to show value from your efforts,” he said. “You also are interrupting the existing profit model of contractors so you need communication to the Hill, within the administration, and to the public. There may be people who will try to slow you down, both in government and in industry, but I think we are now reaching the point that there is so much evidence that we can’t continue to do business as usual, that you just will have to say this will require patience and have hiccups, but will be worth it in the end.”

Read more of the Reporter’s Notebook.