The battle for the next great IT services governmentwide acquisition contract took  a bit of an unusual turn in early December when Obxtek Inc. filed a protest of the Alliant 2 awards in the Court of Federal Claims.

While Obxtek’s grounds for protest are unclear — the vendor asked the court to keep most of the specifics about the record under protective seal — we do know that the company was unhappy with the General Services Administration’s decision not to evaluate the price or technical proposals of those companies that didn’t make the initial self-scored cut.

“In accordance with the terms of the solicitation, GSA fully evaluated only those proposals with the highest final scores. GSA awarded contracts to 61 offerors on Nov. 17, 2017. There were 109 unsuccessful offerors,” Obxtek’s lawyers wrote in court documents. “In addition to the 61 offerors awarded a contract, GSA conducted a full technical evaluation, but not a full price evaluation, of the proposals of 10 unsuccessful offerors. GSA did not conduct a full technical evaluation or a full price evaluation of 99 unsuccessful offers.”

At the same time, another protestor, the Centech Group, also moved its protest from the Government Accountability Office to the Court of Federal Claims as GAO decided its case was similar to Obxtek’s.

GSA awarded 61 companies a spot on the $50 billion Alliant 2 GWAC on Nov. 17.  Less than 10 days later, five companies filed bid protests with GAO putting the contract on hold for at most 100 days. Through Obxtek’s filling, we also learned another vendor has filed an agency-level protest of the award bringing the total of complaints against the Alliant 2 awards to eight.

The decision by these two companies to file with the Court of Federal Claims could delay the decision further as the court doesn’t have the same 100 day limit as GAO.

A GSA spokeswoman declined to comment on pending litigation, but did confirm the stay of the contract remains in place.

The reasons for going to the Court of Federal Claims vary according to federal procurement attorneys, and the court doesn’t necessarily guarantee a better outcome for protestors.

Barbara Kinosky, managing partner of Centre Law and Consulting LLC, said many times vendors file with the CFC because they missed the GAO’s deadline of 10 days after “the basis for the protest is known or should have been known, whichever is earlier.” And at the same time, some believe the CFC offers a different type of impartiality.

“As to fairness and benefits of choosing one over the other; many perceive the court as more willing to dive more into the merits of the claim and discovery procedures could give vendors more information to support their claims,” Kinosky said in an email to Federal News Radio. “The opportunity to depose the contracting officer has many protestors rubbing their hands with glee.”

David Yang, a partner with Blank Rome LLP, said the court forces the agency defendant to produce more details about their decision.

“The biggest pro at the court is that protesters get the full record as a matter of right, whereas at GAO, many agencies will only produce those portions of the record that relate to the allegations in the protest,” Yang said in an email to Federal News Radio. “The piecemeal approach at GAO handicaps protesters from reviewing the full record and constrains their ability to make full arguments or to raise supplemental arguments — which is why agencies use this tactic. The automatic production of the full record at the court bypasses this waste and allows the parties to focus on the merits instead of fighting over document productions.”

Neither Yang nor Kinosky said vendors are more likely to win in the Court of Federal Claims versus GAO.

While Kinosky said companies have a higher win rate at GAO, both venues do not notably differ in their interpretations of procurement law.

Yang added vendors must climb the same large hill before both GAO and CFC as long as the agency’s award decision is reasonable and supported by the record.

“There is not a clear substantive difference in standards between the two forums. However, in closer cases, our experience has been that the court may more likely side with the protester whereas GAO is more likely to defer to the agency,” he said. “As for fairness, both forums do their best, but GAO is significantly more taxed in case load than the court, so GAO perhaps has less time to dig into the record or consider arguments as fully as the court. This doesn’t mean that GAO takes short cuts but GAO’s reasoning/analysis isn’t always as sharp as the court, as demonstrated by the level of detail of the decisions issued by GAO and those issued by the court.”

The one central issue to all of this is GAO already sided with GSA on four pre-award protests around the use of the self-scoring system where price evaluation is a minor factor.

In January 2017, GAO ruled there was nothing improper about agency’s use price as a nominal evaluation factor. The agency also said the use of “point scores” as an evaluation system also was appropriate.

“As explained by the agency, this procurement does not involve a tradeoff and the agency’s price evaluation will consist of determining the fairness and reasonableness of multiple aspects of the highest rated offerors’ proposed rates,” GAO stated in January 2017.

So in the end what does this all mean? First off, GSA will not open the Alliant 2 contract for business until mid-2018, which is just fine as the current Alliant contract expires in 2019.

Second and depending how the initial rounds of discovery goes, it wouldn’t be surprising for GSA to reopen the evaluation process and let most or all bidders on the contract. GSA Administrator Emily Murphy said many times one of her goals is to ensure competition at the task order level rather than the contract award level. So giving all 109 or a larger number than 61 vendors a license to hunt under Alliant 2 isn’t necessarily out of the question.

Finally, because of GAO’s previous ruling, these protests could be dismissed fairly quickly as the evaluation system and the decision by GSA not to use price as a major evaluation factor could quickly put these protests to rest.

Read more of the Reporter’s Notebook.

The Reporter’s Notebook turns 5-years old this month. With more than 9,800 dedicated subscribers and thousands of other readers, I want to use this first notebook of 2018 to thank everyone for their support and words of encouragement over the years.

The Reporter’s Notebook started five years ago as a way to flush out and highlight news and information that was “getting lost in the shuffle,” or in my case buried in my 8×11 pads of paper— now in my laptop.

It has since morphed, first and foremost into much-needed analysis of federal IT and acquisition news. It’s also the place to go to find the “people on the move” in the federal community. One thing I’ve come to understand in almost 20 years of covering this community, people like people news. And finally, it has developed into an outlet to address some of the biggest and ongoing frustrations and challenges in the federal market — have I mentioned by soapbox of the lack of transparency in the General Services Administration’s schedule and other multiple award contract programs lately?

As I’ve said from the beginning,  this is not a column nor commentary — it’s news tidbits, strongly sourced buzz and other items of interest that have happened or are happening in the federal IT and acquisition communities.

As always, I encourage you to submit ideas, suggestions, and, of course, news to me at jpmiller@federalnewsradio.com.

Here are the top Reporter’s Notebook stories for 2017:

1. DISA’s plan to replace CAC to come together this year. Any story about the Common Access Card seems to strike a chord among Defense Department employees. The CAC is so intertwined in the everyday lives of military and civilian employees that any real or proposed changes are big news.
2. White House’s new 36-point plan to modernize federal IT. The Trump administration’s plan to get agencies off legacy systems started to come together in the fall with this draft plan. Since then, the White House’s Office of American Innovation released the final strategy and further described its Centers of Excellence approach to implementation. Along the way, Congress passed and President Donald Trump signed the Modernizing Government Technology (MGT) Act in to law giving agency chief information officers a new tool to pay for these upgrades.
3. Hiring of IT workers is flat, so CIO Council trying to give it a jumpstart. The CIO Council’s job fair last fall is one of the biggest success stories of 2017. It expanded on the Homeland Security Department’s hiring fair concept and proved that a whole of government approach to hiring can make a difference.
4. Modernizing Government Technology Act to get second path to passage in Senate NDAA. The aforementioned MGT Act continued the push by lawmakers to further expand the authorities of agency CIOs. What will be interesting in 2018 is how agency CIOs use the working capital funds that the MGT Act created. Rep. Will Hurd (R-Texas), the main author of the law, said he will add MGT Act implementation to the Federal IT Acquisition and Reform Act  (FITARA) scorecard as a way to drive accountability.
5. CDM Phase 3 complexities causing DHS, GSA to rethink approach.  The Homeland Security Department’s continuous diagnostics and mitigation (CDM) program is one of those stories that has long legs. But this one stood out because it was the first time DHS and GSA publicly discussed why they need a new approach to CDM. CIOs, chief information security officers and industry will get a better idea over the next six months as GSA releases the DEFEND solicitations on the Alliant governmentwide acquisition contract whether this approach will work. There is a lot of continued interest in CDM so expect 2018 to be another busy year.
6. OASIS program personnel shakeup continues GSA’s Federal Acquisition Service upheaval. Without a doubt, GSA bore a tumultuous 2017 particularly around personnel changes. This story came after the former Commissioner Tom Sharpe and Deputy Commissioner Kevin Youel Page of the Federal Acquisition Service left unexpectedly a month before. The OASIS professional services contract vehicle is a popular program, bringing in $3.2 billion in agency contract obligations and exceeding its goal by $1 billion in fiscal 2017. The question in 2018 is whether these personnel changes will impact OASIS or were the concerns raised by contractors for naught.
7. 12 stats that tell you about the State of Federal IT. As one of the last acts as federal CIO, Tony Scott left the Trump administration a roadmap for fixing federal IT. The idea was ingenious and one this and future administrations should copy. One big story in 2018 will be whether the Office of American Innovation, with its IT modernization strategy and CoEs, can build off of these lessons learned or take a step back to learn the same lessons that Scott and others have handed down.
8. Should other CIOs be concerned about what happened to Treasury’s Bhagowalia? To me, this was one of the biggest stories of the year and foretold the changes coming to the federal CIO community. Sonny Bhagowalia remains at the Bureau of Fiscal Service as a senior adviser, and we’ve seen other shoes drop in the form of changes at the departments of Agriculture, State, Defense and at specific bureaus. The lack of a federal CIO, federal CISO and federal CTO as well as six cabinet  level agencies still without permanent CIOs remains a major shortcoming of the Trump administration’s IT modernization plan as we enter into 2018. By the way, the Treasury Department quietly named Eric Olson as its deputy assistant secretary for information systems and CIO in November.
9. GSA, DHS begin to tip their hand about future of CDM program.  As mentioned above, the CDM is the program that keeps giving news and interesting changes. What stood out about this story is once again GSA and DHS began to flesh out the details about the future of CDM and the frustration of releasing a request for information just to Alliant small business contract holders instead of the broader contracting community to get input on critical changes a major program. This is a common frustration in the federal community and the reason why so many large multiple award contracts come under bid protest because if you are not in, you are out.
10. Alliant 2 and other billion-dollar contracts worth watching this fall. This is the one story that surprised me the most making it into the top 10. Maybe it’s the headline mentioning “billion-dollar contracts,” or maybe it was the timing of story — so many were waiting for an update on Alliant 2 — the acquisition community will have a lot on its plate in 2018. It will be more than just large contracts, but changes to how agencies buy and vendors sell their products and services is well worth watching in 2018.

So there’s your top 10 Reporter’s Notebook stories for 2017. Over the next 12 months, we will continue to analyze and help you better understand the trials and tribulations of the federal IT and acquisition communities. Stay tuned, it will be a fun ride.

Read more of the Reporter’s Notebook.

Call last week “the week of IT modernization.” First, the Modernizing Government Technology Act became law. Then, the White House released the final version of the IT Modernization Strategy.

Finally, on Thursday, the White House’s Office of American Innovation rolled out its Centers of Excellence (CoE) initiative with the Agriculture Department being the test case.

In all, as one federal employee tweeted, it was a good week to be a federal IT nerd.

During the first year of the Trump administration, the federal IT community waited for direction. Still, without a federal chief information officer, the well-intentioned lieutenants moved the government forward, sticking to a similar path they had been on for the last eight years.

But now with the IT Modernization Strategy and more details about the Centers of Excellence, there is specific direction coming to agency CIOs and the federal contractor community.

“I see the strategy maturing. I think it’s good work and there was a lot of good feedback that was taken into account,” said Tony Scott, the former federal CIO and now a senior data privacy and cybersecurity adviser for Squire Patton Boggs. “I think the issue is how do we get going and operationalize it all now.”

As it goes in most organizations, the planning is the easy part and the implementation will be tough. But this is one of those times when all stars seemed aligned to make the details less devilish.

“A lot of things are coming together. It’s not just about migrating to cloud. It’s not just about cyber. It’s not just about modernization. It’s not just about shared services. I think this requires a comprehensive approach in the way you go after things,” said PV Puvvada, Unisys federal president and the newly elected chairman of the board of directors for the Professional Services Council. “What is very good about the current environment is you have the regulatory side, you have the agency side as well as the congressional side all behind a broader theme of, ‘you need to look at modernization from a bigger picture.'”

MGT Act is piece one

Let’s start with the MGT Act as the first piece to the puzzle.

Rob Klopp, the former Social Security Administration CIO, said even though the most important part of the law hasn’t been allocated yet — the central fund, a $228 million request the White House remains optimistic Congress will come through with — agencies can take advantage of the working capital funds.

Experts say saving money to put into the working capital fund is not a realistic approach, but there is plenty of money to deposit into that bank account, if you know where to find it.

“At SSA, we had an innovative program where at the end of the year, if there were funds that were not spent, which there always were — and it’s a normal outcome of the planning process and not bad planning because you have to budget for worst-case scenarios, and things don’t always come in at that worst case, so there is money leftover or things naturally get pushed off. It’s normal to have money left over — we took all of that extra money and used it to fund a year’s worth of IT consulting or other technology needs,” Klopp said. “We then reduced the amount of money allocated to IT because we knew at the end of the year, we would forward the leftover to that fund.”

Karen Evans, the former e-government administrator under the George W. Bush administration and a former Energy Department CIO, said the MGT Act may actually benefit from the continuing resolutions that agencies almost always are funded under.

Evans said because new initiatives usually can’t be started under a CR, when the agency finally gets its funding, they don’t have to rush to spend it all and attempt to spend it smartly in a shortened, say six month, time frame. Instead, she said agencies could spend what they need and then reprogram the rest into the working capital fund.

“If the CIO is tracking their IT funds like they should be, then they should be able to find it. They have to justify and declare it under the MGT Act, but that’s good for transparency to Congress, and if they get approval, then technically it can’t get scooped up by OMB during the year-end review of spending,” said Evans, who now is the national director of the U.S. Cyber Challenge and a partner at the management consulting service KE&T Partners.

OMB has been working on guidance and running test cases through the review board that the MGT Act requires the General Services Administration to stand up.

“We’ve conditioned the whole organization to live in a world where there are CRs and partial-year budgets, so the natural behavior in response to that is to over-budget. I think, in addition, you will have some projects you thought you would do that, in the end, you decide not to do or do in a different way, and as we shift from doing a lot of siloed projects to shared services, that is another opportunity where it might have cost 10x to do something, but we might find that we are thinking about how we do that project in a different way and it could be done for 5x. So there are multiple sources of funding for the working capital funds.”

Kevin Cummins, the vice president of technology for the Professional Services Council and a former senior legislative assistant for Sen. Tom Udall (D-N.M.), who helped draft the MGT Act, said the approval from Congress will be important because lawmakers are inherently skeptical to give agencies more authorities.

ITMS is puzzle piece two

So if there is a path for agencies to get money to modernize their legacy systems, the IT Modernization Strategy gives CIOs a starting place.

Klopp, who now is CEO of the Klopp Technology Group, and is working to lead the digital transformation effort in California’s Medicare and Medicaid system, said the strategy is powerful in a lot of dimensions.

“There is a lot of emphasis on network and securing the perimeter, and that is critically important. However, the bigger and better agencies that get good report cards on their cyber posture get those better reports because they have already secured their perimeter. So the directives around the network are important for lots of agencies who are behind and less important for those who were ahead,” Klopp said. “The push toward the cloud is critically important. The one thing that the strategy doesn’t address is the systems that need to be modernized are systems that run on legacy hardware platforms and those systems are not capable of being deployed in the cloud. So all of the discussion around driving agencies to move apps to the cloud is important and agencies need to be doing that.”

He added the strategy is silent on business process change and that’s the one area where agencies need the most help.

Scott said the strategy’s decision to call out the use of application programming languages (APIs), scalable cloud services and shared services will address some of these business process modernization needs.

“The piece that we struggled with is the Trusted Internet Connections (TIC) initiative. That is a model that has to mature and get solved,” Scott said. “It’s an old construct that is applied to modern-day cloud that doesn’t work. It causes performance, cost and latency issues, so the call to double down and sort that out is important. There has been a lot of good work that has happened, but the definitive solution has not been figured out yet.”

The one overarching issue that experts say was missing from the IT Modernization Strategy was around the workforce.

Unisys’ Puvvada said his company sees the need for better program and project management on the government side.

Klopp said at SSA, federal employees or contractors with modern software development skills are in short supply.

“It requires a modern thinking in how you do agile, how you get releases out fast and fail fast,” Puvvada said. “You have to have this idea of you can integrate everything and manage the scope in such as a way that you don’t have to get all your requirements done up front.”

Klopp said, for this reason, he pushed SSA to move to the cloud first and then modernize second, because once in the cloud, the agency can then take advantage of these agile or dev/ops methodologies.

CoEs complete the puzzle

It’s that workforce challenge where the Centers of Excellence become the third leg of the IT modernization stool.

The White House’s Office of American Innovation, OMB and GSA are setting up CoEs made up of federal employees, industry experts and research organizations, such as federally-funded research and development centers, to bring the necessary cloud, customer design and analytics skills to these modernization efforts.

PSC’s Cummins said the decision to start with the Agriculture Department and test out these concepts makes a lot of sense.

“There is an emphasis on customer service user interface and that’s important,” he said. “USDA is an interesting testbed because they have a lot of different programs they run that interfaces with citizens.”

Scott hit many of the same notes as Cummings about the CoEs. He said it starts to encourage cross-agency thinking and sharing of APIs and best practices.

Klopp said the CoEs are addressing many of the same challenges he faced at SSA.

But the one missing piece is what happens between the cloud user experience and design.

“The core of what a modern software product looks like is those who are writing the code that solve for the business problem,” Klopp said. “I’m not exactly sure how to characterize that middle chunk, maybe it’s a CoE of modern development architecture and tools. It would be a great addition. Agencies need people to write code that is optimized to run in the cloud. There is a lot of anecdotal evidence of CIOs who move to the cloud and they are not seeing savings and the reason is they didn’t have software that was optimized for the cloud. It takes a different approach in thinking that would be well served.”

Overall, industry, government and former federal experts say the administration and Congress have put the pieces in place to push the IT modernization effort forward.

“It’s all about execution now. We’ve had plans and tools and a lot of excuses for non-performance before and they have been removed,” Evans said. “It’s the people and culture challenge that has to be overcome. Now CIOs have the right tools and if they have the right skill sets to execute, this will be successful.”

As the Trump administration’s plan to modernize federal IT came together last week, it received broad support from industry and government experts alike.

Yes, the central fund that comes under the Modernizing Government Technology Act still is not funded. White House officials, though, still hold out hope that the Senate will add funding into the finalized fiscal 2018 spending bill.

And yes, the IT Modernization Strategy includes more than four dozen assorted deadlines over the next 30-to-240 days, many of which are unlikely to be met because that’s just how government works many times, but all are achievable and important.

It’s this last piece of the IT modernization puzzle, the newly introduced Centers of Excellence (CoEs), where the Trump administration begins to lose its way.

Federal observers are supportive of the concept of bringing federal, industry and research experts together to provide agencies with key skills to address cloud, customer experience, user design and analytics.

Why does the administration see the need to create the CoEs in the first place?

To at least this observer, it seems that the White House and the Office of Management and Budget are taking the easy way out by creating another organization instead of changing the focus of existing ones to do this not-so-sexy “plumbing” work.

As Office of American Innovation officials introduced the CoEs on Dec. 14 at the White House, the words they used, the description of what these experts will do — cloud, customer service, user-centered design, analytics, modern technologies — harkens back to what the previous administration said about the U.S. Digital Service and the 18F organization at the General Services Administration.

Back in March 2014, when GSA launched 18F, it said the organization, made up of Presidential Innovation Fellows, favored agile development based on customer feedback and analytics.

“First and foremost, by being focused on our users, we provide effective user-centered services focused on the interaction between government and the public it serves. At 18F, we want to build the 21st-century government you deserve,” GSA wrote in a Tumblr blog for 18F at the time. “Agencies should see 18F as a new way to procure, build and deliver innovative technology, digital services, and public-facing applications. We operate using three models: for you, with you, or by you. We can build your solution for you; work with your team and provide additional expertise or core capacity; or consult on how to build or buy user-centric interfaces most effectively. 18F’s team of experts is here to help. After all, we all share the same goal of delivering incredible, easy-to-use digital services for the people and businesses we serve.”

Chris Liddell, an assistant to the president and the White House’s director of strategic initiatives, said the CoEs can help accelerate the rate of progress by creating a central pool of resources to drive change.

“We want to leverage private-sector innovation,” he said. “If we staff it up, get great people, have them well organized, we can make a huge amount of change in a relatively short period of time.”

Shift the focus of USDS, 18F?

So the question then becomes: Why didn’t the administration shift the priorities of USDS and 18F to work on these infrastructure projects, instead of the high-profile programs USDS and 18F gravitated toward?

Was creating the CoEs easier than changing these two organizations, which have had a reputation for not being interested in basic blocking and tackling of federal IT modernization?

Joanne Collins Smee, the acting director of the Technology Transformation Service, who is leading the CoEs initiative, said the CoEs will merge with TTS, and that will give them opportunities to do the “sexy” projects, as well as the ones to address the “plumbing.”

“We had been focused on the fancy stuff and not enough on the plumbing, so we will do both,” Collins said. “But this focus on large-scale transformation is a new lens for the work we will be doing in TTS. We have brilliant men and women there. It may sound like another group, but we are merging two of the groups, and USDS is a very specialized skill, and I do work closely with [them].”

Smee added that the CoEs will charge fees for their services, similar to what 18F does today. She said agencies will have to pay for their IT modernization efforts out of their own funding, and then pay more for the CoEs’ expertise.

Karen Evans, the former e-government administrator under the George W. Bush administration and a former Energy Department CIO, said merging the CoEs and 18F could make a lot of sense.

“CoEs are the next evolution of USDS and 18F, and if it runs right and it’s managed right, you could further break those old molds,” Evans said. “You can get rid of old contracts and show return on investment, which is a big part of changing the culture of agencies. What you would do is have a short focus on what really should the architecture be, and then what you do when you procure and set up services over the long run. Once you figure out the architecture, then you put out the procurement and bring in the contractor, and these experts can make sure they do it right.”

Another sign could be the shakeup that happened last week within TTS, where Smee replaced Rob Cook as TTS director, and GSA moved Crystal Philcox, who had been assistant commissioner for operations in TTS since January, into a new position in the Federal Acquisition Service.

GSA confirmed that  Cook is leaving government on Dec. 18.

“Rob has been a strong partner to work with as we merged FAS and TTS and I’m thankful for his service and leadership,” said FAS Commissioner Alan Thomas in a statement. “FAS is very proud of the work TTS has accomplished and we are committed to continuing to support the Administration’s focus on innovation and modernization in government.”

Sources say there was some sort of disagreement at a meeting with Cook and Thomas over the future of TTS that may have precipitated this personnel change.

IT modernization occupation force needed

Others say the CoEs are very different than USDS and 18F, and that’s a good thing, because there is plenty of work to go around.

Rob Klopp, the former Social Security Administration CIO, used a military analogy to compare USDS and 18F with the CoEs.

“USDS and 18F are like dropping a special forces team on top of a problem, or on top of a brand new app. They can change the tide of the battle, and then you would pull the team out to go do something else,” he said. “Their job was nothing to do with transforming culture, but not go in and work with agencies to change the way they approach IT. What you need now is an occupation force, which will go in and transform the agency. You can’t ask USDS and 18F to do a job they aren’t necessarily trained for.”

Tony Scott, the former federal CIO, expanded on Klopp’s analogy, saying USDS and 18F weren’t hired to transform agencies, but take care of big problems.

“If everyone in the organization believes they are part of the mission to transform and modernize, then folks can be catalysts and you have a great chance of success. If you just rely on the cool kids to make that happen and not engage the rest of organization who have skin in the game, then it will be much more difficult,” Scott said. “It’s a great goal to fix the underlying stuff, not just the front end. That is why you need collaboration across those spaces. You have to understand how the old stuff works, where the data is, the quality of the data and you need that coupled with people who have skills with more modern technology and they need to be working together as an integrated team to fix these big problems. It requires a big movement where everyone is aligned around the goal.”

USDS and 18F have matured over the last 18 months. In a recent interview, Eddie Hartwig, acting deputy administrator of USDS, told me his organization has moved away from just addressing projects in trouble, to helping agencies make sure their projects never get in trouble in the first place.

GSA’s 18F also has seen a lot of turnover in personnel and other changes in 2017 that may have been precursors to the possible merger with the CoEs.

What, if any, changes are coming for USDS and 18F will be worth watching over the next year, as the CoEs get going. But as of now, and on the surface, they sure look like duplicative efforts that this administration says it wants to stop having across the government. Let’s see how they live up to that goal.

For much of the past dozen years, federal identity management mostly focused on the Common Access Card at the Defense Department and its sister Personnel Identity Verification (PIV) in the civilian agencies for federal employees.

The calls to improve and modernize PIV cards and CAC have been rising over the last few years, especially as the technology sector for identity management continues to evolve.

While the Office of Management and Budget is expected to update and consolidate many of the policies governing how agencies address identity management, the technology side has been slow to transform.

Paul Grassi, a senior standards and technology adviser at the National Institute of Standards and Technology (NIST), confirmed a long-held rumor of OMB’s plans.

He said a 2004 memo for e-authentication will be rescinded in the coming weeks.

“Hopefully we will see in the identity realm something in the January time frame what the future direction is,” Grassi said. “The IT Modernization Strategy tasks OMB 45 days after to release an identity management policy. That’s coming. It will be out for public comment.”

Beyond the expected policy changes, DoD is on the cusp of some biometric breakthroughs that could give the federal identity management sector some considerations about the next generation of physical and logical access control.

Will Graves, the deputy product manager and chief engineer for biometrics enabling capability in DoD, said the Pentagon is planning several tests in Iraq or Afghanistan over the next year of face, DNA and other biometric modals.

“What we have been seeing lately is these new joint emerging requirements,” Graves said during an AFCEA Bethesda breakfast panel on Dec. 13. “When we talk about voice, we actually are going to deploy voice to the theater next year. We have a project that has rapid DNA. We are working with the University of Virginia to create a rapid DNA device that’s actually built on a CD. It’s a 10-pound device. It’s not packable in a ruck yet. But it’s going to be very cheap. The device is going to be less than $10,000. The current device right now is about $225,000. We are going to deploy that in the Central Command region next year.”

Graves said these tests are part of how DoD is shifting the use of biometrics from just law enforcement to identity and access management.

He said the Mark Center in Alexandria, Virginia is a perfect example of how DoD is using the modalities differently.

“There is an iris and fingerprint access. You can swipe your badge and say you want to use your iris or fingerprint and you can get into the Mark Center that way,” he said. “We are looking at contactless fingerprint and on-the-move face and iris, and we are going to deploy two systems in Kuwait right now and they are on the way to Iraq. They are in a 40-foot conex, so you walk through, swipe both hands and keep on walking and it does facial and iris recognition on the move as you walk through that conex.”

This is just the beginning, too. Graves said his research arm is developing video analytics for facial recognition from social media and from the dark web.

“If you are an ISIS fighter creating a video on how to build a pipe bomb, we can take that video, scrape those faces and put that face on a watchlist,” Graves said. “So if they come close to a [checkpoint], we will have that local watchlist and say, ‘That’s a bad guy, maybe put this person aside for additional screening.’”

He said video will become a more important identity and access management capability in the future.

DoD is using Amazon Web Services to demonstrate by March the concept of connecting closed-circuit television cameras and send the video feeds to an analytical back end. Graves said this capability will enable DoD to protect additional buildings because there are CCTV cameras on nearly every structure.

The science and technology office also about three weeks ago successfully tested a new “defense-in-depth” capability where a system used facial capture and recognition at 500 meters away. Graves said DoD has a requirement to do this from 800 meters away.

“We are actually trying to create that bubble further and further away,” he said. “If we can recognize you as a bad person 300 meters away, we can take some corrective action.”

As for the CAC, Graves said the CIO/G6 is looking at how they could use the biometrics submitted to get the CAC to verify employees for physical and logical access.

“It’s kind of a baby-step type of process. We will start with the physical access and then we will move on to some of the logical access,” he said. “DARPA has been doing some work on active authentication. As you are on the computer, it will take a face from the camera and confirm it’s you. They’ve also looked at keystroke, mouse stroke and other active authentication. If you steal my CAC and my PIN, you can’t actually access the information I’m allowed to access. That’s some of the stuff that is further down the road.”

The Defense Department’s request for information for cloud computing in late October is giving industry heartburn.

At the same time, the General Services Administration has issued several acquisition notices for cloud computing services that are giving agencies hope and excitement. One, from late October, with the Space and Naval Warfare Systems Center Atlantic (SPAWARSYSCEN), is for commercial hosting cloud services (CHS). A second request for information from the Federal Risk Authorization Management Program (FedRAMP) program management office is for help in developing standard contract language for agencies to use as they acquire secure cloud-based products.

And then there are assorted RFIs and solicitations from the Interior and Veterans Affairs departments, the Air Force and the Defense Department’s Joint Service Provider, all for cloud services.

In the last few months, the number of acquisition actions from many agencies — whether RFIs, sources sought notices or requests for proposals — seems to have hit a crescendo of sorts.

Seven years after the Office of Management and Budget directed agencies to consider moving to the cloud first and foremost, agencies finally are ready to pick up the pace.

“Almost every agency is talking publicly about migrating and leveraging the cloud, especially around transformation and modernization of IT. It is very much a common theme right now,” said Gary Wang, the vice president of cloud and infrastructure services for Unisys Federal, in an interview with Federal News Radio. “This is really an inflection point for cloud, and we expect to see more and more of this.”

While the anecdotal evidence from vendors and through random solicitations is helpful, the actual procurement data doesn’t lie.

Bloomberg Government found that since 2013, agencies have spent more than $7.3 billion on cloud computing services, including $1.8 billion in 2017, which is double the amount spent just five years ago.

Now to be clear, just over a year ago, I quoted numbers telling a different story about cloud. Market research firm GovWin found cloud spending had not lived up to its promise.

Part of the challenge is how agencies code their procurement actions when buying cloud, and another part of the challenge could be related to the time for the data to fully reflect all the contracting actions that happen in a given year.

A third explanation comes from Dom Delmolino, the chief technology officer for Accenture. He called all of this activity part of the evolution the government has been experiencing over the last five or so years.

“We keep seeing barriers to adoption being removed,” he said in an interview with Federal News Radio. “We saw FedRAMP high for [Microsoft] Azure and Amazon Web Services, and AWS get a DoD impact level 5 provisional approval from the Defense Information Systems Agency. Where once an organization said maybe only some apps can go to cloud, now the whole landscape can go. There is guidance, and now what were once barriers or concerns seem alleviated. Added to that, agencies’ interest in artificial intelligence and Microsoft putting cognitive services in its government cloud, agencies can do all kinds of things in the public cloud and have top cover.”

Shawn McCarthy, research director for IDC Government Insights, provided me with estimates that more closely match what Bloomberg Government found. He said public cloud services will account for about half of the $2.15 billion in spending in 2017. By 2021, agency spending on public cloud is projected to increase to $1.9 billion out of the $3.3 billion.

Peter O’Donoghue, the vice president of application services for Unisys, said agencies are much more comfortable and confident with cloud services, which then is opening the door to address a lot of pent-up demand for new capabilities.

“We are seeing a lot of CIOs wanting to move to the cloud as they are trying to be compliant with the cloud-first policy, data center optimization mandate and other requirements,” he said. “Over the last two years, we had a homeland security customer who was under extreme pressure to set up mission-critical functions in the cloud. It was a priority for the new administration as well, and it had to be done quickly. We are starting to see a pattern where mission owners and some CIOs want to tap into the insane amount of innovation and solve real problems in a short time frame.”

That demand to transform, modernize and upgrade mission and commodity IT functions is coming through in the dozen different acquisition actions over the last few months.

The DoD RFI is probably the most interesting one. After Defense Deputy Secretary Pat Shanahan created a cloud executive steering group in September to accelerate the military’s move to the cloud, DoD issued an RFI asking for input from vendors on infrastructure- and platform-as-a-service offerings. The Pentagon wanted details from industry across a host of areas, including policy and regulation barriers, cost and pricing, and bringing cloud to the tactical edge.

Several industry groups expressed serious concerns about DoD’s initial concepts.

The IT Alliance for Public Sector responded to the RFI by detailing why a single cloud, one-size-fits-all concept would be bad for DoD as well as for industry.

“A department cloud comprised of multiple interoperable offerings — each honed by a different provider based on its learnings from other sophisticated enterprise deployments — would ensure the department obtains the benefits of competition to achieve best value for both warfighter and taxpayer. In fact, almost all Fortune 500 counterparts have established multi-cloud architectures because no one cloud solution meets all of their mission and business application requirements,” wrote Trey Hodgkins, ITAPS senior vice president for the public sector, in a letter to DoD. “In addition, selecting only one cloud provider drastically impairs competition in the future. The costs to migrate data from one system to another are likely to be high, deterring the department from deviating from the incumbent — even if the incumbent’s future technology is clearly inferior — when the contract comes up for rebidding years from now.”

Another good-government organization, the IT Acquisition Advisory Council (IT-AAC), went even further to discourage DoD from going down the path of a single cloud provider.

IT-AAC said in its response to the RFI that DoD must “usher in alternative processes and expertise that are not vested in the status quo.”

“Don’t build it, buy hybrid cloud and hyper-converged infrastructure that is preconfigured and industry tested. We have documented over 60 viable commercial cloud offerings suited for every possible need; Back Office, Tactical, ISR Cloud, On-Prem, Off Prem, etc. Knowing your business before jumping into technology is key to your success,” IT-ACC stated. “If [DoD] continue to misapply the current DoD requirements (JCIDS), architecture (DODAF), and procurement (DoD5000) models, this will absolutely fail. Other Transactional Authorities (OTAs) are also not the answer as they eliminate competition and sound decision making. As with any critical technology, Open Architectures defined by consensus-based standards bodies are key to vendor lock-in (BTW, Open Source does not equal Open Architectures). Do not ‘lift and shift’ legacy applications not designed for the cloud without refactoring. There will be zero savings, and likely increased cost and performance problems.”

There are further concerns that DoD wants to end its MilCloud 2.0 effort and move toward a similar approach that the CIA is taking with AWS as a main cloud provider for the intelligence community.

While there still is a lot to be determined about DoD’s eventual approach, several military services and agencies are moving to the cloud. The U.S. Transportation Command plans, by next July, to migrate all of the logistics systems it uses to interface with the private-sector transportation companies who move DoD goods and personnel by air, land and sea to the cloud.

The initiatives by DoD, GSA and others fit into what experts say will be a continuing trend among cloud — hybrid or public-private cloud will remain the preferred choice for several years.

Unisys’s Wang said while agencies have overcome many of the privacy and security concerns —through FedRAMP — they still have a ways to go to get past the cultural barriers.

“We also noticed that a lot of agencies want to expand into multiple clouds,” he said. “For example, Transportation was in Azure for the last three years and now wants to expand to AWS. The Air Force has used AWS and now wants to expand into different cloud service provider.”

Accenture’s Delmolino agreed that the hybrid model will remain popular for the short term.

“There is a learning that has to occur and it takes about a year to understand how to use it, how to secure it and how to document that security,” he said. “ There still is a lot of discovery going on. But at the same time, there is more activity, and it gets back to the current landscape where cloud capable because of security changes.”

Return to the Reporter’s Notebook

Subscribe to Federal Drive’s daily audio interviews on iTunes or PodcastOne.

For the last 18 years, the Veterans Affairs Department has flunked its cybersecurity examine. The agency’s inspector general, for 18 years, has found cybersecurity as a material weakness.

And for the last 18 years, the assorted chief information officers, at least 10 during this time, have promised they would be the one finally to fix these long-standing issues.

Despite 18 years of failure, the light at the end of the tunnel is getting brighter. The most recent evidence came Dec. 7, during the latest congressional committee to seek answers and assurances from VA.

Scott Blackburn, the executive in charge for information and technology and acting CIO in the Office of Information Technology at VA, brought some good news to members of the House Oversight and Government Reform Subcommittee on IT, which held a hearing on Dec. 7.

Blackburn held up a note from acting Federal CIO Margie Graves telling VA it had fixed 11 troubled areas highlighted by the CyberStat process.

“A lot of the 11 areas were sort of lingering issues for VA. We have a lot of lingering issues that have gone on for years and years. Back in 2015, we established an enterprise cybersecurity strategy to look at these lingering issues and try and put them to bed once and for all,” said Dominic Cussatt, VA’s chief information security officer, in an interview with Federal News Radio after the hearing. “We did institute 35 plans of actions to get all of those things accounted for and get some capabilities on board to address those issues systematically. We’re happy to say by Dec. 15, we will have all 35 of those closed. There were about 3,000 line items in that integrated master schedule.”

Cussatt said among those 11 areas under the CyberStat process that were removed included continuous diagnostics and mitigation, identity management, network defense and access control.

All of which were long-term problems for VA. For instance in June, the IG reported for 2016 that VA had security weaknesses that were not remediated from prior years, including ineffective enforcement of its agencywide information security risk management program and ineffective communication from senior management to individual field offices.

“The use of weak passwords is a well-known security vulnerability that allows malicious users to easily gain unauthorized access into mission-critical systems,” the IG stated.

VA doubled down on many of these long-standing cyber problems in 2015 when former CIO LaVerne Council created a new enterprise cybersecurity strategy with a specific focus on ending the agency’s run of cyber being a material weakness.

Council, who left in January 2017 and recently joined Grant Thornton, should be credited with putting together many of the initiatives to address the IG’s annual report that included 30-plus recommendations. She also changed VA’s culture, which had hit a low-point in 2013 when former CISO Jerry Davis went public with accusations that the agency was “rubber stamping” IT system authorities to operate (ATOs) in order to get them completed before they expired.

Cussatt said another one of the CyberStat issues that OMB said is now resolved is around the ATOs of systems. When Cussatt arrived at VA in May 2016 from the Defense Department, he said the agency had a “relative large” number of systems without a valid ATO. Now, all systems are certified and accredited to operate on the network.

“We’re already starting to see the benefits of these [cyber] efforts,” Cussatt said. “We’ve seen an improvement in our FISMA audit scores. The IG when they recently briefed our secretary on the outcome of our annual FISMA audit that just concluded at the end of the summer, they noted they’ve seen a measurable improvement to our posture. There are still some issues to resolve, but they made a point to note that they have seen a lot of progress.”

Cussatt said VA still may face a 19th straight year in which cyber is a material weakness. The IG wants to see beyond an issue being resolved once, and instead see a long-term trend that VA has turned the corner.

“I think we are on that path to get that trend in place that we need to resolve it,” he said.

And current VA executives, including Blackburn and Cussatt, are continuing the improvements, which includes transitioning to a new risk management approach called the enterprise cybersecurity strategy program.

“With the issuance of the president’s cybersecurity executive order in May, where we were asked to align ourselves with the NIST cybersecurity framework, we are looking to take the cybersecurity framework to heart, use it with our existing NIST risk management framework program that we have implemented within VA and use that as our mechanism to move from this tactical approach of setting up this integrated master schedule with these short-term plan of actions to a more proactive, security control lifecycle risk management, risk assessment approach to keep track of all the things we put in place and make sure they are keeping up to speed with the threats and vulnerabilities and bringing new capabilities to bear,” Cussatt said.

There is little doubt that VA is a different place today than five years ago when it comes to cybersecurity. The executives recognize problems exist and seem to be giving them the proper attention, and therefore are getting the results.

While a 19th year of material weakness seems likely, that may be the last one, which would be good news for veterans, especially as VA launches its the new electronic health record system.

Read more of the Reporter’s Notebook.

There are few people in the federal acquisition community who are on a higher trajectory than Jose Arrieta.

The General Services Administration’s director of the Office of IT 70 Schedule Contract Operations not only rejects the risk averse culture of the government, but he isn’t afraid to take on bigger challenges.

To that end, sources confirmed Arrieta is leaving GSA to become the deputy assistant secretary for acquisition and senior procurement executive at the Department of Health and Human Services.

Sources say Arrieta, who joined GSA about a year ago, will start at HHS in early January 2018.
He replaces Angela Billups, who joined the Education Department as its deputy chief acquisition officer and SPE in January 2017.

Arrieta’s decision to move to a larger agency with an acquisition budget of $24.7 billion in fiscal 2017, according to USASpending.gov, is only surprising in the fact that he stayed at GSA for just a year.

During his tenure at GSA, Arrieta led the effort to test out the cybersecurity concept called blockchain. He told Federal News Radio in November that blockchain would make it easier for vendors on the Schedule 70 IT program to establish contracts through automation.

The fact that Arrieta experimented with an emerging technology and proved it out sends an important signal not only for other acquisition professionals, but also that GSA is willing to let its people take smart risks. Few other agencies, the Homeland Security Department is one exception, would allow an employee to experiment with a key program like Schedule 70.

Before coming to GSA, Arrieta  worked at the Treasury Department as its director of the Office of Small Disadvantage Business Utilization (OSDBU) and as the Homeland Security Department’s industry liaison and ombudsman.

This was Arrieta’s second stint at GSA. He also worked there from 2004 to 2010 as a procurement analyst and contracting officer.

It’s unclear who will replace Arrieta.

Another agency CIO is on the move

Kirit Amin, the CIO of the International Trade Commission, decided to retire after 11 years in government.

Amin has been the ITC’s CIO for three years, coming from the Commerce Department.

“I came into federal government 11 years ago after I sold my last company and retired in 2006. I wanted to do some good from the inside the government,” Amin told Federal News Radio in an interview. “As I reflect on my career, I think now I can do more on the outside than the inside.”

Amin said his last day will be Jan. 6, and he didn’t know who will take over for him on interim basis.

“I will work from the private sector side to help improve government,” he said. “I will work with organizations like ACT-IAC and others to help effect change. After 11 years on the inside, now I want to try from the outside. I’m not going to ride off into the sunset.”

Before coming to ITC, Amin was the deputy CIO and chief technology officer for Commerce. He also worked as the CTO and chief innovation officer at the Department of Housing and Urban Development. He began his federal career as the CIO for the State Department’s Bureau of Consular Affairs.

During his time at ITC, Amin pushed hard to modernize the agency’s technology infrastructure.

He also worked to reinvigorate the small agency CIO Council, saying small agencies need more help modernizing systems and meeting cybersecurity requirements. Amin helped draft ACT-IAC’s white paper on small agency IT modernization.

Amin will be my guest on my Ask the CIO program this week so tune in for our conversation addressing small agency challenges and his career.

NASA shared services loses staunch supporter

Mark Glorioso, the director of the NASA Shared Service Center, is retiring on Dec. 31 after more than 20 years in government.

The Shared Services Leadership Coalition announced Glorioso’s decision to retire and begin a consulting business.

Glorioso ran NASA’s shared services center since March 2014 at Stennis Space Center in Mississippi.

The center provides multi-function shared services, including financial management, IT, human resources, procurement services and business support services. The shared service center has an operating budget of $67 million and approximately $433 million in additional agency-provided funding for training and initiatives of benefit across the agency.

In some ways, NASA is a model for other agencies looking to consolidate and reduce the costs of back office IT. A 2014 report from the Partnership for Public Service and Deloitte found by locating its administrative support workforce in a single building, NASA personnel were able to more easily interact with each other, contractors and government team members. Team members could also participate in one another’s reviews, which made for stronger teams and greater management accountability.

NASA, however, never got into the governmentwide provider business, which may be why those who question shared services point to them as a model versus some of the others who continue to struggle to provide financial management services.

Former USPTO CIO finds a new home

It didn’t take long for John Owens to find a new home. The long-time U.S. Patent and Trademark Office chief information officer, who retired on Nov. 2 after more than a decade, joined CGI Federal as a vice president in the emerging technologies practice.

CGI announced the hiring of Owens on Dec. 6. CGI says Owens will lead the practice’s solution development group, where he will oversee the continued development of technologies for agencies.

During his tenure at USPTO, Owens helped transform the systems that run trademark and patent processing by implementing agile and dev/ops methodologies.

For example, Owens told me USPTO could now turn around software bug fixes in 24-to-48 hours, and is using two-to-three week sprints to develop new IT services for patent and trademark examiners with a goal of releasing new capabilities at least quarterly.

Owens is no stranger to the private sector. He spent 12 years at AOL before coming to USPTO, serving a technical director of the group who helped develop the Netscape Internet-service provider.

Read more of the Reporter’s Notebook

Subscribe to Federal Drive’s daily audio interviews on iTunes or PodcastOne.

For much of the past 30 years, federal human resources systems were like a Frankenstein monster — disparate pieces and parts pulled together to create a working model.

Too often, chief information officers had to connect the electrodes to the often-siloed systems, only to yell, “It’s alive” when the middleware worked to bring the systems together to share data.

A new effort under the Unified Shared Services Office and led by the Office of Personnel Management wants to bring an end to these Franksteined HR systems.

OPM released a new human capital business reference model (HCBRM) in mid-November to simplify how agencies and vendors alike view the operational functions, policy ownership and common structures as part of a plan to better align HR operations, finance and acquisition.

“The HCBRM delivers value because it provides the framework to help streamline, standardize and simplify HR operations for practitioners and employees alike,” OPM acting Director Kathy McGettigan said in a statement. “The potential benefit of this transparency can have a long-lasting impact across the government.”

David Vargas, director of the HR Line of Business for OPM, said the siloed approach created fragmented architectures that posed challenges for the employees and systems alike. Employees who retired saw these challenges firsthand when they tried to gather their historical data, especially if they worked at several different agencies.

He said the updated reference model is the successor to the Bush administration’s e-government initiative and expands the focus of the entire effort.

“The future of HR shared services is foundationally based on organizing the government around a single HR service catalog to facilitate a governmentwide common user experience,” Vargas said in an email to Federal News Radio. “This strategy will allow the adoption of cloud-based software-as-a-service (SaaS) solutions while allowing operational process-based flexibility from agency-to-agency.”

Vargas said this latest effort will ultimately break the functional silos.

The HCBRM will “treat HR service delivery as an end-to-end talent management service offering. Future approved service providers will be considered if they offer end-to-end talent management that complies with the HRLOB talent management services, consistent with the Human Capital Federal Integrated Business Framework standards,” he said.

Vargas added the new framework will eliminate the “core HR” and “non-core HR” categories.

“The HRLOB and the Multi-Agency Executive Steering Committee (MAESC), in collaboration with the CHCO Council and the Unified Shared Services Management office, are now developing baseline governmentwide human capital service standards for all human capital functions in the HCBRM for adoption by agencies,” Vargas said.

He said the standards include:

• Human capital function-specific lexicons consistent with applicable laws, service catalogs, requirements, performance metrics, and use cases; and
• Employee record data and exchange standards.

To that end, OPM, USSM and others will develop a new employee digital record (EDR) to replace the electronic official personnel folder (eOPF) and the enterprise HR integration (EHRI) system.

“The EDR is composed of two parts: EDR data standards and EDR data exchange. EDR data standards are being developed to construct the fully machine-readable employee record that can be used to streamline data exchange across the government,” Vargas said. “The EDR data exchange will function independently from the transaction/application layer of the architecture. Meaning, data management is not dependent on a specific platform, product, or application. The focus of this architecture will be technologies such as cloud-based identity management system, Blockchain and data lake. In the future, the EDR exchange will allow the autonomous and secure exchange of employee record data between federal agencies and service providers, ultimately resulting in a true single employee record throughout the employee’s federal career.”

The human resources initiative is following the same technology path that the financial management effort has been moving down, where it’s getting away from the piecemeal approach and lets agencies buy the service. The Office of Management and Budget and the USSM announced in January a new concept of operations and released a request for information about how this “as-a-service” approach would work.

Jeff Koch, a former OMB official during the Bush administration, said the continued drive to having common business processes is necessary for a true shared service environment.

“Having business processes agreed-upon by every agency enables apples-to-apples comparison of performance between agencies and mobility between shared service providers,” he said. “[OPM director nominee] Jeff Pon was one of the original leaders of the HRLOB who saw the potential of unburdening the CHCOs from having to run their own HR IT systems. And, because all of the HR shared service providers, both government and private, have agreed to comply with the BRM, this is effectively the mechanism by which OPM promulgates policy — implementing changes in every HRIT system simultaneously.”

Other experts, however, aren’t as enthusiastic about OPM’s latest effort.

Linda Rix, co-CEO of Avue Technologies, and a vocal critic of many current federal HR initiatives, said she’s concerned that the business reference model is focused on the past and not the future.

“They are silent on labor economics. They are silent on labor market potential sources of stress, like cyber. They are silent on workforce elasticity, the ability to grow and shrink on demand and provide agility to managers. They still are in a ‘job for life’ traditional view of HR,” Rix said in an interview with Federal News Radio. “That isn’t going to help the federal government get to where it needs to be to position HR programs, services and systems in the future. There still are too many variables.”

Rix pointed to the reference model’s 15 functions and 54 subfunctions as evidence of the backward view.

“If you are proposing a structure that is applied governmentwide as a one-size fits all, then you should know whether or not you have statutory support to do those things,” she said. “To have 54 subfunctions released in an official document that has no tie to the statute is irrational. It should be tied to the statue or be optional for the agency based on mission or business needs. I found that to be a stunning omission.”

She said the HRLOB should stick to the basics of the Classification Act of 1949, the Equal Pay Act of 1963 and other legislative requirements. Rix said everything else should be discretionary based on agency needs and missions.

“The standard HRLOB should be the minimum, and everything else should be discretionary to let senior management get what they need. They know the frustration with dealing with this one-size-fits-all HR framework,” she said.

But Vargas said a major part of this effort is to streamline standards and service delivery, and uncomplicate the process.

“The OPM/HRLOB is actively engaging agency CHCOs and Multi-Agency Executive Steering Committee (MAESC) representatives to tailor agency-specific strategies to leverage the HCBRM taxonomy and categorical structure for HR operational assessments, Workforce planning, process optimization, HRIT Portfolio planning modernization, and budget formulation,” he said. “In addition, the HRLOB is working with OMB and GSA to align acquisition and financial reporting codes to the HCBRM taxonomy. The HRLOB is also working with the OMB Federal Architecture and Technology Business Management (TBM) teams to use the HCBRM as a model for the next version of the Federal Enterprise Architecture (version 3.0). Furthermore, the HRLOB is leading the effort to develop a governmentwide HR service catalog.”

Additionally, Vargas said he expects GSA to release a draft RFQ in the first quarter of fiscal 2018 for the next iteration of the e-payroll initiative. He said the draft RFQ will help improve the final one that is expected to be out in the second quarter of 2018. GSA released an RFI in July 2016 and used those responses to develop the draft solicitation.

Return to the Reporter’s Notebook

A lesson for government contractors: Don’t mess with the Government Accountability Office. When it suspends you for a year for submitting frivolous protests and then lifts your suspension, it doesn’t take long for GAO’s lawyers to lose their patience if you continue to submit what they believe are superfluous protests.

That is the lesson Latvian Connection now is facing.

GAO suspended Latvian Connection for two years for its continued efforts to change the federal procurement process by submitting bid protests. The agency first suspended Latvian in August 2016 and lifted the ban a year later.

And in the first month since GAO lifted the suspension, Latvian Connection filed 10 new protests. The continued frivolousness and aggressive tone of the filings pushed GAO to make this decision.

If you haven’t read GAO General Counsel Susan Poling’s Nov. 29 missive, detailing with an unusual candidness the agency’s decision to forbid Latvian Connection from petitioning them with bid protests, then you should.

“Despite the prior suspension, and despite our Aug. 18 letter, Latvian Connection’s request for reconsideration, as well as its underlying protest and other recent filings, exhibit the same pattern of the abusive litigation practices that previously led our office to suspend Latvian Connection,” Poling wrote. “These practices include filing protests that are either untimely or fail to demonstrate that Latvian Connection is an interested party to pursue the protests (or both), and submitting pleadings that fail to engage or address the responses prepared by procuring agencies to explain their actions or dismissal requests. Latvian Connection’s pleadings are incoherent, irrelevant, derogatory and abusive.”

What stands out in GAO’s decision is just how incoherent and abusive Latvian’s filings are.

“For instance, in response to the Air Force’s request for dismissal of the protest underlying this reconsideration request, Latvian Connection filed a 28‑page statement containing dozens of excerpts, tables, computer screenshots, and pictures, interspersed with commentary (often derogatory) from the protester,” GAO wrote. “The statement is presented in a confusing array of text sizes, fonts, highlighting, and varying margins, rendering it unintelligible.”

GAO says Latvian accuses agency lawyers of “covering up” for the government’s wrongdoings and goes further by threatening to file complaints with oversight authorities.

“Latvian Connection alleges, without any substantiation, that GAO is covering up white-collar criminal activity by DoD and the Air Force. In addition, in protest B‑425353.4, there were several links to internet videos published by Latvian Connection’s CEO. These videos are profane, inappropriate, and threatening,” GAO writes. “In fact, Latvian Connection routinely threatens to publish videos disparaging agency and GAO officials, or threatens to file complaints against them to state bar officials or agency inspectors general, whenever the protester disagrees with a potential procedural or final decision. Despite Latvian Connection’s apparent belief, such threats will not result in a different answer from our office. Our forum is not required to tolerate threats, profanity, and such baseless and abusive accusations.”

As much as the suspension is about abusive and nonsensical protests, it’s also about the impact on GAO’s resources. Latvian Connection filed more than 500 protests over the previous few years before being suspended. So when GAO only receives about 2,700 protests a year, and 5-to-8 percent are from one company that fails to meet community standards, the agency is left with little choice but to find a way to change Latvian’s behavior.

“Latvian Connection has continued to routinely and repeatedly file protests that are not legally sound and both GAO and the agencies must divert our collective time and resources to responding. Latvian Connection’s recent protests continue to place a burden on GAO, the agencies whose procurements were challenged, and the taxpayers, who ultimately bear the costs of the government’s protest-related activities,” GAO wrote. “In the protests described throughout this and our prior suspension decision, attorneys for the procuring agencies have prepared responses to the protests on the basis that Latvian Connection is not an interested party to challenge these procurements; that its protests are procedurally infirm in one way or another; or that they simply are without merit. Correspondingly, our office has expended resources processing Latvian Connection’s filings, reviewing the facts and law, and responding meaningfully and equitably to Latvian Connection’s contentions. Yet, Latvian Connection continues to fail to show it has an actual interest in, or capability to perform, the government contracting opportunities to which it objects. Unfortunately, we also see no evidence that Latvian Connection is prepared to engage constructively on the issues.”

Some federal procurement experts believe concerns about frivolous protests, whether from Latvian or not, pushed GAO to begin charging vendors in March for filing protests.

It will be interesting to see the impact of the new fees and whether it continues a downward trend of contract and award protests that GAO saw in 2017.

Return to the Reporter’s Notebook