The 38th annual and final Management of Change conference opened May 21 in Cambridge, Maryland with a lot of uncertainties hanging out there in the federal community. Updates on policies and plans from the Trump administration had been slow to materialize up to that point.

The fiscal 2018 budget release was still two days away when the conference began, and the lack of politically appointed executives — ranging from the federal chief information officer, to the administrator of the Office of Federal Procurement Policy, to the administrator of the General Services Administration, to a majority of the presidentially appointed CIOs — is leaving many agency officials acting cautiously as they wait for new political leadership.

But despite initial concerns, ACT-IAC delivered a solid, informative conference. Below are three highlights of some of the news that drove the conference.

Unfortunately, ACT-IAC announced this was the last MOC conference. The government-industry organization announced it planned to combine MOC with its Executive Leadership Conference (ELC) starting in October 2018 in Philadelphia, Pennsylvania. Generally, this concept drew mixed reviews of the people I talked to. Several like the intimacy of MOC, with only 400 people and an attractive government-to-industry ratio, whereas ELC is much larger, at 800 attendees, and what feels like a larger government-to-industry ratio. ACT-IAC says the ratio is 3:1 just like MOC. I’ll leave that discussion for another time.

(more…)

It’s really no surprise the General Services Administration and the Homeland Security Department chose the Alliant — and eventually the Alliant 2 —governmentwide acquisition contract to host the future of the continuous diagnostics and mitigation (CDM) program.

Since GSA awarded Alliant to 59 vendors in 2009, it has been a popular contract for buying complex technology services. Since 2009, agencies have awarded $15.5 billion worth of contracts across 756 task orders, including $3.4 billion in fiscal 2016.

GSA and DHS expect to add another $2.75 billon to $3.4 billion through the new CDM task orders called “DEFEND.” One industry source said this figure was probably the biggest surprise of the industry day.

Another industry source familiar with CDM, but didn’t attend the industry day, said it looks like GSA and DHS were better organized and prepared for this part of the update to CDM. GSA and DHS announced earlier this year it was changing their approach to the cyber program when the contract expired in August 2018.

(more…)

The U.S. Department of Agriculture and the National Reconnaissance Office are looking for new IT executives.

Donna Hansen left NRO after serving as its chief information officer since 2013 and its deputy CIO since 2011. She also was the chairwoman of the CIA Publications Review Board. NRO is leading network and engineering service providers to build standard network designs for local and wide-area networks under the Intelligence Community IT Enterprise (ICITE) program.

Hansen left NRO in April and joined Deep Water Point consulting, where she will focus on the intelligence community sector.

Prior to coming to NRO, Hansen served as the director of the enterprise architecture and strategy office in the NRO’s Chief Information Office.

(more…)

If there was ever a case to be made for why agencies and organizations invest in cybersecurity protections, look no further than the recent WannaCry ransomware attack.

The federal government came away unscathed by the malware that hit more than 300 countries and impacted more than 300,000 computers worldwide.

Why did this nasty virus not infect federal computers?

The reason can be traced, in large part, back to 2014. When the Heartbleed bug, a vulnerability in the OpenSSL cryptographic software library, hit the internet, the Homeland Security Department had to scramble to make sure agencies fixed the code.

(more…)

Don’t pop the champagne or start planning the celebration quite yet. The Modernizing Government Technology Act still has a long way to go before it becomes a law.

Yes, the House passed Rep. Will Hurd’s (R-Texas) MGT Act on May 17 by voice vote. And yes, the Congressional Budget Office score of the legislation came back at $500 million instead of $9 billion, which some say stopped MGT from moving forward last session.

But the fact is Senate appropriators still are not convinced that a working capital fund in each agency and a centralized fund of $250 million a year for two years is the answer to getting federal agencies off of outdated, insecure systems.

“The committee recognizes that government IT systems need improvement, and has provided funding for this work. In addition to funding, there must be appropriate oversight and accountability for government IT projects to be successful,” said Chris Gallegos, a spokesman for the majority side of the Senate Appropriations Committee, in an email to Federal News Radio. “According to the Government Accountability Office, the federal government will invest an estimated $89 billion on IT in fiscal year 2017. Funding is not the root problem with government IT projects, but rather insufficient program management and oversight, gaps in technical skills, and failure to take an incremental approach to development.”

(more…)

An interagency working group is about to turn the government’s concept of cloud computing on its head.

The Cloud Center of Excellence this week will release a draft best practices guide — please don’t use playbook, it’s so last year — that will give agency contracting officers, chief information officers and CFOs a new way of thinking about buying cloud services.

The guidance tries to bring together seven years of mistakes, successes and false starts around cloud computing.

“It’s about how can we do acquisition faster? How can we identify the opportunities for bulk buys, much like we do for hardware?” said David Bray, chairman of the interagency working group and the chief information officer of the Federal Communications Commission.

(more…)

Two interesting items to keep an eye out on Capitol Hill. First, Rep. Mac Thornberry (R-Texas), the chairman of the Armed Services Committee, is expected to issue the first draft of his acquisition reform bill this week.

Details about the proposals in this annual Defense authorization legislation still are being closely held, but Thornberry told the press in late April that the bill will try to address several procurement areas where the committee hasn’t spent a lot of time on in recent years.

Industry sources say one of those areas is the buying of commercial items. The sources say Thornberry’s staff has been active in talking to DoD and industry about what’s needed to improve the military’s access to commercial items.

As I reported in last week’s notebook, the process to buy commercial items has become more and more complicated over the past decade. From 2009 to 2016, the Aerospace Industries Association (AIA) found the number of commercial item regulations increased five-fold to 142 in the Federal Acquisition Regulations or the Defense FAR.

(more…)

Sad news in the federal IT community. Amy Northcutt, the National Science Foundation’s chief information officer, died after a brief illness.

Her obituary in the Washington Post said Northcutt died on May 6 after being diagnosed with a brain tumor on April 27. She was 57.

NSF said Northcutt became CIO in January 2012 after serving previously as the acting office head of the Information and Resource Management and as the agency’s deputy general counsel from 2001 to 2011.

As CIO, Northcutt led NSF’s technology investments, governance, policy and planning.

(more…)

The Office of Management and Budget’s desire for agencies to break out their spending on IT in more depth for the fiscal 2019 budget process hit a bit of a speed bump.

Chief information officers from large and small agencies alike expressed support for the program, but also doubt that they could get it done over the next five months.

At a CIO Council meeting last week, several CIOs said they had a “productive” and “honest” discussion with OMB about what’s possible, but in the end strongly encouraged OMB to lower their expectations.

“The level of granularity that OMB was asking for was just too much right now,” said one CIO, who requested anonymity in order to talk about pre-decisional discussions. “With all the things going into the reorganization and reviewing of mission areas, the capital planning and investment control (CPIC) changes were coming at the worst possible time.”

(more…)

If the Trump administration wants to seriously reduce the regulatory burden on agencies and vendors, it should look no further than the Federal Acquisition Regulations and the Defense FAR (DFARs).

Since 2009, the number of clauses around commercial items skyrocketed from 16 to 142,  according to a preliminary analysis by the Aerospace Industries Association (AIA).

Of the 114 new clauses, 40 came from Congress through legislation and 76 from the White House or the government’s acquisition oversight councils, in the form of executive orders or FAR/DFARs cases.

And of all of those clauses, most —109 — impact every vendor, not just military contractors, while 33 only are in the DFARs.

(more…)