The federal community has seen a plethora of retirements and senior executives deciding it’s time to move on.

We’ve reported on significant changes such as Frank Baitman, the chief information officer at the Department of Health and Human Services, and Mark Day, deputy assistant commissioner in the Integrated Technology Services office in the Federal Acquisition Service, leaving government.

But there were several others that flew under the radar.

Jeff Press, the Commerce Department’s deputy director of performance strategy, decided to move to the private sector. Press, whose last day at Commerce was Nov. 13, joins Socrata to lead its government performance practice, according to an email obtained by Federal News Radio.

Press joined Commerce in August 2014 after spending almost four years as a senior advisor and executive director of the Performance Council. (more…)

The question of where industry fits into the Office of Management and Budget’s renewed shared services initiative continues to be a hot topic across the community.

OMB and the Treasury Department have said industry’s role will be one of support to the federal shared services centers.

But is there room for industry to be a shared service provider? Or has that ship passed because of poor past performances?

A long-standing challenge of the Homeland Security Department’s plan to move to the Interior Business Center could be industry’s last gasp or a sign of things to come for financial management shared services. (more…)

CORRECTION: The Interior Department doesn’t host Employee Express. It is hosted by OPM. Federal News Radio regrets the error.

Few federal employees will fault the Office of Personnel Management for taking extra steps to protect their data. But recent cyber upgrades to the Employee Express platform are not only leaving federal employees frustrated, the effort is yet another lesson for other agencies of what not to do when it comes to customer service.

First a little background: Employee Express is the online portal run by OPM. The website lets federal employees control their payroll-personnel information by making changes or updates to information such as their addresses, tax withholdings, health coverage and the Thrift Savings Plan.

According to OPM’s website, the departments of Education, Interior, State and Transportation use the portal, as well as more than 70 medium and small agencies — such as the General Services Administration, the National Archives and Records Administration and the Securities and Exchange Commission. (more…)

Inside the Reporter’s Notebook is a weekly dispatch of news and information you may have missed or that slipped through the cracks at conferences, hearings and other events. This is not a column or commentary – it’s news tidbits, strongly-sourced buzz, and other items of interest that have happened or are happening in the federal IT and acquisition communities.

As always, we encourage you to submit ideas, suggestions and, of course, news to Jason via email.

Be the first to know when a new Inside the Reporter’s Notebook is posted. Sign up today for our new Reporter’s Notebook email alert.

A solution to the growing bid-protest problem

In the next couple of weeks or so, the Government Accountability Office will release its annual report to Congress on bid protests for the past fiscal year. At that point, we will continue the discussion about whether vendors are protesting more contracts each year or whether it just feels that way.

No matter what the statistics from GAO tell us — for instance, in 2014 the number of bid protests grew by 5 percent — the perception among many is contractor challenges to agency award decisions are not only expected, but planned for at an alarming rate. If you ask almost any contracting officer or program manager running a major acquisition, they build an extra 100 days into their schedule for the bid protest.

There is a way to fix this growing problem — again, whether real or perceived, it is a problem. And unfortunately for the government and industry, it’s a problem despite two “mythbuster” memos from OFPP emphasizing and encouraging more agency-vendor communications.

Read more

Agencies closing the gaps in quest to reform IT

The House Oversight and Government Reform’s oversight hearing on the Federal IT Acquisition Reform Act provided a treasure trove of tidbits about where agencies are heading over the next year.

This was the first oversight hearing since the Office of Management and Budget released its final policy in June.

In the four months since then, agencies have submitted and received feedback on their plans to meet the common baseline outlined in the final regulation. OMB expects agencies to finalize their plans to close the gaps between the common baseline and their current state of IT oversight, and post the document on a public website by Dec. 31.

Agencies have been working on meeting the requirements in FITARA really since President Barack Obama signed the bill into law about a year ago.

Read more

OFPP tells agencies to trust, but verify acquisition oversight systems

The Office of Federal Procurement Policy recently took an idea from the national dialogue to improve the federal acquisition process and put it into reality, and it could save agencies and vendors hundreds of thousands of dollars or more.

OFPP quietly released a memo creating reciprocity for agencies to use a contractor’s earned value management systems (EVMS) once it’s been certified by one department.

“Depending on the rigor of the review and other variables, the cost of a certification can exceed $1 million. In addition, a contractor that achieves certification for its system at one agency may not be recognized by other agencies as having a compliant system and may be required to complete yet another costly certification process,” wrote administrator Anne Rung in the Oct. 23 memo. “Contractors have observed that certification processes used by some agencies are similar. Recognition of another agency’s certification, as appropriate, would eliminate duplicative compliance reviews and result in a cost savings for both the contractor and the taxpayer. Accordingly, agencies are encouraged to enter into reciprocal agreements with other agencies and to post their EVM processes and procedures on their public websites.”

Read more

The Office of Federal Procurement Policy recently took an idea from the national dialogue to improve the federal acquisition process and put it into reality, and it could save agencies and vendors hundreds of thousands of dollars or more.

OFPP quietly released a memo creating reciprocity for agencies to use a contractor’s earned value management systems (EVMS) once it’s been certified by one department.

“Depending on the rigor of the review and other variables, the cost of a certification can exceed $1 million. In addition, a contractor that achieves certification for its system at one agency may not be recognized by other agencies as having a compliant system and may be required to complete yet another costly certification process,” wrote administrator Anne Rung in the Oct. 23 memo. “Contractors have observed that certification processes used by some agencies are similar. Recognition of another agency’s certification, as appropriate, would eliminate duplicative compliance reviews and result in a cost savings for both the contractor and the taxpayer. Accordingly, agencies are encouraged to enter into reciprocal agreements with other agencies and to post their EVM processes and procedures on their public websites.”

This is simple yet significant change both from a cost savings perspective as well as a simplification of a growing complexity of the procurement process.

Gerard Ruiz, Deltek’s senior director of product strategy and management, said it reduces the need for additional compliance reviews of vendor EVMS.

“The impact of not sharing these experiences and information is that contractors are asked to repeat a very expensive exercise,” he said in an email to Federal News Radio. “It is true that they will be more prepared potentially but it is important to understand that the preparation time for a compliance review is a very labor intensive and expensive process. It takes the contractor away from focusing on project or program execution. The contractor has to form a team, train the team, review its own people, process and tools, conduct their own mock interviews, and repeat the whole process when the agency conducts the physical review. This all takes many months and lots of resources to prepare for and execute. It is important to note that the cost associated with these reviews is charged back to the contract so the cost of the project/program goes up.”

An earned value management system in simple terms combines people, processes and tools to measure cost, schedule and performance against a standard list of criteria to comply with the Federal Acquisition Regulations. The Office of Management and Budget has required agencies to measure EVM since June 2002 for all major IT programs.

The systems used to measure EVM must satisfy the American National Standards Institute (ANSI) and Electronics Industry Alliance (EIA) Standard 748.

Ruiz said each agency ends up with a compliance review team, whether industry provided or internal, to conduct an onsite compliance review, interviewing key members of the project team and company executives.

“The compliance team will attempt to ascertain whether or not the contractor understands the criteria, has adequately documented its business practice, that people are following the procedures and that the procedures are designed to satisfy the criteria,” he said. “Of course all of this requires a deep review of the people, process and tools that are used and make up the EVMS.”

By encouraging reciprocity, OFPP is taking the concept that has proven well with the cybersecurity for cloud services initiative called the Federal Risk Authorization and Management Program (FedRAMP) to trust but verify.

Ruiz said from the outside looking in, reciprocity of these systems makes perfect sense, but over the years, for whatever reason, agencies felt the need to do each one themselves.

OFPP also recently launched a second national dialogue to improve the procurement process.

Among the top suggestions so far is to increase the micropurchase threshold to $10,000 from $3,000, adopt common terms and conditions for research contracts or grants, and create a common federal proposal and award management system.

In the next couple of weeks or so, the Government Accountability Office will release its annual report to Congress on bid protests for the past fiscal year. At that point, we will continue the discussion about whether vendors are protesting more contracts each year or whether it just feels that way.

No matter what the statistics from GAO tell us — for instance, in 2014 the number of bid protests grew by 5 percent — the perception among many is contractor challenges to agency award decisions are not only expected, but planned for at an alarming rate. If you ask almost any contracting officer or program manager running a major acquisition, they build an extra 100 days into their schedule for the bid protest.

There is a way to fix this growing problem — again, whether real or perceived, it is a problem. And unfortunately for the government and industry, it’s a problem despite two “mythbuster” memos from OFPP emphasizing and encouraging more agency-vendor communication.

Rob Burton, a former deputy administrator at the Office of Federal Procurement Policy and now a partner with the law firm Venable, said over the seven years since he’s left government, he’s been shocked by the lack of transparency and discussions about why an agency made a contract award decision.

“Many of the debriefings agencies offer are very superficial,” Burton said. “Having a government attorney sitting in the debriefing and monitoring to make sure the contracting officer or program manager doesn’t say something inappropriate has a chilling effect on the debriefing. Until the government engages with industry in a robust way and has actual communications — a two-way dialogue — industry will continue to protest awards and that’s going to hold up the project.”

Burton said there are two major problems with how the government provides debriefings.

The first is they don’t, specifically under task orders awarded through the General Services Administration’s schedule contracts, have to provide a debriefing.

Burton said under the Federal Acquisition Regulations — section 8.4 405-3 (b)(3) for those keeping score at home — agencies are only required to provide a “brief explanation” to the losing bidders.

The language in the FAR: “If an unsuccessful offeror requests information on an award that was based on factors other than price alone, a brief explanation of the basis for the award decision shall be provided.”

With more than $32 billion going through the schedules in 2014 including $14 billion on the IT schedule alone, and a significant increase expected in 2015 across the board, Burton said the need for more constructive and substantial debriefings is clear.

“When FAR Part 8 was instituted, no one envisioned so much task order activity. The initial vision of task orders was for small dollar value buys, but that’s not the case anymore,” Burton said. “It’s incumbent upon the government to give full debriefings. I think the government should give full debriefings for any task order procurement over the simplified acquisition threshold.”

The SAT is $150,000, and some have proposed raising it to $300,000.

Burton said he understands potentially requiring a debriefing for every award over $150,000 could be hugely time consuming on the government — and especially as a lawyer getting paid by the hour — it would be burdensome on the vendors too.

“I do think the time the government takes to give full debriefings and allows for back and forth will actually result in fewer bid protests,” he said. “I’m convinced of it. The government has nothing to hide, and usually has a reason for its selection and it’s well supported. But for whatever reason the government doesn’t want to communicate it, and forces vendors to protest to get a full disclosure so the vendor can see why they lost.”

The second problem with debriefings is agencies aren’t required to do them in person. The FAR says a written debriefing is fine.

Burton said too often agencies will quote the FAR, saying they are giving the vendor what is required of them by policy.

That minimally acceptable effort talks to a larger problem in the acquisition community of fear of getting into trouble and a lack of top-cover support from management.

“Clients are much less likely to protest after receiving an oral debriefing,” he said. “The amount of time and expense putting together a response to a RFP is mind boggling, and to get a one or two liner explaining why you didn’t receive the award really rubs contractors the wrong way. Industry feels it deserves more of analysis after putting efforts in it, and will file a protest to get that type of information.”

Burton said there are some innovations going on within some agencies that have convinced him that more communications would reduce the number of bid protests — again real or perceived.

He said one agency attorney brought him in to look at contract award file and to have a discussion.

“I told my client afterwards not to file the bid protest because they would lose,” Burton said. “That robust communication reduces bid protests in government and it’s absolutely a best practice.”

Burton said one way or another the government will end up providing the information, so providing it before a bid protest is filed will ultimately save time and money for all parties.

Now to be clear, the impetus doesn’t fall totally on the government. Industry also is hesitant to be fully open.

Harrison Smith, the Homeland Security Department’s industry liaison, said the agency has been trying to communicate more with vendors through events such as a reverse industry day.

Smith said DHS asked 11 companies to provide redacted versions of the debriefings the agency gave them as part an effort to improve those meetings.

Smith said in the end, only two vendors participated.

“We had a lot of people come back to us and say we wouldn’t believe the internal conversations we had with our internal counsel about participating,” Smith said. “It would help us to understand how companies make their decisions too.”

Burton said he recommends OFPP changes policy or the FAR Council opens a case to require oral debriefing for all contracts worth more than $150,000 if the vendor asks for it.

Inside the Reporter’s Notebook is a biweekly dispatch of news and information you may have missed or that slipped through the cracks at conferences, hearings and other events. This is not a column or commentary – it’s news tidbits, strongly-sourced buzz, and other items of interest that have happened or are happening in the federal IT and acquisition communities.

As always, we encourage you to submit ideas, suggestions and, of course, news to Jason via email.

Be the first to know when a new Inside the Reporter’s Notebook is posted. Sign up today for our new Reporter’s Notebook email alert.

18F shines some light on cloud.gov platform, but concerns remain

The General Services Administration’s much ballyhooed 18F organization rolled out a new service, cloud.gov, earlier this month.

While there was some initial confusion of what cloud.gov exactly is, an 18F spokesman confirmed that cloud.gov is an platform-as-a-service based on the open source technology called Cloud Foundry.

Cloud Foundry is a not-for-profit supported by a who’s who of private sector technology companies, such as IBM, VMWare, Intel, EMC and many more. The organization’s website says, “Cloud Foundry is an open standard for cloud applications. It is open source, multi-cloud, and multi-vendor. It is hardened production infrastructure for global enterprises. It is designed to make dev/ops the normal state of computing. It is built for fast-cycle innovation of cloud applications. For business, this means faster speed to market and higher rates of user adoption. For development, it means scalable microservices and continuous deployment. For operations, it means faster cycle time and higher reliability. For everyone, open source means no vendor lock-in.”

Read more

VA CIO LaVerne Council mending congressional cyber fences

LaVerne Council is on a mission to change the tone and tenor of the Veterans Affairs Department’s struggle with cybersecurity.

First, the VA chief information officer since July ordered a review and analysis of why the department has struggled for so long with cybersecurity. And then, Council, who spent her career in the private sector, created a plan to address current weaknesses and new threats.

Council delivered that plan to Congress on Sept. 28 and now is moving out on implementing it.

My colleague Nicole Ogrysko detailed Council’s plan in her story from Oct. 16. It includes eight cyber domain areas, including risk management, security architecture and medical cybersecurity.

But maybe the biggest difference is Council is trying to repair VA’s relationship with the House and Senate oversight committees and the agency’s inspector general.

Read more

Next generation telecom RFP a test of GSA’s listening skills

The request for proposals for the next generation telecommunications services arrived as promised by the General Services Administration on Oct. 16. What GSA hopes now happens is a growing list of vendors are taking a deep dive into the solicitation to see how well the agency listened and incorporated lessons learned from the arduous Networx contract. The transition to Networx from FTS-2001 lasted 33 months longer than initially expected and cost the government about $400 million more than it budgeted for.

Over the last year or so, GSA has hit all the right notes with industry and agency customers—asking and listening to how best to develop the main contract called Enterprise Infrastructure Solutions (EIS) under the Network Services 2020 (NS2020) umbrella. EIS is a 15-year contract with a ceiling of $50 billion.

Two of the main points of contention were the need for more competition and to make the contract easier to use.

We may not know if they’ve met those goals for several years as the current Networx contract doesn’t expire until 2020 and transition is set to begin in 2017.

Read more

DoD, VA lose senior IT executives

Maybe it’s a sign of the times or a case of reading the handwriting on the wall, but the announced departures of two senior IT executives from the Defense Department and the Veterans Affairs Department, respectively, are further examples of the steady turnover that’s happening across the government.

Ron Jost, DoD’s deputy assistant secretary of Defense for command, control, communications, cyber and business systems, confirmed through a DoD spokeswoman that he is retiring.

Jost said he plans to continue to support DoD after he leaves the government. He offered no timeline for his departure nor did the spokeswoman provide who would be replacing Jost event on an interim basis.

He joined DoD in 2003 after spending the previous 26 years with Motorola.
During his tenure, Jost oversaw warfighting communications, command, control and cyberspace capabilities. He also led the effort to support non-intelligence space systems.

Read more

The request for proposals for the next generation telecommunications services arrived as promised by the General Services Administration on Oct. 16. What GSA hopes now happens is a growing list of vendors are taking a deep dive into the solicitation to see how well the agency listened and incorporated lessons learned from the arduous Networx contract. The transition to Networx from FTS-2001 lasted 33 months longer than initially expected and cost the government about $400 million more than it budgeted for.

Over the last year or so, GSA has hit all the right notes with industry and agency customers—asking and listening to how best to develop the main contract called Enterprise Infrastructure Solutions (EIS) under the Network Services 2020 (NS2020) umbrella. EIS is a 15-year contract with a ceiling of $50 billion.

Two of the main points of contention were the need for more competition and to make the contract easier to use.

We may not know if they’ve met those goals for several years as the current Networx contract doesn’t expire until 2020 and transition is set to begin in 2017.

Agencies still are buying off the Networx contract. There still are 15 open solicitations under Networx for a variety of services, including cybersecurity services for GSA and the Homeland Security Department, and dark fiber-unused fiber optic lines–for the Vermont Army National Guard, and agencies spent more than $1.5 billion on the contract in 2014.

A key measurement of GSA’s success will be if its gets more than the five big telecommunication vendors—AT&T, Verizon, CenturyLink, Sprint and Level-3–to submit bids. GSA hopes companies such as Harris Communications, Hughes Network Systems and even integrators such as Lockheed Martin to put their hats in the ring.

“This is the culmination of an extensive and successful collaborative process between GSA, federal agencies, and industry which lasted more than two years and provided GSA with valuable feedback that helped us build and refine the RFP,” said Mary Davie, GSA assistant commissioner of the Integrated Technology Services office in a release. “We believe the EIS RFP achieves the appropriate balance between industry’s goals and capabilities, GSA’s objectives, and federal agency’s current and future needs.”

In the 251-page statement of work, GSA details four mandatory services: virtual private network service, Ethernet transport service, voice and managed network service. GSA says all other offerings are optional, and it recognizes the changing nature of technological and user requirements and encourages vendors to incorporate upgrades and innovations into their offerings.

GSA is giving agencies until Jan. 15 to respond to the RFP, which seems like an incredible amount of time, but given the complexity of the requirements, don’t be surprised to see dozens of questions and at least one extension of the due date.

“The overarching goal for EIS is to make the resulting contracts as flexible and agile as possible to meet and satisfy the widely differing requirements of the federal agencies both now and for the next decade and beyond,” GSA said in the statement of work. “The goal of the NS2020 Strategy is to become the federal government’s strategic sourcing center for network-based and network-enabled services. The EIS acquisition is the foundation for implementing this strategy.”

LaVerne Council is on a mission to change the tone and tenor of the Veterans Affairs Department’s struggle with cybersecurity.

First, the VA chief information officer since July ordered a review and analysis of why the edepartment has struggled for so long with cybersecurity. And then, Council, who spent her career in the private sector, created a plan to address current weaknesses and new threats.

Council delivered that plan to Congress on Sept. 28 and now is moving out on implementing it.

My colleague Nicole Ogrysko detailed Council’s plan in her story from Oct. 16. It includes eight cyber domain areas, including risk management, security architecture and medical cybersecurity.

But maybe the biggest difference is Council is trying to repair VA’s relationship with the House and Senate oversight committees and the agency’s inspector general.

It’s no secret the House Veterans Affairs Committee and former CIO Stephen Warren didn’t get along. From what I’ve seen and covered over the last two-plus years, the blame can be shared for the poor relationship. But at the same time, when your boss tells you they are concerned about something, you usually respond by changing or fixing the problem. And whether Warren or other senior ranking VA officials agreed with lawmakers and auditors or not, the long-standing material weaknesses should’ve been their top priority. VA failed its Federal Information Security Management Act audit for 16 straight years. The fiscal 2015 FISMA audit is due out in the next month or two.

And that’s the difference with Council. She said at the Government IT Executive Council event on Oct. 15 that her new strategic framework focuses on five broad areas, and within the execution section is eliminating material weaknesses.

“If that’s how our inspector general and auditors look at it, then I said to my staff, ‘let’s just get it done,’” she said. “We can’t be successful without an integrated security program, so that was job one for me at VA. The strategy is focused on defense in-depth and has detailed and clear plans that are based on a strong set of goals. What we have to do within those [eight] domains are defined and achievable.”

That new viewpoint isn’t lost on the congressional oversight.

A House Veterans Affairs Committee staff member said lawmakers have been impressed with Council so far.

“She has acknowledged a litany of VA IT problems her predecessors simply denied or attempted to downplay, and she seems genuine in her desire to solve them,” the staff member said in an email to Federal News Radio. “Her challenge will be accomplishing these goals in a limited amount of time within the confines of a historically intransigent bureaucracy with a long and well-documented aversion to accountability.”

Sources say she’s already briefed VA’s oversight committees several times and is trying to repair the relationship by building up trust.

As for the cyber strategy, Council isn’t rolling out new programs or technologies, but focusing on the basics whether its host intrusion and prevention systems or antivirus or the Homeland Security Department’s initiatives such as EINSTEIN 3A or continuous diagnostics and mitigation (CDM).

With about 15 months left at VA, Council is taking a multi-level approach to cyber, addressing short, medium and long term goals, and through it all, putting the veterans’ needs at the center of all she does.

The General Services Administration’s much ballyhooed 18F organization rolled out a new service, cloud.gov, earlier this month.

While there was some initial confusion of what cloud.gov exactly is, an 18F spokesman confirmed that cloud.gov is an platform-as-a-service based on the open source technology called Cloud Foundry.

Cloud Foundry is a not-for-profit supported by a who’s who of private sector technology companies, such as IBM, VMWare, Intel, EMC and many more. The organization’s website says, “Cloud Foundry is an open standard for cloud applications. It is open source, multi-cloud, and multi-vendor. It is hardened production infrastructure for global enterprises. It is designed to make dev/ops the normal state of computing. It is built for fast-cycle innovation of cloud applications. For business, this means faster speed to market and higher rates of user adoption. For development, it means scalable microservices and continuous deployment. For operations, it means faster cycle time and higher reliability. For everyone, open source means no vendor lock-in.”

This sounds good on paper. 18F is taking advantage of a no-cost or low-cost offering to help agencies move more quickly to the cloud.

“Cloud.gov enables 18F deploy its cloud-based applications with baseline security and scalability concerns addressed consistently up front, without dramatically scaling the number of cloud operations experts in our organization,” an 18F spokesman said by email.

But during a conversation on Twitter with several other reporters, feds and contractors, the question came up as to whether 18F should even be offering these services. If cloud services are widely considered a commodity, then why is the government competing with the private sector to offer these services?

If you take a look at the website for the Federal Risk Authorization and Management Program (FedRAMP), six vendors have earned Joint Authorization Board (JAB) approvals for PaaS and nine vendors have received agency approvals.

So if 15 vendors and agencies are offering PaaS already, why did 18F presumably spend time and money to develop another competing platform?

One federal CIO, who requested anonymity because they didn’t want to be seen as criticizing fellow federal employees, said there are a lot of unanswered questions about cloud.gov.

The CIO asked whether this was the best use of 18F resources given the private sector is probably cheaper for this commodity cloud service. The CIO also wondered whether the resources would have been better used to help agencies tackle “harder” problems, or even working with PaaS vendors and agencies to set up pre-negotiated contracts so agencies can buy a la carte.

The 18F spokesman said cloud.gov isn’t competing with the private sector.

“By using Cloud Foundry and making cloud.gov available, we’re raising the ‘lowest common denominator’ capabilities of agencies should expect from any vendor to the Cloud Foundry capabilities, and enabling greater competition,” he said. “Commercial Cloud Foundry vendors can provide managed services and support/consulting options that are beyond 18F’s capabilities due to our funding or staffing. The Cloud Foundry application programming language provides easy mobility from cloud.gov to commercial vendors’ services for government-developed applications as warranted. To some extent, cloud.gov is seeding the government market for value-add offerings from these vendors.”

The spokesman added PaaS vendors not part of Cloud Foundry also will benefit because cloud.gov will increase the migration of government applications to a “12-factor model, and therefore the applicability of PaaS models to government.”

“12-factor applications have very little dependency on the exact platform that is supporting them, so these applications will be more easily ported to non-Cloud Foundry commercial PaaS solutions as well,” he said. “Vendors of such systems have open-book access to how cloud.gov works, and can therefore provide easy on-ramp solutions to migrate government applications to their platform.”

Another federal CIO took a different tack. The source said it looks like 18F is trying to be a PaaS cloud broker.

“It looks like they are giving you templates and ways to work with particular CSP,” said the CIO. “The more I looked at cloud.gov, the more I would like to know the details. It didn’t seem like they were trying to duplicate what industry was doing, but help us get to the cloud faster.”

The CIO said the one concern they have is around the low-security level cloud.gov seems to be offering. The source said most of the agencies need at least a moderate level, so having a low-level approved platform-as-a-service isn’t all that helpful.

A former federal CIO offered a similar take. This former CIO, who requested anonymity because they didn’t get permission to talk to the press from their current private sector company, said the value is unclear as anything built on top of the Cloud Foundry would need a separate authority to operate—meaning the software or application would have to go through the FedRAMP process.

“18F tends to find a niche where they can build better or more cheaply or one that meets needs than those that are commercially available,” the former CIO said. “18F also built a website platform for Web publishing for use by federal agencies which have an unsophisticated website and just want to maintain static content in consistent and affordable fashion. Is cloud.gov a long-term sustainable offering? It’s hard to say, but it may meet some near term needs that they believe are out there.”

The 18F spokesman said cloud.gov is part of the organization’s overall fee-for-service—or cost recovery model—approach.

“The current model is provisional for the pilot phase, and is subject to change in the future,” the spokesman said. “In [the] agile tradition, we are validating whether the model we’re proposing fits the needs of federal agencies, which often face ‘color of money’ issues around how they spend appropriated or budgeted funds. The current model is also a test to validate that cloud.gov is cost-recoverable in terms of the 18F/GSA expenditure to develop, provide and support it for other agencies, rather than just 18F’s internal use.”

The former federal CIO said in general cloud.gov seems like a good thing for agencies to use and build cloud applications on.

A third federal CIO tells me they are “kicking the tires” on cloud.gov to see if it would be useful for their agency.

So why are vendors and some in government so concerned? It is a matter of better communication from 18F? Or does the entire concept of 18F make feds and contractors uncomfortable?

Cloud.gov will be worth watching to see if 18F can attract customers beyond the work they are doing for agencies. It also will be interesting to see when Congress decides to take a look at the 18F concept and whether the government is unfairly competing with the private sector.