Federal Chief Information Officer Tony Scott has been promising for the better part of the last year that he would address the growing gulf between how much money agencies are spending on legacy systems and how much they are spending on new or modernized systems. The latest figures show about 76 percent of the $88 billion federal IT budget is spent on operations and maintenance of older systems, while 24 percent is spent on development, modernization and enhancement (DME) of technology systems.
President Barack Obama’s fiscal 2017 budget request sent to Congress on Feb. 9 offered a major change in the approach to moving the pendulum back to spending on modernized systems in the form of a $3.1 billion IT Modernization Fund that the General Services Administration would run.
While Congress and the administration debate whether or not to create the fund, agencies still face a huge gap in how best to modernize their technology infrastructure, systems and applications. Among their biggest challenges are the need for dedicated funding, improved skillsets of the federal workforce, having access and confidence in the appropriate contracting approaches, and, maybe most of all, a refreshed definition of what is a legacy system.
There is a growing question whether O&M and DME need to be redefined in the new cloud and agile environments.
Techopedia defines legacy system as an “outdated computer systems, programming languages or application software that are used instead of available upgraded versions.”
The Office of Management and Budget defined O&M or steady state in the fiscal 2014 IT budget guidance as “the phase of an asset in which the asset is in operations and produces the same product or provides a repetitive service.”
Interestingly, OMB doesn’t define O&M or steady state in the Federal IT Acquisition Reform Act (FITARA) guidance or the 2016 IT budget guidance.
During a recent panel, CIOs explained why a better definition is important.
Ray Coleman, the CIO of the Natural Resources Conservation Service in the Agriculture Department, said he cut his O&M spending by 10 percent just by reclassifying some of his agency’s IT efforts.
Coleman, like many other CIOs, said the definition of O&M is nebulous.
One former OMB official said so much DME is buried in O&M because spending on steady state doesn’t get “restricted” in terms of how the money is spent and the color of the money, meaning whether it is one-year or two-year or no-year money.
This is part of an ongoing cat-and-mouse game among OMB, agencies and Congress.
But the legacy definition also is hurting agency efforts to modernize their systems.
OMB budget codes for O&M and DME don’t take into account the new approaches, such as buying cloud through a metered approach or software by user instead of by license.
One agency CIO told me the definition of O&M should be any technology from the client-server era, and anything that is not going through continuous improvement. So even if an agency bought a cloud email system five years ago, as long as the vendor supporting that program is constantly upgrading the applications, security and tools, then it’s not an legacy system.
But under OMB’s budget codes, a five-year-old email system is considered steady state and all that DME money is potentially hidden.
Other CIOs and agency IT officials agreed that the definition of O&M and DME is part of the problem.
At a recent NextGov and DefenseOne event on modernizing federal IT, David Bray, the Federal Communications Commission CIO, said modernizing IT is about agility, first and foremost, with resiliency, to include cybersecurity and continuity of operations (COOP), a close second, and efficiencies, a distant third.
He said the need to be agile in the face of changing mission needs is not integrated well into the agency capital planning processes.
Bray said the FCC is trying to create a new approach to modernization. Back in September, the FCC moved its entire infrastructure to the cloud, including more than 200 servers and 400 applications.
Bray said from that move, the FCC has replaced its enterprise architecture and engineering office with a new cloud integration and catalog group.
“We are calling it cloud integration because the focus is we shouldn’t be standing things on our own,” Bray said. “We should be going to the commercial sector and looking for things, what they have and then producing a catalog of reusable modules from the private sector. It really is about reuse. Government shouldn’t be writing custom code. By and large, we should actually be focusing on what is out there. That is huge change.”
Bray said by establishing a cloud catalog, mission offices can pick and choose the tools or technologies they want and use them to meet needs more quickly.
He said the cloud has helped the FCC, in some cases, move from an idea to working prototype in about 48 hours.
Bray said because the mission offices can work within the parameters set up by the CIO’s office and within their own budgets to get the applications they want, the concerns around shadow IT and unknown security risks are reduced.
While some CIOs such as Bray will make change in their small corner of the government, OMB needs to redefine steady state or O&M in a way that works with the new technology, systems and approaches they are promoting to agencies.