Insight by KPMG

DLA’s application modernization focused on business needs, not technology requirements

DLA's Application Modernization Strategy

We’ve baked cybersecurity into how we do [IT modernization] within DLA. You mentioned some Dev/Sec/Ops models and things of that nature. It's all part of the modernization journey to where you're using software-as-a-service, low code, no code. But as you use low code, no code, you want to do it within a Dev/Sec/Ops model. So that cybersecurity is thought of through the development testing, as well as deployment phases. For us, within DLA, with the number of applications we have, setting up this Dev/Sec/Ops factory allows us to really more efficiently control our costs, when you have a bunch of system integrators coming into your agency, they all have their own flavor of tools they like to use.

Workforce Tools and Challenges to Application Modernization

We’re not talking about applications anymore within DLA. We really are talking about business capability needs. We’re shifting from managing applications to managing by business capability area. What’s the mission and function that you're providing? What's the business capability you need to perform that mission? And then from a technology perspective, it doesn't matter if it’s an IBM product or a Microsoft product or a SAP or Oracle product, what’s the capability that you need to utilize, and we provide that.

When it comes to technology and digital services, speed is often mentioned right after security.

The faster an agency, or any organization for that matter, can deliver new capabilities, the better it can meet customer needs.

This is why the buzz around the use of low code or no code platforms has grown over the past years. Now it’s a part of the Dev/Sec/Ops and agile discussion.

Adarryl Roberts, the program executive officer at the Defense Logistics Agency, said the agency has been on a modernization journey for much of the past few years. At one point, DLA had more than 1,300 systems and 194 applications, and it was challenging, to say the least, to manage and secure them.

DLA kicked off its application modernization strategy by releasing a request for information in 2019 and eventually awarded a contract in September to take advantage a cloud platform for its enterprise resource planning (ERP) system.

“We really want to reduce the amount of infrastructure that we’re sustaining and leverage as much commercially viable products as we can,” Roberts said during a discussion sponsored by KPMG. “One of the other major efforts we have is called the warehouse modernization system (WMS) effort, that’s also migrating our distribution piece to SAP standard software. And it’s going to combine our ERP, where our financial and other integrated business applications live, with our warehouse modernization efforts so that we have one ERP instance, as we rationalize and create a platform for our customers.”

Part of this modernization effort is the use of low code, no code platforms. Roberts said DLA recently made an award to ServiceNow to use their software-as-a-service platform to modernize applications.

“We’re leveraging the ServiceNow platform to get productivity efficiencies for our workforce, as well as move some of the ability to bring technical solutions to the employee themselves. So we call them citizen technologists here and DLA digital citizens,” he said. “How do we provide these low code, easy to enable platforms to the customer? We’re developing that concept here. How do we create citizen technologists, so that as a logistician, with a little bit of training, can actually create some low code acquisition or workflow products, while we maintain oversight from a cybersecurity and sustainment perspective? So we’re using low code and the ServiceNow platform as a baseline.”

Before DLA can open up the low code, no code platform, Roberts said it has to get the underlying architecture correct. This means ensuring cybersecurity is “baked in” from the beginning through the Dev/Sec/Ops methodology and

“[A]s you use low code, no code, you want to do it within a Dev/Sec/Ops model. So that cybersecurity is thought of through the development testing, as well as deployment phases,” he said. “For us, within DLA, with the number of applications we have, setting up this Dev/Sec/Ops factory allows us to really more efficiently control our costs, when you have a bunch of system integrators coming into your agency, they all have their own flavor of tools they like to use.”

Roberts said this approach will reduce DLA’s cyber risks and ensure standardization across the agency.

“We’re really leaning upon governance, a partnership with our functional community. And we’re not really labeling this as just an IT modernization, but this is an agency modernization based on reviewing our business processes, as well as other aspects of the business and DLA,” he said. “I think at DLA, as well as other agencies, people have begun to realize IT is not a nice to have anymore, it’s actually the business, it’s part of the business, no one can conduct business without it. We’re really trying to change the culture and make sure we’re looking at this from a lifecycle management perspective, as opposed to a legacy system discussion and a modernization discussion.”

One way DLA is doing that is through changing the discussion from applications to business needs.

Roberts said the questions that the IT department is asking focuses more on business capabilities needed to meet mission instead of technology requirements.

“[F]rom a technology perspective, it doesn’t matter if it’s an IBM product or a Microsoft product or a SAP or Oracle product, what’s the capability that you need to utilize, and we provide that,” he said. “If we focus the user and ourselves on what capability or function tasks you need to perform, and we show them how they’re able to do that more efficiently, that’s only going to help in terms of cost savings, and by removing duplicative capabilities across the enterprise. So that’s a driving factor in terms of what we’re looking at here. Where do we have duplicate of technology, not because we actually need it, but because people weren’t aware of what was in the inventory and how we could leverage it? We are going to see some immediate savings just from an IT perspective, moving to these commercial cloud environments, leveraging more commercial applications versus government developed products. But then we’re also going to start seeing productivity increases efficiencies across the functional workspace as well.”

Featured speakers

  • Adarryl Roberts

    Program Executive Officer, Defense Logistics Agency

  • Jason Miller

    Executive Editor, Federal News Network

Sign up for breaking news alerts