Not enough new entrants. A lack of accountability. Too many modifications to existing contracts and not enough new awards. The Veterans Affairs Department got an earful from House lawmakers last month over its IT contracting habits.
The trends highlighted by the Government Accountability Office and House Veterans Affairs Committee members were not necessarily surprising to VA officials, but nonetheless worrisome.
To that end, VA is changing the way it manages and works with contractors.
Kurt DelBene, VA’s chief information officer and assistant secretary in the Office of Information and Technology, said the goal of this new approach is to create a more integrated team where contractors and VA employees “live in sync and operate as a shared team.”
“We’re moving into a world where if we do a request for proposals (RFP), for instance, we will define that first nugget, that minimal viable product (MVP) and say the first milestone, that first thing you will deliver to us, is that MVP, and then we’ll see that it meets the actual need,” DelBene said during a press briefing with reporters on Tuesday. “We’ll then iterate, make sure we get it to that place where it is set and then we’ll scale it out from there. Then for all those optional tasks past that, we’re not actually committing those dollars until we actually see that the system is the system that we think is right.”
VA joins the Department of Homeland Security as the second agency in as many weeks to publicly step away from the big bang approach to federal technology projects. While agencies have been talking about this change for some time, especially with the wider acceptance of the DevSecOps and agile methodologies, DelBene and DHS CIO Eric Hysen are sending a specific message to contractors about how their agencies will work with them going forward.
“It doesn’t mean necessarily that we will farm out the different pieces of the project to lots and lots of different people because I don’t necessarily think that’s a recipe for success. I know there’s been some discussion on the Hill around whether we can bring a bunch of smaller contractors in because we’ll break up a project into a bunch of small pieces. That’s kind of a recipe for a poorly integrated project across the board,” DelBene said. “If you look at some of the failures in healthcare.gov, for instance, that team chose to take the five major components of healthcare.gov and give them to different contractors. You can see where the integration did not work when they flipped the switch and turned the thing on. You still have to have the thing built in such a way that there’s consistency across the key places. That’s also not to say it all has to be built by one contractor. But you can’t just say ‘oh, we’re going to slice it into several dozen pieces and give it to different organizations to be done.’ We got to have this cohesive as a team so that we get a good result in the end.”
That cohesive team also must include more small businesses.
House lawmakers and GAO found during the hearing that half of VA’s IT obligations in 2021 went to only 10 contractors — up from 45% in 2017. More broadly, about 75% of VA’s IT obligations went to 30 contractors. 2022 data isn’t available yet but GAO expects similar results.
This is part of the reason why a second change is focused on small businesses and new entrants. DelBene said this iterative or agile approach will help these firms show what they can do for VA.
“We’ll get into situations where we’ll give them a small piece of work, and say, ‘show us what you can deliver here,’ because there’s a lot of innovation that goes on with small contractors. But then they can prove themselves and then scale up and do more and more with us over time,” he said. “The gist is thinking very differently about contractors, thinking of them as integral parts of our team, that are peers of ours, but then keeping that evaluation going, and having those engagements, particularly with their leadership, to make sure that they’re doing the right thing for us. We think if you take those things, collectively, it’ll increase our success with projects in the VA.”
Ethics questions by Congress
DelBene has come under some criticism for what some say is his unwillingness to meet with vendors. There now are some concerns about how VA is handling its ethics waivers process for DelBene and other executives. House VA Committee lawmakers had a briefing in April with DelBene and VA special counsel Michael Waldman. Committee members wanted more information about the ethics waivers VA issued for DelBene and how he recused himself from specific interactions with his former company, Microsoft. DelBene was an executive vice president at Microsoft for eight years before coming to VA.
VA told the committee it didn’t have a good system in place to manage and oversee these waivers so it would put such a system in place. Committee Chairman Mike Bost wrote to VA secretary Denis McDonough on Monday asking for an update when this new ethics and recusal system would be ready.
At the same time there are some in the federal community who believe DelBene is too selective in who he or his team meets with. Given his goal to change the nature of contracting, DelBene said his goal is always to triage a vendor request and make sure it gets to the right person in OIT.
“There are some places where a particular contractor we have a book of business with where there are some issues and I want them in. So when they reach out, I say, ‘yeah, I actually would like to meet with you because I have some issues I want to work out with you or I’d like to understand where you’re going.’ I do a lot of those meetings,” he said. “But I also meet with a lot of smaller contractors along the way as well. I can’t meet with everybody, but I want to make sure we get everything triaged to make sure that that goes to the right place. So I understand where that sentiment comes from, but I do think we are pretty deliberate about how we triage the incoming queries and try to make sure it’s fair in that regard.”
Clear set of objectives
The closer relationship DelBene is counting on isn’t losing any rigor or accountability for contractors to deliver on their promises. Contractor accountability was another concern among lawmakers.
DelBene said accountability is built into this small task approach within his office and within each project team.
“One of the things we’ve done is we have a clear set of objectives and key results (OKRs), both at the OIT overall level and within each of the individual teams,” he said. “What the idea is, every team knows what are their key objectives and it’s done by semester for us. So we’ll have a spring semester that something new will start until about June and then another one that ends in the fall. We’ll define a set of OKRs that we want to make progress on over those six months. They can tell us if there’s a particular OKR within a team where we’re not making progress or we need to work harder on that particular team.”
And if VA finds there problems with contractors, DelBene said he will ask the vendor to swap out the team that is working on a specific project. He said that is something he has done in the recent past both in the public and private sectors. The key, he said, is having an environment where you can catch problems before they go awry.
At the same time, DelBene said there are several tools to ensure contractors are meeting VA’s requirements.
“We use the Federal IT Acquisition Reform Act (FITARA) as one way to do that, by whether we approve a contract being used for a particular project. But we also do root cause analysis on every issue, identify places where contractors are not actually performing well and we document that for future years and remediate against it,” he said. “I think that’s really key to kind of upping the game for contractors, generally speaking. We also have meetings with contractors on a regular basis. Nothing can beat getting them in the room, getting them on the call about what’s happened, and let’s problem solve together and resolve that.”
DelBene said another way to hold contractors and VA more accountable is through a resiliency dashboard. He said his team tracks about 100 of VA’s most critical systems across key criteria that represents engineering excellence.
“We have actually in the past year and a half since I’ve been here started this thing called an engineering excellence initiative, which says we get together as a group and we find out where we have chinks in the armor of our engineering processes. What do we want to drive for improvement? What is our development pipeline looking like? Do we have enough security checks as code gets checked in? What percentage of critical errors are happening in systems because of unforced errors?” he said. “It’s all about figuring out where our gaps are, figuring out what do we want to measure differently in the next semester than we are in this semester, and just iteratively, turning the crank over and over and over again. That’s pretty much how the rest of the world works, too. It’s just exciting to kind of bring this level of engineering rigor into the federal government as well.”