Feds' IT Report Card: Good Effort but Incomplete
Jun 19, 2012 5:00 AM PT
In the heyday of harvesting forests in the U.S., lumberjacks often used dynamite to break up clusters of timber that formed when thousands of logs were floated on rivers to market. In the last 18 months, the U.S. government has floated hundreds of pages of proposals into a river of policy "reforms," dealing with innovative information technology.
However, the government and the vendors who supply it with hardware, software and services are still looking for a way to break up the logjam of directives, so that agencies can step up the purchase of vastly improved IT programs.
Two recent reports and a U.S. Senate oversight hearing on the administration's 25-point IT reform plan amounted to a collective report card on the program that was launched in December 2010.
The conclusion of these assessments is that many beneficial goals and directives have been issued for improving IT, including significant items dealing with vendor relations and procurement. Some procedural deadlines for requiring agencies to develop plans and programs have been met, while others have not.
Some agencies have gone beyond the generation of paper plans and actually achieved functional improvements in areas such as cloud-based email systems and data consolidation.
IT Program Rates an 'Incomplete'
Overall, the reform initiative has had the desired effect of improving the direction of IT management, the General Accountability Office (GAO) said in a recent report to Congress.
The plan has "served its purpose as a catalyst for a set of broader initiatives," the GAO said.
In academic terms, though, GAO avoided issuing a letter-grade and substituted a grade of "incomplete."
Too many of the procedures related to adoption of the 25-point reform plan are behind schedule, the agency reported, and without progress on the procedures, actual functional progress involving the purchase of innovative hardware and software could lag as well.
"We are certainly pleased about the savings resulting from the 'TechStat' sessions and that plans for the data center consolidations promise even more reductions," David Powner, director of information technology management issues at GAO, told the E-Commerce Times.
The TechStat program, an outgrowth of the reforms, requires major departments and agencies to account for their IT project management in face-to-face review sessions with Office of Management and Budget (OMB) officials. As a result of these reviews, low-performing IT programs were either fixed or dumped if they could not meet targets.
By terminating projects that had fallen behind schedule or were substantially over budget, the government avoided throwing good money after bad. Combined savings from future cost avoidance or from actual savings in data management have amounted to several billion dollars, GAO said.
But at the Senate hearing, Powner noted that many more billions in potentials savings "are still on the table."
Several items in the "unfinished business" category cited by GAO dealt with contracting issues. In a separate report on the IT reform plan, the Software and Information Industry Association (SIIA) noted that federal agencies were not yet fully equipped with the purchasing capabilities to align conventional federal procurement with innovative IT.
On-Demand Replacing Ownership IT
The SIIA report, for example, said that federal agencies should revise the practice that most IT acquisitions be treated as single capital improvement projects, as noted in a directive known as the "OMB-300" procedure.
"If we don't re-examine OMB-300, it could be an impediment to cloud computing. The government needs to recognize that we are shifting gears to an 'on-demand' world where IT is delivered in a service mode in an ongoing sort of rental context rather than a single long-term ownership context," Mike Hettinger, vice president in SIIA's public sector innovation group, told the E Commerce Times.
In a similar vein, both GAO and SIIA were disappointed that the reform plan had not yet offered any realistic contract guidance enabling agencies to purchase IT hardware or software on an incremental or 'modular' basis.
Using the modular (building block) method, agencies can implement IT projects on a gradual basis and work out the bugs at one stage before committing to the next stage -- thus avoiding the potential for spending a huge sum on a one-shot project that might not work. On June 14, shortly after these reports were issued -- and within three weeks of the Senate IT oversight hearing, the OMB issued a document aimed at utilizing modular contracting.
"I can't comment fully on that document because I haven't completely reviewed it yet, but it looks like OMB is going in the right direction," Hettinger told the E-Commerce Times a day after the guidance was issued.
"Although many federal agencies have moved aggressively into the cloud and used existing contract vehicles, many others have struggled to modify their procurement methods when purchasing cloud services," Molly O'Neill, vice president at CGI Federal, said at the Senate hearing.
"The notion of paying for IT services in a more 'elastic' fashion is very different from the traditional 'firm fixed price' and 'time-and-materials' contracts familiar to most government acquisition professionals," she said.
More flexible acquisition tools are needed not just for cloud computing but in other areas of data management as well, O'Neill said.
"Agencies should have the flexibility to create their own approaches, including transaction-based contracts," O'Neill told the E-Commerce Times.
Share Risk With Private Sector
As an example, O'Neill cited an IT contract between several companies, including CGI Federal and the Centers for Medicare and Medicaid Services (CMS), to reduce and recover improper Medicare payments.
The program is funded through contingency fees. Contractors pay all of the set-up costs and get paid a percentage of amounts successfully recovered.
"There are many other areas across government where the private sector could assume initial costs and get paid only when agencies begin seeing the benefits of reduced costs or enhanced revenues," O'Neill said. She advocated restoring the federal "Share in Savings" program which lapsed in 2009.
"If the federal government wants to do more with less, then it should embrace new methods of contracting that shift risk and up-front costs to industry partners," O'Neill suggested.
Another issue in adopting innovation is ensuring that data security remains at a high level. The Federal Risk and Authorization Management Program (FedRAMP), a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services, has been launched to meet that need.
"We have shifted in theory, but not one company has been certified to provide cloud computing broadly under the FedRAMP program," the SIIA report notes.
A breakthrough in the FedRAMP program was announced in late May when the process for the secure certification of cloud service providers got under way.
"I think by the end of the year, we will see the first certifications fall into place, and after that the cloud adoption process should start moving," Hettinger said.
"If you are going to have an element that needed some time to develop through a gestation process, the security element is one that should take that time," observed O'Neill.
Looking forward to the next 18 months, SIIA's Hettinger is optimistic.
"It's the old adage of trying to turn an aircraft carrier around when it comes to the federal government," he said. "You can't do it in 10 minutes, and a year or so down the road, we should see much more progress."
"All these programs are new and it has taken some time. There is a tendency to get impatient, but I am not overly concerned," said O'Neill. "In the next 18 months, I think we will see a lot more action in the investments for IT innovation. A lot more."