Reporter’s Notebook

jason-miller-original“Reporter’s Notebook” is a weekly dispatch of news tidbits, strongly-sourced buzz, and other items of interest happening in the federal IT and acquisition communities.

Submit ideas, suggestions and news tips  to Jason via email.

 Sign up for our Reporter’s Notebook email alert.

DISA’s plan to replace CAC to come together this year

When former Defense Department Chief Information Officer Terry Halvorsen talked about moving on from the Common Access Card (CAC) as the main approach to network authentication, many observers scoffed at the idea.

Halvorsen, who recently joined Samsung as an executive vice president focusing on mobile enterprise strategies and helping to navigate government and regulatory business affairs, envisioned and set as a goal last June for the next authentication technology to be more agile and less costly.

It looks as though the Defense Information Systems Agency is starting the process to make Halvorsen’s vision a reality.

Alfred Rivera, DISA’s director of the Development and Business Center, said during a panel sponsored by AFCEA Northern Virginia that they are moving toward multi-factor authentication, including biometrics and other “patterns of life” type of technologies.


30 ways to improve federal IT reform efforts

By bringing in a baker’s dozen of current and former federal IT experts, the Government Accountability Office’s Dave Powner likely knew what he was getting into. There would be no shortage of passion and strong opinions about what’s going right and wrong with the Federal IT Acquisition Reform Act (FITARA).

Let me put it this way: With the likes of Karen Evans, Vivek Kundra, both former federal chief information officers — I know Karen never officially held that title, but work with me here — Roger Baker, Dave McClure, Dan Chenok, Richard Spires and Tom Davis, the former Virginia congressman who wrote the first major cyber bill update in the early 2000s, the room didn’t include any shrinking violets.

Amazingly, however, the FITARA party didn’t turn into a complain-fest of what one administration did or didn’t do, or why Congress failed this time. Rather, this motley group gave GAO quite a cogent and cohesive earful, which hopefully will lead to an improved FITARA scorecard and, more importantly, a more effective implementation of the law.

GAO’s forum and report highlight a series of recommendations from the experts on how to further improve FITARA and make sure it’s implemented to the greatest extent possible.


Overhaul of $6B cyber program gets off to encouraging start

The General Services Administration and the Homeland Security Department’s industry day on April 17 was the beginning of the future of the Continuous Diagnostics and Mitigation (CDM) program.

The few hundred participants in-person and on the phone gathered a few more details about where the governmentwide cybersecurity program is heading over the next year.

The discussions about the new special item number (SIN) under Schedule 70, as well as the current status of the CDM program across the government, are helping to set the scene for a busy summer.

But the meeting also left some participants with more questions than answers, particularly around the process for obtaining the SIN.


Little-noticed section of OMB’s reorg memo brings the real potential for change

Tucked into the Office of Management and Budget’s ambitious plan to reorganize and restructure the government is a significant and generally overlooked section on organizational efficiency and effectiveness.

But it’s this portion of the April 12 memo focusing on the mundane ideas of alternative delivery models, streamlining mission-support functions and leveraging existing solutions for common requirements that includes some of the most realistic and achievable goals. Ideas such as shared services, insourcing and outsourcing and all-but-mandating the use of existing multiple-award contracts instead of developing new ones are the types of initiatives that have the real potential to change and transform agencies and their mission areas.

“The memo was clearly written by knowledgeable insiders,” said Alan Chvotkin, executive vice president and counsel for the Professional Services Council, an industry association. “The use of best-in-class contracts drawn from a prior version of the Circular on category management, the call for shared services and other examples are from people who know what they are talking about.”

Chvotkin said the memo also sends a specific message to agencies about how the Trump administration is starting to develop its management agenda.


Trump’s new innovation office strikes a familiar chord

When President Donald Trump announced the new Office of American Innovation a few weeks back, the first thought that came to mind was about how this sounded similar to an Obama administration initiative called the President’s Management Advisory Board.

The goal of both organizations is the same: Bring in private-sector experts to help the government improve its back-office and mission-critical processes.

So was this just a case of the Trump folks putting a new name on an existing idea, as is the custom when a new administration comes in? Or was there something more here that would set this apart?

It’s hard to tell based on the short memo. The only inkling of what OAI will do comes from Section 2 of the memo:


GSA trying to separate myth from reality with data reporting pilot

Give the General Services Administration credit for not shying away from the harsh criticism of the Transactional Data Reporting (TDR) program.

Industry associations and government contracting experts have bluntly told their clients not to take part in the program. Or as Larry Allen, president of Allen Federal Business Partners and a long-time GSA expert, wrote in a recent blog post that Federal News Radio put our website, “Run, don’t walk, from GSA’s TDR.”

First, let me give you a little background about the Transactional Data Rule program. It’s a new requirement GSA finalized in June that lets government contractors submit information about transactions through the schedule contracts and those governmentwide acquisition contracts run by the agency, instead of having to follow two clauses that most vendors dread — the Price Reduction Clause (PRC) and the Commercial Services Practices (CSP) provision.

Over the last decade or more, vendors have complained about the requirement to submit to the PRC and send in CSP data. The Commercial Sales Practices regulation requires contractors to disclose to GSA details of any discounts vendors offer to commercial customers for similar products and services. The Price Reduction Clause requires contractors to monitor their pricing over the life of the contract and provide the government with the same price reductions that they give to commercial customers. The PRC has been at the center of most of the government-contracting-based False Claims Act whistleblower cases and settlements over the past decade. Vendors have called on GSA to change the PRC because it doesn’t match up with how agencies buy or how contractors sell these days.



White House tech leaders conduct listen, learn with federal CIOs

Federal chief information officers from every Cabinet agency, large agency and a select few small agencies made a trip to the White House over the last month to provide a 30-minute brain dump to the Trump administration.

Multiple sources say Chris Liddell, the assistant to the president for strategic initiatives, and Matt Lira, the special assistant to the president for innovation policy and initiatives, brought in CIOs one after another to get a handle on priorities, challenges and opportunities in each agency and governmentwide.

Sources say the mostly one-sided conversation let the CIOs expand and explain in more detail their one-page-or-so State of Federal IT the Obama administration left for the new technology executives.

“It was a good conversation,” said one CIO, who participated in the conversation and asked for anonymity in order to talk to the press. “I thought it was encouraging that someone coming into government without a lot of government experience wanted to learn what we were doing. There were no action items that came out of it. It was just opening their eyes to just how big and complex our jobs are.”


Trump administration’s push for shared services should start by looking at Commerce

The Commerce Department conducted 73 separate cyber penetration tests last year. Each of the bureaus in the department basically did their own thing with minimal coordination at the headquarters level.

“We have a budget initiative to create an enterprisewide penetration testing service,” said Rod Turk, Commerce’s acting chief information officer and chief information security officer at the April 6 Intel Security Summit in Arlington, Virginia. “It has not been approved yet, but we think we can consolidate these efforts.”

This is the perfect example of why Commerce is one of the leading agencies around shared services and could be a model for the rest of government.

Glenn Davidson, Commerce’s executive director of enterprise services, said earlier in the week that Commerce will be the first agency to move to shared services for all back-office functions — human resources, financial management, technology and procurement.


As budgets tighten, has the FDA figured out how to manage the cost of IT?

Agencies, generally speaking, have little idea what it costs to provide technology or human resources or acquisition or financial management services to the rest of the agency.

Yes, most know how many employees and contractors work in those areas and what they cost. But few have ever developed an accurate cost model that includes the cost of the building or electricity or air conditioning or the guards that protect the building.

One of the main reasons the competitive sourcing effort under Circular A-76 struggled during the administration of President George W. Bush was the inability — or unwillingness — for agencies to truly figure out the costs of these back-office services. And when they did, contractors claimed the figures were way out of whack.

The Food and Drug Administration may have just broken the code around cost allocation and recovery for IT services.


Are concerns over the transition to the new telecom contract warranted yet?

The last time the General Services Administration asked agencies to transition to a new telecommunications contract, it took 33 months longer than expected and cost the government an extra $395 million.

With its new telecommunications effort, called Enterprise Infrastructure Solutions (EIS) under the NS2020 program, GSA promised to learn from its mistakes with Networx by listening more to its agency customers and industry partners and simplifying the entire effort.

But with less than three years until the expected transition date of May 2020, at least one major agency is uncertain if there is enough time to move to EIS.

Beth Killoran, the Department of Health and Human Services chief information officer, said she submitted the HHS Transition plan to GSA in October and is concerned about meeting the program’s timetable.


« Older Entries