Reporter’s Notebook

jason-miller-original“Reporter’s Notebook” is a weekly dispatch of news tidbits, strongly-sourced buzz, and other items of interest happening in the federal IT and acquisition communities.

Submit ideas, suggestions and news tips  to Jason via email.

 Sign up for our Reporter’s Notebook email alert.

Pulling back the covers on a critical IG report about Interior’s cyber efforts

Editor’s Note: A comment from the Interior inspector general’s office was added to the story on Oct. 26.

There’s a problem with many reports from federal auditors that doesn’t get mentioned often enough in government. Many times these inspector general or Government Accountability Office reports are just snapshots in time and could be as much as 6-to-12 months old in terms of the actual state of the federal agency.

This is not to say auditor reports are not worthwhile. Just the opposite, these studies put agencies on notice about problems that need immediate attention.

The problem comes in when reporters and members of Congress believe the most recent report still is accurate.

The latest example is with the Interior Department’s IG report on the agency’s implementation of the continuous diagnostics and mitigation (CDM) program from the Homeland Security Department.

The IG released a report on Oct. 17 highlighting what seems to be major problems with Interior’s implementation of this key cybersecurity program. Among the most eye-opening findings from auditors were it will take Interior five years longer than first planned to reach “steady state” of CDM in 2019, and the agency is not doing a good enough job in protecting high-valued assets, including leaving more than 90,000 critical and high-risk vulnerabilities unpatched for more than two years.

At first glance, the “wow” factor is huge — 90,000 unpatched vulnerabilities and a five-year delay with CDM.

But if you dig a little deeper, you’ll find why auditors’ reports sometimes shouldn’t be taken at face value. (more…)

Time to evolve FITARA oversight?

A little over a year ago, the House Oversight and Government Reform Committee released its first set of grades for how agencies were implementing the Federal IT Acquisition Reform Act (FITARA). The grades, as expected, weren’t good. By May, when the committee released its second report card, some agency scores had improved, but many agency chief information officers started to see the shortcomings in how lawmakers were holding them accountable.

A Federal News Radio survey of CIOs in August and a recent effort by the Censeo Consulting Group, Cyrrus Analytics and the Hettinger Strategy Group both found while CIOs are supportive of the goals of FITARA, the metrics the House committee and the Government Accountability Office are using need some work.

“What we found is not anger toward FITARA scorecards, but more of a general feeling that the scorecard was unfair and didn’t take a holistic view of agency efforts in meeting FITARA,” said Kareem El-Alaily, a managing director at Censeo. “All stakeholders involved GAO, the Office of Management and Budget, agencies and Congress are trying hard to make this work. The issue is that no one is tying this all together to say how it should work. All the agencies have different roadmaps in how they are implementing FITARA and all this effort is overcomplicating things. What is needed is a reset to get all the stakeholders back on the same page and marching towards a unified end goal.”

Rich Beutel, one of the leading forces behind FITARA when he was a staff member on the House Oversight and Government Reform Committee, said they surveyed eight CIO IT teams about their opinions of the scorecard and how it could improve.


GSA’s Making It Easier campaign exhibits qualities not often seen in government

The General Services Administration proved change can happen quickly in the federal government. Since April, when GSA launched the Making It Easier campaign to address several challenges around its multiple award schedules program, the agency solved one major complaint of vendors — how long it takes to modify existing Federal Supply Schedule contracts.

Kevin Youel Page, deputy commissioner of GSA’s Federal Acquisition Service, said through the Making It Easier initiative, the agency made more than 2,260 modifications and on average it took two days to complete them.

That’s a huge change from what normally takes, on average, 10 to 15 days.

Additionally, GSA says it awarded contracts to 108 new vendors, a majority of them small businesses,  in 31 days on average through the Fast Lane program, instead of the 120 day average for non-Fast Lane offerors.

Judith Zawatsky, the MAS Transformation Program Manager, said the modification improvements came from having a dedicated team focused on modifying contracts under the Fast Lane program.

She said GSA hasn’t taken away any of the requirements but asked industry to be more proactive with FAS by letting them know and responding back in a timely manner.

Youel Page said GSA is building on these and other successes to move the Making It Easier campaign into phase two.


Uncertainty hovering over GSA’s latest identity management effort

The fourth attempt to build a common authentication platform between government and its citizens already is starting on shaky ground.

The General Services Administration’s 18F organization released a request for quotes for a vendor to provide online identity proofing and fraud detection Sept. 27 for its portal. Bids were due Oct. 11.

This was the second time in a matter of weeks that 18F issued this RFQ. It issued the first one in mid-September through Schedule 70 and decided to pull it back soon after. It’s unclear why GSA decided to withdraw the solicitation.

An industry source said the reason GSA pulled back the initial RFQ was due to it releasing it under the wrong schedule. The source, who requested anonymity, said vendors also complained to GSA that the RFQ appeared to be “wired” to Experian or Equifax.

Other sources say the RFQ is based on “old thinking” that even the National Institute of Standards and Technology says isn’t good enough for identity proofing.

David Zvenyach, the acting executive director of 18F and deputy commissioner of the Technology Transformation Service, defended 18F’s path. He said the RFQ had a quick turnaround time of only two weeks because either companies provide this type of service—identity proofing and fraud detection—or they don’t. Like many RFQs, GSA extended the due date at the request of the vendors who were interested in submitting bids.


A shared services détente?

Did Dave Mader, the controller of the Office of Management and Budget, just open the door to private sector firms providing financial management shared services to agencies? I think he might just have propped open a door that has been shut for several years.

At the recent Association of Government Accountants and ACT-IAC Shared Services Summit, Mader said addressing the supply and demand problem—more demand than there is supply of shared services—may come back down to industry.

“These are multi-year projects and I think what we find ourselves now is actually at a point where we don’t have the capacity to handle all of the demand. We haven’t decided how do we increase the supply?” he said. “There are a couple of options. We could go to the existing providers and say, ‘can you up your capacity?’ Well, then you get into the dilemma of where do they get the funding to up their capacity? I don’t think anyone will say build it and they shall come. How do you guarantee that actually you will have clients in the future if you make the investment, but even with the franchise funds you have now, people don’t have the capital to make those kinds substantial investments. So it’s kind of a Catch-22 that we are in.”


Agencies on a roller coaster ride with cloud spending

Sometimes covering the federal IT community is like a bad roller coaster. The buildup when going up the big hill is exciting and stomach churning. But when the downhill falls flat, you feel a little cheated. That’s the feeling today when it comes to cloud computing. You can’t shake a stick at a conference without someone mentioning the need to the cloud. The crucial role software-, platform-, infrastructure-as-a-service play and will continue to play in the future of federal IT always is hot topic.

But then Deltek’s GovWin puts out a report that is like that flat roller coaster ride. GovWin, a market research firm, looked at preliminary federal procurement data for fiscal 2016 that shows spending on cloud computing hasn’t lived up to its hype.

GovWin found civilian agencies have awarded $75.4 million in cloud contracts in 2016 and the Defense Department, its services and agencies awarded $45.3 million in 2016. We have to take into account that these numbers DO NOT include fourth quarter spending for DoD, as military procurement reporting usually is three months behind. For example, the Army made a $62 million award to IBM for a private cloud toward the end of 2016 that’s not included in GovWin’s numbers.


Senate creates gap in vendor protest rights; is it just the beginning?

Government contractors are out of luck if they are unhappy with large dollar civilian agency task orders.

Industry’s recourse to protest these requests for quotations (RFQs) on popular vehicles such as Alliant, EAGLE 2, OASIS, T4NG and many others are limited to those options that many say are ineffective or too costly.

Contractors can thank the Senate for putting them in this situation. And if the upper chamber’s version of the National Defense Authorization Act (NDAA) of 2017 gets passed, bid protest authority of task orders worth more than $10 million may continue to go down the drain.

First, let me start with the most immediate problem. The Senate let the authority of the Government Accountability Office (GAO) to hear protests of civilian agency task or delivery orders worth more than $10 million expire on Sept. 30.

This expiration only applies to civilian agencies as Congress made the ability of contractors to protest task orders issued by the Defense Department to GAO permanent in 2011. And this bid protest ability doesn’t apply to task orders against the Federal Supply Schedule or broad agency agreements either.

But as Rob Burton, a former deputy administrator of the Office of Federal Procurement Policy and now an attorney with Crowell & Moring, said this is bad news for contractors.

“Contractors could go to the Court of Federal Claims, but that’s very expensive and there is no automatic stay feature and most contractors really don’t pursue this approach. They still could go to the contracting officer and lodge a protest, but that doesn’t usually result in any remedy,” he said.


A case of premature circulation by OFPP?

With about four months before the end of the Obama administration, the push to recognize, even celebrate, and institutionalize its management agenda is coming fast and furious.

The latest example is around category management. The Office of Federal Procurement Policy released a draft circular for public comment on Oct. 8 detailing six broad areas of category management, including cementing this new governmentwide approach in policy, and the strategies and governance processes that go along with it.

Comments on the draft circular are due by Nov. 7.

OFPP believes the initial success of category management is so clear that it decided to publish a new circular around it — something that is rarely done anymore.

“This circular brings together these earlier policies and expands upon their concepts of economy and efficiency to establish the key principles, strategies, policies, processes, governance structure, and roles and responsibilities to implement category management fully as the principal way in which the government acquires and manages its common requirements,” OFPP wrote in the circular. “This circular does not address unique, agency/mission-specific requirements determined by the appropriate agency leadership to fall outside the scope of this directive. OMB category-specific policies (CM policies) will include instructions for making these determinations, as category strategies are developed.”

Anne Rung, who left on Sept. 30 after two years as OFPP administrator, said in a blog post on her last day that category management already saved the government $2 billion, and agencies were on track to save a total of $3.5 billion by the end of 2017.


What’s old is new again as groups try to influence new president’s agenda

The line to influence the next president’s administration is getting longer by the day. The traditional good government groups, such as the Partnership for Public Service, have been working the campaigns for a year or more.

But recently, the traditional Washington think tanks also are lending their voice, and opinions, to the ever-expanding community of commentators.

Both the Heritage Foundation and the Reason Foundation released white papers/blog posts trying to drum up support for President George W. Bush-era initiatives.

Reason released its 2016 Privatization Report by John Palatiello, who also is president of the Business Coalition for Fair Competition. BCFC is an organization that advocates against unfair government competition with the private sector.

Palatiello highlights six examples of agencies or Congress moving forward with initiatives to get out of work that is commercially available. For example, Palatiello wrote about the Department of Commerce’s International Trade Administration (ITA) trying to get out of the commodity IT business. He also uses the Defense Department’s increased use of energy saving performance contracts to help get military bases and commands efficiencies without upfront costs.

Congress has prohibited any use of funds to run public-private competitions under OMB Circular A-76 since 2008. The Obama administration also tightened the definition of what duties are inherently governmental in 2011. So the examples of privatization are few and far between and there is no application of A-76.

Heritage’s David Muhlhausen asked whether it was time to bring back an updated version of the Bush administration’s Performance Assessment Ratings Tool (PART).


Oracle to leave GSA schedule: A signal of broader change?

Oracle is leaving the General Services Administration’s schedules program. It’s not going to just stop selling directly through the IT schedule, but the software giant will no longer use third-party resellers either, according to multiple sources.

Let that sink in for a second. One of the largest software vendors in the world is telling GSA, thanks, but we can live without you.

Sources said Oracle decided the GSA schedules just weren’t worth the hassle any longer — the compliance requirements, the potential and real threats of False Claims Act lawsuits and the new Transactional Data Reporting (TDR) rule, all played into this decision.

“The federal market is a very small chunk of their business and while it seems big for us, when you look at someone like Oracle’s overall business, they have to expend an exorbitant amount of resources for little payoff,” said Jennifer Aubel, a principal with Aronson Consulting, who said she wasn’t familiar with Oracle’s decision. “With the TDR and even with not having to do price reduction clause reporting, a company like Oracle would still have to do monthly reporting and there is a lot of concerns, including how GSA will keep the data secure.”

Oracle made $38.2 billion worldwide in 2015. Its direct sales to the federal government were $60.8 million in 2015, according to Even if it made just over $2 billion in federal revenue through its resellers, the federal market accounts for about 6 percent of Oracle’s total revenue. And disengaging from GSA doesn’t mean Oracle can’t sell through other contracts, such as the Army’s CHESS or through enterprise software agreements with the Defense Department.


« Older Entries