Reporter’s Notebook

jason-miller-original“Reporter’s Notebook” is a weekly dispatch of news tidbits, strongly-sourced buzz, and other items of interest happening in the federal IT and acquisition communities.

Submit ideas, suggestions and news tips  to Jason via email.

 Sign up for our Reporter’s Notebook email alert.


Feds may seek new jobs thanks to growing telework policy changes

Best listening experience is on Chrome, Firefox or Safari. Subscribe to Federal Drive’s daily audio interviews on Apple Podcasts or PodcastOne.

The Agriculture Department’s decision in January to make significant changes to how often its employees could telework is reverberating across the government.

The departments of Education and Health and Human Services followed suit over the next few months. There are rumors other agencies, including the Veterans Affairs Department and Commerce Department may soon implement similar changes.

And all of these new policies are causing some federal employees to believe it’s only a matter of time before their agency follows suit.

Federal News Radio conducted an exclusive online survey of its readers over the last month and found 44 percent of 396 respondents say they are very concerned and 25 percent said they are somewhat concerned about possible changes to their agency’s telework policy.

“The management in [VA] is considering decreasing telework or eliminating it,” said one respondent.

Another said, “Telework is now not an option starting Oct. 1st (originally was two days a week).”

Of those who answered how their agency changed the telework policy, a vast majority said it was a straight reduction usually limited to one day per week. One respondent said their agency cancelled any regularly scheduled teleworking, and now only situational is allowed.

Others said their agency clarified policies and procedures around telework, such as “increased monitoring of log on and log out times,” according to one respondent.

Another respondent said, their agency clarified “meanings of ad-hoc, situational and reoccurring as well as expand teleworking to ad-hoc to a maximum of two days per pay period.”

Several also commented that their agency’s policy is if an employee can telework, they must during weather-related situations.

One respondent said their agency “mandated anyone with a telework agreement must work on days where the government is closed, such as snow emergencies.”

And there were a few who said their agency actually is promoting telework.

“Encouraging us to do more telework to save space in office,” stated one respondent.

Another said, “Expanding telework to more employees to telework more than 50 percent of the time.”

It’s clear all of these changes are causing consternation across almost every agency. And what’s unclear is what agencies are doing to alleviate the challenges.

At USDA, Don Bice, the deputy assistant secretary for administration, said while employees had initial concerns about telework, the time since the policy helped clarify the agency’s intent.

“I think the more that we talk about what the Secretary intended and what the authorities are … this did not change any reasonable accommodations and it didn’t change if there were any additional issues, where if there were staffing that had to do with space limitations, it didn’t change that. It’s more the perception there,” Bice said in an interview after a House Oversight and Government Reform hearing in May where Rep. Gerry Connolly (D-Va.) brought up concerns about USDA’s decision. “The secretary still supports telework, still expects people to come to the office most of the time of the days of the week, still allows telework, but it’s matter of a perception on the time periods that people feel comfortable with and what the secretary tried to do was provide to the supervisors the ability to make decisions in conjunction with employees.”

USDA extended the initial timeline to implement the telework policy to 60 days after employees said 30 days was not enough.

Bice said that is an example of how the agency helped with adjustment.

“The secretary asked each one of his policy staff and the people acting in those policy positions to go out and have conversations with their employees to explain the policy. I think that has helped to explain what the intent here is,” he said. “For those people whose job does allow full-time telework, those positions have now been designated to be eligible to be done in other duty stations. The other big component is that we were accurately identifying whether people were doing work from home or doing work from an office location. Certainly, we are fielding lots of questions. Some have been good humored. Some have been not so good humored.”

As more and more agencies follow USDA’s lead and require employees to be in the office more days per week, the lack of humor is becoming evident more and more.

The good news is 34 percent of the employees who responded to the survey said the change in the telework policy wouldn’t prompt them to look for a new job.


“Already happened. I’m not terribly upset by it,” wrote one respondent.

Another said, “I’ll retire in a couple of years so I won’t be looking for another job because of telework policy.”

At the same time, 31 percent said a change in the telework policy would “very likely” motivate them to look for a new job and 20 percent said they were “somewhat likely” to change positions.

“I have 20 years, so leaving makes no sense, But as soon as eligible for retirement, I will seek other opportunities,” stated on respondent.

Another said, “I’m looking to transfer to another duty station closer to home.”

The short and long term impacts of the policy changes are unclear.

Frank Landefeld, public sector market leader at MorganFranklin consulting, told Your Turn with Mike Causey in March that restricting such work-life policies could make it harder for the federal government to compete for new talent.

That seemed to play out in the survey.

Results via Survey Monkey

More than half of the respondents said the biggest benefit of telework is it reduces the amount of time they spend commuting, while 25 percent said the biggest benefit is greater work-life balance.

“Ability to have uninterrupted time for heads down work that is not possible in the open office environment,” wrote one respondent.

Another respondent stated, “Less commuting, higher productivity, equal collaboration through instant messaging.”

Overall, the survey showed continued concerns over real or potential changes to federal telework policy. The lack of communication about why the changes are being made and an inconsistent application across agencies is a problem agencies are struggling to address. As USDA’s Bice said, fielding and answering all those questions would do a lot to relieve anxiety.

DHS’ governmentwide cyber initiative makes over $1B in contract awards in the last month

The Nuclear Regulatory Commission’s implementation of phase one of the continuous diagnostics and mitigation (CDM) program fell behind schedule by as much as nine months.

In June, the agency issued a sole source justification authority to continue to pay Enterprise Services— formerly HP Enterprise Services — $389,000 for another year of work on phase one.

Now for NRC and the five other agencies in Group E, phase 3 of CDM may also fall behind schedule.

The General Services Administration’s award to ManTech for $668.6 million for services and capabilities under the DEFEND task orders is under protest before the Government Accountability Office. Enterprise Services filed a bid protest on July 2, arguing its proposal shouldn’t have been rejected as unreasonable.

The irony of this protest is the Enterprise Services is the current provider of CDM services to Group E so by protesting the award they are both paying for the legal fees and getting paid by their customers to continue to provide services. It’s a perfect example of an incumbent losing the recompete and extending their revenue through a protest. This issue has long been a red flag for many in the acquisition community about why certain parts of the bid protest process need to be fixed. But that discussion is for another time.

HPES has been providing services to these six agencies since 2015, when GSA and the Homeland Security Department, which the operational arm of CDM, awarded the company a $21.7 million contract. The six agencies include the NRC, the Environmental Protection Agency, the departments of Housing and Urban Development and Education, the Small Business Administration and the National Science Foundation.

And this brings us back around to NRC. It’s unclear if NRC’s implementation challenges were the fault of Enterprise Services, DHS, the agency or some combination of the three, but the fact is NRC, and likely other agencies, will have to figure out how to deal with the ever-increasing cyber attacks without these advanced tools.

In the justification document, NRC offered a little insight into why CDM has been delayed:

“In the original design, the CDM project intended to collect a large amount of system security information that would be analyzed and displayed in an agency CDM dashboard that also sent summary data to a federal CDM dashboard hosted at DHS. This effort required installation of ten new servers involved in data collection and analysis, and due to the complexity of this system the length of time required to troubleshoot configuration issues so that it functioned properly was much longer than anticipated. Due to limitations of the lab environment provided by the contractor, CDM system configurations could not be adequately tested prior to deployment on the NRC network which further increased time needed for troubleshooting.”

NRC also said: “CDM project lacked a complete architectural vision or concept of operations from U.S. Department of Homeland Security (DHS). For that reason, the CDM project is behind the schedule originally” detailed in the initial contract award to HPES.

Only since March has the NRC CDM dashboard met initial operating capability, which seems to be on schedule with other agencies. In May, Kevin Cox, the CDM program manager, said DHS had 20 of 23 agencies providing data and had a goal of closing the gap this month to have all 23 civilian CFO Act agencies submitting data to the governmentwide dashboard.

This is the second time Enterprise Services protested an award under the CDM program. In 2015, the former HPES lost its complaint to GAO over the $29 million award to the Knowledge Consulting Group to provide DHS’ headquarters with continuous monitoring tools.

While Group E must wait until October at most to get going, the agencies under Group C are ready to go.

GSA awarded CGI Federal a $530 million contract to under the Alliant governmentwide contract for five agencies — the departments of Commerce, Justice, Labor, State and the U.S. Agency for International Development.

GSA and DHS held the “kick-off” meeting with CGI Federal and the agencies last week.

GSA received four bids under the task order competition and, obviously, it wasn’t protested.

As for the other agency groups under DEFEND, which marked a major change to how GSA and DHS approached CDM:

  • Group A — CACI won a $407 million task order in May for DHS headquarters and components.
  • Group B — Booz Allen Hamilton won a $621 million task order also in May for seven agencies —the departments of Energy, Interior, Transportation, Agriculture and Veterans Affairs, and the Executive Office of the President and the Office of Personnel Management.
  • Group D — Expected award by the end of July. Agencies under Group D are: GSA, NASA, the Social Security Administration, the departments of Treasury and Health and Human Services, and the Postal Service.
  • Group F — Cox said DHS continues to work with the small and micro agencies to get them to submit data to the governmentwide dashboard, and is starting to pilot a continuous monitoring-in-the-cloud solution.

Sources say GSA and DHS are working on the next part of Phase 3, which currently is being called the CDM Dashboard II. GSA received feedback from a recent request for information and is expected to hold an industry day in August.

Read more of Reporter’s Notebook

Don’t panic: Senate appropriators cut IT modernization fund for 2019

Best listening experience is on Chrome, Firefox or Safari. Subscribe to Federal Drive’s daily audio interviews on Apple Podcasts or PodcastOne.

If the House Appropriations Committee decision to increase the IT modernization fund to $150 million was a vote of confidence to the Office of Management and Budget, then the Senate committee’s decision to zero out the fund in fiscal 2019 would be considered by some a vote of skepticism.

Before questioning the spirit and intent behind the Modernizing Government Technology Act or claim lawmakers already lost interest in the law, consider this: Maybe the Senate is teaching the new administration a lesson of sorts?

Never enough communication

One of the challenges of bringing in executives without previous government experience is their inability to fully grasp the importance of communication with Congress. We have seen this with the Bush administration e-government initiatives. There is a popular story about an Interior Department official upset with the geospatial one-stop project going to “friends” on Capitol Hill to put a rider in the Interior spending bill to that would prohibit the agency from supporting the presidential initiative. What’s funny is that person is back in government, so hopefully they like the Technology Modernization Fund (TMF).

Under the Obama administration, Office of Management and Budget officials all but shut down the discussion about the Federal IT Acquisition Reform Act (FITARA) at one point, forcing one congressional staffer to almost publicly engage a key member of the administration in a debate about the bill.

And now, the Trump administration is starting to learn this sometimes hard lesson. No matter how often or much you think you have communicated with lawmakers and, more importantly, their staff, it was not enough.

Over the years, several former OMBers from the Bush administration have told me among their biggest mistakes was not working more with Congress.

So let’s go back to the TMF. Senate appropriators said in the bill’s report, “As the TMF reviews the remaining proposals, the committee encourages [the General Services Administration] and OMB to provide additional transparency surrounding agency proposals at each stage of the selection process, including projects submitted for consideration and those selected to receive funding. The committee will continue to monitor the proposal process and work with GSA and OMB to establish metrics for determining program and project success.”

Translation: You aren’t communicating enough and until we understand more, you are not getting more money.

Mike Hettinger, a former Hill staff member and now managing principal of Hettinger Strategy Group, said it’s clear there is some gaming going on.

“If I was OMB and GSA and I have a new program that appropriators were somewhat skeptical about at the beginning and played a big role in revamping it, I’d go overboard this year and give them everything they want to know,” he said. “I’d brief them every few weeks, letting them know how funding is being let out and keep them in the loop. My feeling is that didn’t occur and that is why OMB is seeing some push back.”

Sen. James Lankford (R-Okla.), chairman of the Appropriations Subcommittee on Financial Services and General Government, highlighted the need for more communication about the TMF process in an email to Federal News Radio.

“I am concerned about the lack of transparency with the allocation of the awards, and who is submitting proposals and why certain projects and agencies were or were not selected,” he said. “In the coming weeks, I hope to explore possible solutions to this lack of transparency.”

Hettinger said agencies and supporters of the TMF shouldn’t see this as bad news or even similar to what happened to the E-Government Fund that Congress insufficiently funded for years.

“Is money at risk? I don’t think so as long as OMB and GSA and the hill can work together. I think they will get the $150 million in funding,” he said. “I think this reiterates how important IT modernization is, and Congress is making sure they get the information they need. It also reiterates how important it is, especially for the sponsors of the MGT Act Sens. Jerry Moran and Tom Udall, for it to be successful. This back and forth with OMB and GSA is part of that.”

Sen. Jerry Moran (R-Kan.) said on June 21 during the subcommittee’s discussion about the spending bill that he was alarmed by the decision to remove all funding for TMF, but still is confident lawmakers will restore the funding.

“What I have learned and what I accept as important is there is good government that’s necessary as we pursue good government and that means that we need more information and that substantive and necessary oversight is currently lacking,” he said. “And we were able to work with the subcommittee to formulate a meaningful, in my view, amendment to require the GSA to provide specific information on how these dollars are being spent and I want to thank the subcommittee as well as you, Mr. Chairman, for working with us to accomplish that. It outlines what we need from the GSA, and my hope is that the GSA, even though this legislation with this language will not be law by the time we get to conference.”

He added the subcommittee’s message is intended to get the attention of OMB and GSA to provide the information the committee needs for oversight.

Living up to expectations

It’s not just the Senate that wants more communication. While the House committee approved $150 million for 2019 for the Technology Modernization Fund, lawmakers added more specifics about their expectations.

OMB has held on to information about the TMF like it was state secrets. OMB Director Mick Mulvaney told lawmakers how many proposals the TMF board received, but didn’t say from which agencies they came from. Other OMB and agency officials were tightlipped publicly and privately about which agencies submitted proposals, for what types of projects and really anything about the process before OMB announced the awards.

Maybe OMB was concerned that if they told the hill, it would leak out—invariably it would. But the questions then are: Who cares if the information is leaked? What is the harm? In fact, it may help the program.

And maybe OMB wouldn’t be in a position today to have to so aggressively promote and encourage agencies to submit more proposals for the remaining $55 million in the fund for 2018?

The message from Congress is clear: Federal CIO Suzette Kent, GSA Administrator Emily Murphy, a former Hill staff member, and GSA Federal Acquisition Service Commission Alan Thomas have the summer not only to give lawmakers the information they want, but to re-establish a regular cadence of updates about TMF.

If one thing has always been evident with any administration technology initiative over the years, it’s that OMB has done a good job managing down to agencies and across to vendors. But rarely has the e-government office figured out that managing up to Congress will make-or-break your initiatives. It’s time to figure this out if IT modernization is as critical as everyone says.

Read more of Reporter’s Notebook

What does it take to be a federal cyber executive? New handbook has the answers

It was 2006 when the federal government got serious about cybersecurity. Jerry Davis, the outgoing NASA Ames Research Center chief information officer, was an employee of the Veterans Affairs Department and a laptop with the data of 26 million veterans was stolen.

Davis, who has spent much of his career in cyber, said the incident “opened eyes and sent shock waves across the federal government.” From that event came a number of executive orders, memos, initiatives and even laws that tried to reshape the way agencies approach cybersecurity, and protect data and networks.

“I think the biggest challenge the government and really every sector faces is the skill set of the people who are securing our networks and systems,” Davis said in an “exit” interview. “We as a nation are woefully behind when it comes to producing really good individuals that have skill sets to work in cybersecurity.”

Davis’ description of the challenges facing the public and private sectors is the impetus behind the Federal CIO Council’s new chief information security officer handbook.

‘A central pillar’

In launching the 170-page CISO Handbook on June 26, the council wrote that “a central pillar of the administration’s IT modernization strategy is to improve the skills, leadership abilities, and overall pipeline of talent in the federal government to address our growing cybersecurity threats.”

The group said it sought to produce a compendium of key information, templates and processes for a “‘one stop shop’ for new and emerging information security professionals to begin their upskilling into future cybersecurity executives. The handbook is a foundational document that will help agency leadership drive transformational workforce changes in a standardized, repeatable manner and create greater collaboration and coordination across agencies to address systemic cybersecurity challenges.”

Trey Kennedy, a senior adviser to the CIO Council, said in a call with reporters that over the last 15 years, since the passage of the Federal Information Security Management Act (FISMA), the complexity of what federal IT security executives need to know has sprouted.

“The creation of the handbook wasn’t centered on the confusion around what was out there, but what really came up was a lot of folks were saying there are tons of resources out there to help us do our job that highlighted the role of CISOs,” Kennedy said. “But the thing we found and consistently heard through the councils was that these resources are in various places. And when you are onboarding a new employee it would be really great if there was a one-stop shop that lets you point folks to a single document that may not be the totality of the universe, but gives you that foundational knowledge, the key that you really need to be successful in the cybersecurity role.”

He said the goal of the handbook is not to be prescriptive as there are plenty of laws and policies that do that. But it should detail the goals and objectives of federal IT security whether one is a CISO, striving to be a CISO or just a non-IT executive trying to understand federal cybersecurity.

“The goal is to highlight some of the best practices, too. The appendix is really based upon successful policies for agencies to refer back to. Since then, we’ve had some feedback from CISOs who’ve asked us for a little bit of additional information about what those policies look like,” he said. “We are trying to make sure this information sharing occurs. This allows folks to read through the handbook, identify the challenges that they see in their own organization and see from the handbook’s perspective what their peers may be looking at foundational perspective to overcome those.”

OMB tried something similar in 2016 by creating, but that site never really amounted to much and today it is blank page. The CIO and CISO councils outlined three main sections in the handbook:

  • CISO roles and responsibilities, including reporting requirements
  • Managing risk across the enterprise, including NIST and governmentwide initiatives.
  • Management resources, including workforce and contracting

“Breaking the complex conversation of the CISO role and risk management into consumable pieces can only help the community succeed in bringing new talent onboard and meeting our mission needs,” Emery Csulak, CISO at the Centers for Medicare and Medicaid Services, said in the release about the handbook.

Plain language

Kennedy said Csulak and Cord Chase, the former CISO at the Office of Personnel Management and now a senior advisor for the National Background Investigations Bureau spearheaded the handbook’s development for the CIO and CISO councils.

Csulak and Chase led the working group that started with a survey of CISOs to understand priority areas and challenges, and then brought all the reference material together to get feedback from the councils.

“The way we wrote the handbook and the way we structured it was really around plain language. We wanted it to be a very clearly written document and you don’t need a deep technical background to understand the elements that are in it,” Kennedy said. “Whether you are a seasoned cybersecurity professional who just wants a quick reference guide for a lot of these items that are out there or if you are somebody new to the field or you are just a regular employee who is trying to understand what your role in cybersecurity is, if you read this you understand what is out there.”

He said this is especially true for program staff who need to know what are the baseline of cybersecurity requirements they must follow.

Kennedy said the CIO Council followed a similar approach it took with the U.S. Digital Service to create the TechFAR Handbook in 2014 and the work the General Services Administration did to create the M3 framework in 2015 for shared services.

Kennedy said the councils will continually update the CISO handbook as new policies, laws and challenges arise.

“One of the things we want to do is the document right now is a PDF format and we’d like to come up with a more interactive form of displaying it online so that is one of our first areas to tackle to try to improve the usability and accessibility online,” he said. “We’ve made sure to socialize this with the small agencies since a lot of times they are looking for these resources to have them as they might have a smaller staff or less dedicated folks to it.”

Read more of Reporter’s Notebook

Fix to can’t come soon enough for hundreds of contractors

Best listening experience is on Chrome, Firefox or Safari. Subscribe to Federal Drive’s daily audio interviews on Apple Podcasts or PodcastOne.

Hundreds, if not thousands, of government contractors are hopeful that starting June 29 the System for Award Management (SAM) finally will be fixed.

That’s the day the General Services Administration said the portal will implement a new way for vendors to log in, change their information, renew their entries or enter data for the first time. It also will reduce the nearly three month requirement to send notarized paper letters to make changes or apply for registration.

GSA said June 11 that it will use the services to activate their registration. The agency said vendors still will have to submit a notarized letter within 30 days, but the document is not required to get started.

This is good news for more than 11,000 — 942 new vendors and 10,547 existing vendors as of about 30 days — currently going through the process ago to renew or sign up on as well as the unknown number stuck in the backlog created since March. That was when GSA told users that some contractors were victims of fraud through the portal for a second time in five years.

GSA started requiring notarized letters after it found a third-party changed the financial information of “a limited number” of contractors registered on and redirected payment for services or products to incorrect bank accounts. GSA sources say today it takes three to four weeks to get a notarized letter through the current process while, at least, one vendor says that number is closer to 40 days on average.

“GSA has been faster this week as we have had a couple more get through the process than normal, but that doesn’t have to do with login change,” said Christie Jackson, a lead case manager for US Federal Contractor Registration. It provides services to help vendors get through federal procurement registration processes like or the SBA 8(a) program. “They are getting more pressure to get them through before this big flip.”

A GSA spokeswoman said the agency is actively processing new entity registrations and annual renewals every day.

“GSA posted step-by-step instructions for domestic and international entities for easy reference. The introduction and use of notarized letter templates has increased the acceptance rate and is the recommended process,” the spokeswoman said. “GSA’s Integrated Award Environment (IAE) is rapidly deploying SAM system enhancements to mitigate against the identified fraud threats. Our focus has been to reduce the registration processing time for those entities who are registering solely to seek federal assistance.”

Jackson said since March the entire registration process has been in chaos.

She said the average wait time to get through to the Federal Service Desk—the help desk—by phone or online chat has been two-to-four hours. Additionally, she has several clients who have lost thousands of dollars and wasted dozens of hours trying to update or renew their registration.

“I have a live chat open — that started at 1 p.m. and it says the average wait time is two hours and three minutes so we are now pushing four hours right now,” Jackson, who has worked for the company for seven years, said on Wednesday. “And when you do get through, their favorite answer is ‘we don’t know.’”

Past fraud slowing today’s contracts

Jackson said the backlog and wait times caused by the fraud incident is having real world effects on US Federal Contractor Registration clients.

“I had one recently bought property that was part of a building GSA was leasing and he couldn’t get rent payment for two months and burned through his savings to keep everything afloat while waiting for the rent payment,” she said. “We ended up sending three letters before approved.”

Jackson said before the fraud incident, US Federal Contractor Registration could change a point of contact or an address almost automatically and nothing would take more than a day or two at most. Additionally, she said she used to process more than 100 registrations or changes a week, but in the last month she got 25 registrations approved by GSA.

“We’ve tried to talk to GSA but they don’t give us much,” Jackson said. “We were telling our clients to send a letter to their senators as a way to add some pressure from another side.”

This will be the second major implementation for after GSA implemented it for the site in February. The GSA spokeswoman said the implementation to will be similar to the effort.

“ leverages the cloud to scale up our infrastructure as needed. During the launch, monitored performance and did not see any issues serving the increased traffic. As we do with every major launch, we made minor enhancements to increase the usability for specific user groups. Post launch, we continued to iterate by making other enhancements to better the experience for the population,” the GSA spokeswoman said. “As with every integration, we will coordinate closely with the team before, during, and after the launch to continue to increase security, usability and privacy for the users.”

Christoph Mlinarchik, the owner of Christoph LLC, federal contracting consultancy, said the move to multi-factor authentication is a great first step and one that should’ve been in place years ago and would’ve prevented the fraudulent activity in the first place.

“This incident is a vivid reminder that the federal government desperately needs to invest more in cybersecurity and information technology. Hacking and cybercrime is a trillion-dollar racket, and it has national security implications for the critical contractors in the intelligence, security, and defense supply chain,” he said. “There’s a digital war going on and some don’t understand they’re in it. Many contractors don’t realize they’re a target and a liability if they don’t have adequate cybersecurity protocols. America can lose a battle without firing a shot if adversaries steal vital technology or trade secrets, and contractors are prime targets.”

US Federal Contractor Registration’s Jackson said she has some concerns about the move to She said she remembers the trouble when the government moved to from the Central Contractor Registration, where the new site struggled for several months.

“We created a account. I’m not sure it’s going to be easier as you need to get a security key, get a confirmation email and then a phone text with a six-digit code. And it has to be used in 10 minutes, which makes it difficult when you are trying to serve customers,” she said. “With now, we can send a link and the client has 48 hours to activate it. And even with that link, some of them can’t figure it out. This will be a lot more difficult. I understand why they are doing it, but wiping out every log in to is not going to make it faster.”

The good news is getting rid of the requirement for notarized letters will address the immediate need of most vendors. Additionally, there has been little to no public complaints about how has worked with, which bodes well for

The real test for both and will come over the next six weeks if the site and service can handle the incoming use and not crash.

Read more of Reporter’s Notebook

4 trends driving more suspension, debarment of vendors

The data from fiscal 2017 on the number of suspensions and debarments is not out yet, but federal procurement attorneys suspect the three-year decline will end.

It’s not that more federal contractors did the government wrong in 2017, or even the laws governing suspension and debarment proceedings changed. Rather, procurement attorneys say the government is more aggressive in areas that were once rarely part of suspending and debarring officials’ discussion.

“I noticed in my experience that I was seeing suspension and debarment in places I had not seen them before, like at the end of a routine False Claims Act case. I’ve found it to be more likely to get a show cause letter than it used to be the case,” said Jonathan Aronie, a partner with Shepperd Mullin. “I went about looking to see if my experience was illustrative with what was going on in community generally and looked at the data and saw the trends.”

Aronie found the suspension and debarment officials were more likely to send letters based on:

  1. Stories in the media
  2. Suffering a data breach
  3. False Claims Act settlements
  4. The actions of an individual in a company should they get in trouble for something that has nothing to do with the business or contracting efforts.

“Suspension and debarment officials are not looking at guilt or innocence, but saying ‘we are seeing something and want to know if we should be afraid or not so come in and tell us,’” Aronie said. “SDOs are pretty good at letting the other processes run their course before making a decision, but they want to be alerted early on so they can track it and stay up to speed. SDOs are being more vigilant about things that, in theory, could harm the government’s interest. I don’t mind getting a question about a newspaper article, but I certainly wouldn’t expect someone to be suspended or debarred because of it.”

Congress has encouraged the Justice Department to become more aggressive over the past decade in holding contractors accountable. Suspensions rose to more than 1,000 and debarments increased to more than 1,900 in 2014 before tailing off in 2015 and 2016.

Aronie and others say agencies are issuing more “show cause” notices, meaning the vendor must tell the government why they shouldn’t be suspended.

Rob Burton, a former Office of Federal Procurement Policy deputy administrator and currently an attorney with Crowell & Moring, said the show cause notice gives the vendor an opportunity to present their case or rebut the allegations, while a notice of suspension or proposed debarment is a de facto debarment.

“It’s a nuisance, but you will not be irreparably harmed like you would be by a notice of proposed debarment,” Burton said. “OFPP and Congress should be touting the use of the ‘show cause’ process and encouraging more agencies to use it. The last thing they should issue is a notice of proposed debarment based on any of those reasons.”

Aronie said for many of these trends suspension and debarment officials want to see corrective actions or other steps the vendor took to stop these problems from happening again.

Bill Shook, a long-time procurement attorney who runs his own firm, said the trends are worrisome for several reasons.

Take the False Claims Act settlement trend as one example. He said usually in a settlement the party that is paying the fine and the DoJ agree not to identify any fault as part of the agreement.

“But with suspension and debarment officials, now you have to prove why you are presently responsible even though the False Claims Act issue happened years ago?” Shook said. “It’s a further criminalization of the procurement process where companies have to endure the requests for additional data in order to prove they are capable of doing business with government. It’s a paperwork process. I’ve sat with a company that is better equipped to do government contracts and they went through the False Claims Act process to get rid of attorney’s fees. Then the SDO asks for all of these records, and because debarment is capital punishment, you have to kiss the ring. That’s what’s happening with officials.”

Shook takes his argument that suspension and debarment officials are exercising their power in a more aggressive manner by calling them “super contracting officers.”

“If you think about it, the contracting officer has the authority to determine the responsibility of a proposed awardee,” he said. “So SDOs are now assuming a greater role of super contracting officer for determination of responsibility and requiring contractors to further document and spend resources to justify an action of rogue employee or a False Claims Act settlement.”

Burton said he agreed that the current suspension and debarment process is broken and these trends are a symptom of that broken process.

“There needs to be some due process built into it,” he said. “The real gap in the procurement process is that a notice of proposed debarment is void of due process.”

Aronie said there are a several things contractors do to get ahead of any “show cause” notice.

“Contractors and their lawyers should be more willing to go into suspension and debarment officials beforehand and alert them if there is a potential problem,” he said. “You have to not fight the liability question in front of the SDOs, but you must go into these things knowing that the government was right and you have to show you are responsible. If you try to litigate the underlying issue, you are wasting time and good will because the SDOs are not interested. While lawyers can be helpful in the SDO process, at the end of the day, the official wants to look the company in the eye and hear what they have to say.”

Read more of Reporter’s Notebook


NASA, Army technology leaders retire in time for summer

Gary Wang, former deputy CIO/G6 for the Army, at his retirement party.

Two long-time and well-respected federal IT executives are leaving federal service.

Gary Wang, the deputy chief information officer/G6 for the Army, retired after 35 years in government May 31 while Jerry Davis, the chief information officer and director of IT at NASA Ames Research Center in California, will retire effective July 7.

Wang’s decision leaves a big hole in the career staff at the Army’s CIO/G6 office with only Tom Sasala, the director of the Army Architecture Integration Center and chief data officer, as its senior most non-uniformed staff member.

‘Weaponizing the network’

Wang has been deputy CIO since 2014 and spent most of his career working for the Navy in civilian leadership roles.

During his time as deputy CIO, Wang helped usher the Army through several modernization efforts, including the final steps of enterprise email and the initial starts to move the service to the Joint Regional Security Stacks (JRSS).

In a presentation before the AFCEA Northern Virginia chapter in mid-May, Wang highlighted several ongoing initiatives that his replacement will need to pick up on, including consolidating network circuits and moving toward enterprise licenses for software.

“We are weaponizing the network to conduct offensive and defensive operations and we are using it for business things during the day,” he said. “Everything we do in CONUS depends on those networks, yet we have functional parts of the Army that continue to build their own separate networks. They don’t understand security and when it hits the fan, they ask for help. The idea is to converge some of those existing networks. Three years ago we started talking about convergence and getting all the operational networks behind the JRSS. We are starting to do that now.”

He said Army CIO/G6 Lt. Gen. Bruce Crawford’s priorities include:

  • Readiness to ensure the Army is prepared for the current and future battles from a technology perspective.
  • Modernization, including the networks, JRSS, building capacity and getting rid of old technology, including routers and switches, and moving to voice, video and text in the cloud.
  • Shaping the force to train the workforce to support the emerging technologies of today and what’s coming in the future.
  • Cyber policy focused on using a risk management framework to assess risk for programs and hold leaders accountable. “There are things we are looking at to apply automation to, and streamline processes,” Wang said.
  • Baseline enterprise initiatives like the JRSS and services in the cloud.

Wang began his federal career in 1983 at the Naval Underwater Systems Center as a project engineer. He later moved to the Navy’s Intelligence, Surveillance, Reconnaissance, and Information Operations where he was a program manager responsible for developing and acquiring cryptologic, meteorological, operational effects and intelligence programs.

Wang joined the Senior Executive Service in 2005, serving in several roles at the Space and Naval Warfare Systems Command (SPAWAR), including director of Corporate Operations and command information officer,  chief technology officer, and director of the Science, Technology and Engineering Department at SPAWAR Systems Center Pacific.

Wang earned his bachelor’s of science degree in electrical engineering from the University of Texas at Austin.

Sources say Wang is taking time off to travel with his family and has no known plans after the summer.

Always a patriot

Jerry Davis is retiring as NASA Ames CIO as of July 7th.

Over at NASA, Davis’s decision is a little more surprising as he elected to enter into deferred retirement, according to an email sent to staff last Friday and obtained by Federal News Radio.

Deferred retirement is for employees who have reached the minimum retirement age based on the year they were born and have at least 10 years of federal service.

“I have a tremendous and profound respect for all of the staff in Code I [Ames IT organization]. During my first all hands I was very explicit when I said ‘no one works for me, we all work together.’ I have kept true to that rule ever since,” Davis writes in his email to staff. “Also, as I have said many times in the past, ‘In our haste, we often forget to say thank you.’ I must say thank you for propping me up and letting me be the face of the organization … Thank you for putting the center first before yourselves. Thank you for doing something bigger than yourselves.”

Davis said he would remain the San Francisco area to continue to work on what he called, “in support of the science behind Moore’s law.”

“I have fought the good fight, I have finished the race, I have kept the faith. I have made sacrifices on behalf of our nation and when my country called, I showed up without hesitation. I have been a good patriot,” he said. “My federal time is over, but the memories are forever and I will always be a patriot.”

Davis began his career as an 18-year-old Marine and served a tour of combat during the first Gulf War.

He joined the CIA in 1994 and later joined the Education Department in 2004.

Davis also served as chief information security officer at the Veterans Affairs Department and NASA headquarters before moving to become the Ames CIO in 2013. Once there, he worked on modernizing Ames’ network while focusing on areas such as the convergence of cyber-physical systems.

“If I thought that being at NASA the first time opened doors for me, then coming to Ames opened an entire universe of possibilities and opportunities,” he wrote. “I have been able to use this incredible platform to reach the underserved and relay to them that anything is possible; that the persistent pursuit of passion is all one needs.”

During his career, Davis wasn’t one to shy away from speaking out about what he thought was right when it came to federal technology. He came out publicly around VA’s cybersecurity troubles including alleging the agency was “rubber stamping” system cyber approvals.

One of his main priorities has been to improve NASA’s cybersecurity. He introduced a concept called Gryphon X to help secure critical infrastructure in a more active and proactive way, and also push the space agency back toward the front of the innovation pack.

“It’s not the technology that makes Ames special, rather it is its people,” he wrote. “People who definitely are in persistent pursuit of their passions and because of this, Ames can do just about anything. It is truly an amazing place full of amazing people.”

Read more of Reporter’s Notebook

$50B Alliant 2 IT services contract gets the go-ahead for agency use

Best listening experience is on Chrome, Firefox or Safari. Subscribe to Federal Drive’s daily audio interviews on Apple Podcasts or PodcastOne.

The Government Accountability Office still is not required to follow the Administrative Procedures Act.

The General Services Administration’s next great IT services governmentwide acquisition contract finally is through the protest gauntlet and soon will be ready for use. And the Treasury Department makes a surprising decision about the future of one of its multi-billion dollar multiple-award IT contracts on the heels of GSA getting the go-ahead for its contract.

These three events are part of a busy last several weeks in the federal acquisition community.

Federal procurement experts say the U.S. District Court’s decision that GAO continues to be exempt from the APA isn’t surprising. The act waives sovereign immunity only with respect to suits seeking relief other than money damages and challenging the action or inaction of an “agency.”

The court said GAO is not an “agency” by the definition in the law since it’s part of the legislative branch.

Rob Burton, an attorney with Crowell & Moring and a former deputy administrator in the Office of Federal Procurement Policy, said the district court’s decision reinforces that GAO is a unique entity and the rules governing it are dissimilar than any other.

“We who work with GAO regularly know it’s not part of executive branch and the rules that apply to the executive branch do not always apply to legislative branch,” he said. “But it’s fairly rare to have a disagreement with GAO over redactions to public protest decisions. Most of time GAO is pretty good about it and have never seen them act in arbitrary way.”

The case the U.S. District Court said it didn’t have jurisdiction to rule on was from Pond Constructors, which was unhappy with GAO’s decision to publish a protest decision information that Pond says is commercially confidential, including bottom-line prices, adjectival ratings and past performance information.

“Pond alleges that GAO’s refusal to redact this information from the decision is arbitrary and capricious in violation of the Administrative Procedure Act,” the court states.

Bill Shook, a long-time procurement attorney, said the decision reinforces a major hole in the federal acquisition system — vendors have no recourse if GAO rules against them.

“I’ve always complained that GAO has no procedures for appeal on decisions made by an attorney. Redactions are a perfect example of where I believe data has a commercial valuable under the Trade Secrets Act and there isn’t anything you can do to stop them from publishing it,” he said. “If GAO says no to your request, there is no review of that decision except for Congress and that’s not going to be successful.”

Shook said he just had a recent situation with a client in which they were concerned if their proprietary information was made public, they would lose what they see is a competitive advantage over their competition.

“If GAO decides to put out that data and their competitors can use that same process and my client loses those trade secrets,” he said. “You are relying upon the reasonableness of the GAO attorney. I got some of that information redacted, but not all of it.”

On the other hand, Shook said if a vendor submits a protest to the Court of Federal Claims and a judge makes a decision about redactions that the parties don’t agree on, there is an appeals process to higher court.

Burton added any attorney has to view their relationship with GAO as a partnership and not an adversarial relationship.

“You have to be persuasive in the fact that the information is proprietary and would hurt company if released. Sometimes that argument is hard to make,” he said. “Generally, people abide by the protective order and I’ve never seen a lot of proprietary information releases by counsel. It just doesn’t happen as general rule.”

GSA Alliant 2 beats protests

GSA also came out on top of a recent bid protest decision. Four vendors submitted complaints to the Court of Federal Claims after being left off of the $50 billion Alliant 2 IT services GWAC.

GSA awarded 61 vendors a spot on the unrestricted version of Alliant 2 in November.

Several unsuccessful bidders then took their cases to federal court, which ruled in GSA’s favor in early June.

GSA announced that Alliant 2 would be ready for other agency use starting on July 1.

“The court’s decisions further solidify the validity of GSA’s innovative procurement approach, highest technically rated offerors with a fair and reasonable price,” wrote John Cavadias, the GSA Alliant 2 GWAC Procuring Contract Officer  in the IT Services Contract Operations Division at the Federal Acquisition Service, in a blog post on GSA’s Interact site.

GSA said when it made the initial awards that Alliant 2 would be a key piece of the Trump administration’s IT modernization effort.

GSA made several changes to Alliant 2 from the initial contract awarded in 2009 including:

  • Flexibility as emerging technologies and the definition of information technology evolve.
  • Ancillary support (non-IT) permitted when it is integral to, and necessary for, the IT services-based outcome.
  • On-ramp and off-ramp provisions, ensuring retention of a highly-qualified pool of contractors.

The original Alliant contract has been popular with agencies, receiving 865 task orders worth more than $19 billion over the past 10 years.

The Army, Air Force, the Defense Department and the Homeland Security Department were the biggest users of Alliant by total obligations, while SAIC, Booz Allen Hamilton and Leidos were among the biggest winners among vendors by total sales.

IRS to use best-in-class contracts

On the heels of GSA’s win in court, Treasury decided not to recompete its large IT services contract known at TIPSS 4. Instead, the agency will let it expire in December and move all work to other governmentwide contracts.

“We, along with all other government procurement offices, have been mandated to acquire needed services and supplies from already established governmentwide and designated ‘Best-in-Class’ vehicles. Therefore, we are transitioning all current and future projects to GSA Schedule 70, GSA Alliant and/or Alliant-SB and other vehicles as we see appropriate,” the IRS writes on the TIPSS 4 website.

The IRS awarded the TIPSS 4 contract in 2010 to 33 vendors. It had a ceiling of $4 billion.

Bloomberg Government, which first reported the IRS’ decision, said the TIPSS-4 unrestricted and the TIPSS-4 small business have generated $3.8 billion in spending obligations since 2011. Bloomberg says 63 companies have won task orders under the contract, led by Deloitte Touche ($688 million), Booz-Allen Hamilton ($586 million), Northrop Grumman Corp. ($525 million) and IBM Corp. ($467 million).

The IRS’ decision not to renew TIPSS is a big deal given how popular it is compared to some of the BIC vehicles, where Bloomberg Government reported Treasury spent a combined $232 million on these vehicles since 2010.

OFPP is pushing agencies to reduce duplicative contracts by 13 percent by 2020 under the category management initiative. This is among the first major wins for that effort.

OFPP currently says there are 32 contracts determined to be best-in-class.

Bloomberg Government also reported in 2017 that the number of multiple award contracts dropped by 239 over the last five years, while spending continues to increase to over $111 billion a year.

Another potential win to look out for is the DHS Eagle 3 acquisition.

Soraya Correa, DHS’ chief procurement officer, said at a recent industry day sponsored by Washington Technology that she sees next generation contract as much different than the current one.

“Between GSA, OMB, and agencies we created this best in class procurements where they provide a lot of generic services so if there is a best in class procurement that fulfills our needs we will go to that first. We will see what they offer and see what’s out there,” Correa said. “We do have plans and are working with the DHS CIO’s office to create a follow-on to Eagle and Flash [agile procurement vehicle] and it will be a combined procurement that is more uniquely tailored to DHS’ needs around what we need to do now and in the future, and what our components needs are. It will not look exactly like Eagle 2. It will probably be pretty different.”

Correa said she envisions the same thing for the DHS First Source IT products contract as well.

The DHS IT Category management council, made up of staff from the CIO and CPO offices, are identifying what things the agency needs to work on, including assessing current best-in-class vehicles and talking about requirements the agency needs for the future.

Correa gave no specific timeline for Eagle 3, but the current contract expires in 2020 so acquisition planning is underway.

Read more of Reporter’s Notebook

House lawmakers express faith in IT modernization, but send a message too

House lawmakers offered a strong show of confidence in the Technology Modernization Fund (TMF) by allocating $150 million for fiscal 2019.

The House Appropriations Committee approved the Financial Services and General Government fiscal 2019 spending bill last week with the 50 percent increase of funds over the 2018 level.

“The committee encourages GSA and the TMF Board established by the Modernizing Government Technology Act to prioritize and fund those projects that have the most significant impact on mission enhancement and that most effectively modernize citizen-facing services, including updating public facing websites, modernizing forms and digitizing government processes,” the committee writes in the bill’s report.

At the same time, the committee also increased the IT Oversight and Reform (ITOR) fund run by the Office of Management and Budget to $25 million from $19 million as well as the Federal Citizen Services Fund to $55 million from $50 million this year. In all, the administration would receive about $230 million for IT modernization efforts.

At the same time, the committee warned the administration to offer more details on its plans.

“It is surprising, then, when staff charged with administering the new IT Modernization Fund refuse to share findings and respond to queries from the very committees that made the fund possible,” the report states. “The committee directs OMB and GSA to work more collaboratively with the relevant committees of jurisdiction in order to better evaluate the needs of agencies and opportunities for improving IT across government.”

The Senate Appropriations Subcommittee will mark up its version of the 2019 spending bill on Tuesday.

Still all of this bodes well for the administration’s IT modernization efforts, which kicked into second gear with three awards by the TMF Board.

OMB recently released more specifics on how the departments of Housing and Urban Development, Agriculture and Energy plan to use the money to help satisfy committee concerns.

HUD, which received the biggest share of the $100 million so far, will use its $20 million to move five legacy services to the cloud.

“The current system is used by 30,000 users to access 100 HUD grant, subsidy, and loan programs that disburse $27 billion per year,” states OMB’s fact sheet. “According to HUD estimates, the code modernization and migration will save $8 million annually, enabling payback and generating working capital to transform additional legacy systems. The new modern platform will be a Java cloud-based application suite that will cost less to maintain and will enable functional and technical enhancements to be completed more rapidly and at lower cost.”

USDA received $10 million to further its portal.

“This is an opportunity to update legacy systems and re-engineer processes and systems to reduce improper payments, address and resolve repeated financial audit findings, and properly connect these agency systems to the USDA common financial system,” OMB states about USDA’s proposal. “Without this funding, USDA would need to delay integrating this part of the process into the consolidated Citizen Experience Portal in a later year when funds became available. However, with support from the TMF the project can be conducted at the same time as other enhancements to the Portal, faster.”

Energy will use its $15 million in TMF funding to quicken its pace to consolidate and migrate 64 separate email systems serving more than 184,000 mailboxes across the agency to a single cloud-based software.

“TMF investment will be used to migrate the 26 remaining email systems that service 47,080 mailboxes. With this migration, DOE will secure large scale operational benefits and costs savings,” OMB states. “Without this funding, DoE would need to conduct the migration of the remaining systems using a piecemeal approach, subject to fund availability. DOE anticipates it will have a greater ability to serve its mission more quickly across sites and capabilities, which will positively impact the American people. The operational benefits of this project include cost savings, increased efficiency, improved cyber posture and decreased operational risk.”

OMB is encouraging agencies to continue to submit proposals for a share of the remaining $55 million in the TMF for 2018. To that end, the CIO Council launched a website to help promote the selection criteria, provide documents and templates and answer common questions.

The board received nine proposals from seven agencies for this first round of projects, and many in the community have said the quality was lacking. If that is true, plus the House committee’s report language promoting a specific type of project gives prospective agencies a lot of good intelligence to win future funding.

Read more of Reporter’s Notebook

Breathing life into stagnant CIO authorities must begin with consistency

The White House’s latest attempt to give agency chief information officers a bigger seat at the table is filled with many similar desires and hopes as many of the previous efforts over the last 22 years.

One of the main goals of President Donald Trump’s executive order from May 15 was to breathe life into stagnant CIO authorities.

“Structure dictates behavior and behavior dictates results,” said a senior administration official back in May. “The organizational structure is 20 years out of date in this area. As we looked at this problem over the last year and in consultation with experts in and out of government, we asked how do we do structural reforms to make sure the organization is governed in a modern way? We are fixing this governance problem in all agencies because too often CIOs have been relegated to the back office. This is a significant organizational change coming from the presidential level.”

Ann Dunkin, former EPA CIO

But was the EO really needed? Are there enough laws — such as the Federal IT Acquisition Reform Act (FITARA) — policies and requirements on the books already that give CIOs enough authority to meet their oversight and operational responsibilities?

Federal News Radio put those questions to a group of former agency CIOs and IT executives who have more than 50 years of experience in the federal IT community among them. Their responses were edited for length and clarity:

What are some things in the EO that you would’ve wanted when you were an agency CIO?

Ann Dunkin, former Environmental Protection Agency CIO: I would have liked more authority to merge or reorganize agency IT functions to promote agencywide consolidation of the agency’s IT infrastructure, taking into account any recommendations of the relevant agency CIO. The individual IT organizations within EPA that don’t report to the CIO represent a signification percentage of the total IT in the agency.  Some of that makes a great deal of sense, but some of it doesn’t, either because there would be efficiency gains or security improvements through consolidation, or simply because a group was a bit out of its depth in the IT functions it was responsible for. As EPA CIO I really had no way to change that. Now, this new authority doesn’t really do any good if it doesn’t get any easier to execute a reorganization to shift those functions and  if department leadership doesn’t pay attention to the requirement.

Pete Tseronis, former CTO for the Department of Energy

Dan Chenok, former Information Policy and Technology branch chief at the Office of Management and Budget: The EO largely reinforces authorities that CIOs have had under prior law, but that were inconsistently applied. The focus on consistent application of CIO authority in the range of areas that impact IT performance, including investment strategy, cybersecurity, and hire authority promises to raise that performance across agencies. It would help drive governmentwide improvements in the use of IT. Also, the clear statement of CIO governance roles, combined with the focus on sensible IT consolidation, can streamline and strengthen CIO-led decision-making in each agency.

Pete Tseronis, former Department of Energy chief technology officer: While a good bit of the order reiterates what has been stated in past administration iterations, such as visibility into and control of IT investment, a few elements appear to have underscored the CIO significance and leadership. Specifically, setting the knowledge and skill standards for IT personnel and hiring authority. The Federal CIO maintains a position that requires both strategic and tactical proficiency.

Executive Order 13800 highlights the importance of IT personnel aptitude. The CIO must be in a position to lean on his or her softer skills to recruit, manage, and guide an array of individuals to implement the complexities of a digital transformation involving disparate tools, risks, and business models. Streamlining personnel recruitment so that agency CIOs can develop a state-of-the-art federal IT workforce is vitally important.

Do you think this EO was needed? Why or why not?

Charlie Armstrong, former Customs and Border Protection CIO: The need for the EO is debatable. It does clearly define the reporting relationship to the agency head. The challenge always comes down to money and prioritization. In the case of component agencies, they have a mission to get done. Component agency heads have to rack and stack investments not just with IT but with all the elements it takes to run the agency — personnel, vehicles, weapons, aircraft, real estate, etc. Consolidating, cloud migration, [digital] services, wide-area network modernization are all means to lowering costs and improving service. Securing information is an absolute need to protect information and ensure public confidence. It is a journey, not a short trip.

Jonathan Alboum, former USDA CIO

Jonathan Alboum, former Agriculture Department CIO: I believe the EO was needed in the sense that IT governance topics are really critical as we embark on IT modernization and digital transformation initiatives across government. In our rush to transform, it’s easy to overlook fundamental communication and change management requirements that are the real critical success factors for these efforts. By re-articulating that the CIO is the person ultimately responsible for all IT initiatives, it forces the organization to channel all of this work through a central office.

While there is a risk is that this can become a bottle neck, I believe that it is outweighed by the opportunity to promote enterprise approaches and data sharing across government. There’s tremendous opportunity to reap value in the data in our federal systems, but there also needs to be more awareness into the visibility of that data, as data volumes are expected to grow rapidly, exacerbating current challenges. Without the strategy and planning that will result from the CIO being positioned as the “senior technical advisor,” agencies will face a lack of data visibility, increased risk, and complicated cloud migration paths that frequently result in vendor lock-in.

Simon Szykman, former Commerce Department CIO: I think the EO is important in that there are things that might not happen without it. But at the same time, while it is important, the EO in and of itself – despite its title – is not enough to ensure enhancement of the effectiveness of CIOs. [Section 4(c)] is merely a restatement of one of the provisions of FITARA, which was passed around three-and-a-half years ago. And of course the words don’t matter unless they are implemented. If these things have not happened three-and-a-half years after being legally required by statute, will an executive order make a difference? Maybe or maybe not, but if so, it’s not going happen as a result of signing an EO; it’s going to happen because of action on the part of agency heads, and the White House and OMB holding agencies accountable.

Similarly, for Sections 5(a) and 5(b), it would have been great to have been empowered to do those things when I was a CIO, but an executive order on its own does not empower today’s CIO’s with any more authority than I had.  It takes the agency head executing the provisions of the EO to empower CIOs to achieve the desired outcomes. I think there are some agencies where we already saw things moving in this direction prior to the EO (e.g., USDA), but in other agencies, if the agency head is ambivalent toward the importance of these trends, change may be slow or minimal.

Simon Szykman, former Commerce Department CIO

Dunkin: I’m of two minds about that. On the one hand, as I noted above, the EO should be unnecessary. Most of the items included in the EO were included in [the Clinger-Cohn  Act] or FITARA. On the other hand, the previous efforts failed to generate the desired results. Don’t get me wrong, most agency and department CIOs are trying very hard to comply. However, antibodies in their own organizations, along with funding issues and misaligned incentives or inappropriate measures make compliance with some requirements difficult.  So, if an EO can create different outcomes, then by all means, it’s necessary.  That will require putting some teeth into enforcing the requirements. I suspect that they will get tested very quickly and that all agencies and departments will be watching to see if the White House is serious or if they can just continue to pick and choose when to comply.

What advice would you give to current CIOs when it comes to fulfilling the spirit and intent of laws and policies focused on CIO authorities?

Alboum: To support the success of FITARA and the agency as a whole, the CIO must create a culture of collaboration across the enterprise and learn to lead through influence, rather than direct control. They must create an environment that leverages the interdependent nature of what can seem like distinct component contributors across the agency’s various IT organizations. These groups are closer to the products and services they deliver to the public. They know their customers’ needs best. The CIO must be respectful of differences within these organizations, while also driving the agency’s IT community to adopt a common identity and enterprise approaches to IT. The best way to do this is to stay focused on your agency’s mission. The only reason IT exists and the spirit of all of these requirements is to ensure that IT is used effectively to drive positive program results. I encourage all CIOs to get out of the office and see their missions in action.

Charlie Armstrong retired as the CBP CIO in February 2016.

Armstrong: CIOs need to explain the value of investment and how it improves mission delivery and the risk of mission failure when investments are not made. The CIO should never forget they are at the table to support the mission. CIOs who put directives or policies in place to make IT more efficient without consideration for the mission will diminish the role of the CIO, not enhance it.

Tseronis: As technology continues is ubiquitous progression within the federal government, dependence on collaborative relationships with industry is so important to attain the vision of a secure, state-of-the-art, shared panorama of technology resources/services. Do not expect your leadership to tell you what to do. Do not wait for legislation to direct you what to do. Instead, leverage your authoritative role as the CIO to own, develop, and mature the supporting infrastructure that our nation’s federal workforce, agencies, and constituents depend on seven days a week, and twice on Sunday.

Dan Chenok
Dan Chenok, former Information Policy and Technology branch chief at the Office of Management and Budget

Szykman: Empowerment won’t happen by itself, nor can CIOs assert greater authority merely by pointing to an EO on a website. The empowerment will come from agency heads throwing their support and authority behind the CIO on all agency matters concerning IT management, governance, spending, etc.  My advice would be to work closely with the agency head, or deputy in cases where the deputy serves in a chief management officer or chief operations officer role and is more involved in internal matters than the agency head. Build support for implementing FITARA and the EO, providing a business case for a change agenda. Even with the support from the agency head, it’s preferable to have change management be a team effort rather than an internal struggle over turf.

Without the broader support, CIOs may find themselves facing resistance to change from organizations that are entrenched in existing ways of doing things. Consequently, I would also recommend building relationships with senior leadership across the agency, component/bureau leadership and heads of major mission programs, and an accompanying communications strategy to gain support from affected organizations.

Chenok: Since the Clinger-Cohen Act first codified the position of a federal agency CIO in 1996, successful CIOs have leveraged law and policy to build coalitions with government and industry partners that drive collective progress in federal IT management. Rather than viewing law and policy requirements as a compliance activity, strong CIOs can use law and policy tools — including the recent EO — to lead mission improvement, efficient operations, and effective agency adoption of new technologies such cloud and artificial intelligence.

Read more of Reporter’s Notebook

« Older Entries