Opening the Data Floodgates

Part of the President's Management Agenda (PMA) calls out leveraging data as a strategic asset for more effective government. In support of this, several pieces of legislation and policy have been created to better enable and even incentivize agencies to make their data available and open for use across government and by citizens.

Federal CIO Suzette Kent recently said that the Federal Data Strategy will be released soon and will prioritize datasets that could help stimulate the economy, protect the nation, and continue important research. The guidelines will present principles that prioritize data security, privacy, and transparency.

This Federal Data Strategy follows the passage of the Open, Public, Electronic, and Necessary (OPEN) Government Data Act at the beginning of the year. This law requires that all non-sensitive government data be made available in machine-readable formats by default. It also creates a Chief Data Officers Council that will address data governance across agencies.

Even before these laws and guidance were released, we've seen how access to data can impact communities. For example, in Asheville, NC, BeLoved Asheville, an activist group of homeless people, launched the Homeless Voice Project. This project filters public crime data using arrestees' addresses. They were able to show that the homeless population was being disproportionally targeted and arrested by highlighting the number of homeless shelter addresses being used. In Norfolk, VA, community groups are using data to show the impact of re-development on communities, highlighting the size of population displacement that would come with gentrification. These groups are finding there is less "shouting across the table" and common ground is easier to find when arguments are backed with data. Continue reading

FITARA Has a Bounce Back Semester

The last time we wrote about FITARA, the news was pretty grim. The 6th check-in since the Federal Information Technology Acquisition Reform Act (FITARA) was enacted in December 2014 found that many agencies were backsliding regarding their ability to show progress against FITARA goals of Data Center Consolidation, IT Portfolio Review Savings, Incremental Development, and Risk Assessment Transparency. This was a bit surprising given that the introduction of the Modernizing Government Technology (MGT) Act was expected to help improve FITARA scores. While compliance with MGT is still slow, some other areas picked up momentum helping propel the FITARA scores upward.

The seventh version of the FITARA scorecard showed progress at many agencies over the six months between reports. No agencies saw their grades drop. Additionally, for the first time, there were no Fs on the report. Now, getting excited about no Fs may be setting the bar a bit low, but the DoD, due in part to sheer size and complexity, has struggled with the scorecard, and this cycle earned a D+. Other agencies making notable progress were the VA moving from a C+ to a B+, HHS from C- to B+, and Small Business Administration moving from a D+ to a B+. Continue reading

FedRAMP’s Ongoing Evolution

The Federal Risk and Automation Management Program, commonly known as FedRAMP, was introduced in 2010 and signed into policy at the end of 2011 as a "standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services." In plain English, it provides a baseline for agencies to determine if a cloud solution is secure enough for them to use. Vendors get FedRAMP certified as a way to prove their solution is ready to plug and play into federal systems.

In recent years, cloud has moved from a curiosity for most agencies to a key part of IT infrastructure. With this change in cloud acceptance and use, FedRAMP has also started to evolve to meet today's needs. Last summer, Rep. Gerry Connolly introduced the FedRAMP Reform Act of 2018 as a more stringent enforcement of the use of FedRAMP guidance. Continue reading