FITARA Has a Bounce Back Semester

The last time we wrote about FITARA, the news was pretty grim. The 6th check-in since the Federal Information Technology Acquisition Reform Act (FITARA) was enacted in December 2014 found that many agencies were backsliding regarding their ability to show progress against FITARA goals of Data Center Consolidation, IT Portfolio Review Savings, Incremental Development, and Risk Assessment Transparency. This was a bit surprising given that the introduction of the Modernizing Government Technology (MGT) Act was expected to help improve FITARA scores. While compliance with MGT is still slow, some other areas picked up momentum helping propel the FITARA scores upward.

The seventh version of the FITARA scorecard showed progress at many agencies over the six months between reports. No agencies saw their grades drop. Additionally, for the first time, there were no Fs on the report. Now, getting excited about no Fs may be setting the bar a bit low, but the DoD, due in part to sheer size and complexity, has struggled with the scorecard, and this cycle earned a D+. Other agencies making notable progress were the VA moving from a C+ to a B+, HHS from C- to B+, and Small Business Administration moving from a D+ to a B+. Continue reading

FedRAMP’s Ongoing Evolution

The Federal Risk and Automation Management Program, commonly known as FedRAMP, was introduced in 2010 and signed into policy at the end of 2011 as a "standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services." In plain English, it provides a baseline for agencies to determine if a cloud solution is secure enough for them to use. Vendors get FedRAMP certified as a way to prove their solution is ready to plug and play into federal systems.

In recent years, cloud has moved from a curiosity for most agencies to a key part of IT infrastructure. With this change in cloud acceptance and use, FedRAMP has also started to evolve to meet today's needs. Last summer, Rep. Gerry Connolly introduced the FedRAMP Reform Act of 2018 as a more stringent enforcement of the use of FedRAMP guidance. Continue reading

Thoroughly Modern Government

The Modernizing Government Technology (MGT) Act was passed in late 2017 as part of the National Defense Authorization Act. MGT creates working capital funds for IT projects that will "improve service delivery to the public, secure sensitive systems and data, and save taxpayer dollars."

This $228 million fund allows agencies to borrow money to transition to new technologies. It can also serve as the start-up for working capital funds for ongoing IT projects. Agencies must submit proposals to an interagency board in order to receive money from the general fund. This Technology Modernization Board will be responsible for approving certain projects and making funding recommendations to the General Services Administration, which administers the funds.

This money is intended to fund critical efforts including replacing infrastructure and applications that pose a high cybersecurity risk, legacy systems that are costly to operate, and IT that can support citizen service goals as laid out in the President's Management Agenda. The goal of MGT is to jump start projects that will generate future savings for agencies, but repayment is not contingent upon agencies actually seeing those savings, the loan must be repaid regardless of project results or savings.

MGT is really a proof of concept, or a new way of funding IT within government. As OMB and GSA work to provide guidance and administer the funds, agencies are looking for ways to present their projects in the best light to not only receive funding but also achieve efficiency goals. Luckily, there are a number of events where agencies can share modernization experiences and best practices as well as discuss how best to use MGT funds. Here are a few events that will focus on modernization as a key goal within government.

  • Defense Systems Summit (July 11; Arlington, VA) - With a theme of IT Everywhere: Technology's Role in Tomorrow's Military, this 1105 Media event will bring together the DoD community to discuss how IT teams manage operations by maintaining legacy systems alongside emerging technology. With a focus on weaving in modern technologies, the event will include discussion on AI, defense cyber tools, IoT, and more.
  • Beyond Telework. IT Modernization Strategies for Competing in the Full Employment Era (July 24; Washington, DC) - This event is focused on how the federal government can compete to secure the best and brightest talent. With enthusiasm for teleworking tempering within government (and it being so widely used in the private sector), agencies need to look to other IT modernization strategies to create a flexible, next-gen workplace.
  • Cyber Excellence: Modern, Secure, Resilient (August 2; Washington. DC) - Looking at modernization through the reality of MGT funding, this event looks to explain how to use the guidance and funding coming from the executive branch to accelerate progress. Discussion will focus on key cyber strategies that will improve security postures today while paving the road to a more dynamic, high performance government.
  • IT Modernization Conference @930gov (August 28; Washington, DC) - This event will look at the current state of the Executive Office's 'Comprehensive Plan for Reforming the Federal Government' initiative and address what lies ahead for FY'19 and beyond. Sessions will address the strategies, tactics and policies around the modernization efforts.
  • 2018 Public Sector Innovation Summit (December 4; Washington, DC) - Attendees will explore how technology-driven innovation is advancing government. Top technology innovators and influencers across the public and private sectors will converge to discuss what's shaping the future of digital government.

We'd love to hear from you. Where are you learning about how best to apply for and use MGT funds? Share your thoughts in the comments.

FITARA 6.0: The Case of the Falling Scores

As summer vacation is in full swing across the country, we're sure many of you are missing tracking the grades of your students (insert sarcasm font here). We wanted to fill that void with a look at where agencies stand on their FITARA report cards. We've written here before about the progress, and lack of progress, agencies are making regarding modernizing IT infrastructure and services. The sixth report card on FITARA compliance was issued in May so we wanted to revisit the topic.

The Federal Information Technology Acquisition Reform Act (FITARA) was enacted in December 2014 and agencies are evaluated on their progress against the Act's goals about twice a year. The latest report found that despite a renewed focus on modernization from both the executive and legislative branch, agencies are actually backsliding in terms of grades.

Part of the challenge agencies had with this reporting period was the addition of a new category to track progress on the Modernizing Government Technology (MGT) Act. This "failure" should perhaps have been graded on a curve since MGT has only been in place since December 2017, meaning many agencies have not yet had a chance to have their proposals funded, much less started work.

But even discounting the MGT "learning curve," agency scores show that there is a real struggle across the board in meeting FITARA goals around: Continue reading

Department Spotlight: DoD – More Money, More Opportunity?

With the Bipartisan Budget Act (BBA) of 2018 passing in February, the defense discretionary funding cap was increased by $80 billion in FY2018 and $85 billion in FY2019. The DoD now has over $700 billion in their budget. This type of legislation is not unprecedented with BBAs issued in 2013 and 2015. However, the 2018 deal does stand out in terms of the amount of money added to funding caps.

So what are defense agencies doing with this influx of federal dollars? According to research from Market Connections, two thirds of Defense decision makers say that money will go toward projects that have been stalled due to budget disagreements and continuing resolutions. This means that agencies are not necessarily investing in net new work, rather using the influx to put existing plans and programs into action. Those projects getting the kick start range widely, with a large portion involving cybersecurity, modernization initiatives, and training. Continue reading