power to the edge a net-centric dod nii/dod cio clinger-cohen act (cca) from an osd perspective...
TRANSCRIPT
Power to the Edge
A N
et-C
en
tric D
oD
NII/D
oD
CIO
Clinger-Cohen Act (CCA) from an OSD Perspective
(Organizations to Achieve Transformation)
Ray Boyd
703.602.0980 ext. 180
Commercial Policies/ Oversight Directorate
Power to the Edge
A N
et-C
en
tric D
oD
NII/D
oD
CIO
Agenda
OPENING ...................................................... Ray Boyd
HISTORY OF CCA ...................................... Les Bloom
CCA OVERSIGHT PROCESS .................. Ray Boyd
DoD 5000 CCA Table & Section 8084
(FY04 Appropriations Act) ..................... Ray Boyd
COMMUNITY OF PRACTICE ................... Leonard
Sadauskas
PORTFOLIO ................................................. Les Bloom
CLOSING ...................................................... Ray Boyd
Power to the Edge
A N
et-C
en
tric D
oD
NII/D
oD
CIO
Clinger-Cohen Act (CCA) History
Les Bloom
703.602.0980 ext. 133
Power to the Edge
A N
et-C
en
tric D
oD
NII/D
oD
CIO
CFO: Chief Financial Officers Act of 1990GPRA: Government Performance and Results Act of 1993GMRA: Government Management Reform Act of 1994ITMRA: Information Technology Management Reform Act of 1996FASA: Federal Acquisition Streamlining Act of 1994FARA: Federal Acquisition Reform Act of 1996
ITMRAITMRA
FASAFASA
FARAFARA
CFOCFO
GMRAGMRA
GPRAGPRA
Why CCA?
Recognized need for...
Revolutionary change
Cultural shift Focus on
results, not process
Power to the Edge
A N
et-C
en
tric D
oD
NII/D
oD
CIO
The CCA Evolution: DoD’s Perspective
7/16/96:Executive Order
LEGISLATIVELEGISLATIVELEGISLATIVELEGISLATIVE
2/10/96:ITMRA ’96
(CCA)
• White Paper
• ITMRA ‘95 • Hearing before committee on Gov’t Affairs, US Senate
• DoD, OMB, & Congress negotiate changes to ITMRA ‘95
• Brooks Act
• “Computer Chaos”
EXECUTIVEEXECUTIVEEXECUTIVEEXECUTIVE
October 1994 July 1995 July/August 1995 February 1996March 1995 May 1995 June 1995
• InformationTechnology Acquisition Resources Board
• InformationTechnology Oversight Improvement Group
Power to the Edge
A N
et-C
en
tric D
oD
NII/D
oD
CIO
Read-Aheads
• October 12, 1994 “Computer Chaos”
• May 19, 1995 White Paper
• June 20, 1995 Congressional Record
Power to the Edge
A N
et-C
en
tric D
oD
NII/D
oD
CIO
What Were The Problems?
• Antiquated and Inefficient Computer Systems Cost Government Billions (legacy systems) (L)
• IT investments fail to reach their potential to help agencies improve program effectiveness and efficiency (E)
• Computer Modernization Efforts Have Failed—Why?--Inadequate: requirements analysis, cost/benefits analysis, capacity planning/management, implementation planning, testing; failure to consider alternatives; lack of internal controls (L)
• Systems often cost much more than estimated, are not completed in a timely fashion, are not adjusted to changing program and technical requirements, and thus do not support real program requirements (E)
• Federal Government wastes additional billions because we try to do too much at one time (megasystems). (L)
• Incremental and evolutionary approaches to major systems development need to be expanded (E)
• Federal Government rarely if ever examines how it does business before it automates (L)
• Rather than focusing primarily on acquisition strategies late in the lifecycle process, analyze the operating processes to be improved with information technology well before our present oversight begins (E)
Power to the Edge
A N
et-C
en
tric D
oD
NII/D
oD
CIO
Fixes
• Emphasize early oversight and planning (L)
• Oversight that Promotes Capital Planning—Does this work have to be done?; Should our agency be doing it?; What’s the best way of performing this task? (E)
• Federal spending on information technology will be treated like an investment. Similar to managing an investment portfolio, decisions on whether to invest will be made based on potential return, and decisions to terminate will be based on performance (L)
• Initial investment decisions and subsequent management should be based on a comparison of quantifiable measures of benefits, risks and cost: performance management, cost, schedule, mission goals and measures (GPRA). Evaluate investments using portfolio analysis (E)
• Avoid reinventing existing technology (L)
• Make maximum use of commercial off-the-shelf technology (E)
• Size projects to manageable levels (L)
• Structure IT acquisitions into relatively short-term modules that can be easily evaluated and will allow projects to change direction (E)
Power to the Edge
A N
et-C
en
tric D
oD
NII/D
oD
CIO
Clinger-Cohen Act (CCA) Oversight Process
Ray Boyd
703.602.0980 ext. 180
Power to the Edge
A N
et-C
en
tric D
oD
NII/D
oD
CIO
ComponentCIO Confirms
CCA Compliance
2
ComponentCIO Certify
CCA Compliance
Section 8088
Confirmation for Milestone Report
Congressional Defense Committees
PM Develops CCA
Table
1
Coordinate / PrepareDoD Certification Package
CertificationTable/Report to DoD CIO
4
36
CCA Certification Process
DoD CIOCertifies
5
DoD 5000 Requirements
NOTIFICATION TO CONGRESS
Power to the Edge
A N
et-C
en
tric D
oD
NII/D
oD
CIO
CCA Oversight of Programs (what we are working toward)
• Develop a RISK-BASED Program for CIOs/CCA
• How do we get there?
– Assess the CIOs organizational ability
– Educate the entire community
– Selective reviews of the processes & programs
– Develop Metrics to assist in the monitoring
Power to the Edge
A N
et-C
en
tric D
oD
NII/D
oD
CIO
DISA Programs (DRAFT)
MAIS Pre-MAIS IT Acquisition Services
Global Command and Control System- Joint (GCCS-J)
Defense Information Services Network (DISN)
Net-Cetric Enterprise System (NCES)
Defense Messaging System (DMS)
Global Information Grid – Bandwith Expansion (GIG-BE)
Teleports (TELEPORTS)
Global Command and Support System CoCOMM/Joint Task Force (GCSS-JTF)
Power to the Edge
A N
et-C
en
tric D
oD
NII/D
oD
CIO
DoD 5000Clinger-Cohen Act (CCA) Table
and Section 8084(FY04 Appropriations Act)
Willie Moss
703.602.0980 ext. 105
Power to the Edge
A N
et-C
en
tric D
oD
NII/D
oD
CIO
CCA Compliance Matrix/ Table
Requirements Related to the Clinger-Cohen Act (CCA)of 1996 (reference (l))
Applicable Program Documentation **
*** Make a determination that the acquisition supports core, priority functions of the Department ICD Approval
*** Establish outcome-based performance measures linked to strategic goals ICD, CDD, CPD and APB approval
*** Redesign the processes that the system supports to reduce costs, improve effectiveness and maximize the use of COTS technology
Approval of the ICD, Concept of Operations, AoA, CDD, and CPD
* No Private Sector or Government source can better support the function Acquisition Strategy page XX, para XXAoA page XX
* An analysis of alternatives has been conducted AoA
* An economic analysis has been conducted that includes a calculation of the return on investment; or for non-AIS programs, a Life-Cycle Cost Estimate (LCCE) has been conducted
Program LCCEProgram Economic Analysis for MAIS
There are clearly established measures and accountability for program progress Acquisition Strategy page XXAPB
The acquisition is consistent with the Global Information Grid policies and architecture, to include relevant standards
APB (Interoperability KPP)C4ISP (Information Exchange Requirements)
The program has an information assurance strategy that is consistent with DoD policies, standards and architectures, to include relevant standards
Information Assurance Strategy
To the maximum extent practicable, (1) modular contracting has been used, and (2) the program is being implemented in phased, successive increments, each of which meets part of the mission need and delivers measurable benefit, independent of future increments
Acquisition Strategy page XX
The system being acquired is registered Registration Database
* For weapons systems and command and control systems, these requirements apply to the extent practicable (40 U.S.C. 1451, reference (ay))** The system documents/information cited are examples of the most likely but not the only references for the required information. If other references are more appropriate, they may be used in addition to or instead of those cited.***These requirements are presumed to be satisfied for Weapons Systems with embedded IT and for Command and Control Systems that are not themselves IT systems
Table E4.T1.
ENCLOSURE 4
Power to the Edge
A N
et-C
en
tric D
oD
NII/D
oD
CIO
FY04 Appropriation Section 8084
CERTIFICATIONS AS TO COMPLIANCE WITH
CLINGER-COHEN ACT
The Chief Information Officer shall provide the Congressional Defense Committees:
• Funding Baseline and Milestone Schedule
• Business Process Reengineering
• An Analysis of Alternatives
• An Economic Analysis that includes a calculation of the return on investment
• Performance Measures
• An Information Assurance Strategy consistent with the Department’s Global Information Grid
Power to the Edge
A N
et-C
en
tric D
oD
NII/D
oD
CIO
Leonard Sadauskas
703.602.0980 ext. 102
The Role of a
Clinger-Cohen Act (CCA) Community of Practice
Toward Achieving a Transformational CCA Implementation
Power to the Edge
A N
et-C
en
tric D
oD
NII/D
oD
CIO
Assessment of the Situation
• CCA is perceived as a paper swatter rather than a tool for transformation (DONCIO, CCA Knowledge Fair 10-08-03)
• Congress agrees and has been requiring program by program CCA Certifications
• OMB agrees and has expanded the scope of the Exhibit 300 budget submissions to all investments > $1M
• The Congressional reporting relief requested in the Defense Transformation for the 21st Century Act is on hold
• RIT Pilot offers promising approach
Power to the Edge
A N
et-C
en
tric D
oD
NII/D
oD
CIO
Options• Status quo
– Continue suffering certifications, other congressional reports and
– IT budget reductions
• Turn paper swatter into a CCA sledge hammer
– May satisfy OMB and Congress, but
– Likely to damage moral
– Will require sizable increase in oversight workforce• Incentivize adoption of CCA as transformation tool (Based on preliminary RIT
Pilot and MID 905 Streamlining initiative)
– Carrot is license to manage own IT investments commensurate with risk of the investment and capability to manage the risk (risk-based oversight)
– Stick is
• Requirement for insight by each echelon into the next lower echelon (Net-centric access to information)
• Demonstrated capability to effectively do CCA Transformation
• Periodic verification at each echelon
Power to the Edge
A N
et-C
en
tric D
oD
NII/D
oD
CIO
Achieving Transformational CCA
• Implement risk-based oversight
– Institute process for HQ assessment of subordinate echelon capability to manage CCA compliant IT/NSS investments
• Sec 804 SW Acquisition Improvement Program
– Institute process for risk assessment and management of both internal and external risks
• DAU Probability of Program Success (Army piloting)
• Risk Radar, MITRE Risk Matrix, @Risk
• Focus on coaching by OSD and Component HQ
• Provide a means for discovering and sharing CCA implementation best-practices
– CCA Community of Practice
Power to the Edge
A N
et-C
en
tric D
oD
NII/D
oD
CIO
What is a Community of Practice?
A network of people with a
common goal and purpose
centered on critical business
processes
Who come together face-to-face
or virtually to share & learn
other’s experiences, insights, and
best practices
Government and Industry
participation across the IT
Acquisition
Workforce
SupportGroup
** ***** **
**
**** *
“The Guru”Portal
Community
• Leader• Community Builder• Subject Matter Expert• I nstructional Designer• Content Manager• Technical Support
Power to the Edge
A N
et-C
en
tric D
oD
NII/D
oD
CIO
How Can a CCA Community of Practice Contribute to a Transformational CCA?
• Develops a robust knowledge store to provide access to key information
• Accesses expertise across the workforce
• Uncovers best practices, lessons learned
• Develops new knowledge about CCA problems and tasks
• Develops new networking relationships
• Leads to improved performance support tools
• Harmonizes the Department’s CCA efforts
Power to the Edge
A N
et-C
en
tric D
oD
NII/D
oD
CIO
Next Steps
• Stakeholders provide POC for CCA CoP governance
• CIO, requirements and acquisition personnel join the CCA Community of Practice
• Encourage members to
– Contribute valuable, sharable information
– Participate in online discussions
– Participate in local community meetings
– Serve as Subject Matter Experts
– Contribute to new guidance
• Join and influence the new CCA CoP at the Acquisition Community Connection:
http://acc.dau.mil/cca
Power to the Edge
A N
et-C
en
tric D
oD
NII/D
oD
CIO
DoD Portfolio Policy(DRAFT)
Les Bloom
703.602.0980 ext. 133
Power to the Edge
A N
et-C
en
tric D
oD
NII/D
oD
CIO
Policy
• Information technology (IT) investments shall be managed as portfolios where decisions on what IT investments to make, modify or terminate are based on Domain goals, architectures, risk tolerance levels, potential returns, outcome goals and performance.
• Portfolios shall be managed by Domains using integrated strategic planning, measures of performance, risk management techniques, integrated architectures, transition plans, and portfolio investments strategies.
• Portfolio management processes shall be established and comprised of the following core activities: Analysis, Select, Control, Evaluate
Power to the Edge
A N
et-C
en
tric D
oD
NII/D
oD
CIO
Principles
Portfolios shall be based on the principles of:
• Centralized guidance and oversight
• Stakeholder participation
• Collaborative decisions, and
• Decentralized execution
Power to the Edge
A N
et-C
en
tric D
oD
NII/D
oD
CIO
Initially…
• Battlespace Awareness
• Command and Control
• Force Application
• Protection
• Focused Logistics
• Accounting and Finance
• Acquisition
• Human Resource Management
• Installations and Environment
• Logistics
• Strategic Planning and Budgeting
• Technical Infrastructure
Power to the Edge
A N
et-C
en
tric D
oD
NII/D
oD
CIO
Expectations—Portfolio Review Criteria
• Basics
• Measurement
• Governance
• Architecture
• State of the IT/NSS
• Gaps and Opportunities
• Transition Strategy
• Change Management Strategy
• Integration
• Summary
• CIO/CFO Domain Decision Memorandum
Power to the Edge
A N
et-C
en
tric D
oD
NII/D
oD
CIO
Net-Centric Governance Toolkit
Joint Capability Integration and
Development System
Planning, Programming,Budgeting, and
Execution Process
AcquisitionManagement System
Mission
THREATTHREAT
NationalSecurity Strategy
NationalSecurity Strategy
PORTFOLIOOF
CAPABILITY
Leadership, Governance, Integrated Architecture, Portfolio SummaryLeadership, Governance, Integrated Architecture, Portfolio Summary
Interoperable, Integrated, Secure, Effective, Affordable IT
Control
Evaluate
Select
Analyze
•Only handle info once•Post before process•Pull vs. push•Collaboration
•New and net-centric•Legacy continued•Legacy modified•Legacy terminated
•Infrastructure consistent withNC arch & standards transition
•Other programs consistent withGIG Enterprise Services
Power to the Edge
A N
et-C
en
tric D
oD
NII/D
oD
CIO
Questions?