Shows & Panels
- The 2014 Big Picture on Cyber Security
- AFCEA Answers
- Ask the CIO
- Connected Government
- Consolidating Mission-critical Systems
- Constituent Servicing
- Continuous Monitoring: Tools and Techniques for Trustworthy Government IT
- The Data Privacy Imperative: Safeguarding Sensitive Data
- Eliminating the Pitfalls: Steps to Virtualization in Government
- Federal Executive Forum
- Federal Tech Talk
- Government Cloud Brokerage: Who, What, When, Where, Why?
- Government Mobility
- Mission-critical Apps in the Cloud
- Mobile Device Management
- The Modern Federal Threat Landscape
- The Path from Legacy Systems
- Understanding the Intersection of Customer Service and Security in the Cloud
Shows & Panels
GSA, ISE begin work on creating a standards-based acquisition process
Wednesday - 12/5/2012, 5:10am EST
Dozens of federal agencies, state governments and international governments are making the National Information Exchange Model (NIEM) the standard for secure information sharing.
The story around the Federal Identity Credentialing and Access Management (FICAM) framework is similar to that of NIEM. Federal and state government agencies recognize the value of adopting the common approach to identity management.
These two examples are major reasons why a new white paper from ACT-IAC's Collaboration and Transformation Special Interest Group's Information Sharing Committee is calling for a similar approach to the acquisition of IT systems.
Kshemendra Paul, program manager, Information Sharing Environment
"We are trying to add a little more coherence there. A core challenge we face is the crushing financial situation we find ourselves in in the public sector. It's bad at the federal level. It's much worse at the state and local level," said Kshemendra Paul, the program manager of the Information Sharing Environment (ISE), in an interview with Federal News Radio. "Part of the solution going forward is to reduce fragmentation by increasingly having more effective interoperability and information sharing and solutions so we can work across boundary. These recommendations give us a pathway to do that."
More traction needed
ACT-IAC presented the white paper to Paul and Kathleen Turco, the associate administrator of the Office of Governmentwide Policy in the General Services Administration late last month. Turco and Paul are working together on a new set of tools to make information sharing easier.
The need for the white paper and industry recommendations came, in part, from that effort to develop the back-end attribute exchange, a secure capability to exchange attributes about people and about information that they want to access.
"We needed to define what we needed to do. We were talking about it and talking about it, and we really needed to get traction around the issue and what was it going to take," Turco said in an interview. "We needed to look at it from the strategic planning side, we need to look at it from the IT side and the acquisition side, and how can we put it into practice."
Turco and Paul's offices met Tuesday to discuss the next steps to take the white paper's recommendations and implement them.
Turco said several proposals will come from the meeting, whether they are led by GSA, the ISE or sent up to the Office of Management and Budget for consideration.
"The whole issue around how do we develop this cross-agency governance process is core to moving forward, and then the use of common definitions or taxonomy in terms of our federal approach," she said. "It will be much like they did for FICAM where they laid out the standards there. I think we need to have a standards roadmap for information sharing."
The recommendations in the white paper mirror many of the steps the government took to get the FICAM and NIEM in place.
- Streamline governance for interoperability standards - Develop a repeatable and rational approach that includes industry, federal, state and local governments and other stakeholders, and encourage the process to be monitored.
- Develop a standards roadmap - This will help encourage adoption, provide a taxonomy and clarify roles of government and industry.
- Reuse standards and rely on conformance testing - The guidelines should be part of pilots to minimize risk and promote broad implementation.
- Incorporate standards into all strategic management processes - Define the return of investment at the beginning from using the specifications and ensure the standards are included in acquisitions and understood by all stakeholders.
- Enhance training and outreach - Agency and vendor workforces must understand how to use the standards, which will result in more use and greater benefits.
"Some of the key messages that we are taking away in government from what ACT-IAC is putting forward are the critical role of standards and the opportunity to more effectively employ standards to support the variety of different management functions, including acquisition and requirements definition," Paul said. "It's also important to take an ecosystem perspective. It's not a technical or acquisition thing, it's also requirements, policy and training."
Kathleen Turco, associate administrator, Office of Governmentwide Policy, General Services Administration
Turco added the roadmap to create and implement the standards is key to the entire effort. She said agencies eventually will weave the standards through the entire capital planning process, which will then inform the acquisition process.
"One of the things we are challenged with at OGP is we are supposed to be working on governmentwide policy for information technology and heretofore we've not had this sort of guideline to do this in terms of how to do information sharing," Turco said.
CXO councils are the lynchpin
To help get the standards process started, Turco said GSA and ISE will look to the agency management councils — chief information officer, chief acquisition officer, chief financial officer, chief human capital officer and the performance improvement councils — to lead the effort.
"It will require a cross-section of the councils to begin to see and use the standards process to drive the strategic goal setting, and then the capital planning and then how we are acquiring," she said. "Having a set of standards gives CIOs the ability to say to their business partners we need to follow how exchange information across the agency or information we exchange between the federal level and state and local levels, and even with international partners. This paper is the first step."
Turco said in some ways these standard and collaboration efforts already started across the CIO and CAO communities, and the CFO and CIO communities.
Paul added while these CXO communities will play a big role within the federal government, the ISE and OGP must engage international standards bodies for their input and acceptance.
He said recently the NIEM community embraced the NIEM Unified Modeling Language (UML) profile, which was done through the Object Management Group, which drives model-driven architecture approaches.
"That has opened up a lot of doors in terms of industry adoption and in terms of greater use because it demonstrates the government's commitment to doing the work in industry settings and leveraging existing standards organizations," Paul said. "That's critical for this to work, that sincere partnership."