It aac defense-it-cloud2013
-
Upload
john-weiler -
Category
Documents
-
view
401 -
download
2
description
Transcript of It aac defense-it-cloud2013
Assuring National Security Mission Outcomes By leveraging IT innovations and industry standards of practice
Kevin Carroll, former Army PEO EISDr. Marv Langston, former DoD CIO
Gen Ted Bowlds, former AF ESC CMDR
OPS: [email protected]
703 768 0400
IT Acquisition Advisory Council An ICH hosted public/private do-tank
“If confirmed, I would review the implementation of Section 804 and make any necessary recommendations for improvement. I believe many of the challenges in the past were the result of factors such as inadequate technical maturity, undisciplined or poorly understood requirements, poor configuration management practices, the lack of
disciplined and mature software development processes, and shortages of qualified people.” Honorable Frank Kendall, OSD ATL
ICHnet.org Company Confidential
IT Acquisition Advisory Councilassuring the business value of IT
“A public/private do-tank dedicated to ushering in commercial innovations and industry standards of practice
outside the reach of the Defense Industrial Base”
Honorable Mike Wynne, Chairman Emeritus
ICHnet.org Company Confidential
IT-AAC PartnershipCatalysts for Sustainable IT Acquisition Reform
GSA, who have certified a series of low cost, high impact Agile Acquisition Packages in support of OMB's 25 Point Plan and the President's Efficiency Initiatives.
Center for American Progress (CAP), the White House's preferred think tank dedicated to improving govt efficiency.
Cloud Security Alliance (CSA), one of the largest and most robust Cloud community of practices.
Defense Acquisition University (DAU), establishing a robust IT Acquisition training and mentoring curriculum.
Interoperability Clearinghouse (ICH), providing a repository of benchmarked best practices, solution architecture templates and Agile Acquisition IT methods (exceeding Clinger Cohen Act and NDAA Section 804 directive)
International Information Systems Security Certification Consortium (ISC2) providing the most highly recognized Information Security training available.
Information Systems and Security Association (ISSA), leaders in establishing industry IA standards of practice
Object Management Group (OMG), providing standards for IT infrastructure, Cloud Computing and SOA
University of MD School of Public Policy,
University of TN National Defense Business Institute,
Complimented by over 10,000 small/innovative businesses and a powerful network of world renown subject matter experts who are mutually dedicated to sharing innovations, standards of practice and lessons learned needed to achieving predictable outcomes
Emergent Partners: UK Trade Mission, UK MOD, Canadian Defence, VA Tech, MIT, CTC, UVA, ITIF, CMU SEI
ICHnet.org Company Confidential
IT-AAC “do tank” assuring business value of IT
IT-AAC Core Capabilities:
Just-In-Time IT Expertise critical to overcoming cultural resistance to change. Hundreds of years of lessons learned are invaluable in risk mitigating.
Rapid Tech Assessment to define the realm of the possible and inform the requirements process. Builds on NIAP and AF Solution Assessment Process (ASAP), evolving from a DARPA Research Grant called DCAM.
Agile IT Acquisition –the Acquisition Assurance Method (AAM) establishes a standardized framework for quantitative and data analysis that is based on Evidenced Based Research. The fact based approach was derived from benchmarked commercial best practices and adapted to meet FAR and White House policy directives.
SOA/Cloud Standards of Practice – Service Level Management, Risk Assessment Tools, Governance Models developed by SDO partners and enhanced by Global 500 companies
Innovation Research Coop – a virtual innovation lab composed of Universities, Standards Bodies, Communities of Practice, Innovators and SMEs that are not vested in the status quo, reaching deep into a $3.8Trillion global IT market. Defining the realm of the possible based on Evidenced Based Research.
GOAL: To provide decision makers with a conflict free IT Acquisition Advisory that ushers real world expertise, Decision Tools, Agile Acquisition Methods needed to enable rapid
implementation of emergent COTS/Open Source solutions that assure mission outcomes.
“Together, these steps will help to catalyze a fundamental reform of Federal IT, which is essential to improving the effectiveness and efficiency of the Federal Government” Peter Orszag, White House,
OMB Director
ICHnet.org Company Confidential
Information Technology Evolution
Info
rmat
ion
Dri
ven
Cap
abili
ty
• Central computer center, slow turn around• One size fits all• Limited reuse of application modules
1950 1960 1970 1980 1990 2000 2010 2020
1. Centralized - Mainframe
2. Client/Server - Decentralized
3. SOA - Cloud
• PC enabled and network• Software distributed in both server and client computers
• Heavy focus on software development and point to point integration
• Virtualized compute; global network enabled, plug & play
• IT Infrastructure decoupled from Applications
• COTS & OSS Integration, Software as a Service
Adding functional capability has become easier with each new wave
We are in early stages of Wave 3 information technology
Mainframe and Client-Server waves remain in place
Waves represent many co-dependent technologies, matured over time
But enterprise infrastructure gaps & vulnerabilities have become more critical
Innovations of the market and benchmarked best practices are invisible to the Defense Industrial Complex
SOA/Cloud Acquisition Challenge We are delivering yesterdays technology tomorrow
ICHnet.org Company Confidential
Four Dimensions of Agility Its About Leadership & Culture
ORGANIZATION HR/KNOWLEDGE
PROCESS/POLICY INCENTIVES/CULTURE
Empower decision makers, establish cross
functional collaboration. Establish IT Acquisition Center of Excellence with IC
partners.
Fill IT Expertise and Knowledge gap thru revamped IT training and mentoring
programs. Establish an IT Acquisition Center of Excellence with FAI, DAU and IT-AAC. Establish public/private partnerships with non-traditional
COPs.
Establish Value Streams, reward risk takers, encourage small failures,
focus on mission outcomes vs compliance.
Sunset old policies and acquisition processes, embrace existing Agile Frameworks like the Acquisition Assurance Method, Decentralize Decision Making and empower
leadership.
“People are critical in the acquisition process and getting the right people in terms of ability and expertise is absolutely critical in making the process work effectively” Kevin Meiners, OUSD Intel
ICHnet.org Company Confidential
OSD ATL view on IT Reform2009 DSB Re-Enforced By Many
Acquisition• Long acquisition cycle-times
• Successive layers … built over years • Limited flexibility and agility
Requirements• Understanding and prioritizing requirements
• Ineffective role and comm in acquisitions
Test/Evaluation• Testing is integrated too late and serially
• Lack of automated testing
Funding & Governance• Program-centric, not capability-centric
• Overlapping decision layers (e.g., multiple review processes)• Lack of customer-driven metrics
• Funding inflexibility & negative incentives
“The inability to effectively acquire information technology systems is critical to national security. Thus, the many challenges surrounding information
technology must be addressed if DOD is to remain a military leader in the future. The development of a new acquisition process, coupled with clear roles
and responsibilities of key decision makers, and an experienced leadership and workforce, are important elements of the solution.” 2009 Defense
Science Board Report to Congress
ICHnet.org Company Confidential
Summary Root Cause Analysis Summary findings of 42 Leadership Workshops, 40+ Studies & 30+
Major IT Program Failures across DHS, DoD and the IC
1. Us of Weapon Systems IT Acquisition Methods; Bureaucratic processes, upside-down incentives, redundant oversight, missing metrics (MOE, SLA) puts focus on compliance vs outcomes. MilSpec Acquisition methods do not work for fast paced IT market. DODAF, JCIDS, NESI, LISI were designed for top down Weapons Systems (by FFRDCs), and have no track record for successful delivery of IT (which average 91 months with 16% success rates).
2. Shortage of Qualified IT Expertise: FFRDCs and DIB Contractors lack organic access to commercial best practices or expertise in real world IT implementations. Concepts like SOA, Cloud Computing and Service Level Management cannot be embraced without access to industry lessons learned and experiential data.
3. Innovations and Best Practices Stifled: Contractors with IT buy/sell tech agreements or outcomes cannot objectively advise or firewall of OCI issues. Defense Industrial Complex suppliers are vested in legacy stove pipes and design-to-spec development approaches driven by the Weapon Systems Engineering methods.
4. Culture: Risk Avoidance vs Risk Management: Culture and Process focus on risk avoidance, and fail to identify or remediate real execution risk. Decision Analytics must focus on outcomes and maintain stake holder involvement. Title 41 violations abound. Without strong leadership focused on mission outcomes, change will never occur. "There is a lot of talk about agility, speed, acq reform, etc, but , in general, no one seems to be willing to take the actions needed. They would rather
just talk about it. When you look at the chart that shows the DoD acquisition model (you know the one I’m talking about that looks so byzantine), every would agree that it doesn’t make sense. And from the point of SEI or IT-AAC, even if we have built a better mousetrap, it won’t matter if no one listens. Right now, I see DoD increasingly moving away from good practices, to just giving up." CMU SEI Senior Executive on DOD’s struggle with IT Acquisition
Reforms
ICHnet.org Company Confidential
Transitioning JIE & IC-ITE Theory into Implementation Reality
Enterprise Architecture. Leverage IT-AAC Benchmarked SOA Best Practices and Architecture Design Patterns.
Common Standards. IT-AAC’s provides direct access to emerging Standards Partners and Standards of Practice of a $3.8Trillion market.
Efficient Business Operations. IT-AAC’s can provide expansive body of knowledge and benchmarked Fortune 500 best practices and lessons learned.
Effective Oversight. The Acquisition Assurance Method (AAM) is a robust Decision Analytics Framework proven to mitigate risk while assuring timely deliver of measurable outcomes
Performance Management. IT-AAC’s Standards Partners have ready to adopt SLAs and Performance Metrics.
Portfolio and Investment Management. DoD can immediate leverage IT-AAC’s existing collaborative structure that is open and conflict free.
Enhance public/private partnerships. IT-AAC provides an mature, open and inclusive public/private partnership that already reaches academia, standards bodies, innovators and non-traditional communities of practice
“Drive for stable requirements and funding. Use mature technologies, or fund and manage technology development rigorously. Demand domain credentials and experience in both government and industry teams. Insist on transparency. And conduct regular independent reviews.”
Al Munson Jr, first director of U.S. national intelligence, acquisition and technology
ICHnet.org Company Confidential
IT-AAC Acquisition Center of ExcellenceLeveraging Industry Innovations and Standards of Practice
MissionArchitecture:• Gaps• Mission Prioritization• Constraints
Technology Architecture:• Selection• Certification• Interop Spec• Openness
Service Architecture• Feasibility• SOA Attributes• SLAs• Shared Services
Industry CxOs
InnovatorsVendors/ISVs
SDOs/Labs/Universities
Align Proven Capabilities w/ business needs
Model New Solution
Solution Architecture Validation
and Demonstrations
ValueStreamAnalysis
ProvenIT Solutions
VettedSolution
Architecture
KnowledgeExchange
Prioritized Business
Requirements
Y
N
N
Y
Validated PastPerformance
Measurable OutcomesBusiness Metrics
Solution SetEvidenced-BasedAssessment
NormalizedService Components
Analysis of Alternatives
Solution Exist?
Service Oriented
Specs and SLAs
COTS Comparative
Analysis, Evidence
Mission Requirements& Capability
Gaps
Biz ProcessRe-Engineering
COTS/OSSInnovations
Best PracticesLessons Learned
Research,Testing Results
AcquisitionBluePrints & SLAs
ICHnet.org Company Confidential
Acquisition Assurance Method (AAM)SDLC touch points
COTS/OSS AoABiz Case & SLAsCOTS/OSS AoA
Biz Case & SLAs
Performance BasedAcquisition (increments)
Performance BasedAcquisition (increments)
EstablishStrat Plan &
Policies
EstablishStrat Plan &
Policies
Measure the Gap & Impact
Measure the Gap & Impact
Define RealmOf the PossibleDefine Realm
Of the Possible
Outcome & RiskMetrics & SLAs
Outcome & RiskMetrics & SLAs
Validate MarketVitality, Risks
Validate MarketVitality, Risks
Reward Value& Past Performance
Reward Value& Past Performance
Assure TimelyTransition
Assure TimelyTransition
COTS/OSS FeasibilityAssessment
COTS/OSS FeasibilityAssessment
StrategicPlanningStrategicPlanning
COTS/OSS ServiceSpecifications
COTS/OSS ServiceSpecifications
Mission & CapabilityValue Analysis
Mission & CapabilityValue Analysis
Defining the Mission and Policy Drivers
Define the Mission Gap
Defining baseline and target performance measures
Validate stake holders, funding strategies, linkages to the FEA
Identify Key Capabilities that can be enabled with COTS/OSS
Understanding capabilities can be leveraged and prioritize
Develop Metrics and KPPs
Validate Stake Holder Agreements and Predictable outcomes
Market Research; Standards, Emerging Tech, Best Practices
Feasibility of available COTS technology to satisfied the critical capabilities
Determination of risk with custom vs COTS/OSS solutions
Service Oriented Enterprise
Architecture soundness of COTS technology to satisfied the required capability
Define Core Infrastructure Services to be used. Create Reference Implementation
Tiltle 41, Mark Research
COTS Validation prior to election through Industry vetting
Common score card approach
Assessing Implementations Reusable creditation & accreditation
Testing and Validation on Capabilities
User Acceptance Testing
Validation of Capabilities Delivered
Portfolio Management of Capabilities delivered and gaps
Stakeholder and partner expectations captures
Define target business requirements and processes
Solution Architecture (working draft): Business modeling
Prioritize KPPs
& MOEs
Prioritize KPPs
& MOEs
Acq
uis
itio
n A
ssu
ran
ce
Meth
od
Defin
ing
th
e 8
0%
CO
TS
/OS
S S
olu
tion
Iterative3-6 month
Cycle
Certification and Accreditation
Certification and Accreditation
Capabilities PrioritizationCapabilities Prioritization
Predictable Outcomes
ICHnet.org Company Confidential
Resource Considerations for Innovation Research & IT Acquisition support
Partner Type
SDLC Phase
FFRDC User Groups, Communities of Practice
Standards development orgs, trade associations
Non-profit Research Institutes, UARCs
Consultants, IV&V, A&AS Firms
Innovators, Tech Mfg, Open Source
System Integrators
Requirement, Gap Analysis
Only when no other company can support (4).
OMB Lines of Business offers Critical Role (6,7)
SDOs = Primary driver for open systems. Conflict free structures (2,3)
Provide Conflict free structure and economies of scale (2,6)
Limited access to industry lessons learned.
Great source for customer use cases, lessons learned.
FAR OCI Rules limit participation
Architecture and Planning, Mkt Research
Only when no other company can support (4)
Agency CxOs provides critical guidance (2, 3)
Provide standards of practice, not support
Principle source of expertise
Primary source of expertise
FAR OCI rules limit participation
FAR OCI rules prohibit direct support
PMO & IV&V Support
Only when no other company can support (4)
Not inherently governmental
Assess to standards of practice of suppliers
Optimized for this area
Key role FAR OCI rules prohibit participation
FAR OCI rules prohibit participation
Solution Engineering
Forbidden if available from other sources (4)
Not inherently Governmental
Assess to potential suppliers already in market
Support role, provide process standards, lessons learned
Support role Provide developmental
Primary partnership area
Solution development & integration
Forbidden, may not develop material solutions (4)
Not inherently Governmental
Potential OCI, objectivity
Potential OCI, Lack Resources & Expertise
Internal IV&V for Prime contract reduces risk.
Provider of key technologies
Primary partnership area
ICHnet.org Company Confidential
Past Performance = Assured Outcomes
Where AAM and IT-AAC have proven: better, faster, cheaper
Navy: Assessment of AFLOAT Program – CANES SOA & Security Strategy
Contact Value: $350kEliminated hi-risk Requirements by
23%, $100Ms in potential savings
USAF: Streamlined COTS Acquisition Process. Applied to Server Virtualization.
Contract Value: $500kEstablished optimal arch with ROI of
450% & $458 million savings
USAF: Full application of AAM ModulesFor eFOIA (KM)
Contract Value: $150KCompleted AoA, BCA, AQ Selection
in just 4 months.
USMC: Solution Architecture, AoA and BBA for Cross Domain, Thin Client
Contract Value: $300kGreatly Exceeded Forecasted Saving
in both analysis and acquisition
GSA: Financial Mgt System consolidation using AAM.
Contract Value: $500kMoved FMS from OMB “red” to “green”. Eliminated duplicative investments that saved $200M
BTA: Build out of AAM into BTA IT360, with two completed PilotsContract Value: $300kM
$300 million in potential savings with minimal investment
BTA: Apply AAM to complete AoA and BCA for DoD SOA Project
Contract Value: $250kReduced pre-acquisition cycle time
and cost of Analysis by 80%(4 months vs 18)
GPO: Developed Acquisition Strategy for Future Digital System FDSys
Contract Value: $150kLed to successful acquisition and
implementation on time, on budget and 80% cheaper than NARA RMS
JFCOM: MNIS Evaluation of Alternatives for Cross Domain Solutions
Contract Value: $350kEvaluated 100’s of Options in 90 days,
enabling stake holder buy in and source selection.
“we believe that it is necessary to develop a comprehensive set of metrics to give transparency to program execution, avoid subjective judgment, and avoid the wasting of time in both executing commands and in
oversight offices. This is consistent with the fundamental recommendations of the Packard Commission and Secretary Robert Gates’s initiative to eliminate inefficiency and waste.” PARCA-RAND Root Cause Analysis of
Nunn-McCurdy Breaches
ICHnet.org Company Confidential14
Fortune 100 SOA/Cloud Benchmarked Best Practices and Lessons Learned
OSD HA SOA Implementation Best Practices
BACKUP
ICHnet.org Company Confidential15
SOA is about the Business: An architectures style and enterprise governance structure for communicating business needs and measurable service agreements associated with shared enterprise technology services.
SOA is not about Technology, Cloud is the Implementation Side of SOA!
SOA concepts can be operationalized with almost any technology; Web Services, COBAL, ISB, JAVA, RDB, WSDL, UDDI, etc… But focusing on technology & Standards is a common failure/anti-pattern
What is SOA/CloudA Fortune 100 User Perspective
ICHnet.org Company Confidential16
Six CSFs for SOA/Cloud Transformationthat ICH can Assist you in achieving Success
To establish an SOA/Cloud Leadership must address six critical success factors;
1. Establish common requirements and capability development methods that remove ambiguity and over specification. Consider adoption of Capability Assessment Method refinement.
2. Revamp current Architecture Governance and Solution Engineering processes that drive a technology neutral SOA paradigm in automating Business Process and Infrastructure Capabilities. This requires access to commercial expertise and best practices.
3. Adopt SOA enabled methods that drive Reusable & Standardized Solution Architectures, Performance Metrics and Assessment Results. Reuse can significantly reduce cost, risk and cycle times.
4. Adopt a standardized data interoperability framework the establishes a common vocabulary and standards of practice established within a true public/private partnership.
5. Leverage public/private partnership structure and Solution Architecture Working Group approach that will establish standards of practice for community adoption and criteria for assessing the business fit of COTS, GOTS and Open Source Solutions.
6. Establish collaborative mechanisms by which practitioners, non-traditional suppliers, innovators, standards bodies and communities of practice can participate.
Weapons Systems Style Processes doesn’t work for IT or SOA
Weapons Systems Style Processes doesn’t work for IT or SOA
ICHnet.org Company Confidential17
– Governance: Most Critical, Senior Mgt have Iron Fist on Common Data Model and Infrastructure services. Funding control is paramount.
– Enterprise Architecture (EA): DODAF lacks Business Outcomes, COTS/Open Source Assessments and Performance Metrics. EHR EA efforts must be complimented with Bottom up Solution Architecture Views and Service Level Agreement (SLA) linkages. Using OMB’s FEA PMO would better enable VA architecture alignment
– Document and assess your current portfolio of IT Capabilities in a Services/Value Context. Leverage your current investments and licences.
– Shift Requirements focus to Capability & Service Component outcomes and measures. – Evaluating IT (COTS) in a Services and Capability context: View IT for what business and
infrastructure services are provided vs technology/standards focus. – Assessments (TA, AoA, Market Research, JCIDS, DODAF): Must have a bottom/service view of
COTS/Open Source that drives decisions– Key SOA Standards (process and technology), BPM, BPEL, AAM, FEA PMO Reference Models.– Key Technology and Approaches: Focus on Measures of Effectiveness (MOE) and SLAs– Security and ID Mgt Decisions also must be addressed early on at each level of architecture
decomposition. – Certification and Accreditation (C&A) and Testing considerations must be incorporated into the
Acquisition Lifecycle.
Cloud Key Impact AreasEach must be re-oriented towards Services/Outcomes
ICHnet.org Company Confidential18
The Desired Outcome – Agility Through Design- Time & Real-Time SOA with Active Policy Enforcement
Real Time and Non-Real Time Services
Presentation Services
Security Services
Discovery Services
Management Services
Mediation Services
Messaging Services
Runtime Infrastructure Components Modelof the CANES SOA Reference Architecture
Machine-Machine enforcement
ICHnet.org Company Confidential19
SOA/Cloud Success is Predicatedon Common Service Infrastructure
ICHnet.org Company Confidential20
A 10 Company Distillation ofBest Practices
Best Practice Number 1: To succeed at SOA: align with your organization’s leadership by building services that are tightly coupled with the organization’s most important goals.
Best Practice Number 2: Services must be easy to find and understand. Those who do use them must be rewarded.
Best Practice Number 3: Ensure that services are well documented and widely publicized.
Best Practice Number 4: The SOA must allow data to flow from one end of the enterprise to the other with its meaning intact and in a secure fashion.
Best Practice Number 5: Don’t build SOA. Solve a business problem …. Agility and cost saving will follow. This ancillary to Best Practice 1. Build from within.
ICHnet.org Company Confidential21
Recommendations to the FEDSIT-AAC is organized to help implement these CSFs
1. Focus on a major problem and let a SOA approach evolve from that problem.2. Determine what is a good service and enforce it3. Don’t start till your metadata is defined … you will never recover4. Use strongly enforced data policy and active governance policy enforcement to create
machine-machine mechanism for a real-time SOA needed in the Afloat program5. Reuse as much as possible from legacy (do not start from scratch)6. Determine how services are to built for the OSD HA, you cannot assume separate
funding will achieve enterprise SOA service components and pay for themselves during the life-cycle
7. Create and fund service component owners who’s customers will be the function al application owners
8. Build service domain that cover large major functions and not an array of small service components (subroutine-like; remember FEDEX has only 12)
9. Learn how to accredit a reusable service component, possibly from enclave testing policy.
ICHnet.org Company Confidential
Ph
ase 3
Ph
ase 3
Ph
ase
2P
hase
2P
hase 1
Ph
ase 1
What IT-AAC Proposes in first 3 monthsto operationalize IC ITE
1. Engage in contract to tap IT-AAC coalition of public service partners: tap alternative resources and expertise to provide critical resource support to the SD, Task Force and Services to guide successful implementation of Sec804 in terms of process, culture, incentives and mentoring. Leverage a network of non-profits and experts committed to achieving lasting IT Acquisition Reform.
2. Use IT-AAC as an IPT for establishing consensus and gaining buy-in among key stake holders. Use IT-AAC collaboratory to support AF requirements in meeting Sec 804 Implementation Deadline. “804 Solution” must address weakness of all acquisition lifecycle processes; requirements (JCIDS), architecture (DoDAF), tech assessment (TRL), acquisition strategy, source selection, decision analytics (oversight).
3. Conduct Readiness Assessment & Root Cause Analysis: of current acquisition ecosystem (processes, culture, acqu resources and incentives) with public/private partners. Conduct impact assessment and cost of maintaining status quo. Establish Critical Success Factors.
4. Repurpose Existing Benchmark of SOA/IT Acquisition Best Practices: Benchmark existing innovative/industry IT Requirements, Architecture, Assessment & Acquisition practices, approaches, processes, processes standards that have already been proven in the market. Reduce cost and risk of “build from scratch” or “reshaping broken processes”. Identify high risk programs where new processes can be piloted.
5. Pilot Agile Acquisition Methods that operationalize NDAA Section 804, HR 5013 process implementation, training and piloting of the new IT Acquisition process. Mentor high profile IT programs ( who are already looking for change) through new 804 process; TMA’s EHR, DEEMs, Army FCS, DISA NECC, AF SOA, etc.
6. Roll out process training and program mentoring in partnership with NDU, DAU, ICH and SEI. Build out DAU’s IT Clearinghouse to capture benchmarked industry best practices and proven innovations of the market.
“If confirmed, I would review the implementation of Section 804 and make any necessary recommendations for improvement. I believe many of the challenges in the past were the result of factors such as inadequate technical maturity, undisciplined or poorly understood requirements, poor configuration management practices, the lack of disciplined and mature software development processes, and shortages of qualified people.”
Honorable Frank Kendall, OSD ATL
ICHnet.org Company Confidential
Pro
cess
Pro
cess
Tech
nolo
gy
Tech
nolo
gy
Peop
leP
eop
le
On-going Support Activities needed for Sustainable IT Acquisition Effectiveness
1. Workforce Empowerment: Establish robust IT Leadership Training and Mentoring program that builds on DAU/IT-AAC Partnership. Build out Best Practices Clearinghouse with reusable acquisition decision templates and solution architectures already proven in the market
2. Continuous Leadership Roundtables: directed at sharing lessons learned, gaining trust, exposing best practices and improving stake holder communications.
3. Industry Benchmarking and Innovation Research: Closing the knowledge gap. Baseline real world metrics and service levels. Leveraging ICH’s deep network of experts and expertise not available from traditional sources. (the realm of the possible).
4. Standards of Practice: Benchmarked IT infrastructure/Cloud design patterns and associated metrics that can be readily adopted to mitigate decision risks
5. Implement Agile Acquisition: Refresh SLDC processes and policies that are derived from proven practices & tuned for the fast paced IT market. Establish stake holder roles and responsibility that assure continuous monitoring and feedback.
6. Knowledge Management: Establish continuous Innovation Research and lessons learned exchanges that break down organizational stove pipes and enable info sharing.
ICHnet.org Company Confidential
IT-AAC = Sustainable IT ReformsAgile Acquisition, Standards & Innovation Research
The IT-AAC is uniquely positioned to drive sustainable IT Reforms;
Embrace of Open and Agile IT Acquisition frameworks (per DSB report) already proven to meet challenges of the fast paced IT market (AAM is the only conforming to-date)
Dynamic access to evolving commercial innovations, implementation best practices and lessons learned (CCA), outside the reach of the Defense Industrial Complex
A bottom up view of commercial capabilities that feeds the requirements process, (realm of the possible) to prevent over specification and costly custom development.
Means of deriving SLAs from both Measures of Effectives and Standards of Practice, critical to managed services, capability based acquisition and service level management.
Means of empowering and educating IT Program Management workforce via time proven expertise, tapping a wide range of gray beards with no inherent conflicts of interests.
“To decrease risk in source selections, the DoD will follow proven commercial processes,increasing the emphasis placed on past performance and experience on prior
government andcommercial efforts in selecting IT providers.” DepSec Bill Lynn on Section 804
Implementation Plan