GovWin
B2G is moving!
Blogs posted after May 22, 2015 will be located on Deltek's central blog page at www.deltek.com/blog.
Just select the "B2G Essentials" blog to continue to receive this valuable content.
GovWin Recon - June 30, 2014

GovWin Recon, produced by Deltek's Federal Industry Analysis (FIA) team, is designed to support awareness and understanding of the issues impacting the government and the contractors that serve it. Recon highlights key developments surrounding government technology, policy, budget and vendor activities.

Headlines beginning with an * include quotes from Deltek analysts. 

 

Federal IT:

Agency News:

Vendor News:

Cybersecurity:

Cloud Computing / Data Center Consolidation / Virtualization:

Health IT:

Big Data / Analytics:

Mobility:

Defense / C4ISR / Embedded Technology:

Contracting / Acquisition:

Legislation:

Mergers and Acquisitions:

State and Local:

AEC News:

GovWin Recon is Deltek's daily newsletter highlighting federal government contracting news and analysis from around the government contracting world. Get it delivered to your e-mail inbox, free!

 

 

GovWin Recon - June 27, 2014

GovWin Recon, produced by Deltek's Federal Industry Analysis (FIA) team, is designed to support awareness and understanding of the issues impacting the government and the contractors that serve it. Recon highlights key developments surrounding government technology, policy, budget and vendor activities.

Headlines beginning with an * include quotes from Deltek analysts. 

 

Federal IT:

Agency News:

Vendor News:

Cybersecurity:

Cloud Computing / Data Center Consolidation / Virtualization:

Health IT:

Mobility:

Transparency and Performance:

Waste, Fraud and Abuse:

Defense / C4ISR / Embedded Technology:

State and Local:

AEC News:

GovWin Recon is Deltek's daily newsletter highlighting federal government contracting news and analysis from around the government contracting world. Get it delivered to your e-mail inbox, free!

 

 

 

 

Predicted increase in patient portal technology

State and local health departments are increasingly looking for IT solutions that allow beneficiaries to have greater access to their personal health information through patient portals. Since 2010, Deltek has tracked 30 solicitations that mention or require patient portal technology. In 2013 alone, Deltek saw a nearly 50 percent increase in patient portal solicitations, partly due to Stage 2 Meaningful Use requirements, which kicked off this year for many providers.
 
Technology review site Software Advice conducted a recent survey of providers who use electronic health record (EHR) software and found that 35 percent of EHR users are planning to invest more in patient portals in 2014 than they did in 2013. Spending on patient portals is estimated to reach $900 million by 2017, demonstrating the increased role patient portals and other patient engagement technology are expected to play in the coming years. 
 
Patient portals are usually procured for as part of an electronic health record system or health information exchange (HIE). In 2010 and 2011, states like Illinois, Georgia, and Louisiana released solicitations for health information exchanges that either gave vendors the option of providing a patient portal or expressly required a portal in later phases of implementation. In more recent years, states like Arkansas, Florida, and New York are issuing solicitations for patient portals as a stand-alone technology that can be seamlessly integrated into a state’s HIE. As states look to strengthen their EHR systems, we expect to see an increased demand for solutions that include patient portals.
 
GovWin IQ subscribers can read further about these projects in the provided links. Non-subscribers can gain access with a GovWin IQ free trial.

 

 

GovWin Recon - June 26, 2014

GovWin Recon, produced by Deltek's Federal Industry Analysis (FIA) team, is designed to support awareness and understanding of the issues impacting the government and the contractors that serve it. Recon highlights key developments surrounding government technology, policy, budget and vendor activities.

Headlines beginning with an * include quotes from Deltek analysts. 

 

Federal IT:

Agency News:

Vendor News:

Cybersecurity:

Cloud Computing / Data Center Consolidation / Virtualization:

Health IT:

Big Data / Analytics:

Mobility:

Defense / C4ISR / Embedded Technology:

Contracting / Acquisition:

Legislation:

State and Local:

GovWin Recon is Deltek's daily newsletter highlighting federal government contracting news and analysis from around the government contracting world. Get it delivered to your e-mail inbox, free!

 

 

GovWin Recon - June 25, 2014

GovWin Recon, produced by Deltek's Federal Industry Analysis (FIA) team, is designed to support awareness and understanding of the issues impacting the government and the contractors that serve it. Recon highlights key developments surrounding government technology, policy, budget and vendor activities.

Headlines beginning with an * include quotes from Deltek analysts. 

 

Federal IT:

Agency News:

Vendor News:

Cybersecurity:

Cloud Computing / Data Center Consolidation / Virtualization:

Big Data / Analytics:

Mobility:

Defense / C4ISR / Embedded Technology:

Contracting / Acquisition:

Mergers and Acquisitions:

State and Local:

AEC News:

GovWin Recon is Deltek's daily newsletter highlighting federal government contracting news and analysis from around the government contracting world. Get it delivered to your e-mail inbox, free!

 

 

 

Positioning for Federal Cloud Business

The Office of Management and Budget (OMB) set June 5, 2014 as a deadline for cloud vendors to comply with federal cloud security certification. This mandate for federal systems highlights a debate that started in the vendor community as soon as the Federal Risk and Authorization Management Program (FedRAMP) outlined its process two years ago: Cloud providers have a few paths available to achieve compliance, some aspects of the processes depend on which route a provider takes. So, which one is best?

Whether they are commercial or government entities, cloud service providers have a number of responsibilities. They’re responsible for working with a third party assessment organization to conduct initial and annual assessments. Along with maintaining an authorization (once granted), they must comply with continuous monitoring requirements. And above all, they are responsible for ensuring their cloud offering or service implements the FedRAMP security controls.

There are three paths for cloud service providers (CSPs) to become FedRAMP compliant. The first is to submit documentation to the FedRAMP program management office (PMO) for review by the Joint Authorization Board. The second path is to submit documentation to the FedRAMP PMO and review by an agency for Authorization to Operate (ATO).  If a vendor receives ATO from one agency, the FedRAMP process will enable other agencies to use that service faster by decreasing the time for approvals. Finally, the third path is for a vendor to submit their documentation to the FedRAMP PMO. This “CSP supplied” path also shortens time for approvals because documentation and testing are prepared and in order for agency review. Ultimately, the difference between these categories is the level of review. JAB provisional authorization relies on review by the FedRAMP Information System Security Officer (ISSO) and JAB. Vendor offerings working toward Agency ATO will receive agency review. CSP supplied offerings have not yet been reviewed.

While there are several paths to compliance, there are only two types of cloud security authorization. One is awarded by the Joint Authorization Board (JAB), which is comprised of security experts from the Defense Department, Department of Homeland Security, and General Services Administration (GSA). The other type is agency sponsored. One difference between these two processes is the timeframe for each. (Obviously, the scale and complexity of the offering being evaluated also comes into play.) The FedRAMP PMO has estimated the time for each path to authorization, pending CSP readiness and responsiveness at each stage.

It takes the JAB approximately 6 months to complete the process to award a Provisional Authorization to Operate (P-ATO). The JAB path focuses on government-wide offerings. At the same time, the JAB is unable to accept risks on behalf of an agency, which is why the authorization is provisional. If an agency decides to use a solution that’s received P-ATO, the agency will need to issue its own ATO letter saying they accept the risk associated with the system.  If a provider is working directly with an agency to establish ATO, the process can take around 4 months. Agencies are likely to target capabilities that align with their mission areas, technology strategies, and pain points. Since these vary from one agency to the next, an agencies stamp of approval might draw mixed interest from other organizations.

A provider who undertakes the process independently can complete the Security Assessment Framework in around 6 weeks. This faster timeline may sound compelling, but there is a catch. At the end of the process, the provider may be a candidate for authorization, but they have yet to undergo review by either the JAB or an agency. This CSP supplied option could be the perfect way for providers of specialized offerings to raise agency awareness. That attention comes at the expense of resources without the guarantee of any business.

Providers that are evaluating options for pursuing FedRAMP certification should also be aware of the program’s recently updated security controls. The vendor transition plan to the updated FedRAMP baseline was released in April 2014. This plan divides cloud service providers into three categories based on their status in the FedRAMP application process. Providers that have reached the in-process stage or that are already in the continuous monitoring stage will have to comply with the new baseline during annual assessment. Their documentation and supporting elements must be updated using the new FedRAMP templates. Annual assessments will test around 140 or 150 controls including both the core ones and new additions. Also, the change of controls will be assessed due to system changes.

 

----------------------------------

Originally published in the GovWin FIA Analysts Perspectives Blog. Follow me on Twitter @FIAGovWin.

 

GAO Testifies Regarding Ailing IT Investments

GAO’s David A. Powner, Director Information Technology Management Issues, testified before the Senate subcommittee on Efficiency and Effectiveness of Federal Programs last week that $1.4 billion worth of federal IT investments are in peril and another $8.6 billion need attention.

Powner stated before the subcommittee under the Senate Committee on Homeland Security and Governmental Affairs that according to the OMB IT Dashboard 183 federal investments are in jeopardy, equating to $10 billion.  “OMB and agencies need to aggressively govern these at-risk investments using TechStat sessions and other governance mechanisms,” Powner said.

 

Last month, Powner appeared before the entire Senate Committee for Homeland Security and Governmental Affairs on Identifying Critical Factors for Success in IT Acquisition to offer insight into best practices and reform initiatives that can help improve IT investment management.  Expanded use of critical success factors in IT acquisition, such as active stakeholder engagement and support from agency executives, along with further implementation of government and industry best practices, will better position agencies to more effectively deliver mission-critical systems, according to GAO.

The IT Dashboard, launched by OMB, has been one key reform issue.  The IT Dashboard was meant to help mitigate risk in federal IT programs and it has increased visibility and garnered success.  However, it has its weaknesses.  GAO issued a report in 2011 which voiced concerns about accuracy and reliability of dashboard data, but also pointed out that data was improving over time.  Recently, GAO reported that agencies had removed major investments from the dashboard which raises concerns about transparency.  Additionally, GAO noted that the timeliness of updates to the dashboard was lacking.  As of December 2013, the public version of the dashboard was not updated 15 of the previous 24 months.

Powner also cited OMB recommendations for increased incremental development, but GAO’s recent findings indicate that almost 75% of investments reviewed did not plan to deliver capabilities every six months and less than half planned to deliver capabilities in 12 month cycles.

In recent reports, GAO has also offered recommendations for PortfolioStat efforts.  PortfolioStat requires agencies to conduct annual reviews of their IT portfolios and make decisions about eliminating duplication.  This initiative has the potential to save $5.8 billion through FY 2015, however weaknesses exist in the implementation of the initiative across agencies.  One implementation issue revolves around CIO authority.  

With over $80 billion in federal IT spending per year, it’s incumbent upon agencies and the administration to learn from successful IT implementations, as well as failed projects.  While use of best practices, legislation, and OMB efforts at transparency and oversight have improved IT execution and spending, continued leadership and attention is necessary to build on current progress.

 

GovWin Recon - June 24, 2014

GovWin Recon, produced by Deltek's Federal Industry Analysis (FIA) team, is designed to support awareness and understanding of the issues impacting the government and the contractors that serve it. Recon highlights key developments surrounding government technology, policy, budget and vendor activities.

Headlines beginning with an * include quotes from Deltek analysts. 

Sequestration / Budget:

Federal IT:

Agency News:

Vendor News:

Cybersecurity:

Cloud Computing / Data Center Consolidation / Virtualization:

Big Data / Analytics:

Mobility:

Defense / C4ISR / Embedded Technology:

Contracting / Acquisition:

Legislation:

Mergers & Acquisitions:

State and Local:

GovWin Recon is Deltek's daily newsletter highlighting federal government contracting news and analysis from around the government contracting world. Get it delivered to your e-mail inbox, free!

 

 

 

Enabling the JIE: A Look at the Mission Partner Environment

The last month and a half has seen the announcement of important changes to the Defense Information Systems Agency’s approach to rolling out the new Joint Information Environment.  Formerly an initiative divided into three increments, the JIE has been transformed into a global engineering effort divided into regions of work.  Like a runner gathering speed, DISA has found its footing and transferred incremental momentum in multiple efforts taking place simultaneously.  Speed is the name of the game here as DISA  moves toward its desired end-state for the JIE.

Within this context it’s practically impossible to keep track of what is happening where and when.  Adding to the confusion is the use of contracts for the work that are already in place.  Vendors already working at DISA are benefitting from their close proximity, while those seeking work with the agency are struggling to understand where competitive opportunities can be found.  Today’s post attempts to make sense of the new Mission Partner Environment, a part of what was formerly called “JIE Increment 2,” in an effort to clarify where funding is going and where opportunity related to it might be found.

What Is the Mission Partner Environment?

DISA defines the MPE as an “operating environment that leverages U.S. and mission partner information technology infrastructures with integrating capabilities to realize the DoD JIE framework.”  There are several pieces to this environment that are already in place and which are being engineered to enable the interoperability and security benefits of the JIE.  These pieces are:

  • The Combined Enterprise Regional Information Exchange System (CENTRIXS)
  • The Combined Federated Battle Lab Network (CFBLNet)
  • Pegasus (formerly Griffin)
  • The Unclassified Information Sharing Service-All Partner Access Network (UISS-APAN)
  • The Common Mission Network Transport (CMNT)
  • The United States Battlefield Information Collection and Exploitation Systems (US BICES) Program

Work related to every element listed above, except US BICES, falls under the overall rubric of the Multi-National Information Sharing (MNIS) Service. 

In FY 2015, DISA plans to reprioritize “MNIS investments to address PACOM near-term requirements for expanded Coalition connectivity in their AOR.”  As DISA notes in its Strategic Plan for FY 2014-2019, MNIS will provide the material solution required for the foundation of the MPE.  In short, additional resources will flow to MNIS to enable the JIE in the Pacific (i.e., what was once known as JIE Increment 2).

To put numbers around all of this, DISA has requested $53.5 million in FY 2015 for work related to MNIS.  This compares to $48.3 million in the FY 2014 budget, a rise of 11%.

Contractors Doing the Work

Multiple contractors have provided support for the MNIS Program over the years.  Table 1 below shows those that DISA lists as currently active.  This list should not be considered exhaustive.  However, it does provide insight into where the $53.5 million slated for MNIS in FY 2015 will be going.

Related Opportunities?

Turning to the possibility of new business developing from the effort to transform various MNIS Program elements into a unified Mission Partner Environment consistent with the JIE, the currently available opportunities are few and far between.

  • DISA recently released a solicitation for MNIS Service Strategy and Support to assist the MNIS PMO with planning and technical services.  The awarded contract will be a small business follow-on to an ENCORE II Task Order held by HP Enterprise Services.
  • IT Support Services for the US BICES Program offers considerably more promise for vendors who can compete in the Classified arena.  A draft RFP has been released for this effort, but one will need access to the ARC Procurement System to see it.
  • Lastly, there may be work related to the migration of the UISS-APAN capability to a cloud environment.  Whether this will be DISA’s milCloud or a commercial environment is known only to insiders.  My thought is that migration to a commercial host is a long-shot given the small number of Cloud Service Providers certified by DISA at current data impact levels 1-2.  This said, some DISA officials have speculated in the recent past that APAN is a viable candidate for hosting in a commercial setting, so there is a slight chance here.

In conclusion, welcome to the brave new world of the JIE, where the majority of the work goes to entrenched incumbents via obligations in the DoD’s Operations and Maintenance budget.  It is the use of this procurement/engineering strategy that has both accelerated the implementation of the JIE and obscured how it is being funded.

 

GovWin Recon - June 23, 2014

GovWin Recon, produced by Deltek's Federal Industry Analysis (FIA) team, is designed to support awareness and understanding of the issues impacting the government and the contractors that serve it. Recon highlights key developments surrounding government technology, policy, budget and vendor activities.

Headlines beginning with an * include quotes from Deltek analysts. 

 

Federal IT:

Agency News:

Vendor News:

Health IT:

Big Data / Analytics:

Mobility:

Transparency and Performance:

Defense / C4ISR / Embedded Technology:

Contracting / Acquisition:

Legislation:

State and Local:

GovWin Recon is Deltek's daily newsletter highlighting federal government contracting news and analysis from around the government contracting world. Get it delivered to your e-mail inbox, free!

 

 

 

 

More Entries