It aac

1,118 views
1,066 views

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,118
On SlideShare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
6
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

It aac

  1. 1. IT Acquisition Advisory Council (IT-AAC) A non-partisan think tank, 501.C3Roadmap for Sustainable IT Acquisition ReformLeveraging non-traditional expertise and benchmarked standards of practices That exceed CCA & Section 804 Mandates Honorable John Grimes, Former OSD CIO John Weiler, Managing Director, john@IT-AAC.org Dr. Marv Langston, IT AAC Vi Ch i marv@langston.org D M L t IT-AAC Vice Chair @l t Kevin Carroll, IT-AAC Vice Chair 904 Clifton Drive www.IT-AAC.org Virginia 22308 * Alexandria * www.IT-AAC.org *0400 768-0400 703 768 (703)
  2. 2. Senior Exec Briefing Summary™ Assuring Business Value from every IT $ Spent  Purpose  Todays Situation  Our Proposal to Assist  Way Forward Recommendation  Predictable Outcomes“Together, these steps will help to catalyze a fundamental reform of Federal IT, which is essential to improving the effectiveness and efficiency of the Federal Government” White House, OMB Director 501.C Non-Profit Research Institute IT-AAC Proprietary © 2008- 2010 All Rights Reserved 1 703-768-0400 www.IT-AAC.org
  3. 3. ™ Think Tank PurposeTo provide the Decision Makers with an alternative set of resourcesand expertise needed to guide the establishment of a “best in class”set of IT Acquisition Processes and Governance Structure. StructureAcquisition Practitioners and workforce will need commercial methods, access to deepindustry expertise and emerging standards of practice to overcome common failure patternsand cultural impediments that have prevented previous attempts to achieve followingobjectives:Speed -- achieve 6-12 month cycle times vice 7-8 years (early pilots prove this is possible)Incremental development, testing, and fielding -- vice one "big bang"Actionable Requirements -- Sacrifice or defer customization for speed and COTS/OS utilization - Leverageestablished standards of practice and open modular platformsMeet DoDs wide-range IT needs -- from modernizing C2 to updating word processing softwareFocused on Outcomes and Operational Effectiveness - Health IT, InfoSharing, Cyber Security, Consolidated ITInfrastructure,Infrastructure Business Systems “You can’t solve today’s problems with the same thinking that got you there” Albert Einstein 501.C Non-Profit Research Institute IT-AAC Proprietary © 2008- 2010 All Rights Reserved 2 703-768-0400 www.IT-AAC.org
  4. 4. IT-AAC understands IT Acquisition Dilemma ™ Wave 3 Solutions can’t be acquired using MilSpec processes…  We are in early stages of Wave 3 information technology  Mainframe and Client-Server waves remain in place 3. Internet - Cloud tion Driven Capability y  Waves represent many co-dependent technologies, • Virtualized compute; global network enabled, plug & play matured over time • IT Infrastructure decoupled from  Adding functional capability has Applications • COTS & OSS Integration, Integration n become easier with each new wave b i ith h Software as a Service  But enterprise infrastructure 2. Client/Server - Decentralized gaps & vulnerabilities have • PC enabled and network become more critical • Software distributed in both server and clientInformat computers t • Heavy focus on software development and point to point integration 1. Centralized - Mainframe • Central computer center, slow turn around center • One size fits all • Limited reuse of application modules 1950 1960 1970 1980 1990 2000 2010 2020 Information Technology Evolution I f ti T h l E l ti DoD is using 1970s acquisition processes; to acquire Wave 3 IT capability 501.C Non-Profit Research Institute IT-AAC Proprietary © 2008- 2010 All Rights Reserved 3 703-768-0400 www.IT-AAC.org
  5. 5. Understanding the Many Dimensions of the IT Acquisition Lifecycle ™IT Acquisition Building Blocks: Governance and Oversight: how an enterprise supports, oversees and manages IT programs and on-going portfolio. SOA as defined in the commercial market is governance tool not technology. DoD5000 and BCL represent the current approaches. Decision Analytics: enables effective Program Management and Value Stream Analysis execution. As most of these sub-processes are designed to improve decision making, a relative new discipline has evolved (since 86), that addresses the human and cultural challenges in decision making. Decision Analytics is the discipline of framing the essence and success criteria of each gate in the acquisition lifecycle. It brings focus to the high risk areas of a program, and reduces analysis/paralysis. Requirements Development: Actionable requirements must be constrained by the realm of the possible. With pressures to do more with less, we must possible less embrace mechanisms that force a relative valuation/impact of the gap/capability, with clearly defined outcomes Architecture: This is one of the most critical elements of the acquisition lifecycle, as it should represent all stake holder agreements. The market embrace of SOA is not about technology, but a refocusing of the EA on service level management and data. A good architecture is a lexicon that links requirements, technologies and acquisition strategy. T h l Technology Assessment: Understanding the limitation of technology early in the process is key. Without a clear view of the “realm of the possible” validated A t by real world results, we often find ourselves in high risk areas and over specification. Market research must be done early to help users constrain requirements and embrace the inherent business practices that codify. Recognizing that 70% make up of every IT application is vested in IT infrastructure (netcentric, cloud, SOA), it is critical to establish a common infrastructure/infrastructure standard by which all applications can share. The most prolific is ITIL to date. Business Case Analysis: Demonstrating the business value of technology investments, based on evidenced based research and lifecycle cost. This is a core requirement of Clinger Cohen Act. Performance Based Acquisition and Metrics: Software as a Service and SOA portent a new dynamic for acquisition of IT (health IT, cyber, business systems), that brings focus to Service Level Agreements (SLAs), Software as a Service (SaaS) and SL Management. If the previous activities do not directly feed the acquisition strategy or provide mechanisms for contractor accountability, all is lost. “IT Reform is about Operational Efficiency and Innovation” 501.C Non-Profit Research Institute IT-AAC Proprietary © 2008- 2010 All Rights Reserved 4 703-768-0400 www.IT-AAC.org
  6. 6. Today’s Situation -- as highlighted by the HASC ™ Panel on Defense Acquisition Reform q Studies of both commercial and government IT projects have found some disturbing statistics;  Only 16% of IT projects are completed on time and on budget.  31% are cancelled before completion completion.  The remaining 53% are late and over budget, with the typical cost growth exceeding the original budget more than 89%.  Of the IT projects that are completed, the final product contains only 61% of the originally specified features. As was pointed out in testimony before the Panel, the traditional defense acquisition process is “ill-suited forinformation technology systems. Phase A is intended to mature technology; yet information technologies are now largely matured in the commercial sector”. Weapon system acquisition processes are often applied to IT systems acquisition, without addressing unique aspects of IT “the weapon systems acquisition process is optimized to manage production IT. risk and does not really fit information technology acquisition that does not lead to significant production quantities.” Defense Acquisition Panel, HASC 501.C Non-Profit Research Institute IT-AAC Proprietary © 2008- 2010 All Rights Reserved 5 703-768-0400 www.IT-AAC.org
  7. 7. Understanding IT Acquisition Reform Laws ™ MilSpec must give way to Industry Best Practices: SOA, Agile, COTSHR5136: ‘‘Implementing Management for Performance and Related Reforms to Obtain Value in Every Acquisition’’. Requires: (1) Determine clear performance metrics for specific programs from the start; (2) Foster an ongoing dialogue during the technology development process between the system developers and the warfighters; (3) Promote an open architecture approach that allows for more modularization of hardware and software; (4) Develop a plan for how to strengthen the IT acquisition workforce; (5) Implement alternative milestone decision points that are more consistent with commercial product development for IT; (6) Develop a process for competitive prototyping in the IT environment; (7) Develop a new test and evaluation approach that merges developmental and operational testing in a parallel fashion; (8) Place greater emphasis on the up-front market analysis; and (9) Conduct a rigorous analysis of contracting mechanisms and contract incentiveClinger Cohen Act Requires: (1) Streamline the IT Acquisition Process (2) Change business processes (BPR), not COTS (3) Favor COTS/OSS over custom development. (4) Build business case and acquire based objective assessment criteria (5) Use architecture for driving investment decisions (6) Favor standards and best practices over MilSpec approaches 501.C Non-Profit Research Institute IT-AAC Proprietary © 2008- 2010 All Rights Reserved 6 703-768-0400 www.IT-AAC.org
  8. 8. Congressional Action to Reform ™ IT Acquisition: 2009 NDAA Sec804 q“The Secretary of Defense shall develop and implement a new acquisition process for information technology systems. The acquisition process developed and implemented pursuant to this subsection shall, to the extent determined appropriate by the Secretary-- be based on the recommendations in chapter 6 of the March 2009 report of the Defense Science Board Task Force on Department of Defense Policies and Procedures for the Acquisition of Information Technology; and be designed to include-- – early and continual involvement of the user; – multiple, rapidly executed increments or releases of capability; – early, successive p y prototyping to support an evolutionary approach; and yp g pp y pp – a modular, open-systems approach”Congress and DSB made these recommendations based on early adoptions by AF, Navy, USMC, and BTA of alternative methods like the Architecture Assurance Method (AAM), a risk management framework designed to improve decision making and assure stake holder value AAM incorporates by reference industry best value. practices like SOA, ITIL, and Evidenced Based Research. 501.C Non-Profit Research Institute IT-AAC Proprietary © 2008- 2010 All Rights Reserved 7 703-768-0400 www.IT-AAC.org
  9. 9. OMB Guidance on IT Reform ™ from OMB’s 25 Point PlanAlign the Acquisition Process with the Technology Cycle Point 13. Design and develop a cadre of specialized IT acquisition professionals . Point 14. Identify IT acquisition best practices and adopt government-wide. Point 15. Issue contracting guidance and templates to support modular development Point 16. Reduce barriers to entry for small innovative technology companies" 501.C Non-Profit Research Institute IT-AAC Proprietary © 2008- 2010 All Rights Reserved 8 703-768-0400 www.IT-AAC.org
  10. 10. OMB’s View of Federal IT Fundamentally Broken!™ 501.C Non-Profit Research Institute IT-AAC Proprietary © 2008- 2010 All Rights Reserved 9 703-768-0400 www.IT-AAC.org
  11. 11. Sources of Evidence ™ Failure to fix IT is costing the tax payer $40Billion a Year“We are buying yesterday’s technology tomorrow in the rare instances we are successful ” DSB IATF: “DoD reliance on FFRDCs is isolating it from sources of new technologies and will hinder the departments ability to get the DoD technologies, best technical advise in the future” AF Science Advisory Board 2000: PMs need greater access to real world lesson learned and innovations of the market to mitigate risk and cost overruns. PMs frequently enter high risk areas due to limited access to lessons learned from those who have already forged ahead. CMU SEI Study 2004: The DoDAF alone is not effective for IT architectures, lacks business view, performance metrics or means of avoiding over specification. DoDAF (C4ISR) was developed by Mitre and IDA in 1986 to provide DoD with a systems engineering documentation tool for existing system implementations. 2009 NDAA Sec 803 : Government needs a high integrity knowledge exchange by which innovations of the market can be objectively assessed. DSB 2009: Weapons Systems Style Solution Architecture and Acquisition Processes take too long, cost too much, recommend establishing a separate IT Acquisition market that is tuned for the fast paced market. t bli hi t A i iti k t th t i t d f th f t d k t IT-AAC 2009: Major IT Programs lack senior leadership support, and have few vested in the success. All participants, including oversight, must be incentivized in meeting program goals and outcomes. BENS RPT on ACQUISITION 2009: DoD needs independent architecture development that is not compromised by those with a vested interest in the outcome FAR OCI rules must be better enforced outcome. enforced. NDAA Sec 804 2010: DoD will establish a modular IT Acquisition process that is responsive to the fast paced IT market."Weapons systems depend on stable requirements, but with IT, technology changes faster than the requirements process can keep up," he said "It changes faster than the budget process and it changes faster than the acquisition milestone process up said. It process. For all these reasons, the normal acquisition process does not work for information technology.” DepSec Bill Lynn statement at the 2009 Defense IT Acquisition Summit hosted by IT-AAC 501.C Non-Profit Research Institute IT-AAC Proprietary © 2008- 2010 All Rights Reserved 10 703-768-0400 www.IT-AAC.org
  12. 12. Federal IT Acquisition Root Causes ™ compromising mission effectiveness and costing tax payer $40B/year1. IT Acquisition Ecosystem Ineffective: – Missing incentives & metrics, redundant oversight, vague accountability, ineffective g , g , g y, governance (MOE, SLA) puts focus on compliance vs outcomes. – Programs spending up to 25% on compliance without any reduction in risk.2. Good laws (CCA, OMB 119, FAR, Sec804) lack enforcement: ( , , , ) – Frequently compounded by Ad-hoc Implementations and MilSpec methods. – DODAF, JCIDS, NESI, LISI were designed for Weapons Systems, compete with standards and orthogonal to Industry Best Practices.3. Conflict of Interest unenforced, optimal resources and expertise overlooked: – FAR prohibits Contractors with vested interests in implementation should not use “Chinese firewalls” to bypass rules or gain unfair advantage. – Optimal resources in IT Program planning, market research, and solution engineering overlooked, inhibiting access to real world best practices and innovations of the market. Standards bodies & non-profit research institutes under utilized. “Insanity is continuing the same process over and over again and expecting different results” Albert Einstein 501.C Non-Profit Research Institute IT-AAC Proprietary © 2008- 2010 All Rights Reserved 11 703-768-0400 www.IT-AAC.org
  13. 13. Root Cause (cont.) ™4. FFRDCs/SIs are Stifling Innovation and Decision Making due to Analysis/Paralysis: – Traditional Sis/FFRDCs are insulated from IT innovations and commercial best practices. – PMs lacks effective outreach/research capabilities needed to inform the requirements and acquisition lifecycle. Lacks timely access to innovations of the market, commercial expertise, or benchmarked best practices and lessons learned. – Small Businesses, Innovators and Public Service entities (.edu, .org, SDOs) are under utilized, utilized threatening Open Systems and Open Architecture efforts efforts.5. MilSpec Acquisition Processes in conflict with Open Systems, best practices and drive “design to spec” approach ( in spite of CCA and NDAA Section 804 directive to the contrary): – MilSpec Requirements (JCIDS), Architecture (DoDAF), Tech Assessment (TRL/C&A) (JCIDS) (DoDAF) (TRL/C&A), Business Case Analysis (AoA), Procurement (DoD5000) and Enterprise Management (CMM) processes are inconsistent with fast paced IT market (in spite of Paperwork Reduction Act, CCA, Section 804 and OMB A119 directives) – Section 804 call Open Process cannot be implemented using the same resources and expertise that created the current MilSpec processes6. Budgeting (POM) approaches drive stove pipe solutions: – Frequently undermining ability to establish common & interoperable infrastructure services which accounts for 70% of every IT program buy. Concepts like SOA, Cloud Computing and Service Level Management cannot be embraced without a change in the above. 501.C Non-Profit Research Institute IT-AAC Proprietary © 2008- 2010 All Rights Reserved 12 703-768-0400 www.IT-AAC.org
  14. 14. Critical Success Factors for ™ Sustainable IT Acquisition Reform qRoot causes analysis derived from 15 years of studies, suggests the following critical success factors for sustainable IT Acquisition Reform. Any new process will need to meet the following litmus test: Must replace each of the existing IT Acquisition lifecycle building blocks (per DSB report) and address the unique challenges of the fast p q g paced IT market ( (JCIDS, DODAF, DOD5000, NESI) ) Must be derived from commercial best practices (CCA) Must avoid MilSpect by leverage existing investments and capabilities (CCA, NTTAA) Should favor processes already proven in the market Should be based on a consensus based standard (OMB A119) Must be modular, services oriented (NDAA Section 804) Should be measurable, repeatable and sustainable, with supporting training, education and mentoring (HR 5013) 501.C Non-Profit Research Institute IT-AAC Proprietary © 2008- 2010 All Rights Reserved 13 703-768-0400 www.IT-AAC.org
  15. 15. ™ IT Reform Way Forward Adapting Agile Acquisition Standards and Benchmarked Commercial Best Practices 501.C Non-Profit Research Institute IT-AAC Proprietary © 2008- 2010 All Rights Reserved 14 703-768-0400 www.IT-AAC.org
  16. 16. Resources for Sustainable IT Reform™ for when failure is not an option Interoperability Clearinghouse (ICH) • Repository of reusable Best Practices Frameworks (process and solution architectures) • Conflict Free Research Coop dedicated to operationalizing Clinger Cohen Act directives • Means of accessing wide range of SMEs and community of practices outside the Defense Industrial Complex Acquisition Assessment Method (AAM) • D i i Analytics Tool for IT centric AoA, EoA, BCA, Ri k and T h i l A Decision A l i T l f i A A E A BCA Risk d Technical Assessments • Measurable, repeatable and sustainable method to enable cost avoidance and savings • Incorporates by reference: SOA best practices, IT Infrastructure Libraries (ITIL) and Evidenced Based Research (EBR) Solution Architecture Innovation Lab (SAIL) • Virtual Lab by which innovators can validate their solutions ™ • Solution Architecture patterns for e-Gov, IT Infrastructure, Cyber-Security & Health IT • M Means of tapping existing testing and implementation resources for rapid deployment ft i i ti t ti di l t ti f id d l t IT-Acquisition Advisory Council (IT-AAC) • A non-partisan Government and industry think tank created to drive sustainable IT Acquisition Reform • Leverages expertise from academia, standards bodies, innovators and COIs • Provide an interchange for senior level leadership interchange 501.C Non-Profit Research Institute IT-AAC Proprietary © 2008- 2010 All Rights Reserved 15 703-768-0400 www.IT-AAC.org
  17. 17. Partner with DAU to create a Mentoring™ and Training Curriculum g 501.C Non-Profit Research Institute IT-AAC Proprietary © 2008- 2010 All Rights Reserved 16 703-768-0400 www.IT-AAC.org
  18. 18. Assessment of Alternative IT Acquisition Processes ™ MilSpec Assessment Alternative Assessment Where Acquisition against Sec 804 Acquisition against Sec 804 successfully Processes Criteria Process Criteria appliedDecisionD i i Ad h hoc, nott Largest gap in IT L t i Acquisition A i iti Open, O AF, N AF Navy, USMC, USMCAnalytics formalized Lifecycle Assurance Successfully BTA, GSA, DISA, Method (AAM) piloted, modularRequirements JCIDS, IT Box Not tuned for Value Stream Exceeds criteria US TRANSCOM,Development COTS, SOA, COTS SOA OSS Analysis w/ Agile DISA, DISA CIA Market DevelopmentArchitecture DoDAF Missing Metrics, OMB FEA RMs Strong evidence, PTO, DOC, Systems Infrastructure View, SEI SMART Services Based GPO, GSA, DOI, Engineering Stake holder DOT, DOT DHS Method perspectivesTechnology TRL IT Matures at a AF Solution COTS/OSS AF, USMC, BTA,Assessment: Assessment very fast rate Assessment Focused, support Navy CANES, Process (ASAP) BPR PTO, GPO, GSARisk & Cost Analysis of Time consuming, ASAP/AAM BCA Effective w/ AF, Navy, USMC,Management Alternatives, not aligned with COTS based sys BTA industry B.P. BTA ERAM Limited risk mgtGovernance DoD 5000 Milestone based, based ICH Clinger Integrated SOA BTA, BTA OSD HA, HAand Oversight Bus Capability not effective for IT Cohen Act Guide best practices Navy, Lifecycle (BCL) 501.C Non-Profit Research Institute IT-AAC Proprietary © 2008- 2010 All Rights Reserved 17 703-768-0400 www.IT-AAC.org
  19. 19. Resource Optimization Considerations you cannot outsource risk or critical thinking ™1. FFRDCs: Best suited for govt unique R&D and Weapon Systems Source Selection.2. Standards Development Orgs (SDO), Trade Associations: Source of standardizations among suppliers, ISVs. Effective source for market communications and outreach.3. Research Institutes, Labs & Academia: Excellent source of low cost research, piloting of emerging technologies not yet proven in the market. Effective in IT & acquisition training.4. Consultancies, A&AS Firms: Excellent for IV&V and source selection if free of vendor relationships or implementation interests. Can mitigate OCI issues in acquisition.5. Innovators, ISVs, Open Source: The engine of innovation. Most effective and efficient way of filling common industry IT gaps. Great source of customer case studies and best practices.6. System Integrators: Optimized for large scale implementation and outsourcing. Have significant outsourcing economies of scale and technology usability insights. 501.C Non-Profit Research Institute IT-AAC Proprietary © 2008- 2010 All Rights Reserved 18 703-768-0400 www.IT-AAC.org
  20. 20. Resource Guide for Effective IT Acquisition Based on Clinger Cohen Act and FAR Guidance ™ Partner Type FFRDC User Groups, Standards Research Consultants, Innovators, System Communities development Institutes, IV&V, A&AS Tech Mfg, IntegratorsSDLC Phase of Practice orgs, trade Labs & Firms Open Source associations AcademiaRequirement, Only when OMB Lines of SDOs = Provide Limited access Great source FAR OCIGap Analysis no other Business Primary driver Conflict free to industry for customer Rules limit company can offers Critical for open structure and lessons use cases, participation support (4). Role (6,7) systems. economies of learned. lessons Conflict free scale (2,6) ( ) learned. structures (2,3)Architecture Only when Agency CxOs Provide Principle Primary source FAR OCI rules FAR OCI rulesand Planning, no other provides standards of source of of expertise limit prohibit directMkt Research company can critical practice, not expertise participation support support ( ) pp (4) g guidance ( , 3) (2, ) support ppPMO & IV&V Only when Not inherently Play Optimized for Key role FAR OCI rules FAR OCI rulesSupport no other governmental supporting role this area prohibit prohibit company can participation participation support (4)Material Forbidden (4) Not inherently Support role Support role Provide PrimarySolution Governmental developmental partnershipEngineering areaSystem Impl., Forbidden (4) Not inherently Forbidden Lack Internal IV&V Provider of key PrimaryMaint, & Governmental Resources & for Prime technologies partnershipSupport Expertise contract area reduces risk. 501.C Non-Profit Research Institute IT-AAC Proprietary © 2008- 2010 All Rights Reserved 19 703-768-0400 www.IT-AAC.org
  21. 21. Critical Success Factors for Sustainable IT Acquisition Reform ™Clinger Cohen Act, FAR, and NDAA Sec804 directives cannot be accomplished with the samethinking that got us their. FFRDCs are prohibited from competing with industry and therefore theleast effective resource for IT programs. The CSF include; Agile Methods derived from benchmarked commercial best practices (CCA, Sec804) Leverage existing investments and innovations of the market while avoiding competing withindustry or duplicating what already exists (Economy Act) Utilize pub c se ce institutes a d sta da ds bod es o e FFRDCs ( Ut e public service st tutes and standards bodies over Cs (FAR) ) Should be based on Open, consensus based methods (OMB A119) Must be modular, services oriented (NDAA Section 804) , ( ) Should be measurable, repeatable and sustainable, with supporting training, education andmentoring (HR 5013) 15 years of studies suggest the following critical success factors for sustainable IT Acquisition Reform. An “Open” IT Acquisition process will still need to conform to the rule of law (non-MilSpec): 501.C Non-Profit Research Institute IT-AAC Proprietary © 2008- 2010 All Rights Reserved 20 703-768-0400 www.IT-AAC.org
  22. 22. ™ Repeatable Patterns of Success when agencies t IT expertise outside the Defense Industrial Complex! h i tap ti t id th D f I d ti lC l ! Navy: Assessment of AFLOAT Program – USAF: Streamlined COTS Acquisition USAF: Procurement of E-FOIA CANES SOA & Security Strategy Process. Applied to Server Virtualization. System using AAM Eliminated hi-risk Requirements by Established optimal arch with ROI of Completed AoA, BCA, AQ Selection 23%, $100Ms in potential savings 450% & $458 million savings in just 4 months. USMC: AoA and BusCase for Cross GSA: Financial Mgt System consolidation BTA: Assessment of External DoD Domain, Thin Client Solutions using AAM. Hosting Options using AAMGreatly Exceeded Forecasted Saving Moved FMS from OMB “red” to $300 million in potential savings with in both analysis and acquisition “green”. Eliminated duplicative minimal investment investments that saved $200M BTA: Apply AAM to complete AoA and GPO: Developed Acquisition Strategy for JFCOM: MNIS Evaluation of Alternatives BCA for DoD SOA Project Future Digital System for Cross Domain SolutionsReduced pre-acquisition cycle time Led to successful acquisition and Evaluated 100’s of Options in 90 days, and cost of Analysis by 80% implementation on time, on budget enabling stake holder buy in and (4 months vs 18) and 80% cheaper than NARA RMS source selection. “. the concept of the Interoperability Clearinghouse is sound and vital. Its developing role as an honest broker of all interoperability technologies, no matter what the source, is especially needed. Such efforts should be supported by any organization that wants to stop putting all of its money into maintaining archaic software and obtuse data formats, and instead start focusing on bottom-line issues of productivity and cost-effective use of information technology.” OSD Commissioned Assessment of Interop. Clearinghouse (Mitre 2000) 501.C Non-Profit Research Institute IT-AAC Proprietary © 2008- 2010 All Rights Reserved 21 703-768-0400 www.IT-AAC.org
  23. 23. ™AF Solution Assessment Process (ASAP) Case Study; Thin Client/Server Based ComputingUsing ASAP/AAM enabled a 60day turn around to complete the following mandatory tasks;1. Converted Requirements to Services/Capabilities Gaps q p p2. Established Measures of Effectiveness and Source Selection Eval Criteria3. Conducted Baseline Assessment (cost/value of current portfolio)4. Market Research (Realm of the Possible) that reaches real innovators and associated lessons learned.5. Conduct Evaluation of Alternatives (apples to apples) using Evidence Based Research6. Lite Weight Business Case Analysis for Investment Justification 501.C Non-Profit Research Institute IT-AAC Proprietary © 2008- 2010 All Rights Reserved 22 703-768-0400 www.IT-AAC.org
  24. 24. Scope of ASAP Phase 2 Effort ™ Adapting ICH s Architecture Assurance Method ICH’sASAP Phase 1 (June 08 - Jan 07) TA Root Cause Analysis Integration of AF TA best practices and ICH Architecture Assurance Method ASAP Process development documentation Facilitated TA Value Stream AnalysisASAP Phase 2 (Aug 07 – Sept 07) SBC Capability Determination SBC Capability Prioritization SBC Solution Architecture & Feasibility Assessment SBC Business Case Analysis (lite) ASAP Process maturity assessmentTA-ASAP Phase 3, Operationalize an Enterprise Process (4 FTEs) pending funding approval) SBC Procurement Documentation Development SBC Source Selection TA-ASAP Management Oversight and Governance Build Out TA-ASAP Process Integration (XC EA, XC PfM, XC CBA, AQ OTD) Estimated TA resource allocation is 4-5 FTEs to support an AF enterprise wide implementation 501.C Non-Profit Research Institute IT-AAC Proprietary © 2008- 2010 All Rights Reserved 23 703-768-0400 www.IT-AAC.org
  25. 25. ™ ASAP Project Milestone j Capability Determination ASAP Artifacts Capability Prioritization Feas./Arch. Assessment BCAJune 14 July 1 Aug 2 Sept 1 Oct 1 BCA ASAP Project Announced to Kick Off MAJCOM Data Call Completed Assessment Plan AF Meeting Data Call Results Data Collection Period on Capabilities AFCA On-board ASAP ASAP Completed Report HERE ASAP Process Execution  Capabilities Determination - data 3 weeks collection capabilities list  Capabilities Prioritization less than a week  Assessment of technology Products 1 day  BCA (operated in parallel with ASAP 5 weeks from start or 1 week after ASAP Assessment  Remaining time is being applied to final task on evaluation of the ASAP process itself 501.C Non-Profit Research Institute IT-AAC Proprietary © 2008- 2010 All Rights Reserved 24 703-768-0400 www.IT-AAC.org
  26. 26. A ASAP Phase 2 Project Plan Process; TA-ASAP Process Model S A P Artifact; TA Sequencing Diagram Innovation Thread ™ Type 1 Technical Solutions - COTS (Portal) PE Y AL N Sp ON N ific EN L RM LITY TY Type 2 Major Program Solution (DoDAF/5000) Pr IOT ILIT TIO TIO SS URA N UR SS ITY ec I ION T T ram ZAT Type 3 Technical Solutions - Custom (Guard) IO dic INA EN PR PAB BI IS ISI CT AT T IL Type 4 Product Evaluation - Innovation T PA YS rio QU AS ITEC M M ISI I AS SIB ITE IC Type 5 Product Evaluation - Commodity CA CA AL QU PeAC TE RIF A CH SE CH SE AN og AC DE FE or VE AR AR Selection Outcomes Lab T1 S O Capability Feasibility Architecture Selection Network Outcomes Capability Independent Individual L Prioritization Assessment Assessment Audit Assessment Certification Determination Audit U KPP/CSF Lab T GO GO I T2 COTS COTS O Capability Feasibility Architecture Selection Network Outcomes Individual N Determination Capability Assessment Assessment Independent P Assessment Audit Certification Prioritization KPP/CSF Audit R T3 CUSTOM NOGO NOGO O I STEP-1 STEP-2 STEP-3 STEP-4 C N BCA N Cat-1: Value, Value U Selection S l ti Network N k Architecture Mature, Funded Individual Outcomes O Feasibility Assessment R Assessment Audit Certification V Assessment A Invest E T4 Cat-2: Value, Mature, T Capability Combined To Be Funded M I O Determination E N Cat-3: Value, N Capability Immature Prioritization Wait T C O Cat-4: No Value C t 4 N V l Lab We W R M M T5 Here O Architecture Selection Network Outcomes D Assessment Independent Assessment Certification I Audit T Y Pre-Tech Assessment Technology Assessment Phase Implementation Phase Use Cases System BCA Templates Probable Actual vs Volumes/Timings Behaviors and Models Cost Mode Planned 501.C Non-Profit Research Institute IT-AAC Proprietary © 2008- 2010 All Rights Reserved 25 703-768-0400 www.IT-AAC.org
  27. 27. ™ SBC Capabilities before ASAP p1Reduce time to deploy infrastructure1aReduce the time to deploy new applications across entire command within hours.1bReduce the time to reassign client locations 1cReduce the time to stand up new organization/office/unit2Reduce infrastructure cost2aReduce equipment accountability cost asset mgt2bReduce software license cost 2cReduce number of report of survey asset mgt2dReduce power consumption (HVAC)2eReduce touch maintenance throughout installation2gReduce number of CSAs/SAs2iReduce technology refresh cost3Improve Reliability, Availability Survivability (RAS)3aReduce mission downtime caused by CMI/Intrusions3bReduce mission downtime caused by loss PC-resident data3cProvide for data backup/recovery services for clients 3dAllow workstation recovery within 15 minutes from a remote location to include applications user data and operating system3eProvide improved reliability and availability clients.3dAllow applications, data, of computing resources, services4Work within current Security Management Posture4aReduce Vulnerabilities4bImprove patch compliance5Provide support for AF Use Cases5aProvide support for client type – Baseline5bProvide support for client type – Functional5cProvide support for client type – Non-Standard5dProvide support for client type – Standalone5eProvide support for client type – Remote5fProvide support for client type – Unmanaged6Support SBC storage strategy6aProvide server-side storage of System data and/or system images6bProvide server- side storage of enterprise data6cProvide server-side storage of user data and/or system images6dProvide server-side storage of user application6eProvide server-side storage of enterprise data application7Support Infrastructure Requirements7aMaintain current bandwidth/network loads (min 10 GB to max 100GB user profiles, 100 MB to the desktop)7bProvide consistent capability, whether rich or thin, with differing capabilities based on Active Directory rights/groups7dProvide support for the Common Access Card (CAC)/DOD Public Key Infrastructure (PKI) logon8Improved Manageability8aProvide for remote manageability of desktop8bProvide support for all business and mission applications, including bandwidth sensitive applications8cProvide for a client computing environment solution that scales over the AF enterprise 8dAllow use of a diverse mix of hardware end devices in a heterogeneous environment 8eIncrease IT service availability to the mobile/pervasive user 9Provide the same user experience (irrespective of client; rich or thin client). Jumbled – Needed a Standardized Methodology To Establish A Repeatable and Executable TA process 501.C Non-Profit Research Institute IT-AAC Proprietary © 2008- 2010 All Rights Reserved 26 703-768-0400 www.IT-AAC.org
  28. 28. A S Process; Capability Determination SBC Capabilities Tie Back to Mission Capability GAPS A Artifact; Hi-Level Capability Matrix P ™ Mission Capability Gaps SBC Capability Mission Capability No High level Capability FROM CJCSI 3170.01F , NCOE JIC 2 1 Reduce time to deploy infrastructure 1. Improved Operational Efficiencies asset management, system administration capacity management, manpower 1 2 Reduce infrastructure cost efficiencies, patch compliance 2. Improved ability to deploy/modify new infrastructure 1 3 Improve Reliability, Availability Survivability (RAS) within hours 3. Improved Mobility 4 4 Work within current Security Management Posture as supported by a pervasive SBC infrastructure 4. Improved security 3 5 Provide support for AF Use Cases loss or theft of physical storage at the edge l h f f h i l h d 1 6 Support SBC storage strategy 2 7 Support Infrastructure Requirements 1 8 Improved Manageability 1 9 Provide the same user experience (irrespective of client; rich orCJCSI 3170.01F - Joint Chiefs of Staff Instruction under the thin client).Joint Requirements Oversight Council (JROC)NCOE JIC - Net-Centric OperationalEnvironment under Joint Integrating Concept Derived From: ConstellationNet Architecture, USAFE Pil0t, NetCent RFI, AF Data Call, Industry Studies and Data 501.C Non-Profit Research Institute IT-AAC Proprietary © 2008- 2010 All Rights Reserved 27 703-768-0400 www.IT-AAC.org
  29. 29. A Process; Capability Prioritization S Established Weighted Criteria A P Artifact; Weighted Capability Matrix For an Objective Decisions - 1™ WT No. Capability Importance 150 1 Reduce time to deploy infrastructure 1a Reduce the time to deploy new applications across entire command within hours. 1 1b Reduce the time to reassign client locations 1 1c Reduce the time to stand up new organization/office/unit 1 150 2 Reduce infrastructure cost 2a Reduce equipment accountability cost asset mgt 4 2b Reduce software license cost 1 2c Reduce number of report of survey asset mgt 4 2d Reduce power consumption (HVAC) 1 2e Reduce touch maintenance throughout installation 1 2g Reduce number of CSAs/SAs 1 2i Reduce technology refresh cost 1 50 3 Improve Reliability, Availability Survivability (RAS) 3a Reduce mission downtime caused by CMI/Intrusions 1 3b Reduce mission downtime caused by loss PC-resident data 3 3c Provide for data backup/recovery services for clients. 1 3d Allow workstation recovery within 15 minutes from a remote location to include 2 applications, user data, and operating system 3e Provide improved reliability and availability of computing resources, services 3 50 4 Work within current Security Management Posture 4a Reduce Vulnerabilities 1 4b Improve patch compliance 1 50 5 Provide support for AF Use Cases 5a Provide support for client type – Baseline 1 5b Provide support f client t P id t for li t type – F Functional ti l 1 5c Provide support for client type – Non-Standard 3 5d Provide support for client type – Standalone 2 501.C Non-Profit Research Institute IT-AAC Proprietary © 2008- 2010 All Rights Reserved 28 703-768-0400 www.IT-AAC.org
  30. 30. A Process; Capability Prioritization S Established Weighted Criteria A P Artifact; Weighted Capability Matrix For an Objective Decisions - 2™ 5e Provide support for client type – Remote 3 5f Provide support for client type – Unmanaged 5 125 6 Support SBC storage strategy 6a Provide server-side storage of System data and/or system images 1 6b Provide server-side storage of enterprise data 1 6c Provide server-side storage of user data and/or system images 1 6d Provide server-side storage of user application 1 6e Provide server-side storage of enterprise data application 1 125 7 Support Infrastructure Requirements 7a Maintain current bandwidth/network loads (min 10 GB to max 100GB user profiles, 1 100 MB to the desktop) 7b Provide consistent capability, whether rich or thin, with differing capabilities based 1 on Active Directory rights/groups 7d Provide support for the Common Access Card (CAC)/DOD Public Key 1 Infrastructure (PKI) logon 150 8 Improved Manageability 8a Provide for remote manageability of desktop 1 8b Provide support for all business and mission applications, including bandwidth 4 sensitive applications 8c Provide for a client computing environment solution that scales over the AF 1 enterprise 8d Allow use of a diverse mix of hardware end devices in a heterogeneous 1 environment 8e Increase IT service availability to the mobile/pervasive user 2 150 9 Provide Pro ide the same user e perience (irrespecti e of client; rich or thin ser experience (irrespective client 1 client). 501.C Non-Profit Research Institute IT-AAC Proprietary © 2008- 2010 All Rights Reserved 29 703-768-0400 www.IT-AAC.org
  31. 31. A Process; Feasibility & Architecture S Assessment Results Assessments A Artifact; Solution Risk Assessment ™ P Report Q Quantify Risks y The results showed how the combined Use Cases could be several by a single product suite. ASAP scored the highest due to clarity toprovide the same useras a difficult though SoftGrid quickly provided it’s ability to what seamed experience even decision which was being clouded by no one commercial evaluated where in theoptimal Clearly there are tradeoffs the range of score was not statistically different and all solution being low risk range. all capabilities to tradeoffs. Overall, SoftGrid had the best solution to cover the entirety of the use case including speed to and Wyse solution had and thatreact, andsolutions could be rapidly the least potential to reduce Citrix potential to reduce deploy and ‘80%’ manageability. However, SoftGrid has analyzed and then the most procured and implemented. infrastructure costs. infrastructure costs. Citrix and Wyse were the least capable in manageability. manageability Ardence was the least capable in speed to deploy and react. CCI/HP, Citrix, ClearCube and n e rity Wyse had the W rk w in cu e t S cu pective of u va ility Im ro d M n g a ility client; rich or thin client). ro e p o f r FBlue = Essential 1 - 1.99 most impact on S p o In stru re R d ce in stru re a a e e t o re P vid su p rt fo A o e eploy rovide the sam user A ila ility S rviv b p ve a a e b S p o S Csto g ctu fra ctu M n g m n P stu p ve e b ty, raGreen = Desirable 2 - 2.99 reliability e ab ty c c s rre educe tim to de experience (irresp Im ro R lia ilit u p rt fra u eYellow = Less Desirable 3 - 3.99 availability, and R q ire e ts infrastructure e u mnRed = Undesirable 4 - 5.00 e u p rt B survivability se a s ith U C se te y stra g va b c re A ) (R S eu So st o co R P Value Factors 15% % 15% % 5% % 5% % 5% % 13% % 13% % 15% % 15% %Softgrid 1.67 3.00 3.40 1.50 0.73 1.40 1.00 1.56 1.00 1.67Ardent 2.33 3.15 3.40 3.00 1.53 1.40 1.33 2.11 2.00 2.23 Very Reliable VClearC ube 1.67 2.23 1.30 2.50 2.07 1.40 2.00 2.78 4.00 2.48Wys e 1.00 1.92 1.30 1.50 2.80 1.00 2.33 4.22 5.00 2.67 Reliable RC I/H C P 1.67 2.23 1.30 2.50 2.07 1.40 2.00 2.78 4.00 2.83 Questionable QCitrix 1.00 1.92 1.30 1.50 2.80 1.00 2.33 4.22 5.00 3.03 Unreliable U Revisiting the Assigned Weights may change the scoring outcome Data Faith - R - Click on Table - 501.C Non-Profit Research Institute IT-AAC Proprietary © 2008- 2010 All Rights Reserved 30 703-768-0400 www.IT-AAC.org

×