It aac defense-it-cloud2013

IT Acquisition Advisory Council
An ICH hosted public/private do-tank

Assuring National Security Mission Outcomes
By leveraging IT innovations and industry standards of practice

“If confirmed, I would review the implementation of Section 804 and make any necessary recommendations for improvement. I believe
many of the challenges in the past were the result of factors such as inadequate technical maturity, undisciplined or poorly understood
requirements, poor configuration management practices, the lack of disciplined and mature software development processes, and
shortages of qualified people.” Honorable Frank Kendall, OSD ATL

Kevin Carroll, former Army PEO EIS
Dr. Marv Langston, former DoD CIO
Gen Ted Bowlds, former AF ESC CMDR

OPS: John@IT-AAC.org
www.IT-AAC.org
703 768 0400

IT Acquisition Advisory Council
assuring the business value of IT

“A public/private do-tank dedicated to ushering in
commercial innovations and industry standards of practice
outside the reach of the Defense Industrial Base”

Honorable Mike Wynne, Chairman Emeritus

ICHnet.org Company Confidential

IT-AAC Partnership
Catalysts for Sustainable IT Acquisition Reform

 GSA, who have certified a series of low cost, high impact Agile Acquisition Packages in support of OMB's 25 Point Plan and the
President's Efficiency Initiatives.

 Center for American Progress (CAP), the White House's preferred think tank dedicated to improving govt efficiency.

 Cloud Security Alliance (CSA), one of the largest and most robust Cloud community of practices.

 Defense Acquisition University (DAU), establishing a robust IT Acquisition training and mentoring curriculum.

 Interoperability Clearinghouse (ICH), providing a repository of benchmarked best practices, solution architecture templates and
Agile Acquisition IT methods (exceeding Clinger Cohen Act and NDAA Section 804 directive)

 International Information Systems Security Certification Consortium (ISC2) providing the most highly recognized Information
Security training available.

 Information Systems and Security Association (ISSA), leaders in establishing industry IA standards of practice

 Object Management Group (OMG), providing standards for IT infrastructure, Cloud Computing and SOA

 University of MD School of Public Policy,

 University of TN National Defense Business Institute,

 Complimented by over 10,000 small/innovative businesses and a powerful network of world renown subject matter experts who are
mutually dedicated to sharing innovations, standards of practice and lessons learned needed to achieving predictable outcomes

 Emergent Partners: UK Trade Mission, UK MOD, Canadian Defence, VA Tech, MIT, CTC, UVA, ITIF, CMU SEI


IT-AAC “do tank”
assuring business value of IT

GOAL: To provide decision makers with a conflict free IT Acquisition Advisory that ushers real
world expertise, Decision Tools, Agile Acquisition Methods needed to enable rapid
implementation of emergent COTS/Open Source solutions that assure mission outcomes.

IT-AAC Core Capabilities:
Just-In-Time IT Expertise critical to overcoming cultural resistance to change. Hundreds of years of lessons learned
are invaluable in risk mitigating.

 Rapid Tech Assessment to define the realm of the possible and inform the requirements process. Builds on NIAP
and AF Solution Assessment Process (ASAP), evolving from a DARPA Research Grant called DCAM.

Agile IT Acquisition –the Acquisition Assurance Method (AAM) establishes a standardized framework for
quantitative and data analysis that is based on Evidenced Based Research. The fact based approach was derived
from benchmarked commercial best practices and adapted to meet FAR and White House policy directives.

 SOA/Cloud Standards of Practice – Service Level Management, Risk Assessment Tools, Governance Models
developed by SDO partners and enhanced by Global 500 companies

 Innovation Research Coop – a virtual innovation lab composed of Universities, Standards Bodies, Communities of
Practice, Innovators and SMEs that are not vested in the status quo, reaching deep into a $3.8Trillion global IT market.
Defining the realm of the possible based on Evidenced Based Research.
“Together, these steps will help to catalyze a fundamental reform of Federal IT, which is essential to improving
the effectiveness and efficiency of the Federal Government” Peter Orszag, White House, OMB Director

SOA/Cloud Acquisition Challenge
We are delivering yesterdays technology tomorrow

 We are in early stages of Wave 3 information technology
 Mainframe and Client-Server waves remain in place 3. SOA - Cloud
Information Driven Capability

 Waves represent many co-dependent technologies, • Virtualized compute; global
network enabled, plug & play
matured over time • IT Infrastructure decoupled from
 Adding functional capability has Applications
• COTS & OSS Integration,
become easier with each new wave Software as a Service
 But enterprise infrastructure 2. Client/Server - Decentralized
gaps & vulnerabilities have • PC enabled and network
become more critical • Software distributed in both server and client
computers
• Heavy focus on software development and point to
point integration
1. Centralized - Mainframe
• Central computer center, slow turn around
• One size fits all
• Limited reuse of application modules

1950 1960 1970 1980 1990 2000 2010 2020
Information Technology Evolution

Innovations of the market and benchmarked best practices are invisible to the Defense Industrial Complex

Four Dimensions of Agility
Its About Leadership & Culture

Empower decision makers, establish cross
functional collaboration. Establish IT Fill IT Expertise and Knowledge gap
Acquisition Center of Excellence with IC thru revamped IT training and mentoring programs.
partners. Establish an IT Acquisition Center of Excellence with
FAI, DAU and IT-AAC. Establish public/private
partnerships with non-traditional COPs.

ORGANIZATION HR/KNOWLEDGE

PROCESS/POLICY INCENTIVES/CULTURE

Sunset old policies and acquisition
processes, embrace existing Agile
Frameworks like the Acquisition Assurance
Method, Decentralize Decision Making and Establish Value Streams, reward risk
empower leadership. takers, encourage small failures, focus on
mission outcomes vs compliance.

“People are critical in the acquisition process and getting the right people in terms of ability and expertise is absolutely critical in making the
process work effectively” Kevin Meiners, OUSD Intel

OSD ATL view on IT Reform
2009 DSB Re-Enforced By Many
Acquisition
• Long acquisition cycle-times
• Successive layers … built over years
• Limited flexibility and agility

Requirements
• Understanding and prioritizing requirements
• Ineffective role and comm in acquisitions

Test/Evaluation
• Testing is integrated too late and serially
• Lack of automated testing

Funding & Governance
• Program-centric, not capability-centric
• Overlapping decision layers
(e.g., multiple review processes)
• Lack of customer-driven metrics
• Funding inflexibility & negative incentives

“The inability to effectively acquire information technology systems is critical to
national security. Thus, the many challenges surrounding information technology
must be addressed if DOD is to remain a military leader in the future. The
development of a new acquisition process, coupled with clear roles and
responsibilities of key decision makers, and an experienced leadership and
workforce, are important elements of the solution.” 2009 Defense Science Board
Report to Congress


Summary Root Cause
Analysis
Summary findings of 42 Leadership Workshops, 40+ Studies & 30+
Major IT Program Failures across DHS, DoD and the IC

1. Us of Weapon Systems IT Acquisition Methods; Bureaucratic processes, upside-down incentives,
redundant oversight, missing metrics (MOE, SLA) puts focus on compliance vs outcomes. MilSpec
Acquisition methods do not work for fast paced IT market. DODAF, JCIDS, NESI, LISI were designed for
top down Weapons Systems (by FFRDCs), and have no track record for successful delivery of IT (which
average 91 months with 16% success rates).

2. Shortage of Qualified IT Expertise: FFRDCs and DIB Contractors lack organic access to commercial
best practices or expertise in real world IT implementations. Concepts like SOA, Cloud Computing and
Service Level Management cannot be embraced without access to industry lessons learned and
experiential data.

3. Innovations and Best Practices Stifled: Contractors with IT buy/sell tech agreements or outcomes
cannot objectively advise or firewall of OCI issues. Defense Industrial Complex suppliers are vested in
legacy stove pipes and design-to-spec development approaches driven by the Weapon Systems
Engineering methods.

4. Culture: Risk Avoidance vs Risk Management: Culture and Process focus on risk avoidance, and fail to
identify or remediate real execution risk. Decision Analytics must focus on outcomes and maintain stake
holder involvement. Title 41 violations abound. Without strong leadership focused on mission outcomes,
change will never occur.
"There is a lot of talk about agility, speed, acq reform, etc, but , in general, no one seems to be willing to take the actions needed. They would rather just talk about
it. When you look at the chart that shows the DoD acquisition model (you know the one I’m talking about that looks so byzantine), every would agree that it doesn’t
make sense. And from the point of SEI or IT-AAC, even if we have built a better mousetrap, it won’t matter if no one listens. Right now, I see DoD increasingly
moving away from good practices, to just giving up." CMU SEI Senior Executive on DOD’s struggle with IT Acquisition Reforms


Transitioning JIE & IC-ITE
Theory
into Implementation Reality
 Enterprise Architecture. Leverage IT-AAC Benchmarked SOA Best Practices and Architecture Design Patterns.

 Common Standards. IT-AAC’s provides direct access to emerging Standards Partners and Standards of Practice of a
$3.8Trillion market.

 Efficient Business Operations. IT-AAC’s can provide expansive body of knowledge and benchmarked Fortune 500
best practices and lessons learned.

 Effective Oversight. The Acquisition Assurance Method (AAM) is a robust Decision Analytics Framework proven to
mitigate risk while assuring timely deliver of measurable outcomes

 Performance Management. IT-AAC’s Standards Partners have ready to adopt SLAs and Performance Metrics.

 Portfolio and Investment Management. DoD can immediate leverage IT-AAC’s existing collaborative structure that is
open and conflict free.

 Enhance public/private partnerships. IT-AAC provides an mature, open and inclusive public/private partnership that
already reaches academia, standards bodies, innovators and non-traditional communities of practice

“Drive for stable requirements and funding. Use mature technologies, or fund and manage technology development rigorously. Demand domain credentials
and experience in both government and industry teams. Insist on transparency. And conduct regular independent reviews.” Al Munson Jr, first director of
U.S. national intelligence, acquisition and technology

IT-AAC Acquisition Center of Excellence
Leveraging Industry Innovations and Standards of Practice
Mission
Requirements
& Capability
Gaps

Mission
Architecture: Value Industry
Biz Process
• Gaps Stream CxOs
• Mission Prioritization Re-Engineering
Analysis Pr Best Practic es
• Constraints ior Lessons Learned
i
Re tized
qu
ire Bus
Measurable Outcomes me ine
nts ss
Business Metrics

Service Solution
Proven
Architecture IT Solutions Exist? Y
• Feasibility Align Proven
SDOs/Labs/
• SOA Attributes Capabilities w/
N Universities
business needs ted
• SLAs Orien
ervice nd SLAs
Model New Research,
• Shared Services S
s a Testing Resul ts
Knowledge
Solution Spec
Exchange
Normalized Solution Set
Service Evidenced-Based
Components Assessment
Technology
Architecture: CO
Validated Past An TS
• Selection Performance aly Co
• Certification Vetted sis mp
Analysis of , E ar Acqui sition
• Interop Spec Solution vid ati Bl uePrints & SLA s
Solution Architecture Alternatives Architecture en ve Innovators
• Openness ce
Validation Vendors/ISVs
and Demonstrations N Y
COTS/OSS
Innovations


Acquisition Assurance Method (AAM)
SDLC touch points
Defining the Mission and Policy Drivers
 Define the Mission Gap

Strategic  Defining baseline and target performance measures Establish
Establish
Planning
 Validate stake holders, funding strategies, linkages to the FEA
Strat Plan &
Strat Plan &
Policies
Policies
Stakeholder and partner expectations captures
Mission & Capability  Define target business requirements and processes
Measure the Gap
Measure the Gap
Acquisition Assurance Method

& Impact
& Impact
Value Analysis  Solution Architecture (working draft): Business modeling

Identify Key Capabilities that can be enabled with COTS/OSS
Defining the 80% COTS/OSS Solution

Capabilities  Understanding capabilities can be leveraged and prioritize Prioritize
Prioritize
 Develop Metrics and KPPs KPPs
KPPs
Prioritization  Validate Stake Holder Agreements and Predictable outcomes
& MOEs
& MOEs

COTS/OSS Feasibility Market Research; Standards, Emerging Tech, Best Practices Define Realm
Define Realm
Iterative Of the Possible
Assessment  Feasibility of available COTS technology to satisfied the critical capabilities Of the Possible
3-6 month  Determination of risk with custom vs COTS/OSS solutions
Cycle
COTS/OSS Service Outcome & Risk
Service Oriented Enterprise Outcome & Risk
Specifications  Architecture soundness of COTS technology to satisfied the required capability Metrics & SLAs
Metrics SLAs
 Define Core Infrastructure Services to be used. Create Reference Implementation

COTS/OSS AoA Tiltle 41, Mark Research Validate Market
Validate Market
Biz Case & SLAs  COTS Validation prior to election through Industry vetting Vitality, Risks
Vitality, Risks
 Common score card approach
Assessing Implementations
Performance Based  Reusable creditation & accreditation Reward Value
Reward Value
Acquisition (increm ents)
(increments)  Testing and Validation on Capabilities & Past Performance
& Past Performance
 User Acceptance Testing

Certification and  Validation of Capabilities Delivered Assure Timely
Assure Timely
Accreditation  Portfolio Management of Capabilities delivered and gaps
Transition
Transition

Predictable Outcomes

Resource Considerations for Innovation
Research & IT Acquisition support
Partner Type FFRDC User Standards Non-profit Consultants, Innovators, System
Groups, development Research IV&V, A&AS Tech Mfg, Integrators
SDLC Communitie orgs, trade Institutes, Firms Open Source
Phase s of associations UARCs
Practice

Requirement, Only when no OMB Lines of SDOs = Primary Provide Conflict Limited access Great source for FAR OCI Rules
Gap Analysis other company Business offers driver for open free structure to industry customer use limit participation
can support Critical Role systems. Conflict and economies lessons learned. cases, lessons
(4). (6,7) free structures of scale (2,6) learned.
(2,3)

Architecture Only when no Agency CxOs Provide standards Principle source Primary source FAR OCI rules FAR OCI rules
and Planning, other company provides critical of practice, not of expertise of expertise limit participation prohibit direct
can support guidance (2, 3) support support
Mkt Research (4)

PMO & IV&V Only when no Not inherently Assess to Optimized for Key role FAR OCI rules FAR OCI rules
Support other company governmental standards of this area prohibit prohibit
can support practice of participation participation
(4) suppliers

Solution Forbidden if Not inherently Assess to Support role, Support role Provide Primary
Engineering available from Governmental potential suppliers provide process developmental partnership area
other sources already in market standards,
(4) lessons learned

Solution Forbidden, Not inherently Potential OCI, Potential OCI, Internal IV&V for Provider of key Primary
development may not Governmental objectivity Lack Resources Prime contract technologies partnership area
develop & Expertise reduces risk.
& integration
material
solutions (4) ICHnet.org Company Confidential

Past Performance = Assured
Outcomes
Where AAM and IT-AAC have proven: better, faster, cheaper

Navy: Assessment of AFLOAT Program – USAF: Streamlined COTS Acquisition USAF: Full application of AAM Modules
CANES SOA & Security Strategy Process. Applied to Server Virtualization. For eFOIA (KM)
Contact Value: $350k Contract Value: $500k Contract Value: $150K
Eliminated hi-risk Requirements by Established optimal arch with ROI of Completed AoA, BCA, AQ Selection
23%, $100Ms in potential savings 450% & $458 million savings in just 4 months.

USMC: Solution Architecture, AoA and GSA: Financial Mgt System consolidation BTA: Build out of AAM into BTA IT360,
BBA for Cross Domain, Thin Client using AAM. with two completed Pilots
Contract Value: $300k Contract Value: $500k Contract Value: $300kM
Greatly Exceeded Forecasted Saving Moved FMS from OMB “red” to $300 million in potential savings with
in both analysis and acquisition “green”. Eliminated duplicative minimal investment
investments that saved $200M

BTA: Apply AAM to complete AoA and GPO: Developed Acquisition Strategy for JFCOM: MNIS Evaluation of Alternatives
BCA for DoD SOA Project Future Digital System FDSys for Cross Domain Solutions
Contract Value: $250k Contract Value: $150k Contract Value: $350k
Reduced pre-acquisition cycle time Led to successful acquisition and Evaluated 100’s of Options in 90 days,
and cost of Analysis by 80% implementation on time, on budget enabling stake holder buy in and
(4 months vs 18) and 80% cheaper than NARA RMS source selection.

“we believe that it is necessary to develop a comprehensive set of metrics to give transparency to program execution,
avoid subjective judgment, and avoid the wasting of time in both executing commands and in oversight offices. This is
consistent with the fundamental recommendations of the Packard Commission and Secretary Robert Gates’s initiative
to eliminate inefficiency and waste.” PARCA-RAND Root Cause Analysis of Nunn-McCurdy Breaches

BACKUP

Fortune 100 SOA/Cloud Benchmarked
Best Practices and Lessons Learned
OSD HA SOA Implementation Best Practices

14

What is SOA/Cloud
A Fortune 100 User Perspective

SOA is about the Business: An architectures style and enterprise governance
structure for communicating business needs and measurable service agreements
associated with shared enterprise technology services.

SOA is not about Technology, Cloud is the Implementation Side of SOA!
SOA concepts can be operationalized with almost any technology; Web Services, COBAL, ISB, JAVA, RDB,
WSDL, UDDI, etc… But focusing on technology & Standards is a common failure/anti-pattern

15

Six CSFs for SOA/Cloud Transformation
that ICH can Assist you in achieving Success

To establish an SOA/Cloud Leadership must address six critical success factors;
1. Establish common requirements and capability development methods that remove
ambiguity and over specification. Consider adoption of Capability Assessment
Method refinement.
2. Revamp current Architecture Governance and Solution Engineering processes that
drive a technology neutral SOA paradigm in automating Business Process and
Infrastructure Capabilities. This requires access to commercial expertise and best
practices.
3. Adopt SOA enabled methods that drive Reusable & Standardized Solution
Architectures, Performance Metrics and Assessment Results. Reuse can
significantly reduce cost, risk and cycle times.
4. Adopt a standardized data interoperability framework the establishes a common
vocabulary and standards of practice established within a true public/private
partnership.
Weapons Systems Style Processes doesn’t work for
5. Leverage public/private partnership structure and Solution Architecture Working
IT or SOA
Group approach that will establish standards of practice for community adoption
and criteria for assessing the business fit of COTS, GOTS and Open Source
Solutions.
6. Establish collaborative mechanisms by which practitioners, non-traditional
Weapons Systems Style Processes doesn’t work for
suppliers, innovators, standards bodies and communities of practice can
participate. IT or SOA
16

Cloud Key Impact Areas
Each must be re-oriented towards Services/Outcomes

– Governance: Most Critical, Senior Mgt have Iron Fist on Common Data Model and Infrastructure
services. Funding control is paramount.
– Enterprise Architecture (EA): DODAF lacks Business Outcomes, COTS/Open Source
Assessments and Performance Metrics. EHR EA efforts must be complimented with Bottom up
Solution Architecture Views and Service Level Agreement (SLA) linkages. Using OMB’s FEA
PMO would better enable VA architecture alignment
– Document and assess your current portfolio of IT Capabilities in a Services/Value Context.
Leverage your current investments and licences.
– Shift Requirements focus to Capability & Service Component outcomes and measures.
– Evaluating IT (COTS) in a Services and Capability context: View IT for what business and
infrastructure services are provided vs technology/standards focus.
– Assessments (TA, AoA, Market Research, JCIDS, DODAF): Must have a bottom/service view of
COTS/Open Source that drives decisions
– Key SOA Standards (process and technology), BPM, BPEL, AAM, FEA PMO Reference Models.
– Key Technology and Approaches: Focus on Measures of Effectiveness (MOE) and SLAs
– Security and ID Mgt Decisions also must be addressed early on at each level of architecture
decomposition.
– Certification and Accreditation (C&A) and Testing considerations must be incorporated into the
Acquisition Lifecycle.

17

The Desired Outcome – Agility Through
Design- Time & Real-Time SOA with Active Policy Enforcement

Runtime Infrastructure Components Model
of the CANES SOA Reference Architecture

Messaging Services

Mediation Services

Management
Services

Discovery Services

Security Services

Presentation
Services

Real Time and Non-
Real Time Services

Machine-Machine enforcement
18

SOA/Cloud Success is Predicated
on Common Service Infrastructure

19

A 10 Company Distillation of
Best Practices

Best Practice Number 1: To succeed at SOA: align with your
organization’s leadership by building services that are tightly coupled with
the organization’s most important goals.

Best Practice Number 2: Services must be easy to find and understand.
Those who do use them must be rewarded.

Best Practice Number 3: Ensure that services are well documented
and widely publicized.

Best Practice Number 4: The SOA must allow data to flow from one
end of the enterprise to the other with its meaning intact and in a secure
fashion.

Best Practice Number 5: Don’t build SOA. Solve a business problem ….
Agility and cost saving will follow. This ancillary to Best Practice 1. Build
from within.

20

Recommendations to the FEDS
IT-AAC is organized to help implement these CSFs

1. Focus on a major problem and let a SOA approach evolve from that problem.
2. Determine what is a good service and enforce it
3. Don’t start till your metadata is defined … you will never recover
4. Use strongly enforced data policy and active governance policy enforcement to create
machine-machine mechanism for a real-time SOA needed in the Afloat program
5. Reuse as much as possible from legacy (do not start from scratch)
6. Determine how services are to built for the OSD HA, you cannot assume separate
funding will achieve enterprise SOA service components and pay for themselves
during the life-cycle
7. Create and fund service component owners who’s customers will be the function al
application owners
8. Build service domain that cover large major functions and not an array of small
service components (subroutine-like; remember FEDEX has only 12)
9. Learn how to accredit a reusable service component, possibly from enclave testing
policy.

21

What IT-AAC Proposes in first 3
months
to operationalize IC ITE
1. Engage in contract to tap IT-AAC coalition of public service partners: tap alternative resources and
expertise to provide critical resource support to the SD, Task Force and Services to guide successful
implementation of Sec804 in terms of process, culture, incentives and mentoring. Leverage a network of non-
profits and experts committed to achieving lasting IT Acquisition Reform.
Phase 1
Phase 1

2. Use IT-AAC as an IPT for establishing consensus and gaining buy-in among key stake holders. Use IT-
AAC collaboratory to support AF requirements in meeting Sec 804 Implementation Deadline. “804 Solution” must
address weakness of all acquisition lifecycle processes; requirements (JCIDS), architecture (DoDAF), tech
assessment (TRL), acquisition strategy, source selection, decision analytics (oversight).

3. Conduct Readiness Assessment & Root Cause Analysis: of current acquisition ecosystem (processes,
culture, acqu resources and incentives) with public/private partners. Conduct impact assessment and cost of
maintaining status quo. Establish Critical Success Factors.
Phase 2
Phase 2

4. Repurpose Existing Benchmark of SOA/IT Acquisition Best Practices: Benchmark existing
innovative/industry IT Requirements, Architecture, Assessment & Acquisition practices, approaches, processes,
processes standards that have already been proven in the market. Reduce cost and risk of “build from scratch”
or “reshaping broken processes”. Identify high risk programs where new processes can be piloted.

5. Pilot Agile Acquisition Methods that operationalize NDAA Section 804, HR 5013 process implementation,
training and piloting of the new IT Acquisition process. Mentor high profile IT programs ( who are already looking
Phase 3
Phase 3

for change) through new 804 process; TMA’s EHR, DEEMs, Army FCS, DISA NECC, AF SOA, etc.

6. Roll out process training and program mentoring in partnership with NDU, DAU, ICH and SEI. Build out
DAU’s IT Clearinghouse to capture benchmarked industry best practices and proven innovations of the market.

“If confirmed, I would review the implementation of Section 804 and make any necessary recommendations for improvement. I believe many of the challenges in the past
were the result of factors such as inadequate technical maturity, undisciplined or poorly understood requirements, poor configuration management practices, the lack of
disciplined and mature software development processes, and shortages of qualified people.” Honorable Frank Kendall, OSD ATL

On-going Support Activities needed
for Sustainable IT Acquisition
Effectiveness
1. Workforce Empowerment: Establish robust IT Leadership Training and Mentoring program that
builds on DAU/IT-AAC Partnership. Build out Best Practices Clearinghouse with reusable
People
People

acquisition decision templates and solution architectures already proven in the market

2. Continuous Leadership Roundtables: directed at sharing lessons learned, gaining trust,
exposing best practices and improving stake holder communications.

3. Industry Benchmarking and Innovation Research: Closing the knowledge gap. Baseline real
Technology
Technology

world metrics and service levels. Leveraging ICH’s deep network of experts and expertise not
available from traditional sources. (the realm of the possible).

4. Standards of Practice: Benchmarked IT infrastructure/Cloud design patterns and associated
metrics that can be readily adopted to mitigate decision risks

5. Implement Agile Acquisition: Refresh SLDC processes and policies that are derived from proven
practices & tuned for the fast paced IT market. Establish stake holder roles and responsibility that
assure continuous monitoring and feedback.
Process
Process

6. Knowledge Management: Establish continuous Innovation Research and lessons learned
exchanges that break down organizational stove pipes and enable info sharing.


IT-AAC = Sustainable IT
Reforms
Agile Acquisition, Standards & Innovation Research

The IT-AAC is uniquely positioned to drive sustainable IT Reforms;

 Embrace of Open and Agile IT Acquisition frameworks (per DSB report) already proven to meet
challenges of the fast paced IT market (AAM is the only conforming to-date)

 Dynamic access to evolving commercial innovations, implementation best practices and lessons
learned (CCA), outside the reach of the Defense Industrial Complex

 A bottom up view of commercial capabilities that feeds the requirements process, (realm of the
possible) to prevent over specification and costly custom development.

 Means of deriving SLAs from both Measures of Effectives and Standards of Practice, critical to
managed services, capability based acquisition and service level management.

 Means of empowering and educating IT Program Management workforce via time proven expertise,
tapping a wide range of gray beards with no inherent conflicts of interests.

“To decrease risk in source selections, the DoD will follow proven commercial processes,
increasing the emphasis placed on past performance and experience on prior government and
commercial efforts in selecting IT providers.” DepSec Bill Lynn on Section 804 Implementation Plan

It aac defense-it-cloud2013

More Related Content

What's hot (17)

Viewers also liked (17)

Similar to It aac defense-it-cloud2013 (20)

More from John Weiler (10)

It aac defense-it-cloud2013