Defense Department CIO Terry Halvorsen pushed back Tuesday on a recent congressional watchdog assessment of department efforts to create a Joint Information Environment, claiming the report doesn’t fully grasp what the effort is trying to accomplish.
But a Government Accountability Office official told FedScoop its recommendations to develop better program management controls for JIE still stand in spite of Halvorsen’s qualms.
A GAO report published in July and reissued last week recommends the department better define the JIE’s scope and develop a reliable JIE cost estimate and baseline, schedule, and schedule management plan.
The department has tried to tell GAO the JIE is a concept, not a program, and should be evaluated by its components rather than as a whole, Halvorsen told reporters, noting he could “very clearly demonstrate to them and measure the components like [Joint Regional Security Stacks].”
“This is some education and I’ll take the hit,” he said at a media roundtable at the Pentagon. “Obviously we did not do a good enough job in educating GAO about the difference of what JIE was as a concept.”
Michael Holland, assistant director for information technology acquisition management issues at the Government Accountability Office, told FedScoop the GAO “had a lot of discussions with the DOD CIO and others about what JIE is and isn’t.”
“We understand that DOD does not consider JIE to be a program. DOD has very specific definitions of what a program is and what a program of record is, and we’re not questioning their decision, for example, to not consider JIE a program of record,” Holland said. “But in our assessment, the JIE does meet the standard definition of a program as described by the Project Management Institute.”
He added that implementing the GAO’s recommendations would improve JIE “management and accountability.”
Halvorsen said Tuesday, “I think the piece that is really hard for, if you’re not in this business, to understand — if you read the GAO report it really talked a lot in acquisition like well why isn’t JIE a single program? It can’t be a single program. And frankly if you made it a single program it would fail.”
Still, Holland said there should be better management practices around the effort.
“You know managing JIE consistent with these program management practices doesn’t suggest that JIE is a single monolithic entity,” he said. “Programs can include a variety of related projects and activities that can each include definite beginning and end dates that can all be managed under that larger program.”
The report also cites recommendations made by DOD’s own Office of the Director, Operational Test and Evaluation to improve the way leadership oversees JIE cost and schedule, Holland noted.
“The Director of Operational Test and Evaluation has also made similar recommendations in the area of cost and schedule management for JIE,” he said. “So we’re not the only ones saying this.”
When JIE was first launched, the department was not clear enough that it is not a program, Halvorsen maintained. “It’s a concept that says I want to get to this environment.”
“If you tried to do JIE as one of our standard programs my own suspicion is what you’d end up with is something that was out of date the beginning you fielded it,” he said. “So you have to do, in my mind, and this is what industry tells me to do too so this isn’t just me… what we’ve done with JRSS and [Mission Partner Environment] is field it using industry best practices.”
The report also provides recommendations specific to the JRSS, Holland pointed out. For instance, it says officials should develop a strategy and schedule to transition JRSS to the Risk Management Framework, and develop a reliable cost estimate and baseline for the effort. The JRSS seeks to replace about 1,000 legacy network security stacks with 48 standardized stacks at 25 locations, according to the GAO.
Halvorsen said the department is still testing and evaluating JRSS.
“I think they were looking for a different acquisition answer that doesn’t exist,” he said.