By Sean D. Carberry
“For years, Congress, the executive branch and industry have attempted to bring DOD’s IT programs and processes into the 21st Century,” said Rep. Jim Langevin (D-R.I.) at the House Armed Services Committee Emerging Threats and Capabilities Subcommittee hearing.
“Despite attempts like the Joint Information Environment and streamlining of acquisition processes, DOD’s pace to improve its IT posture is not progressing with the desired speed to achieve serious efficiencies, increase security, and take advantage of enhanced capabilities that are readily available,” he said.
Recently retired DOD CIO Terry Halvorsen stressed the need for the Pentagon to buy commercial off the shelf IT systems and services in all cases unless a compelling argument is made otherwise.
He and Levine argued that DOD often spends more on customizing commercial products than it did on the original purchase, and that DOD needs to change its culture to accept commercial products.
Halvorsen, who now works for Samsung, said that also means the Pentagon needs to stop doing its own security testing of commercially proven products.
“The security accreditation process is costing both the government and industry lots of money and doing a disservice to … our service members for how long it takes to get those products certified,” he said. He added that Congress should pass legislation allowing the DOD to accept industry accreditation.
Halvorsen also said Congress needs to look at giving the DOD CIO more flexibility to make small purchases to test technology without having to go through a lengthy approval process.
“I had a $37 billion budget,” he said. “Yet I couldn’t authorize a million dollars if I saw great technology to put right on the table. That doesn’t seem to make a lot of sense to me.”
Giving the CIO more flexibility to watch industry trends and make small, targeted purchases would drive rapid acquisition, he said.
Witnesses also acknowledged that while there has been progress in recent years, both through legislative changes and internal reforms at DOD, the Pentagon still has not implemented a 2009 Defense Science Board recommendation to create a distinct IT acquisition system.
“DOD tries to ensure that change management and business process reengineering take place concurrently with new business systems acquisitions, but it has not been easy,” said Peter Levine, former DOD deputy chief management officer.
He said that acquisition officials often lack authority and expertise in business process reengineering, and management officials have “proven to be incapable of running large acquisitions.”
Though, he added that the DOD recently issued new guidance on business system acquisition, which he said was a first step towards a stand alone IT acquisition system.
“This new instruction appropriately sequences for the first time decision points regarding business solutions, IT solutions, and acquisition solutions, so that we don’t have these redundant processes going on side by side,” Levine said.
Panelists argued that another barrier to agile acquisition is the focus on acquisition process compliance rather that prioritizing product outcome and the effectiveness of the financial spend.
When asked how the Trump administration’s buy American policy would affect IT acquisition, panelists warned that such restrictions could be harmful for the DOD.
The focus should be on excluding purchases from high-risk countries, they said.
“There are some U.S. companies I wouldn’t want to buy from, because when you look at their components, they’re all from countries I don’t want,” said Halvorsen.
He said CIOs for allied nations have the authority not to purchase from domestic companies when there are supply chain concerns, and they can turn to companies from other allied nations.
“We ought to have that kind of flexibility to make those decisions when it’s in the best interest of defense,” Halvorsen said.