The purpose of the new approach is to encourage "agencies to shift away from the bloated, multi-year projects so common in the past to a more nimble approach," Joe Jordan, administrator for federal procurement policy, and Steven VanRoekel, federal CIO, wrote in a post on the White House blog.
Large government IT contracts often have been behind schedule and suffered significant cost overruns, and have not been able to keep up with changing technologies that private sector organizations adopt. Some of the problems have come from elaborate acquisition requirements, others from agencies attempting to impose very specific performance requirements.
The goals of the updated policies include breaking down contracts into more manageable pieces and turning projects around more quickly. VanRoekel and Jordan said the new policies will increase contractors' accountability by requiring more frequent deliverables that meet agencies' requirements. They also will encourage increased competition by putting more projects within reach of small businesses.
VanRoekel and Jordan cited as an example of successful use of modular development the Department of Agriculture's decision to break into individual projects its program to develop software for monitoring grantee performance. In another example, when the USDA created a management evaluation tool for its Women, Infants and Children Program, it modularized its development by specifying that customers could give feedback throughout iterations of the tool's development. "These cycles of information gathering and customer feedback, combined with a manageable project size, helped USDA to successfully deploy its management tool within a year after the contract was awarded--cutting delivery time for end users in half and avoiding the inefficiency of costly rework," Jordan and VanRoekel wrote.
The approach even gave the USDA the ability to expand the tool to other programs "in a matter of months." It is now in place for the Summer Food Service Program and Financial Management Reviews, VanRoekel and Jordan wrote.
Geared specifically toward the federal government, its agencies, and third parties, FISMA is a set of requirements aimed at establishing a baseline level of computer and network security. In our FISMA Lifts All Compliance Boats report, we show that when you reach FISMA compliance, you'll likely be compliant with just about every security mandate out there. (Free registration required.)