Presentation is loading. Please wait.

Presentation is loading. Please wait.

Implementing Risk-based Oversight (RBO) Experiences during a 2 year Pilot of 10 DoD IT Programs Leonard Sadauskas.

Published byJulius Hicks Modified over 8 years ago

Similar presentations

Presentation on theme: "Implementing Risk-based Oversight (RBO) Experiences during a 2 year Pilot of 10 DoD IT Programs Leonard Sadauskas."— Presentation transcript:

1 Implementing Risk-based Oversight (RBO) Experiences during a 2 year Pilot of 10 DoD IT Programs Leonard Sadauskas

2 5-10-2004Leonard Sadauskas2 Objective To present risk-based oversight as an alternative process for assigning acquisition decision authority for information technology investments A successful implementation of risk-based oversight can be expected to: Shorten the time-to-market Increase acquisition visibility to all oversight actors Revitalize agency software acquisition improvement efforts Improve the quality of the product

3 5-10-2004Leonard Sadauskas3 Content of this Presentation Describes the motivation for Risk-based Oversight (RBO) Defines the essential RBO elements Reports on DoD RIT Pilot experience implementing RBO

4 5-10-2004Leonard Sadauskas4 Today’s IT Investment Climate President’s agenda: Freedom to Manage E-Gov initiatives crossing Agency lines Different needs in post-911 era Web technologies enable high tempo of service provisioning –Outrunning traditional acquisition processes

5 5-10-2004Leonard Sadauskas5 Alignment of Agency Oversight Actors Component Agency SAE PEO PMO CMAK Headquarters Agency IG T&E CFO CIO SAECAA CMA IG T&E CFO CIO CAA

6 5-10-2004Leonard Sadauskas6 Agency Oversight Options Threshold-based Oversight Risk-based Oversight

7 5-10-2004Leonard Sadauskas7 The DoD IT $ Threshold Model IT/NSS Investment Threshold (T) $32M year / $126M Acquisition / $378M LCC < T> TSpecial Component HQ or Delegated TBD Location of Decision Maker

8 5-10-2004Leonard Sadauskas8 Risk-based Oversight A working definition: –A process for determining the appropriate level of oversight and insight for an investment –Based on the aggregate risk of the investment and the capability of the acquiring organization to manage the risk

9 5-10-2004Leonard Sadauskas9 The RBO Model

10 5-10-2004Leonard Sadauskas10 Benefits of RBO Sets decision responsibility at the lowest appropriate level –Can reduce cycle time –Likely to improve the product Provides incentive for continuing increase of PEO/PMO investment capability: –More investments move from oversight to insight Reduces the overhead of the investment Frees HQ oversight assets to focus on – Strategic and transformational issues –Coaching subordinate organizations Strengthens institutional capabilities Shifts balance from checking to coaching

11 5-10-2004Leonard Sadauskas11 Motivation to RBO The $ threshold criteria model lacks coverage –FY 02 Federal IT budget $45B –FY 02 DoD IT budget $24B (plus internal weapons NSS ) –DoD has 5000+ mission critical/essential IT systems –DoD $ threshold based oversight visibility: 40 IT Systems 149 Other acquisitions containing National Security Systems OMB decision to review all IT investments over $1M RBO enablers are maturing –Enterprise Architecture: OMB, DoD –Portfolio Management Directive –Adoption of network-centric operations and infrastructure Positive results during a 2 year RBO pilot of 10 programs

12 5-10-2004Leonard Sadauskas12 Essential RBO Elements 1. A clear understanding of desired investment outcomes and their measure –Calibrates the RBO process 2. Institutionalized risk assessment and management at all levels of the agency 3. Provisions for insight into selected investment information sets by HQ 4. Process for assessing PEO/PMO capability 5. Organizational support for capability improvement 6. A trusting relationship between corresponding HQ and Component oversight actors

13 5-10-2004Leonard Sadauskas13 RIT Pilot Experience For each of the six essential RBO elements, this section; –Describes the essential element –States the RIT Pilot Experience/Results

14 5-10-2004Leonard Sadauskas14 1. Clear Understanding of Outcomes IT investment outcomes are stated by the investment sponsor in quantitative and qualitative terms and are collectively called Measures of Effectiveness –In DoD the MOEs are found in the Initial Capabilities Document (ICD) The MOEs are measured in a Post Implementation Review to determine the extent to which the desired outcome was achieved

15 5-10-2004Leonard Sadauskas15 1. Calibrating the RBO Outcomes Statement MOEs AcquisitionSustainment PIR Risk-based Oversight

16 5-10-2004Leonard Sadauskas16 1. Pilot Results Proved to be a difficult task Sponsors have been writing general needs statements and passing much of the functional solution analysis to the PMO Investment outcomes were generally equated with system outputs Has required significant policy and outreach effort to effect change Early PIR results positive

17 5-10-2004Leonard Sadauskas17 2. Institutionalized Risk Management The Planners, Acquirers and Users communicate in a Risk oriented language The aggregated risk assessment includes: –Program requirements –Program resources –Program execution –Alignment with Vision –Program advocacy Risk considerations are a part of all program decisions

18 5-10-2004Leonard Sadauskas18 2. Pilot Results At start of Pilot, risk not institutionalized –Few PMOs with effective risk processes –PMO risk management plan relegated to K –Top 5-10 worked others dormant –Component oversight staffs not risk oriented After 2 years all 10 talk the talk and walk the walk Brought clarity to risk management

19 5-10-2004Leonard Sadauskas19 3. Insight Into Program Information Hypothesis: –Headquarters can adequately carry out their responsibilities through insight into the normal PEO/PMO work products Transformation from system-centric to net- centric enterprise services provides the technology and data standards to make insight feasible and available on the desktop

20 5-10-2004Leonard Sadauskas20 3. Pilot Experience Simulated the subscriber pull of investment information with two management systems: –The Army Acquisition Information Management (AIM) system –The Air Force Portal mounted System Metric and Reporting Tool (SMART) Enabled Portal supported decision process Shows promise when implemented Information pull requires a cultural change in oversight work flow

21 5-10-2004Leonard Sadauskas21 4. Assessing PEO/PMO Capability Strategy for assessments based on –Available assessor resources –80% solution –Consider impact on PMO Assessment design –Mini-assessments of 3 days on site –Four person teams 3 HQ + 1 PMO for continuity –Six week lead time –PMO selected process areas to reflect acquisition needs –Typically 14-17 areas assessed –Out-brief of strengths and improvement opportunities

22 5-10-2004Leonard Sadauskas22 4. Quality Management System Selection Select a quality management system that addresses: – software acquisition and systems engineering Pilot started with SEI’s SA-CMM ® but found some PMOs served as integrators Pilot settled on the FAA-iCMM ® Integrates SD, SA and SE into one architecture Matches up well with Contractor CMMI ® CMMI ® Module for Acquisition released

23 5-10-2004Leonard Sadauskas23 4. Pilot Results Initial assessments supported continued delegation of 6 programs, 2 did not participate and 2 are pending Post Pilot reviews by HQ oversight organization underway –Delegation confirmed for 3 PMOs reviewed Bonus: Mini-assessments uncovered a rich source of candidate best-practices

24 5-10-2004Leonard Sadauskas24 5. Organizational Support for Process Improvement Assessment of the situation: –Many Agencies require Kr to maintain quality – Few Agencies require quality in PEO/PMO –Studies show benefits of a Kr-PMO quality match Vital for sustaining the PMO benefits pump During the Pilot, Congress mandated DoD to adopt a SW Acquisition Improvement Program

25 5-10-2004Leonard Sadauskas25 5. Notional Quality Management System 3 rd Party Auditors 1 st Party Internal Auditors 2 nd Party Auditors Certification to Quality Standard Quality Assessment Quality Maintenance REGISTRARS Agency PEO/PMO Auditor Auditors Agency HQ Auditor Auditors

26 5-10-2004Leonard Sadauskas26 5. Pilot Experience Found vestiges of many past efforts Quality programs appear to be personality driven and recede with new administrations GAO survey of SW Acquisition capability using SA-CMM served as stimulus Congressional mandate for SW Acquisition Improvement not yet visible RBO Pilot experience supports benefits of a Kr – PMO quality match

27 5-10-2004Leonard Sadauskas27 6. Trusting Relationship Between Corresponding Oversight Actors Essential for each pair of actors to establish trust for RBO benefits to be realized HQ actors must be able to operate on an exception basis –Each understands their roles –HQ actor knows the capability of the Component’s oversight organization –HQ is confident that RBO delegation has not increased risk of the investment Trust but verify is the accepted standard

28 5-10-2004Leonard Sadauskas28 6. Pilot Experience and Summary HQ culture does not engender mutual trust Lack of trust increases the HQ workload Opportunity for culture change is here –Congressional mandate to reduce overhead of investments is reducing oversight staffs –Shift to strategic force capability orientation bringing about HQ portfolio management RBO can free HQ to manage at the portfolio level and coach the Component oversight and investment actors to win

29 Questions ?

Download ppt "Implementing Risk-based Oversight (RBO) Experiences during a 2 year Pilot of 10 DoD IT Programs Leonard Sadauskas."

Similar presentations

Develop an Information Strategy Plan

Develop an Information Strategy Plan
BENEFITS OF SUCCESSFUL IT MODERNIZATION

BENEFITS OF SUCCESSFUL IT MODERNIZATION
9 th Annual Public Health Finance Roundtable November 3, 2012 Boston, MA Peggy Honoré.

9 th Annual Public Health Finance Roundtable November 3, 2012 Boston, MA Peggy Honoré.
Dr. Julian Lo Consulting Director ITIL v3 Expert

Dr. Julian Lo Consulting Director ITIL v3 Expert
Enterprise Architecture. 2 Agenda What is Enterprise Architecture (EA)? Roles in EA? Why is EA Important? Tangible Benefits from EA? What Do We Need to.

Enterprise Architecture. 2 Agenda What is Enterprise Architecture (EA)? Roles in EA? Why is EA Important? Tangible Benefits from EA? What Do We Need to.
Developing Information Security Policy. Why is Developing Good Security Policy Difficult? Effective Security/IA Policy is more than locking doors and.

Developing Information Security Policy. Why is Developing Good Security Policy Difficult? Effective Security/IA Policy is more than locking doors and.
Connecting People With Information DoD Net-Centric Services Strategy Frank Petroski October 31, 2006.

Connecting People With Information DoD Net-Centric Services Strategy Frank Petroski October 31, 2006.
A Presentation for the Enterprise Architect © 2008 IBM Corporation IBM Technology Day - SOA SOA Governance Miroslav Petrek IT Software Architect

A Presentation for the Enterprise Architect © 2008 IBM Corporation IBM Technology Day - SOA SOA Governance Miroslav Petrek IT Software Architect
IT Governance Navigating for Value Michael Vitale 6 May 2003 CIO Conference Steering the Enterprise Through Stormy Seas Image source: Access2000.

IT Governance Navigating for Value Michael Vitale 6 May 2003 CIO Conference Steering the Enterprise Through Stormy Seas Image source: Access2000.
Contractor Assurance Discussion Forrestal Building Washington, D.C. December 14, 2011.

Contractor Assurance Discussion Forrestal Building Washington, D.C. December 14, 2011.
IT Governance and Management

IT Governance and Management
Investment Management Concepts Portfolio Management | Segment Architecture March 25, 2009 Adrienne Walker and Kshemendra Paul

Investment Management Concepts Portfolio Management | Segment Architecture March 25, 2009 Adrienne Walker and Kshemendra Paul
Capability Maturity Model

Capability Maturity Model
Guiding principles for the Federal acquisition system

Guiding principles for the Federal acquisition system
Uncovering the Promise of Faculty Success Online Lawrence C. Ragan, Ph.D. Penn State’s World Campus NERCOMP Boston 2005.

Uncovering the Promise of Faculty Success Online Lawrence C. Ragan, Ph.D. Penn State’s World Campus NERCOMP Boston 2005.
© 2011 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

© 2011 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.
Integrated Capability Maturity Model (CMMI)

Integrated Capability Maturity Model (CMMI)
Org Name Org Site CMM Assessment Kick-off Meeting Dates of assessment.

Org Name Org Site CMM Assessment Kick-off Meeting Dates of assessment.
Test Organization and Management

Test Organization and Management
6/20/2005RBG Brief to QDR1 Presentation of Recommendations from the IT Acquisition Management Transformation Rapid Improvement Team (RIT) Pilot Report.

6/20/2005RBG Brief to QDR1 Presentation of Recommendations from the IT Acquisition Management Transformation Rapid Improvement Team (RIT) Pilot Report.

Similar presentations

Ads by Google