Monday, August 9, 2010

The NGEN RFI Should be Modified

The NGEN RFI of July 2010 states that the most effective means for achieving NGEN objectives will require the execution of the “ITSM Process Improvement and Implementation” processes (par 2.3.1.2). Par 2.4.3.1 also calls for a NGEN contractor to deliver the government prescribed IT Service Management (ITSM) framework.

In July 2010 the DoD Deputy CIO issued a Standard Process Guidance Document that defines ITSM as inclusive of ITIL v3 as well as the ISO 20000 specifications and as well as the Control Objectives for Information and Related Technology (COBIT) requirements.

The description of the Information Technology Infrastructure Library (ITIL v3) is contained in five books: Service Strategy - 257 pages; Service Design - 317 pages; Service Transition - 251 pages; Service Operation - 251 pages and CSI (Customer Satisfaction) - 215 pages.  These books call for an exhaustively detailed documentation of every aspect of NGEN.

The ISO 20000 requirement is an international standard for IT Service Management. It includes SO/IEC 20000-1:2005 specification and prescribes what an organization must do to deliver managed services of an acceptable quality for customers. The scope of comprehensive documentation includes: Requirements for a management system; Planning and implementing service management; Planning and implementing new or changed services; Service delivery process; Relationship processes; Resolution processes; Control processes; and Release processes.

The Control Objectives for Information and related Technology (COBIT) is a set of best practices for information technology management created by the Information Systems Audit and Control Association (ISACA), and the IT Governance Institute (ITGI). COBIT documentation is exhaustive and can be seen as of primary interest to auditors.

ITIL, ISO 20000 and COBIT are often inconsistent and frequently overlap. For instance, each requires formal mapping of features in order to assure coverage.  A contractor would have to reconcile conflicting interpretations of what documentation is required when trying to comply with ITSM processes as dictated by the OSD CIO. The burdens imposed for full ITSM compliance documentation for small IT programs (less than hundred million) would overwhelm their budgets.   In the case of large projects, ITSM will consume a large part of the budget and will generate untold man-hours of revenue to contractors.

Summary 

Applying ITSM only to NGEN will offer essentially program-specific oversight paperwork. That is not desirable under current budget-constrained conditions. The Pentagon is awash with reports that are not actionable. SECDEF Gates announced on 08/09/2010 that the overall number of oversight reports would be cut immediately by a quarter. This should lead to the shrinking of the need for many ITSM processes for large projects and result in a total elimination of ITSM in the case of smaller projects. [Note: The Navy has only 13 projects with budgets >$100 million, 100 projects with budgets >$10 million and 536 projects with budgets <$10 million. Only very large projects can support ITSM documentation].

However, the application of ITSM to NGEN will have to be re-examined anyway. In view of the mandated cost reductions for all information systems, the Navy should proceed to acquire its infrastructure and data management methods not as an NGEN project, but as the basis of the all-embracing Naval Network Environment (NNE) that is interoperable with other DoD components.

NGEN is planning to break this program into separate contracts with separate functions that are not connected to the implementation of a coherent Navy NNE infrastructure. NGEN should be planning for a Navy-wide data management environment, which includes war-fighting applications, logistics, personnel and financial applications and not only limited NGEN solution, especially if NGEN is further broken up into efforts managed by different contractors and dozens of subcontractors. The NGEN July 2010 RFI will have to be modified to de-emphasize ITSM and start addressing the total Navy Enterprise infrastructure design which should serve the Navy's Information Dominance objectives.

Commercial experience shows that an enterprise must have a coherent enterprise-wide design for its entire infrastructure. You cannot make a baby by contracting to different mothers for making the hands, feet, body and the head!

The current RFI cannot deal only with NGEN by using ITIL. It must become seen as a component part of much more encompassing NNE environment.

No comments:

Post a Comment

For comments please e-mail paul@strassmann.com