CIO Council to push tech standards

A CIO Council committee, with help from several agencies involved in President Bush's e-government agenda, plans to release a report soon recommending that all divisions of the federal government use certain technical standards as they build new computer systems and applications.

The potential benefits of using such standards include greater interoperability among systems, lower total cost for computer systems through bulk purchasing and centralized support services, and perhaps even a reduction in the number of systems governmentwide as agencies with similar business requirements team up on projects.

The recommendations are expected to be released in draft form by the end of this month, according to Lee Holcomb, chief information officer at NASA and co-chairman of the CIO Council's Architecture and Infrastructure Committee, which oversees the group drafting the standards. The recommendations will be the latest product from the CIO Council in its ongoing effort to promote the use of enterprise architecture (EA) plans among agencies.

EAs, mandated by the Clinger-Cohen Act of 1996, resemble regularly updated blueprints that spell out the connection between an agency's business operations and the information technology systems that can support those missions most cost-effectively. Until now, however, individual agencies have gone it alone when developing EAs and outlining the technical ingredients in them.

"This is the first time at the federal level where we are driving down to areas [in the EA framework] to suggest standards to facilitate solutions that can be made common across a wider set of federal organizations," Holcomb said.

Holcomb expects that the standards will first be used in the 23 e-government projects in the Bush administration's management agenda, which aims to improve service to the public and promote cross-agency collaboration and more efficient IT spending.

The CIO Council made its first major foray into the EA arena about two years ago when it published the Federal Enterprise Architecture Framework, a model for organizing and maintaining an EA that several agencies use. The council followed up the formal framework with a manual oriented toward hands-on involvement called "A Practical Guide to Federal Enterprise Architecture."

The new standards recommendations will fit into an important lower-level component of the EA framework typically called the technical reference model (TRM). When an agency has an EA in place, project development teams can look to the TRM for guidance on how to build new systems, ensuring some consistency across a department and, ideally, across government.

Holcomb said some of the standards included in the first draft will cover areas such as user interface and security. They will be drawn from existing open standards, such as the Open Systems Interconnection model — an internationally recognized set of technical specifications — as well as from competing commercial standards that are also widely used.

"The United States government, by being [bigger than any single private company], can send a signal to industry that this is where we see the architecture going in the future," Holcomb said.

Because compliance is not required, the ultimate success of the standards recommendations hinges on whether agencies choose to follow them.

"The biggest problem this document will have is governance — how much can you dictate across the whole federal government the use of any of these," said Ray Beamer, senior principal scientist with Mitre Corp., which assisted with several agency EA programs. "Short of legislation, like Clinger-Cohen, most of these documents are more guidance or suggestive in nature."

Without teeth behind them, the recommendations will be severely handicapped, said Scott Bittler, vice president of enterprise planning and architecture strategies services at the META Group Inc. But the payoff for following the standards can be high, such as simplifying government IT systems and building systems that are easier to integrate, which creates more value.

Bittler also said that setting standards does not imply that federal agencies must jettison older, noncompliant systems and "migrate to the new systems in a week."

"You have to separate the notion of how fast you get there vs. what's the preferred choice," he said. "What this does is it stops the bleeding, because it says for any new initiatives, you'll use these standards."

***

Yardsticks for new systems

The technical standards that the CIO Council will recommend in a forthcoming report will address areas such as:

User interfaces. To ensure that citizens can easily access government information using common computer equipment, the recommendations will call for Web interfaces that use standards such as HTML, Extensible Markup Language and Java.

Security. To enable interoperability among government security systems, the recommendations will endorse the X.509 standard for digital certificates.

Featured

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

  • Comment
    Pilot Class. The author and Barbie Flowers are first row third and second from right, respectively.

    How VA is disrupting tech delivery

    A former Digital Service specialist at the Department of Veterans Affairs explains efforts to transition government from a legacy "project" approach to a more user-centered "product" method.

  • Cloud
    cloud migration

    DHS cloud push comes with complications

    A pressing data center closure schedule and an ensuing scramble to move applications means that some Homeland Security components might need more than one hop to get to the cloud.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.