Coming in 2016: Cloud legislation
- By Aisha Chowdhry, Adam Mazmanian
- Dec 22, 2015
Despite pressure to modernize, agencies are still spending about 80 percent of their IT budgets maintaining old systems. A new bill, still in the planning stages, seeks to make it easier for agencies to move to the cloud in terms of both financing and obtaining authority to operate for commercial cloud systems.
Sens. Jerry Moran (R-Kan.) and Tom Udall (D-N.M.) are teaming up to sponsor the Cloud Infrastructure Transition Act of 2015. The bill would give new authority to the Federal Risk and Authorization Management Program (FedRAMP) to speed accreditation of commercial providers, establish a framework for the federal CIO to set up working capital funds for IT modernization and task agencies with strict reporting requirements designed to expose their reliance on obsolete technology.
Former House staffer Rich Beutel, who helped draft the Federal IT Acquisition Reform Act, is advising current Senate staffers on the bill.
"It started out as Son of FITARA," Beutel told FCW.
Lawmakers and staffers wanted to build on the success of the 2014 legislation with some ideas that didn't make it into the final bill. Eventually, a common theme emerged around cloud and modernization. Beutel said the new bill's backers hope it will "help agencies find the resources necessary to get off the old junk and move to new systems, which have cybersecurity built in by design."
The funding piece is designed to solve a key impediment to IT modernization: the appropriations cycle. It's tricky to set aside money to update legacy applications and move them into the cloud while still paying the operations and maintenance costs of an old system. The problem is compounded by the way appropriations are handled -- through continuing resolutions and last-second funding bills. An agency that bets on a modernization plan could find itself with no money to keep its existing systems in business during the key transition period.
"You need a bridge," Beutel said.
Although a draft bill isn't ready for stakeholder input, FCW did look at a section-by-section summary. Under the plan, the Office of Management and Budget would administer a fund that allows agencies to pursue multiyear modernization plans. The idea could be a tough sell because congressional appropriators don't particularly like flexible funding mechanisms that operate outside their control. One potential sweetener is the idea that agencies would be replenishing the fund with any savings realized by the move to the cloud.
The FedRAMP revamp in the bill is designed to legislate operational fixes to the program office with the goal of finding a way to increase the program's bandwidth. Right now, agencies can award a provisional authority to operate to cloud service providers, but those approvals don't mean much until the FedRAMP program office gives a provider a seal of approval to operate governmentwide. But the line of agency-approved CSPs is creating something of a logjam.
One idea to speed the process is to take authority to grant provisional authorizations away from agencies and have FedRAMP do the job on a fee-for-service basis. Fast lanes for CSPs that have their applications in precise order are also being contemplated.
In a way, Moran and Udall are stealth fighters for IT reform. Back when FITARA was flagging in the Senate in 2013, they offered a bill from their appropriations subcommittee that duplicated the CIO authority measures contained in a version of the bill that had passed in the House several times. Their efforts helped induce leaders on the Senate Homeland Security and Governmental Affairs Committee to work with their House counterparts on the Oversight and Government Reform Committee to move the bill.
Although FITARA didn't become law then, it ended up passing in the fiscal 2015 National Defense Authorization Act. Neither lawmaker supplied comments to FCW about the new bill.
The multiyear path of FITARA from committee meeting rooms to statute gives an idea of what's involved in passing a bill that affects $80 billion in federal spending. Once the bill is in draft form, it will be circulated for comment from stakeholders in industry and government. Although there's a long way to go, Beutel said he's confident of bipartisan support for the measure and expects it to be the main legislative push in 2016 on the IT reform front.
Aisha Chowdhry is a staff writer covering Congress, the State Department, the Department of Veteran Affairs and the Department of Homeland Security.
Prior to joining FCW, Chowdhry covered foreign policy for CQ Roll Call. Her overseas work prior to that took her to Pakistan and Afghanistan. She has worked as a correspondent for Reuters based out of Islamabad. Chowdhry has also worked at the CBS affiliate in Washington as a multimedia journalist. She began her career as a freelance reporter for USA Today and covered stories from conflict zones. Her work has appeared in the New York Times, Foreign Policy, and Voice of America, among others.
Chowdhry received her masters in broadcast journalism from American University in Washington, D.C.
Click here for previous articles by Chowdhry, or connect with her on Twitter: @aishach
Adam Mazmanian is executive editor of FCW.
Before joining the editing team, Mazmanian was an FCW staff writer covering Congress, government-wide technology policy, health IT and the Department of Veterans Affairs. Prior to joining FCW, Mr. Mazmanian was technology correspondent for National Journal and served in a variety of editorial at B2B news service SmartBrief. Mazmanian started his career as an arts reporter and critic, and has contributed reviews and articles to the Washington Post, the Washington City Paper, Newsday, Architect magazine, and other publications. He was an editorial assistant and staff writer at the now-defunct New York Press and arts editor at the About.com online network in the 1990s, and was a weekly contributor of music and film reviews to the Washington Times from 2007 to 2014.
Click here for previous articles by Mazmanian. Connect with him on Twitter at @thisismaz.