Congress

Coming in 2016: Cloud legislation

Shutterstock image (by world of vector): cloud in the shape of a money bag with hanging coins.

Despite pressure to modernize, agencies are still spending about 80 percent of their IT budgets maintaining old systems. A new bill, still in the planning stages, seeks to make it easier for agencies to move to the cloud in terms of both financing and obtaining authority to operate for commercial cloud systems.

Sens. Jerry Moran (R-Kan.) and Tom Udall (D-N.M.) are teaming up to sponsor the Cloud Infrastructure Transition Act of 2015. The bill would give new authority to the Federal Risk and Authorization Management Program (FedRAMP) to speed accreditation of commercial providers, establish a framework for the federal CIO to set up working capital funds for IT modernization and task agencies with strict reporting requirements designed to expose their reliance on obsolete technology.

Former House staffer Rich Beutel, who helped draft the Federal IT Acquisition Reform Act, is advising current Senate staffers on the bill.

"It started out as Son of FITARA," Beutel told FCW.

Lawmakers and staffers wanted to build on the success of the 2014 legislation with some ideas that didn't make it into the final bill. Eventually, a common theme emerged around cloud and modernization. Beutel said the new bill's backers hope it will "help agencies find the resources necessary to get off the old junk and move to new systems, which have cybersecurity built in by design."

The funding piece is designed to solve a key impediment to IT modernization: the appropriations cycle. It's tricky to set aside money to update legacy applications and move them into the cloud while still paying the operations and maintenance costs of an old system. The problem is compounded by the way appropriations are handled -- through continuing resolutions and last-second funding bills. An agency that bets on a modernization plan could find itself with no money to keep its existing systems in business during the key transition period.

"You need a bridge," Beutel said.

Although a draft bill isn't ready for stakeholder input, FCW did look at a section-by-section summary. Under the plan, the Office of Management and Budget would administer a fund that allows agencies to pursue multiyear modernization plans. The idea could be a tough sell because congressional appropriators don't particularly like flexible funding mechanisms that operate outside their control. One potential sweetener is the idea that agencies would be replenishing the fund with any savings realized by the move to the cloud.

The FedRAMP revamp in the bill is designed to legislate operational fixes to the program office with the goal of finding a way to increase the program's bandwidth. Right now, agencies can award a provisional authority to operate to cloud service providers, but those approvals don't mean much until the FedRAMP program office gives a provider a seal of approval to operate governmentwide. But the line of agency-approved CSPs is creating something of a logjam.

One idea to speed the process is to take authority to grant provisional authorizations away from agencies and have FedRAMP do the job on a fee-for-service basis. Fast lanes for CSPs that have their applications in precise order are also being contemplated.

In a way, Moran and Udall are stealth fighters for IT reform. Back when FITARA was flagging in the Senate in 2013, they offered a bill from their appropriations subcommittee that duplicated the CIO authority measures contained in a version of the bill that had passed in the House several times. Their efforts helped induce leaders on the Senate Homeland Security and Governmental Affairs Committee to work with their House counterparts on the Oversight and Government Reform Committee to move the bill.

Although FITARA didn't become law then, it ended up passing in the fiscal 2015 National Defense Authorization Act. Neither lawmaker supplied comments to FCW about the new bill.

The multiyear path of FITARA from committee meeting rooms to statute gives an idea of what's involved in passing a bill that affects $80 billion in federal spending. Once the bill is in draft form, it will be circulated for comment from stakeholders in industry and government. Although there's a long way to go, Beutel said he's confident of bipartisan support for the measure and expects it to be the main legislative push in 2016 on the IT reform front.

About the Authors

Aisha Chowdhry is a former staff writer for FCW.


Adam Mazmanian is executive editor of FCW.

Before joining the editing team, Mazmanian was an FCW staff writer covering Congress, government-wide technology policy, health IT and the Department of Veterans Affairs. Prior to joining FCW, Mr. Mazmanian was technology correspondent for National Journal and served in a variety of editorial roles at B2B news service SmartBrief. Mazmanian started his career as an arts reporter and critic, and has contributed reviews and articles to the Washington Post, the Washington City Paper, Newsday, Architect magazine, and other publications. He was an editorial assistant and staff writer at the now-defunct New York Press and arts editor at the About.com online network in the 1990s, and was a weekly contributor of music and film reviews to the Washington Times from 2007 to 2014.

Click here for previous articles by Mazmanian. Connect with him on Twitter at @thisismaz.


Rising Stars

Meet 21 early-career leaders who are doing great things in federal IT.

Featured

  • SEC Chairman Jay Clayton

    SEC owns up to 2016 breach

    A key database of financial information was breached in 2016, possibly in support of insider trading, said the Securities and Exchange Commission.

  • Image from Shutterstock.com

    DOD looks to get aggressive about cloud adoption

    Defense leaders and Congress are looking to encourage more aggressive cloud policies and prod reluctant agencies to embrace experimentation and risk-taking.

  • Shutterstock / Pictofigo

    The next big thing in IT procurement

    Steve Kelman talks to the agencies that have embraced tech demos in their acquisition efforts -- and urges others in government to give it a try.

  • broken lock

    DHS bans Kaspersky from federal systems

    The Department of Homeland Security banned the Russian cybersecurity company Kaspersky Lab’s products from federal agencies in a new binding operational directive.

  • man planning layoffs

    USDA looks to cut CIOs as part of reorg

    The Department of Agriculture is looking to cut down on the number of agency CIOs in the name of efficiency and better communication across mission areas.

  • What's next for agency cyber efforts?

    Ninety days after the Trump administration's executive order, FCW sat down with agency cyber leaders to discuss what’s changing.

Reader comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group