[House Hearing, 113 Congress]
[From the U.S. Government Publishing Office]



 
WASTING INFORMATION TECHNOLOGY DOLLARS: HOW CAN THE FEDERAL GOVERNMENT 
                   REFORM ITS IT INVESTMENT STRATEGY

=======================================================================

                                HEARING

                               before the

                         COMMITTEE ON OVERSIGHT

                         AND GOVERNMENT REFORM

                        HOUSE OF REPRESENTATIVES

                    ONE HUNDRED THIRTEENTH CONGRESS

                             FIRST SESSION

                               __________

                            JANUARY 22, 2013

                               __________

                            Serial No. 113-5

                               __________

Printed for the use of the Committee on Oversight and Government Reform


         Available via the World Wide Web: http://www.fdsys.gov
                      http://www.house.gov/reform




                  U.S. GOVERNMENT PRINTING OFFICE
79-790                    WASHINGTON : 2013
-----------------------------------------------------------------------
For sale by the Superintendent of Documents, U.S. Government Printing 
Office Internet: bookstore.gpo.gov Phone: toll free (866) 512-1800; DC 
area (202) 512-1800 Fax: (202) 512-2104  Mail: Stop IDCC, Washington, DC 
20402-0001



              COMMITTEE ON OVERSIGHT AND GOVERNMENT REFORM

                 DARRELL E. ISSA, California, Chairman
JOHN L. MICA, Florida                ELIJAH E. CUMMINGS, Maryland, 
MICHAEL R. TURNER, Ohio                  Ranking Minority Member
JOHN J. DUNCAN, JR., Tennessee       CAROLYN B. MALONEY, New York
PATRICK T. McHENRY, North Carolina   ELEANOR HOLMES NORTON, District of 
JIM JORDAN, Ohio                         Columbia
JASON CHAFFETZ, Utah                 JOHN F. TIERNEY, Massachusetts
TIM WALBERG, Michigan                WM. LACY CLAY, Missouri
JAMES LANKFORD, Oklahoma             STEPHEN F. LYNCH, Massachusetts
JUSTIN AMASH, Michigan               JIM COOPER, Tennessee
PAUL A. GOSAR, Arizona               GERALD E. CONNOLLY, Virginia
PATRICK MEEHAN, Pennsylvania         JACKIE SPEIER, California
SCOTT DesJARLAIS, Tennessee          MATTHEW A. CARTWRIGHT, 
TREY GOWDY, South Carolina               Pennsylvania
BLAKE FARENTHOLD, Texas              MARK POCAN, Wisconsin
DOC HASTINGS, Washington             TAMMY DUCKWORTH, Illinois
CYNTHIA M. LUMMIS, Wyoming           DANNY K. DAVIS, Illinois
ROB WOODALL, Georgia                 PETER WELCH, Vermont
THOMAS MASSIE, Kentucky              TONY CARDENAS, California
DOUG COLLINS, Georgia                STEVEN A. HORSFORD, Nevada
MARK MEADOWS, North Carolina         MICHELLE LUJAN GRISHAM, New Mexico
KERRY L. BENTIVOLIO, Michigan        VACANCY
RON DeSANTIS, Florida

                   Lawrence J. Brady, Staff Director
                John D. Cuaderes, Deputy Staff Director
                     Robert Borden, General Counsel
                       Linda A. Good, Chief Clerk
                 David Rapallo, Minority Staff Director



                            C O N T E N T S

                              ----------                              
                                                                   Page
Hearing held on JANUARY 22, 2013.................................     1

                               WITNESSES

The Honorable Tom Davis, A former Representative in Congress from 
  the State of Virginia
    Oral Statement...............................................     6
    Written Statement............................................     9
Mr. Steven Vanroekel, Federal Chief Information Officer, Office 
  of Management and Budget
    Oral Statement...............................................    15
    Written Statement............................................    17
Mr. David A. Powner, Director, Information Technology Management 
  Issues, General Accountability Office
    Oral Statement...............................................    22
    Written Statement............................................    24
Mr. Douglas Bourgeois, Vice President and Chief Cloud Executive, 
  U.S. Public Sector Division, VMWARE
    Oral Statement...............................................    72
    Written Statement............................................    75
Mr. Michael Klayko, Advisor and Former CEO, Brocade 
  Communications Systems, Inc.
    Oral Statement...............................................    88
    Written Statement............................................    90
Mr. Chris Niehaus, Director, U.S. Office of Civic Innovation, 
  Microsoft Corporation
    Oral Statement...............................................    96
    Written Statement............................................    98

                                APPENDIX

The Honorable Elijah Cummings, from the State of Maryland, 
  Opening Statement..............................................   120
The Honorable John Mica, from the State of Florida, Opening 
  Statement......................................................   122
The Honorable Gerald Connolly, from the State of Virginia, 
  Opening Statement..............................................   124
The Honorable Matthew Cartwright, from the State of Pennsylvania, 
  Opening Statement..............................................   127
Questions for Steven VanRoekel from Tammy Duckworth, Jackie 
  Speier, and Darrell Issa.......................................   130
Response to questions from Jeff Rangel to Jackie Speier..........   140
Response to questions from Microsoft Innovation Policy Ctr. to 
  Darrell Issa, Elijah Cumming, and Jackie Speier................   142
Response to questions from David A. Powner.......................   148
Response to questions from Douglas J. Bourgeois..................   155
Submitted Testimony for House Oversight and Government Reform 
  Committee Hearing from Consortium for Citizens with 
  Disabilities...................................................   164
ICT Sector Trade Associations Comments on FITARA.................   167
Statement for the Record of the Professional Services Council....   170
Statement for the Record of The Honorable Robert C. Cresanti, 
  Vice President, SAP America....................................   176


WASTING INFORMATION TECHNOLOGY DOLLARS: HOW CAN THE FEDERAL GOVERNMENT 
                   REFORM ITS IT INVESTMENT STRATEGY

                              ----------                              


                       Tuesday, January 22, 2013

                  House of Representatives,
      Committee on Oversight and Government Reform,
                                           Washington, D.C.
    The committee met, pursuant to call, at 1:08 p.m., in Room 
2154, Rayburn House Office Building, Hon. Darrell E. Issa 
[chairman of the committee] presiding.
    Present: Representatives Issa, Mica, Turner, Duncan, 
Chaffetz, Lankford, Amash, Gosar, DesJarlais, Gowdy, 
Farenthold, Hastings, Lummis, Woodall, Massie, Collins, 
Meadows, Bentivolio, Cummings, Maloney, Norton, Tierney, 
Connolly, Speier, Cartwright, and Duckworth.
    Staff Present: Ali Ahmad, Communications Advisor; Alexia 
Ardolina, Assistant Clerk; Richard A. Beutel, Senior Counsel; 
Robert Borden, General Counsel; Molly Boyl, Parliamentarian; 
Lawrence J. Brady, Staff Director; Caitlin Carroll, Deputy 
Press Secretary; John Cuaderes, Deputy Staff Director; Adam P. 
Fromm, Director of Member Services and Committee Operations; 
Linda Good, Chief Clerk; Michael R. Kiko, Staff Assistant; Mark 
D. Marin, Director of Oversight; Laura L Rush, Deputy Chief 
Clerk; Scott Schmidt, Deputy Director of Digital Strategy; 
Rebecca Watkins, Deputy Director of Communications; Peter 
Warren, Legislative Policy Director; Krista Boyd, Minority 
Deputy Director of Legislation/Counsel; Ashley Etienne, 
Minority Director of Communications; Jennifer Hoffman, Minority 
Press Secretary; Carla Hultberg, Minority Chief Clerk; Elisa 
LaNier, Minority Deputy Clerk; Lucinda Lessley, Minority Policy 
Director; Dave Rapallo, Minority Staff Director; Mark 
Stephenson, Minority Director of Legislation; and Cecelia 
Thomas, Minority Counsel.
    Chairman Issa. The committee will come to order.
    The Oversight Committee exists to secure two fundamental 
principles. First, Americans have a right to know that the 
money Washington takes from them is well spent. And second, 
Americans deserve an efficient, effective government that works 
for them. Our duty on the Oversight and Government Reform 
Committee is to protect these rights. Our solemn obligation is 
to hold government accountable to taxpayers, because taxpayers 
have a right to know what they get from the government.
    Our obligation is to work tirelessly in partnership with 
citizen watchdogs to deliver the facts to the American people 
and bring genuine reform to the Federal bureaucracy. This is 
our mission.
    Today we advance that mission statement in the area of 
information technology, which is at the heart of whether the 
Federal government knows where the waste, fraud, and abuse is; 
knows or can be expected to deliver an efficient and honest 
return for every dollar contributed by the Federal taxpayers. 
To that extent, we have three panels today. This is not a 
controversial hearing within this committee. But it may be 
controversial outside of this dais.
    In just the last 10 years, government spending on IT has 
risen by $46 billion. Even in Washington, that is a lot of 
money. We now spend $81 billion in 2012. As is the case 
government-wide, spending decisions were often not based on 
performance results. Program failures and cost overruns plague 
three-quarters of all large Federal IT programs. Federal 
managers say that 47 percent of their budget goes to maintain 
obsolete or deficient IT resources.
    Estimates suggest that as much as $20 billion of taxpayer 
money is wasted each year. But let us understand, in this case 
it is not the waste of the $20 billion, it is what that $20 
billion could do properly applied to our transparency into our 
government. The leveraging of $20 billion to save $200 billion 
is why it is essential that we fix this part of government that 
seems to be so broken.
    We have built an IT infrastructure that is bloated, 
inefficient, and actually makes it more difficult for the 
government to serve its citizens in some cases. With more than 
$81 billion spent each year on Federal information technology, 
Americans are not getting anywhere close to what they would 
expect to get for their money.
    Just last month, the Air Force announced that a $1 billion 
logistics system had failed and was being shut down. It was a 
logistics system that was needed. It will still be needed. We 
will still need to make these improvements.
    I want to join with all those who realize that few of our 
programs that fail, fail because they weren't wanted or needed, 
they fail for other reasons. And that is what this committee is 
determined to get to the bottom of and change the system.
    Often quoted in Washington is Albert Einstein saying, more 
or less, that if you keep doing the same thing over and over 
and expect a different result, that is the definition of 
insanity. We will not allow the Federal government to continue 
doing things over and over again that, in fact, more money has 
not made work better. It is our choice now to listen to all the 
parties who will come to bear to this committee. People who 
understand government procurement, of course; people who 
understand the private sector and what works there.
    I have often quoted my working in my old company with 
companies like Circuit City, Best Buy, and Wal-Mart, companies 
that in some cases were very opaque; in other cases, visual on 
even my desktop, I could see every store, every product from my 
company, and whether, in fact, it was selling or not. I not 
only could see it, but my salesmen could see it. And if 
something didn't move in one store and moved in another, they 
knew that they could go and find out why. That doesn't exist in 
the Federal procurement system. It doesn't exist anywhere in 
government, and it needs to.
    With that, I would like to introduce Mr. Cummings for his 
opening statement at this time.
    Mr. Cummings. Thank you very much, Mr. Chairman.
    I want to welcome all of our witnesses here today, 
including our good friend and distinguished former chairman, 
Tom Davis, who I just have a phenomenal amount of respect for.
    Tom, it is good to see you again.
    I think this is an appropriate first hearing for this 
Congress. This is a good government hearing that gets right to 
the core of our committee's jurisdiction. Today we are 
examining Federal spending on information technology. Our 
committee has jurisdiction over the efficiency and management 
of government operations and activities, including procurement. 
It is our responsibility to ensure that the Federal government 
is spending money wisely and efficiently.
    I think all of our constituents would agree that they want 
to make sure that their tax dollars are spent that way, 
effectively and efficiently. This includes Federal spending on 
information technology. The President's fiscal year 2013 budget 
projected that agencies will spend $79 billion on IT this year. 
The Government Accountability Office has found that agencies 
did not have adequate oversight of these investments. In a 
report last October, GAO found that five major agencies have 
not been using the proper safeguards to ensure that their 
investments in the operation and maintenance of IT systems are 
performing as intended.
    As GAO said, and I quote, ``Until agencies address these 
shortcomings, there is increased risk that these agencies will 
not know whether the multi-billion dollar investments fully 
meet their intended objectives.''
    I look forward to hearing from Mr. VanRoekel, the Chief 
Information Officer, about the progress the administration has 
made in improving the quality of IT investments, what is being 
done to improve oversight of those investments, and how overall 
spending is being reduced.
    In particular, I am interested in hearing about the 
administration's efforts to improve transparency of IT 
investments. I also look forward to hearing from the industry 
leaders who can identify the challenges, opportunities we face 
in our efforts to improve the way that government invests in 
IT.
    And let me say this. As the chairman was speaking, I could 
not help but think about a few years ago when I sat as the 
ranking member on the Transportation Committee of the Maritime 
and Coast Guard Subcommittee. And one of the things that we 
discovered is that we had a broken procurement process in the 
Coast Guard. And the Coast Guard literally were buying boats 
that did not float, radar systems that were supposed to cover 
360 degrees that were covering 180 degrees, radios that if they 
got wet, they did not operate. That was in this country.
    But I hope you listened to what the chairman said very 
carefully. When we are wasting money and not using it 
effectively and efficiently, I mean, that is money that could 
be used to do some things that we really do need done. And so 
that is why this hearing is so important.
    You know, I often talk to my staff about hearings and 
whether we get the value out of hearings. I want the people who 
address us this morning to talk about how we can effectively 
get this done. I mean, it is nice to hear about the problem, 
but do we need time tables, Tom? I mean, what kind of things 
can be done so that when the chairman looks back at his legacy 
and hopefully we all look back at ours, we can say we actually 
did something and didn't just spend time talking about it.
    I am sure the chairman shares any view. And I am hoping 
that when the folks come up here to testify, you will help us 
with some roadmaps--that is right, take out your pens, write it 
down--and so that we can be effective and efficient. Effective 
and efficient.
    Finally, I want to applaud the work of our resident 
technology expert, Representative Connolly, the ranking member 
of the Government Operations Subcommittee. Mr. Connolly held a 
forum in his district last May that explored many of the very 
same issues we will hear about today. He also has taken the 
lead in introducing legislation to reduce waste by 
consolidating Federal data centers.
    The administration's efforts on data center consolidation 
are expected to save the government $3 billion by 2015. I 
believe it is time to modernize the way the government does 
business. This will require strategic investments in 
technology. But we should not overlook the importance of 
strategic investments in our workforce. Our acquisition 
community needs to have the tools necessary to effectively 
oversee increasingly complex systems from beginning to end. 
These professionals ensure that the government is a smarter 
consumer.
    And with that, I yield back.
    Chairman Issa. I thank the gentleman.
    Because this will be referred to the Government Ops 
Subcommittee, I would like to recognize its chairman, Mr. Mica, 
for a short opening statement.
    Mr. Mica. Well, thank you for yielding, and also thank you, 
Chairman Issa, for holding this important hearing, hearing that 
deals with government waste, particularly on the eve of the 
Congress considering expanding our national indebtedness, where 
it is nearly at $16.5 trillion, and we have got to look at 
every avenue and source of wasteful spending.
    This is not a small-potatoes item. IT, we spent in the last 
decade $600 billion. And the information we have today we gain 
primarily from a 2012 report from the GAO which took the 
opportunity to review what was going on and highlighted the 
need to address potentially duplicative IT investments to 
avoid, again, wasteful spending. In fact, in the fiscal year 
that GAO looked at, 2011, they found that the Federal 
government funded 622 separate human resources systems, 580 
financial management systems, and 777 supply chain management 
systems.
    So what we have ended up with is various Federal agencies, 
as well as offices within the different agencies, making 
separate and very costly investments in back office systems 
that often perform the same function. And all this duplication 
comes at some pretty significant cost.
    Unfortunately, that has been our approach. And what we 
should be doing is aggregating demand among the agencies and 
their different offices to get the best prices for various IT 
products and services, which we aren't properly doing.
    We also waste money investing in systems that fail to 
become fully functional. And the staff, from the report, this 
GAO report, indicated that, for example, the National Archives 
and Records Administration, also under our committee's 
jurisdiction, poured--now listen to this--$375 million into the 
development of an electronic records archive system that has 
now been put to a halt. And we will look further at that.
    Then we look at the office of OPM, Office of Personnel 
Management, cancelled its Retirement Systems Modernization 
program after spending nearly $0.25 billion on that program. We 
will look at this.
    Despite these failed investments, OMB, unfortunately, 
recently abandoned the practice of including in the President's 
budget submission a summary of the extent of the risk 
represented by major Federal IT investments. According to a 
report issued by GAO last fall, the President's budget 
submission from 2007 to 2009 included an overview of the 
investment performance over several budget years of IT projects 
in need of management attention. But this practice was 
abandoned, unfortunately, by the White House in its last four 
budget submissions.
    The unfortunate reality is that 16 years following the 
signing of the seminal Clinger-Cohen legislation that laid the 
very foundation for the Federal government's acquisition and 
management of IT and 10 years after the E-Government Act was 
passed which established the Federal chief information 
officers, the program would set program failure rates and cost 
overruns which currently now plague us and, unfortunately, they 
account for an estimated 72 to 80 percent of large government 
IT programs. And that is an industry calculation.
    The first step in addressing any problem is determining who 
is responsible and holding people accountable. The Office of 
Management and Budget also needs to take responsibility for the 
lack of coordination and intelligent investment in IT being 
done at the agency level. OMB has to be willing to step up and 
take responsibility and say the buck stops here.
    Finally, I am also disappointed that the head of OMB's 
Office of Federal Procurement Policy, the Federal government's 
chief acquisition individual and person responsible, is not 
with us today, although he was invited to testify. But I am 
glad we have with us today OMB's financial chief information 
officer. Look forward to his testimony and the others and look 
forward to working with you on this important issue. And yield 
back.
    Chairman Issa. I thank the gentleman.
    We now recognize the ranking member, the gentleman who 
replaced our first witness, for his opening statement.
    Mr. Connolly. I thank the chair. And I thank the ranking 
member, Mr. Cummings, for his kind words. And I want to thank 
the chair. If the entire 113th Congress can begin on the note 
we are beginning on today, we are going to be making music for 
2 years. But I want to thank the chair for his leadership in 
this particular area. We are working together and our staffs 
are working together on a draft bill that I think can move us 
into the bright sunshine of this part of the 21st century, 
giving more flexibility to the Federal government and to 
Federal managers. Because some of the problems outlined by my 
friend, Mr. Mica, the new chairman of the Government Operations 
Subcommittee, have to do with how the government is organized 
and the flexibility or lack thereof that we give to managers.
    And as indicated, we spend about $81 billion a year, not 
all of that well. Government is slow to pull the plug when we 
do make a mistake, much slower than the private sector. 
Government has a problem in terms of recruiting and retaining 
the skilled workforce you need for large, complex contracts 
such as these.
    And so addressing those issues, both in process, 
procurement, and people, I think is very important.
    And so I look forward to continuing to work with the 
chairman of the full committee and with the chairman of the 
subcommittee in trying to come up with legislation that makes 
sense, that provides flexibility, that gives maybe more 
discretion to CIOs, to the chief information officers of 
Federal agencies, and that will save money and make sure that 
the deployment of the resources we do have is more efficacious.
    Finally, Mr. Chairman, I do want to welcome my predecessor, 
Tom Davis, former chairman of this committee, whose portrait 
hangs here, who preceded me on the Board of Supervisors of 
Fairfax County, proceeded me as the chairman of Fairfax County, 
and preceded me here in Congress.
    Just last week, Tom was gracious enough to participate in a 
staff retreat I held--I have an annual staff retreat--sort of 
giving us a different take on some issues and how he did it in 
terms of managing constituent services and legislative 
assignments in the 14 years he graced these halls. I want to 
thank Tom for his graciousness as my predecessor and for making 
my transition here in Congress as smooth as possible. It is a 
model for bipartisan cooperation.
    Welcome, Mr. Davis.
    And thank you again, Mr. Chairman.
    Chairman Issa. I thank you.
    Now we recognize the Honorable Mr. Davis, who has returned 
to the place in which he was hung.
    Mr. Davis. Many times.
    Chairman Issa. Tom, you are my friend, you are my mentor. 
And as you have heard from both sides of the aisle, you are 
somebody whose opinion we respect. And with that, you are 
recognized.

    STATEMENT OF HON. TOM DAVIS, A FORMER REPRESENTATIVE IN 
              CONGRESS FROM THE STATE OF VIRGINIA

    Mr. Davis. Mr. Chairman, thank you very much. And 
congratulation to both you and Mr. Cummings on a terrific 
start. I sat on this committee where the rules, sometimes we 
would be here all afternoon. So that is a good start. And I 
think the hearing is a great place to start because this is not 
a Republican or Democratic issue. We can argue over we have too 
much government or not enough government. But we want the 
government we are paying for. And that is really what this is 
about today. So I think we can join on that.
    I just also say to subcommittee chairman Mr. Mica and to 
Mr. Connolly, Mr. Connolly, you followed me on the Board of 
Supervisors, as chairman of the board and to Congress, and if 
you can like me retire undefeated and unindicted maybe one day 
you will be a witness as well.
    Chairman Issa. I think he wants to be hung, too.
    Mr. Davis. Take a couple more terms and a switch. But I am 
not going to get into that.
    Let me just also acknowledge, Jim Turner is here. He was 
the author of the E-Government Act. I attached a number of 
pieces of legislation, but Jim was a distinguished member of 
this committee on the Democratic side when I was the 
subcommittee chairman in 2002 when we worked that bipartisan 
legislation together. And I think it is time for an update. And 
I think this is an apt hearing for that.
    Let me put all of my testimony in the record and just make 
a few salient points. The Federal government spends about $81 
billion in IT annually, making it the largest single acquirer, 
adopter, and user of IT globally, more than any other nation, 
global corporation, or organization. So the Federal government 
should be the best at how it plans, sources, implements, and 
operates IT to achieve missions successfully. Doesn't always do 
it that way.
    Few thoughts. We could get an improved return on 
investment. In the private sector, IT is an investment, it is a 
strategic enabler. But in the Federal government all too often 
IT is viewed and treated as a discretionary expense. Cost 
savings realized from these investments can be many times 
greater than what you achieve when you cut IT and require, and 
we can achieve part of this by executive oversight.
    CIO authority. Department-level CIOs currently have 
responsibility and accountability to manage their IT 
deployments, but they lack the organizational and budget 
authority.
    Too loud? Okay.
    Chairman Issa. Just if you could, Tom, if you could pull it 
a little bit closer. We are getting a little echo up here.
    Mr. Davis. Okay.
    Shared services. Federal government is the only large 
multinational organization globally who has not implemented 
shared services for its back office functions. OMB should build 
upon its prior line of business and shared first strategies to 
require agencies to move away from the bureau-centric 
administrative systems and to department-wide and government-
wide administrative shared solution services.
    Also, on cybersecurity, really nothing else matters in 
Federal IT if the government doesn't get cybersecurity right. 
We passed FISMA, the Federal Information Security Management 
Act, as a part of the E-Government Act in 2002. It needs to be 
updated and operationalized. I know there are jurisdictional 
problems here in Congress, but if we don't get cybersecurity 
right, nothing else is going to matter.
    Information, devices, and the Federal workforce is becoming 
increasingly mobile. Therefore, OMB and congressional oversight 
for government-wide implementation of existing cybersecurity 
priorities is critical. And as the government moves from 
securing systems and devices to securing data at rest and data 
in transit for information-sharing purposes, the government 
will need to identify and implement new solutions in areas such 
as continuous monitoring, identity, authentication, and 
credential management and cryptology.
    Let me also move in my last minute and a half, the 
procurement workforce. This has been a problem. We have cut 
back the procurement workforce, we don't give them appropriate 
training, we don't give sometimes enough leeway. This is 
critical. So many IT functions that go sideways are because we 
don't have the appropriate oversight, we haven't empowered our 
procurement workforce to do the job.
    Procurement processes, as you know in government, sometimes 
the mission is not to make a mistake. So you don't get the kind 
of innovation that you would get in other cases. And I could 
talk more on that during the questions and answers, but I want 
to get through my time.
    Continuing resolutions. CRs kill IT procurements, it kills 
innovation in government, because no agency head is going to be 
spending their budget on new procurements, follow-on work, if 
they don't know what their budget is going to be. Their 
inclination is to protect their people. And we have seen us 
step backward and backward as Congress doesn't get budgets done 
on time and goes through CRs.
    And finally, some of the rules that we have that I think 
are passed with good intentions to ensure that lobbyists don't 
come in and have undue influence also hurt us because many 
times the people writing these have not had appropriate 
contacts with the outside world, small companies trying to get 
in and share their ideas in government and operate in a bubble.
    I think it is a good idea for companies to come in and 
share their ideas and have an open door to policymakers so that 
they know what the existing technologies are, can be aware of 
what government's needs are, and therefore can address them in 
the procurements. And I will stop there on time.
    Chairman Issa. I have never seen a professional get it 
exactly to the second. Tom, you are good.
    [Prepared statement of Mr. Davis follows:]
    [GRAPHIC] [TIFF OMITTED] 79790.001
    
    [GRAPHIC] [TIFF OMITTED] 79790.002
    
    [GRAPHIC] [TIFF OMITTED] 79790.003
    
    [GRAPHIC] [TIFF OMITTED] 79790.004
    
    Chairman Issa. Because you are an unusual witness, I have 
so many questions that I will just follow up endlessly over 
dinner sometime.
    But, Mr. Davis, the one thing that I wanted your comment on 
that wasn't in your opening statement was, because you were 
here for the creation of chief information officers, did you 
ever envision having more than one chief per agency and on the 
average more than two chiefs per agency and all but one of them 
not having any budget authority?
    Mr. Davis. No. I don't think anyone knew what would happen 
when we set them up this way. There has certainly been a 
proliferation of CIOs. But I think you can have as many as you 
want if you give them the right authority. The problem is they 
are sitting out there and in many cases they are toothless 
tigers. Some great people, very dedicated. But if you can't 
enforce this, that is why we get so many stovepipes built up.
    Chairman Issa. So it would be fair to say that the 40 CIOs 
that are in Department of Justice alone would be a little more 
than you would have assigned.
    Mr. Davis. I don't think anybody envisioned that when we 
did it originally.
    Chairman Issa. Or the 35 in the Department of 
Transportation.
    Mr. Davis. Well, I am not picking on anybody. But I just 
think, at the time--what you need are lines of authority and 
decision makers. It is okay to have a multiplicity of CIOs if 
they have authority. But if they don't have authority.
    Chairman Issa. So, in short, if they have their share of 
the budget and can be held accountable for every penny that 
goes under their jurisdiction, you are okay with it as long as, 
in fact, that is what comes with being a chief, is budget 
authority.
    Mr. Davis. Well, you know, look, you don't want 40 
stovepipes out there. You have got to have your CIO for your 
agency overseeing those kind of things. And whatever you call 
the other CIOs, at the end of the day there needs a congruency 
there that is not always built into the system. CIOs don't know 
who to report to. If you are a CIO, for example, subsidiary 
within an organization, do you report to your CIO or do you 
report to your agency head? So there is just I think a lot of 
confusion out there over what the authority lines go.
    Chairman Issa. Mr. Cummings?
    Mr. Cummings. Tom, when you were chairman of this 
committee, you authored the Federal Information Security 
Management Act, and Chairman Issa and I worked together last 
Congress to introduce legislation to update FISMA, which has 
now been in place, of course, for over a decade. Our bill would 
require that the Federal government shift to a system of 
continuous monitoring of information systems.
    One of the things that we hear a lot about, of course, is 
cyber threats. You have already said that you think that FISMA 
needs to be updated. But can you talk about the cyber threats, 
because it seems that that is what we should be worried about, 
because it is my understanding that these threats and cyber 
attacks can do quite a bit of damage, and I just wanted you to 
comment on that.
    Mr. Davis. They do all kinds of damage. First of all, they 
could do societal damage like a 9/11, when you get into it, if 
they get into the wrong systems and were at play. But you have 
a lot of information being lifted. And I don't want to get 
into--you have had situations where we are negotiating trade 
agreements and we are negotiating with other countries and they 
have been able to lift all of our information off.
    So it is basically the fact that a lot of confidential 
private government information is being lifted off by our 
competitors and we are providing it to them free. It is a huge 
cost to taxpayers and a huge cost basically to America.
    Mr. Cummings. Now, are there any other changes to the law 
that you think we need to make?
    Mr. Davis. Well, I think just on FISMA how you do it there 
are probably a dozen ways to do it, but it needs to be 
operationalized. It has turned into a check-the-box routine. It 
has had some good things, because they weren't even checking 
boxes before this. But I think your idea of continuous 
monitoring, testing, prodding of the systems is very, very 
important. So that is the direction I think it needs to move.
    Mr. Cummings. Mr. Chairman, I yield back.
    Chairman Issa. I thank the gentleman.
    Per your agreement, I understand you will be able to answer 
written questions by both sides.
    With that, we will take an extremely short recess and go to 
our next panel.
    Thank you again, Mr. Davis.
    [Recess.]
    Chairman Issa. While that second panel is getting set up, 
for the new members I think it is important to note that 
normally Members of Congress who come before this committee 
testify but don't answer any questions. So Mr. Davis sort of is 
in that in between, and I appreciated that he took a couple of 
follow-ups. But for future reference, and this includes when 
you may go based on areas of expertise to other committees, 
that is normally the tradition, is Members are not sworn and 
Members of the House and Senate normally don't answer 
questions, although they may. So just a little piece of 
information from an old guy.
    And with that, we recognize our second panel of witnesses. 
Mr. Steven VanRoekel is the Federal Chief Information Officer 
of the Office of Management and Budget. Now, that is a chief's 
chief. We want to make sure we get that out here, because Mr. 
Davis defined such a thing. And Mr. David Powner is the 
Director of Government Accountability Office, Information 
Technology Management, and in fact for those again new members, 
GAO works for us.
    So I want to thank both of you for being here today. 
Pursuant to the committee rules that were just passed before 
your very eyes, I would like you to both rise and take the 
oath. Please raise your right hands. Do you solemnly swear or 
affirm that the testimony you are about to give will be the 
truth, the whole truth and nothing but the truth? Let the 
record indicate that both witnesses answered in the 
affirmative. Please be seated.
    My previous chairman, Mr. Towns, is now retired, but I will 
one time more introduce the clock the way he did. Everywhere in 
America we know that green means go, yellow means go through 
the intersection real quick, and red means stop. So it is a 5-
minute clock. Please come as close as you can to it.
    Mr. VanRoekel?

                       WITNESS STATEMENTS

                 STATEMENT OF STEVEN VANROEKEL

    Mr. VanRoekel. Good afternoon, Chairman Issa, Ranking 
Member Cummings and members of the committee. Thank you for the 
opportunity to testify on the administration's efforts to 
manage the Federal government's investment in information 
technology.
    The growth of cloud computing, mobile devices, data and 
social media is creating a demand for government services that 
is once unforeseen. Americans' expectations of their government 
have reached a critical point even faster than we anticipated. 
They expect us through the use of technology to provide the 
same quality of service they experience in their everyday lives 
and we must meet these expectations efficiently and securely.
    During my nearly 20 years in the private sector, I woke up 
every day focused on improving and expanding core services and 
customer value while also cutting costs. We must ensure the 
Government has the same mentality by driving innovation to meet 
customer needs, maximizing the return on our investment in 
Federal IT, and in establishing a trusted foundation for 
securing and protecting our information resources.
    Since the mid-1990s, Federal IT spending grew about 7 
percent annually. A culture was built which assumed that to do 
new things we must spend more. Had we continued on that growth 
curve, we would be spending over $100 billion on IT today 
versus the $78 billion to $81 billion we do spend. In 2009, we 
worked to freeze Federal IT expenditures, and under my watch we 
have reduced it year over year. Although spending is flat or 
declining, we refuse to use this as an excuse to do less with 
less. Instead, we are applying the private sector mentality of 
continuous improvement to expand and improve core services and 
customer benefit while reducing costs. In this time of fiscal 
austerity, we must ensure that we are always innovating with 
less.
    But if we focus solely on cost reduction we will overlook 
the value that IT brings to the Government and our country. 
Few, if any new government services will be established without 
technology as their foundation. Strategically investing and 
deploying IT can provide a downstream multiplier effect, not 
only in efficiency and cost savings, but by making us more 
productive, more customer friendly and more secure.
    Today I would like to highlight the three principles in our 
approach to innovate with less. First, we are working every day 
to drive innovation into everything we do. The value of 
government programs rests upon their ability to positively 
impact the lives of Americans. Simply put, the American people 
must be at the center of every action we take and no decision 
should be made that cannot be tied to significant customer 
benefit or savings.
    We must also embrace 21st-century ways of building 
government solutions. For too long the Federal landscape has 
not benefited from productivity gains seen in the private 
sector. We can't just spend less; we need to change the way we 
do business. This includes modular solutions, embracing mobile 
technology in new ways, and creating services that were once 
unforeseen.
    Driving innovation doesn't end at the walls of government. 
The information maintained by the government is a national 
asset with tremendous potential value to the public, 
entrepreneurs, and to our own programs. The administration's 
innovation agenda includes multiple initiatives that will open 
data to enhance information exchanges, interoperability, and 
public release of data while safeguarding information security 
and privacy. Open government data is creating an incredible 
platform for innovation in the private sector, continuing to 
foster an increasingly important role for government in the new 
data economy. Today, private sector entrepreneurs are 
leveraging this asset to create jobs and provide better service 
for the American people.
    Second, we are focused on maximizing the overall return on 
investment in Federal IT and are providing agency leadership 
with tools to help look across their IT portfolios to make 
strategic investment decisions. We are driving cost savings in 
government through many targeted efforts, including investment 
reviews, our cloud-first policy, strategic sourcing, data 
center optimization and PortfolioStat. By gaining efficiency we 
can not only save money, but we can drive innovation in 
government by culling from inefficient programs and reinvesting 
in high ROI, mission-focused technology solutions.
    Third, we are advancing cybersecurity capabilities on every 
front. This issue requires creative solutions to address 
emerging and increasingly sophisticated threats and new 
vulnerabilities introduced by rapidly changing technology. To 
overcome this challenge we must continue to implement 
initiatives such as the cybersecurity agency goals, FISMA and 
FedRAMP, and to continuously measure agency progress in 
improving information security performance. Building on the 
last four years, our focus going forward will be to drive 
innovation in government and make investments in technology 
that better serve the American people. We will use technology 
to improve productivity and lower barriers to citizen and 
business interaction with government, all while bolstering 
cybersecurity.
    Thank you for the opportunity to appear today, and I look 
forward to our discussion.
    Chairman Issa. Thank you.
    [Prepared statement of Mr. VanRoekel follows:]
    [GRAPHIC] [TIFF OMITTED] 79790.005
    
    [GRAPHIC] [TIFF OMITTED] 79790.006
    
    [GRAPHIC] [TIFF OMITTED] 79790.007
    
    [GRAPHIC] [TIFF OMITTED] 79790.008
    
    [GRAPHIC] [TIFF OMITTED] 79790.009
    
    Chairman Issa. Mr. Powner?

                  STATEMENT OF DAVID A. POWNER

    Mr. Powner. Chairman Issa, Ranking Member Cummings and 
members of the committee, we appreciate the opportunity to 
testify on wasteful IT spending. My comments will focus on 
three areas. One, the Government's poor record when it comes to 
delivering IT. Two, recent OMB initiatives to address the 
problems. And three, what needs to be done to fully address the 
issues at hand.
    GAO's work and others over the year have shown that the 
Government has a poor track record when it comes to managing 
and delivering IT. My written statement lays out several recent 
examples where billions of taxpayers' dollars have been wasted 
on failed projects. In addition, the IT Dashboard currently 
shows nearly 200 investments totaling $12.5 billion that are at 
risk, and these numbers are understated.
    To address these issues, over the past several years OMB 
has put in place several initiatives that have resulted in 
improvements. First, the IT Dashboard provides realtime 
reporting of over 700 major investments and highlight CIOs' 
assessment of each. This information has been used to terminate 
and scale back projects and reduce budgets by nearly $4 
billion, according to OMB. In addition, the comprehensive IT 
reform plan covers areas like IT governance, program management 
and procurement. An important goal of this plan is for agencies 
to turn around one-third of their underperforming projects.
    One of the more important aspects of the reform plan is the 
data center consolidation effort, in which OMB claims could 
result in $3 billion in savings. And more recently the 
administration rolled out the PortfolioStat initiative that 
focuses on eliminating duplicative IT systems. OMB estimates 
about $2.5 billion in savings here. The big takeaway here is 
that by turning around troubled IT projects, consolidating data 
centers, and eliminating duplicative commodity IT systems, the 
Government can save somewhere between $5 billion and $10 
billion if indeed these initiatives are successfully carried 
out.
    Based on our work over the past several years, here are key 
areas that need more attention. First, we need even better 
transparency and more action on troubled projects. This starts 
with accurate information on the IT Dashboard. We can't have 
situations where agencies like DOD report no high risk systems 
when in fact they have many. On the other hand, some agencies, 
like DHS, are reporting accurately and moving more of their 
projects to a green status. However, overall agencies are 
nowhere near accomplishing the IT reform goal of turning around 
one-third of the underperforming projects. I would like to 
stress the importance of tackling these projects in smaller 
increments. My written statement highlights seven successful IT 
acquisitions and each took an incremental approach.
    Second, we need to tackle duplication more aggressively. 
For example, our work shows that 27 major departments and 
agencies have nearly 600 financial management systems and spend 
almost $3 billion on these systems annually. The 
administration's PortfolioStat process is an excellent 
initiative to address this duplication.
    Third, OMB and agencies need to follow through on their 
data center plans. Server utilization rates are far below 
desired amounts, consolidation still needs to occur, and 
ultimately the key performance metric here is dollars saved. 
DOD alone reports that they can save $2.2 billion and OMB 
claims that the Government can save $3 billion by 2015.
    Finally, the Government needs to perform the required 
operational analysis on the operational systems totaling $55 
billion so that over time we can spend more money on 
modernizing government operations and less on maintaining old, 
archaic systems. All these areas--improving transparency, 
turning around large IT acquisitions, tackling duplication, 
optimizing data centers, and shifting the percentage of what we 
specifically are spending the $80 billion on--require strong 
and accountable chief information officers and attention to the 
many GAO recommendations we have made in these areas.
    Mr. Chairman, GAO's plan is to stay on top of these 
important issues as we currently have worked, looking at the 
Dashboard, PortfolioStat, data center consolidation and IT 
duplication. We look forward to further assisting you in your 
important oversight role. This concludes my statement. I would 
be pleased to respond to questions.
    Chairman Issa. Thank you.
    [Prepared statement of Mr. Powner follows:]
    [GRAPHIC] [TIFF OMITTED] 79790.010
    
    [GRAPHIC] [TIFF OMITTED] 79790.011
    
    [GRAPHIC] [TIFF OMITTED] 79790.012
    
    [GRAPHIC] [TIFF OMITTED] 79790.013
    
    [GRAPHIC] [TIFF OMITTED] 79790.014
    
    [GRAPHIC] [TIFF OMITTED] 79790.015
    
    [GRAPHIC] [TIFF OMITTED] 79790.016
    
    [GRAPHIC] [TIFF OMITTED] 79790.017
    
    [GRAPHIC] [TIFF OMITTED] 79790.018
    
    [GRAPHIC] [TIFF OMITTED] 79790.019
    
    [GRAPHIC] [TIFF OMITTED] 79790.020
    
    [GRAPHIC] [TIFF OMITTED] 79790.021
    
    [GRAPHIC] [TIFF OMITTED] 79790.022
    
    [GRAPHIC] [TIFF OMITTED] 79790.023
    
    [GRAPHIC] [TIFF OMITTED] 79790.024
    
    [GRAPHIC] [TIFF OMITTED] 79790.025
    
    [GRAPHIC] [TIFF OMITTED] 79790.026
    
    [GRAPHIC] [TIFF OMITTED] 79790.027
    
    [GRAPHIC] [TIFF OMITTED] 79790.028
    
    [GRAPHIC] [TIFF OMITTED] 79790.029
    
    [GRAPHIC] [TIFF OMITTED] 79790.030
    
    [GRAPHIC] [TIFF OMITTED] 79790.031
    
    [GRAPHIC] [TIFF OMITTED] 79790.032
    
    [GRAPHIC] [TIFF OMITTED] 79790.033
    
    Chairman Issa. For all the members, be aware that somewhere 
in the 2 o'clock time range we will have our first and only 
series of votes for the day. It will be no more than three 
votes, and we will return immediately following that. I will go 
down the order normally, but if somebody is here ahead of you, 
then I will go to that person first and then return to the 
normal order.
    Mr. Powner, I guess the first problem we seem to have is 
that the software for the IT Dashboard is not performing 
properly, if I heard you say, that in fact what we are getting 
there in reporting, granted it is not automated reporting, but 
that reporting is not factual. In a nutshell, how do we fix 
that? How do we get that reporting to fairly reflect the real 
green, red, yellow that we should?
    Mr. Powner. Well, Mr. Chairman, there is reporting on cost 
and schedule performance, but there is a key report on CIO 
assessment and that doesn't require the software to function. 
That requires the CIO to be on top of their projects and to 
accurately report. So we issued a report late last year that 
highlighted some of the problems.
    We have some departments and agencies reporting accurately. 
DOD reported zero red investments, and that was soon after they 
cancelled the one investment that you highlighted in the 
opening to the hearing here. So we need to make sure that we 
get accurate reporting, that CIOs are on top of the status of 
these 700 major IT investments.
    Chairman Issa. Let me follow up briefly. There is 243 CIOs. 
Only one has full budget authority, and that is Veterans 
Affairs. Do you see a difference between the one and the 242 in 
the sense of accountability? I know that is a very small 
offsetting number. We don't have a second example. But can you 
give us a contrast that you think budget responsibility and 
authority can bring?
    Mr. Powner. Clearly budget authority helps with your 
authorities, but there is also some CIOs in the Federal 
government, I can point to several examples, where even without 
budget authority they are still quite successful. And some 
areas, if you look at IRS as an example, over the years they 
have greatly improved. Their chief information, chief 
technology officer there gets a lot done, gets it done well. 
DHS is another good example where even without budget authority 
they still can be quite successful.
    Chairman Issa. Before I move on, this committee has a long 
history of bringing people in when they screw up. How do I do 
what you just did? How do I find the areas of excellence, 
identify them and recognize them? And not just I, I mean our 
Government. Because certainly we do have, and I have met many 
of them, these information officers that are doing an excellent 
job that are on top of it, but out of 243 clearly some are not.
    Mr. Powner. Well, you know, I mentioned a few agencies that 
are performing better than others, but clearly Steve VanRoekel 
has the best picture into who those stronger CIOs are across 
the Federal government. He meets with them frequently in many 
of his initiatives, he has seen them firsthand, in addition to 
our work at GAO. But he has much more hands-on working 
experience and I would rely heavily on him.
    Chairman Issa. Then I will go to the gentleman. Can you 
give me your best and brightest and tell me how I leverage the 
accolades to them so that the others will realize that 
excellence is rewarded?
    Mr. VanRoekel. I am happy to provide names and lots of 
examples of best practices that we have done.
    Chairman Issa. We will take them.
    Mr. VanRoekel. We are taking this direction and actually 
institutionalizing a lot of this work in the CIO Council. We 
have stood up an effort this year to immortalize best practice 
sharing in a way that really has never been done before, 
putting examples of best case around procurement, around 
implementation of different technologies and things like that, 
as well as starting a CIO university that we bring new CIOs 
that are entering the Government to bear to consume our 
handbook, hear from the better CIOs on how to get best results 
and things like that.
    Chairman Issa. By the way, who is the IRS CIO that you 
mentioned?
    Mr. Powner. Terry Milholland. He goes by CTO, but in fact 
he is their chief information officer.
    Chairman Issa. Excellent. I am going to just touch on a 
couple of areas. Ms. Duckworth actually brought this to me, so 
sometimes the most important questions are from freshmen.
    I have been in Congress for 12 years. Before I was in 
Congress I worked on a voluntary basis for my county. So as far 
back as about 16 years ago I was acutely aware that we put a 
lot of money into interoperable systems so that our counties, 
our cities, our fire departments and so on could communicate, 
particularly in times of emergencies, which San Diego tends to 
have a fire, a major fire every year or two. It is now more 
than a decade later and these systems are generally no better. 
Additionally, we reported in fiscal year 2011 we funded 622 
separate human resource systems at a cost of $2.4 billion.
    The frustration that I have, the frustration the gentlelady 
has from Illinois is how do we stop looking at things 6 years, 
10 years, 20 years later and find out that what we said the job 
was to consolidate, the job was to go to a single interoperable 
system and so on, just as we are doing here today, how do we 
stop it from expanding? Because I am sure that we are not 622 
separate human resource systems, and I know for a fact that the 
systems used by fire and emergency operations around my State 
at least are not 14 years old. They are systems that don't talk 
to each other that were bought after we recognized the problem.
    Mr. VanRoekel?
    Mr. VanRoekel. I think a primary way to think about this is 
if you look at the history of technology and the way it grew 
up, even in the private sector, and I was, as I mentioned in my 
opening statement, in high-tech in the private sector for 20 
years, most of that at Microsoft Corporation, so I saw a lot of 
evolution in this space.
    The industry grew up in a way that was very single purpose, 
where it was unthinkable on a server to install multiple kinds 
of software. You would just put an e-mail on one, a database on 
another and things like that. There is now technology available 
that allows us to do things massively different.
    I think the private sector has realized that. As Mr. Davis 
said in his opening statement, there is this inflection point 
we all go through where technology is seen as this very 
discretionary thing to a very strategic thing, as you 
mentioned, the way to connect to customers or sales people or 
data, things like that. We are in the midst of that inflection 
point in government and it hasn't been fully realized. And I 
think that, coupled with the cost pressure, the cybersecurity 
pressure, and probably most importantly the expectations of 
citizens, are going to drive a different behavior.
    What I have probably noticed the most coming into 
government is that we spend a lot of time focusing on a single 
role, saying a CIO kind of owns this function, procurement 
professional owns this function, CFO, human resources, et 
cetera. And one of the things I am working very hard to instill 
is across C-level conversation on these things.
    When I ran the PortfolioStat process last summer, my agenda 
with that process was not just to look at the IT portfolio and 
sort of have an assessment there, but it was to get people 
around the table and teach from the deputy secretary and all 
the C-level executives how to run a private sector investment 
review board meeting, how to actually take a look at all the 
levers they can pull and how to make this strategic. So our 
initial goal was really consolidation at that level, saying it 
is unthinkable to run more than one email system if you are in 
an agency, and many are running more than one. It is 
unthinkable to run more than one other system. And so 
encouraging them to drive that level of consolidation.
    And then Joseph Jordan and I, the head of the Office of 
Federal Procurement Policy, worked last year and launched the 
Strategic Sourcing Leadership Council that is a group of C-
level executives from some of the largest agencies in 
government representing the majority of our IT spend who are 
right now working on a plan to do a minimum of those 15 systems 
of consolidations. They are going to be reporting back to us in 
the next month or two.
    Chairman Issa. Thank you.
    Mr. Cummings.
    Mr. Cummings. Thank you very much. Mr. Chairman, I am glad 
you asked Mr. Powner about the person at IRS that apparently is 
doing it right. That is a good thing. I think it is important 
that we highlight those people who come in and do the right 
thing and do it well.
    And that leads me to you, Mr. VanRoekel. When you were 
talking about best practices and trying to put them into 
policy, are we getting--you know, a lot of times people try to 
guard their little turf. They feel like they are doing 
everything right. And maybe they have been there for a while 
and they see somebody like Terry McMillan, is it? What was the 
name? Terry?
    Mr. VanRoekel. Milholland.
    Mr. Cummings. Milholland come along and they are resistant. 
Do you find that to be a problem at all?
    Mr. VanRoekel. Definitely we have many challenges in 
government around moving the ball forward, embracing 
innovation. I often will call it blinking light syndrome, where 
people just love to own their own servers and have their own 
thing, where they like the blinking lights of those servers. 
Culture is an inhibitor. Past behavior and people saying, well, 
that is the way we have always done it, I assume that is the 
way we should always do it in the future, is definitely a 
challenge we see.
    Mr. Cummings. Are we getting the skills? Several people 
have mentioned skill levels of people coming in. Are we getting 
the kind of skilled people that we need to do the job? Because 
certainly if you don't have the skills, you can be the blind 
leading the blind and losing money and effectiveness at the 
same time. I am just wondering. And if we are not getting those 
kind of people, how do we go about getting them?
    Mr. VanRoekel. In my many years in the private sector, 
including a stint as Bill Gates' assistant and being by his 
side and seeing some of the most fascinating, amazing people in 
the technology field, probably the biggest surprise I have had 
coming to government is the quality of some of the people in 
government. And you find many of them around government who are 
either yearning or doing things in amazingly innovative ways.
    A lot of times it is about giving those people permission, 
and I think that is the essence of good policy, is giving them 
a permission slip to go innovate, to break the culture of the 
way things have done in the past and move forward. I often hear 
from people after I have issued some policy around doing 
something massively differently than we have done before, they 
run around their agency holding that in the air saying, see, I 
can now do what I have been wanting to do, and that is creating 
a nice dynamic.
    We have also got, you know, there are people that have been 
in government a long time, haven't maybe been trained to the 
level of 21st-century ways of doing things, and we have worked 
really hard to build new training mechanisms for them. And 
probably the most impactful thing we have done in the last year 
is we have launched what is called the Presidential Innovation 
Fellows Program that actually does rotations of private sector 
professionals in a non-conflicted way into government to work 
side-by-side with public sector employees to work on innovation 
challenges that the country is facing, but more importantly 
teach them how to do things in a 21st-century way. And that has 
beared incredible fruit.
    Mr. Cummings. One of my concerns is cybersecurity. Do you 
believe that the updates to FISMA might help OMB and DHS in 
your efforts to ensure that the government information is 
protected from cyber attacks?
    Mr. VanRoekel. I think the essence of what we need to do is 
really about flexibility. Cybersecurity threats are evolving 
every day. New technology, new devices present new threats. And 
having a mechanism like FISMA where you only do assessments on 
a not very regular basis is a good check and balance, but it is 
not the ultimate solution. And so I am probably most encouraged 
about our work in the continuous monitoring areas that we 
funded last year and are now starting to roll out this year. 
And this is a great highlight of across-government shared 
service where a procurement went out that is going to allow not 
only the Federal government to take advantage, but State, local 
and tribal are also eligible for this procurement to get volume 
and scale in our buying power, to actually look at a consistent 
view of cybersecurity threat monitoring across the government.
    Mr. Cummings. My last question is you recently said that 
you are encouraging agencies to evaluate the mission of their 
agencies when evaluating how they will cut their budgets if 
Congress does not pass legislation in time to avoid 
sequestration, and this is what you said, and I quote. 
``Cybersecurity is a top priority. When people are making the 
right priorities to meet the mission of the agencies in the 
most safe, secure and protecting citizens' privacy way, we will 
make the right trade-offs I think to assure that this is 
happening.'' And that is the end of the quote.
    How could budget cuts impact cybersecurity initiatives and 
how much do you worry about that?
    Mr. VanRoekel. Well, I definitely worry about cybersecurity 
all the time, and it is something we have to be ever vigilant 
on, no matter what the budget situation is. And certainly 
budget cuts may have some impact, unforeseen impact on that. 
But the cybersecurity is a unique category of spend because it 
is in everything we do. It is not just one line item on the 
balance sheet. It is something that we look at and think about. 
Across, you know, from your mobile device to your desktop to 
your server room to your data center and everywhere in between, 
cybersecurity is a factor. So as agencies are looking at 
possible budget cuts, they have to look across that landscape 
and say, if I cut this program, this element of cyber that is 
associated with it may go away and does that change the dynamic 
on what our cyber stance is. It certainly could be that case, 
and we hope that is to be avoided.
    Mr. Cummings. Thank you very much.
    Mr. Mica. [presiding.] Thank the gentleman.
    What we are going to do is they have called a vote, and I 
guess we have about 12, 13 minutes. So I would like to ask a 
few questions. We probably have time for one more on this side 
to be fair. We go in order of seniority. And then we will come 
back and pick up where we left off and the witnesses will 
return.
    Does staff know how many votes there are? Three votes. So 
it will probably be almost a half-hour.
    So with that, let me just ask a couple of questions, 
recognize myself. Usually the components you need to be 
successful are policy or a law in place, and then you have to 
have the personnel to execute it, and then you have to buy the 
right IT equipment to make this stuff work.
    My first question would be, are there changes in law that 
you would recommend that do not give you the ability to be 
successful?
    Mr. VanRoekel. I think there is definitely room within the 
existing law on the policy side, implementation of people side, 
that definitely allow us the flexibility to be successful. I 
think the fact that we have----
    Mr. Mica. So within existing law you have the authority by 
law and ability to do what you need to do to be successful?
    Mr. VanRoekel. I do believe so. The challenge I think we 
face is probably around budgeting and thinking about how do 
we--and I know this is not an appropriations hearing--but how 
from a budget standpoint are IT dollars spent. One of our 
inhibitors I think on implementation of IT is that oftentimes 
for most agencies it is single-year spend, and without being 
able to extend that----
    Mr. Mica. Well, then there is something missing, too, 
because you said you have people who have great ideas, very 
great capabilities, but they don't proceed. So somewhere they 
are not getting the policy which would either be set from your 
level, which you just said when you give them the authority 
they run around with the paper. So somewhere we are missing the 
ability to move forward.
    The second thing, Mr. Powner, on the IRS, you mentioned 
IRS, and we get into personnel. And Mr. Cummings I think 
mentioned this too. You have got to have the best personnel. 
You said we have many of them, but sometimes we have turnover, 
we don't keep them or we don't attract them.
    When this committee worked on some reform of IRS, years ago 
I worked on that, one of the problems we had, we had these very 
expensive IT systems and computer, massive operations, but we 
weren't retaining, able to recruit or maintaining and keeping 
folks that could do this work. We came back and changed the 
parameters of being able to hire people. Sometimes in the 
private sector you can make three and four times what we were 
paying them. So do we have the ability to hire people and pay 
them and retain them, from your experience?
    Mr. Powner. Yeah, IRS is a good example. And you are right, 
they were the poster child for years, and then there was a fair 
amount of congressional interaction and there was critical 
positions pay granted at IRS, and a number of those positions 
were granted towards the IT professionals. So their pay was 
bumped up. And then also when you mention about continuity of 
leadership, over the last nine years they have had two CIOs. 
One was there for 4 years, he is the current CIO at DHS, and 
the current one has been there for more than 4. So the turnover 
is a big deal.
    Mr. Mica. I know we did that for IRS, and I know I worked 
on something for a CFO actually in Transportation because we 
couldn't get one or retain one. Government-wide, though, do we 
still have a problem as far as this personnel issue and the 
flexibility to retain and pay people?
    Mr. Powner. Turnover is a big deal, because currently I 
think the average CIO, it is around 2 years and they are in and 
out, and that varies a little bit depending on how you break it 
down by political appointees and career, but not much. But on 
average it is about a 2-year turnover.
    Mr. Mica. What do you think, Mr. VanRoekel?
    Mr. VanRoekel. Yeah, I think there is quite a bit of 
turnover. But the essence of a lot of what we try to do is 
institutionalize best behavior and best practices in a way that 
will kind of mitigate some of the turnover.
    Mr. Mica. We can look at that. And then if you said DOD has 
$2.2 billion worth of potential savings, is that what you said, 
identified?
    Mr. Powner. Yes. That was when you look at their data 
center consolidation efforts, their current plan projects $2.2 
billion in savings.
    Mr. Mica. And why isn't that moving forward, or is it?
    Mr. VanRoekel. It is moving forward. In their last public 
budget submission, they represented I think around or slightly 
over $300 million in saving.
    Mr. Mica. But the balance of the Federal government is $3 
billion identified in savings. That billion just beyond defense 
doesn't seem realistic. I think there is probably a lot more 
room, wouldn't you agree?
    Mr. VanRoekel. I think we are at the tip of the iceberg on 
some of this, yes.
    Mr. Mica. Okay. And finally, maybe for the committee you 
could submit--now, I am fascinated by Obamacare. I just came 
from Transportation, government buildings. They came to us. I 
guess we passed the law that allowed them to acquire a building 
to house 5,000 bureaucrats, just the folks that are going to be 
administrating Obamacare. I am interested to know, they are 
going to have to set up IT systems and everything, maybe you 
could provide the committee with information that you have on 
where they are going with that.
    This is going to be a huge agency, a huge operation and 
requiring a lot of IT investment. Maybe you could share that 
with the committee. I will ask you. You don't have to respond.
    Mr. Mica. Mrs. Maloney?
    Mrs. Maloney. First of all, thank you very much. I want to 
ask a question about the Office of Financial Research, which 
was created under Dodd-Frank, and the purpose of it was to have 
the authority to collect data across the industry to look for 
systemic risk. So when you are talking about these data 
systems, they are put in place in many ways to save money. So 
taking out elements of them and whatever may hinder their 
ability, obviously if we had had such a system that could have 
foreseen the systemic risk and taken steps to prevent the 
subprime crisis and other credit default swaps and other 
instruments that were rocking our economy. I want to note that 
the chairman and I during this committee did a series of 
amendments trying to really legislate parts of the Office of 
Financial Research, so this is a bipartisan effort.
    But my question is, what factors go into determining which 
data centers will be closed? Certainly someone thought they 
were important to begin in the first place. And if you do close 
one, is there an appeal process where the agency or others can 
say you are telling us to close three data systems, but these 
are three or four elements that we think are going to save 
money in the long run, save lives or prevent financial crises.
    So how is that happening? Obviously you could go in and 
say, well, close down all the data systems, we are going to 
save money. But actually they are put in place for many 
reasons, one of which is to save money and to manage government 
better.
    Mr. VanRoekel. Right. This is the essence of why I like to 
focus on data center optimization versus just closures. One of 
the reasons data centers that exist today in the Federal 
portfolio are inefficient is because of the way we use the data 
center itself versus what is actually running in the data 
center. The way IT has grown up, it is very inefficient to use 
single servers in data centers for single functions. New 
technology allows you to run multiple functions on single 
machines at a much lower cost than you have seen in the past. 
So in essence we are going to optimize and close data centers 
by shifting the resources of one to other ones, to more 
efficient data centers, not taking away services, not 
deprecating any service that we provide. And if anything, while 
we make that shift, we actually modernize those systems to 
provide even better service. So it is a really nice opportunity 
to build efficiency and effectiveness at a much lower cost.
    Mrs. Maloney. Well, your statement and Mr. Davis' and 
others, I agree completely that cybersecurity is a national 
security concern and it should and is a bipartisan concern. And 
if there was one area that we should be moving swiftly on, it 
is cybersecurity. It is not only hitting the Pentagon, but 
financial institutions, trade institutions, commercial 
institutions. It is everywhere and every day, and countries 
have complete government agencies out there just going after 
our information.
    The fight before us reminds me very much of the 
intelligence fight we had after 9/11. It was basically a turf 
fight. No one wanted to give up turf. We were told our basic 
problem was a lack of up-to-date intelligence. We had to create 
better interagency talking and preventive methods to make our 
country safer.
    And we have a turf battle now on cybersecurity. No one 
wants to give up their turf. Obviously OMB is the enforcer, but 
you need an agency that comes in and pulls all of this together 
and forces these agencies to work together, talk together, move 
together, to do that.
    What agency do you think would be the best lead agency if 
we were going to pull everyone together? I think we have a 
huge, huge turf battle that is preventing us from going 
forward.
    Mr. VanRoekel. We have done a lot to move the ball forward 
on thinking about coordination in the cyber realm. And we take 
it sort of in two views. One is the classified network side, 
and then one is the public network side, the unclassified side. 
I am a chair member on a safeguarding committee that looks at 
the classified side and we should have another venue in which 
we talk about some of that.
    On the unclassified side, we have made the decision and 
worked very closely with Department of Homeland Security to 
provide the cyber capabilities, operationalize the cyber 
capabilities of the Government along with OMB and the White 
House to focus on what our capabilities are on cyber. So they 
run incident response through a group called US-CERT, the Cyber 
Emergency Response Team. They are leading the charge on the 
implementation of the government-wide continuous monitoring 
system, and then they work with us on CyberStat reviews which 
are going out and implementing FISMA, but a more regular touch 
base on cyber capabilities at the agency level. And I think we 
have done a lot there, along with the CIO Council, to 
coordinate our cyber activities in a way that I feel very 
confident that we are making not only good progress, but great 
progress on.
    Mr. Mica. There is one minute left in the vote. We will 
recess at this time. I would ask both of the witnesses if you 
would stay in recess and then be available, we will see if 
there are future questions.
    The committee stands in recess.
    [Recess.]
    Chairman Issa. [Presiding] Earlier, when I talked to Mr. 
Davis, as a friend and mentor, I did sort of badger him on the 
question of, for example, 40 CIOs at DOJ. I would like to 
revisit that again.
    The term CIO, one that you have, what is it supposed to 
mean? And do we, in fact, find another title for people who are 
less than the CIO and, in fact, those who either don't have 
budget authority or who receive their budget authority as a 
subset of somebody else who has budget authority? If you would 
like to comment on that.
    Mr. VanRoekel. Yes. As Mr. Davis said, I think it is not 
necessarily just a titling problem or opportunity that we maybe 
have in front of us. The title of CIO, it varies in many 
agencies. I think the thing that we need to examine as a tech 
community in looking at Federal IT is really the role and 
responsibility of the CIO and the CIO's organization across the 
enterprise. You know, there are many agencies where the person 
at the top of the org chart has less budget and less authority 
than they maybe had when they were a subcomponent agency CIO. 
And so we see challenges there, challenges in governance, 
challenges in the ability to have influence and visibility 
across the entire IT portfolio.
    The very first memo I issued in my job when I took over for 
Mr. Kundra----
    Chairman Issa. Is this the 25-point plan?
    Mr. VanRoekel. No. I did inherit that, which is great. But 
the first memo I issued was a memo that actually addressed CIO 
authorities and brought to bear new OMB guidance that CIOs need 
to be more empowered in agencies to make decisions around 
commodity IT and things like that across the agency. And so 
many agencies are operational I think now.
    Chairman Issa. And I think, rightfully so, you know, the 
question of portfolio is a big part of the answer to the 
question.
    But let me ask a different question. To a certain extent, 
don't we have a proliferation of CIO as a title because it also 
comes with pay; that is, an expectation that, you know, that 
you can't get somebody above a given level unless you give them 
that title, and by creating that title, you create, quite 
frankly, a more expensive employee?
    Mr. VanRoekel. I think pay could be a factor there.
    Chairman Issa. By the way, just so you know, my limited 
experience outside of Congress was trying to get a clerk-typist 
to be, first, a secretary and then a stenographer. It was the 
same person, worked for the same colonel, but he wanted to pay 
her more, while I was in the military. I am very aware that 
titles, in fact, change pay. And so when you say ``could be,'' 
I am presuming you say almost inevitably must be in some cases.
    Mr. VanRoekel. I just think there are other factors that 
play out in the Federal landscape. Having come from the private 
sector as I did and the position I was in before I came here, I 
certainly didn't take this job for pay, even though I am the 
highest ranking CIO, conceivably, in the Federal government. It 
was more about the scope of responsibility.
    I think oftentimes that that title comes with a lot of 
responsibility. And thinking to the concept of I want to get 
the best person either inside government or outside government 
to take the job, the title actually matters because it equates 
to the scope of the responsibility related there. Look at the 
Department of Transportation as an example. I would certainly 
want someone looking over the FAA to be a CIO, to be a person 
that has actually got that title and that authority.
    Chairman Issa. But do you think the DOT has 35 such needs?
    Mr. VanRoekel. I think the essence there is good 
governance, good policy inside the agency. You mentioned the 
Department of Justice. After we----
    Chairman Issa. Yeah, they top the list with 40.
    Mr. VanRoekel. Yeah, they do. And after we issued the 
guidance on the Department of Justice, every dollar spent 
within the agency on IT, even at the level of purchase cards, 
goes across the desk of the main CIO in the Department of 
Justice. So they now have spending transparently and have built 
mechanisms to do that spend based on the guidance I issued, 
which is about the ability to manage and govern spending at 
that agency. So I think it is not a titling problem, it is a 
governance and management problem.
    Chairman Issa. I hope you are right. And I am going to go 
to the gentleman from Texas. But I might mention that since 
they don't seem to be able to read wiretap warrants to find out 
that, in fact, they would expose wrongdoing at ATF under their 
watch, I would suggest that they probably aren't looking at 
every credit card receipt all that well.
    Mr. Farenthold?
    Mr. Farenthold. And I want to expand a little bit on that, 
and on the Dashboard system, in particular. I am concerned we 
have a system here of garbage in, garbage out. And what kind of 
checks and balances do we have to make sure that we are getting 
good data in there? Is it just coming from the agencies? Do we 
have some sort of, you know, other checks and balances?
    Mr. Powner. So a couple things. That is a legitimate 
concern, and we see it varies by agency. So we have issued 
numerous reports looking at the accuracy and reliability of 
what is going into those Dashboard ratings. The good news is 
over time we see that accuracy improving. But we still have 
some agencies that aren't as accurate as we need them to be.
    Obviously, it is on the CIOs at those agencies to ensure 
that we have accurate reporting. OMB plays a key role. If they 
see something that raises red flags, you know, they can pick up 
the phone and make sure that we have better accuracy there. And 
we will continue to that do in our work for the Congress, 
looking at the accuracy.
    Mr. Farenthold. Is there something we can do to help 
improve that?
    Mr. Powner. Sure, there are some things you could do, I 
think, with your oversight. You can look at the Dashboard right 
now and you could look at some rather large departments and 
agencies and you see zero high-risk investments, similar to 
DOD. And some of these are large departments and agencies. And 
I think congressional hearings such as this where you have 
panels of those agencies that have zero reds would be a good 
thing.
    Mr. Farenthold. All right. Let's talk a little bit, Mr. 
VanRoekel, you worked for Microsoft for a while. And I think 
part of the problem that we have here is when we are buying 
things, how we are specifying them and how we are deciding what 
we need and how it is all happening. You know, in the consumer 
market, and small, medium, and even to some degree large 
business market, Microsoft dictated what the standard was. 
Industry said: This is our product, do with it as you may.
    In the government, you tend to have the government come up 
with all of these detailed specifications for stuff that has to 
be custom coded or whatever. And then you look at probably the 
biggest success story coming out of the government, which was 
the Internet, which came out of DARPA, and it was a 
collaborative, almost open-systems sort of thing.
    Is there a way we can adopt the Internet model for 
developing the overall computing scheme of the government 
rather than having all these different agencies come up with 
all of these different technical standards, or relying on 
manufacturers saying, this is what our product is, take it or 
leave it?
    Mr. VanRoekel. Yeah, I think the normal motion in the 
government in the past has been one where you say, well, I am 
faced with some challenge, some opportunity to build some 
system. You do one of two things, and you highlighted one of 
them. I think one is you go out and buy packaged software that 
exists and then you hire an integrator to try to glue it all 
together to come up with some solution. Or what you do is your 
requirements are so unique, exactly to your point, you describe 
this very monolithic, big solution and you have someone try to 
build it from scratch.
    And the problem with both of those approaches is that the 
risk surface is so incredibly high, and the outcome of that 
effort is not realized until much farther down the road. If you 
think about a quarterback throwing the long ball, you know, 
that you have a much higher likelihood that that thing is going 
to not be caught or intercepted, or it is just very, very 
risky, versus a 4-yard pass down the road. We have a lot more 
product managers in government that can throw the 4-yard pass 
that can actually architect a long-ball pass.
    And so what we need to do and what we have proposed in 
policy and what we are doing working with the industry is to 
really scope a modular approach, to say, you know, we don't 
need to build these big monolithic things, we don't need to 
absorb that much risk on the side of government. What we need 
to do is build smaller solutions that interoperate and work 
with each other. The private sector has been doing this for 
years, the government has not. And we are working with the 
private sector on developing that.
    Mr. Farenthold. And I think one of the struggles we have in 
the government is getting--I mean, we have got some good people 
here. But we don't offer what--you go in the private sector, 
you have got a great idea for doing something or solving a 
problem, you work out of your garage for a while, and then you 
have an IPO and then you are Steve Jobs. Pardon me for me going 
right after your one of your former employer's biggest 
competitors.
    But is there a solution, maybe, again, going back to the 
Internet model, of having some of our standards and solutions 
developed in the academic field, rather than, you know, trying 
to get it done with employees, many of whom are really looking 
for the long term, you know, to be the next Mark Zuckerberg?
    Mr. VanRoekel. Yeah. I think the approach we are seeing 
emerge in government is something that is encapsulated in a 
strategy I published last summer called the digital strategy 
for the 21st century government. And what it basically 
prescribes is exactly that, using open standards, open-source 
software and other approaches to say there is a new way of 
building these solutions where you can have data 
interoperability across agencies, you can have system 
interoperability, that when we build solutions within 
government, we should built it once and use it many times, 
versus using these siloed approaches.
    So if you look at the use of technologies like GitHub, 
where we are now sharing code across government, some of our 
best practices work and some of the solutions we are building, 
this is the approach that I think is going to be the new 
default within government.
    Almost every project that I have text added in government 
where I can have a face-to-face meeting with a project that is 
going awry, I have recommended they go to this modular 
approach, and then in every single case it has turned out well.
    Mr. Farenthold. I am out of time. We could go on for a long 
time. Maybe I will----
    Chairman Issa. Call your own hearing on this. I thank the 
gentleman.
    We now go to the gentlelady from the District of Columbia, 
Ms. Holmes Norton.
    Ms. Norton. Thank you, Mr. Chairman. I wanted to get back 
to get some clarification on savings. You know, this Congress 
is very interested in savings, for good reason. And we know 
that there should be an incentive to use cloud first, we know 
it is the government's policy, because you pay for the service 
you use. And yet we have contrarian responses. There are some 
agencies, apparently, where it would be cheaper to stay with a 
data center. I don't understand why. But that is apparently the 
case. But I was, frankly, shocked to read a column yesterday 
about--here's a figure that was in the column. It's called ``My 
Cup of IT,'' Steve O'Keefe. ``GAO tells us Feds spend 69 
percent of the $81 billion IT budget on hospice care for 
geriatric systems,'' you know.
    Let's leave aside his characterization for the moment. But 
it would seem to imply that these systems are long past their 
usable lives. And yet it looks like the lion's share of money 
is spent on propping them up.
    Why aren't agencies rushing toward cloud, saving themselves 
money, and doing what the government's policy says they should 
be doing in the first place? Either one of you can answer that 
question. I would appreciate it.
    Mr. VanRoekel. I will take the first take on it. I think 
the challenge that we often face is the capital expenditure it 
takes to make the transformation. You often can't just pick up 
a system you have----
    Ms. Norton. Well, of course.
    Mr. VanRoekel. --and just move it to the cloud, you 
actually have to spend money to do that.
    Ms. Norton. So is the administration budgeting for capital 
expenditure?
    Mr. VanRoekel. In many cases we are. But in this fiscal 
environment, my approach has been, let's go find savings where 
we can, where we find low-hanging fruit, and then reinvest 
those savings. So my budget guidance I put out to agencies, for 
example, was to cut 10 percent of their IT budget in targeted 
areas. And I gave them the target areas, things around we've 
just been discussing today, commodity IT and other places where 
it doesn't take that capital lever to move. And then I, to net 
to a 5 percent down, I gave them 5 percent of that 10 back to 
say, okay, now this is capital you should be investing in these 
new areas. And the new areas should be focused on systems 
modernization, cybersecurity, employee productivity or citizen-
facing services, making those run in a better way.
    And then I ran the portfolio set process to help them find 
that 10 percent within their agency in a very data-driven way. 
We went and analyzed all the commodity IT systems they were 
running and things. And so this is a spirit that I am trying to 
inject into government.
    Ms. Norton. Because it looks like for sometime now there is 
not going to be the capital. I mean, the cloud is an ideal. A 
cloud is what we would like to see. But let's face it, like so 
much of IT, if it takes heavy capital investment, it just can't 
happen for some time. It is going to happen very gradually. 
Isn't that so?
    Mr. VanRoekel. That is right. Unless you inspire this let's 
examine what's working, what's not working, take what's not 
working, cut it, and then move it in.
    Ms. Norton. Have you all ever done a cost benefit? I mean, 
would it be worth it to speed it up because of the savings? Or 
is this just not something we could bring money to bear on at 
this time, no matter what?
    Mr. VanRoekel. In certain cases, definitely, it would be. 
It would be advantageous. But what you have to be careful about 
is looking at the--you don't want to just take bad behavior 
that is local and move it, that bad behavior, to the cloud. You 
should think about, how am I re-architecting these systems? And 
that's part of the underlying work we are doing, thinking about 
these open architectures and modular design and things that are 
going to be evolutionary as well as revolutionary in there.
    Ms. Norton. What kinds of agencies are there where it would 
be cheaper to stay with a data center than to go to the cloud?
    Mr. VanRoekel. In an aggregate world, I don't think it is 
cheaper in many cases that they would not be running to the 
cloud provider. Where it is more around, do I have the money 
today to invest to move that capital expenditure? And I think 
the cheapness equation comes in a single-year view, because 
that is the way we budget in many agencies, versus the long 
year. We often see this with Federal real estate, where it 
would be cheaper to buy a new building than rent an expensive 
building or things like that, where the capital expenditure to 
move is challenging.
    Ms. Norton. Thank you, Mr. Chairman. My only concern is, if 
these systems are really as old and presumably unreliable as is 
implied by this columnist, I really do wonder about 
cybersecurity and about investing in cybersecurity in such old 
systems only to have to reinvest it when the cloud comes.
    Chairman Issa. If the gentlelady would yield?
    Ms. Norton. I would be glad to yield to the chairman.
    Chairman Issa. Perhaps there is one salient point that you 
would appreciate, but 75 percent or so of the budget is spent 
on legacy systems, some of them are so internal and can only be 
run locally and they are operating on obsolete computers and 
obsolete operating systems and they are written in COBOL, they 
are written in Fortran, they are not able to process through 
the cloud at all. They are pretty much hack-proof. That is the 
one good part, is they don't go into cyberspace. Therefore, 
they actually----
    Ms. Norton. You mean all that hacking is done on only cloud 
systems that we read about every other day?
    Chairman Issa. Well, I think the gentleman would probably 
tell you that some of the systems he looks at do not, in fact, 
have a portal for remote access through an Internet-based 
process.
    Mr. VanRoekel. That is right.
    Chairman Issa. That is not the good part. I am just saying, 
it is so bad that hackers can't even bother to go back. There 
are aren't old enough hackers for it, perhaps.
    Ms. Norton. Be grateful for small favors.
    Chairman Issa. If the gentleman from Virginia would give me 
a dispensation, the gentlelady from Illinois and the gentleman 
from--where the heck are you from?
    Mr. Pocan. Wisconsin.
    Chairman Issa. Wisconsin, Madison, Wisconsin, returned so 
promptly, would you mind if I took one of them first?
    Mr. Connolly. Go right ahead, Mr. Chairman. I was just 
going to say, thank you for making that point, though. Who knew 
that actually obsolete and antiquated systems were helping in 
the fight against cyberattacks? Thank you.
    Chairman Issa. You two figure out which one of you go. The 
gentlelady is recognized. Smart move.
    Ms. Duckworth. Thank you, Mr. Chairman. So I hope to build 
on the bipartisan nature that you have started these hearings 
today with.
    My question, which is really one coming from a freshman 
Democrat who is concerned about a Governor's rights and States' 
right. Specifically, 95 percent of our military support to 
civilians within the homeland is conducted at the State level 
through State active-duty status, which is funded out of State 
coffers or Title 32-funded State missions which are Federally 
funded. I am concerned about a Governor's ability to command 
and control his forces, such as during a natural disaster, if 
we defund his State IT network and attempt to replace it with a 
Federal solution that may prioritize Federal military missions 
over National Guard homeland domestic operations. I am 
concerned that building a new Federal solution, such as an IT 
backbone, purchase of routers, the like, could be more costly 
than continuing to fund existing IT solutions that the States 
have already built to meet their specific mission requirements.
    Louisiana and New Jersey have very different needs than my 
home State of Illinois, although some remain the same. And they 
have different commercial IT networks that can be leveraged. I 
would like to see Federal and State Governments leverage 
existing commercial networks for cost savings wherever possible 
rather than pay to build new solutions.
    I am also weary of infringing on a Governor's ability to 
command his or her National Guard forces. As I see it, 
consolidating of IT is a great thing, but it does set up a 
tension between the DOD Federal priorities and the State 
priorities. You know, it works well to consolidate for Federal 
Title 10 mission support, but tends to prioritize the 
Governor's National Guard forces below active component for 
funds. This low priority threatens the ability of Guard forces 
to respond to and coordinate efforts and really for the 
Governor to remain in control of his or her State active duty 
and Title 32 forces.
    So I have two questions and either gentleman can choose to 
answer. The first question is this: How does the centralized 
Federal IT acquisition process support military operations at 
the State level?
    And my follow-on question is, are there any safeguards that 
would ensure that State IT requirements, missions, such as 
under State active duty or Title 32 missions, can be given the 
same priority as the Federal forces under Title 10? Thank you.
    Chairman Issa. Clearly, the gentlelady is not new to asking 
questions.
    Mr. VanRoekel. I am not a subject matter expert on the 
tactical aspects of technology deployment at the State level. 
So especially the second question, I think I would love to take 
back for the record and get you a response that is much better 
than one I would postulate myself.
    But on the first, the military at the State level and 
thinking about integrated acquisition at that level, one of the 
things I think we do pretty well and are getting much better at 
is setting up more centralized requirement gathering. You know, 
one of the main challenges we see, both on the Federal side and 
the private sector side working with the Federal government to 
supply services, is the unpredictability. You know, when we are 
unpredictable in our procurement of cloud computing, for 
example, prices tend to go up, variability in cyber protection 
goes up, and other challenges are presented.
    So I will definitely work with the Office of Federal 
Procurement Policy and DOD to get you an answer to this. But I 
think the essence of this is going to be around not necessarily 
just setting up a one-size-fits-all for the entire country, but 
more around, you know, how are we coming together as a 
community to solve a common mission purpose around a set of 
predictable requirements but flexible requirements that allow 
variability at the State level, I think is essential.
    Ms. Duckworth. And I think it is a very specific case, a 
very narrow situation. You rarely have this type of situation 
where it is the same unit, entity that has both a Federal and a 
State mission. I just want to make sure that we are not 
infringing on a Governor's right to control his or her forces 
when they are under that State active duty or Title 32 and to 
make sure that that is given the same priority by DOD. Because 
if DOD gets access or control over the funds, the acquisition 
funds for the entire military, including Guard, they will 
naturally, I would assume, prioritize Title 10 or active-duty 
missions over the equally important State missions. And I just 
want to make sure that there is some way to ensure that those 
State requirements, as set forth by the Governor, are well 
respected.
    Mr. VanRoekel. Great.
    Chairman Issa. Would the gentlelady yield for just a 
second?
    Ms. Duckworth. Gladly, sir.
    Chairman Issa. When you are answering her question, would 
you sort of try to the best extent you can include how we best 
leverage, either through this act or other things that you are 
currently doing, the dollars being spent federally being made 
available, if you will, for cheap or free to the States? In 
other words, our procurement falling to their benefit, and 
particularly if you look at source code, where a State may 
choose to modify the software but they have to be able to get 
the software and source code basically at no cost for the 
Federal use and then be able to add on their hooks for the 
State. And I think that is a big part of what the gentlelady is 
speaking about. If you could answer how you envision that, I 
think the committee would appreciate it.
    Thank you. We now go to the gentleman from Virginia for 
five minutes.
    Mr. Connolly. Thank you, Mr. Chairman.
    I am going to ask three categories of questions. And I am 
going to do it as fast as I can. And I ask you to be as fast as 
you can.
    Process. It seems to me that when you compare it to the 
private sector, the Federal process is hopelessly out of date 
and not at all suited for this kind of IT procurement. You 
know, you have got long lead times. By the time we have figured 
out the RFP, we have figured out the contract award process, we 
have awarded the contract, we have set the terms, we have dealt 
with the protests, the technology has already passed us by. Or 
the mission, technologically, has been redefined necessarily. 
And we don't seem to be very flexible in addressing that. And 
that is to say nothing of the fact that, you know, we have this 
stovepipe process all over the place.
    The Chairman has pointed out that we have 243 CEOs. That 
sounds likes way too many. What could go wrong with that in 
terms of accountability, a point of decision making? It seems 
almost a system to make sure there is no accountability.
    Your comments, both of you, on process?
    Mr. Powner. That is a very valid point on the long lead 
times. And if you look at many of these large acquisitions, the 
time between major milestones sometimes is years. And that is 
still the case. I think Steve's comments earlier about modular 
development, we need to have the procurement side of the house 
align with the technology side of the house. So modular 
contracting along with development is clearly where we need to 
go so that we can get a bit more modern here in the Federal 
government.
    When you look at the CIO issue, yeah, there are a lot of 
CIOs across the Federal government. The thing we like, and we 
have been looking at large-scale IT acquisition problems for 
years now at the Government Accountability Office, is having 
the Dashboard where you have a single CIO accountable at these 
major departments and agencies that allows you to go someplace 
and get questions answered. And that actually caused a lot of 
problems when the Dashboard was rolled out because there wasn't 
a single person to go to and there was a lot of scrambling that 
needs to go on to get status. And we are still probably feeling 
the effects of that. We like that model where there is a single 
CIO, where you have other CIOs, where you figure out the 
reporting. That is what is really needed.
    Mr. Connolly. Okay. Mr. VanRoekel?
    Mr. VanRoekel. I think on your two points, first, the 
process on long lead, I couldn't agree more on that is a big 
challenge. I think part of solution to this is in existing law 
and exists in the realm of myth-busting, where we are 
explaining to agencies there are new ways and new approaches of 
doing this. The two that are most encouraging to me are, one, 
are just flexible contracts, having an open contract where, 
when you need a resource and you need a developer to develop 
some solution, you need something done, you can call upon them 
and bill as you go. We have seen that as a great model.
    The second is modular contracting, as Mr. Powner said. 
Getting agencies to embrace modularity, smaller deliverables 
that can be done in a much faster pace really ups the level of 
both quality and agility on their ability to deliver. Joe 
Jordan and I delivered just in 2012 modular contracting 
guidance for agencies that is new policy around teaching both 
the acquisition community and the IT community how to deliver 
on modular.
    On the number of CIOs, I think from a titling perspective, 
we have a lot of CIOs. And I think there are many cases where 
there is span-of-control and some government challenges that we 
need to get our arms around, thus, the first memo I issued out 
of my office that went right to the heart of this.
    I think part of the solution to that is, first, getting all 
those CIOs out of the job of things that should be centralized 
across their agency. You know, having multiple email systems in 
an agency doesn't make sense; you should run one. Having 
multiple----
    Mr. Connolly. When you were at our field forum, I thought 
you said that one agency had, like, 36 emails systems?
    Mr. VanRoekel. Yeah. Over 20 I think is what I said. And 
that same agency, over 1,000 mobile contracts. They now have 
one. It is one email system. It is a third of the cost. And the 
1,000 mobile contracts went to a few blanket purchase ones, 
which is massive. So if you get CIOs at the fringe out of the 
business of managing that commodities stuff and more focused on 
the mission of their division or their agency or their bureau, 
you can really up the quality of the citizen services and the 
effectiveness of that agency. And that is part of the magic of 
the mix.
    Mr. Connolly. I am going to run out of time, so I am not 
going to get to all three of the things that I think the 
chairman and I are both trying to look at in the legislation, 
unless the Chairman wants to be a little generous here. I am 
trying to lay some intellectual----
    Chairman Issa. Start asking before you run out of time.
    I ask unanimous consent the gentleman have an additional 
minute. Without objection, so ordered.
    Mr. Connolly. I thank the chair.
    Tom Davis testified about procurement personnel, that that 
is one of our problems, the lack of skill set. Often the person 
selling has a higher skill set than the person purchasing. Your 
views about that problem in the Federal government?
    Mr. VanRoekel. I agree that that is a challenge. You often 
have the person doing innovation in an agency, not the person 
that also purchases. And there is a divide there.
    What we are encouraging--and this is coming straight out of 
the Office of Federal Procurement Policy--is, first, is 
integrated program teams. Getting those communities' human 
capital, acquisitions, IT, finance, and others sitting around 
the table, as I mentioned earlier, and getting involved with 
integrated acquisition teams on specific projects that are of 
high priority is just so essential, to have everyone sitting 
around the table.
    And the second is IT acquisition cadres, getting areas of 
expertise and specialization within agencies that can focus on 
certain solutions or certain challenges. You know, negotiating 
a very effective mobile contract with a mobile carrier is not 
easy and there is some complexity in that. If you have a team 
in government that focuses on it and thinks about it, that is a 
recipe for success.
    Chairman Issa. I think the gentleman.
    Mr. Connolly. I thank the chair.
    Chairman Issa. We now recognize the gentlelady from Wyoming 
for her questions.
    Mrs. Lummis. Thank you, Mr. Chairman.
    And, Mr. Powner, I apologize if this question has already 
been brought up in my absence. But my question is, we know that 
agencies are supposed to analyze legacy systems and try to keep 
ahead of the technology curve, but we also understand from 
GAO's work that many are not doing that.
    Can you describe the extent of that problem and perhaps 
include in your answer roughly how many billions are being 
spent on IT programs for which we have no analysis of where the 
agency is on its technology curve?
    Mr. Powner. Well, let's just talk about framing how much we 
spend on legacy systems. So of the $80 billion, roughly, you 
have $55 billion, or 70 percent is being spent on legacy 
systems.
    There is a very good requirement that OMB has that on an 
annual basis each of the legacy systems need to be evaluated. 
And, basically, what it asks for is this: Is it continuing to 
meet the mission needs? And can it be done in a much more 
efficient way? So with the discussion we had prior about going 
to the cloud, perhaps we can go to the cloud and do it much 
cheaper.
    There are also things we can do with back-end systems. If 
you really went in and analyzed some of these old archaic 
legacy systems, there are tweaks we could do to make that pot 
of $55 billion, we could spend that much more efficiently going 
forward. Cloud is clearly one way to get there.
    What we did is we looked at a small sample. We looked at 
five agencies in the review that you are talking about. And 
what we saw was, the Department of Homeland Security and Health 
and Human Services, they actually had a policy and they were 
doing these operational analyses. Now, they weren't doing them 
well in all cases, but they had a policy and they were doing 
them. We had agencies like DOD, VA, and Treasury, no policy. In 
the year that we looked at, they didn't do a single operational 
analysis.
    So what we found in our little samples, we had about $3 
billion in systems that were not evaluated. So that $3 billion 
investment, technically, that could have been invested much 
more efficiently if we looked at that in the appropriate 
manner.
    Mrs. Lummis. Thank you.
    And a follow-up for Mr. VanRoekel. So knowing that--and I 
assume this is not new information to you--knowing that, what 
is your plan for all agencies to complete operational analysis? 
And when should we expect full compliance? And I say that with 
the caveat that we have been waiting for a clean audit from DOD 
forever. They have never had one. And so now to hear that DOD 
is one of the agencies that has not completed this analysis is 
not surprising either. But do you have a plan to get these 
people onboard?
    Mr. VanRoekel. So it is our expectation that both through 
our policy and accountability mechanisms that agencies will 
step up. And we have made a lot of improvements, as I think has 
been highlighted a little bit here today on IT Dashboard, to 
expose some of the areas where we think the quality of the 
information that is being submitted isn't there or it is just 
lacking altogether.
    One of the features that we have added is data quality 
reports that actually look at, if a date is unrealistic, if 
numbers don't line up, if due dates are too far out, that is 
actually now highlighted on the IT Dashboard to build a level 
of accountability for these agencies. That, coupled with our 
budget guidance, which is putting a lot of pressure on agencies 
to really examine these legacy systems, I think are elements of 
how we are going to get there.
    You know, something I used every day because I was part of 
a team that ran a pretty large P&L within the private sector 
company I was a part of, was depreciation. You know, we thought 
every day about, how do we wind down the things we have done in 
the past in order to fund the things going forward?
    You know, we used our balance sheet as a strategic tool. In 
the public sector, we tend to use the balance sheet just as an 
auditing tool, just to check back on how we have done. And a 
clean audit is success, versus are we properly managing this 
turnover of old and giving to new, stealing from the OPEX 
column to give to the CAPEX column. So the budget guidance gets 
right to the heart of this, and I think will inspire more 
action than actually doing oversight assessments through the IT 
Dashboard. By telling agencies you need to cut 10 percent and 
you need to take 5 percent of that and put it back into the top 
of your priority list, I think we will start to see more 
turnover. And definitely from a trending analysis, looking at 
where the old system support is going, we are now starting to 
see it, which is very encouraging.
    Mrs. Lummis. And, Mr. Chairman, one more question.
    For either of you, have you seen a State that represents 
the best practice among States in getting a handle on these 
same issues? I know in my State, I was in all three branches of 
State government during different times in my life. And in 
every branch of State government, we struggled with these very 
issues, especially in the executive branch.
    So is there a State that is the leader in this that even 
the Federal government could look to for some streamlining?
    Chairman Issa. If you say Wyoming, you will get a lot of 
points here. Illinois will work, too. Southern California.
    Mr. Powner. I don't know if I can point to one State, but I 
will say this, because we do a lot of work with the National 
Association of State CIOs. And I think when you look at the 
budget situation in a number of States across the country, they 
were forced to consolidate data centers. They had no choice. 
Things were getting cut and they needed to find ways to lower 
their overall budgets.
    So there are a number of states that I am aware of through 
the National Association of State CIOs, but they face very 
similar problems. They are trying to put in place Dashboards so 
they get better performance on their large acquisitions. But I 
do think you will see many success stories at the State level 
on data center consolidation.
    Mr. VanRoekel. And the other thing we are seeing at the 
State level is groups of States now getting together and saying 
let's create a regional authority to look at sharing 
procurement, sharing technology, and sharing other things. And 
that has been very successful as well.
    Chairman Issa. Excellent.
    Mr. Pocan?
    Mrs. Lummis. Thank you, Mr. Chairman. I yield back.
    Chairman Issa. I would say so.
    Mr. Pocan. Thank you, Mr. Chairman. And thank you, 
gentlemen.
    I am going just going to ask one question and then I am 
going to try to yield my time back to Mr. Connolly so he can 
get his third question in.
    Mr. Powner, I know there has been some progress made in 
consolidating data centers, but your GAO report highlighted 
that many agencies have failed to produce complete data center 
inventories and plans and the vast majority even the basic 
requirements, such as schedules and cost estimates. And that 
without these plans and inventory there is a lack of 
consistency among agencies, it is difficult to summarize 
projections. I was just wondering, based on your research, why 
are so many agencies failing to complete these requirements?
    Mr. Powner. So a couple comments here. We looked two 
periods of time looking at data center consolidation 
inventories and plans. And you are right, the last time we 
looked, the last we reported, there were three agencies that 
had complete inventories, that was SSA, HUD, and National 
Science Foundation. And then only one agency had a complete 
plan when you look at the requirements that were laid out by 
OMB, and that was the Department of Commerce.
    Some agencies, like DOD, really struggle to get their arms 
around their inventories. It is somewhat expected. But our 
point is that you need to keep on, on the task, make sure that 
you identify all those centers that are out there so that you 
can look to optimize, consolidate, and ultimately save money.
    There has been a lot of good work. I mean, we now know 
there are almost 3,000 data centers across the Federal 
government. There has been this goal to close about 1,200 of 
them. Ultimately, you want to get to a point where you get away 
from the inventories and plans and you get down to the action 
on actual optimization and consolidation. And that is really 
what we are looking with our recommendations going forward. 
With sound baselines, that is clear. But ultimately, it is 
about the actions. And that is why I say when you look at the 
ultimate performance metric on data center consolidation, 
whether you are talking consolidation, optimization, it is 
dollar savings. And if DOD says there is $2.2 billion, there is 
probably more than that. And I think the estimate of $3 billion 
that OMB has, it is likely more than that also.
    Mr. Pocan. Thank you. And then I would just like to yield 
my time to Mr. Connolly.
    Mr. Connolly. I thank my colleague.
    And the third set of questions I wanted to ask, again 
referring to the testimony of our former colleague, the 
chairman former chairman of this committee, Tom Davis, he 
talked about how budgets matter, especially when we put 
ourselves on a continuing resolution. He actually said it 
stifles innovation, it sets us back in terms of thoughtful 
Federal IT procurement.
    I want to give you both an opportunity to comment on that, 
your views about that.
    Mr. VanRoekel. When I was in the private sector 
implementing solutions in technology or even building products, 
about 2 days after the beginning of the fiscal year we would 
get our full year budget. And of course we had to make 
adjustments based on quarterly returns and things, since we 
were a large enough division to affect the stock price and 
other parts of the balance sheet.
    But in large part, we were able to predict, you know, not 
only what our operating budget was that year, but based on 
certain other parameters we could make investments that were 
around solutions that were going out into out years. I could 
say I am going to incubate a product, I am going build it, and 
it is going to take 4 years to do it, but it is going to have 
this much ROI at the end of that.
    In the Federal government, we often face a situation where 
we get to back-to-back CRs or other elements where the money 
that is budgeted is allocated so late in the fiscal year that 
you have 2 to 3 months, if that, often to not only procure what 
you are hoping to procure once you know the money you have, but 
then try to implement and get things done in time. And that is 
a real limiter on the ability to drive innovation and a long-
term view of where you could go with some of this. We have seen 
capital budgeting and some other things in government be 
helpful in that area.
    Mr. Connolly. Mr. Powner?
    Mr. Powner. Well, in addition to innovation, I know I do 
work specifically on weather satellites. And there has been 
situations where with the weather satellites, they are very 
important, you look at polar-orbiting satellites in this 
country, they were essential to predicting the Sandy 
superstorm. That was a real success story in terms of the 
accuracy of when that storm hit. It was spot-on, due to these 
weather satellites. And I know the current acquisition on those 
satellites has been affected in a negative way due to some CRs.
    Mr. Connolly. Well, I thank you both very much. I do think 
it is other constraint we have to look at in terms of our own 
process in Congress and how, perhaps unwittingly, we contribute 
to some of the problems in the whole process of Federal IT 
procurement. Thank you both so much.
    Thank you, Mr. Chairman, and I thank my colleague.
    Chairman Issa. Thank you. Would the gentleman further 
yield? Thank you. I just want to have something answered for 
the record.
    This committee took a keen interest under both Mr. Waxman 
and Mr. Davis in the failures of FTS 2000, the 
telecommunications modernization. At least at the last time 
that we had a hearing, what we found was that agencies had 
simply refused--they didn't say refused--but never implemented 
the cost savings that came with modernization.
    We now have, it has now been renamed in that 2009 networks. 
And many agencies are still struggling to, if you will, take 
advantage of cost savings of buying better telecommunications 
for less. And as we talk about the cloud, obviously, if you 
don't have a low-cost, high-speed Internet connection, you are 
going to also resist the cloud.
    So could you, there is no time left right now, but either 
at the end or in writing, if you would answer on your vision of 
where we go there, because, tangentially, it is part of the 
problem.
    Chairman Issa. With that we recognize the gentleman from 
Tennessee, Mr. Duncan.
    Mr. Duncan. Thank you very much, Mr. Chairman. And it seems 
to me that this is a pretty important subject, and I appreciate 
your calling this hearing. And I think almost every member 
should be upset or should be at least concerned if they would 
read what was in our committee memorandum. And it says, 
``Despite spending more than $600 billion over the past decade, 
too often Federal IT budgets ran over budget, behind schedule, 
or never deliver on the promised solution.'' And it says, 
``Some industry experts have estimated that as much as 70 
percent of new Federal IT acquisitions fail or require re-
baselining''--70 percent. I mean, that is almost a shocking 
figure that I don't think we would accept in almost any other 
field.
    Just a week and a half ago, I read in the New York Times a 
story that said that conversion to electronic health records 
has failed so far to produce the hoped-for savings in the 
healthcare costs and has had mixed results, at best, and said 
optimistic predictions by RAND in 2005 helped drive explosive 
growth in the electronics records industry. And yet today it 
says this 2005 report that helped lead to all this explosion in 
the technical equipment for the Federal government was paid for 
by a group of companies, including General Electric and Cerner 
Corporation, that have profited by developing all this 
equipment.
    And so often in other committees I have heard, whenever a 
government agency messes up they always say one of two things 
or both. They say they are underfunded or their technology is 
outmoded or out of date. And yet the technology in the Federal 
government is usually much newer than anything that most of the 
private sector has.
    And I was thinking about this a few minutes ago, and I 
thought back to something that former Governor Rendell, when he 
was mayor of Philadelphia many years ago, he was having trouble 
with city employee unions. And he testified in front of the 
House Ways and Means Committee and he said that government does 
not work because it was not designed to. He said, there is no 
incentive for people to work hard, so many do not, there is no 
incentive for people to save money, so much of it is 
squandered.
    And what I keep seeing in this, the only people who really 
understand this subject are techies who want us to buy all the 
newest and latest equipment and all the bells and whistles even 
though we really can't afford it and it is not cost effective 
it is not producing the results that we are paying for.
    And so I guess the only real question I have is, can either 
of you think of any way that we could put more good Federal 
employees, since the money to buy all this new equipment and 
spend all these mega-billions each year is not coming out their 
pockets. So they don't really have any incentive or any 
pressure to hold these down costs or not buy new equipment 
every year or every other year.
    Is there some way that we can get some incentives or 
pressures to do better? I mean, surely we sure need to do 
better in this area.
    Mr. VanRoekel. I very much agree. And I am in my job now 
largely because of that fact. And I think we are able to have 
much of the conversation. You were able to cite some of the 
statistics you were in your comments because we are making 
progress in these areas.
    The accountability mechanism of the IT Dashboard, the 
ability for us to put a public-facing Web site up that says, 
here is what we are doing in government and IT, here is where 
people are implementing certain technologies, here is what is 
happening, down to a very granular level with new features 
being added to that all the time is creating a really 
interesting dynamic of accountability relative to the delivery 
against those Federal projects and priorities.
    I think that is part of the equation. I also think we need 
to change the way we do business inside government. The way we 
build solutions is a very mid-20th-century, mid- to late 20th-
century kind of view, where in the 21st century we have a much 
different model of building solutions.
    When I was building products at Microsoft, I wouldn't have 
thought to take a government-like approach to anything. It was 
all about speed and modularity and the ability to build in a 
very fast way high-quality outcomes. And in the government, 
that hasn't been the norm, to your comments. And I think we 
have the ability to change that through good policy, which we 
are implementing now.
    Mr. Duncan. All right. Mr. Powner? You see my point? I 
mean, I own two cars; one is a 2003 and one is a 2006. But if 
somebody else was paying for it, I might be out there trying to 
get one that has got better, newer equipment. And I think that 
is the problem.
    Mr. Powner. I do agree with Steve's comments about the 
Dashboard. I think the accountability through the Dashboard, 
where you have someone who is responsible for those investments 
and if they are not being delivered appropriately, there needs 
to be accountability. Someone needs to be able for answer to 
that. Because there is a lot of dollars. We are talking about 
$80 billion we spend here.
    To give you an example, in the report, my written 
statement, we did a report looking at successful IT 
acquisitions. So we went to the top 10 spenders and we said, 
give us one example of a success story where something was 
delivered, it is in operations, users are using it, and it was 
somewhere in the ballpark of cost and schedule. And there are 
seven examples, seven agencies gave us one. And that includes 
DOD. And you can read about those projects in there.
    But there were three agencies couldn't give us
    one. Three agencies could not give us one success story of 
a mission-critical system that was delivered recently. That is 
sad and someone should be held accountable for that, if we are 
spending $4 billion, $5 billion, $6 billion at these agencies 
and they can't give you one success story.
    Mr. Duncan. Maybe we should come up with some bonus 
programs for Federal employees who save us money in this area 
in some way.
    Thank you very much.
    Chairman Issa. I thank the gentleman.
    For the record, would you mind doing some quick research on 
the three agencies that couldn't give you any examples and find 
out whether they had contracts that paid bonuses and whether or 
not employees received bonuses for overseeing those contracts 
that they couldn't give you, to the extent that you can?
    As we close, this committee has taken note in the past of 
FedRAMP, something your predecessor began. We thought and still 
believe that it shows great promise. My understanding is, to 
date, we don't have, out of the five tests, if you will, up-
and-running sites that can be sold, that are FISMA compliant, 
that can be sold across the government. If you would answer for 
the record your vision of how you get from zero to five or more 
and any other information you'd like to give us, that will 
probably be a follow-up hearing.
    Mr. VanRoekel. Yes, sir. We are actually at one right now, 
as of the last couple of----
    Chairman Issa. Conditional or provisional.
    Mr. VanRoekel. Authority to operate, yes.
    Chairman Issa. I understood they were provisional in some 
way. Is that just a term?
    Mr. VanRoekel. No, we have one vendor that does have an 
official authority to operate.
    Chairman Issa. Okay. So there is one to sell.
    Mr. VanRoekel. That is right. And we have 78 in the 
pipeline behind them. And we are processing through the 
pipeline right now those 78. So you will start to see more and 
more coming online in short order.
    Chairman Issa. Excellent.
    Mr. VanRoekel. And we expect 2013 will be a big year for 
getting vendors online with FedRAMP.
    Chairman Issa. Okay. Well I appreciate that. That is a why 
where we'd like to have a good news story.
    I would like thank our panel. You have been very patient 
through the votes.
    And with that, we will set up for the next panel.
    We now welcome our third panel, beginning with Mr. Douglas 
Bourgeois. He is vice president and chief cloud executive at 
VMware, spoken about earlier as an entity that allows us to 
leverage multiple operating activities on a single piece of 
hardware.
    Mr. Michael Klayko is the former CEO and current advisor to 
Brocade Communication Systems, Inc.
    And Mr. Chris Niehaus is the director of Microsoft U.S. 
Office of Civic Innovations, meaning, you are bringing us what 
is good and modern, something we were talking about wanting in 
the last panel.
    Again, you saw this earlier. Pursuant to the committee 
rules, would you please rise to take the oath and raise your 
right hands.
    Do you solemnly swear or affirm the testimony you are about 
to give will be the truth, the whole truth, and nothing but the 
truth?
    Let the record indicate that all three witnesses answered 
in the affirmative.
    Again, as the previous panel, we would ask you to please do 
your best to limit to 5 minutes, and we will do the same.
    Mr. Bourgeois?

                 STATEMENT OF DOUGLAS BOURGEOIS

    Mr. Bourgeois. Thank you. Chairman Issa, Ranking Member 
Cummings, and members of the committee, thank you for this 
opportunity to discuss how the Federal government can reform 
its information technology investment strategy. Technology has 
always evolved rapidly, and that rate has accelerated to a pace 
that we have never seen before. Unfortunately, the government's 
methods for the acquisition and utilization of IT have not 
evolved in a manner that keeps pace with this innovation.
    We believe that there are three fundamental challenges that 
should be addressed for the government to effectively leverage 
advancements in technology. These are complexity, expertise, 
and culture.
    The IT acquisition environment is too complex. Advances in 
technology, such as virtualization and cloud computing, have 
rapidly accelerated the delivery of IT resources and made 
organizations more agile. Technology resources that once would 
have taken weeks, if not months to deploy can be carried out in 
a matter of minutes. By leveraging such dynamic capabilities, 
organizations are able to respond very rapidly to changing 
market conditions without making substantial capital 
investments in technology. But the IT acquisition process in 
the Federal government still moves at glacial speed.
    In addition, these innovative technologies have turned a 
significant amount of IT products and services into 
commodities. The government should acquire these commodity 
technologies using performance-based contracting methods that 
address the longstanding tendency of the government to over- 
specify their requirements. Furthermore, the use of 
performance-based contracting methods, such as share and 
savings contracts, would also lower the risk of underperforming 
IT acquisitions and increase accountability for vendors.
    Another way to simplify IT acquisitions is to simplify the 
overall IT environment within which IT products and services 
operate. Thus, the Federal government should continue with the 
efforts to consolidate and reduce the number of data centers 
government-wide. But the consolidation effort should not stop 
there. Other simplification tactics, such as virtualization of 
the networks and desktops, as well as the elimination of 
duplication of applications would drive further savings across 
the government.
    The high degree of complexity in both the acquisition 
environment and the data centers throughout the government puts 
a tremendous strain on the workforce. In addition, studies have 
shown how the shear volume of Federal acquisitions has grown in 
recent years. At the same time, the staffing level of 
acquisition professionals has not kept pace with the growth.
    Let me be clear in saying that while the growth itself is 
an issue, it is not the only issue. Existing efforts to 
increase the expertise of the IT acquisition workforce, such as 
the use of cadres and certification programs, should be 
expanded. The increased use of intern programs, perhaps in 
partnership with universities, and IT specializations should be 
established.
    However, the IT acquisition workforce isn't the only area 
where additional expertise is required. Certain technical 
resources within IT organizations should also be trained and 
certified to develop the necessary level of expertise in 
critical technologies. As we have heard in the testimony 
previous hearing, that if the government staff that don't have 
the level of expertise as the contractors do, then there are 
going to be problems that occur as a result.
    The third and final area in need of change is the culture. 
The decentralized approach to IT acquisition across the 
government has created a culture that is detrimental to 
performance and efficiency. The highly distributed approach 
also makes it difficult to gather data for analysis and 
transparency. This overall culture needs to become more 
centralized with areas of IT specialization to improve 
efficiency. Acquisition centers need to become more services-
based with built-in incentives for performance and 
accountability. For example, IT acquisition centers should 
publish commitments to customers that clearly specify the 
timeliness and other performance criteria in advance.
    Contracting tools are also duplicated and inefficient. A 
collaborative tool should be developed to foster more efficient 
handling of complex acquisition material, to track the 
responsiveness of program and acquisition professionals, and to 
increase transparency.
    But the acquisition culture isn't the only one that needs 
to change. As the transition to cloud computing continues, IT 
organizations also need to transform to an IT-as-a-service 
model as well. Government CIOs must be in position to 
effectively carry out the responsibilities as the role of the 
IT organization changes to be more of a broker of service 
options.
    For this reason, I strongly support strengthening the role 
and authority of agency-level CIOs to reflect the intent and 
requirements of the Clinger-Cohen Act. I also suggest that the 
structure of the IT budget needs to evolve to be more 
compatible with the industry trend away from capital 
investments and towards operating expenses.
    In closing, we commend the leadership of the current and 
previous Federal CIOs to set the right course for Federal 
government. The journey to IT as a service has already begun 
through the consolidation of data centers and cloud first 
policy. In order to continue making progress, the methods for 
the acquisition and management of IT resources needs to evolve. 
Specifically, changes need to be made to address the changes of 
complexity, expertise, and culture.
    We thank you for the opportunity to participate in this 
hearing today on this very important matter.
    Chairman Issa. Thank you.
    [The statement of Mr. Bourgeois follows:]
    [GRAPHIC] [TIFF OMITTED] 79790.034
    
    [GRAPHIC] [TIFF OMITTED] 79790.035
    
    [GRAPHIC] [TIFF OMITTED] 79790.036
    
    [GRAPHIC] [TIFF OMITTED] 79790.037
    
    [GRAPHIC] [TIFF OMITTED] 79790.038
    
    [GRAPHIC] [TIFF OMITTED] 79790.039
    
    [GRAPHIC] [TIFF OMITTED] 79790.040
    
    [GRAPHIC] [TIFF OMITTED] 79790.041
    
    [GRAPHIC] [TIFF OMITTED] 79790.042
    
    [GRAPHIC] [TIFF OMITTED] 79790.043
    
    [GRAPHIC] [TIFF OMITTED] 79790.044
    
    [GRAPHIC] [TIFF OMITTED] 79790.045
    
    [GRAPHIC] [TIFF OMITTED] 79790.046
    
    Chairman Issa. Mr. Klayko, I understand that you have a 
flight to catch?
    Mr. Klayko. There will be another one.
    Chairman Issa. There will be another one.
    Mr. Klayko. There will be another flight. This is too 
important.
    Chairman Issa. Thank you. I certainly appreciate it. You 
are recognized.

                  STATEMENT OF MICHAEL KLAYKO

    Mr. Klayko. Good afternoon. I, too, would like to thank 
you, Chairman Issa and Ranking Member Cummings, for this 
opportunity to present testimony in today's hearing, for your 
great work you are doing to reduce waste in Federal information 
technology spending. I say this as a business leader and an 
American taxpayer. It is a privilege to be here, so I want to 
thank you for that.
    I served as the CEO of Brocade Communications from 2005 
until last week, where the company announced a new CEO. I 
announced my intention to resign as CEO in August of 2012. And 
I have been an employee and advisor to the company during this 
transition period.
    I have also had the opportunity to visit Washington, D.C., 
many times a year as the CEO of Brocade, a well as the former 
chairman of Silicon Valley Leadership Group, which is an 
organization of 395 member companies representing Silicon 
Valley's largest companies. As the chairman of that group, 
collectively we employ 1.6 million Americans and have a market 
cap of about $2 trillion. So I am honored to speak with you 
today not just representing my company but the people also in 
the valley. I hope with my experience that I have had in the 
past since being in technology since 1975, I can share some of 
the things that have been of interest to us that should be of 
interest to you.
    I would also like to share Brocade's experience with the 
way Federal government acquires IT equipment and services. My 
perspective is that of the CEO chartered with managing the 
growth of a company. Brocade is a true Silicon Valley startup: 
Four guys, a keg of beer, and an idea, and a dog in 1995. And 
now 2-plus billion dollars, we compete on a world stage. I 
truly believe we are an American treasure as we face fierce 
competition everywhere we go and we win. We sell about $250 
million a year annually of network technology to the Federal 
government, and they are the backbone of the Nation's critical 
infrastructure.
    Some of the challenges we see today are outlined, 
obviously. But when Federal agencies rely on a single OEM, or 
original equipment manufacturer for IT solutions like 
networking, server, storage technology, and the like, it 
creates situations where the majority of the spending goes to 
supporting legacy environments. Those legacy environments in 
equipment, operations and maintenance. This is wasteful, denies 
Federal agencies the benefits that come from more competitive 
and innovative environments.
    One common practice that we have observed in Federal IT 
procurement is the use of brand name or equivalent 
requirements. I want to be clear. There are many situations 
where you need to specify a particular product or brand. In 
those case, sole-source justification can be made when no other 
technology is available to meet the requirements.
    But I am not talking about those cases. Instead, I will 
focus on the cases where Federal procurement purchasing 
organizations use brand name requirements in requests for 
proposals, request for quote, technical reference models. An 
example, device is listed by name and part number, example, ABC 
Router 2000, to signal the type of technology being sought in 
the bid and it is followed by the phrase ``or equivalent.''
    Brand name or equivalent requirements incorporates all the 
features and function of a particular brand product, however, 
all these specific features and functions may not actually be 
needed by the agency to meet the mission, therefore putting the 
agency in a position for paying for features and functionality 
that are not necessary.
    Systems integrators see brand name or equivalent 
requirements and they don't want to use non-ABC products in 
their bids. First, they are concerned that the technical 
committee will reject the proposal if the package does not 
include the specific ABC product, therefore eliminating them 
from the opportunity to secure a bid. They are also concerned 
with the extra time and effort needed on their part of the 
technical committee evaluation.
    And second, many Federal contracts have specific delivery 
dates and they fear that testing an alternative solution may 
cause a delay in the project, thus eliminating them as a 
possible provider of an alternative solution.
    In the purchase of information technology, this creates a 
perception of bias and limits the technology that integrators 
and value-added resellers can provide and will provide. The 
combination of these proprietary features of the brand, the 
bias created, and the fear of losing dramatically limits the 
available alternatives and hampers the ability of government 
contracting officials to fairly evaluate solutions.
    Ultimately, depending on a single OEM for a majority of any 
IT solution increases the cost in two important ways: Limiting 
competition, missing out on innovation.
    So there are options that can be considered, such as open 
industry standards. When acquiring IT equipment and services, 
Federal agencies should seek out features, functions, and 
capabilities relying on open industry standards to maximize 
competition and innovation. We hope that you will continue to 
support that.
    I have many examples that I would like to share in a 
question-and-answer session. But I would like to thank you for 
this testimony today. Look forward to questions and continued 
discussion.
    Chairman Issa. Thank you.
    [The statement of Mr. Klayko follows:]
    [GRAPHIC] [TIFF OMITTED] 79790.047
    
    [GRAPHIC] [TIFF OMITTED] 79790.048
    
    [GRAPHIC] [TIFF OMITTED] 79790.049
    
    [GRAPHIC] [TIFF OMITTED] 79790.050
    
    [GRAPHIC] [TIFF OMITTED] 79790.051
    
    [GRAPHIC] [TIFF OMITTED] 79790.052
    
    Chairman Issa. Mr. Niehaus?

                   STATEMENT OF CHRIS NIEHAUS

    Mr. Niehaus. Chairman Issa, Ranking Member Cummings, and 
distinguished members of the committee, good afternoon. My name 
is Chris Niehaus, and I appreciate the opportunity to discuss 
the government's IT investment strategy.
    I am the director of Microsoft's U.S. Office of Civic 
Innovation, and my team focuses on delivering innovative 
solutions to government customers. I hope Microsoft's extensive 
experience helping public and private sector customers around 
the world will help this committee.
    Microsoft supports the committee's goals of reducing the 
cost of legacy systems, decreasing duplication, utilizing cost-
effective commercial technologies, and maximizing best value. 
Our experience has taught us three lessons that support these 
goals. Number one, agencies can reduce IT costs by not only 
reforming how they buy IT, but also by more effectively 
assessing and management existing assets. Number two, 
successful IT solutions result when the private sector 
collaborates with government to provide commercial devices and 
services to meet agency missions. And number three, the 
government gets the best value when it uses full and open 
competition and clear, mission-focused requirements.
    As to the first lesson, to reduce IT costs, GAO reports 
confirm that better management of existing assets is just as 
important as reforming the acquisition process. A great way to 
improve IT asset management is making the OMB-recommended 
operational assessments and inventories mandatory for CIOs and 
requiring them to analyze existing assets, needs, and new 
technologies when starting major IT acquisitions.
    An instructive lesson from the private sector is that 
problems are best solved closest to the mission, which is the 
case would mean keeping reform efforts at the agency CIO level.
    We in industry can help with IT asset management. Gartner 
studies show that agencies can lower total costs of ownership, 
up to $2,500 per year, per desktop, simply by better managing 
technologies they already own. They can further lower costs up 
to an additional 30 percent by using virtualization 
technologies to move certain applications and desktop 
functions, like Microsoft Office, to the cloud. Agency CIOs 
tell us that they favor the flexibility of cloud-based delivery 
because it helps them move their IT investments from rigid 
capital budgets to operating expenses. And industry can also 
agencies consolidate resources where appropriate. For example, 
the Microsoft Joint Enterprise Licensing Agreement, or JELA, 
recently signed with the Army, Air Force, and DISA addresses 
common needs of each licensee while still addressing unique DOD 
security requirements.
    As to the second lesson, agencies can buy more cost 
effectively by making smarter use of commercial IT, which costs 
less and often performs better than custom IT. The key is close 
and early collaboration among agency CIOs, procurement 
officers, and industry beginning when the government first 
starts developing requirements so that it can better understand 
commercial market capabilities and avoid the familiar problem 
of drafting requirements behind closed doors and hoping that 
the market will deliver.
    As an example of strong collaboration, we are working with 
the Air Force to determine how Microsoft's Xbox Kinect, a 
motion-sensing game controller that costs about $110, can be 
used to serve as a rehabilitation tool for wounded warriors. 
Such creative and agile collaboration would be less possible if 
the government went back to centralized government-wide IT 
acquisition models.
    Similarly, it would make it harder for the government to 
get the best that the commercial marketplace has to offer by 
adopting new acquisition structures focused on so-called 
commodity IT. In my experience, the term commodity IT is not 
used in the commercial market. Not even something as ubiquitous 
as email is treated as a commodity. The recent GSA email-as-a-
service blanket purchase agreements, or BPAs, distinguish seven 
different types of cloud email, depending on security and other 
requirements. Moreover, unlike pencils, paper, and other true 
commodities, agency missions and information technologies never 
stop evolving.
    And as to the third lesson, best value means more than 
simply lowest initial cost. Rather, agency CIOs should be 
required to make best-value determinations in a technology-
neutral fashion, avoiding preferences for any particular 
license model and using a set of core factors, including total 
cost of ownership, security, privacy, accessibility, record 
integrity, data portability, and openness of standards.
    Agency CIOs should also be empowered to prioritize among 
these factors based upon the mission being supported. When 
agencies are clear about which factors will be prioritized and 
what requirements must be met, industry can and must be equally 
transparent about how our devices and services satisfy the 
government's requirements.
    In conclusion, Microsoft looks forward to working with 
Congress in this critically important area. Together, I am 
confident we can provide IT solutions that will maximize best 
value and decrease total cost of IT ownership across agencies.
    I thank you and look forward to answering your questions.
    Chairman Issa. Thank you.
    [The statement of Mr. Niehaus follows:]
    [GRAPHIC] [TIFF OMITTED] 79790.053
    
    [GRAPHIC] [TIFF OMITTED] 79790.054
    
    [GRAPHIC] [TIFF OMITTED] 79790.055
    
    [GRAPHIC] [TIFF OMITTED] 79790.056
    
    [GRAPHIC] [TIFF OMITTED] 79790.057
    
    [GRAPHIC] [TIFF OMITTED] 79790.058
    
    [GRAPHIC] [TIFF OMITTED] 79790.059
    
    [GRAPHIC] [TIFF OMITTED] 79790.060
    
    [GRAPHIC] [TIFF OMITTED] 79790.061
    
    [GRAPHIC] [TIFF OMITTED] 79790.062
    
    Chairman Issa. I will recognize myself.
    Mr. Niehaus, your statement, I got a little confused on, so 
let me see if we can straighten it out. I understand that 
government always starts off asking for COTS when they are told 
to and then distorts and mangles it to where no one would 
recognize it as commercial off-the-shelf. Is that what you are 
sort of saying?
    Mr. Niehaus. Mr. Chairman, we fully embrace and support the 
term COTS, commercial off-the-shelf software.
    Chairman Issa. But I guess my questions is, are you saying 
there no such thing as COTS----
    Mr. Niehaus. No.
    Chairman Issa. --because there shouldn't be or there is no 
such thing as COTS because the--particularly DOD as an 
example--is used to abusing the process of starting with COTS 
and then demanding changes that make it unique such that in 
your opening statement you even mention that DOD when using 
highly commercial software had to de-conflict within DOD with 
different security requirements?
    Mr. Niehaus. Mr. Chairman, the term COTS we fully support 
in industry. The term commodity IT we do not see as an 
interchangeable definition for COTS. We believe that that term 
is--we do not see that in the private sector today----
    Chairman Issa. Okay. But let me follow up, because this is 
really the essence of what you said, and then I want to get to 
the other witnesses. Email is a commodity, isn't it?
    Mr. Niehaus. I don't believe that, Mr. Chairman.
    Chairman Issa. Okay.
    Mr. Niehaus. I believe email, for example, under the GSA 
BPA, there were seven different lots awarded for that based off 
of different requirements. And there were very few vendors that 
were able to satisfy all of those lots under that agreement. A 
true commodity would be able to support all of them equally.
    Chairman Issa. I think what makes me snicker just a little 
bit is, in the private sector, to the business world, and one 
time a few years ago I was over in the committee next door and 
I dispassionately implied that Lotus Notes didn't exist anymore 
and I was quickly told that the White House was still using it, 
basically, and spending a lot of money on it. And IBM made it 
very clear that they still had a thriving business in legacy 
software, because some lawyers hadn't given up on it and, 
therefore, we were spending millions to maintain it.
    Let's go back again. At any given time, things like email, 
Microsoft being a market leader in it, Google, obviously, 
having a market share and a few others, in the private sector, 
to the gentleman sitting next to you, if I asked him if that 
was a commodity in his business, would he say yes or no?
    Mr. Niehaus. The question is directed to me?
    Chairman Issa. I am asking you. I will get to Mr. Klayko.
    Mr. Niehaus. I would say that by definition it is not a 
commodity.
    Chairman Issa. I am not trying to mistreat you, but I want 
to represent the time. Mr. Klayko, I am taking a big risk here. 
In the private sector, to CEOs at businesses, do you view it as 
a commodity that you buy what meets your needs, or that you 
feel you have to design your own email system around your 
company's culture?
    Mr. Klayko. We buy what is available.
    Chairman Issa. Now, I am going to chance that the VMware 
model is you don't make up your own email, is that right?
    Mr. Bourgeois. That is correct. And you, Mr. Chairman, 
demonstrated an understanding of our core technology and how it 
fits into the scheme of consolidation. But on the matter I 
would say two quick things. One, call it what you want, but an 
x-86 server with a certain amount of memory and a certain 
amount of CPU is exactly the same as another one that has the 
same capability and capacity. And so whether you would call it 
commodity or not, there is a certain degree, and because 
technology is evolving rapidly more and more every day of 
capabilities that are essentially not important to the overall 
solution and could be automated and carried out in a very rapid 
fashion.
    Chairman Issa. And doesn't your company basically process 
that processing power and say, if I am going to have a bigger 
machine, I am going to have 12 different operating systems on 
it, or four, because I want to leverage the maximum efficiency 
of both the CPU and the DASD.
    Mr. Bourgeois. And that is the second point I was going to 
go to. So the first point is that the technology exists to be 
able to pool the resources together and share them among many 
different applications, which, as the previous panel described, 
that there is a tendency of legacy in the industry to keep 
things vertical and siloed, which drives up the cost structure. 
And the second shift is away from an operating system-centric 
approach to applications and solutions to a more cloud or 
virtual data center-centric approach, and that in itself lends 
itself to an increasing uniformity of the solution, so that the 
overall underlying components don't matter as much.
    Chairman Issa. And, Mr. Niehaus, I just want you to 
understand, I am not disagreeing with you that government finds 
a way to make nothing COTS and nothing commercial, but when the 
GSA went out for emails, every email system that they found 
acceptable happened to be commercial off-the-shelf. So the 
commodities were in fact different flavors of branded product.
    Mr. Niehaus. Correct. I want to be clear, Mr. Chairman, 
that I am not disputing commercial off-the-shelf software is 
valuable and ideal for government. The term commodity is not a 
phrase that I experience in the private sector. And so without 
more clear definition, and if commodity means commercial off-
the-shelf software, then that certainly is a discussion we 
should have.
    Chairman Issa. I appreciate that, and if I could have an 
additional minute.
    Mr. Klayko, I want to follow up with you and finally. I am 
very sensitive of the fact that before I came here I had the 
honor of serving as chairman of the Consumer Electronics 
Association and I was on the board of EIA. Should the 
government make a concerted effort to reach out to standards 
organizations and leverage them instead of saying, I want to D-
Link 24-port switch or equivalent. Is that really where we need 
to get out of this lazy tendency to say this would work or 
equivalent and say, what is the standard and can we leverage 
organizations in which maybe all these companies belong to have 
a common statement?
    Mr. Klayko. I think it would go a long way with simplifying 
the procurement process, the deployment process, the 
manageability. If you deploy to open standards you can take 
advantage of the innovation as it comes along over time. I have 
heard lots of facts and figures today, and as a taxpayer, I 
have to be honest, my hands were sweating. Some of the 
statements were appalling. I will just go on record. And we 
know that these are issues. We ought to try to address them.
    Open standards will not fix all of them, but it goes a long 
way, because you put a baseline and it actually encourages 
competition and innovation. Competition and innovation, as you 
know, encourages better price performance.
    Chairman Issa. Thank you.
    And I now recognize the ranking member, and thank you for 
your indulgence.
    Mr. Cummings. Oh, no problem.
    You all heard the testimony earlier with regard to 
personnel in government, people being sophisticated, that kind 
of thing, problems that you heard about earlier in the second 
panel. I am just wondering, did you have any comments on those, 
such as it seems to be a--you know, I sat here and I said to 
myself they sounds like it is too big to be successful. And I 
am just curious, do you have any comments? That is, our whole 
government IT situation. Any comments?
    Mr. Klayko. I will take a swing at it.
    Mr. Cummings. Yes, take a swing.
    Mr. Klayko. It is a pretty big question, pretty broad. I 
think you have to continue and invest in people at the end of 
the day. There are various aspects of technology deployment. I 
am a very big believer in people. I think there is a myth that 
all the private sector gets all the smart people. I think that 
is a myth. The fact of the matter, I think there is equally 
number of smart, intelligent, as well as highly trained people 
in the government.
    I compete very rigorously for people in the technology 
world. In Silicon Valley is vicious. It got to a certain point 
where I couldn't find enough people, so what I ended up doing, 
I created my own university where I had to get people in and I 
had to train them because you can't continue to steal from each 
other so you have to go ahead and change that formula.
    I think we can do that in the government also. I think the 
quality of the people are fine. The people that want to be here 
are here. The issue is you have to give them the tools and you 
have to retool them like any other. You don't drive a car 
100,000 miles without changing the oil a few times and putting 
a few other maintenance items in. I think that is no different 
than the people.
    Mr. Bourgeois. Thank you. Obviously, you heard in my 
opening statement that I believe that a continued investment in 
people, both on the acquisition side and on the IT side, is an 
absolute necessity. But make no mistake, as you point out, the 
problem is larger than the people. The culture needs to evolve 
as well, and that includes the culture in the programs that 
tend to have a lot of IT money that is made in many cases 
outside of the purview of the CIO, and then the culture in the 
CIO organization themselves, in particular with how the 
organization is empowered to carry out the full IT mission and 
responsibilities of the agency.
    So your point is well taken. But if the culture can evolve 
and the additional investment in the training of the workforce 
continues, and some other techniques which I consider under the 
culture of modularization, as we heard Mr. VanRoekel testify, 
and much smaller deliverables happening much faster but working 
in succession towards an overall goal, which, by the way, is a 
mission goal, not an IT goal, then I do believe that the 
problem can be--there can be success in spite of the challenge.
    Mr. Cummings. You can imagine when taxpayers hear the kind 
of figures we have heard here today and to hear the failures, 
they got to get upset. And then what happens is that they then 
say, you know, government can't do things right. And some kind 
of way we have to rightsize--I mean, we have to figure out ways 
to make sure. That is why I was asking the panel earlier about 
when you get people who are doing things the right way, how do 
you encourage that and how do you spread it around? Because 
people have to have faith in their government. And that is so 
important. And when you hear these kind of figures like Mr. 
Duncan was saying, it gets to be I am sure for some very 
discouraging. That is why I was wondering if this thing is so 
big that we can't control it?
    Mr. Niehaus. Well, the prior witnesses really hit on a 
point that resonates with my experience across public sector 
and even in private sector that an empowered CIO that is given 
a clear swim lane, a set of responsibilities, authority and 
accountability can make great things happen.
    The examples that were cited about the VA, for example, we 
recently renewed a very ambitious and creative agreement with 
them and have won the opportunity to take them to the cloud for 
their email. That was done by an empowered CIO. Also we commend 
when CIOs across agencies like the Army and the Air Force and 
DISA can come together and agree on shared requirements and 
have the authority to make those decisions, they can do great 
things.
    Mr. Cummings. Were you all surprised when Mr. Powner said 
that he asked for operations that were functioning properly, 
seven agencies, and I think he said three of them couldn't name 
any. I mean, did that surprise any of you all? Hello?
    Mr. Klayko. I would say I don't know what the metrics are, 
and so I think part of that comes back, there is probably an 
expectation that comes back. I believe you can't manage 
anything if you don't have metrics associated with it, so I 
don't know what the metrics they were going. Because I can 
actually hear the same people say they are perfect. So it 
depends on what the metrics they are looking at.
    Mr. Cummings. So your university, I mean, I assume you 
invest quite a bit in that university. And what does 
``university'' mean?
    Mr. Klayko. We teach kids what they don't learn in college. 
They get book smart in college but they don't understand 
business and how to get things done. And we tell them, let me 
make sure you understand one thing when you come to work here, 
that you are entitled to nothing. You compete. So it is a life 
lesson, and that is what this is about. So we put them through 
a short quarterly program and then we have a mentor actually 
take them through how do you operate and get things done. So 
there is a lot of other people that are doing it very 
effectively. Ours is one that we need to do it to instill 
change in our culture.
    Mr. Cummings. How many employees do you have?
    Mr. Klayko. We have about 5,000 employees.
    Mr. Cummings. Thank you.
    Chairman Issa. Thank you.
    With that, we recognize the gentleman from Virginia, Mr. 
Connolly.
    Mr. Connolly. Thank you, Mr. Chairman.
    Chairman Issa. I am sorry. If you wouldn't mind, the other 
gentleman.
    Mr. Connolly. Of course not. I would be honored.
    Chairman Issa. I apologize. You snuck up on me, John. We 
recognize the gentleman from Florida, Mr. Mica.
    Mr. Mica. Thank you. And we will get to Mr. Connolly in 
just a second.
    Mr. Connolly. I am only too happy to have you go first, Mr. 
Mica.
    Mr. Mica. Thank you. Thank you.
    We heard the OMB CIO say that he didn't see any impediments 
as far as the law. Are any of you aware of any changes that we 
need to make in the law that would help us in this whole 
process? Anything?
    Mr. Bourgeois. I don't know if I would specifically say 
there are changes in the law, and I am definitely not an expert 
on the laws themselves. What I would say is that in how those 
existing laws have been operationalized is just a mess. So if 
it can be simplified quite a bit.
    Mr. Mica. The other thing is he cited himself that he would 
give an agency the authority to move ahead and they would take 
the paper and wave it around, but there is some problems in 
getting the authority transmitted to the agency, so there is 
some disconnect. He says he has the law and the authority to do 
that, but it is not happening. So that is some of what you are 
referring to?
    Mr. Bourgeois. I am not sure I am familiar----
    Mr. Mica. First of all, thank you all. I come from the 
private sector. I have been on this committee a long time and 
others, and for the private sector to come forward and testify 
like you are doing, I appreciate it very much. Sometimes they 
are very reticent for retribution or anything you say may be 
held against you and all of that. But this is important, and 
our purpose isn't to bash them, it is to try to see how we move 
this forward.
    Mr. Bourgeois. Let me give my best example from my 
experience when I was an executive CIO at the U.S. Patent and 
Trademark Office. So in terms of empowerment, yes, and I 
mentioned specifically in my opening statement that I had the 
full authority that the Clinger-Cohen Act defines. And that was 
in some ways given to me by the Under Secretary at the agency, 
but also in terms of how we carried out our planning for IT 
investments, it was part of the budget process for the agency.
    There were five executives that ran the agency: The 
Commissioner for Patents, the Commissioner for Trademarks, the 
CFO, the Deputy Under Secretary and myself, the CIO. And 
everything started with what the agency wanted to accomplish--
reducing pendency, improving quality of patents, transparency 
and dissemination of information, and so on. Every dollar of IT 
investments was tied to one of those objectives. Whether it was 
a maintenance of an existing legacy application or it was a 
brand new thing like that new system that we implemented, you 
know, new 10 years ago, to take the Patent Office completely 
electronic, it was all tied to a mission objective and by 
virtue of that planning and how we executed it, we carried out 
the Clinger-Cohen responsibilities in concert with each other 
for the good of the mission. I don't see that happening in many 
other agencies today.
    Mr. Mica. Well, I talked about having the law in place and 
then the policy to execute that and someone executing it, then 
the personnel. And I think you also mentioned the staffing 
level and we have talked a little bit about that. I was 
concerned that they may not be able to attract the best 
personnel or retain them. Sometimes you can get them and you 
teach them and the next thing you know they are out the door 
and they are earning big bucks somewhere else. I am not sure 
exactly how we legislate that, but I think we can look at the 
incentives and the packages and things that we can offer that 
might make a difference. Do you think that would be----
    Mr. Bourgeois. Again, from my experience as a CIO in the 
Federal government, there are existing tools that can be used 
to address this challenge of expertise and attracting and 
retaining the right workforce. But also, make no mistake, it is 
a moving target. So as technology evolves now, those systems 
and capabilities that are in place today have to evolve with 
it. And there are things that I utilized as a CIO that are not 
very well known, like the SL designation to hire high-end 
technical experts on par with private sector expertise and then 
challenge them with metrics and reward them through performance 
capabilities when they delivered the results. This can happen 
today, but it does require the buy-in of the head of the 
agency.
    Mr. Mica. There are lots of specifics, and I don't have 
much time, but I was fascinated by your just sort of quick 
analysis of the consolidation of the data centers. They are 
trying to consolidate 1,200 out of 3,000. What do you think the 
real number could be and what we could achieve there? Just one 
little example.
    Mr. Bourgeois. The consolidation effort to date has been a 
critical first step, but there is really just the tip of the 
iceberg in what it has been able to accomplish. The reason is, 
as Mr. VanRoekel described, the legacy is applications that 
have infrastructure dedicated to them. The first step has 
somewhat consolidated them. For example, if you include back 
office applications, the GAO estimates more than 2,200 
investments at $9.1 billion in back office applications. There 
is no question that there is billions of dollars of potential 
through consolidation of those applications.
    Mr. Mica. I love your phrase I will conclude with 
elimination of duplication of applications. Has a certain ring 
to it. Thank you. I yield back.
    Chairman Issa. I thank the gentleman.
    And we now go to probably the most dedicated consolidator 
of these stations, the author of the legislation, Mr. Connolly.
    Mr. Connolly. Thank you, Mr. Chairman, and welcome to our 
panel.
    You know, picking up on the concern Mr. Mica and others and 
the chairman have mentioned about personnel, Mr. Klayko, you 
have been a CEO, and I served 20 years in the private sector in 
Federal contracting in IT. Might it be a fair statement that 
the way we are treating Federal employees is going to make it 
more difficult moving forward to recruit and retain, especially 
highly skilled sets; freezing salaries for 3 years, raiding 
their benefits to help finance other unrelated things, public 
disparagement of their public service and their worth. Is that 
how you would manage your workforce?
    Mr. Klayko. No. I mean, you have to go ahead and create a 
culture that you want people to come to work every day. And 
there is a lot of other ways to go ahead and do that. So I 
think you have to create a culture in the government that 
people want to come to work, make a difference, and then put 
performance metrics in place, they go ahead and they get 
rewarded for their performance.
    Mr. Connolly. Thank you.
    And Mr. Bourgeois, I saw you shaking your head. I assume as 
a former Federal employee, a CIO, you concur with Mr. Klayko?
    Mr. Bourgeois. I will be very brief. I absolutely concur 
with that. You want to create an environment that folks want to 
come to work every day, and the scenario that you described 
that is happening doesn't exactly do that.
    Mr. Connolly. I agree.
    Mr. Niehaus, you talked about best value. Could you explain 
a little bit more, when you talk about best value, what are you 
referring to?
    Mr. Niehaus. The main concept from our perspective is the 
total cost of ownership. This is an industry accepted. I 
mentioned Gartner, for example, as one of the main reference 
points. In industry for a lot of years there was a focus on 
just lowering acquisition price. I think I heard it earlier 
today where throwing more IT made things more productive, you 
know, more better. And there wasn't enough looking backwards on 
how are we managing the legacy systems that we are building and 
how are we monitoring their success.
    So the concept now is really focused on looking at total 
cost of ownership and holding CIOs accountable for delivering 
on that total cost of ownership, measuring it, so it is not 
just acquisition, but it is how much does that system cost to 
maintain, and what is the roadmap for that system after it is 5 
years old, 3 years old; can you move it to the cloud, is it 
open data systems, et cetera?
    Mr. Connolly. And that is my next question to you, you have 
anticipated it. Why is it that often maintaining a system costs 
more than the original acquisition?
    Mr. Niehaus. Because the way that requirements were built 
may not have been in as much collaboration with the private 
sector around best standards, open standards, commercial off-
the-shelf software. What can the industry that is building the 
software do and deliver on a long-term that all of industry 
accepts. And when you have that, and there is inherently a 
roadmap that allows you to start planning towards the future. 
Mr. VanRoekel talked about the depreciation of assets and how 
that in the private sector is something that you plan toward so 
that you can use your P&L to actually unlock investments for 
modernization instead of using it as a defense of existing 
spending.
    Mr. Connolly. And the chairman has talked about some very 
antique systems, legacy systems.
    Mr. Niehaus. Absolutely.
    Mr. Connolly. The chairman and I are working together along 
with the ranking member, Mr. Cummings, on some legislation, and 
one of the things we are working toward is empowering CIOs. 
Would you and your colleagues at Microsoft welcome that as 
obviously a vendor and provider to the government, I mean? And 
presuming that we consolidate 243, which is way too many, but 
what is left, what kind of empowerment ought they to have from 
your point of view?
    Mr. Niehaus. From our perspective the most successful 
projects are the ones that are closest to the mission and 
mission focus, and that means also the CIO that is empowered 
closest to the mission. As Congressman Davis stated, I don't 
know if we know that a certain number is too many or too little 
per agency. It is about the right swim lanes and the 
accountability so that you can measure the success of that CIO.
    The missions that the DOD performs are myriad. The U.S. 
Department of Agriculture has food inspectors and various 
others. It is not necessarily right to think that one CIO would 
be able to have expertise in designing mission systems for each 
one of those. So the goal would be to know that you are working 
with an accountable and empowered CIO focused and close to that 
mission to make them successful.
    Mr. Connolly. Final word, Mr. Bourgeois, I want to give you 
an opportunity to expand. When you were at Patent and Trade, 
you gave us an example that worked and you said then that is 
how we got to Clinger-Cohen, but then you said, but I don't 
know many other examples of that in the Federal family. Could 
you elaborate on that. Why not? What were the unique attributes 
of Patent and Trade that apparently weren't transferable to 
other agencies?
    Mr. Bourgeois. I am glad you couched the question that way 
because it does give me the opportunity to point out that in 
one way it was, you know, full authority over the IT budget, 
and that was all IT expenditures across the agency, and that 
included the business applications used by all of the examiners 
and all the other staff. Most CIOs in the Federal government 
are called CIOs, but they are really chiefs of infrastructure, 
because the business applications are funded and implemented, 
managed by some program somewhere else. So that is a key 
capability.
    Also the full authority and responsibility of hiring and 
firing and incentivizing and managing all of the IT people and 
IT classifications throughout the entire agency. So there were 
these other control factors in place through HR, through 
contracting and other means throughout the office, that if 
things were happening in the rogue IT organization in the 
business units, they would come back to me as the CIO and I 
could go talk to my peer, we could correct it and get it back 
on track.
    Mr. Connolly. I thank the chair.
    Chairman Issa. Thank you. I would like to do just one short 
additional round.
    Mr. Klayko, since you are the only person that currently is 
not working for a company, I am going to take advantage of your 
temporary lack of conflict potentially, although pride is the 
greatest conflict sometimes in an answer. But in your years of 
selling products and services, didn't you try to decommoditize 
what you sold while the buyer tried to commoditize. Today you 
have in a sense told us in your opening statement that in fact 
the worst thing to do is to buy into the decommoditization. In 
other words, when I ask for a Cisco router or equivalent or a 
D-Link router or whichever brand, I am buying into somebody's 
decommoditization by definition. Isn't that pretty much what 
you said?
    Mr. Klayko. As a vendor?
    Chairman Issa. As a vendor you want to decommoditize. You 
want to have your brand matter and have it spec'd by name if 
possible. As a buyer I want everything to be pounds of wheat. I 
want everything to be as commoditized as possible. Isn't that 
essentially the relationship that is optimally the first thing 
that each of you is working toward?
    Mr. Klayko. I mean, if you start at the opposite ends and 
work towards the middle, I think that is probably true. I 
looked at in many of the reviews I have done in the past why 
someone was chosen over another. You do loss reviews all the 
time. You have done it in private sector and so forth.
    One of the things I find is in an IT environment, in any 
environment, the most feared word is delete. So nobody deletes 
anything. No one deletes data. They keep it forever. So you 
just get more and more and more and more and more and it 
becomes unmanageable and more difficult.
    Chairman Issa. That is why we need VM's Image Backup, is 
because it has gotten to be so much data we are backing up we 
don't have time to back it up as data.
    Mr. Klayko. Yeah, but there is still that. And then the 
other thing what I found is there is a lot of fear. There is 
fear of making a change. Because right now, to your point, sir, 
where you said, you know, we are laying off people, there are 
no raises and so forth, so why do I want to put myself on the 
edge to make a recommendation to make a change if all of a 
sudden it doesn't work and it fails so I become the guy they 
shoot. So there is no incentive. We have the exact opposite 
incentive program that should be in place.
    So we are starting at different points, but the membrane to 
get together, I am not sure we can if we can never align on 
that. It is very, very difficult. We have to eliminate the 
fear.
    Chairman Issa. Okay. I am going to do two last questions. 
Mr. Niehaus, I give you a little grief on this subject 
deliberately. Microsoft and a number of other well-known brand 
names in software deliver more than a commodity because they 
deliver the history, the predictability. Look, 1.0, everything 
fails, and 2.0 exists for the purpose of fixing everything that 
was wrong with 1.0 and 1.1 and 1.2. We get it, that you can't 
deal with people on a purely commodity basis. But from a 
government procurement standpoint, shouldn't our procurement 
reform be similar to Mr. Klayko's statement, which is quit 
spec'ing by definition what we need almost by brand name and 
spec it to the greatest extent by the minimum needs required, 
and then companies can come in and sell their ups and adds or 
additional features which often make the difference between two 
otherwise identical commodities.
    Mr. Niehaus. Mr. Chairman, the way that we would look at it 
or the way that we see it is commercial off-the-shelf software 
is a great term and a great phrase and it means a lot and it is 
very accepted. The challenge is that where we are going today, 
or now and in the future, is cloud-based email systems, and we 
have agencies lining up to do that. That is not as simple as 
just taking the version of exchange server that is running that 
you already own and just putting it in the cloud and running 
it. It is actually new innovations. It is new capabilities. It 
is the ability to provide that warfighter a disconnected 
scenario downrange or a task worker in the field or a food 
inspector disconnected as well as an IRS worker fully 
connected.
    Chairman Issa. Sure. Those are certainly ups and adds. And, 
oh, by the way, when you went from an exchange based to clouds, 
I lost a few things, too. I made that transition. The fact is 
that you sometimes find things are slightly different because 
you have been using, if you will, undocumented features, and 
that is common that we find ways to make things work that were 
not in the plan, mailboxes that are blank for some reason that 
people look at in a different environment. And I appreciate 
that, and hopefully that is what we are going to continue 
looking at how to get right in this act.
    Mr. Bourgeois, obviously I know a little bit about your 
product, probably enough to be dangerous. But earlier I think 
there was something that didn't get said properly, which is, 
isn't it true that one consistency within our movement, the 
government's movement to cloud, is underutilization. We can do 
what Mr. Connolly so much wants us to do, which is consolidate. 
But if we consolidate rather than to 100 servers doing 1,000 
tasks and instead what we have is 1,000 servers each doing one 
task, we haven't really saved anything other than we have made 
the electric bill appear in one place. Isn't that to a great 
extent the other part of consolidation that we have to find a 
way to do?
    Mr. Bourgeois. Mr. Chairman, that is very well said. I 
think that the consolidation effort includes multi-layers of 
the technology stack, and the majority of the efforts thus far 
have been focused on the core infrastructure layer when there 
is still--maybe the low hanging fruit has been picked and we 
have to reach up a little farther. There is still fruit to be 
picked there. But without a doubt there is an opportunity to 
actually rationalize the portfolio of IT investments, to take 
the 10 things that are doing the same thing and actually meld 
them into one and consolidate it at the same time.
    Chairman Issa. Thank you.
    Any additional rounds? Mr. Cummings?
    Mr. Cummings. I yield to Mr. Connolly.
    Mr. Connolly. Thank you. Thank you, Mr. Cummings.
    I actually just wanted to piggyback on your point, Mr. 
Issa, Mr. Chairman. I think we have to find sort of a happy 
medium. Take the chairman's point about emails. All right, 
maybe emails shouldn't be treated as a commodity, but you heard 
Mr. VanRoekel when he testified in my district in a field 
forum, he pointed out in an agency, he says 20, but I am pretty 
sure he said 36, but it was a lot of email systems. And you 
know how that happened. It didn't happen because there are 20 
or 36 unique sets of demands on an email system. It grew up 
because my division got an email system and yours got one 
later. And so as a result we have all this stovepipe 
duplication, they can't talk to each other, and we are spending 
a fortune trying to fix it. Mr. VanRoekel pointed out he 
finally got one in place. Now, maybe that is too few.
    So I just think that to the chairman's point, while we 
don't want to have a mentality that says no, no, one size has 
to fit all, god, is that a problem in government. On the other 
hand, we can't treat everything as unique or we will never save 
a dime and we will never get efficient.
    Mr. Niehaus. Congressman, I completely agree with that. And 
a perfect example, and I don't know if Mr. VanRoekel is 
referring to this customer, but the USDA, for example, had that 
numerous 20-plus email systems. It was Microsoft that 
consolidated those into the cloud. So it is not that we are 
against this, by any means. The focus that we look at is making 
sure that we are continuing to meet the mission of government 
as it evolves. If the decision had been pick one of these, 
label it a commodity and everyone standardized on it, there 
wouldn't have even been a conversation about, well, what can 
the cloud offer? Can the cloud actually offer you a better 
value, a faster return on your IT investment, a lower total 
cost of ownership over time.
    I think that is where we bring up the concern about the 
term commodity because we don't see it in the private sector 
but we do see commercial off-the-shelf software in the private 
sector, and we do completely agree on the focus of what are the 
standards of service and the standards of mission requirement 
that we can all agree are the core fundamental, and let's build 
around that and deliver solutions around that and fight to 
innovate among competitors.
    Mr. Connolly. And I do not spend a lot of time on this dais 
defending the chairman, but in this case I think there has been 
somewhat of a reaction to some of the draft language, and I 
don't think there is that much daylight frankly between how you 
just articulated it and how the chairman or I would articulate 
it.
    Mr. Niehaus. I think that is certainly a welcome 
conversation and discussion for us to continue to support and 
have. Absolutely.
    Mr. Connolly. Thank you.
    Chairman Issa. As we close, I will tell a very short story. 
I remember all too well being in the military where we were 
driving military vehicles with military tires designed for 
combat, and somebody somewhere at DOD back in the seventies got 
the bright idea that they ought to buy a whole bunch of pickup 
trucks, standard, I believe they were mostly Dodge pickup 
trucks, and paint them green and use those to run back and 
forth on streets, on regular roads, to go pick up parts. It was 
an innovative idea. It saved countless millions of dollars and, 
quite frankly, some lives because military combat vehicles on 
slippery roads, on hard surfaces, do not perform nearly as 
well.
    Our goal with IT purchasing reform is in fact to recognize 
that Americans all buy automobiles which are commercial off-
the-shelf. We are not claiming that a Cadillac--or I will use 
the now defunct Yugo--are in fact equal. But we do know that 
all of them are part of a commodity for transportation. We want 
to find a way to make sure that specific pieces of 
transportation are purchased that optimize the Federal need and 
that in every case possible we not ask somebody to set up a 
brand new auto company to produce a form of transportation.
    And with that, I thank all of you for kicking off this 
process, being our first hearing, and we stand adjourned.
    [Whereupon, at 4:40 p.m., the committee was adjourned.]
    [GRAPHIC] [TIFF OMITTED] 79790.063
    
    [GRAPHIC] [TIFF OMITTED] 79790.064
    
    [GRAPHIC] [TIFF OMITTED] 79790.065
    
    [GRAPHIC] [TIFF OMITTED] 79790.066
    
    [GRAPHIC] [TIFF OMITTED] 79790.067
    
    [GRAPHIC] [TIFF OMITTED] 79790.068
    
    [GRAPHIC] [TIFF OMITTED] 79790.069
    
    [GRAPHIC] [TIFF OMITTED] 79790.070
    
    [GRAPHIC] [TIFF OMITTED] 79790.071
    
    [GRAPHIC] [TIFF OMITTED] 79790.072
    
    [GRAPHIC] [TIFF OMITTED] 79790.073
    
    [GRAPHIC] [TIFF OMITTED] 79790.074
    
    [GRAPHIC] [TIFF OMITTED] 79790.075
    
    [GRAPHIC] [TIFF OMITTED] 79790.076
    
    [GRAPHIC] [TIFF OMITTED] 79790.077
    
    [GRAPHIC] [TIFF OMITTED] 79790.078
    
    [GRAPHIC] [TIFF OMITTED] 79790.079
    
    [GRAPHIC] [TIFF OMITTED] 79790.080
    
    [GRAPHIC] [TIFF OMITTED] 79790.081
    
    [GRAPHIC] [TIFF OMITTED] 79790.082
    
    [GRAPHIC] [TIFF OMITTED] 79790.083
    
    [GRAPHIC] [TIFF OMITTED] 79790.084
    
    [GRAPHIC] [TIFF OMITTED] 79790.085
    
    [GRAPHIC] [TIFF OMITTED] 79790.086
    
    [GRAPHIC] [TIFF OMITTED] 79790.087
    
    [GRAPHIC] [TIFF OMITTED] 79790.088
    
    [GRAPHIC] [TIFF OMITTED] 79790.089
    
    [GRAPHIC] [TIFF OMITTED] 79790.090
    
    [GRAPHIC] [TIFF OMITTED] 79790.091
    
    [GRAPHIC] [TIFF OMITTED] 79790.092
    
    [GRAPHIC] [TIFF OMITTED] 79790.093
    
    [GRAPHIC] [TIFF OMITTED] 79790.094
    
    [GRAPHIC] [TIFF OMITTED] 79790.095
    
    [GRAPHIC] [TIFF OMITTED] 79790.096
    
    [GRAPHIC] [TIFF OMITTED] 79790.097
    
    [GRAPHIC] [TIFF OMITTED] 79790.098
    
    [GRAPHIC] [TIFF OMITTED] 79790.099
    
    [GRAPHIC] [TIFF OMITTED] 79790.100
    
    [GRAPHIC] [TIFF OMITTED] 79790.101
    
    [GRAPHIC] [TIFF OMITTED] 79790.102
    
    [GRAPHIC] [TIFF OMITTED] 79790.103
    
    [GRAPHIC] [TIFF OMITTED] 79790.104
    
    [GRAPHIC] [TIFF OMITTED] 79790.105
    
    [GRAPHIC] [TIFF OMITTED] 79790.106
    
    [GRAPHIC] [TIFF OMITTED] 79790.107
    
    [GRAPHIC] [TIFF OMITTED] 79790.108
    
    [GRAPHIC] [TIFF OMITTED] 79790.109
    
    [GRAPHIC] [TIFF OMITTED] 79790.110
    
    [GRAPHIC] [TIFF OMITTED] 79790.111
    
    [GRAPHIC] [TIFF OMITTED] 79790.112
    
    [GRAPHIC] [TIFF OMITTED] 79790.113
    
    [GRAPHIC] [TIFF OMITTED] 79790.114
    
    [GRAPHIC] [TIFF OMITTED] 79790.115
    
    [GRAPHIC] [TIFF OMITTED] 79790.116
    
    [GRAPHIC] [TIFF OMITTED] 79790.117
    
    [GRAPHIC] [TIFF OMITTED] 79790.118
    
    [GRAPHIC] [TIFF OMITTED] 79790.119
    
    [GRAPHIC] [TIFF OMITTED] 79790.120
    
    [GRAPHIC] [TIFF OMITTED] 79790.121
    
    [GRAPHIC] [TIFF OMITTED] 79790.122
    
    [GRAPHIC] [TIFF OMITTED] 79790.123
    
    [GRAPHIC] [TIFF OMITTED] 79790.124
    
    [GRAPHIC] [TIFF OMITTED] 79790.125
    
    [GRAPHIC] [TIFF OMITTED] 79790.126
    
    [GRAPHIC] [TIFF OMITTED] 79790.127
    
                                 
