[House Hearing, 113 Congress]
[From the U.S. Government Publishing Office]



 
 DATA CENTERS AND THE CLOUD, PART II: THE FEDERAL GOVERNMENT'S TAKE ON 
OPTIMIZING NEW INFORMATION TECHNOLOGIES OPPORTUNITIES TO SAVE TAXPAYERS 
                                 MONEY 

=======================================================================

                                HEARING

                               before the

                 SUBCOMMITTEE ON GOVERNMENT OPERATIONS

                                 of the

                         COMMITTEE ON OVERSIGHT
                         AND GOVERNMENT REFORM

                        HOUSE OF REPRESENTATIVES

                    ONE HUNDRED THIRTEENTH CONGRESS

                             FIRST SESSION

                               __________

                             JULY 25, 2013

                               __________

                           Serial No. 113-52

                               __________

Printed for the use of the Committee on Oversight and Government Reform

         Available via the World Wide Web: http://www.fdsys.gov
                      http://www.house.gov/reform

                               ----------
                         U.S. GOVERNMENT PRINTING OFFICE 

82-434 PDF                       WASHINGTON : 2013 
-----------------------------------------------------------------------
  For sale by the Superintendent of Documents, U.S. Government Printing 
   Office Internet: bookstore.gpo.gov Phone: toll free (800) 512-1800; 
          DC area (202) 512-1800 Fax: (202) 512-214 Mail: Stop IDCC, 
                      Washington, DC 20402-0001



              COMMITTEE ON OVERSIGHT AND GOVERNMENT REFORM

                 DARRELL E. ISSA, California, Chairman
JOHN L. MICA, Florida                ELIJAH E. CUMMINGS, Maryland, 
MICHAEL R. TURNER, Ohio                  Ranking Minority Member
JOHN J. DUNCAN, JR., Tennessee       CAROLYN B. MALONEY, New York
PATRICK T. McHENRY, North Carolina   ELEANOR HOLMES NORTON, District of 
JIM JORDAN, Ohio                         Columbia
JASON CHAFFETZ, Utah                 JOHN F. TIERNEY, Massachusetts
TIM WALBERG, Michigan                WM. LACY CLAY, Missouri
JAMES LANKFORD, Oklahoma             STEPHEN F. LYNCH, Massachusetts
JUSTIN AMASH, Michigan               JIM COOPER, Tennessee
PAUL A. GOSAR, Arizona               GERALD E. CONNOLLY, Virginia
PATRICK MEEHAN, Pennsylvania         JACKIE SPEIER, California
SCOTT DesJARLAIS, Tennessee          MATTHEW A. CARTWRIGHT, 
TREY GOWDY, South Carolina               Pennsylvania
BLAKE FARENTHOLD, Texas              MARK POCAN, Wisconsin
DOC HASTINGS, Washington             TAMMY DUCKWORTH, Illinois
CYNTHIA M. LUMMIS, Wyoming           ROBIN L. KELLY, Illinois
ROB WOODALL, Georgia                 DANNY K. DAVIS, Illinois
THOMAS MASSIE, Kentucky              PETER WELCH, Vermont
DOUG COLLINS, Georgia                TONY CARDENAS, California
MARK MEADOWS, North Carolina         STEVEN A. HORSFORD, Nevada
KERRY L. BENTIVOLIO, Michigan        MICHELLE LUJAN GRISHAM, New Mexico
RON DeSANTIS, Florida

                   Lawrence J. Brady, Staff Director
                John D. Cuaderes, Deputy Staff Director
                    Stephen Castor, General Counsel
                       Linda A. Good, Chief Clerk
                 David Rapallo, Minority Staff Director

                 Subcommittee on Government Operations

                    JOHN L. MICA, Florida, Chairman
TIM WALBERG, Michigan                GERALD E. CONNOLLY, Virginia 
MICHAEL R. TURNER, Ohio                  Ranking Minority Member
JUSTIN AMASH, Michigan               JIM COOPER, Tennessee
THOMAS MASSIE, Kentucky              MARK POCAN, Wisconsin
MARK MEADOWS, North Carolina



                            C O N T E N T S

                              ----------                              
                                                                   Page
Hearing held on July 25, 2013....................................     1

                               WITNESSES

Mr. David Powner, Director, Information Technology Management 
  Issues, U.S. Government Accountability Office
    Oral Statement...............................................     6
    Written Statement............................................     9
The Hon. Steven Vanroekel, Acting Deputy Director for Management, 
  Federal Chief Information Officer, Administrator for E-
  Government and Information Technology
    Oral Statement...............................................    58
    Written Statement............................................    60
Mr. David L. McClure, Associate Administrator, Office of Citizen 
  Services and Innovative Technologies, U.S. General Services 
  Administration
    Oral Statement...............................................    64
    Written Statement............................................    66

                                APPENDIX

Questions for the Record.........................................    88


 DATA CENTERS AND THE CLOUD, PART II: THE FEDERAL GOVERNMENT'S TAKE ON 
OPTIMIZING NEW INFORMATION TECHNOLOGIES OPPORTUNITIES TO SAVE TAXPAYERS 
                                 MONEY

                              ----------                              


                        Thursday, July 25, 2013,

                  House of Representatives,
             Subcommittee on Government Operations,
              Committee on Oversight and Government Reform,
                                                   Washington, D.C.
    The subcommittee met, pursuant to call, at 9:34 a.m., in 
Room 2154, Rayburn House Office Building, Hon. John Mica 
[chairman of the subcommittee] presiding.
    Present: Representatives Mica, Meadows, Connolly, and 
Pocan.
    Staff Present: Alexia Ardolina, Majority Assistant Clerk; 
Richard A. Beutel, Majority Senior Counsel; Caitlin Carroll, 
Majority Deputy Press Secretary; John Cuaderes, Majority Deputy 
Staff Director; Linda Good, Majority Chief Clerk; Tyler Grimm, 
Majority Professional Staff Member; Mark D. Marin, Majority 
Director of Oversight; Sarah Vance, Majority Assistant Clerk; 
Jaron Bourke, Minority Director of Administration; Adam 
Koshkin, Minority Research Assistant; Safiya Simmons, Minority 
Press Secretary; and Cecelia Thomas, Minority Counsel.
    Mr. Mica. Good morning. I would like to call this hearing 
of the Subcommittee on Government Operations to order.
    Welcome, everyone, this morning. The topic of today's 
hearing is Data Centers in the Cloud, Part II: The Federal 
Government's Take on Optimizing New Information Technologies 
and Opportunities to Save Taxpayers Money.
    Mr. Issa usually gives a little statement of our mission, 
but that title almost sums it up. We are looking and have the 
responsibility to review various operations of the Federal 
Government and representing the taxpayers; looking for the most 
efficient, economical, and responsible means of carrying out 
the positions and conducting proper oversight of the agencies 
that perform those responsibilities.
    Today we have one panel and three witnesses. We welcome 
them. And our order of business will be as follows: we will 
start with opening statements by members and then we will 
proceed to hear from our three witnesses, and after that we 
will move to questions. We will hold the questions until we 
have heard from all of the panelists.
    With that, I will recognize myself for an opening statement 
and then turn to our Democrat leader, the ranking member, Mr. 
Connolly, for his comments.
    I again have to state that our responsibility is that we 
look at what the various agencies are doing, in particular, 
some of this activity of our subcommittee may not be the flashy 
part of serving in Congress, with the hearings and all of the 
cameras and all of that, but, nonetheless, this is probably as 
important a responsibility as we have. This is the meat and 
potatoes, finding out where the money is being spent.
    On the particular program of IT, we spend a lot of money. 
It is estimated, I think, $84 billion annually. And we have had 
witnesses. This is our second hearing. Unfortunately, we didn't 
have OMB and GSA representatives at the last hearing; I am glad 
they came this time. But because, again, of the sheer size and 
scope of this activity, the estimates, again, of potential 
savings are maybe as much as 50 percent of what we are 
currently saving. If we can consolidate, if we can use the 
mechanism of cloud computing, a whole host of efficiencies 
brought into this process, we have the potential for saving in 
a time when we are approaching a $17 trillion deficit. 
Substantial money.
    So I again welcome the witnesses. As we face this time of 
tight budgets, it has never been more important for the Federal 
Government to continue its efforts.
    Today's hearing actually looks at, unfortunately, an 
attempt by the Administration, dates for several years now in 
trying to maximize the return on investment and reduce the 
operational risk and provide responsive services to citizens 
through some IT consolidations. We, unfortunately, have found 
through our investigation that we don't have a pretty good 
track record; that maybe the intent was good, but unfortunately 
what was set out as some goals and new approaches to achieve 
success, have not worked.
    We have two charts here that I want to point to, and they 
show, unfortunately, failed IT investments since 2003. The long 
and the short of it is we have lost about $9.2 billion in those 
failed attempts, a pretty significant amount.
    The second chart shows the number of troubled IT 
investments. That is enumerated on the chart that you see up on 
the screen. But this is startling: $102 billion is currently at 
risk from, again, a simple evaluation information we have 
received. So this is quite troubling.
    While GAO had indicated initially that we had some I think 
it was 3,133 data centers, the most current data we have 
received says that that estimate is some now 7,145. So a pretty 
dramatic departure from what was originally estimated as the 
number of these non-core centers; and that totals 6,650.
    Unfortunately, since 2010 they have closed or consolidated 
484 of these non-core centers. At the current rate, and that is 
over two years, while they estimate by the end of the year they 
will have 855. But they plan, at least the plans we have been 
told, to close 3,400, about half of the new estimate non-core. 
Unfortunately, if they keep it up at the pace that they have 
begun, it looks like it is almost impossible to achieve that 
goal. That is part of what we want to hear, how we are 
recalculating and how we plan to again reach a significant 
goal, which was originally estimated, I think, at some $3 
billion. The current calculations indicate that we will be at a 
$2.4 billion shortfall.
    Unfortunately, the duplications of common IT systems are 
pretty widespread, and GAO itself has reported that the 
Government funded 622 separate human resource systems at a cost 
of $2.4 billion, 580 financial systems at a cost of $2.7 
billion, and 777 supply chain systems at $3.3 billion; and the 
list continues. Many of these systems perform, unfortunately, 
the same function.
    OMB has the responsibility to oversee large IT projects, 
but often rolling out new and large management initiatives, 
when they do with great fanfare, unfortunately it doesn't 
appear a lot is done to follow up or implement these programs; 
and we are going to look at one example, the Federal Data 
Center Consolidation Initiative, which was rolled out again in 
2010. As I point out and predicted, they close a lot more of 
these centers, 40 percent of them, by 2015 and save that $3 
billion. The target is, again, very illusive from what we can 
see with the statistics and facts of accomplishment to date.
    So OMB, unfortunately, has grossly underestimated the 
number of data centers. Now we have to deal with a much larger 
number than originally reported. Unfortunately, OMB's savings 
to date are minimal, probably about $300 million, or 10 percent 
of the promised $3 billion that had been promised.
    Unfortunately, we also find that OMB is also skeptical 
about their own new process and how it will work. Its own 
testimony identifies deficiencies, and we will look at how that 
IT Dashboard hasn't worked. We will also have to find out, 
firsthand today, how OMB plans to accelerate its use of key 
management initiatives and look at how, again, we are going to 
achieve these savings. So we want this to be a positive 
hearing; find out, again, what has gone wrong, and then see how 
we can correct it.
    We want to work with OMB and GSA. Unfortunately, GSA, I 
found, has failed to develop or roll out its own critically 
needed new system to streamline the fashion by which 
contracting officers ensure contracts are responsible vendors. 
That system, called SAM, System for Award Management, was 
completely restructured after multiple failures and millions of 
dollars wasted.
    And then, finally, what the GSA, I think they set a poor 
example themselves with over 109 core data centers. I am told 
they have only actually closed one to date. So we will want to 
get an update on where one of our principle agencies 
responsible for procurement and heavy involvement in the IT 
business has failed itself.
    So those are some opening commentaries. I have been picking 
up from Mr. Issa and also Mr. Connolly their efforts to try to 
get this to work better, be more effective, find ways to 
consolidate, find ways to streamline and provide the leadership 
to make that happen.
    So let me yield now to Mr. Connolly, our ranking member.
    Mr. Connolly. Thank you, Mr. Chairman, and thank you and 
your staff for holding this second hearing on this subject. And 
I agree with you, this is the sexiest subject in town. Data 
center consolidation, it is amazing the press just isn't here 
in overflow, really.
    But it actually is one of those building blocks, as you 
said, Mr. Chairman, of Government that is actually very 
important.
    First of all, I want to welcome our witnesses. I am glad 
they are here. Some of the things that have happened since our 
field hearing, one of which is Mr. VanRoekel is now at OMB. So 
that, to me, is a heartening development because I think now we 
can better integrate OMB's management responsibilities with the 
goals we have here, rather than sort of as a set-aside nice 
thing to do. So integrating that into key management decision-
making in the Executive Branch I think is a real step forward.
    Mr. VanRoekel, congratulations on that new role. I know 
that is going to serve all of us well.
    From my point of view, and I certainly am open to testimony 
that would suggest otherwise, I share the chairman's concern 
that we seem, when we are looking at metrics, and it isn't just 
our opinion, it is the Government Accountability Office, we 
seem to be falling behind. Good news: we have doubled the 
number of companies certified under FedRAMP since our field 
hearing, from three to six. But there are a lot of companies 
that would like to qualify and that would qualify but for a 
rather glacial pace of certification. We want to be thorough, 
but golly, gosh, darn, it seems to me we could do better.
    There are issues, as the chairman indicated, with the IT 
Dashboard. And in terms of data center consolidation, any way 
you measure it, we may be more accurate in defining what a data 
center is and, thus, the proliferation in numbers that might 
seem to suggest we are actually going in the wrong direction 
but in fact we are more accurate in trying to capture what is a 
data center, and that is good. But if you look at agency 
performance, agency by agency, essentially only four agencies 
are playing in the game, that is not acceptable. That is not 
acceptable.
    Finally, I would say to the Administration, and I guess Mr. 
VanRoekel, primarily through you as maybe the senior 
Administration official here, but this committee, including the 
chairman, passed a bill, FATAR. It is the first comprehensive 
rewrite of Federal IT acquisition in 20 years. It is designed 
to update and, in many ways, sort of replace Clinger-Cohen. It 
is the friendliest, most sympathetic bill you are going to get 
out of the Congress. It is, in large measure, a codification 
of, in fact, initiatives and reforms undertaken by this 
Administration, mirabile dictu coming out of this Republican 
Congress.
    But if the Administration decides to spurn that 
legislation, that has passed the House already, I would just 
say to you you are going to have problems on both sides of the 
aisle. This represents, I think a real bipartisan effort. We 
work very hard to try to get this right. We tried to consult 
with the Administration. We consulted extensively with 
industry.
    The chairman, Mr. Issa, could have filed this bill back in 
October. To his credit, to the staff's credit, they kept it 
open, negotiating with us, with industry, with the 
Administration, with others from October until we filed it 
finally late in February. And we were willing to take 
additional modifications to try to make sure we get it right. 
This is a bill designed to try to be helpful, to try to spur 
the very reforms undertaken by this Administration, by Mr. 
VanRoekel and his predecessor.
    So I urge you to go back and consider support for this 
legislation. If there are changes, great, but a position of 
opposition is not going to sit well in this Congress on both 
sides of the aisle. So please consider it the helpful tool it 
was intended to be. We think that this is a subject matter that 
needs attention. And while it may not draw big crowds, as the 
chairman indicated, in terms of potential for savings, 
potential for the deployment of technology as a tool, an 
instrument for augmenting the decline in resources for so many 
agencies is profound; and we need you as a partner and we want 
to be a partner.
    So, with that, I look forward to the testimony, Mr. 
Chairman, and, as you know, I may have to sneak out to manage 
an amendment on the floor, but I will be back. And again I 
thank the chair for holding this hearing.
    Mr. Mica. Thank you, Mr. Connolly.
    Other members? Mr. Meadows?
    Mr. Meadows. Thank you, Mr. Chairman. I am just going to be 
very brief.
    Welcome. Thank you so much. The chairman has highlighted 
very accurately some of the concerns. I look forward to hearing 
your testimony today on how we can start to really make 
progress. As I read the report, I am very troubled that we 
continue to start and we restart and we start again, and yet 
the other part that we are not doing is, when we are looking at 
$3 billion in program goals, there is not really a measurable 
matrix on whether we are getting there or not. And it is very 
troubling when I sit there as a business guy and say, well, how 
do we know if we are making great progress when we are not even 
really accurately measuring it.
    I represent a district that has one of the greatest data 
centers in the world, Google. They know how to do it. And to 
find that we have 622 human resource systems out there, another 
580 financial management systems, and 777 supply chain systems, 
many of which don't talk to one another, one of the advantages 
of big government should be the efficiencies of systems and the 
management thereof; and what we have done is we are acting like 
we are a private company with thousands of different systems 
that don't work.
    So I look forward to hearing it. I know that we have a 
Leviathan here. I mean, this is a big problem. But the other 
aspect, it is very difficult for me to go back home and tell 
the people why we have wasted $10 billion on terminated 
projects; why we can't figure it out on a lot of these before 
we spend the amount of money that we spend, before we make a 
determination it is not going to work. So I would be interested 
in hearing from each one of you the matrix of which we are 
going to be measuring it, the goals that we are going to do, 
and how we incentivize you to do that.
    The chairman has held a hearing on some 13,000 Federal 
buildings, and we heard that the GAO really didn't want to get 
rid of them because, if the money gets sold, it doesn't go back 
to the GAO. I mean, I also am finding it amazing that we have 
most of our expenditures in the fourth quarter; that we have 
this disproportionate amount of purchases that happens in the 
last quarter of every fiscal year.
    We all know what the problem is, but it really lacks 
accountability. So I look forward to hearing from you on how we 
are going to measure it and how we are going to fix it going 
forward, and I thank the chairman. I yield back.
    Mr. Mica. I thank the gentleman.
    Other members? Mr. Pocan, welcome.
    If no other members seek recognition, we will turn to our 
panel of witnesses, and, again, we have three witnesses, and 
welcome them.
    First we have Mr. David Powner. He is the Director of 
Information Technology Management Issues for GAO, the 
Government Accountability Office; Mr. Steven VanRoekel. He is 
the Acting Deputy director for Management and Federal Chief 
Information Officer for the Office of Management and Budget; 
and Mr. David McClure is the Associate Administrator of the 
General Services Administration's Office of Citizen Services 
and Innovative Technologies.
    Welcome to the witnesses.
    This is an investigative and oversight committee of 
Congress and, in light of that, we do swear in our witnesses. 
If you will stand, raise your right hand.
    Do you solemnly swear or affirm that the testimony you are 
about to give before this subcommittee of Congress is the whole 
truth and nothing but the truth?
    [Witnesses respond in the affirmative.]
    Mr. Mica. Let the record reflect that the witnesses have 
responded in the affirmative.
    So I welcome you and we will turn to our first witness. We 
will go to GAO first, Mr. David Powner. You are welcome and 
recognized.
    What we usually do is, it is a small panel today, but try 
to keep it to five minutes. Then we will go through the three 
of you and then come back for questions.
    So welcome again, Mr. Powner. You are recognized.

                   STATEMENT OF DAVID POWNER

    Mr. Powner. Chairman Mica, Ranking Member Connolly, and 
members of the subcommittee, we appreciate the opportunity to 
testify on the Federal Government's efforts to better manage 
its annual $80 billion investment in IT. My comments will focus 
on three areas: one, the Federal Government's poor track record 
when it comes to delivering on large-scale IT acquisitions and 
the need for greater transparency and governance; two, the 
importance of the data center consolidation effort; and, three, 
the need to eliminate duplicative IT spending.
    Fortunately, for each of these three areas, poor delivery, 
unused data center capacity, and duplication, OMB has excellent 
initiatives in place. GAO's work over the years has shown that 
the Government has a poor track record when it comes to 
managing and delivering IT acquisitions. My written statement 
lays out a comprehensive list of the many failed and troubled 
projects that are highlighted here. Specifically, 15 of these 
projects are examples where billions of taxpayers' dollars have 
been wasted, with little to show for it.
    To address this situation, OMB rolled out the Federal IT 
Dashboard in 2009 to improve the transparency of approximately 
700 major IT investments, and since 2010 this information has 
been used to hold TechStat sessions to terminate and turn 
around IT investments that are failing and not producing 
results. This increased transparency has resulted in improved 
governance, reduced scope, and even terminated projects.
    Clearly, the Dashboard and TechStat sessions have made a 
difference, but this is not enough because some agencies are 
still not reporting Dashboard information accurately. In 
particular, DOD is reporting no red investments. We have 
highlighted DOD's inaccurate reporting at multiple hearings and 
will continue to do so. When an agency is spending $34 of the 
$80 billion and not reporting accurately, something needs to 
change to make sure our tax dollars are being appropriately 
overseen. Also, DOD has not updated most of their Dashboard CIO 
ratings for about two years.
    Regarding the TechState sessions, our work shows the number 
of TechStats held to date is relatively small compared to the 
currently reported 160 at-risk investments that total $10 
million.
    So for troubled projects we need more accurate transparency 
on the Dashboard and even greater executive oversight.
    Turning to data centers. This consolidation effort was 
initiated to improve the Government's low server utilization 
rates, which was estimated between 5 and 15 percent, far below 
the goal of 60 to 70 percent; and this effort is to result in 
$3 billion in savings. Data center closures to date and those 
planned are promising. About 500 centers have been closed and 
it is expected that over 800 will be closed by September. In 
addition, some agencies are already reporting savings. The 
Department of Agriculture recently reported that it has saved 
$50 million this year, and DOD plans to save $575 million in 
fiscal year 2014 alone.
    Our report recently delivered for this committee showed 
that OMB, GSA, and the Data Center Task Force need to step up 
efforts to track cost savings and to find metrics for those 
centers that remain. In fact, OMB has not been tracking cost 
savings. FATAR would be extremely helpful, since it requires 
the tracking and report of cost-savings and would ensure that 
this important initiative would span multiple administrations.
    Mr. Chairman, in addition to tracking cost-savings, there 
needs to be better transparency on how many centers are out 
there. When we testified before this subcommittee in May, we 
reported that there were about 3100 data centers Government-
wide, only to learn from our audit work that the Government had 
3,000 additional centers. Last week, OMB briefed congressional 
staff that there are actually 4,000 more centers, bringing the 
total to more than 7,000; and there are some fundamental 
questions whether the Government really knows what it has and 
why there isn't better transparency here. Timely transparency 
on how many data centers are out there, closures, and cost-
savings is needed.
    We also need to tackle duplication more aggressively. The 
Administration's PortfolioStat process is an excellent 
initiative to address this duplication. OMB states that the 
Portfolio results so far have been significant and that 
agencies have identified nearly 100 opportunities to 
consolidate or eliminate duplicative investments that is to 
result in savings of approximately $2.5 billion through 2015.
    The latest PortfolioStat initiative is promising if carried 
out effectively. However, I would like to make two specific 
observations regarding it: savings are much higher than $2.5 
billion and are more in the $5 billion to $6 billion range; 
and, secondly, CIO authorities need to be strengthened at many 
agencies if CIOs are to carry this out. We are currently 
learning that not all CIOs have authority over commodity IT, 
which is not a very high bar.
    In summary, many of the initiatives over the past years 
have great promise; however, each requires more leadership from 
OMB and agency CIOs so that billions of taxpayers' dollars are 
not wasted.
    Chairman Mica, Ranking Member Connolly, this concludes my 
statement. I look forward to your questions.
    [Prepared statement of Mr. Powner follows:]

    [GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]
    
    Mr. Mica. Thank you.
    We will go now to OMB, Mr. VanRoekel. You are recognized.

          STATEMENT OF THE HONORABLE STEVEN VANROEKEL

    Mr. VanRoekel. Thank you. Good morning, Chairman Mica and 
members of the committee. Thank you for this opportunity to 
testify on the Administration's efforts to improve the 
management of Federal information technology.
    Since day one, the Administration has focused on harnessing 
technology to improve the operations of Government and better 
serve the American people. As I saw through my nearly 20 years 
in the private sector, including a stint as an assistant to 
Microsoft's founder, Bill Gates, the innovative application of 
technology can transform organizations, enabling them to 
improve service delivery and expand customer value, while also 
cutting costs. As a Federal Chief Information Officer and now 
Acting Deputy Director for Management at the Office of 
Management and Budget, I am charged with bringing my experience 
and tools from the private sector to help take Government built 
for the 20th century into the 21st.
    This fundamentally requires a shift in how we think and how 
we operate. As leading private sector companies do, we must 
relentlessly focus on outcome and results; work collaboratively 
across traditional organizational boundaries; drive innovation; 
foster accountability; and, above all, put our customer, the 
American people, first. High-performing organizations are 
results-driven, focused on customer-facing outcomes rather than 
inward-looking outputs. They set business-oriented targets, 
such as revenue and profit goals, and then let operating units 
determine how best to achieve them.
    This thinking underpins our revamped approach to data 
center consolidation. Whereas, early on we looked primarily at 
raw outputs, tasking agencies with counting the number of data 
centers and tallying closures, we are now building on that 
first work by taking an outcome-and incentive-based approach, 
focusing on optimizing total cost of ownership and efficiency 
of operations instead of just the number of data centers. 
Agencies are now developing metrics that drive the outcomes we 
want to see: lower costs and higher productivity. Beyond 
closures and savings, we are now tracking metrics, including 
energy, facilities, labor, virtualization, and cost per 
operating system in these data centers.
    Additionally, successful enterprises are not constrained by 
traditional organizational boundaries, and operate in an 
integrated and unified manner. In the case of IT's, this means 
treating CIO's as strategic partners, on par with the other 
parts of the business. That is why, through PortfolioStat, a 
data-driven review of agency IT portfolios, I am pulling 
together agency leaders: deputy secretaries, CIO's, CFO's, 
CAO's, chief human capital officers, and program officials. We 
all sit around the table and ask them to engage beyond their 
individual roles to make decisions collaboratively with a focus 
on delivering value to the American people.
    In taking this holistic approach to governance, we are 
aiming to avoid one-off isolated actions that can lead to 
unintended consequences. And by working as an integrated 
leadership team, we can better identify and eliminate 
duplicative and redundant investments that drain vital 
resources from mission-facing programs and activities.
    However, just as with any leading private sector 
initiative, the success of PortfolioStat hinges on being able 
to hold leadership accountable for results. This is why a key 
part of the annual PortfolioStat process is following up on 
commitments made in the previous cycle and evaluating agencies 
on progress over the prior year, something we do quarterly.
    This is also why we are sharing the results of our efforts 
to generate efficiencies across the IT portfolios with Congress 
through our IUIT report, the way we track cost-savings. To 
date, agencies have reported over $800 million in savings from 
PortfolioStat alone, with more on the way, and I am very proud 
that, as of this morning, slightly over a year of having this 
process in place and this cost-saving track in place, we are 
announcing that we reached $1.37 billion.
    But to achieve breakthrough results, we must drive 
innovation throughout the Government. Innovative new 
technologies such as cloud computing, open data, mobile, are 
transforming how IT services are delivered and consumed. 
Through these new technologies, CIOs must shift from 
maintaining high-risk, high-failure monolithic systems, many of 
which you have highlighted here, that sap these IT development 
budgets. We need to shift to using services comprised of small, 
agile modules that lower risk and support emerging needs.
    In the end, all of our efforts must be in service for the 
customer, the American people. The aim is to provide agencies 
the ability to allocate their resources to high-value, mission-
oriented activities, rather than commodity and back office 
functions, so the Government can focus on what matters most, 
the citizen.
    We have made significant progress over the past year, but 
work is yet to be done. We must continue to engage agency 
leadership through the PortfolioStat process, hold agencies 
accountable for the results, track savings, and keep our sights 
set on building the Government on the 21st century.
    Thank you.
    [Prepared statement of Mr. VanRoekel follows:]

    [GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]
    
    Mr. Mica. Thank you.
    We will hear from our final witness on the panel, Mr. David 
McClure, and he is with GSA. Welcome and you are recognized.

                 STATEMENT OF DAVID L. MCCLURE

    Mr. McClure. Thank you, Chairman Mica, and thanks, members 
of the subcommittee, for having me here today to talk about our 
efforts in data center consolidation and our partnership with 
OMB and our sister agencies to optimize new technologies being 
put into the Government. I want to focus on how my office at 
GSA is working in concert with OMB, the CIO Council to 
strengthen Government approaches to IT management, including 
consolidation and cloud security.
    As Steve noted in his remarks, our present approach with 
data center consolidation efforts in the Federal Government is 
focused on economies of scale and achieving greater 
efficiencies and overall IT portfolios by optimizing core data 
center performance. This is more meaningful than a singular 
focus on closure counts as the primary measure of success.
    Our role at GSA is to work in concert with OMB, the CIO 
Council, and its Federal Data Center Consolidation Task Force 
to assemble a complete view of the data center inventory and 
key variables affecting operational performance, and we do that 
by providing practical tools, standard data collection 
templates, guidance to the agencies for planning and executing 
their strategies, and consolidating their data centers.
    For example, we have created an online inventory portal 
where agencies can download the data being requested for their 
strategies and plans. We have developed a tool that helps 
agencies identify and select their core data centers. The tool 
uses nine draft criteria that we have reached consensus on 
Government-wide. Most importantly, we have built a world-class 
total cost of ownership model to facilitate robust data 
analysis, optimization planning, and data-driven decision-
making, and it is now being used by all 24 CFO Act agencies.
    Industry experts and GAO have given the model very positive 
assessments. It allows agencies to analyze different scenarios 
to calculate the effects of different data center optimization 
strategies. It also allows, for the first time, an apples-to-
apples comparison with other agencies as they examine 
outsourcing and cloud infrastructure options. Of course, we 
continue to expect to enhance the model with continued input 
from the CIO Council and from OMB.
    We are working in concert with the community on multiple 
fronts to get better results with IT investments being made in 
the Federal Government. The Federal Government, for the first 
time, has a comprehensive inventory of its data centers, one of 
the largest cost items in the Federal IT portfolio. As a result 
of our data collection and our TCO data model, agency CIO's 
have more transparency into how these centers are being 
utilized and viable options for optimizing their operational 
performance.
    In summary, the partnership that Steve and I have forged 
between our offices for management change is grounded in our 
own private sector experience, using industry-leading practices 
that emphasize data-driven decision-making. I think Steve is 
bringing the power of performance metrics to bear on the 
Federal CIOs as a lever for change.
    I want to thank you for having me here this morning. I am 
happy to answer any questions about GSA and our role. I really 
appreciate the leadership of this subcommittee and the full 
committee, because it is paramount to IT reform success, and we 
welcome continued interactions with you and your staff as we 
find meaningful ways to facilitate effective Federal IT 
investment results. And I would be happy to answer any 
questions from the subcommittee.
    [Prepared statement of Mr. McClure follows:]

    [GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]
    
    Mr. Mica. Okay, we will catch all of you right now, and I 
will start off with some questions.
    First of all, let's look, Mr. Powner, Mr. VanRoekel. We 
started out in June of 2012, I guess, actually, in April of 
2013 we were told that there were 3,133 data centers. Now we 
are told it is over 7,000. Kind of a slight miscalculation. And 
then I think there were a couple gasps from members of the 
panel, joint bipartisan gasps when you said, Mr. Powner, that 
the Federal Government really doesn't know what it has. What is 
going on?
    Let's start with Powner.
    Mr. Powner. Well, first of all, the 3100, we did report 
that at your May field hearing, and GAO found through our audit 
follow-up, we follow up with each agency, that there were an 
additional 3,000 centers that were reported.
    Mr. Mica. So do you think the next time you come back we 
will be up to like 10?
    Mr. Powner. Well, we are up to 7,100 now.
    Mr. Mica. I mean, there was a collective gasp when you said 
Government maybe really doesn't know what it has.
    Mr. Powner. And I stand by that statement. I think there 
are 7100 now. Hopefully, we know what we have, but I wouldn't 
put money on it.
    Mr. Mica. And I think, actually, now, wasn't it you also, I 
have your little notes here, you said the savings could exceed 
$5 billion to $6 billion, rather the $3 billion that was 
projected?
    Mr. Powner. Well, with the PortfolioStat initiative we have 
agencies reporting to us there is a $2.5 billion number 
floating around out there. Most agencies reported 2.4, then DOD 
came in alone and said they could save somewhere between $3 
billion and $5 billion. So I think the $5 billion to $6 billion 
range is very accurate for savings on PortfolioStat.
    Mr. Mica. Then VanRoekel, he comes up and says today he is 
proud to announce the $1.37 billion in savings. That is your 
new number? Where did you get that?
    Mr. VanRoekel. So, sir, we report quarterly to Congress 
through a mechanism called the IUIT report. That IUIT report 
cleared yesterday and was transmitted to Congress.
    Mr. Mica. For today? So instead of, where the hell were we 
here? We were at, this is projected savings were about $300 
million by OMB according to a May report, and now you are 
saying we have jumped a billion?
    Mr. VanRoekel. There are sort of two numbers that we are 
tracking simultaneously here.
    Mr. Mica. Is that from the closure of the 484? It says you 
have a total plan closure of almost double that, 855. So have 
you had a sudden lightening expansion.
    Mr. VanRoekel. You are actually looking at two separate 
tracks of numbers. One number is just data. The number you are 
quoting with the $300 is just data centers.
    Mr. Mica. Okay.
    Mr. VanRoekel. There is a broader set of IT savings which 
have data center implications.
    Mr. Mica. So this is sort of a self-reporting and they are 
telling you that they have saved money by doing that.
    Mr. VanRoekel. No. We actually track at the investment 
level through the IUIT report, and I would encourage you to 
check it you.
    Mr. Mica. So it wouldn't be reflected in this. Then this 
$300 still stands, $300 million savings OMB as of May?
    Mr. VanRoekel. In May, yes. In May, yes.
    Mr. Mica. So this is another billion. And where would you 
attributed that billion coming from?
    Mr. VanRoekel. I am happy to share, with the permission of 
the Appropriations Committee, who we submit this report to, the 
report.
    Mr. Mica. Some data?
    I think it would be good for us to know. If you are making 
progress and it can be documented, we would like to know about 
it.
    Again, from the consolidation standpoint, we are somewhat 
still stuck in neutral, Mr. Powner? Actually, it looks like we 
are not only in neutral; it looks like we have gone in reverse 
because we actually have found more of these non-core centers 
than we anticipated. So we are behind the eight ball a bit.
    Mr. Powner. On the data center consolidation, that now has 
been merged with PortfolioStat, but to be real clear on data 
center consolidation, there is to be 800 centers closed, more 
than 800 centers closed by the end of this fiscal year, by 
September.
    Mr. Mica. What happened is we start out, even if we close 
the 800, that would have been 800 out of 3,100, and now we are 
looking at 7,100 or more, because we are not sure exactly. So 
it doesn't appear that we are making progress. If it was 800 of 
3,000, that would be somewhat more significant.
    Mr. Powner. Mr. Chairman, I think there are fundamental 
questions about how many we will ultimately close and what the 
savings will be, and we agree that we need to optimize what 
remains, but still, with that large number of closures, there 
should be associated savings with that.
    Mr. Mica. Well, again, it sounds like you have testified, 
too, that there is even more potential savings, so we would 
hope that can be, the problem seems to be, VanRoekel has great 
credentials for his position, coming from the private sector 
and observing sort of the Federal mess and trying to straighten 
it out, but we have tried several tools that don't seem to be 
that effective. We had this data consolidation, whatever the 
FDCCI, and then we have gone to this Pro whatever it is, and it 
doesn't appear that these tools are that effective.
    Okay, we are developing matrix. You said we are continuing 
to developing matrix to, again, get a handle on this or to move 
forward with realizing these savings and consolidation. But is 
this an evolution of the two or three sort of programs you have 
already set up? Are they an evolution? Explain what you are 
doing to get these agencies to maximize the potential for 
consolidation and savings.
    Mr. VanRoekel. I think the key is every day in the private 
sector you think about what impact are you driving, what is the 
result you are trying to affect. It could be selling products; 
it would be moving the stock price; it could be creating value. 
And thinking about that impact in working your way back from 
that is key.
    So what we hope for here is definitely cost-savings and 
closures. That is an ends, not a means. And the means to get to 
that is thinking about what applications am I running; how many 
email systems do I have; what kind of things am I deploying; 
what are the characteristics of the outcome I want to drive. So 
if you ask any CEO their advice, they will say measure what you 
care about, and what I care about is the optimization.
    Mr. Mica. That is the end results in providing the IT 
services, but when you have, okay, let's go back to Powner is 
telling me, what did you testify, server use is 5 to 10 
percent?
    Mr. Powner. Well, when we started the data center 
consolidation initiative, it was because average server 
utilization across the Federal Government was 5 to 15 percent. 
So that is a lot of unused capacity.
    Mr. Mica. Exactly. Exactly. That would be one of the sort 
of fundamental things I have. Setting up servers, the energy 
they use, the space they use, the inefficiency of 5. Where are 
we now? VanRoekel, it seems to me like you would look at that 
to begin with. I mean, getting the mission done is good, but 
you have people, they can certainly do the mission with lots of 
servers and all of these centers, but somehow the core expense 
and the consolidation efficiency goes back to the equipment, 
the hardware and the utilization of software that we aren't--
Powner, do you continue to monitor this? Where are we at now 
with, say, the utilization of servers?
    Mr. Powner. We are not monitoring that now. We were 
monitoring that at one time because that was stated in agency 
consolidation plans, which we don't currently have visibility 
into that. I think a key question is this: The core centers 
that remain, so we are going to close several non-core centers. 
The core centers that remain, where are we at on utilization on 
those. That ought to be a key metric.
    I agree with Steve, and there are a lot of metrics on power 
usage, efficiency, and those types of things, but if we are 
attempting to solve a problem of low server utilization, the 
core ones that remain, did we fix the problem. And we are ready 
to go out and measure that once those core centers are up.
    Mr. Mica. But, to me, that would be sort of fundamental. 
You are probably not going to do away with the core centers, 
but better utilization.
    Mr. Powner. Absolutely.
    Mr. Mica. And if you are not doing that and you want to 
accomplish a mission, you look at the alternative. If it isn't 
using that core, going to cloud or some other more efficient 
thing. But the problem is you go back to the matrix. We have 
had a couple of plans to kind of get this thing going and to 
try to move the consolidation, better utilization of the assets 
that we have, but that hasn't, apparently, worked.
    Now, we will probably be here in six months and haul 
everybody back, and we may get more discovery of non-core data 
centers and maybe a few more of those closed, but it doesn't 
appear like we are really getting a good handle on a means to 
make this happen.
    And then you have McClure here, who comes from GSA. 
McClure, you guys haven't set a very good example in your own 
operations. You have closed only one, less than one percent. 
You have 115 non-core data centers. What about yourself not 
operation? Anything to say on that?
    Mr. McClure. Well, I think that data that you are looking 
at was the second quarter reporting from GSA. Since then there 
has been a lot of movement. GSA owns, primarily, non-core data 
centers, small data centers, and we were in the middle of 
collecting the date when that second quarter----
    Mr. Mica. So what is the good news?
    Mr. McClure. Well, the good news is we expect to close 75 
of our 116 non-core data centers.
    Mr. Mica. Expect to, but how many?
    Mr. McClure. Thirty-eight will be done by the end of fiscal 
year 2013; another 37 in fiscal year 2014.
    Mr. Mica. So we will run from one to add 37 more is what 
you are telling us now.
    Okay. And, again, you have cited some of the things you are 
trying to do. Let me look at my notes here. You ever listen to 
WTOP in the morning? They have all these guys advertising that 
they can do this. That is the lighter side. I listen to WTOP in 
the morning and I swear they have 10 ads, by the time I am 
through shaving, on who can consolidate IT centers and how they 
do such a great job. It doesn't sound like anyone is listening, 
though.
    But you are still developing tools to evaluate all of this 
and you have put some tool, the data center optimization. 
Explain that and how it works.
    Mr. McClure. Well, I think it gets at the heart of what 
Dave was saying and what Steve was saying, and what you are 
saying, Mr. Chairman. We have to have a data-driven decision-
making process and transparency into that data. The GSA, our 
office has created a total cost of ownership model which would 
provide data into a lot of these areas that we are have been 
talking about this morning; power capacity, utilization.
    Mr. Mica. But you are laying out sort of the things that 
you could do; it is not things that you should or must do?
    Mr. McClure. No, no, this model exists. It is in the hands 
of all the agencies. It is an optimization planning tool that 
they can look at.
    Mr. Mica. Again, part of the solution would be to, and I 
have gotten to this. I have run out of time, but is to make 
certain, maybe VanRoekel has the tools to do this. Maybe from a 
procurement standpoint you would dictate or mandate that such-
and-such has to be achieved. VanRoekel has to go in and sort of 
force them. I have always said we give you budget authority, 
and they aren't performing and you just, you know, you have to 
have some teeth in the process to get people to do things.
    But I will leave it at that. I will come back. I want to 
give others an opportunity.
    Mr. Pocan.
    Mr. Pocan. Thank you, Mr. Chairman.
    This is a question maybe for Mr. McClure. According to the 
GSA website, the goals of the FedRAMP program include 
increasing the confidence and security of cloud solutions and 
security assessments. Under the process, cloud service 
providers must adhere to certain security requirements and 
undergo an independent audit.
    I am wondering a little bit about the confidence that 
agencies like DHS and DOD and NSA can have with information 
that is stored on the cloud, that it won't be compromised in 
some way.
    Mr. McClure. It is a great question. I think if we follow 
the baseline security requirements that we have established in 
FedRAMP and we do the independent certifications by these 
third-party assessment organizations that know how to assess 
cloud security, I think we will have much, much greater 
confidence that our data at all trust levels is really secure. 
I think FedRAMP is trying to instill in the Government a trust 
level that has not been there before, and to date we are 
finding it really does improve the confidence and trust of both 
the agencies and the providers that they are doing that.
    Mr. Pocan. And given all the controversy about cyber 
attacks and things, what confidence do we have that, as hackers 
are constantly revising how they are finding ways in, how 
confident are you that that FedRAMP process will provide enough 
flexibility that we can keep up with any evolving schemes or 
new technologies to try to break through?
    Mr. McClure. I think it will do it in two ways: number one, 
we are always going to be changing the FedRAMP security 
program. As the NIST security guidelines change, we incorporate 
that into the FedRAMP baseline, so it is always going to be up 
to speed with what NIST is recommending the Federal agencies 
do.
    Secondly, we are putting a lot of stock in the ability of 
these agencies to do continuous monitoring so that they have a 
real-time operational view of their security posture of 
themselves and their cloud providers. That is the best defense 
we can put in place, is having very robust, continuous 
monitoring.
    Mr. Pocan. And these audits, who is going to do the audits 
and what do they typically consist of?
    Mr. McClure. The audits that are done for FedRAMP 
certification are done by independent assessment organizations 
either off a list that we have put together, where companies 
have passed our accreditation that they actually have the 
capability to do the cloud assessments, or independent ones 
that exist in the marketplace. Based upon those audits, we can 
then review that in my program management office and determine 
whether there are any follow-up questions. Or the agencies can 
use them and feel much more confident that the audit has been 
done consistently, according to baseline standards, and is 
repeatable, can be reused across Government.
    Mr. Pocan. And the timeline for FedRAMP to be fully 
operational?
    Mr. McClure. It is moving into fully operational status 
now. We have run it for a year in what we call an interim 
operating capability. We didn't want to roll this out 
Government-wide until, if you pardon the expression, kick the 
tires, so we wanted to make sure this worked. We wanted an 
opportunity to refine it for success, and we think we are ready 
now.
    Mr. Pocan. Thank you, Mr. Chairman. I yield back the 
remainder of my time.
    Mr. Mica. I thank the gentleman.
    Mr. Meadows, the gentleman from North Carolina.
    Mr. Meadows. Thank you. I appreciate the insight. I must 
say that I am troubled by some of the things that I am hearing 
here.
    Mr. McClure, let me start with you. So, to date, you have 
closed one data center, is that correct?
    Mr. McClure. I will check as of today. I don't know if it 
is one or more, but there are several that we are nearing the 
close.
    Mr. Meadows. My data says that you have closed one in three 
years. And you are going to now, according to your testimony, 
you are going to close 37 in two months? What happened to go 
from one in three years to 37 in the next two months? How do 
you plan to accomplish that?
    Mr. McClure. Well, I don't operationally own the task 
myself, the CIO of GSA does.
    Mr. Meadows. So if it doesn't happen you can blame them?
    Mr. McClure. I am not blaming, I am just stating a matter 
of fact.
    Mr. Meadows. Well, we need to know where does the buck 
stop. Does it stop with you or does it stop with GAO?
    Mr. McClure. It should stop with the head of the agency, as 
with all these matters.
    Mr. Meadows. So it stops with you.
    Mr. McClure. I am not the head of the agency; I am the head 
of an office that provides the tools that we talked about to 
help get this job done.
    Mr. Meadows. So if we bring you back in two months and 37 
of them are not shut down, who should we hold accountable?
    Mr. McClure. Well, the CIO holds responsibility in each 
agency for doing the data center consolidation work and for 
estimating plan closures, so the CIO owns the issue. The head 
of the agency is ultimately responsible. So those are the two 
individuals at GSA that have their eyeballs on the situation.
    Mr. Meadows. So what happens if they don't make the 37?
    Mr. McClure. I think you should ask for an explanation.
    Mr. Meadows. So Ms. Coleman would need to come here and say 
why she couldn't get it done?
    Mr. McClure. I would recommend that, yes.
    Mr. Meadows. All right.
    Mr. McClure. I think that would be true, by the way, across 
the board for every agency. A lot of the responsibility here 
lies at the CIO and head of the agency level. So the same 
conversation could be repeated across multiple agencies.
    Mr. Meadows. So essentially we have a whole bunch of people 
that come and give testimony before Congress, but really don't 
have the responsibility for implementing those things. So we 
have hearing after hearing after hearing and nothing gets done? 
Is that what happens?
    I mean, I am at a loss on how one got closed. I think you 
have three core centers, 115 non-core centers, and we have one 
closure in the last three years, and now, all of a sudden, we 
are going to ramp up. Why is that? I mean, who made that 
decision to ramp up and how is that going to happen?
    Mr. McClure. Well, I think the thing to remember is that, 
again, we had a definition change. That is the reason why the 
number of data center number changes.
    Mr. Meadows. Okay, but we have heard from testimony, I 
think over here, that actually the number of data centers have 
increased. But they really haven't, so they have stayed static.
    I think OMB, according to your briefing, you knew as far 
back as June of 2012 that we actually had 6700 centers, and 
that has grown to 7100 now, is that correct?
    Mr. VanRoekel. Sir, I actually evolved and put more rigor 
behind the definition to expand the definition.
    Mr. Meadows. Of what a data center is?
    Mr. VanRoekel. Of what a data center is. What I didn't want 
to do is have Federal agencies either splitting up big ones and 
putting them in small rooms or hiding computing resources, 
because you add up those small ones, you are going to get as 
much as a big one, and I want to track all of them. Our prior 
definition only tracked the very large. If we change the 
definition----
    Mr. Meadows. So your prior definition of large ones----
    Mr. VanRoekel. Was over 500 square feet, I believe.
    Mr. Meadows. Okay. And that was 6700?
    Mr. VanRoekel. Was the 3,000.
    Mr. Meadows. Is the 3,000 number that they originally 
reported.
    Mr. VanRoekel. So I came in and said I don't want anything 
hidden, I don't want resources in dark corners.
    Mr. Meadows. Okay, that is reasonable.
    Mr. VanRoekel. I expanded the definition to say we are 
going to go into the small ones too. That contributed, then, to 
the----
    Mr. Meadows. Okay. So what you are saying is that expansion 
is really a function of changing the criteria of what we call a 
data center.
    Mr. VanRoekel. To be more comprehensive and derive better 
inventory.
    Mr. Meadows. All right, so let me pick up on one other line 
of questioning, then, because I think what we are saying is our 
server capacity right now, according to Mr. Powner, we are 
operating at 5 to 15 percent. Would you agree with that?
    Mr. VanRoekel. I don't have raw data, but that is probably 
an industry----
    Mr. Meadows. So why are we continuing to buy new servers, 
then? And I am not talking about replacing existing servers. We 
are actually purchasing additional servers. So why are we doing 
that if we have excess capacity?
    Mr. VanRoekel. The way that technology grew up and the way 
that we built data centers very much follows what the private 
sector did, which it was----
    Mr. Meadows. Well, if I did this in the private sector I 
would go out of business.
    Mr. VanRoekel. Until about mid-2000, the private sector did 
this.
    Mr. Meadows. I understand.
    Mr. VanRoekel. Server utilization for corporate customers--
I was part of the leadership to the server division of 
Microsoft--was 7 percent utilization prior to this new 
technology coming onboard called virtualization that allows you 
to put more stuff on physical hardware. You need new hardware 
to run that technology. There is new investment.
    Mr. Meadows. But that is what I am saying, this is not 
replacement of existing servers; these are actually additional 
servers, according to the data that I have.
    Is that correct, Mr. Powner?
    Mr. Powner. The increased inventory is existing, what 
currently exists at these agencies, where we are discovering 
more based on the new definition that Steve laid out. So----
    Mr. Meadows. So this is just a definitional change, it is 
not an actual increase in the number? Are you all sure about 
that?
    Mr. Powner. I think it is both. I think it is both. Here is 
what happened. Initially we started off, the definition was 500 
square feet or larger. Then we expanded the definition and 
things were smaller. Steve did the absolute right thing because 
there were a lot of opportunities to save by including these 
additional things. So the definitional thing resulted in an 
uptick.
    But I think over time, based on our audit work, because we 
go in and ask agencies what their inventories are, we see these 
inventories continuing to grow over time. So it is twofold, it 
is the increase, it is the change in definition, and it is also 
they are discovering more what they have.
    Mr. Meadows. All right. So let me go back and pick up on 
the national security. If we have 7100 data centers, from a 
security standpoint how do we manage that security aspect from 
the standpoint of cybersecurity, a number of things in terms of 
attack? Because it seems like it would be the more concentrated 
it is, the easier it is to provide a higher level of security. 
So, as we grow that out, is there a matrix right now that you 
are looking at to try to say, well, optimum efficiency would be 
to get down to 2,000 servers? I mean, do you have a number?
    Mr. VanRoekel. It is less about the raw, the number of data 
centers, of course, is important, as we are talking about 
today. Cybersecurity related to data centers is just a little 
bit different in the way you think about that. And the way we 
build our cyber capabilities is grounded in FISMA, the Federal 
Information Security Management Act, and we use a process 
called CyberStat, much like PortfolioStat, that tracks key 
metrics, and effectively what you want to make sure you are 
doing is that when traffic comes and goes from these centers, 
that they are going through these trusted Internet connections 
and that we have capabilities there----
    Mr. Meadows. But fewer data centers would make that an 
easier task or not?
    Mr. VanRoekel. I think it would make it an easier task, 
definitely, and that is a byproduct of----
    Mr. Meadows. So where do we need to be? If you had control 
over all the other agencies and you are the guy that is in 
charge and ultimately the buck stopped with you, how many data 
centers do we end up? What would you do if you were a private 
sector guy trying to make money here? What would you do?
    Mr. VanRoekel. Fewer is better and optimized is better.
    Mr. Meadows. How many fewer?
    Mr. VanRoekel. It would depend on the size of the agency, 
the mission of the agency, what is the relationship of that. 
Homeland Security, for example, has defined three core data 
centers.
    Mr. Meadows. Sure.
    Mr. VanRoekel. I think that is a good target to think 
about. And these are highly optimized, they follow all the 
guidelines that we have put forth in this approach to say where 
we need to go. I can't extrapolate for the whole of Government.
    Mr. Meadows. And that is fine, but so we don't just have 
hearing after hearing, I would ask if you would go ahead and 
try to put together what the plan is so we know whether--one of 
the criticisms of your agency, and I understand this is a new 
role, is that you are not measuring, that you are not 
effectively measuring, and I think that that can be maybe 
accurate in some ways and inaccurate in others. I will give you 
that. What I would love to see is how do we know whether we are 
being successful or not, so really would love for you to follow 
up on that, have your staff follow up on that.
    The second part of this, and this is probably as critical, 
what can we do as Congress to give a real incentive for us to 
save money. I have hearing after hearing where we save billions 
and billions of dollars, but yet we ask for more and more 
money. So what I would love to do is to find a real way where 
you say, Mr. Meadows, if we did this, if you offered us this, 
we could assure that we could get $50 billion in savings or 
over the life, or whatever it is.
    But I am talking about real incentives where, hopefully in 
a bipartisan way, we can come up with something that gives you 
incentive. I would love to hear that from each one of you, not 
in terms of answering that question, but as a follow-up, if you 
would submit that to us.
    Thank you so much. I yield back, Mr. Chairman.
    Mr. Mica. I thank the gentleman from North Carolina and 
recognize our ranking member, Mr. Connolly now.
    Mr. Connolly. Thank you, Mr. Chairman.
    Forgive me, Mr. VanRoekel and Mr. McClure, for not being 
here for your testimony, but I have been trying to catch up. I 
had to move an amendment on the Floor and the Republican 
manager accepted my amendment. So I don't know whether it means 
it was just awful and brilliant or whether apparently I wrote 
an amendment that was so weak that even for them it was 
acceptable. I don't know, but I will take the gift.
    Mr. Powner, if I understood your testimony correctly, you, 
inter alia, said we seem to be sliding backwards in terms of 
certain metrics with respect to, for example, data center and 
Dashboard, is that correct?
    Mr. Powner. I think in terms of the Dashboard, yes, on the 
data centers what we want to do is we want to track savings. I 
think we want to know what the inventory is, transparency on 
what the inventory is, what the savings are, and then how we 
optimize what remains. And transparency around that is key.
    Mr. Connolly. Okay. I also thought I heard you say there is 
some concern that the Government doesn't fully know what it has 
when it comes to data centers.
    Mr. Powner. Well, when we see the inventories growing as 
they have over time, you can just take the snapshots in time; 
it keeps growing, so there is still a concern have we still 
captured everything.
    Mr. Connolly. And I also thought I heard you say that you 
thought the FATAR legislation passed out of this committee and 
passed on the floor of the House would be actually helpful to 
the Government in trying to get its arms around this subject 
matter.
    Mr. Powner. On data center consolidation optimization, it 
would codify that in law, clearly.
    Mr. Connolly. Mr. VanRoekel, your reaction to those 
elements of Mr. Powner's testimony?
    Mr. VanRoekel. As I mentioned earlier, I do agree that 
there is a level at which the inventory management, when you 
cast a net across the Federal Government, there will be things 
you probably aren't finding just given the sheer size. I think 
our rigor around the definition and modifying that definition 
over time to capture more of what is out there has been the 
driving force behind the number increasing, less about sort of 
inventory management. But I do think there will be edge cases 
where we will have more come up in different cases.
    Mr. Connolly. Can I interrupt you there? I take that point, 
but if you look at GAO's report agency-by-agency how you are 
doing in data center consolidation even before the announcement 
of an additional 4,000, it is pretty slim pickings for most 
Federal agencies.
    Mr. VanRoekel. If you visit a data center and understand 
how a data center works, it is not literally walk up and pull 
the plug and say I am going to shut this thing down. And the 
incentive structure you want to establish here needs to be one 
where you drive to optimization, because if you lay a metric 
out and say close data centers, cut them by 30 percent, cut 
them by 40 percent off just a denominator of inventory, what 
you will have happen is Federal agencies, in many cases, will 
literally take a forklift, pick up small data centers, move 
them to a larger room and plug them back in.
    Mr. Connolly. And that is called compliance.
    Mr. VanRoekel. And that is called compliance. So you have 
two next to each other and they remove the wall between them, 
thus reducing that by 50 percent. That doesn't get where we 
want to go, which is to get that utilization up, get the 
optimization up, get the service out of that data center to 
increase in such a way that you drive better outcomes for the 
mission of that agency and for the American people.
    So the incentive structure has to match to the measurement 
in a way that I think needs to drive the behavior we want to 
see and the outcomes we want to drive. So the uncertain budget 
environment we have been in for a while, CIO authorities, which 
the FATAR bill looks at that, and other driving factors 
contribute to this phenomenon of not being able to just shut 
one off.
    Mr. Connolly. I do want to be clear. The FATAR legislation 
is not sort of a Luddite approached to the subject matter; it 
actually does require tracking and it does have other 
measurements about utilization and so forth that are 
incorporated into the concept. So I think we kind of took your 
point. But I would also say to you that the metrics of the 
number of data centers and the need to reduce them came out of 
this Administration. I mean, that wasn't something that ended 
up here; that was something that came out of the White House.
    Mr. VanRoekel. And we still stand behind that direction.
    Mr. Connolly. We kind of hope you do. We take your point, 
and we are not always good about nuance, but we are going to 
try to be responsive on a nuance way, the bottom line is 
efficiency, utilization. But we have to have some metric that 
says we have too many of these things, and that alone tells us 
we are inefficient; that tells us, you know, sort of there's no 
place like home syndrome: I know Steve has a better one, but 
kind of like ours right here, and we are not going to give it 
up willingly, and we are going to use every bureaucratic trick 
in the book to protect and preserve it, irrespective of 
utilization. Utilization, we can have Harry and Shirley go 
there twice a day instead of once a day and get up to 
utilization; it doesn't really get to what we are trying to get 
at.
    And I was saying to the chairman, he shares my view that I 
think the fact that you are now also at OMB gives us some hope 
that from a management point of view we can perhaps persuade 
people that there is a better way of doing this and it is win, 
win, win. We can save on energy, we can save on budgets, 
especially in a time of contracting budgets, and we can make 
ourselves more effective. So we want to be supportive of that, 
but we are frustrated that the numbers are not particularly 
felicitous. And I hope you can understand that, from our point 
of view, that is to say.
    Mr. VanRoekel. Yes, I can definitely understand that.
    Mr. Connolly. Okay. The IT Dashboard, the Department of 
Defense reports zero investments with significant concerns and 
has not updated the status of most of its investment over two 
years, and that more TechStat reviews obviously need to occur, 
as Mr. Powner said in his report. What are we doing about that? 
I mean, that is actually, to me, astounding. Here is the 
biggest expenditure of Federal dollars, here is the biggest 
investor of Federal dollars, here is the biggest client we 
have, from your point of view, and it hasn't even essentially 
updated its Dashboard in two years. Huh. I guess we have been 
busy doing other things.
    Mr. VanRoekel. I think it speaks to a couple aspects. One 
is we don't, in OMB, in my office, track the self-reported 
status as the key indicator of performance on investments. It 
is a fool's errand to track a self-reporter. You would never 
have a contractor self-report their results or things like 
that. So we go deeper than that and look at how often do they 
change schedules; where are they on budget, are they hitting 
budget; what is their time to delivery on services, all of 
these kinds of things.
    I have actually added features to the IT Dashboard in the 
last couple years that give me indications when agencies go in 
and do re-baselines, meaning they have changed their data in 
some fundamental way. Those, to me, are the red flags you want 
to look at. And where we will lift up and say there is 
something going on there, where self-assessment will never do 
that for you. And I agree that it is laughable, to some degree, 
on DOD not reporting any core investments, but we know; we 
track and we know where those are.
    The second part of it is CIO authorities. And I think 
looking at the authority of the CIO, the person whose picture 
is next to all those investments is Terry Takai. Terry Takai 
has very little influence over most of the investments that you 
are looking at on that Dashboard and has very much an 
inability--you know, she is reporting what she gets from the 
self-reported aspects of the people out in the periphery, and I 
think it speaks to a larger theme of something we need to look 
at in Government around what is the authority of the CIO or 
whose picture should be next to that.
    Mr. Connolly. Well, funny you should bring up that subject, 
Mr. VanRoekel. FATAR addresses that issue in terms of the 
streamlining of CIOs in Federal agencies and the infusion of 
authority, responsibility, accountability in a CIO, a principal 
CIO for each of the 26 major agencies. And I think Mr. Powner, 
in previous testimony, has highlighted that as well. So I 
commend the bill again to you, because I think it tries to move 
us in that direction without a heavy hand. But it is trying to 
inculcate more flexibility for a chief CIO. It doesn't abolish 
all other CIOs, but I would commend it to you that it is 
designed, again, to address the very thing you are talking 
about.
    Now, DOD, because of jurisdictional issues, is not directly 
addressed, but sooner or later it will be, and we will be glad 
to work with the Administration to make that happen.
    Some questions have come up recently about energy savings 
performance contracts, and let me ask what is the role of OMB 
in approving such projects.
    Mr. VanRoekel. OMB doesn't, accept for interpretation of 
policy or matters where procurements reach a certain threshold 
where we have a review board process that is part of our normal 
Office of Federal Procurement Policy work, review those and 
provide counsel to agencies; it is the agency's decision to go 
forward and the Procurement Office to go forward with the 
procurement.
    Mr. Connolly. So OMB is not going to play any kind of 
direct role in the awarding of such contracts, the approval of 
such contracts, the extension of such contracts, or even just 
conceptually the general approbation of or disapproval of those 
as a tool.
    Mr. VanRoekel. We provide guidance in that context.
    Mr. Connolly. Okay. I thank you.
    And, Mr. McClure, when we had our field hearing there were 
concerns raised about GSA's performance with respect to data 
center consolidation. You were not there to answer those 
questions, so I want to give you, as my last question before we 
have to vote, an opportunity. How is it going? I think after 
the hearing you did have some announcements, and that was good. 
It would have been nice to have them at the hearing. But the 
concern is that this is a sustained trajectory, not just a 
let's please them and give them something to report, and it 
kind of looked like the latter more than the former. So 
reassure us that that is not true, please.
    Mr. McClure. Well, I do want to reassure you. I think it 
might have the appearance of that, but, as I was explaining 
while you were gone, there was a lot of data collection going 
on that had not ended by the second quarter reporting period, 
which is the data that the committee had at that time. So, as a 
result, shortly after the hearing, with updated numbers, our 
situation looks much better; 38 planned closures by the end of 
fiscal year 2013 and an additional 37 in fiscal year 2014.
    Mr. Connolly. Can I interrupt you there, Mr. McClure, just 
to satisfy myself? The chairman was reminding me the report we 
had was you have done one. Now you have 37 more in the 
pipeline, but how could we have taken so long to just have one?
    Mr. McClure. Well, I will give you some explanation that 
revolves around what Steve just said, and that is that CIOs in 
the Federal Government often don't have complete control over 
all data centers in that department or agency. That was the 
case until May of this year, June of this year, in which 
Administrator Tangherlini consolidated CIO authority under a 
single CIO. So the ability to collect this data I think has 
been greatly enhanced with that kind of authority being vested 
in the CIO.
    Mr. Connolly. So, in other words, for example, had the 
FATAR bill been law, we might have been able to have happier 
numbers much sooner.
    Mr. McClure. I think it can help, because it has helped 
there.
    Mr. Connolly. Stop right there; you are doing fine.
    [Laughter.]
    Mr. Connolly. Okay, we have to go vote. This is part of a 
dialogue. I certainly appreciate you being here. I hope we have 
conveyed, through our frustrations we share on a bipartisan 
basis. We also, on a bipartisan basis, want to be partners. We 
want to help. This is an important part of Government that 
doesn't get sufficient attention. But in terms of our future, 
the investments we make in technology are going to drive 
everything, not just something. And from megadata evaluation to 
cybersecurity attacks to wonderful ability to do great things 
more efficiently, you all have the keys in your hands to help 
us make that happen and we want you to be successful.
    So we want to try to help create an environment for 
success, so I hope you look at it in that spirit. Congress has 
an oversight role and we have to throw the flag down when we 
think something has gone wrong, but that is not the end game 
for us. And I can say my partner here, the chairman, Mr. Mica, 
has gone out of his way to try to create this subcommittee as a 
forum to be helpful and to be useful. So we look forward to 
working with you and thank you so much for being here today.
    Thank you, Mr. Chairman, for the hearing.
    Mr. Mica. Thank you, Mr. Connolly.
    I will re-echo his comments that we are trying to find some 
constructive means of helping you move forward, both GSA has an 
important role, certainly OMB, and we want to talk some more, 
Mr. VanRoekel. I want to also see if the legislation we have 
pending provides you with the tools. You need some teeth. You 
are a nice guy. You came from the private sector and mission-
oriented.
    I love all that, but the difference is in the private 
sector the people that are involved are business people who are 
bottom-line people; they are doing everything they can to bring 
the cost down, the efficiencies, maximize the assets that they 
have. Here you have a Federal agency; it is just more manna 
from the Treasury and they don't have that same incentive. But 
we are going to figure out a way to give you all the tools you 
need to help us get the job done.
    And thanks, Mr. Powner. Keep us posted as you reveal more 
of the findings that cause a bipartisan gasp in any panel of 
Congress like you did today.
    So, with that, I am going to ask that we leave the record 
open for two weeks. We have additional questions we didn't get 
to. We want to have those answered in the record. So, without 
objection, so ordered.
    There being no further business before the Government 
Operations Subcommittee, this hearing is adjourned. Thank you.
    [Whereupon, at 10:53 a.m., the subcommittee was adjourned.]



                                APPENDIX

                              ----------                              


               Material Submitted for the Hearing Record

[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]

                                 
