[Senate Hearing 111-134] [From the U.S. Government Publishing Office] GOVERNMENT 2.0: ADVANCING AMERICA INTO THE 21ST CENTURY AND A DIGITAL FUTURE ======================================================================= HEARING before the FEDERAL FINANCIAL MANAGEMENT, GOVERNMENT INFORMATION, FEDERAL SERVICES, AND INTERNATIONAL SECURITY SUBCOMMITTEE of the COMMITTEE ON HOMELAND SECURITY AND GOVERNMENTAL AFFAIRS UNITED STATES SENATE of the ONE HUNDRED ELEVENTH CONGRESS FIRST SESSION __________ APRIL 28, 2009 __________ Available via http://www.gpoaccess.gov/congress/index.html Printed for the use of the Committee on Homeland Security and Governmental Affairs U.S. GOVERNMENT PRINTING OFFICE 50-391 WASHINGTON : 2009 ----------------------------------------------------------------------- For sale by the Superintendent of Documents, U.S. Government Printing Office Internet: bookstore.gpo.gov Phone: toll free (866) 512-1800; DC area (202) 512-1800 Fax: (202) 512-2104 Mail: Stop IDCC, Washington, DC 20402-0001 COMMITTEE ON HOMELAND SECURITY AND GOVERNMENTAL AFFAIRS JOSEPH I. LIEBERMAN, Connecticut, Chairman CARL LEVIN, Michigan SUSAN M. COLLINS, Maine DANIEL K. AKAKA, Hawaii TOM COBURN, Oklahoma THOMAS R. CARPER, Delaware JOHN McCAIN, Arizona MARK PRYOR, Arkansas GEORGE V. VOINOVICH, Ohio MARY L. LANDRIEU, Louisiana JOHN ENSIGN, Nevada CLAIRE McCASKILL, Missouri LINDSEY GRAHAM, South Carolina JON TESTER, Montana ROLAND W. BURRIS, Illinois MICHAEL F. BENNET, Colorado Michael L. Alexander, Staff Director Brandon L. Milhorn, Minority Staff Director and Chief Counsel Trina Driessnack Tyrer, Chief Clerk ------ SUBCOMMITTEE ON FEDERAL FINANCIAL MANAGEMENT, GOVERNMENT INFORMATION, FEDERAL SERVICES, AND INTERNATIONAL SECURITY THOMAS R. CARPER, Delaware, Chairman CARL LEVIN, Michigan JOHN McCAIN, Arizona DANIEL K. AKAKA, Hawaii TOM COBURN, Oklahoma MARK L. PRYOR, Arkansas GEORGE V. VOINOVICH, Ohio CLAIRE McCASKILL, Missouri JOHN ENSIGN, Nevada ROLAND W. BURRIS, Illinois John Kilvington, Staff Director Erik Hopkins, Professional Staff Member Bryan Parker, Staff Director and General Counsel to the Minority Justin Stevens, Minority Professional Staff Member Deirdre G. Armstrong, Chief Clerk C O N T E N T S ------ Opening statements: Page Senator Carper............................................... 1 Senator Burris............................................... 13 WITNESSES Tuesday, April 28, 2009 Hon. Vivek Kundra, Federal Chief Information Officer, Administrator, Office of Electronic Government and Information Technology, Office of Management and Budget.................... 4 David A. Powner, Director, Information Technology Issues, U.S. Government Accountability Office............................... 17 Karen S. Evans, Former Administrator, Office of Electornic Government and Information Technology, Office of Management and Budget......................................................... 19 Phillip J. Bond, President, TechAmerica.......................... 20 Alphabetical List of Witnesses Bond, Phillip J.: Testimony.................................................... 20 Prepared statement........................................... 69 Evans, Karen S.: Testimony.................................................... 19 Prepared statement........................................... 60 Kundra, Hon. Vivek: Testimony.................................................... 4 Prepared statement........................................... 41 Powner, David A.: Testimony.................................................... 17 Prepared statement........................................... 46 APPENDIX Questions and Responses for the Record from: Mr. Kundra................................................... 77 Mr. Powner................................................... 82 Ms. Evans.................................................... 86 Mr. Bond..................................................... 90 GOVERNMENT 2.0: ADVANCING AMERICA INTO THE 21ST CENTURY AND A DIGITAL FUTURE ---------- TUESDAY, APRIL 28, 2009 U.S. Senate, Subcommittee on Federal Financial Management, Government Information, Federal Service, and International Security, of the Committee on Homeland Security and Governmental Affairs, Washington, DC. The Subcommittee met, pursuant to notice, at 2:30 p.m., in room SD-342, Dirksen Senate Office Building, Hon. Thomas R. Carper, Chairman of the Subcommittee, presiding. Present: Senators Carper and Burris. OPENING STATEMENT OF SENATOR CARPER Senator Carper. The Subcommittee will please come to order, and my thanks to our guests and witnesses for being here today. We are going to be joined by Senator McCain shortly. Today's hearing is the latest in a series of hearings that this Subcommittee has held to examine the effectiveness of agency information technology investments. It is widely recognized that technology has transformed the way that we as Americans interact, the way we socialize, the way we conduct our business. For example, it is becoming more and more common for the average American to start the day by firing up their computer rather than by opening up a newspaper. We have come to expect accurate and reliable information on demand. Businesses must have an effective presence online in order to remain relevant and to remain competitive. If they want to stay in touch with their customers and gain efficiencies, they must constantly seek out and harness the latest technology innovations. Similar things could be said about the Federal Government. The Obama Administration appears to be filled with some of the most tech-savvy men and women to sign up for government service, at least in the time that I have been around here. I applaud the President's early commitment, including during his time in this body, to use technology to make government more transparent and more effective. I look forward, I think we look forward, to hearing more details from Mr. Kundra today about the Administration's technology agenda and how we can make better, more cost- effective use of the latest innovations. I say this because this Subcommittee has extensively examined two critical issues that call into question the Federal Government's ability to use technological innovation to save money, to improve customer service, and to better achieve agency missions. The first area involves failing IT investments. All too often, agency technology investments from something as simple as a new accounting system to something as complicated as a so- called virtual fence on the Mexican border are finished millions of dollars over budget, years behind schedule, and not performing as planned. Not all, but too many. In fact, many times agencies pay twice the going rate for obsolete technology that does not serve their agency's needs or the people that are served by those respective agencies. To make matters worse, Congress has often learned about these failed projects after it is too late and millions of dollars have already been misspent and in some cases wasted. To address this problem, I have introduced legislation today, along with Senator Susan Collins of Maine, that will give agency leadership and decisionmakers in Congress the information they need to know whether our investment in new technology is making a true impact, the kind of impact that is intended. Our bill, The Information Technology Investment Oversight Enhancement and Waste Prevention Act--and I repeat--no, I do not want to repeat that. That is quite a name. But this act would also give OMB new tools that it can use to help agencies fix troubled projects hopefully before they fail. The second area that often prevents the effective use of technology within the Federal Government is the risk we face from cyber attacks. Just this morning we had a full Committee hearing on this particular issue and concern. But as we know, our Nation comes under attack every day by hackers, by cyber criminals, and even by other sovereign nations or people within those sovereign nations in many cases, I think, with the understanding and the permission of their governments. Our oversight has shown that, to date, agencies have failed to take necessary steps to ensure that sensitive information and critical infrastructure are secure. There is no clear evidence today of a significant and disruptive cyber attack against the United States, but countries such as Estonia, Georgia, Australia, and Brazil, among others, have already been victims. The technical capability and expertise is available if a terrorist group or country that wanted to do us harm decided to use it. In fact, it can be easily bought and sold right there on the Internet. In addition, Americans' sensitive personal information, as we all know, is constantly at risk. A number of agencies store a significant amount of the kind of information that identity thieves and criminals might find valuable. Agencies also hold sensitive security information. Just last week, we learned that someone had gone online to steal the plans for the most technologically advanced fighter jet, the F-35. I have introduced another bill today to address this pressing problem, and that bill, called the U.S. Information and Communications Enhancement Act, would organize the Federal Government to deal with these 21st Century challenges such as cyber threats, among other things, by establishing an office within the White House to coordinate the work of the various agencies involved in cyber security. This legislation would also strengthen the Department of Homeland Security's role in cyber security and give agency security officers more authority to enforce and test security standards. We look forward to working with our new Administration, the Obama Administration and the new team, on these and other issues. And when Senator McCain arrives, I will recognize him for any statement that he wishes to make, but until that point in time, let me just take a few minutes to introduce our first witness who has joined us. I very much enjoyed meeting with you earlier this week and thank you for spending the time to do that and for being here today. There is a lot of debate on the pronunciation of your name, so let me just try and you just coach me until I get it right. Vivek--correct? Is it ``Kun'-dra'' or ``Kun-dra' ''? Mr. Kundra. ``Kun'-dra.'' Senator Carper. ``Kun'-dra,'' emphasis on the first syllable. Thank you. Vivek Kundra was appointed as the first Federal CIO of the United States by President Obama in March 2009. In that capacity, he directs the policy and strategic planning of Federal information technology investments and is responsible for the oversight of Federal technology spending. The Federal CIO establishes and oversees enterprise architecture to ensure system interoperability and information sharing and ensure information security and privacy across the Federal Government. Mr. Kundra has been recognized among the top 25 CTOs in the country--is that true? All right. In the country--and as the 2008 IT Executive of the Year for his pioneering work to drive transparency, engage citizens, and lower the costs of government operations. Prior to joining the Obama Administration, Mr. Kundra served in Mayor Fenty's cabinet as the CTO for the District of Columbia and Governor Kaine's cabinet down in Virginia as Assistant Secretary of Commerce and Technology for the Commonwealth of Virginia. His diverse record also includes technology and public policy experience in the private sector and in academia. You must be a lot older than you look. That is a very good resume. Following the appointment of Mr. Kundra, President Barack Obama said these words: ``Vivek Kundra will bring a depth of experience in the technology arena and a commitment to lowering the cost of government operations to this position.'' He went on to say, ``I have directed him to work to ensure that we are using the spirit of American innovation and the power of technology to improve performance and lower the cost of government operations. As Chief Information Officer, he will play a key role in making sure our government is running in the most secure, most open and efficient way possible.'' I received last night on my way home a copy of your testimony, and I had a chance to read it, and I said to you in a short conversation we had here before the hearing began that I thought it was one of the most lucid, understandable pieces of testimony that I have actually read on this subject. I do not know if you write your own material, but if you do, keep it up. If you do not, just hang onto the person who wrote this, because it is good. It is good stuff. All right. With that having been said, I was going to kid you and say that we normally swear in our witnesses and ask you to rise and take the oath. We do not do that. I will not do that with you. We are just going to ask you to take it right from the top. Your full statement will be made a part of the record, and once you have completed it, we will have some questions. Thanks for joining us and please proceed. TESTIMONY OF HON. VIVEK KUNDRA,\1\ FEDERAL CHIEF INFORMATION OFFICER, ADMINISTRATOR, OFFICE OF ELECTRONIC GOVERNMENT AND INFORMATION TECHNOLOGY, OFFICE OF MANAGEMENT AND BUDGET Mr. Kundra. Good afternoon, Mr. Chairman and Members of the Subcommittee. Thank you for inviting me to testify on how the Federal Government can use information technology to change the way agencies achieve their missions as well as how information technology can enable agencies to spark innovation, interact with citizens more effectively, and ensure transparency while reducing energy. --------------------------------------------------------------------------- \1\ The prepared statement of Mr. Kundra appears in the Appendix on page 41. --------------------------------------------------------------------------- To begin, consider the three major revolutions that have fundamentally transformed society: The Agricultural Revolution, the Industrial Revolution, and the Information Revolution. In all cases, a fundamental principle holds true: Technology has been pivotal in driving structural change. In the Agricultural Revolution, stable food production created an environment where a person could literally spend an entire lifetime within a 25-mile radius of their birthplace. The Industrial Revolution brought about an era that enabled rapid movement of goods, supplies, and people, which fundamentally changed the way the economy evolved. The pace of commerce quickened, and the world became significantly smaller through ships, trains, and planes. Today, in the same way that the Industrial Revolution made the physical world smaller, the Information Revolution has fundamentally transformed society. The world is smaller and more connected, and information can be shared across the globe in a matter of seconds in ways that were structurally impossible. New relationships and networks can form spontaneously. The Federal Government is also going through stages of transformation as it enters the digital world. First, Federal agencies place information online without changing the underlying business processes. Essentially, they ``webify'' the Federal Government. In the second phase, the focus shifted to the automation of back-end processes and improvement of citizen services and how citizens can access those services. However, we have yet to turn these concepts into reality. The next phase, advancing America into the 21st Century and realizing the promise of Government 2.0, entails a fundamental shift in the interaction between the American people and their government. It requires a context-driven government. President Obama has made it clear that we must use technology to reform government and to improve the exchange of information between the Federal Government and its citizens. Context-driven government means that government information and services are provided to citizens when and where they need it as they go about their daily digital lives. For example, a teacher checks her smartphone before heading out for the day. An alert flashes, and she realizes it is Earth Day, so she decides to walk. On a site that is fed by NOAA data, she notices that it may rain and decides to take an umbrella. Using an online map, she finds the closest coffee shop on her way to work. She pays her mortgage online while she waits and connects to our social networking site to make her evening plans. This takes place in minutes, yet she has traversed multiple organizations and multiple digital destinations. The information and services are simply available where needed and when needed. Senator Carper. Let me just interrupt. I just thought that was a great example. Mr. Kundra. We must use context-driven government to bring government to its citizens. Access to government services should just be another component in a seamless digital experience. Doing so not only provides better service to our citizens, but also allows the government to leverage existing platforms, therefore lowering the cost of government operations. As the President has stated, information maintained by the Federal Government is a national asset and should be made available to the public in a way that is easy to find and ensure that we protect the privacy and the security of the data that is being leveraged. Making the information and the operations of government more open and accessible will drive accountability, enhance performance, and also ensure that the American people are engaged. Structural change is never easy and will require a strong focus on IT governance, from capital planning and investment management to privacy and security. On March 26, the President hosted an online town hall, the first of its kind for any White House, and with almost 100,000 participants and over 3.5 million votes cast, it was an unprecedented experience in public participation. We must and will continue to engage the American people through such platforms. Through the use of social networking tools, increased transparency of government data, and a strong focus on collaboration, we can harness the power of innovation across the government and realize the promise of Government 2.0. This concludes my testimony, and I will be happy to take any questions you may have. Senator Carper. Good. Thank you very much for an excellent statement. I did not think about asking this before, but I did not participate in the President's online town hall meeting that had 100,000 participants and over 3.5 million votes cast. But talk to me about the 3.5 million votes cast. Were those cast by the participants and they just did it over the Internet? How did it work? Mr. Kundra. Actually, over the Internet after the questions were written, so a lot of people participated by posing questions, and other people--the 3.5 million-plus votes-- actually decided to vote on the questions that were already put in place and voted up or down based on the questions they thought reflected what they wanted to know from the President. Senator Carper. All right. I have some questions of my own, and I would like to ask those now. On the campaign trail, there was a lot of discussion, as I am sure you will recall, of using technology to make government more efficient, more transparent, and more secure. In fact, when I was on the campaign trail as governor, I remember talking about that a long time ago, and again as a candidate for the U.S. Senate. Some of these ideas can be seen in the new Recovery.gov website that was recently set up and will be tracking stimulus funds down to the local level. I also understand that you were behind the campaign using technologies like YouTube and Facebook to reach new voters. Is that true? Mr. Kundra. I did not work on the campaign, but working with the new Media Team, we are making sure that we get as much information out to the people in the right context. Senator Carper. All right. Let me just ask, what are some of your top priorities that you have for using technology in government? Mr. Kundra. Sure. Part of it is recognizing that--let us take Facebook, for example. There are 200 million users on Facebook out of which 56 million of those users are in the United States. Yet the Federal Government continues to make investments in new platforms when we could be leveraging some of the platforms that exist out there. So the real question for us is to figure out--as technology has evolved, there are a set of platforms that already exist. How can we ensure, for example, as we advertise jobs, how do we make them available on platforms that the American people are already using? Second from a priority perspective is to look at the $71 billion that is already spent today on information technology and back-end systems. How do we rationalize those investments and ensure, as you mentioned earlier, that those investments actually produce the dividends we are looking for, that those projects come on time, on budget, and if they do not, that we are willing to make the tough choices around either stopping those projects or moving capital to where it is most effective? Another area is around democratizing data, and what we mean by that is take, for example, the Human Genome Project at the National Institutes of Health. When the NIH, working with other world bodies, decided to put all that data and that information in the public domain, what it did is it spawned a revolution around personalized medicine, and you ended up with a pipeline of new drugs that were never imagined before for approval in the FDA. The same thing with GPS. The Federal Government has a lot of data such as the satellites that were released by the military when it came to GPS information. What that did, by releasing that information, it spawned a whole new industry to where you could literally look on a map and find out where the closest coffee shop is or directions from one city to another. So, in essence, making sure that we are doing a better job when it comes to the dollars we are spending, the $71 billion in capital; second, making sure that we are engaging the American people by leveraging some of these new technologies; and, third, ensuring that we create a much more transparent and open government so that the American people know exactly what is going on in terms of their government. Senator Carper. All right. When you look ahead for the balance of this year and the 3 years that follow, what would be among your top priorities for this year and for the 3 years that follow it? Mr. Kundra. There are two key areas that we must focus on. One is around IT investments. Second is around cyber security. As you mentioned earlier, on cyber security we need to ensure that the information that exists in our current--whether it is our databases or applications and the processes that exist today that have helped move the Federal Government to the digital world are also safeguarded and that we have taken the proper precautions to ensure the security of those systems. So that is vital. A big part of what we will be doing is looking at how do we ensure a more secure environment when it comes to computing; and, second, how do we ensure that we have a rational approach to IT investment across the board. Senator Carper. OK. On the next panel, we have your predecessor, Karen Evans, and I see her here today. Welcome. Nice to see you again. Under her leadership, OMB was able to get the ball rolling on what I thought were some very good ideas. Let me just ask, how do you propose to build upon some of those successes? And are there areas where you plan to make improvements beyond those? Mr. Kundra. Sure. One of the areas we are looking at is-- there are two sets of lists right now: The management watch list and the high-risk list. So how do we take that to the next level and how do we ensure that we are not just looking at lagging indicators but leading indicators around problems when it comes to IT investment? Or if projects begin to go in the wrong direction, how do we get ahead of some of those problems? If we look at some of the reports that the GAO has issued around some of the recommendations of taking this to the next level, they are analyzing how do you get that information faster. And, second, from our perspective, how do we ensure that the frequency at which information is collected or data is collected is happening at a pace that allows us to change the trajectory of those projects? If you look at precision guided missiles, for example, one of the reasons those missiles actually hit their target is because you get constant feedback, a loopback mechanism that lets you know how you are performing in relation to where you are. And what we need to do is increase the frequency and consolidate into one list for some of those investments. Senator Carper. You mentioned some analysis just a moment ago, and let me just ask, when do you expect to provide the results of that analysis? Mr. Kundra. We expect to have some of that analysis done in the next 2 months. Senator Carper. All right. When you were working down in Virginia with Governor Kaine, were you his Chief Technology Officer? What was your title? You were part of the Department of Technology and Commerce? Mr. Kundra. Yes. Senator Carper. Which is a logical coupling, but I am not sure if every State follow that model. But in that experience that you had, what were some of the challenges that you faced there and the resolutions that you reached to those challenges that you think are transferable to the work that you will be doing for our country? I used to say as governor--in the National Governors Association, we had something called the Center for Best Practices where everyone who had a good idea, whatever the issue might be, would submit it, and then the rest of us could steal that idea and claim it as our own. But it was just a great way to identify best practices and find contact people in other States that could help us. But when you think of some of the things that you were working on in Virginia that you think might have relevance to what your new responsibilities are, what are some of those? Mr. Kundra. Some of them are actually around transparency and how transparency can drive results. An example would be the governor came into office, and with a biennial budget of $70 billion, his policy objective was to ensure that small women and minority businesses were actually getting a portion of the capital, the set-aside that he had. Yet there was no mechanism in the cabinet to hold agency heads accountable for those results. And a lot of the information around that was based on self-reporting. So what we decided to do was we decided to move forward with an automated dashboard, and what this dashboard would do, it would essentially bypass any self-reporting and would go to what we called ``the golden source of data.'' So literally going to the credit card companies and figure out how much money were agencies spending on credit cards and going to the central procurement systems and looking at how much money was being spent. And from that dashboard, what we were able to do is once we got that data, we were able to display results based on agency, agency head, the cabinet, how much money was spent on what businesses, and how they were performing. That allowed the governor to literally move the needle by over 30 percent in terms of his policy goals. In the same way---- Senator Carper. The needle on the dashboard? Mr. Kundra. On the dashboard by holding agency heads accountable, because he realized that by bringing agency heads to the office, he was able to say, well, how come these numbers are going the wrong way based on his policy guidance? In the same way, we believe that more information, transparency, and greater frequency--we did that on a monthly basis, so you could see every single month what was going on as far as a trajectory of those investments. So you could make shifts much faster rather than on an annual basis, which is what was happening before. That is one example. Another area that I think also applies to a broader economic principle---- Senator Carper. Is that something you could see us doing in the Federal Government with this Administration? Mr. Kundra. Absolutely. We believe that as we are looking at the IT investments, one of the areas we are exploring is how do we get as close to real-time data as possible and how do we ensure that we can make as much of that information public and available to the American people so that we have analysis that is happening not just limited to OMB and the agencies, but the American people can hold the government accountable for the investments that are being made. Senator Carper. OK. I understand another person was recently appointed as the Federal Government's first ever Chief Technology Officer. Could you just take a minute or two and describe how you and the Chief Technology Officer will interact together? Mr. Kundra. Sure. The CIO role is based in the Office of Management and Budget and is focused primarily on the oversight of IT investments within the Federal Government. The CTO's role is based in the Office of Science and Technology Policy, and it is focused on advancing the President's agenda around broadband, health IT, research and development priorities for the country. The two of us will be working very closely together to advance the President's technology agenda. Senator Carper. How will you go about doing that? How will you go about ensuring that happens? Mr. Kundra. Part of it is we also want to tap into the ingenuity of the American people. So with the CTO, being able to convene the brightest minds in the private sector, in the NGO community, and bringing them together to work closely on some of these policy issues and also to look at some of the technologies that are being incubated, whether it is in Silicon Valley or all over the country, and figuring out what are the leading technologies that can be leveraged within the Federal Government, and also looking at it from internally, from within the Federal Government, to see how do we spark innovation, how do we find the innovative path when it comes to these investments. A simple example is something that happened with TSA where internally the CIO organization was moving forward on deploying potentially a blog solution that would have cost over $70,000. Yet one of the folks came there from the web managers' group and said, ``Well, we could do this for free.'' And they began to leverage a free platform rather than spending $70,000 of taxpayer money. Across the board there are many examples, and what we need to make sure is we are engaging some of the innovative thinking that is happening outside the Federal Government, and at the same time ensuring that we are sparking that innovation within the Federal Government. Senator Carper. All right. Thanks. As I am sure you have experienced before at the Chief Technology Officer in the District here, in the District of Columbia, there are a whole lot of problems that can occur when deploying technology. This Subcommittee is focused on IT investments that many times come in over budget, behind schedule, and underperforming. You have emphasized your interest in increasing transparency--you said it again here just a minute ago--in IT investments, but we would like to hear about your specific plans for improving the oversight of these investments. For example, how will you provide more effective oversight for an IT investment? When should Congress expect to see some changes as a result of your efforts? And, finally, do you believe that your office needs any additional resources or authority? Mr. Kundra. Specifically, one of the areas, if we step back and look at some of the big structural problems, why do these investments go the wrong way or fail in a lot of cases? One is we have very poor, in some cases, requirements from the Federal Government. So the Federal Government essentially does not do a good job defining what those requirements are. Second, we have some runaway contracts that are in place. Senator Carper. Some runaway what? Mr. Kundra. Contracts. So what ends up happening is a contract is awarded that is not fixed price, in some cases, and one of the reasons you do that is because you do not know what the requirements are up front. There are cases where you need cost-plus contracts, but if we know what the requirements are up front, we should be able to award fixed-price contracts. That is another area, and that is something we are looking at right now to figure out the proportion of contracts that are fixed price versus cost plus and how those investments--what types of results they yield. Senator Carper. Which should be most common, fixed price or cost plus? Mr. Kundra. Fixed price should be most common, if we know what the requirements are up front, we know what the scope is of the project. Some of the investments that go south, one of the reasons is because you end up with 400-plus change orders. So you begin with a project that is very simple, yet the scope keeps getting larger and larger and larger. So what we need to ensure is we need to look at how do we move the agenda towards defining requirements clearly, holding the private sector also accountable when it comes to projects, and what I mean by that is, once a contract has been awarded, scope has been created, needs have been defined, we need to ensure that the companies we have awarded these contracts to actually deliver on those results. And the way that happens is ensuring that there is a degree of engagement, a high degree of engagement, from both the business side of the house and the technology side of the house. If you move in one direction or the other too much, what ends up happening is you end up usually having a failure in an IT project. You need a high level of engagement from the technology folks, and you need a high level of engagement from the business side. The way we want to move forward in that direction is we want to be able to hold the CIOs accountable, working with agency heads, and providing as much information as possible. And that is what we are in the process of doing right now, is rationalizing some of those reports to figure out how do we get a greater degree of input from the agencies as these projects are moving forward, because doing it on an annual basis is not going to be good enough, because by the time you find out the requirements have increased or the budget is out of control, it is too late to make any adjustments. And, unfortunately, for far too long in some cases, we have thrown good money after bad money. Senator Carper. Now, you may have answered this part of my question, but I missed it. Part of my question was the question about needing extra resources, additional authority. What did you say in response to that part of my question? Mr. Kundra. At this point what we are doing is we are trying to see whether--if you look at the oversight function, we could move towards one direction, which would be infinite resources and we are overseeing everything, but the reality is we cannot afford faceless accountability. And what I mean by that is we need to be able to hold the CIOs accountable who are responsible for being technology leaders within agencies. So we need to ensure that there are proper resources within the agencies on specific projects. From an OMB perspective, we have the resources right now, and as we are rationalizing how the reports are going to work and what the frequency of that information is going to be in terms of collecting, I look forward to working with you to figure out what the appropriate solution is going to be in terms of the resources. Senator Carper. All right. Fair enough. As you know, your predecessor, Karen Evans, was good enough to testify before us on several occasions on egregious IT systems that simply should never have been approved in the first place. However, for one reason or another, projects were still allowed to continue and to be funded. I understand that you have an extremely powerful weapon at your disposal to combat this problem. I understand that your position has the power of choosing to approve or not approve an agency's business cases. Are you willing to tell agencies no, especially if they do not plan the investment right the first time out? Mr. Kundra. Absolutely, and I think given the current economic climate we are in, especially now, we have to. We cannot afford an environment where we would approve business cases that are not well thought out, the requirements are not defined. And, also, we need to ensure that we hold those agencies accountable for the information that they are presenting to us and the whole ecosystem. And the reason you get into a lot of complexity here is because you have got an ecosystem of the project managers, the CIOs, the agency heads, the vendors, and accountability has to happen at every step of the way, and we need to focus a lot more on leading indicators rather than just lagging indicators. And the more information we can get and the more frequently we can get information on the health of some of these initiatives, the quicker we can make some of those decisions. Senator Carper. There is an old saying that if you fail to plan, then you should plan to fail. I believe that there is a lot of truth to that saying, especially in government--State government, local government, or Federal Government. Further, when the Executive Branch provides Congress detailed plans, we are better able to hold agencies accountable. Will your office be producing any strategic plans on how you expect to achieve your priorities? And, second, will you provide these plans to Congress so we can keep track of your successes? Mr. Kundra. Yes. We are actually working on that as we speak as far as one, the agenda; two, rationalizing the reports that we have talked about; three, in terms of what we are doing as far as our transparency initiatives and the results we hope to produce as a function of the transparency initiatives; and, also, in terms of the path forward, making sure that from an accountability perspective how do we measure success from an OMB perspective. And I look forward to working with the new Chief Performance Officer as we set out the agenda around technology and innovation across the Federal Government, and also the new Chief Technology Officer. Senator Carper. All right. After a Subcommittee hearing--I think it was last year, maybe July or August, somewhere in that range--OMB developed a website that provided information on all information technology investments in the Federal Government. I would like to believe that they took that step because we kept pressuring them or encouraging them to give us more information. However, I do not believe that the website gives us the information that we need. For instance, there is relatively little information on whether IT projects are millions of dollars over budget or months behind schedule--or ahead of schedule, for that matter. Let me just ask, will you commit to providing Congress with information of this nature? Mr. Kundra. Yes, Senator, and we plan to actually add more information on that website. Senator Carper. Can you give us some idea of the timing on that? Mr. Kundra. Sure. That is a part of our 2-month strategy around transparency of the budget and IT investments. Senator Carper. All right. Thank you. Mr. Kundra, a lot of today's discussion is focused around Government 2.0. That means that agencies will be embracing new technologies to make their jobs easier and hopefully to make citizens, the people that we serve, happier. However, the Federal Government does not always move as fast as the private sector. Sometimes, though, it moves faster. And some of that is purposeful--that is, the government should not always move as fast. But we do not want the government to make rash decisions without first thinking things through. What do you believe are the drawbacks of using new technologies in government? And what can we do to address those drawbacks? Delaware was the first State to ratify the Constitution. We call ourselves ``The First State.'' So do other people. And our State motto is ``It is good to be first.'' I am always reminded, though, that there are some things it is probably not good to be first in. Maybe it would be good to be second or third. But what do you believe are some of the drawbacks of using new technologies in government? And what can we do to address those drawbacks? Or what can you do to address them? Mr. Kundra. Sure. We definitely want to make sure that the government is not moving forward with untested, unproven technologies or technologies, frankly, that will compromise the privacy or security of the American people. Therefore, we need to be deliberative, especially when it comes to privacy and security. That is one of the reasons within the CIO Council we have enhanced the Privacy and Security Subcommittee that is looking at a lot of these issues and that is deliberating around what is going on with a lot of these new technologies. At the same time, what we need to do is we need to recognize that the world has changed in terms of innovation and the world has changed in terms of leveraging some of these technologies in that we can put information out there that will allow the American people, the NGOs, and the private sector to actually incubate and create solutions that the government would spend either years or millions of dollars doing. Senator Carper. All right. Thank you. I have a couple more questions I want to ask. We have been joined by Senator Roland Burris from Illinois. It is great to see you, and you are recognized for a statement or for questions that you might have. Thank you for joining us. OPENING STATEMENT OF SENATOR BURRIS Senator Burris. Thank you, Mr. Chairman. Just a brief statement, Mr. Chairman. I certainly appreciate your comments and am looking forward to hearing what the testimony of these experts is going to be in terms of our information technology and how that is going to impact the work in government, the work in serving the people of America. And I know the wealth of knowledge about information technologies available to us is impressive. We are fortunate to have a President who has pledged to rely on this knowledge and to embrace technology to help agencies become more efficient, transparent, and secure. But I am a believer in the old proverb, having grown up and watched computers be created, ``Garbage in, garbage out.'' So the technology is only as good as the people who are dealing with it, and I am just hoping and praying that we do have the expertise and the knowledge with these appointments by the President that they will make sure that we do not get any garbage going into those computers. What do you think about the creation of a cyber czar? Do you have any thoughts or comments on that? We have a chief technical officer and a chief information officer. What will the creation of these positions do to ensure the government use of information technology will make us more secure? Mr. Kundra. Sure. On the cyber czar, I have actually been working closely with Melissa Hathaway, who is leading that effort, and those recommendations are forthcoming. She is just in the middle of finishing up her 60-day review and will be presenting her findings to the President around the creation of whether it is a cyber coordinator or the right posture for the United States when it comes to cyber security. But you make a good point, Senator, around information technology and making sure that we focus on--especially with the CTO and the CIO role--not just technology, but technology is nothing more than an enabler towards business needs and common problems. And we also have to recognize that technology is not going to solve everything. There is a huge digital divide problem, and we need to realize that as we move the U.S. Government towards a digital future, when we talk about Government 2.0, we have to do it in a context of recognizing that there are people, unfortunately, who do not have access to communications networks, that unfortunately the digital divide in some of the investments that are being made, who are not going to be able to engage in this digital world; and also recognizing that those communities with accessibility issues, we have to also ensure that as the government moves in this direction, it keeps everything in mind in terms of the various constituencies that we have to ensure we are protecting and we are providing information and services in multiple formats and multiple ways. Senator Burris. What are the biggest challenges to advancing our technology needs at the Federal and executive levels of government? What are your challenges? Mr. Kundra. Some of the biggest---- Senator Burris. And do not tell me money. Mr. Kundra. No. I believe that some of the biggest challenges, frankly, are making sure that the Federal Government is doing a good job defining what problem it is trying to solve. As we talked about earlier, you cannot just buy technology for technology's sake. It has to be grounded deeply in a business problem, and that is why, as I mentioned earlier, it is vital that there is a high level of engagement both with the business side on the Federal Government end and the technology side. If the business side is not going to be leading with the technology side, you end up with failures in technology projects. Senator Burris. We were at a hearing earlier this morning-- I think, Mr. Chairman, that was about cyber security. Senator Carper. Cyber security. Senator Burris. And I am just wondering whether or not we have cyber security issues here with all these technology experts. I raised a question in that hearing this morning about the possibility of the old saying, being an accountant and an old bank examiner, one thing I would look for was double bookkeeping to see if there were some double records being kept somewhere. I just wonder in terms of your computer or technology experience, in terms of cyber security, whether or not that is something that is on the drawing board, in the making, where we can get security by running two systems simultaneously and one of them is a false system, which would give misleading information if they were to break into it and crack it, and the other one, of course, would be a little bit more secure, and they will not know which one to be cracking into. Have you heard anything in that area going down in that field? Mr. Kundra. Sure. In security, there is this concept of honey pots, essentially. What they are designed to do is create an environment where hackers come in and are caught because they are attacking the wrong systems. And that allows the government to become smarter about the types of attacks, what is going on, and how to confront some of those realities. But at a macro level, there is a trend, obviously, as we move to the digital world, whether that is our transportation infrastructure, whether that is our health infrastructure, whether we are looking automation in general, as more and more processes move to the digital world, we need to ensure that we are moving forward in a responsible way to safeguard those systems and at the same time, as you suggested, ensure that we are ever vigilant when it comes to information security. Senator Burris. Because you are in Homeland Security where some information is going to be pretty vital in what you are doing, and I would imagine that would be certainly a source for the hackers to get into your system, not only Defense or not only the FBI or Justice, where they are trying to get some of our secrets, but trying to know what type of plans we have. We would certainly be interested in--I was just hoping as you all start doing your planning and budgeting that you all start looking--do you have any honey pots in your operation? Mr. Kundra. I cannot speak to the security posture, but what I can say is that is one of the reasons the President moved forward in the very beginning of this Administration with that 60-day review because we recognize how important security is and how vital it is, especially as we move forward into the digital world with all these business processes that we were talking about. Senator Burris. Thank you, Mr. Chairman. I might have another round if you have another round. Senator Carper. I am just going to ask maybe one quick question. Let us say later tonight folks are coming home from work, or whatever, and they turn on their television and they are surfing the channels, and they come across this hearing on C- SPAN, and you are testifying. And people say, ``I wonder what he really does,'' maybe someone who does not have much of an in-depth understanding of these issues, and most of us who serve here are, to some extent, lay people, with a few exceptions. But for folks who might be tuning in late, and they say, ``What does this fellow do, anyway?'' A lot of times people ask, especially young people, when I go to schools and have town hall meetings, I do them in colleges and universities all the way down to elementary school. We usually start with the fourth grade because that is when kids in our State learn about the Constitution and the three branches of government and so forth. But one of the questions that is often asked of me, especially by young people, is, ``What do you do, anyway?'' And I always explained that, ``Well, my job is to help make the rules for our country, and that I work with people like Senator Burris and the President and the Vice President and other colleagues, and our job is to help make the rules for our country, just like you have rules in your school, in your homes, and so forth.'' But if someone was able to call in and ask one of these questions over the Internet or something and say, ``Well, what do you do anyway?'' How would you explain it so that most American people could understand? Mr. Kundra. Sure. One way I would put it is that I do three basic things. One is to make sure that your government is using technology so that you are receiving better services. In the same way that you can go on Amazon and buy a book or you can go on Facebook and socialize, we want to make sure that we introduce efficiencies within the government so that you are able to leverage technology. Second is standing for you, the taxpayer, ensuring that your government is spending money wisely when it comes to investing in technology. And third is looking at how can the government work differently. Even though we have been organized in the physical world in certain ways, how can we use technology to do things differently in the Federal Government? In the same way from an average citizen's perspective, as your life has changed from a personal perspective from using the cell phone to E-mail to social networks now, how do we ensure that your government is doing the same thing and is moving forward to serve you better? Senator Carper. Very good answer. Senator Burris. Did you ask about tweetering? What is it, tweeting? Mr. Kundra. Twitter. Senator Burris. Is that what you also do in that, Twittering? Senator Carper. He was Twittering while I was asking questions. He is pretty good. No, not really. But I noticed our next panel of witnesses were. We will find out more about that later. Anything else you want to add, Senator Burris? Is that it? Senator Burris. Yes. Senator Carper. OK. Anything else you would like to say before you leave? I would ask you, if your schedule allows, to stick around for a while during at least a part of the second panel's presentation, I think that would be great. Sometimes people feel like the Administration people need to run right out of here, and sometimes I think they would benefit by sticking around for a little bit. So if your schedule allows you to do that, please do for a while. Thank you. Mr. Kundra. Thank you, Senator. Senator Carper. And thanks so much. I am sure some of my colleagues will have questions for the record, and I would just ask that you respond to those in a prompt way. Thanks very much. Mr. Kundra. Thank you, Senator. Senator Carper. And good luck. I would ask our second panel of witnesses to come on up and join us, and as they approach the witness table, I am going to go ahead and make some introductory comments. Our first introduction will be for Dave Powner, Director of Information Technology Management at the Government Accountability Office--a person we have never seen here in this Subcommittee hearing before. Actually, we see him a lot. And I said to Erik Hopkins, who is the principal staff person on the Subcommittee, that if we had to pay you and Karen Evans in the last Congress for every time you appeared before us, that would run up the Federal deficit even higher. But in the private sector, Mr. Powner has held a number of executive level position in the telecommunications industry. He has been instrumental in helping this Subcommittee to provide oversight of risky IT investments. And I know that Mr. Powner has appeared before us on any number of occasions, but I want to thank him again for taking time to come today and to be with us. Our next witness is Karen Evans. Ms. Evans is the former Administrator of the Office of Electronic Government and Information Technology at the Office of Management and Budget. Ms. Evans previously held Mr. Kundra's position and oversaw the implementation of IT throughout the Federal Government, including capital planning and investment control. She is a 20- year veteran of government service--I think I once commented that she started at the age of 12, but a 20-year veteran of government service who has testified before this Subcommittee on a number of occasions, and we are delighted to have you before us. Thank you for joining us. I will just ask ahead of time: Is there life after government? You do not have to answer it now, but we will make sure that you have a chance here in just a minute. Our final witness is Phil Bond, the President of TechAmerica, which is one of the broadest U.S. technology associations representing some of America's most prolific IT companies such as Google and Microsoft. Mr. Bond has served in both the private and the public sectors, serving as Under Secretary of Technology in the U.S. Department of Commerce from 2001, I think--was it 2003? Mr. Bond. No, 2004. Senator Carper. He also served within the Department of Defense from 1992 to 1999. What did you do in the Department of Defense? Mr. Bond. Office of Legislative Affairs for the Secretary. Senator Carper. All right. I would like to recognize, first of all, Mr. Powner for his statement, and I would ask him and Ms. Evans and Mr. Bond to try to keep your statements close to 5 minutes, and if you get much beyond that, I will rein you in. But we will let it go by a little bit. Thank you. Your whole statement will be made a part of the record, and I understand you may have oral statements that abbreviate those written statements, but the full statement will be made a part of the record. Mr. Powner, you are our lead-off witness. Welcome. Nice to see you back. TESTIMONY OF DAVID A. POWNER,\1\ DIRECTOR, INFORMATION TECHNOLOGY ISSUES, U.S. GOVERNMENT ACCOUNTABILITY OFFICE Mr. Powner. Good seeing you. Chairman Carper, Senator Burris, we appreciate the opportunity to testify this afternoon. As requested, Mr. Chairman, my testimony will focus on OMB's oversight and transparency of Federal IT projects. --------------------------------------------------------------------------- \1\ The prepared statement of Mr. Powner appears in the Appendix on page 46. --------------------------------------------------------------------------- Mr. Chairman, I would like to thank you and your staff for your in-depth oversight you performed over the past several years of Federal IT projects. Much progress was made with your oversight and Ms. Evans' leadership and cooperation. That included improvements in the accuracy and reliability of project business cases, better project planning through the management watch list process, identifying high-risk projects with performance shortfalls, and using project management tools to better manage cost and schedule performance and to oversee contractors. Despite these improvements, many serious problems still exist. Many projects are nowhere near their cost and schedule and performance goals. Every hearing you have held, Mr. Chairman, highlighted hundreds of projects totaling billions of dollars that were at risk. And if we had updated information for today's hearing, I am fairly certain that things would not change. Transparency of these problems also remains an issue given the limited number of high-risk projects that have historically reported cost and schedule variance problems. We have too many unqualified project managers and a lack of engineers and architects on the government side. Many IT projects lack basic project management discipline. Far too often, the government does not adequately define what it wants, manage risk, nor does it oversee and scrutinize underperforming contractors. Projects proceed forward with unclear baselines and with inaccurate cost and schedule estimates. Project business cases and justifications are too much of a paper exercise and involve contractors too much, and executives, including CIOs, are not always engaged in oversight. Given these issues, the new Administration needs to bolster the IT workforce, namely, qualified project managers, engineers and architects. The Administration needs to have CIOs act like CIOs where they have the appropriate authority and accountability. The Administration needs to streamline the business case process where it is less of a writing exercise. The Administration needs to improve governmentwide project management discipline by focusing on defining requirements well, aggressively managing risks, not allowing contractors to be in charge, and using proven tools to better manage cost, schedule, and performance. The Administration also needs to better monitor cost and schedule performance at both the department and agency executive level and from the Executive Office of the President for all major IT projects. This could be done by leveraging the existing Management Watch List and high-risk processes. I would like to stress that OMB needs to decide on its oversight approach and promptly implement it. As we have just heard, Mr. Kundra clearly knows the issues, but it is unclear what approaches will be used to address them. Last, the Administration needs to highlight and swiftly resolve major cost and schedule performance issues or deviations by making key executives accountable along with project managers. In summary, Mr. Chairman, knowing what to fix is the first step, and we would not have this information without your leadership and oversight. Thank you. We look forward to working with you and the new Administration as they roll out their oversight processes. I would like to highlight the need to build off of the progress over the past several years to ensure that American taxpayers are getting the right return on the $70 billion investment the government is currently spending. I would be pleased to respond to questions. Senator Carper. We will have some in just a few minutes. Thank you for being here. Thanks for your testimony again and again. You are the gift that keeps on giving, so we are grateful for that. Ms. Evans, please proceed. TESTIMONY OF KAREN S. EVANS,\1\ FORMER ADMINISTRATOR, OFFICE OF ELECTRONIC GOVERNMENT AND INFORMATION TECHNOLOGY, OFFICE OF MANAGEMENT AND BUDGET Ms. Evans. Good afternoon, Mr. Chairman and Members of the Subcommittee. I am pleased to be invited back to share my views on ``Government 2.0: Advancing America into the 21st Century and a Digital Future.'' My written testimony includes challenges facing the Federal Government and recommendations to meet the expectations of society, especially today's generation, which has grown up in a networked, collaborative world. Simply put, Mr. Chairman, the text message generation is not going to accept a carbon paper government. --------------------------------------------------------------------------- \1\ The prepared statement of Ms. Evans appears in the Appendix on page 60. --------------------------------------------------------------------------- I would like to focus my remarks specifically on information challenges and cost-effective information technology systems, but first I would like to commend the Office of Management and Budget for again partnering with the National Academy for Public Administration. In October 2008, OMB and the CIO Council partnered with NAPA to hold the National Dialogue on Health IT and Privacy. Starting yesterday, NAPA is hosting a dialogue with the American people to address how the Recovery.gov website can be useful to the citizens. Innovations will happen organically as today's young people who are growing up in a collaborative world move into the Federal workforce, but there will be cases where Congress will have an opportunity to break down some of the barriers for the Federal Government through authorization or appropriation or oversight. For example, the Paperwork Reduction Act, which was intended to reduce the burden of collecting information from the public, effectively prevents agencies from gathering feedback or user-generated content online. Adding a website survey requires an approval process which includes a public comment period. So it is a Catch-22. We have to ask the public to comment on whether the government can ask for comments. Currently, there are two provisions in appropriations law which prohibit agencies from competitively procuring IT systems from shared service centers, and the use of persistent cookies on Federal websites disables a wide range of Web 2.0 applications. If Congress wants to move the government into a Web 2.0 world, these laws, regulations, and procurement rules will need to be rewritten. Congress, GAO, OMB, and Federal agencies have focused a considerable amount of time and effort on ensuring investments in IT are selected wisely, managed effectively, and delivered successfully, and yet agencies continue to struggle. The disciplines of capital planning and investment management are insufficient to fully address today's IT investigation challenges. OMB and agency heads alike would be well served if agencies could provide a composite view of their IT program, a road map of prioritizing their system investments which maps to the agency's strategic plan. To do this, agencies should bolster the role of department-level CIOs beyond a mere pass- through of business cases to OMB. They should equip and empower the CIO to provide meaningful investment analysis, strategy, and oversight, and not to continue to allow component agencies to disregard departmental policy and direction by investing in IT independently of the department or the governmentwide strategy. Earned Value Management (EVM) is often touted as the magic bullet solution to project management cost and overruns. This is not necessarily my experience. EVM is an industrial-strength solution for managing large-scale systems development efforts. It is not well suited or intended for small and medium-size projects. However, I do believe all IT investments should be held accountable for managing their cost, schedule, and performance on a routine basis perhaps using an Earned Value Management or Earned Value Management-lite tracking system. Too much emphasis is being put on to adhere to the ``original,'' ``programmatic,'' ``performance measurement,'' or ``current'' baseline reporting. Rather, we should actively engage in risk awareness and management, and we should apply strategies to invest in less large-scale, long-term, and perhaps grandiose systems development efforts. When addressing the 21st Century Government, we should build on the foundation in place. In 2004, GAO identified 13 major areas of responsibilities for CIOs, whether they were statutory requirements or critical to effective information and IT management. Whereas people commonly associate the CIOs with computers and information technology, a review of these 13 responsibilities makes it clear a CIO manages the information. And to be successful, the CIO must address all of them, from privacy and security to records management. They should not and cannot pick and choose which ones they will address, but they need to ensure they address them all. Mr. Chairman and Members of the Subcommittee, this concludes my statement, and thank you again for the opportunity to appear before the Subcommittee. I would be pleased to answer questions at the appropriate time. Senator Carper. Thank you, ma'am. Thanks very much for your testimony and for being with us again today. Mr. Bond. TESTIMONY OF PHILLIP J. BOND,\1\ PRESIDENT, TECHAMERICA Mr. Bond. Thank you, Mr. Chairman and Senator Burris. It is a pleasure for me to be with you. I want to thank you for the opportunity to talk about how government can use new Web 2.0 technologies and management practices. --------------------------------------------------------------------------- \1\ The prepared statement of Mr. Bond appears in the Appendix on page 69. --------------------------------------------------------------------------- With over 1,500 member companies, TechAmerica is the largest advocacy organization for the technology community, with 17 regional offices and affiliates in most States, including, Senator Burris, a regional office in Chicago, I wanted you to know. We are happy to testify here today because we fundamentally believe that the government has a very important role to play in spurring further innovation in, and adoption of, Web 2.0 technologies. And as we look around the world, we sometimes see other governments leading the way in spurring this innovation--innovation in a digital world that was largely created here in the United States. Let me give you three quick examples. New Zealand has launched an ``e-initiatives'' wiki, meaning that people can comment there, which replaced an older and static model for tracking progress of their e-government initiatives. As of April 24, almost half a million people are following the daily activities of the U.K. Prime Minister on Twitter. There is Twitter for you, Senator Burris. And Sweden has opened a virtual embassy on Second Life. Here in the United States, we see many States and localities moving along this front. Certainly Vivek Kundra led some of those in the District of Columbia. Nearby in the Commonwealth of Virginia, they have RSS feeds for 34 different kinds of information, including local news, employment opportunities, and legislative information. Many of the Virginia State Government agencies post videos directly onto YouTube. Similarly, the State of California Franchise Tax Board has used YouTube as a venue to put videos out explaining tax regulations. Recently, with the flooding of the Red River, citizens across the North and South were able to share information directly with one another, uploading videos and other real-time information using web and video blogs and social networking. In Los Angeles, first responders there have used Twitter and Google Earth to plan and allocate resources in responding to wildfires there last year. There are Federal examples, to be sure. FEMA and NASA, among others, use Second Life. CDC has launched a swine flu information piece on Twitter. GSA has an important new agreement with Facebook, making that available to agencies. But the embracing of these is often slower and hindered, as Ms. Evans just referred to, by older regulations. Our observation among our companies is that the Web 2.0 phenomenon is growing. It will create jobs and economic growth, and it is one of the reasons our economy has traditionally been so dynamic. But to fully realize the potential, we believe America needs to recognize the following: First, our Nation's lead in technology and innovation is slipping. The world is getting more competitive. Second, we do need more people with access to broadband services, whether on the wire or wirelessly. There are also, we believe, insufficient identity management policies so that government can know the person is who they say they are. And then we would also point out, as Senator Burris and the Chairman both have pointed out today, that legitimate, very legitimate information security concerns, cyber security concerns, can be sometimes seen as an impediment or a reason not to adopt some 2.0 technology. By the way, we also believe that a smart government cyber security strategy can address those concerns and hasten the deployment of 2.0 technologies. There are some challenges specific to the government I would like to mention. The Federal IT budget and uncertainty of that or government by CR is certainly one problem. Some Federal procurement laws and regulations and acquisition practices we believe, frankly, do not allow agencies to keep up with the latest technology. They are often a generation behind. Outdated systems and disparate infrastructures render them unable to use some of the latest technologies that are available through social networking capabilities. And last, and certainly not least, here I want to mention something that Mr. Powner mentioned, which is the shorthanded procurement corps. The professional procurement corps of the Federal Government is dramatically shorthanded, and many of them will be retiring. So we would like to put forward the following recommendations, some of which have already been made by the Federal web managers last year. One, the Administration should require software and social networking strategies from the different agencies. Second, we believe that OMB and OPM should update Federal guidance to individual users and the agencies on the use of social networks and the software involved there. We believe Congress and the Administration should consider allowing a percentage of the savings from successful technology projects to be available for the enterprise-wide challenge that the CIO Council and others have identified because that kind of funding is sometimes very hard to get. And, finally, we believe that the GSA example with Facebook, a single set of terms and agreements that can apply to other agencies, is the kind of model that the Administration should look at for all social media and social networking that is out there. So, with that, Mr. Chairman, let me again join the others in commending you and the Subcommittee for this important hearing and subject, and thank you for the opportunity. I look forward to any questions. Senator Carper. Thank you, Mr. Bond. Mr. Kundra has been good enough to stay with us. I think I see him in the audience still. And while he is still here, not to embarrass him or anybody else, but really to try to get some advice or counsel or guidance from this panel to a new Administration, the point person of a new Administration, let me just ask--maybe start with Mr. Powner--what you heard in Mr. Kundra's presentation that you found was especially encouraging. And if you have any advice to him in his new responsibilities, for him and the team he will be leading in this Administration, what advice might you have for him? Mr. Powner. Well, I think clearly the use of Internet-based applications and the Internet to provide services to citizens, that is a great approach, and we need to move forward with that. In fact, Mr. Chairman, we have had several hearings--the Census Bureau, that is one that comes to mind, where we could more effectively use the Internet to conduct the census. So that is one good example right there. So all that is, I think, pushing the ball forward and using the technologies that are out there to provide services to citizens. I think the one thing, though, that is the real challenge is getting our arms around the $71 billion and the problems we have had with cost and schedule delivery, getting the right governance processes in place. Whether it is extending what Ms. Evans has done with the watch list and high-risk list, or creating a new dashboard that was mentioned, that is going to be real important to make sure that we wisely spend the American taxpayers' dollars. Senator Carper. All right. Thank you. Ms. Evans, I believe Mr. Kundra is your successor. Is that a fair statement? Ms. Evans. Yes, sir. Senator Carper. I do not know if you have the opportunity to do turnover. When I turned over the State of Delaware to a new governor, she had been our Lieutenant Governor and there was not a great deal of need for turnover. But when I succeeded Mike Castle--he became Congressman, I became governor in 1993-- there was a lot of turnover, and it was very helpful to me. But when I was in the Navy, we used to actually turn over almost like a log from one squadron to the other, from one ship to the other, and we called it a ``turnover log.'' But what kind of opportunities for turnover do you have from one Administration to the next? And what have you been able to do here? What did you hear from Mr. Kundra that you are especially encouraged by? And what advice or counsel would you have for him and his team going forward? Ms. Evans. Well, I was encouraged by the priorities of the Administration and the idea and the focus on transparency of the data that the Administration is embracing and the use and leveraging of existing technologies so that the government is not reinventing the wheel over and over again, but leverages what is already out there, and bring those services in. What we did, the Bush Administration going out, is very similar to what you described. We were tasked by President Bush to make sure that the transition went as smooth as possible. I probably left too many turnover documents for my successor, but he has a great team behind him. Senator Carper. I am looking to see if he is nodding his head. [Laughter.] He has a poker face right now. Ms. Evans. And I left several boxes with several notes and all hearings and what all were the outstanding issues. And it is kind of liberating to be here as a private citizen, so I will say that the VUE-IT Tool was put up in response to several of the hearings that were here to get transparency into the $71 billion. So I am extremely excited about Mr. Kundra and what he is talking about, taking it to the next level and rationalizing those investments so that they really will produce the results that we need so that those programs are successful. Senator Carper. All right. Thank you. Mr. Bond, what did you hear from Mr. Kundra that you were especially encouraged by? And what advice do you have for him? Mr. Bond. Yes, very encouraged, Mr. Chairman. I think there is a high level of excitement about his appointment and some of the others, folks who really, as we say in the tech sector, ``get it.'' It is clearly a top-tier issue for this Administration, which is welcome indeed. In fact, I think one of the reasons they are so encouraged, too--not that Karen did not do this, but they are certainly putting in the hours. Mr. Kundra met with a cross-section of the tech sector last Saturday, which I think is a bit unique to extend his working hours in that way. I would offer three things, and this may be a bit redundant, and pardon the alliteration, but I would say people, procurement, and policy. About a third---- Senator Carper. Alliteration is good. Mr. Bond. Alliteration is good and memorable, right. People, about a third of the Federal employees on board at the end of 2007 are due to retire by 2012. Senator Carper. Say that number again? Mr. Bond. One-third of those on board--I am citing GAO here, so I am sure it is accurate. One-third of those on board at the end of 2007 are eligible to retire by 2012, and that, again, to this professional procurement corps, could be very critical. Second, in terms of procurement, we believe that some of the milestones and benchmarks built into the procurement process, often built in for weapons systems and other large purchases, do not necessarily apply and can slow down the process for an inherently commercial product, like software or other applications. And so we would urge a look at that. Then on policy, this really is an allusion to cyber security, which undergirds all of this and must be a common denominator, and as he said, kind of inciting the innovative capability of the American people to be part of the process. Senator Carper. All right. Thank you for those comments. I am going to withhold any further questions at this moment and yield to Senator Burris and then maybe come back for some additional follow-up questions. Senator Burris. Senator Burris. Thank you, Mr. Chairman. Mr. Bond, please clarify for me, are you a private contractor? Are you an adviser? Mr. Bond. We are a trade association, Senator Burris. Senator Burris. Oh, you are a trade association. Mr. Bond. Correct. Right. Senator Burris. So you do not have any contract with Federal agencies currently? Mr. Bond. Correct. We are all private sector members. Senator Burris. And, Mr. Powner, you mentioned several issues. I do not want to ask you to repeat your testimony, but I was just hearing so many problems that you were outlining in order to go forward. Would you pick out one or two of those again? Mr. Powner. I think you could summarize the Federal IT problems probably in three buckets: One, is people. That includes leadership and down to the detailed workforce where we are looking at program managers, engineers, and architects. We do not have enough good folks in those positions across the board, and that is why it is so difficult to oversee these contracts. We see it time and time again. So, one, it is people. Two, it is processes. Do we have the right processes? I think Mr. Kundra mentioned about not defining well what we want. Requirements definition and management on Federal IT projects is poor with many of these projects and the root cause for why many of them fail. And then, I think, third is many times we do not hold executives accountable from the CIOs to the agency heads. We blame project managers and program managers when problems occur. So it is people, processes, and governance. Senator Burris. And this has been going on, I assume, for some time for it to get to the position where there is a critical mass of problems. Mr. Powner. Well, we have made strides. Ms. Evans, in her position, did an annual assessment of the workforce and attempted to shorten those gaps that we had. And there has been progress in some of those areas, but there is still a ways to go in all three. Senator Burris. Mr. Bond. Mr. Bond. I just wanted to throw out one additional point there in regards to people, and that is this observation: It is very hard for those folks who make their full-time living in the technology sector to stay abreast of all the changes, and so one of the great needs, we believe, is training resources for those folks in the Federal Government, because the change is coming so rapidly on so many fronts, it requires some real training to stay abreast of all that. Senator Burris. I wish you could see my notes up here, Mr. Bond. You just touched right on my notes, because I am saying: One, are the staff persons getting the proper training? Two, are we keeping up with the equipment, the hardware that would allow them to operate? Or is it antiquated? Because it is changing so fast. I remember carrying a BlackBerry this big, and my son looked at me and said, ``Dad, you got a Model T Ford there. Why don't you get a Razor?''--or something he told me to get. And it is happening. I assume it is happening also in the government with these programs, and this hardware is coming out for us to use. Is this because the manufacturers or the industry is driving this new technology so that we can get rid of it and make some more money and get some new equipment in? How are you going to keep up with it? Mr. Bond. I am sure the other experts here will have some comments on that. Senator Burris. Please. Feel free to comment. Mr. Bond. I would say what drives the innovation is the global competition, and we should thank our lucky stars that we are the most innovative economy on the planet, but that does create a non-stop environment of change, which is a challenge. Senator Burris. Ms. Evans, do you want to comment, please? Ms. Evans. Well, some of what you are describing actually gets back to requirements definition, and you do not necessarily want to have technology for technology's sake, but we all use BlackBerrys, we all use cell phones and those types of things. And it gets back a lot to what Mr. Bond is saying is the procurement issues. The life cycle of investments in the Federal Government, they average 3 to 5 years. They make sure that they have operations and maintenance, and they do 3 to 5 years because it takes that long in order to be able to put through a competitive contract that goes out there and adheres to all the Federal procurement rules. And when you step back even further, you have to work with procurement staff, and there are not a lot of procurement staff there. So you have to get in line with your procurement requirements along with all the mission ones that have to do things that have already been mentioned, like the virtual fence and those types of mission-specific things or putting things up in order to deal with a pandemic, like what we are talking about today. And so they have to prioritize what their procurements are. So the IT people a lot of times, their investments go down because the idea is if it is not broken, then do not fix it because we had such a terrible time the last time you transitioned us over to a new technology. So the agencies have a tendency not to introduce widespread upgrades but phase them in for a multitude of reasons. Senator Burris. Not only transitioning into new technology, but how about transitioning to a new Administration. Like you said, you just left your position, and the question--are there some major programs that were good that you were working on that have not really been complete, and the incoming Administration can pick up on those programs and complete them so there would be a continuity there, and as the continuity comes with the updated or modern hardware and technology come with the continuity? Is that the best that should happen or is supposed to be happening? Ms. Evans. That would be the best that would happen, and I would like to highlight an example of that going on right now. For example, Grants.gov, that is one-stop shopping for all grantees to know where all the opportunities are for the Federal Government. When the stimulus bill was passed, that grew exponentially. So this Administration now is stepping back because of where that particular technology solution was and looking not only at the business requirements but the technology itself so that they can leverage it and expand it out and deal with the growth really fast and upgrade all the hardware and all the capabilities that are there. And that is what they are in the process of doing now. Senator Burris. I hear something else, too, Ms. Evans, that we are changing the laws probably so fast that technology is not keeping up with Congress. Am I hearing that---- Ms. Evans. Well, that particular one, but I would suggest that there are others that have not changed since 1946. Senator Burris. OK. Ms. Evans. That would help with moving some of this---- Senator Burris. We should change some laws---- Ms. Evans. There are some that you may want to consider that could really help this. Senator Burris. To really bring us into the 21st Century. Ms. Evans. Yes, sir. Senator Burris. And that would be--what is that, 2.2 or---- Ms. Evans. Well, one, I highlighted it in my written testimony, but it deals with the Administrative Procedures Act, and that really governs how the Federal Government does all its rulemaking. And if we really want to move into a transparent process--and so even when you talk about Twitter, if a Federal Government employee does that as it relates to a rule, there is a whole bunch of procedures that then go into place that they just cannot go on Twitter and start tweeting with the public about a rule. And they should be able to. They should be able to do some of that so that you can get a rule out faster so that you can respond to legislation that is immediate, like the stimulus bill. Senator Burris. My time is up, Mr. Chairman, but I certainly have some more questions. But I will not bore the panel with my---- Senator Carper. You are not boring them. They are sitting on the edge of their seats. I can see from right here. Mr. Powner, I know you have testified before our Subcommittee on several occasions on exactly this topic, and you stated before that OMB needs to improve its oversight and its management of IT spending within agencies. You have been very consistent with that. You alluded to this a little bit earlier in the first round, but let me just ask you again. What are your thoughts on the Administration's priorities in this area? And do you believe that their priorities will help make agencies more efficient, more responsive? Mr. Powner. Well, clearly, transparency and using the technologies to provide better service to citizens, that is great. I think when you look at the management and oversight, OMB's responsibilities tie back to the Clinger-Cohen Act to track, analyze this investment that we are spending on $71 billion. There are three things we need to do. One is we need to start with adequate justification where we have a business case that justifies the investments. We currently have a business case, frankly, that has gotten a little bit unwieldy. It is rather excessive. We need to streamline that and make sure that we have an adequate business case that every investment is justified. Second, we need to shine a spotlight on the problems that we have, and I think the watch list and high-risk project watch list were steps in the right direction, but we can actually take that to the next level. We can do that for all major IT projects. We can be more transparent with the shortfalls associated with high-risk projects that are reporting performance problems. And then third--and this was the subject of a hearing we had last summer, Mr. Chairman--is we now need to focus on fixing the problem, tackling the root causes on why we have so many troubled projects, whether it is people, whether it is processes and those things. I can tell you right now that based on all the work we have done for you and the data that Ms. Evans has, we can go right down the list. Requirements definition is poor. We do not manage risk well. We do not oversee contractors well. We know where there are a lot of pain points that we can improve going forward. Senator Carper. Say that again? We do not oversee contractors well. Is that one of the points you made? Mr. Powner. Correct. Senator Carper. And is it because in some cases the people that we have on board, they are a part of the Federal Government team whose responsibilities include overseeing the contractors, they may not have the experience or the breadth of training or understanding to be able to do that well? Mr. Powner. It is both. I think it is training and expertise to do that well, and sometimes there is just too much faith placed in contractors. I will give you an example. We have talked about these Earned Value Management reports. So all contractors are to provide those to the Federal Government on every project to see whether we have problems with cost and schedule performance. There are some agencies we go into and ask the agencies for those reports, and it takes 3 or 4 months for the agencies to get us those reports. And I question whether they actually have had them all along. I mean, that is a core contract management oversight technique that is not being utilized. It is something you required back in 2005. Senator Carper. Why do you suppose it is not being utilized? Mr. Powner. I will let Ms. Evans respond to that. A couple things. There is a reluctance to lean on contractors, and sometimes the government is flying blind. We do not realize that we have got cost and schedule performance problems until all of a sudden someone says we have a 30-percent variance. Well, why didn't we know when it was 15 percent and 20 percent? Because we were not watching what was going on. So, you have times where folks were asleep at the wheel on the government side, but then also, too, at times there is a reluctance to really lean hard on these contractors. Senator Carper. Ms. Evans, why is that? Ms. Evans. On all of those issues or a few of those? Senator Carper. No, the last one. Ms. Evans. Well, I do think that at times it is hard for the government and the agencies to lean on contractors because if you are not clear with your requirements up front and then a conflict occurs, then there is a traditional dance that the government goes through with the contractors. And the contractors will sit there and say, ``You did not define the requirements,'' and the government will say, ``You never told me.'' And we put those two together, and then I believe what ends up happening is people are afraid to call a spade a spade and say, ``You are not performing.'' And so you have to have your documentation in place. You have to be a good project managers. And you have to understand the tools that are in place. And you have to know--and you said it. You plan and you have to have the plan because you have to know where you are going. You cannot get there if you do not have the plan. And, Senator Burris, you brought this up as well, too. Garbage in is garbage out. If you do not put the right information or you have not taken the thought about what the requirements should be, then you are not going to get what you paid for because you do not even know what you asked for. And that happens a lot on these government contracts, and sometimes it is time because they had deadlines that had been promised where they have to publicly meet deadlines, and they really believe that they are going to make it. But they are not because they did not put the proper planning in up front. I do believe--and you mentioned in your opening statement that you have introduced the bill dealing with the oversight, and some of the enhanced authorities and things that you were talking about specifically for the administrator of E-gov, we give OMB and give that administrator the ability to go in, and if you need somebody to be the heavy guy, OMB does it. I mean, I did it when I was in OMB, and that is OMB's role as oversight, to go in and say, ``Look, that is a legitimate business need, but you are way off course. You need to stop and you need to regroup and put together a team and really address these weaknesses.'' And if transparency to the Hill is what needs to be done in order to make sure that happens, then that is what needs to be happening because you have the data now; you need to move it and push the agencies to the next level of performance and hold them accountable. And through hearings like this, meetings with your staff, producing the information on a regular basis will drive that improvement within the agencies. Senator Carper. OK. Mr. Bond, I would be interested in your comments on this as well, please. Mr. Bond. Yes, thank you. Since our association does include a number of the leading contractors---- Senator Carper. I understand. Mr. Bond [continuing]. Folks who are really household names in that space, and I want to assure the Subcommittee that the leading executives who work with us at our association absolutely welcome robust oversight. Absolutely. But you will hear our companies talk about the need for the government to be a good customer, to understand their requirements and be able to execute, cut down on the change orders and other changes that come mid-course. But I think sometimes there is a misperception on Capitol Hill or elsewhere that there is some shyness about the oversight. In fact, robust oversight we welcome. Senator Carper. Just kind of thinking out loud here, I am especially mindful, as this new Administration comes in, that we have positions that are vacant, in some cases important positions that are vacant for an extended period of time. In a number of cases the senior people who come in and serve in these leadership positions within agencies, they may be in for a year or two. A case in point: Census. Dr. Murdoch came in. He served for roughly a year. A new Administration comes in, he is gone. He submitted his resignation the same day--as I recall, his resignation was effective roughly the same day the President and Vice President were sworn in. He had been on board for maybe a year or so. I think by most people's account he did a good job, but he is gone. And we have had a vacancy since that time, and hopefully we are going to fill that position soon. I think we have got a good nominee to come before us shortly. But that is just one example, and there are plenty of others. And I think maybe that sort of--the way that we bring people into leadership positions for a relatively short period of time, a year or two, they are gone, we have vacancies, sometimes for extended periods of time before we fill them again. I think that kind of feeds the lack of oversight and supervision and maybe leads to change orders. You have a new Administration, you have a new person in who has a different set of priorities than the last one. We are probably going to try to address it with the Census Director's position by looking at what happened in the IRS. The IRS Commissioner who used to serve basically at the pleasure of the President, and now the IRS Commissioner serves a 5-year term. It can go from one Administration to the other, but that person is there for an extended period of time. I think there is probably a pretty good chance that we will be pushing for a similar kind of approach on the Census Director. This idea of literally on the eve of a census for us to sort of start and stop all over again is--I think it drives this problem, contributes to this problem. You all do not have to respond to that. I do want to ask one last question, Mr. Powner, and you may have said it and I just missed it. But if you had to say what may be the first thing that Mr. Kundra should do to improve the management of information technology, if you said, ``The first thing you do, this is what I would do first,'' what might that be? Mr. Powner. I think there needs to be a clear oversight mechanism for all 800 major IT projects, whether you extend the watch list process, whether you have corollary monthly dashboard, but it needs to be real clear, the information that agencies need to report to the Office of Management and Budget, and then there needs to be aggressive follow-up on that. Because as Ms. Evans has learned and all the work we did for you, a lot of stuff that flows up is not always completely accurate. You need to have checks and balances with IGs and GAO and your hearings. But that is key going forward because we have too much money on the line. And it is great that we have talked about using web-based applications to move the ball forward, but we do a lot of amazing things in this country, and the majority of that $70 billion is spent on large IT projects that we are controlling aircraft, we are putting environmental satellites in the air, we are securing our borders, we are making sure that the flying public is safe. And those things we are not going to do with Internet-based applications. We are going to do it the way we have always done it. Senator Carper. All right. Thank you. Let me yield to Senator Burris. Thank you for your patience. Senator Burris. Yes, I have a couple more questions, Mr. Chairman, because the more we talk, the more these questions are popping up. I am concerned with reference to the contractors. Are there contracts signed with defined terms and penalties and agreement? Let us say if there is a change order that comes through, is that contract with the Federal Government--since I am new to the Senate here. I know in State government how we did it. There were certainly defined work orders, but also if there were any change orders that were needed, there would be a limitation on the change orders as to what was really in the specs when we entered the contract. Are there signed contracts pursuant to, I assume, competitive bidding? Or is this a sole- source type of operation? Ms. Evans. So the answer would be yes, there are signed contracts. There are different types of contracts within the Federal Government. So there are performance-based contracts; there are fixed-price contracts, cost-plus contracts and sole- source contracts. They could do sole-source contracts. You have to do it based on the need. There is a lot of variance. Mr. Kundra talked specifically about fixed price. My preference--and if we could go this way--would be performance- based contracts, which means contractors really do not get paid until the work is done because a lot of times under fixed-price contracts, you pay a fixed amount, but if you do not get it for 5 years after the due date, that does not do the government any good either. And so you are supposed to specify, but if you put a contract in place that allows a certain amount of flexibility, it is flexibility on both sides, which means that the government needs to be more responsible. And as Mr. Bond said, we have to be good customers. When you put that contract in place, you really should know what you are buying or what you want to buy or what service you want to provide, and the idea of how it should work functionally to allow innovation and the contractors to propose technical solutions. Senator Burris. Pardon me. Do you find that the contractor who won that contract might have--that compliance might have its sole package, and its package is not as up to date as what was thought, and then when you really start halfway down your project, you find that the package is not designed--or not going to perform the way you thought it would perform, because then this contractor does not have any more tools to put into that to make the adjustment because he is trying to sell you what his design package is about? Has anyone run into that problem? Ms. Evans. The answer is yes, that happens. Probably one of the better examples--and the FBI will kill me on this one--is they were doing their modernization---- Senator Carper. Be careful what you say. They might. [Laughter.] Ms. Evans. Yes, I know. They might, really. But GAO gave them a good report at the end. But probably the best example to hit on what you are talking about--there are actually two--is the Sentinel project. It started out initially as a virtual case file. The business requirement was needed, but what happened was the FBI said, Well, I want this, this, and this, and I want these packages, because I have looked at them all. And then they did a procurement. When they brought them together, they did not work together, and all the vendors then said, well, it is not really our fault because you said you wanted them all to work together. And so that project had to stop, and they had spent 100 percent of the funds and had less than 10 percent of the functionality. So that project stopped, and they went back to, we are not that smart like what we thought, we really should go back and say here are the business requirements and this is how we want the FBI to work---- Senator Burris. Did we have to pay more money for that project? Ms. Evans. We had to go back because it was the government who said based on the contracts this is what we wanted. We reviewed the contract and everything. And so they did a new procurement, and this one GAO did review, and the management and the oversight and the way that they do change orders and how they hold people at bay and say, no, you cannot change-- they actually have successfully implemented that in the first phase, and they are modernizing now. But it was, between the two of them--because the government does at times think I know more than what the contractor does, so I want this, this, and this product, and then they have not done the due diligence to see that they do not test together. Senator Burris. One other follow-up question on that line of thought. Once they get a project complete and it is up and running, servicing that project is done by whom then? Is it done by the contractor or by the personnel that is on board? And are they up to speed on the functionality of that system? Ms. Evans. That gets to what Mr. Powner was talking about in the business case. When the agency comes forward, they are supposed to talk about how they do the acquisitions, how they are going to procure it, then how they develop it, and then how they are going to maintain it. And as it moves through that life cycle, OMB is involved in the oversight of that. So some of the things, when it moves through and it is operational, and then when you look at what the agency has done for its workforce and they do not have developers and they do not have the staff on board and they say they are going to manage it in- house, OMB goes, Time out, time out. That is not a good strategy. We just did all of these other things. How are you actually going to maintain this and manage this going into the future? And so that is part of the oversight that Mr. Powner is bringing up, and that has to be rigorous throughout the life cycle of those projects. Senator Burris. One last question, and I surely want to get this in. Can any of you, the three of you all, discuss America's stand compared to other countries in our use of and reliance on information technology? How are we comparing with the rest of the world in terms of our use of information technology? Mr. Bond. Yes, let me address that if I can, Senator, and if you do not mind, I would like to back up and comment on the other question just real quickly. Senator Burris. Sure. Mr. Bond. I think a straightforward way to think about the different contracts and arrangements is to realize that the Federal Government is spending over $70 billion, and there will be different circumstances that would call for different kinds of contracts, and to resist a one-size-fits-all kind of approach. That means you have to understand, again, to make that point about training, where the technology is going and understand that, gee, now everybody is talking about cloud computing, well, that may lend itself to more of a managed service contract, which folks often have resisted. But it is a different innovative new model, and so you have to understand that when you are the government buyer and factor all that in so that you do not march down a dead-end path, as---- Senator Burris. But, now, that will end up in the information of the technology staff, but will that information get up to the decisionmakers so that the necessary changes can be made in a timely fashion? That is a major question. Mr. Bond. Right. It is a fast-changing environment for everybody. Senator Burris. Yes. Mr. Bond. On the question of U.S. competitiveness, I think that there are--I know that there are a lot of different rankings. OECD and others who have rated the United States now as low as 8th and 14th in some different ratings. Others still have the United States as No. 1 when you consider the innovative capacity of our higher education system and research universities and others. It is a mixed picture. But what no one would debate is that our lead is less than it was and that the rest of the world is catching up. They have looked at our models, the use of research universities, technology transfer, and other things, and they have tried to mimic it where they can. And they have closed the gap. That in some ways makes them better customers for us because we are only 5 percent of the world's population, and we want them to be good customers. But it has made it more competitive. Senator Burris. Now, would some of that be through this cyber fraud that they are stealing stuff from us in terms of them catching up? Mr. Bond. There is no question that economic espionage is a fact of life in our world today, and one of our missions at TechAmerica is to try to make sure that businesses across the United States understand that there really is a threat out there, that people do want competitive information. And that means you need the most innovative protections out there. Senator Burris. Because what I understand from our earlier hearing this morning, even our closest allies might be seeking--because we have all the goodies here. I mean, everybody is spying or trying to steal something from America. Mr. Bond. It is tough to be No. 1. Senator Burris. You would think that our allies would not be doing that, very close countries, but they are looking, I assume, to see if they cannot come up with something and get an edge from America, or maybe not necessarily on America but some of their other competitors in the world. But we are still No. 1 you would say, Mr. Bond? Mr. Bond. Well, I think we are when you consider all the factors, but I think it makes policy all the more important because we know they are trying to close the gap, and so if we do not address old laws that are slowing us down--because government often does spur the innovation, as Vivek Kundra mentioned--if we do not get those policies right, the lead will only close. Senator Burris. Mr. Chairman, thank you very much. I have to run to another meeting. Senator Carper. Thank you, Senator. We are just delighted you could come by. Thanks for your interesting questions. Senator Burris. Thanks to the witnesses. They have been very informative to me. I really appreciate that. Being new in the Senate and having some of these statewide ideas and bringing them to the national scene, the problems are about the same. Thank you, Mr. Chairman. Senator Carper. Thank you. I want to just stick with what Senator Burris was asking there just for a moment, kind of going back to our earlier hearing today on cyber security where we have countries that are major trading partners, major lenders to this country, major holders of our securities, major countries in the world, and there is plenty of evidence that they are not just involved in trying to access weapons systems, complex advanced weapons systems, but also there are elements within those countries that are trying to steal intellectual property rights. We spend a lot of time here in the Congress trying to figure out how to protect intellectual property rights, and we have had enormous debates actually for a couple of years on patent protection, trying to get to a compromise on that. And we find out that there are other entities within countries, and some who are pretty friendly with us, that are literally coming in and just making a joke out of intellectual property rights and patent protection. I like baseball--I like sports, but I like baseball, and I sometimes think of things in the context of athletic competition, but if you are a catcher for a team and you are calling the pitches from your pitcher, literally in the full view of a national television audience, you signal the pitch that you are going to ask for. And you mix up your signals so that no one knows for sure what you are asking for. And if you happen to be the third base coach, you might be using a whole variety of signals to tell the batter what to do--hold off on a pitch, go for a pitch, hit behind a runner, hit a sacrifice fly or whatever. That is a very simple notion, but there is a lot of effort by the other team to figure out what signal, what is going to be the next pitch, what are you telling the batter to do. Are we smart enough to be able to use a similar kind of approach when somebody is trying to steal the plans for the F- 35? Do we have the ability to put up so many different options out there, they are not really sure which one is the real F-35? That is just one simple example. But do we have that capability? I am trying to think, how do we play offense, how do we play defense against this stuff? Clearly, we need to. We are going to need to be able to do it a lot better than we have. Mr. Bond, I will start with you, but if anyone else has a thought---- Mr. Bond. Sure. I think it is a fundamentally important question that goes to our national competitiveness. It is a competition. There are folks who would want to steal our intellectual property and other advantages that they might be able to secure. So I think, first of all, it means that we really do have to take advantage of our full innovative capacity because bad guys are innovative and smart. We need to be that much smarter and more innovative. The good news is that our country has a rich tradition there, and I am confident that we can remain ahead. But it does mean that you have to be set up to enable and accept that innovation and stay ahead of the bad guys. It also means that we have to stand up for intellectual property rights all around the world in multilateral and bilateral conversations, as I know Administrations have for a number of years. Indeed, congressional leaders here, as they travel overseas, have done the same. So we have to press on all fronts, and I would say that includes FISMA reform, which I know is a particular interest of the Chairman's that we need to strengthen, and then we need to also look at cyber security R&D--basic R&D is a mission of government in these days--so that the applications and the real development of that can be taken by the private sector. And I think there is more work for the Federal Government to do in cyber security R&D. So those are a few, I think, that we also in our association's view we would be helped by having a real quarterback at the White House who is the senior cyber security leader as well. Senator Carper. Thank you. Ms. Evans, do you have anything you would want to add on this point? Ms. Evans. I would like to add a little bit to that because I think that this is a place where the Federal Government can really lead by example. And so a lot of the things that Mr. Bond is talking about are real high-level types of things that are out there dealing with the industry as a whole and the government as a whole to keep that competitive edge. But there are things--I will give you another analogy. This is the same as if you live in a homeowners' group and they are in your group, they---- Senator Carper. You mean like a civic association? Ms. Evans. Well, when you talk about your housing development and you come in, what happens is if you put up certain things--and this is a known fact--that if you put up this house is monitored, that is a deterrent from people, and they will move to the next house to see if it is or if it is not. And so basic types of good housekeeping that Federal agencies could do, and I would say industry could rise to this occasion by building security right into the products. Instead of agencies having to figure out what are the right settings, just have those settings already built into the products because we have been talking about how the workforce needs to be bolstered, needs to have these skill sets, needs to be able to do these things. And so if you are buying products that are already secure and you implement them and you leverage the buying power of the Federal Government, which I believe is part of what is in the intent for the FISMA reform, that you now raise the level up a level and so they may move on to the next company or the next government or the next country and say, OK, well, we are going to get the information from them. But as we move into a more collaborative, networked world, we have to be cognizant of where all those doors are. And so if we put up the sign first and we say, well, we are monitoring, and we have our security alert system, then we will need to take it to the next level where, when people knock on my door and it goes off, the police come to my house. Well, we would want to take it to the next level, and then maybe go to even the next level where you are preventing things and keeping people out, which may not be kosher, so to speak, of your subdivision that should not be there because you know that they should not be there because they have bad intentions. Senator Carper. Sitting in your seat this morning at another hearing on cyber security, a full Committee hearing, Alan Paller, who I am sure you all know, talked again and again, and yet again, about the importance of getting it straight right from the start with the procurement process. I told him in my business, we try to stay--we are given kudos for remaining on message. I said, ``Mr. Paller, you are definitely on message.'' Mr. Bond. Yes, I just wanted to add to Ms. Evan's point about building in security from the inside. I think often we think of that like a patch or something. You have your system, let's put a Band-aid on it for security. Last week, I was out at the world's largest cyber security show, and, indeed, this is exactly the focus of the private sector industry, is building the cyber security in from the very beginning on all products so that it is a quantum leap in terms of the level of security. So that is the trend in industry. Senator Carper. Good. That is encouraging. Mr. Powner, anything you want to add before I ask you one more---- Mr. Powner. Yes, just one comment. I know Mr. Kundra mentioned the 60-day review that Melissa Hathaway is currently engaged in. We have a real need here in this country just to take it up to another level. I believe the Federal Government does need to lead by example. We have a lot of room for improvement when we look at the whole--with FISMA and how the agencies report. But we had a structure going back to 1996 in the Clinton Administration that we put in place, a public- private partnership arrangement because 85 percent of our cyber critical infrastructure is owned by the private sector. And we attempted for years to have this government-private partnership, and it has not worked real well, to be frank. One example, if you go back to Internet recovery, if the Internet goes down, there is a requirement on the books that there is a public-private Internet recovery plan. We have never had that. You can go back to September 11, 2001, Hurricane Katrina, look at lessons learned. We still never put that together. So there is a real need to bolster this public-private partnership, and hopefully with the 60-day study and any revisions to our national strategy--we actually had a pretty good strategy in 2003, a national cyber strategy. The problem is we have not implemented it well. Senator Carper. That is a problem. Ms. Evans, in your testimony you spoke to something that is near and dear to my heart, and I am sure it is near and dear to the hearts of most of the people in this room, and that is, protecting our environment. As we know, a lot of the technology that we consume includes some fairly hazardous, dangerous ``stuff'' that can pollute our groundwater when it is thrown away. What more do you recommend the Federal Government should do in this area that we call, I guess, ``green computing''? And are there any programs that we maybe want to extend nationally or even internationally to try and cut down on this kind of waste? Ms. Evans. In particular, the Environmental Protection Agency is the executive agent to deal with the disposal of equipment, and that is a big problem. And GSA is also involved in the re-use of the equipment. So I think a lot of times when the Federal Government buys equipment, the idea of how to dispose of it and where it goes actually really does cause a lot of problems, and it is a big environmental issue. As green IT evolves and EPA continues to lead the way in demonstrating what that should be, that also, again, could be a place where the Federal Government can leverage its requirements and say that they are only going to buy equipment that does certain types of things because you are looking at the life cycle of that equipment and its impact on the environment when you go to dispose it. So some of those things are the best practices that are currently involved in EPA and really should be extended out, and the CIO Council I would hope would take a look at that so that they could then take those requirements and build them into the procurements up front and get hardware that would meet that, and then it would be easier on the environment to get rid of. Senator Carper. Anybody want to react to that comment? Please. Mr. Bond. Just a couple of points. I think what you have described is a real shift in the whole mind-set of America, if not the entire world, about getting more serious about impact on the environment. That sent a strong signal to the leading companies, so you will see many of them in the hardware space with their own recycling programs, efforts to recycle those specialty metals that are built in, and importantly, too, a move to whole new materials that are going to be much more environmentally friendly, whether it is the casing of the computer or whatever, moving to new materials that are, in effect, green. Senator Carper. Good. Thanks. I think I have one more question that I am going to ask for the record--one more here and then maybe a couple more that we will submit for response in the record. Mr. Bond, back to you. In your testimony, I believe you mentioned several examples where other countries--I think one might have been England, I think one might have been Canada-- were able to successfully use technology to change in some pretty significant ways the way they operated. For example, I think Canada uses the Internet for its census. I am told so far it has worked fairly well. Dr. Coburn and I on this Subcommittee have lamented in other hearings with the Census Bureau over the last several years our unhappiness with the fact that we are not using the Internet and some other technology more extensively during our own census. But can you give us an example or two, such as Canada's use of the Internet for the census, that we might keep in mind for our own country? Mr. Bond. Yes, certainly, Mr. Chairman. In the case of Canada, they have been using the Internet and web-based technologies to share some of that data rapidly, and what that does is then makes it available for innovative uses by people from the general public. This is one of the points that Mr. Kundra was making earlier, that you need to be open as a government to the innovative capability of the end users. It is not just about the individuals on your payroll, but the innovation that is out there. And so in that case, not only is the data made available, which can have real business impact in the near term because you know where the market is or where people are, but also it allows those people to massage and work with the data in new and creative ways that maybe have not even occurred to the government of Canada. Senator Carper. All right. Anyone else want to comment on this particular point? Ms. Evans. The one challenge, I think, that we will face-- because during my tenure we met several times, quarterly, with many of my counterparts internationally--is the idea of identity management, which has already been brought up. The reason why some of these online types of activities with the other countries and their services are successful is because they are working on the issue and have identified the issue of dealing with identity management and putting a solution in place that the citizens trust. And here in the United States, we are going to have a challenge with identity management, dealing with the privacy aspects of that, and then how much information do we really turn over to the government, to the States, to the locals as it relates to me when I am acquiring services from the Federal Government. Senator Carper. OK, fine. This is a time when--I do not always do this, but we have a minute or two and I want to do it today, just to ask--and we have covered a fair amount of territory here, and I am grateful for your being here. I am very grateful for Mr. Kundra's appearance and testimony and responses as well. We will have some more questions from our colleagues who were not able to join us today and have questions that they will want to submit, and I would just ask that you respond to them in a prompt way, as you always do. But is there anything, any parting comments, any last- minute take-aways that you want to say, anything you want to re-emphasize maybe that you have already said or you have already heard, or maybe something that has not been said that you think should be said for the good of the cause? Mr. Powner, anything as we close out here? Mr. Powner. I think clearly building on--there was a lot Ms. Evans did to get the ball rolling, to improve transparency, to heighten oversight, and I think we really do need to leverage all the good things that occurred with the previous Administration, but really take it to the next step. We need a basketball analogy here. We need a full court press on the $71 billion. Senator Carper. All right. Thank you. Ms. Evans, are you going to sit there and take that kind of abuse from him? Ms. Evans. No, I actually am pleased to be here and be able to represent the views of being able to challenge the agencies to go to the next level. I think the foundation is there, and I believe this is an opportunity. Many times you used to ask, well, what can Congress do to help? And there are times when there were things that I would have liked to have said, so now I said them all in my testimony, which is I really do think that there is an opportunity where Congress can really move the agencies to the next level with accountability and taking a look at some of the legislation and putting that in place so that the transparency--so that you have the information that can make the agencies--and if you are holding the agencies accountable, they will perform. I mean, nobody comes to work and wants to do a bad job. They really want to get the results. And so if they are being asked over and over again, ``What are you doing and how are you accomplishing this?'' I really do believe that they will rise to that level and perform. Senator Carper. All right. Thank you. Mr. Bond. Mr. Bond. I think I would only express on behalf of our members their belief that this is the innovation headquarters of the world, and they want to make sure that we get it right, we get the policies right and so forth that will enable that to continue. And so on behalf of the association, we are extraordinarily pleased at the openness of you and your staff and look forward to working with you to try to make sure we get it right and keep innovation going here in the United States. Senator Carper. All right. Well, I think that is a pretty good note to close on. We look forward to meeting with you again, and thank you again for your participation today. With that, this hearing is adjourned. [Whereupon, at 4:31 p.m., the Subcommittee was adjourned.] A P P E N D I X ---------- [GRAPHIC] [TIFF OMITTED] T0391.001 [GRAPHIC] [TIFF OMITTED] T0391.002 [GRAPHIC] [TIFF OMITTED] T0391.003 [GRAPHIC] [TIFF OMITTED] T0391.004 [GRAPHIC] [TIFF OMITTED] T0391.005 [GRAPHIC] [TIFF OMITTED] T0391.006 [GRAPHIC] [TIFF OMITTED] T0391.007 [GRAPHIC] [TIFF OMITTED] T0391.008 [GRAPHIC] [TIFF OMITTED] T0391.009 [GRAPHIC] [TIFF OMITTED] T0391.010 [GRAPHIC] [TIFF OMITTED] T0391.011 [GRAPHIC] [TIFF OMITTED] T0391.012 [GRAPHIC] [TIFF OMITTED] T0391.013 [GRAPHIC] [TIFF OMITTED] T0391.014 [GRAPHIC] [TIFF OMITTED] T0391.015 [GRAPHIC] [TIFF OMITTED] T0391.016 [GRAPHIC] [TIFF OMITTED] T0391.017 [GRAPHIC] [TIFF OMITTED] T0391.018 [GRAPHIC] [TIFF OMITTED] T0391.019 [GRAPHIC] [TIFF OMITTED] T0391.020 [GRAPHIC] [TIFF OMITTED] T0391.021 [GRAPHIC] [TIFF OMITTED] T0391.022 [GRAPHIC] [TIFF OMITTED] T0391.023 [GRAPHIC] [TIFF OMITTED] T0391.024 [GRAPHIC] [TIFF OMITTED] T0391.025 [GRAPHIC] [TIFF OMITTED] T0391.026 [GRAPHIC] [TIFF OMITTED] T0391.027 [GRAPHIC] [TIFF OMITTED] T0391.028 [GRAPHIC] [TIFF OMITTED] T0391.029 [GRAPHIC] [TIFF OMITTED] T0391.030 [GRAPHIC] [TIFF OMITTED] T0391.031 [GRAPHIC] [TIFF OMITTED] T0391.032 [GRAPHIC] [TIFF OMITTED] T0391.033 [GRAPHIC] [TIFF OMITTED] T0391.034 [GRAPHIC] [TIFF OMITTED] T0391.035 [GRAPHIC] [TIFF OMITTED] T0391.036 [GRAPHIC] [TIFF OMITTED] T0391.037 [GRAPHIC] [TIFF OMITTED] T0391.038 [GRAPHIC] [TIFF OMITTED] T0391.039 [GRAPHIC] [TIFF OMITTED] T0391.040 [GRAPHIC] [TIFF OMITTED] T0391.041 [GRAPHIC] [TIFF OMITTED] T0391.042 [GRAPHIC] [TIFF OMITTED] T0391.043 [GRAPHIC] [TIFF OMITTED] T0391.044 [GRAPHIC] [TIFF OMITTED] T0391.045 [GRAPHIC] [TIFF OMITTED] T0391.046 [GRAPHIC] [TIFF OMITTED] T0391.047 [GRAPHIC] [TIFF OMITTED] T0391.048 [GRAPHIC] [TIFF OMITTED] T0391.049 [GRAPHIC] [TIFF OMITTED] T0391.050 [GRAPHIC] [TIFF OMITTED] T0391.051 [GRAPHIC] [TIFF OMITTED] T0391.052