HAROLD F. GRACEY, JR.
PRINCIPAL DEPUTY ASSISTANT SECRETARY FOR INFORMATION AND TECHNOLOGY
DEPARTMENT OF VETERANS AFFAIRS
SUBCOMMITTEE ON OVERSIGHT AND INVESTIGATIONS
COMMITTEE ON VETERANS' AFFAIRS
U.S. HOUSE OF REPRESENTATIVES
May 11, 2000
Good morning, Mr. Chairman and members of the Subcommittee. I am pleased to testify before you today to discuss the Department of Veterans Affairs’ Information Technology programs.
On July 1, 1998, the Office of the Assistant Secretary for Information and Technology was established to focus on information and technology management. The Assistant Secretary position was created to be the Chief Information Officer (CIO) for the Department of Veterans Affairs. The CIO has a "seat at the table," of VA senior management officials as intended by the Information Technology Management Reform Act, also known as the Clinger-Cohen Act (Public Law 104-106). The CIO advises the Secretary on the most critical information technology (IT) issues facing VA. The decision to establish a separate CIO position provided VA’s information technology function with visibility and authority, and at the same time, established clear responsibility and accountability.
I was appointed Principal Deputy Assistant Secretary for Information and Technology and acting head of the newly established Office of the Assistant Secretary for Information and Technology in June 1998.
Upon assuming the role of Acting CIO, I focused on two time sensitive crises the Department was facing - - readiness for Year 2000, and the replacement strategy for the Integrated Data Communications Utility (IDCU).
My first priority was the challenge of the Year 2000. We have worked very hard in bringing VA’s information technology systems into compliance for service to veterans in the Year 2000 and beyond. VA successfully transitioned into the Year 2000 without any significant Year 2000 incidents. VA remained on a "Green" operational status throughout the date rollover period and we continue to operate on a "Green" status without any Year 2000 interruptions. VA benefits were paid on time and our health care facilities remained open throughout the date rollover. VA also completed "health checks" at our Headquarters offices, 172 medical centers, 600+ outpatient clinics, 58 regional offices, all national cemeteries and data processing centers. These "health checks" found that these facilities were operational and no significant Year 2000 problems were encountered. This successful transition into the Year 2000 reflects the hard work performed nationwide by VA employees to make VA’s systems Year 2000 compliant.
As my second priority, I established an IDCU Replacement Team last year, consisting of representatives from the major VA organizational elements, to develop a replacement wide area network (WAN) to accommodate department-wide data communications needs into the next century. The Team identified Sprint Corporation under the General Services Administration’s (GSA) Federal Technology Services 2001 (FTS2001) contract as the vendor of choice to provide data and voice communications services to the Department.
Early on, I met with the General Accounting Office (GAO) and the Office of Management and Budget (OMB) to gain their perspective on how the Department might implement best practices. VA continues to meet with GAO regularly to discuss their recommendations on our efforts to utilize IT as a tool to improve service to veterans. In addition, VA continues to work with OMB by providing status and information on our significant IT initiatives.
I’d like to share with you some of our major accomplishments and the progress we have made in the last year.
INFORMATION TECHNOLOGY STRATEGIC PLAN
The VA Information Technology (IT) Strategic Plan was published in April 1999 and is being updated this month. It is the result of an extended effort by a department-wide team and sets a framework for our IT decision-making in VA. The vision and goals defined in the IT Strategic Plan will enable the Department to address cross-cutting opportunities and continue to make strides toward achieving One VA. One VA means presenting an increasingly single face to the veteran. Traditionally VA has used information technology to automate processes within lines of business, but not across them. One VA for IT means all business lines will look outside themselves, to share and exchange information as they have not done in the past and to integrate information systems across business lines to improve overall service to VA’s common customer, our nation’s veterans and their families.
VA IT ARCHITECTURE
In May 1999, VA published a department-wide technical architecture. The architecture lays out the technical services (reference models) and the technical standards that are to be followed in the design or acquisition of new information systems. It addresses interoperability and compatibility of our systems. The architecture conforms to OMB’s May 1997 guidance on what an agency architecture must comprise at the technology layer. In addition, it is used as a criterion in the VA capital investment planning process.
VA CAPITAL PLANNING
In response to the Government Performance and Results Act (GPRA) (Public Law 103-62) and Clinger-Cohen, VA instituted a capital planning process in the fiscal year 1999 budget cycle. It is a three-tier process (business, technical, strategic) that ultimately integrates, at the strategic level, a review of all types of capital asset proposals, establishing a businesslike framework for management, accountability, and budgets that evaluate the risks and benefits of major investments over their entire life cycle.
The IT technical level of review is fully integrated with the Department’s capital investment process with a focus on IT issues. IT evaluation criteria include mission improvement and service, IT performance, project management, customer acceptance, and risk. Cost and schedule are further evaluated on a quarterly basis, and in-process and post implementation performance reviews are also conducted.
The process for IT begins with issuance of a joint Capital Call, a department-wide memorandum, signed by the VA Acting CIO and the VA Chief Financial Officer, requesting all types of capital investments, including information technology. The Capital Call results in the Capital Plan submitted to OMB, which we talk about corresponding to the budget. The Administrations and Staff Offices submit structured applications/proposals for projects that meet capital investment criteria. IT projects are evaluated by a cross-organizational Investment Panel chartered by the VA CIO Council. The IT proposals are evaluated against each other for merit, using criteria and weights defined by the CIO Council. As a result, some projects may fail this review process despite their selection by their administration or staff office. The outcome is a numerical ranking of projects, supporting analyses and recommendations submitted to the CIO Council for review and recommendation. The CIO Council determines which IT projects go forward for strategic review to the Department’s Capital Investment Board, chaired by the Deputy Secretary for final decision. I am also a member of that department-level board – the VA Capital Investment Board (VACIB).
VA’s capital investment process will be further enhanced when we complete implementation of the Information Technology Investment Portfolio System (also known as I-TIPS) to track our IT investments. VA will extend the I-TIPS concept to track all other departmental capital investments as well.
VA is striving to link its major IT planning and budgeting documents to have conformance among our budget and performance plan, our capital plan, our capital investment proposals, and our "Agency-Wide Summary on Obligations for Information Technology" (OMB Circular A-11 Exhibit 53) submitted to the Office of Management and Budget.
DATA CENTER COLLOCATION
A significant cost cutting plan VA intends to pursue this year is the consolidation of the 3 existing VA data centers. Previous plans to collocate were postponed in an effort to ensure that veteran payments continue without interruption up to and beyond January 1, 2000. The FY2000 Appropriations Conference Report required VA to submit a report summarizing all cost/benefit studies regarding the consolidation. We are pursuing discussions to resolve questions arising from our report which was submitted March 9, 2000.
The Department of Veterans Affairs selected Sprint Corporation under the General Services Administration’s Federal Technology Services 2001 contract as the vendor of choice to provide voice and data communications services for the Department. The FTS2001 contract offers VA excellent pricing, the opportunity to better manage telecommunications services, and the ability to work with a company with an established reputation in the telecommunications community.
VA INFORMATION SECURITY
Information Security is also a key issue for VA, as it is for the government at large. In fact it is our next priority. Accordingly, in May 1999, a department-wide Information Security Workgroup comprised of senior staff from each administration and staff office’s information security management function completed a comprehensive, Department Information Security Program Requirements and Budget Plan (ISP), which provides a comprehensive multi-year program plan and budget proposal. The plan calls for a total investment of about $85 million over a six-year period beginning in FY 2000. The ISP is intended to be the single project management reference point for all department-wide information security spending proposals, capital investment plans, budget representations, FMFIA material weakness remediation tasks, and Presidential Decision Directive 63 (PDD-63) critical infrastructure protection efforts. Eleven ISP initiatives comprise the concurrent actions necessary to manage the areas of greatest information security risk.
ONE VA INITIATIVES
Last, in the area of business process reengineering, the Department has held four regional and one Central Office One VA Conferences. The conferences brought together senior leadership, middle managers, first-line employees, union representatives, and Veterans Service Organization members to support the institutionalization of a true One VA culture. As a direct result of national One VA issues identified by participants at these conferences, Deputy Secretary Hershel Gober has charged me, in consultation with the Department’s CIO Council and business line managers, to develop a plan that includes milestones and estimated costs for achieving the type of integrated information system architecture necessary to support a) front-line employee access to needed information across VA; b) an accurate, consistent, and reliable integrated information system covering all veterans; c) a smart card for veterans; and
d) consolidation of 1-800 telephone numbers.
While much progress has been made, I realize much remains to be done. We are moving forward in a partnership with Sprint Corporation to conduct an orderly transition of data communications in a manner which will not disrupt service to the veteran. We need to continue strengthening the capital investment planning, making improvements to streamline the process while continuing to capture information needed to make informed investment decisions. We are now collectively moving forward to integrate VA’s information technology initiatives into One VA systems that will support VA’s business operations. We will ensure that we protect VA records either in electronic or paper form from unauthorized access or disclosure and we will establish the security necessary to provide our customers the assurance that their records and the information they provide to us is maintained as accurately and reliably as possible. The accuracy, security, and privacy of all VA records is one of VA’s most important objectives as we move forward in doing business electronically. I will not be satisfied until we have in place systems that support the provision of seamless, world class service to every veteran who comes to VA.
Mr. Chairman, that concludes my statement. I and my colleagues will be happy to respond to any questions you may have.