recommended reading

Veterans Affairs CIO launches bold plan to stop IT project failures

The chief information officer at the Veterans Affairs Department plans to start requiring program managers to adhere to a strict development plan aimed at reducing failed technology projects, or risk losing their oversight responsibilities.

Roger Baker, who took over VA's CIO post this month, will begin briefing managers within the next two weeks on the Program Management Accountability System, which will require them to deliver systems and applications incrementally, rather than all at once.

The plan will require managers to deliver a part of a system's functionality within six months. If managers miss three milestones, then the CIO office could stop program development and analyze any problems that could be contributing to delays, budget overruns or poor performance.

The office will consider potential remedial actions, including redesigning the program; examining whether the fundamental need for the project still exists; and even removing the program manager, some of the IT staff or the contractor. "The main thing is to make it clear what the decision criteria are," Baker said. "Meeting the milestones becomes paramount."

Baker initially plans to put on hold 40 to 50 programs and talk to the managers about how to solve issues that have caused milestones to be missed.

"We have to do something" to stop the string of IT project failures at VA, Baker said. "In no shape of my imagination do I believe this is a perfect system. We will learn from it. But if somebody has a better approach, I have a GS-15 job for them."

He cited VA's failure to develop a system to schedule patient appointments at its hospitals as a prime example of what the department must avoid. VA has been building the system for eight years at a cost of $167 million, without delivering even a portion of one workable application to clinics or hospitals.

Baker, who was president and chief executive officer of Dataline LLC, a mid-size technology products and services company headquartered in Norfolk, Va., developed the accountability system during the past two years, and vetted the plan while working on President Obama's IT transition team, which included former government IT executives.

At VA, Baker examined more than 280 IT projects and found many were at least 13 months behind schedule, more than half exceeded initial cost estimates and the quality of software had decreased substantially between releases.

"If we had one or two programs that had serious issues, that would be understandable," he said. "But there is a substantial number that are more than one year late and 50 percent over budget. That's systemic."

Robert Charette, who consults with government agencies on risk management, praised the program. "[Baker] needs to shake it up," Charette said. "VA needs to do something different and get back to the approach of what do we really need to deliver. This is certainly a very bold step."

But Charette said Baker faces the daunting task of convincing VA program managers and contractors that they will be held more accountable for IT programs. "Contractors and management consultants will applaud this publicly, but behind the scenes they will figure out how to continue to work as they did," Charette said. "They make money on cost overruns. God bless Baker, but this is a real stick into the hornets' nest."

Baker said he is aware the Program Management Accountability System likely will meet resistance. "Our intentions are to bring in program managers and ask them to tell us, given these guidelines, what will it take to be successful, and ask them to do peer reviews for programs going forward," he said. "We are not going to ask you to start a program that you can already identify will fail. There's too much of that going on here."

He will work with VA's program managers to determine if they have the right resources -- money, staff, access to experts and users -- to meet milestones and spend more time analyzing the IT programs before they are launched. "For me, it all starts with do we know who the customer is," he said. "Who is the head of the office who will drive the capability of this system? What is the problem we are trying to solve?"

VA might launch fewer IT programs as a result of the new process so IT resources can be applied to the programs that are most critical to the department's mission, he added.

Threatwatch Alert

Stolen credentials

Hackers Steal $31M from Russian Central Bank

See threatwatch report


Close [ x ] More from Nextgov

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

  • Toward A More Innovative Government

    This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

  • From Volume to Value: UK’s NHS Digital Provides U.S. Healthcare Agencies A Roadmap For Value-Based Payment Models

    The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.

  • GBC Flash Poll: Is Your Agency Safe?

    Federal leaders weigh in on the state of information security


When you download a report, your information may be shared with the underwriters of that document.