The Homeland Security Department is the first to designate a Quality Service Management Office to lead its shared services marketplace.
One year to the day from when the administration created the new governmentwide shared services policy, the Homeland Security Department designated the first lead agency to manage one of the four focus areas.
Monday, the department and the Office of Management and Budget announced DHS’s cybersecurity arm, the Cybersecurity and Infrastructure Security Agency, or CISA, will take the lead in development of a cybersecurity marketplace of tools, commercial products and best practices for adoption across the federal sector.
“This is an important step in the path to modernization of the federal government,” Federal Chief Information Officer Suzette Kent said in a statement. “By designating CISA as [the Quality Service Management Office] for cyber services, the federal government will be able to leverage their expertise, contracts and solutions to offer a robust marketplace of cybersecurity capabilities that will benefit all agencies.”
As the lead agency, CISA will create resources for agencies around cybersecurity services, focusing on standards for security operations centers and vulnerability management programs, as well as domain name system, or DNS, resolver services.
“We plan to leverage successes and lessons learned from programs like Continuous Diagnostics and Mitigation and the National Cybersecurity Protection System to deliver high-quality, cost-effective shared services to federal agencies,” said Bryan Ware, CISA assistant director for cybersecurity. “In partnership with OMB and our partner QSMOs, we stand ready to create efficiencies in government and optimize the federal workforce by shifting resources to higher value work and reducing duplication across agencies.”
The QSMO policy—announced April 26, 2019—included four focus areas to start. Along with cybersecurity, the policy called out human services with the General Services Administration taking the lead, financial management led by the Treasury Department and grants management led by the Health and Human Services Department.
All four areas were attached to specific departments at the outset, but each agency is expected to develop a marketplace implementation plan, which includes naming a lead office to manage the respective marketplaces for the long-term.
While the implementation is taking time, that methodical approach is intentional, officials have said.
“This is not something that happens fast. It’s very important that we’re clear, we’re methodical, we’re following a process but we stay the course,” Kent said at an event in November. “There are a lot of things that we like to do really fast—do a pilot and see results in six months. We’re going to see results. But that long-term goal and checking off every box is a longer journey. We have to be very practical about how we look at that.”
And shared services is no simple thing for government. Several past attempts have stagnated as shared service providers struggled to get customer agencies on board. However, this new attempt will be different, according to officials.
“One key principle of this new framework is that one size does not fit all, which is largely informed by the way shared services have been implemented in the past,” Beth Angerman, then-principal deputy for the Office of Governmentwide Policy and head of the Unified Shared Service Management Office, told Nextgov during an exit interview in December. “The expectation of the Quality Service Management Offices is that they have to bring solutions to the market through creative acquisitions that address the fact that every agency is at a different level of maturity and has a different set of requirements. That flexibility that has to be present in the marketplace is different than the way that we would present it in the past, which was asking agencies to transform and to adapt to a solution that maybe already existed that wasn’t necessarily the right solution for them.”