Quick Hits for Oct. 15

*** After years in Colonial Williamsburg, the annual ACT-IAC Executive Leadership Conference is moving to Philadelphia. Editor-in-Chief Troy Schneider will be repping FCW at the four-day event, which is shaping up as a who's-who of boldface names in federal IT. We'd love to hear from people at the event -- hit us up with news, takeaways and lessons learned at newsroom@fcw.com.

*** The Small Business Administration has taken steps over the past year to better align its IT practices with federal IT and cybersecurity statutes, but it is still working to tackle long-standing weaknesses in cybersecurity, according to a new inspector general report. While the small agency has closed out nearly 70 percent of its outstanding IT recommendations, it still has a "significant deficiency" in addressing IT security controls when measured against metrics established by the IG and the Federal Information Security Management Act. Specifically, SBA's controls were deemed "not effective" in areas like continuous monitoring, risk management, incident response, identity and access management and data rights management. The CIO "should continue to focus on timely remediation of these vulnerabilities as SBA, like most federal agencies, continues to experience external cybersecurity threats," auditors said.

*** Collective bargaining negotiations between the Department of Health and Human Services and its union broke down over the summer, and 17 Democrats on the House Education and Workforce Committee are pushing the agency to pick up "good faith" negotiations. Over the summer, the National Treasury Employees Union filed multiple unfair labor practices grievances against HHS, and the department made a final offer in July before filing a Federal Service Impasse Panel complaint. In a letter to HHS Secretary Alex Azar, which comes after a U.S. District Court overturned a trio of executive orders aimed at curtailing union activity, the lawmakers called the department's actions "irregular and disturbing." The executive orders case is currently under appeal.

*** The Center for Plain Language released its 2018 report card for how agencies are doing when it comes to writing clearly, concisely and avoiding legalese as required by law. On the whole, agencies slipped, as the average writing grade dropped from a B in 2015 to a C.  Just two agencies -- the Department of Defense and the General Services Administration -- improved in compliance and writing quality since the 2015 scorecard. Organizational turnover in both the required plain language programs at agencies was cited as a primary factor for the general decline.

*** Customs and Border Protection has agreed to a maximum three-year sole-source contract with IBM to continue hosting data from two large legacy systems that are currently undergoing modernization. Updates to the Traveler Enforcement Compliance System and the Seized Assets and Case Tracking System are due to be completed this year, but the backlog of data will take year to migrate to a new cloud environment. In the meantime, CBP is buying a mainframe-as-a-service option from IBM as the feasible way to maintain access to the data during the transition to a modern managed services environment. A shift to another product at this point in the modernization process would require "a multi-year effort to convert billions of rows of data and rewrite millions of lines of application code and security profiles," the agency revealed in contracting documents. "The use of anything other than an IBM brand mainframe product and associated software set has been deemed non-viable," by the Office of Information Technology, the agency said in a sole source justification dated Sept. 24 and released Oct. 11. The value of the sole-source contract was redacted in public-facing documents.

*** For the first time in more than two years, the U.S. Privacy and Civil Liberties Oversight Board has a quorum. The Senate confirmed Adam Klein as PCLOB chairman and Jane Nitze and Ed Felten as board members. Klein clerked at the Supreme Court for Justice Antonin Scalia and more recently served as senior fellow at the Center for a New American Security. Nitze also clerked at the High Court, for Justice Neil Gorsuch. Felten, who served in the Obama administration, is a computer scientist who has been a key voice in ongoing debates about encryption. The three join current board member Elisebeth B. Collins.