ACQUISITION

SOLUTIONS

NOVEMBER 2009

Rapid IT Acquisition

A New Model for Acquiring

Government Information
Technology
By John Gilligan, Diann McCoy, and Kenneth Heitkamp

This Advisory describes a new model for

acquiring information
technology and outlines
guidelines and processes
that can enable all agencies to achieve rapid
delivery of solutions that
meet user needs.

here is a new model for acquiring information technology (IT) that has the potential
to significantly shorten the acquisition time line while also maintaining the focus
on results. It has the potential to revolutionize the way the government acquires IT
solutions.
The time is right for a new model. The government acquisition of IT capabilities has
been plagued for years by schedule delays, cost overruns, andmost importantsolutions that ultimately fail to meet customer needs. Commercial technology evolution cycles for communications, computers, and software average 18 months; fielding useful IT
solutions in government can take an order of magnitude longer. Within the Department
of Defense (DoD), senior military leaders have identified rapid delivery of IT solutions to
meet urgent warfighting needs as a top priority,1 and Congress in section 804 of the fiscal year (FY) 2010 National Defense Authorization Act mandated that DoD develop and
implement a new acquisition process for IT systems. On the civilian side of the federal
government, virtually every cabinet-level department has had one or more IT projects
that have drawn unfavorable reviews.2
Over the past year, we engaged with the Deputy Assistant Secretary of Defense for
Command, Control, and Communications, Intelligence, Surveillance, and Reconnaissance, and IT acquisition in DoDs Office of the Chief Information Officer (CIO) to flesh
out an alternative model for IT acquisition based on a spring 2009 Defense Science
Board report.3 Focused on taking the concepts from the report and turning them into a
real-life, implementable acquisition process, it will, we believe, provide the springboard
for DoD to quickly comply with the new congressional mandate. This Advisory describes
the model and outlines guidelines and processes that can enable all agenciesboth
within and outside DoDto achieve rapid delivery of information technology solutions
that meet government users needs.

What is causing the problems with government IT acquisition?

The issue is fourfold: uneven oversight, failure to codify best practices, a need
for world-class acquisition professionals, and acquisition processes unsuited for IT
acquisition.
1. Across government, there is an uneven set of oversight processes exercised by multiple oversight constituencies. Some oversight structures are so burdensome that they

Advisory
slow programs and actually increase the probability of program failure, in some cases due to loss of confidence by
the user that the program will ever deliver a useful capability.4 A snapshot of this type of oversight for a government IT
program shows acquisition officials, CIOs, department-level officials, and even Congress making different demands
for program documentation, status reports, and briefings
as they exercise their acquisition oversight roles. At the
other end of the spectrum, there are cases where agencies have virtually no oversight of complex IT programs,
with predictable results.
2. The acquisition management processes that have
proved successful in rapidly delivering effective IT solutionsthe true best practiceshave not been codified
and institutionalized within government policy. Unfortunately, the details of failed programs get significantly more
public attention than do the best practices and lessons
learned from successful programs.
3. To address IT acquisition challenges, agencies need
IT acquisition managers who are the best in the world.5
Although this Advisory will address this area only briefly,
the need for more and better trained government acquisition professionals has received widespread attention.
4. IT tends to have different characteristics from many
other items the government acquires, which means that
the typical government acquisition processes are not optimum for IT procurements. For example, the lengthy and
deliberate processes used to acquire weapon systems in
DoD, Coast Guard ships for the Department of Homeland
Security, or a nuclear fusion test laboratory for the Department of Energy would be not be good models for acquiring tax payment processing systems or law enforcement
fugitive databases.

How exactly do IT acquisitions differ from

other types of procurements?
The underlying differences in IT that distinguish it from
other products and services include:
The technology for information systems exhibits continuous and very rapid evolution.
There are an increasing number of commercial offthe-shelf (COTS) components available.
Users requirements for an information system evolve
as users gain experience with early capabilities.
Most IT systems or services are components of a larger system of systems.
These differences must be accommodated in the acquisition processes government organizations employ for
the IT acquisition process to be effective. Today, to the ex-

November 2009

tent that government organizations have well-established

processes for acquisition, they are tailored for large platforms (ships, tanks, laboratories, buildings) and generally
lack the agility, flexibility, and responsiveness necessary
for technology solutions. In his July 2009 testimony to
the Acquisition Reform Panel of the U.S. House of Representatives, Timothy Harp, deputy assistant secretary of
defense, noted that the DoD weapons system acquisition process is optimized to manage production risk and
doesnt really fit information technology acquisition that
does not lead to significant production.6

Is there a better model for IT acquisition?

We have developed a straightforward set of guidelines
for rapidly acquiring government IT that builds on best
practices and lessons learned from government and industry. Tailored specifically for IT acquisitions, this model
is built on agile development, test, and contracting methods to achieve rapid delivery of products.

What are the characteristics of this

improved model?
Six principles underpin the new IT acquisition model:
1. Divide requirements for larger IT solutions into smaller
projects.
2. Use acquisition process templates that recognize the
differences among types of IT efforts.
3. Use CIO and acquisition governance authorities as
well as end-user approval for key decisions in the IT acquisition process.
4. Employ common IT platforms as the infrastructure
target for newly fielded capabilities.
5. Provision and employ an enterprise-wide systems engineering, test, and integration capability.
6. Use portfolio management-like processes for project
initiation and funds allocation.
We discuss each principle in turn.

Principle 1: Divide Requirements

The new model focuses on small, incremental projects
to drive rapid fielding of user capabilities. At the beginning of a program or project, IT requirements are defined
at a high level, with more detailed requirements evolving
throughout the project.
There are many examples in government where a
small team of users very quickly and successfully developed an IT solution to meet a critical need. For example,

ACQUISITION SOLUTIONS, INC.

Advisory
deployed soldiers have developed software to better display the geographic location of friendly forces on a battle
field. Such success stories reveal two important lessons.
First, end users who embark on IT development efforts
start with modest high-level objectives, and then get the
initial capabilities to meet those objectives into operational
use quickly. Second, the actual end users know best their
real operational needs.
Generalizing from these lessons learned, the proposed
acquisition model uses small IT projects and interactively
evolves the results of these smaller efforts into the larger
system capability. The objective is to deliver and field operational capabilities in 6-12 months with adequate oversight and documentation. In addition, by employing agile
software development methods where the developer and
user are linked almost continuously, the IT project developer, the knowledgeable user, and the tester are able to
work together on each increment of capability. This results
in rapid delivery of useful capability and avoids surprises
in the fielded system. Moreover, as the increments of capability are fielded, continuous user feedback from the
operational environment is used to tailor the requirements
and priorities for successive increments.
Because the project increments will be fielded into a
system of systems environment, adherence to an overall
operational and systems architecture and enforcement of
interoperability standards is key for each increment.
Smaller projects permit less overhead, less risk, and
more rapid fielding. Rapid fielding of increments and use
of agile development methods helps ensure that the program is meeting user needs.

Principle 2: Use Acquisition Process

Templates
As IT acquisition projects grow increasingly complex,
the risks, acquisition activities, and oversight needs of individual programs grow more diverse. For example, for an
IT acquisition project focused on software development,
a key risk area is ensuring that meaningful user requirements are communicated to developers. The acquisition
development and oversight processes must be tailored to
ensure this is done properly. On the other hand, for an acquisition project focused on purchasing COTS IT components, a key risk area is ensuring a full understanding of
the commercial IT product marketplace and commercial
IT business models, and the appropriate acquisition processes must recognize and adapt to these needs.
Employing predefined acquisition process templates
that have been tailored for use in different types of IT proj-

ACQUISITION SOLUTIONS, INC.

The Time Box Concept

To reinforce the objective of rapid delivery and smaller
efforts, each project activity, whether project execution or
project oversight, should have predefined time limits (a
so-called time box) for completion. Imposing time boxes on
all activities helps to ensure the acquisition effort does not
get bogged down and will trigger oversight action if time box
thresholds are missed.

ects (1) ensures that complex IT projects focus on those

activities that are important for the project type, and (2)
increases the speed of acquisition coordination and approval cycles.
For the new IT acquisition model, four process templates have been developed that leverage best practices
for four types of IT acquisition programs and the inherent
risks for each. Each template identifies the important acquisition activities needed to address specific risk areas,
as well as the key decisions points and the information
needed to support the decision points. The templates define specific project planning activities, oversight decision
points tied to risks, documentation needs, and decision
event exit criteria.
The four IT acquisition process templates are:
Process Template 1: Application Software Development & Integrationfor projects involving software development and software integration
Process Template 2: COTS Hardware/Softwarefor
the purchase of nonmodified commercial end items
Process Template 3: Integrated COTS Capabilityfor
projects requiring focused systems engineering to integrate a set of commercially provided hardware and/or
software components
Process Template 4: Commercially Provided IT Servicesfor efforts to procure IT services
Figure 1 on page 4 shows a top level diagram of Process Template 1.

Principle 3: Use CIOs, Acquisition Governance Authorities, and End Users for Key
Decisions
The recommended governance process in the new IT
acquisition model focuses on three key governance areas: requirements definition, oversight of program management processes, and management of the use of information technologies. It relies on a recognition among the

November 2009

Advisory
Figure 1: Process Template 1

Developed by Acquisition Solutions for the Department of Defense

Process Template 1 is intended for use

in application software development
and integration projects, so it addresses
close interaction with users in prototyping and iterative development using
agile methods. Top-level objectives and
mission capability requirements for a
program are defined in the initial capabilities document (ICD). Requirements
are then baselined in a release description document (RDD) for each incremen-

tal release, with a release consisting of

multiple agile development iterations.
By following the template and establishing appropriate time boxes, a software
development project would be expected
to operationally deploy initial iterations
of developed capability within a small
number of months (i.e., within the time
box). The requirements for each new
release consider the results of prior
releases and the users current opera-

government acquisition community, the CIO community,

and the user community of the need to form an effective
governance partnership for IT acquisition efforts to ensure
the necessary knowledge and skills are brought together
to provide disciplined and knowledgeable oversight of IT
4

November 2009

tional priorities. Acquisition oversight is

provided through several decision points
leading up to a build decision, as well
as periodic in-progress reviews (IPRs).
A more thorough description of each of
the templates with details on processes,
acquisition oversight decision points,
and documentation can be found on
pages 8 - 18 of this Advisory.

acquisition projects. Representatives of each of the three

communitiesuser, acquisition, and CIOwill bring essential authorities and accountability to the oversight process. The acquisition community provides program management and contracting expertise; the CIO community
ACQUISITION SOLUTIONS, INC.

Advisory
Figure 2: IT Acquisition Governance Partnership Roles

User Needs

CIO Strategy and

Governance

Policy/Strategy
Architecture
Standards
IT Infrastructure
Compliance/Certs

Acquisition Oversight
and Management
Developed by Acquisition Solutions for the Department of Defense

provides IT architecture, interoperability, standards, and

information assurance expertise; and the user community
brings expertise and understanding of user needs and priorities to make necessary user capability, schedule, and
project cost trade-offs. Figure 2 summarizes the responsibilities of each community.
In the new IT acquisition model, co-chairs formally appointed from each of the three communities conduct IT
acquisition project oversight. Qualified representatives
from the user, acquisition, and CIO communities are given
authority to make timely decisions and the responsibility
for ensuring full transparency of project status and key
decisions. This governance approach is a cornerstone of
the proposed model and helps to ensure that the right
knowledge and authorities are available to make the decisions necessary to keep an IT project moving, to redirect
it if needed, or to terminate a project when appropriate.
The oversight co-chairs, operating as a team and with appropriate advisors from various functional disciplines such
as test and finance, are empowered and accountable for
decisions necessary to ensure rapid delivery of operationally effective and supportable IT capabilities.

Principle 4: Use Standard IT Platforms

For many IT acquisition programs, one of the first tasks
for the project team is to select suitable hardware and associated software to be used in the project. The platform
technology typically uses a combination of commercially
available technologies that are assembled and configured
by systems integrators for each program. The cumulative
impact of this practice is that most government organizations have a large variety of distinctly different hardware
and software platforms that must be properly configured,
tested, and managed throughout the life cycle of the projACQUISITION SOLUTIONS, INC.

Requirements Refinement
Capability Trade-offs
Priorities
Acceptable Performance

Buying Strategy
Contracting
Program Management

ect or program. This approach leads to delays as each

program specifies, purchases, and qualifies its unique
platform for security, interoperability and stability; is expensive, with significant duplication and unnecessary effort; and complicates security efforts because of the large
number of unique platform configurations.
The focus of the new model is to provide direction on
the mission-unique IT software or COTS capabilities that
support the needs of the government organization and to
do this rapidly. This is achieved through using prequalified
and security-certified standard IT platforms that are provisioned in advance for on-demand use by government
projects. These prequalified platforms implement government IT standards, provide necessary security, can
be provisioned for the project quickly, and are able to be
operated efficiently. Standard platforms are immediately
available to support the development, test, and runtime
application infrastructure. This enables government IT
projects to rapidly take advantage of the benefits of agile
development methods or to rapidly field capabilities that
use state-ofthe-art COTS IT products. It also avoids risky
purchasing of such platform capability until needed.
Use of properly qualified government or commercially
provided cloud computing development, test, and production services could be a means to achieve the benefits
of this guideline, as well. CIOs of larger government organizations also may decide to establish their own suites of
standard platforms for use within their organizations.

Principle 5: Employ an Enterprise-wide

Test and Integration Capability
Increasingly, government organizations must link many
separate functions and processes to better meet citizen
or government users expectations for seamless services.
November 2009

Advisory
The benefits of integrating separately developed IT systems can be enormous. For example, linking the law enforcement capabilities within the Department of Homeland
Security or integrating the supply chain systems supporting DoD is essential to mission success. Unfortunately,
current government acquisition processes most often do
not address these integration and interoperability objectives until an IT project is already developed and is in the
process of being fielded.
The rapid IT acquisition model calls for establishing
organization-wide systems engineering, test, and integration capabilities (TIC). TIC provides a way to ensure integration of separately developed projects and to ensure
interoperability before fielding. Moreover, it provides a way
to reduce project cost and schedule by eliminating the
need for each IT project to develop and maintain a distinct
test and evaluation facility.
TIC would be used by all IT acquisition programs in
an organization for conducting prototype evaluations or
demonstrating candidate technologies prior to a build or
procurement decision. It also would be used to test newly
developed or procured capabilities in a system of systems operational-like environment prior to fielding. This
would ensure interoperability, compliance and compatibility with established IT architectures and standards, and
compatibility with other systems and data that exist within
the target operational environments. To achieve this objective, TIC would include representative operational data
sets and simulation/stimulation tools to permit evaluations
using realistic and stressful operational environments.
When fully established, the TIC will provide a single environment for conducting engineering evaluations and
prototypes, as well as an environment for developmental,
operational, and security testing of newly developed or
acquired IT capabilities.
A government department or agency could establish an
initial TIC by linking existing test and evaluation facilities
being supported by different organizations or IT programs.
Over time, as the department or agency TIC matures, it
can be linked with other government agency or departmental TICs to address cross-government integration.

Principle 6: Use Portfolio Managementlike Processes for Project Initiation and

Funding Allocation
For many government organizations, acquiring funding
even for a high-priority IT project can take several years.
With information technology advancing a generation every 18 months, and with many mission-critical functions

November 2009

depending on improved IT solutions, a rapid IT acquisition

process needs an equally rapid funding process.
To achieve a rapid acquisition process, the new model recommends a portfolio management process for allocating funding during the execution year. This portfolio
process permits trade-offs among competing needs and
capabilities, leading to more effective use of government
IT funds. By budgeting and managing the execution of
funding tied to a mission outcome, rather than a specific
program or project, agencies can respond to technology
advances, emerging and urgent requirements, and the
progress or lack of progress within ongoing IT acquisition
projects in a rapid and flexible manner.
The concept as envisioned is similar in some respects
to DoDs use of working capital funds, where funds are allocated to IT projects annually after examination of priority
needs and project progress just prior to funds execution.
DoD also uses a similar process to fund aircraft avionics
maintenance. In both of these cases, funding is allocated
to IT projects in a disciplined and fully transparent manner based on evolving user requirements and acquisition
project progress. With this approach, cost, schedule, and
capability trades are synchronized with user needs and
technology cycles when IT projects are initiated. This
portfolio management-like approach eliminates the requirement for full funding of the entire IT effort at project
initiation in favor of incremental funding for each release,
consistent with guidelines 1 (smaller projects) and 2 (acquisition process templates).

How could a rapid IT acquisition process

be implemented?
The National Defense Authorization Act for FY2010
(section 804) includes a provision for DoD to develop and
implement a new acquisition process for IT systems.7 This
new process is to be based on the March 2009 Defense
Science Board8 report and include the following:
Early and continual involvement of the user
Multiple, rapidly executed increments or releases of
capability
Early, successive prototyping to support an evolutionary approach
A modular, open-systems approach
This authorization for DoD to develop and implement a
new acquisition processes for rapidly acquiring IT capabilities provides an excellent opportunity to embrace the six
guidelines for rapid acquisition described in this Advisory.
The principles extend the concepts identified in the Defense Science Board report and could form the basis for a

ACQUISITION SOLUTIONS, INC.

Advisory
rapid IT acquisition process that would be codified in DoD
policy. In implementing the rapid IT process, initial pilots
could be selected based on their willingness to adopt the
new model and with the understanding that full transparency would be required. DoD oversight at a very senior level
would ensure that the selected projects for initial pilots
embrace the guidelines described above. This oversight
process also would collect and evaluate appropriate metrics for progress reporting to Congress, as well as help in
fine-tuning the rapid IT acquisition guidelines based on
lessons learned from the initial implementations.
Perhaps the most difficult aspect of implementing a
new acquisition process is changing a culture that has
grown accustomed to using the current ineffective but
well understood processes. A robust training program on
the new guidelines that also addresses culture change is
highly recommended.
While not mandated in legislation, it is appropriate for
nondefense organizations also to embrace the new model
for IT acquisition and adopt the six guidelines for rapid
acquisition. The Office of Management and Budget may
wish to provide appropriate direction to guide government

agencies to take advantage of this new model. As with

DoD, it is recommended that pilot implementations and a
focused culture change management program be integral
parts of implementing the rapid acquisition model for government IT systems.

Conclusion
Many studies have highlighted the need to change the
acquisition process for IT. Through implementation of the
principles outlined in this Advisory, the government can
achieve rapid acquisition of useful IT while providing needed and effective oversight. The guidelines embody the best
practices of industry, as well as lessons learned from successful and unsuccessful experiences within government.
Because the guidelines reflect a significant departure from
current government acquisition process in many areas,
training of both government and industry personnel will
need to be a high priority. Moreover, senior leaders across
government will need to provide visible and continued support for the culture change that will be necessary for successful implementation of the new model.

Endnotes
1 Antonie Boessenkool, DoD IT Procurement Too Slow: Cartwright, Defense News.com, March 4, 2009; http://www.defensenews.com/story.php?i=
3975151&c=AME&s=TOP.
2 See, for example, Testimony of Elaine C. Duke, deputy under secretary for management, and James L. Taylor, deputy inspector general, Department of Homeland Security, before the House Committee on Oversight and Government Reform, Subcommittee on Government Management, Organization, and Procurement, September 15, 2009; http://governmentmanagement.oversight.house.gov/story.asp?ID=2584; Government Accountability
Office, HUD needs to Strengthen its Capacity to Manage and Modernize Its Environment (GAO-09-675), Government Accountability Office, July
31, 2009; http://www.gotovao.com/index.cfm?action=comment&id=0480025173000443; Audit of VAs Management of Information Technology Capital
Investments (Report No. 08-02679-134), Department of Veterans Affairs Office of Inspector General, May 29, 2009; http://www.gotovao.com/index.
cfm?action=comment&id=0490024099000443; Information Technology: FBI Is Implementing Key Acquisition Methods on Its New Case Management
System, But Related Agency-wide Guidance Needs to Be Improved (GAO-08-1014), Government Accountability Office, September 23, 2008; http://
www.gotovao.com/index.cfm?action=comment&id=0480004981000443; EPA Personnel Access and Security System Would Benefit from Improved
Project Management to Control Costs and the Timeliness of Deliverables (Report No. 08-P-0271), Environmental Protection Agency Office of the
Inspector General, September 22, 2008; http://www.gotovao.com/index.cfm?action=comment&id=0490004986000443.
3 Department of Defense Policies and Procedures for the Acquisition of Information Technology, Defense Science Board, March 2009; http://www.
gotovao.com/index.cfm?action=comment&id=0500022961000443.
4 See, for example, Defense Acquisitions: Perspectives on Potential Changes to Department of Defense Acquisition Management Framework (GAO09-295R), Government Accountability Office, February 27, 2009; http://www.gotovao.com/index.cfm?action=comment&id=0480022818000443.
5 Katherine McIntire Peters, Pentagon to Hire Thousands of Employees, Cut Contractors, Government Executive.com, April 6, 2009; http://www.
govexec.com/story_page.cfm?articleid=42440&dcn=todaysnews.
6 Statement by Timothy J. Harp, Deputy Assistant Secretary of Defense for Command, Control, and Communications, Intelligence, Surveillance,
Reconnaissance and Information Technology Acquisition, before the US House of Representatives Defense Acquisition Reform Panel of the Committee
on Armed Services on Challenges to Effective Acquisition and Management of Information Technology Systems , July 9, 2009; http://www.gotovao.
com/index.cfm?action=comment&id=0650024737000443.
7 The conference report to accompany the Fiscal Year 2010 National Defense Authorization Act (H.R. 2647) passed by House on October 12 and the
Senate on October 23, clearing the measure for the Presidents signature.
8 Department of Defense Policies and Procedures for the Acquisition of Information Technology, Defense Science Board, March 2009; http://www.
gotovao.com/index.cfm?action=comment&id=0500022961000443.

ACQUISITION SOLUTIONS, INC.

November 2009

Advisory
Risks, Key Decisions & Governance for IT Process Templates
Process Template

Project Risks

Key Decisions

Governance Approach

1 Application
Software Development and Integration

Requirements not clear and/or

not stable
Skills of development/user team
Technical complexity of solution
Requirements necessitate innovation or have inherent complexity
Meeting urgent, critical mission
requirement
Attempting to build too big a portion in one release/increment

Planned size and timing of fielding (how to divide requirement

for development as releases/increments, as well as timingtime
boxfor delivery)
Sequence of iterations to bring
useful mission/business value,
moderate risk
Accelerate, change focus (requirements/technology), or kill
project

Heavy end-user involvement in

decisions and development with
time-boxed releases
Governance roles
User requirements, readiness
to deploy
Acquisition contracting strategy, project manager oversight
CIO architecture, standards,
integration/interoperability,
reuse
In-progress reporting, joint
reviews (customer, project
manager, and contractor) and
metrics

2 COTS Hardware
of Software

Ability of COTS to meet user

needs
Ability to operate in DoD environment
Meeting DoD security requirements
Life-cycle cost/management (including technical obsolescence)
Proprietary considerations, data,
supplier lock-in
Leverages strategic enterprise
agreements

Ensure program is following and

leveraging COTS market trends
Acquisition strategy Best
approach to procure product
(e.g., GSA schedule, existing
federal/DoD contracts, commodity purchase, lease, managed
service, just in time contracts,
or advanced buy)
Adequate mitigation of project
risk

CIO and procurement communities are key in decisions involving IT infrastructure

CIO architecture, standards,
integration/interoperability,
security
User has key role in determining
suitability for mission/business
systems

3 Integrated COTS
Capability

Ability to meet initial and evolving

requirements
Engineering and integration while
preserving nonmodified COTS
products
Life-cycle support approach,
costs, management
Meeting DoD security requirements
Proprietary considerations, data,
supplier lock-in
Leverage strategic enterprise
agreements

Type of contractor selected to do

integration (original equipment
manufacturer, integrator)
Life-cycle support tail
Buy as a managed service or as
an integrated product
Adequate mitigation of project
risk

Acquisition Provide/oversee
engineering efforts
CIO and procurement communities are key in decisions involving IT infrastructure
CIO architecture, standards,
integration/interoperability,
security
User has key role in determining
suitability for mission/business
systems

4 Commercially
Provided IT Services

Ability to meet initial and evolving

requirements
Scale of DoD environment
Properly incentivizing service provider as business environment,
technology, and requirements
evolve

Contracting structure to address

key risks (e.g., changing requirements/technology/market/DoD
environment)
Monitoring contract performance
and business model (incentives,
SLAs, competition/work share
adjustments, etc.) over time

CIO and procurement are key in

decisions involving IT infrastructure
User has key role in determining
suitability for mission/business
systems

November 2009

ACQUISITION SOLUTIONS, INC.

Advisory
Process Template #1: Application Software Development and Integration
Acquisition program divided into multiple projects called releases

Initial capabilities document requirements (Big R) allocated to multiple releases with defined requirements (using a release description
document)

Releases contain multiple delivery increments

Projects authorized on a release basis with the following constraints:

Constrained schedule and funding (release fully delivered in approximately 18 months; funding commitment for release)

Maximum use of COTS hardware/software products and integrated COTS capabilities

Projects employ agile development and contracting methodologies
Projects select an approved IT platform as the target environment
Project capability tested in a DoD test and integration capability and fielded as quickly as possible (6-12 months)
Feedback from initial fielding guides requirements for subsequent projects or project increments
Use a portfolio-like funding mechanismfunding committed incrementally

and Integration

Developed by Acquisition Solutions for the Department of Defense

ACQUISITION SOLUTIONS, INC.

November 2009

Advisory
Process Template #1 Project Activities for Software Development & Integration
Information
Required

Decisions

Material Development
Decision

Exit Criteria

Objectives,
requirements not
clear, stable, or
overly detailed
Ability to meet
urgent or critical
mission requirement

Prioritized, top-lev- Approved initial capael requirements

bilities document
approved by user
authorities

Project Strategy Decision

Entry Criteria

No clear strategy to meet user

needs
Alternatives to
meeting user
needs not fully
evaluated

Top-level strategy for executing

project
Analysis that supports establishing
an acquisition
program
Description of
user needs in
a statement of
objectives level
document

Business case
Approved business
Alternatives analysis
case
Market research
Approved project
Cost vs. benefits
strategy for solution
Project strategy with
definition phase
supporting analysis
Established criteria
(Optional) Acquisition
and timing for build
strategy (if the acquisidecision
tion community has
defined an acquisition
approach (e.g., user of
IDIQ contract for both
prototypes and agile
development efforts

Decision on which acquisition template (1-4) to use

Approval to and initiate
enter solution development
phase and begin architecture and prototype efforts
Identify oversight anticipated (e.g., IPRs), as well
as timing of IPRs, initial set
of program metrics, and
build decision event (time
box approach-target should
be 1-6 months)

Build Decision

Key Risks

Risks have not

been sufficiently
explored/reduced
Release requirements not scoped
or agreed to with
users
Project planning
not sufficient
No clear strategy
to use common
infrastructure
and available
COTS
Inadequate team
experience with
agile development processes/
methods and
tools
Security not addressed properly
No incentives to
build for reuse
and sharing
Inadequate documentation for
reuse/life cycle
support

User approved
requirements for
release
Acquisition strategy
Clinger-Cohen Act
compliance
Identification of
common IT platforms that will be
employed
Overall enterprise
architecture
Security architecture for hosted
applications

Completed requirements description

document for the
release
Prototypes/analysis
results
Program implementation plan
Overall program plan
for all releases
Cost, schedule, performance for Release 1
Strategy for incremental development
Architecture
Data strategy
Developmental and
operational test plan
Documentation
strategy
Acquisition strategy (or
an update for a prior
strategy)

Approval to enter solution

acquisition phase
Baseline approval
Certification of Clinger-Cohen Act compliance
Limits of authority to field
increments
Agreement on timing of
releases and increments
(time box concept with
expectation that release is
completed within approximately 6-18 months)
Agreement on process for
prioritization and deferral
of requirements during
release
Timing/focus of IPRs,
identification of metrics to
be employed to measure
progress

10

November 2009

Project organization assigned and

funding identified
to begin project
analysis
Tailored guidance
for business case

Approved implementation plan for

solution acquisition
phase implementation
Developmental and
operational test
plan
Approved data
strategy
Approved documentation strategy
Approved acquisition strategy
Approved program
baseline: cost,
schedule, performance (including
time box parameters for release and
increments)
Selection of IT
platform

Approval to begin business

case phase and related
analyses of potential solutions
Identify time frame for project strategy decision event
(time box approach-target
should 1-3 months)

ACQUISITION SOLUTIONS, INC.

Postimplementation
Review

Solution not
Performance
meeting user
data regarding
needs in fielded
operational use of
environment
fielded solution
User expectations
and business
value not met
User requirements have
evolved

In Progress Reviews (IPRs)

(Optional)

Advisory

Project not making appropriate

progress
Issues need
resolution

Solution has been in

None
use for sufficiently
long period of time
(months)
Objective and subjective data regarding
performance of fielded
solution

Program status
As directed by deci(cost, schedule,
sion authorities
performance)
User feedback
from operational
use of prototypes/
increments
Identification
of issues (user,
acquisition, CIO,
contractor)

ACQUISITION SOLUTIONS, INC.

None

Report (as appropriate) to

user community and oversight bodies
Validate business value and
user satisfaction
Provide input to subsequent
releases/ increments

Expand, change focus, or

kill program as appropriate

November 2009

11

Advisory
Process Template #2: COTS Hardware and Software
Employ commercial purchasing approaches

Employ best practices of commercial purchasing organizations (Commodity* Councils/strategic sourcing organizations)

Leverage commercial market forces, buying power, and standards

Strategic sourcing/Commodity Council approach

Develop commodity strategy to address full product life cycle (from needs analysis to product disposal)

Conduct strategic analysis of product area (buying trends and trends, needs analysis, socioeconomic objectives, energy efficiency, etc.)

Construct/award contract(s) tied to product-specific strategy

CIO governance processes used to guide implementation and purchasing

* Enterprise IT standards, architectures, and life-cycle management
* Budgeting and/or budget oversight at enterprise level
* Possibly mandatory use enforcement

Template #2: COTS Hardware/Software

*Commodity products include pure off-the-shelf devices and software conforming to industry standards (e.g., PCs, servers, shrink-wrapped software)

Developed by Acquisition Solutions for the Department of Defense

12

November 2009

ACQUISITION SOLUTIONS, INC.

Advisory
Process Template #2 COTS Hardware/Software
Information
Required

Material Development
Decision

Decisions

Requirements not Prioritized, top lev- Approved initial capasufficiently deel requirements
bilities document
fined, not stable,
approved by user
or overly detailed
authorities
Ability to meet
urgent or critical
mission requirement

Project organization assigned and

funding identified
to begin project
analysis

Approval to begin business

case phase and related
analyses of potential solutions
Identify time frame for
project strategy decision
event (time box approachestimated time to complete
1-3 months)

Project Strategy Decision

Exit Criteria

No clear strategy to meet user

needs
Alternatives to
meeting user
needs not fully
evaluated

Top-level strategy for executing

project
Analysis that supports establishing
an acquisition
program

Approved project
strategy
Approved business
case
Approved plan for
solution definition
phase
Criteria for procurement decision

Decision on which acquisition template (1-4) to use

Decision to enter solution
definition phase
Approval to begin architecture and prototype efforts
Identify oversight anticipated (e.g., IPRs), initial
program metrics, as well as
timing of IPRs and procurement decision event (time
box approachexpected to
be 1-4 months)

Postimplementation
Review

Entry Criteria

Risks have not

been sufficiently
explored/reduced
Release requirements not scoped
or agreed to with
users
Project planning
not sufficient

User approved
requirements for
release
Acquisition strategy
Clinger-Cohen Act
compliance
Analysis of market
and user needs
and recommended implementation approach
Enterprise architecture

Completed require Approved implements description

mentation plan for
document for the
solution developrelease
ment phase imple Market and spend
mentation
analysis
Approved contract Implementation plan
ing/buying strategy
Overall plan for all
Approved program
releases
baseline: cost,
Cost, schedule, perschedule, perforformance for specific
mance (including
release
timing of initial
Architecture
fielding and full
Strategy for initial
fieldingtime box
fielding
approach)
Test plan
Results of prototypes/
analysis efforts
Contracting and buying strategy

Approval to enter solution

development phase
Baseline approval
Clinger-Cohen Act compliant
Limits of authority to field
Timing/focus of IPRs
Timing of fielding (time box
approachexpected to be
1-6 months)
Contracting/buying strategy
approval
Timing of post implementation review

In Progress Reviews (IPRs)

(Optional)

Key Risks

Solution not
Performance
meeting user
data regarding
needs in fielded
operational use of
environment
fielded solution
User expectations
and business
value not met
User requirements have
evolved

Solution has been in

None
use for sufficiently
long period of time
(months)
Objective and subjective data regarding
performance of fielded
solution

Report (as appropriate) to

user community and oversight bodies
Validate business value and
user satisfaction
Provide input to subsequent
releases/ increments

ACQUISITION SOLUTIONS, INC.

Business case
Alternatives analysis
Market research
Cost vs. benefit
Project strategy with
supporting analysis
(Optional) Acquisition
strategy (for example
if contracts that will
be used have already
been established)

November 2009

13

Procurement Decision

Advisory

14

Project not making appropriate

progress
Issues need
resolution

November 2009

Program status
(cost, schedule,
performance)
User feedback
from prototypes,
early operational
use
Identification
of issues (user,
acquisition, CIO,
contractor)

As directed by decision authorities

None

Expand, change focus, or

kill program as appropriate

ACQUISITION SOLUTIONS, INC.

Advisory
Process Template #3: Integrated COTS Capability*
As appropriate, use similar commercial capabilities as analogous models for DoD performance standards
Prioritize desired capabilities to permit trade-offs, if necessary
Acquisition approach

Select from the best commercial provider(s)

Contract for end capability based on commercial-based performance standards

Anticipate technological evolution in acquisition strategy

Template #3: Integrated COTS Capability Model

*Integrated COTS capabilities include DoD teleports, DoD security-enabled wireless networks, or a services oriented architecture infrastructure

Developed by Acquisition Solutions for the Department of Defense

ACQUISITION SOLUTIONS, INC.

November 2009

15

Advisory
Process Template #3 Integrated COTS Capability
Information
Required

Material Development
Decision

Decisions

Requirements not Prioritized top levsufficiently deel requirements

fined, not stable,
approved by user
or are overly
authorities
detailed
Ability to meet
urgent or critical
mission requirement

Approved initial capabilities document

Project organization assigned and

funding identified
to begin project
analysis

Approval to begin business

case phase and related
analyses of potential solutions
Identify time frame for project strategy decision event
(time box approach)

Project Strategy Decision

Exit Criteria

No clear strategy to meet user

needs
Alternatives to
meeting user
needs not fully
evaluated

Business case
Alternatives analysis
Market research
Cost vs. benefit
Project strategy with
supporting analysis

Approved top-level
project strategy
Approved plan for
solution definition
phase
Criteria for procurement decision event

Decision on which acquisition template (1-4) to use

Approval to enter solution
definition phase
Approval to begin architecture and prototype efforts
Identify oversight anticipated (e.g., IPRs) as well as
timing of IPRs and procurement decision event (time
box approach)

Procurement Decision

Entry Criteria

Risks have not

User approved
been sufficiently
requirements for
explored/reduced
Release
Release require Acquisition stratments not scoped
egy
or agreed to with Clinger-Cohen Act
users
compliance
Project planning
not sufficient

Completed requirements description

document
Market and spend
analysis
Results of risk reduction efforts
Implementation plan

Overall plan for all

releases

Cost, schedule,
performance for
release 1

Strategy for initial

fielding

Developmental/operational test plan

Contracting and
buying strategy

Approved implementation plan for

solution procurement phase
Approved contracting/buying strategy
Approved program
baseline: cost,
schedule, performance (including
time box for initial
fieldingexpected
1-6 months)

Approval to enter solution

procurement phase
Baseline approval
Clinger-Cohen Act Compliant
Limits of authority to field
Timing of initial fielding
(expected 1- 6 months)
Timing/focus of IPRs
Contracting/buying strategy
approval

Fielding Decision

Key Risks

Solution may not Test and perforbe sufficiently

mance data of
mature
initial fielding
Deployment strat- Deployment
egy is inadequate
strategy
based on initial
fielding
User requirements have
changed

Deployment plan
Approved deploy Approval to enter full field Developmental/operament plan
ing phase
tional testing results
Postimplementation Timing of full fielding (time
review timing (time
box approach)
box approach)
Timing/focus of IPRs

16

November 2009

Top-level strategy for executing

project
Analysis that supports establishing
an acquisition
program

ACQUISITION SOLUTIONS, INC.

Postimplementation
Review

Solution not
Performance
meeting user
data regarding
needs in fielded
operational use of
environment
fielded solution
User expectations
and business
value not met
User requirements have
evolved

Solution has been in

None
use for sufficiently
long period of time
(2-9 months)
Objective and subjective data regarding
performance of fielded
solution

Report (as appropriate) to

user community and oversight bodies
Validate business value and
user satisfaction
Provide input to subsequent
releases/increments

In Progress Reviews (IPRs)

(Optional)

Advisory

Project not making appropriate

progress
Issues need
resolution

As directed by decision authorities

Expand, change focus, or

kill program as appropriate

Program status
(cost, schedule,
performance)
User feedback
from prototypes,
early operational
use
Identification
of Issues (user,
acquisition, CIO,
contractor)

ACQUISITION SOLUTIONS, INC.

None

November 2009

17

Advisory
Process Template #4: Commercially Provided IT Services
General acquisition principles:

Purchase labor services based on performance levels (rather than technical/task specifications or personnel full-time equivalent levels)

Maintain competitive environment during execution wherever possible (e.g., contract options with ability to quickly switch among
providers)

Anticipate technology evolution and changing business environment (and dont try to lock in long-term pricing at contract award)

Adopt commercial performance specifications to the extent possible

Establish rigorous configuration control over systems and software services

Provide substantial incentives for provider to improve performance levels and reduce service cost over time (possible use of share-in-savings concept)
Develop acquisition strategy based on best practices from IT services contracts, as well as commercial performance specifications and
practices
Use extensive interaction with industry to fine-tune strategy (service bundling, incentives, technology updates, etc.)
Note: There are many variations of IT service contracts, each with different needs and corresponding preferred strategies

Working Draft for Comment

18

November 2009

Developed by Acquisition Solutions for the Department of Defense

ACQUISITION SOLUTIONS, INC.

Advisory
Process Template #4 - Commercially Provided IT Services
Information
Required

Services Acquisition
Decision

Decisions

Requirements
Top level requirenot sufficiently
ments approved
defined, not clear,
by user authorior are overly
ties
detailed
Ability to meet
urgent or critical
mission requirement

Project Strategy Decision

Exit Criteria

No clear strategy to meet user

needs
Alternatives to
meeting user
needs not fully
evaluated
No strategy to
leverage existing
COTS, IT platforms, standards,
architectures

Procurement Decision

Entry Criteria

Risks have not

User approved
been sufficiently
requirements for
explored/reduced
services acquisi Release requiretion
ments not scoped Acquisition strator agreed to with
egy
users
Clinger-Cohen Act
Project planning
compliance
not sufficient

Completed require Approved implements description

mentation plan for
document
solution procure Market and spend
ment phase
analysis
Approved contract Implementation plan
ing strategy
Cost, schedule, perfor- Program baseline:
mance
cost, schedule, per Strategy for initial
formance (including
implementation of
time box parameservices
ters as appropriate)
Service evaluation
plan
Contracting strategy

Approval to enter solution

procurement phase
Baseline approval
Clinger-Cohen Act compliant
Limits of authority to field
Timing/focus of IPRs
Contracting strategy approval

Postimplementation
Review

Key Risks

Services solution Performance data

not meeting user
regarding use of
needs in fielded
services
environment
User expectations
and business
value not met
User requirements have
evolved

Services have been

in use for sufficiently
long period of time
(months)
Objective and subjective data regarding
performance of
services

Report (as appropriate) to

user community and oversight bodies
Validate business value and
user satisfaction
Provide input to subsequent
phases of services contract

Top-level strategy for executing

project
Analysis that supports establishing
an acquisition
program

ACQUISITION SOLUTIONS, INC.

Approved initial capabilities document

Project organization assigned and

funding identified
to begin project
analysis

Approved initial
Decision on which acquisiproject strategy
tion template (1-4) to use
Approved plan for
Approval to enter solution
services definition
definition phase
phase
Approval to begin stan Criteria and timing
dards, service level agreefor procurement
ment, business model
decision event (time
development as well as any
box approach)
prototype efforts
Identify oversight anticipated (e.g., IPRs) as well as
timing of IPRs, initial program metrics, and procurement decision event (time
box approach)

Business case
Alternatives analysis
Market research
Project strategy with
supporting analysis
(optional) initial contracting strategy

None

Approval to begin business

case phase and related
analyses of potential solutions
Identify time frame for project strategy decision event
(time box approach)

November 2009

19

In Progress Reviews (IPRs)

(Optional)

Advisory
Project not making appropriate
progress
Issues need
resolution

Program status
(cost, schedule,
performance)
User feedback
from early use of
services
Identification
of issues (user,
acquisition, CIO,
contractor)

As directed by decision authorities

None

Expand, change focus, or

kill services project as appropriate

The Advisory is published monthly as part of the Virtual Acquisition Office subscription service, made available by Acquisition Solutions, Inc., 1655 North Fort Myer Drive, Suite 1000, Arlington, Virginia 22209, 703-253-6300, fax 703-253-6301,
www.GoToVAO.com. Information and opinions are based on best available information, but their accuracy and completeness
cannot be guaranteed. Layout by Julie Olver. Contents 2009 by Acquisition Solutions, Inc. All rights reserved. Single copies
and volume discounts are available from Acquisition Solutions, Inc.

20

November 2009

ACQUISITION SOLUTIONS, INC.