Background
The mission of the Cybersecurity and Infrastructure Security Agency (CISA) is to lead the national effort to protect and enhance the resilience of the nation’s physical and cyber infrastructure. To execute this mission, the Office of the Chief Financial Officer’s (OCFO) Business Transformation Office (BTO) develops and leverages technology to create solutions that increase transparency and accountability as well as support data-informed decision making for leaders at all levels of the CISA organization.
BTO has broad responsibilities that include investigating technologies, processes, and concepts, and then developing plans for future technical roadmaps for OCFO offices. They develop capabilities that support the OCFO mission at multiple levels using technology demonstration, integrating existing solutions, and developing new tactics that provide immediate solutions to the urgent challenges of the OCFO mission.
The Challenge
Current OCFO operations face many challenges that result in inefficiencies and redundancy. Manual data processing tasks slow down data collection, analysis, and reporting. Using individual Microsoft Excel workbooks to maintain and manage financial data results in data redundancies. Disparate information systems and repositories inhibits timely and accurate information required for effective decision-making.
CISA awarded OPTiMO a three-year contract to deliver the CISA Data Management Platform (CDMP) utilizing our Agile-based, engineering and architecture expertise and services.
The Solution:
OPTiMO is delivering a suite of data lake-driven capabilities to the CISA OCFO that provide role-based services across all CISA divisions. Specifically, division leadership needs a commonly shared, enterprise data management solution to facilitate decision making, which requires integration with systems of record across other DHS components. Our efforts include advancing CISA’s cloud infrastructure, Continuous Improvement and Development (CI/CD) pipelines, system integration, and API microservice capabilities in alignment with mission support priorities. Our collaborative team completed a key aspect of this capability in May 2022 by establishing the first GovCloud platform authorized to operate at CISA.
OPTiMO is transforming CISA’s services and application delivery to more effectively meet the agency’s continually evolving mission needs.
Leveraging Agile best practices and guidance from CISA’s stakeholders, OPTiMO first engaged DHS Headquarters to build out the needed infrastructure and services, including DevSecOps capabilities. We also engaged with the CISA CIO to begin the Authority to Proceed/Authority to Operate (ATP/ATO) processes, including working closely with CISA security team members to ensure we addressed 100% of DHS standards and practices as part of ATP/ATO execution. This entailed identifying and addressing 365 unique security controls, and 21 systems policies and standard operating procedures.
While both infrastructure and ATP/ATO efforts were ongoing, the team launched a comprehensive discovery effort with all CISA OCFO divisions and sub-divisions to socialize the project objectives, garner support, and define requirements that supported the objectives.
As a result, we executed 14 separate tabletop reviews, leveraging the feedback to create the initial version 1.0 Minimum Viable Product (MVP) scope. The daily refresh of data coming from essential, DHS systems of record was beneficial to fully automating the MVP scope of key data analytics and reporting.
The Impact:
By partnering with CISA and working side-by-side with CISA OCFO leadership, OPTiMO successfully delivered the initial phase of the enterprise data management strategy originally envisioned in the contract. Key to this success was our ability to complete the core architecture, requirements gathering, and ATO activities simultaneously with an efficient, Agile-driven footprint. In addition, we implemented CI/CD pipelines and the required Kubernetes container capabilities as part of establishing the first set of 20 dedicated CISA APIs.
The CISA OCFO is planning to expose the APIs created in conjunction with CDMP via Data.gov as part of a future release. This will allow other Government teams both inside and outside of CISA to execute their respective mission support functions.