|
TESTIMONY
OF
DAVID M. WENNERGREN
DEPARTMENT OF THE NAVY CHIEF INFORMATION
OFFICER
BEFORE THE
HOUSE
ARMED SERVICES COMMITTEE
SUBCOMMITTEE ON
TERRORISM,
UNCONVENTIONAL THREATS AND CAPABILITIES
UNITED STATES HOUSE OF REPRESENTATIVES
REGARDING DEPARTMENT OF DEFENSE BUSINESS
TRANSFORMATION EFFORTS
March
31, 2004
Capabilities Subcommittee, thank you for
inviting me to discuss the Department of the
Navy’s (DON’s) vision for leveraging the
power of information technology (IT) to
transform the warfighting and warfighting
support (business) processes of the Navy –
Marine Corps team.
TRANSFORMATIONAL VISION
The
Department of the Navy has made significant
progress in implementing our vision of
network-centric warfare and knowledge
dominance. Inherent in network-centric
operations is the seamless exchange of
information from sensors to shooters, to
logistics, maintenance and re-supply
organizations, breaking down traditional
barriers between “tactical” and
“non-tactical” IT systems. Transformation
of our business processes and systems is
driven by, and is inextricable from, our
warfighting transformation. The concept of
net-centricity requires that authoritative
data be available on demand to warfighters,
other decision makers, and the supporting
business and logistics activities that
maintain their ability to fight. Our DON
Information Management/Information
Technology (IM/IT) Strategic Plan provides
the goals and objectives that are guiding us
in this transformation of our Naval
warfighting team. Through its
implementation, we are re-inventing
processes, generating efficiencies,
eliminating duplicative systems and
applications, embracing strong portfolio
management/capital planning efforts, and
focusing on the core set of systems and
applications that will ensure our forces are
prepared to meet the demands of the 21st
Century warfighting environment. These
efforts focus on commercial standards,
industry best practices and interoperability
to ensure that our solutions will work
effectively with our joint, Allied and
Coalition partners, as well as within the
Federal Enterprise Architecture guidelines.
CREATING A SEAMLESS IT INFRASTRUCTURE
Net-centric operations require connectivity
across our Enterprise to make critical
information available when needed to
warfighters, other decision-makers and
support personnel. Such connectivity
requires a seamless infrastructure that
replaces traditional disparate, isolated
local area networks. Building on the
successful framework of the Department of
the Navy’s Information Technology
Infrastructure Architecture (ITIA), the Navy
Marine Corps Intranet (NMCI) is being
implemented to provide the access,
connectivity, interoperability and security
foundational to our business system
transformation.
The NMCI
initiative provides network-based
information services through an innovative
performance-based contract using state of
the market equipment and industry leading
service providers. NMCI is a vital
component of the DoD Global Information Grid
(GIG), interfacing with our deployed
networks (IT-21 and MCEN) to serve as the
conduit for the exchange of data,
information and knowledge.
Our
implementation of NMCI has significantly
improved our IT enterprise, and will
increase productivity through greater
knowledge sharing and improved
interoperability. A review and
certification process for all applications
deployed on the network has been implemented
to ensure compliance with security and
interoperability requirements. The value of
this revolutionary IT initiative has been
demonstrated repeatedly. Over the last few
years, it has resulted in improved security
and continuity of operationsfacilitated
training for our military personnel,
highlighted opportunities for efficiencies,
and provided invaluable support to the
deployment of capabilities such as pierside
connectivity and Public Key Infrastructure (PKI).
NMCI is absolutely crucial to the success of
our warfighting and business IT
transformation.
We will
continue to build on the success of NMCI as
we integrate all Naval networks within the
DON architectural framework, based on open
standards and fully aligned with the GIG and
the Business Enterprise Architecture and
Federal Enterprise Architecture. Our Naval
IT team has made substantive contributions
to all of these important architectural
efforts and will continue to play an active
role in them, as well as in the various
national and international standards bodies
to ensure that Naval IT solutions are
cost-effective and interoperable with our
warfighting and business partners.
IMPLEMENTING WEB-BASED BUSINESS IT SOLUTIONS
One of
the great benefits of implementing NMCI has
been the ability to identify all of the
systems and applications in use across the
Department. The Department has made great
strides in implementing portfolio
management. Our Functional Area Managers (FAMs)
are employing sound investment management
practices in overseeing legacy application
reduction and alignment of our IT
investments with required operational
capabilities. Thus far, by eliminating
outdated and duplicative software, our FAMs
have reduced the number of approved
applications on NMCI by over 89% from 67,000
to approximately 7,000. Over the months
ahead, we will go through the migration
process to retire legacy applications,
identify authoritative databases and improve
business processes to optimize operational
effectiveness and investment decisions.
We
remain committed to the reduction of legacy
applications and databases and
identification of Enterprise solutions.
FAMs have defined the core functions
performed within their respective areas of
responsibility to ensure that IT
capabilities and solutions are aligned with
operational requirements. This approach
mirrors that of the Federal Enterprise
Architecture (FEA) and use of the FEA
Business Reference Model (BRM). The FAM-defined
core functions are being mapped to both the
BRM and to the DoD Business Management
Modernization Program (BMMP) Domains to
ensure alignment from the DON to the DoD and
Federal levels. The significant progress
our FAMs have made has resulted in a number
of valuable lessons learned on the
importance of aligning the IT portfolio from
both the functional and the warfighting
process perspectives, and we are sharing
these lessons with the BMMP Domain Owners.
Our rationalization efforts include
designation of the Department of the Navy
Application and Database Management System (DADMS)
as our single authoritative database for
applications and databases. As the
authoritative source, DADMS will be a key
tool in our future investment decisions.
To
support migration to a web-centric
environment, the DON has begun implementing
a Navy - Marine Corps Portal (NMCP)
strategy. The NMCP will integrate existing
individual portals, providing secure access
to all DON IM/IT capabilities through a
single point, further improving efficiency
and security, and simplifying access to
self-service transactions for our Sailors,
Marines and civilians. The Enterprise
portal will ease discovery and retrieval of
information and provide the entry point to
standard Enterprise applications and
databases. Our aggressive data management
will ensure that net-centric solutions use
authoritative data sources for optimal
decision-making in both the warfighting and
support domains.
Our goal
is a web-enabled Navy-Marine Corps team, a
mobile workforce with access to secure
self-service transactions, via the web,
around the world. Our movement to web
services solutions will provide for the
establishment of single authoritative data
sources and will eliminate “stand-alone” and
“stove-piped” legacy systems. Key to this
transition is the adoption of open
standards. The Navy-Marine Corps team
continues to be a leader in defining and
adopting standards that will facilitate
information exchange through technologies
such as Extensible Markup Language, or XML.
Our XML policy will enable us to securely
exchange data across the Enterprise and
eliminate costly point-to-point data
exchange interfaces. To this end, our
policy prohibits the use of proprietary
extensions to commercial specifications that
would inhibit interoperability.
Our
commitment to adopting industry best
practices led us to implement four
enterprise resource planning (ERP) pilots
using commercial-off-the-shelf software
(COTS). The benefits of ERP include
improved readiness through reduced
supply/maintenance cycle times, increased
financial accuracy, elimination of redundant
applications and databases, enhanced
configuration management and reduced IT
systems costs. The Naval team has derived a
greater margin of efficiency by adapting our
processes to work within the COTS solution,
rather than creating costly unique versions
to fit our existing processes. The four ERP
pilots will now be converged into a single
ERP, to provide even greater productivity
enhancements and cost efficiencies.
EMBRACING eGOVERNMENT BEST PRACTICES
We have
made a concerted effort to embrace
eGovernment best practices to transform
labor-intensive paper processes into
reengineered, efficient, and effective
web-based solutions. Aligning with the
tenets of the President’s Management Agenda,
our DON eBusiness Operations Office
provides, through its innovative consulting
work and pilot projects, substantial
efficiencies, resource savings and cost
avoidance across every mission area of the
Department. The office’s groundbreaking
work has been recognized across government
as a best practice and has been adopted by
other Agencies for their own transformation
efforts.
I chair
the DoD Smart Card Senior Coordinating Group
(SCSCG), the DoD-wide alliance for rollout
of a single smart card for the Department of
Defense. The SCSCG has been instrumental in
the successful development of the Common
Access Card (CAC) that is being issued to
all active duty military, Selected Reserve,
government civilian and selected contractor
personnel – a total population of
approximately four million. This card, with
its Public Key Infrastructure (PKI) digital
certificates, is crucial to providing the
capabilities of digital signature, secure
authentication and single sign on, which,
taken together, offer even greater
opportunities to reduce IT system costs,
improve information security and encourage
the adoption of web-based solutions. We
will continue to champion the crucial role
of identity management as a part of our
business transformation, and I have been
asked to lead the DoD Identity Management
Senior Coordinating Group, which will
integrate and align the Department’s smart
card, PKI and biometrics efforts.
MAXIMIZING THE DEPARTMENT’S BUYING POWER
The
Department of Defense Enterprise Software
Initiative (ESI), which is co-chaired by the
DON, has produced twenty-three software
acquisition best practices that are allowing
the Department to consolidate software
requirements, streamline acquisition and
leverage the Department’s vast buying power
to reduce costs and improve licensing terms
and conditions. As an example, the DON was
able, through ESI, to consolidate 170
separate contracts for Oracle database
products to a single Enterprise license with
a discount of over 62% off the GSA schedule
price. The ESI initiative is providing
significant cost avoidances and putting into
place Enterprise agreements that will
support our implementation of ERP and web
services solutions. We anticipate that our
portfolio management processes will identify
additional Enterprise licensing
opportunities.
FULL
DIMENSIONAL PROTECTION
The
security of our information, systems,
personnel and critical infrastructure assets
is fundamental to net-centric operations.
The DON’s Full Dimensional Protection
approach includes three components: (1)
protecting knowledge pathways through
Information Assurance (IA) and Defense-in
Depth, (2) protecting our Centers of
Knowledge through Critical Infrastructure
Protection (CIP), and (3) protecting our
Knowledge Workers through efforts to protect
individual privacy. These efforts will
ensure the reliability, availability and
integrity of DON information and information
systems; protect our people and protect the
critical infrastructure needed to defend and
secure our mission-critical capabilities.
The
Department of the Navy Critical
Infrastructure Protection (DON CIP)
initiative continues its efforts to
identify, prioritize, assess, remediate and
protect those infrastructure assets (both
cyber and physical) most critical to
successful operations plan execution. In
partnership with the Assistant Secretary of
Defense for Homeland Defense and NORTHCOM,
DON CIP is implementing innovative
strategies to enhance mission assurance. The
Naval integrated vulnerability assessment (NIVA)
brings together already existing and robust
Navy and Marine Corps capabilities to
conduct coordinated, comprehensive
assessments of mission reliance on key
infrastructure within a specific region
(cyber and physical, DON-owned or
commercially owned). In 2003, the Department
conducted regional NIVAs in the Pacific
Northwest and Hawaii, to identify
vulnerabilities and assist local commanders
in developing appropriate remediation
strategies. Applying assessment best
practices enables immediate incorporation of
specific recommendations and coordination of
regional emergency activities. Identifying
commercial dependencies and working with
local and state governments promotes
understanding and coordination, reduces
duplication of investment and provides
better continuity in emergent situations. We
will press forward with our program for this
critical work while continuing to coordinate
and exchange information with corresponding
Federal and state agencies.
STRONG INVESTMENT MANAGEMENT AND GOVERNANCE
We have
taken a number of steps to both strengthen
IT governance and put into place the
necessary tools to do effective investment
management. Our improved IM/IT governance
structure has strengthened, aligned, and
integrated our IM/IT efforts across the Navy
and Marine Corps, ensuring Department-wide
alignment of IM/IT efforts with warfighter
priorities. The designation of Deputy CIOs
for the Navy and Marine Corps has been
particularly helpful, aligning both IT
policy and execution, and CIO and C4
responsibilities. Similarly, reporting
relationships between Echelon II command
Information Officers and the Deputy CIOs has
helped to ensure that command IT initiatives
stay aligned with the Department’s IT vision
and architecture.
The Navy
Sea Enterprise Board of Directors, the
Marine Corps’ Information Technology
Steering Group and the Department’s FAM
Council embody the senior level leadership
exercising effective oversight and
management of IT investments. We have put
into place several other innovative
processes to ensure the alignment of IT
investment decisions. Our IT investment
priorities are now incorporated into
programming guidance for the POM, and in
budget execution and acquisition guidance.
Together, these controls leverage
comptroller and contracting personnel across
the Department to monitor and ensure prudent
IT investment decisions are executed.
Further governance is achieved through our
review of IT programs for compliance with
Clinger-Cohen Act requirements and
certification for network standards. The
Net-Centric Enterprise Services checklist
has provided an additional tool for
assessment of our programs’ compliance with
GIG interoperability requirements. All of
these efforts have helped to focus our
budget requests on transformational
activities. We are at a critical phase in
our transformation process, and the IT
funding in our FY 05 budget is crucial to
ensure that we can deliver the information
dominance advantage that we have begun to
build for our warfighters.
The Navy
- Marine Corps team has made significant
progress in achieving the transformational
net-centric capabilities demanded by our
defense strategy and today’s operational
environment. Cumbersome legacy systems of
the past are being replaced with
re-engineered web-based solutions. Industry
standards and the use of commercial-off-the
shelf technology have replaced the
government-developed solutions of the past.
We are re-engineering our business processes
to leverage technology to deliver
warfighting capability more effectively.
Smart buying practices are in place, and
senior Navy and Marine Corps leaders are
actively engaged in IT investment
management. These efforts are integrated
with the rest of the Department of Defense
and will ensure the interoperability
necessary to provide our contribution to the
GIG, the Defense Business Management
Modernization Program and the Federal
Enterprise Architecture. The DoD IT
governance team is working closely together
to deliver the vision of net-centric warfare
and knowledge dominance. We have made great
strides thus far, and I am confident that we
have the leadership, guidance and processes
in place to carry us the rest of the way.
The opportunities for the Department and the
Nation are tremendous.
Mr.
Chairman, members of the Subcommittee, I
thank you again for allowing me the
opportunity to speak to you today. We
greatly appreciate your support of our
information technology initiatives to meet
the challenges we face and I look forward to
working with you on these important
initiatives. I am happy to answer any
questions that you may have about the
Department of the Navy’s information
management/information technology
initiatives. |
