Hearing will come to order. I welcome everybody to this hybrid hearing. Both Ranking Member mister heiss and myself have wanted to have hearings resume in person. Especially when we are in session i made a promise to mister heiss that i would fight for that and today is the fruit of that effort i believe when we were in session, to the extent possible, protecting everybodys health and safety, we can and should be meeting like this. At least in hybrid form those members who are not comfortable or who physically cannot join us in the hearing room are more than welcome to join us through the web. We are happy to have them. We ask everybody, when they are not speaking, to wear a mask that is the guidance and the capitol hill position. That is the guidance of the chairwoman of this committee. It protects everybody i really appreciate that cooperation. Let me see. For members appearing remotely, just a few reminders before i get my Opening Statement. House rules require that we see you so please have your cameras turned on at all times during the course of the hearing members who are not recognized should remain muted so we minimize background noise and feedback i will recognize members verbally and members retain the right to seek recognition through either our staff or have your staff contact our staff and we will be glad to make sure you get recognized you can use the chat function to send a request. If none of all of that works, you can unmute your mic and seek recognition we will try to minimize people talking over each other these are not ideal circumstances, but we are in the midst of a pandemic that is tragically growing rather than contracting. So, we want to make sure we are safe a number of our colleagues and staff members, capitol hill police, have come down with the virus we dont want to do anything unwittingly that could spread that contagion so, we will do everything we can to make sure this is a safe environment in which to operate. With that, i recognize myself for my Opening Statement. The federal governments response to the pandemic has exposed some fundamental weaknesses that have to be fixed especially legacy ip systems throughout this Global Health crisis, millions of americans facing illness, unemployment, Food Insecurity and an inability to pay their mortgages or rent have looked to the federal government for help. Yet despite urgent congressional action in providing unprecedented levels of economic assistance, those indeed have often had their misery exacerbated by broken ip infrastructures at the federal and state level that have prevented them from receiving timely support. The cares act, which was overwhelmingly passed on a bipartisan paces by this congress, with signed into law on march 27th it is now july 20th. We still do not have the post pull more them on the failures of the Small Business administration the trans system, tasked with facilitating more than 750 billion dollars in Small Business loans and grants. The Internal Revenue service has yet to deliver tens of millions of Economic Impact payments. In my home state of virginia, certain types of unemployment claims will not be available until august due to the states failure to update its ip systems. The Public Policy response was there, but our i. T. Systems often could not deliver. In other words, the fate of the Worlds Largest economy rises and falls often with the ability of government i. T. Systems to deliver. In an emergency. That should galvanize us all. It has been reported the 21 Million People were unable to receive their cares act stimulus payments because irs could not find accurate direct deposit information. Hundreds of thousands of Small Businesses were shut out of sba system for submitting loan applications. For every ten people who successfully filed for unemployment, an additional three to four were unable to submit claims online. That is a big problem. We are looking at 31 Million People on an ongoing basis we depend on the unemployment check every week. Issues with legacy i. T. Systems are not news to us on this committee. We enacted the federal Information Technology acquisition reform act, of which i was a proud coop author, to help federal agencies prioritize federal i. T. Monetization. The modernizing Government Technology act also coming out of this committee, was passed to enable agencies to establish work in Capital Funds to help them use savings from my team monetization in order to further invest integrated agile systems and transition away from those legacy systems. Legacy systems that are often 30 and 40 years old. The law also created, coming out of this committee again, the technology monetization fund which established a government Funding Source for agencies to remove and replace those legacy systems and upgrade their own. Yet the team f remains chronically underfunded. And outgoing chief Information Officer, suzanne cant, has identified as underfunding as illustrative of the small board thinking that unfortunately has prevailed when it comes to making key investments. Agencies responsible for performing critical government functions operate on legacy systems with components, sometimes dating back even 50 years. The Government Accountability office found that the ten most critical federal legacy ip systems in need a modernization are maintained by ten different federal agencies. Each performing essential Government Operations. As they age, these legacy systems will become more expensive to maintain, more vulnerable to cyberattacks, less effective in accomplishing Agency Missions if the most public alert and Warning System fails, millions of lives could be lost during a Natural Disaster because lifesaving information was not delivered to the public and time. If the department of the interior system that monitors power plants installs, thousands of communities could be left without power. Simply put, outdated and inefficient systems put american lives, as well as livelihoods, at risk. As we heard from organizations representing federal workers in the subcommittee hearing two weeks ago, agencies have been able to leverage telework to ensure the continuity of Government Operations while also protecting the health and safety of federal workers nonetheless, the largescale shift to teleworking exposed critical cybersecurity vulnerabilities underlying that outdated i. T. Since the pandemic hit, Inspector General have reported in the increased risk of Data Security breaches, disclosures of classified information and targeted cyberattacks and fraud schemes affecting Financial Aid to Small Business and people affected by the pandemic. Going forward, federal agencies will need to quickly retire their legacy systems and prioritize modernizing i. T. , like adopting Cloud Computing technologies through fed ramp. A program that enables agencies to quickly secure and adopt new technologies. Im grateful for the fact that, in the Defense Authorization bill we are considering today on the floor, in the first on block group of amendments, our bill that came out of this committee is included. In 2019, 13 agencies reported to ge oh that they achieved at least 291 billion dollars in savings from increasing their investments in cloud technologies. I hope we can continue to advance the bipartisan fed ramp authorization act that passed by voice vote and signed into law by the president on a bipartisan basis modern reliable i. T. Is not just a nice thing to have. Our federal governments consistent failure to prioritize i modernization and Program Delivery prevented the public from receiving the assistance congress authorized to help the nation whether the worst Global Pandemic and 100 years. We can no longer allow outdated legacy technologies to stymie the delivery of vital public services. We will need to rip out route route and stem a system that has hung around for decades because the replacement costs have been prohibitively expensive. If doing so is a matter of being able to save the American Economy from collapse, almost anything is cheap by comparison. With that, i call upon the distinguished Ranking Member for his five minute Opening Statement. Thank you very much mister chairman. I appreciate a great deal you working with us to make this hearing happen. Im really grateful for that. I would say though that guidance to wear masks or one thing and Committee Rules are another. There is no question that in this room right here, we are well beyond the guidance the dccc recommends. We have had some who are not here today because they feel as though we are too strict and the requirement of the mask. I would ask as we go forward, that we would continue to work through this to see how we can accommodate all members who would like to participate in the hearings within the cdc guidelines as well. As i have on having a hearing physically, i will work as diligently as i can with him. I will, however note, that the committee is falling bigots of the capitol hill physician who more than strongly recommends the wearing of a mask. Its not just cdc guidance. We also well, so we will try to work with that with you and i really appreciate all of my colleagues trying to respect everybodys health and safety today. Right. I know you will and i look forward to those further conversations. On behalf of those who feel a little bit differently, i would appreciate that continuing conversation. Thank you very much. I would also appreciate, mister chairman, the fact of you holding this particular hearing on federal i. T. Modernization i think we are all very much aware of the need for modernization in this area. The lack thereof certainly exposes us to security risks as well as the inability for flexibility and scaling up. And ultimately, our agencies are incapable of meeting in the needs and responsibilities they are required to do and yet, we as a government, continue to spend a majority of our budget on maintaining these legacy systems rather than taking us into the new era of computer needs. For example, from 2010 to 2017, over 450 billion dollars was spent just to keep legacy systems running. Of course, that also represents 450 billion dollars that was not able to be used for new technology. At the same time, of Course Technology continues to move forward and improve while we are slow to procure any new capabilities whatsoever. So its time for us to look at reform, its time for us to look at changes. How do we go about getting up to date . Theres no reason that we dont do so. I very much look forward to our Witnesses Today and appreciate you being here as we try to consider ways to reform the i. T. Acquisition process and to prevent agencies from trying to reinvent the wheel. Particularly when potential solutions already exist in the commercial marketplace. Specifically, this committee is interested, i believe, and learning how and what Congress Needs to do to help agencies overcome some of the challenges that are presented by annual funding cycles that frankly makes it very difficult to tackle as it relates to i. T. Modernization im hoping today that our witnesses will be able to help this committee understand how we can improve this whole process. Particularly the Technology Management fund to help government replace legacy systems we have to become more modern and uptodate rather than continuing to rely upon old systems finally, i think there must be some accountability in this whole process to keep agencies responsible for the progress that they are making of course, there have been many hearings that weve already had on the pretoria scorecard somewhere along the way though, it appears to me there must be some sort of incentive that must be involved to help agencies come along and improve. So i look forward to hearing all these types of things as we move forward with the hearing today and i am hopeful that you will be able to supply some of those answers. I want to, again, thank all of our witnesses for being here today as we participate in this hybrid hearing. Mister chairman, with that i yield back. I think my friend and he makes some very good points. Our next hearing is monday. It is the tenth hearing we will have had on the implementation of a tory. The good news is, i think for the First Time Since we passed the bill, there are no deaths and no decrease in the scorecards so we have made some progress but, we still have to retire those legacy systems we were talking about. That is going to require some finesse. So i thank the distinguished Ranking Member. I would like to introduce our witnesses our first witness today is gordon but go whose Senior Vice President of policy for the Information Technology Industry Council we are also joined by matthew corny liam is here physically. The director for the digital alliance. We will hear from steve okeefe who is someone who is the inspiration for the fed rap legislation and has done a lot to try and translate the photographer scorecard into more digestible ways that have been very helpful. Our final witness will be hunted shank was the director of strategy for new america. If our three witnesses who are remote and mr. Chameleons if you would rise and raise your right hand its the practice of our committee to swear in our witnesses. The other three witnesses can raise their right hand. Can all of you confirm that you are doing so . Do you swear or affirm that the testimony you are about to give is the truth, the whole truth and nothing but the truth so help you god . Let the records show that the witnesses have indicated in the affirmative. Thank you without objection, written statements will be made on part of the record we ask all of our witnesses to try and summarize their testimony within the five minute time limit. With that, mr. It go you are recognized for your testimony. Hice. Previously, i was the ceo at the fbi for three half years. I had more than 25 years of experience as a technologist and Technology Manager across the public and private sectors. I tie represents more than 70 leading i. T. Companies. We believe it is more important than ever for the u. S. Government and our Member Companies to Work Together in support of policies that promote effective government through technological leadership. The u. S. Public sector must leverage this innovation and leadership by adopting policies that enable easier use of commercial products and services that provide security, agility, scale ability and elasticity that supports the Enormous Growth and demand for Digital Services and data. That imperative to modernize is true of every Government Agency with the ongoing pandemic, it has only accelerated the need for change the need for largescale agencies to ship to tell where during the pandemic, is result a transformative activities in recent years. Incremental change is insufficient in the face of exponential growth when stressed enough, legacy systems fail catastrophic lee we saw this in multiple state of unemployment systems, but many federal agencies also provide federal Critical Services providing the High Quality Services that americans expect means these systems must modernize. We must address the policies and practices the restrain modernization in government i. T. Technology the department of justice highlights many inhibitors of innovation. Starting in 2014, doj planned to consolidate three core facilities with two owned and operated by the fbi, included a newlyfunded center in an existing facility in idaho. He was posted in february of 2016. Full operation is scheduled for the september it will already be out of date two years ago, a commercial providers consulted about providing Services Using a facility to climbed that already fell short of their technical requirements. The new facility enabled doj to close multiple data centers is progress. Data Center Metrics will improve and some applications will modernize. However, it will never be a stateoftheart facility and will continue to host a legacy systems. Meanwhile, systems able to invest in modernization will lead to Innovative Technologies and resources have worked dojs. Governments limited technological and expertise, and predictable funding and inflexible construction processes all contribute to timelines much longer than commercial best practices. At the same time the lack of multiyear i. T. Modernization funding means legacy applications endure. Federal i. T. Isnt held together by duct tape there are excellent professionals throughout government delivering quality Information Technologies the reality is, it is still too hard for them to get to the front lines and focus on court long term agency challenges. The government has defied unnecessarily complex requirements based on data business processes. The overhead of a customized solution is often been project. , over budget and under used. So the government has well defined objectives and smartly engaged with industry, the result has been successful and Cost Effective commercial services, securely provided at speed and scale. Adopting this approach in paris industry will create World Services for government, tribe competition by leveraging standards and encourage innovation by opening markets to new companies, products and services. At the same time, i. T. Budget and acquisition process ease must evolve to empower the federal workforce to leverage commercial capabilities. Transformational change requires longterm strategic and financial. The annual budget cycle forces agency i. T. Planning steps to spend too much time managing the budget process and too little time enjoying projects and programs are well managed and wellfunded however, those same ip planning steps need to adopt a Continuous Delivery there should be projects on traditional schedules, but rather improving the mission and used both within and outside the Agency Government processes and tools for managing 18th estimates, such as the scorecard and the federal i. T. Dashboard, need to be updated to reflect those modern realities of i. T. Thank you again for inviting me, i look forward to questions. Thank you very much. Mr. Corny lease, you are recognized for five minutes. Chairman connolly, Ranking Member hice and distinguished members of the subcommittee, thank you for the opportunity to testify today on the vitally important topic of federal i. T. Modernization. My name is matthew cornelius, and im the executive director of for the alliance for additional innovations. Where Non Profit Organization made up of nearly two dozen of americas leading i took Technology Companies which focuses on empowering the government to deliver the Effective Services that citizens deserve. Our companies have a successful track record of modernization in Large Enterprises across both the public and private sector we are keenly aware that the governments continued reliance on outdated Legacy Technology obstructs the government i will share perspective on both the challenges and opportunities agencies face and offer recommendations to improve the speed, scale and likelihood of success and modernizing legacy i. T. Prior to 80, i had the privilege of serving in senior federal i. T. Policy roles in both the office of management and budget budget and the Services Administration i lead the creation execution of several key. I highly these additional experiences as i believe they provide me with a unique understanding about the modernization that i can share with you today. When i describe governments legacy problem, i want to note that he goes far beyond certain systems that are decades old. It is a cultural problem, both inside government and out. For starters, the government is a verse to market pressures and often relies on woefully outdated Business Model that prioritizes building and only Technology Solutions inside agencies. And edition, there is little alignment of Agency Procurement and Financial Management processes to commercial best practices. And, agencies rarely have the appropriate incentives to modernize effectively and partner with truly Innovative Companies to drive mission outcomes. The recent report by the Pandemic Response Accountability Committee highlighted i. T. And cybersecurity as two major challenges faced by agencies during the response to covid19. However, the report also pinpointed numerous examples such as the department of health and human services, the Nuclear Regulatory commission and the department of defense have been able to deal with the significant disruptions of covid19 because theyve already invested significantly in Cloud Computing and had enhanced both their teleworking up abilities and digital work flows. Such examples are possible because these agencies had a commitment to i. T. Modernization from Senior Leadership, a workforce able to effectively buy and deploy these type of new technologies, and a culture that and racist innovation still, more can be done a second key to empowering an accelerating i. T. Modernization is to ensure that agencies can easily and effectively acquire and use commercial capabilities to achieve mission outcomes. While some Public Sector agencies are embracing cloud and other emerging technologies, too many are hamstrung by technical debt and procurement paradigm that lead to wasteful spending and forced customer satisfaction. 80 i as written extensively on the need for government to follow current law, such as the federal acquisition streamlining act, which establishes a commercial first framework. Government must prioritize the acquisition of commercial off the Shelf Solutions which are easier to embed across the agencys i. T. Enterprise, are more secure and cost substantially less than bespoke agencies pacific systems. Third, successful ip modernization requires many years of sustained investment and ÷bvmthe ability of Agency Leaders to make adjustments and address challenges that occur along the way unfortunately, the budgeting and appropriations processes rarely provide the necessary flexibility to try to Digital Transformation the current model restrict the ability of agencies to both plan and invest wisely and modernization the expansion of i. T. Work in working Capital Funds, as envisioned under the mvp act, would allow agencies to make smarter longterm investments additionally, api supports providing significantly more money to the Technology Modernization fund so the government can support Digital Transformation across the federal enterprise finally, there are several Options Congress may consider to help accelerating modernization. For example, congress should overhaul decades old laws such as Congress Cohen and the ear government act, to provide a current sustainable around a shun more aligned with todays technology environment. Congress should also build on its oversight successes made possible by the four towers scorecard, to a big current metrics and in clued new ones such as crowded option, fed ramp authorization and reuse, and the acquisition of commercial items. Additionally, congress can continue encouraging agencies to prioritize training the federal workforce on procurement Cyber Security and digital capabilities modernization is impossible without a highly skate skilled capable workforce. Most importantly, congress should consider continue to make i. T. Modernization a critical issue that unites both parties, both chambers of congress and both the legislative and executive branches. In conclusion, i can modernization is vital not only because it saved money and enhances cybersecurity, it is the primary means for agencies to competently and capably deliver important Citizen Services to the american people. Fbi is proud to highlight the modernization successes happening across the federal enterprise and to share our insights and eliminating costly wasteful legacy are. Teapot you get for the opportunity to appear here today. I look forward to your questions. Thank you very much mister cornelius. I can assure you every single major vote on this committee, since i have been here, on the subject, has been bipartisan. Ive never had a partisan vote. In fact, it would be hard to tell the difference between us when we Start Talking about it. So we are very proud of that. Mr. Okeefe, you are recognized for five minutes. Thank you. Chairman connolly and distinguished members of the subcommittee, thank you for the opportunity to speak today. Chairman connolly, thank you for your competent leadership on federal ip and workforce issues. My name is steve okeefe, im the founder of marital or more, talk. We are here for one reason. The pandemic made the federal community and cabinet secretaries, for that matter the american public, get the importance of federal ip its rodney danger field and Winston Churchill here we dont get no respect. And as churchill famously told us, never let a good crisis go to waste. A quick irony, i testified on this topic. The urgent need for federal i. T. Modernization. A decade ago on the senate side. I testified against then federal ceo the vet, who put forth a 25 point plan to modernize federal i. T. I argue that it was far too complex. There are only ten commandments. How can there be 25 points . And the plan to fix federal i. T. It proved true. Complexity is the number one issue a federal i. T. Modernization so what to do . This is like a five minute hamlet so lets make haste action, one attack complexity the time is ripe for qatar and energy to shine however, these lighthouse laws and ceos are mired in the slings and arrows of complexity we need to cut to the quick. Consider that complexity, it really is an alphabet piece soup we have that ramp, the coy, ceo is, kept goals, and im just scratching the surface. This is madness. Just looking at cybersecurity. Even einstein could not fathom all of that. How about we simplify and rebrand these initiatives . Give them names that describe the function they perform and fit them together into a coherent narrative that explains the value they deliver . What about we plug those programs all into fitara, with tangible outcomes and metrics associated. First off, lets attack complexity. Second, fitara for the future. Its time to evolve. As we look at the fitara scorecard, the legislation has proved a huge success. Congratulations. But, five years is an eternity in the i. T. Space and its time to modernize fitara. Lets make the fitara scorecard realtime. Plugging the scoring criteria into the i. T. Dashboard and lets make the fitara i. T. Dashboard the to be or not to be a federal i. T. This would kill confusion about whats measured info tara and make the tara realtime epicenter in a radically simplified federal i. T. Government landscape. As an shakespeares plays, relationships are very important. We need to web fitara and ngc. As you know, pmf was part of fitara first act. Thats lets hard wire angie tea, tmx funding, into the fitara scorecard. Agencies that score below a sea are simply not available to get tmf funds. The next point is appropriations, appropriations, appropriations. Lets consider the ghost in the hearing room on tmf. Tmf was originally part of the first fitara package, the draft legislation called for three billion dollars in annual funding. Tmf was never capitalized with more than 25 million dollars, and most years its actually zero funded. We need to engage a appropriators appropriators. Back to churchill, we will never have a better opportunity to cease appropriators attention. Heres an opportunity for industry to get involved, engage through the trade groups to talk to appropriators about this issue. My fourth point, danger ahead, i keep sprawl and really funding. A precaution. As we look to reinforce and evolve fitara, weve seen warning signs that point to new ip sprawl ahead. Other pandemic relief bills provide welcome funding for ikea modernization, but in many cases they come in and around the ceos office and indeed fitara. America needs the relief, but beware of sprawl and any subversive shadow i. T. Subplots. Lastly, the next federal ceo that should come from inside the government i. T. Community while i know this committee does not pick the next federal see i oh, i would be remiss if i didnt make a plea for the next administration to say elect a federal cio the nose government i. T. From the start. However, bringing somebody in from outside government creates a massive learning curve. Ive already talked about the complexity we should pick somebody who knows government ip we have a lot of very qualified candidates so it is a play in five acts. Attack complexity. Evolve fitara forward for the future. Appropriations, appropriations, appropriations. Look out for iraqi sprawl as we see really funding coming in much needed relief funding, but we want to make sure it does not come around the cio office and fitara. And we need to choose wisely for our next federal cio. Federal ip experience will be a huge plus. Thank you mister oh keep. Thank you. Hannah shank youre recognized for five minutes. Thank you for the opportunity to speak today. My name is hannah shank, and im the managing director of the Public Interest Technology Strategy group. Ive spent over 25 years working in technology in both the public and private sectors. I want to start with a story. Lisa charles lives outside of charlottesville virginia. The 42yearold divorced mother of two, typically qualifies for the income tax credit she works when she can, but spends the bulk of her time tending to her older sons severe medical problems. His and a Current System does not function properly and he spends a lot of time in and out of the hospital. Because charles was below the threshold and not filed 2018 or 2019 taxes, she was one of an estimated 12 million americans who had to declare a stimulus check using the irs is non portal in march, sitting beside her son at the hospital, she filled out the form. She really needed the money because she was behind on rent and facing eviction. Today, she has not received the stimulus money for her children or the 2148 dollars she qualifies for under the earned income tax credit. What you did not understand is that the non file or portal prevent users from claiming. As a workaround, the portal fast simple tax returns for its users and denounced to charles and millions of other americans. So when she attempted to claim the ipcc, because she had used the portal, the irs said she had already filed taxes and couldnt do so again. To remedy the situation, charles most male a 10 44 am to the irs and wait for the agency to work through its backlog to get to her in the meantime, charles is bills will not wait when it comes to federal ip failures, we are used to hearing stories about websites crashing or huge cost overruns and delayed launches but charles the story is more and more what federal i. T. Disasters disaster stories will sound like. Unless the federal government changes its approach to technology, badly designed systems layered on top of a badly thought through process, ending up in a total failure of Service Delivery for the people who need it most is our future yes, it is true that the federal government often relies on i. T. Systems that date back to the 19 fifties which doesnt help matters but to bigger issues created the catch 22 the charles and millions of others are caught in. Its worth noting that, while this example is specific to the irs and the cares act, it could be happening with any agency and any new policy at any time. The first issue is that these systems were built for a time when people didnt use computers from home. They are built for phone, mail, facts or in person contact. The second issue is that when government implements a policy, that policy implicitly relies on existing ip to be delivered. But the policy creation process doesnt take delivery into account. Congress is used to enacting policy and having it then be a reality. In todays world, there is an entire Technology Component that must be put into place in order to make policy a reality. For Something Like the cares act, that money doesnt exist for the people who need it until they are able to successfully file for and receive it. This means that policy makers need to think through they need to think about things like how people will apply for this . What systems will just rely on and what are the status of the systems . How will people track the progress of their applications, just as they can track a package that they ordered online . This transparency into government processes is essential. Thinking about deliberate means thinking about all the different types of people who might file for something, thinking about how they might file and what might go wrong. Businesses would not survive without thinking this through, yet it mostly doesnt happen in federal i. T. Projects. So what is the solution . First, there needs to be a modern Technology Workforce inside the government and this starts from the top there must be a very senior person at each federal agency who has a background in technology, who can bring that experience to bear on policy decisions second, all policy decisions must include a tested delivery plan. That should start here in congress finally, i want to touch on cost savings. When ip fails, it is expensive. We see cost overruns into the billions of dollars. Bringing senior tech talent inhouse while potentially expensive as a line item, would likely lead to tremendous cost savings as there would be people who could advocate for building the right thing, the right way, the first time. There would be no need to patch unforeseen holes quickly as the irs was forced to do with the cares act. Government would get it right, save money and serve the people the way it was intended. Thank you miss shank. Thank you. I would note before calling on miss norton, if you look at the fitara scorecard miss schank, you will see one of the category four scoring is the empowerment of a cio to make decisions at the top and to make sure that that person reports to the boss. So that we are empowering it and investing it with authority as well as responsibility. We also, as part of fitara when we actually wrote the bill, were focused on the last point you made about bed projects, or projects that go bad. Being able to pull the plug quickly so we minimize the fiscal damage. And again, fitara encourages that and authorizes that. Miss norton, are you with us . Congresswoman Eleanor Holmes norton are you with us . Can you hear me now . Yes we can thank you. All right. There you are. The first thing i want to do is to thank you for this hearing. Its very important hearing. You and i both represent many federal employees so it is of special concern to us both. I do want to note that ive been concerned with the federal workforce for sometime and have a bill aimed at recruiting new federal workers. I was astounded to find out that essentially only 20 of federal i. T. Workers are under the age of 40, which meant we were just losing out and losing all opportunities. And mister chairman, i do want to say that i did get back a thoughtful letter from director dale kavenous indicating some of the things that the federal government has been doing in order to try and help the federal i. T. Workforce enter into the 21st century. Mrs. Schank, this failure, i want to focus on this really abject failure to modernize i tee in the federal sector. Whether that is simply resistance or failure to just keep up. Mrs. Schank . The question is. Miss schank, im sorry. Its okay. To what degree the lack of modernization due to resistance versus just lagging behind . Yes. Active resistance as opposed to inhibitions on the agencies to move ahead. I dont think that it is resistance so much as just not having a clear way forward. A lot of agencies have yet to see that the policies reliant on delivery and delivery is reliant upon i. T. Systems. So, because that connection hasnt been made, there is sort of a lack of, i think interest, or understanding the importance of why you would want to bring people in to create a modern tech workforce or why that is relevant to the agencys mission. This is a question for any of you. Mr. Okeefe, ill start with you. Have funds been at the bottom of this . If we had somehow come forward with an appropriation, would that be an up to get the attention of those in federal agencies or is it other kinds of resistance . Thank you. I think funding is definitely a factor. I talked about requirement to fund the pmf as part of angie tea and bring that together with fitara. I do feel like the biggest challenge overall, i dont think its an active resistance issue to your previous question. Its the complexity of what is going on. It isnt acronym soup and a compliance culture. So how do we simplify and provide Greater Transparency in order to move forward . I think those are the questions. My problem with these workers whove been in the government for a long time, do you think that we need to do retraining . There are statistics showing that young people dont even want to come into the i. T. Workforce of the federal government. Is that the problem or is it a retraining problem . I think its a problem on multiple fronts. Yes, absolutely, training is very important. I dont know that the federal government, of late, has been a particularly attractive employer for young people now with the pandemic and the downturn in the economy, we will probably see government jobs being more interesting. I must say that this recruitment notion, and i do say that they do recruit, i think there is a major issue of how you make the federal government jazzy an off so that these young i. T. Professionals want to come in. Mr. Cornelius. Im afraid the ladies time has expired. I thank you very much mister chairman. Thank you miss norton. Mr. Hice, you are recognized for five minutes. Thank you mister chairman. Mister cornelius, as i understand it, one of the reasons federal agencies does not readily purchase off the shelf items is because theres no incentive to prioritize those types of technologies over developed inhouse technologies. From that mentality, what kind of policy solutions do you think need that ought to be proposed in order to remedy that problem . Thank you, congressman. So there is a couple of things there. I think both congresswoman nortons question and yours sort of dovetailed together. Part of this is incentives and part of it is and understanding. So the workforce that we should care about inside government is not just the i. T. Workforce when it comes to modernization, everyone is an i. T. Worker in government. Everyone uses and Leverages Technology to deliver the programs, the products, the services they are there to deliver. Therefore, we have to make sure that everyone has a relevant understanding of what is happening in the Technology Market, so that when we do actually go out and try to procure the vast majority of the technology that is used in government, that the procurement executive, the technology executive, the finance executive, the hr executive, they all understand why the technology is important to them. So understanding and creating a better sort of policy and understanding around how fast and how uptodate the Technology Market is driving, that will create a better understanding so that when agencies are trying to retire old bespoke systems or simply just acquire and use new technologies to pilot them and to try to scale them in government, that they actually understand what is happening in this dish industry so they can leverage it more effectively. Okay. Mr. Bitko, let me go to you right along this same train of thought here during your time as the ceo of the fbi. Fbi, what were some of your experiences to procure commercial i. T. Solutions. And along those lines to what extent were there incentives to purchase commercial . Congressman, thank you for the question. There definitely are incentives for the i. T. Individuals to procure commercial products but as mr. Cornelius said the issue is everybody is an i. T. Workers and the mission users of those systems, they know what they want. What they frequently want is not the commercial product but something customized in some way. The result when that happens is you take a lot of time taking the commercial product and customizing it into something that becomes a legacy product thats difficult to maintain and support. I have a quick example that highlights that. For the fbi, the time and attendance system, you would think thats a Standard Commercial product, that everybody tracks time and attendance in the government and wants to know how long everybody works. The fbi had customized the time and attendance process over the years for a variety of reasons. Some according to congress or internal management. But to the degree that the commercial product was no longer in sync with the customized version the fbi was using and result of that unfortunately is every time the vendor updated the commercial product it was many months of work, years of work to back fit those upgrades. The version the fbi was using in ways that would prevent it from catastrophically failing. So the crazy thing out of all that, the fbi time and attendance system still runs on a Restricted Network thats not accessible when youre out of the office. If you wanted to record time and attendance, you had to physically be in an fbi location to do that. So its the disconnect, sir, is between the incentive to leverage and buy commercial product and all the business users, the mission users who have their own needs and figuring out how you balance cost and benefits between changing internal process so you can use the standard product versus adopting it in order to meet some unique need or mission. Sounds like we are masters at complicating the issue, the bottom line. It doesnt need to be that way. Mr. Cornelius, i want to come back to you with this but i would ask all of our witnesses if you could respond in writing to this question because id be interested in hearing from all of you. What changes would you make to the structure and process for awarding project funds from the tmf . Theres a couple of things. Given the current amount of appropriations, which is somewhere short of 150 million, which is all its gotten over the past three years, the best we can do is make small bore project delivery decisions. So the board has, from my time at omb, we had more than 50 projects that were submitted costing i think more than about 600 million and we only had 150 million with which to try and dole out to that. In doing that, you can only support agency specific projects. I think the model needs to be flipped on its head. First, i think congress, including former Ranking Member meadows, who was a big fan of the tmf now, current chief of staff, should be pushing to make sure a billion dollars in tmf funding in next phase 4, omb and gma looking across the federal enterprise to figure out where those investments should best be, whether individual agency or hopefully multiagency programs and process improvements and digital capabilities that agencies are learning about right now in the midst of the pandemic. I think if they had more money, plus if they loud for individual Agency Projects while also sort of looking across the federal enterprise to make enterprise investments, that could lead to tremendous benefits now to fight covid19 as well as into the future and retiresome of these legacies. Would my friend allow me to add to the point youre making . Yes, please. You call for a billion dollars in the tmf, Technology Management fund, which is, in fact, provided in the h. E. R. O. E. S. Act pending senate action. I think you would agree, and my friend would also agree, that 25 million appropriated in the last appropriation is simply, you know, meaningless. Congressman, it is wildly inappropriate. I spent the last several years at omb working with the budget process and appropriators not to talk about the value of tmf but find ways to do it. Frankly outside of an emergency situation like this, where congress can go above and beyond the 302b allocations they have on normal fy appropriations cycle, youre never going to get that amount of investmentness omg and gsa agencies can really start to transform the government. Thank you. I took some of my friends time. Thank you, mr. Chairman. Just by way of reminder, i would like to hear from the other witnesses on this to get their answer as well. Certainly. Thank you. Mrs. Schank or mr. Okeefe, do you wish to comment . Mr. Okeefe . I think the gentleman covered it down pretty well. Last time i testified on modernization ga told us 777 supply chain systems and 622 hr systems in the federal government. That was 10 years ago. I would guess there are probably more than that. So its this ability to build that mr. Bitko talked about, which i think is the real enemy, customization. Thank you. Miss schank, did you wish to comment . Yes. Yes. So the customization piece, we are working with slightly outdated view of how tech gets built. It used to be people would buy something and do a lot of customization. The example with the fbi system, that sounds to me like that was a really old system that was customized and updated repeatedly. Im guessing. That sounds like a decades old system. I think that modern technology is a lot more flexible. Of course there will always be some degree of customization. No technologist would start a product without thinking about what first exists in the marketplace. Thats how you do it. Nobody is sitting there thinking, oh, boy, i want to build something from scratch because its fun. People will definitely look and see whats out there first. Thank you. I will say this. The fbi example is one i happen to know about wearing a different hat. I can tell you part of the problem was the fbi. They kept on changing the scope of work. They kept on adding to it. They didnt have experts who understood the limits and expansive potential of technology. As a result they absolutely designed something that couldnt work, that would never work because they really didnt understand how to create the terms of reference for a real contract that could provide a real product that worked. So part of that problem is internal expertise in our federal agencies and even understanding the scope of their own needs. And having translation between the highly technical and operative at laymans level with the federal government. Especially as miss norton pointed out, as our workforce ages and is less technologically savvy than the generations succeeding us, that gap grows. Anyway, let me see. Mr. Lynch, are you with us, steve lynch. Mr. Lynch. Is mr. Massey coming back . No. Mr. Gruthman, is he coming back . Miss plaskett, are you with us . Yes, i am. Great. You are recognized for five minutes. Thank you very much, mr. Chairman, and thank you to all of the witnesses who are testifying today. I have just a comment and then a couple of questions quickly. On march 16th the office of Personnel Management directed agencies to maximize use of telework in response to the coronavirus pandemic. Telework proved critical to ensure continuance of Government Operations during the pandemic. Nonetheless, the rapid shift to Remote Working exposed agencies to increase cybersecurity threats. So prior to the coronavirus pandemic, the fbi received about 1,000 cybersecurity complaints a day. That number has since jumped to between 3,000 and 4,000 complaints per day. The Pandemic Response Accountability Committee reported that since the pandemic hit, inspectors general have reported increased risk of Data Security breaches, disclosures of classified information and targeted Cyber Attacks and fraud schemes. So wanted to ask miss schank, how has outdated federal i. T. Exposed agencies to unique cybersecurity threats during the pandemic . So i will preface this by saying i am not a cybersecurity expert. However, the combination of people working remotely and legacy i. T. , it does not surprise me that there have been that cybersecurity has been an issue. And i its really not my area, so i will stop. Okay. Do any of the witnesses have any comments or questions on how the outdated i. T. Exposes agencies during this time to cybersecurity threats . If not, mr. Bitko, before joining iti, you served as chief Information Officer at the fbi. At a high level, what cybersecurity vulnerabilities and federal i. T. Systems did you detect . Congresswoman, thank you for the question. I will Rapid Response to your question as well. An obvious connection there between them. Im also going to caveat by saying as cio, my responsibilities were not in the fbis Cyber Mission but in the management of the fbis own internal i. T. Resources. Nevertheless, just the nature of the organization and executive within the agency, theres certainly numerous opportunities to be exposed and work closely with cyber investigative programs while i was at the fbi. The range of Cyber Incidents that are detected are too many to count. There are adversaries out there who will seek any opportunity they can to take advantage of weaknesses and systems. Legacy systems are a very core part of that. Both internally within the federal government, the opm breach is a really good example of legacy systems that were vulnerable since they were so dated monitoring them were difficult and wasnt done at the level it should be. You can translate that to a lot of vulnerabilities that the fbi saw at state or local governments subjected to ransomware attacks. Many attacks werent because there werent solution to mitigate those things but those locations, localityies running outdated systems, hadnt been patched, cyber resources and the result was they were compromised. I think when you translate that to now, the pandemic, its exactly the same but magnified. An opportunity for adversaries seeing a more distributive workforce leveraging all sorts of their own personal technologies and other ways to connect back to federal Information Technology systems and that presents an opportunity. The need to telework is clear, theres no doubt. But a lot of the security systems, Operation Centers designed to monitor and collect the data, they werent built with the idea in mind that the workforce is going to be 20 or 30 or 100,000 agency users working from their home on the home computer and telecomputing over vpn or over virtual desktop. I think there is a real vulnerability there and we as a Public Sector are not monitoring at anywhere near the same degree we should. Thats an additional complicating factor that makes the risk higher. Miss plaskett, i wonder if you would have mr. Cornelius respond to that as well, if thats all right. Sure. Uhhuh. Thank you, chairman and thank you, congresswoman. I think what has come out of the Covid Response and the sort of maximum telework posture, agencies already expanding the use of telework within their agencies already had a workforce that was trained and capable of using these commercial technologies and these distributed technologies, like mr. Bitko said working through vpns, virtual desk tops. Agencies that digitized the workflows, and not just digitize workforce were able to make this happen more effectively. So i think i believe the gao and their detailed response to the initial steps to deal with the Covid Response both highlighted that agencies that were already working to expand telework had a trained workforce that knew how to do this so that they perhaps were able to better understand and spot phishing attempts through networks or try to get them to click on suspicious links or more capable of workarounds to meet their mission but work through Agency Protocols and processes to do this securely and effectively. Thank you. And thank you, miss plaskett. Yes, mr. Chairman, thank you so much for the time. Im just hoping at some point the witnesses can give us not only best practices but how should Congress Structure funding to help the government best modernize i. T. And meet these challenges. But thank you for this great hearing where we can discuss these issues. You make a very great point, congresswoman plaskett. I would just say i would hope that as part of the post pandemic assessment, we look at what did not work well and what did work well within the i. T. Context to your point. If we dont take away the relevant lessons, were going to repeat the mistakes. I have Success Stories as well. I think youre absolutely onto that and id be glad to work with you in perhaps talking to the gao to get ready for that kind of analysis. I assume mr. Hice, you would join us in a bipartisan way. Thank you. Youre recognized five minutes. Id like to make a suggestion. I love this hearing. There was a little disagreement at the beginning about the mask policy. I think as long as ive been alive ive never been around a topic in which the experts so consistently get things wrong. I keep getting emails from different constituents saying why do i have to wear a mask. While its true you find experts who find its good were wearing a mask. There are experts out there that think we shouldnt wear a mask. Im going to suggest we have a subcommittee hearing on masks. Its certainly a hot topic back home. Nobody back home asks me about i. T. And the government, they all ask about masks. Its good for ratings. You intrigue me. I would say to my friend, we could put it in the broader context of, you know, experts. Experts on both sides. Right. That might be a worthy hearing. Well file that away. Thank you. Now back to the topic at hand. This will be there for mr. Cornelius or mr. Bitko. The Technology Management fund was intended to provide agencies with access to funding that was not bound by the annual appropriation process. Can you describe why funding i. T. Modernization projects should not be bound by single year increments . Thank you, congressman. Its a great question. So most of the times we talk about retiring a legacy system it means its a system thats been built over years and years and years with subsequent years of funding and sort of more technology or products glommed on top of it, which means if theres an agency plan to retire that system, the likelihood is that its going to take multiyear funding, funding over multiyears to retire it. The system cant just shut off automatically. So youre going to need consistent funding in the out years to do that. As we know, theres oftentimes disagreements between the executive branch and legislative branch on funding levels and things like that so agencies often at the whim of appropriators and appropriations process to do that. So thats why an investment in Technology Modernization fund, know your dollars and the money is flexible. So if a project is going well, more money can be provided to help accelerate that modernization process and move it through more quickly. If it is going poorly, the tmf board can help course correct or help that agency remediate some problems or discontinue the project all together so that its not a project where the agency is committed to years and years and years of a contract when they already know the project is failing. Okay, thanks. Ill give you kind of a followup question, and miss schank wants to weigh in, too. As more americans want to interact and receive critical information, understand the customer i. T. Experience will be critical. What challenges do agencies face when they try to improve the design aspects of their systems . Im happy to let miss schank go first or ill go. Miss schank. Thank you. One of the huge barriers for agencies as they try to bring in Customer Experience into their systems is that theres lack of feedback loops that are currently in place. So traditionally when you look to incorporate user research, you have theres an easy methodology, an easy way to do that. A lot of agencies arent collecting User Feedback on specific pieces of how a certain agencies is filling its mission and in a meaningful way that plugs into the design of the system. Does that make sense . Yeah. Do you want to follow up, mr. Cornelius . Congressman, i think, again, it goes back to that issue i raised in my Opening Statement about the legacy being a cultural problem. The dollars that any federal agency is using to spend on Technology Supports a system and a program that is there to serve the public. So the first issue before any Agency Thinks about a Technology System or a program is sort of how is the execution of that program and the Underlying Technology that makes it happen, how do we know thats going to benefit the citizens whose taxpayer dollars are the ones funding it. I think if agencies can start with citizens are not just there to allow the government to execute on a mission but the citizens are the recipients of that mission and they should be provided those benefits and services effectively the same way they get on their iphone orwith Package Delivery or anything else. I think that mindset of putting the citizen, putting the customers first would help sort of alleviate some of these bottlenecks we get where agencies are designing systems for themselves and not for the end user. Thank you. Thank you. Mr. Raskin, you are recognized for five minutes. Thank you very much, mr. Chairman. Quick point on the subcommittee health protocols. If there are members, as the Ranking Member suggested, but if there are members who are not coming in because they so resent the rule that weve adopted based on the capital physicians advice, there are also members like me who are here, in washington, at the capital and im in my office simply because i just i cant subject people in my family to the risk of having members not Wearing Masks for whatever reason they might have. I also think we should not be party to confusion and disinformation about masks. Im not seeing any dispute at all from the expert medical authorities that we follow, the center for Disease Control is recommending cloth masks for everybody who is in public, in public spaces, as well as social distancing. The World Health Organization is recommending masks. If you look at countries that have actually brought the virus under control, like in europe, the masks have been central. It has been the president s dereliction of duty in sending all kinds of mixed messages about masks that made us number one in case count and number one in death count around the world. So theres really no confusion about this, and we should not be spreading confusion. Now, mr. Chairman, as to the matter at hand, obsolete i. T. Systems created a lot of headaches for our constituents seeking Unemployment Benefits and stimulus checks. At our hearing last month we found our government didnt shut down during the pandemic, it ramped up to deliver new and existing Services Amid these extraordinary challenges. At many agencies that had modernized before federal workers could continue operations and serve constituents effectively because their update systems allowed for remote work. Not so for a lot of other agencies. Weve been arguing for decades in the subcommittee that telework is important, and now the pandemic has forced government administrators to take remote work seriously. Some were ready, and others were not. We know the gsa was the federal governments biggest adopter of telework and that that made it well equipped to continue its work during the pandemic. But many agencies failed to invest in i. T. And deferred digitizing. And now theyre calling back employees, putting the health and safety of these workers in danger because their leaders had failed to prioritize i. T. The irs asked staff to return to perform tasks that could be digitized, automated, or performed remotely, like answering phones or processing mail. Mr. Okeefe, your Company Conducted interviews with many of the cios on their experience in modernizing i. T. And transitioning to telework in the pandemic. What were some of the Lessons Learned and best practices that emerged from this study . So, the cios across the board lauded telework. I think its going to be very difficult to put the genie back in the bottle on telework, and i think, as mr. Cornelius mentioned earlier, the idea of practicing telework before the pandemic struck those agencies that had practiced and had systems in place were a lot more successful. And those that went forward in terms of Cloud Computing also found their ability to telework and to be more agile, to be more customercentric significantly enhanced. Thank you. We also have feds who work with technology out in the field. There are those who inspect mine safety, who inspect poultry, who audit agency operations. And these employees rely on tech as well. Mr. Bitko, when you were at the cia, you had to manage a lot of agents out in the field. How would you make sure today that your workforce could continue operations during a Global Pandemic . Thank you for the question, congressman. Theres no doubt that telework is essential to enabling that. It really comes back to, again, point that mr. Cornelius was making, the agency needs to be planning for this sort of environment and Building Technology that enables it, that enables, in the case of the fbi agents who are sitting out there in the field, to do their work. And one of our goals was to go even beyond that, not just in field offices, because they all have good connections, of course, but agents, their livelihood is out in the world talking to people. Yeah. And the more technology we can give them to actually be effective while theyre doing that, the more effective they can be. So, i think its the Agency Cultural change to that mindset of using technology. Ms. Shank, how can the federal government do a better job ensuring continuity of operations during moments of National Crisis that require a Rapid Response . What we will potentially see again is what happens after decades of neglect and what that looks like to us is that the technology is outdated. But if you dig into why the technology is outdated, what you come up with is that the federal government is short on internal Technology Teams and long on massive vendor contracts, which is not to say that building an internal agency team means an end to vendor contracts, but an internal agency team is certainly something that would be a lot more flexible and able to build a modern tech stack. Thank you. Thank you very much, mr. Chair. I yield back. Thank you so much, mr. Raskin mr. Raskin. Mr. Norman, youre recognized for five minutes. Mr. Cornelius, you mentioned in your Opening Statement technical debt. And you said it leads to waste wasteful spending and outdated i. T. Can you define exactly what that is . I think the easiest definition is technical debt is the continuance of old and Outdated Technology inside agencies or that agencies are reliant upon that is not modern and sort of updated to commercial best practices. So agencies being reliant on old processes and old software or old systems to do things where modern, commercial sort of analogous practices and capabilities are already available and are already widely adopted by citizens and companies. Could be a generational thing, too, couldnt it . I do think that a lot of the Old Technology again, theres something i always bring up is everything is abnormal until its normal. And i think covid is sort of a tremendous example. No one would be in here Wearing Masks and sitting this far apart under a normal hearing, and i think thats the same thing for other agencies. To the chairmans point, theres going to be so many agencies and people within agencies that are going to realize that they could have already done so much more and were so capable already because of the response that theyve done due to distributed telework and the cares act and Everything Else. So, again, its not just generational, but its also sort of habitual. Its people are comfortable with what theyre comfortable with and theyll use old, clunky systems if thats all they know how to do, rather than try to pick up and leverage the newest sort of wizbang technology. Would my friend yield for just a second . Ill give him yes, sir. Because i think youre making a really good point. Its also the cost. Yeah. The cost of retiring a legacy system can be in the billions of dollars and take multiple years, and youve got to retrain everybody. And its just easier sometimes to decide, lets put that off this year. And that keeps on going. And i think thats a real factor in managements decision to defer these kinds of things. And suddenly, theyll wake up and realize theyre 30 years late. Thank you for yielding. Yes, sir, mr. Chairman. And i agree, because you know, i dont know how you get that, particularly with the older generation, how you get that sunk into the heads that this pays off, its keeping up with the times, and if you dont do that, then youre jeopardizing the whole system. Mr. Cornelius, this is for you, too. The gao found that many of the federal i. T. Investments have suffered from a lack of effective project management. In the private sector, you can take care of that. If you get ineffective project management, you deal with it. Either you make it effective or you get rid of that person or groups so that its effective. Whats your opinion on the best way to tackle this and to get the Problem Solved . And define from where you sit, whats your opinion of that statement is. Thank you, congressman. So, i think its a multifaceted answer and i wont try to talk too long because i know you probably have a couple questions. Its a couple things. First, the Workforce Needs to be well trained and well equipped to know how to manage effectively. Project management, just like i. T. , like hr, acquisition, theyre not just the other persons job that you work with that are in an office. Theyre how you go about managing your daytoday and how you go about executing your mission. A lot of another thing i found when i was in government is a lot of the project management, as i think you defined it in the private sector, is outsourced to a lot of these vendors who will come in and say that, you know, i will build you whatever you want built and then i will manage it however long you want me to manage it and update it, and all you have to do is just make sure we are hitting some milestones or metrics you put out there. And that is certainly a way of doing business, but i dont think that is the most effective i dont think anyone in the private sector would do it that way, and i think miss shank referenced the fact that folks at the Digital Service and others come in with that mindset and provide some good examples and opportunities for agencies to change. Theyre not there to change it for them, but theyre there to show them theres a different way to Leverage New Technology and be more effective and manage projects to get lower costs and Better Outcomes. And i think to the extent we can continue proliferate and help all of the federal workforce understand that and be trained effectively would lead to a lot Better Outcomes in both the use and management of technology. And the bottom line is results. You get results. Yep. And it dovetails in with the technical debt you were talking about. Absolutely. Like i said when mr. Grothman was asking his questions, we have to treat the american taxpayers like customers, because thats what they are. They were reliant on government benefits and services, but they should also be treated as recipients and as people that agencies are there to serve and agencies arent there to just sort of manage their own operations as they see fit. Thank you. Im out of time. I yield back. Thank you. Thank you, mr. Norman. The gentleman from california, mr. Comer, is recognized for five minutes. Thank you, mr. Chairman. And thank you for your continued leadership. I have a bill, hr5901, which met lira hemmed us with and the senator of portland to codify the centers of excellence at gsa. Weve heard from testimony that theyll provide services to agencies to improve federal i. T. Across the executive branch. Mr. Cornelius, what role do you see these centers of excellence playing in help speeding up i. T. Modernization throughout the federal government. Thank you, congressman, and thank you for the callout to mr. Lira. I had a great time working with him at the office of management and budget and he was at the white house. I think to the extent that we can make it open and able for new ideas and new technical talent to come into the government to help either individual agencies internally or agencies sort of across the enterprise buy and use commercial technology to achieve mission outcomes, i think that should be celebrated. I think there have been conversations in congress over the years on whether to codify things like the u. S. Digital service or 18f or now the coes. And while i think those are steps in a direction, i also think its a little bit like having your cake before eating your broccoli with your meal. I think you need to focus on getting the entire workforce up to speed and elevating the skills of all the people that are going to be around and are constantly managing these programs. And then we can think about the best way to sort of collect and manage and oversee and appropriate any of these Digital Services teams or other new types of Business Models inside government to drive Better Outcomes. Thank you. Whatever panelists want to speak about that or about the oversight role that congress should play on centers of excellence . Congressman, if i could add in an additional point to that. I think that one of the big challenges with centers of excellence or centralized services being provided are the fisma challenges around reciprocity between different agencies. And if an agency, if one Agency Delivers a service or a center of excellence delivers a service, as long as fisma is making it the responsibility of another agencys cio or Senior Leadership to accept risks, theyre unlikely to feel comfortable just accepting the work of the center of excellence. Theyre going to end up redoing a lot of it themselves. So, i think that is significant friction in the system for the idea of centralized services being provided. And that is something that needs to be looked at. What would you recommend as a solution to that . I think fisma has to be really modernized. I know thats been touched on here a little bit. Fisma is important, no doubt. Information security is essential to all of the work being done. But like were talking about modernizeing legacy systems, security practices need to be modernized as well. And today theres a lot thats done in the individual Agency Interpretations and the individual cios get to make decisions about what levels theyll accept and how theyll do it. I think there has to be rethinking about how to do that, and to provide for some consistency in interpretation of the nis standards and fisma across the board. Otherwise, again, were going to still have these conflicts. Do you or any of the panelists have a view of how are federal agencies when it comes to technology, proficiency, technology use, compared to the rest of the world . Are we one of the worlds leaders . Are we lagging . If i might to go back to the question about coes, one point that i would make one point i would raise is, its inconsistent. So, the agencies that have been through the coe process, one would anticipate that they would do better on the fatara scorecard than the agencies that have not been through the coe process, but that does not seem to be the way that it plays out. So theres kind of a head scratch on the coes. Again, how would we simplify and how would we understand how agencies are actually performing . Well, if you have ideas on how we can strengthen it as we work through this bill, wed obviously welcome that. Yeah. I think on the workforce issue, i think its in pockets, but there is definitely a requirement for training at scale in the federal government. So when we talk about the cyber call on such initiatives, were talking about 10s, 20s, 50s. We need to be talking about 1, 000s. So, how do we create scale for i. T. Workforce training in the federal government . Thats really the big question. Very good point. Let me ask one final question. I had passed last congress the idea act. The president had signed it, 21st century integrated digital experience act. How would rebenefit from agencies fully implementing the i. D. E. A. Act . And do we have any sense of whether its working or not . May i, congressman . Please. So, first off, thank you for your leadership on the i. D. E. A. Act. Its an incredibly important piece of legislation and it goes back to questions weve had from majority and the minority on sort of how we make Digital Services, information, websites more accessible, usable, and easier to understand for the public. And i think ms. Schanks Opening Statement, when she told that very heartwrenching story of the lady who could not actually apply for benefits, its case in point for why the i. D. E. A. Act is important and i would hope that my former colleagues hurry up and get the i. D. E. A. Guidance out there. A lot of colleagues are waiting on the office of management and budget to push them in the right direction and point them where they should go, and i think that bill gave a lot of deference when it came to guidance on the i. D. E. A. Act. But i would say at least from an industry perspective, no company that is worth its salt would be up and running if it was not able to easily and effectively convey what its mission is and what its services are to potential customers. And so, i think, i agree with you that we should continue leveraging the i. D. E. A. Act. And frankly, i think thats one of the recommendations that my organization has made to congressman connolly and his staff on sort of modernization of the fitara scorecard. Thank you. And thank you, mr. Khanna. We will continue working with you on the modernization. Its not set in stone. We just want to make sure we get the basics right before we start branching out. Gentleman from kentucky, mr. Comer is recognized for five minutes. And congratulations on your selection as our new full committee Ranking Member. We welcome you. Thank you very much. I appreciate that. Look forward to working with you in the future. Mr. Cornelius, the modernizing Government Technology act and associated Technology Modernization fund have been important steps forward, but the task of modernizing federal i. T. Systems is truly massive. Its my understanding that these take a very long time, are extremely complicated, and certainly, cost a lot of money. Theyre similar to Infrastructure Projects like roads and bridges. Should we look at them in a similar manner, as Infrastructure Projects, that is, multiyear appropriations . Absolutely. And chairman connolly actually took my compliment away from me. I was going to congratulate you on also becoming the Ranking Member to the full committee. Thank you. But you know, im sure theres plenty of compliments to go around. Absolutely is the simple answer to your question. Most of the money so, not all costs that go into the 90 billionplus in federal i. T. Every year is the same. About 80 about 75, 76 billion of that is just keeping the lights on, is all the dollars keeping the system afloat and theres little there for development, modernization and enhancement. So, i think while the Technology Modernization fund is incredibly effective, and what has happened on fatara has been impactful when it comes to elevating the cio and giving them authority, if most of the money is appropriated to individual programs or individual offices within agencies and they come up with their own decisions, and its just a sort of thumbs upthumbs down from a cio, its very hard for them to really look at things across the enterprise and look at things from a multiyear perspective. So, to the extent that we can rightsize federal i. T. Spending within agencies and make those monies, perhaps multiyear or severalyear dollars, i think theres a trade agencies would make in getting more flexibility for the money and allowing congress and omb to have stronger oversight of that spending. So, if were going to acquire agencies to reimburse the tmf, whats a more realistic time frame than three years . On the reimbursement. Well, i think on the reimbursement so, especially as part of the 1 billion that i think mr. Bitko and i have both joined a letter in supporting, i think repayment when it comes to covidrelated issues, perhaps, should be looked at as sort of being done away with. If agencies are really trying to move fast to deal with covid, they have to leverage the team left to do it. If congress doesnt give more for individual agencies like in the cares act, lets think of ways for projects that are relevant to covid19 to make that happen. But i think broadly speaking, a lot of the agencies, at least the projects that were funded during nye time at omb, most of those were already well on their way to success, well on their way to repayment. So, i think the model works, but were also operating in a very different time frame and a very different environment, especially in the middle of covid. So i do think there are changes both congress should be looking at as well as omb and gsa should be looking at to improve the way that fund is leverages and the fact that it provides. Finally, how good a job are we doing at measuring what the associated savings from these projects are . Its a very difficult question, congressman. Right. So, not a very good job . I would think that i would think that theres a place if youre looking at Agency Legacy modernization plans and i think gao talked about that in their report its not just the plan thats important, its the Agency Budget relates that goes into that plan, its the appropriations provided to that plan, and then its the outcomes and then performance. So, its not just enough to have a plan. You have to know if theres enough resources coming in. You have to know if the resources that congress provides meet that need. And even if not, how are you using the monies that are provided to actually get performance and outcome . So, i think that Virtuous Cycle between having a plan and being able to fund it, resource it, and acquire commercial Technology Effectively to retire old systems and move to new technologies, i think that thats something that there could be a lot of power in both savings and in performance, which i think are two sides of the same coin. Okay. All right. Would my friend yield . Please, go ahead. Because id like to just add onto that. I mean, i think there are two things here, based on my own experience of 20 years in the private sector. One is, you cant have erratic budgets, right . So, if you do get an agency head who says, im going to make this a priority, and then that agency head discovers in the next budget cycle, his budgets been cut 30 , all of a sudden, that priority collapses. Secondly, though, we need agency heads to show leadership. Its not that different. It is different. But in the private sector, if the ceo says, were going to replace our entire legacy system and youve got two years, mr. Cornelius, to get it done, and if you dont, ill find mr. Comer, hell do it, guess what happens. Resources get marshalled. You know, because people follow the directive of the management. And management has to Pay Attention to it and make sure it is being done. So, its not only money, its also about management will, and leadership, if were ever going to get some of these legacy systems retired. And thank you for yielding. And if you wanted to comment, mr. Cornelius, feel free. Both chairman connolly and Ranking Member comer, that is incredibly well said. It takes and i mentioned this i think in my written statement, my full written statement, not my remarks, which is, it actually takes a commitment from leadership, Agile Acquisition authorities, multiyear funding, strong oversight, and a commitment from the workforce to get this done. And so, i think when you have those five pillars all together and you can look at things over a long period of time, not decades, but hopefully, you know, a few years to move the ball forward, i think thats incredibly effective. And i want to commend a lot of the cios and even agency heads in this administration and in the previous administration, who really understood that technology was the fundamental underpinning of how their Agency Functions and how it delivers services and really made i. T. A priority. So, we have a lot of great leadership in the executive branch and in congress on that point. Thank you. And thank you, mr. Comer, for yielding. Mr. Lynch, i understand that youre back with us. Hello, mr. Chairman. Yes, i am. Great. Youre recognized for five minutes. Welcome. Thank you, mr. Chairman. You know, for the 20 years ive been in congress, i can echo the chairmans concerns as well. Weve been dealing with this issue consistently, year to year, year in and year out. If theres any one area that shows how slow our government responds to reality and technological change, its this issue. And were at a point where we not only need to catch up to and renovate some of the legacy systems, but even some of our systems that have been able to maintain some level of competency are being outpaced now. And i speak specifically to the blockchain network. So, there are a number of applications, i think, of blockchain that could help us enormously. I have a bill right now that was offered several months ago to code the biodefense stockpile on blockchain so it would be trance parent, not an open blockchain, but a closed blockchain, a private blockchain, with government and some of our state partners. But i would just offer it to any of our witnesses, do we have the ability to try to leapfrog some of these legacy systems by adopting the blockchain, you know, a blockchaintype system to replace some of the old, you know, bureaucratic, some of the outdated systems that were using right now . Congressman, theres no doubt that there is the capability in government to deploy sophisticated technologies. It happens across many federal agencies today. I think the question about whether blockchain should be used versus other technologies, it really comes into whats the specific process or problem thats trying to be solved . There are some cases where blockchain might be a really good fit. There could be other areas where thats not necessarily the right thing. I think that its important for, as i. T. Investments are made, for congress and for agencies to be careful about not being too prescriptive, right, because there will be absolutely be times where, yeah, we should use blockchains. But many of these legacy systems that we are struggling with now that exist because there was some prescriptive requirement or some regulatory requirement or an Agency Process that was put in place years ago and that the agency is still complying with. And so, every time we do that, that builds onto the complexity that mr. Okeeffe was talking about before. I think what im saying is we need to find the right balance of encouraging investment in the right technologies in the right cases without being so prescriptive that it limits other opportunities down the road. Congressman, if i may i appreciate that. I was actually speaking to the idea of this, you know, a biodefense stockpile, where you do have 50 state partners. Weve got a menu of items that we believe are necessary, going from, you know, pharmaceuticals to ppe, and its i dont know, i think it just lends itself to that blockchain system where multiple parties would be able to have transparency of what is in the stockpile and whether the federal government and our states are actually prepared. Right now, the Current System is, it lacks all transparency. Theres no accountability, you know. If we use the ethereum network, for example, we can have smart contracts that actually, you know, use the internet of things to actually order ppe as it reaches its expiration date. Those type of innovations that might be helpful in the biodefense stockpile application, i agree with you wholeheartedly that you cant just simply say, okay, use the blockchain for every application and every need, but i just thought that the biodefense stockpile, because it is rather static and welldefined, that it might be one of those functions that would actually help government begin to explore some of the new technologies and actually find Government Applications that could be served by that technology. Mr. Lynch, did you want to invite other members of the panel to respond . Please. Ms. Schank or mr. Okeeffe . Yes, thank you. I want to reframe the conversation just a little bit, because we were talking earlier about the idea that youre tearing down a bridge and building a new bridge when you think about replacing a legacy system, and i think thats not exactly the right metaphor. And so, i just want to put in everybodys minds the way that technology typically is developed today is to build something small and test it, launch it, and then build on that. So, when we were talking previously about these multiyear contracts yes, to replace everything that a legacy system does is likely a multiyear effort, but it could be a couple of months to replace a small piece of that and another couple months to replace the next piece of that. So, i think its very overwhelming to think about taking an entire legacy system offline and replacing it with blockchain. So, i think that it is a little bit easier to think about, what does this thing do and how do we make sure with the Current Technology were doing that to the best of our ability . And the way that the technology that guides that may change change. It likely will change. So, to echo what was just said by a previous speaker about being Technology Agnostic and not too prescriptive. Thank you very much. Thank you very much i yield back. Thank you. Thank you, mr. Lynch. Thank you for joining us today. Chair will now recognize himself for five minutes. Mr. Bitko, could i follow up on something you said about fisma . Let me first of all invite your organization as well as anybody else, to work with us in updating fisma. I completely agree with you. I think the last time we even authorized fisma or went through a reauthorization, i was a freshman, it was ten years ago. And thats an eternity in technology. So, we i would invite you very much to be in touch with our subcommittee in reviewing an update of fisma. I think thats a great idea. Let me ask you, mr. Bitko and you, mr. Cornelius. And the others could comment as well. We had a hearing last week on the solarium cyber commission. And one of its recommendations was, effectively, to create a cyber czar. And while in and of itself, that may be a great idea, i am concerned that we have a okay, now well have a cto, well have a cio, well have an Information Security chief, well have a Science Technology adviser. And now well add a cyber czar. Were trying to, through fitara, evolve into a primus intaparus where theres one cio vested with making these investments and making them work, including making sure theyre cyber secure, and i just wonder if you would have any thoughts or concerns to share with us about that kind of Management Structure . Mr. Bitko, did you want to comment first . Then ill call on mr. Cornelius. Certainly, sir. Thank you for the question. In general, i think we support the idea of a cyber czar. There is, i think, a need for somebody whos providing that coordination. The mission, as i understand the cyber czar, is different from the cio, its different from the chief Information Security officer, and there is a need and a role for all of those. Can i interrupt i think its a question about can i interrupt you, mr. Bitko, though . Please. All right, lets stipulate that makes sense, but would you not agree that the cyber czar cant do a great deal if hes dealing with 40yearold legacy systems . That the upgrades were talking about have to happen to create the predicate of a cybersecure environment. And he or she is not responsible for those investments. The cio is. Theres no doubt that there is a close dependency between the cyber czars piece of the mission that is about cybersecurity and the investment in legacy systems and modernization and the work thats being done at the omb cio level and at the sisa level. Those things all have to work well together. I think youre hitting on a point that, in the private sector, this is an ongoing topic of discussion as well, exactly how all these different entities should be reporting into an organization. The thinking on that continues to change and evolve. And you can look at some organizations today where the enterprise system, for example in many large banks, doesnt report to the cio, but reports directly to the ceo or chief operating officer, recognizing the importance of the Security Mission in and of itself. Even though its not a call center in the same way that other parts of the business might be, its so important to the mission. I think that some of what im saying here is we need to raise the gain of the entire federal government and the knowledge of our Senior Leaders about these technology issues, about cybersecurity issues, across the board. I think that a way to do that is to have there be somebody whos responsible looking across all those things bupt, but another way to do it is to realize the challenge and the mission is so broad here that its more than a oneperson job. Absolutely, some work needs to go into figuring out how all those pieces Work Together or they wont be successful. I certainly agree with you, but when you ask us what could go wrong with that kind of nonhierarchal, overlapping set of responsibilities to something so important, one is somewhat concerned. Its not like its worked well up to now. And adding one person vested with cyber has the risk, knowing the federal government, of creating a new with the best of intentions a new silo. Oh, thats her responsibility, or his responsibility, not mine. And that is of concern. Mr. Cornelius, did you want to respond to that . Thank you, congressman. I generally echo mr. Bitkos comments about the cyber czar. And as i understand the recommendation, one of the responsibilities of the cyber czar would be to help sort of coordinate and understand and oversee budgets for individual federal agencies when it comes to their own cybersecurity posture, but to also do this sort of higherlevel cybersecurity coordination, fbi, sissa, vic, others, and i think coordination across these agencies with what i will call kind of, offense is not the right word, but with sort of outwardfacing responsibilities, versus internal agencyfacing cybersecurity capabilities. I do think stronger coordination there could lead to some Better Outcomes. Yeah, because were so good at coordination with the federal government. Mr. Chairman . Yes, mr. Hice . Quickly, i would like to say of course. I think there are several on our side that would share some concerns. Its certainly an issue that needs discussion. It needs to be worked through. But there are certainly, as well, some very serious concerns. Wed be happy to work with you as we go through this process. And as you know, mr. Hice, i share your concerns. Its not that its a bad idea in and of itself, but how will it work in the context that exists . And we want it to work. We certainly agree, all of us, that cyber is a growing concern. We know there are Cyber Attacks right now as we speak on western institutions that are trying to develop a vaccine, for example. So, we all understand that. The best question is whats the best way to do that . And i want to make it work and i know you do as well, mr. Hice, so those are shared concerns. Let me end, if i may, with one more question put to each of you on the panel. Give us a grade for how well from an i. T. Point of view the federal government has done during this pandemic and economic collapse, and whos your favorite example of either getting it right or kind of not getting it right . Im not trying to flail anybody, but i think Lessons Learned are really important. And i gave some of mine. Etran, sba, some of the irs failures in terms of getting out the direct payment checks. Certainly, at the state level, the collapse of unemployment systems on an i. T. Basis is very painful to watch and experience. Mr. Okeeffe, would you like to start first . Thank you, mr. Chairman. We executed a program called cio crossroads where we interviewed each of the federal cios and asked them for their pandemic experience. And overall, i would give the federal cios an a for effort. Everybody was working around the clock to try and make things happen. At the overall level, suzette kent did a fantastic job bringing the cios together. Were there challenges in many of the legacy systems . Yes. And what we saw was those agencies that have already made the jump to the cloud were much more effective. And agencies like sba, which had challenges, i would applaud the work of maria rote and guy kabbalah over at sba, who in the middle of this storm and there were challenges at sba managed to have the authority to shut down legacy systems and make hard transitions. So, i think overall, the cio called it very well. Agencies had their challenges. And it reinforced their requirement to move to the cloud and also elevates the role of the cio. So we need to double down on fatara. Thank you. Ms. Schank. I was a terrible student, so i dont want to give anyone grades, but i will say that oh, come on. Were about to have a hearing next week where we give every federal agency a grade. You want to cop out . I think that its also an unfair assessment, because you know, when something isnt working well at a baseline level, going back to the bridge example if you have a bridge and it does well with everyday traffic, but then, suddenly, there is ten times the amount of traffic, it in theory should be built to sustain that, but a lot of our tech systems at the federal level are really only and also at the state level are really only keeping up with you know, theyre barely making it through just the everyday. So and the pandemic are tenfold. I will say that the irs after the cares act passed, there was a nonfilers were not able to file. And we actually at new america did work to discover that hole. And as soon as we made that public, the irs did very quickly spin up a tool for nonfilers to be able to file for the stimulus. So, i will give them credit for that, should it have occurred in the first place . No. I think thats yeah. Thank you. Well, if i could just add to your point. I mean, were not trying to lay blame. Lets take irs. Irs had trouble in part because it experienced over a tenyear period a 20 cut in its budget. And it was starved of resources, including i. T. Resources. So, how can one be surprised that when, all of a sudden, we are faced with a pandemic and an economic collapse of almost unprecedented proportions, irs doesnt have the capacity to respond with the elacrity we would like . Thats on us for the resources we deprived it quite consistently over a tenyear period. So, im not trying to give a grade where were going to bring them and flog them before the public. We bear some responsibility, but we need to identify performance. And we can all then argue about, or debate about what contributed to that performance. Mr. Bitko. Did you want to comment on what kind of grade you might give the federal government in terms of response to these twin crises and any candidate you want to praise or maybe highlight in terms of significant concerns or failures . So, i would agree with the a for effort comment from mr. Okeeffe. I think a lot of federal agencies put a lot of hard work in and manage to sustain operations and keep going. And thats, frankly, impressive, and probably better than i would have anticipated at the very beginning of the crisis. I think where the grade is maybe a little bit less good is in the planning that agencies would have been doing beforehand, where the coup planning was based on, you know, post9 11 or even going back to the cold war era, and you need to be out of the immediate d. C. Area, and some agencies have warehouses out in West Virginia or out in virginia, where employees would go work. And that obviously is not a viable situation today, and that highlights that some of those planning processes need to really be rethought. And i think this is a place where agencies and cios need todo a better job of integrating that thinking, and together in understanding that technology is so fundamental to the mission that there are other, better, Different Solutions than having a warehouse out in the middle of nowhere where you cram 1,000 people into it with a bunch of computers. But i do think that agencys figured out how to get past that, and so, that is an impressive recovery. And i will use the opportunity to laud my former agency, who was not an agency that was deposed to telework by any means. The mindset definitely was, youve got to be in the office to do the job. And telework is the exceptional and extreme circumstance. They managed to deploy technologies, leveraging the cloud, leveraging virtual desktops, leveraging modern solutions. And from what i hear from a lot of my former colleagues now, theyre sitting there saying, why are we ever even going to go back into the office . Were working so effectively remotely now, which i think is a great thing. I think it puts a challenge on Government Agencies for longterm strategic planning, when youve had capital budgets based on big facilities at rent for space for the entire workforce. Is that the right model Going Forward . And i think thats something that is a question congress to be asking. You know, do we need to plan for, if the agency has 50,000 employees, 50,000 desks that employees are going to come in and sit at, or can we get by with a lot less than that because weve delivered successful remote work . Good point. And i think at some point, thats going to be a worthy study in terms of permanent, quasipermanent changes postpandemic. And certainly, workplace changes are going to be considerable. And i agree with mr. Okeeffe, telework is actually going to be a permanent part of the future looking forward. Whether it replaces all physical work, thats a different matter. I doubt it. But certainly, its going to be a tool in the kit bag and far more pronounced and commonplace than it has been in the past. Mr. Cornelius, you get the last word on that question. Thank you, congressman. And i will take your bait and say that, i think congress has actually done a pretty good job of dealing with the Covid Response. Thank you very much. This hearing is adjourned. No. But in all seriousness, when this happened, you didnt go and just build new hearing rooms. You used webex, which is a commercial capability to do this. And now youre kind of doing a little bit of both. This is what the hybrid hearings are. But you know, i think that is a very salient point of how you shift from a legacy mindset of, well, we cant meet in person, lets find different ways to meet in person to, weve got this great commercial technology. Maybe we should use that to have hearings and build records and Everything Else. So and to the executive branchs credit, you know, i think of Something Like the paycheck protection program. I mean, sba was responsible for getting more money than was allotted in all direct spending in the american recovery and investment act out themselves in less time than agencies spent those recovery act dollars. So, you know, obviously, doing that is going to cause some complications, but i think sba acquitted themselves quite nicely, and i think its because of tremendous leadership at the top of the agency with both their former and current cio investing in cloud, investing in a lot of these modern commercial capabilities. They were able to do that. And the last point ill make and weve talked about this with this sort of funding and Everything Else is i think congress i think theres a great analogy thats happening right now in the house of representatives. Its my understanding that you all are considering the Great American outdoors act this week. And i think its the perfect analogy to what weve talked about with legacy i. T. I mean, agencies or you know, the National Parks service has spent years being underfunded and could not actually go back and invest in all of the upkeep and maintenance they needed to do on parklands. And now congress has recognized it and said, all right, were going to find a way to make sure that this is funded Going Forward so that you can do that. And i think one, i commend congress on that, and i hope the bill moves forward. And secondly, i Hope Congress takes that same position when it comes to Legacy Technology, and it will be a different challenge and it will be more complicated because it crosses all agencies and its not just about one individual government one Government Program or one agency. But you know, i think the only way that were going to continue to learn from covid and really take the lessons and the good and the bad that are happening right now as we sit here and embrace those challenges, or overcome those challenges and embrace the opportunities that covid has provided, is to ensure that there is enough funding and enough accountability and enough flexibility for agencies to buy and use commercial technology to deliver Better Outcomes for citizens. Thank you. Thank you. And i would just say, one of the questions that did not get asked often enough, quite frankly, in putting together the cares act, or the heroes act, for that matter, is whats the capacity of the recipient agency to be able to do this . You mentioned sba. We changed eligibility. We pumped more money into sba than at least ten years of its budget in less than ten weeks. We wanted them to expand Financial Institutions that could carry those portfolios. We changed, simplified the application. And we were willing to convert it under certain minimum circumstances from loan to grant. Now, whats the capability of reprogramming your system sba, let alone, also monitor this for fraud, for, yes, youre eligible, no, youre not, for determination of amounts, on and on and on . And same thing with Unemployment Insurance. We changed eligibility. We extended the time period. We added 600 a week. That all had to be reprogrammed in 50 individual systems. And then we broadened the eligibility to gig workers, sole proprietors, selfemployed. And, of course, again, the volume was enormous. So you know, we had 47 Million People file for Unemployment Insurance in this time period. And what we found was individual i. T. Systems in the states was simply not capable of handling the volume or reprogramming the eligibility and the terms. And many of them have legacy systems that still use cobalt that go back to the late 1970s. And so, we need to pay more attention to both the federal recipients of federal money and the state recipients if were concerned about efficacy and making sure that were minimizing the pain out there that were trying to address. I. T. Is integral to that. Its not kind of a side show that we can get around to. So, at any rate, i thank all of my panelists. I thank my colleagues for making today possible. And mr. Bitko, dont forget the invitation to talk to us about fisma. Thank you sir. All right. Without objection, all members have within five legislative days which to submit additional questions or written material for the witnesses, through the chair, and well forward those to the witnesses and would ask for their speedy response. And with that, this hearing is adjourned
vimarsana.com © 2020. All Rights Reserved.