Oct. 7, 2020
Ellen M. Lord, Under Secretary Of Defense For
Acquisition And Sustainment; Kevin M. Fahey, Assistant Secretary of
Defense for Acquisition; Stacy A. Cummings, Principal Deputy Assistant
Secretary of Defense for Acquisition
STAFF: All right, good morning, everybody, thank you for joining us here and over the phone.
We have Under Secretary Lord today, we have Assistant Secretary of
Defense for Acquisition Kevin Fahey, and Principal Deputy Assistant
Secretary of Defense for Acquisition Stacy Cummings.
Today, they will discuss the rewrite of the overarching policy on the
Defense Acquisition System, DOD Directive 5000.1, and the significance
of this effort as well as the impact of the Adaptive Acquisition
Framework.
Following some opening remarks from Ms. Lord, they will take some
questions. We ask that you keep your questions within the scope of
today's topic. We do have a hard stop of noon today, so we'll get to as
many questions as possible. If there are any we don't get to, I'm happy
to work over e-mail with you.
With that, I will turn it over to Ms. Lord.
UNDER SECRETARY OF DEFENSE ELLEN M. LORD: Great, thank you, Jessica.
Good morning, ladies and gentlemen, and thank you for joining us both
here in the room and virtually. As many of you know, last month, Deputy
Secretary Norquist signed DOD Directive 5000.01 into effect. It is the
overarching policy that describes the principles governing the Defense
Acquisition System. This completed a comprehensive redesign of the
entire DOD 5000 Series Acquisition Policy.
Today, I would like to discuss the work products we have produced,
why we undertook this effort, and how one of the most transformational
changes to acquisition policy in decades is already enabling the
services and our warfighters.
When I came into this job in 2017, the department was at a strategic
inflection point. A new National Defense Strategy was being developed
that emphasized the need to restore our nation's competitive advantage,
focusing on near-peer competition versus violent extremist
organizations.
We were reorganizing the former AT&L office into A&S and
R&E as mandated by the 2017 NDAA, National Defense Authorization
Act.
Our acquisition system used a one-size-fits-all model for all
acquisition programs, one that focused on a culture of tailoring out and
what acquisition professionals don't have to do. This way of doing
business resulted in a checklist approach that was susceptible to
prescriptive processes and rarely enabled speed.
For 100 of our largest programs at that time, the median duration
from milestone B -- the decision point to enter development of a product
and generally considered the start of a program of record -- to initial
operational capability was nearly eight years. We need to build a more
lethal force and speed delivery of capability to the warfighter. In
other words, DOD acquisition needs to move at the speed of relevance.
I brought 33 years of industry experience into this job, 22 in -- I'm
sorry, 11 in automotive, and 22 years in aerospace and defense. That
experience drives me to constantly consider our continuous improvement
in terms of cost, schedule, and performance.
So coming into the job, I asked myself, "How could we redesign our
defense acquisition system to incorporate the agility and best practices
in industry while also creating a culture that not only facilitates
critical thinking and creative compliance, but actually encourages it." I
was looking for a way to shift our mindset from piecemeal reform in
favor of true overarching innovation.
One of the first individuals I brought in to help tackle this problem
was Ben FitzGerald, a former professional staff member for the Senate
Armed Services Committee and senior fellow at the Center for a New
American Security. Having a broad understanding of the AT&L
reorganization, both from the congressional and department perspectives,
I charged Ben with driving innovation, to deliver capability to our
warfighters faster and cheaper.
With this mission in mind, Ben and his team came up with the idea for
a new acquisition system that afforded program managers flexibility and
empowered common-sense decision-making to accelerate delivery times.
Thus, the foundation was laid for what we now know as the Adaptive
Acquisition Framework, or AAF. From there, Kevin Fahey and Stacy
Cummings, who have joined me here today, came aboard in 2018 and 2019,
respectively, to take the AAF concept to implementation.
A career Defense Acquisition executive, Kevin brought an
institutional knowledge of both the Defense acquisition system and the
program management, or PM, and program executive officer, or PEO
experiences. His insights and lessons learned directly informed how we
could better enable our acquisition professionals to tailor programs and
bridge the gaps between our conceptual design and statutory and
regulatory requirements as policy was streamlined and simplified. He
also drove the idea of tailoring in, versus tailoring out, to force the
acquisition community to think critically and work together to create
the right acquisition strategy.
Similarly, in leading our Acquisition Enablers Office, Stacy and her
team worked tirelessly to detail, document and coordinate, the new
policies to take the effort across the finish line, ensuring a
versatile, scalable, and data-driven solution that would deliver
warfighting capability at the speed of relevance. Stacy brought a depth
of experience from across the interagency, and most recently,
implementing electronic health records at DOD.
Kevin and Stacy leverage the collective experience and expertise of the department.
Throughout the process, I chaired an executive steering committee to
facilitate and drive progress. The service acquisition executives, Bruce
Jette, Hondo Geurts, and Will Roper, have all been outstanding partners
every step of the way. From the collaboration of these colleagues at
the senior defense levels to the skill, initiative and relentless
pursuit of the men and women across the Defense Acquisition Enterprise, I
am grateful to everyone who contributed to making this a reality. It
was truly a team effort. The result is the most transformational change
to acquisition policy in years, perhaps decades, and an effort we expect
to have a long-lasting, positive impact across the department.
The 5000 rewrite decomposed a large policy document into six clear
and separate pathways that make up the AAF, each of which is tailored to
the unique characteristics of the capability being acquired. By design,
these pathway implement the six main tenets of the Defense Acquisition
System to simplify policy, tailor in approaches, empower program
managers, facilitate data-driven analysis, actively manage risk and
emphasize sustainment.
I want everyone to remember that $0.70 to $.80 on the dollar over the
lifecycle of a program is focused on sustainment, so that's where the
big dollars really are. I believe the rewrite puts much more emphasis on
designing for sustainment. We are all in the precipice of a cultural
shift that leadership at all levels must continue to push. Whether
responding to urgent needs or acquiring major capabilities or services,
the AAF affords program managers and their teams multiple ways to field
capability faster, which is what our job is.
We have an interactive version of the AAF available online, and I
encourage you to -- to visit the Defense Acquisition University, DAU
website to explore this great tool. Take, for example, the middle tier
of acquisition pathway. Prior to the development of our MTA pathway,
statute required compliance with added layers of oversight aimed at risk
aversion, often in -- in the form of ensuring items were, quote,
"checked off," unquote, and approved at high levels before proceeding.
As a result, the acquisition system became an impediment rather than an
enabler to deliver capability and outpace the threat.
In order to utilize the MTA authorities Congress gave DOD, I made the
decision to quickly implement an interim policy which ultimately
informed the creation of DODI 5000.80, the permanent MTA policy in place
today that established a dedicated pathway. I wanted to actually
practice using middle-tier acquisition with a minimal viable product in
order to learn.
So using this policy, which was published in 2019, we have 74
programs today using the middle-tier acquisition pathway, including the
Army's Integrated Visual Augmentation System, or IVAS. Use of rapid
prototyping and the new authorities afforded by the MTA pathway allowed
the program to shave significant time from the schedule, streamline
metrics to better inform decisions and reporting, and provide greater
flexibility to manage risk. As a result, IVAS intends to rapidly field
the capability in fiscal year '21 after conducting dozens of hardware
prototype and thousands of software builds through a continuous
iteration with soldiers. This would represent only 34 to 36 months from
program start to fielding capability for the warfighter. The MTA pathway
incentivized powerful behaviors across the acquisition enterprise to
quickly restore the Army's advantage in individual situational
awareness, navigation, communications, and target acquisition.
I'm also pleased to see emerging programs utilizing the flexibility
of the entire AAF. I recently saw a service proposal to begin a program
using the MTA pathway before transitioning into a traditional major
capability pathway. Another program is proposing to use several of the
pathways in combination to facilitate rapid delivery of capability.
While these plans are still into review, I'm excited to see the
acquisition community embracing creative compliance to use these new
tools and authorities while demonstrating critical thinking.
Hybrid approaches like these allow program managers, in partnership
with functional leaders and their decision authority, to start programs
quickly, drive down risk, and solidify detailed requirements and
engineering approaches, while still ensuring the proper level of
analysis, risk management, and oversight.
Similarly, the software pathway, the AAF's newest policy signed just
last week, represents a substantial departure from the department's
usual way of doing business. The Acquisition Enablers Team has worked to
deliver the software policy rapidly, given the interest from the
services and OSD partners. In fact, the team may have set a new
acquisition-policy-conceptualization-to-publication record. It took nine
months to move from an interim to a final policy. This is three months
earlier than promised and one year earlier than congressional
expectations. Technology is accelerating and disrupting business models
and we must adapt accordingly to keep pace and close the knowledge gap.
Given that software is central to every DOD mission and system, we
must acquire and deliver software with greater speed, agility, and
cybersecurity. Stemming from the Defense Science Board and Defense
Innovation Board's software acquisition and practices, or SWAP, study,
the software pathway is designed to enable continuous integration and
delivery of software capabilities.
Recognizing that modern software development is a continuum, from
development to production, and during sustainment the pathway is built
upon commercial principles that enable innovation and swift delivery in
response to conditions of uncertainty, such as rapidly changing user
needs, disruptive technologies, and threats on the battlefield.
By removing procedural bottlenecks and regulatory bureaucracy,
programs are pushed to embrace the goal of delivering capabilities with
much faster cycle times, in one year or less, while emphasizing and
ensuring cybersecurity.
A great example of this is the Air Force's ground-based strategic
deterrent, or GBSD, a critical program requiring uncompromised security,
dependability and 24/7 availability. Coupled with digital engineering
to support unprecedented speed and clarity during industry reviews, the
program is leveraging modern, iterative development practices like Agile
and development security and operations, or DevSecOps, methodologies.
GBSD's DevSecOps enterprise services and infrastructure support
mission requirements while streamlining the acquisition process and have
allowed the program to gain accreditation and begin early development
with industry in less than four months.
The Navy's “Compile to Combat in 24 Hours”, or C2C24, is also
employing DevSecOps and other modern software practices to move towards
rapid capability insertion with speed, scale and rigor. Pilot programs
conducted by the Navy indicate the effort is making progress towards its
goal of deploying new software capabilities to ships afloat in under 24
hours, a game-changing improvement from the typical 18 month timeframe.
In addition to each of the AAF pathways, it's also important to
highlight that the 5000 series redesign includes DOD instructions for
overarching functional areas, such as intellectual -- intellectual
property, product support, and cybersecurity.
Creation of a new DOD instruction for cybersecurity, for example,
will provide the acquisition community consistent guidance to implement
appropriate cyber processes and practices for every acquisition
throughout the supply chain, regardless of which AAF pathway is used.
This new policy, which we expect to be signed out later this month,
ensures cyber hardening is designed in at the beginning of a program and
ties in closely to our cybersecurity maturity model certification, or
CMMC, program.
Similarly, under Bob Behler's leadership, creation of the test and
evaluation instruction is game-changing. It encourages better
coordination and integration between developmental and operational
testing, resulting in cost savings and accelerated test programs.
In conjunction with the AAF pathways, these functional area policies
ensure delivered systems are sustainable, upgradable, affordable,
exportable, and secure throughout the entire life cycle. These
functional area policies are available on our acquisition enablers
website.
So what's next in this acquisition innovation effort? From the onset,
the AAF was designed to be a living document, to provide our defense
acquisition system an adaptable, responsive foundation capable of
satisfying emerging requirements.
We are focused on ensuring we provide the right tools to deliver
end-to-end operation -- operational capability and we are exploring the
creation of additional acquisition pathways to address unique systems.
For example, the department is working with the Space Force to determine
whether there are any tools missing and is committed to developing a
tailored space vehicle pathway if needed.
Additionally, restructuring policy and governance is only one piece
of the puzzle. We continue to drive hard along each of our other
acquisition lines of effort -- contracting at speed of relevance,
strengthening and securing our defense industrial base, and effectively
training our acquisition workforce.
When it comes to our tremendous acquisition professionals, I'd like
to highlight the launching of our back to basics initiative, the first
major reform of the defense acquisition workforce management framework
in nearly three decades.
Like the AAF, we are pivoting from a one size fits all certification
construct to a component and workforce-centric, tailorable, continuous
learning construct. By streamlining the structure of the workforce into
six functional areas, this shift to modern talent management will
empower the workforce for success today and in the future.
In closing, we still have work to do, but I couldn't be more proud of
the momentum we've generated. I want to thank you for the opportunity
to discuss these milestones with you and their impact on the way the
department acquires and delivers capabilities to our warfighters.
With that, Kevin, Stacy and I welcome your questions. Thank you.
STAFF: All right. Let's go to the phones first. Tony Capaccio, Bloomberg?
Q: Hi, Ms. Lord, thanks for the update. I have a question on how the
-- the new acquisition adaptive strategy will apply to the Navy's battle
force 2045 goal that the Secretary laid out yesterday. You know that
the -- the Navy has had a history of cost overruns, delays on all its
major programs for the last 15 years. What tenets of the new strategy
might help break that paradigm of poor performance?
MS. LORD: Let me make just a couple of comments, Tony, and then I'll
turn it over to Kevin and Stacy. I think, as you know, the Navy was a
big part of designing this AAF. They also have many low volume, high
complexity, high cost ships that they develop -- ships and subs. So
we're looking at potential pathways to address these very issues.
What we want to do is make sure that we give the Navy flexibility to
be able to design contracts that incentivize the behavior from our
industry partners that we need to deliver capability rapidly but
compliantly with all of our requirements.
With that, I'll hand over to Kevin and Stacy.
ASSISTANT SECRETARY OF DEFENSE KEVIN M. FAHEY: Yeah, I would add a -- a few things, right?
First and foremost is as part of the -- Ms. Lord's creative
compliance is also focused on basically having acquisition data and
data-informed decisions, right? So part and parcel to everything we're
doing, basically right now on all major acquisition programs we report
to the deputy every month on the status of all of the programs and to
the Secretary every six weeks, right? And so that gives you a real time
data to show where the status of the program is.
In addition to that, to the programs like Columbia, right, that Ms.
Lord is still the milestone decision authority, she has semi-annual
reviews of -- of those programs, which the focus is on data, right? So
Tony, to answer your question, as part of that process we continue to
ask, you know -- we're thinking the adaptive framework really is
adaptive, that you can -- you can tailor it for specific capabilities
you're doing and how do we focus on data-driven decisions so we have the
data.
As you know, all of the decisions we make are focused on when do I
need the data to make the decision I'm making. So we have that construct
around the adaptive framework and we are talking with the -- with the
Navy -- are there things -- because ship building is unique, right? It's
an eight-year development process for an individual boat -- are there
things that aren't covered in the adaptive framework, that we're
continuing to have those dialogues.
STAFF: All right, okay.
Kasim, did you have a question?
Q: Yeah. Thank you very much for this, Ms. -- Ms. Lord.
You have emphasized the National Defense Strategy's importance in
framing this AAF. One of the lines of defense -- the National Defense
Strategy, one of the lines of effort in this strategy document is
partnership -- building partnership and strengthening alliances.
So we have seen that -- Senate reports that some key members of the
Congress, either individually or collectively, have quietly frozen all
major arms sales to Turkey over the course of last two years. Apart from
the F-35 program and the S-400 crisis quagmire, Turkey has been a
longstanding defense partner of the United States.
Have you ever raised this issue with the congressional leaders in that respect and are you concerned about it?
MS. LORD: We constantly talk with Congress about international
relations, whether it be our supply base or exporting, and in fact right
now we have an effort under Secretary Esper that we call defense trade
modernization, where we are trying to, at the outset of programs, design
in exportability and we are also constantly looking at what we can
release in terms of technology.
So we do look at each of the AORs under the COCOMs and we constantly evaluate what we will export and what we won't.
Q: So -- so is it a concern for you that by doing this, the Congress
is somehow pushing a partner away from the United States or not?
MS. LORD: We -- we constantly discuss the pros and cons of a lot of
this. Your specific question is really a little bit more in the policy
realm and I'd defer to my policy colleagues for that. I look at how we
can actually conduct an acquisition process to give our policymakers the
most flexibility possible.
STAFF: All right, back to the phones. Let's go to Jackson of FedScoop.
Q: Hi. Thank you.
I wanted to follow up on the software pathway. Does this have any
changes to the ATO process? And could you enumerate if there was any --
what were the -- kind of the biggest bottlenecks that this rewrite gets
rid of and -- and changes?
Thank you.
MS. LORD: Well, I think for the second part of that -- and I'll
answer it and then I'll hand it over to Kevin and Stacy for any other
comments -- the biggest bottleneck, the biggest challenge with modern
software development is that it's a continuum from development to
production and then sustainment, and it's really a virtuous cycle.
Because of the way we receive our funds, we have very clearly marked
money for each of those three activities. The biggest challenge is to
get a single color of money, if you will, for software so that we can
really do Agile and DevSecOps and keep going. And Congress has really
partnered with us to authorize a number of pathway projects that we are
just getting going on with a single color of money to show how that's an
enabler.
In terms of ATOs, what we're doing is coupling these modern software
development techniques with our migration to the cloud using common
stacks in the cloud, which will do a number of things for us once it
really enables security of the code that we are developing. But by using
those common stacks, we also get automatic authorities to operate.
So all of these things come together, but let me hand over to Stacy.
PRINCIPAL DEPUTY ASSISTANT SECRETARY OF DEFENSE STACY A. CUMMINGS:
Yeah, thank you for that question about the software pathways. So some
of the important aspects of this policy include working very closely
with the user community on an iterative basis, but it also moves to the
left.
So earlier in the program life cycle, building in cybersecurity,
building in developmental and operational tests so that we are
identifying, in the build of our software applications, leveraging
enterprise solutions and ability to more quickly get testing
certification, your authority to operate from a cybersecurity
perspective.
And that's what enables us to deliver capability faster for the first
time to the user, but also to provide updates that are cybersecure in
meeting the exact needs of the user because they're involved up-front.
MR. FAHEY: I would just add, right -- so in addition to what Ms. Lord
said, right, so the software pathway is big on DevSecOps by definition,
DevSecOps -- right? -- has security into the software. So one of the
biggest efforts is how do we do better as both of them said, in
reciprocity when one organization gets an ATO that we can give that to
other programs.
And then a big part of that -- which is another thing that we're
working on the early stages across the department, is the digital
engineering piece, right? Where we have the information -- as Ms. Lord
said -- in the cloud so we have the right data that will allow us to
better get to an ATO as the data's developed, especially in the software
arena.
STAFF: All right, let's get in one more question here.
Sara Friedman from Inside Cybersecurity, did you have one?
Q: Yes. (inaudible) related to cybersecurity framework that you're
going to be putting out with CMMC. Can you provide any detail on how
that will be tied to the CMMC program? And will it be based on the
controls or the maturity levels?
MR. FAHEY: Want me?
Yeah, so yeah, so basically right now -- and there has never been --
there's an instruction that talks about cybersecurity, right? And
basically you probably know the whole background on you know, Cyber
Maturity Model Certification was we realized how critical cybersecurity
is on our programs, in our defense-industrial base, right?
And there was some thought process that basically says, "Oh, we'll
make it a tradeoff between cost, schedule, performance." Our thing was,
"No, cyber's a requirement," right? And that's where the CMMC idea came
up with, the instruction.
It would have been published now, but when the interim rule was
published with the comment period, as we pulled it back, it didn't have
CMMC in there because you can't have it in there until it's a FAR rule.
So when it became an interim rule and out for comment, Ms. Lord said,
"Well, why don't we pull it back and make that part of the plan?"
So right now, that should be in the next 60 days. And as you probably
know, you know, this is a little different. Usually when a FAR rule
goes into effect, every contract thereafter has to be compliant because
we have an implementation plan over the next couple years, working with
industry.
And that's one of the things we're working with the services and with
our industry partners, picking very good pilots or pathfinders that
show how we will flow down. Because part of the instruction explains,
just because your prime contract is level three, it doesn't mean that
your level seven sub-supplier is level three. That you need to flow down
the requirement, and depending on what that company's specifically
doing, it may be a level one.
And so that's part of the training and what that instruction says is
how do you do that critical thinking of security, and how do you
determine what levels as we flow it down.
MS. LORD: I think this is a really good example of the process we've
been using where we get a policy out there and start using it and learn
from it, and then continue to refine it. But again, we're getting a
minimally viable product out there most of the time, and getting the
cycles of learning, and we will continue to improve it and that's what
we're trying to do with the acquisition.
STAFF: All right, we are about out of time, so I wanted to give the team an opportunity to make any closing comments.
Ms. Lord, if you have anything? Or Mr. Fahey?
MS. LORD: I just want to say that I'm incredibly proud of this team,
of the work that Kevin and Stacy have done. Incredibly collaborative,
and I believe we have irreversible momentum here in terms of DOD
acquisition.
Kevin?
MR. FAHEY: Yeah, I would just add the one thing that, you know, we
get asked a lot about is our relationship -- if you look at a lot of
these things, it's with other partners across the Department of Defense.
And with the split of AT&L, the relationships were different. But
if you look at the T&E one, which was usually focused on just
operational tests, is really integration of operation and development,
which is also an R&E thing.
And our relationship with R&E -- because big part of us being
able to go fast is how do you mature technology not only the
technology's mature, but it's focused on the capability that we want to
deliver. And I would tell you, hypersonics is the poster child on how
A&S and R&E's supposed to work, that we're all in that together,
using the pathway. Even in S&T, we're thinking about the
capability, not the technology maturation only.
So I think that's a big part of it, is working with the other
members, you know, the CAPE, the comptroller, they all have been part of
making this a reality.
MS. LORD: Absolutely.
Stacy?
MS. CUMMINGS: The one thing I would say is that the publishing of
these policies does not represent the end of an effort, but the
beginning of an effort. And we are going to continue to work with
program teams, program managers and their teams to look at the policy
we've published, learn from them, and then incorporate improvements that
we hear from the teams around the country, incorporate them in as
lessons learned so that we can make this policy even better and continue
to deliver to the warfighter at the speed of relevance.
STAFF: All right. Thank you, everybody, appreciate your time and we will see you soon. Thank you.