STAFF: All right, good morning, everybody, thank you for joining us here and over the phone.
We have Under Secretary Lord today, we have Assistant Secretary of Defense for Acquisition Kevin Fahey, and Principal Deputy Assistant Secretary of Defense for Acquisition Stacy Cummings.
Today, they will discuss the rewrite of the overarching policy on the Defense Acquisition System, DOD Directive 5000.1, and the significance of this effort as well as the impact of the Adaptive Acquisition Framework.
Following some opening remarks from Ms. Lord, they will take some questions. We ask that you keep your questions within the scope of today's topic. We do have a hard stop of noon today, so we'll get to as many questions as possible. If there are any we don't get to, I'm happy to work over e-mail with you.
With that, I will turn it over to Ms. Lord.
UNDER SECRETARY OF DEFENSE ELLEN M. LORD: Great, thank you, Jessica.
Good morning, ladies and gentlemen, and thank you for joining us both here in the room and virtually. As many of you know, last month, Deputy Secretary Norquist signed DOD Directive 5000.01 into effect. It is the overarching policy that describes the principles governing the Defense Acquisition System. This completed a comprehensive redesign of the entire DOD 5000 Series Acquisition Policy.
Today, I would like to discuss the work products we have produced, why we undertook this effort, and how one of the most transformational changes to acquisition policy in decades is already enabling the services and our warfighters.
When I came into this job in 2017, the department was at a strategic inflection point. A new National Defense Strategy was being developed that emphasized the need to restore our nation's competitive advantage, focusing on near-peer competition versus violent extremist organizations.
We were reorganizing the former AT&L office into A&S and R&E as mandated by the 2017 NDAA, National Defense Authorization Act.
Our acquisition system used a one-size-fits-all model for all acquisition programs, one that focused on a culture of tailoring out and what acquisition professionals don't have to do. This way of doing business resulted in a checklist approach that was susceptible to prescriptive processes and rarely enabled speed.
For 100 of our largest programs at that time, the median duration from milestone B -- the decision point to enter development of a product and generally considered the start of a program of record -- to initial operational capability was nearly eight years. We need to build a more lethal force and speed delivery of capability to the warfighter. In other words, DOD acquisition needs to move at the speed of relevance.
I brought 33 years of industry experience into this job, 22 in -- I'm sorry, 11 in automotive, and 22 years in aerospace and defense. That experience drives me to constantly consider our continuous improvement in terms of cost, schedule, and performance.
So coming into the job, I asked myself, "How could we redesign our defense acquisition system to incorporate the agility and best practices in industry while also creating a culture that not only facilitates critical thinking and creative compliance, but actually encourages it." I was looking for a way to shift our mindset from piecemeal reform in favor of true overarching innovation.
One of the first individuals I brought in to help tackle this problem was Ben FitzGerald, a former professional staff member for the Senate Armed Services Committee and senior fellow at the Center for a New American Security. Having a broad understanding of the AT&L reorganization, both from the congressional and department perspectives, I charged Ben with driving innovation, to deliver capability to our warfighters faster and cheaper.
With this mission in mind, Ben and his team came up with the idea for a new acquisition system that afforded program managers flexibility and empowered common-sense decision-making to accelerate delivery times. Thus, the foundation was laid for what we now know as the Adaptive Acquisition Framework, or AAF. From there, Kevin Fahey and Stacy Cummings, who have joined me here today, came aboard in 2018 and 2019, respectively, to take the AAF concept to implementation.
A career Defense Acquisition executive, Kevin brought an institutional knowledge of both the Defense acquisition system and the program management, or PM, and program executive officer, or PEO experiences. His insights and lessons learned directly informed how we could better enable our acquisition professionals to tailor programs and bridge the gaps between our conceptual design and statutory and regulatory requirements as policy was streamlined and simplified. He also drove the idea of tailoring in, versus tailoring out, to force the acquisition community to think critically and work together to create the right acquisition strategy.
Similarly, in leading our Acquisition Enablers Office, Stacy and her team worked tirelessly to detail, document and coordinate, the new policies to take the effort across the finish line, ensuring a versatile, scalable, and data-driven solution that would deliver warfighting capability at the speed of relevance. Stacy brought a depth of experience from across the interagency, and most recently, implementing electronic health records at DOD.
Kevin and Stacy leverage the collective experience and expertise of the department.
Throughout the process, I chaired an executive steering committee to facilitate and drive progress. The service acquisition executives, Bruce Jette, Hondo Geurts, and Will Roper, have all been outstanding partners every step of the way. From the collaboration of these colleagues at the senior defense levels to the skill, initiative and relentless pursuit of the men and women across the Defense Acquisition Enterprise, I am grateful to everyone who contributed to making this a reality. It was truly a team effort. The result is the most transformational change to acquisition policy in years, perhaps decades, and an effort we expect to have a long-lasting, positive impact across the department.
The 5000 rewrite decomposed a large policy document into six clear and separate pathways that make up the AAF, each of which is tailored to the unique characteristics of the capability being acquired. By design, these pathway implement the six main tenets of the Defense Acquisition System to simplify policy, tailor in approaches, empower program managers, facilitate data-driven analysis, actively manage risk and emphasize sustainment.
I want everyone to remember that $0.70 to $.80 on the dollar over the lifecycle of a program is focused on sustainment, so that's where the big dollars really are. I believe the rewrite puts much more emphasis on designing for sustainment. We are all in the precipice of a cultural shift that leadership at all levels must continue to push. Whether responding to urgent needs or acquiring major capabilities or services, the AAF affords program managers and their teams multiple ways to field capability faster, which is what our job is.
We have an interactive version of the AAF available online, and I encourage you to -- to visit the Defense Acquisition University, DAU website to explore this great tool. Take, for example, the middle tier of acquisition pathway. Prior to the development of our MTA pathway, statute required compliance with added layers of oversight aimed at risk aversion, often in -- in the form of ensuring items were, quote, "checked off," unquote, and approved at high levels before proceeding. As a result, the acquisition system became an impediment rather than an enabler to deliver capability and outpace the threat.
In order to utilize the MTA authorities Congress gave DOD, I made the decision to quickly implement an interim policy which ultimately informed the creation of DODI 5000.80, the permanent MTA policy in place today that established a dedicated pathway. I wanted to actually practice using middle-tier acquisition with a minimal viable product in order to learn.
So using this policy, which was published in 2019, we have 74 programs today using the middle-tier acquisition pathway, including the Army's Integrated Visual Augmentation System, or IVAS. Use of rapid prototyping and the new authorities afforded by the MTA pathway allowed the program to shave significant time from the schedule, streamline metrics to better inform decisions and reporting, and provide greater flexibility to manage risk. As a result, IVAS intends to rapidly field the capability in fiscal year '21 after conducting dozens of hardware prototype and thousands of software builds through a continuous iteration with soldiers. This would represent only 34 to 36 months from program start to fielding capability for the warfighter. The MTA pathway incentivized powerful behaviors across the acquisition enterprise to quickly restore the Army's advantage in individual situational awareness, navigation, communications, and target acquisition.
I'm also pleased to see emerging programs utilizing the flexibility of the entire AAF. I recently saw a service proposal to begin a program using the MTA pathway before transitioning into a traditional major capability pathway. Another program is proposing to use several of the pathways in combination to facilitate rapid delivery of capability. While these plans are still into review, I'm excited to see the acquisition community embracing creative compliance to use these new tools and authorities while demonstrating critical thinking.
Hybrid approaches like these allow program managers, in partnership with functional leaders and their decision authority, to start programs quickly, drive down risk, and solidify detailed requirements and engineering approaches, while still ensuring the proper level of analysis, risk management, and oversight.
Similarly, the software pathway, the AAF's newest policy signed just last week, represents a substantial departure from the department's usual way of doing business. The Acquisition Enablers Team has worked to deliver the software policy rapidly, given the interest from the services and OSD partners. In fact, the team may have set a new acquisition-policy-conceptualization-to-publication record. It took nine months to move from an interim to a final policy. This is three months earlier than promised and one year earlier than congressional expectations. Technology is accelerating and disrupting business models and we must adapt accordingly to keep pace and close the knowledge gap.
Given that software is central to every DOD mission and system, we must acquire and deliver software with greater speed, agility, and cybersecurity. Stemming from the Defense Science Board and Defense Innovation Board's software acquisition and practices, or SWAP, study, the software pathway is designed to enable continuous integration and delivery of software capabilities.
Recognizing that modern software development is a continuum, from development to production, and during sustainment the pathway is built upon commercial principles that enable innovation and swift delivery in response to conditions of uncertainty, such as rapidly changing user needs, disruptive technologies, and threats on the battlefield.
By removing procedural bottlenecks and regulatory bureaucracy, programs are pushed to embrace the goal of delivering capabilities with much faster cycle times, in one year or less, while emphasizing and ensuring cybersecurity.
A great example of this is the Air Force's ground-based strategic deterrent, or GBSD, a critical program requiring uncompromised security, dependability and 24/7 availability. Coupled with digital engineering to support unprecedented speed and clarity during industry reviews, the program is leveraging modern, iterative development practices like Agile and development security and operations, or DevSecOps, methodologies.
GBSD's DevSecOps enterprise services and infrastructure support mission requirements while streamlining the acquisition process and have allowed the program to gain accreditation and begin early development with industry in less than four months.
The Navy's “Compile to Combat in 24 Hours”, or C2C24, is also employing DevSecOps and other modern software practices to move towards rapid capability insertion with speed, scale and rigor. Pilot programs conducted by the Navy indicate the effort is making progress towards its goal of deploying new software capabilities to ships afloat in under 24 hours, a game-changing improvement from the typical 18 month timeframe.
In addition to each of the AAF pathways, it's also important to highlight that the 5000 series redesign includes DOD instructions for overarching functional areas, such as intellectual -- intellectual property, product support, and cybersecurity.
Creation of a new DOD instruction for cybersecurity, for example, will provide the acquisition community consistent guidance to implement appropriate cyber processes and practices for every acquisition throughout the supply chain, regardless of which AAF pathway is used.
This new policy, which we expect to be signed out later this month, ensures cyber hardening is designed in at the beginning of a program and ties in closely to our cybersecurity maturity model certification, or CMMC, program.
Similarly, under Bob Behler's leadership, creation of the test and evaluation instruction is game-changing. It encourages better coordination and integration between developmental and operational testing, resulting in cost savings and accelerated test programs.
In conjunction with the AAF pathways, these functional area policies ensure delivered systems are sustainable, upgradable, affordable, exportable, and secure throughout the entire life cycle. These functional area policies are available on our acquisition enablers website.
So what's next in this acquisition innovation effort? From the onset, the AAF was designed to be a living document, to provide our defense acquisition system an adaptable, responsive foundation capable of satisfying emerging requirements.
We are focused on ensuring we provide the right tools to deliver end-to-end operation -- operational capability and we are exploring the creation of additional acquisition pathways to address unique systems. For example, the department is working with the Space Force to determine whether there are any tools missing and is committed to developing a tailored space vehicle pathway if needed.
Additionally, restructuring policy and governance is only one piece of the puzzle. We continue to drive hard along each of our other acquisition lines of effort -- contracting at speed of relevance, strengthening and securing our defense industrial base, and effectively training our acquisition workforce.
When it comes to our tremendous acquisition professionals, I'd like to highlight the launching of our back to basics initiative, the first major reform of the defense acquisition workforce management framework in nearly three decades.
Like the AAF, we are pivoting from a one size fits all certification construct to a component and workforce-centric, tailorable, continuous learning construct. By streamlining the structure of the workforce into six functional areas, this shift to modern talent management will empower the workforce for success today and in the future.
In closing, we still have work to do, but I couldn't be more proud of the momentum we've generated. I want to thank you for the opportunity to discuss these milestones with you and their impact on the way the department acquires and delivers capabilities to our warfighters.
With that, Kevin, Stacy and I welcome your questions. Thank you.
STAFF: All right. Let's go to the phones first. Tony Capaccio, Bloomberg?
Q: Hi, Ms. Lord, thanks for the update. I have a question on how the -- the new acquisition adaptive strategy will apply to the Navy's battle force 2045 goal that the Secretary laid out yesterday. You know that the -- the Navy has had a history of cost overruns, delays on all its major programs for the last 15 years. What tenets of the new strategy might help break that paradigm of poor performance?
MS. LORD: Let me make just a couple of comments, Tony, and then I'll turn it over to Kevin and Stacy. I think, as you know, the Navy was a big part of designing this AAF. They also have many low volume, high complexity, high cost ships that they develop -- ships and subs. So we're looking at potential pathways to address these very issues.
What we want to do is make sure that we give the Navy flexibility to be able to design contracts that incentivize the behavior from our industry partners that we need to deliver capability rapidly but compliantly with all of our requirements.
With that, I'll hand over to Kevin and Stacy.
ASSISTANT SECRETARY OF DEFENSE KEVIN M. FAHEY: Yeah, I would add a -- a few things, right?
First and foremost is as part of the -- Ms. Lord's creative compliance is also focused on basically having acquisition data and data-informed decisions, right? So part and parcel to everything we're doing, basically right now on all major acquisition programs we report to the deputy every month on the status of all of the programs and to the Secretary every six weeks, right? And so that gives you a real time data to show where the status of the program is.
In addition to that, to the programs like Columbia, right, that Ms. Lord is still the milestone decision authority, she has semi-annual reviews of -- of those programs, which the focus is on data, right? So Tony, to answer your question, as part of that process we continue to ask, you know -- we're thinking the adaptive framework really is adaptive, that you can -- you can tailor it for specific capabilities you're doing and how do we focus on data-driven decisions so we have the data.
As you know, all of the decisions we make are focused on when do I need the data to make the decision I'm making. So we have that construct around the adaptive framework and we are talking with the -- with the Navy -- are there things -- because ship building is unique, right? It's an eight-year development process for an individual boat -- are there things that aren't covered in the adaptive framework, that we're continuing to have those dialogues.
STAFF: All right, okay.
Kasim, did you have a question?
Q: Yeah. Thank you very much for this, Ms. -- Ms. Lord.
You have emphasized the National Defense Strategy's importance in framing this AAF. One of the lines of defense -- the National Defense Strategy, one of the lines of effort in this strategy document is partnership -- building partnership and strengthening alliances.
So we have seen that -- Senate reports that some key members of the Congress, either individually or collectively, have quietly frozen all major arms sales to Turkey over the course of last two years. Apart from the F-35 program and the S-400 crisis quagmire, Turkey has been a longstanding defense partner of the United States.
Have you ever raised this issue with the congressional leaders in that respect and are you concerned about it?
MS. LORD: We constantly talk with Congress about international relations, whether it be our supply base or exporting, and in fact right now we have an effort under Secretary Esper that we call defense trade modernization, where we are trying to, at the outset of programs, design in exportability and we are also constantly looking at what we can release in terms of technology.
So we do look at each of the AORs under the COCOMs and we constantly evaluate what we will export and what we won't.
Q: So -- so is it a concern for you that by doing this, the Congress is somehow pushing a partner away from the United States or not?
MS. LORD: We -- we constantly discuss the pros and cons of a lot of this. Your specific question is really a little bit more in the policy realm and I'd defer to my policy colleagues for that. I look at how we can actually conduct an acquisition process to give our policymakers the most flexibility possible.
STAFF: All right, back to the phones. Let's go to Jackson of FedScoop.
Q: Hi. Thank you.
I wanted to follow up on the software pathway. Does this have any changes to the ATO process? And could you enumerate if there was any -- what were the -- kind of the biggest bottlenecks that this rewrite gets rid of and -- and changes?
Thank you.
MS. LORD: Well, I think for the second part of that -- and I'll answer it and then I'll hand it over to Kevin and Stacy for any other comments -- the biggest bottleneck, the biggest challenge with modern software development is that it's a continuum from development to production and then sustainment, and it's really a virtuous cycle.
Because of the way we receive our funds, we have very clearly marked money for each of those three activities. The biggest challenge is to get a single color of money, if you will, for software so that we can really do Agile and DevSecOps and keep going. And Congress has really partnered with us to authorize a number of pathway projects that we are just getting going on with a single color of money to show how that's an enabler.
In terms of ATOs, what we're doing is coupling these modern software development techniques with our migration to the cloud using common stacks in the cloud, which will do a number of things for us once it really enables security of the code that we are developing. But by using those common stacks, we also get automatic authorities to operate.
So all of these things come together, but let me hand over to Stacy.
PRINCIPAL DEPUTY ASSISTANT SECRETARY OF DEFENSE STACY A. CUMMINGS: Yeah, thank you for that question about the software pathways. So some of the important aspects of this policy include working very closely with the user community on an iterative basis, but it also moves to the left.
So earlier in the program life cycle, building in cybersecurity, building in developmental and operational tests so that we are identifying, in the build of our software applications, leveraging enterprise solutions and ability to more quickly get testing certification, your authority to operate from a cybersecurity perspective.
And that's what enables us to deliver capability faster for the first time to the user, but also to provide updates that are cybersecure in meeting the exact needs of the user because they're involved up-front.
MR. FAHEY: I would just add, right -- so in addition to what Ms. Lord said, right, so the software pathway is big on DevSecOps by definition, DevSecOps -- right? -- has security into the software. So one of the biggest efforts is how do we do better as both of them said, in reciprocity when one organization gets an ATO that we can give that to other programs.
And then a big part of that -- which is another thing that we're working on the early stages across the department, is the digital engineering piece, right? Where we have the information -- as Ms. Lord said -- in the cloud so we have the right data that will allow us to better get to an ATO as the data's developed, especially in the software arena.
STAFF: All right, let's get in one more question here.
Sara Friedman from Inside Cybersecurity, did you have one?
Q: Yes. (inaudible) related to cybersecurity framework that you're going to be putting out with CMMC. Can you provide any detail on how that will be tied to the CMMC program? And will it be based on the controls or the maturity levels?
MR. FAHEY: Want me?
Yeah, so yeah, so basically right now -- and there has never been -- there's an instruction that talks about cybersecurity, right? And basically you probably know the whole background on you know, Cyber Maturity Model Certification was we realized how critical cybersecurity is on our programs, in our defense-industrial base, right?
And there was some thought process that basically says, "Oh, we'll make it a tradeoff between cost, schedule, performance." Our thing was, "No, cyber's a requirement," right? And that's where the CMMC idea came up with, the instruction.
It would have been published now, but when the interim rule was published with the comment period, as we pulled it back, it didn't have CMMC in there because you can't have it in there until it's a FAR rule. So when it became an interim rule and out for comment, Ms. Lord said, "Well, why don't we pull it back and make that part of the plan?"
So right now, that should be in the next 60 days. And as you probably know, you know, this is a little different. Usually when a FAR rule goes into effect, every contract thereafter has to be compliant because we have an implementation plan over the next couple years, working with industry.
And that's one of the things we're working with the services and with our industry partners, picking very good pilots or pathfinders that show how we will flow down. Because part of the instruction explains, just because your prime contract is level three, it doesn't mean that your level seven sub-supplier is level three. That you need to flow down the requirement, and depending on what that company's specifically doing, it may be a level one.
And so that's part of the training and what that instruction says is how do you do that critical thinking of security, and how do you determine what levels as we flow it down.
MS. LORD: I think this is a really good example of the process we've been using where we get a policy out there and start using it and learn from it, and then continue to refine it. But again, we're getting a minimally viable product out there most of the time, and getting the cycles of learning, and we will continue to improve it and that's what we're trying to do with the acquisition.
STAFF: All right, we are about out of time, so I wanted to give the team an opportunity to make any closing comments.
Ms. Lord, if you have anything? Or Mr. Fahey?
MS. LORD: I just want to say that I'm incredibly proud of this team, of the work that Kevin and Stacy have done. Incredibly collaborative, and I believe we have irreversible momentum here in terms of DOD acquisition.
Kevin?
MR. FAHEY: Yeah, I would just add the one thing that, you know, we get asked a lot about is our relationship -- if you look at a lot of these things, it's with other partners across the Department of Defense. And with the split of AT&L, the relationships were different. But if you look at the T&E one, which was usually focused on just operational tests, is really integration of operation and development, which is also an R&E thing.
And our relationship with R&E -- because big part of us being able to go fast is how do you mature technology not only the technology's mature, but it's focused on the capability that we want to deliver. And I would tell you, hypersonics is the poster child on how A&S and R&E's supposed to work, that we're all in that together, using the pathway. Even in S&T, we're thinking about the capability, not the technology maturation only.
So I think that's a big part of it, is working with the other members, you know, the CAPE, the comptroller, they all have been part of making this a reality.
MS. LORD: Absolutely.
Stacy?
MS. CUMMINGS: The one thing I would say is that the publishing of these policies does not represent the end of an effort, but the beginning of an effort. And we are going to continue to work with program teams, program managers and their teams to look at the policy we've published, learn from them, and then incorporate improvements that we hear from the teams around the country, incorporate them in as lessons learned so that we can make this policy even better and continue to deliver to the warfighter at the speed of relevance.
STAFF: All right. Thank you, everybody, appreciate your time and we will see you soon. Thank you.