Enhancing the GAO’s Enterprise Agility and Flexibility
Background
The Government Accountability Office (GAO) is an independent, nonpartisan legislative branch agency that works for Congress, generally at the request of congressional committees or subcommittees or as mandated by public laws. GAO’s work often leads to laws and acts that improve government operations, saving the government and taxpayers billions of dollars. The GAO Information Systems and Technology Services (ISTS) office seeks to provide high-quality IT services that securely, efficiently, and cost-effectively support the delivery of timely and accurate information to GAO, Congress, and the American people.
GAO ISTS has a comprehensive architecture and infrastructure that supports their headquarters and 11 field offices, including more than 500 non-virtual Windows and Linux servers, 160 virtual servers, 3,400 virtual desktops, a hyper-converged Nutanix server/storage solution with 100 TBs of capacity, a 60 TB EMC storage area network, and 10 virtual private networks (VPNs). This architecture and infrastructure support over 75 business applications, from custom to end-user-developed to commercial-off-the-shelf (COTS), government-off-the-shelf (GOTS), and Software-as-a-Service (SaaS) products.
Understanding The Need
GAO ISTS wanted to transform its IT service and application delivery capabilities to better meet evolving mission needs and create a more predictable IT operating budget. It required a contracting team who could drive this transformation across its IT enterprise, which supports 3,200+ GAO and 100,000+ public end users. Key objectives included:
- Improving overall IT performance.
- Increasing its flexibility to evolve services as internal and external user needs change.
- Improving security capabilities.
- Adopting an automated DevSecOps model to boost speed-to-delivery for new capabilities.
- Realizing the benefits of migrating applications to the cloud.
- Reducing major budget outlays.
GovCIO’s Solution
Since 2019, GovCIO’ (formerly Salient CRGT) has delivered high-quality services to GAO’s ISTS office. Over 100 GovCIO IT professionals help architect, operate, and secure GAO’s enterprise network and hardware infrastructure, data centers, telecommunications systems, and business applications while transforming its development, enhancement, and enterprise service management to an Agile/DevSecOps model.
Bringing a clear vision of the future and flexible and collaborative work style, our team of experts effectively engaged GAO, first creating a transformation roadmap and comprehensive enterprise-wide IT strategy that has proven effective, efficient, cost-effective, secure, and highly reliable.
Managed Services
To migrate GAO from an on-prem service delivery to a cloud-based managed services approach quickly and instill confidence and trust, we applied our low-risk “Safe Journey” methodology, which leveraged ServiceNow’s robust IT Service Management (ITSM) capabilities. In addition, we extended it with GovCIO’s CONNECT tool. Providing a single view across all activities, CONNECT gives GAO and GovCIO a clear view of work allocation and forecasting across the team, allowing for easy O&M adjustments and technology enhancements. The tool also provides near real-time visibility into task financials for GAO.
Application Modernization
GovCIO modernizes GAO’s applications and tools to operate in a cloud-based environment, following a phased migration roadmap. This has included setting-up a cloud-based OpenShift Container Platform (OCP) cluster in AWS and incrementally onboarding and refactoring applications to capitalize on cloud resources while also identifying shared service candidates to re-architect as microservices and resolving application interdependencies.
DevSecOps Transformation
GovCIO introduced automated DevSecOps processes, allowing for continuous integration (CI) and quality checks during development, to help GAO ISTS detect errors as early as possible. We integrated Jenkins as the main CI tool and a combination of Jenkins and Ansible for continuous delivery (CD), creating CI/CD pipelines for automated deployments. We enabled automated code reviews using SonarQube code quality and code security scanning; Anchore and Trivy for container scanning; Cucumber, Zephyr, and Selenium for automated testing; and ZAP scans for penetration testing.
Transition to Telework Model
The COVID-19 pandemic required major changes to how all government agencies conduct daily business activities. GovCIO had one week to shift the team and GAO staff to telework. We developed a telework model for GAO staff to safely conduct mission-critical activities and, during this transition, managed 1,000+ calls that often required 20 to 30 minutes each.
Customer Praise for GovCIO
"We had high hopes for using ServiceNow to help manage our projects and operations. It has exceeded even these expectations. We are very happy with the progress and data that we can get out of it to help with our project schedules, planning, and budgeting,"
Results
By partnering with GAO and tailoring our proven, agile, and flexible methods to GAO’s mission objectives, GovCIO has successfully shifted GAO ISTS to new ways of working, transforming how GAO ISTS operates and executes its enterprise mission. GAO ISTS resources can now focus more on product line mission activities, improvements, and forward-looking outcomes- with GovCIO helping to continuously improve end-user services and capabilities.
Managed Services Implementation
GovCIO transformed GAO’s on-premise service delivery to our FedRAMP-authorized ServiceNow platform within four months – eight months ahead of schedule. This enabled enterprise service desk, monitoring, and IT administration from a secure, remote location, operating and available 24x7x365 and resulted in immediate improvements. For example, starting one month after the transition (and despite a COVID-19 surge that increased and sustained call volume by 40% within two days), we improved successful call handling by over 600%.
With ServiceNow now the central platform for IT business and service management, GAO eliminated organizational drag, dozens of weekly meetings, and 100+ spreadsheets; GAO ISTS moved to just three, 15-minute stand-ups that better empower team-level decision-making. Introducing innovations such as predictive analytics, GovCIO used ServiceNow to identify and mitigate several infrastructure performance risks and obtain 100% compliance with system health and availability SLAs. In addition, replacing GAO’s outdated ticketing system with ServiceNow and migrating to an offsite 24×7 customer support managed services operation decreased the call abandon rate from 30% to less than 7%, and increased customer support satisfaction to over 92%.
DevSecOps Transformation and Application Modernization
GovCIO completed the initial transformation effort within six months (six to twelve months faster than typical federal DevSecOps integration schedules). Within this timeline, we revamped the software environment, building out the enterprise CI/CD pipeline and implementing Keycloak single-sign-on. We integrated container images into the pipeline, as well as implemented and matured the Universal Base Image (UBI) process to support containers. Coordinating the pipeline rollout with GAO, we revamped /streamlined pipeline code and stage gates to eliminate drag in development workflows. GovCIO reduced application time to deploy by 25%, increased application updates by 75%, and decreased defects by over 35%.
Transition to Telework Model
GovCIO’s implemented telework model allowed us to quickly transition to a full telework support model within hours, with no disruptions to service, and easily shift existing resources for this urgent need.