Interview transcript:

 

Terry Gerton OASIS+ enters Phase II with five new service domains and draft scorecards expected December 16, ahead of a January 12 solicitation date. The expansion could reshape competition and compliance for federal contractors, especially small businesses. Stephanie Kostro, president of the Professional Services Council, is here to share her insights. We’re going to focus a little bit more than we usually do today on things that are happening in the small business world. So let’s start with December 4th. GSA announced the launch of the OASIS+ Phase II expansion. First of all, tell us what’s noteworthy there.

Stephanie Kostro This is long anticipated, Terry, and I will say thank you very much for focusing on small business today. It has been an area where a lot of our contracting friends have looked for guidance and information from the executive branch and from the legislative branch, to be honest, about where small business policy is going. And so thanks so much for raising this important issue area. OASIS+ has been in the works for so many years now, and there are hundreds, if not thousands, of vendors very interested in this expansion. And what I’ll tell you very quickly is Oasis+ had been eight domains or eight categories of services. It is now 13. And the five that they’ve added in this new tranche are very interesting. It is things like business administration, financial services, human capital, marketing and public relations, and social services. So this is a dramatic increase in the scope of Oasis+. It expands from eight domains, service domains to 13. And we have a lot of interest here in the contracting community about how they can support the executive branch through these new domains.

Terry Gerton Those new domains seem tailor made for small businesses. What are you hearing about how small business might be able to participate now?

Stephanie Kostro Again, it’s very exciting. It looks like the solicitations will be open here in January, mid-January of 2026. We’ll have to see what the actual words on the paper, if I can be that mundane about it, say about small business participation. But this is exactly the kinds of domains that small businesses excel. The marketing and PR, the human capital, financial services, etc., where they can partner with large companies in either in a joint venture or as a mentor-protege. So we’ll have to see what GSA decides will be the allowable partnering arrangements going forward. I would also note that this is a reflection of an executive order that the president signed out early on, and it was back in March, it was called Executive Order 14240, Eliminating Waste and Saving Taxpayer Dollars by Consolidating Procurement. So really this is the migration of some of the domains from other vehicles over to Oasis+, which really makes Oasis+ a must-have vehicle for contractors.

Terry Gerton What should small-business owners and leaders be looking at between now and January to help them prepare?

Stephanie Kostro They really should check out Oasis+ Phase I and see what came out in the solicitation documents for that. They should monitor the GSA websites very, very closely to see if any blog posts there will give them insight into what will be allowable. You know, a lot of times PSC has voiced concern about final requests for proposals not hewing very closely to the draft that they had released as an RFP. And so sometimes you have to scramble as a small business to figure out who can you partner with? Because the final RFP does not really look like the draft RFP. I’m hoping that GSA decides to move forward with a final RFP that looks very similar to a draft RFP so that our small businesses can plan accordingly. It has been a rough year in 2025 for small businesses. Some of them have seen contract terminations or de-scoping or rescoping. Some of them have been asked to offer up discounts that really cut into the muscle, not just the fat, if there was fat for a small business. But we need the innovation that comes from small businesses. And I think this is a great opportunity for them to provide an offer that is really beneficial to the government and to the small business community.

Terry Gerton I’m speaking with Stephanie Kostro. She’s the president of the Professional Services Council. Stephanie, speaking of small businesses, there was a bill that passed the House last week, the SBA IT Modernization Reporting Act. What are you watching here?

Stephanie Kostro Oh, now we can really dork out, Terry, on all of this stuff. So I as I mentioned in our previous conversation here, we’re talking about HR and financial services, or rather human capital and financial services, etc. The IT Modernization Reporting Act is a really interesting piece of legislation that looks at recommendations offered by the Government Accountability Office back in 2024 about reporting on agencies’ IT systems. And so they really want the Small Business Administration to help address risks tied to the Small Business certification platform that can help reduce the project risk, so that it can actually improve project risk management, establish a risk mitigation plan and resolve cybersecurity vulnerabilities. Now, Terry, as you know, we are seeing a host of cybersecurity requirements come out from the Department of War and their Cybersecurity Maturity Model Certification program, but also elsewhere. And it hits small businesses hard. You know, some of this is basic cyber hygiene, but some of it is really, really burdensome on small businesses that don’t have the resources and can’t spread resources out between, say, a commercial side and a government side. And so as we look at the implementation of this legislation, it’ll be interesting to see how small businesses can reduce the risk and reduce their vulnerabilities across and what SBA can do to support them in that.

Terry Gerton This is obviously the beginning of its legislative process. It still has to pass the Senate. It still has to get signed. But are there things that you would want small businesses to be looking at now with the expectation that this bill will eventually be passed?

Stephanie Kostro That is a great question, Terry, and it actually leads me to something that your listeners probably just learned about recently, which was the House and Senate released their National Defense Authorization Act for fiscal year 2026, where that act, and it’s in its final stages, this is the conference bill, right? And so now it just has to pass House and Senate and get signed by the President. I say “just,” but it takes a few days for that to happen. That bill was released on December 7. And I would note that in it actually establishes more firmly Project Spectrum, which is a Department of War effort to help small businesses with their cybersecurity. I encourage small businesses to look at Project Spectrum if they are a Department of War contractor. But even if you’re not, take a look at what those offerings are. See what you can get the government to support you and to help pay for in terms of cyber hygiene and cybersecurity. I’m encouraging the companies to do that even in advance of any of this SBA IT Mod act. As we move forward, it’s going to be a huge cost for companies and anything the executive branch puts in place to mitigate those costs or help minimize those costs is going to be a good thing.

Terry Gerton Stephanie, you’ve already alluded to a couple of big changes that small businesses are facing as a result of so many of the new policies and programs coming out of the Trump administration this year; 2026 is going to look very different for small businesses than 2025. Give us a feel for the change in the business market, the government contracting market for small business, and what do you think the year ahead brings?

Stephanie Kostro Small businesses have, again, seen a lot of changes here in 2025, not least of which has been calling into question the socioeconomic set-asides that we have in place. There’s the 8(a) program, which is for disadvantaged businesses, but there are also women-owned small business, veteran-owned small business, service-disabled veteran-owned small business, hub zone, etc. So we have ratcheted back, as a nation, back to the statutory requirements. The Biden administration and others had grown the set-aside amounts and thresholds for these kinds of small businesses. Those are back down to the statutory requirements. In addition, we have heard about this audit of the 8(a) program, which was launched months ago, but more recently, contractors have been receiving documentation requests from their customers to help justify 8(a) program awards, etc. So they’ve seen that as well. As we go into 2026, I imagine we will see more of this audit-like activity to make sure the companies that certify themselves as small are in fact small and qualify for these set-asides. I would also say under the revolutionary FAR overhaul, which is this FAR rewrite we’ve been undergoing for a few months, all of the class deviations, part by part of the FAR, are out there. The agency supplements are being changed. We are awaiting formal rulemaking for some of these things. But it does appear that the “rule of two” upon which a lot of small businesses base their business strategies is also changing. I’ll just succinctly summarize it by saying right now, if the revolutionary FAR overhaul goes through the rulemaking process and nothing else is changed, that “rule of two” applies only to the contract level, not to the task-order level, which is a significant change. It also allows the contracting officers to have a little bit of flexibility in terms of what can be deemed for a set aside, and then also not necessarily requiring companies to recertify their status. And so a lot of these changes are going come to be executed in 2026, and it is again going to be a year a little of some upheaval for small businesses.

Terry Gerton So if you’re a small business owner or leader and you’re thinking about your strategy or your business plan for 2026, what are the key things that should be at the top of your consideration list?

Stephanie Kostro The first one is obviously to monitor everything that the government, the executive branch is saying in terms of what the requirements are for a small business. I would also make sure that if you have an opportunity to get on a vehicle yourself as an organic small business or as a joint venture, go ahead and get on, because I’m not sure what on-ramping opportunities are going to look like in the future for some of these larger vehicles. And also make sure that you have all of your documentation in a row, all your ducks in a row for documentation. And that includes not just, “hey, you’ve got an 8(a) contract award and you may be getting required to submit some documentation,” but to certify yourself to make sure that the platforms are in place where you can certify yourself quickly with the SBA and making sure that you have all of that documentation in line. This is also an interesting dynamic for any new entrants to the market who have not experienced what existing small businesses experienced here in 2025. They may look at this and go, the juice is not worth the squeeze. It’s too hard to do work with the federal government. I think it is a business decision that if folks want to come and talk to those of us at the Professional Services Council and we can give them a little bit of a taste of what the dynamics are, we’re happy to talk to them about, is this a good market for you to explore? I think it is. Particularly, for example, we talked about at the top of this discussion, the Oasis+ expansion. The new five domains are for services, are great for small businesses. How do you compete for that? Come talk to us and we can help you out.

The post GSA’s next-generation contract vehicle is expanding and small businesses need to pay attention first appeared on Federal News Network.

For years, the conversation about artificial intelligence in government focused on model development — how to train algorithms, deploy pilots and integrate machine learning into existing workflows. That foundation remains critical. But today, federal leaders are asking a different question: What does an AI-native government look like?

The answer may lie in AI agents — autonomous, adaptive systems capable of perceiving, reasoning, planning and acting across data environments. Unlike traditional AI models that provide insights or automate discrete tasks, AI agents can take initiative, interact with other systems, and continuously adapt to mission needs. These systems depend on seamless access to 100% of mission-relevant data, not just data in a single environment. Without that foundation — data that’s unified, governed and accessible across hybrid infrastructures — AI agents remain constrained tools rather than autonomous actors. In short, they represent a move from static tools to dynamic, mission-aligned infrastructure.

For federal agencies, this shift opens up important opportunities. AI agents can help agencies improve citizen services, accelerate national security decision-making, and scale mission delivery in ways that were once unthinkable. But realizing that potential requires more than adopting new technology. It requires building the digital foundations (data architectures, governance frameworks and accountability measures) that can support AI agents as core elements of federal digital infrastructure.

A new phase for AI: Why agents are different

Federal agencies have decades of experience digitizing processes: electronic health records at the Department of Veterans Affairs, online tax filing for the IRS, and digital services portals for immigration at Customs and Immigration Services and the Department of Homeland Security. AI has expanded those capabilities by enabling advanced analytics and automation. But most government AI systems today remain tethered to narrowly defined functions. They can classify, predict or recommend, but they do not act independently or coordinate across environments.

AI agents are different. Think of them as mission teammates rather than tools. For example, in federal cybersecurity, instead of just flagging anomalies, an AI agent could prioritize threats, initiate containment steps and escalate issues to human analysts — all while learning from each encounter. In citizen-facing services, an AI agent could guide individuals through complex benefit applications, tailoring support based on real-time context rather than static forms.

This evolution mirrors the shift from mainframes to networks, or from static websites to dynamic cloud platforms. AI agents are not simply another application to bolt onto existing workflows. They are emerging as a new layer of digital infrastructure that will underpin how federal agencies design, deliver and scale mission services.

Building the foundations: Beyond silos

To function effectively, AI agents need access to diverse, distributed data. They must be able to perceive information across silos, reason with context and act with relevance. That makes data architecture the critical enabler.

Most federal data remains fragmented across on-premises systems, multi-cloud environments and interagency ecosystems. AI agents cannot thrive in those silos. They require hybrid data architectures that integrate separate sources, ensure interoperability and provide governed access at scale.

By investing in architectures that unify structured and unstructured data, agencies can empower AI agents to operate seamlessly across environments. For instance, in disaster response, an AI agent might simultaneously draw on Federal Emergency Management Agency data, National Oceanic and Atmospheric Administration weather models, Defense Department logistics systems, and public health records from the Department of Health and Human Services — coordinating actions across federal entities and with state partners. Without hybrid architectures, that level of coordination is impossible.

The second layer: Governance, trust, transparency

Equally as important is governance. Federal leaders cannot separate innovation from responsibility. AI agents must operate within clear rules of transparency, accountability and security. Without trust, their adoption will stall.

Governance begins with ensuring that the data fueling AI agents is accurate, secure and responsibly managed. It extends to monitoring agent behaviors, documenting decision processes, and ensuring alignment with legal and ethical standards. Federal agencies must ask: How do we verify what an AI agent did? How do we ensure its reasoning is explainable? How do we maintain human oversight in critical decisions?

By embedding governance frameworks from day one, agencies can avoid the pitfalls of opaque automation. Just as cybersecurity became a foundational consideration in every IT system, governance must become a foundational consideration for every AI agent deployed in the federal mission space.

For the federal government, trust is also non-negotiable. Citizens are owed AI agents that act fairly, protect their data, and align with democratic values. Transparency through being able to see how decisions are made and how outcomes are validated will be essential to earning that trust.

Agencies can lead by adopting principles of responsible AI: documenting model provenance, publishing accountability standards, and ensuring diverse oversight. Trust is not a constraint; it is a mission enabler. Without it, the promise of AI agents will remain unrealized.

Preparing today for tomorrow

The question for federal leaders is not whether AI agents will shape the future of government service; it is how quickly agencies will prepare for that future. The steps are clear:

• Invest in data infrastructure: Build hybrid, interoperable architectures that give AI agents access to 100% of mission-relevant federal data, wherever it resides.
• Embed governance from the start: Establish frameworks for transparency, accountability and oversight before AI agents scale.
• Cultivate trust: Communicate openly with citizens, publish standards and ensure that AI systems reflect public values.
• Experiment with mission scenarios: Pilot AI agents in targeted federal use cases (cyber defense and benefits delivery, for instance) while developing playbooks for broader adoption.

We are at a turning point. Just as networks and cloud computing became indispensable layers of federal IT, AI agents are poised to become the next foundational layer of digital infrastructure. They will not replace federal employees, but they will augment them — expanding capacity, accelerating insight, and enabling agencies to meet rising expectations for speed, precision and personalization.

The future of the federal government will not be built on static systems. It will be built on adaptive, agentic infrastructure that can perceive, reason, plan and act alongside humans. Agencies that prepare today — by investing in hybrid architectures, embedding governance and cultivating trust — will be best positioned to lead tomorrow.

In the coming years, AI agents will not just support federal missions. They will help define them. The question is whether agencies will see them as one more tool, or as what they truly are: the next layer of digital infrastructure for public service.

Dario Perez is vice president of federal civilian and SLED at Cloudera.

The post AI agents: The next layer of federal digital infrastructure first appeared on Federal News Network.

Interview transcript:

Terry Gerton You have been in public service and in safety net programs for over 33 years. As we come out of this shutdown, it really exposed both the importance and the fragility of these programs. Give me a sense from your experience what you saw, and maybe, what did we learn about these programs in the last 43 days?

Clarence Carter Well, I hope what we learned is the essential nature of the these programs. The first couple of weeks of the shutdown were pretty lukewarm. But as it got to the place where we saw the potential challenges to the Supplemental Nutrition Assistance Program, things got serious. And quite frankly, I never thought it would get to the moment where we were not in a position to provide the most basic of the safety net services to the 42 million consumers that are desperately in need of those. I am glad that we were able to ultimately clean that up. But having that, if you would, anvil over the head of individuals that desperately need that most basic support I think showcased the importance of the safety net and of some of the programs we administer.

Terry Gerton You’ve just written a book called “Our Net Has Holes in It.” When you look at these programs, I know you’ve worked in housing assistance, now you’re supporting all kinds of human assistance programs there in Tennessee, what are the most enduring lessons that you want to bring forward about making sure these critical programs work for people?

Clarence Carter Terry, the most I would think enduring message that I have is that we clearly in this nation, we have a desire to help our neighbors that are living in the margins. We spend annually, and this is federal government alone, $1.49 trillion annually in service to vulnerable Americans. My argument, and “Our Net” lays out this argument, that what we have to do is shift our intention, shift our design, and shift our execution. It’s not about us not caring enough. It’s not about us not spending enough. It is about flawed intention, design and execution.

Terry Gerton As you think about those three principles, let’s take design first because that’s the structure that we’re working with.

Clarence Carter That’s right.

Terry Gerton What are the core features that need to be reformed?

Clarence Carter  The first core feature is that all of the 114 means-tested programs are, they were designed singularly to address one aspect of the human condition. And they weren’t designed to work in conjunction with anything else. But many of the consumers that the system serves has multiple challenges that need to be remediated. And the system wasn’t designed to take that kind of comprehensive approach. And so one of the first things that has to happen is the system has got to be reformed so that all of the programs can be enabled to operate as tools in a toolkit, but that can be connected to allow us to take a more comprehensive approach to the issue of human well being, not simply the administration of programs.

Terry Gerton I’m speaking with Clarence Carter. He’s currently the commissioner of human services for the State of Tennessee. Clarence, that’s a huge design issue. I want to talk also about execution because human services programs and assistance are state-federal partnerships. You’ve worked on both sides of that. What are the execution issues there and how can we overcome them?

Clarence Carter Okay, and so Terry, you lay that out perfectly. And the challenge is the states and localities administer the programs and utilize the funding with some state add-on. And the states administer the programs. And so what ends up at the state level is you end up executing the flaws of design of the federal system. And so the state doesn’t have an opportunity to do it differently. They have to administer the rules of the programs as they have been given. And so my life’s work has been a journey to call out the dysfunction of design that begins at the federal level and then works its way all the way down the food chain until it gets to the consumer, who then is quite frankly in a place where they are being served by a system with great intention, but really poor execution and design.

Terry Gerton Alright, so the third portion that you mentioned was intention and you’ve worked across party lines, you’ve worked with leaders of both parties across the partisan lines. One would think that vulnerable assistance would be an important bipartisan issue, but it gets tangled up in politics. How do we separate the value of the programs and the intent of the programs from the politics around the programs?

Clarence Carter Terry, I think that we have to do that by shifting our focus from the politics to the programs. And I feel like, and we lay this out in “Our Net,” it begins with intention. Our intention has to be that we meet our neighbor in their vulnerability with the intention to grow them beyond the vulnerability, not simply provide benefits, goods and services as long as they meet the criterion to be served. And I believe that if we begin with that intention, we can check our partisan weapons at the door and focus on, okay, if it’s our intention to grow people beyond, then how do we architect the system to achieve that objective? We have to begin with this shared vision of understanding that we will always have, every society known to humankind has, that we will always have neighbors amongst us that suffer from some manner of economic, social, developmental vulnerability. And so we have to design an efficient, effective system that understands vulnerability with the intention to grow our citizenry beyond that vulnerability, and success has to be in a system like that. Not that I delivered a benefit, good or service, but that the consumer got healthier for it. We measure right now, we measure outputs. I can tell you, as a administrator of the SNAP program, what I get held accountable for is, did I deliver the SNAP benefit to who was entitled to receive it? Did I deliver it in the right amount? And did I deliver it in the right time frame? Nobody asks me, did that family get to a place where we grew their capacity so that they don’t need it? I get judged on efficiency measures. I think that we need to add to efficiency measures, we need to add human wellbeing metrics, and that that needs to be the true determinant of success.

Terry Gerton Clarence, you’ve laid out a powerful vision there. What would be the top one or two or even three policy priorities that you would put on the table for Congress to help strengthen the safety net and achieve that vision of wellbeing?

Clarence Carter The first would be connectivity. And what I mean by that is that the 114 means-tested programs of the safety net need to be able to be connected so that they become tools in a toolkit to achieve the objective of growing people beyond. So connectivity is important. But before we get to connectivity, we have to begin with a shared vision. And that shared vision, our argument in “Net” is that that shared vision has to be helping individuals achieve the highest degree of freedom possible. And so if we set out with that intention to help individuals achieve the highest degree of freedom possible, and we connect the tools so that those tools can work together, then we can have a system and we measure what counts. We measure human capacity. Those things coming together can create a profoundly different system of public supports.

The post Can our safety net programs survive stress and deliver more than short-term relief? first appeared on Federal News Network.

• The nation’s largest federal employee union is urging Congress to vote against the House rule for the 2026 Defense policy bill. The American Federation of Government Employees said negotiators removed a bipartisan House provision that would have restored collective bargaining rights for hundreds of thousands of Defense Department civilian employees. The union said removing that language means the legislation fails to protect basic rights of workers who maintain ships and aircraft and support service members. AFGE is calling on lawmakers to reject the procedural rule and restore the worker protections before the National Defense Authorization Act moves forward.
  (AFGE urges Congress to reject NDAA rule after union protections are removed - AFGE)
• The top Democrat on the Senate Veterans Affairs Committee is asking the Postal Service to ensure service members get holiday packages on time. Sen. Richard Blumenthal (D-Conn.) said hundreds of holiday care packages sent to troops overseas were returned to sender. About 100 of those care packages sent through the nonprofit Boxes to Boots are still missing in transit. Blumenthal is asking Postmaster General David Steiner to provide guidance to military families and organizations who are encountering similar obstacles and ensure timely delivery of these care packages.
  (Senator calls for Postal Service to guarantee holiday packages for service members - Sen. Richard Blumenthal (D-Conn.))
• The Trump administration is trying to reduce the federal government’s real estate footprint. A congressional committee will take a closer look at those efforts on Thursday. A subcommittee of the House Transportation and Infrastructure Committee will hear from the acting head of the General Services Administration’s Public Buildings Service. It will also hear from the Government Accountability Office and the Public Buildings Reform Board which has helped GSA identify underutilized federal office space.
  (Subcommittee to hold hearing on consolidating federal real estate - House Transportation and Infrastructure Committee)
• The Technology Modernization Fund will expire in three days. The Small Business Innovation Research (SBIR) program remains on the shelf. Congress chose not to include reauthorization language for either program in the compromise version of the 2026 defense authorization bill released yesterday. House lawmakers pushed to get the TMF extension provision added during conference, but were unsuccessful. Meanwhile lawmakers are still at odds over the future of the SBIR program, which saw its authorization expire on September 30. Both chambers of Congress are expected to vote on the NDAA later this week.
  (NDAA forgoes extending TMF, reauthorizing SBIR - House Armed Services Committee )
• The President's Management Agenda is finally out. Eric Ueland, Office of Management and Budget deputy director for management, laid out eight initiatives across three broad categories that are the administration's key management reform objectives. The priorities include consolidating and standardizing systems, hiring based on skills and merit and finding cost-effective locations for agency buildings. A senior OMB official told Federal News Network that the PMA takes the president’s promises, as well as the administration’s work already underway, and creates a framework to “institutionalize” those end goals.
  (Trump’s government management vision centers on elimination, accountability - Federal News Network)
• A powerful senator is calling for agencies to stop all sole source 8(a) contracts. Sen. Joni Ernst (R-Iowa), the chairwoman of the Small Business and Entrepreneurship Committee, told 22 agencies to pause any further 8(a) sole source awards and review all current contracts for potential fraud. In a letter sent to agency leaders yesterday, Ernst said 8(a) sole source contracts are a fraud magnet. Ernst wants to know by December 22 from each agency whether they will suspend the program's sole source contracts. The letter comes two weeks after Ernst introduced legislation that would suspend all 8(a) sole source contracts until SBA completes its ongoing audit.
  (Ernst presses agencies to pause 8(a) sole source awards - Sen. Joni Ernst (R-Iowa))
• A compromise version of the fiscal 2026 National Defense Authorization Act includes several key civilian personnel reforms that could change how the Defense Department hires and manages its civilian workforce. The draft text includes a provision that would allow the Defense Department to promote employees without having to satisfy minimum time-in-grade requirements before being eligible for promotion. The bill would also allow the Defense Department to use skill-based assessments to determine whether applicants are qualified for open positions. In addition, the legislation expands which positions DoD can hire using special cyber authorities, as well as significantly increases the maximum pay DoD can offer for cyber talent.
  (Compromise NDAA would let DoD promote civilians faster, increase cyber pay - Federal News Network)

The post AFGE urges Congress to vote against House rule for 2026 NDAA first appeared on Federal News Network.

Cyberthreats don’t stop nor do they stop evolving (and at a dizzying pace). Federal agencies are responding with smarter strategies, stronger partnerships and a focus on mission resilience.

Our latest ebook brings together insights from top government and industry experts shared on Day 1 of our Cybers Leaders Exchange 2025, presented by Carahsoft and Cisco. You’ll find tips, strategies and tactics on how to tackle today’s most complex cybersecurity challenges.

Featured voices include:

• Nick Andersen, executive assistant director for cybersecurity, CISA
• Darren Death, chief information security officer, Export–Import Bank
• Ollie Gagnon, chief homeland security advisor, Idaho National Laboratory
• Bart Larango, strategic industry advisor for federal, Splunk
• Michael Overstreet, director of security solutions engineering, U.S. public sector, Cisco
• Matthew Rogers, OT cyber lead, CISA
• Madhuri Sammidi, deputy associate CIO, Bureau of Safety and Environmental Enforcement, Interior Department
• Jason Warfield, head of solutions and adoption engineering, Cisco ThousandEyes

Explore how Carahsoft and its partners — Cisco, Splunk and Cisco ThousandEyes — are helping agencies stay secure, agile and mission ready.

Download the full ebook now!

The post Expert Edition: How to tackle complex federal cyber challenges first appeared on Federal News Network.

In the Army, a new acquisition bureaucracy is starting to take shape. It means new names for some longstanding Army organizations. But at its core, the reorganization is about letting Army officials manage the acquisition system as portfolios of capabilities with less of a focus on individual programs.

That idea’s been championed by outside reform advocates for years, including when the “Section 809 panel” on acquisition reform released its final report in 2019. The Congressional panel on Planning, Programming, Budgeting and Execution Reform echoed the call as part of its recommendations. So did both the House and Senate in their respective versions of the latest Defense authorization bill. And last month, it got the explicit endorsement of the secretary of Defense.

“We will leverage taxpayer dollars in a more accountable, flexible and deliberate manner to maximize their value across capability portfolios,” Defense Secretary Pete Hegseth said during an address at the National War College. “We will shift funding within portfolios’ authorized boundaries swiftly and decisively to maximize mission outcomes. If one program is faltering, funding will be shifted within the portfolio to accelerate or scale a higher priority. If a new or more promising technology emerges, we will seize the opportunity and not be held back by artificial constraints and funding boundaries that take months or even years to overcome.”

In that address, Hegseth credited the military services with laying the groundwork for some of the reforms he wants to make department-wide. And the Army started its implementation work last month, naming six new “portfolio acquisition executives.” Each of those PAEs will oversee different “capability areas” with programs managed by what had, up until now, been called program executive offices (PEOs), and will now be called capability program executives (CPEs).

But there’s more in those portfolios than just the former PEOs, said Brig. Gen. Christine A. Beeler, the capability program executive for Simulation, Training and Instrumentation (CPE STRI).

“The PAE is going to be able to wrangle all of those enablers, and we are just one enabler to the PAE,” said Beeler during a staff town hall late last month. “There are also folks up at big Army that are going to help us on the programming side … and you’ve got requirement folks. That can get combined and come to us in a single requirements community of practice, so that things that get decided at the PAE level will be easier to understand and make trades on.”

Last week, another of those former PEOs announced the details of its own internal reorganization. Leaders of the newly-dubbed Capability Program Executive for Command, Control, Communications, and Network say most of their changes will be at the program manager level — both to align with the Army’s broader acquisition “transformation” agenda, and to orient the office more explicitly around the Army’s plans for Next Generation Command and Control.

The changes there include four new program offices — one each for applications, data and AI, infrastructure and transport, plus changing roles for several other offices. CPE C3N officials expect to detail the changes during the next Army technical exchange meeting at Aberdeen Proving Ground next month.

Beeler said there will be program office changes within her organization as well, but the reorganization will take until the summer of 2027 to fully unfold. Along with that, she said, will be a reduction in senior officer positions.

“The key changes were a mandated reduction of command select list billets by 30% at both the O-6 and the O-5 level,” she said. “So that means, over time, we’re going to transition from three CSL billets to two CSL billets at the O-6 level, and from eight CSL billets eventually to five CSL billets at the O-5 level.”

And at the even more senior levels, Beeler says the end state of the Army’s acquisition reorganization is that the new PAEs will be two-star generals or the civilian SES equivalents. And the CPEs will be one-star positions.

But those details — like many others in the reorganization — are still subject to change.

“This is a very time and event-driven process,” she said. “We’re not jumping in tomorrow, both feet and everything’s changed. That wouldn’t make any sense, and we would lose the discovery part of how these pathfinder adjustments to the acquisition process are actually going to work. For the time being, we will be the Capability Program Executive STRI. We believe in the future we’re going to change the logo and we’ve got some ideas out there for how we’re going make other changes over time, but at the end of the day, this is what we’re going to do. We simulate the fight, we replicate the threat, and we’re going to make sure that the Army can win across all domains.”

The post Army begins to reshape its acquisition enterprise along portfolio lines first appeared on Federal News Network.

A compromise version of the fiscal 2026 National Defense Authorization Act, released late Sunday, includes several key civilian personnel reforms that could change how the Defense Department hires and manages its civilian workforce.

Most notably, the draft text includes a provision that would allow the Defense Department to promote employees based on skills and qualifications without requiring them to satisfy minimum time-in-grade requirements before being eligible for promotion.

Ron Sanders, a former career human capital leader in government, said the provision is emblematic of the long-running debate to allow DoD to secede from the rest of the federal civil service due to the nature of its mission.

“It is a big deal, and it underscores a bigger issue … You should be able to promote people, regardless of time served, if they can do the job — promote them,” Ron Sanders, a former career human capital leader in government, told Federal News Network. “There have been numerous attempts to carve out more flexibilities for the DoD civilian workforce than the rest of the civil service had.”

“I’m of the mind, and I’m not alone in this, that the federal civil service should be broken up. It should be glued together by a series of standards and principles — there are some cross cutting government-wide principles that should always remain in effect. But DoD has a different mission than the intel community, and it has a different mission than FBI and the law enforcement and other aspects of Homeland Security. Trying to treat all of that as one-size-fits-all is problematic. And I think you’re seeing a continuation of the debate that DoD is different,” he added. 

The time-in-grade requirement is antiquated anyway, Sanders argued, and should be revisited for the rest of the federal civil service.

The bill would also allow the Defense Department to use skill-based assessments to determine whether applicants are qualified for open positions.

“If you sum it all up, DoD would basically have its own civilian personnel system, separate and apart from the rest of the federal civil service. I think we’ve gone to the other extreme, and we’ve been living there for decades now, and that is a one-size-fits-all mentality. What’s good for the SEC is good for DoD, and that’s just not true anymore,” Sanders said. 

In addition, if enacted into law, DoD would be able to share certificates of top candidates for various roles across the department. Certificates would remain valid for at least a year, and they are subject to agency-specific qualification checks.

This particular provision is not new, Sanders said. “If you have the applicant’s permission, sharing certificates, to me, is not a big deal, and it should have been done years and years and years ago, if it hasn’t been.”

Congress is also tightening the department’s ability to make workforce cuts by adding new analysis requirements, reporting mandates and restrictions on conducting reductions-in-force.

If passed, the bill would prohibit DoD from reducing its workforce levels or realigning functions if such changes involve more than 50 employees and occur outside the normal programming process, including ad hoc, immediate or unprogrammed workforce changes. The Defense secretary is also required to notify Congress about planned workforce reductions.

“I think it is part of a larger trend, and that is a growing realization that civilian personnel in DoD are important and they should be managed. If something affects 50 or more employees or some small number like that, that’s micromanaging,” Sanders said. “I don’t think that was in intent on the part of Congress to actually worry about 50 employees. I think it was just a failure to fully comprehend the full scope of the DoD civilian workforce, which is just plain huge.”

Lawmakers are also seeking to centralize and elevate civilian personnel management within each military service by placing it under senior uniformed leaders. If the measure passes, senior leaders who manage military manpower would also oversee the department’s civilian workforce.

“I think at least part of the reasoning is the necessity of having what I would argue are redundant staffs at the military department headquarters and at the major command level. There’s a pendulum here, and it goes back and forth. But at the end of the day, somebody really does need to take a hard look at the staffs that have emerged and decide whether they’re redundant and whether they could be centralized,” Sanders said. 

Cyber workforce

The legislation also expands which positions DoD can hire using special cyber authorities, as well as significantly increases the maximum pay DoD can offer for cyber talent.

Under current law, Cyber Excepted Services hiring authorities apply to U.S. Cyber Command, as well as certain cybersecurity and IT operations roles across the services. The 2026 defense policy bill could expand it to positions held in combatant commands, defense agencies, and field activities supporting CYBERCOM. DoD would also expand Cyber Excepted Services to 500 more cyber roles that don’t neatly fit into existing categories but are still vital and hard-to-fill jobs

The legislation would also give the defense secretary greater pay flexibility for cyber talent, allowing DoD to offer up to 150% of the maximum basic pay authorized for Executive Schedule Level I roles.

“Neither Homeland Security nor DoD has taken full advantage of the authorities that Congress gave them literally decades ago. In DoD case, I think the mandate, and I read this as a mandate, to put more people under CES is generally a good thing. It just again underscores whether DoD should be treated differently or whether you need a separate set of personnel flexibilities for all cyber ninjas at DoD,” Sanders said. 

Worker protections stripped

Meanwhile, the American Federation of Government Employees — the nation’s largest federal employee union — is urging Congress to vote against the House rule for the 2026 defense policy bill.

AFGE says negotiators removed a bipartisan House provision that would have restored collective bargaining rights for hundreds of thousands of Defense Department civilian employees. The union says removing that language means that the legislation fails to protect basic rights of workers who maintain ships, aircraft and support service members. The union is calling on lawmakers to reject the procedural rule and restore the worker protections before the NDAA moves forward.

“If lawmakers are serious about supporting our military, they must send this bill back to conference, fix it, restore these protections, and then pass an NDAA worthy of the men and women who defend this nation every day,” AFGE National President Everett Kelley said in a statement.

The post Compromise NDAA would let DoD promote civilians faster, increase cyber pay first appeared on Federal News Network.

The Trump administration has laid out its President’s Management Agenda, providing a framework for the administration’s overarching priorities to drive change in the federal government for the next few years.

The new PMA, which the Office of Management and Budget published Monday, includes three key priority areas, each of which contain several underlying goals the administration wants to meet, such as eliminating “woke” government, ending “over-classification” and “buying American.”

Many of the goals contained in the management agenda are already taking shape through a number of President Donald Trump’s executive orders and other changes to government the president has initiated since taking office.

“In his first months in office, President Trump already took bold and decisive actions to begin to reshape the federal government and end its weaponization against American citizens,” OMB Deputy Director for Management Eric Ueland wrote Monday in a memo to agencies.

A senior OMB official, speaking on background, said the PMA takes the president’s promises, as well as the administration’s work already underway, and creates a framework to “institutionalize” those end goals.

“Some of the previous PMAs have been all-encompassing and trying to be everything to everybody, whereas this PMA is very clearly tied to what President Trump promised the American people he would do when he got elected,” the official said in an interview with Federal News Network. “These are going to be priorities every agency focuses on for the full Trump administration.”

The Trump administration’s three PMA priorities are:

• Shrink the government and eliminate waste
• Ensure accountability for Americans
• Deliver results, buy American

The PMA has been a staple of presidential administrations for more than 20 years. Generally, each PMA aims to address systemic challenges in government management by setting goals and holding agency executives accountable. It’s a way for the White House to work with agencies to establish top priorities, then monitor progress toward priority-based goals.

Performance.gov, the website that hosts the administration’s PMA, so far contains only an outline of Trump’s management agenda. Details are missing on which federal leaders will be tasked with delivering on the goals, where there has already been progress, and how the administration will measure results for each priority.

An OMB official blamed the 43-day government shutdown for the limited details on the PMA website. Though confirming that more information would eventually be available, the official did not provide a specific timeline.

“We’ll work with the agencies and identify where they’re already making progress and start putting out — as PMAs in the past have — updates on the success that’s been had, what metrics we’re going to be looking at measuring and what agencies are going to be part of different leads for the individual goals,” the official said.

Shrinking the government

For the Trump administration, the first priority in the PMA focuses on shrinking the government and eliminating waste, particularly in programs that Trump has described as “woke” or “weaponized.”

To meet that end, the PMA’s first priority defines three key goals:

• Eliminate woke, weaponization and waste
• Downsize the federal workforce
• Optimize federal real estate

Already, the Trump administration has taken significant steps toward those goals. Agencies spent much of this year under a hiring freeze, while the administration simultaneously reduced the size of the federal workforce by more than 300,000 employees.

Going forward, the OMB official pointed to Trump’s latest executive order on federal hiring as a way to measure progress toward the PMA’s first priority. The Oct. 15 order called on agencies to form strategic hiring committees composed mainly of political appointees, as well as create staffing plans for the coming year.

“A key part of that will be making sure agencies are putting in place those hiring committees,” the official said. “They’re making very strategic decisions around who they’re hiring and what positions they’re hiring for, so we don’t just inflate the federal government again and overwhelm all the success we’ve had in reductions to date.”

Trump’s first priority area in the PMA is a clear departure from the Biden administration’s agenda, which had centered on strengthening the federal workforce and included efforts to increase federal hiring and workforce development.

On top of reducing the federal workforce, the Trump administration’s first PMA priority additionally focuses on removing programs related to diversity, equity, inclusion and accessibility (DEIA), as well as ending a number of federal programs the administration described as “wasteful.”

That goal already began taking shape earlier this year, as the Trump administration directed agencies to end DEIA programs, and remove federal employees who worked on DEIA-related projects. The administration has also sought to shrink certain agencies, including USAID and the Education Department.

As a final piece of its first PMA priority, the administration said it plans to shrink the government’s real estate holdings by offloading “unnecessary” leases and federal buildings, as well as moving agency facilities to more “cost-effective” locations.

Trump has signed a number of executive orders this year focused on making federal architecture “beautiful,” and changing the way agencies prioritize federal building locations, while also requiring all federal employees to work on-site full time.

A focus on accountability

In addition to shrinking government, the administration will also be focused on driving “accountability” as the second PMA priority. The effort will impact federal employees, agency programs and government contractors, according to the agenda’s outline.

The underlying goals for achieving Trump’s second priority area are:

• Foster merit-based federal workforce
• End censorship and over-classification
• Demand partners who deliver

Many of the goals under the second PMA priority are familiar, as the administration has already attempted to reach those ends. For instance, the administration has created a new “Schedule Policy/Career” classification for federal employment, and altered performance management standards for federal employees.

“One benefit of the way that PMA is structured for this administration is it’s going to be easy to integrate this PMA into performance reviews for individual employees across the government and hold them accountable for delivering on the president’s priorities,” the OMB official said.

The Office of Personnel Management in May also issued a “merit hiring plan,” which in part called on agencies to question job applicants on how they will adhere to the president’s priorities.

“A lot of this is following up on executive orders and policy decisions made by the president early on,” the OMB official said. “We’re going to be having agencies strategically hiring [and] they need to do so following the merit hiring plan.”

The second priority area also includes a focus on implementing Trump’s orders related to collective bargaining and labor-management relations at agencies. On top of that, the administration also detailed goals of promoting transparency in the federal government, such as through “find[ing] and annihilat[ing] government censorship of speech.”

Additionally, the second PMA priority includes goals of changing government contracting by working with “the best businesses,” and tasking political appointees, rather than career employees, with leading grant processing work.

“It’s making sure that those receiving federal dollars were chosen based on merit, because they’re going to deliver the outcomes that are expected,” the OMB official said.

Modernize technology, “deliver results”

The third and final priority area in the Trump administration’s PMA focuses on consolidating federal procurement, as well as adopting more modern technology into government services.

The priority contains two key goals:

• Efficiently deploy the buying power of the federal government and buy American
• Leverage technology to deliver faster, more secure services

Attempting to advance technology in government has been a long-standing goal across multiple administrations and throughout many agencies. But the OMB official said for the Trump administration, the goal will be to focus on finding modernization initiatives that can be turned around in shorter timeframes, and “moving out of 10-year, 15-year efforts.”

“We are being more specific in where we’re focused and making sure that we’re tackling projects that we can get done, so that we get the results and the benefits of that,” the official said.

The third priority, once again, mirrors many steps that the administration has already taken, such as attempting to reshape the federal acquisition process.

The priority area also focuses on a familiar throughline from the Trump administration and the Department of Government Efficiency of eliminating “waste.”

Some underlying goals in the PMA’s third priority area, for instance, focus on reducing the number of “confusing” government websites. Another focuses on removing “duplicative” data collections and eliminating data siloes.

“Instead of having dozens or hundreds siloed IT systems,” the OMB official said. “We’re going to be able to work off of consolidated IT systems that can operate in an integrated fashion.”

The post Trump’s government management vision centers on elimination, accountability first appeared on Federal News Network.

A top human resources official at the State Department, who played a major role in the agency’s widespread reduction in force this summer, is moving on to a new role within the agency.

Lew Olowski, the chief human capital officer for the Bureau of Personnel and Training, is stepping down from that role to become the senior bureau official for the Office of Foreign Missions, two sources familiar with the decision told Federal News Network. The State Department declined to comment.

In this role, Olowski oversaw layoffs of nearly 1,350 State Department employees in July. The department sent reduction-in-force notices to more than 1,100 civil service employees and nearly 250 Foreign Service employees who were based in the United States at the time.

Senior department officials later told Congress that the RIF was the largest and most complex workforce reduction of its kind, and that they carried out the layoffs in consultation with the Office of Personnel Management.

Politico first reported on Olowski’s new role within the State Department.

Most of the employees who received RIF notices this summer officially separated from the agency in September.

The State Department sought to finalize layoffs for nearly 250 Foreign Service officers and several civil service employees last week. But a federal judge in San Francisco temporarily blocked the department from officially separating those employees.

The temporary restraining order signed last Thursday is part of an ongoing lawsuit unions filed on the eve of the government shutdown, which blocked the Trump administration from conducting widespread layoffs during a lapse in congressional funds.

The amended lawsuit states that several agencies, including the State Department, aren’t fully adhering to a provision in the shutdown-ending stopgap funding bill that temporarily blocked the Trump administration from carrying out layoffs.

The nonprofit Democracy Forward, which is also part of the lawsuit, said the amended lawsuit seeks to reverse “other unlawful RIF actions” at the Small Business Administration and the General Services Administration, as well as the departments of Education and Defense.

A recent survey led by the American Foreign Service Association found the State Department’s diplomatic workforce, given sweeping changes happening under the Trump administration, felt overburdened, under-resourced and more likely to leave in the next few years.

In a survey of more than 2,100 active-duty Foreign Service employees, AFSA found that 98% of respondents reported reduced morale this year. About 86% of respondents said workplace changes since January have affected their ability to advance U.S. diplomatic priorities.

Before the Trump administration, about 17,000 active-duty Foreign Service officers worked for the State Department. AFSA estimates that nearly 25% of its workforce left this year — when counting layoffs, retirements and those who accepted deferred resignation offers.

AFSA said in April that it was “deeply concerned” by Olowski’s appointment to the department’s top HR role, which is typically held by career members of the Foreign Service with decades of relevant experience.

“The Foreign Service is a competitive, merit-based institution, built on a foundation of expertise, service, and nonpartisanship. Placing an untenured, entry-level officer who has only served one complete overseas tour into this critical role, even in an acting capacity, not only disregards that tradition but also sends a clear message about the value this administration places on experience and professional progression,” AFSA wrote.

The post State Department HR chief moving on to new role after carrying out layoffs this summer first appeared on Federal News Network.

• There's more discouraging news for the Pentagon’s prospects of obtaining a clean financial audit by the current 2028 deadline. A new evaluation by the Defense Department inspector general found the department’s plan to remediate one of its key, longstanding material weaknesses — an inability to keep track of government property in the possession of contractors — doesn’t appear to be working. DoD intended to fix the problem largely by tracking the contractor-managed property in a software module within the Procurement Integrated Enterprise Environment. But according to the IG, key DoD leaders haven’t mandated the use of that module, and the military services haven’t updated their own systems to properly interface with it.
  (DoD goal for clean 2028 audit in jeapardy - DoD Inspector General)
• Today marks the final day of Open Season. Enrollees in the Federal Employees Health Benefits Program have until midnight tonight to make any desired changes to their health insurance options. The open enrollment period also applies to Postal Service employees, as well as those with dental and vision coverage. Any changes made during Open Season will take effect in January.
  (Final day of Open Season - Office of Personnel Management)
• Army Cyber Command has a new leader. Lt. Gen. Christopher Eubank officially assumed command during a ceremony on Dec. 3 at Fort Gordon, Georgia. Eubank took over for Lt. Gen. Maria Barrett, who is retiring after nearly 38 years of service and three years leading Army Cyber Command. Eubank previously served as special assistant to the commander of Army Space and Missile Defense Command. He also led the Army’s Network Enterprise Technology Command. In his new role, Eubank will lead Army cyber operations and provide Army forces to U.S. Cyber Command.
  (Eubank takes the helm of Army Cyber Command - Army.mil)
• The Program Executive Office Command, Control, Communications and Network, or PEO C3N, is undergoing another major reorganization. As part of the Army and Defense Department-wide acquisition reform efforts, the program executive office is changing its name to the "Capability Program Executive Command, Control, Communications and Network,” or CPE C3N. The office is realigning its structure to better support the Army’s Next Generation Command and Control effort. Brig. Gen. Jack Taylor will continue to lead the organization as the capability program executive. As part of the overhaul, the organization is standing up new project offices focused on C2 applications, data and AI, infrastructure and transport.
  (Army to overhaul its PEO C3N - Army.mil)
• An appeals court has ruled in favor of President Donald Trump’s firings of two Democratic board members. The split 2-to-1 decision of the appeals court panel has no immediate effect, since the removals of Cathy Harris at the Merit Systems Protection Board, and Gwynne Wilcox at the National Labor Relations Board, were already finalized. But Friday’s decision comes as the Supreme Court is expected to hear arguments on whether to overturn a 90-year-old ruling known as Humphrey’s Executor. If the decision is overturned, it has the potential to expand the president’s power in shaping independent agencies and may further reinforce the outcomes of Harris' and Wilcox’s terminations.
  (Appeals court backs Trump’s firings of MSPB, NLRB members - Federal News Network)
• Palo Alto Networks is joining the ever-growing list of vendors signing up for GSA's OneGov program. The cybersecurity company will now offer agencies up to a 60% discount from its schedule prices for three of its cyber tools. Agencies can now buy Palo Alto's software next generation firewall, its secure access service edge (SASE) solution and its code to cloud platform for deep discounts through January 2028. This is GSA's fifteenth OneGov agreement since it launched the program in April. Last week, GSA also signed a similar deeply discounted deal with SAP.
  (Palo Alto Networks joins GSA's OneGov program - General Services Administration)
• Small businesses in the 8(a) program will now have a busy holiday season. The Small Business Administration is asking participants in the 8(a) contracting program for a trove of data as part of the agency's ongoing audit of the long-standing socioeconomic initiative. In a letter sent to more than 4,300 8(a) firms, SBA set a deadline of Jan. 5, 2026, for these companies to deliver 13 data sets. These include everything from a copy of the all 8(a) contracts for the last three fiscal years to full financial statements to their full general ledger. SBA said firms that fail to meet the deadline may lose their eligibility to participate in the 8(a) program and could face further investigative or remedial actions.
  (SBA moves to next phase of 8(a) program investigation - Small Business Administration )
• A top human resources official at the State Department who played a major role in the agency’s widespread reduction in force this summer is moving on to a new role. Lew Olowski, the chief human capital officer in the Bureau of Personnel and Training, is stepping down from that role to become the senior bureau official for the Office of Foreign Missions, according to two sources. The State Department declined to provide an on-the-record comment.
  (Lew Olowski, the chief human capital officer in the Bureau of Personnel and Training, is stepping down - State Department)

The post DoD goal for clean 2028 audit in jeopardy, IG finds first appeared on Federal News Network.

If 2025 felt like a whirlwind for regulatory compliance, you’re not imagining it. Between the finalization of Cybersecurity Model Maturity Certification 2.0 rules, the launch of FedRAMP’s 20x initiative promising faster authorizations, and new AI governance requirements from the Office of Management and Budget and the National Institute of Standards and Technology, organizations working with federal agencies faced enormous regulatory change.

As we head into 2026, the tempo isn’t slowing. The Defense Department is phasing CMMC into contracts to protect the defense industrial base. FedRAMP continues evolving as more agencies migrate critical systems to the cloud. And AI regulations are moving from principles to prescriptive requirements as governments grapple with the risks and opportunities of deploying AI at scale.

After leading hundreds of companies through compliance journeys and assessments — and going through them ourselves — we’ve learned that while each framework has nuances, three universal lessons apply.

Three lessons that apply to each framework

1) These frameworks are not like the ones you already know.

The biggest mistake? Treating CMMC like SOC 2 or assuming FedRAMP is “ISO 27001 for government.”

For example, CMMC Level 2 requires implementing all 110 NIST 800-171 requirements and 320 assessment objectives. Your system security plan alone could reach 200 pages. Budget more time, resources and specialized expertise than you think you need.

2) Scoping is a critical first step that organizations often get wrong.

Determining what’s in scope is one of the hardest and most important steps. I’ve seen companies believe 80% of infrastructure was in scope for CMMC, only to learn it was closer to 30%. Be ruthless about where controlled unclassified information actually lives. Every system you include can add months of work and tens of thousands in costs.

For FedRAMP, define your authorization boundary early. For AI governance, inventory every AI system, including embedded features in SaaS tools. Invest in scoping before implementing controls.

3) Automation is mission-critical, not optional.

Manual processes don’t scale when juggling multiple frameworks, and they leave you vulnerable to errors and inefficiencies. That’s why FedRAMP 20x and other frameworks today are evolving to put automation at the center of the process. Organizations that want continuous improvement must treat automation as core infrastructure, especially for monitoring controls, collecting evidence and surfacing real-time compliance data.

The real cost of playing catch-Up

Companies treating compliance as a last-minute sprint face hundreds of thousands of dollars in average costs for CMMC Level 2 alone. They scramble, rush documentation and often fail their first assessment — and non-compliance can come at a hefty price.

Organizations that delay addressing compliance gaps are vulnerable to security risks. IBM’s 2025 Cost of a Data Breach Report showed that noncompliance with regulations increases the average cost of a breach by nearly $174,000.

Regulatory actions are rising too. The Department of Health and Human Services’ Office for Civil Rights issued 19 settlements and over $8 million in fines for HIPAA violations this year to date, already the highest on record for a single year.

Organizations that start early spend less and use compliance as a competitive advantage. When you’re behind, compliance is a burden; when you’re ahead, it’s a differentiator.

What you need to know right now

For CMMC 2.0

If you’re a prime contractor, subcontractor handling CUI, or external service provider in the DoD supply chain, start now.

Identify what type of information you handle, what certification level you need, and define your scope. Build your system security plan early and categorize assets as CUI, security-protected, contract-risk managed or out of scope.

When selecting a C3PAO assessor, look for transparent pricing, strong references and clear data-handling processes. You can achieve conditional certification with a plan of action and milestones, but you have only 180 days to remediate and must score at least 80% in SPRS.

For FedRAMP 20x

Keep in mind that FedRAMP isn’t a one-time audit. The true 20x objective is not just to speed up authorizations, but to achieve smarter and stronger security — and this requires preparation.

These steps are non-negotiable:

• Build continuous monitoring infrastructure and processes from day one.
• Ensure your authorization boundary is correct and your architecture documentation is precise. Ambiguity causes delays that stretch timelines beyond a year.
• Automate evidence collection and continuous monitoring for monthly deliverables required to maintain authorization.

For AI governance

Federal AI regulations are quickly moving from principles to requirements. Establish AI governance councils now. Inventory AI systems comprehensively, document training data provenance, implement bias testing protocols and create transparency mechanisms.

As OMB and NIST frameworks take hold, AI governance will become a standard procurement requirement through 2026.

Five steps to start today

1) Start with an honest gap assessment.

Most companies are further behind than they think, particularly on incident response and supply chain risk management. Know your baseline before building your roadmap.

2) Treat documentation like code.

Your system security plan, policies and authorization package shouldn’t be static Word documents. Your documentation needs to be a living architecture that is version-controlled, regularly updated and, ideally, machine readable.

3) Build compliance into procurement.

Create vendor risk assessment processes that evaluate CMMC readiness, FedRAMP authorization status and AI governance practices before signing contracts. For CMMC, ensure vendors provide Customer Responsibility Matrices documenting which NIST 800-171 controls they are responsible for.

4) Invest in your people.

Build exceptional compliance programs by upskilling existing staff. Send operations teams to CMMC training. Have developers learn secure coding for FedRAMP environments. Create AI literacy programs. Make compliance competency a core skill.

5) Prepare for continuous monitoring.

CMMC includes provisions for ongoing assessments and affirmations of compliance. FedRAMP requires continuous monitoring. AI governance demands continuous bias testing. Invest in automation systems and tools like trust centers that are able to demonstrate your up-to-date security and compliance posture any day of the year.

The opportunity in the complexity

Despite the challenges, companies getting compliance right are winning work they couldn’t before. Defense contractors and small businesses can use CMMC certification to compete for prime contracts. Cloud service providers who achieve FedRAMP authorization can significantly accelerate their federal sales cycles, cutting months from procurement timelines. AI startups land pilots by demonstrating responsible AI practices.

The companies that thrive treat compliance as something they control, not something that happens to them. They build security-first cultures, invest in the right tools and training, and transform compliance from cost center to competitive advantage.

The best time to start was yesterday. The second-best time is today, because 2026 promises even more compliance complexity, and it’s coming faster than you think.

Shrav Mehta is the founder and CEO of Secureframe.

The post Getting ahead of CMMC, FedRAMP and AI Compliance before it gets ahead of you first appeared on Federal News Network.

Terry Gerton Well, as we speak, the shutdown is at least temporarily over, but it left some major disruptions in its wake and one of those programs that we want to talk about today is the National Flood Insurance Program. Can I ask you first to tell us what that program is, but then also talk about how the shutdown and the extension of the shutdown affected that program?

Nicole Upano Sure. The National Flood Insurance Program is an important program for single-family home buyers as well as multifamily owners and operators. It is a backstop to ensure that borrowers have flood insurance even in areas where there is elevated risk, and private insurance companies may be less likely to offer coverage in that area without having some sort of elevated cost because of their risk. So it’s a very important program for many Americans.

Terry Gerton  And it really provides a a stability in markets that are flood prone, right?

Nicole Upano That’s exactly right, Terry. It is an important program for many Americans. It provides stability in the market if there is a national disaster to ensure that money flows back into that community for rehabilitation and repair.

Terry Gerton And during the shutdown, NFIP’s borrowing authority dropped dramatically. What does that mean in terms of practical terms?

Nicole Upano That means that, as I had mentioned previously, this program is an important — or, flood insurance is an important part of home sales and multifamily sales. And without that borrowing authority, those purchases could not move forward since it is a contingency to home buying. And there also is that greater risk that if a natural disaster could occur, that there wouldn’t be an ability to fill those claims and push financing back into those communities.

Terry Gerton So the way that works then is in a disaster FEMA actually uses that borrowing authority to pay out the claims that it may receive. Is that correct? That’s right. So then how did the lapse in the NFIP operations affect home buyers who rely on that flood insurance to maybe close on a mortgage?

Nicole Upano We have certainly seen this across the federal government for many HUD-assisted or agency-assisted programs, that it put a pause in those home sales until the government is back up and running and doing the people’s business.

Terry Gerton So we’re in a continuing resolution now. Did the CR provide additional borrowing authority for FEMA through the National Flood Insurance Program?

Nicole Upano Yes, it sure did. It reauthorized it since September 30. And there is a piece of bipartisan legislation that was also offered that would reauthorize the program until 2026 to provide even greater certainty for homebuyers and and renters across the country.

Terry Gerton Does that mean that folks who were kind of in limbo for the last 40+ days of the shutdown can renew their policies or maybe submit their claims? Does that open the window back up? Yes, it certainly does.

Terry Gerton I’m speaking with Nicole Upano. She’s the AVP for housing policy and regulatory affairs for the National Apartment Association. So, Nicole, let’s go back to this, the program itself, even with existing policies still active, there were some limits. What do policy holders need to know about their coverage, their claims, and their change in funding if we should find ourselves in another funding lapse, perhaps?

Nicole Upano Sure. So if someone had a valid policy during the shutdown, those remained valid throughout the shutdown. But if in terms of a new policy or a renewal, that’s where the rub would be, as well as potentially processing any claims, there would be limitations on that.

Terry Gerton Did you see any misconceptions or misunderstandings on the part of policy owners about what services and coverage would be available to them during the shutdown?

Nicole Upano NAA represents professionally-owned and managed housing across the country. And so they kept the shutdown and any implications very much top of mind and continue to use NAA as a resource to get the most up to date information.

Terry Gerton And so you’re dealing with apartment owners, condo owners, those kinds of things. What are some of their biggest questions when it comes to the NFIT program?

Nicole Upano Well, for our members, they are looking across the federal government at all the implications. For example, HUD and FHA, they provide financing and backing not just for affordable housing but for market rate housing as well. So there was an issue with those closings. And while Section 8 and USDA rural housing — you know, rural housing benefits for renters and their families in rural areas — while those benefits did benefit from an advanced appropriation, there was that similar issue, similar to the NFIP, that renewals and new applications could not be processed and there would have been payment uncertainty for those renters and their families. And so having government back up and running and doing the people’s business is important to both housing providers and renters to ensure the stability of those properties and that renters in those communities remain stable.

Terry Gerton NAA is obviously very sensitive to the real estate market, especially in flood prone or disaster prone areas. Beyond NFIP itself, what does this moment really reveal about the fragility of our disaster response programs and how people can get relief if they’re affected?

Nicole Upano Sure, that’s a great question. Many of the federal government’s housing programs are not mandatory appropriations. And we’ve seen that with other industries, that they are seeking now opportunities to have a backstop if and when this happens again to ensure that agencies can access reserves or that they can expand their budget authority in these times, knowing that eventually the government will be back up and running. And folks will be repaid

Terry Gerton How should policymakers then or legislators be thinking about long-term resilience and continuity for programs like NFIP, especially as climate risks grow and shutdowns maybe remain a threat?

Nicole Upano We would certainly encourage policymakers to reevaluate whether some of these programs should have a mandatory appropriation so there won’t be disruptions. We never know what’s going to happen, certainly with climate risks and change across the country, and so having that certainty is critical.

Terry Gerton So what is NAA’s message then to housing providers and renters on navigating these kinds of disruptions? What do they do to stay informed? How do they make sure that they’re current? What’s your advice?

Nicole Upano Yeah, so NAA continued to release live updates on our website to our members. We continue to encourage our members to work with their residents as their business allows and provided them with resources and how to navigate those conversations. We were pleased to see that the the CR does include a reversal of the rifts that happened during the shutdown. And especially for folks in the DMV, this is extremely helpful to ensure there’s certainty for those residents and that housing providers can know they have a stop gap at the end of the day.

Terry Gerton And what are you hearing from lawmakers? Are they inclined to support those kinds of proposals?

Nicole Upano Yeah, as you can see from the bipartisan legislation to reauthorize the program in 2026, this program has long had bipartisan support. We just want to use this time to encourage policymakers to take that next step.

The post The federal flood insurance program is key to stable housing markets, the shutdown revealed its fragility first appeared on Federal News Network.

Interview transcript

Terry Gerton John, I wanna start with you. You’ve been with the shared services concept for a long time. You’ve seen Trump 1 and Trump 2. Tell us how their approach differs across the different administrations.

John Marshall Well, thanks, Terry. It’s a great question. We’re not really sure what the approach is for the current administration yet because they haven’t released a president’s management agenda, but we can get some signs from what we’ve seen out there and kind of reading the tea leaves a bit. But the first Trump administration had a very clear plan. It was announced in OMB Management Memorandum M-19-16 and included an innovative approach to creating a marketplace of shared services providers through four quality service management offices, or QSMOs, that were set up to manage financial management, human resources, cybersecurity, and grants marketplaces. Those were allowed to continue through the Biden administration. They weren’t really expanded or empowered very strongly or resourced, but they still have existed. But we haven’t seen the Trump administration, the second Trump administration, endorse or expand them. They seem to be continuing the financial management and grants. We’re not sure about cybersecurity and HR. So, a lot is yet to be seen. What we have seen from the new, the second Trump administration is a strong focus on centralization and consolidation of common services. They don’t seem to include some of the key features of shared services that we’d like to see, but they’re heading in a positive direction and we like most of what we’ve seen so far.

Terry Gerton Well Steve, let me turn that to you then because in addition to what John’s talking about the centralization approach, the Trump 2 administration has issued executive orders around acquisition, HR and financial management. Are you seeing that approach get traction in any particular way?

Steve Goodrich They are a little bit. As you know, GSA is also revamping the FAR and actually to include shared services within Section 8 of the new FAR when it’s issued. GSA is focused on procurement, OPM is focused on HR, Treasury is focused on finance. They all are starting to make traction in a centralization model, and they’re at at different levels or different stages right now. But they’re certainly getting there. OPM has their RFP out to try to develop a centralized approach for government-wide HR support services. GSA is pulling procurement into GSA more and more. And Treasury is at its beginning stages working with its QSMO actually to develop and make sure they have the systems and the foundation before they can start operations down the road.

Terry Gerton So John, in Trump 1 you made the point that there was a lot of it space for initiative and choice in the marketplace. Centralization seems to be pulling that back. Are you seeing agencies respond in a positive way?

John Marshall I don’t think we have really a lot of great feedback coming from the agencies yet. They haven’t been very communicative about their adoption or their plans for centralization to shared services. So a lot has yet to be seen. We’re kind of reading between the tea leaves right now and trying to determine how things are gonna sort out and what the agency responses will be.

Terry Gerton In market theory, markets will be more efficient than a centralization model. What do what do you have as an expectation here?

John Marshall Well, we have a lot of reasons to prefer a market-based approach because of competition, and particularly a marketplace would allow industry service providers to participate and compete with government service providers. We’re a little uncomfortable with the idea of just consolidating everything in centralized, government-delivered, government-operated functions because they tend to — over time they become monopolies and pretty bureaucratic. And so we like the idea of having a more open marketplace where competition can drive continuous innovation and customer choice and let the marketplace then sort out the winners and losers.

Terry Gerton I’m speaking with John Marshall. He’s the founder and CEO of the Shared Services Leadership Coalition. And Steve Goodrich, [who] chairs the SSLC board. So Steve, let me come back to you then. Shared Services Leadership Coalition has proposed a more competitive standard-based model. Tell us about that and how your proposal differs from what you’re seeing the administration currently implement.

Steve Goodrich Well, the administration is trying to move fairly quickly right now and with technology solutions, frankly, before they get processing governance and policy and data reform in place. So they’re moving out fast. The centralization model, as John says, may not be the optimal model to get there. What we’re proposing is a strong mandate for shared services. Because as you know, it’s come and gone from over the last forty years from administration to administration. And to get there, we need Congress really to mandate it so we can consolidate the common services across government to get there. Two, we need a strong governance structure to be able to operate, lead this across agencies and get the right mandates and security and systems and so forth and so on. Within that, we then need to do the right analysis and design of the right approach to make sure we’re consolidating appropriately, that we’re getting the duplication of systems and processes down and we can actually measure the outcomes that we’re getting to make it happen and then have an effective transition process.

Terry Gerton Tell me about your governance model. Who would be in charge of oversight there?

Steve Goodrich Well, our proposed model we have the OMB DDM as the policy director, if you will, for this and the authority. We have GSA leading the operations through a management center. And then there’s roles for the PMC, there is roles for the agencies advisory going through this as well. And you have the operating centers to make sure this is done and done right.

Terry Gerton Are you hearing from any of those agencies that they’re interested in taking on that governance role?

Steve Goodrich There’s — GSA would have interest in getting there. As you know, OSP, which has been drawn back over the years, was the original design, as the M-19-16 says, is the coordinating element. But our proposed legislation would actually give it the authority it needs, led by a commissioner within GSA for government operations with which to get there.

Terry Gerton So John, let me come back to you because you mentioned something in your last response that I think ties in with this governance piece. When you get a government centralized service function, it tends to become a monopoly, but it’s also really hard to invest in technology modernization. How would you see this centralization model staying current and actually addressing the service concerns of the federal agency constituents?

John Marshall That is a great question. And I think that the flip side of that question sets up the response that we would like to see, which is the marketplace, because if you had a marketplace with industry and government service providers, you would have continuous competition across the service providers and customer choice, which would — which should provide the incentives to drive innovation in the marketplace by all those providers. So it’s a really important feature that we think ought to be incorporated. And we’re concerned that government centralized services haven’t had access to appropriations or technology modernization funds for modernization. So we’re concerned that they would follow the example that we’ve seen too often of centralized service providers not modernizing, not keeping up and becoming non-responsive and antiquated over time.

Terry Gerton Steve, you want to follow up?

Steve Goodrich Yeah, I would. You can look at good models like Canada, Texas has done a pretty good job of developing partnerships with industry. And so that moves away from the traditional FAR firm-fixed price contract approach, where as technology advances, as process or new policies advance, the companies involved, the partnership involved are responsible for the implementation and bringing those two new technologies to the forefront without contract change orders and things like that, it’s built into the process.

Terry Gerton So Steve, as you look forward, what sorts of policy or legislative change is SSLC recommending?

Steve Goodrich So, it really tees off what I was saying before, putting a piece of legislation in place that mandates shared services, that sets up the governance structure, that ensures that there is metrics, both performance and outcome metrics that are measured and reported back to Congress and the President that involves the PMC in this process and builds the strong demonstrated consolidation of common services across government to save money, to improve data, to reduce duplication, to get us there finally with a modernized system of policy, process and data.

Terry Gerton So John, I wanna wrap up with you. Legislative change is sometimes an interesting windmill to tilt at, but in the absence of that change, if the administration continues with its policy of centralization, what should agencies and industry partners be doing to prepare for that?

John Marshall Watching and seeing what comes out from the administration and and following suit. But we we’d like to see more interest in Congress and it’s hard to get legislation passed in this area. We’ve been trying at this for 10 years. We’ve seen the history of legislation, the CFO Act, GPRA and so many other landmark pieces of management legislation. They take a long time and the incubation period is a long time. So we’d like to see industry working with us and agencies showing support for a more fundamental transformational approach like we’re offering. And don’t forget, Terry, what we’re proposing is a mainstream business model that’s used by 80 or 90 percent of Fortune 500 companies for managing common services. And the potential savings are tremendous. We’ve estimated $75 to $100 billion dollars in potential savings. So that’s really what’s on the table for the value, not just improved services for employees and for customers of the government and taxpayers. This is a great opportunity that the government shouldn’t miss.

Terry Gerton Steve, let me give you the last word.

Steve Goodrich Yeah, John and I like to joke sometimes that — and it’s true, it’s not a joke — for over 40 years we’ve been sitting in meetings around shared services with OMB and oversight agencies, and it ebbs and flows from administration to administration, or they just dance around the edges. A bill passed and signed by the president will finally give it the energy and resources it needs to move it forward.

The post Centralization is back in vogue, but is it the right model for government shared services? first appeared on Federal News Network.

Terry Gerton This might be a big week on the Hill. The House is planning to bring the National Defense Authorization Act to the floor for a vote. It’s obviously a topic we talk a lot about, but last week there were a lot of let’s just say, conversations about what might be in it and how it might go. So tell us about what’s going on behind the scenes.

Loren Duggan Well, this bill is a must pass piece of legislation. They’ve been doing it for decades and they always want to get it done by the end of the year. And this year there aren’t a lot of other end-of-year vehicles, so it’s kind of become an attractive venue for discussions about a number of issues. So that’s kind of what’s been going on. It’s probably less about the core part of the NDAA and more about some of the ancillary things or related things that people want to get in there or keep out of there as the case may be. We saw a particularly big dust up you might be referring to between Elise Stefanik, who’s a member of leadership, but was mad at her own leader, Speaker Mike Johnson, about trying to keep something out. And in the end they worked something out and that was getting resolved toward the end of the week. But that was just one of the flashpoints that leaders were dealing with trying to assemble this very important bill.

Terry Gerton It is normally a bipartisan bill. Is there a chance that, you know, that that’s not going to be true this time, even with the slim majority in the House?

Loren Duggan It may still be bipartisan because they do try to work things out. And, you know, sometimes the initial versions that come out of the House are particularly partisan because of riders or language that the minority party might not like. But they were reaching for consensus here. They were trying to get the four corners to agree on things before they went in. That’s the chairman and ranking member of the House and Senate committees, not just the defense committees in this case, but sometimes the other committees that had legislation that was in the mix. So they’re trying to get a bipartisan package that can get through because you might lose people on either side, but maybe you have the consensus you need to get something through. So we’ll be watching that vote counting very closely as they move toward the vote.

Terry Gerton Is there any aspect of the move forward on the NDAA that is also impacted by the hearings on the Hill last week about the counter drug operations in the Caribbean?

Loren Duggan Those two things seem to be on different tracks. I mean, obviously they’re related. It’s about the Defense Department and the defense secretary and what people might think there. But the legislation and setting policy is sort of moving in one direction, but some of the same players are also very much involved in reviewing what had happened with the ordering of these strikes and the chain of command and all the issues. We had the members watching the video over on the Senate side and reacting to that last week. I think that will continue. It may be brought up in the context of the debate or larger questions, but I think the bill will move regardless of that. And Congress can — because they do this every year — revisit it in next year’s NDAA or perhaps in other legislation because we’ve already seen members talking again about maybe war powers or other things they might tap into there.

Terry Gerton Well we’ll see how that comes about. But speaking of votes, there is also supposed to be a vote in the Senate this week on the health care premium subsidy extensions. What’s the prognosis there?

Loren Duggan Well, this was part of the agreement to reopen the government was that there would be a vote by I think December 12th was it, so Friday, on some sort of vote around the ACA extensions that are expiring at the end of the year. Chuck Schumer, the Democratic leader in the Senate, said he’d aim for a three-year extension, which would take us obviously beyond the next election. That’s a different proposal and one of many proposals that are floating around. We’ll be watching to see, does the GOP answer with their own proposal, and what does this mean for the House, if anything? So, going toward the end of last week, there was still no consensus on how this would be fixed. It will have to be bipartisan, obviously, to get over the line and we may not be there by the end of the week. But maybe we’ll have some discussion and votes ahead of that.

Terry Gerton And Mike Johnson’s trying to put a package together on the House side as well, right?

Loren Duggan Right. And there’s more than just the ACA being talked about here. There’s health savings accounts ideas or other things that members might want to pursue. You kind of got this short term issue of, what do you do with the subsidies for next year, but then there are a lot of people who are trying to bring in, what does this mean overall about the Affordable Care Act, the nature of the markets, does there need to be a broader sweep of changes? … There’s not really consensus on anything broader than this. And we’ll have to see if there can even be consensus on the smaller question of what to do with the subsidies.

Terry Gerton I’m speaking with Loren Duggan, deputy news director at Bloomberg Government. Well, Loren, at this time of year, every time we talk, we talk about the status of the rest of the appropriations. Shutdown, or [the] continuing resolution expires at the end of January. What are you seeing in terms of the move forward on the other bills?

Loren Duggan I’m sort of seeing a kind of a whimper on that going into the end of the year. To be honest with you, January 30 is a long time away. There’s been a lot of talk about what would be in a next minibus package that the Senate might consider, but that hasn’t been moving forward. Votes haven’t been scheduled. And without that sort of end-of-the year deadline or mid-December deadline that often drives that activity, they have more time, and usually work expands to the time allotted. And I think we might see that here. So, not clear that we’ll get more votes by the end of the year on that. There are a lot of issues they’re trying to work through. But that will be, if they don’t do it now, obviously top of mind when they return in early January, ’cause the clock will be ticking.

Terry Gerton Loudly at that point. A different topic, and we don’t cover the court very often, but there’s a very important case on the Supreme Court docket for today dealing with the president’s effort to fire a member of the Federal Trade Commission. Tell us what your team is watching there.

Loren Duggan Well, part of our organization is Bloomberg Law and they cover many court developments around the country and certainly at the Supreme Court. They’re watching this very closely because it has huge implication for independent regulators. As you mentioned, Kelly Slaughter, who was a FTC commissioner, was fired by the president and has had a court battle that’s now reached all the way up there. And it goes back to a precedent called, I think it’s Humphrey’s Executor — which there are many people in this building who are far more versed than I in that. But it’s gonna be closely watched because what is the nature of an independent regulator? What is their power vis-a-vis the rest of the executive branch? Big questions there that have effects on a lot of different institutions, and therefore a lot of different regulated entities by those institutions. So we’ll be watching the arguments and then the decision whenever that comes will be very closely watched.

Terry Gerton So what else are you watching for the coming week?

Loren Duggan Well, we’re watching the Senate try to move forward on another batch of nominees. I think it’s 90 or so. They tried to do it last week, but there was a procedural hiccup, so they’re starting over. But that would be, if they could get that done, another 90 Trump appointees on the job by the end of the year, which Republicans would like. And we’re also watching hearings. There’s a lot of other nominees going through and there’d be a flash of celebrity. Gene Simmons of KISS is actually scheduled to be up on the Hill. So we’d be watching to see what he brings. Always interesting when you have kind of that celebrity star power trying to shine light on an issue.

Terry Gerton That’s a hearing near and dear to the heart of radio broadcasters everywhere. So we’ll be watching it as well.

Loren Duggan Excellent.

The post House drama over the defense bill sets the stage for a high-stakes December on Capitol Hill first appeared on Federal News Network.

A three-judge panel ruled Friday that President Donald Trump’s firings without cause of Cathy Harris and Gwynne Wilcox, Democratic members on the Merit Systems Protection Board and the National Labor Relations Board, were lawful.

The split 2-to-1 panel decision of the D.C. Circuit Court of Appeals has no immediate effect, since both Harris and Wilcox’s firings were finalized in May. But Friday’s ruling comes as the Supreme Court is expected to soon hear arguments on whether to overturn a 90-year-old ruling known as Humphrey’s Executor — a decision that could expand Trump’s power to shape independent agencies.

In the 1935 Supreme Court ruling on Humprey’s Executor, the justices unanimously found that commissioners can be removed only for misconduct or neglect of duty, effectively limiting when presidents can fire board members.

But when Judges Gregory Katsas and Justin Walker ruled Friday in favor of Trump’s firings of Harris and Wilcox, they argued that MSPB and NLRB fall outside the limitations stemming from Humphrey’s Executor, and that the president can still “remove principal officers who wield substantial executive power.”

“The NLRB and MSPB wield substantial powers that are both executive in nature and different from the powers that Humphrey’s Executor deemed to be merely quasi-legislative or quasi-judicial,” the judges wrote. “So, Congress cannot restrict the President’s ability to remove NLRB or MSPB members.”

Judge Florence Pan, the dissenting panel member and a Biden appointee, argued that the two agencies do fall under the scope of Humphrey’s Executor, and that maintaining the independence of MSPB and NLRB is critical. She wrote that the Trump administration’s “extreme view of executive power sharply departs from precedent.”

“We may soon be living in a world in which every hiring decision and action by any government agency will be influenced by politics, with little regard for subject-matter expertise, the public good, and merit-based decision-making,” she wrote.

The MSPB is an independent agency responsible for adjudicating appeals from federal employees who allege prohibited personnel practices by their agencies. The NLRB investigates unfair labor practices in the private sector and oversees union elections. Both boards are typically composed of members of both political parties.

Trump fired both Wilcox and Harris within his first few weeks in office, but did not point to a specific reason for the terminations. Wilcox and Harris, both of whom were Democratic board members, sued the president over their removals, arguing that they are protected by a federal law meant to ensure MSPB and NLRB’s independence from political considerations — and that the president can only remove them “for inefficiency, neglect of duty, or malfeasance in office.”

Though a federal judge initially ruled the two terminations were unlawful, the Supreme Court reversed that decision in May, effectively green-lighting the finalization of the board members’ firings earlier this year.

In its May decision, the Supreme Court indicated that it was likely “that both the NLRB and MSPB exercise considerable executive power,” which it said would make restrictions on the president’s ability to fire them unconstitutional. Friday’s panel ruling aligns with the Supreme Court’s initial arguments.

The Supreme Court is expected to hear arguments Monday on Trump’s firing of Rebecca Slaughter, a Democratic member of the Federal Trade Commission — a case that may further influence the outcome of both Harris and Wilcox’s terminations.

The Associated Press contributed reporting.

The post Appeals court backs Trump’s firings of MSPB, NLRB members first appeared on Federal News Network.

America’s AI Action Plan outlines a comprehensive strategy for the country’s leadership in AI. The plan seeks, in part, to accelerate AI adoption in the federal government. However, there is a gap in that vision: agencies have been slow to adopt AI tools to better serve the public. The biggest barrier to adopting and scaling trustworthy AI isn’t policy or compute power — it’s the foundation beneath the surface. How agencies store, access and govern their records will determine whether AI succeeds or stalls. Those records aren’t just for retention purposes; they are the fuel AI models need to power operational efficiencies through streamlined workflows and uncover mission insights that enable timely, accurate decisions. Without robust digitalization and data governance, federal records cannot serve as the reliable fuel AI models need to drive innovation.

Before AI adoption can take hold, agencies must do something far less glamorous but absolutely essential: modernize their records. Many still need to automate records management, beginning with opening archival boxes, assessing what is inside, and deciding what is worth keeping. This essential process transforms inaccessible, unstructured records into structured, connected datasets that AI models can actually use. Without it, agencies are not just delaying AI adoption, they’re building on a poor foundation that will collapse under the weight of daily mission demands.

If you do not know the contents of the box, how confident can you be that the records aren’t crucial to automating a process with AI? In AI terms, if you enlist the help of a model like OpenAI, the results will only be as good as the digitized data behind it. The greater the knowledge base, the faster AI can be adopted and scaled to positively impact public service. Here is where agencies can start preparing their records — their knowledge base — to lay a defensible foundation for AI adoption.

Step 1: Inventory and prioritize what you already have

Many agencies are sitting on decades’ worth of records, housed in a mix of storage boxes, shared drives, aging databases, and under-governed digital repositories. These records often lack consistent metadata, classification tags or digital traceability, making them difficult to find, harder to govern, and nearly impossible to automate.

This fragmentation is not new. According to NARA’s 2023 FEREM report, only 61% of agencies were rated as low-risk in their management of electronic records — indicating that many still face gaps in easily accessible records, digitalization and data governance. This leaves thousands of unstructured repositories vulnerable to security risks and unable to be fed into an AI model. A comprehensive inventory allows agencies to see what they have, determine what is mission-critical, and prioritize records cleanup. Not everything needs to be digitalized. But everything needs to be accounted for. This early triage is what ensures digitalization, automation and analytics are focused on the right things, maximizing return while minimizing risk.

Without this step, agencies risk building powerful AI models on unreliable data, a setup that undermines outcomes and invites compliance pitfalls.

Step 2: Make digitalization the bedrock of modernization

One of the biggest misconceptions around modernization is that digitalization is a tactical compliance task with limited strategic value. In reality, digitalization is what turns idle content into usable data. It’s the on-ramp to AI driven automation across the agency, including one-click records management and data-driven policymaking.

By focusing on high-impact records — those that intersect with mission-critical workflows, the Freedom of Information Act, cybersecurity enforcement or policy enforcement — agencies can start to build a foundation that’s not just compliant, but future-ready. These records form the connective tissue between systems, workforce, data and decisions.

The Government Accountability Office estimates that up to 80% of federal IT budgets are still spent maintaining legacy systems. Resources that, if reallocated, could help fund strategic digitalization and unlock real efficiency gains. The opportunity cost of delay is increasing exponentially everyday.

Step 3: Align records governance with AI strategy

Modern AI adoption isn’t just about models and computation; it’s about trust, traceability, and compliance. That’s why strong information governance is essential.

Agencies moving fastest on AI are pairing records management modernization with evolving governance frameworks, synchronizing classification structures, retention schedules and access controls with broader digital strategies. The Office of Management and Budget’s 2025 AI Risk Management guidance is clear: explainability, reliability and auditability must be built in from the start.

When AI deployment evolves in step with a diligent records management program centered on data governance, agencies are better positioned to accelerate innovation, build public trust, and avoid costly rework. For example, labeling records with standardized metadata from the outset enables rapid, digital retrieval during audits or investigations, a need that’s only increasing as AI use expands. This alignment is critical as agencies adopt FedRAMP Moderate-certified platforms to run sensitive workloads and meet compliance requirements. These platforms raise the baseline for performance and security, but they only matter if the data moving through them is usable, well-governed and reliable.

Infrastructure integrity: The hidden foundation of AI

Strengthening the digital backbone is only half of the modernization equation. Agencies must also ensure the physical infrastructure supporting their systems can withstand growing operational, environmental, and cybersecurity demands.

Colocation data centers play a critical role in this continuity — offering secure, federally compliant environments that safeguard sensitive data and maintain uptime for mission-critical systems. These facilities provide the stability, scalability and redundancy needed to sustain AI-driven workloads, bridging the gap between digital transformation and operational resilience.

By pairing strong information governance with resilient colocation infrastructure, agencies can create a true foundation for AI, one that ensures innovation isn’t just possible, but sustainable in even the most complex mission environments.

Melissa Carson is general manager for Iron Mountain Government Solutions.

The post Three steps to build a data foundation for federal AI innovation first appeared on Federal News Network.

Interview transcript

Terry Gerton You have spent a lot of time on the Hill lately talking to lawmakers about ways the VA could modernize access to care. Tell us both what your message is and what you’re hearing from the lawmakers.

Sean O’Connor Yeah. And maybe before that, Terry, just to touch on why we think this is so important or why personally it’s so important to me. And then thank you again for having us, and [I’m] looking forward to having this conversation today. So just at the start, I’m a third-generation veteran. Both my grandfathers fought and served in World War II, one in the Pacific, one in Europe. My father and my uncles all served during the during the Vietnam era. And I’m a 9/11 vet and served during nine eleven. So since the 1940s, my family has been, you know, leaning on and relying on the VA for all kinds of support and care. So, it’s a mission and it’s an institution that’s very important to me personally and very important to the fabric of our country. So, I think it’s no surprise the VA has struggled, you know, being in the early forefront of EHR … adoption to kind of being a laggard now in kind of EHR modernization. And there’s 9 million vets that really struggle to get access to timely care for some of the services they need as the VA works to modernize. So we’ve been spending a lot of time just talking to some of the leadership on the Hill around the momentum that seems to be building to try to modernize finally and kind of make access to care easier for veterans and and trying to make sure that as community care grows and the VA and veterans have more options to seek care both inside and outside the VA, that we really move the needle on reducing time to care and improving efficiency of care delivery for veterans. So that’s where we’re trying to, you know, spend time talking to the folks in SVAC and the Hill about, and learn about some of the strategies people are trying to implement when it comes to the Dole Act and some of the other things that people are trying to advance when it comes to improving access to care for veterans and really, we’re a small technology company that focuses on healthcare access. And we’re just, you know, trying to support improving access to care for veterans wherever and whenever we can because it’s a really important institution. It’s the largest health system in our country. And it’s probably one of the most outdated when it comes to the complexity of modernizing care for scheduling and finding appointments for veterans. And there’s a lot of things that I think we can do to help the VA as they work to improve some of those services.

Terry Gerton You’ve said that the VA was built for the last century and you’ve just mentioned the Electronic Health Record that the VA spent billions of dollars on and still doesn’t have an operational system. What would you recommend in terms of practice for modernizing some of those administrative functions of the VA?

Sean O’Connor Yeah, it’s complicated. So I’m not suggesting this isn’t complicated. It’s, the VA has gone through four different attempts to try to modernize and it’s still not successful yet in trying to get to the end goal of improving access to care for veterans and having a global view of care. So I think the first thing we’ve been talking to folks about is, today everything works in silos. And it’s tough to leverage the size and sophistication of the VA caregivers when everything’s in silos. And there’s close to 130 different VistA instances, a growing number of Oracle instances. And one of the leaders we talked to at the VA last time we were in D.C. said that the complexity of VA care delivery is beyond human comprehension. There’s how customized each of those VistA instances are. They’re all a unique Snowflake. They don’t talk to each other, they don’t share inventory. One of the VISNs we’re talking to now about a project, there’s roughly 10,000 appointments that go unutilized every month in his hospital because these different EHR instances don’t talk to each other. So one of the first things we’re talking about is, you know, trying to break down those data cells to bring all the supply and all the demand into one queue. And this is what we do for some of the other largest health systems in the country, Kaiser and other folks, where we take this global view of inventory and then you can use, you know, AI and some of these sophisticated navigation tools that have been built in the digital age of healthcare since the pandemic, to start to look at how you load balance that network a little more efficiently, how you share resources, how you improve internal utilization, improve efficiency, and reduce care gaps across boards. So I think until the VA finds a way through either a massive conversion to a centralized EHR or finding ways to work with technology entrepreneurs and vendors that can break down some of these data silos, they’ll continue to have the problem of trying to transition to a large EMR system in Oracle and through that process still have these 130 other systems and up to 24 different scheduling solutions that have been customized across the various VISNs, none of them working together, none of them sharing information across each other. So you have the largest health system in the country, 9 million veterans and their family members that we’re supposed to provide and care for, and none of this stuff talks to each other to share capacity, to share utilization, to share best practices. It’s a very fragmented, siloed and complicated environment. So until we find ways to break down those silos and share, leverage the power of tech and data to kind of level that playing field, it’s going to be very difficult to move anything in a substantial manner, we think.

Terry Gerton I’m speaking with Sean O’Connor. He’s a Navy veteran and co founder and chief strategy officer at DexCare. The VA is not the only federal agency that’s bad at a big bang tech deployment. So when you talk about an agency-wide solution that breaks down silos, anybody who’s been around for a while probably rolls their eyes at us. What would intermediate sorts of technology be that could provide some solution while an agency-wide solution is underway?

Sean O’Connor Yeah, we’ve been a big proponent in working with other really large healthcare systems in the country and doing, you know, scalable, strategically thought-out proof of concepts and smaller fragments first and then learning and scaling and iterating and adopting quickly. So I think one of the things the VA has for it is it does have the VISN network and the ability to kind of do proof of concepts in some of these smaller regional health systems, learn, iterate and adopt and then look to scale from there. We think that’s the best way to do this stuff. That’s how we’ve done it with Kaiser and some of these other really large healthcare systems. You do smaller proof of concepts, you learn the integration points that are important to move the needle. You begin with the end in mind and understanding the success metrics that are going to be important to drive this. And then you learn, iterate and scale quickly from there with bottom-down and top-down support is the only way to kind of move these things. And at the same time, being very conscious of the providers as well. So all of the technology companies we’ve built, we built inside of large healthcare systems. And often cases, technology is only 50% of the problem. Understanding the provider and the change management and the amount of pressure that those folks are under to provide care, and not being disruptive to their workflows and making their lives less efficient. You have to be very thoughtful about that, or none of the stuff is going to go anywhere. You can’t just have tech for tech’s sake. It has to understand the provider world and how the provider interacts. And you have to be very purposeful in how you build these things out to scale from the bottom up over time.

Terry Gerton One of the big points that you’ve emphasized is real time access to care, especially for mental health services and especially in rural communities. Those are two big complicating aspects of the VA’s network. How can the VA think about addressing those kinds of issues? Is it a technology solution? Is it a culture solution? How do they get on to real time care, especially in mental health?

Sean O’Connor I think it’s both. And I think the hard part is it’s probably more culture than technology. But it’s a — I don’t know of a bigger issue for us to kind of rally around as a community to try to improve access care of veterans than this. So when I transitioned from the service in 2004, the VA received roughly $21 billion to support its mission, and 17 men and women took their life every day to suicide: friends, brothers, sisters, husbands, wives. Fast forward to 2024, the VA received $121 billion to support its mission, and that number is still the same. Roughly 17 men and women, brothers, sisters, mothers, daughters took their lives to suicide. We’ve lost more people to suicide in the last 20 years than we did in, you know, during the 9/11 era and supporting the 9/11 kind of ground-on combat. So it’s it’s a crisis that’s not talked about. We haven’t really moved the needle on it despite spending over $100 billion more to support the healthcare delivery mission of the VA. So it’s clearly not just a technology issue, but not having — going back to your first question, Terry — not having the ability to share resources across the network and reduce time to care and make it easier for vets to find and get into the services initially is a problem. I won’t say that’s the biggest problem, but it certainly doesn’t help. So … mental health services in the veteran community is a really complicated issue … It’s not just about having access to cares. You know, a big portion of people that need the care aren’t even enrolled in the VA, and then there’s a homeless population that’s not enrolled in the VA. And how do you how do you outreach and bring those folks in that need the help the most? So it’s a complicated issue, but not being able to have one 24/7-365 on-demand network that shares capacity across mental health services for the VA is an issue as well. And the technology issues are easier to address. We just got to have people that are willing to address them. The cultural issues and the stigmatism around, you know, raising your hand for help is a harder issue to address, but it’s just something we gotta continue to talk about because it’s a travesty that in over 20 years, that number really hasn’t moved, despite putting, you know, literally over $100 billion more at the overall global healthcare issue.

Terry Gerton Well you talked about capacity there and certainly building out the community network of care is a big issue and a big initiative for VA. Are there issues on the community participant side of this so, that community care providers don’t understand the VA as much as the VA doesn’t understand community care providers?

Sean O’Connor We’re going to run out of time on your podcast. Yes, so that’s to me like, you know, obviously selfishly, like, we want to help the VA as a technology company, but the importance of improving access to care for veterans is at the heart of everything that we’re trying to do here. So the beauty of the VA to me — I mention I’m a third-generation veteran, it is a unique community. So when I when I first got out of the military, I moved to Seattle, like, it was a tough transition going from the military to the corporate world. I didn’t know anybody up here. My family and I grew up in Jersey, all my family was on the East Coast. I would literally just go to the Seattle VA and hang out in the lobby and just talk to people that you know had their Vietnam hat on. It’s a community and a culture that you know, should be protected in this institution, in this country. And some of the caregivers, you know, we’re talking about the technology piece here. These are some of the most mission-driven caregivers in the world. Like, they can make more money outside the VA. They choose to work with this community and this provider network for a reason. So there is an understanding of that that I think we need to protect because there is an understanding of someone that’s come back from deployment and has been through some serious high optempo stuff that comes back, and you just get a different conversation with your primary care provider in the VA than somebody outside the VA. So I think there’s that element that we have to protect. But there’s also the element, frankly, that you know, as a veteran, I like the option to have choice to go outside the VA for services that they may not be expert in. So certainly, you know, wound care, PTSD, that stuff, I think should stay in the VA. But maybe, you know, I’m a former athlete and tore my knee up and can get into an ortho appointment outside the VA. I want to have that optionality. And some stuff like that, the history isn’t as important to the veteran for some of those conditions. So, to have the optionality to go out there and do that is important. But what we’re seeing, at least for some of the areas that we work with is the community providers, one, they don’t have a lot of excess capacity to share with the VA. Every health system is stretched to the gill. Like there’s not a ton of health systems raising hands saying, hey, we have providers sitting on their hands. It’s six to eight months to get into an ortho appointment in some of these large health systems as it is. So to have that capacity to share with the VA, one, is difficult. Some of those things I think are bigger deals than others to your point of, you know, should there be a continuum to care in the VA? I’d argue some services is, just do it in the VA and some are easily, you know, sourced out. And then there’s the whole issue of, when they’re sourced out, how do you manage the care gaps for the veteran? How do we close some of those care gaps as those services continue to rise and the disparate records continue to grow across the network?

The post The VA’s size and complexity may be keeping top tech minds away, and veterans pay the price first appeared on Federal News Network.

Mahri Stainnak got the call the day after President Donald Trump took office: the Office of Personnel Management’s human resources office was putting them on administrative leave “effective immediately,” while the agency “investigates your radical and wasteful DEI activity.”

Stainnak was surprised by the news. Before the Trump administration, they served as OPM’s deputy director of the governmentwide Office of Diversity, Equity, Inclusion and Accessibility. But now they worked as the director of OPM’s talent innovation group, a human resources job focused on recruiting and retaining talent across the federal government.

“I said, ‘Wait a minute, I’m not in diversity, equity and inclusion.’ I started a new role in a job that has nothing to do with diversity, equity and inclusion.’ So I felt incredibly shocked and confused,” Stainnak said.

The second call came 48 hours later: Stainnak, a nonbinary person who had worked in the federal government for more than 16 years, received a reduction in force notice, as part of the Trump administration’s plan to root out DEI programs across the federal government.

Stainnak is now part of a class-action lawsuit filed this week in the D.C. District Court for the District of Columbia.

The lawsuit, led by the American Civil Liberties Union of D.C., claims the Trump administration unlawfully targeted and fired federal employees perceived to be associated with DEI work — even if their current jobs had nothing to do with it.

Mary Kuntz, an attorney at the law firm Kalijarvi, Chuzi, Newman & Fitch, P.C. who is representing the former employees, said the administration’s actions “clearly” violate the Civil Service Reform Act, because employees like Stainnak were fired for previous work in DEI positions.

“You can’t RIF somebody from a position they’re not in,” Kuntz said. “They sought to punish Mahri [Stainnak] for previous DEI work. That’s a violation of the First Amendment.”

Kuntz said the lawsuit claims that the administration’s push to “eviscerate” DEI programs also had a disproportionate impact on people of color, women, non-binary individuals, and violates Title VII of the 1964 Civil Rights Act.

“The DEI folks were working on behalf of people with disabilities, people who are non-native speakers of English. They were advocating for protected groups,” she said.

On the campaign trail last year, President Donald Trump pledged to “eliminate all diversity, equity, and inclusion programs across the entire federal government,” and characterized these programs as promoting “un-American” ideology.

On his first days in office, Trump signed executive orders that directed agencies to create lists of employees associated with DEI going back to Nov. 5, 2024 — the date of the presidential election.  The complaint says agencies were directed to remove those employees, “regardless of their current roles or duties.”

“President Trump’s directives did not merely represent a change in presidential priorities — a normal occurrence when presidential administrations change. Rather, they were targeted actions intended to punish perceived political enemies, as well as to eliminate from the federal workforce women, people of color, and those, like plaintiffs, who advocated for or were perceived as advocating for protected racial or gender groups,” the complaint states.

The complaint says agencies set competitive levels for the RIFs so narrowly that federal employees were unable to compete for retention, and that those impacted by RIFs were not considered for reassignment to other jobs.

“I absolutely feel targeted on the basis of what the Trump administration believes my beliefs are, because I was not working in a diversity, equity and inclusion role in any way at the time when the new administration came in, or at the time I was placed on administrative leave,” Stainnak said.

For all the Trump administration’s actions to strip DEI out of the federal workforce, Kuntz said the president’s executive orders don’t go into any detail to define DEI.

“He characterizes them as illegal and discriminatory and various other things … but doesn’t define them,” Kuntz said. “You can’t decide that somebody is a different party than the party in the White House and decide to fire them on that basis.”

The lawsuit states that the total number of federal employees impacted by the DEI rollback fis unknown, but says news reports suggest it could be “potentially in the thousands.”

The complaint states that at least 40 women or non-binary individuals, and more than 40 people of color received layoffs in connection with the Trump administration’s directives.

Stainnak and their colleagues filed an appeal to the Merit Systems Protection Board in March, but Kuntz said that appeal and similar cases brought before the Office of Special Counsel and agencies’ Equal Employment Opportunity (EEO) offices, have stalled.

In their last role, Stainnak helped agencies recruit top talent into the federal workforce. But they said the Trump administration’s purge of DEI workers has pushed out individuals who worked on bipartisan projects.

Former federal employees leading the lawsuit include a former operations manager at the Department of Veterans Affairs who “helped ensure that veterans were not inhibited from accessing earned benefits due to cultural or socioeconomic barriers,” a Department of Homeland Security Employee who led language competency efforts at the border to advance intelligence gathering and the safety of Immigration and Customs Enforcement officers.

“By illegally targeting people based on the Trump administration’s assumptions about our political beliefs, or by targeting us based on who we are, this administration actually is hurting the people who work and live in this country, because now these dedicated, hardworking federal servants are not in their jobs providing the critical services that they do, whether it’s responding to emergencies like hurricanes and making sure folks have drinking water and shelter, or making sure our transportation systems are safe and timely. This action is really hurting the people who live in this country,” Stainnak said.

The post Federal employees who left ‘DEI’ roles still fired under Trump administration purge, lawsuit claims first appeared on Federal News Network.

The Department of Veterans Affairs is moving toward a more operational approach to cybersecurity.

This means VA is applying a deeper focus on protecting the attack surfaces and closing off threat vectors that put veterans’ data at risk.

Eddie Pool, the acting principal deputy assistant secretary for the Office of Information and Technology at VA, said the agency is changing its cybersecurity posture to reflect a cyber dominance approach.

“That’s a move away from the traditional and an exclusively compliance based approach to cybersecurity, where we put a lot of our time resources investments in compliance based activities,” Pool said on Ask the CIO. “For example, did someone check the box on a form? Did someone file something in the right place? We’re really moving a lot of our focus over to the risk-based approach to security, pushing things like zero trust architecture, micro segmentation of our networks and really doing things that are more focused on the operational landscape. We are more focused on protecting those attack surfaces and closing off those threat vectors in the cyber space.”

A big part of this move to cyber dominance is applying the concepts that make up a zero trust architecture like micro segmentation and identity and access management.

Pool said as VA modernizes its underlying technology infrastructure, it will “bake in” these zero trust capabilities.

“Over the next several years, you’re going to see that naturally evolve in terms of where we are in the maturity model path. Our approach here is not necessarily to try to map to a model. It’s really to rationalize what are the highest value opportunities that those models bring, and then we prioritize on those activities first,” he said. “We’re not pursuing it in a linear fashion. We are taking parts and pieces and what makes the most sense for the biggest thing for our buck right now, that’s where we’re putting our energy and effort.”

One of those areas that VA is focused on is rationalizing the number of tools and technologies it’s using across the department. Pool said the goal is to get down to a specific set instead of having the “31 flavors” approach.

“We’re going to try to make it where you can have any flavor you want so long as it’s chocolate. We are trying to get that standardized across the department,” he said. “That gives us the opportunity from a sustainment perspective that we can focus the majority of our resources on those enterprise standardized capabilities. From a security perspective, it’s a far less threat landscape to have to worry about having 100 things versus having two or three things.”

The business process reengineering priority

Pool added that redundancy remains a key factor in the security and tool rationalization effort. He said VA will continue to have a diversity of products in its IT investment portfolios.

“Where we are at is we are looking at how do we build that future state architecture, as elegantly and simplistically as possible so that we can manage it more effectively, they can protect it more securely,” he said.

In addition to standardizing on technology and cyber tools and technologies, Pool said VA is bringing the same approach to business processes for enterprisewide services.

He said over the years, VA has built up a laundry list of legacy technology all with different versions and requirements to maintain.

“We’ve done a lot over the years in the Office of Information and Technology to really standardize on our technology platforms. Now it’s time to leverage that, to really bring standard processes to the business,” he said. “What that does is that really does help us continue to put the veteran at the center of everything that we do, and it gives a very predictable, very repeatable process and expectation for veterans across the country, so that you don’t have different experiences based on where you live or where you’re getting your health care and from what part of the organization.”

Part of the standardization effort is that VA will expand its use of automation, particularly in processing of veterans claims.

Pool said the goal is to take more advantage of the agency’s data and use artificial intelligence to accelerate claims processing.

“The richness of the data and the standardization of our data that we’re looking at and how we can eliminate as many steps in these processes as we can, where we have data to make decisions, or we can automate a lot of things that would completely eliminate what would be a paper process that is our focus,” Pool said. “We’re trying to streamline IT to the point that it’s as fast and as efficient, secure and accurate as possible from a VA processing perspective, and in turn, it’s going to bring a decision back to the veteran a lot faster, and a decision that’s ready to go on to the next step in the process.”

Many of these updates already are having an impact on VA’s business processes. The agency said that it set a new record for the number of disability and pension claims processed in a single year, more than 3 million. That beat its record set in 2024 by more than 500,000.

“We’re driving benefit outcomes. We’re driving technology outcomes. From my perspective, everything that we do here, every product, service capability that the department provides the veteran community, it’s all enabled through technology. So technology is the underpinning infrastructure, backbone to make all things happen, or where all things can fail,” Pool said. “First, on the internal side, it’s about making sure that those infrastructure components are modernized. Everything’s hardened. We have a reliable, highly available infrastructure to deliver those services. Then at the application level, at the actual point of delivery, IT is involved in every aspect of every challenge in the department, to again, bring the best technology experts to the table and look at how can we leverage the best technologies to simplify the business processes, whether that’s claims automation, getting veterans their mileage reimbursement earlier or by automating processes to increase the efficacy of the outcomes that we deliver, and just simplify how the veterans consume the services of VA. That’s the only reason why we exist here, is to be that enabling partner to the business to make these things happen.”

The post At VA, cyber dominance is in, cyber compliance is out first appeared on Federal News Network.

Interview transcript

Terry Gerton We’re a few weeks past the longest lapse in federal appropriations and maybe looking at another one in the end of January. So I want to work with you to put October and November into context. You’ve seen many shutdowns in your time on the Hill and now at Deloitte. How would you say this one differs from previous episodes, especially when it comes to your area of expertise, tax policy?

Anna Taylor Well, I do think it was different than what we’ve seen in years past. And part of that starts with just the way folks on the hill operated in it. I was really shocked that — my first sign that something was different was — I was shocked when I heard reporting that … the members and the staff that work in the Capitol building had left before we even hit midnight the night that we entered the shutdown. That’s not normal. In years past in shutdowns, you have frantic work happening behind the scenes where they’re trying to see if there’s any way to find a deal. And it was just obviously clear to all of them that they were so far away from a deal at that point that there was nothing to do. And so they left the building. And that was my first sign that this one was not normal and we were in for a longer shutdown. You know, in terms of the impact it has on tax administration and tax policy, it’s significant. You know, the fact that you had so many furloughed workers in the federal workforce and specifically at IRS and in Treasury, during that extended period definitely has an effect on customer service. It has an effect on their ability to move forward with their reg writing and guidance plans, which is in this moment, you know, where we’re just getting through a big piece of legislation, the One Big Beautiful Bill Act that was signed into law back in the summer, and they’re in a very significant guidance process to go along with that bill right now. There’s a lot of work that needs to get done … I know that you know, the treasury and the IRS said much of that work went on during the shutdown. So I do think that there was some of that that didn’t stop, which is a good thing for taxpayers, but had to slow it down in some capacity. And when you think about just customer service for taxpayers and not being able to call and find somebody on the phone to talk to, certainly there were challenges there as well. So I do think there was that, you know, kind of tangible direct effect. Now, in terms of effect on tax policy, I think it’s jury still out. Obviously there wasn’t any sort of deal that ended the shutdown with additional legislation. So we didn’t have some big tax package coming out of the — sometimes you do see some sort of legislative deal come out of a — well, not often with a shutdown. Normally nobody wins in a shutdown. But when you’re reaching appropriations deals that don’t end in shutdown, sometimes you’ll see tax legislation attached to those kinds of deals. And, you know, we didn’t have that … There were not regular hearings and regular markups happening in the tax writing committees while we were in shutdown. And so there was probably a slowdown in some bills that are maybe under consideration because they weren’t being considered during the shutdown. And so I do think that probably it definitely had a direct effect on taxpayers who may have had an impact on customer service, but there’s also that effect of maybe slowing down policymaking as well.

Terry Gerton I’m speaking with Anna Taylor. She’s managing principal of the Tax Policy Group at Deloitte. Well, let’s talk about the specific impact on taxpayers. I mean, filing season is going to open in just a few weeks. Is there a reasonable expectation that the IRS and all of the companies that support tax filing will have written in the rules for the One Big Beautiful Bill Act provisions and anything else that might come up before the year end? Are tax filers going to have the systems ready to go?

Anna Taylor Well, I think that the Treasury and IRS have done a — they’ve made a real effort to try to get to the things from that bill first that were going to need to be implemented for taxpayers at the beginning of 2026. So I think in most cases, you have … already seen guidance come out on those things that are affecting individual taxpayers, like … the tipped income deduction and overtime pay, things like that. So they have already put out quite a bit of guidance in those spaces that will have a direct effect on individual taxpayers. There’s still a lot to go though. And, you know, you have business taxpayers who maybe aren’t filing on the same timeline as individuals. Some of that important guidance is still yet to come. But I do think that because of the thinking about the kind of end year for individuals, the administration has tried to prioritize those things that are going to need to be known on day one of the new year.

Terry Gerton That’s good to hear. You also mentioned the congressional tax writing committees and certainly as Congress has come back, the committees have quite a backlog. Can you give us any insight as to what they may be talking about in those committees?

Anna Taylor Well, they do have a full agenda. I mean, I think the first thing that you’re hearing a lot about if you turn on any news outlet right now is of course the thing that landed them in the shutdown to begin with, finding some sort of path forward on those Affordable Care Act premium tax credit — the enhancements for those credits. They didn’t reach any deal before they came out of the shutdown, but they did agree to keep working on it. So there was an agreement as part of coming out of that shutdown where Majority Leader Thune in the Senate said he will hold another round of votes on those credit extensions by the middle of December. So I do think that there’s conversations happening, both bipartisan and partisan, to see if there’s a path forward on figuring out a way to deal with health care costs and insurance premium costs. So that’s taking up a lot of time right now. In addition to that, there is interest from the committees to try to move some things that they’ve been working on for a while on a bipartisan basis. These are things that have been in works for years, honestly, and have pretty broad consensus support. Things like, you know, there’s a tax treaty with Taiwan that has moved through regular order in both the House and the Senate that I think people would like to see get over the finish line. There is, the chairman and ranking member of the Senate Finance Committee have worked on — they haven’t actually processed legislation, but they’ve put out a joint white paper on tax administration. So just some changes to make the system work better for taxpayers. I think that’s something they’re interested in trying to see if there’s opportunities to move together. And then there are a few expiring tax provisions on the business side of the ledger that haven’t been dealt with this year. You know, a lot of the expiring provisions on the individual side were included in that one big beautiful bill act back in the summer. But there are a couple of provisions like the Work Opportunity Tax Credit. That’s an important one that does have an effect on people’s ability to get a job and on business’s ability to hire. And so that’s one that is set to expire at the end of this year that I do think there’s probably bipartisan interest in extending. So those are all things I think on the near-term agenda, if they’re in an environment to be able to move some bipartisan legislation. And we all know right now that’s a big no.

Terry Gerton Well, speaking of that environment, 2026 is an election year for many members of Congress. Do you think in that environment they really will be able to move some of these big pieces of tax legislation or will they maybe just nibble around the edges?

Anna Taylor It’s a really good question. And … when I look in my crystal ball, it’s cloudy, you know. I think that, even in the most political of times, you can sometimes get smaller packages of bipartisan consensus product through. So, you know, I’m still hopeful that they can — they’re going to have to do something on appropriations again when they get to the end of January. That’s when that next government funding deadline will be reached. And so there is potentially a bipartisan vehicle that will be heading our way come late January, assuming we’re not headed towards another shutdown at that point. And so I really do think there’s a possibility that if they reach some sort of funding deal, you know, as they’re working through it in December and into January, that there’s the potential that you could see some tax legislation move along with it, possibly. The later — and I think this goes without saying — the later you get into an election year, the harder it is to do bipartisan things. So when we get into, you know, maybe late summer, early fall, I’ll stop being as optimistic. But until then, I think that there’s still a chance they could move some of the smaller consensus items.

The post What can individuals and businesses expect when the tax filing window opens in just a few weeks? first appeared on Federal News Network.