RFP Preperations Part 2 Summary

The following learning objectives are covered in this unit:

• Identify the aspects of the Joint Capabilities Integration and Development System (JCIDS) as it applies to acquisition of Information Technology (e.g., interoperability, architecture, reuse).
• Identify the policy and concepts involved in the acquisition of data rights.
• Identify key laws and software acquisition management policies and practices that are required for the acquisition of a DoD software-intensive system.
• Identify "Best Practices" that may be appropriate for the acquisition of software-intensive systems.
• Identify key discriminators for selecting the most capable software developer.
• Identify DoD policy regarding Basic Quality Systems and the role of ISO 9001.

1. As a result of acquisition reform in 1994, the ISO 9001 series of International Quality Standards has been implemented by many contractors, shifting the focus to preventing problems in quality rather than repairing them after they have occurred. DoD guidance allows contractors to use the quality assurance process of their choice, as long as it meets program objectives and

• Establishescapable processes
• Continuously improves processes
• Monitors and controls critical processes and product variation
• Has feedback mechanisms in place to assess field product performance
• Implements effective root cause analysis and corrective action systems

Although the Government cannot require that a contractor be ISO 9001 compliant, a contractor can be asked to provide an equivalent quality assurance system in place, with similar characteristics to those listed above.

2. There are special risks associated with the acquisition of a software-intensive system. As a result, DoD guidance states that it is preferable for software developers to:

• Have a successful past performance record, experience in the domain or product line, a mature software development process, and evidence of adequate training in software development tools and environments.
• Develop system architectures that support open system concepts, exploit existing commercial products, and provide for incremental improvements based on modular, reusable and extensible software.
• Identify and exploit software reuse opportunities before beginning new development initiatives.
• Select a programming language based on overall life-cycle costs, risks, and interoperability potential.
• Use DoD standard data.
• Use a software measurement process to plan and track the software development program.

3. When selecting a contractor to develop software, the Government can evaluate their capability using a Standard Capability Maturity Model Integrated (CMMI) Appraisal Method for Process Improvement (SCAMPI). Based on the CMMI, SCAMPI rates four different areas of contractor capability on a five-level scale:

• Organization and resource management
• Software and Systems engineering process and management
• Tools and techniques
• Software development expertise

Developers of an ACAT-I Program should be rated at least maturity level 3 to ensure their processes are documented, standardized, and integrated.
The Government can also use the SCAMPI to assess the maturity of their internal acquisition processes. SCAMPI rates an organization on a 5-level scale:

• Level 1: Initial : The software acquisition process is characterized as ad hoc and occasionally even chaotic.
• Level 2: Managed : Basic software acquisition project management processes are established to plan all aspects of the acquisition process.
• Level 3: Defined : The acquisition organization's software acquisition process is documented and standardized.
• Level 4: Quantitatively Managed : Detailed measures of the software acquisition processes, products, and services are collected.
• Level 5: Optimizing : Continuous process improvement is empowered by quantitative feedback from the process and from piloting innovative ideas and technologies.

The CMMI models can be used throughout the acquisition lifecycle by industry as well as Government.

4. DoD has identified a number of key best practices to follow in the acquisition of software. They include:

• Identify and manage risk continuously throughout the life of the system
• Estimate cost and schedule empirically
• Use metrics to monitor risk, identify problems, and base decisions
• Track earned value
• Establish quality targets and track defects against those targets
• Treat people as your most important resource
• Implement a sound configuration management process
• Manage and trace requirements to the lowest level
• Use system-based software design to document and evaluate the process
• Ensure data and database interoperability
• Define and control all internal and external interfaces
• Design twice, code once
• Address the risks of reusing existing software, whether commercial or non-development items
• Inspect requirements and design; subject configuration management products to formal inspection
• Conduct continuous testing based on plans, pass-fail criteria, and traceable procedures
• Compile and smoke test frequently

5. In today's military environment, systems must be interoperable in order to be effective; that is, they must be able to exchange data. To ensure interoperability, all systems acquired by DoD that will produce, use, and exchange information must be consistent with the Joint Technical Architecture (JTA). The JTA provides a common set of mandatory standards for information processing, transfer, modeling, interfaces, and systems security.
In addition to compliance with JTA, all command, control, communications, computers and intelligence (C4I) systems, regardless of ACAT, must undergo a two-step oversight process to ensure all interoperability capabilities are identified and met:

• Interoperability Capability Certification - This process, based on the capability needs identified by the user in the ICD and CDD/CPD, ensures that we consider interoperability from the very beginning. Before the capabilities can be approved for a C4I system, the J-6 section of the Joint Chiefs of Staff must certify that interoperability capabilities are identified and consistent with joint policy, architectural integrity, and interoperability standards.
• Interoperability Certification : This process is used to demonstrate, based on tests conducted in the field, that interoperability capabilities have been met. The Joint Interoperability Test Command (JITC) issues a Letter of Certification to document that the required level of interoperability was achieved.

6. The Government should only acquire the rights to data, software, and other documentation necessary to meet its minimum needs. Data rights fall under the following categories:

• Unlimited rights : If the Government has funded the entire development of an item, then it is entitled to unlimited rights to use, duplicate, or disclose technical data for any purpose.
• Limited rights : If a contractor has developed an item entirely at its own expense, then the government is only entitled to limited rights, within the Government itself, and normally cannot release the data to other parties outside the Government.
• Restricted rights : These rights only apply to noncommercial computer software, and are similar to limited rights. An example would be restricting usage of a computer program to only one computer at a time.
• Government Purpose Rights - When technical data is developed with mixed funding (part contractor and part government), government purpose rights allow the Government to use the technical data for Government purposes as described in limited rights and for other purposes such as competition, but not for commercial applications. Government purpose rights are automatically effective for five years and revert to Unlimited Rights upon expiration of the five-year period.