Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
The https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Beats

Media

Search PlanetOIT

Find what you are looking for on PlanetOIT

Summary

The aptly named Easy Access to System Information (EASi) project is reimagining how CMS manages IT governance.

Placeholder

 Articles

The EASi Way to Centralize Systems Data

Published Thursday, December 2, 2021

Read Time: 6 minutes

Graphic reading "Easy Access to System information (EASi), Building Value Through Human-Centered Design."

From an outside perspective, it seems like a simple enough request. Someone very important needs the agency’s portfolio of critical systems data for disaster recovery on their desk as soon as possible.

Unfortunately, the data is scattered across multiple decentralized databases. Multiple system owners around the agency will need to be enlisted to gather all the data on spreadsheets. What should be a simple request is going to be a big, unplanned lift that displaces other priority work across multiple teams. Making the deadline will bring relief, but no real sense of accomplishment. It’s enough to make anyone reach for the antacid.  

After a face-off with this mad scramble, CMS OIT Director/CIO Rajiv Uppal decided to take action. OIT needed a centralized database for system information. As stressful as fulfilling the quick turn request for system information was, it pales in comparison to the stress of a real-world disaster recovery. A single point of entry would make data lookups more efficient and expedient for OIT and system owners alike. The aptly named Easy Access to System Information (EASi) project was born.

EASi Product Owner Shane Clark and EASi Federal Engineer Lead Nick Downey met with Uppal to scope out the project’s vision. In developing a workplan, the three employed the Agile principle of working in short, iterative bursts to deliver the greatest amount of value in the shortest timespan possible. The work plan also integrated principles of human-centered design (HCD) which focuses on empathy, ideation and experimentation.

“EASi is a tool for customers to access consolidated system information and facilitate IT governance,” says IT Capital Planning Group Director Cora Tracy. “OIT’s commitment to solving critical business issues in partnership with our CMS customers was highlighted by Shane and Nick leading the agile development of this system to meet the needs of our users.”

While the benefits of a centralized database are obvious, the path to build such a system is not. Addressing the downstream problem of not having a centralized database in a vacuum risks spawning unintended problems upstream. 

HCD moves beyond the traditional concept of user-friendly design by taking the needs of everyone affected by design decisions into account. Utilizing this more holistic design approach increases the likelihood that a project will eliminate pain points instead of just shifting them around.

Clark and Downey started gathering stakeholder input by holding a series of formative meetings with system owners from across CMS. The feedback on the prototypes and mockups they shared with the system owners revealed consensus around the problem but critical variation on the pain points. 

“As a system owner, I could tell you my system data and where to find it, but IT governance needed enhancements and updates,” Clark says.

Authorization to operate (ATO) and Section 508 Accessibility compliance testing were singled out as particularly challenging areas of governance. System owners characterized these workflows as confusing, inefficient, and non-transparent.

“People have horror stories about it taking two years to get ATO,” Clark says.

Photo of Shane Clark and Nick Downey

Beyond the acid reflux factor of living with a non-intuitive workflow, compliance issues that don’t get identified until technical review are costly. Go-live dates are missed, and code bases have to be rebuilt. Knowing that a compliance issue could have been flagged and mitigated at an earlier stage of development only adds to the frustration.

If OIT’s core functional need could be expressed as, “Getting all system information in one location,” the CMS system owners’ core functional need could be summarized as, “Making it easier to get to the next step when developing a system.” Now it was up to Clark and Downey to synthesize the two needs.

Agile provides a framework for quickly responding to changes in a project’s value proposition. The feedback from system owners meant EASi needed to pivot from a database centralization to an iterated rebuilding of the IT governance process with centralization as an output. Uppal listened to what the system owners were telling Clark and Downey and approved the pivot plan.

With buy-in secure, Clark and Downey chose the Target Life Cycle (TLC) intake as the first process to transform under EASi. They held multiple HCD-based discovery and framing sessions with system owners, business owners, leadership, and OIT staff to identify pain points. They used visualization tools like Figma and Miro to mock up screens in the application so stakeholders could provide quick feedback on what needed to be edited or shifted. This technique helped avoid the potential for costly rework by developers.

“If the customer doesn’t like it, we can change it in five minutes,” Clark asserts. “We do that before ever handing it to engineers.”

Having Downey on the project as a federal engineer helped ensure a smooth handoff to coding. His software engineering knowledge was also integral to writing project contracts. 

“It helped me be a little more empathetic in terms of the pain that comes with contracting,” Downey says. 

Prior to EASi, obtaining a Life Cycle ID through TLC was a newly established process still in need of improvements. Few system owners understood it, and many didn’t even know it existed. There was no easy way to get a TLC status update, which made reporting to leadership all but impossible.

Over the course of six weeks, Clark and Downey got the TLC process transformation from concept to delivery. The new application is gated, so users know exactly what task they need to work on since the other tasks are greyed out. The new system also provides users with constant awareness of where their Life Cycle ID was in the approval process, so they didn’t have to call or email for status updates. Last but not least, instructions are written in plain language with novice users in mind.

“Even if you’re not an IT person or if you’re new to CMS, you can get through the process,” Clark says.

The TLC transformation received great reception from customers. “EASi allows for that needed transparency that we did not have in the past allowing us to see where our IT project request was in the pipeline and what steps and actions were needed from us,” noted one CMS employee. With product viability established, Clark and Downey delivered a similar transformation for the Section 508 Accessibility compliance process. 

The EASi project’s next big lift will be system profile data entry and integration with the ATO process. As governance for system profile data is streamlined following lessons learned in earlier EASi iterations, incoming data will begin to populate the centralized database that Uppal would have liked to have in place on the day he received the quick turn request for disaster recovery data. 

It’s a roundabout way of getting to the primary deliverable, but employing an HCD-centered approach has enabled EASi to solve more problems for more people - an approach that will likely pay more long-term dividends for CMS.

“We had to have that big pivot from where we were trying to build a big system with data to address issues with the new TLC governance to mature it.” Clark says. “If we would’ve built the system profile first, it would not have worked.”

Recent Articles

Recent Media