U.S. Department of Health and Human Services

U.S. Department of Health and Human Services

In early 2009, the Chief Information Security Officer (CISO) at the Department of Health and Human Services (DHHS) procured the services of Vergys LLC to help manage growing requirements for the American Recovery and Reinvestment Act of 2009 (ARRA). Our tasks included preparing ARRA-related budgets and reports, managing an operating budget that had doubled from the prior fiscal year, and integrating those budgets into a manageable and defensible business case for IT infrastructure security.

Our team created the detailed monthly reconciliation reports that provided the agency and the administration updates on planned obligations, actual obligations, planned disbursements, and actual disbursements. We also monitored the performance measures and expected benefits associated with ARRA funding. As a result of our efforts, over 99.5% of ARRA dollars obligated within the planned time frame and ARRA outlays also matched agency goals. Concurrently, our team maintained and updated the CISO annual spend plan, tracking planned versus actual costs and creating the documentation that authorized the obligations per the timing in the annual plan. The plan variance was under 1%, and all planned obligations were executed on time and without any interruption in service.

Our DHHS responsibilities also included updating and submitting the Exhibit 300 for the CISO’s major IT investment, Secure One. Ultimately, we were able to successfully submit the BY2012 Secure One investment with cost and schedule variances that fit within acceptable agency tolerances. This effort included:

  • Updating Secure One project management documentation, including its Project Plan, Charter, Quality Assurance Plan, and Risk Register;
  • Conducting training on the basics of the Exhibit 53, Exhibit 300, and the federal IT dashboard; and
  • Integrating the spend plans with the Exhibit 300, thereby enabling stakeholders to trace dollars to performance.