Department of Veterans Affairs

DTC

Digital Transformation Center – Security/FedRAMP

The Challenge:

In 2018, the Department of Veterans Affairs (VA) created the Digital Transformation Center (DTC), in order to drive its modernization efforts by implementing emerging technologies. To ensure the security of the solutions implemented by the DTC, all Software as a Service (SaaS) and Platform as a Service (PaaS) products require certification by the General Services Administration (GSA)’s Federal Risk and Authorization Management Program (FedRAMP) program, as well as an Authority to Operate (ATO) granted by the VA. However, these processes can be expensive and complex, limiting the attractiveness of the DTC program to vendors who may wish to bring their products to the Federal Government.

The Solution:

To ensure the VA’s ambitious modernization goals were able to be reached while still maintaining the highest security standards, Octo’s team, which leads the DTC program, developed a plan to embrace FedRAMP and help guide vendors through the process. DTC subject matter experts provide customers and vendors with FedRAMP and ATO readiness, documentation, and remediation support; DTC project managers “connects the dots” with other teams to help shepherd the customer through the complex security approval and authorization process; and centralized security support maximizes the impact of flexible solutions with high reusability. This last point has been key to DTC’s success: by centralizing its efforts, the VA has been able to develop a marketplace of tools available across the enterprise with security authorizations that can be reused with relatively painless adjustments.

Results
  • Octo’s team helps vendors through the FedRAMP and ATO process in order to ease the burden of bringing tools into the DTC marketplace while ensuring high security standards are met.
  • Octo’s team helped the VA craft a strategy for embracing the FedRAMP process, resulting in the VA’s position as a modernization leader in the Federal Government.
  • By leveraging flexible tools and supporting high value use cases, we can reuse existing products and deliver value 88% faster.
  • 50+ FedRAMP/ATO authorizations were granted in FY21, making the VA the largest FedRAMP sponsor in the public sector.

The Benefits

The VA has developed a marketplace of tools available for use across the enterprise because of its commitment to make the FedRAMP and ATO approval process as smooth as possible for cooperative vendors. Across the agency, 47 products are being leveraged by two or more business groups, and the programs top five most requested products (Salesforce, Microsoft Power Platform, Box, Qualtrics, and Pitney Bowes Send Pro) serve an average of 70 business groups each. The VA’s commitment to the FedRAMP program also radiates to the rest of the Federal Government. To date, the VA has sponsored more than 24 products through full authorization (with many more in process), contributing significantly to the pool of products available for all federal agencies to use.