NASWA UI Integrity Data Hub Final Review Draft v2
NASWA UI Integrity Data Hub Final Review Draft v2
NASWA UI Integrity Data Hub Final Review Draft v2
Copyright ©2018 by Development InfoStructure, Inc. (Devis) All rights reserved. This proposal includes data that shall not be disclosed outside
the Government and shall not be duplicated, used, or disclosed--in whole or in part—for any purpose other than to evaluate this proposal. If,
however, a contract is awarded to this offeror as a result of--or in connection with--the submission of this data, the Government shall have
the right to duplicate, use, or disclose the data to the extent provided in the resulting contract. This restriction does not limit the
Government's right to use information contained in this data if it is obtained from another source without restriction.
NASWA UI IDH – Proposal Response
Table of Contents
Cover Letter....................................................................................................................................iii
1. Company Overview..................................................................................................................1
2. Project Summary Citations.......................................................................................................2
2.1. Project 1: GLAAS..................................................................................................................2
2.2. Project 2: HMDA...................................................................................................................5
2.3. Project 3: CMS......................................................................................................................8
3. Technical/Management Approach..........................................................................................11
3.1. Part C: Technical Requirements Development/Business Analysis Resources....................11
3.1.1. Processes and Tools..................................................................................................11
3.1.2. Stakeholder Participation..........................................................................................16
3.1.3. Selection of Part C Personnel...................................................................................17
3.1.4. Organizing and Managing Part C Approach............................................................17
3.1.5. Availability of Key Part C Staff...............................................................................18
3.1.6. Part C Deliverables...................................................................................................18
3.1.7. Benefits of Part C Approach.....................................................................................19
3.1.8. Part C Communications............................................................................................20
3.2. Part D: Development/Technical Support.............................................................................21
3.2.1. Tools and Standards..................................................................................................22
3.2.2. Selection of Part D Personnel...................................................................................24
3.2.3. Organization and Management of Part D Services...................................................25
3.2.4. Availability of Key Part D Staff...............................................................................25
3.2.5. Responsibility for Delivery.......................................................................................25
3.2.6. Part D Deliverables...................................................................................................26
3.2.7. Benefit of Part D Approach......................................................................................27
3.2.8. Part D Communications............................................................................................27
4. Key Personnel.........................................................................................................................29
4.1. Part C Personnel..................................................................................................................29
4.1.1. Josh Shnider..............................................................................................................29
4.1.2. Catherine Atwood.....................................................................................................31
4.1.3. Sydney Hodges.........................................................................................................33
4.1. Part D Personnel..................................................................................................................35
4.1.1. Erika Blair.................................................................................................................35
4.1.2. Donald Oellerich.......................................................................................................37
9/7/2018 Use or disclosure of data contained on this sheet is subject to restriction on the title page of this proposal. i
NASWA UI IDH – Proposal Response
Table of Figures
Figure 2-1 HMDA Data Collection We analyzed and developed use cases to capture the process
used by lenders across America so we could automate the validation of their data...............5
Figure 2-2 CMS Data Dashboards Our systems for CMS produce compelling visualizations of
program data...........................................................................................................................9
Figure 2-3 CMS Architecture CMS runs in AWS and uses the same Java Springs Hibernate basis
envisioned for further development on the IDH....................................................................10
Figure 3-1 Sample Task Requirements Card Requirements are captured, formatted, organized
and visualized for instant reference.......................................................................................14
Figure 3-2 Stories On Board Dashboard Visualization of features, with drill down information
available for each at a single click, keeps the entire team oriented and the process
transparent to NASWA stakeholders.....................................................................................15
Figure 3-3 - Sample Data Flow On GLAAS, we managed business processes in concert with a
wide range of stakeholders....................................................................................................16
Figure 3-4 Sample Part C Deliverables We work with all stakeholders in order to uncover the full
range of operational requirements facing the user and stakeholder, and our tests ensure
that they are met in the finished product...............................................................................19
Figure 3-5 Part C Communications Turning analyses into better outcomes requires a
comprehensive communication plan that spans all stakeholders, elicits all requirements,
and meaningfully tests the resulting development before acceptance...................................20
Figure 3-6 Devis Agile Scrum Methodology and Sample Activities Proven to work, easy to
adapt, client oriented.............................................................................................................21
Figure 3-7 Devis DevOps Stack These same systems will bring their proven benefits to our
development efforts for NASWA............................................................................................22
Figure 3-8 Sample Part D Deliverables All Devis development deliverables will incorporate the
inputs and reflect the needs of multiple entities across the NASWA IDH environment........27
Figure 3-9 Part D Communications From kickoff to retrospectives, our approach features
constant cross-cutting communication that helps keep the entire stakeholder and vendor
community on the same page from task order to task order..................................................28
9/7/2018 Use or disclosure of data contained on this sheet is subject to restriction on the title page of this proposal. ii
NASWA UI IDH – Proposal Response
Cover Letter
Attn: [email protected]
Re: Program and Technical Support for Ongoing Development of the UI Integrity Data Hub
Development InfoStructure, Inc. (Devis), is pleased to submit our response to the Request for
Quotation to provide business analysis (SOW part C) and IT development (SOW part D) support
for the NASWA IDH. As an award winning Women Owned Small Business, (WOSB) firm with
25 years of experience providing Information Technology (IT) solutions in the public sector, we
are excited about the opportunity to closely partner with NASWA in support of this important
program.
I, Cristina Mossi, CEO, or Martin Hudson, President, can be reached at (703) 525-6485, or via
email ([email protected] and [email protected]). We are both duly authorized Officers of
the Corporation able to act on any negotiations. Devis agrees with all the terms, conditions, and
provisions of the solicitation and agrees to furnish any and all items upon award, for the prices
quoted.
Regards
Tina’s signature
Cristina Mossi, CEO
9/7/2018 Use or disclosure of data contained on this sheet is subject to restriction on the title page of this proposal. iii
NASWA UI IDH – Proposal Response
1. Company Overview
Development InfoStructure, Inc. (Devis), a WOSB with a Top
Secret facility clearance, has 25 years of experience providing At A Glance:
comprehensive software development and business analysis to our 25 years experience
clients in the Federal Government, including the Department of State WOSB
$16M in 2018 Revenue
(DOS), the US Agency for International Development (USAID), and 63 Employees
the Department of Labor (DOL). Our service history includes 512 16 Federal clients
separate contracted engagements with the Federal government, TS Clearance
spanning 70 different organizations spread across 16 different Federal CMMI Level 3 in
Development
agencies or departments.
Our services include Agile software development and project management, business analysis and
process reengineering, and the organizational management of change associated with
deployment of new enterprise IT systems and business processes. Of particular interest to
NASWA is our ability to analyze and build systems for our Federal clients that have to gather
data from across the country (and in the case of DOS and USAID, across the globe). We built the
first many-to-one reporting system for the Department of State to assemble reports on
government sponsored international training and exchange programs across the entire Federal
government, working with over 200 data formats to create a single seamless report to Congress.
We also built the system the Consumer Financial Protection Bureau (CFPB) uses to validate
home mortgage reporting from every single lending institution in the United States – another
many to one system where all the data formats used by individual banks and lenders need to be
collated into a single format system.
These systems faced many of the same requirements currently characterizing the IDH, and Devis
will bring the best practices and lessons learned from these engagements, our familiarity with the
Amazon Web Services (AWS) environment and proposed IDH technology stack to the table for
NASWA in order to help build a federated system useful to all its potential users.
9/7/2018 Use or disclosure of data contained on this sheet is subject to restriction on the title page of this proposal.
1
NASWA UI IDH – Proposal Response
Project Size/Scope:
40+ personnel at peak, assigned to 82 locations worldwide.
9/7/2018 Use or disclosure of data contained on this sheet is subject to restriction on the title page of this proposal.
2
NASWA UI IDH – Proposal Response
Updated the design documentation (Requirement 4: Developing Use Cases and Design
Documentation) whenever requirements necessitate a revision to the design
Created and Updated all impacted GLAAS User Guides, Quick Reference Guides,
Exercises, Walk Through documents
Developed story boards for use by training development Contractor
Developed test cases for User Acceptance Testing (UAT) and Performance Test Teams
Devis prepared and performed the required tests (Requirement 5: Preparing Test Plans and
Procedures, and Requirement 6: Planning and Coordinating Testing)to ensure new software
releases, patches and data migration are ready for deployment. Tasks include:
Maintaining test environments
Develop draft and final deployment plan;
Receive the deployment package from the development team;
Ensure all deployment instructions and scripts are complete;
Conduct dry-runs of the deployment package and test for readiness
Summarize/report any issues to the development and database teams for resolution
9/7/2018 Use or disclosure of data contained on this sheet is subject to restriction on the title page of this proposal.
3
NASWA UI IDH – Proposal Response
Project Budget:
$32,093,752 (base contract) $3,283,297 (follow on)
Agency/Organization:
USAID
9/7/2018 Use or disclosure of data contained on this sheet is subject to restriction on the title page of this proposal.
4
NASWA UI IDH – Proposal Response
Project Size/Scope:
8 personnel at peak
Relevance to SOW Part C:
Similar to Requirement 1: Coordinating and Facilitating Requirements Sessions of C,
working with CFPB stakeholders, Devis conducted a two week Requirements Gathering sprint to
walk through documentation CFPB had developed to ensure a shared understanding of all
functions to be developed in the ensuing sprints. At this point requirements were formally
handed off to Devis and we began collecting data, developing the process shown below:
Figure 2-1 HMDA Data Collection We analyzed and developed use cases to capture the process used by lenders
across America so we could automate the validation of their data.
9/7/2018 Use or disclosure of data contained on this sheet is subject to restriction on the title page of this proposal.
5
NASWA UI IDH – Proposal Response
Devis conducted user interviews (Requirement 2: Interviewing State End Users and Other
Stakeholder) and gathered user requirements from CFPB stakeholders, and analyzed them for
opportunities for improvement. The requirements were gathered in a requirements document
called the ‘backlog’ (Requirement 3: Preparing Requirements Documentation). After
analyzing the current Federal rules and regulations for filing HMDA data, and taking the results
of the usability testing, as with IDH Part C Requirement 4: Developing Use Cases and Design
Documentation the Devis team designed a prototype system to automate the validation process
and satisfy two distinct types of end user, by running it entirely within a web browser (for 98%
of the banks) or on a server (for the largest banks – 2%). As a result we proposed a validation
engine to carry out these tasks and developed a prototype that met these user requirements. This
prototype became the basis of the HMDA engine.
As our analysts concluded the CFPB regulatory environment would likely see frequent changes
and updateds, Devis determined the need for an extensible rules engine that could dynamically
select and apply its own appropriate set of validation rules to each year’s data set. This set of
choices ended up cutting CFPB processing time while keeping the solution easily tunable in
response to changes in Federal regulatory requirements, providing CFPB cost savings in the
present and the future.
9/7/2018 Use or disclosure of data contained on this sheet is subject to restriction on the title page of this proposal.
6
NASWA UI IDH – Proposal Response
financial institution to run automated data quality checks before they submit data to the
government.
Regarding Requirement 3: Data Architecture/Management, the HMDA Pilot application
utilized an advanced data architecture with a view tier, a controller tier, and a model tier, built on
Node.js, AngularJS, Kraken, and MongoDB to develop the user interface, rule engine and APIs
that run the data checks for accuracy and reporting. The HDMA Pilot, rule engine, and API are
all open-source, available via GitHub, and hosted in a secure FedRAMP compliant cloud-hosting
environment as per Requirement 4: IT and Data Security.
In hosting HMDA, similarly to Requirement 5: System Monitoring/Administration Devis
configured, implemented and tuned an Amazon Web Services (AWS) cloud environment to
support 100 concurrent user threads with no deterioration of system performance and
maintaining full system security.
For Requirement 6: Database Architecture/ Management, Devis built the tool on an open-
source platform looking towards the future, hoping that financial institutions will utilize the code
to integrate the new tool into their own technology, streamlining the process even more. In
addition to supporting the annual edit check process to meet this project’s initial scope, Devis
created open APIs that allow financial institutions to check individual loan application
transactions as financial institution enter them throughout the year. The open-source platform
also allowed CFPB to utilize existing resources to review, build on and enhance the new tool,
creating internal resources to work with the tool going forward.
Devis maintained system architecture diagrams and documents throughout the bid, including
applications, databases, integration points with other applications, access paths and supporting
infrastructure, as applicable.
Similar to Requirement 7: Extract/Transform/Load (ETL) Management, Devis conducted
an Open Data sprint for a two week period of open testing for CFPB staff and/or identified
financial institutions to use the sample application. During this time real 2013 user data was
extracted, transformed, and loaded for the two week test. This sprint was used to refine all
documentation and ensure the application is working appropriately.
Project Budget:
$2,113,604.16.
Agency/Organization:
Consumer Finance Protection Bureau
9/7/2018 Use or disclosure of data contained on this sheet is subject to restriction on the title page of this proposal.
7
NASWA UI IDH – Proposal Response
Project Size/Scope:
8 personnel at peak
9/7/2018 Use or disclosure of data contained on this sheet is subject to restriction on the title page of this proposal.
8
NASWA UI IDH – Proposal Response
tools across the company, Devis ensures that the software maintenance process is
effective and efficient.
Regarding Requirement 3: Data Architecture/Management Devis stores CMS data in the
PostgreSQL back end, creating data visualizations on demand using dashboard tools, such as the
example seen below (Figure 2-2):
Figure 2-2 CMS Data Dashboards Our systems for CMS produce compelling visualizations of program data.
Devis monitors security of the network and servers (Requirement 4: IT and Data Security and
Requirement 5: System Monitoring/Administration), including;
Provide Client access to security logs
Develop Security Management Plan
Provide Intrusion Detection and immediate reporting
Maintain site URL and security certifications for HTTPS connection.
Monitor security reports and make necessary security configuration changes
Manage network operations to include: firewalls, dedicated firewall appliances,
switches,load balancers, intrusion detection systems
As with Requirement 6: Database Architecture/ Management, Devis partnered with AWS to
engineer a FedRAMP-certified high performance network, hardware, and software infrastructure
with a PostgreSQL back end capable of meeting and exceeding the performance objectives of
CMS. The n-tier architecture is comprised of application server, database server, and web server,
visualized as Figure 2-3.
9/7/2018 Use or disclosure of data contained on this sheet is subject to restriction on the title page of this proposal.
9
NASWA UI IDH – Proposal Response
Figure 2-3 CMS Architecture CMS runs in AWS and uses the same Java Springs Hibernate basis envisioned for
further development on the IDH.
Agency/Organization:
USAID
9/7/2018 Use or disclosure of data contained on this sheet is subject to restriction on the title page of this proposal.
10
NASWA UI IDH – Proposal Response
Today, Devis is repeating this accomplishment by building TEAMS, the new system replacing
and improving upon TraiNet/VCS, fully modernizing the technology to account for existing as
well as new requirements from the user base, in an asset that will carry USAID training and
exchange reporting forward for the next five years.
Elicit stakeholder needs, expectations, constraints, and interfaces for all phases of the
product life-cycle
Transform stakeholder needs, expectations, and constraints into customer requirements
9/7/2018 Use or disclosure of data contained on this sheet is subject to restriction on the title page of this proposal.
11
NASWA UI IDH – Proposal Response
Establish and maintain product and product component requirements, which are based on
the customer requirements
Allocate the requirements for each product component
Identify interface requirements
Establish and maintain operational concepts and associated scenarios
Establish and maintain a definition of required functionality
Analyze requirements to ensure that they are necessary and sufficient
Analyze requirements to balance stakeholder needs and constraints
Validate requirements to ensure the product will perform in the user's environment
Everything a system user is coming to the system to do can be expressed as a ‘user story’. User
stories cover the entire range of user needs, whether it’s that of a third party logging in for the
first time, a system administrator that needs to tie into the data being gathered, or an auditor that
needs to be able to verify all security requirements are in place before they can sign off on
system acceptance. As all these needs are gathered through interviews with users and added to
the Requirements Document, needs are prioritized with the most important functionality with the
greatest client benefits being identified as the first focus for the development team. In Agile, the
outcome of this sort is known as the User Story Backlog, which is created and then ‘groomed’ to
prioritize needs, as progress unfolds and new data, needs, and issues become evident.
All requirements (User Stories) developed under this effort will meet the following criteria:
1. Created and refined by the project team based on the INVEST principle (Independent,
Negotiable, Valuable, Estimable, Small, Testable), or other industry standard.
2. Meet "Definition of Ready" and "Definition of Done" (see definitions below) as
determined by the Project Team.
3. Developed with input from users and SMEs (approved requirements providers), and
refined by the agile team, especially the Product Owner.
Definition of Ready:
Business value clearly specified
All dependencies identified. No external dependencies will block story completion.
Developers understand story details well enough to estimate time to complete
The story can be completed during one Sprint
UX/UI design for the story is completed.
Acceptance Criteria are complete, specific, and testable.
Definition of Done:
Code design reviewed and approved
Required tests added to test suite
For the code implementing the user story:
o checked into version control (development branch)
o merge request issued, which triggers a code review
o code reviewed and merged into working branch
Tests pass
o Unit and integration
o Regression
9/7/2018 Use or disclosure of data contained on this sheet is subject to restriction on the title page of this proposal.
12
NASWA UI IDH – Proposal Response
o Security
o Accessibility
Automated deployment to UAT environment complete
All Acceptance Criteria pass / Functional Testing complete
All documentation updated (system, user, architecture, etc.)
The Devis approach to acceptance testing means that we simultaneously choose the development
approach and the testing tool(s) and method(s) we will use to assess whether we have
successfully met the requirements for each User Story we write. These details are established as
part of the Acceptance Criteria defining the requirements and conditions that must be met. For
the NASWA IDH, this means working in concert with other awardees as well as traditional
stakeholders and ensuring that the decisions we’re making meet with client approval.
The process can be summed up simply: We evaluate User Stories using our standard format for
writing a test: “Given, When, Then: Given the following initial conditions, When a certain
identified event takes place, Then the system should respond in such and such a way”. We use
this pattern to standardize test cases and provide a more granular view of a user story. It can be
elaborated upon using quasi-Boolean operators, for example, “ And” can add additional steps,
“Except” can exclude certain conditions in order to focus the test, and “Where” can supply a test
with multiple conditions, and so on.
Tools
In the public sector, the need to validate, maintain and secure data according to Federal mandates
as well as meet the user accessibility interface requirements specified by Section 508 means that
the choice of tools will have a real and meaningful impact on the time necessary to implement
new code in response to task orders issued under NASWA IDH Part D. Accordingly, Devis is
well positioned to offer NASWA decision support at all levels in the matter of tool choice,
whether it’s ensuring alignment between their existing tools and business and regulatory needs,
or choosing a new one out of the many available that best fits their overall requirements.
For example, one emerging tool that has proven to be very useful in coordinating user
requirements and translating them into functioning software that makes a positive difference in
their day to day work is StoriesOnBoard. Devis uses Stories On Board as a tool to evaluate,
coordinate and track the completion of code to meet all the User Stories expressed in the Backlog
as they pertain to each role on the projects we undertake.
Each need is placed in a card that contains all the necessary information expressed in the Given,
When, Then language discussed earlier.
On the ensuing page, see a sample StoriesOnBoard Task Requirements card Devis prepared
for TEAMS (Figure 3-1):
9/7/2018 Use or disclosure of data contained on this sheet is subject to restriction on the title page of this proposal.
13
NASWA UI IDH – Proposal Response
Figure 3-4 Sample Task Requirements Card Requirements are captured, formatted, organized and visualized for instant reference.
9/7/2018 Use or disclosure of data contained on this sheet is subject to restriction on the title page of this proposal. 14
NASWA UI IDH – Proposal Response
All these cards are virtually sorted by StoriesOnBoard to provide a big picture visualization of all the needs that have been captured in
the Backlog, allowing us to organize them by feature and subfeature, rate them for prioritization, and visualize task completion. The
‘groomed’ backlog forms the basis for our approach to delivering results to the client.
As an example, see the StoriesOnBoard dashboard that Devis maintains for TEAMS (Figure 3-2):
Figure 3-5 Stories On Board Dashboard Visualization of features, with drill down information available for each at a single click, keeps the entire team oriented and the process
transparent to NASWA stakeholders.
9/7/2018 Use or disclosure of data contained on this sheet is subject to restriction on the title page of this proposal. 15
NASWA UI IDH – Proposal Response
Similar techniques are used when analyzing requests for new workflows. For example, on
GLAAS, each element of the CONOPS has been analyzed and a repeatable business process is
identified, implemented, and if necessary amended. (See Figure 3-3 below for an example)
Figure 3-6 - Sample Data Flow On GLAAS, we managed business processes in concert with a wide range of stakeholders.
Testing: Devis chooses the tests to prove functionality as part of the ‘definition of done’ before
software development begins, as discussed in Section 3.1.1. Once development begins, the
business analyst performs the required chosen tests to ensure new software releases, patches and
data migration are ready for deployment.
Tasks associated with Test & Evaluation include developing the draft and final deployment plan
to completion; receiving the deployment package from the development team, conducting dry-
runs of the deployment package and test for readiness on a dedicated environment; and
summarize/report any issues to the development and database teams for resolution.
3.1.2. Stakeholder Participation
By working closely with stakeholders when eliciting requirements, defining tests, conducting
user acceptance testing, and as otherwise needed throughout a project using a variety of
techniques including interviews, process maps, scripted engagements and more, Devis business
analysts facilitate and document an effective capture and sharing of information. For example,
prior to a major redesign effort, Devis performs usability studies to identify gaps and
inefficiencies in the current implementation, which the team uses to collaboratively prioritize
areas for redesign. We will draw from these techniques and tools, and more, as needed for task
orders under the IDH
9/7/2018 Use or disclosure of data contained on this sheet is subject to restriction on the title page of this proposal. 16
NASWA UI IDH – Proposal Response
To ensure that the voice of user stakeholders is not lost among the voices of the project we will
designate business analysis staff with the expertise necessary to effectively interview all IDH
stakeholders. Doing so allows us to share an understanding of the level of their respective
responsibilities, ways the system will affect their workstreams, and input on what they need, how
they need it, and what their worst pain points are in day to day operations. These Devis personnel
will serve as Stakeholder Advocates; they own the responsibility of creating a regular schedule
of interaction with stakeholders, ensuring that their requirements are being correctly captured,
understood and prioritized, avoid rework and delays while improving the value stakeholders will
derive from IDH digital and professional services. For example, a monthly meeting that sums up
progress and elicits feedback, backed up by ad hoc meetings and one-off communications, will
keep stakeholders identified, engaged with useful support and contextual information about the
new project, and that their needs, wishes, concerns, and operational realities are reflected to the
fullest extent possible in the requirements that are assembled by the analysts.
The ultimate benefits of this sort of approach are transformational in nature and helps ensure
successful adoption of the system throughout the enterprise. In our past experience at USAID,
key users and stakeholders who begin as requirements providers continue to support the project
as beta testers and early adopters of the system ultimately being introduced. Their participation
encourages others to join in and truly engage with the team, and take away whatever benefits
they may from the improved process or the underlying approach – all of which help the client
program realize operational excellence in the long run.
9/7/2018 Use or disclosure of data contained on this sheet is subject to restriction on the title page of this proposal. 17
NASWA UI IDH – Proposal Response
accountability for the work to be done under the task in question; they will stand up a
communication plan that maps all interactions with the client and other elements of the IDIQ
(including other awardees).
As tasks arise the senior manager or requirements analyst assigned under the TO will perform a
first pass analysis, breaking the task down into workstreams and the workstreams into elements
differentiated by their complexity. Simpler tasks can be handled by junior personnel under
supervision; complex tasks will often require senior personnel to be assigned. We then assign
these analyst personnel according to the requirements in that breakdown, assign them hours
based on the likely time necessary to complete requirement, and monitor ongoing progress by
measuring analyst performance according to established project quality metrics. These results are
captured in monthly reporting and other deliverables as required by NASWA, serving as
occasion to look forward and plan for up and coming changes as much as the means of
performance review.
All Part C task orders awarded to Devis under the IDH IDIQ will have a Devis corporate
sponsor. Mr. Randy Smith, PMP. Randy is the Vice President of our development practice and is
deeply experienced in these requirements: for example, he led the GLAAS upgrade effort
detailed in Section 2.1. Mr. Smith will serve as a mentor to the senior Devis employee assigned
under Part C task orders, for the entire task order, providing oversight, performing spot quality
checks of work and deliverables in progress, suggesting useful courses of action, and ultimately
serving as a point of escalation for the client if necessary.
9/7/2018 Use or disclosure of data contained on this sheet is subject to restriction on the title page of this proposal. 18
NASWA UI IDH – Proposal Response
9/7/2018 Use or disclosure of data contained on this sheet is subject to restriction on the title page of this proposal. 19
NASWA UI IDH – Proposal Response
to choose a common approach. Devis also provided web content management software and
hosting services for IAWG.gov under the same contract. Under the current contract, Devis
supports FEDS II through web development, UI development, and business analysis, including
the successful extraction, transformation and migratory load of over 700,000 records of historical
data from FEDS I to FEDS II.
FEDS data is loaded into a bespoke tool that produces the final reporting data for highly visible,
annual reporting to Congress on the performance of overseas training and exchange programs
across the Federal government. Because of the capacity to interpret data in a wide range of
formats, reflecting the different IT approaches found across the Federal landscape, that had been
previously impossible to reconcile, Federal Computer Week called the FEDS systems the
“Rosetta Stone”, for its ability to allow data from disparate systems to exist in the same database.
3.1.8. Part C Communications
As communications is a critical component of a strong management approach, the Devis
approach identifies clear and well laid out lines of communication with our stakeholders. Our
approach establishes specific points of contact for each area of responsibility and matches them
to the appropriate NASWA staff member or stakeholder. The topics of discussion, and the means
by which those discussions will take place, are also included in Figure 3-5. Subsequent to task
order award, the draft communication plan will be revised as necessary as per the guidance by
the COR and other USAID personnel.
9/7/2018 Use or disclosure of data contained on this sheet is subject to restriction on the title page of this proposal. 20
NASWA UI IDH – Proposal Response
Figure 3-9 Devis Agile Scrum Methodology and Sample Activities Proven to work, easy to adapt, client oriented.
9/7/2018 Use or disclosure of data contained on this sheet is subject to restriction on the title page of this proposal. 21
NASWA UI IDH – Proposal Response
Figure 3-10 Devis DevOps Stack These same systems will bring their proven benefits to our development efforts for NASWA.
9/7/2018 Use or disclosure of data contained on this sheet is subject to restriction on the title page of this proposal. 22
NASWA UI IDH – Proposal Response
Standards
CMMI: Devis is a level 3 CMMI practitioner in development (DEV); we have practiced CMMI
for over a decade, and have just concluded our third successful appraisal for Level 3 by
independent SCAMPI audit.
Devis will utilize our well established patterns, processes and procedures, which are available in
our CMMI repository for inspection at any time. Devis will focus on deliverables, system
processes, and operational outputs across the project lifecycle, emphasizing the quality of
individual software builds and providing insight into compliance with our established quality
processes.
Devis has 36 defined patterns, across 17 practice areas with 221 supporting processes and 388
related procedures that we will use to execute tasks across the task order lifecycle. We maintain
an online repository of these patterns, processes and procedures in our Confluence Knowledge
Repository. All of our CMMI practice areas and associated patterns are inter-related and
collectively form the basis upon which we continuously monitor performance and develop
process improvements This approach has been proven in multiple engagements with the Federal
government, including GLAAS, CMS and HMDA.
Security: Devis support of Part D SOW activities will include full compliance with NIST
requirements, including FISMA 2014 requirements, and be monitored according to Continuous
Diagnostics and Mitigation (CDM) best practices. We will use libraries, components and
commodities that have been comprehensively tested for security vulnerabilities in every layer of
our technology stack. These components will be reused for subsequent development. We will use
deployment scripts to ensure configuration of the development, test and production environments
remains consistent and repeatable.
Devis will first complete the Privacy Impact Assessment (PIA), Privacy Threshold Analysis
(PTA) the initial FIPS 199 System Inventory and Categorization Process. Our CISSP Security
Engineer will review the Security Controls requirements and other Non-functional requirement
for applicability, select the appropriate security controls and write User Stories that are specific
to NASWA IDH security objectives and required controls. We will document the types of
information collected, how it should be secured, how long it is kept and how it may be used and
shared. Our Agile Team will implement the security controls and write automated tests to
confirm compliance.
We will prepare all the artifacts necessary for a Security Assessment and Authorization (SA&A)
including: PIA, PTA, FIPS 199, e-Authentication Risk Assessment, Business Impact Analysis,
Incident Response Plan, System Security Plan (SSP), Security Requirements Traceability Matrix
(RTM), Risk Assessment Report (RAR), Security Assessment Plan (SAP) and Security
Assessment Report (SAR). If any deficiencies are found, Devis will document and actively
implement the Plan of Action and Milestones (POAMs) identified to correct the deficiency as
needed in order to obtain Authority to Operate.
Our CISSP Security Engineer and staff stay abreast of changes to Federal regulations regarding
privacy and security mandates and guidance, attending training on upcoming revisions to NIST
800-37 (rev 5 pending) and NIST 800-53. We will continually evaluate how security policy
revisions might impact the IDH and provide guidance to NASWA stakeholders as needed. To
9/7/2018 Use or disclosure of data contained on this sheet is subject to restriction on the title page of this proposal. 23
NASWA UI IDH – Proposal Response
mitigate system vulnerabilities, Devis has adopted a continuous security patching strategy and
constantly monitors vendor security bulletins and US-CERT Situational Awareness Reports
(SARs) for security alerts. Devis applies routine security patch updates for our systems. We
maintain a local repository that stores the patches and applies them to the development, staging
and production environments with a test and validation period in between. For critical security
patches, we apply the patch immediately with scheduled downtime approved via client staff.
Other key elements of our approach to security include:
Logging—Automated centralized logging enables developers, IT operations, and security
personnel real-time capabilities to audit, detect, troubleshoot, and resolve issues.
Versioned Configurations—All configurations will be managed by our centralized
configuration management process, enabling us to assert on a continuous basis that
configurations are running as expected in any given environment. Configurations are
maintained in a version-controlled repository for ease of validation. Changes to
configurations are tracked using any appropriate tracking system (Trello, JIRA, etc.).
automated configuration management combined with change control board/ticket system
allows configurations to be audited in their full scope -- who applied the change, when it
was applied, and who authorized the change.
Automated security controls with log aggregation—Automated configuration
management routinely asserts configurations and reports to administrators when
configurations diverge. Administrators can then review unexpected changes and create
issues/incident responses as appropriate. Configuration changes are automatically
captured in centralized audit logs which quickly identifies invalid or inappropriately
configured nodes.
Data: Devis has conducted dozens of data migrations for our clients in our 25 years supporting
them. For example, on GLAAS, one particular achievement was successfully migrating over ten
million existing records comprising all active USAID awards and funding citations into the new
GLAAS system. Transition plans, database schema mappings and conversion routines played a
large part in making each deployment successful. The GLAAS team was able to successfully
migrate data by collecting, analyzing, extracting, transforming, validating, loading and testing
data for each completed site implementation. The conversion project includes several scripts and
data validation checks to ensure that the integrity of the information matches the strict business
rules of the GLAAS application and the Oracle 10g database backend.
Communication ability
Relevant cross training or multidisciplinary knowledge
Agile ability
As a result of our established development practice, Devis maintains a development team in
house, including the three named as key personnel (Erika Blair, Donald Oellerich, and Brian
9/7/2018 Use or disclosure of data contained on this sheet is subject to restriction on the title page of this proposal. 24
NASWA UI IDH – Proposal Response
Seibt.) In addition, Devis has a full time recruiter working to stock our pipeline of development
and technical solutioning candidates. For NASWA IDH, our recruiter will identify candidates
that fit the position description (an official set of requirements that reflects the client’s personnel
needs and is tailored over the life of the contract). Strong candidates can be interviewed at any
time for adding to our existing bench, or as necessary to keep the positions filled throughout the
life of the contract.
9/7/2018 Use or disclosure of data contained on this sheet is subject to restriction on the title page of this proposal. 25
NASWA UI IDH – Proposal Response
nominally leading every Scrum while serving as the single point of contact and accountability for
the team’s work. This becomes especially important when working on cross cutting systems like
the IDH, with touch points across the country, multiple stakeholders and teams working on the
project. In these instances the Scrum Master becomes the ‘face’ of the operation to other key
stakeholders such as the Requirements teams envisioned under Part C. Devis utilizes processes
like holding release and sprint planning meetings to bring in the entire development team,
selecting the work for the releases and the individual sprints that will constitute them, and
obtaining joint buy-in from the dev team and a commitment to deliver the working code as
planned. Doing so establishes a clear, shared accountability for project success as well as the
individual responsibilities that must work together in order to achieve it.
Our approach has repeatedly proven to deliver successful, secure and highly accessible systems
meeting the needs of diverse stakeholders. Devis built the FEDS system used by the State
Department to collate international training and exchange data expenditures from across the
entire Federal marketplace – over 200 entities overall, each with preexisting data formats for
reporting, all of which needed to be collated in order to produce a single, highly visible, annual
report to Congress on training and exchange programs.
Another example of Agile success can be seen in the Home Mortgage Disclosure Act (HMDA)
project Devis executed for CFPB. Where CFPB had previously needed to manually gather
mortgage data from each individual mortgage lender in the US, in their own preferred format,
going back and forth over weeks and months with each lender to iron out mistakes. The HMDA
engine automated much of the process. Processes that used to take weeks now take minutes; the
biggest lenders, having previously needed months of work to validate their data, can now be
accurately processed in a day or two – and the engine was delivered for half the time and at half
the cost originally anticipated by CFPB, representing a huge savings and realizing the promise of
Agile.
9/7/2018 Use or disclosure of data contained on this sheet is subject to restriction on the title page of this proposal. 26
NASWA UI IDH – Proposal Response
9/7/2018 Use or disclosure of data contained on this sheet is subject to restriction on the title page of this proposal. 27
NASWA UI IDH – Proposal Response
by which those discussions will take place, are also included in Figure 3-9. Subsequent to award,
the draft communication plan will be revised as necessary as per the guidance by the COR and
other personnel.
Our
Level Key Interface Activities NASWA
Team
Long Term Goals and Objectives
NASWA
Corporate Overall Project Performance, Issues,
Sponsor
Project
Concerns, and Opportunities
Executive Manager
Customer Satisfaction
Kickoff; Ad Hoc Meetings; Satisfaction Surveys; Informal
Communications
Goals, Objectives, Requirements, and
Performance
Personnel Performance Management
Project Issues, Concerns, Risks
System Architecture Reviews NASWA
PM Data Architecture Reviews Project
Security Reviews Manager
Project Scrum Project Management and Deliverables
Management Master Event Management and Travel Management Project
Burn Rates Team
Migration Analysis and Planning
Resource Changes
Personnel Actions
Coordination with other IDIQ awardees
Kickoff; Meetings; Data Calls; Performance Reviews; Informal
Communications
Requirements handoff
Sprint Zero Project Team
Peer Review Stakeholders
Project Scrum
Software Development Sprints
Support Team Other IDIQ
Test and Validation Results
Migrations Awardees
Reviews and Retrospectives
Daily Standups, Meetings, Work Activities, Informal Communication
Figure 3-12 Part D Communications From kickoff to retrospectives, our approach features constant cross-cutting
communication that helps keep the entire stakeholder and vendor community on the same page from task order to task order.
3.2.9.
9/7/2018 Use or disclosure of data contained on this sheet is subject to restriction on the title page of this proposal. 28
NASWA UI IDH – Proposal Response
4. Key Personnel
All key personnel are currently employed by Devis. For each IDH task order, Devis personnel
will analyze the tasks as described in Section 3, assigning personnel (key personnel first, then
others as necessary) to cover every requirement in the task order.
9/7/2018 Use or disclosure of data contained on this sheet is subject to restriction on the title page of this proposal. 29
NASWA UI IDH – Proposal Response
American Consultants
2015 - 2016: Business Analyst
Trained over 250 FEMA employees to use PRISM v7.2 through in-class and webinar
sessions, including classes at Mt. Weather Emergency Operations Center and the
National Emergency Training Center;
Managed the development of digital learning modules to support training of PRISM v7.2
rollout, including graphic, instructional, and technical design.
Led PRISMv7.2 classes in buying, approving and reviewing, closeout, and system
administration; wrote and edited over 500 pages of PRISM v7.2 documentation
Managed, maintained, and documented PRISM v7.2 configuration settings to mirror
FEMA business processes;
Led the process of configuring PRISMv7.2 for production, test, and training
environments;
Created, managed, and analyzed training monitoring and evaluation processes;
Wrote and conducted PRISM v7.2 test scripts to ensure client satisfaction;
Washington DC Jewish Community Center
2014 - 2015: Development Associate/Grant Writer
Managed and maintained comprehensive donor database;
Wrote and edited grant applications for a non-profit organization with an annual grant
budget between $300,000 to $500,000;
Prepared budget reports for foundations and government agencies for a non-profit
organization with an annual budget of over $9,000,000;
Coordinated data maintenance for Annual Fund of over $1,000,000;
Coordinated direct mail appeals to donor lists of over 7,000 individuals for a non-profit
with an annual budget of over $9,000,000;
Delegate A. Shane Robinson
2010 - 2014: Legislative Director
Constructed, managed and maintained comprehensive constituent database;
Conducted thorough policy analyses to support passage of legislation;
Consulate General of Israel
2009 - 2010: Director of Media Relations
Constructed, managed and maintained comprehensive media database;
Managed all aspect of media relations for consul general;
Jewish Community Relations Council
2008 - 2009: Program Associate
Constructed and maintained comprehensive constituent database;
Developed and implemented grassroots strategy leading to 55 percent increase in
constituent engagement;
WHDH-TV (NBC Boston)
2008 - 2009: Associate Producer
Produced nightly sportscast in 8th largest media market in the country, including, but not
limited to editing video, writing voiceover scripts, and constructing graphics.
9/7/2018 Use or disclosure of data contained on this sheet is subject to restriction on the title page of this proposal. 30
NASWA UI IDH – Proposal Response
9/7/2018 Use or disclosure of data contained on this sheet is subject to restriction on the title page of this proposal. 31
NASWA UI IDH – Proposal Response
Trained and managed on-site staff of five, dedicated to member interaction and
engagement
Managed four Regional Chapter Coordinators remotely
Participated in long-range planning to outline program goals, determine staffing,
software, and training requirements, and streamline operations
Processed and analyzed operational data to ensure successful project execution to
evaluate and select best qualified candidates to support language requests from federal
government agency clients
Analyzed program data from almost 6,000 members speaking over 325 languages and
report on overall member language capabilities and trends to senior program management
Prepared materials for briefings, monthly reports, and presentation tracking performance
metrics, analyzing member feedback, and outlining project plans
9/7/2018 Use or disclosure of data contained on this sheet is subject to restriction on the title page of this proposal. 32
NASWA UI IDH – Proposal Response
9/7/2018 Use or disclosure of data contained on this sheet is subject to restriction on the title page of this proposal. 33
NASWA UI IDH – Proposal Response
Supervising and delegating membership engagement tasks for seven local I&E team members
and four remote I&E Chapter Coordinators.
Inlingua, Arlington, VA
5/2010 – 10/2010: English as a Second Language (ESL) Tutor
While employed by Inlingua as an ESL tutor contracted out to the International Monetary Fund
(IMF), Ms. Hodges provided one-on-one ESL lessons to IMF economists seeking to improve
their skills in speaking, listening, reading, and writing English. Following TESL pedagogical
standards, Ms. Hodges worked closely with her students to determine their unique learning
objectives and work toward long-term language goals. Ms. Hodges also launched a condensed
version of an accent reduction course at Inlingua headquarters, adapting the existing 12-week
curriculum to an eight-week course. She used curriculum planning and needs assessment
methodologies to streamline the course in a manner that prioritized her students’ learning
objectives.
9/7/2018 Use or disclosure of data contained on this sheet is subject to restriction on the title page of this proposal. 34
NASWA UI IDH – Proposal Response
Ms. Hodges served as a family’s live-in tutor in English as a Second Language (ESL). She
determined learning objectives and customized learning paths for each family member, and
provided daily ESL tutelage in an Italian-speaking household.
Statement of Qualification:
Bachelors Degree
10+ years IT development experience
Relevant Employment History:
DigiDoc (dba PS2G), Washington DC 3/2017 – 4/2018:
Project Manager & Technical Consultant
DC Housing Finance Authority, IT Consulting Services Contract:
Lead the delivery of IT Consulting services for with streamlining and enhancing current
processes and workflows.
Assess current processes and workflows for various departments and provide value
streaming in order to identify areas in need of process improvements and modernization
in order to establish more efficient productivity.
Identified the business, functional, and technical requirements for implementing a
solution that would enable the electronic submission and approval workflow process
Managed the implementation of the RAPID solution which included installation,
configuration, testing, deployment and end user training
TConneX Inc, McLean VA 5/2015 – 10/2017:
Project Manager
FDA PEARL Data Mining Tool Project
Applied SCRUM framework to manage the overall development of PEARL, a web-based
analytical software tool that automates detection of adverse drug event (ADE) safety
signals from MEDLINE reports through quantitative data mining of indexing terms.
Performed testing, functional testing, and regression testing to ensure system integrity.
Food and Drug Administration (FDA) Pilot Project: I2E Software Testing of Advanced Text
Mining (ATM)
Applied hybrid agile approach to manage and lead the implementation of I2E NLP tool in
order to capture a large amount of Regulatory Science data.
9/7/2018 Use or disclosure of data contained on this sheet is subject to restriction on the title page of this proposal. 35
NASWA UI IDH – Proposal Response
9/7/2018 Use or disclosure of data contained on this sheet is subject to restriction on the title page of this proposal. 36
NASWA UI IDH – Proposal Response
Managed the design, development, and maintenance of general web architecture and web
applications.
He is the key developer on the USAID ProgramNet team. Mr. Oellerich develops new
features and modules as well as resolves issues with existing functionality; works to
resolve and document solutions for system migration issues; synchronizes taxonomy and
user experience navigation to more closely represent the program cycle; and performed
an interface analysis and redesign to increase user friendliness.
Mr. Oellerich was also a technical team member in the development of the TraiNet/Web
and Visa Compliance System (VCS), USAID’s internet-based tools for gathering and
reporting data on USAID exchanges, training and education, and for maintaining
compliance with U.S. Government Visa requirements.
He was also a technical team member for the Federal Exchange Data System (FEDS).
FEDS facilitates the Interagency Working Group (IAWG) on U.S. Government-
Sponsored International Exchanges and Training process of collecting and maintaining
this information across the entire government.
Mr. Oellerich was a technical team member in the development of CareerTrac for
National Institute of Environmental Health Sciences (NIEHS). The CareerTrac system
assisted NIEHS to tracking employee training and the resulting organizational benefits.
He performed front-end and back-end development for the Consumer Financial
Protection Bureau’s Home Mortgage Disclosure Act (HMDA) pilot system. This web
application validates a financial institution’s submitted data file before the file is
submitted for processing, drastically reducing the turnaround time for validation and
reporting and increasing the quality and consistency of data.
Mr. Oellerich has been the technical team lead on Credit Management System (CMS) for
the USAID Office of Development Credit in the Bureau for Economic Growth,
Agriculture, and Trade (EGAT/DC). CMS is responsible for managing USAID's credit
9/7/2018 Use or disclosure of data contained on this sheet is subject to restriction on the title page of this proposal. 37
NASWA UI IDH – Proposal Response
9/7/2018 Use or disclosure of data contained on this sheet is subject to restriction on the title page of this proposal. 38
NASWA UI IDH – Proposal Response
Freddie Mac,
2008-2011: Senior Program Director, Mclean, Virginia
9/7/2018 Use or disclosure of data contained on this sheet is subject to restriction on the title page of this proposal. 39
NASWA UI IDH – Proposal Response
Mr. Seibt was responsible for leading a high performance technical team in Architecture Services
targeting priority projects for the organization. Engaged in monthly informational sessions with
the CIO on status, risk and areas of interest.
Drove the decision for the selection of the corporate-wide Enterprise Service Bus to
facilitate legacy transformation as part of the Corporate Score Card.
Delivered Enterprise Web Services and all associated SDLC artifacts for the Servicing
Portal on time and on budget by leading the design and development team.
Freddie Mac,
2001-2008: Senior Research Director, Mclean, Virginia
Mr. Seibt was responsible for leading a technical team, within Financial Engineering, in the
design and development of financial models, frameworks and applications.
Designed and developed grid-enabled framework for portfolio level simulations.
Created software quality assurance team for Financial Engineering. Leveraged automated
build tools along with static and dynamic code-checking tools to ensure code quality.
Fasttide,
2000-2001: Senior Web Developer, Mclean, Virginia
Mr. Seibt was responsible for the design and development of customer facing website in support
of the company’s network infrastructure product.
Designed and developed the customer website using J2EE, JSP, EJB and JavaScript.
Conducted performance evaluations on middleware infrastructure.
Freddie Mac,
1998-2000: Senior Technical Analyst, Mclean, Virginia
Mr. Seibt was responsible for the development of the portfolio management and optimization
frontend.
Developed front end using Microsoft Visual C++.
Integrated CORBA objects within the front end to support the optimization of the debt-
to-asset mix for the corporate retained portfolio.
PriceWaterhouseCoopers,
1997-1998: Senior Technical Lead, Rosslyn, Virginia
Mr. Seibt was responsible for the design and development of tools for use by the Asset
Securitization Practice and their customers.
Designed and developed the Asset Securitization Analysis Pro (ASAP) financial
language compiler used for bond payment calculations using Visual C++.
Modeled system data for inclusion in Oracle databases. Created ASAP’s tables, triggers,
and stored procedures. American Management Systems,
9/7/2018 Use or disclosure of data contained on this sheet is subject to restriction on the title page of this proposal. 40
NASWA UI IDH – Proposal Response
9/7/2018 Use or disclosure of data contained on this sheet is subject to restriction on the title page of this proposal. 41
NASWA UI IDH – Proposal Response
A. Pricing
Part C: Requirements Development/Business Analysis Services – FFP/T&M
9/7/2018 Use or disclosure of data contained on this sheet is subject to restriction on the title page of this proposal. 1
NASWA UI IDH – Proposal Response
9/7/2018 Use or disclosure of data contained on this sheet is subject to restriction on the title page of this proposal. 2