After five years, $ 30 million, and outside support from a team of technical experts from the US Digital Service, the Small Business Administration’s online small business verification program, Certify, is ineffective and abandoned.
Certify aimed to improve SBA contracting programs by streamlining the certification process and creating a single portal where business owners and SBA analysts could benefit from more security, ease of use. , efficiency and flexibility, âaccording to a report by the SBA Inspector General. .
By offering a web portal for small businesses to apply for 8 (a) status, the SBA “intended to create an online certification process that would replace cumbersome paper forms, allowing users to answer questions that were required. ‘apply only to their business and share documents uploaded to multiple certifications. applications. “
Meanwhile, on the agency side, Certify was supposed to be a single, cloud-based portal where analysts could find relevant program data, rather than having to sift through reams of documents and databases. disparate data.
However, after spending over $ 30 million developing the app, “it lacks most of the essential research, analysis, and reporting tools it was supposed to have,” wrote the ‘IG.
“To compensate for Certify’s shortcomings, program analysts must use labor-intensive methods external to the Certify platform, thereby reducing the expected benefits of Certify for SBA contract program analysts and program participants, âthe report said.
The report details many of the app’s flaws. Perhaps most striking was a 50% increase in processing time for new 8 (a) applications, from 91 days in fiscal 2017 to an average of 138 days in 2019. The IG attributed this increase to specific productivity issues with the Certify app, such as the historic 35-day government shutdown in early 2019.
From September 2019, the SBA plans to remove the Certify app and migrate useful features to a new system developed by an entrepreneur. However, the IG warned that the same systemic oversight issues could also doom the next effort to failure.
The agency has been working on overhauling aging IT systems used to audit small minority-owned and disadvantaged businesses for some time.
The report dates back to the development of the 8 (a) -centered Business Development Management Information System, or BDMIS, in 2008. Three years after the launch of this system, the SBA began work on the OneTrack tracking program. , which would have covered 8 (a) and the HUBZone companies.
âHowever, in 2014, after spending around $ 3.5 million, the SBA abandoned this development effort,â the IG wrote.
Certify became the next iteration of the modernization effort, with an internal governance board in 2015 approving spending $ 45 million over 11 years to develop the app.
To avoid past failures, at the start of the project, the SBA brought in the US Digital Service, a core team of technical experts from the private sector from companies like Google and Amazon touring the government. USDS teams, housed within the Office of Management and Budget, are dispatched to work with other agencies on specific projects, such as Certify, and bring in private sector best practices for software development.
However, leadership confusion and cultural conflicts led to an out of control project with little oversight.
As the USDS moved into working at SBA, the team reported directly to the agency’s COO rather than the CIO, although these were ‘a project focused on IT.
When Maria Roat, who currently holds the post of Deputy Federal CIO, took on the position of SBA CIO in 2017, she decided to reorganize the project, including placing the USDS team under the responsibility of her office. However, by this time, the USDS team had become so integrated with the project that “confusion existed between the USDS and the role of the SBA in the project,” the IG said.
As SBA officials tried to exert more control over the project, “USDS made it clear that they were reporting to OMB,” said a former SBA IT employee who worked with USDS. on the Certify project. Nextgov. “And when the SBA called for coordinated leadership, the USDS felt it was only relevant when it was in their interests.”
The former employee called the USDS a “vision and mission … super critical,” but said the members were often “dismissive” and “demeaning.”
âFor a group that preaches inclusion, a lot of us feel like we’re not making the trip with them,â they said. “The team hasn’t really approached, engaged, or tried to really incorporate their best practices into SBA’s efforts.”
A USDS spokesperson declined to comment on Monday.
This confusion came to a head in 2019, when the SBA leadership chose to put the project on hold and end engagement with the USDS.
The result, in September 2019, was a $ 30 million platform with “unresolved security vulnerabilities and was difficult to understand and improve,” according to IG’s rewording of the investment committee’s findings in business technology. The committee also discovered “latent flaws and data migration errors” in the development process and ultimately found the “platform unsustainable in the long term.”
In August 2019, BTIC recommended developing a new platform using Microsoft Dynamics 365 that would integrate 8 (a), HUBZone, women-owned small businesses, and the All Small Mentor ProtÃ©gÃ© program in one place. The agency awarded a $ 3.5 million contract the following month to develop this app.
In its report, the IG warned that this contract could be plagued by the same problems that doomed the Certify project.
“Until SBA addresses its weaknesses in monitoring IT projects, there is a continued risk of repeating the shortcomings of past projects,” the report said.
As the USDS took the reins of the project, the IG gave the SBA responsibility for proper oversight and adherence to established IT process controls.
“In every area, we found that the lack of planning was followed by a subsequent lack of monitoring reviews and reporting,” the report says. âThis, in turn, has left Certify managers ill-equipped to meet Certify’s objectives and goals. “
The IG also noted that project managers were using an agile development framework – seen as best practices within and outside government – but did not take into account the federal policies that still come into play.
“These management controls include the development of front-end project baselines established by design and requirements planning, ongoing monitoring against pre-determined cost schedule milestones, and testing against comprehensive acceptance criteria by contractors. users, âthe report says.
Overall, the IG made nine recommendations. SBA officials agreed with some of the recommendations and disagreed with others. Likewise, the IG contested some of the agency’s proposed corrections, ultimately leaving six of the recommendations marked as unresolved at the time of the report’s release.