Appointed a year ago to lead the digital transformation of the federal government, Forman is trying to make public agencies more accessible to citizens through the use of information technology. A wistful dream? Perhaps, but Forman is a determined individual--and, with an IT budget of $48 billion, he has a formidable war chest to make his goal a reality.

As the U.S. Office of Management and Budget's associate director of information technology and e-government, Forman is the closest thing the government has to a chief information officer. Yet he defies the stereotypes of both Washington and the high-tech industry, neither a bloodless bureaucrat nor a code-obsessed nerd.

Instead, the 43-year-old Forman is crusading against government waste and red tape. He has long worked to improve technological efficiency in a career both in and out of civil service, helping to draft several laws reforming government use of computers as a senior staff member of the Senate Governmental Affairs Committee. In executive posts at IBM and Unisys, Forman also provided IT consulting to the federal government.

Complaining that the government has grown far too insular and unwieldy, he says millions of dollars are wasted every year because each public agency has created its own computer fiefdom rather than share important resources. The resulting isolation became immediately evident Sept. 11 with the hindrance of vital communication between departments.

Since then, Forman's goals and profile have been raised considerably, with a White House request to boost his budget by $4 billion. Still, it will take a Herculean effort to overcome the bureaucratic inertia, turf warfare and entrenched politics of the nation's capital.

In laying out his vision for CNET News.com, Forman recently described the enormity of the challenge of trying to haul the government's hidebound technologies into the 21st century.

Q: How have the government's IT priorities changed since Sept. 11, and how does that affect your e-government plans?
A: It meant really looking across the federal government and (examining) how we work as a team on homeland security issues, between the intelligence community, the law enforcement community, the Justice Department, the Transportation Department and the Treasury Department. Do we have the infrastructure? Do we have the process integration and do we have the tools? What we learned is that we have to operate as a team, and that takes some different infrastructure; it takes some process re-engineering and process integration.

What technology are you using for this?
One would be collaboration technology, or knowledge-management tools. We're creating new work flows, meaning: How do you manage the flow of information and how do you actually work across agencies or between federal, state and local (government)? In the past, we've done that on an ad hoc basis. There didn't need to be anything formalized.

But when we were doing this work, we adopted two easy-to-understand measures of success. One is response time. In order to respond faster, it means we have to be prepared and lay out these work processes in advance. The second is the quality of decision making, because whether you're dealing with people in the field that have to respond first or people in airports at baggage inspection, they have to make a decision.

How are you defining e-government, and why do we need it?
We define e-government as the use of digital technology to transform government operations in order to improve effectiveness, efficiency and quality-of-service delivery.

What is that going to cost?
We'll spend $48 billion this year, and we've requested $52 billion in IT for the federal government for fiscal year 2003. We are by far the largest buyer of IT products and services in the world, but we're not getting the results in terms of better quality of service and improved productivity. We're focusing on getting those improvements.

How?
A lot of it involves the president's broader management agenda because so many technology applications relate to how you manage the organization. E-government is integrated with the human capital planning and financial management systems under way.

We've done some work looking at what we call the business architecture. There are about 30 lines of business, and every government policy turns into a program. Those turn into back-office operations: human resources management, procurement and supply-chain management. We've got 24 cabinet-level departments and agencies, and 19 of those 24 are doing any one of those lines of business.

So why does that matter?

How many people are working on it, and how much is government spending on it over the next 12 to 24 months?
Virtually everything now is focusing on e-government or applying the e-business concepts to government management. Across the agencies, we've got 24 initiatives. That represents somewhere around $400 million to $500 million that we should be spending. But because there is so much redundancy, duplication and overlap, there is actually $2 billion to $3 billion budgeted for those initiatives. So you begin to see that by buying things as if each agency were a government, in and of itself, you end up spending a lot more money than you need to.

What is this buying you?
A lot of the initiatives relate to internal efficiency and effectiveness. Some relate to intergovernmental affairs. Some relate to how government deals with business, and some relate to how government deals with individuals.

For example?
In the internal efficiency and effectiveness area, we have HR directors buying the same type of software as CFOs--but from different companies.

In intergovernmental affairs, there are a couple of big issues that jump out at you. First is this issue of homeland security and how do we operate across local, state and federal governments as a team. There are a number of gaps in terms of communication, and the federal government has become so convoluted that it's very difficult for state governments. They actually have identified a set of initiatives via two focus-group sessions.

What do those include?
One is the disaster-preparedness portal. There are multiple departments and agencies involved in disaster response and preparation. It's very convoluted for state and local government to deal with them, especially in a crisis. So there is a lot of simplifying to make it easier for state and local governments to get access to the federal resources they need to deal with a crisis.

How does a portal help them do that?
It deals with a number of things, ranging from "how do you put together a disaster preparation plan?" to "who should you involve in your planning?" That's different if you're out West and you may have to deal with a forest fire, or you're in the Southeast and you have to deal with hurricanes. You'd have to deal with the Department of the Interior; the Energy Department, because of national laboratories and other facilities in that region; the Forest Service at the Agriculture Department; the Federal Emergency Management Agency (FEMA); and the Defense Department, largely because there are so many bases in that area. How you integrate with those is mind-boggling for most state and local governments. Facilitating that is something that's necessary now because of homeland security.

What has it been like getting agencies to buy in on your projects? How do you overcome resistance to change in a slow-moving bureaucracy?
What I found last summer when we did our e-strategy task force is that the people who actually use the technology want to work in a more modern environment. They very much want this. They are agents of change, and I'm really just supporting what they've demanded.

Somewhere above them in the bureaucracy there's a group of people who have fought to do the right thing in their departments, and it's very difficult for them. Many have gone through several years of defending their budget. And now we've come in and said, "That was good, but it's still not going to give us the performance improvement they need."

Through the budget process, rarely does anyone get funded to do it right. Generally, people get...75 percent of what they need. I've been appealing to them that they can get all of what they need if they team up and take advantage of each other's investments. Sometimes that works and sometimes we have to do a lot of stroking.

So what have you accomplished in the last nine months?
For the first time, we have an IT strategy that's been created. The IT strategy is essentially to focus on three key areas: homeland security, the war on terrorism, and revitalizing the economy. We're going to focus the rest of the IT spending on driving productivity improvement.

How do you think information technology can be used to improve the efficiency in the way the government interacts with the private sector?
By using (e-business XML) and other open standards, we can allow for electronic transmission of reports. We can collect that data once, and we'll parse it out. Industry doesn't have to keep sending us the same data multiple times. The redundant reporting burden--depending on whether you use the OMB numbers or the figures from the small-business administration--is somewhere between $350 billion and $500 billion in the economy. So that's a big part of the initiative.

What kind of data?
Economic, regulatory compliance, tax data and trade data. The second thing is we can start to deal with e-markets and export promotion, taking advantage of where the economy is going--which is largely e-markets and electronic supply chains. Right now, those processes are very paperwork intensive, so the government has actually become a constraint on the digital economy. In fact, that is one of the e-government initiatives: international trade streamlining.

What technology will underpin the collaboration products you'll use?
That work and analysis is under way. There will not be just one platform because there are a number of different work flows or processes for disaster response and disaster planning. There will be different tools for different aspects. One thing that's fairly common, though: We'll heavily use XML and middleware.

Why those technologies?
We're not going to rebuild everything from the ground up. Rather than trying to replace everything, there are new open standards and tools to let you join together legacy applications, new applications and support teamwork. We...are going to heavily use those toolkits.

What other technologies are on your radar?
Middleware is one. We just have to string things together in a way that makes sense. It may just be transactions or communications where we have to inform state and local government of the threat levels. There were no tools that supported those communications. We've got the policies and procedures now.

There are going to be other things that relate to how we work together and share information. There will have to be security that will be related to those transactions.

Is the Internet playing a big role in this communication?
It won't just be the cosmic, open Internet, but intranets and extranets--so using the open-standards technology but at different degrees of security, depending on the scenario. A third technology we're seeing in this arena is geo-spatial, or geographic information systems (GIS).

What role do they play?
They've become the backbone of state and local government management systems. Government tends to be bound by geography, of course, and what's happened is that across federal, state and local governments, again these (separate) efforts on GIS have resulted in 50 percent excess spending. More than that, we've got a lot of redundant information in different standards. That makes it really hard to work as a team or to integrate or to build the accelerated response time to procedures that we need for homeland security.

Last year, the states actually came to us and said that if the federal government can get its act together on how it's using and identifying the GIS standards, that will accelerate state and local e-government efforts--and this was before Sept. 11! Since then, it has become clear that it's the backbone of homeland security.

How so?
One example is bio-terrorism. Doctors in different cities may find certain things, and those will get aggregated at public health services organizations. If there is an outbreak of something, you could track that by its spread across the country geographically. We now know there are ways to accelerate the response.

Do you have an example?
Probably the greatest example is figuring out where you need to position vaccines. Based on models and analysis, that can be done looking at geo-spatial information such as wind currents, mountainous areas or other patterns. The state and local government has said to the federal government, "You've got to get your act together here." That means, for us, we've got to focus our standards and deal with this redundancy issue once again.

Has the government been completely barraged by proposals from the technology industry in the last six or seven months?

Such as?
Building out the infrastructure for the FBI; the Trilogy program was accelerated.

What's the Trilogy program?
It's a basic LAN/WAN desktop computing environment for the FBI.

What does Trilogy replace?
Paper. They desperately needed that. I don't know for sure, but I would suspect, based on what I've seen of the data, that a lot of (what improved most quickly) was basic infrastructure--like security systems and cybersecurity-type capabilities. Beyond that, we had hundreds of ideas on how to share information, but only a handful of ideas addressed how to really share knowledge, how to develop the improved business process to get accelerated response time and improved quality of decision making.

Most of us who were getting hit with these proposals said, "That's terrific, but you've got to come back to us with some solutions that are going to deliver faster results and better-quality decisions, and that get information into the hands of key people in a way that gives them the ability to be more productive in these homeland security areas." It's taken a few months, and now we're seeing the fruits of the industry being able to deal with it.

Where are federal computer networks in terms of security today, and where do they need to move? How do you plan to improve them?
Most of the emerging networks we have are in fairly decent shape because we've required that they incorporate security. There are an awful lot of new virtual private networks. We have, though, lots of security issues. We just recently sent a report to Congress where we found some pretty bad problems. The bottom line here is that we spent a lot more money to fix these problems, but money is not the panacea. In fact, we found that the problems or the quality of an agency or a department's security plan was not correlated with the amount of money they spend. There are many management issues here as well.

What kind of management issues?
Training for the basic work force. A lot of people are getting focused on training their IT practitioners, but they forget to do annual training or semiannual training with the work force on good IT security practices--things like don't put your passwords on the side of the workstation; don't give your passwords out. They may not know not to click on an obvious virus.

Name three technologies that will have an impact on government over the next year or two.
XML, without a doubt, because it gives us the ability to collect data once and use it many times. It allows us to do electronic transactions as opposed to filling out paper forms. Also, threat management as a cybersecurity technology because it allows us to accelerate our response to threats, and there's no doubt about it: The threats to government Web sites and government infrastructure are growing.

What kinds of threats?
Internal and external, a wide variety of threats.

The third major technology area is knowledge management and integrating that with work flow--what many people call "knowledge flow."

What are the biggest gaps or disappointments in today's Web-based technology and in the tech industry itself that make your mission harder?
Security is a huge gap. There are so many different vulnerabilities and so many different threats. It's an (infinite) matrix of possibilities. I think that's why the threat-management capabilities have come about over the last three months or so. But working through all that is a big technology barrier.

What's your biggest tech nightmare?
My tech-related nightmares are driven by my fear of cost overruns on IT projects because we don't have enough program managers and solutions architects.

How do you measure success and failure as a head of e-government?
I measure it in terms of improvement in the performance of key government programs. Looking at the homeland security programs, are we really accelerating response of federal and state and local agencies to disasters, man-made or natural? We measure that against the current state of affairs; we have robust data on that.

Decreasing paperwork. I'm talking about the reporting burden because we get paper reports instead of electronic reports. If we move to electronic we know there'll be savings.

One of the biggest areas that I'm focused on is an initiative called online rule making. Government rules and regulations have to go out for public comment. We want to make that a lot simpler by using the Web to let people comment. We're talking about citizens, small businesses, people in their jobs--make it easier for people to understand government and bring the control back to the citizen. This online rule-making initiative is one of the most important (initiatives).

What have you learned since starting this job almost a year ago? What have been the highs and lows?
We've forced each agency to put out business cases for each project, and we now have 900 business cases. At least the agencies are starting to understand we're buying solutions, not pieces and parts. The federal work force wants to work in an e-business and e-government environment. If I can get the people resisting this out of the way, or bring them onboard, that will accelerate citizen service.

We've had a number of these initiatives where some agencies have not wanted to act as a team, but Sept. 11 was the lowest of the low points. Four of the five e-government initiatives we identified before Sept. 11 were the intergovernmental information-sharing projects. Had we had those projects done faster, we could have accelerated response times to the disaster. That was really discouraging.

Back to intro