Faster is possible: DoD Publishes New Software Acquisition Policy
Adopting commercial best practices. The instruction is a substantial departure from status quo business. It provides the framework to rapidly acquire and deliver software capabilities with active user engagement. User engagement is so critical, the pathway requires a User Agreement to establish governance processes and help ensure end users are actively involved throughout development and provide feedback on Minimum Viable Products (MVP). The Sponsor and User Community are expected to provide a Value Assessment at least annually that captures the mission impact of delivered software. The policy embraces and adopts the DevSecOps culture and approach, automation, secure pipelines, modular architecture, and leverages DoD enterprise services to move faster. These commercial-world concepts such as Lean Startup feedback cycles, MVP, DevSecOps, and human-centered design are needed to give the United States a competitive advantage in an era of rapid learning, innovation, and disruption.
Streamlined acquisition. The Software Pathway simplifies acquisition and requirements processes, and emphasizes delegated decision authority to empower Program Managers. The focus of the pathway is on rapid planning and capability delivery based on user priorities and stakeholder feedback. In planning, the pathway establishes a streamlined, core set of needs, strategies, and estimates before beginning development, and then iterates on them throughout program execution. This enables rapid entrance into execution, and iterative software deliveries and value assessments. The FY20 NDAA also enacted key statutory exemptions to facilitate the practices in the policy. For example, programs are exempt from MDAP treatment and requirements. Similarly, programs are exempt from JCIDS unless the VCJCS, USD(A&S), and the SAEs agree on a new expedited process for software requirements. There are no required milestone reviews and only a minimal set of required documents. Enterprise services and automated testing are expected to be used to the maximum extent possible and cybersecurity is expected to be addressed from program inception to operations. Build-measure-learn cycles are a hallmark of the pathway:
The Acquisition Enabler’s software team prototyped an interim policy in January and then collaboratively developed this formal DODI with many stakeholders across DoD, delivering one year ahead of Congressional expectation. The DODI 5000.87 replaces the interim policy, and completes the set of the new 5000 series instructions for each pathway of the Adaptive Acquisition Framework, along with a new DoD Directive 5000.01 and DoDI 5000.02 on the overarching acquisition system and AAF. Similar instructions are being published for each acquisition functional area.
Keep iterating & improving. As Ms. Lord has noted, “the thread that runs through all of our programs and all that we do is software and I believe that we need to catch up with the private sector.” Winning a future fight increasingly depends on the United States’ ability to deliver software-based capabilities faster than our adversaries. The Software Acquisition Pathway and DoD DevSecOps Reference Design provides the modern framework (people, process, tools, and policy) that prioritizes speed and adaptability. We will continue to work with the community to continuously improve upon the Software Acquisition Pathway. The Software Pathway on the AAF website will be continuously updated to reflect this new policy along with a wealth of new guidance and resources.
Sean Brady is the DoD Senior Lead for Software Acquisition and the Software Acquisition Pathway owner within the Office of the Deputy Assistant Secretary of Defense for Acquisition Enablers (DASD(AE)). He serves as the functional manager for defense SW modernization policy, programs, and initiatives to ensure the US dominates in digital warfighting capability delivery. The Acquisition Enablers organization helps programs navigate and adopt the new Software Acquisition pathway and modern software development practices.