Specializing in federal technology services, Liberty IT Solutions, LLC (Liberty) is a mission-centric SDVOSB that supports multiple government agencies across a diverse portfolio of Health IT projects. As a leading company under the Transformation Twenty-One Total Technology Next Generation (T4NG) contract vehicle, Liberty has architected solutions supporting all aspects of VA’s mission. As a SPARC prime, Liberty is prepared to support CMS with innovative IT solutions through its combined experience in key technology areas, a portfolio of qualified personnel and extensive facilities. Liberty supports federal clients with the adoption of transformational, high-impact technologies, practices and disciplines around agility, scalability, user experience, system and cybersecurity, analytics, mobility and cloud transition. As a highly responsive organization, Liberty understands how to enhance the user experience through effective use of Lean, Agile, and DEVOPS development and operational methodologies. Through emerging development technologies, trends, and tools Liberty enhances IT automation to enable federal clients in improving quality, efficiency, user engagement while lowering IT costs.
Liberty provides consulting and service delivery on complex IT operations models in the cloud that involve highly dynamic assets and fast-changing environments. We also provide adaptive ways to deploy security that include both static policies and threat-aware cyber security support. In addition, Liberty more easily and effectively supports our clients’ use of data, information and analytics.
Initiation, Concept, and Planning (ICP) Services
Liberty supports the ICP activities sought by CMS in its IT modernization (application and infrastructure), standards, and system evolutions to satisfy current and future business needs (e.g., ACA, Market Place, and Medicaid/Chip). Our team works with clients to solve the problems presented by unique IT challenges, including strategy and planning, analyzing requirements, establishing baselines, elaborating goals, analyzing gaps, developing technical approaches and prioritizing modernization efforts. Through our combined efforts, Liberty can create a tailored Project Management Plan (PMP), specific to a system/application development project. We provide the following successful projects as examples:
- On our VA Billing and Patient Accounting Data (BPAD) Study project, we integrated technical, business, and data architectures in the context of assessing design and integration efforts, ensuring the alignment of projects to the IT strategy, and supporting Architecture Reviews (AR), Investment Selection Reviews (ISR), and Project Baseline Reviews (PBR).
- On the Consolidated Patient Account Centers (CPAC) Management Consulting, we helped VA’s Revenue Operations navigate multiple Revenue Transformation efforts as they modernized their entire operations and adjust for Community Care Legislation and President Trump’s transition team.
Liberty’s portfolio managers and solution architects are keenly aware of the vast world of standards and requirements. Refined requirements and backlog management along with rapid prototyping ensure consistent stakeholder alignment. Our team has worked closely with product owners and other stakeholders to develop and refine project requirements and to complete Requirements Packages that includes all Epics, stakeholder needs, visualizations, stories, and other sources of requirements information for functional and non-functional requirements. In addition to typical backlog grooming activities (prioritizing, resolving ambiguity, duplication and overlaps), Liberty also applies complexity estimates and identifies dependencies in the backlog. Complexity estimates for user stories and epics can be compared to actuals later and serve as a basis for resource projections for future work output. We provide the following examples of our approach towards requirements services:
- In HPS Tier 3 Sustainment Support: Clinical, Liberty managed requirements (including backlog items and adaptive maintenance tasks) under Rational DOORS Next Generation (DOORS) and other tools to categorize and keep track of requirements.
- In VETSNET Development, Liberty also used DOORS to capture epics and user stories. We also developed a Requirements Traceability Matrix (RTM) using DOORS (with Rational Team Concert and Rational Quality Manager) in addition to using attribute tagging, filtering, and different link types to configure the RTM to support a wide variety of views to meet the specific needs of a tester, security analyst, or stakeholder.
Development & Design Services
Liberty’s technical team has been instrumental in delivering development services, ranging from custom application Agile development to Salesforce and Microsoft Dynamics development in the cloud. Under T4NG, Liberty has matured its Agile process through the execution of numerous projects at its Agile Center of Excellence (ACE), a 40,000-ft. Software Development Center in Melbourne, FL. Key prime development contracts include Beneficiary Travel Self-Service System Software Development (BTSSS) and VA Integrated Enterprise Workflow Solution (VIEWS) Salesforce Development. Our teams use continuous integration, deep functional expertise and scrum team collaboration to detect deficiencies early in the development lifecycle and to amplify the effectiveness of delivery operations. We provide the following table that provides some of our key development technologies and skills:
At the ACE, Liberty engineers and Subject Matter Experts (SMEs) have developed solutions that are compliant to VA’s multiple design requirements, from 508 compliance to client-specific needs. This experience will be translated to meet the needs of CMS customers and clients. Our team will be able to design system and software components, database and data governance structures, and system integration or API gateways. To note, Liberty has incorporated design services in both our development and maintenance tasks. Under Agile, design is concurrently conducted with these tasks and with the solutions we provide. Examples of our design services can be found in our work at VA:
- In BTSSS, Team Liberty configured the Microsoft Dynamics CRM platform to meet VA’s key functionalities and capabilities. As part of this Task Order, we developed 508-compliant user forms and configured CRM portals, to be accessible on desktop, kiosk, and mobile interfaces.
- In BISL, Team Liberty designed and supported analytics tools OLAP cubes, that are used for various types of reporting solutions. There are 85 different OLAP cubes to be managed under this Task Order, which were developed and designed to meet enterprise-wide needs at VA.
Liberty’s Lean Agile testing knowledge, experience, and expertise enables earlier detection of defects and maximizes delivery velocity. Our proven testing approaches increase the quality of software/products delivered to stakeholders by 1) Significantly reducing the effort to fix errors by shifting testing left, 2) Increasing developer effectiveness by running comprehensive automated test suites, and 3) Executing the proper tests at the right time to maximize the delivery of test results. We have created and use a three-level maturity model for Agile Testing. When put into action, the maturity model functions as a roadmap to baseline testing methods and to move Application Release Trains (ART) to full test automation. We describe the features and benefits of the model, as shown below:
Maturity Level 1:Series Testing
Series approach. Sprint test at end of sprint, increment test at end of increment
- Tests are events usually performed in a cadence matching sprint boundaries
- Automated deployment into test environments is not required
- Potential cost savings for expensive tests, e.g., AWS resources for increment tests are only needed in the last sprint
Maturity Level 2:Continuous Testing
Tests are continual and do not align with a Sprint or cadence
- Sprint tests are performed after every build. Increment tests are performed after every sprint test
- Automated deployment into test environments. Defects are discovered earlier
- Tests are not events, but rather business as usual
- Causality between build and test failure is clear, except when multiple builds are combined
Maturity Level 3:Continuous Testing with On-Demand Environments
Environments created on demand. Sprint and increment level tests are performed after every build
- Tests are performed after every build, allowing defects to be discovered as soon as possible
- Automated environment management where environments are created on demand for a test, then destroyed after the test completes, minimizing test contamination footprint
- Clear causality between build and test failure
- Automated deployment into test environments
Liberty’s overall testing strategy shifts and automates as much testing to the left of the development cycle through:
- Applying state of the art testing processes with the goal of maintaining consistency across the enterprise.
- Selecting the right automation tools and constantly evaluating emerging open source tools and techniques for adoption.
- Promoting a collaborative culture between the developers, architects and testers where all types of testing are shared responsibilities.
- Training and empowering developers and testers to adopt advanced test automation techniques.
- Providing transparency across the organization to all test artifacts.
- Implementing a continuous improvement strategy to shifting left, centered on a roadmap with metrics to measure progress and meeting milestones
Security Control Assessment Services
Liberty’s security services portfolio provides a deep understanding of many different aspects of IT security, including but not limited to Security Control Assessments and related services. As a former U.S. GAO Senior IT Security Auditor who has assessed security programs at multiple Federal agencies and government-wide security efforts, our Chief Information Security Officer previously managed VA’s data center IT Security Program after starting the data center Information Assurance program. At the time he joined Liberty, the IA staff had grown to over 50 covering well over one hundred major applications. With decades of federal security experience in just the security leadership team alone, Liberty provides CMS with significant security capabilities. With this understanding and expertise, Liberty has managed and led VA security Task Orders, such as our current Security Architecture Advisory & Support Services and has provided other security support such as Audit Defense and Enterprise Cloud Service Security Support. Our security expertise is also exemplified in our approach towards Security Control Assessment Services, where we have provided in our current projects at VA as well as our internal security investments:
- In the Security Architecture Advisory Services Task Order, Liberty has provided a project-level PMP and have produced test plans, including testing and evaluation procedures and techniques necessary to evaluate the controls implemented to protect the system. In addition, we have produced security reports using security assessment templates for authorization to operate (ATO).
- In addition, at the ACE, Liberty has developed a knowledgebase for security artifacts, such as ATO procedures, as well as staffing security analysts at other VA projects, who have conducted security testing and have aided in the production of security deliverables, including the test plan, report, and tested controls/findings.
Liberty is dedicated to maintaining and optimizing projects, and our maintenance team has expertise in supporting business intelligence and sustaining enterprise-wide projects. One of the greatest challenges in a sustainment effort is the ability to manage an existing backlog or recurring maintenance while critical work items present themselves intermittently. A purely development oriented methodology such as Scrum cannot solve this alone. To support any combination of work item types, Liberty implements Scrumban within an Agile Maintenance Framework (AMF). Scrumban is an established sustainment strategy that includes the notion of Scrum and Kanban. Kanban allows for Just-in-Time backlog adjustments and moving work items across a task board from “Work in Progress” to “Done”. Scrumban also offers the flexibility to implement Sprint cycles for larger releases or single ticket patch releases as needed. Interdisciplinary Scrum Teams are also an important component as staff can be aligned to the needs of each unique backlog composition. Our expertise in maintenance is exemplified in the following projects at VA:
- On the Business Intelligence Service Line (BISL) support Task Order, Liberty initially conducted an analysis of the project; through this analysis, developed plans to document the maintenance development, processes, and procedures for BISL. Liberty currently supports and maintains the following services: CDW, maintaining its server and resolving complex network/server latency issues; SQL Server Integration Services, debugging and scripting packages while maintaining its ability to be plugged into the ETL framework; Pyramid Analytics, providing day-to-day administration and improving data services for the BISL environment; and other task areas associated with this Task Order.
- On the $223MM HPS Tier 3 Sustainment Support: Clinical Task Order, Liberty categorizes the scope of the latter task’s sustainment efforts into two primary categories: Periodic/Known backlog items that can be planned for (e.g. adaptive maintenance or the existing defect backlog) and Intermittent items that can be difficult to predict (e.g. tickets or deficiencies found in regular code scans).
SPARC Support ServicesBy way of our CMS HiTech Business Operations Support Contractor project, we bring firsthand understanding of CMS’ vision for Support Services partnering on the effort to partition user support services, including user documentation and training requirements, from the other Services supporting the unique needs of maintaining continuity and coordination and management of CMS products and managing dependencies between sections of the XLC Services Model. At VA, we have effectively maintained user documentation in accordance with our CMMI ML3 processes, providing specific provisions for peer review, quality review, and configuration control associated with releases or other updates. Our CPAC training experience includes certified instructors, who delivered training using multiple media formats through a disciplined systems-based approach. CPAC also included instructor-led training at local/user sites, and web-based training – ensuring Section 508 compliance. Our VA Surgical Quality Workflow Manager (SQWM) project included a number of business operations support services, including monitoring schedules, supporting audits, problem resolution and analysis, root cause analysis for recurring issues and defects, reporting, daily coordination, and interfacing with Governance Boards. On both CPAC and SQWM, we analyzed changing legislation and strategic issues impacting the product management and provided our client with revised implementation strategies and stakeholder communications.
Data Request Services
Our engineers and architects are intimately familiar with data request services, having done work for BISL and HPS Tier 3 Sustainment. Additionally at CMS, our HBOSC and ER&R experiences have taught us the importance of strong Data Request fulfillment in response to inquiries from CMS’ large internal and external customer/stakeholder community. The number of data requests received and the fact that the unplanned workload is unpredictable in terms of frequency, complexity and urgency, presents a unique challenge for CMS. This combined VA and CMS experience will be applied to CMS’ own data request services, whether data is stored at a warehouse or at a database. Our VA CPAC experience provides lessons learned for minimizing the administrative burden associated with similar data requests through dashboards. We use a four-step process for data request support including:
- Log and track the request to completion in data request tracking database;
- Identify system(s) holding data needed to fulfill request;
- Facilitate the propagation of the subject data from an operation environment to an appropriate location for due diligence and discovery; and
- Analyze the data and formulate summary request and backup data package for each request.