The Cybersecurity and Infrastructure Security Agency (CISA) will lead as the first formally designated Quality Service Management Office (QSMO) for cybersecurity services, the Office of Management and Budget (OMB) announced today.
Within the cybersecurity services division, CISA will act as QSMO for security operation center standardization, vulnerability management standardization, and domain name system resolver. The QSMO initiative, issued in April 2019 as a part of Memorandum 19-16, creates centralized mission-support capabilities to promote the use of shared services.
“This an important step in the path to modernization of the Federal government,” Federal CIO Suzette Kent said in an April 27 press release. “By designating CISA as QSMO for cyber services, the Federal government will be able to leverage their expertise, contracts and solutions to offer a robust marketplace of cybersecurity capabilities that will benefit all agencies.”
The President’s Management Agenda cited shared services as a “cross agency priority” to promote efficiency. The cybersecurity QSMO will help “make more resources available for agency mission-specific work,” according to the press release.
“In partnership with OMB and our partner QSMOs, we stand ready to create efficiencies in government and optimize the Federal workforce by shifting resources to higher value work and reducing duplication across agencies,” Assistant Director for Cybersecurity at CISA Bryan Ware said.
QSMOs operate as a “government storefront/manager” of a specific marketplace, in this instance for cybersecurity capabilities, to manage tech solutions based on governmentwide standards. To become a QSMO, the agency must submit a Marketplace Implementation Plan that details proposed service offerings, the acquisition strategy, financial infrastructure, and other requirements.