AssetCentric

It's getting really scary out there: another organization has lost documentation containing Personally Identifiable Information.

The Federal Energy Regulatory Commission (FERC) reported the loss of a binder containing the Personally Identifiable Information (PII) of over 2,800 former employees.  The binder was last used in late February and was reported missing in early March - presumed to be lost during an office move while Human Resources employees cleaned out and disposed of old files from a locked office.

An investigation revealed that the binder was most likely thrown out, therefore a low probability exists that the information within was compromised.  Officials are taking steps to protect the identities and credit information of the people listed within the binder.

So why does this matter to us property people?  Though a binder with paperwork is not normally something we would track in our property control systems, (see FAR 45.101), certainly the fact that the binder contained PII makes it worth keeping special tabs on.  It was in a locked office - great - but it seems like it was a little too easy to just throw away.

In reading this article, I kept thinking about Brandon Kriner's presentation at the recent NOVA chapter seminar.  Though his presentation focused on the importance of having property people work with IT people to track Sensitive Data Storage Devices (e.g. thumb drives), this is essentially the same thing.  In this case, however, it was a binder not an IT device; and it would be the property people working with the HR people to track.  Several questions come to mind here: 

• Who was ultimately responsible for this binder?
• Who had access to this locked office?
• Who made decisions about what got thrown away and what didn't?
• Was there a policy in place whereby people normally had to check out this binder and check it back in?

If I could guess, I would say no one had good answers to these questions.  Had there been a property person who knew what kind of information was kept in that office and what should have happened with that binder, this could have possibly been averted.  I talk to groups of property people often about keeping themselves out of the newspapers by taking pains to track the stuff they care about - surely this binder, with all its PII, fell under that category.

According to a recent GAO report, military property items are being found for sale on various auction-based websites.  Some of the items available are of sensitive nature.

Government investigators posing as buyers were able to purchase a dozen prohibited military items on websites such as eBay and Craigslist. Examples of the items identified for sale online include:

• Two F-14 fighter jet components. The United States has retired its fleet of F-14s. Only Iran is currently using them.

• Night vision goggles specially made to military specifications that allow the user to identify U.S. troops at night.

• Special "enhanced" body armor vests used by U.S. troops in Iraq and Afghanistan, and not available to the general public.

The Associated Press is reporting that the week-old ban forbidding IBM from getting new Federal contracts has been rescinded as of Thursday, April 3, 2008. 

IBM had been placed on the government-wide roster temporarily suspending all of the company's business units from engaging in new business with the Federal Government following an allegation that IBM employees improperly obtained privileged information in the firm's protest of an $84 million Environmental Protection Agency contract it lost in 2007.

An IBM press release on March 31, 2008 announced that "the U.S. Attorney's Office for the Eastern District of Virginia has served IBM and certain employees with grand jury subpoenas requesting testimony and documents regarding interactions between employees of the EPA and certain IBM employees."

IBM later announced that the government's decision to reinstate IBM's eligibility for Federal contracting is contingent upon an agreement to "continue to cooperate with the EPA's ongoing investigation of possible violations of the Procurement Integrity provisions of the Office of Federal Procurement Policy Act" and cooperate with the ongoing investigation by the U.S. Attorney's Office.  The company will also refund the EPA attorney fees and other costs that the agency incurred in dealing with IBM's protest.

According to the AP story, IBM has placed five employees on administrative leave pending its own internal investigation of the incident. 

InformationWeek reports that IBM's revenue from the government totaled about $1.3 billion, or 2% of the company's total sales.  Analysts have speculated that the decision to lift the ban was made in part because the incident appeared to be isolated and thus did not warrant the punishment of an entire large multinational firm.  Sources with knowledge of the situation also indicated that the EPA took action without consulting other agencies, thus compromising many other pending IBM government contracts unrelated to the EPA incident.

As an employee of a very small company that often competes with giants like IBM for government contracts, I salute the EPA for blowing the whistle on this alleged ethical violation.  Ensuring competitive fairness in contracting opportunities is a critical element of a free market society and the public trust that the taxpayers place in our government.  I hope that this incident will serve as a warning to others who may be tempted to sacrifice their reputations for revenue.

From the DCMA Public Website, information on the DoD Property Manual (http://guidebook.dcma.mil/34/dc08-170.htm): 

 

Information Memorandum No. 08-170
Subject:  Rescission of Instruction DoD 4161.2-M DoD Manual for the Performance of Contract Property Administration (INFORMATION)
Date:  February 22, 2008
Target Audience:  Property Administrators (PA) and Administrative Contracting Officers.

New Information/Guidance/Tools:

• The subject Instruction designated the Defense Logistics Agency (Defense Contract Management Command) with responsibility for the developing, publishing, and maintaining the DoD 4161.2-M.  This responsibility has continued under the Defense Contract Management Agency (DCMA).
• The manual, last published in 1991, is now obsolete.  Its utility as a policy-making tool has largely been superseded by DoD Procedures, Guidance and Information (PGI).  With that in mind, OSD is in the process of cancelling DoDI 4161.2-M, DoD Manual for the Performance of Contract Property Administration.
• Information and direction for DCMA Property Administrators and Plant Clearance Officers will be provided in the DCMA guidebook for Property Management on Government Contracts.
• We will be updating the Guidebook on an incremental basis with the System Analysis Section projected for completion by May 1, 2008.
• This information is applicable to the Property Management on Government Contracts Guidebook process.

Point of Contact for Further Information

Signature:
Deputy Executive Director, Contracts Directorate

The Washington Post reported yesterday that officials with the Defense Logistics Agency (DLA) mistakenly shipped nuclear missile fuses in a shipment to Taiwan in August 2006. The shipment was supposed to include only replacement battery packs for a specific type of helicopter used in Taiwan's fleet. According to the article, Air Force officials believe that the missile fuses were placed in an unclassified area of a DLA warehouse and not properly tracked, as periodic physical inventories conducted over the past 18 months did not reveal that the items were missing or unaccounted for.

The issue raises concern for several reasons. First, U.S. officials were not aware of the mistake until Friday when notified by Taiwanese officials, 18 months after the fact. Second, the classified nature of the materials shipped warranted that they be among those items of highest priority for accountability inventory control, but periodic physical inventories conducted during the past 18 months did not reveal that the fuses were missing, indicating that they were not being properly tracked. Third, this isn't exactly a case of a restaurant ordering a shipment of Coke from a beverage distributor and receiving Pepsi. This is an error that could potentially violate the terms of nuclear nonproliferation agreements as well as U.S. export laws. And given the sensitive nature of the relationship between China and the U.S. because of U.S. relations with Taiwan, this incident could have much greater consequences in the international arena.

This incident, like many others, illustrates the need for organizations to assess the overall health of their property management systems and physical inventory procedures. Everyone makes mistakes...and in an organization the size of the U.S. Department of Defense that transfers large shipments between warehouses across the country on an hourly basis, mistakes are sometimes inevitable. But a mistake that goes unnoticed for 18 months highlights some significant deficiencies in both property management and inventory control procedures.

Whether organizations are tracking laptops, satellites, dump trucks, or widgets, they must be able to account for their assets at any point in time, and must have processes in place to recognize when items are not where they are expected to be. Even more important, items that are identified as being of a highly classified or sensitive nature should be regarded as such, by being tracked even more closely and inventoried more often.

The Washington Post reported today that a government laptop belonging to the National Institutes of Health (NIH) was stolen last month while in the possession of an NIH employee. The laptop apparently contains sensitive medical data on 2,500 patients who were enrolled in a confidential NIH study, which was not encrypted. This incident highlights the necessity that organizations take steps necessary to ensure the security of highly sensitive or confidential information, or Personally Identifiable Information (PII.) IT security is an issue that is becoming more and more relevant as cases of identity theft continue to increase.

In 2006, after a laptop containing PII of veterans and active-duty service members was stolen belonging to the Department of Veteran's Affairs (VA), the Office of Management and Budget issued a recommendation that all portable IT devices be loaded with encryption software. One year later, this recommendation became a requirement for any portable device that may contain sensitive information.

The article also states that a recent study conducted by The Government Accountability Office (GAO) found that this month alone, at least 19 of 24 government agencies reviewed had experienced at least one breach that could potentially expose PII to identity theft. These findings illustrate the need for organizations, public or private, to place the highest priority on accounting for sensitive data, which now more than ever reside on portable, even hand-held devices. The theft of a desktop computer is not likely....the theft or loss of a laptop, a PDA, or a Blackberry is almost an inevitability. Organizations must ensure that property management procedures are in place to prevent PII falling into the wrong hands not only by encrypting sensitive data, but more importantly, by placing a much higher priority of accountability on devices that are portable or that may contain sensitive data. Equally as important, they must ensure that staff is knowledgeable about and fully compliant with those procedures.

We just got back from the 2008 NPMA Western Regional Seminar in Long Beach, CA.  The seminar was held aboard the historic Queen Mary.  The event featured a number of great programs on the latest developments in the property industry including:

• The newly released FAR 45 updates
• The impact of DOD's cancellation of the 4161 manual
• ASTM Standards and the E53 Committee on Property Management Systems
• UID Compliance
• Performing property management self-assessments

The event was also a great opportunity for many companies and agencies to come together and share best practices and knowledge.  Organizations represented at the conference included Boeing, Northrup Grumman, Stanford University,  DCMA, and GSA.

One of the highlights of the event was the "Who Killed the Auditor" Murder Mystery Dinner performed by Skip Adolph of Sunflower Systems and Lorril Stephens of ATK.  The Grand Salon of the historic ocean liner was the perfect backdrop for this interactive, property-themed detective story.

We're looking forward to attending upcoming property events, including the NOVA Chapter Seminar in Fairfax, VA on March 31-April 1, the Northwest Chapter Seminar in Anchorage, Alaska on April 28-29 and the Central Region Seminar in Denver, Colorado on May 8-9.

Throughout my career as a trainer and curriculum designer I've been involved in several software implementations, some of them highly successful and some of them not.  At my previous place of employment - where I was witness to more than a few 'unpopular' implementations - it seemed like there was always something missing in each - and perhaps many of you can relate to this phenomenon.  Whenever a new piece of software was implemented the end-users hated everything about it and wondered why they were being forced to use it.

I figured out the main problem back in 2005 when I joined a new company and project: the previous implementations hadn't included a change management program.  Wikipedia defines change management as, "A structured approach to the change in individuals, teams, organizations and societies that enables the transition from a current state to a desired future state."

Basically my job on the change management team was to involve the end-users in every aspect of the implementation.  This included immersing myself in the end-users' business processes; allowing the end-users to test and comment on the new software; providing them with presentations on how the new software would most affect their jobs, (which would give them a chance to prepare for the changes); creating custom training materials that included both their business processes and the software functionality; training them just before we went live so that they wouldn't forget everything they'd learned; and providing them with in-the-field support once the software went live.

When all was said and done, this ended up being by far the most successful implementation of my career.  The software was heavily vetted before implementation, so the end-users got just what they expected, and the training was relevant and just-in-time.  While there are many other components involved in change management that have not been mentioned here, you're well on your way to a successful implementation if you:

• communicate with your end-users and other stakeholders,
• get them involved in the process,
• train them on the relevant pieces of their jobs, and
• be there to support them once the software is live.

I would enjoy hearing from others about whether you've been involved with a change mangement program, or whether you just sorely wish you had been.

Here are a couple of early articles/thoughts on Terminology for the Property/Asset Management Profession.  In the spirit of best laid plans, this article was the first of what was to be a series of articles on the Terminology Standard, written by me in January 2001.

It's Just A Matter of Semantics...

The New ASTM Standard for Terminology

Jim Dieter, CPPM CF

 

Standards are rules or bases of comparison used in judging capacity, quantity, content, extent, value, or quality; levels of excellence or attainment regarded as a measure of adequacy.

 

Success!

The announcement by ASTM of the first set standard semantics for Property and Asset Management is certainly a milestone for our profession.  And hopefully that milestone will become a building block for our individual and collective efforts to build and expand the body of knowledge supporting our profession.   But for the benefits to be realized, we must actually use these agreed upon terms.

 

An important way to begin to integrate these terms into our professional vocabulary is to promulgate the accurate use of the standard terms and definitions in our literature - this magazine, NPMA training courses, the NES Proceedings, presentations given at local, regional, and national seminars, etc.  Writers and presenters should be among the first to familiarize themselves with the standard terms.  The consumers of this information can help by noting correct and incorrect usage and offering corrections in an appropriate manner.

 

All of us can further contribute by participating in the ongoing ASTM Terminology Standard development effort.  The current standard terms need to be corrected as necessary and updated as appropriate.  We need to reach agreement on additional terms, and add them to the standard.

 

Moving Forward

The discussion of semantics in our profession is pivotal to the growth of the NPMA, and to the development of ever better property professionals.  Shared semantics are critical to communication, communication is critical to understanding, and understanding is critical to improvement.  Simply stated, we can't measure things until we agree what those things are.  As members of the NPMA, we must continue to be the leaders in standardizing semantics associated with our profession.

 

An ongoing discussion of the terms and their relationships and background should aid and enhance our adoption of the standard terms.  While we'll all face some difficulty in accepting some of the definitions and the words associated with them by the standard, we should not be afraid to change and adapt.  Disseminating these terms should be of benefit to all NMPA members and their employers.

 

An interesting aspect of the development of the terms that may not be immediately obvious when looking through an alphabetical listing of the terms is the inter-relatedness of the terms.  It's a challenge just to assure that standard terms used in the definitions of other terms are properly used. Additionally, many of the terms should be viewed as parts of logical hierarchies of terms.  Future articles under this heading will deal with the semantics hierarchies that are basic to our profession, with other semantics related topics, and with the standards development process for terminology.

 

I did get as far as a second article, which was written at the same time as the first article, but I don't believe was ever published or distributed.

 

It's Just A Matter of Semantics...

A Basic Property Hierarchy

Jim Dieter, CPPM CF

 

"Property" means something or a number of things in which one has the rights and interests subject to ownership. It includes both tangible property and intangible property.

 

Hierarchies

An interesting aspect of the development of the ASTM Terminology Standard was the importance of maintaining consistency in the development of the individual definitions.  Care had to be given in this interactive, iterative process to assuring that each definition correctly used terms defined elsewhere in the document.  Additionally, many of the terms were parts of logical hierarchies of terms, requiring that each "block" within each level of the hierarchy was included and properly defined.   The opportunity remains to identify and define many more such hierarchies of property terms - wouldn't it be great if we had agreement on the use and relationship of  "category", "class", "group",  "type", etc.?

 

When reading an alphabetical listing of the standard terms, this or other hierarchies may not be obvious, thus obfuscating part of the potential benefit of use of the terms. One important and basic hierarchy that is a part of the initial set of standard terms is a hierarchy of property based on the legal view of property and ownership. 

 

A Basic Property Hierarchy

 

Many of us are still getting used to "generic" definitions of  terms, like the definition of property that leads this article.  We spent many years learning a set of definitions prescribed by regulation or organizational policy.  Generally, these definitions were fine within the confines of a single organization or business area, but often caused problems when dealing with "outsiders".  So, let's start fresh, and delve into a set of related terms flowing from this "generic", standard definition of property.

 

Two additional terms are mentioned in the definition as subsets of property - tangible property and intangible property.  What are the standard definitions of these terms?

 

"Tangible Property" means property having physical existence and hence capable of being valued monetarily.  Property other than intangible property.

 

That seems straight forward enough.  Pretty much a match for what us property folks are concerned about.  Things we can put tags on and create records of. 

 

But what else is there?

 

"Intangible Property" means knowledge derived from study, experience, or instruction, or knowledge of a specific event or situation. Property that is not tangible.

Whoa!  Wait a minute here. Property that is intangible?  Knowledge is property?  "Yes" is the answer to both questions.  Let's say that you work as a scientist for a research lab and have made an important discovery. They had required  you sign a form when you went to work there that said anything you discovered while working  there was the property of the lab.  One day you get a terrific job offer from a commercial business.  You tender your resignation, and carefully leave all your lab notes and other items related to the discovery with your assistant at the lab.   You report to your new job, and the first thing they say is that they want to commercialize the discovery you made while working at the lab.  In fact, that's the only reason they hired you.  You are aware of the agreement you signed at the lab, and that agreement extended beyond tangible property associated with a discovery, to the idea of and information about the discovery - the intangible property.  Sharing that intangible property of the lab with your new employer is precluded.  Time to hope you have another idea!

 

So, the top of out hierarchy looks like this:

. 

 

So, while the concept of intangible property must be recognized, at least for now, it is outside the scope of "Property Management" as practiced by most (all?) members of the NPMA.  Our focus is on Tangible Property.

 

Three Types of Tangible Property

 

 

"Tangible Intellectual Property" means tangible property that is intellectual in nature, including software, technical data, printed information, and legal documents (such as claims, debts, insurance policies, stock certificates, and evidence of indebtedness).

 

This is of course closely related to the concept of intangible property, with the important distinction of having physical existence.  The lab notes from the discussion above is a good example.  But again, for the most part, tangible intellectual property is outside our scope.  Of course we could get into a long discussion of tracking software...

 

"Real Property" means land and rights in land, ground improvements, utility distribution systems, and buildings and other structures. Real property is tangible property other than moveable property or tangible intellectual property.

 

This type of tangible property is of some interest to NPMA members, especially when we're perusing the Help Wanted ads!  Those folks think that they're Property Managers!  They just manage apartment buildings!

 

"Moveable Property" means tangible property other than real property or tangible intellectual property; it is moveable and visible.

 

So, this must be us!  Except the term moveable property is not familiar.  This is of course what has been commonly referred to within the NPMA as property.  But we've seen that in accordance with the generic, standard definition of property, there are many other types of property.  Well, we knew that all along, but chose to ignore it for professional purposes.  We can no longer ignore this reality.   The definition here is critical, but the term moveable property should still be a matter of discussion.   It is important that we either agree on this term to describe our primary focus, or come up with another that we can agree on through the consensus process.  Or perhaps we should coin a word, as the real estate professionals did when they invented the term "realtor" to describe themselves.

 

 

End Notes

We are trying to identify standards that will be as applicable to a university as to a federal agency; as useful to a state government as to a government contractor; and as appropriate for the current membership of the NPMA as to future members.

 

Your input, and broad discussion and agreement within the NPMA, is the path to the establishment of meaningful Property/Asset Management Standards. Please criticize; please suggest; please use and help develop our standards.

 

 

ASTM Committee E53 has two new standards for Property and Asset Management!

 

E2605 Standard Practice for Receiving Property

This practice covers the process for verifying, recording, and reporting receipt of tangible property (that is, equipment, supplies, and material).  It was developed by an ASTM Task Group led by Rick Shultz of the Applied Physics Lab of Johns Hopkins University under ASTM E53 Subcommittee E53.01 Process Management, chaired by Marsha Campbell of Deloitte.   

 

E2608 Standard Practice for an Equipment Control Matrix (ECM)

This practice describes equipment control classes (ECCs), equipment control levels (ECLs), and their relationships.   It was developed by an ASTM Task Group led by Jim Dieter of Sunflower Systems, Inc. ASTM E53 Subcommittee E53.05 Property Management Maturity which is also chaired by Jim Dieter. 

The new standards will be posted and available per the usual ASTM process when they have completed final editorial, pre-publishing review  - likely in three or four weeks.  The Chair of E53 is Lyle Hestermann of Raytheon.  Christi Sierk is the ASTM Staff Manager for E53.  The E53 standards and ASTM membership are available through ASTM at ASTM.org.

 

Five other drafts were on the recent ballot.  Four of these drafts will likely be resubmitted for ballot in April with improvements suggested during the ballot process.  In addition, the draft covering centralization of Physical Inventory guidance from various existing E53 standards drew a surprising number of comments. Rick Shultz has agreed to lead a Task Group to reconsider the standard, which was reapproved in 2007, and the improvements and changes recommended through the ballot process.