Snapshot:

  • Client: U.S. Department of Education
  • Service Provided: Full modernization of the Grants Management System (GMS) web application and back-end suite, including DevSecOps integration, cloud migration, accessibility enhancements, and user-centered design.
  • Results: Improved user satisfaction through a redesigned, accessible, and secure platform; streamlined grant management processes with microservices and cloud architecture; fully compliant with WCAG 2.1 and NIST cybersecurity standards.

 

Introduction:

The U.S. Department of Education’s GMS was outdated, limiting its ability to serve grant applicants and administrators efficiently. Innosoft was contracted to modernize the system, applying cutting-edge cloud technology, DevSecOps, and Agile methodologies. The goal was to create a flexible, user-friendly platform that streamlined processes, enhanced security, and ensured accessibility for users with diverse needs. Through an iterative design process, continuous user engagement, and strict security measures, Innosoft transformed the system into a responsive, scalable, and highly secure solution.

 

Problem:

The U.S. Department of Education’s Grants Management System (GMS) was hampered by outdated infrastructure, which severely limited its performance, scalability, and usability. The system struggled to meet the evolving needs of grant applicants, administrators, and policymakers, resulting in low user satisfaction and inefficient processes.

Key issues included:

  • Fragmented grant data across multiple platforms, making management cumbersome.
  • A disjointed user experience, with unintuitive navigation, inefficient workflows, and lack of mobile optimization.
  • Limited accessibility compliance, failing to meet modern WCAG 2.1 standards, making the system difficult to navigate for users with disabilities.
  • Lack of integration with modern technologies and services, including secure login processes and cloud-based infrastructure, hampered the system’s ability to scale and adapt to increasing demands.
  • Security vulnerabilities due to the lack of modern DevSecOps practices, putting sensitive grant and user data at risk.

To address these challenges, the Department needed a complete system overhaul to create a flexible, user-centric platform that could streamline grant management, improve security, and ensure compliance with federal accessibility standards.

 

Solution:

To address the U.S. Department of Education’s challenges with their Grants Management System (GMS), Innosoft delivered a comprehensive modernization strategy that combined Human-Centered Design (HCD), Agile Development, and cutting-edge technologies.

 

  1. Human-Centered Design (HCD): Innosoft placed user needs at the core of the modernization process. Extensive user research was conducted, including interviews, surveys, and usability testing, to identify pain points and optimize the user experience. The insights gathered were translated into user stories and design requirements, ensuring that the platform was intuitive and catered to the distinct needs of grant applicants, administrators, and policymakers.
  • Low and High-Fidelity Prototypes: Innosoft developed wireframes and mock-ups during early phases to visualize design concepts and gather stakeholder feedback. These prototypes were refined into high-fidelity versions, which were rigorously tested before being implemented.
  • User-Centric Redesign: The G6 homepage and core features were revamped, incorporating Login.gov integration for enhanced security and a smoother user experience. The redesigned interface improved navigation and increased user satisfaction.
  1. Agile Development & Continuous Integration: Innosoft applied an Agile methodology to guide the development process. The team organized their work into two-week sprints, with sprint planning sessions, daily stand-ups, and sprint reviews to ensure continuous feedback and adaptation.
  • JIRA for Tracking and Collaboration: All tasks, user stories, and features were meticulously documented and managed using JIRA. Regular grooming of the product backlog with the Product Owners ensured alignment with project goals.
  • Iterative Development: Innosoft emphasized an iterative development approach, using continuous integration (CI) and continuous delivery (CD) pipelines to deploy updates rapidly and seamlessly. This minimized downtime and allowed for quick implementation of new features and bug fixes.
  1. Implementation of Emerging Technologies: A key part of the modernization was leveraging emerging technologies such as Red Hat OpenShift and AWS Cloud for a flexible, scalable infrastructure.
  • Microservices Architecture: Innosoft broke down the system into individual microservices, allowing for modular development and easier updates. This approach ensured that new features could be deployed independently without affecting the entire system.
  • AWS and Red Hat OpenShift Integration: Migrating the grants data to a cloud-based environment using AWS and OpenShift provided enhanced performance, scalability, and security. The system now supports rapid application development and deployment across hybrid cloud environments.
  1. Accessibility and Inclusive Design: Recognizing the importance of accessibility, Innosoft ensured that the modernized system adhered to WCAG 2.1 standards and US Web Design System (USWDS)
  • Accessibility Testing: The team implemented accessibility features such as high-contrast text, keyboard navigation, ARIA roles, and alt-text for images. Accessibility tools like JAWS and WCAG Color Analyzer were used to test for compliance, ensuring that all users, including those with disabilities, could navigate the platform easily.
  • Semantic HTML5 and ARIA: Using semantic HTML5 and ARIA roles, Innosoft improved screen reader accessibility and made the interactive elements more comprehensible for users relying on assistive technology.
  1. DevSecOps for Security Integration: To ensure security at every stage of development, Innosoft employed a DevSecOps approach, integrating security into the continuous integration/continuous delivery pipeline.
  • Automated Security Tools: Tools such as FindBugs, Dynamic Application Security Testing (DAST), and AWS CloudWatch were utilized to automate security testing and identify vulnerabilities early. Container scanning, API fuzzing, and secret detection were also part of the process, ensuring comprehensive security across all development layers.
  • Microservices for Secure, Scalable Deployment: By adopting a microservices architecture, Innosoft minimized security risks, as each service was isolated, reducing the attack surface for potential threats. This approach also allowed for more secure and faster deployment of individual components.
  1. Cybersecurity Compliance and Authorization: Innosoft followed strict cybersecurity protocols to achieve Authorization to Operate (ATO) for the G6 system, adhering to NIST Special Publications 800-37, 800-53, and 800-171
  • Ongoing Security Assessment (OSA): Innosoft managed Plan of Action and Milestones (POA&Ms) to address security issues proactively, collaborating with security assessors to validate findings. This ensured compliance with all Department of Education policies, leading to successful integration into the department’s Ongoing Security Assessment and maintaining a secure environment for sensitive grant data.
  1. Comprehensive Testing and Monitoring:
  • Continuous Monitoring: With AWS CloudWatch, the system continuously monitored performance and security, providing real-time alerts and insights that helped maintain system integrity and performance over time.
  • Usability and Performance Testing: Throughout the development lifecycle, Innosoft performed comprehensive testing to ensure that the system met performance expectations. The team used Google Analytics and New Relic to monitor user behavior and performance metrics, allowing for data-driven decisions to optimize the platform.

 

Results:

The modernization of the U.S. Department of Education’s GMS, led by Innosoft, resulted in a transformative overhaul that significantly improved user experience, security, and system performance.

  1. Enhanced User Experience: Innosoft’s user-centric design process resulted in a more intuitive and accessible platform. Through extensive user research, including interviews, surveys, and usability testing, the redesigned G6 homepage incorporated gov integration, which streamlined login processes and simplified navigation. This led to a significant increase in user satisfaction, particularly among grant applicants and administrators. The system now provides a seamless, responsive experience, ensuring that users can efficiently access the information they need.
  2. Improved Accessibility: Innosoft ensured that the GMS adhered to WCAG 2.1 and USWDS standards, making it fully accessible to users with disabilities. Key features such as keyboard navigation, alt-text for images, and ARIA roles were implemented, enhancing usability for individuals relying on assistive technologies. Comprehensive testing with tools like JAWS and WCAG Color Analyzer ensured the platform was compliant with federal accessibility guidelines, removing barriers for all user groups.
  3. Scalability and Flexibility with Cloud Technologies: By migrating GMS data and processes to Red Hat OpenShift within the AWS cloud architecture, Innosoft created a highly scalable and flexible system. The use of a microservices architecture allowed for modular development and rapid deployment of applications across hybrid cloud environments, significantly reducing the operational complexities that existed with the legacy system. This solution supported ongoing demand growth and improved system reliability.
  4. Agile Methodology and Continuous Integration: Innosoft’s Agile methodology, which emphasized iterative development through two-week sprints, enabled continuous integration of new features and enhancements. The development team, working closely with Product Owners, used JIRA to manage and prioritize tasks, ensuring transparency and alignment throughout the project. Regular sprint reviews and collaborative feedback sessions allowed for rapid adjustments to meet user needs, while the CI/CD pipeline ensured a high level of code quality and reduced downtime during updates.
  5. Enhanced Security with DevSecOps: Security was a core component of the modernization, with Innosoft embedding security into every stage of the development lifecycle through DevSecOps By integrating tools like FindBugs, DAST, and AWS CloudWatch, the team ensured that vulnerabilities were identified early and addressed swiftly. Automated security scans, container scanning, and API fuzzing were utilized to protect against potential threats. This approach not only improved the speed of development but also enhanced overall system security, protecting sensitive grant-related data.
  6. Authorization to Operate (ATO) and Cybersecurity Compliance: Innosoft successfully achieved Authorization to Operate (ATO) for the G6 system by adhering to NIST Special Publications 800-37, 800-53, and 800-171 guidelines, along with other federal cybersecurity standards. By managing POA&Ms and conducting ongoing security assessments, the team ensured that the G6 system remained compliant with the Department of Education’s security policies. Regular audits and risk assessments were conducted to maintain robust security and ensure the system was secure and operationally resilient.
  7. Streamlined Grant Management Process: The modernization of the GMS significantly improved operational efficiency by consolidating grants data and management processes into a unified, cloud-based platform. The system’s microservices architecture allowed for the rapid development and deployment of new grant management tools, reducing the time it took to manage and approve grant applications. As a result, the Department of Education can now process grants more efficiently, with fewer system bottlenecks and improved data accessibility.
  8. Sustained System Performance: The use of New Relic and Google Analytics allowed Innosoft to monitor and optimize the platform’s performance continuously. Key metrics, such as load times and user engagement, were tracked in real time, enabling the team to make data-driven improvements. This ongoing monitoring ensured that the system maintained high performance levels, even as user demands and traffic volumes increased.

Leave a Reply

Your email address will not be published. Required fields are marked *