Enabling Governance, Resilience, Assurance, and Accountability in the Federal Enterprise – Introducing the DVMS

Enabling Governance, Resilience, Assurance, and Accountability in the Federal Enterprise – Introducing the DVMS

Rick Lemieux – Co-Founder and Chief Product Officer of the DVMS Institute

In an increasingly digital and interconnected world, federal agencies must not only comply with governance standards but also demonstrate resilience, operational integrity, and transparency in real time. The Digital Value Management System (DVMS) offers a unified and adaptable overlay system that enables Federal Government Digital Governance Leaders to uphold the principles of Governance, Resilience, Assurance, and Accountability (GRAA). Based on the mandates and expectations of OMB Circular A-11 (Preparation, Submission, and Execution of the Budget) and Circular A-4 (Regulatory Analysis), the DVMS transforms traditional governance practices into dynamic, data-driven systems of evidence and continuous assurance. It operationalizes what the Assurance Mandate white paper from the DVMS Institute describes as “governing by evidence” — turning compliance into confidence and oversight into measurable performance.

Governance: Aligning Strategic Intent with Operational Integrity

Governance within federal agencies has traditionally been guided by OMB Circular A-11, which sets the foundation for evidence-based planning, budgeting, and performance management. It requires agencies to connect mission objectives, financial management, and program delivery into a unified management system that links resources to outcomes, ensuring that economic and programmatic goals are met effectively and transparently.

The DVMS translates policy priorities into actionable steps. It serves as a governance layer, connecting strategic policy objectives to operational performance through its Create–Protect–Deliver (CPD) model. The CPD cycle ensures that each governance goal (“Create value”), protective measure (“Protect value”), and operational outcome (“Deliver value”) is supported by measurable evidence. Using an overlay like Minimum Viable Capabilities (MVC) and the QO–QM (Question Outcome–Question Metric) method, the DVMS converts broad policy directives from OMB circulars into specific operational indicators.

This approach updates governance by creating a living system of intent and evidence, allowing federal leaders to track how strategy, resources, and results align. Instead of relying solely on reports or checklists, governance becomes active, constantly monitored, assessed, and improved through data-driven insights. In essence, the DVMS helps leaders fulfill the core of Circular A-11’s evidence-based management and accountable oversight.

Resilience: Measuring Adaptive Capacity Across Digital Ecosystems

Resilience — the ability to maintain operations and mission performance under stress — has become a key requirement for federal digital governance. Circular A-11 requires agencies to incorporate risk management, performance, and contingency planning into their operational strategies, ensuring that government services remain stable during disruptions.

The DVMS defines resilience as a measurable system trait. Using real-time dashboards, automation, and AI-driven analytics, the DVMS turns resilience from a vague concept into a concrete, constantly validated metric. By combining data from enterprise systems, risk controls, and performance frameworks, the system allows Digital Governance Leaders to track their agency’s adaptive capacity in real time.

This capability directly supports the federal move toward integrating ongoing risk and performance management, replacing fixed reporting cycles with adaptable governance loops. The DVMS’s continual feedback system allows agencies to test and enhance operational resilience in both simulated and real conditions, ensuring readiness for cyber incidents, financial disturbances, or operational crises.

In doing so, the DVMS enables what The Assurance Mandate describes as Resilience by Design — the capacity to create, protect, and deliver value under pressure, with evidence to support it. This shift enables federal agencies to transition from reactive recovery to proactive adaptation, aligning with the resilience expectations embedded in modern governance frameworks.

Assurance: Governing by Evidence, Not Assertion

While compliance ensures adherence, assurance offers confidence — the ability to demonstrate, through evidence, that policies, controls, and systems are functioning as intended. Circular A-11, A-123, and A-4 both stress this principle. A-11 and A-123 requires agencies to use performance evidence to support accountability and budget decisions. At the same time, the 2025 Circular A-4 Policy Brief emphasizes the importance of “peer review and reasoned analysis” to ensure objectivity and evidence-based decision-making.

The DVMS exemplifies this new Assurance Mandate by transforming frameworks such as NIST CSF, ISO 27001, ITIL, and COBIT from static compliance checklists into dynamic systems of assurance evidence. Every control, process, and outcome within DVMS generates verifiable data that shows whether governance goals are being met.

In the federal ecosystem, this means executives can demonstrate — not just declare — that their programs meet performance, financial, and risk management standards. Automated assurance reporting links operational data to policy goals, offering continuous visibility into the agency’s “state of control.” This satisfies the OMB A-11 and A-123 requirement that agencies “demonstrate effective use of data to improve mission performance” and aligns with federal risk management and oversight standards that call for strong diagnostic and reporting frameworks to enable proactive portfolio management.

By embedding assurance into every operational layer, DVMS transforms oversight from a burden into a strategic advantage. Rather than preparing periodic reports for auditors, agencies can continuously assure stakeholders, Congress, OMB, and the public that their operations are effective, secure, and aligned with their mission. As The Assurance Mandate notes, “compliance brought us here; assurance takes us forward.”

Accountability: Closing the Loop Between Governance and Trust

Accountability — the fourth pillar of GRAA — guarantees that governance and assurance results are tangible and linked to trust. Under the Government Performance and Results Act (GPRA) Modernization Act of 2010, reinforced by OMB Circular A-11, agencies are required to incorporate performance management and evidence-based decision-making into their processes to promote transparency and accountability to the public.

The DVMS enhances accountability by integrating traceability into every governance function. It connects decisions, actions, and outcomes through a digital chain of evidence, enabling leaders to see not only what was done but also why it was done and how it supports mission objectives. This digital traceability meets federal oversight expectations for accountable lines of authority and independent risk management, ensuring that each outcome can be traced back to a responsible individual or system process.

Furthermore, the DVMS improves public accountability by providing evidence-based reports that can be shared with oversight agencies and the general public. In doing so, it supports the OMB’s goal of “data-driven transparency,” enhancing trust in federal agencies. In the DVMS model, accountability is not punitive; it is constructive and ongoing, promoting improvement through feedback, analytics, and learning.

Governing by Confidence: From Compliance to Capability

Perhaps the most transformative aspect of DVMS is its ability to change how governance leaders think about control. Traditional Governance, Risk, and Compliance (GRC) models focus on avoiding failure; the DVMS-enabled Governance, Resilience, Assurance, and Accountability (GRAA) model focuses on demonstrating capability.

The Assurance Mandate clarifies that compliance measures maturity, while assurance measures capability. The Dynamic Verification Management System (DVMS) facilitates this transition by substituting static compliance documents with dynamic assurance evidence. This approach not only satisfies the analytical standards set by Circular A-4 and the accountability principles outlined in A-11 and A-123, but it also empowers leaders to cultivate governance cultures based on confidence, where data and evidence foster trust both internally and externally.

In this model, oversight is ongoing, resilience can be measured, and accountability is verifiable. By combining governance, operations, and assurance into a single system, DVMS transforms the federal agency into a digitally confident enterprise — one that leads with integrity, agility, and transparency.

The Future of Federal Governance is Assured

The Digital Value Management System marks a significant advancement in how federal agencies fulfill their missions. By adhering to OMB’s modern governance directives, DVMS enables Digital Governance Leaders to implement the GRAA model, ensuring transparent governance, measurable resilience, ongoing assurance, and verifiable accountability. Moreover, DVMS offers Federal agencies a robust framework for developing effective internal control systems that enhance operations, reporting, and compliance. It empowers agency leaders to establish and maintain these controls while regularly assessing their effectiveness in accordance with the guidelines outlined in OMB Circular No. A-123.

Through DVMS, federal leaders can meet the expectations of OMB Circulars A-11, A123, and A-4 — not just by following their words but by embodying their purpose: to create a government that governs with evidence, adapts with resilience, assures with confidence, and leads with accountability. In this era of digital disruption, this is not merely about compliance — it is about leadership through assurance.

The future of federal governance, as The Assurance Mandate concludes, “is not about managing risk; it’s about proving resilience.” DVMS provides the federal enterprise with the tools to do just that — continuously, transparently, and credibly — transforming governance from a periodic audit into a dynamic system of trust.

About the Author

Rick Lemieux
Co-Founder and Chief Product Officer of the DVMS Institute

Rick has 40+ years of passion and experience creating solutions to give organizations a competitive edge in their service markets. In 2015, Rick was identified as one of the top five IT Entrepreneurs in the State of Rhode Island by the TECH 10 awards for developing innovative training and mentoring solutions for boards, senior executives, and operational stakeholders.

Digital Value Management System® (DVMS)

A Unified Intelligence System that Governs, Assures, and Sustains Digital Business Value, Resilience, and Trust

The DVMS Institute’s Certified Training Solutions teach organizations how to transform best-practice programs such as NIST, ITSM, GRC, and ISO into a unified, adaptive, and culture-driven Governance and Assurance Intelligence System that sustains digital value, resilience, and trust.

The DVMS establishes a structured, intelligence-driven pathway that unites Governance Intent, Operational Capability, and Assurance Evidence for each program— empowering organizations to achieve a unified approach for measurable performance, operational resilience, and client trust.

Through its MVC, CPD, 3D Knowledge, and FastTrack Models, the DVMS operationalizes a:

• Governance Overlay system that unifies strategy, assurance, and operations
• Behavioral Engine that transforms how organizations think, decide, and act in uncertainty
• Learning System that measures, adapts, and innovates the digital business over time.

DVMS White Papers

• The Assurance Mandate –  Moving to Evidence-Based Operational Resilience
• Assurance in Action –  Turning Policy into Organizational Capability
• Governance By Assurance –  A Systems Approach to Outcome-Based Regulation

DVMS Organizational Benefits

The DVMS doesn’t replace existing frameworks—it connects, contextualizes, and amplifies them, transforming compliance requirements into actionable intelligence that drives and ensures sustained digital value, resilience, and trust.

By adopting a DVMS, organizations are positioned to:

• Maintain Operational Stability Amidst Constant Digital Disruption
• Deliver Digital Value and Trust Across A Digital Ecosystem
• Satisfy Critical Regulatory and Certification Requirements
• Leverage Cyber Resilience as a Competitive Advantage

DVMS Leadership Benefits

• For the CEO, the DVMS provides a clear line of sight between digital operations, business performance, and strategic outcomes—turning governance and resilience into enablers of growth and innovation rather than cost centers.
• For the Board of Directors, the DVMS provides ongoing assurance that the organization’s digital assets, operations, and ecosystem are governed, protected, and resilient—supported by evidence-based reporting that directly links operational integrity to enterprise value and stakeholder trust.
• For the CIO, the DVMS provides a structured way to align technology investments and operations with measurable business outcomes.
• For the CRO, the DVMS provides a way to embed risk and resilience directly into operational processes, turning risk management into a driver of performance and adaptability.
• For the CISO, the DVMS provides a continuous assurance mechanism that demonstrates cyber resilience and digital trust across the enterprise and its supply chain.
• For Internal and External Auditors, the DVMS provides verifiable proof that the enterprise can maintain operational continuity under stress.

DVMS Institute Certified Training Programs

DVMS Cyber Resilience Awareness Training

The DVMS Cyber Resilience Awareness training provides all employees with a comprehensive understanding of the fundamentals of digital business, its associated risks, the NISTCSF, and their role in protecting organizational digital value. This investment fosters a culture that is prepared to transform systemic cyber risks into operational resilience.

DVMS NISTCSF Foundation Certification Training

The DVMS NISTCSF Foundation certification training course provides ITSM, GRC, Cybersecurity, and Business professionals with a detailed understanding of the NIST Cybersecurity Framework and its role as an integrated, adaptive, and culture-driven governance and assurance management system that drives resilient, compliant, and trusted digital outcomes.

DVMS Cyber Resilience Practitioner Certification Training

The Digital Value Management System® (DVMS) Practitioner certification training course provides ITSM, GRC, Cybersecurity, and Business professionals a detailed understanding of how to transform systemic cyber risk into operational resilience by uniting Fragmented Frameworks and Standards, such as NIST, ITSM, GRC, and ISO, into a holistic, adaptive, and culture-driven Governance, Assurance, and Accountability overlay system that keeps your digital business resilient, no matter the disruption.

DVMS Brochures and Explainer Videos

DVMS Brochures

• Company Brochure
• Product Brochure
• Company Presentation

DVMS Explainer Videos

• Architecture Video: David Moskowitz explains the DVMS System
• Case Study Video: Dr. Joseph Baugh Shares His DVMS Story.
• Overlay Model – What is an Overlay Model
• MVC ZX Model – Powers the CPD
• CPD Model – Powers  DVMS Operations
• 3D Knowledge Model – Powers the DVMS Culture
• FastTrack Model – Enables A Phased DVMS Adoption

Digital Value Management System® is a registered trademark of the DVMS Institute LLC.

® DVMS Institute 2025 All Rights Reserved