Enabling Governance, Resilience, Assurance, and Accountability in the Federal Enterprise – Introducing the DVMS
Rick Lemieux – Co-Founder and Chief Product Officer of the DVMS Institute
In an increasingly digital and interconnected world, federal agencies must not only comply with governance standards but also demonstrate resilience, operational integrity, and transparency in real time. The Digital Value Management System (DVMS) offers a unified and adaptable overlay system that enables Federal Government Digital Governance Leaders to uphold the principles of Governance, Resilience, Assurance, and Accountability (GRAA). Based on the mandates and expectations of OMB Circular A-11 (Preparation, Submission, and Execution of the Budget) and Circular A-4 (Regulatory Analysis), the DVMS transforms traditional governance practices into dynamic, data-driven systems of evidence and continuous assurance. It operationalizes what the Assurance Mandate white paper from the DVMS Institute describes as “governing by evidence” — turning compliance into confidence and oversight into measurable performance.
Governance: Aligning Strategic Intent with Operational Integrity
Governance within federal agencies has traditionally been guided by OMB Circular A-11, which sets the foundation for evidence-based planning, budgeting, and performance management. It requires agencies to connect mission objectives, financial management, and program delivery into a unified management system that links resources to outcomes, ensuring that economic and programmatic goals are met effectively and transparently.
The DVMS translates policy priorities into actionable steps. It serves as a governance layer, connecting strategic policy objectives to operational performance through its Create–Protect–Deliver (CPD) model. The CPD cycle ensures that each governance goal (“Create value”), protective measure (“Protect value”), and operational outcome (“Deliver value”) is supported by measurable evidence. Using an overlay like Minimum Viable Capabilities (MVC) and the QO–QM (Question Outcome–Question Metric) method, the DVMS converts broad policy directives from OMB circulars into specific operational indicators.
This approach updates governance by creating a living system of intent and evidence, allowing federal leaders to track how strategy, resources, and results align. Instead of relying solely on reports or checklists, governance becomes active, constantly monitored, assessed, and improved through data-driven insights. In essence, the DVMS helps leaders fulfill the core of Circular A-11’s evidence-based management and accountable oversight.
Resilience: Measuring Adaptive Capacity Across Digital Ecosystems
Resilience — the ability to maintain operations and mission performance under stress — has become a key requirement for federal digital governance. Circular A-11 requires agencies to incorporate risk management, performance, and contingency planning into their operational strategies, ensuring that government services remain stable during disruptions.
The DVMS defines resilience as a measurable system trait. Using real-time dashboards, automation, and AI-driven analytics, the DVMS turns resilience from a vague concept into a concrete, constantly validated metric. By combining data from enterprise systems, risk controls, and performance frameworks, the system allows Digital Governance Leaders to track their agency’s adaptive capacity in real time.
This capability directly supports the federal move toward integrating ongoing risk and performance management, replacing fixed reporting cycles with adaptable governance loops. The DVMS’s continual feedback system allows agencies to test and enhance operational resilience in both simulated and real conditions, ensuring readiness for cyber incidents, financial disturbances, or operational crises.
In doing so, the DVMS enables what The Assurance Mandate describes as Resilience by Design — the capacity to create, protect, and deliver value under pressure, with evidence to support it. This shift enables federal agencies to transition from reactive recovery to proactive adaptation, aligning with the resilience expectations embedded in modern governance frameworks.
Assurance: Governing by Evidence, Not Assertion
While compliance ensures adherence, assurance offers confidence — the ability to demonstrate, through evidence, that policies, controls, and systems are functioning as intended. Circular A-11, A-123, and A-4 both stress this principle. A-11 and A-123 requires agencies to use performance evidence to support accountability and budget decisions. At the same time, the 2025 Circular A-4 Policy Brief emphasizes the importance of “peer review and reasoned analysis” to ensure objectivity and evidence-based decision-making.
The DVMS exemplifies this new Assurance Mandate by transforming frameworks such as NIST CSF, ISO 27001, ITIL, and COBIT from static compliance checklists into dynamic systems of assurance evidence. Every control, process, and outcome within DVMS generates verifiable data that shows whether governance goals are being met.
In the federal ecosystem, this means executives can demonstrate — not just declare — that their programs meet performance, financial, and risk management standards. Automated assurance reporting links operational data to policy goals, offering continuous visibility into the agency’s “state of control.” This satisfies the OMB A-11 and A-123 requirement that agencies “demonstrate effective use of data to improve mission performance” and aligns with federal risk management and oversight standards that call for strong diagnostic and reporting frameworks to enable proactive portfolio management.
By embedding assurance into every operational layer, DVMS transforms oversight from a burden into a strategic advantage. Rather than preparing periodic reports for auditors, agencies can continuously assure stakeholders, Congress, OMB, and the public that their operations are effective, secure, and aligned with their mission. As The Assurance Mandate notes, “compliance brought us here; assurance takes us forward.”
Accountability: Closing the Loop Between Governance and Trust
Accountability — the fourth pillar of GRAA — guarantees that governance and assurance results are tangible and linked to trust. Under the Government Performance and Results Act (GPRA) Modernization Act of 2010, reinforced by OMB Circular A-11, agencies are required to incorporate performance management and evidence-based decision-making into their processes to promote transparency and accountability to the public.
The DVMS enhances accountability by integrating traceability into every governance function. It connects decisions, actions, and outcomes through a digital chain of evidence, enabling leaders to see not only what was done but also why it was done and how it supports mission objectives. This digital traceability meets federal oversight expectations for accountable lines of authority and independent risk management, ensuring that each outcome can be traced back to a responsible individual or system process.
Furthermore, the DVMS improves public accountability by providing evidence-based reports that can be shared with oversight agencies and the general public. In doing so, it supports the OMB’s goal of “data-driven transparency,” enhancing trust in federal agencies. In the DVMS model, accountability is not punitive; it is constructive and ongoing, promoting improvement through feedback, analytics, and learning.
Governing by Confidence: From Compliance to Capability
Perhaps the most transformative aspect of DVMS is its ability to change how governance leaders think about control. Traditional Governance, Risk, and Compliance (GRC) models focus on avoiding failure; the DVMS-enabled Governance, Resilience, Assurance, and Accountability (GRAA) model focuses on demonstrating capability.
The Assurance Mandate clarifies that compliance measures maturity, while assurance measures capability. The Dynamic Verification Management System (DVMS) facilitates this transition by substituting static compliance documents with dynamic assurance evidence. This approach not only satisfies the analytical standards set by Circular A-4 and the accountability principles outlined in A-11 and A-123, but it also empowers leaders to cultivate governance cultures based on confidence, where data and evidence foster trust both internally and externally.
In this model, oversight is ongoing, resilience can be measured, and accountability is verifiable. By combining governance, operations, and assurance into a single system, DVMS transforms the federal agency into a digitally confident enterprise — one that leads with integrity, agility, and transparency.
The Future of Federal Governance is Assured
The Digital Value Management System marks a significant advancement in how federal agencies fulfill their missions. By adhering to OMB’s modern governance directives, DVMS enables Digital Governance Leaders to implement the GRAA model, ensuring transparent governance, measurable resilience, ongoing assurance, and verifiable accountability. Moreover, DVMS offers Federal agencies a robust framework for developing effective internal control systems that enhance operations, reporting, and compliance. It empowers agency leaders to establish and maintain these controls while regularly assessing their effectiveness in accordance with the guidelines outlined in OMB Circular No. A-123.
Through DVMS, federal leaders can meet the expectations of OMB Circulars A-11, A123, and A-4 — not just by following their words but by embodying their purpose: to create a government that governs with evidence, adapts with resilience, assures with confidence, and leads with accountability. In this era of digital disruption, this is not merely about compliance — it is about leadership through assurance.
The future of federal governance, as The Assurance Mandate concludes, “is not about managing risk; it’s about proving resilience.” DVMS provides the federal enterprise with the tools to do just that — continuously, transparently, and credibly — transforming governance from a periodic audit into a dynamic system of trust.
About the Author
Rick Lemieux
Co-Founder and Chief Product Officer of the DVMS Institute
Rick has 40+ years of passion and experience creating solutions to give organizations a competitive edge in their service markets. In 2015, Rick was identified as one of the top five IT Entrepreneurs in the State of Rhode Island by the TECH 10 awards for developing innovative training and mentoring solutions for boards, senior executives, and operational stakeholders.
Digital Value Management System® (DVMS)
Digital organizations don’t fail because they lack frameworks and practices.
They fail because those frameworks and practices operate in silos.
The Digital Value Management System® (DVMS) integrates fragmented frameworks and practices such as NISTCSF, GRC, ITSM, DevOps, and AI into a living, three-dimensional governance overlay system — that uses evidence to reveal whether the digital business is operating as intended and how the risks that matter most are being proactively addressed.
DVMS Capabilities Include:
- Adaptive Governance through risk-informed decision-making
- Operational Resilience through culture and adaptation to sustain digital value
- Performance Assurance through outcome-based measurement
- Transparent Accountability through clear ownership of outcome responsibilities
At its core, the DVMS is a simple but powerful integration of:
- Governance Intent – shared expectations and accountabilities
- Operational Capabilities – how the digital business actually performs
- Assured Evidence – proof that outcomes are achieved and accountable
Through its MVC, CPD, 3D Knowledge, and FastTrack Models, a DVMS turns this integration into three distinctive capabilities:
A Governance Overlay that replaces fragmentation with unity. The DVMS provides organizations with a structured way to connect strategy with day-to-day execution. Leaders gain a consistent mechanism to direct, measure, and validate performance—across every system responsible for digital value.
A Behavioral Engine that drives high-trust, high-velocity decision-making. The DVMS embeds decision models and behavioral patterns that help teams think clearly and act confidently, even in uncertain situations. It is engineered to reduce friction, prevent blame-based cultures, and strengthen organizational reliability.
A Learning System that makes culture measurable, adaptable, and scalable. Culture becomes a managed asset—not an abstract concept. The DVMS provides a repeatable way to observe behavior, collect evidence, learn from outcomes, and evolve faster than threats, disruptions, or market shifts.
DVMS Organizational Benefits
Instead of replacing existing operational frameworks, the DVMS elevates them—connecting and contextualizing their data into actionable intelligence that validates performance and exposes the reasons behind unmet outcomes.
By adopting a DVMS, organizations are positioned to:
- Maintain Operational Stability Amidst Constant Digital Disruption
- Deliver Digital Value and Trust Across A Digital Ecosystem
- Satisfy Critical Regulatory and Certification Requirements
- Leverage Cyber Resilience as a Competitive Advantage
DVMS Leadership Benefits
The Digital Value Management System (DVMS) provides leaders with a unified, evidence-based approach to governing and enhancing their digital enterprise, aligning with regulatory requirements and stakeholder expectations.
For the CEO, the DVMS provides a clear line of sight between digital operations, business performance, and strategic outcomes—turning governance and resilience into enablers of growth and innovation rather than cost centers.
For the Board of Directors, the DVMS provides ongoing assurance that the organization’s digital assets, operations, and ecosystem are governed, protected, and resilient—supported by evidence-based reporting that directly links operational integrity to enterprise value and stakeholder trust.
For the CIO, CRO, CISO, and Auditors: an integrated, adaptive, and culture-driven governance and assurance management system that enhances digital business performance, resilience, trust, and accountability
DVMS White Papers
The whitepapers below present a coherent progression that shifts organizations from compliance-driven thinking to a modern system of Governance, Resilience, Assurance, and Accountability (GRAA). Collectively, the three papers define a comprehensive system for building and governing resilient digital enterprises, grounded in evidence rather than assumptions.
The Assurance Mandate Paper sets the stage by showing why traditional GRC artifacts provide only reassurance—not evidence—and calls boards to demand forward-looking proof that their organizations can continue to create, protect, and deliver value under stress.
The Assurance in Action Paper elevates the conversation from leadership intent to managerial execution, demonstrating how the DVMS operationalizes resilience by translating outcomes into Minimum Viable Capabilities, connecting frameworks through the Create–Protect–Deliver model, and generating measurable assurance evidence that managers can use to demonstrate real performance rather than activity.
The Governing by Assurance Paper elevates the approach to the policy and regulatory level, showing how DVMS functions as a learning overlay system that links governance intent, operational capability, and verifiable evidence into a continuous loop—enabling regulators, agencies, and enterprises to govern by outcomes rather than checklists and to prove capability with measurable, auditable performance data.
DVMS Cyber Resilience Certified Training Programs
DVMS Cyber Resilience Awareness Training
The DVMS Cyber Resilience Awareness course and its accompanying body of knowledge publication educate all employees on the fundamentals of digital business, its associated risks, the NIST Cybersecurity Framework, and their role within a shared model of governance, resilience, assurance, and accountability for creating, protecting, and delivering digital value.
This investment fosters a culture that is prepared to operate within a system capable of transforming systemic cyber risks into operational resilience.
DVMS NISTCSF Foundation Certification Training
The DVMS NISTCSF Foundation certification training course and its accompanying body of knowledge publications provide ITSM, GRC, Cybersecurity, and Business professionals with a detailed understanding of the NIST Cybersecurity Framework and its role in a shared model of governance, resilience, assurance, and accountability for creating, protecting, and delivering digital value.
This investment fosters IT, GRC, Cybersecurity, and Business professionals with the skills to operate within a system capable of transforming systemic cyber risks into operational resilience.
DVMS Cyber Resilience Practitioner Certification Training
The DVMS Practitioner certification training course and its accompanying body of knowledge publications teach ITSM, GRC, Cybersecurity, and Business practitioners how to elevate investments in ITSM, GRC, Cybersecurity, and AI business systems by integrating them into a unified governance, resilience, assurance, and accountability system designed to proactively identify and mitigate the cyber risks that could disrupt operations, erode resilience, or diminish client trust.
This investment fosters IT, GRC, Cybersecurity, and Business practitioners with the skills to assess, design, implement, operationalize, and continually innovate a Digital Value Management System® program that operationalizes a shared model of governance, resilience, assurance, and accountability for creating, protecting, and delivering digital value.
Company Brochures and Presentation
Explainer Videos
- DVMS Architecture Video: David Moskowitz explains the DVMS System
- DVMS Case Study Video: Dr. Joseph Baugh Shares His DVMS Story.
- DVMS Overlay Model – What is an Overlay Model
- DVMS MVC ZX Model – Powers the CPD
- DVMS CPD Model – Powers DVMS Operations
- DVMS 3D Knowledge Model – Powers the DVMS Culture
- DVMS FastTrack Model – Enables A Phased DVMS Adoption
Digital Value Management System® is a registered trademark of the DVMS Institute LLC.
® DVMS Institute 2025 All Rights Reserved
