Past Performance
The summaries below describe representative engagements drawn from across Johnson Intelligence Group's three practice areas. They are written to give procurement officers, prime contractors, and prospective clients a clear picture of the kind of work we deliver, the operating environments we work in, and the outcomes we have produced. None of the summaries identify clients by name. Specific client identities, contract numbers, contracting officer references, and detailed scope documents are part of the formal capability package, which we send under NDA on request.
Engagement summaries
Mid-size US municipality cloud migration
Client type. US municipality, population in the 200,000 to 400,000 range. City-government IT department supporting roughly 30 line-of-business agencies.
Challenge. Aging on-premises data center with end-of-life hardware, a portfolio of 40+ line-of-business applications, no documented migration strategy, and an operating budget that could not absorb a like-for-like hardware refresh. Citizen-facing services were experiencing intermittent outages tied to the underlying infrastructure.
Scope. Application portfolio inventory and 6Rs classification across 40+ workloads. Three-year total cost of ownership model. Migration sequencing in 6, 12, and 24 month windows. Vendor selection support for cloud landing zone implementation. Quarterly steering committee participation through migration execution. Coordination with the city's selected system integrator.
Outcome: 12 legacy applications retired and 28 modernized to AWS over an 18-month program, with a documented run-rate hosting savings of approximately $400,000 annually relative to the previous on-premises operating cost. The city's data center footprint reduced by 70 percent.
State health agency AI governance program
Client type. US state health and human services agency. Multi-department program responsible for Medicaid administration, eligibility determination, and provider oversight.
Challenge. Six departments inside the agency had each begun independent generative-AI pilots without a shared governance framework. Legal, the privacy officer, and the inspector general had not been engaged. The risk inventory was informal. Pilot scope was drifting.
Scope. Six-month engagement to establish an enterprise AI governance program. Stakeholder interviews across all six departments plus legal, privacy, security, and audit. Policy drafting aligned to NIST AI Risk Management Framework and to HIPAA security and privacy rules. Use-case intake-and-review process design. Model evaluation framework. Vendor evaluation framework. Pilot gating criteria.
Outcome: AI governance program adopted across all six departments, with an active intake-and-review process running monthly. 14 active pilot use cases triaged into approved, conditional, and disapproved categories. Two pilots that lacked defensible legal basis were retired before incurring further investment.
Federal contractor FedRAMP authorization advisory
Client type. Privately-held SaaS provider with $50M to $200M annual revenue, selling business-process software to federal civilian agencies through prime-contractor relationships.
Challenge. The client had attempted FedRAMP authorization once previously and had stalled at the SSP-drafting stage. The original consulting partner had been a staff-augmentation shop and had departed mid-engagement. The client needed senior advisory to restart the program, select a new 3PAO, redraft the SSP, and run continuous monitoring once authorized.
Scope. 14-month engagement, fixed-monthly retainer. Path selection (Agency-Authorized, sponsored by a federal civilian agency). 3PAO selection support. Full SSP redraft. SAR review and POA&M management. Continuous monitoring program design. Coordination with the prime contractor and the sponsoring agency through ATO issuance.
Outcome: FedRAMP Moderate Agency Authorization issued in month 14, with a clean continuous-monitoring program running monthly thereafter. The client subsequently leveraged the authorization with three additional federal civilian agencies.
Fortune 500 enterprise AI strategy engagement
Client type. Fortune 500 financial services holding company with $20B+ annual revenue, multiple operating subsidiaries, and a centralized technology function.
Challenge. The CEO had committed publicly to "AI-first" operating model. The CTO and Chief Risk Officer needed a 36-month program plan that could clear the board, the audit committee, and the regulatory examiners. Internal AI investment was already running across more than 20 active initiatives without consolidated governance.
Scope. Eight-week strategy engagement. Stakeholder interviews across operating subsidiaries, central technology, risk, legal, and internal audit. Active-initiative inventory and rationalization. Build vs buy framework applied to top 12 candidate use cases. Vendor evaluation and consolidation recommendations. Three-year roadmap with phased budget. Governance policy aligned to NIST AI RMF, GLBA, and FFIEC guidance. Executive briefing pack for board presentation.
Outcome: 36-month enterprise AI roadmap presented to and adopted by the board. Vendor consolidation reduced the active-vendor count from 11 to 4 across the program. Two flagship use cases (commercial credit memo drafting, regulatory filing summarization) launched in pilot within four months of the roadmap's adoption.
How we handle past-performance references
For procurement reviews and prime-contractor evaluations that require named past-performance citations and verifiable references, we share the formal capability package under NDA. The package includes the engagement summaries above with named clients, contract numbers (where applicable), contracting officer or sponsor references, and contact information for past-performance verification. We respond to capability-statement requests within one business day; the formal package follows within five business days of NDA execution.
Engagement types we are most often asked about
The four summaries above are representative but not exhaustive. We are also routinely asked to support: state or county-level cybersecurity posture assessments aligned to NIST 800-53 or NIST CSF; cooperative-purchasing-funded municipal IT modernization; SaaS provider SOC 2 readiness in support of a future FedRAMP path; and enterprise data-governance programs in healthcare and financial services. Engagement details for any of these are available in the formal capability package.