Many federal CIOs have privately complained that ONCD hasn’t sufficiently briefed officials on plans for accessing, implementing and using the model to scan agency networks for vulnerabilities. There has been "tremendous frustration" with ONCD, one person tells us.