Rep. Gerry Connolly, D-Va., is pledging that Congress will continue to undertake vibrant oversight of Federal agency IT and cybersecurity-related progress through the FITARA Scorecard that has been published twice a year – usually by the House Oversight and Accountability Committee – since 2015.
Speaking at MeriTalk’s Tech Tonic event on March 14 that recognized 14 Federal agency CIOs and their organizations with FITARA Awards for their performance on the 17th edition of the FITARA Scorecard issued on Feb. 1, Rep. Connolly said that congressional oversight of Federal agency progress would continue despite a lack of cooperation with that aim from some Republican members of the committee.
Rep. Connolly – who is ranking member of the House Oversight Subcommittee on Cybersecurity, Information Technology, and Government Innovation – expressed disappointment with his Republican colleagues on the committee last month for “turning their backs” on the process for issuing the last two editions of the scorecard.
Instead of waiting for further cooperation from across the aisle, Rep. Connolly instead has issued the scorecard on his own and hosted roundtable discussion sessions on Capitol Hill with Federal agency CIOs and representatives of the Government Accountability Office (GAO), who undertake the lion’s share of the work in setting agency grades on the scorecard. Those roundtable sessions have taken the place of House Oversight subcommittee hearings that have normally accompanied the scorecard’s release.
In his remarks on March 14, the congressman reiterated those frustrations, but also said he would continue to move forward with oversight of agencies via the scorecard process.
“We want to make sure we’re providing steady oversight,” Rep. Connolly said. “I don’t know of another example where Congress has had this kind of consistent oversight over a number of years in terms of hearings on compliance, and scoring that compliance.”
“We’re very committed to this mission, and we’re going to make sure that this mission is fulfilled,” he pledged.
“The good news from our point of view is that we have partners in the CIOs and throughout the Federal government,” he continued. “I see the scorecard as a useful tool for them, and being change agents within their Federal agencies … in persuading the head of the agency that they need to come right with the Lord” on tech and security progress, he said.
“So we’re going to continue with our roundtables,” he said, adding, “I think the roundtables have proven very productive, the conversation is actually very fruitful, in some ways more than [with] a hearing.”
“And when we get the majority back [in the House], we will be back in business with hearings,” Rep. Connolly said.
“But we are going to continue this oversight one way or the other,” he said.
Rep. Connolly also talked about recent changes to grading categories within the FITARA Scorecard, and how those categories are likely to evolve going forward.
The latest scorecard issued on Feb. 1 – among other changes – eliminated a longstanding category on how well agencies are doing on data center consolidation. It also added a new cloud computing category whose scoring relies on how agencies are meeting five requirements of the Office of Management and Budget’s Federal Cloud Computing Strategy issued in 2019 that aims to speed agency cloud adoption.
“It’s always going to be an evolving product that’s never going to be static,” Rep. Connolly said at the March 14 Tech Tonic event.
The congressman also spoke about his long and ultimate successful fight for passage of the FedRAMP Authorization Act approved by Congress late in 2022 as part of the fiscal year (FY) 2023 National Defense Authorization Act (NDAA). That law codified FedRAMP into Federal law, and requires a laundry list of program modernization steps. The Office of Management and Budget is still in the process of finalizing guidance that puts the new law into effect.
After that happens, Rep. Connolly said, “we’re going to incorporate compliance with FedRAMP legislation in the scorecard.”
