Most Federal agencies earned stable scores in the latest FITARA (Federal Information Technology Acquisition Reform Act) Scorecard issued by the House Oversight and Reform Committee, but two big shifts in the way the committee reached those grades could portend significant changes going forward.
Top-Line Scores
Up since December: Agriculture, Defense, Justice, Treasury, and Nuclear Regulatory Commission.
Down: Energy, Homeland Security, Health and Human Services, NASA, and Environmental Protection Agency.
Steady: Commerce, Education, Interior, Labor, State, Transportation, Veterans Affairs, Housing and Urban Development, Social Security Administration, General Services Administration, National Science Foundation, Office of Personnel Management, Small Business Administration, and U.S. Agency for International Development.
The easiest way to make sense of the committee’s multicolored scorecard is to click on the FITARA Dashboard.
Two major changes in the way that the FITARA Scorecard was compiled this time around rocked the boat for Federal agency scores, and promise lasting change in how agencies will deal with a couple of very core IT issues.
DCOI Policy Finalized
The first scoring change maps to a big Federal IT policy change at the Office of Management and Budget (OMB) for data center closures.
On the eve of the House committee’s June 26 FITARA Scorecard 8.0 hearing, OMB issued the final version of its new Data Center Optimization Initiative (DCOI) policy. The final version keeps in place most of a draft version issued in late 2018 that had drawn criticism from some in Congress and industry.
In a nutshell, the final version includes some wording changes to emphasize the role of data center closures, but sticks to the overarching theme of a greater focus on data center optimization. It also removes metrics on energy efficiency and facility utilization, adds a metric for availability, and revises metrics for virtualization, energy metering, and server utilization.
Rep. Gerry Connolly, D-Va., chairman of the House Government Operations Subcommittee that held the FITARA Scorecard hearing, was among the draft policy’s critics. Because of uncertainty surrounding the new policy, the House Oversight Committee and the Government Accountability Office (GAO) decided to omit agency DCOI progress from the scorecard entirely – at least for now – and that decision proved to be a swing factor on some agency grades.
Cybersecurity Added to Scorecard
The other big change made by the Oversight Committee and GAO was to include for the first time agency cybersecurity grades in their final score tabulations. With most agency cybersecurity scores at “C” level or worse, the decision to include them didn’t do much to help most agency grades.
Agency CIOs told Rep. Connolly and other lawmakers at the House Government Operations subcommittee that they are working hard to improve agency cybersecurity, largely by pursuing IT modernization.
On the security front, USDA CIO Gary Washington said the agency has made strides over the past three months to move away from some legacy systems, to employ “entirely new equipment” in some areas, and to use common tools for network configuration and patching. “We are currently stabilizing, but in the next two months I absolutely expect our [cybersecurity] scores to improve,” he said.
Eric Olson, CIO at the Treasury Department, said his agency is trying to lift its cybersecurity score by focusing on its highest-value assets, and by “bringing strong encryption to high-value assets.” He added, “We understand the ask, we will figure it out.”
Lawmakers Point the Way Forward
Rep. Connolly and the subcommittee’s ranking member, Rep. Mark Meadows, R-N.C., offered Federal agency CIOs a clear path forward to improve their FITARA scores, if not necessarily an easy one:
- Pursue further data center consolidation;
- Tighten the reporting lines between CIOs and agency heads; and
- Craft roadmaps for IT modernization.
“The big thing for me and the chairman is data centers and making sure those are consolidated,” said Rep. Meadows.
On the larger issue of IT modernization, Meadows left the specifics to the agencies, but asked agency CIOs to come back to the subcommittee with more defined roadmaps for action at the next FITARA Scorecard hearing, which presumably will be held in December.
He said the Federal government’s continued spending on legacy systems was “mind-boggling,” adding, “I am amazed at how archaic our IT is.”
“For action items, if you would get back to this committee with what is your plan for getting rid of legacy systems and what is the cost of doing it,” he said. “I realize there are logistical problems” with modernization, “but I need a plan,” Meadows said.
“The only frustration you will find by the next FITARA hearing is if there is not a plan, you are going to hear about it,” the congressman said.
Speaking to the larger themes of modernization and cybersecurity – especially for agencies that deal with a lot of citizen information – Connolly said systems that can’t handle encrypted data need to be replaced. “That’s a nudge” to agency CIOs, the congressman said.
Addressing a witness panel that included the CIOs of the Agriculture Department, Education Department, and Treasury Department, Connolly said, “All of you have a lot of data … You being up to snuff on cybersecurity is very important to the American people.”
Modernization Funding Remains Key
Rep. Connolly hammered home his long-held view that more funding is needed to kick-start Federal IT modernization, and pledged to continue the fight for more funding through the Technology Modernization Fund (TMF), and through agency working capital funds that can be created under the MGT (Modernizing Government Technology) Act.
The House has approved only $35 million of TMF funding for FY2020, versus the Trump administration’s proposal of $150 million. Rep. Connolly tried unsuccessfully to boost the House budget TMF figure to $50 million for FY2020. The fund received only $25 million of new funding in FY2019.
“I think this is something we can find some common ground on … to work the next budget cycle” for more TMF money “that gives us the criticality we need … so agencies can do their work,” the chairman said at the FITARA Scorecard hearing.
“We had very large amounts of money in mind” for TMF, but he said those figures “got whittled down” in order to sell the program in Congress. He said the goal has been to make the fund “big enough to make a difference, in order to retire legacy systems.”
On the MGT front, Rep. Connolly bemoaned that some Federal agencies don’t believe the law allows them to create in-house working capital funds fed by savings from IT modernization. He asked what Congress needs to do to correct that impression, or whether the Office of Management and Budget could issue guidance to agencies that would give them cover to proceed.
Federal CIO Suzette Kent, testifying at the FITARA Scorecard hearing, said she believes a legislative fix is necessary “in some cases,” and that the administration is working directly with some committees in Congress to address the issue.
Carol Harris, Director of IT Management Issues at GAO, said MGT makes clear that agencies have authority to transfer funds to working capital accounts, and added, “it kind of boggles the mind that you would need additional transfer authority.”
“Our view is we passed the law, and the law is the law,” responded Rep. Connolly. “We will do what we have to do” to make the statute work, he added. “Some guidance from us [to agencies] would go a long way” to advance the cause, said Rep. Meadows.
Congressional Leadership, Industry Applaud Scorecard Process
Rep. Connolly and GAO’s Harris agreed that the FITARA Scorecard process continues to have a lasting impact on pushing Federal IT modernization forward.
“I am pleased … that MeriTalk did a survey of 200 CIOs, mostly in the public sector, that found that 70 percent said that FITARA was a useful kind of nudge, or change … that is kind of good to hear,” Rep. Connolly said.
“I think that is very encouraging, the progress that has been made on FITARA, and the scorecard, how it has evolved and kind of raised the level of improvement across the board has been tremendous,” Harris replied.
Federal IT industry officials offered praise for the important role that FITARA has played in pushing Federal agencies toward greater IT modernization, and for the opportunities for further progress that the House Oversight and Reform Committee’s FITARA Scorecard helps to clarify for Federal CIOs.
“After five years of FITARA we see great strides across the Federal Government in modernizing IT while reducing costs,” said Bob Osborn, Chief Technology Officer for Service Now (Federal). “As we move forward, agencies will be challenged to continue to improve in the ever-changing landscape of technology advancement. The role of the CIO is now clearly empowered and can now direct enterprise level service delivery which will ultimately achieve the vision of FITARA.”
“FITARA is proof that the federal government is thinking meaningfully about IT modernization, the cloud, cost transparency, and creating better digital services,” said Tony Franzonello, Vice President of Federal Sales, Alfresco. “Many agency grades are trending positive, which means those priorities are reaching the highest levels of government – from CIOs to the heads of the agencies. Alfresco applauds the work Congress, GAO, and OMB have done with FITARA. As government agencies embrace more modern, open technologies, they will create a better working world for public servants and better experiences for citizens.”
Chairman Connolly will recognize Federal CIOs whose agencies scored well on FITARA at the FITARA Awards ceremony on Sept. 10 on Capitol Hill.