What we start to see is that there are certain archetypes of agencies that make implementing CIO authority easier or more difficult depending on the type. Here are the four archetypes I see:

A CIO’s approach must change depending on the archetype of the agency she or he is leading. It is important to note that agencies migrate over time. I have seen some agencies migrate from oligarchy to standard over the course of several years. But these changes are very gradual and represent a shift in the culture of the organization.

Standard Agency

standardThe standard agency is the model that we typically expect from a government agency. It has a strong central authority and sub-agencies that orbit around that central authority. CIOs are generally empowered in these agencies and have a freer hand in implementing policy. Agencies fitting this model include: USDA, HUD, State, EPA, and GSA. I would also include the Department of Interior in this category as it is traveling from oligarchy to standard. The next few years will determine whether it stays standard or returns to oligarchy.


Dominant Bureau

dominantThere are several agencies that seem to have a strong central authority, and indeed they do. But there is one bureau or component that simply has more power than the central authority. These agencies are effective in implementing policies for all but the one big bureau, but when it comes to managing the big bureau, they must tread very lightly. Those big bureaus often cultivate a strong relationship with the secretary and will leverage that relationship to push back when they think the CIO is challenging them. Agencies in this archetype include (with the big bureau in parentheses): Education (FSA), Justice (FBI), Labor (BLS), Transportation (FAA), and Treasury (IRS). We see real struggles in this archetype because the big bureau often isn’t inclined to follow or implement the department’s IT strategy. That causes them to be further isolated from the benefits and assistance that they should be getting from this CIO.

Solitary Agency

solitaryA bunch of agencies really have centralized the authority to implement policy and don’t have any real challenge in implementing strong CIO authorities. Those agencies include: USAID, Army Corps of Engineers, NARA, NSF, NRC, OPM, SBA, and SSA. I will concede that a case can be made that in NRC, SBA, and SSA that the regions do have some autonomy and may challenge the authority of the CIO, but that is typically a fight that they will lose. Still, the authority of the CIO isn’t completely unchecked.



oligarchyFinally, the most interesting of all, oligarchy. There is no single dominant organization. These agencies are a free-for-all mosh pit when it comes to implementing IT policy. Each organization does its own thing and this really hurts the agency overall. Agencies fitting this category include: Commerce (Census, NOAA), DoD (Army, Navy, Air Force, DISA etc.), Energy (all the labs), HHS (CMS, NIH, CDC), DHS (USCIS, CBP, Coast Guard, TSA, FEMA, etc.), Veterans Affairs (VHA, VBA), NASA (labs). If you think about some of what I’ve mentioned in previous chapters, you can see agencies really struggling to implement IT policies. Look at DoD trying to implement FedRAMP and DISA conducting a full ATO review despite the fact that the DoD CIO is on the JAB. Energy and NASA can’t protect data from being hacked because every lab is implementing their own unique security structure. HHS can’t hold an effective TechStat on programs like HealthCare.gov because CMS feels like they are bigger and better than the Departmental CIO.

Once you know what type of agency you are working with, that will help you to moderate your message. For example, if you are going to a Dominant Bureau or oligarchy agency (which BTW represents half of the agencies reporting to the IT Dashboard), you absolutely need to have the secretary strongly in your corner. At these agencies it also helps if you also have the CFO and the SPE (Senior Procurement Executive), in your corner. In fact, effective CIOs will be doing this regardless of where they go anyway, but it is critically important when leading an agency with big empowered bureaus. I would argue that you can’t be effective in managing an agency with big bureaus without having these people in your corner, pushing your agenda. You need to get these partners because what we are talking about here is power. Bureaus won’t give it up willingly. It will be a fight.

Read More About
More Topics
Demosthenes is a pseudonym for a senior Federal IT official.