GAO’s Powner’s legacy: Call it clean, don’t sugar-coat it, be constructive

David Powner
Government Accountability Office’s Information Technology Management Issues Director David Powner appears at a House Oversight and Government Reform Committee hearing on the 2020 Census, on Capitol Hill, Tuesday, May 8, 2018, in Washington. (AP Photo/Andrew Harnik)

Best listening experience is on Chrome, Firefox or Safari. Subscribe to Ask the CIO’s audio interviews on Apple Podcasts or PodcastOne.

David Powner spent 16 years at the Government Accountability Office picking through federal technology issues with a fine tooth comb.

Powner, who left Aug. 2 as the director of IT management issues for a position with the Mitre Corp., followed a general rule when it came to oversight: Call it clean and don’t sugar-coat it, but be constructive.

Advertisement

“You have to be client focused. The IGs and GAO community can’t just beat everyone up, you have to be constructive. It’s OK to be hard hitting because when you are hard hitting they pay attention and you can be even more constructive,” Powner said in an exit interview on Ask the CIO. “I think you build credibility and folks trust you, and they say ‘Hey, this person knows what he’s talking about,’ and then you can be even more constructive.”

Powner added that approach along with aligning the oversight with lawmakers is how GAO can transform any topic in government.

“I do think what’s really been great with the current group with the Oversight and Government Reform Committee has been the consistent follow up with Federal IT Acquisition Reform Act (FITARA),” he said. “When FITARA passed, I don’t think anyone envisioned we’d have these every six month hearings on the scorecard. Then even between the scorecard hearings there have been hearings on IT acquisitions. It’s just been really consistent and thorough and I think that’s what’s really made a difference.”

Powner said he believes lawmakers and federal technology executives alike appreciated that approach. And it showed with the changes over the last decade.

Many current and former federal IT executives praised Powner’s effort to ensure agency chief information officers’ authority matches their responsibility, to improve the transparency and oversight of federal IT projects and to bring a new focus on the shortcomings of the federal technology workforce, particularly around cybersecurity.

Powner said among the work he’s most proud of is around the IT dashboard to add more transparency to federal IT projects.

“Do I think the accuracy of the data there needs to improve? Absolutely. But I think that transparency mechanism is excellent,” he said. “It’s an area we have improved in terms of CIOs having more visibility on the IT spend and also direct accountability.”

A good example of the importance of the accountability of the IT dashboard comes from the HealthCare.gov debacle.

“When HealthCare.gov failed, what did it show on the dashboard? It was green for a number of months leading up to the failed deployment. Back in March it was green. It went to flaming red in April, and then back to green in May. Someone knew something back in the April timeframe of the year of planned deployment that something was wrong,” Powner said. “Sometimes even when there isn’t great data on the dashboard, it still tells a story.”

More data on IT dashboard

Powner said the current dashboard only features the CIO and their picture, but he would like to see the CIO and the agency business owner. Early on in the dashboard’s lifecycle, the investment page included the CIO and the contractor responsible for the project, but the Office of Management and Budget took that down over time.

The IT dashboard data also is one of the areas of the FITARA scorecard that rankles most CIOs because their grades don’t necessarily recognize minor improvements.

Powner said while the debate over accuracy is worthwhile and agencies should improve their data, the impact of the transparency is measureable and significant.

“When we started doing the IT dashboard, 24 percent of the dollars on the dashboard were [rated] yellow or red. Today about 60 percent are [rated] yellow or red. So the question is, do we think about 60 percent of the dollars we spend on major IT investments is moderate or high risk? That is probably more accurate than only a quarter of the dollars,” he said. “We want the accuracy on there so we can manage those systems and investments appropriately.”

At the same time, Powner said the IT dashboard, FITARA, the White House’s executive order and other actions has elevated the role of the CIO.

But he said more needs to be done to attract even more qualified CIOs.

“There are many very, very, very qualified and dedicated folks in those positions. What I hear is there are some folks from the private sector who are looking to enter the government, they know that it has to be a position at the right level with the right authorities,” Powner said. “I think we could be in a  position to attract very strong people back into the government if the positions are real CIO positions.”

He said the Defense Department, the IRS and even the Veterans Affairs Department are among those agencies that have taken steps to strengthen the CIO position.

Surprised by number of legacy systems

Powner said agencies also have made progress around moving toward iterative acquisitions, consolidating and optimizing data centers and addressing the need to move away from legacy systems. He said the need for agencies to move off mission-critical legacy applications is one of the biggest needs the government has today.

GAO issued a seminal report in 2016 detailing systems that have been around for 30-40-50 years using 930 million lines of code, using more than 70 legacy programming languages, including more than 155 million lines of COBOL and more than 135 million lines of Fortran. The findings from GAO revealed at the hearing helped turn the opinion of lawmakers about the need for IT modernization help, which in turn led to the Modernizing Government Technology (MGT) Act.

Powner said that report surprised him due to the magnitude of how many systems were so old.

He said the other big surprise was agencies didn’t have a plan or project to replace some of these decades-old systems.

“It was interesting because a lot of folks would say, ‘They are so old, they are stovepiped and they are not networked and there are security vulnerabilities.’ Well in fact, many were maintained remotely or via desktop so there were security vulnerabilities,” Powner said. “That was a big surprise in that report. That clearly was one of my favorite reports and one that got the appropriate attention because it’s a big issue for the federal government.”