The sixth version of the Federal IT Acquisition Reform Act (FITARA) scorecard wasn’t pretty. If Congress took away most agencies’ iPhones and grounded them for a week, it wouldn’t be surprising.
The committee released the grades last Tuesday and brought two of the agencies that are struggling with FITARA — the Defense and the Agriculture departments — out to the woodshed to answer for their bad grades.
Insight by MobileIron: Gain insight in how agencies can securely move from legacy systems to modern mobile computing in this exclusive executive briefing.
In all, five agencies saw their grades go up — the departments of Transportation, Labor, Energy and Health and Human Services and the National Science Foundation — while eight agencies stayed the same.
Meanwhile, 11 agencies saw their grades go down, most noticeably the U.S. Agency for International Development, which went from the only “A-” to a “C-” partly because it said its chief information officer doesn’t report directly to the administrator or deputy administrator.
The committee added that metric and how agencies are implementing the Modernizing Government Technology Act to the scorecard as well as tested out a new cybersecurity metric based on agency inspector general reports and CIO self evaluations to this latest version of the FITARA scorecard.
“I want to note that we assign these grades not to shame agencies, but rather to incentivize certain behaviors that will save money and increase security. One area where we’ve increased pressure, is the continued lack of a direct reporting structure from the CIO to the agency head,” said Rep. Will Hurd (R-Texas), chairman of the House subcommittee on IT. “Three agencies have reorganized to give the CIO direct access since our last scorecard. To incentivize the remaining nine agencies to change their reporting structures, we reduced their grades on Scorecard 6.0 by an entire letter grade. If every agency had a direct reporting structure, only two grades would have decreased on this scorecard. I urge the nine agencies that have still not changed their reporting structures to comply with Executive Order 13833 [on CIO authorities] and adjust their reporting structures without delay, and I will add that we have not heard any reason why this shouldn’t be changed immediately.”
The good news is at least some agencies are getting the message of how to improve IT management.
Since version 5 of the scorecard, the Department of Housing and Urban Development, the National Science Foundation and the Small Business Administration changed the reporting structures of their CIOs, and USDA Deputy Assistant Secretary for Administration Donald Bice promised the committee that by the next scorecard, Gary Washington, the Agriculture CIO, would report directly to the secretary or deputy secretary.
Here are my three takeaways from the hearing:
Only three agencies plan to set up new working capital funds to save money to put toward IT modernization efforts as authorized under the Modernizing Government Technology (MGT) Act.
The SBA, DHS and the Labor Department were the only agencies to tell the House Oversight and Government Reform Committee about their plans to take advantage of the MGT Act.
Of the other 21 agencies, 12 told the committee they weren’t planning to set up a new working capital fund, and of those 12, nine planned to use existing working capital funds for IT modernization savings.
Three agencies — the departments of Commerce, Defense and Justice — didn’t answer the committee’s request, and five others said either maybe or didn’t make it clear if they would take advantage of the authorities.
The decision by agencies not to establish a working capital fund was one of three main drivers for several poor grades under the FITARA scorecard, and it was probably the main driver among frustration with Hurd and Rep. Gerry Connolly (D-Va.), the ranking member of the subcommittee on IT operations and co-author of FITARA.
“I believe that the changes to the FITARA scorecard continues to accurately measure each agency’s ability to manage the IT it has and the IT it seeks to acquire,” Connolly said.
USDA was one of those agencies that plans to use its existing working capital fund to save and set-aside money for IT modernization.
Lynn Moaney, USDA’s acting chief financial officer, told the committee that the agency has been working with OMB to bring savings from IT modernization into their current working capital fund, but will track it separately so Washington can use the savings as necessary.
In many ways, it’s not surprising agencies didn’t jump at the chance to set up new WCFs. Back in November, we reported 17 agencies already had existing “bank accounts,” and in September 2016, we reported again that one of the obstacles the MGT Act had to get past was Senate concerns over the working capital funds.
At the same time, if agencies truly can set aside savings and CFOs, and others in the agencies, don’t try to snatch it from CIO’s wallets, then the concept is the true win under the MGT Act.
You have to dig deeper into the latest scorecard to really understand the state of federal IT reforms.
Yes, overall grades went down or stayed the same for most agencies. But when you break down the areas like incremental development or managing software license, the results are much different.
Start with incremental development. The committee says 15 agencies received “A” grades as well as four with “F” grades. But when you look at what’s going on, the Government Accountability Office’s David Powner, the director of IT management, said 87 percent of all federal IT programs use incremental or agile development, which is up from 58 percent in 2014.
Under data center consolidation, five agencies received “Fs” and two earned “Ds.” Again, Powner highlighted the progress as agencies are on pace to close more than 7,000 data centers out of 12,000, and save $4 billion by September.
Agencies continue to struggle implementing the Megabyte Act, which requires them to have a software inventory and consolidate duplicative software licenses. While the committee handed out 14 Fs, Powner said GAO expects agencies to reduce the number of software licenses and save more than $340 million governmentwide this year, which he pointed out is three times more than the amount in the Technology Modernization Fund created under the MGT Act.
Let’s continue to dig deeper into the use of PortfolioStat, the Obama administration’s initiative to manage spend across agencies. The scorecard shows four “Fs,” five “Ds” and five “Cs.” But, once again, the committee says all agencies are reporting savings from the better management of IT, and the Department of Health and Human Services increased its savings by $148 million over the last six months.
Powner made one fair point about agency progress that should be noted here. He said if all agencies did some basic things, required the CIO to report to the head of the agency, established a working capital fund under the MGT Act and established a software license inventory, almost every agency’s grades would change. And more importantly, GAO’s research has shown these changes lead to better IT management and oversight so the agency can meet their missions better.
Still, the point here is to show that while the top-line grades remained stagnant at best for yet another reporting period, the progress is meaningful and real. The committee shouldn’t lose sight of that, given how difficult it is to turn this battleship.
New DoD CIO Dana Deasy had been on the job for only 13 days before coming before the committee
But he’s promised to make changes, including reviewing the number of people with the title of CIO in the 4th Estate, which encompasses nearly every organization that is not a military service. Currently, 35 people have the title CIO across those agencies, which include the Defense Contract Management Agency, the Washington Headquarters Services and the National Security Agency.
Hurd asked both Mark Easton, the deputy CFO of DoD, and Kevin Fahey, DoD’s assistant secretary for acquisition, whether there should be only one CIO.
“There should be only one CIO,” Easton said. “There is only one CFO. I think that the tone at the top that currently exists with the new team the thinking is the same. It’s expensive not to have an enterprise perspective and not have someone at top of the enterprise.”
Fahey agreed that there should be one CIO at the top of DoD.
But beyond the question of the CIO, DoD struggled with every other part of the scorecard and Deasy seems to understand he needs to make some changes not because it will lead to better grades, but because it’s the right thing to do for the Pentagon.
“If you had been in my conference room while I was preparing for this hearing, I said to the team, ‘Put aside the scorecard. Are these not fundamental things we need to do to be a great IT organization?’ I’m looking to improve upon the culture of the IT organization, and doing things for the right reasons, not just for the scorecard,” he said. “That will drive the right behavior and get to better outcomes. I’m not sure what it will take in terms of timing.”
To that end, Deasy said DoD will complete its first software license inventory by December.
Easton added DoD will take a look at the MGT Act and decide if its current working capital fund is sufficient or if they want to set up a new one. Either way, he said Deasy would have authority over the money that comes from IT savings.
“We’ve committed to reviewing our current WCF [working capital funds] and come back with plan this summer to ensure capability is available in DoD,” Easton said.
That plan was among several promises DoD made at the hearing. So the question isn’t about whether they will deliver, but what happens if they don’t. There isn’t a better agency that Hurd, Connolly and the committee could make an example of in order to show how serious they are about improving how the government manages and buys IT.