CIO reporting, working capital funds remain outliers in agency IT modernization progress

Editor’s Note: GAO and the House Oversight and Reform Subcommittee on Government Operations released an updated FITARA scorecard on Aug. 5 changing USAID’s grade to an “A” from a “B.”

For the first time in five years, no agency received a “F” or “D” grade for an overall grade on the Federal IT Acquisition Reform Act (FITARA) scorecard.

Just looking at the grades alone, the progress over the last five years is obvious.

In the 10th scorecard, the General Services Administration  and the U.S. Agency for International Development received the only “A” grades, while eight agencies—the departments of Agriculture, Commerce, Education, and Treasury and the Environmental Protection Agency, the National Science Foundation, the Small Business Administration,  and the Social Security Administration —received Bs.

The other 14 agencies received “C” grades.

Overall, seven agencies improved their grades from the December scorecard, 14 stayed the same and three dropped a letter grade. Treasury, EPA and SSA improved from “C+” to “B+,” while Education dropped from an “A+” to a “B+” and USAID also dropped to a “B” from an “A.”

OPM-GSA merger
Rep. Gerry Connolly (D-Va.) is the chairman of the Oversight and Reform Subcommittee on Government Operations. (AP Photo/Alex Brandon)

“Among the FITARA scorecard categories with the greatest impact is the IT portfolio review process known as PortfolioStat. This process enables agencies to reduce commodity IT spending and demonstrate how their IT investments align with the agency’s mission and business functions. PortfolioStat went from helping federal agencies save $3 billion in fiscal year 2015 to $20 billion in fiscal year 2020,” said Rep. Gerry Connolly (D-Va.), chairman of the Oversight and Reform Subcommittee on government operations and co-author of FITARA, during the hearing on Monday. “When the software licensing metric was first added to the Scorecard in June of 2017, 21 out of the 24 agencies received an ‘F’ grade for that metric. Now 23 out of the 24 agencies have ‘As’ and have an inventory of software licenses and use it to make cost-effective decisions and avoid duplicate contracts for the same products. Federal agencies are also closing and consolidating more data centers, resulting in significant cost savings. The 24 graded agencies have reported a total of $4.7 billion in cost savings from fiscal years 2012 to 2019. These agencies have also reported plans to save more than $264 million in fiscal year 2020 alone.”

Only the Office of Personnel Management received a bad grade under the software licensing category; it got an “F.” But OPM CIO Claire Martorana said she will use funding under the stimulus bill to buy software to get a better hold of her software licenses.

CIO reporting structure remains a problem

While the grades continue to move in the right direction, not every section of FITARA is performing well. Three long-standing problems continue to impede agency progress: CIO reporting structure, the use of working capital funds and the continued disagreement over the definition of a data center.

Read more Technology news

Carol Harris, the director of IT issues at the Government Accountability Office, said one-third of all agency CIOs still do not report to the secretary or deputy secretary of their agency.

“That is a problem because agency CIOs have reported to us that that reporting structure is very critical to allowing them to carry out their responsibilities,” Harris said.

Rep. Eleanor Holmes Norton (D-D.C.) pressed Harris about why CIO reporting structure continues to be a problem for some agencies, including the departments of Energy, Justice, Labor and State.

“In large part, I think it has to do with agency culture, and being able to change that culture so the CIO does have that seat at the table is vitally critical,” Harris said. “It’s going to take work with the senior leaders within those agencies to empower those CIOs, change those organization charts so that those CIOs have direct reporting capabilities, and work with you all as well to ensure that happens.”

Harris added in her written testimony that OMB’s guidance around CIO authorities remains inconsistent.

“OMB recently required agencies to provide data on CIO authority over IT spending; however, its guidance did not provide a complete definition of that authority. In the absence of such guidance, agencies created varying definitions of CIO authority,” she wrote. “Until OMB updates its guidance to include a complete definition of the authority that CIOs are to have over IT spending, it will be difficult for OMB to identify any deficiencies in this area and to help agencies make any needed improvements.”

Holmes Norton said she would like the committee to ensure there is no resistance to CIOs at the table.

“In the 21st century, you would have thought having the CIO at the table would be a given. I really don’t understand the resistance to it,” she said.

Richard Spires, the former CIO at both the Homeland Security Department and the IRS, said during the second panel that he was more effective at the IRS than DHS because he reported to the tax agency’s commissioner. At DHS Spires reported to the undersecretary of management.

Under the current scorecard, GAO says the DHS CIO partially reports to the secretary or deputy secretary but still also reports to the undersecretary for management.

Read more IT Modernization news

LaVerne Council, former Veterans Affairs CIO, said the alignment to the secretary was important because she had a limited time to get things done.

Congress and OMB have tried to change agency culture and address CIO responsibilities through laws like the Clinger-Cohen Act and FITARA and assorted policies over the last 25 years.

David Powner, the former GAO director of IT issues, said FITARA did make a difference in how CIOs are viewed by leadership, especially business leaders and CFOs. But it’s far from perfect.

The other big challenge is around the implementation of working capital funds. Under the Modernizing Government Technology Act, Congress gave agencies the authority to open up these accounts to save money for future IT modernization efforts.

Harris said half of all agencies still have not taken advantage of working capital funds.

“That’s a very important mechanism that agencies can use to transform their IT and modernize it. We’d like to see a more aggressive push by the agencies that haven’t yet implemented those working capital funds to do so as quickly as possible so they able to put those savings generated from software licensing, from PortfolioStat and from data center consolidation into that fund so they can use that money to modernize their platforms,” she said.

Part of the reason for that is House and Senate appropriators are not supportive of these accounts because they believe they would lose control over how agencies spend money. Six agencies — the departments of Education, Labor, Agriculture, Treasury and Commerce, and USAID — asked for WCF authorities in their 2021 budget requests, and only SBA has received approval from lawmakers in 2019.

Still at odds over definition of data centers

Maria Roat, the deputy federal CIO, said the IT working capital fund lets agencies have long-term and sustained investments in modernization efforts.

Roat, the former SBA CIO, used the working capital fund to move the agency off of outdated systems and into the cloud.

OPM’s Martorana said a working capital fund would reduce complexity and increase her flexibility to address IT challenges.

She said OPM’s CIO office has seven funding streams, which make it more difficult to address long-standing IT challenges.

A third sticking point that continues to come up at FITARA hearings is OMB’s decision to change its definition of a data center as part of the effort to close, consolidate and optimize these services.

Harris and Connolly continued to criticize OMB’s decision to no longer count server closets that agencies previously included in their totals.

Roat defended the administration’s decision, saying the goal was to better align the government’s definition of data center with that of industry.

But Connolly said he will continue to “insist” on a more robust definition of data centers to push for further savings, which can then be used for further IT modernization investments and improve cybersecurity.

“We will work with you, but we are not going to countenance squishiness in the definition so people get off the hook and aren’t accountable for what are the data centers we are trying to consolidate,” he said.