Parts of DoD’s modernization strategy are vague, lack metrics

The Pentagon’s inspector general finds that the department’s primary strategy for guiding its efforts to modernize its digital environment includes elements that are not “verifiable or measurable” as it lacks metrics and specific end results.

The chief information officer’s office also failed to conduct annual reviews of the strategy in 2020 and 2021 due to leadership and personnel turnover and deciding whether to update or issue a new version of the strategy.

The DoD CIO developed the digital modernization strategy in 2019 to satisfy the Office of Management and Budget (OMB) requirements to develop a strategic plan for managing information resources. The policy requires federal agencies to outline their information resource goals, align them with organizational priorities, ensure those goals are “specific, verifiable and measurable” and conduct annual review of their plans.

“Our goal of the audit was to determine whether the DoD developed and maintained its [digital modernization strategy] in accordance with those OMB requirements,” Drew Pullion, DoD OIG program director, told Federal News Network.

DoD technology leaders identified four strategic goals to improve the department’s modernization efforts — innovating for competitive advantage, reforming cybersecurity policies and practices, adopting industry best practices and cultivating IT talent. The goals have corresponding objectives and tasks known as “strategy elements.”

While 77 strategy elements complied with OMB requirements, the Pentagon’s IG office found that 54 strategy elements lacked specificity and couldn’t be measured.

“These elements included language such as ‘modernize or strengthen’ various technologies or ‘enforce compliance’ with various policies. These are vague terms that do not provide much clarity or precision,” said Pullion.

One element of the strategy focuses on investing in and maintaining the infrastructure needed to ensure that DoD data is visible, accessible, trusted and interoperable. While the CIO office provided strategic-level documents to prove that they had addressed the strategy element, the documents showed a commitment to making data accessible rather than proving that the strategy element was completed.

“The strategy is not specific because the terms’ invest in’ and ‘maintain’ are not clear. They’re not precise. It lacks a quantifiable measure,” Pullion said.

“The second example I’ll give is the department’s plan to strengthen data center security. Again, the strategy element is not specific, ‘strengthen’ is not a clear or precise term and is not measurable in the sense that these are ongoing efforts.”

The IG office recommended that the CIO designate an official to oversee updates to the strategy — the CIO office addressed the recommendation even before the IG issued its final report by appointing the deputy chief experience officer to ensure the strategy meets OMB requirements.

The IG also wants the CIO office to develop a document outlining how it will address OMB requirements, including conducting an annual review of the strategy and addressing the performance gaps.

“CIO personnel agreed and stated that they plan to have that document completed by the end of August. I believe they plan to have all recommendations addressed by the end of this year,” Pullion said.

“During the audit we met with Leslie Beavers, the current acting CIO, and she was very supportive of our results and committed to improving the [digital modernization strategy]. We made 10 recommendations in the report that aim to improve the DMS but also our hope is that it creates an opportunity for the DoD to improve other strategic level documents and other business areas and OCIO personnel concurred or agreed with all 10 of our recommendations.”

Copyright © 2024 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.