The Oversight and Reform Committee on Friday celebrated the 11th version of the Federal IT Acquisition Reform Act (FITARA) scorecard, which it released in December.
The good news abounded from cost savings and avoidance — $22.8 billion from PortfolioStat — to no agency receiving a grade below a “D” to the retirement of the software licensing category because every agency received an “A.”
It’s clear that FITARA is having the intended impact Reps. Gerry Connolly (D-Va.), Darrell Issa (R-Calif.) and others had hoped for when Congress passed and President Barack Obama signed the bill into law in 2014.
Insight by Carahsoft: Learn from IT experts as they outline the significant impacts cloud and 5G have on implementing zero trust architecture in this exclusive executive briefing.
The latest hearing on April 16 highlighted some of the ongoing challenges that agencies, Congress and the Government Accountability Office haven’t been able to solve in the six-plus years of FITARA.
Here are three takeaways from that hearing:
It wouldn’t be a FITARA hearing unless some member — usually Connolly — moaned about the Office of Management and Budget’s decision in 2019 to, once again, change the definition of data centers.
It’s been eight years and two administrations that the Office of Management and Budget and Congress haven’t seen eye-to-eye on the definition of data centers. A quick history reminder: At the heart of the matter is OMB has floated between having agencies focus on savings and optimization over the last eight years under the data center consolidation and optimization initiative and it removed the requirement to track and close non-tiered, or smaller, data centers. Meanwhile, Congress and GAO have wanted agencies to close down these facilities to both save money and address potential cyber vulnerabilities.
It’s unclear where the Biden administration’s OMB, and Federal Chief Information Officer Clare Martorana, will weigh in on this topic. She was scheduled to testify on Friday, but was unable to because of a family emergency. Martorana’s efforts on data center consolidation and optimization at her former agency, the Office of Personnel Management, provides little insight. OPM has only one data center so consolidation isn’t necessary an option, but optimization has resulted in saving more than $36 million, according to the IT Dashboard.
If the Biden administration comes down in favor of closing more data centers along with optimization and bringing back the requirement to track and close non-tiered data centers, then a bill from Rep. Katie Porter (D-Calif.) may not be necessary.
Porter said the subcommittee may have to consider legislative solutions to ensure OMB is following through Congress’s intent under FITARA.
Connolly, who has been banging the data center drum for several years, piled on.
“You don’t get to come into compliance with FITARA by redefining what a data center is and you don’t get to come into compliance by substituting a word in the law with another that suits your purposes better and gets you off the hook,” he said. “We will insist with compliance with the law. If we have to further refine legislative language to make it very clear and unfortunately more restrictive, we will.”
Kevin Walsh, the director of Information Technology and Cybersecurity Issues at GAO, told the subcommittee agencies saved $5 billion since 2015 by closing and optimizing data centers.
He said GAO continues to encourage OMB to track and emphasize the need to close non-tiered data centers. Porter went a step further and asked whether OMB is even paying attention to GAO’s recommendations.
“It’s a push-pull. We work as collaboratively as we can but sometimes it does feel like it’s more us talking and them not listening,” Walsh said. “There are times when we have worked very collaboratively, and I don’t want to disrespect OMB or the good work they do, but on certain issues we don’t see eye-to-eye.”
It seems it’s time for OMB to have a hard conversation with the committee and GAO about the definition it will use going forward and if it’s not the one lawmakers and GAO believe is correct, then what can be done about it beyond legislation. The fact that this debate has been going on for almost eight years may be good fodder for reporters, but it’s ludicrous that a compromise can’t be struck.
Eight agencies, including the departments of Justice, Labor and State, still do not meet the spirit or intent of the Clinger-Cohen Act of 1996. These eight do not have their chief information officer report directly to the head of the agency.
Lawmakers often point to this shortcoming as a reason why agencies struggle with managing technology.
Want to stay up to date with the latest federal news and information from all your devices? Download the revamped Federal News Network app
While GAO said five agencies improved their reporting structure over the history of the FITARA scorecard, only the Department of Health and Human Services improved its CIO reporting structure between the 10th and 11th versions.
Connolly said 21 of 24 still not have established policies detailing the role of their CIO as required by law and guidance.
Despite this limited progress, GAO’s Walsh said FITARA has given CIOs a larger voice in the oversight and spending of the IT budget. He said there is no better example than the accumulated savings or cost avoidance of $22.8 billion from the PortfolioStat program.
“We also have seen incremental progress with CIO authorities. It’s harder to measure which have a seat at table that they didn’t have before, but five who are now reporting to the head of the agency is the most important metric,” Walsh said.
Connolly asked if he’s seen any backsliding of CIOs standing. Walsh said he was not aware of any, mostly due to the attention of the committee.
It’s clear over the last year that technology makes the agency run smoothly.
“The coronavirus pandemic has highlighted that CIOs are more essential now than ever before,” Connolly said. “Nearly every federal program, service, and function relies on IT to work. It is among the duties of the CIO to plan for agency IT needs, including the resources required to accomplish the mission. Outdated legacy systems, software and hardware, however, continually prevent agencies from providing the service the American public expects and deserves.”
But the question, then, has to come back to whether agencies have outgrown the need to mandate CIO’s have a seat at the table.
Labor CIO Gundeep Ahluwalia doesn’t report directly to the secretary, but he’s managed to revamp the agency’s approach to IT modernization, save more than $70 million and centralize common functions.
He said during the pandemic 95% of Labor’s workforce moved remote without any interruptions, and the agency onboarded 1,500 new staff virtually. Labor also closed 73 data centers, is tracking tiered and non-tiered data centers and disconnected 70% of their telecommunications and network circuits from the expiring Networx contract.
“Under the agency CIO authority enhancements category, the department has ensured IT projects use an incremental development methodology. This facilitates a regular cadence of new functionality and continuous feedback to ensure the desired outcome of program areas during the development stage,” he said in his written testimony. “The goal is to deliver value over time. In the Transparency and Risk Assessment category the department re-evaluated and refined its risk assessment criteria for major IT investments to allow the department to apply an appropriate level of focus based on the varying level of risk.”
It’s true that Labor may be an outlier when it comes to CIO authorities, but the pandemic proved the critical role technology plays and it’s hard to believe anyone will soon forget it.
Congress is ready to take another bite at getting agencies to measure the performance of their programs. This attempt has a distinct IT modernization flavor.
Connolly and Rep. Jody Hice (R-Ga.), the ranking member of the Subcommittee on Government Operations, introduced the Performance Enhancement Reform Act on April 16. It would be at least the third major bill to attempt to get agencies to develop metrics and success factors in a new way.
“This important piece of legislation would require agency’s performance goals to meet the demands of the ever-changing performance management landscape and include data, evidence, and IT in their performance plan,” Connolly said. “The bill would also require agencies to publish their technology modernization investments, system upgrades, staff technology skills and expertise, and other resources and strategies needed and required to meet these performance goals.”
The bill also would:
“You’d think the things this bill requires would be common sense — when making an agency performance plan, use the people with the right expertise and take into account what it’s going to take to set realistic performance goals and make the plan work,” said Hice in a statement. “But that’s not always the case. This costs valuable resources, and it has to change if we want to stop wasting time and money. [W]ith the Performance Enhancement Reform Act, we are taking a step forward in bringing the federal government into the modern era by requiring agencies to coordinate better with key agency leaders and best utilize resources when creating annual performance plans. This will help maximize agency human capital, technology, and time in order to better serve American families and businesses.”
The bill comes as the debate over how valuable performance metrics are heated up over the last few months. First OMB, under the Trump administration, removed the section of Circular A-11 that required these measures. Then OMB, under the Biden administration, put the section back into A-11.
Despite all of these efforts, GAO found in 2018 that the use of performance information to make policy decisions hadn’t changed much between 2013 and 2017.
Another bill doesn’t sound like the answer to driving performance. It sounds like a combination of training, data and consistent oversight by Congress and OMB would be more effective.