Beyond the opening statements, the most recent hearing of the Federal IT Acquisition Reform Act (FITARA) scorecard focused little on the grades themselves.
The hearing reminded us, once again, that the news rarely comes from the reason the hearing or event was called together in the first place.
There were plenty of good tidbits that came from the 97-minute hearing. We could focus on the fact that the committee called chief information officers from both the Small Business Administration and the Social Security Administration and all but ignored them.
Outside of his opening statement, Sean Brune, the SSA CIO, spoke for a whopping 2:32, while Keith Bluestein, the SBA CIO, took up another 2:31 of time.
Insight by Cloudera: Learn about what a few federal agencies are doing to tackle data security challenges and improve their cyber data posture in this exclusive e-book.
It makes no sense for lawmakers to call these executives and not ask them questions.
I’m sure Brune and Bluestein were just fine with the little attention they received, but it seems like a lost opportunity by the subcommittee.
We also could dig deeper into a new bill Rep. Gerry Connolly (D-Va.) is writing to improve the federal internship program and help address long-standing federal IT workforce shortcomings.
While both of those tidbits are interesting, there isn’t a lot of there.
So here are three takeaways from the hearing you may have missed and that matter to the federal IT community.
After eight years of debate, it’s time for Reps. Gerry Connolly (D-Va.), Katie Porter (D-Calif.) and the other members of the Oversight and Reform Committee to fish or cut bait when it comes to data center consolidation.
The other saying about “getting off the pot” may be more appropriate here, but we are a somewhat civilized news organization after all.
No matter how you say it, Connolly and his friends have been complaining about the Office of Management and Budget’s definition of a data center for the better part of eight years. And twice a year at the hearings on the FITARA scorecard, they raise their voices, make threats and promise to hold OMB accountable.
And then it’s Groundhog Day all over again.
At the most recent FITARA scorecard hearing, the day played itself out once again with Porter pressing the Government Accountability Office over how agencies face increased cybersecurity threats because of the imprecise definition of a data center that doesn’t include non-tiered facilities.
Connolly piled on, threatening legislation to force OMB to have what he and the committee believe is a more accurate definition of a data center.
“This subcommittee will insist with the letter of the law being complied with,” Connolly said. “When we pass a law, we expect it to be complied with. The time to argue is while we are debating that draft legislation, not after it becomes law. The fact we have had 12 hearings on this subject all about compliance with the law, no other committee in Congress that I’m aware of has done that. I hope demonstrates our determination that this happens. We see ourselves as your partner, but we are going to insist the various components of FITARA that Mr. [Rep. Darrell] Issa (R-Calif.) and I wrote be complied with. We are prepared to pass more legislation on a bi-partisan basis, if necessary.”
Like a good solider, Clare Martorana, the federal chief information officer, promised to work with the subcommittee and continue the conversation. It should be noted, however, that she made no commitment to change the definition.
To be clear, Martorana is inheriting this problem and debate, which started under former Federal CIO Steven Van Roekel in 2013 and continued up through 2019 when former Federal CIO Suzette Kent released the most recent data center policy.
Despite this definition disagreement, agency progress has been clear. GAO’s Carol Harris, the director of IT and cybersecurity issues, highlighted how agencies have saved or avoided spending more than $7 billion from the data center consolidation and optimization initiative since 2015. She said, however, OMB needs to relook at the definition.
Want to stay up to date with the latest federal news and information from all your devices? Download the revamped Federal News Network app
“We do want to keep track of some of the non-tiered data centers, particularly the fairly big ones…and make sure they are following the requirements of the DCOI initiative and are subject to the reporting requirements associated with that initiative,” Harris said.
After eight years, the time for threats and complaining should be over. Connolly and Porter should either introduce legislation to force the definition change or stop complaining about it. Eight years of this debate is enough.
The subcommittee didn’t spend much time at the most recent hearing talking about the piece of the Modernizing Government Technology (MGT) Act that has the potential to truly change the trajectory of agency IT modernization efforts—working capital funds.
The scorecard showed about half the agencies are meeting the goals of establishing a working capital fund or planning to have one to save “leftover” money and put it toward IT modernization. Three agencies received “A” grades and 10 received “B” grades.
For those agencies who aren’t quite on board yet with a working capital fund, take a moment to understand its impact on the Small Business Administration. SBA was one of the first agencies to set up a WCF, receiving Congressional authority in 2020. SBA says in its fiscal 2021 budget request it expects to have $4 million in 2020 and another $2 million in 2021 in the fund.
Keith Bluestein, SBA’s CIO, explained to the committee how having a working capital fund has made a huge difference for the agency.
“While this is still a relatively new capability and will mature over time, the IT WCF allows SBA to have a long-term vision for modernization and change with a managed resource pool to ensure that vision can be realized. Words are inadequate to express the relief this provides the CIO in responding to various changes that occur over the course of a given fiscal year,” he said. “While our fund is young, it provided the agency with additional flexibility to adapt to emerging needs. This tool helped bolster FITARA even further by strengthening the collaborative bond the CIO has with the CFO to execute the agency’s mission. MGT was a welcome adjunct to FITARA and has allowed SBA to better plan and resource expenditures on a multi-year horizon.”
SBA is using the funds banked in the WCF to modernize its infrastructure, to unify and enhance its customer experience tools internally and externally, to update its support technology for small business certification programs; and to improve the systems that manage entrepreneurial development and learning.
Bluestein said it used money from the WCF to accelerate the initiative to upgrade the Entrepreneurial Development Management Information System (EDMIS).
“The IT WCF allowed us to allocate the resources effectively over a multi-year horizon, which ensured the stability of the project from inception to delivery at the end of June this year,” he said. “This is a huge success story for the entrepreneur community as the new tool can provide rapid reporting and analysis of data for actionable decision making which previously took months. The tool allows data to come alive and enables our investors in America’s small business to take quick action and identify emerging opportunities. This capability is a small business game changer and was directly enabled by the MGT Act and the cross-agency collaboration driven by FITARA.”
This is exactly what lawmakers had in mind when they approved the provision in the MGT Act, using money that otherwise would’ve been returned to the Treasury for underfunded IT projects.
SBA, and most recently the Office of Personnel Management, are among the only agencies to receive approval from the appropriations committee to set up an IT WCF. Connolly and others believe agencies do not need approval from their appropriations committee to set up the fund. But several agency general counsels, including the U.S. Agency for International Development, the Education Department and others, have determined approval is necessary.
Sen. Maggie Hassan (D-N.H.) and Connolly promised to introduce a technical amendment to address the confusion.
It’s clear that technical change can’t come soon enough.
Beyond a few speaking engagements, Martorana used her first time appearing before Congress to lay out four priorities.
There isn’t anything surprising here, but it’s good to know given she stayed under the radar during her time as the CIO at the Office of Personnel Management.
You can read all about them in more detail in her testimony, but here is the short hand version:
“My priorities shared today outline the investments, the people and the focus that are critical to the end goal: delivering secure information technology across government and high-quality services to the American people. Technology is the underpinning of everything the government accomplishes,” she wrote in her testimony.
While none of these four are surprising, let’s focus on the fourth item around policy development.
Martorana said she wants to rethink the approach to federal IT.
“We must identify new ways of working across government, such as developing playbooks that build on what we know already works, collaborate more frequently with key stakeholders to focus oversight with the work being done today, and rethinking how we are working in the Office of the Federal CIO, such as pairing technologists with policy experts at the beginning of the effort to develop innovative technology solutions within our laws, rules and regulations,” she told lawmakers. “We must optimize for results, not optics. We need to show, not tell and deliver on mission.”
Martorana offered more details in her written testimony on this idea of pairing policy experts with technologists.
“By integrating delivery experts with policy experts and working together at the beginning of this process, we can test new ideas and help propel IT modernization across the government,” she wrote. “We must raise government technology standards and practices to those of the private sector, and rely on open-source technologies, modern security practices, and pressure-tested solutions already in place. By embracing innovation and translating it into modern and secure policies and experiences, agencies will be best positioned to deliver best-in-class services for the American people.”
Martorana is building on the efforts by the previous two federal CIOs — Tony Scott and Suzette Kent — who made it a habit of releasing draft policies to not only agencies, but industry too. They both believed in the idea that more feedback is better.
Martorana seems to be taking this one step further. While she hasn’t specifically said she will continue to release draft policies to the federal community, bringing technology experts to the table will provide a similar result.
Mark Forman, the former associate administrator of e-government and IT for OMB — and really the first federal CIO — during the administration of President George W. Bush, wrote about this concept on LinkedIn. He said he was disappointed lawmakers didn’t focus in on this priority during the hearing.
“In particular, updating the IT governance polices by bringing together technologist and IT policy analysts will have a profound effect on implementation of the existing body of laws regarding agency IT spending, cybersecurity, acquisition and management,” wrote Forman, who is now the executive vice president at Dynamic Integrated Services. “This is an exciting initiative that will impact legacy IT providers, the federal IT workforce, agency modernization efforts. I hope Clare and her team can make progress in resolving chronic federal IT problems.”
As Forman and many others know, fixing these chronic problems will take a lot more than new policy, but getting the right foundation in place is an important start. Kent began the process by removing outdated policies and improving others. Martorana can build on that legacy by recruiting technologists who understand how government works and aren’t afraid to take smart risks.