While the spotlight shines brightest on the fiscal 2023 omnibus bill around which agency got how much money and for which programs, federal employees can’t lose sight of the consolidated appropriations bill as a key policy document.
Scattered throughout the 4,100 page bill, there are nuggets of new or ongoing requirements that impact every part of an agency’s mission. The Senate passed the omnibus bill Dec. 22 by a vote of 68 to 29.
At the same time, the language lawmakers’ use provides insight into what they are paying attention to over the next year.
With that scene set, here are several technology-related provisions that every agency should heed as they prepare for what looks to be an adventurous 2023.
The long-standing concern that agency chief information officers don’t have a seat at the table or their seat isn’t big enough or they are sitting at the kid’s table — use whatever analogy suits you — is a major theme in the omnibus.
Starting with Section 620 for those of you keeping score at home, lawmakers, once again, included language ensuring agency leaders include their CIO “in decisions regarding the budget planning process related to information technology.”
The two-part provision also requires the CFO to work with the CIO to ensure the agency is abiding by budget policy and legislative requirements.
The point here is agency secretaries and deputy secretaries must ensure CFOs don’t exclude CIOs during the budget development process. This was a common problem in the late 1990s to the mid-2010s. House lawmakers recently pressed Federal CIO Clare Martorana about her implementation and oversight role. So 26 years after the passage of the Clinger-Cohen Act establishing agency CIOs and their authority and after several memos from OMB, the issue continues to reveal itself.
Congress went further than this governmentwide provision with a handful of agencies.
“[N]one of the funds appropriated or otherwise made available by this act may be transferred to the Office of the Chief Information Officer without written notification to and the prior approval of the committees on appropriations of both houses of Congress,” the bill stated. “[N]one of the funds available to the Department of Agriculture for information technology shall be obligated for projects, contracts or other agreements over $25,000 prior to receipt of written approval by the chief information officer; Provided further, that the CIO may authorize an agency to obligate funds without written approval from the CIO for projects, contracts or other agreements up to $250,000 based upon the performance of an agency measured against the performance plan requirements.”
Congress also highlighted CIO authorities for the State Department (Section 7064) and the Justice Department (Section 208) around specific areas.
For State, lawmakers said the CIO must provide approval for any new major IT investments under the Administration of Foreign Affairs. This has been a long-standing challenge to get the Foreign Service to play nicely with the headquarters CIO’s office.
At DOJ, Congress is giving the deputy attorney general and the investment review board, which is led by the CIO, oversight over any program that will cost $100 million over its lifecycle.
Lawmakers want the board to certify the program to the House and Senate appropriations committees to ensure it has the “appropriate program management controls and contractor oversight mechanisms in place, and that the program is compatible with the enterprise architecture of the Department of Justice.”
New requirements for DHS to use TMF
The Senate’s support of the Technology Modernization Fund (TMF) has been tepid at best. But this provision seems to signal their frustration with more than just the fund, but the Department of Homeland Security’s communication about the impact of these extra dollars.
The proposal must include, “a detailed analysis of how the proposed project funding would supplement or supplant funding requested as part of the department’s most recent budget submission,” and “the finalized interagency agreement between the department and the fund including the project’s deliverables and repayment terms, as applicable,” including how DHS will repay the money.
Congress then will have 15 days to approve the funding.
DHS is the only agency with this language, and lawmakers didn’t offer any details in their joint explanatory statement as to why they included the provision.
It’s not just the TMF that lawmakers want more information from DHS. Congress included the provision (Section 107) for a second year in a row that would require approval for DHS to enter into any pilot or demonstration program that includes more than 10 employees and worth more than $5 million.
The report must “detail lessons learned, actual costs, any planned expansion or continuation of the pilot or demonstration and any planned transition of such pilot or demonstration into an enduring program or operation,” lawmakers wrote.
The good news for DHS is Congress did change the provision slightly. Last year, it required a report for any pilot or demonstration project that had five full-time people and worth more than $1 million. That provision caused a lot of consternation across DHS in 2022.
NASA new IT modernization authority
NASA joined the Office of Personnel Management and the Small Business Administration with receiving a rare approval from Congress. The space agency now has the ability to create an IT working capital fund as authorized under the Modernizing Government Technology (MGT) Act.
Lawmakers offered no comments or discussion about the decision to give NASA this approval, but it’s not something that happens often.
Over the last few years, several agencies have asked Congress for approval, including the departments of Treasury and Labor and the U.S. Agency for International Development, only to be turned down.
While the TMF gets all the attention from the MGT Act, the IT working capital fund, many believe, can have the biggest impact to help agencies get out from under billions of technical debt.
While lawmakers want CIOs to be in charge of IT spending, they also don’t necessarily trust them to make the best decisions. It’s the challenge of having so many cooks in the proverbial budget kitchen.
Congress gave both the Food and Drug Administration and the Department of Housing and Urban Development stringent requirements around IT investments.
In Section 3627 of the FDA’s portion of the bill, lawmakers inserted a long provision to improve the IT systems of the agency.
Under the provision, the FDA has to submit a report to Congress by Sept. 30 and then every four years after and post it on the website outlining its IT modernization strategy.
The plan should include, “agencywide strategic goals and priorities for modernizing the IT systems of the FDA to maximize the efficiency and effectiveness of such systems for enabling the FDA to fulfill its public health mission; specific activities and strategies for achieving the goals and priorities,” and “specific milestones, metrics and performance measures for assessing progress against such strategic goals and priorities,” the omnibus stated.
Additionally, the FDA should detail its specific strategies for improving and streamlining internal coordination and communication as well as any challenges and risks it faces and how it will overcome them in meeting its strategic goals and priorities.
Finally, the strategy should include a skills inventory, needs assessment, gap analysis and initiatives to address skills gaps as part of a strategic approach to IT human capital planning.
Legislators also want the Government Accountability Office to review the IT modernization efforts no later than Sept. 30, 2026.
For HUD (page 1,780 of the PDF, there is no section here to refer you to), Congress wants details on how it will spend up to $374 million in its IT fund.
The HUD secretary must submit a report to Congress outlining each project’s scope, total cost of each project, key milestones and the functional and performance capabilities that the project will deliver for the mission.
Additionally, HUD must provide the project end date, identify any systems it plans to decommission, its procurement strategy, governance structure and include a certification from the CIO that the project complies with the agency’s enterprise architecture and capital planning requirements.
Lawmakers say HUD didn’t provide this report last year and has been inconsistent in notifying the committees of major scope changes and cost increases.
“The agreement directs the department to brief the House and Senate Committees on appropriations within 30 days of enactment of this act on its plans to improve the timeliness, format and clarity of its reports and updates in a manner that meets the committees’ needs,” the joint explanatory statement said. “The agreement also directs HUD to continue clarifying its reasoning for requests funded through the IT fund, the WCF and individual salaries and expenses accounts.”
Both of these provisions seem to clearly indicate HUD and FDA need to do a better job communicating with appropriators. What’s also is clear, this should be a lesson for other agencies to heed.
Pressure on prioritizing Section 508
Sen. Bob Casey (D-Pa.), chairman of the Special Committee on Aging, has been pressing agencies for much of the past year to provide details about how they are serving people with disabilities.
From hearings to letters, Casey finally received confirmation from DOJ that it will release the governmentwide report on agency compliance with Section 508. It had been 10 years since Justice issued the congressionally-mandated report.
The omnibus bill gives OMB and GSA 100 days after the bill becomes law to release updated criteria and instructions for how agencies should meet Section 508 requirements.
Congress says the new criteria should improve the accessibility and usability of federal systems by people with disabilities by working with people who have visual, auditory, tactile and cognitive disabilities, or members of any disability organization.
Additionally, OMB and GSA must provide guidance regarding the types and formats of data an information to ensure compliance with 508, and data that DOJ or others can be assess.
Then 225 days later, each agency shall evaluate their progress in implementing the new standards and the impact they are having on making IT systems more accessible.
Finally a year after the bill becomes law, OMB and GSA must submit a report to Congress assessing agency progress and a list of recommendations for both the executive and legislative branches to consider to improve accessibility.