wfedstaff | April 17, 2015 4:36 pm
House lawmakers began their effort to update the laws that govern federal technology spending.
But federal Chief Information Officer Steven VanRoekel said the current laws are not the problem.
“I definitely think there is room in the existing law on the policy side and the implementation of people side that definitely allows us the flexibility for us to be successful,” VanRoekel said Tuesday during a hearing of the Oversight and Government Reform Committee. When asked more directly by Rep. John Mica (R-Fla.) whether existing laws gave the Office of Management and Budget the authority and ability to do what he needed to do to improve the oversight of IT spending, VanRoekel said more plainly, “I do believe so.”
This was the committee’s first of what likely will be many hearings to inform and help them develop a new IT reform bill.
Federal News Network's Cyber Industry Exchange: Where does cybersecurity end and physical security begin for federal agencies? Find out at Federal News Network’s Industry Exchange: Cyber.
Chairman Darrell Issa (R-Calif.) floated a draft bill in September and has been collecting input from industry, academia and federal experts.
Time has come for an update
Congress last addressed federal IT oversight in the E-Government Act of 2002, which celebrated its 10th anniversary in December. Before that, lawmakers passed the Clinger-Cohen Act of 1996, which is considered the granddaddy of federal IT oversight and process laws.
But a lot has changed in a decade since the E-Government Act, and Issa believes not always for the better. He said the same problems around project management, duplicative systems and cybersecurity still plague the government.
“Estimates suggest that as much as $20 billion of taxpayer money is wasted each year [on IT programs],” he said. “But let us understand in this case, it’s not the waste of the $20 billion, it’s what that $20 billion could do properly applied to our transparency into our government. The leveraging of $20 billion to save $200 billion is why it is essential we fix this part of government that seems to be so broken.” Interestingly, during the more than two-hour hearing, which included former committee Chairman Tom Davis (R-Va.), who is now a principal with Deloitte, and a panel of industry IT companies, the bill didn’t come up.
Committee members spent a majority of the questions and answers asking about current OMB initiatives, such as data center consolidation, cybersecurity and workforce issues.
Mica’s question to VanRoekel was one of the few that addressed current or future legislative needs.
VanRoekel said one of the areas of current law that does need to be changed is around budget.
“The challenge I think we face is probably around budgeting, and thinking about how from a budget standpoint our IT dollars are spent?” VanRoekel said. “One of our inhibitors I think on implementation of IT is that often times for most agencies it’s a single-year spend.”
Single-year money means agencies have to spend what they have that year and can’t carry it over in to the following year to be used when the agency actually needs it versus being forced to use it or lose it.
Additionally, VanRoekel said the annual continuing resolution for the next year’s budget and now potential sequestration cuts have a deep impact on how agencies manage IT projects from a budgetary perspective.
VanRoekel said it’s not only the budget that causes agencies to continue to struggle with IT project management.
More collaboration across the C-level is needed
The Obama administration has been trying to address these problems, starting with TechStat and the IT Dashboard, and more recently through the PortfolioStat process and giving agency chief information officers more authorities over commodity IT spending.
VanRoekel said OMB also is trying to push technology out of the CIO’s home and make it part of a collaboration, primarily through the use of PortfolioStat sessions.
“There is this inflection point we all go through where technology is seen as this very discretionary thing to this very strategic thing. We are in the midst of that inflection point in government and it hasn’t been fully realized. I think that coupled with the cost pressure, the cybersecurity pressure and probably most importantly, the expectations of citizens are going to drive a different behavior,” he said. “What I noticed the most about coming into government is that we spend a lot of time focusing on a single role, saying a CIO owns this function, a procurement professional owns this function, a CFO, human resources, etc. One of the things I’m working very hard to instill is a cross C-level conversation on these things.” VanRoekel said through PortfolioStat, OMB is helping agencies to run investment review boards similarly to the private sector where the CFO, CAO and program people understand the impact of the IT system and how they could strategically make decisions on how and where money is spent on technology to help meet mission requirements.
Issa’s bill, as it stands now, would codify much of what OMB has been trying to do over the last four years, including giving CIOs more budget authority.
But interestingly, the importance of giving CIOs more budget authority didn’t garner the type of support many would have expected after years of current and former senior IT managers calling for this change in the law.
Neither VanRoekel nor David Powner, the director of IT management issues at the Government Accountability Office, said budget authority for CIOs was a key change needed in the existing law.
“Clearly, budget authority helps with your authorities, but there’s some CIOs in the federal government, and I could point to several examples, even without budget authority, they still are quite successful,” Powner said. “If you look at the IRS as an example, they’ve greatly improved. Their CIO/CTO gets a lot done and gets it done well. DHS is another example, where even without budget authority they are still quite successful.”
But Davis, who co-authored the E-Government Act, offered a different point of view. He said budgets matter, and CIOs need the authority to manage how IT is spent, which can be done only through the control of the budget.
Davis said it’s time to update the E-Government Act and the Federal Information Security Management Act (FISMA), and give CIOs more organizational and budget authority.
Davis said Congress didn’t envision having so many CIOs across government when it passed Clinger-Cohen.
“But you can have as many as you want if you give them the right authority,” Davis said about the proliferation of CIOs. “The problem is they are sitting out there and in many cases they are toothless tigers. There are some great people, very dedicated, but if you can’t enforce this, that is why you get so many stovepipes built up.”
Issa’s bill would reduce the number of people — by one count 243 — with the title of CIO and give them more authorities over spending and management.
The committee is expected to hold more hearings in the future, including one on CIOs and their authorities.
In advance of yesterday’s hearing, the House Oversight and Government Reform Committee released a video [see below] entitled “Why Federal Government Needs an IT Revolution.”