Is the government familiar with the full extent of its IT resources? Maybe, but likely not. However, they are trying to fix this. In 2014, Congress passed the Federal Information Technology Acquisition Reform Act (FITARA) in order to empower agency Chief Information Officers (CIOs) to ensure faster project development and less waste in federal IT budgets.
In order to better understand an agency’s progress, the Government Accountability Office assigns letter grades. An agency’s success in implementing the law is graded on four criteria: incremental development, risk assessment transparency, IT portfolio review savings, and data center consolidation. This year’s FITARA scorecard highlights agencies’ struggle to adopt FITARA, as no agency earned an A and there was only one B. However, there are ways agencies can improve their FITARA implementation scores.
Powner made clear that agencies have many areas where they can target their FITARA implementation strategies in order to better apply the policy. These targeted strategies include:
- Better understand the IT budget: This is perhaps the most important aspect to fully implementing FITARA because there is a lot more spent on IT than what is said is spent on IT. Appropriately classifying IT spending is necessary to know if FITARA is working properly.
- Further develop CIO authorities: There is no need to reinvent the wheel. Working on CIO authorities should include how they handle and fix the IT budget while ensuring that the overall flow of operations is steady.
- Improve conversions of legacy systems: Address duplicative commodity IT and convert or shutdown inefficient datacenters. Identify datacenters that have security issues or ones that are having a hard time being maintained and come up with a feasible conversion plan.
In order to further examine where agencies can improve in their FITARA rollout, the GAO also looked at where agencies are in the implementation process. Powner explained that most agencies are in the early stages and many are taking a more incremental approach rather than rolling everything out at once. This has been a productive approach because, “we get great plans and great ides out of the gate quickly, but implementing and fully delivering on some of these plans is where agencies are challenged a lot of the time,” Powner said.
Powner highlighted that agencies are doing well with implementing fixes to CIO authorities and datacenter consolidation. “When you look at the first section of the law, you look at fixing the CIO authorities. But there are a lot of challenges in this because of the history in the organizations, where the CIO was placed, and what authorities they have,” Powner explained. He continued that the Department of Veterans Affairs is making progress on this issue by adopting the aforementioned incremental approach and slowly adjusting CIO authorities so their role is more clear and effective.
Additionally, optimizing datacenters has been a point of progress in FITARA implementation. “The Department of Agriculture did a heavy lift and closed about a thousand datacenters all around the country,” Powner said. Closing a thousand datacenters is not necessarily fiscally efficient but it shows great efforts from a security perspective. That is why it is important for agencies to take the process slow and do it right, because much of the implementation of FITARA is multi-faceted in its outcomes.
Looking forward, Powner emphasized the importance of “keeping the momentum of FITARA implementation rolling in the election and transition season.” He explained that OMB is doing a lot of good things with their plans in progress, oversight, and leadership in FITARA implementation. However, Powner warns this needs to continue, as starting all over with a new administration would hinder effective implementation.