Of the seven categories the FITARA scorecard uses to assess federal agencies’ adherence to the IT acquisition law, a trio of measures did more to waylay them than any others.
Members of the House subcommittees on IT and Government Operations detailed Wednesday how 11 agencies regressed on the May 21 scorecard due to poor performance concerning tracking software licenses; ensuring CIOs report to department secretaries or their deputies; and setting up the working capital funds authorized by the Modernizing Government Technology Act.
The combination of the three categories took agencies from a potential spread of five As, 14 Bs and 5 Cs to only three Bs, 12 Cs, eight Ds and an F, according to Rep. Gerry Connolly, D-Va. Agencies that failed to have their CIOs report to senior leadership were automatically docked a letter grade, erasing many gains from November’s scorecard
IT Subcommittee Chairman Will Hurd, R-Texas, said the scorecard is designed to help agencies improve, but due to the continued lag in compliance, congressional leaders decided to increase pressure, particularly with the metric for reporting to agency leaders.
“We assign these grades not to shame agencies, but rather to incentivize certain behaviors that will save money and increase security,” he said. “If every agency had a reporting structure, only two grades would have decreased on this scorecard.”
Elevating agency CIOs to a direct-reporting status has proven to be such a challenge for federal agencies that the White House recently crafted an executive order to compel them to do so, despite FITARA legally requiring it since 2014.
Dave Powner, director of IT management issues at the Government Accountability Office, said that having CIOs report directly to agency leadership is key to ensuring agencies are able to attract and retain the technology leadership needed to lead an IT transformation.
“Some CIOs are buried within the agencies. We need to elevate them,” he said.
Powner also expressed concern in the lack of preparations made by agencies to take advantage of the authorities provided by the MGT Act — namely repurposing their own savings to finance modernization projects.
“The bottom line here is that there are not enough agencies that are committing to establishing these working capital funds,” he said. “Establishing these funds are critical so that savings from software licensing, data center optimization and PortfolioStat efforts can be reinvested in agency IT modernization priorities.”
He added that savings from the combination of the three issues would provide significantly more savings for IT modernization than the $100 million appropriated to the central Technology Modernization Fund.
The scorecard also included a new metric grading agency cybersecurity posture. Though the grades don’t factor into agencies’ overall score on the current scorecard, nine agencies failed, another nine received a D and five earned a C.
While overall agency grades slid backward, there were some gains. The GAO projects that $4 billion has been saved from data center consolidation efforts in recent years. Another $340 million could be saved in 2018 as a result of software license consolidation required by the MEGABYTE Act, up from $50 million in 2017. And incremental software project development has increased almost 30 percent since 2015.
“This progress wouldn’t have happened to this extent without your scorecard and oversight,” Powner told lawmakers.