Agencies’ grades continued to hold steady on the 11th biannual FITARA scorecard released Tuesday, nearly a year since the coronavirus pandemic reached the U.S.
Of the 24 Chief Financial Officers Act agencies evaluated, 16 maintained their grades, three improved them and five saw downgrades — including the General Services Administration, which had its exemplary A+ August mark reduced to a B+.
The House Oversight and Reform Committee uses the scorecard to measure federal digital hygiene and compliance with IT reform laws, and all agencies received passing grades despite the removal of one metric and addition of another.
“In the midst of a global pandemic, continued reliance on remote work and an unprecedented and highly sophisticated cyberattack by a foreign adversary, the importance of federal agencies’ effective use of IT is too great to ignore,” Gerry Connolly, D-Va., who chairs the committee, said in a statement. “Let’s ensure we use [FITARA] to continue to raise the bar.”
The Making Electronic Government Accountable by Yielding Tangible Efficiencies (MEGABYTE) Act of 2016 requires agencies to maintain an automated software license inventory accounting for 80% of spending and enterprise licenses. Only two agencies had such inventories when the category was added to the scorecard in June 2017, but now every CFO Act agency uses them to reduce duplicative software costs.
In the software licensing metric’s place, the committee made the decision to add one grading agencies’ efforts to transition off expiring telecommunications contracts onto the $50 billion Enterprise Infrastructure Solutions (EIS) modernization vehicle. The measure was previewed on the August scorecard in the form of percentages, which have since been replaced with grades depending on where agencies are in relation to 50% completion.
Only eight agencies received As, while five got Fs on their transitions.
Some tech officials took to Twitter to criticize the committee’s moving targets.
Sources told FedScoop that the addition of EIS to the FITARA Scorecard will hopefully focus agencies’ efforts transitioning to the contract and give them a new urgency, similar to how adding a category for software licensing and the MEGABYTE Act was so successful.
The three agencies that saw their overall grades improve were the Department of Health and Human Services to a B, Department of Labor to a B- and Department of Veterans Affairs to a B+. No agency received an A this time around, and at least seven continue to perform damage control on their networks following the SolarWinds hack, one of the most momentous in U.S. history.
“Agencies’ information technology systems need to meet modern-day challenges, steward taxpayer dollars, and ensure the success of their critical mission,” said Rep. Jody Hice, R-Ga., the committee’s ranking member, in a statement. “In light of the recent cyberattack against several U.S. departments and agencies, it’s also imperative to reflect on their state of cyber readiness.”