The Department of Veterans Affairs could become the model of Federal IT Acquisition Reform Act compliancy in government — if it can achieve all its goals for 2016, CIO LaVerne Council told lawmakers.
“If we can hit everything we plan on in 2016, we will be the premier government agency in FITARA,” Council said Wednesday before the House Oversight and Government Reform Committee’s IT Subcommittee.
Her agency scored a “C” grade in the committee’s FITARA Scorecard in November 2015, one of a few CFO Act agencies to score above a “D.”
Despite its passing score, VA struggled in the categories of data center consolidation and IT portfolio review savings. Council, though, has plans to correct that by the year’s end.
She said VA Office of Information and Technology’s launch of an Enterprise Program Management Office — what she called VA’s IT “control tower” — in December 2015, as well as new processes in “quality and compliance” and how they’re “going about many of the new abilities in data management,” will move VA by the end of the year close to 100-percent FITARA compliance.
“I use it as a guidepost,” Council said. “It allows us to really take ownership and hold ourselves accountable for the capabilities that have been put in our hands by having this legislation.”
By 2019, she testified, VA will have eliminated 70 data centers, and the others “will be eliminated by the use of the cloud, through the consolidation of various data and processes, and the elimination of various legacy systems.”
Council’s counterparts in the VA Office of the Inspector General testified on VA’s historic struggles with its IT development and security.
“For 16 consecutive years, information security has been reported as a material weakness in VA’s consolidated financial statement audit,” said Brent Arronte, deputy assistant IG for audits and evaluations. “Our audits show have shown that IT system development and management at VA is a long-standing, high-risk challenge.”
While that’s true, Council pointed to the corrective actions she’s taken and plans she’s put in place to remediate those findings in the less than a year she’s been serving in her capacity. For instance, her team has set up an agile development framework called the Veteran-focused Integration Process, which guides the EPMO, and the Enterprise Cybersecurity Strategy to lead departmentwide cybersecurity improvement.
“We had to put a core process in place, we had to talk about the accountability, we wanted to make sure we were fully resourced and also that we were fully funded,” said Council, who added that “for the first time, our security efforts are fully funded resourced at $370 million” in fiscal years 2016 and 2017.
And unlike in the department’s past, Council said she’s taking immediate action on recommendations from the Government Accountability Office and VA inspector general, closing 95 percent of those from the IG already.
“It’s a different level of ownership, a different level of accountability,” she said. “We’ve stressed that every employee is responsible for security, and since that was the key first thing I committed to do when we arrived, we have set upon a new way of looking at how we do what we do and how we own it.”
VA’s Office of Information and Technology is not without flaws — there’s still much work to be done to improve IT behind the scheduling of care at VA hospitals and making veterans’ electronic health records interoperable with other systems, particularly the Defense Department’s — but lawmakers seem pleased with the changes Council has made since joining VA last July.
Take it from the normally combative subcommittee Chairman Rep. Will Hurd, R-Texas.
“The problems agencies face in IT and cybersecurity are not in the availability or accessibility of technology — the tools already exist. The challenge federal agencies face, and we have seen it at [the Office of Personnel Management] and the Department of Education is having the leaders in place — leaders who have a commitment and have a vision to staying at their agency to see that vision through,” Hurd said. “And Ms. Council, I’m excited because I think you are the right person for the job.”
And Council said she’s created a team that’s ready to do that.
“Everyone wants to roll their sleeves up and get it right,” she said.
Contact the reporter on this story via email at Billy.Mitchell@FedScoop.com or follow him on Twitter @BillyMitchell89. Subscribe to the Daily Scoop to get all the federal IT news you need in your inbox every morning at fdscp.com/sign-me-on.