President Donald Trump on May 15 released an executive order that would empower agency chief information officers, granting them more authority over budgets, hiring and overseeing IT processes.
Sound familiar? That’s because there’s already legislation meant to do exactly that. Passed in December 2014, the Federal Information Technology Acquisition Reform Act aims to make it easier for agency CIOs to buy and manage technology and IT, and also puts the onus on the CIO as the person accountable for both successful and failed IT projects. (And before FITARA came the Clinger-Cohen Act of 1996 and even further back in time, the 1990 Chief Financial Officers Act, both meant to also give CIOs more authority.)
But now, 3.5 years after FITARA’s enactment, it seems its powers weren’t enough to empower CIOs.
In fact, in the most recent FITARA Scorecard 5.0 issued in November, agencies still fell short in the “agency CIO authority enhancement” category. The Agriculture Department got a C; the Social Security Administration and departments of Labor and Treasury received a D; and NASA and the departments of Defense and Transportation completely failed.
The new EO especially wants to give CIOs more authority when it comes to hiring and budgets. It directs the head of the Office of Personnel Management to publish a proposed rule that would allow agencies to determine if there’s an IT talent shortage. If that’s the case, the OPM director would then give that agency direct hiring authority for IT roles.
It also requires the CIO to have a role on any IT governance board related to investment or purview over IT, or any board that established agencywide IT standards.
So, what does the EO do that FITARA doesn’t?
“Neither FITARA nor its predecessor, Clinger-Cohen Act, resulted in agency CIOs having a seat in the C-suite,” said John Weiler, executive director of the IT Acquisition Advisory Council. “CIOs also have not had a vote in large IT programs, as these were often managed outside the [Office of the CIO.]”
Weiler said the departments of Commerce, State, Homeland Security and Health and Human Services in particular suffered from this problem, while the Veterans Affairs Department “was more fortunate.”
The budget authority issue is another crucial aspect, he said. The EO says each agency should ensure the CIO “has a significant role” as the lead adviser in all decisions tied to “planning, programming, budgeting, and execution decisions, as well as in all management, governance, and oversight processes related to IT.”
“The CIO need to have some type of budgetary control, otherwise, they are only an adviser who can be easily ignored,” Weiler said.
And then, there’s hiring.
“The executive order authorizes special hiring authorities to enable agencies to recruit the IT talent they need,” Kristine Simmons, vice president of government affairs for the Partnership for Public Service, told GovernmentCIO Media in an email. “This goes beyond FITARA and could boost the EO’s impact.”
And ultimately, the EO reiterates the importance of agency CIOs in modernization.
“Congress has a long history of passing management reforms, but the real success lies in how they are implemented,” she added. “The president’s executive order on enhancing the effectiveness of agency CIOs is a signal that the White House stands behind IT modernization and the role of CIOs in driving change.”
Still, even with FITARA and the new EO, Weiler said critical aspects remain unaddressed.
“They are not tackling the flawed IT acquisition process again,” he said. “TechFAR promotes a build versus buy, which is assbackwards. Agile acquisition needs to be a mandate.”
The TechFAR handbook does endorse modular contracting — an acquisition strategy that breaks up large procurements into multiple projects for technology systems — but doesn’t directly speak to agile software development practices.
Also missing, Weiler said, is the embracement of the Technology Business Management Council standards White House Deputy Chief of Staff for Policy Coordination Chris Liddell and former U.S. CIO Tony Scott advanced.
But Trump’s fiscal 2019 budget requests does include funding for a TMB program office in the General Services Administration, which would be responsible “for coordinating TBM
implementation across the federal government.” This could help standardize an IT spending framework governmentwide, if executed.
Finally, absent from the EO is a robust risk management framework that deals with more than just open source code inspection, but also measures risk of commercial off-the-shelf tools, cloud, etc., Weiler said.
And FITARA excludes military CIOs from certain budgeting and hiring requirements, like approving agency IT budget requests and agency component CIO appointments. The EO doesn’t address the Pentagon at all.
“Unfortunately, the EO excludes the DOD,” Weiler said. “Not sure why."