Record number of US federal agencies get top grade in tech management scorecard
A record number of US government departments have received the top grade in a long-running scorecard for how they manage IT and cybersecurity.
The Federal Information Technology Acquisition Reform Act (FITARA) scorecard, which is compiled by the House of Representatives’ oversight and government reform committee, assesses how well departments are performing in six categories to implement the provisions of the act. The act aims to improve the management of IT within agencies to help them deliver their missions.
According to the scorecard, 13 agencies received the top A grade in the new ranking, which was unveiled by Democratic Party congressman Gerry Connolly last month. Connolly is the ranking member (lead member from the minority party) of the House Subcommittee on Cybersecurity, Information Technology and Government Innovation.
The top scoring agencies in alphabetical order are:
- Department of Defense
- Department of Education
- Department of Health and Human Services
- Department of the Interior
- Department of Justice
- Department of Labor
- Department of State
- Environmental Protection Agency
- General Services Administration
- National Aeronautics and Space Administration
- Office of Personnel Management
- Social Security Administration
- US Agency for International Development
A further 10 departments received a ‘B’ grade, and the lowest rating was the ‘C’ provided to the Department of Energy.
Read more: Governments urged to get back to basics to stay ahead of cybersecurity threats
Setting the scorecard
When the Federal Information Technology Acquisition Reform Act became law in December 2014, it made changes to the ways the US federal government buys and manages computer technology.
The legislation, which was authored by Connolly, is intended to do seven things, according to the US government CIO website:
- Enhance the authority of the chief information officer
- Enhance transparency and risk management in IT investments
- Require savings through IT portfolio review
- Expand training and use of IT cadres
- Consolidate federal data centres
- Maximise the benefit of the federal Strategic Sourcing Initiative (SSI)
- Expand government-wide software purchasing programmes
After it became law, the oversight committee and the Government Accountability Office developed the FITARA scorecard, which grades agencies from A to F on their performance on FITARA implementation.
Scorecards have been produced since November 2015, and Connolly said the most recent one showed “the highest number of A’s by far ever recorded on a single scorecard”.
Read more: Key takeaways from the GovernmentDX conference in Washington DC
He added that the scorecard “has been one of constant evolution as we receive feedback on how better to use the scorecard and improve it”.
Currently, the scorecard examines progress based on six categories:
- Agency CIO authority enhancements: FITARA requires CIOs to certify that IT investments are adequately implementing incremental development, with guidance calling on agencies to ensure that major IT investments deliver functionality incrementally. The scorecard rating is based on the percentage of “in-progress” software development projects for major investments that show use of incremental development.
- CIO investment evaluation: The legislation requires agency CIOs to categorise their major IT investments by risk. Additionally, in the case of major IT investments that are rated as high risk for four consecutive quarters, the law requires that the agency CIO conduct a review aimed at identifying and addressing the causes of the risk. The rating is based on the percentage of major IT investments that have been evaluated by the CIO within the current and prior fiscal year.
- Cloud computing: OMB’s Federal Cloud Computing Strategy is a long-term, high-level plan to accelerate cloud adoption in federal agencies. The strategy (issued June 2019) identified five key requirements of cloud procurement that help ensure successful cloud adoption. The five requirements focus on ensuring that the CIO oversees modernisation, agency cloud-related policies and guidance are iteratively improved, service level agreements are in place, service level agreement contracts are standardised, and visibility in high value asset contracts is continuously ensured.
- Modernising government technology: The Modernizing Government Technology Act authorises agencies to establish a working capital fund for use in transitioning from legacy IT systems, as well as for addressing evolving threats to information security. A working capital fund allows agencies to reinvest savings into modernisation or cybersecurity initiatives.
- Cyber: Congress enacted the Federal Information Security Modernization Act of 2014 (FISMA) to improve federal cybersecurity and clarify governmentwide responsibilities. The act promotes security tools that continuously monitor and diagnose the security of federal agencies and provide improved oversight.
- Transition off Networx: The General Services Administration (GSA) is responsible for contracts that provide telecommunications services for federal agencies. GSA developed the Enterprise Infrastructure Solutions, a new set of federal government contracts for civilian telecommunications, in preparation for the expiration of Networx. Progress is measured on moving off Networx.
Scorecard additions
Connolly added that lawmakers are looking at adding additional categories to future FITARA scorecards, including one reviewing the Federal Risk and Authorization Management Program – or FedRAMP –compliance and another beginning to explore agencies’ early adoption of artificial intelligence tools.
“I think the first concern maybe that Congress might want to monitor – and that may be reflected in the scorecard – is, ‘Okay, what about AI workforce recruitment, training, retention?” Connolly said, as reported by GovExec. “Where do we get the workforce at the federal level to make sure we’re managing AI and we understand how to regulate and everything else? And I think that may be a good place for us to start.”
About Richard Johnstone
Richard Johnstone is the executive editor of Global Government Forum, where he helps to produce editorial analysis and insight for the title’s audience of public servants around the world. Before joining GGF, he spent nearly five years at UK-based title Civil Service World, latterly as acting editor, and has worked in public policy journalism throughout his career.
Related Posts
