IT reform's rocky road

When Congress passed the Information Technology Management Reform Act three years ago, it was hailed as the fix for the worst federal IT blunders, from drawnout procurements to multibilliondollar system failures. But today, agencies' compliance with the law is spotty, according to an FCW survey,

When Congress passed the Information Technology Management Reform Act three years ago, it was hailed as the fix for the worst federal IT blunders, from drawn-out procurements to multibillion-dollar system failures. But today, agencies' compliance with the law is spotty, according to an FCW survey, and the law's provisions are not being enforced systematically.

Though 19 out of the 23 major agencies that responded to the survey said they have begun to make the management changes that the law - known as the Clinger-Cohen Act of 1996 - requires, 17 agencies reported they have not conquered each of its basic mandates, which range from setting performance goals for systems to determining employees' IT skills. Even some agencies that said they are complying with the law reported they have not completely met its goals.

As a result, some reform backers fear the effort to improve the way the government buys and uses IT could fizzle because of other IT priorities within agencies and on Capitol Hill. "I think [the reform philosophy is] at risk until you have an administration and leadership from the top and the bottom that are really committed to it,'' said Bert Concklin, president of the Professional Services Council, an IT industry trade group.

The lack of compliance has some agencies wondering what consequences, such as IT budget cuts, await them if they do not make more progress. "There is real essence in this law, and it only makes sense that someone is going to come back and say, 'Have you done these things?' " said Michael Tiemann, who is in charge of architecture standards for the Energy Department. Agencies that just "try to throw some mishmash" when Congress starts asking questions are going to be in trouble and could face budget cuts, he added.

The departments of Education, Health and Human Services, Transportation and Veterans Affairs and the Small Business Administration were the agencies responding to the survey that have met the fewest Clinger-Cohen requirements. The Nuclear Regulatory Commission and the National Science Foundation were the only two agencies that said they had met all requirements.

Congress passed Clinger-Cohen in reaction to years of high-profile IT failures, including decade-long modernization projects at the Federal Aviation Administration and the Internal Revenue Service that were aborted after multibillion-dollar expenditures.

Although the law has led to the cancellation of some large projects, including in 1997 the Health Care Financing Administration's $151 million modernization of the payment systems for Medicare, and sent others, like the first version of a Bureau of Export Administration system for tracking export licenses, back to the drawing board, not every agency is using the law to terminate, revise or reject IT project proposals.

To date, neither the Office of Management and Budget nor Congress has made compliance with Clinger-Cohen the ultimate test for funding agencies' systems, as the authors of the law had envisioned. OMB, however, requires agencies to justify their IT budget requests based on the law.

Deidre Lee, acting deputy director at OMB, indicated that OMB would rather work with agencies to meet Clinger-Cohen requirements than threaten to cut IT budgets to force agencies to comply. "We're working with agencies to ensure they understand priority-management objectives," she said. "But the question is, 'How can we help them?' "

The federal government spends $27 billion annually on IT. Clinger-Cohen aims to impose private-sector discipline on these expenditures, requiring agencies to manage systems as mission-critical investments, set performance goals for systems, use an integrated IT architecture to simplify how they manage them and ensure their work force, including top managers, has the skills to use IT effectively. The law created the chief information officer position in federal agencies and put these executives in charge of carrying out the mandates of the law.

According to the FCW survey, agencies have made the most progress devising capital planning procedures, which they are using to assess whether a system is a good investment. Almost all agencies said they have set performance goals and measures for their programs. But development of departmentwide IT architectures and work-force improvements have lagged.

Still, some agencies say they have made good on the Clinger-Cohen promise. "It's important to say that we're making a lot of progress,'' said Gloria Parker, CIO with the Department of Housing and Urban Development. "It takes a while to see results." Parker said HUD "shocked some major program owners" by freezing their funding because they had not properly accounted for their system proposals. "Now they understand," she said.

However, taking such action has not necessarily had a significant impact on how every agency manages its systems. "Many of these capital planning programs are just being designed and have not been implemented in a real decision-making setting,'' said Dave McClure, associate director of governmentwide and defense information systems issues at the General Accounting Office.

For example, the Defense Department has new capital planning procedures for selecting IT projects. But Paul Brubaker, who developed the law as a Senate staff member and now carries it out at DOD, said the department will not receive the funds to institutionalize it departmentwide until next year. "When it's finally done, it will have taken four years," he said.

"I've seen fairly mature selection processes," said GAO's CIO, Shereen Remez, who heads a subcommittee on capital planning for the CIO Council. "I think agencies are struggling with how to keep the focus on the project after the investment is made. No one likes to talk about problems, but if you don't...there's no way to redirect the project onto the right track.''

Agencies blame the nearly $7 billion Year 2000 problem for siphoning off IT staff and funding they would otherwise have devoted to management reform. "Everyone has been so consumed with Y2K that we haven't had a chance to focus on other things," said SBA's CIO, Lawrence Barrett. Once the date change crisis passes, there will be "a lot of backed-up demand for things to be done, so it will be important that you have a capital planning process in place.''

SBA said it had completed none of the Clinger-Cohen requirements. Nevertheless, Barrett said, the law has given him "a seat at the table'' with senior management to discuss not just the cost of IT but the contributions it makes to the agency. He has applied SBA's capital planning procedures to one major agency modernization program and hired Electronic Data Systems Corp. to help define the agency's future systems architecture.

Linda Ricci, an OMB spokeswoman, said the Year 2000 problem is OMB's "top management priority," but that "establishing sound capital planning and investment review practices as required by Clinger-Cohen [is] among the things we continue to move forward on."

Budget constraints kept some Clinger-Cohen's prescriptions from being a top priority for agencies, particularly when it comes to work-force improvements. NASA is "three to six months'' away from completing an agencywide employee assessment, retention and hiring plan, CIO Lee Holcomb said. "We've not been hiring for about five years,'' he said. "We are focusing on other human resource issues, trying to facilitate a smooth and effective downsizing. It's only now we're doing a 180" and starting to hire again.

NASA had a head start on other agencies making other Clinger-Cohen reforms. For example, the agency started to develop a systems architecture in 1994, two years before the law was enacted. The project took three years to complete. Elsewhere, such as at DOT, top IT managers have struggled to forge a common agenda among disparate agencies, each with their own budgets and technology priorities. Only this year have DOT officials started to craft an IT architecture for the whole department.

"Frankly, these processes have been stovepiped for years,'' said Diane Litman, manager of the information resources management division within the Office of the Secretary of Transportation. The department reported it had met only one of the six Clinger-Cohen requirements, setting performance goals and measures for its systems. Shrinking budgets for DOT's 14 agencies are "helping to force the issue" of integration, Litman said, but the effort depends on consensus by agency executives and the multiple congressional committees in charge of their budgets.

Agencies have few formal incentives to reform. Clinger-Cohen set no deadlines for when agencies should have met the act's requirements and prescribes no penalties. That leaves most agencies motivated mainly by fear that OMB or Congress will cut their budgets or place other restrictions on their operations if they do not show they are making progress.

"It's pretty clear the Congress and oversight bodies can create enough pressure to turn agencies and programs around,'' said Jim Flyzik, CIO at the Treasury Department, which reported compliance with all but one of the law's requirements.

At Treasury, an investment review board, whose members are the CIOs of Treasury's 14 bureaus, meets monthly to review and revise major IT projects. Last month, after completing a department-wide skills assessment, officials proposed strategies for hiring and training its work force. A report describing their findings and recommendations is expected soon.

Flyzik said the CIO Council provides peer pressure for agencies to make improvements. "We did work with Congress getting this in place," he said. "If it doesn't work, we're the ones that stand to lose.''

So far, however, Congress has not given Clinger-Cohen regular attention. An aide to the House Government Reform Committee who requested anonymity said agencies probably would have their progress scrutinized only if someone raises questions about a specific program that seems to be off track. Lawmakers will not hold any comprehensive hearings on Clinger-Cohen until next year, before the statute comes up for reauthorization in 2001.

Alan Balutis, deputy CIO at the Commerce Department, said that without a champion for the law in Congress to "continually keep light on it,'' agencies might not be giving Clinger-Cohen priority over other legislative mandates. The law's two sponsors, Sen. William Cohen (R-Maine) and Rep. William Clinger (R-Pa.), left Congress in 1997. Cohen became Defense secretary, and Clinger retired.

"We have suffered a terrible loss of key members and staff on the Hill who would naturally have followed up on the implementation of this legislation," Balutis said. "There is not a lot of interest now." As with any issue, Balutis said, if agencies knew legislators were watching them, they would give the law more attention. "They don't want to be the ones bringing up the rear.''

No Worse Than the Private Sector

In some respects, agencies may not be doing worse than many of the private companies that Clinger-Cohen asks them to emulate. For example, private firms also have trouble establishing and enforcing an IT architecture, said Paul Wohlleben, a former CIO with the Public Buildings Administration and now a consultant with Grant Thornton LLP.

Like the private sector, the government is battling CIO turnover, with agency CIOs leaving their jobs at a faster rate than their corporate counterparts. Corporate CIOs stay in their jobs an average of three years, said Gene Raphaelian, vice president for executive programs at Gartner Group. "A lot of times [they leave] because they served their purpose,'' he said.

In the government, 14 out of 23 agencies lost their first CIO within two years. "Part of what you're seeing with federal government agencies is that the expectation might have been unrealistic for what a CIO can and can't do,'' Raphaelian said, and the trend may lessen as the role of the CIO in each agency becomes better defined.

Renny DiPentima, a former federal IT executive who is now president of SRA Federal Systems, said the trend is "worrisome,'' because CIOs "need to take the long view.'' In the private sector, he noted, the results of budget decisions can be realized more quickly than in government.

Nevertheless, DiPentima, who has advised the government about how to make Clinger-Cohen work, said agencies have made more progress than he expected. "The coming together of the CIO Council [and the] numbers of people doing Clinger-Cohen-type work in the agencies tells me that a lot more is going on than anyone anticipated,'' he said. "I'm bullish that the act is making a difference.''

"It wouldn't have been appropriate to start whacking agencies in the head right out of the gate,'' DOD's Brubaker said. "We're asking for an awful lot here. It's just going to be incremental and somewhat gradual.''

-- Margret Johnston and Molly Ferrara contributed to this article.

***

How we did the story

FCW sent surveys to the 14 Cabinet departments and nine agencies for which the Clinger-Cohen Act created an executive-level chief information officer position and which are generally included in lists of "major" federal agencies.

Nineteen of the 23 surveys were returned. Answers from the surveys are summarized in the chart that accompanies this story as well as in details about individual agencies' activities reported in the text.

FCW also interviewed 22 officials from federal agencies, the General Accounting Office, the Office of Management and Budget, Congress and private industry and also reviewed GAO reports and agency IT planning documents.

***

Clinger-Cohen Survey

This survey about federal compliance with the Clinger-Cohen Act was sent to 14 Cabinet departments and nine agencies.

1. When was the current CIO appointed to the job?

2. Is he/she the only CIO in the department? If not, how many CIOs does the department have?

3. Does the department have a capital planning process for information technology?

4. Does the department have a performance plan that describes goals and performance measurements for IT systems?

5. Does the department have a documented IT architecture or a documented plan to achieve one? If not, have the department's bureaus or agencies established such plans?

6. Has the department selected standards for hardware, operating environments and application software? If not, have the department's bureaus or agencies done so?

7. Has the department assessed the knowledge and skills of its IT staff? If not, has this work been done at the agency level?

8. Has the department assessed whether its executive and management staff has the skills to meet the department's IT management requirements? If not, has this work been done at the agency level?

9. Has the department developed any plans for hiring and training staff and managers to meet its staffing requirements? If not, has this work been done at the agency level?

10. Does the chief information officer control the department's budget for information systems? If not, does the CIO advise the secretary on the budget submissions of bureaus or agencies?

11. Does the department have an investment review board that reviews the performance of department or agency systems and recommends whether they should continue?

12. Has the department canceled or revised any IT programs in the past two years because they did not meet performance or schedule goals? If so, how many?

X
This website uses cookies to enhance user experience and to analyze performance and traffic on our website. We also share information about your use of our site with our social media, advertising and analytics partners. Learn More / Do Not Sell My Personal Information
Accept Cookies
X
Cookie Preferences Cookie List

Do Not Sell My Personal Information

When you visit our website, we store cookies on your browser to collect information. The information collected might relate to you, your preferences or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. However, you can choose not to allow certain types of cookies, which may impact your experience of the site and the services we are able to offer. Click on the different category headings to find out more and change our default settings according to your preference. You cannot opt-out of our First Party Strictly Necessary Cookies as they are deployed in order to ensure the proper functioning of our website (such as prompting the cookie banner and remembering your settings, to log into your account, to redirect you when you log out, etc.). For more information about the First and Third Party Cookies used please follow this link.

Allow All Cookies

Manage Consent Preferences

Strictly Necessary Cookies - Always Active

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data, Targeting & Social Media Cookies

Under the California Consumer Privacy Act, you have the right to opt-out of the sale of your personal information to third parties. These cookies collect information for analytics and to personalize your experience with targeted ads. You may exercise your right to opt out of the sale of personal information by using this toggle switch. If you opt out we will not be able to offer you personalised ads and will not hand over your personal information to any third parties. Additionally, you may contact our legal department for further clarification about your rights as a California consumer by using this Exercise My Rights link

If you have enabled privacy controls on your browser (such as a plugin), we have to take that as a valid request to opt-out. Therefore we would not be able to track your activity through the web. This may affect our ability to personalize ads according to your preferences.

Targeting cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Social media cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.

If you want to opt out of all of our lead reports and lists, please submit a privacy request at our Do Not Sell page.

Save Settings
Cookie Preferences Cookie List

Cookie List

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes:

Strictly Necessary Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Functional Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Performance Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Social Media Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Targeting Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.