The congressional watchdog warns that CIOs still lack visibility into IT spending four years after the passage of landmark procurement legislation.
After nearly four years and numerous oversight reports and congressional hearings, major agencies still lag on the implementation of the Federal IT Acquisition Reform Act.
Agencies have struggled to adjust to FITARA and to empower agency CIOs, despite efforts spanning two administrations and sustained oversight pressure from Capitol Hill.
In its most recent measure of FITARA compliance, the Government Accountability Office reviewed the Departments of Energy, Health and Human Services, Justice and Treasury across eight requirements set by the Office of Management and Budget.
GAO selected these agencies because, among agencies with a fiscal year 2017 IT budget of at least $1 billion, they represented highest and lowest FITARA self-assessment scores.
All four agencies lacked quality assurance processes -- processes that include the CIO's review -- to make sure IT budgets were backed by reliable cost information, according to GAO. Auditors found that 97 percent of the nearly $4.6 billion in IT contracts awarded by the four agencies "were not aligned with IT investments" in their fiscal year 2017 budget requests.
"Given that the departments did not have reasonable assurance that billions of dollars obligated for IT contracts aligned with investment proposals in the 2017 IT budget, their CIOs may not have full visibility into the total IT budget, and therefore, may be at risk of underreporting total IT costs," auditors wrote.
Tony Scott, the federal CIO under President Barack Obama, said the findings in the report are at least somewhat "expected" and underscore both positives and negatives.
While more work is needed, "I think the report shows that some good progress continues to be made," especially given the size of the agencies, he said, adding agencies "[p]robably would not have seen as positive a result even a year ago."
Scott noted agencies' general agreement with the recommendations was another positive sign "that shows serious intent and operational implementation."
However, on the critical side, Scott said it was "telling" just one CIO -- Energy's Max Everett -- responded to GAO's findings on behalf of his or her agency. Replies from HHS, Treasury and Justice were signed by other officials.
Why were others "chosen to be the respondees vs. their CIO?" Scott asked. "Who is really in charge of IT in these agencies, if not the CIO?"
NEXT STORY: Quick Hits for Nov. 14