Karen Evans: CIOs do matter

To be truly effective, IT leaders need to make sure they matter

Editor's note: Karen Evans, administrator of e-government and information technology at the Office of Management and Budget, serves as the de facto federal chief information officer. Last month, Federal Computer Week Executive Editor Christopher J. Dorobek and reporter Matthew Weigelt spoke with Evans about her views on the role of the CIO 10 years after the Clinger-Cohen Act became law.

Give us your assessment of where CIOs stand now. What's their role in government? What influence do they have?

I would say that the position itself and the goal of what was intended with Clinger-Cohen is still the main premise of the CIO position, which is better management of the information technology investments.

The investments in technology have become more complicated, but the goal of the legislation is still valid. So that is still [what] CIOs are doing: making sure that IT investments and projects, as they go forward, are achieving the outcome. When you go back and read Clinger-Cohen, it's performance-based. The intent of it is performance-based and results-oriented. That is what CIOs are doing. I would say the landscape has changed because technology has evolved so quickly and rapidly. Ten years is a lifetime in technology.

How has that changed the CIO's role? Have they had to change the way they think? What has that changing landscape meant for the people who are CIOs today as opposed to the people who were CIOs 10 years ago?

Initially when the policy came out from OMB to implement that -- and if you go back and look at this and you talk to other folks -- at that point, they used to call it advanced data technologies, remember?

So it used to be the person who was managing ADT then became the CIO, the person who was in charge of operational aspects of IT. So what you are seeing is the evolution of moving from just an operations environment to a strategic adviser to the head of the agency or a component organization, depending on how the department went forward in implementing Clinger- Cohen.

When the debate was going on about Clinger-Cohen, much was discussed about the CIOs' need for a seat at the table. Is that still an important issue, and do CIOs have a seat at the table?

That would depend on whom you talk to. To me, you can bring all the policy and all the legislation that you want that says that somebody has got to have "a seat at the table." But what really happens is the person has to earn that seat and keep the seat. That comes from the value you bring and the results you achieve. And that's with any organization, whether it's the CIO, chief financial officer or whoever the business person is. It's really about what value does your organization bring to that agency head and whether you'll be invited back. You want to be invited back several times.

What have been the successes that CIOs have had over the years as a group, organization and position? What have been their failures? What should CIOs focus on improving?

I would say there are always areas for improvement. I don't know that I would necessarily say there are failures. There are many learning experiences that we've had going forward. I would say, collectively, as a group, one of the big accomplishments was the establishment. And then it would be the E-Government Act and the convocation of the CIO Council because that provides a forum where CIOs from major departments can get together. They can talk about the impact of policies that OMB is contemplating or whatever administration is contemplating. They can share best practices. They take a lot of the work that we've done as a result of Clinger-Cohen dealing with the IT workforce.

There's a huge accomplishment: identifying the competency gap, identifying skill gaps, knowing where those are, working with the agencies to have plans, putting together guidelines on program managers. There's a lot of work that the council has. So collectively, a lot of the accomplishments and the work that the council has put together lays the foundation for any new CIO coming into the government. That's a place where they can go. They can learn a lot of information. We have the CIO Boot Camp. We call it the boot camp, but it's an orientation program.

As part of that, there is a map. You open it up and see all of your responsibilities from all the different legislation and all the different activities that you have to complete in one year. The CIO Council worked on that with the Council for Excellence in Government. We offer that session for new CIOs as they come on board.

How many pages is that?

It's a trifold document, one page. It's really very good. It's comprehensive, and it's broken into strategic, security, capital planning -- all the activities that we talk about.

Ten years ago, people didn't really anticipate that CIOs would be responsible for electronic records. So the jobs have evolved as technology has evolved.

That's right. The key thing is that it's about managing information. Everything you do now is based on some type of technology. It is about the quality of the information plus the security and reliability of it and the services associated with that.

One of the critiques that some people have had is that some CIOs have been more chief technology officers or chief information technology officers rather than focusing on the quality of the data. It seems like that is one of the traps that CIOs can fall into -- they focus more on technology rather than on linking the business with data and information.

That gets back to the first topic we were talking about, having a seat at the table. That is about where were we and where are we today.

Our skills need to be evolved to the point where you can talk about how technology can be used to deploy transformation within a department or agency, but through a business approach.

What you have to do is look at how your agency head, secretary or administrator views technology. That is when you see different roles. It's not only within the government but also in industry. If they view the technology as an enabler for transformational change, you're going to see where the CIO's role is more strategic in nature, doing all activities necessary to make operational those transactions, activities, business transformations or business process improvements that need to happen.

If the head of an agency -- just like in a corporation -- looks at it as, "Gosh, you know, technology is here to do operational types of activities," that transformation comes in a different area. They want to use technology to keep their operations going. You see varying roles across the government because a lot of it has to do with an agency's maturity in using technology.

Some people have suggested that OMB plays a much more active role than it did 10 years ago. Therefore, the CIO Council is more in the background than it was when it was originally created. Was that planned when you came into office?

The CIO Council has done more work and produced more results in the last few years than I've seen before. They produce tangible products that can be used by the agencies. So I'm not sure what you mean about OMB being more in the forefront.

I'm the director of the council. The executive order changed a little bit, but it hasn't changed the focus of the council. The council always maintains that governmentwide view. This council has been productive and honest in what we are planning to do and what we thought about doing. As far as policies are concerned, they're active in giving us feedback before a policy is issued. That's a partnership between OMB and the agencies.

There is still debate about whether CIOs should be political or not, whether they should have funding authority or not. From your perspective, is there any one size for this? Does one particular process fit?

I feel my office is effective. We advise the OMB director on what needs to be done or what should be done, but I don't have direct authority where I can say, yes or no to $65 billion. To me, that model seems to work well. I don't know that to be successful that you have to have direct authority over all the dollars.

The issue is determining what is inherently corporate. Often, it is things such as networking, maybe e-mail services, perhaps enterprise resource planning implementation. Those are corporate services. Then there are program-specific services. A large organization may not be nimble enough to deal with multiple priorities across all those program offices. You have to look at how you want to manage this.

A CIO should influence all of it and make recommendations to the director about investments. I don't necessarily think that if you have the power of the pen or the power of the purse, that's going to make you successful. It's a combination of having a partnership with the CFO and having people understand what you're trying to achieve.

IT people are there to help everybody in the department and program offices. If there isn't a program, there's not a need for that investment. If there isn't a department, you don't need to buy IT and support people. So we are customer service oriented.

Can you talk about the career vs. political discussion? You've been on both sides of that framework.

The debate goes back and forth, and I'm going to go back to my first statement. It all has to do with the results that you bring to your management team, and the value that you bring if your leadership sees that you are participating in management discussions.

If you say, 'I'm going to get X, Y and Z done and here's the system that's going to deliver them for you,' you need to do it. That has nothing to do with whether you're political or career. It has to do with your performance and the value that you bring in. I don't see a big difference -- maybe I'm being naive. I've been on both sides, and it is about delivering value. People will then seek out the CIO to get advice and counsel before moving forward on IT projects.

Do CIOs need to report directly to the agency head? Is that important in effectiveness?

The agency head, administrator or secretary needs to be comfortable with how they are managing their department, because they're ultimately held accountable. If they feel that it's appropriate to have all their administrative functions with an undersecretary for management or an assistant secretary for management, they are ultimately held accountable to the president and taxpayers for the dollars they expend. The question is how does that secretary want to manage on a daily basis.

If the CIO is seen as strategic or operational, you have to get the right set of skills. This is no different than when companies hire a management team. You want the right skill set for that particular part of your business.

Referencing the turnover question, most CIOs stay in their jobs between 18 months to two years.

It's a fact of life that none of us hold our jobs forever. I have a long commute, so there may be some days when I am not able to show up. I try to have all my stuff ready so if I'm not here tomorrow, somebody can step right into my job and know the priorities and status of everything. We have to deal with turnover.

The issue goes back to the agency head on the President's Management Agenda. Some ask whether it is a critical job function and how am I dealing with succession planning for key leadership roles within my department. My office has the opportunity to participate in that planning effort.

What role should CIOs play with other agency executives? How important is it that they all play well in the sandbox?

They're all part of the management team for the secretary and the administration. So it's always important that you get along well with your management team. You have two human capital officers who are running the human capital initiative. CFOs usually run budget and performance integration and financial management. They are all team players, and they are your partners and peers working to achieve results for the administration and, ultimately, the taxpayer. You must get along with all those people to accomplish things.

Without programs, there's no need for IT. There's no information coming in for you to manage and you're not partners with all those people if they're not around.

With 10 years of hindsight, how important was it that CIOs had their positions spelled out in law?

It was a turning point, and people now recognize that IT is important in how the government provides services. Technology is the critical enabler to allow you to transform your services. So Congress is involved and interested in how we use technology to manage information and move forward. The nuances of the law are all tools that help CIOs get certain tasks done. If you report directly to the secretary, and he or she doesn't have you in important meetings, what good is it that your box on the organization chart has a line that goes directly to the secretary?

By the same token, if that line isn't there, it says something about how important IT is to that organization. Is that true?

That's not necessarily true. People are used to services now. They used to say, "Gosh, what you do at home, you can't necessarily do in an enterprise." That's not true anymore. People see and expect the same level of service and quality that they get from Amazon.com at their office. There's not necessarily a technological reason why you can't have it. A lot of it deals with how much business transformation you want to deal with to become that nimble. A CIO must articulate that and determine the return on investment for going in that direction.

Would you care to add anything else that we haven't covered?

If you're focusing on what CIOs and the CIO Council has done, you should take a look at all that the council has done this past year. Dan Matthews, the former Transportation Department CIO, has focused the council on putting out products that agencies could use. The Architecture Committee, led by Kim Nelson, who's leaving her CIO post at the Environmental Protection Agency, was instrumental in maturing the governance process for the models. That is done. The council did a records management profile, privacy profile and security profile. It did the updates to the data reference model. The council has focused on a lot of work to help agencies and the federal government move forward with their IT investments. That should be the highlight of a story about where CIOs were and how the council has evolved.

Because of much of the CIO Council's work, agencies can invest and get the best out of IT.

If you like technology and want to see business transformation and you sit there and think, "Gosh, if I were in charge, this is what I would do," this is the job for you. You're there at every critical decision because no programs can avoid using technology.

It is an exciting time to be a CIO. I enjoy it.


  • Defense
    Soldiers from the Old Guard test the second iteration of the Integrated Visual Augmentation System (IVAS) capability set during an exercise at Fort Belvoir, VA in Fall 2019. Photo by Courtney Bacon

    IVAS and the future of defense acquisition

    The Army’s Integrated Visual Augmentation System has been in the works for years, but the potentially multibillion deal could mark a paradigm shift in how the Defense Department buys and leverages technology.

  • Cybersecurity
    Deputy Secretary of Homeland Security Alejandro Mayorkas  (U.S. Coast Guard photo by Petty Officer 3rd Class Lora Ratliff)

    Mayorkas announces cyber 'sprints' on ransomware, ICS, workforce

    The Homeland Security secretary announced a series of focused efforts to address issues around ransomware, critical infrastructure and the agency's workforce that will all be launched in the coming weeks.

Stay Connected