CIO perspective

IT management reform: It is time for new legislation

capitol dome

The significant troubles with the rollout of have put IT management issues front and center. In all my years in federal IT, I do not remember a president addressing the need for us to improve the way we buy and manage IT. Although born of crisis, it is refreshing to see this issue being addressed at the most senior levels of government.

So what is the appropriate response, and in particular, would IT reform legislation be of any real value? The Clinger-Cohen Act has been a bomb, so how can we ensure that this time it will be different?

Legislation alone will not fix all that is wrong with government IT management, but I am very supportive of legislation that would address fundamental structural problems. I appreciate the leadership of Reps. Darrell Issa (R-Calif.) and Gerry Connolly (D-Va.) in co-sponsoring the Federal IT Acquisition Reform Act. This bipartisan effort in the House is encouraging, and it has produced a bill that addresses key issues in IT management and acquisition.

The FITARA language is good, but there are a couple of areas that should be strengthened to ensure the legislation has maximum positive impact in supporting needed changes in IT management.

In my previous column on IT infrastructure, I laid out four obstacles to government’s ability to migrate to a modern, standard and appropriately consolidated IT infrastructure. That infrastructure would create the foundation for enabling IT to be more efficient and effective in supporting timely delivery of new capabilities for agencies’ mission and business customers, and it would improve the government's overall IT security posture.

How can legislation help? First, to help overcome these four obstacles, it is imperative that the agency CIO be given complete control over all IT infrastructure at his or her agency. It would be very helpful to have that authority codified in legislation. In addition, to address other areas of significant duplication and inefficiency as pointed out in multiple Government Accountability Office reports, the agency CIO should have control over standard collaboration systems, such as email, and business systems, including finance, human resources and other administrative functions. That would enable agency CIOs to aggressively consolidate duplicative business systems.

Overall, the combination of IT infrastructure, standard collaboration systems and business systems has been given the label “commodity IT.” The term is a misnomer because much of the expertise needed to modernize IT infrastructure or consolidate business systems is anything but commodity work. That does not, however, invalidate the need for agency CIOs to have authority over the infrastructure and business systems. It is best practice today and necessary for effective IT management.

Second, legislation should explicitly state that the agency CIO has the responsibility and authority to ensure that best practices in IT program management are being used throughout the agency on all IT programs, including mission-oriented IT. The agency CIO does not need to own all the programs, but he or she must ensure proper management of them. That approach would have helped to avert some of the critical failings of’s program management.

Finally, with regard to FITARA, the bill should specify what constitutes an IT acquisition cadre. Many in government think it just includes the program manager, contracting officer and contracting officer’s representative. For small, commodity IT acquisitions, that might be sufficient, but for large, complex programs, the IT acquisition cadre must be viewed much more expansively.

Dan Gordon, former administrator of the Office of Federal Procurement Policy, said it well in a July 13 2011 Office of Management and Budget memo regarding IT acquisition cadres: “This will include government staff with expertise in program management, resource management, procurement, systems architecture and engineering, security, requirements analysis, test management, configuration management, and other disciplines, as necessary, to act in the best interest of the government, evaluate all aspects of the project, and ensure delivery of promised functionality.”

The most critical contributor to IT program success is the expertise and experience of the government team members who are running the program. IT management reform legislation should explicitly address that essential component.

Given the current focus on IT issues in government, now is the time for Congress to act and aggressively pursue legislation that can pass and be sent to the president. Given the president’s recent statements regarding the need for IT procurement reform, I hope he would be predisposed to support such legislation.

About the Author

Richard A. Spires has been in the IT field for more than 30 years, with eight years in federal government service. He served as the lead for the Business Systems Modernization program at the IRS, then served as CIO and deputy commissioner for operations support, before moving to the Department of Homeland Security to serve as CIO of that agency. He is now CEO of Learning Tree.

Cyber. Covered.

Government Cyber Insider tracks the technologies, policies, threats and emerging solutions that shape the cybersecurity landscape.


Reader comments

Mon, Dec 2, 2013

Getting the business problem correctly identified, doing BPR, and controlling requirements is foundational to successful IT deployments. Disciplined systems engineering, properly tailored to the program at hand, with proper testing and organizational change management reduces cost, schedule and performance risk. Business mission, funding, and accountability are so badly diffused in federal IT it is more of a surprise to see a successful delivery than a failure. And the cadre of people who know how to do business system design and development is very thin and getting thinner with shutdowns, furloughs, sequestration, and increased oversight per unit of real, value added work.

Mon, Dec 2, 2013 Girish McLean

FITARA has good features in it. It just doesn't go far enough to save significant tax payer dollars in the government's $80 billion annual IT spend. I estimate a potential $592 billion savings during the next ten years if congress holds contractors liable for defects. For every appropriation, the congress should write into law that the contractors provide warranty against software defects. This alone will reduce the $14.4 billion in scrap and rework in software development and $44.8 in corrective maintenance (Bug fixing) in operations and maintenance.

Mon, Dec 2, 2013

Better IT comes from training current staff on currentl technology instead of throwing it in their face and telling them to "Figure it out". Proper training leads to greater efficiency and staff better equiped to present the new ideas that revolutionize. No continuing education is what is wrong with Federal IT. No incentives to excel either. Welcome to the real world, I sure wouldn't want to learn more and use it for my job without some monitary acknowledgement for it.

Fri, Nov 29, 2013 John Weiler, Alexandria VA

The IT-AAC has gone to great lengths to integrate best practices and lessons learned over the past five years, and reaffirm his recommendations and insights. The challenges he faced at DHS are compounded by the lack of organic access to real world IT best practice, lessons learned and innovative that drive a $3.8 Trillion global IT market, of which Federal Government and its suppliers represent less than 1% per Gartner. Congress must go beyond legislation proposed in FITARA and deal with the lack of incentives and accountability that have stymied past efforts at reform. Most significantly, it needs to address the bad actors who are part of a Federal IT Cartel referenced by both General Hoss Cartwright and Vivek Kundra during their exist interviews. A survey by Washington Times put Mitre as the primary actor in almost all IT program failures, promoting analysis/paralysis design to spec approaches that are a root cause of program failure.

Tue, Nov 26, 2013 Owen Ambur Silver Spring, MD

In the context of Uncle Sam's enterprise, "a modern, standard and appropriately consolidated IT infrastructure" could be taken to mean a single "solution" for the entire federal bureaucracy. Presumably, that is not what is implied by "appropriately consolidated". However, if agencies continue to choose to use proprietary, non-standardized, non-machine-readable data formats for the records created by their IT systems, they should be expected to have a good justification for doing so. Reference &

Show All Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group