Understanding how FITARA grades are calculated

The grades most agencies have received for their efforts to implement the Federal IT Acquisition Reform Act have not been good. To understand why, it's important to understand the scoring process.

Rep. Gerry Connolly (D-Va.) said the scorecards, which the Government Accountability Office is compiling for 24 covered agencies on a quarterly basis, are "a bit of an evolutionary process."

"We felt the categories being measured right now would have a demonstrable benefit on IT acquisitions and operations," Connolly told FCW, but "GAO already has put agencies on notice that they are not accurately calculating or reporting their project risks, so that needs to improve."

"Similarly, some agencies have said the scorecard is not quite capturing their specific situation, so there may be tweaks we need to make," he added.

For now, however, agencies are graded in four key areas: Data Center Consolidation, IT Portfolio Review Savings, Incremental Development and Risk Assessment Transparency.

Dave Powner, director of IT management issues at GAO, oversees a team of about 40 people who, in addition to their other oversight duties, share the four areas for FITARA scoring.

For Data Center Consolidation, some agencies report different numbers to GAO and the Office of Management and Budget, so grades are based on the percentage of planned savings that agencies report having achieved by consolidating data centers.

In the case of the General Services Administration, for example, officials reported $29 million in actual savings, which was roughly 60 percent of the planned savings of $49 million. That earned GSA a D.

For IT Portfolio Review Savings, an agency's PortfolioStat savings are divided by that agency's total IT budget for the previous three fiscal years. That ratio is then compared to the leading agency's ratio.

When it comes to Incremental Development, GAO determines the percentage of an agency's IT projects that are linked with major investments that can deliver functionality every six months. For example, the Treasury Department reported 35 projects associated with12 major investments. Twenty-two of those projects, or 63 percent, were delivering functionality every six months, giving DOT a D for Incremental Development.

GAO grades on a curve for Risk Assessment Transparency. The goal is for CIOs to give an accurate assessment of their agencies' risk postures, so the five agencies with the lowest share of IT rated "green" (low/moderately low risk) on the IT Dashboard are given an A. The next five get a B and so on, with the final four agencies receiving an F.

Powner and Connolly stressed that enhancing agency CIOs' authorities is the key to making progress on all four scores.

"I like to promote three pillars of management: mission, passion, metrics," Connolly said. "First, you have to identify your mission. In this case, it's improved management of limited IT dollars. Then you need to instill a passion in the workforce for achieving that. With FITARA, we're empowering CIOs to exercise new authorities to achieve savings and then allowing them to save some of those dollars for new IT investments. And finally with metrics, you must be able to verify that real progress is being made, and so far, I feel it is."