Making FITARA matter: An IT management maturity model
- By Darren Ash, Richard Spires
- Oct 02, 2015
The IT Management Maturity Model can help agencies assess their maturity in five critical functions of IT management.
The objective of the Federal IT Acquisition Reform Act is to improve the management of IT within an agency and hence, improve the ability for that agency to deliver its mission and conduct its business.
Those improvements however can come only if FITARA is effectively implemented. So the American Council for Technology-Industry Advisory Council, in consultation with the Office of Management and Budget, launched a FITARA implementation project, drawing on more than 50 volunteers from both the public and private sector. These experts in IT, finance, human resources, and acquisition, backed by a steering committee comprised of current and former public and private sector CIOs, CAOs, CFOs, and CHCO, are working to help agencies get over the hurdles of FITARA implementation.
ACT-IAC's three-phase project aims to provide:
- An IT Management Maturity Model to help agencies not only conduct self assessments but
- Delivery of policies, processes, tools, and other artifacts that represent proven IT management practices garnered from public and private sector. We hope such artifacts from proven management practices can aid agencies to more rapidly mature their IT management capabilities.
- Development of metrics to help OMB and the agencies measure the impact of FITARA over time.
The IT Management Maturity Model
We have recently completed Version 1 of IT Management Maturity Model. In addition to reviewing the model itself, you can provide feedback for how we can improve the model – our desire is to continue to evolve and improve the model through use and feedback.
The maturity model can help agencies assess their maturity in five critical functions of IT management:
- Governance. The collaboration and decision making glue by which IT management works.
- Budget. The process to formulate, obtain approval, and execute the use of funds to support IT.
- Acquisition. The buying process used to obtain IT products and services.
- Organization & Workforce. The process to determine needed competencies and develop and sustain a workforce that has those competencies through recruitment and professional development.
- Program Management. 1) the set of disciplines used to deliver IT capabilities to meet an agency mission or business need, or 2) the operations and maintenance of an existing system.
OMB's guidance for FITARA includes a "Common Baseline for IT Management" that has sections for Budget Formulation, Budget Execution, Acquisition, and Organization & Workforce. We have reorganized and reoriented these sections slightly to support the development of the IT Management Maturity Model. First, we combined budget formulation and execution to highlight the degree of integration typical in most agency budget processes.
As the teams developed the traits and characteristics of the IT Management Maturity Model, Governance and Program Management topics became recurring themes that cut across the three primary pillars of Budget, Acquisition and Organization & Workforce. As a result, we chose to illustrate the integrative power of both Governance and Program Management to effective IT Management. To make the maturity model easier for agencies to use, the model includes explicit linkages to elements of the OMB Common Baseline requirements.
We present the model at three levels of detail. For each of the five functions, we provide over-arching themes that are illustrative of what Demonstrated Maturity looks like for that function. We also have a one-page table for each of the five functions highlighting key aspects of the model. Finally, the detailed model provides a description of the function, along with defining a number of attributes, and for each attribute, traits, which can be used to assess the maturity of an organization in that function.
The model specifies characteristics of three levels of maturity, to include: Level 1 – Basic Capabilities; Level 2 – Evolving Maturity; and Level 3 – Demonstrated Maturity.
Each agency is unique, and in recognition of that, the maturity model focuses on the behaviors and outcomes expected at each level of maturity, not on the organizational structures and processes required to achieve those behaviors and outcomes. Hence the maturity model can be applied to both small, centralized agencies as well as to the largest, most diversified cabinet-level departments.
For agencies that are federated (have bureaus, components, or equivalent and multiple IT organizations) the agency CIO can use this maturity model to assess the agency as a whole, to include the appropriate interaction, authorities, and delegations from the agency to the bureaus/components or program. A bureau/component or program-level CIO can also use this maturity model as applied to IT management within a bureau/component or program.
In applying the model, all attributes and traits across all functions are important. But an agency can conduct a self-assessment against the model, and should look at sequencing its improvement initiatives. Within a function, the priority should be placed on moving from Level 1 to Level 2 to have Evolving Maturity across a management function, then working to move to Level 3 - Demonstrated Maturity. Agencies should use pilots to improve on a project or part of the agency, but recognize that achieving a level of maturity requires that attribute be exhibited across all IT management in the agency.
Finally, the objective should be to institutionalize practices in an agency at Level 2 and eventually Level 3 through use of policy directives, procedural guidance, and tools – demonstrated maturity must survive changes in leadership.
Our team is now focusing on Phase 2, identifying proven practices and related artifacts that can help agencies rapidly evolve their IT management capabilities. The key is that they are proven, validated that they are used on a regular basis to help an organization manage that function or attribute with Demonstrated Maturity. We know that pockets of excellence exist throughout the government and in the private sector and we know that organizations have made the effort to refine and document processes to support their management needs. We expect to identify such practices, package them, and make them available for agencies to assess and adopt, if helpful to them.
We will keep you apprised of our progress….
Darren Ash, the CIO of a U.S. federal agency, is writing here in his capacity as co-chair of the ACT-IAC FITARA Implementation Project.
Richard A. Spires has been in the IT field for more than 30 years, with eight years in federal government service. He served as the lead for the Business Systems Modernization program at the IRS, then served as CIO and deputy commissioner for operations support, before moving to the Department of Homeland Security to serve as CIO of that agency. He is now CEO of Learning Tree.