Oversight

Are CIOs being frank with the IT dashboard?

question mark made of dollar

CIOs in various agencies are undercutting the usefulness of the federal IT dashboard, Government Accountability Office watchdogs warn.

The dashboard is meant to offer feds and the public alike a way to keep tabs on how IT investments are likely to proceed, but in a report released June 2, GAO found that many agency CIOs are giving green "low risk" ratings to projects that are actually medium- or high-risk.

GAO estimated risk ratings for 95 IT investments, and asserted that its projections determined higher risk ratings than agency CIOs gave for 65 percent of those projects.

In some cases, agencies didn't update assessments often enough, while in others they ignored active risks, GAO said.

"Consequently, the associated risk rating processes used by the agencies generally are understating the level of risk, raising the likelihood that critical federal investments in IT are not receiving the appropriate levels of oversight," the report stated.

The Defense Department was among the worst offenders. GAO concluded that more than a dozen projects to which the DOD had given green, low-risk ratings actually deserved red, high-risk scores. (This has long been a problem for the Pentagon, according to GAO.)  DOD also failed to update ratings for any of its 25 projects that GAO reviewed in April.

Under current Office of Management and Budget guidance, agencies are required to update their ratings at least once a month, but DOD is one of a few agencies -- along with the Social Security Administration and Education Department -- that does not meet this standard.

GAO's report took a dim view of the fact that OMB plans to eliminate the monthly update requirement for fiscal 2018, noting that regular review is key to accurate risk assessments.

Across 17 agencies, GAO found mixed approaches to calculating CIO dashboard ratings.

Nine agencies used all six of OMB's recommended criteria: risk management, requirements management, contractor oversight, historical performance, human capital and "other."

The rest picked and chose.

The Health and Human Services Department's sparse formula drew only on historical performance and "other" criteria from OMB's list.

Most agencies agreed with GAO's recommendations to consider active risks and update their ratings more regularly.

The Homeland Security Department, DOD and Environmental Protection Agency, on the other hand, defended their existing risk assessment schema against GAO's recommendations.

About the Author

Zach Noble is a staff writer covering digital citizen services, workforce issues and a range of civilian federal agencies.

Before joining FCW in 2015, Noble served as assistant editor at the viral news site TheBlaze, where he wrote a mix of business, political and breaking news stories and managed weekend news coverage. He has also written for online and print publications including The Washington Free Beacon, The Santa Barbara News-Press, The Federalist and Washington Technology.

Noble is a graduate of Saint Vincent College, where he studied English, economics and mathematics.

Click here for previous articles by Noble, or connect with him on Twitter: @thezachnoble.


Featured

  • Contracting
    8 prototypes of the border walls as tweeted by CBP San Diego

    DHS contractors face protests – on the streets

    Tech companies are facing protests internally from workers and externally from activists about doing for government amid controversial policies like "zero tolerance" for illegal immigration.

  • Workforce
    By Mark Van Scyoc Royalty-free stock photo ID: 285175268

    At OPM, Weichert pushes direct hire, pay agent changes

    Margaret Weichert, now acting director of the Office of Personnel Management, is clearing agencies to make direct hires in IT, cyber and other tech fields and is changing pay for specialized occupations.

  • Cloud
    Shutterstock ID ID: 222190471 By wk1003mike

    IBM protests JEDI cloud deal

    As the deadline to submit bids on the Pentagon's $10 billion, 10-year warfighter cloud deal draws near, IBM announced a legal protest.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.