GAO's FITARA blueprint

businessman dragging old computer monitor (Ollyy/Shutterstock.com) 

A new Government Accountability Office report lays out best practices that federal agencies should put in place to align their IT purchasing with the 2014 Federal IT Acquisition Reform Act.

The report spotlights 12 practices from nine federal agencies that supported effective FITARA implementation. The agencies -- Departments of Agriculture, Commerce, Health and Human Services, Homeland Security, Justice and Veterans Affairs, the General Services Administration NASA and Space Administration -- collectively spend about $27 billion of the federal government's estimated $45.8 billion civilian IT budget.

Four of the practices deemed most crucial deal with the legislation's core goal of data center consolidation. Auditors identified four actions associated with improved FITARA implementation, such as conducting site visits to all agency data centers, putting a solid cloud and virtualization plan in place, incentivizing quicker consolidation practices and making better use of excess capacity at remaining data centers.

"Agencies' actions to implement these practices have led to the retirement of older systems, increased cost savings and future cost avoidance, and a reduction in the number of data centers," auditors wrote.

The audit found four other essential practices that could be broadly replicated across agencies: developing an internal policy that clearly outlines how FITARA changes the role of the CIO in purchasing decisions, implementing a risk scoring system for IT investments, conducting regular portfolio reviews that can root out inefficient or failing IT programs and centralizing the management of software licenses.

The final four recommendations speak to the need for a more centralized approach, with GAO finding that successful agencies tended to get buy in from senior leadership, treated implementation like it was a program, established performance metrics and appointed an executive at each component agency responsible for implementation.

For years, Congress has tried to push and prod agencies to align their IT purchasing decisions with FITARA, but many agencies have failed to do so. For example, a number of agencies still leave their CIOs out of the loop during major technology purchasing decisions.

More recently, committee panels have tried introducing (and then tweaking) oversight "scorecards" that sought to name and shame the worst offending agencies and incentivize improvement. The scorecard hearings have had mixed success: while agency scores have slowly risen, IT leaders continue to complain that the scorecards do not accurately reflect the health of their technology acquisitions process, while others have expressed in private that there is little practical benefit to investing substantial time, money and effort on FITARA compliance and disrupting existing practices in exchange for marginal score increases.

About the Author

Derek B. Johnson is a senior staff writer at FCW, covering governmentwide IT policy, cybersecurity and a range of other federal technology issues.

Prior to joining FCW, Johnson was a freelance technology journalist. His work has appeared in The Washington Post, GoodCall News, Foreign Policy Journal, Washington Technology, Elevation DC, Connection Newspapers and The Maryland Gazette.

Johnson has a Bachelor's degree in journalism from Hofstra University and a Master's degree in public policy from George Mason University. He can be contacted at djohnson@fcw.com, or follow him on Twitter @derekdoestech.

Click here for previous articles by Johnson.


  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected


Sign up for our newsletter.

I agree to this site's Privacy Policy.