The Federal Information Technology Acquisition Reform Act (FITARA): Frequently Asked Questions

Federal agencies rely on information technology (IT) to conduct their work, requiring extensive investments in both updating existing IT and developing new IT. The Government Accountability Office (GAO) has reported that the federal government budgets more than $80 billion each year for IT investment. In FY2017, that investment will be more than $89 billion. Unfortunately, these investments often incur “multi-million dollar cost overruns and years-long schedule delays,” may contribute little to mission-related outcomes, and in some cases fail altogether. The Federal Information Technology Acquisition Reform Act (FITARA) (P.L. 113-291) was enacted on December 19, 2014, to address this problem. FITARA outlines seven areas of reform to how federal agencies purchase and manage their information technology (IT) assets, including—

enhancing the authority of agency chief information officers (CIOs);

improving transparency and risk management of IT investments;

setting forth a process for agency IT portfolio review;

refocusing the Federal Data Center Consolidation Initiative (FDCCI) from only consolidation to optimization;

expanding the training and use of “IT Cadres,” as initially outlined in the “25 Point Implementation Plan to Reform Federal Information Management Technology” issued by the CIO of the United States;

maximizing the benefits of the Federal Strategic Sourcing Initiative (FSSI); and

creating a govemment-wide software purchasing program, in conjunction with the General Services Administration.

Not all federal agencies are covered by FITARA. Generally, agencies identified in the Chief Financial Officers Act of 1990, as well as their subordinate divisions and offices, are subject to the requirements of FITARA. The Department of Defense, the Intelligence Community, and portions of other agencies that operate systems related to national security are subject to only certain portions of FITARA.

The Office of Management and Budget (OMB) published guidance to implement the requirements of FITARA in June 2015 (OMB Memorandum M-15-14). In addition to implementing FITARA, this guidance also harmonizes the requirements of FITARA with existing laws, primarily the Clinger-Cohen Act of 1996 (P.L. 104-106) and the E-Government Act of 2002 (P.L. 107-347). The OMB also monitors agency implementation of FITARA. Congress also monitors the progress of FITARA implementation through audits conducted by GAO and hearings by relevant House and Senate committees. Since FITARA was signed into law, the Senate and House have each held two hearings on overall agency FITARA implementation.

OMB imposed an April 30, 2016, deadline for agencies to submit updated FITARA common baseline self-assessments and GAO has reported that as of May 2016, 22 of the 24 CFO Act agencies had made their plans publicly available.

The Federal Information Technology Acquisition Reform Act (FITARA): Frequently Asked Questions

June 1, 2016 (R44462)
Jump to Main Text of Report

Summary

Federal agencies rely on information technology (IT) to conduct their work, requiring extensive investments in both updating existing IT and developing new IT. The Government Accountability Office (GAO) has reported that the federal government budgets more than $80 billion each year for IT investment. In FY2017, that investment will be more than $89 billion. Unfortunately, these investments often incur "multi-million dollar cost overruns and years-long schedule delays," may contribute little to mission-related outcomes, and in some cases fail altogether. The Federal Information Technology Acquisition Reform Act (FITARA) (P.L. 113-291) was enacted on December 19, 2014, to address this problem. FITARA outlines seven areas of reform to how federal agencies purchase and manage their information technology (IT) assets, including—

  • enhancing the authority of agency chief information officers (CIOs);
  • improving transparency and risk management of IT investments;
  • setting forth a process for agency IT portfolio review;
  • refocusing the Federal Data Center Consolidation Initiative (FDCCI) from only consolidation to optimization;
  • expanding the training and use of "IT Cadres," as initially outlined in the "25 Point Implementation Plan to Reform Federal Information Management Technology" issued by the CIO of the United States;
  • maximizing the benefits of the Federal Strategic Sourcing Initiative (FSSI); and
  • creating a govemment-wide software purchasing program, in conjunction with the General Services Administration.

Not all federal agencies are covered by FITARA. Generally, agencies identified in the Chief Financial Officers Act of 1990, as well as their subordinate divisions and offices, are subject to the requirements of FITARA. The Department of Defense, the Intelligence Community, and portions of other agencies that operate systems related to national security are subject to only certain portions of FITARA.

The Office of Management and Budget (OMB) published guidance to implement the requirements of FITARA in June 2015 (OMB Memorandum M-15-14). In addition to implementing FITARA, this guidance also harmonizes the requirements of FITARA with existing laws, primarily the Clinger-Cohen Act of 1996 (P.L. 104-106) and the E-Government Act of 2002 (P.L. 107-347). The OMB also monitors agency implementation of FITARA. Congress also monitors the progress of FITARA implementation through audits conducted by GAO and hearings by relevant House and Senate committees. Since FITARA was signed into law, the Senate and House have each held two hearings on overall agency FITARA implementation.

OMB imposed an April 30, 2016, deadline for agencies to submit updated FITARA common baseline self-assessments and GAO has reported that as of May 2016, 22 of the 24 CFO Act agencies had made their plans publicly available.


The Federal Information Technology Acquisition Reform Act (FITARA): Frequently Asked Questions

What is the Federal Information Technology Acquisition Reform Act?

The Federal Information Technology Acquisition Reform Act (FITARA) was enacted on December 19, 2014.1 The law outlines seven areas of reform that affect how federal agencies purchase and manage their information technology (IT) assets, including—

  • enhancing the authority of agency chief information officers (CIOs);
  • improving transparency and risk management of IT investments;
  • setting forth a process for agency IT portfolio review;
  • refocusing the Federal Data Center Consolidation Initiative (FDCCI) from only consolidation to optimization;
  • expanding the training and use of "IT Cadres," as initially outlined in the "25 Point Implementation Plan to Reform Federal Information Management Technology";2
  • maximizing the benefits of the Federal Strategic Sourcing Initiative (FSSI);3 and
  • creating a govemment-wide software purchasing program, in conjunction with the General Services Administration.

How is FITARA being implemented?

On June 10, 2015, OMB published guidance4 to implement the requirements of FITARA and harmonize existing policy and guidance with the new law. Among other goals, the requirements are intended to—

  • assist agencies in establishing management practices that align IT resources with agency missions, goals, programmatic priorities, and statutory requirements;
  • establish government-wide IT management controls that will meet FITARA requirements while providing agencies with the flexibility to adapt to agency processes and unique mission requirements;
  • establish universal roles, responsibilities, and authorities of the agency CIO and other senior agency officials;5
  • strengthen the agency CIO's accountability for the agency's IT costs, schedules, performance, and security;
  • strengthen the relationship between agency and bureau CIOs;
  • establish consistent government-wide interpretation of FITARA terms and requirements; and
  • provide appropriate visibility and involvement of the agency CIO in the management and oversight of IT resources to support the implementation of effective cybersecurity policies.6

Are other laws affected by FITARA?

In addition to implementing FITARA, OMB Memorandum M-15-14, "Management and Oversight of Federal Information Technology,"7 also harmonizes the requirements of FITARA with existing law, primarily the Clinger-Cohen Act of 1996 and the E-Government Act of 2002.8 Those laws require OMB to issue management guidance for information technology and electronic government activities across the government, respectively. FITARA also contains provisions that required OMB interpretation before implementation.

Why was FITARA enacted?

The Government Accountability Office (GAO) has reported that the federal government budgets more than $80 billion each year for IT investment. In FY2017, that investment will be more than $89 billion.9 Unfortunately, these investments often incur "multi-million dollar cost overruns and years-long schedule delays," may contribute little to mission-related outcomes, and in some cases fail altogether.10 For example—

  • the Department of Defense (DOD) canceled its Expeditionary Combat Support System in December 2012 after it had spent more than a billion dollars, but had not deployed the system within five years of initially obligating funds;
  • the Department of Homeland Security's Secure Border Initiative Network program was canceled in January 2011 after it had spent more than $1 billion because the program did not meet cost-effectiveness and viability standards;
  • the Department of Veterans Affairs' (VA's) Financial and Logistics Integrated Technology Enterprise program, which was intended to be delivered by 2014 at a total estimated cost of $609 million, was terminated in October 2011 due to challenges in managing the program;
  • the Farm Service Agency's Modernize and Innovate the Delivery of Agricultural Systems program, which was to replace aging hardware and software applications that process benefits to farmers, was canceled after 10 years at a cost of at least $423 million, while delivering only about 20% of the functionality that was originally planned; and
  • the Office of Personnel Management's Retirement System Modernization program was canceled in February 2011 after the agency had spent approximately $231 million on its third attempt to automate the processing of federal employee retirement claims.

These undesirable results, according to GAO, "can be traced to a lack of disciplined and effective management and inadequate executive-level oversight."11 FITARA was enacted to reduce the likelihood of such results.12

What agencies are covered by FITARA?

Generally, agencies identified in the Chief Financial Officers (CFO) Act of 1990,13 as well as their subordinate divisions and offices, are subject to the requirements of FITARA (Table 1). The DOD, the Intelligence Community, and portions of other agencies that operate systems related to national security are subject to only certain portions of FITARA. Additionally, executive branch agencies not named in the CFO Act are encouraged, but not required, to follow FITARA guidelines.

How is FITARA implementation monitored?

The OMB develops and promulgates guidance based on the codified requirements of FITARA and monitors agency implementation of that guidance. Additionally, Congress monitors the progress of FITARA implementation through audits conducted by GAO and hearings by relevant House and Senate committees.

Table 1. Agencies Subject to the Requirements of FITARA

  • Department of Agriculture
  • Department of Commerce
  • Department of Defense
  • Department of Education
  • Department of Energy
  • Department of Health and Human Services
  • Department of Homeland Security
  • Department of Housing and Urban Development
  • Department of the Interior
  • Department of Justice
  • Department of Labor
  • Department of State
  • Department of Transportation
  • Department of the Treasury
  • Department of Veterans Affairs
  • Environmental Protection Agency
  • Agency for International Development (USAID)
  • General Services Administration
  • National Aeronautics and Space Administration
  • National Science Foundation
  • Nuclear Regulatory Commission
  • Office of Personnel Management
  • Small Business Administration
  • Social Security Administration

Source: U.S. Chief Financial Officers Council, https://cfo.gov/frpc/.

Between FY2010 and FY2015, GAO has made approximately 800 recommendations to OMB and agencies to improve acquisition and operations of IT. As of October 2015, GAO reported that about a third of its recommendations had been implemented.14 That percentage remained the same in May 2016.15 Since FITARA was signed into law in December 2014, the Senate has held two hearings and the House has held four hearings on FITARA implementation:

  • Risky Business: Examining GAO's 2015 List of High Risk Government Programs16
    Senate Committee on Homeland Security and Governmental Affairs (Full Committee)
    February 11, 2015
  • Reducing Unnecessary Duplication in Federal Programs: Billions More Could Be Saved17
    Senate Committee on Homeland Security and Governmental Affairs (Full Committee)
    April 14, 2015
  • The Role of FITARA in Reducing IT Acquisition Risk18
    Joint Hearing: House Committee on Oversight and Government Reform (Subcommittees on Information Technology and Government Operations)
    June 10, 2015
  • The Role of FITARA in Reducing IT Acquisition Risk, Part IIMeasuring Agencies' FITARA Implementation19
    Joint Hearing: House Committee on Oversight and Government Reform (Subcommittees on Information Technology and Government Operations)
    November 4, 2015
  • The Federal Information Technology Reform Act Scorecard 2.020
    Joint Hearing: House Committee on Oversight and Government Reform (Subcommittees on Information Technology and Government Operations)
    May 18, 2016
  • Federal Agencies' Reliance on Outdated and Unsupported Information Technology21
    House Committee on Oversight and Government Reform
    May 25, 2016

What is the status of FITARA implementation?

The House Committee on Oversight and Government Reform released a "FITARA scorecard" in conjunction with its November 4, 2015, hearing on the status of FITARA implementation (see Table 1). In explaining the scorecard, Representative Gerry Connolly, ranking Member of the Subcommittee on Government Operations and co-author of FITARA, stated:

This scorecard is not intended to be a juridical, prescriptive exercise. It is an initial assessment, a point in time snapshot, much like a quarterly report card one might get in a university or school. The intent isn't to punish or stigmatize. It is, in fact, to exhort and urge agencies to seize this opportunity, and use the scorecard as a management tool to better guide decision making and investments within the agency. While the grades themselves are illustrative of overall performance, it is the multiple elements that make up the grades on which agencies and our committee will focus to ensure we deliver on the transformative promise of FITARA.22

The committee scored agencies across four of the seven requirement areas of FITARA to develop a final score: data center consolidation plans, planned IT portfolio review savings, transparency of IT project risk assessment, and incremental development for IT projects. Across the four metrics and the final score, agencies earned a total of 14 "A" ratings out of 120 total grades. The only agencies to get a passing grade in each of the four categories were the Department of Commerce and the General Services Administration, which both received overall B ratings.23

What are the next steps in the FITARA implementation process?

GAO has stated that legislative oversight of agencies and their progress in implementing FITARA will continue and perhaps increase during 2016, as plans and expectations become more concrete. Another issue to be resolved is that OMB approved 22 out of 24 agencies' original self-assessments and FITARA implementation plans, but GAO found that not all of the self-assessments were accurate.

OMB imposed an April 30, 2016, deadline for agencies to submit updated FITARA common baseline self-assessments and GAO has reported that as of May 2016, 22 of the 24 CFO Act agencies had made their plans publicly available.24

Figure 1. House Oversight and Government Reform
FITARA Implementation Scorecard

November 2015

Source: House Committee on Oversight and Government Reform, https://oversight.house.gov/wp-content/uploads/2015/11/FINAL-4-area-report-card.pdf.

Notes: (1) The methodology used to score the agencies is available at https://oversight.house.gov/wp-content/uploads/2015/11/FINAL-Combined-1-pagers-2.pdf. (2) Three agencies—HUD, SBA, and USAID—did not report any planned data center consolidation cost savings goals; therefore, no grade has been determined for these agencies. (3) This area measures agencies 'major' investments—defined as those that are spending at least 50% of their planned spending in development (per the Office of Management and Budget, Fiscal Year 2016 Budget of the U.S. Government). NASA, NSF, and USAID did not have any projects that met this definition.

Author Contact Information

[author name scrubbed], Specialist in Internet and Telecommunications Policy ([email address scrubbed], [phone number scrubbed])

Footnotes

1.

Title VIII, Subtitle D of the National Defense Authorization Act (NDAA) for Fiscal Year 2015, P.L. 113-291.

2.

The "25-Point Implementation Plan to Reform Federal IT Management" was one of the original policy documents developed as part of a comprehensive effort to increase the operational efficiency of federal technology assets. "A 25-Point Implementation Plan to Reform Federal IT Management," Office of the U.S. Chief Information Officer, December 9, 2010, https://cio.gov/wp-content/uploads/2012/09/25-Point-Implementation-Plan-to-Reform-FederalIT.pdf.

3.

Strategic sourcing is "a method of managing procurement processes for an organization in which the procedures, methods, and sources are constantly re-evaluated to optimize value to the organization. Strategic sourcing, which is considered a key aspect of supply chain management, involves elements such as examination of purchasing budgets, the landscape of the supply market, negotiation with suppliers, and periodic assessments of supply transactions." BusinessDictionary.com, http://www.businessdictionary.com/definition/strategic-sourcing.html.

4.

"Management and Oversight of Federal Information Technology," OMB-M-15-14, Office of Management and Budget, June 15, 2015, https://www.whitehouse.gov/sites/default/files/omb/memoranda/2015/m-15-14.pdf (hereinafter "Management and Oversight of Federal Information Technology" [OMB-M-15-14], OMB).

5.

Senior Agency Officials, as referred to in OMB M-15-14, include positions, for example, chief financial officer, chief administrative officer, chief operating officer, and program manager.

6.

"Management and Oversight of Federal Information Technology" (OMB-M-15-14), OMB.

7.

"Implementation of Reform Legislation Needed to Improve Acquisitions and Operations," GAO-16-204T, Government Accountability Office, November 4, 2015 (hereinafter "Implementation of Reform Legislation Needed," GAO).

8.

P.L. 104-106 (40 U.S.C. 1401 et seq.) and P.L. 107-347 (43 U.S.C. 1601 et seq.), respectively. For information on federal acquisition generally, see CRS Report R42826, The Federal Acquisition Regulation (FAR): Answers to Frequently Asked Questions, by [author name scrubbed], [author name scrubbed], and [author name scrubbed].

9.

"OMB and Agencies Need to Focus Continued Attention on Implementing Reform Law," Statement of David A. Powner, Director, Information Technology Management Issues, Testimony Before the Subcommittees on Government Operations and Information Technology, Committee on Oversight and Government Reform, House of Representatives, May 18, 2016, https://oversight.house.gov/wp-content/uploads/2016/05/2016-05-18-Powner-Testimony-GAO-1.pdf (hereinafter "Powner Testimony," GAO).

10.

"Additional Actions and Oversight Urgently Needed to Reduce Waste and Improve Performance in Acquisitions and Operations," GAO-15-675T, Government Accountability Office, June 10, 2015 )hereinafter "Additional Actions and Oversight Urgently Needed," GAO).

11.

"Additional Actions and Oversight Urgently Needed," GAO.

12.

See H.Rept. 113-359, https://www.congress.gov/113/crpt/hrpt359/CRPT-113hrpt359.pdf.

13.

P.L. 101-576.

14.

"Implementation of Reform Legislation Needed," GAO.

15.

"Powner Testimony," GAO.

16.

Information about this hearing can be found at http://www.hsgac.senate.gov/hearings/risky-business-examining-gaos-2015-list-of-high-risk-government-programs.

17.

Information about this hearing can be found at http://www.hsgac.senate.gov/hearings/reducing-unnecessary-duplication-in-federal-programs-billions-more-could-be-saved.

18.

Information about this hearing can be found at http://docs.house.gov/Committee/Calendar/ByEvent.aspx?EventID=103599.

19.

Information about this hearing can be found at http://docs.house.gov/Committee/Calendar/ByEvent.aspx?EventID=104158.

20.

Information about this hearing can be found at https://oversight.house.gov/hearing/the-federal-information-technology-reform-act-scorecard-2-0/.

21.

Information about this hearing can be found at https://oversight.house.gov/hearing/federal-agencies-reliance-on-outdated-and-unsupported-information-technology-a-ticking-time-bomb/

22.

"CIOs Receive Low Marks on IT Reform Report Card," CIO.gov, November 10, 2015, http://www.cio.com/article/3003518/government/cios-receive-low-marks-on-it-reform-report-card.html.

23.

"FITARA Scorecard Shows Agencies Making Little Progress," Federal Times, November 4, 2015, http://www.federaltimes.com/story/government/it/management/2015/11/04/fitara-scorecard/75169026.

24.

"Powner Testimony," GAO.