What IT Budget Authority Really Means for CIOs

GSA’s Sonny Hashmi offers advice to his fellow CIOs, who, for the first time, will have control over department IT budgets.

Federal CIOs got an early Christmas gift from Congress in 2014: explicit authority to plan and approve their department’s information technology budgets.

Under the Federal Information Technology Acquisition Reform Act (FITARA), which Congress passed as an amendment to the 2015 National Defense Authorization Act, CIOs are responsible for reviewing and approving department IT contracts. Department CIOs will also play a more direct role in the hiring of any bureau-level CIOs. The new law requires that department CIOs approve those appointments.

“I think this is going to be an interesting time in federal IT because, for the first time, we will see federal CIOs take ownership of the IT landscape in their agencies,” says General Services Administration (GSA) CIO and FedTech must-read IT blogger Sonny Hashmi.

FITARA applies to CIOs at civilian departments.

How these new reforms will be implemented and embraced by agencies is unclear. A recent Nextgov article raised questions such as, what will CIOs do with their newly legislated power? And are they prepared to use their power?

GSA was an early adopter of the consolidated IT approach, and Hashmi has experienced the benefits and challenges of having the agency’s IT under his authority.

“It’s culture, it’s projects, it’s tools,” he tells FedTech. “All those things need to remain at the forefront to keep that trust with the business [side], and it has to be earned every day.”

He cautions against the bureaucracy that can bog down organizations with consolidated IT. They can become oversight driven, slow to respond and less innovative if they don’t strike the right balance, Hashmi says.

Hord Tipton, outgoing executive director of the security organization (ISC)², has similar sentiments. “I think that’s huge progress,” he says of FITARA. “It has been a need for several years.” But “we don’t want to go from one extreme to the other,” he said of shifting complete IT budget authority to CIOs, many of whom have had little to no say on how subagencies and program offices spend IT funding.

As CIOs take on a more empowered role, agencies must ensure that processes are as nimble as possible to meet business needs. Hashmi co-chairs GSA’s investment review board, which meets regularly to make decisions and trade-offs about IT investments. Members from the business side are involved in the collaborative process, and “that has yielded tremendous results.”

Modernizing Legacy Systems

At GSA, Hashmi and his team are investing in transformative projects while reducing the amount of legacy systems. Most GSA systems are antiquated, and some are a quarter of a century old. While the systems run well, modernizing them would help reduce costs and make systems more flexible to meet emerging technology demands.

Federal Communications Commission CIO David Bray has similar challenges with legacy systems. Bray wants to find an easier way to port legacy systems to cloud-based providers.

“At FCC we'll need to first stabilize legacy IT systems, move the data to a common data platform in the cloud and then rewrite a thin UI/UX [user interface/user experience] with reusable code in a cloud environment to access the data migrated to the common data platform,” he explains. “We'll do it; however, if there [were] a magic instant-conversion button, it would be nice.”

When asked if consolidating budget authority under the CIO will help rein in legacy systems, Hashmi responds: “I don’t want to say that is the only barrier to doing it.” Modernizing systems requires business changes and people learning new processes, but “it is helpful to have one enterprise approach to these things.”

FedTech 50 Must Read IT Blogs

Dec 26 2014