The other day, I read the headline: “Agencies Spent Billions on IT Without CIOs’ Approval in 2016”. Seeing this headline came as I was working to update some of our GSA SLMS materials, which includes the bullet: “The Federal Government is the largest buyer of software in the world. It spends $9.1 billion on commercial off-the-shelf (COTS) software every year with as much as 30% ($2.7B) of this spend is unnecessary.” That’s when I was reminded, that the Federal Government isn’t the largest buyer of software. Because that would suggest a centralized and singular unit making purchases. Rather, the Federal Government is the largest global spender, with purchases that are inefficient, decentralized, and uncoordinated.
If this problem sounds like what the Federal Information Technology Acquisition Reform Act (FITARA) is supposed to cover, you’d be right. For those needing a reminder, FITARA was passed and signed into law in 2014, after a multitude of failed projects highlighted the need for more oversight on government investments in technology. GAO investigators reported only 8 of the 22 federal agencies analyzed had CIOs review and approve IT acquisition plans and strategies as mandated by OMB. Similarly, the FITARA software licensing component, debuting in November 2017, revealed that 17 of the 24 Federal agencies received an F grade.
Clearly, the objectives of theses legislative efforts are not being met, and more needs to be done.
To reduce the billions of dollars in IT purchases that are not reviewed, nor tracked and are thus subsequently wasted, here are the top three things for the Agency CIO to do:
1. Follow OMB guidelines and implement policies and processes for CIO spend review. Establish an agency suitable dollar threshold for the CIO to review, approve, deny, or modify. The process should include a streamlined and transparent review of the budget request, its purpose, and other core details as required – with the requirement that the CIO will not unreasonably withhold a timely decision without a stated reason.
2. Implement IT Asset Management processes to understand software installation counts against license entitlements and associated costs. Not only will this assist in compliance, but it will also help ensure that software installed is being used. If not being used, that software will be made available for reclaim to a user who needs it or removed to minimize the threat spectrum.
3. Implement and use a SAM/ITAM tool to track software installations, license entitlements and most importantly, the savings achieved from better visibility on spend. With the passage of the MGT Act, these savings can now be reinvested by the agency to modernize their infrastructure.
Implementing change can be difficult to any organization. However, we know from the FITARA scorecard that some agencies are adjusting and implementing these requirements for both cost and risk purposes.
Additional Reading:
Agencies Spent Billions on IT Without CIOs’ Approval in 2016: http://www.nextgov.com/cio-briefing/2018/01/agencies-spent-billions-it-without-cios-approval-2016/145141/