recommended reading

IT Reform Finally Heads to Full Senate

Sen. Tom Carper, D-Del.

Sen. Tom Carper, D-Del. // Jacquelyn Martin/AP

A new version of a bill to reform how federal agencies buy and manage information technology is headed to the full Senate after winning committee approval Wednesday.

The legislation would give agency chief information officers greater authority and responsibility, formalize IT transparency initiatives, improve risk management and set requirements for federal data center consolidation efforts.

It is a variant of the Federal IT Acquisition Reform Act, or FITARA, which the House passed multiple times, most recently in May. The new language also draws from a bill introduced last year by Sen. Tom Udall, D-N.M.

“We in the Congress look to the chief information officer as the person responsible for information technology program results, but many CIOs are not empowered with the necessary authorities in their respective agencies,” said Sen. Tom Carper, D-Del., chairman of the Homeland Security and Governmental Affairs Committee. “Our substitute [legislation] strongly empowers the chief information officer at 24 key agencies to be an agency leader who is responsible and accountable for how the agency acquires and manages its information technology systems and programs.”

Carper introduced the FITARA substitute amendment with Tom Coburn, R-Okla., the committee’s ranking member, who stressed that greater authority also meant more responsibility.

“CIOs will need to roll up their sleeves and get their hands dirty in pulling together an agency’s IT budget and approving contracts,” Coburn said. “We also want to see the CIOs be held accountable through more transparency in the dashboard.”

The amendment would strengthen the federal IT Dashboard -- for instance, by improving the quality of data displayed there -- and use it to help manage high-risk projects. It also formalizes the role of PortfolioStat reviews.

“We need to do more to finally get rid of IT projects that we don’t really need, and PortfolioStat is a genius in terms of a way to do that,” Coburn said.

Sen. Carl Levin, D-Mich., was the only committee member to withhold approval for the measure, citing concerns about the role of the CIO in the Defense Department in particular. Levin chairs the Armed Services Committee.

“The Pentagon needs a total change in terms of management of their business operations,” Levin said, noting that Armed Services legislation headed to the full Senate soon also addresses this problem.

“What we have done in our bill is something different than what is in this bill, but it’s aiming at the exact same problem,” he said. “We don’t have a CIO identified as a CIO in our bill, but rather we combine it with a chief management officer … with much greater authority, particularly over IT.”  

Levin said he was confident the inconsistencies could be worked out before either bill gets to the full Senate.

Threatwatch Alert

Network intrusion / Spear-phishing

Researchers: Bank-Targeting Malware Sales Rise in Dark Web Markets

See threatwatch report


Close [ x ] More from Nextgov

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

  • Toward A More Innovative Government

    This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

  • From Volume to Value: UK’s NHS Digital Provides U.S. Healthcare Agencies A Roadmap For Value-Based Payment Models

    The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.

  • GBC Flash Poll: Is Your Agency Safe?

    Federal leaders weigh in on the state of information security


When you download a report, your information may be shared with the underwriters of that document.