recommended reading

Survey: CIOs Think Many IT Reform Reporting Requirements are Useless

Cienpies Design/Shutterstock.com

Agency chief information officers say they’re spending millions of dollars each year to document their progress meeting the Obama administration’s IT reform efforts, according to a new Government Accountability Office report.

The only problem? The majority of CIOs view many of the requirements essentially as busywork.

As much as two-thirds of the 36 total reporting requirements aren’t all that helpful for CIOs in actually managing their IT investments, according to a survey of CIOs at the 24 largest federal agencies, which formed the backbone of GAO’s report.

CIOs estimated they spent between $150 million and $308 million each year on reporting exercises they viewed as unhelpful or only somewhat helpful.

The disconnect between CIOs and the administration’s IT reform taskmaster -- the Office of Management and Budget --  on the usefulness of dozens of reporting requirements tied to IT management is a problem, auditors said, especially because many of those requirements have been codified into law as part of IT reform legislation adopted by Congress last year.

“It is concerning that CIOs do not always see the value in reporting information that is essential to reform initiatives aimed at improving IT management effectiveness, saving money and avoiding unnecessary costs,” auditors said.

GAO recommended the administration work more collaboratively with agencies when it comes to mandating reporting requirements. OMB should work with agencies to “ensure a common understanding of priority IT reforms,” the report stated, and gather feedback from CIOs on improving the reporting process.

However, OMB officials, including federal CIO Tony Scott, reacted lukewarmly to the report’s conclusions.

In a response included in the report, Scott said OMB neither agreed nor disagreed with GAO's recommendations, in part because of “concerns regarding the report’s accuracy.”

Scott said several agency CIOs had told OMB they’d delegated responsibility for the survey to “lower-level” staff, even though the report attributes responses only to CIOs.

“Many agency CIOs who served during the GAO audit period stated to OMB, through the CIO Council, that they delegated full responsibility for completing the survey to lower-level staff,” Scott said. “Some other agency CIOs reported that they could not recall that a survey was conducted.”

Scott said that also calls into question the cost estimates for complying with reporting requirements detailed in the survey.

“We have found no evidence in GAO’s report that the lower-level staff who completed a number of these surveys are organizationally well-positioned and experienced enough to provide knowledgeable estimates of the cost of reporting requirements,” Scott said. “For these reasons, we do not believe costs estimated in the report are reliable.”

GAO said OMB’s concerns are unfounded. Auditors told agency CIOs they would be on the hook for certifying the results even if they had members of their staff help complete the surveys, the report stated.

As for the cost estimates, auditors said they had initially sought cost information on reporting requirements directly from OMB, but were told the agency did not maintain that information and were instead directed to individual agencies “as the best source” for that information.

Many of the reporting requirements found least effective by CIOs were associated with the administration’s IT reform efforts, including outcomes from agency TechStat sessions, face-to-face reviews of at-risk IT projects; PortfolioStat progress reports, more holistic reviews of an agency’s entire IT portfolio; and updates on data center closures.

Why did CIOs view rate reporting requirements as less than helpful? Some said addressing the requirements weren’t actually helpful for meeting departmental priorities. CIOs thought other requirements were too burdensome, too frequent or duplicative, according to the report.

(Image via Cienpies Design/ Shutterstock.com)

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats

JOIN THE DISCUSSION

Close [ x ] More from Nextgov