I Scoured Congress’ 2,741-Page Spending Bill: Here's All The IT & Cyber In It

Late last week, Congress passed a $1.5 trillion omnibus appropriations bill that funds the government through the remaining six plus months of the fiscal year. They did so after having passed three previous continuing resolutions that provided short term funding at the level provided during FY 2021. NOTE: They also passed a very brief fourth CR to allow time for the massive bill to be enrolled and sent to the White House for the President to sign, which he has now done. We await an agency-by-agency breakout of what was appropriated for information technology.  Historically, Congress has approved higher funding for IT than the president has requested.  

In an act that can only be considered masochistic madness, I read through the bill—all 2,741 pages of it —to tease out some highlights on IT, management and cybersecurity. Here are some matters that may be of interest. I think they reflect two things. First, an understanding of the importance of IT as critical to mission success and citizen service. And second, a growing recognition of the need to strengthen the role and authorities of  the chief information officer in departmental management.

Agriculture - The bill contains $84.8 million for the Office of the Chief Information Officer and $69.7 million for cybersecurity. Additional funds are provided for the Rural Utilities Service to be used for distance learning, telemedicine and high-speed broadband ("high-speed" defined as 100 MB per second downstream and 20 MB per second up). Language in the bill provides an enhanced role for the departmental CIO and the Executive Information Technology Review Board.

Commerce - Legislators set $30 million for technology modernization projects and cyber risk mitigation, with $20 million of this funding for a business applications systems modernization.

Justice - The agency got $38 million for information sharing technology, with authorization to transfer up to $40 million more to support the initiative. Also, $25 million is set for secure telecommunications equipment and a secure network for the Witness Protection Program, and $5 million authorized for IT systems for the National Security Division. Legislators offered strong endorsement of the Investment Review Board and its role in ensuring proper management controls, contract management mechanisms and compatibility with the department's enterprise architecture.

Energy - $72 million was set for the OCIO for cybersecurity and secure information, with substantial investments in department programs to address cyber risks and supply chain concerns.  

Treasury - The bill has $80 million for enhanced cybersecurity for Treasury systems and $8 million for the Bureau of Fiscal Services to pursue systems modernization. For the Internal Revenue Service, $275 million is available to continue tax system modernization, but with a requirement for the agency to submit a report detailing plans, status, results and investments in the Integrated Modernization Business Plan Portfolio.

Executive Office Of The President - Congress appropriated $12.8 million for continued modernization of information resources in the EOP and $8 million for the Office of Management and Budget, "for the furtherance of integrated, efficient, secure and effective uses of IT” in the federal government.

General Services Administration - $55 million was set for the Federal Citizen Services Fund to encourage the conduct of activities electronically and to support innovative uses of technology.  Authorization was provided to transfer $15 million to the Office of Governmentwide Policy to improve coordination and reduce duplication and $17 million for government-wide innovations, initiatives and activities.

Office Of Personnel Management - The bill has $8.8 million for IT infrastructure and systems modernization and Trust Fund Federal Financial System migration and $1.1 million to strengthen the capacities and capabilities of the acquisition workforce.

Small Business Administration - The bill provides guidance on the IT Modernization Working Capital Fund. Agencies across government were authorized to establish such WCFs when the Technology Modernization Fund was created. To date, only the SBA has moved to do so.

Financial Services And General Government - There are 12 appropriations bills that fund the federal government: eleven that cover the executive branch and a separate one for the legislative branch. The one noted here includes Treasury, the Judiciary, the EOP, the District of Columbia and several independent agencies such as GSA, OPM, SBA and some others. It is often used to enact provisions that apply government-wide. This year, language was included that applies ONLY to the departments/agencies covered by this portion of the Act. But it is significant in that, hopefully, it serves as a beachhead for what many feel is needed government-wide. 

For example, Section 620 states,"The head of each executive branch agency funded by this act shall ensure that the CIO of the agency has the authority to participate in decisions regarding the budget planning process related to IT," and, "amounts appropriated for IT shall be allocated in such manner as specified or approved by the CIO in consultation with the CFO";

Department of Homeland Security - Funding was provided throughout the bill for IT and technologies that would enhance border security and other DHS missions (e.g., body-worn cameras, sensors, port-of-entry technologies, Secret Service, cybersecurity and so on). Funding is also provided directly to bureaus. The Cybersecurity and Infrastructure Security Agency was given $2 billion.  Detailed reporting requirements were also outlined for the under secretary for management regarding major acquisition programs. Additional research will be needed, but the Act establishes a DHS Nonrecurring Expenses Fund, to which unobligated balances can be transferred and used for IT systems modernization. But in the following section, the bill appears to limit the department's use of the governmentwide TMF, requiring that any submission or request from DHS be reviewed and approved by the Appropriations Committee; 

Labor - Congress appropriated $25 million to include IT modernization for unemployment systems and automation of unemployment insurance, as well as$28 million for departmental centralized infrastructure technology investment activities. As for the department WCF, unobligated balances can be transferred and used to support a number of activities, to include IT and technology infrastructure investments.

Health and Human Services - The bill contains $1 billion to establish the Advanced Research Projects Agency for Health, orARPA-H, and $100 million to modernize public health data and analytics at the Centers for Disease Control and Prevention, as well as state and local health departments;

Interior - Congress appropriated $26 million for IT management and $30 million for the science and technology account.

Social Security Administration - Unobligated balances provided by Congress remain available to invest in IT, telecommunications, and hardware and software infrastructure. $2 million was also set for IT modernization in the Office of the Inspector General.

Veterans Affairs -- $4.8 billion was appropriated for IT. The agency was encouraged to expand their use of e-commerce technologies and procedures. Congress also outlined guidance, reporting requirements and limitations on a joint electronic health initiative with Department of Defense, and $2.5 billion was provided to continue the Electronic Health Records initiative.

State - According to the bill, "none of the funds appropriated may be made available for a new major IT program without the concurrence of the Chief Information Officer, Department of State."

Transportation - $19.7 million was appropriated for the OCIO, $5.0 million for financial systems and $39.4 million for cyber security and IT network innfrastructure upgrades. 

Housing and Urban Development -  Congress set $63 million for the OCIO and $323 million for department wide and program specific IT systems and infrastructure. The Act calls for detailed plans and certifications by the CIO that any project is compliant with the department's enterprise architecture and capital planning and investment control requirements.

Alan P. Balutis is a former distinguished fellow and senior director for North American Public Sector with Cisco Systems’ Business Solutions Group.