Average tenure for agency CIOs is hovering at two years, GAO says

The average tenure of an agency chief information officer has stalled at about two years, despite a general consensus among information technology executives that a three-to-five year stay is necessary to institute major organizational and policy changes, a watchdog said Monday.

That two-year term of service essentially has remained unchanged since the Government Accountability Office last reported on CIO tenures in 2004, according to a report.

The number of CIOs who stay in office for at least three years declined from 35 percent in 2004 to 25 percent in 2011, the report said.

CIOs typically leave their posts because of the work's high stress level, they have an opportunity to move up to a CIO position at a larger agency, or they're political appointees and there's a change in presidential administration, current and former agency CIOs told GAO.

Federal CIOs typically have responsibility for only seven of 13 areas they're required to oversee under the 1996 Clinger Cohen Act and other relevant legislation, GAO found. Most CIO responsibilities are focused on ensuring information security; strategic planning for IT building and acquisition projects; and overseeing e-government initiatives such as transferring agency data to more nimble cloud computing and using technology to make agency operations and spending more transparent, the watchdog said.

CIOs were less likely to be responsible for information management tasks such as ensuring records are properly retained or that IT processes meet federal privacy requirements, the report said. Those tasks typically are farmed out to others in the organization.

Only 17 of 30 surveyed CIOs reported directly to the head of their agency as required by federal law, though 23 of them thought such a reporting relationship would be beneficial, GAO said. Several of the CIOs said it was important to have a direct link to the agency head, but it made sense to report on day-to-day issues to a lower-level official who could focus more narrowly on IT.

Most CIOs did not think new legislation is necessary to broaden their power, but they told GAO they'd be aided by clearer authority over IT acquisitions and personnel. More than two-thirds of agencies don't require their CIO's approval for IT acquisitions and more than one-third of CIOs don't have the power to unilaterally cancel funding for IT investments, the study said.

GAO recommended that the Office of Management and Budget issue guidance requiring CIOs to fulfill all their legislatively required duties and better define the scope of CIOs' authority.

The watchdog also recommended creating a better catalog of lessons learned from IT projects. The Federal Chief Information Officers Council has created a best practices website that collects case studies of major IT initiatives. Several agencies lack an agency-specific lessons learned page or a specific collection methodology, GAO said.

Federal CIO Steven VanRoekel's office largely agreed with a draft version of GAO recommendations, the report said. VanRoekel's office did not respond to a request for comment on the final report.

About half the CIOs surveyed for the report said they had additional titles or duties, such as deputy chief of staff or chief human capital officer. GAO and Congress have warned that CIOs should not spread themselves too thin, but CIOs told GAO the additional duties typically complemented their main IT work and made them more effective.