FITARA 14 sees just one overall A and stagnant grades
The Federal Information Technology Acquisition Reform Act scorecard did reveal continued struggles in the cybersecurity and Networx transition.
The House Oversight and Reform Committee released the 14th Federal Information Technology Acquisition Reform Act (FITARA) scorecard on Thursday, showing most agency scores remaining unchanged and only one agency improving its grade since last year.
Only one agency of the 24 featured in the latest FITARA scorecard earned an overall "A" grade since the last scores were released in December 2021. The U.S. Agency for International Development (USAID) received its top marks with "A" grades across a majority of scorecard categories, including agency CIO authority enhancements, transparency and risk management, portfolio review savings and transition off Networx. Eight agencies saw their scores decrease, while 15 remained unchanged.
Eleven agencies received a "C+" overall grade, while seven received scores in the "B" range. The departments of Treasury, Transportation, Defense, Homeland Security and Justice all received scores of "C" or below, though no agencies failed in their overall marks.
The Nuclear Regulatory Commission was the only agency to see an improvement, increasing from a "C-" to a "B" in the July 2022 results.
IT experts urged Congress to update the latest scorecard and include new metrics and performance measurements around cybersecurity and Federal Information Security Management Act metrics. But the fourteenth iteration of the scorecard followed much of the overall methodology from previous years, according to the House Committee on Oversight and Reform.
Some changes to the metrics included reverting back to a methodology which relies on agencies self-certifying software development projects, sunsetting the prior Data Center Optimization Initiative (DCOI) methodology and previewing a new data center consolidation methodology focusing on future planned closures. The new methodology was not included in the latest overall grade calculations.
Lawmakers decided to retire the DCOI component after all agencies received "A" grades and at least seven indicated they had no future center closure plans. Committee staff also adjusted the cyber methodology for cybersecurity cross-agency priority (CAP) objectives due to an absence of available data.
Rep. Gerry Connolly (D-Va.), chairman of the Subcommittee on Government Operations and an original co-sponsor of the FITARA legislation, described the scorecard as "an iterative and collaborative accountability tool" and "one of the longest sustained congressional oversight efforts in recent memory" in a statement to FCW earlier this year. The biannual scorecard measuring progress on a range of IT modernization goals was first published in November 2015.
The FITARA scorecard "has continually evolved," Connolly said, "adding and removing categories responsive to changing federal IT priorities, improving metrics based on agency feedback and highlighting urgent areas of concern."
Most agencies continued to receive low and failing marks on the transition off Networx, including General Services Administration, the agency responsible for overseeing the government-wide transition off the Enterprise Infrastructure Solutions (EIS) contract, which went from an "F" to a "D" in the category in the latest scorecard. GSA's overall grade "B+" grade remained unchanged from the December results.
Eleven agencies received a "C+" overall grade, while seven received scores in the "B" range. The departments of Treasury, Transportation, Defense, Homeland Security and Justice all received scores of "C" or below, though no agencies failed in their overall marks.
The Nuclear Regulatory Commission was the only agency to see an improvement, increasing from a "C-" to a "B" in the July 2022 results.