Photo: Steve Barrett
While federal CIOs are busy putting out
systems, policy and budget fires that keep their information technology programs running from day to day, they must also think about what's on the horizon.
Again this year, I served as chairman of the CIO Survey Task Group for the Information Technology Association of America. The Arlington, Va., nonprofit interviewed federal IT chiefs for its 16th annual survey. It focuses on issues facing CIOs, and this year — to commemorate the 10-year anniversary of the Clinger-Cohen Act — it also looks at the law's impact on the role of government CIOs.
The Big Seven
The top issues reported by CIOs are in line with what has been reported over the past few years. Few of the issues are narrow enough in scope to be mitigated within a year or two, despite indications of measurable progress.
- IT security and privacy: IT security has been a priority of federal CIOs for the past few years and, according to survey findings, remains so. CIOs say the challenges have become more complex and expectations continue to expand. Some specific areas of emphasis include:
- ongoing risk and vulnerability monitoring;
- continued focus on application certification and accreditation, supported by new tools;
- integrating testing for the Federal Information Security Management Act with OMB Circular 1-123 internal controls;
- enterprisewide identity management, which includes meeting the mandates of Homeland Security Presidential Directive 12;
- balancing the conflicting trade-offs between IT security and information access and sharing;
- more focus on securing mobile computing devices and environments;
- developing and implementing more automated, self-adjusting intrusion detection and prevention systems;
- providing continuous security monitoring of infrastructures and applications, and;
- institutionalizing the privacy function.
- Enterprise standardization and consolidation: Agencies have been revamping their IT infrastructures for several years and continue to consider this work a priority.
- Project management: CIOs report a continued push from the Office of Management and Budget to improve project management, including specific directives related to the President's Management Agenda. Several IT chiefs say their agencies are taking steps to create enterprise project management offices to improve oversight of critical projects and provide integration support across projects' related components.
- Enterprise shared and managed services: Many agencies that have begun to consolidate their infrastructures have extended the efforts to the acquisition of enterprise shared and managed services. The consensus view of CIOs is that this management technique will let them acquire commodity services more competitively and emphasize performance.
- Application consolidation and integration: CIOs view this priority, which focuses on enterprise mission and management systems, as more challenging than the consolidation of their IT infrastructures because of the government's complex integration, business process and cultural issues. CIOs say they are developing business cases for application consolidations under a more rigorous analysis than they had used previously.
- Data strategy and information sharing: CIOs involved with defense, intelligence and homeland security missions identify this issue as significant and say they must improve how agencies share information assets.
- Line of Business initiatives: These OMB-sponsored projects have gained traction, and agencies are incorporating them into their mainstream IT strategies. CIOs recognize that the LOB initiatives could deliver cost savings but also say there are challenges:
- creating provider-customer relationships between agencies;
- ensuring that the provider agencies can flexibly scale offerings to meet multiple-customer needs;
- ensuring that the provider agencies are able to keep infrastructure and systems modern;
- establishing cost limits, especially if projected transaction volumes are not realized, and;
- offering solutions that functionally fit customer agencies' needs.
Happy 10th, Clinger-Cohen
ITAA took the pulse of the federal CIO community regarding the impact that Clinger-Cohen has had both on the CIO position and on agencies. The survey focused on three areas: what's been effective, what needs more work and what's on the horizon.
- Areas of clear impact:
- setting the framework for how the government manages IT;
- positioning the CIO as a senior leader with a seat at the management table;
- improving IT capital planning and investment control processes;
- repealing the Brooks Act, which established the government's original IT acquisition and oversight rules;
- moving the IT community's focus from procurement to management;
- providing the impetus for improved cooperation between CIOs and chief financial officers;
- increasing accountability for performance and results, and;
- improving IT alignment with mission.
- More progress required: The inability of CIOs and CIO organizations to execute is the shortcoming of greatest concern. Although the law had no specific provision related to getting things done, CIOs view improving the ability of agencies to effectively and efficiently use IT for mission and management purposes as an overriding objective of the law.
- Looking toward the future: CIOs foresee a strong role for their work and expect future federal CIOs will:
- be key members of agencies' senior-most leadership teams;
- be political appointees;
- be viewed as strategists and visionaries by their mission and management leadership peers, with deep understanding of their organizations' missions;
- be key leaders during planning processes;
- manage architecture and IT strategy and provide strong oversight and effective control of IT budgets;
- be viewed as change agents and lead improvement and operation of IT infrastructure and back-office systems while having clear involvement in mission-critical IT, and;
- be perceived as having a comparable role to CFOs with respect to influence within their agencies.
Clearly, CIOs see their role becoming stronger in the future. And just as clearly, they understand that the current administration's focus is on implementing plans and initiatives that now exist, not coming up with new strategies.
From my perspective, these two views are closely related. Delivering promised improvements over the next few years is absolutely critical to establishing the credibility that must precede movement toward a more significant CIO role within government. Are CIOs prepared to deliver? Do they have the tools,
methods and strategies required?
That remains to be seen.