The latest Federal IT Acquisition Reform Act (FITARA) scorecard showed that all agencies still have passing grades when it comes to meeting federal goals for IT management and reporting, but there was some backsliding in the latest report.
Health and Human Services, Labor, and the Veterans Administration improved their overall scores, while five agencies -- Commerce, Small Business Administration, The General Services Administration, Social Security Administration, and U.S. Agency for International Aid - all dropped. A positive among the scores was that every agency received at least one A for the first time in the scorecard's history.
Some of the drops can be attributed to the progress of transitioning from legacy telecommunications contracts to the General Services Administration's new Enterprise Infrastructure Solutions, or EIS program grading. The deadline for making the transition is not until 2022, but as many as 11 agencies said they will have trouble meeting that deadline. NASA, Commerce, Homeland Security, the Office of Personnel Management, and Small Business Administration all received Fs in this category.
This report also retired the scorecard's software licensing metric as all agencies received an A in this category - a first for the FITARA scorecard.
As agencies continue their work to be compliant with the measures of FITARA, there are a number of events and resources available to guide that journey:
- Federal DevSecOps: Pushing Forward (March 18, 2021; webcast) - Hear from leaders in DevSecOps practices as they discuss the current status, modern projects, and drive forward of Federal DevSecOps platforms used to push IT modernization, operational efficiency, and cybersecurity.
- Emerge 2021 - Part 1: Digital Modernization (April 6, 2021; virtual) - This three-part virtual event series showcases real technology solutions making an impact today and paving the way for tomorrow. The first event explores how to accelerate the Digital Modernization of technology we depend on every day.
- How to Automate Policy in the Cloud (May 12, 2021; webcast) - Manually verifying policy compliance is time consuming, inaccurate, painful and expensive for security teams, leading to missed problems that often lead to security incidents. Learn strategies for policy automation and tools to do it with.
- Data in Action (May 18, 2021; virtual) - Take the lessons learned from organizations that best weathered the storm of the pandemic and use them in preparation for the inevitable next crisis. Decision-makers in IT from the public sector and education communities will discuss the necessity of strong enterprise data strategy and management, the continued digitization of legacy environments for improved data sharing,, and more.
- Cybersecurity: Agencies Need to Fully Establish Risk Management Programs and Address Challenges (white paper) - This GAO paper outlines key practices for establishing an agency-wide cybersecurity risk management program including designating a cybersecurity risk executive, developing a risk management strategy and policies to facilitate risk-based decisions, assessing cyber risks to the agency, and establishing coordination with the agency's enterprise risk management (ERM) program.
- Software Is Never Done: Refactoring the Acquisition Code for Competitive Advantage (white paper) - The ability to develop, procure, assure, deploy, and continuously improve software is central to national defense. The current approach to software development is broken and is a leading source of risk to DoD. It takes too long, is too expensive, and exposes warfighters to unacceptable risk by delaying their access to tools they need to ensure mission success. Instead, software should enable a more effective joint force, strengthen our ability to work with allies, and improve the business processes of the DoD enterprise.
These are just a few resources to help support efforts to improve FITARA scores. Look for your specific needs using the GovEvents search filters.