FITARA Report Looks to Future Evolution

The 15th Federal Information Technology Acquisition Reform Act (FITARA) scorecard was issued in December 2022 to provide a look at how agencies are meeting modernization goals. Much like the 14th report, all measured agencies improved their scores or stayed the same indicating that changes are needed to ensure the report fully reflects today's modernization goals that have shifted from data center consolidation to cloud usage, and onward to Zero Trust cybersecurity strategies. The committee overseeing the scorecard, as well as industry groups, are looking at ways to better align modernization activities with the report.

FITARA 15 Findings

Currently, the seven active grading categories on the scorecard are: 1) progress in transitioning to EIS contracts; 2) CIO authority enhancements; 3) transparency and risk management; 4) portfolio review; 5) data center consolidation; 6) Modernizing Government Technology (MGT) Act; and 7) cybersecurity/FISMA.

Some changes were implemented within these categories for the 15th report. This included grading agencies with a pass/fail grade on their progress in the transition to the General Services Administration's (GSA) Enterprise Infrastructure Solutions (EIS) communications services contracts. Most agencies got a failing grade in that category.

Two new categories were introduced, though they did not contribute to the final grade. A new cybersecurity grade is being assigned separately from the FISMA (Federal Information Security Management Act) results. This score assigns percentage values for agencies' cybersecurity progress. Grades ranged from 68 percent for the Department of the Interior, to 94 percent for the General Services Administration. Another non-contributing grade measures CIO reporting structures related to budgets and acquisitions. In that category, 16 of the 24 agencies appear to be getting positive grades.

Future of FITARA

In the fall of 2022, ACT-IAC released a report that made suggestions for changing what the FITARA scorecard measures including:

• Moving to the cloud with a focus on retiring, replacing or refreshing legacy systems
• Zero Trust aligned cybersecurity measures
• Use of Agile and DevSecOps especially in response for the need to improve customer experience
• Establishing working capital funds with activity-based costing
• Continuing to address CIO authorities focused on the difference of having a "seat at the table" and having a "voice at the table"
• Attracting and retaining the technology workforce of the future

These changes, the ACT-IAC team suggests, would move FITARA (and the government) from a "culture of oversight to a culture of outcomes." Instead of focusing on the "gotcha" of an F grade, the committee could instead focus on efforts that are advancing overall modernization goals. For example, COBOL will remain a part of government technology for the foreseeable future as it is needed to preserve decades-old records. Having it should not make an agency fail at modernization; instead, they should be measured in how they integrate it into cloud and other services to make that data more usable.

GovEvents and GovWhitePapers feature information on how government modernization is happening and being measured.

• Cybersecurity Trends in 2023: Modernizing Security Operations (January 18, 2023; webcast) - Modern security operations call for a platform that provides actionable analytics, speed, scalability, and cloud-native by design, amongst other characteristics. This conversation, coordinated by 451 Research, will discuss how the trend of modernizing security operations will play out in 2023.
• Growing Trends and How to Accelerate Mission Impact in 2023 (January 19, 2023; webcast) - Government and industry leaders discuss 2022 learnings, growing modernization trends, and what agencies need to know to accelerate mission impact in 2023.
• Securing Tomorrow's Future: The Urgency of Persistent Modernization Forum (February 23, 2023; Falls Church, VA) - As we evaluate how to best equip our military and war fighters for the future, we must consider the pace at which we are evolving not only our strategy, but our mindset to bring together the right solutions. This event will discuss the existing posture toward technology implementation and the strategies we need to adopt to stay at the forefront.
• The IT Modernization Mission (eBook) - In this eBook, Nextgov highlights how agencies are tapping new funds to ditch legacy systems and address gaps in cybersecurity and service delivery.
• Federal IT Modernization Needs a Strategy and More Money (white paper) - Despite a plethora of legislation, executive mandates, and other policy guidance to modernize aging federal IT infrastructure, agencies still need access to dedicated IT funding channels with more money and an overarching IT strategy to help guide them in how they fund IT initiatives.
• Innovation and Digital Transformation (white paper) - Read highlights from a discussion among topic experts across Federal agencies on how emerging technologies have transformed government, and the hurdles agencies must overcome to achieve modernization. Learn why Federal agencies are seeing change play out at different speeds and in different ways across the organization.

You can find more information on Federal IT modernization trends on GovEvents and GovWhitePapers.