As the ink is still drying – or its equivalent for a liquid crystal display screen – on the 12th edition of the House Government Operations Subcommittee’s Federal Information Technology Acquisition Reform Act (FITARA) Scorecard, I pondered the question about whether and how the same measurement could be applied to state-level IT operations and progress.

As any government CIO worthy of the title knows – whether Federal, state or local – the FITARA Scorecard has become a mainstay of the ability of Congress to assess how Federal agencies are improving IT management, and to hold their feet to the fire when they are not.

So the question becomes: should states replicate such a comprehensive assessment, and would FITARA be a worthy model?


First, a little history is in order. The Federal IT Acquisition Reform Act, or FITARA, is U.S. legislation enacted in December 2014 that in a nutshell was intended to put Federal agency CIOs in control of IT investments. Surely, state CIOs want similar authority.

Since its first FITARA Scorecard rollout in 2015, the Government Operations Subcommittee – with crucial support from the U.S. Government Accountability Office – has performed these bi-annual assessments and published the scorecard results with a certain flourish that only a congressional hearing can orchestrate.

Having the sustained engagement of Rep. Gerry Connolly, D-Va., one of the leading IT reform voices in Congress and chairman of the subcommittee, goes a long way to keeping the grading exercise fresh, relevant, and top of mind for congressional leadership.

Paying close attention to the FITARA Scorecard has become de rigueur for the Federal IT community – including the agencies themselves, the tech vendors competing for government business, and the trade publications covering the action.

How the Process Works

The FITARA Scorecard grades progress by the 24 largest Federal agencies in implementing aspects of several key pieces of IT legislation, with occasional updates to its scoring criteria. The scorecard currently covers eight key areas:

  • Agency CIO Authority Enhancements – Requires CIOs to certify that IT investments are adequately implementing incremental development;
  • Transparency and Risk Management – Requires the Office of Management and Budget (OMB) to publicize detailed information on Federal IT investments, and requires agency CIOs to categorize their major IT investments by risk;
  • Portfolio Review – Requires agencies to conduct an annual, agency-wide IT portfolio review;
  • Data Center Optimization Initiative – Requires agencies to provide OMB with a data center inventory, and a strategy for consolidating and optimizing the data centers;
  • Modernizing Government Technology Act – Authorizes agencies to establish working capital funds for use in transitioning from legacy IT systems;
  • Cybersecurity – Requires agencies to utilize security tools to continuously monitor and diagnose their security status, and provide improved oversight of security programs;
  • EIS Transition – Tracks agency progress on transitioning to the latest-generation telecommunications contract set up by the General Services Administration (GSA); and
  • CIO Authority – Does the CIO report to the agency secretary or deputy secretary, as the FITARA legislation intended.

State Scorecard Adjustments

Of course, there are many barriers to deploying a State FITARA Scorecard that would work exactly like the Federal version.

Probably the greatest challenge would be how to determine the entity responsible for performing the scorecard assessments themselves. There is no Government Operations Subcommittee for the 50 individual states. But as with any good drama, let’s suspend disbelief and talk about a few ways to figure it out.

A good many of the Federal scoring categories would find a comfortable home in any state scorecard: (1) incremental approach to software development, (2-3) project risk assessment and a tracking system, (4) data center optimization, (5) legacy modernization, (6) cybersecurity, and (8) CIO authority.

There is really no similar telecommunications plan for state governments like the EIS transition plan (7), though many have transitioned to a prime vendor type approach for telecom procurement over the years.

Just for States

On top of those existing categories, there are a few others that are critically important to states and that the Federal-level FITARA Scorecard overlooks.

First and foremost, states are primary administrators of many Federal programs – from welfare, to child support, health services and so on – along with other state-supported benefits, and have made significant strides in providing digital services to their citizens for these programs over the years. However, after watching the shambles created in many state IT systems by the COVID-19 pandemic, much work needs to be done. Assessing progress in this area would be an excellent addition to any state scorecard.

Secondly, IT procurement reform has been, and continues to be, a sore thumb among most state governments for more than a generation. And while blanket contracts, GSA-like procurement schedules, cooperative agreements and other vehicles have proliferated across the states, procurements of large system integration projects continue to be measured in years, not months. Perhaps the light reflected off a scorecard report would be the best disinfectant for the sluggish state IT procurement process.

Alongside those two big-theme ideas, it might also be helpful to stimulate private cloud adoption within the data center optimization category, and assessing the movement off public servers on any scorecard.

There are probably many other areas where state IT leaders could drive change and publicly monitor progress. I’m hope this article jumpstarts such a discussion toward that goal.

Empowering CIOs

There’s one last item which I think exemplifies the value of the Federal scorecard – in what is to me and many others the bellwether for successful IT management – and that is the CIO reporting structure, or what I refer to as the CIO governance model.

FITARA has always intended for each Federal agency to have a CIO who reports directly to the cabinet secretary or deputy secretary. In the latest scorecard, of the 24 major agencies evaluated, 16 CIOs enjoy this reporting relationship – the so-called “seat at the table” as it is often referred to. An additional five agencies were given partial credit for improving the reporting relationship, and only three failed the assessment.

Five years ago in the first-ever FITARA Scorecard, the numbers on CIO reporting were far different. At that time, the scorecard reported only 11 of 24 agencies satisfying the reporting criteria. So there’s been quite an improvement, and one that most certainly would not have happened without the public scorecard.

At the state level right now, only a dozen or so out of the 50 state CIOs are in their governors’ cabinets, according to NASCIO’s executive director, Doug Robinson. For that reason perhaps most importantly, a State IT Scorecard might be just the ticket to improving that crucial statistic at the state level, just like it did for the Feds.

Read More About
John Thomas Flynn
John Thomas Flynn
John Thomas Flynn serves as a senior advisor for government programs at MeriTalk. He was the first CIO for the both the State of California and the Commonwealth of Massachusetts, and was president of NASCIO.