Members of the House Oversight Government Operations Subcommittee expressed happiness with the progress that Federal agencies have made on their FITARA scores, but remained critical of the Office of Management and Budget’s (OMB’s) guidance on the Data Center Optimization Initiative (DCOI) due to the policy’s revised guidelines on what constitutes a data center.
During a December 11 hearing on the ninth edition of the FITARA Scorecard, Rep. Gerry Connolly, D-Va., chairman of the subcommittee, highlighted the success of the scorecard in driving change among agency IT departments.
“The bottom line is that the FITARA scorecard works and continues to hold agencies accountable for implementing the best IT practices,” said Rep. Connolly. “In November 2015, the average FITARA grade was a ‘D’ across all Federal agencies … the average agency grade today is trending up – it’s now above a ‘C’, a full grade improvement,” he added.
Federal agency witnesses echoed Rep. Connolly’s sentiments on the scorecard’s effectiveness. Elizabeth Cappello, acting CIO at the Department of Homeland Security (DHS), explained that FITARA acts as a “yardstick” for the department, while Renee Wynn, CIO at NASA, highlighted the role of the scorecard and congressional intervention in keeping her directly reporting to the agency head.
The scorecard is also making its way into the appropriations process, noted Rep. Mark Meadows, R-N.C., the ranking member of the subcommittee.
“We pay very close attention to this. It’s now actually starting to indirectly become part of the appropriations process – we’re looking at it and we want to make it a more formal part of that where we reward you for doing a good job,” Rep. Meadows said.
However, both members of Congress emphasized the need for data center consolidation, despite including DCOI as a metric in the scorecard.
“Just one year ago, agencies reported more than 4,700 [data] centers that they plan to continue to operate. In 2019, the number dropped by nearly 50 percent to 2,400 data centers because of a definitional change, not because of closure, and I think that’s of concern to us because it bypasses the whole point,” said Rep. Connolly. “Data center consolidation is what frees up capital. That’s what gives you the cost savings. If you play games with the definition, you miss the benefits.”
Carol Harris, director of IT management issues at the Government Accountability office, offered similar concerns on DCOI.
“Many of these excluded facilities represent what OMB itself has identified as possible security risks. Some are also large facilities that agencies will keep operating, but will no longer report on,” she said. “The changes will likely slow down or even halt important progress agencies should be making to consolidate, optimize and secure their data centers,” she noted.
Rep. Connolly said the committee will work to keep tracking data centers using the prior baseline and not OMB’s guidance, while Harris noted that GAO plans to release a report on the DCOI guidance in the near future.