Federal agency chief information officer (CIO) reporting lines – long a mainstay for critical review by the House Oversight and Reform Committee in its semi-annual FITARA Scorecard that rates Federal agencies on key IT effectiveness measures – are taking center stage in a new report from the Labor Department’s (DOL) Office of Inspector General (OIG).
The new OIG audit concludes that DOL lacks an IT governance framework that properly supports the agency’s mission, and says that a prime factor for that is that the CIO’s office reports to DOL’s assistant secretary for Administration and Management (ASAM), rather than the agency’s secretary or deputy secretary.
The 2014 FITARA law covers a variety of agency CIO authority enhancements, and House Oversight’s FITARA Scorecard issues grades specifically on whether the CIO reports to agency secretaries or deputies.
The OIG’s latest audit report follows previous findings that DOL’s IT operations were hampered by a lack of CIO authority, and misaligned reporting structures for IT operations.
In its follow-up to those earlier findings, the OIG said the agency has since “made progress in ensuring the CIO controls key IT elements within the department,” but added, “blind spots remain.” Some of the more recent progress has come from consolidating IT functions into an IT shared services model, which included moving IT operations and management to the office of the ASAM.
Even after that work, “the CIO remains impaired in visibility and authority over DOL IT within agencies not fully integrating into the IT Shared Services model,” the OIG said.
Additionally, OIG said that “ad hoc design and reliance on personnel” have weakened DOL’s IT processes and with the recent transition to IT Shared Services, “the absence of clearly documented requirements and processes created confusion among agencies dependent upon OCIO for IT support.”
“As a result, the current state of DOC IT is reliant upon the direction of the ASAM and without implementing codified structures, it is directly impacted by the changing of personnel,” the OIG report states.
OIG made five recommendations to DOL for the agency to improve its IT governance, four of which the agency concurred with, but the top one – having the CIO report to Labor’s Deputy Secretary – generated pushback from DOL officials. According to the OIG, those officials cited DOL’s FITARA Scorecard grades, which are generally on the higher end of the agencies rated. The OIG noted, however, that DOL’s FITARA grading suffers from being only one of a handful of agencies that does not have the CIO reporting to agency secretaries or deputies.
The four recommendations with which DOL concurred are:
- Ensure the CIO position is a lead member with voting rights in DOL’s executive strategy and management boards and committees including, but not limited to, the Management Review Board, Enterprise-wide Shared Services Governance Board, COVID-19 Coordination team, and the Enterprise Risk Management Council;
- Reassess the incorporation of the Bureau of Labor Statistics and the Office of the Chief Financial Officer as part of IT Shared Services in 2021, and document why the decision was reached;
- Establish a Memorandum of Understanding or other agreement between the OCIO and all departmental agencies to establish and state the roles and responsibilities of IT between each set of respective agencies; and
- Codify policies and procedures defining IT governance and key supporting IT elements.