TESTIMONY OF
SALLY KATZEN
ADMINISTRATOR
OFFICE OF INFORMATION AND REGULATORY AFFAIRS
OFFICE OF MANAGEMENT AND BUDGET
BEFORE THE
SENATE COMMITTEE ON AGRICULTURE, NUTRITION, AND FORESTRY
MARCH 5, 1997
Good morning, Mr. Chairman and members of the Committee. I am very pleased to be here today to give the Committee a status report on the Administration's implementation of the Information Technology Management Reform Act (ITMRA) of 1996. We are encouraged that there is so much interest in maximizing the contributions information technology (IT) can make to improve program performance.
As the Administrator of the Office of Information and Regulatory Affairs, I am charged under the Paperwork Reduction Act with providing leadership and oversight for the information resources management (IRM) activities of the Federal government. Congress reinforced its commitment to IRM by passing the PRA amendments of 1995, as well as the ITMRA last year.
The Federal government has a mixed record in integrating IT into its operations. Although the Federal Government spent more than $26 billion in fiscal year 1996 on information technology, it has lacked the consistently effective leadership and organization required to assure that it makes the most of these resources. Over the years, this Committee and others have expressed concern with IT projects that substantially overran their budgets and underperformed their projections. Those concerns are legitimate and need to be addressed. Over the last four years, there has been a substantial effort to improve the Federal government's performance in the information area. We had a lot of work to do. We still have a lot of work to do. But, we are now beginning to see the results of our efforts and we are encouraged by those signs.
I think it is important to realize that the Government is not alone in its difficulties with IT. Rapidly changing technology makes IT projects inherently difficult to manage. Not surprisingly, the private sector record in managing IT projects is often no better than our own. Another important point to keep in mind is that IT is not and should not be an end in itself. It is important in the Federal government -- and in the private sector -- to enhance program performance.
Common Findings
What is particularly reassuring is that the perspectives of the executive and legislative branches are so consistent -- beginning with the idea that IT is critical to improving service delivery and is a powerful tool for reinvention.
Today we understand that we often begin our analysis and oversight of IT projects too late in the process, after the decision has been made to acquire an IT system. The place to start is with an analysis of the operating processes to be improved with IT. Before we even consider which IT systems to acquire, we need to focus on reengineering how the work is being done -- asking whether the work needs to be done at all or can be done better by someone else. Only after completing these analyses should IT selection decisions and acquisition strategies come into play.
In addition, we now understand that the IT oversight process needs to promote sound capital planning in agencies. We need to know why we are acquiring a particular system, what benefits we will derive for the costs expended, and how that cost/benefit analysis compares with similar analyses for other IT systems. Some have called this portfolio analysis and management and we need to encourage more of it. To that end, in November of 1995, OMB, in collaboration with GAO, created a guide based on the work that both organizations had been doing on managing IT investments. This guide, entitled, A Guide for Evaluating IT Investments, provides an analytical framework to assess agency plans, budgets, and management capacity to apply IT effectively. It has been distributed widely throughout the government and private industry as a way for both the program management and the IT people to examine all investments in technology.
Similarly, instead of depending on each agency to maintain a core of IT experts who can deal with any system no matter how large or complex, we all seem to agree that the government would do better by leveraging the best experience and talent across agency lines. Too often, individual agencies have been overwhelmed by large, complex systems projects that are beyond their own capacities to manage, or they have pursued isolated development efforts to support functions that could have cross-agency or government-wide economies. Furthermore, innovative solutions to a problem have not been readily or easily shared among agencies with similar problems.
We also appear to agree that our implementation efforts should, to the extent possible, be modeled after the best commercial practices, such as those identified by GAO in its recent work. Why start from scratch if there are proven models that can be used to our advantage?
ITMRA
From the OMB perspective, ITMRA incorporates a number of these and other important and useful insights and ideas. It focuses clear and thoughtful attention on the significance of IT, and it provides support for change in the government's operations in this area.
ITMRA provides that agencies are accountable for delivering systems that produce mission-related results and that OMB is responsible for holding the agencies accountable. ITMRA establishes a strong voice within each agency to be a champion for intelligent use of IT -- the agency chief information officer (CIO). Under ITMRA, the CIO becomes the proponent of the strategic view before investments are made by asking three important questions -- Should the government be performing this function, or can it be privatized? Can another agency perform the function? Has the process to be supported been reengineered? ITMRA appropriately links this function to the budget process. We believe that only the budget process, rooted in the agency's strategic business plan, provides the opportunity to engage the agencies in a dialogue early enough in the life of a project to have an effect on its direction.
ITMRA also recognizes the usefulness of interagency sharing of expertise by creating interagency fora and otherwise attempting to facilitate sharing of resources across agencies. Such sharing is essential. If these groups fail to provide useful advice, or if that advice is not taken, the investment control and capital planning process will default to suboptimal investments, missed benefits, and higher costs. The opportunity to create strategic IT directions will be lost.
Another provision that we think will improve the acquisition of IT gives the GAO exclusive jurisdiction over IT bid protests, aligning the procedures for IT with those followed for all other products and services.
Finally, agencies are encouraged to acquire large systems in a more modular fashion and to use more off the shelf components. Experience in the private sector, according to GAO, has demonstrated the importance of this process. Modular procurements can mitigate risk and improve the chances of success.
I would now like to turn the discussion to the steps we have taken to implement ITMRA, which became effective August 8, 1996.
A Status Report on Implementation of ITMRA
Our strategy for implementing the Act has consisted of three steps: the issuance of an Executive Order that organizes various interagency groups to assist us in implementation of the Act; revisions to OMB Circulars, -- primarily A-11 and A-130, to focus on improved capital planning; and provision of additional information and guidance to the agencies on the designation of chief information officers and other matters. Overall, our attempt is to streamline the oversight process and build on commercial best practices and on successful efforts already underway in the agencies, across agencies, and in OMB.
The Executive Order on Federal Information Technology On July 16, 1996, the President's signed Executive Order No. 13011 establishing three interagency groups to provide information and suggestions to OMB for its use in the review of agency IT budget requests. The groups are as follows:
• A Chief Information Officer (CIO) Council to serve as the principal forum to improve agency practices on such matters as the design, modernization, and performance of agency information resources. The CIO Council will develop recommendations for federal information technology policies, procedures, and standards. It will allow CIOs to share experiences, ideas, and promising practices, including work process redesign and the development of performance measures. The Council will also assess and address the hiring, training, classification, and professional development needs of the Federal Government with respect to information resources management.
• The Government Information Technology Services Board (GITSB) to ensure continued implementation of the IT recommendations of the National Performance Review and to identify and promote the development of innovative technology, standards, and practices among agencies, state and local governments and the private sector. Among its other responsibilities, the GITSB will assist in creating opportunities for cross-agency cooperation and intergovernmental approaches in using information resources to support common operational areas, and it will recommend innovative multi-agency IT projects.
• The Information Technology Resources Board (ITRB) to provide, at the request of agency heads or OMB, independent assessments to assist in the development, acquisition, and management of selected, major information systems. It bears emphasis that an agency can ask the ITRB to provide analysis on a project. USDA did that during the Fall of 1996 when it asked for the ITRB to assess its architecture development.
Revision of OMB Circulars
Changes have been made to several OMB guidance documents to help implement the Act. Before the FY 1998 budget season began, we developed a revision, known as Part 3, to OMB Circular A-11, Preparation and Submission of Budget Estimates, to encourage agencies to engage in a capital planning process for fixed assets, including IT systems. We attempted, as part of these revisions, to integrate a series of separate requirements to measure the performance of fixed assets, so that agencies would not have to respond to several different requests for similar types of information. For example, the Government Performance and Results Act (GPRA) requires agencies to relate the acquisitions of assets to the performance of the agencies' mission. The ITMRA requires agencies to track the performance of large IT systems. The Federal Acquisition Streamlining Act (FASA V) requires agencies to develop performance measures for all procurements and to track them. Circular A-130 discusses the need for planning for IT, as does OMB's Fixed Assets Bulletin.
With the assistance of agency and GAO representatives, the A-11 revision allowed us to ask agencies for a single submission of information about the justification for, and performance of, their proposed major IT systems. We define major systems as those that require special management attention because of their importance to an agency mission; their high development, operating, or maintenance costs; or their significant role in the administration of agency programs, finances, property, or other resources.
Another goal of our revision to A-11 has been to assure that the information we collect is derived from information that is useful to the agencies. Here again, the participation of agency and GAO representatives has helped us develop a more workable process of data collection. We will be evaluating how well this process worked during the next few months as we undertake our annual revision of A-11.
A longer term project that we have begun is the development of a capital planning guide for all types of fixed asset acquisitions. OMB's Comptroller, G. Edward DeSeve, is heading this interagency effort. The capital planning guide will be available for use in the FY 1999 budget process and will focus on the justification for a proposed acquisition in terms of its ability to improve agency performance of its mission(s), the cost of the performance to be obtained, alternatives to the acquisition, and a portfolio investment analysis that compares the effect of this acquisition against investments in other acquisitions or existing projects.
We will also be revising OMB Circular A-130, Management Of Federal Information Resources, our major policy circular about information and information technology, and we hope to have a draft version available for public comment over the summer.
Additional Information on the Designation of Agency CIOs
On April 4, 1996, OMB sent memorandum 96-20 to the heads of all agencies providing additional information on designating a CIO. We told them that as we review the materials that they are to provide to us before making an appointment, we would be focusing on the following three areas.
• Organizational Placement of the CIO. OMB's memorandum states that the person selected should report to the agency head directly, and not through another official. We recognize that it may be more efficient in some agencies for the CIO to work on a daily basis with the Chief Operating Officer (Deputy Secretary/Administrator) of the agency, as long as it is clear that the CIO has direct access to the agency head whenever the CIO deems that appropriate. We believe that this is absolutely key to a CIO's being able to perform well.
• Capital Planning and Performance-based Management of IT. One of the most important responsibilities of the CIO is to promote effective agency operations by encouraging performance-based management. A major responsibility of a CIO is to ensure that an agency has determined, before making an investment in a new information system to support a particular function, whether the function should continue to be performed at all, and, if so, whether the function can be performed better by the private sector or another agency. The CIO should also ensure that, where appropriate, an agency has restructured mission-related processes before making significant IT investments.
• Background and Experience of the CIO. The CIO should have extensive knowledge of concepts, trends, and technical issues such as information resources management, systems acquisition, and software development. The CIO must have the necessary knowledge of information systems capabilities to advise the agency head and senior program managers on the potential of IT to create new program objectives and advise them on the associated risks and techniques for minimizing those risks. In addition, the CIO clearly needs to have management experience in dealing with organizational change -- something that IT tends to bring about.
Some of the agencies satisfied each and every requirement stipulated in the Act and in our guidance. Other agencies -- including USDA -- remain in what we call the evaluation category, operating with an Acting CIO or with a different placement arrangement. We will be evaluating all of the agencies on their implementation of ITMRA this Spring. In our letters to the agencies in the Summer and Fall of 1996, we asked that they provide us an appraisal of how well the CIO office is doing with regard to our requirements. In addition, we will probably be asking the agency about its investment control process. For example, is it tied to the budget process?
I should note with respect to USDA that OMB's Deputy Director for Management recently attended the kick-off for USDA's investment control process group of assistant and undersecretaries. It was very successful, and we hope that other agencies will follow the same route. It will be one of the things we will look for as we evaluate all of the agencies this Spring -- particularly the 16 agencies in the evaluation category.
Additional Information Provided to the Agencies on ITMRA
Over the course of the last year, OMB has provided additional guidance on ITMRA in a number of ways. Rather than go through them all, I would like to focus on one that I believe is of particular interest to this Committee.
ITMRA makes it clear that IT investments should be controlled through the normal budget process. This past year was the first opportunity for this to occur. We tried to prepare for it in November with OMB Memorandum 97-02, which has come to be known as "Raines Rules." In brief, the rules lay out the key considerations agencies should address before funding IT systems. They are not new -- they simply reiterate good business practices.
1. The system must support a core mission that needs to be done by the government.
2. No alternative private sector or government party can do the work.
3. Work processes involved have been simplified to increase chances of using off-the-shelf software.
4. Portfolio management and analysis demonstrate that the return on this investment is equal to or better than other agency IT investments.
5. The system is consistent with agency and government IT architectures.
6. Risk is minimized with pilots being fully tested before production, minimal custom design, clear measures of progress, and buy-in from program officials -- we need to be sure we're buying what they want.
7. Modular procurement assists agencies procuring the smallest possible segments with no deliverables out more than 18 months.
8. Risk is appropriately allocated between vendor and agency through the increased use of performance-based contracts rather than level- of-effort or cost-plus contracts
A couple of the principles seemed to give agencies more difficulties than others. One was item 5, relating to architecture -- the idea that for any particular system one should be able to explain how it fits into the overall agency infrastructure and how that infrastructure in turn promotes the business processes of the agency. Simply stated it is a question of how the technology relates to the business in a process way. While simple to state, it is often difficult to answer. Therefore, OMB is currently working on draft guidance that will provide agencies with a better understanding of this concept. We will be discussing this draft with the CIO Council at the March meeting and plan to issue it as guidance later this Spring to provide us a common ground for budget discussions this Fall.
Another rule that deserves special attention is item 6, involving the concept of risk reduction. We note a number of methods for reducing risk, including isolating custom-designed components, modular acquisition, use of prototypes, and securing buy-in from the users. The agencies have a long way to go from the traditional "big bang" approach to systems development embodying risk reduction.
As a byproduct of this budget season's work, we included a report to Congress on the "Program Performance Benefits From Major Information Technology Investments." The report contains a list of systems that we believe warrant OMB attention. USDA, like most of the cabinet agencies, has a project on that list -- the Field Service Center Initiative. All of the projects on the list were identified on the basis of their importance to an agency mission; their high development, operating, or maintenance costs; or their significant role in administration of agency programs, finances, property, or other resources.
In addition, OMB has concerns that USDA's core mission supporting large IT systems has changed with the enactment of the 1996 Farm Bill. As a result of the Act, the agency is in process of redefining its work processes supporting its core mission. Until USDA completes its strategic and business plans, taking into consideration the changes attributable to the 1996 Farm Bill to refine and simplify its work processes in the county offices, the automation of those offices is somewhat premature. USDA recognizes this, and has placed a moratorium on its automation effort.
***
We are clearly not where we want to be -- yet. There is much work to be done in this area. But, ITMRA gives us the tools that we need to take a comprehensive look at how and where we are spending money for IT. I am very confident and optimistic about the future or IT in the federal government.
The government of a few years from now will be very different than today's, and effective use of IT will be integral to that change. We look forward to working with you and the other members of Congress to assist us in making progress in this important area. I would be pleased to answer any questions that you may have.