GovLoop

USDA’s Playbook for Making Tech Reforms Stick

U.S. Department of Agriculture (USDA) Secretary Sonny joins Assistant Secretary of the Army for Civil Works Rickey Dale ÒR.D.Ó James on a tour of Melvin Price Locks and Dam Facility, before participating in Waterways Report Stakeholder Townhall August 28, 2019, in Alton, Illinois. rUSDA Photo by Preston Keres

Flip Anderson’s commitment to technology reform at the Agriculture Department (USDA) has earned him a fair share of nicknames. Anderson is USDA’s Director of FITARA operations — short for Federal Information Technology Acquisition Reform Act and pronounced fa-tar-a.

“Mr. FITARA,” “FlipTARA” and “notebook guy” are just a few of the nicknames that have stuck. At USDA, colleagues can’t help but notice the three-ring leather binder Anderson keeps by his side. In it are the documents he lives by: a printed version of the IT reform legislation FITARA, the Office of Management and Budget data center optimization and category management memos, and the IT Management Maturity Model that Anderson tailored to drive FITARA adoption at his department.

He isn’t leading change with a dedicated budget and staff — far from it. He has a six-member team of volunteers, each of whom has expertise in the areas of focus that are critical to FITARA, including acquisition and execution, workforce and program management. We’ll get into the specifics of how Anderson is leading change at USDA in a bit. But one of the biggest takeaways to note up front is that the FITARA implementation underway at USDA in many ways serves as a model for institutionalizing change — big or small — at an agency.

Agencies such as the General Services Administration, NASA, the Homeland Security Department and the Health and Human Services Department are tapping Anderson for nuggets of wisdom about FITARA operations at USDA, specifically his implementation of the maturity model.

For any agency, after the fanfare over the passage of a new law or initiative simmers down and the headlines go away, it’s hard to keep those things relevant and make them an ongoing priority. Anderson shared his approach: “The fact that I’m doing the maturity model keeps it [FITARA] in their frontal lobe because I was able to get the maturity model added as a performance element in the assistant CIOs’ [annual] performance plan.”

Congress passed FITARA in 2014, but apart from the periodic agency scorecards championed by. Rep. Gerry Connolly (D-Va.) that grade progress, FITARA isn’t in the news much these days. The IT community has seemingly moved on to artificial intelligence, robotic process automation (RPA), and digital transformation, all of which FITARA supports at a foundation level. Think about it, if the process for buying and managing IT is broken, how can an agency efficiently drive the adoption of new technology?

At USDA, Anderson’s intense focus on FITARA appears to be rubbing off on other agencies that are also looking for ways to mature their implementation of the law. The American Council for Technology and Industry Advisory Council (ACT-IAC), which is a consortium of government and industry experts, created the maturity model Anderson is currently using. In June 2018, ACT-IAC updated that document to include IT workforce retraining, a cross-cutting cybersecurity component and a focus on Technology Business Management — a framework for tracking IT spending that agencies will be required to implement by 2022.

“Agencies can use this as an assessment tool … as a way to incrementally help them improve their FITARA scores, and it just gives them another tool in their tool belt to really drive and improve,” said Stu Hammer, Senior Director, Application Offerings & Advisory Services at Perspecta and a member of the team that developed the model.

So why the big focus on FITARA at USDA and why now?

Well, part of the reason is the agency is working toward a December 2019 goal of demonstrating full maturity in its implementation of FITARA. In the most recent June 2019 FITARA scorecard, USDA received a C-, up from a D- in December 2018. Two of the biggest stumbling blocks for the agency were its cybersecurity score and concerns over the department CIO not reporting to the secretary or deputy.

Anderson spends time evangelizing to assistant CIOs at the sub-agency levels so they understand the direct linkage between their actions and IT practices and USDA’s overall FITARA score. He’s also showing them how implementing the maturity model helps in both of those areas.

The end goal for USDA is to institutionalize practices that are called out in FITARA. For those who aren’t familiar with the law, it requires that department chief information officers (CIOs) be empowered to review and approve IT contracts, ensure projects are being developed in shorter increments and root out waste and duplication in IT budgets. How well agencies optimize data centers and track their software licenses are also measured under the law.

These are all critical for supporting the efforts USDA has underway to transform digital and in-person experiences for its customers. Efforts include the new farmers.gov website and modernization of USDA contact centers using data analytics and RPA.

Institutionalizing FITARA Across the Department

For Anderson, FITARA is about more than checking boxes and achieving success on paper. “Everything that we try and do at USDA ultimately requires IT,” he said. “And if we’re not managing IT correctly, we’re not supporting our customers in the manner that they need to be supported.”

It took about a year for Anderson and a team of six volunteers to lay the groundwork for maturing the department’s implementation of FITARA. Here’s how they did it.

The team adapted the maturity model into a 104-question survey that addressed all the critical functional areas that fall under the law. The survey went out to chief executives across the department for them to take the survey as a self-assessment and gauge the maturity of FITARA implementation. In total, 29 agencies and staff offices were included in the survey.

Once the results were in, the team underwent a verification and validation process. For example, let’s say a component agency within USDA gave itself the highest ranking on the maturity model scale, which is a level 3, in the area of IT governance. The team would use specific artifacts to verify that ranking, such as evidence proving that they’ve held investment review boards to track IT projects and programs, as well as attendance sheets for those meetings.

Collecting these artifacts wasn’t for the sake of amassing more documentation. The team ended up with a library of more than 900 documents that covered critical functions of IT management, such as governance, budget and acquisition. Version 2 of the model makes clear that cybersecurity should underpin each of these areas. The artifacts that Anderson and his team collected were then used as templates and examples for agencies that didn’t already have their own documentation to track progress in the five key areas outlined below.

These are the five critical functions of IT management. Source: ACT-IAC

 

Anderson has strategically developed relationships with executives by investing time and building trust, including meeting with them individually to deconflict roles and responsibilities. He also created a CXO meeting that went from being weekly to now monthly. “That was where I would bring the CXOs in and we would talk about the stuff that was going on with FITARA and with the maturity model.”

Suzanne Komara, Director at Battle Resource Management, Inc. BRMi and a fellow contributor in developing the maturity model, said the law has given CIOs more visibility in their organizations. “I think FITARA’s done a great job in giving CIO’s … that seat at the table that they didn’t always have in a lot of agencies,” Komara said. “They’ve done a lot more collaboration with their counterparts in CFO, or procurement [or] the heads of their agency.”

Komara added that the next step is building on that work and using their involvement in budgetary decision-making to get a better handle on issues such as shadow or rogue IT that’s operating on the network but not properly managed.

For Anderson and his team, the next steps include continually monitoring how USDA is managing IT across the board and using annual reassessments to measure FITARA maturity at the department.

Anderson explained that requirement to support farmers or ranchers may originate at the department secretary level, but it will ultimately come down to the CIO — whether it’s at the component or department level. “The implementation of FITARA gives us the authority, the accountability [and] the responsibility where it should be at the CIO level, to be able to do that effectively,” Anderson said. “It’s not a land grab, it’s not trying to take over somebody else’s responsibilities down at the component level. It’s trying to make everybody accountable for the use of the federal dollars that we get.”

Photo Credit: USDA Flickr

Exit mobile version