CIOs still not meeting spirit, intent of Clinger-Cohen law, GAO finds

Tuesday - 10/18/2011, 5:28am EDT

Fewer agency chief information officers are reporting to the head of their agency today than in 2004.

The Government Accountability Office surveyed 30 CIOs and found 17 reported directly to their agency secretary or administrator, down from 19 of 27 in 2004.

While the 1996 Clinger-Cohen Act requires the CIO to report directly to the agency secretary, 28 senior technology managers say they have "adequate access to their agency head." And those that didn't report to their department secretary told GAO they believed they influenced IT management, anyway, through relationships with other senior officials, including the assistant secretary or chief operation officer — who is usually also the deputy secretary.

This is one of several new findings from GAO in a new report issued Monday.

"Federal CIOs are critical to ensuring the federal government is managing its information technology resources effectively," said Sen. Joseph Lieberman (I-Conn.), the chairman of the Homeland Security and Governmental Affairs Committee, in a statement. "With the weakened state of the economy and the battle over the federal budget, missing any opportunity to operate government in a smarter, more efficient way is unacceptable. Particularly troubling is that GAO found many federal CIOs have not been fully empowered to be successful. For example, despite the broad legal authority given to CIOs, many have limited budget authority of IT investment at their agencies. Senator Collins and I will continue our oversight efforts to ensure CIOs are charged with the responsibilities they need to perform their jobs successfully."

Lieberman and Sen. Susan Collins (R-Maine), ranking member of the committee, requested GAO look into the state of federal CIOs.

In doing their research, GAO held two sessions with former CIOs in March along with interviewing current agency CIOs to find out find out what is working and what is not. This was the first study of agency CIOs that GAO has done since 2005.

"We cannot continue to have schedule slips, poor mission-related results, and millions of dollars in cost overruns," Collins said in a statement. "The effectiveness of a CIO can make a significant difference on decisions regarding IT investments and issues. I am concerned that the vision of the Clinger-Cohen reforms has, in some cases, been subverted by bureaucratic maneuvering and turf battles. The report found that federal CIOs do not always have sufficient control over IT investments and frequently are limited in their authority over hiring, firing and performance decisions regarding the IT workforce."

Along with most CIOs not reporting directly to their agency head, GAO found these senior technology managers were not consistently responsible for all of the 13 assigned areas of responsibility under Clinger-Cohen.

In the most recent study, 27 CIOs said they were responsible for the areas of capital planning and investment control, enterprise architecture, information security and IT strategic planning — the same number as in 2004.

Similarly, 25 of the CIOs — the same number as in 2004 — said they were responsible for their agency's e-government initiatives.

But four fewer CIOs had responsibilities in IT workforce planning oversight, three fewer had records management responsibilities and five fewer supervised their agency's information dissemination.

Additionally, CIOs are spending 14 percent of their time on non-Clinger-Cohen activities, including addressing infrastructure issues and participating on agencywide boards, such as the CIO Council.

One reason many CIOs may not be meeting the letter of the Clinger-Cohen Act is 14 of 30 said they serve in an additional position in their agency besides CIO. In fact, six said they held two or more functions besides being the CIO, ranging from chief acquisition officer to chief human capital officer.

"Six of 14 CIOs felt their other agency job positions were having a positive and helpful impact on their role as CIO," GAO wrote. "The eight remaining CIOs reported that their additional job functions had neither a positive or negative impact on their role as CIO, with one exception. Specifically, one CIO explained that having multiple positions had put a greater strain on the CIOs ability to adequately perform all required responsibilities."

GAO made three recommendations for the Office of Management and Budget:

  • Issue guidance to agencies requiring that CIOs' authorities and responsibilities as defined by law and by OMB are fully implemented taking into account the issues raised in this report;

  • Establish deadlines and metrics that require agencies to demonstrate the extent to which their CIOs are exercising the authorities and responsibilities provided by law and OMB's guidance;

  • Require agencies to identify and document internal lessons learned and best practices for managing IT.
OMB said they generally agreed with GAO's findings and have taken actions to fix some of the CIOs' challenges.