[House Hearing, 114 Congress]
[From the U.S. Government Publishing Office]







  THE FEDERAL INFORMATION TECHNOLOGY ACQUISITION REFORM ACT'S ROLE IN 
                      REDUCING IT ACQUISITION RISK

=======================================================================

                             JOINT HEARING

                               BEFORE THE

                            SUBCOMMITTEE ON
                         INFORMATION TECHNOLOGY

                                AND THE

                            SUBCOMMITTEE ON
                         GOVERNMENT OPERATIONS

                                 OF THE

                         COMMITTEE ON OVERSIGHT
                         AND GOVERNMENT REFORM
                        HOUSE OF REPRESENTATIVES

                    ONE HUNDRED FOURTEENTH CONGRESS

                             FIRST SESSION

                               __________

                             JUNE 10, 2015

                               __________

                           Serial No. 114-43

                               __________

Printed for the use of the Committee on Oversight and Government Reform



[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]



         Available via the World Wide Web: http://www.fdsys.gov
                      http://www.house.gov/reform
                     
                                  ______

                         U.S. GOVERNMENT PUBLISHING OFFICE 

96-953 PDF                     WASHINGTON : 2015 
-----------------------------------------------------------------------
  For sale by the Superintendent of Documents, U.S. Government Publishing 
  Office Internet: bookstore.gpo.gov Phone: toll free (866) 512-1800; 
         DC area (202) 512-1800 Fax: (202) 512-2104 Mail: Stop IDCC, 
                          Washington, DC 20402-0001                     
                      
                      
                      
                      
                      
                      
                      
                      
                      
                      
                      
                      
                      
              COMMITTEE ON OVERSIGHT AND GOVERNMENT REFORM

                     JASON CHAFFETZ, Utah, Chairman
JOHN L. MICA, Florida                ELIJAH E. CUMMINGS, Maryland, 
MICHAEL R. TURNER, Ohio                  Ranking Minority Member
JOHN J. DUNCAN, Jr., Tennessee       CAROLYN B. MALONEY, New York
JIM JORDAN, Ohio                     ELEANOR HOLMES NORTON, District of 
TIM WALBERG, Michigan                    Columbia
JUSTIN AMASH, Michigan               WM. LACY CLAY, Missouri
PAUL A. GOSAR, Arizona               STEPHEN F. LYNCH, Massachusetts
SCOTT DesJARLAIS, Tennessee          JIM COOPER, Tennessee
TREY GOWDY, South Carolina           GERALD E. CONNOLLY, Virginia
BLAKE FARENTHOLD, Texas              MATT CARTWRIGHT, Pennsylvania
CYNTHIA M. LUMMIS, Wyoming           TAMMY DUCKWORTH, Illinois
THOMAS MASSIE, Kentucky              ROBIN L. KELLY, Illinois
MARK MEADOWS, North Carolina         BRENDA L. LAWRENCE, Michigan
RON DeSANTIS, Florida                TED LIEU, California
MICK, MULVANEY, South Carolina       BONNIE WATSON COLEMAN, New Jersey
KEN BUCK, Colorado                   STACEY E. PLASKETT, Virgin Islands
MARK WALKER, North Carolina          MARK DeSAULNIER, California
ROD BLUM, Iowa                       BRENDAN F. BOYLE, Pennsylvania
JODY B. HICE, Georgia                PETER WELCH, Vermont
STEVE RUSSELL, Oklahoma              MICHELLE LUJAN GRISHAM, New Mexico
EARL L. ``BUDDY'' CARTER, Georgia
GLENN GROTHMAN, Wisconsin
WILL HURD, Texas
GARY J. PALMER, Alabama

                    Sean McLaughlin, Staff Director
                 David Rapallo, Minority Staff Director
   Troy D. Stock, Information Technology Subcommittee Staff Director
 Jennifer Hemingway, Government Operations Subcommittee Staff Director
                      Julie Dunne, Senior Counsel
                    Sharon Casey, Deputy Chief Clerk
                 Subcommittee on Information Technology

                       WILL HURD, Texas, Chairman
BLAKE FARENTHOLD, Texas, Vice Chair  ROBIN L. KELLY, Illinois, Ranking 
MARK WALKER, North Carolina              Member
ROD BLUM, Iowa                       GERALD E. CONNOLLY, Virginia
PAUL A. GOSAR, Arizona               TAMMY DUCKWORTH, Illinois
                                     TED LIEU, California

                 Subcommittee on Government Operations

                 MARK MEADOWS, North Carolina, Chairman
JIM JORDAN, Ohio                     GERALD E. CONNOLLY, Virginia, 
TIM WALBERG, Michigan, Vice Chair        Ranking Minority Member
TREY GOWDY, South Carolina           CAROLYN B. MALONEY, New York
THOMAS MASSIE, Kentucky              ELEANOR HOLMES NORTON, District of 
MICK MULVANEY, South Carolina            Columbia
KEN BUCK, Colorado                   WM. LACY CLAY, Missouri
EARL L. ``BUDDY'' CARTER, Georgia    STACEY E. PLASKETT, Virgin Islands
GLENN GROTHMAN, Wisconsin            STEPHEN F. LYNCH, Massachusetts




















                            C O N T E N T S

                              ----------                              
                                                                   Page
Hearing held on June 10, 2015....................................     1

                               WITNESSES

The Hon. Anne Rung, Administrator, Office of Federal Procurement 
  Policy, The Office of Management and Budget
    Oral Statement...............................................     4
    Written Statement............................................     7
Mr. Tony Scott, U.S. Chief Information Officer, Office of E-
  Government and Information Technology, The Office of Management 
  and Budget
    Oral Statement...............................................    12
    Written Statement............................................    14
Mr. David A. Powner, Director, IT Management Issues, U.S. 
  Government Accountability Office
    Oral Statement...............................................    19
    Written Statement............................................    21
Mr. Richard Spires, Chief Executive Officer, Resilient Network 
  Systems, Inc.
    Oral Statement...............................................    47
    Written Statement............................................    49

                                APPENDIX

Chairman Will Hurd, Opening Statement............................    76
Ranking Member Robin Kelly, Opening Statement....................    78
Mr. D. Powner-GAO Response to Rep. Duckworth Questions for the 
  Record.........................................................    80
POGO Statement for the Record on DOE FITARA Exemption............    84

 
  THE FEDERAL INFORMATION TECHNOLOGY ACQUISITION REFORM ACT'S ROLE IN 
                      REDUCING IT ACQUISITION RISK

                              ----------                              


                        Wednesday, June 10, 2015

                  House of Representatives,
Subcommittee on Information Technology, joint with 
         the Subcommittee on Government Operations,
              Committee on Oversight and Government Reform,
                                                   Washington, D.C.
    The subcommittees met, pursuant to call, at 2:41 p.m., in 
Room 2154, Rayburn House Office Building, Hon. Will Hurd 
[chairman of the subcommittee] presiding.
    Present from Subcommittee on Information Technology: 
Representatives Hurd, Walker, Blum, Kelly, Connolly, Duckworth, 
and Lieu.
    Present from Subcommittee on Government Operations: 
Representatives Meadows, Walberg, Massie, Carter, Maloney, 
Norton, Plaskett and Lynch.
    Mr. Hurd. The Subcommittee on Information Technology and 
the Subcommittee on Government Operations will come to order. 
And without objection, the chair is authorized to declare a 
recess at any time.
    Today we're going to review GAO's designation of IT 
acquisition as high risk and highlight how the Federal 
Information Technology Reform Act, FITARA, can reduce IT 
acquisition risk.
    I represent a district that's 29 counties, very rural parts 
of Texas, and the urban part. Not once did I mention IT 
procurement on the campaign trail because it wasn't a sexy 
topic. And one of my first trips out in the district, we were 
in far west Texas, my chief of staff says: What are you going 
to talk about? And he says: IT procurement, and his face goes 
ashen, but when you tell people that the Federal Government 
spends $80 billion on IT procurement, and a good majority of 
that is on legacy systems, they're pretty outraged, and they 
recognize the need for efficiency. They recognize the need to 
reduce the size and scope of the Federal Government, and FITARA 
was a good move in that direction.
    I think many of the folks on this panel were involved in 
that. I know Darrell Issa and Congressman Connolly were 
instrumental in making that happen, and I'm looking forward to 
working with Congresswoman Kelly on this important issue and 
making sure, Mr. Scott, you know, you have all the tools you 
need to do your job. You have a tough job. This is--you know, I 
recognize the difficulty of the task, and IT management and 
acquisition has long been a problem for the Federal Government, 
and we all know that. And I'm hopeful that the agency CIOs will 
in partnership with their C-suite agency colleagues, 
fundamentally transform the way the Federal Government manages 
and buys IT.
    And we cannot afford to be having the same discussion about 
IT management and acquisition in another 20 years. Our fiscal 
situation demands that we take advantage of the opportunities 
for cost savings in IT whether through eliminating duplication, 
transitioning to the cloud and shared services or ensuring 
agile development.
    I'm particularly interested in how we might define 
successful FITARA implementation and how we best empower the 
CIOs for success.
    I look forward to working with the leadership and members 
of the IT and Government Operations Subcommittees on both sides 
of the aisle and to continue the oversight of FITARA 
implementation. We have to get this right. And I believe this 
is something that has support not only on both sides of the 
aisle in the House and the Senate, in the White House as well.
    And now I would like to recognize Ms. Kelly, our ranking 
member of the Subcommittee on Information Technology for her 
opening statement.
    Ms. Kelly. Thank you, Mr. Chairman, for holding today's 
oversight hearing on the implementation of the Federal 
Information Technology Acquisition Reform Act, bipartisan 
legislation intended to overhaul the Federal Government's 
approach to managing its information technology resources and 
save billions of taxpayers' dollars.
    I would like to commend Representative Gerry Connolly, the 
ranking member of the Government Operations Subcommittee and 
co-author of this legislation for his continued work on Federal 
IT issues and reforms. I look forward to working with him and 
other members of the committee in conducting effective 
oversight of the implementation of this law across the 
government.
    FITARA includes a number of government-wide reforms for 
managing IT acquisitions and portfolios that will help ensure 
the Federal Government is making wise and efficient investment 
in IT. This committee plays an important oversight role that 
could increase transparency and accountability of agency 
efforts and help ensure that the law is effectively 
implemented.
    In February of this year, the Government Accountability 
Office released its biannual high risk report which added the 
new high risk area, ``Improving the management of information 
technology acquisitions and operations.'' GAO found that 
Federal Government spends billions of dollars on failed or 
poorly performing IT investments. Effective oversight is a key 
tool in identifying and reducing this kind of wasteful 
spending. Congress has a duty to conduct oversight as well as 
an obligation to give agencies the tools they need to conduct 
their own oversight. Agencies need more well-trained 
acquisition personnel to effectively oversee complex systems 
and to ensure that the government is a smart and diligent 
consumer. FITARA recognizes this need.
    Congress must also ensure that agencies have the resources 
to hire and retain qualified personnel that embrace the added 
authority and additional responsibilities provided to chief 
information officers by this law. Congress, together with 
administration, should pursue ways to retain their expertise, 
train them in the most cutting-edge techniques, and support 
their critical work.
    In April 2015, OMB released for public comment proposed 
guidance on how agencies are to implement FITARA. Today, after 
soliciting public feedback and conducting numerous outreach 
sessions with stakeholders and experts, OMB issued its final 
guidance to agencies on the management and oversight of 
information technology resources.
    I want to thank each of the witnesses for testifying today 
and for being here. I look forward to hearing your thoughts on 
this agency implementation, how we can improve the management 
of Federal IT. And I want to thank you again, Mr. Chairman.
    Mr. Hurd. Thank you, Ms. Kelly.
    Mr. Hurd. And now I'd like to recognize Mr. Meadows, 
chairman of the Subcommittee on Government Operations for his 
opening statement.
    Mr. Meadows. Thank you, Mr. Chairman. Thank each of you for 
being here.
    Mr. Chairman, I want to just thank you for taking a topic 
that, as you mentioned, back home in Texas may not have been 
the number one topic for people to talk about. But I can tell 
you in terms of making real impact, this particular issue, 
under your leadership and that of Ms. Kelly, will truly 
transform how we do business. You know, just in the last few 
days we've heard of all kinds of taxpayer information, 
employees, 4 million employees. When we start to think about 
the cyber attacks, that goes hand in glove with some of our IT 
acquisitions. And so I look forward to working with you and the 
ranking member, certainly with OMB as you work to try to 
streamline what we're doing and make it more efficient.
    The GAO, you all have done some great work. I've read a lot 
of your work as it identifies this. And, Mr. Spires, I 
understand you have you a background with the IRS, and I was 
troubled to hear the other day that they still have aspects of 
their IT that has either COBOL or FORTRAN programming. Now, I 
shared that with some of the people in my office, and I said to 
give you an idea, those languages are older than you are. And 
so they were languages that I was learning when I was in 
college. And so just the maintenance of those kinds of 
languages and where we've come today, it's unbelievable that we 
would still be holding on to our security blanket.
    And indeed when we do that, you know, we don't want to get 
rid of the old system because everybody's familiar with it and 
it's too much trouble to bring in the new system. You guys have 
heard it all, and yet what we find is the attackers. The one 
thing that may have saved us on some of those systems is the 
language is so old they can't figure it out. But in doing that, 
we've got to make a real investment. The chairman mentioned $80 
billion. Well, really, we know that it's actually higher than 
that. And when you look at those offline IT acquisitions that 
are in some of those areas that we do not actually openly 
debate, we know that the figure could be well in excess of $100 
billion.
    And so as we start to look at this, it is critical from--
not only from an accountability standpoint but from a 
procurement standpoint that we actually address this in a real 
way. And so my compliment to all of those that have been 
leading the way. But I look forward to serving in a great way 
under the leadership of you, Mr. Chairman, and the ranking 
member as we move forward.
    And with that I'll yield back.
    Mr. Hurd. Thank you, Mr. Chairman, and thank you for taking 
me back to my youth when we talked about COBOL as something 
that was super old even when I was a youngster studying 
computer science at Texas A&M University.
    Mr. Hurd. We're going to recognize Mr. Connolly when he 
arrives for an opening statement, but, you know, we're going to 
also hold the record open for 5 legislative days for any 
members who would like to submit a written statement.
    And we will now recognize our panel of witnesses. I'm 
pleased to welcome Mr. Tony Scott, U.S. Chief Information 
Officer of the Office of E-Government and Information 
Technology at the Office of Management and Budget. And, sir, 
you have your hands full, sir, and I know you've been working 
on in these 4 months that you've been on the job.
    The Honorable Anne Rung, Administrator for the Office of 
Federal Procurement Policy at the Office of Management and 
Budget as well. Thank you for being here, Ms. Rung.
    Dr. David Powner, Director of IT Management Issues at the 
U.S. Government Accountability Office.
    And Richard Spires, CEO of Resilient Network Systems and 
former Chief Information Officer at the IRS and Department of 
Homeland Security.
    Welcome to you all, and thank you for being here, and 
pursuant to committee rules, all witnesses will be sworn before 
they testify. Please rise and raise your right hands.
    Do you solemnly swear or affirm that the testimony you are 
about to give will be the truth, the whole truth, and nothing 
but the truth?
    Thank you. Please be seated. And let the record reflect the 
witnesses answered in the affirmative.
    In order to allow time for discussion, please limit your 
testimony to 5 minutes. Your entire written statement will be 
part of the record. And, again, I think our first testimony is 
going to be Ms. Rung.

                       WITNESS STATEMENTS

              STATEMENT OF THE HONORABLE ANNE RUNG

    Ms. Rung. Chairman Hurd, Ranking Member Kelly, Chairman 
Meadows and Ranking Member Connolly, and members of the 
subcommittees, thank you for the opportunity to appear before 
you today to discuss how the acquisition and information 
technology communities are working together to implement FITARA 
to drive greater IT performance.
    As the administrator for Federal procurement policy, I 
appreciate how FITARA will help address some of the complexity 
of the Federal acquisition system which often leads to 
ineffective and inefficient use of taxpayer funds, especially 
in IT contracting.
    In December 2014, I established a blueprint to simplify the 
acquisition system that I believe will help advance some of 
FITARA's key provisions such as those calling for maximizing 
the benefit of strategic sourcing, developing government-wide 
software licenses, and expanding workforce training in the use 
of IT cadres.
    Today I would like to take this opportunity to briefly 
highlight some of the work that the Office of Federal 
Procurement Policy is doing to implement FITARA in partnership 
with Federal CIO Tony Scott and the Federal IT and acquisition 
community.
    First, FITARA calls for GSA to establish an enterprise-wide 
software program on behalf of civilian agencies to reduce 
lifecycle cost and improve asset management practices. To 
implement this section, Tony Scott and I chartered the 
enterprise-wide software category team to serve as lead for IT 
software. The team includes representatives from the Office of 
Management and Budget, GSA, and the Department of Defense. The 
team is tasked with developing and implementing a strategic 
plan to increase the number of enterprise license agreements, 
recommend policy changes to OMB to improve the acquisition of 
management of software, and monitor agency progress. We will 
then use the existing PortfolioStat process to hold agencies 
accountable for moving to these shared solutions as 
appropriate.
    Also a FITARA provision directs the Federal Acquisition 
Regulatory Council to implement a preference in the Federal 
Acquisition Regulation for strategically sourced vehicles. The 
FAR Council has opened this case and will issue a rule for 
public comment later this summer. Such a preference will help 
OFPP raise the visibility of these solutions, promote their 
use, and better leverage the government's buying power. This 
rule will complement other strategies that OFPP is developing 
around category management to better manage our spend and 
improve results for the taxpayer.
    Category management is an approach taken from the private 
sector which manages entire categories of common purchases 
across the government and utilizes teams of experts to manage 
those specifics categories. OFPP, DOD, and the General Services 
Administration have mapped the more than $275 billion of common 
spend into ten super categories, including IT. While we're 
moving forward aggressively to collect and share information 
across all 10 categories, we're beginning with our deepest dive 
in IT. By managing IT as a category driving government-wide 
strategies like moving to a single software license for certain 
areas, we'll address many of the issues of duplications and 
inefficiencies raised by GAO and this committee.
    Finally, as FITARA recognizes, building the skills of our 
acquisition workforce is the single most important way to 
ensure that the government gets what it needs on time and on 
budget. Working with OMB's Office of E-Government and 
Information Technology, the U.S. Digital Services Team, and the 
Office of Science and Technology Policy, we have taken steps in 
the last year to drive greater IT expertise in our IT 
acquisition workforce. There is no doubt that FITARA will help 
me and my colleagues drive greater efficiencies and 
effectiveness in IT acquisitions in support of agency mission 
performances.
    I want to thank you for your thoughtfulness, vision, and 
hard work to make this happen. This work is incredibly complex 
and requires commitments from the most senior agency officials 
to the newest members of our acquisition and technology teams, 
and FITARA has really helped to catalyze our efforts. Tony 
Scott and I will continue to work together with our respective 
councils to strengthen and reinforce our efforts to reduce the 
cost and increase the value of our IT acquisitions.
    I appreciate the opportunity to be here today and look 
forward to any questions you might have.
    Mr. Hurd. Thank you, Ms. Rung. And, again, thanks for being 
here.
    [Prepared statement of Ms. Rung follows:]
 
 
 [GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]

    Mr. Hurd. Mr. Scott, over to you for 5 minutes.


                    STATEMENT OF TONY SCOTT

    Mr. Scott. Thank you, Chairman Hurd, Ranking Member Kelly, 
Chairman Meadows, Ranking Member Connolly, and members of the 
subcommittees. Thank you for your bipartisan work in passing 
the first major overhaul of Federal information technology in 
almost 20 years. Overseeing government-wide implementation of 
FITARA is one of my top priorities.
    FITARA, as you know, strengthens key IT reform initiatives 
to improve efficiency, effectiveness, and security of Federal 
agency programs and operations by codifying PortfolioStat, 
TechStat, and our data center initiatives. Since 2012 the 
Federal Government has achieved over $3 billion in cost savings 
and avoidance and countless other improvements as a result of 
these reform efforts. But despite these successes, major 
changes are needed to achieve the full potential of IT in the 
Federal Government. I learned in the private sector that a 
strong foundation of visibility into IT spending, partnerships 
with program leaders, and a solid understanding of IT's 
critical role in achieving mission outcomes is crucial for 
effectively managing technology in any enterprise.
    A core part of my team's work will be to build this new 
foundation by implementing FITARA in a way that's workable and 
consistent. And today I'm pleased to tell you that we've 
released our FITARA implementation guidance. I would like to 
provide you with a brief overview of the development process, 
key components, and implementation plans related to our 
guidance.
    First, our FITARA guidance is the result of extensive 
outreach and collaboration conducted over the past several 
months, mirroring the collaborative process used to develop the 
law itself. My team and I met several times--multiple times 
with a diverse set of public and private sector stakeholders, 
and also provided for general public feedback to bring 
transparency to Federal policymaking and to reach a broad 
audience.
    Our guidance takes major steps in ensuring CIOs have a seat 
at the table for technology-related budget, procurement, and 
workforce matters. And the backbone of our guidance is the 
common baseline which outlines roles and responsibilities for 
CIOs and other senior agency officials. More importantly, it 
establishes the groundwork for productive partnerships among 
these leaders to make IT decisions that best support missions.
    And, finally, it positions CIOs so they can be held 
accountable for how effectively they manage the full life cycle 
of IT-related products, services, and customer and citizens 
outcomes, and achieve efficient, effective, and secure programs 
and operations.
    Because agencies operate in unique environments, our 
guidance provides for a CIO assignment plan to give agency CIOs 
the flexibility to meet the baseline in a manner that's 
tailored to their organization. This allows CIOs to designate 
other officials to act as their representative in aspects of 
the common baseline in a rules-based manner if approved by OMB. 
The common baseline in the CIO assignment plan allows CIOs to 
retain oversight and accountability while minimizing 
bottlenecks.
    And as discussed in the guidance, we will utilize 
PortfolioStat processes to hold agencies accountable for their 
implementation of our FITARA guidance. This guidance also 
details a number of other important components such as tools to 
enhance security, accountability, data center optimization, and 
our Federal technology procurement process. I'm certain that 
our guidance will have significant positive effects throughout 
government, including helping to address issues called out by 
GAO over the years, and most recently GAO's high risk list 
entry regarding improving the management of information 
technology acquisitions and operations.
    In addition to the PortfolioStat sessions, OMB, through its 
policy and oversight role, is committed to working with 
agencies in their implementation of this guidance by number 
one, evaluating agency self-assessment and implementation 
plans; number two, requiring agencies to post their approved 
plans publicly, enabling consistent OMB, legislative, and 
public oversight; and, third, by engaging with the President's 
management council, the CIO council, and the FITARA executive 
working group to facilitate implementation and knowledge 
sharing.
    I also look forward to working with Congress to ensure 
consistent oversight and implementation of our guidance in the 
law.
    I thank the subcommittees for holding this hearing and for 
your commitment to ensuring successful implementation of 
FITARA. And I would be pleased to answer any questions you may 
have.
    Mr. Hurd. Thank you, Mr. Scott.
    [Prepared statement of Mr. Scott follows:]
   
    [GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]
    
    
    
    Mr. Hurd. Mr. Powner, 5 minutes.


                  STATEMENT OF DAVID A. POWNER

    Mr. Powner. Chairmen Hurd, Meadows, Ranking Members Kelly 
and Connolly, and members of the subcommittees, we appreciate 
the opportunity to testify this afternoon on our recent 
addition of IT acquisitions and operations to GAO's high risk 
list.
    The Federal Government has wasted billions of dollars over 
the years on failed IT acquisitions. In addition to these 
acquisition challenges, operational systems are fraught with 
duplication and inefficiencies. I'd like to thank this 
committee for its excellent work and persistence on getting 
FITARA passed. If implemented effectively by OMB and the 
agencies, FITARA will greatly improve IT acquisitions and 
operations. However, strong congressional oversight is needed 
to make this happen.
    This afternoon I'd like to discuss five specific areas that 
need to be addressed, starting with two that are associated 
with operational systems. As my written statement shows, we 
spend nearly 75 percent of the IT dollars on operational or 
legacy systems, leaving far too little to modernize the Federal 
Government. So we need to find ways to shift these dollars 
towards acquiring new technologies to further mission 
performance.
    The first is data center consolidation, where there is at 
least $7.5 billion on the table. Agencies to date have made 
solid progress closing over 1,200 of the 9,700 centers and 
saving about $2 billion. The plan is to close an additional 
2,600 centers and save an additional $5.5 billion. We think 
these savings can be higher because when we last looked at 
this, we saw good progress from agencies like DOD, DHS and 
Treasury, but six agencies reported significant closures 
without much in associated savings, and we recommended that 
they take a look at this.
    These agencies are GSA, HHS, Interior, Justice, Labor, and 
NASA. FITARA requires agencies to report on these cost savings 
annually, and this should be a major oversight area for the 
Congress.
    The second area is PortfolioStat, an excellent initiative 
to eliminate duplicative systems. The Federal Government has 
hundreds of financial management and human resource systems, 
for example, where $2, $3 billion are spent annually in each of 
these areas. Agencies initially identified over 200 initiatives 
to eliminate duplication, and the plan was to save $6 billion. 
In April we reported that planned savings were down from this 
original estimate and that the estimates were inconsistent with 
congressional reporting and did not follow OMB guidance. OMB 
needs to ensure that PortfolioStat savings are complete, 
especially since FITARA requires congressional reporting on 
this.
    Now, turning to systems acquisitions. Too often we hear of 
failed projects like DOD's ECSS project where $1 billion was 
wasted. There are three major areas where improvements would 
greatly help the Federal Government's delivery track record. 
These are, better planning, transparency, and oversight.
    Starting with planning. Agencies need to go small and take 
an incremental approach to systems delivery. OMB's policy of 
requiring major investments to deliver in 6 months is simply 
not enforced consistently, and less than half of the IT 
acquisitions are planning to deliver within 6 months. FITARA 
requires that CIOs certify that IT investments are using this 
incremental approach. Again, congressional oversight in this 
area is also needed to ensure that the incremental 
certification does occur.
    Transparency. Of the 700 major investments reported on the 
IT dashboard, about 180 or roughly one-quarter are designated 
as moderate or high risk. These 180 projects total about $9 
billion. Many agencies have accurate information on the 
dashboard and use that information to tackle troubled projects. 
For example, HHS, DHS, Commerce, and Interior acknowledge that 
many projects and dollars are at risk. And we believe that this 
is a good sign so that appropriate attention can be given to 
these risky projects. Others do not have accurate information 
on the dashboard.
    In addition to questioning CIOs on the accuracy of these 
ratings, this committee also needs to push OMB to make these 
ratings available throughout the year. Again, this year the 
dashboard ratings were frozen from August 2015 through March 
during budget deliberations. This simply needs to stop so that 
there is constant investment transparency. We learned just last 
week that OMB has plans to address this.
    The final area is oversight. OMB and agencies need to hold 
executive governance reviews of troubled projects so that 
course correction can occur. And when needed, poorly performing 
projects need to be stopped, and those in charge need to be 
held accountable. These occurred frequently right after the 
dashboard went live with OMB's TechStat sessions with great 
results. Several under-performing projects were corrected, 
descoped, and several were even halted.
    In summary, by tackling duplicative IT systems and 
consolidating data centers, upwards of $10 billion can be 
saved. And on acquisitions, agencies need to go small, be more 
transparent on project status, and aggressively oversee the 
projects at risk.
    This concludes my statement and I would be pleased to 
answer questions.
    Mr. Hurd. Thank you, sir.
    [Prepared statement of Mr. Powner follows:]
   
   
   
   
   [GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]
   
   
    
    Mr. Hurd. Mr. Spires, the floor is yours for 5 minutes.


                  STATEMENT OF RICHARD SPIRES

    Mr. Spires. Good afternoon, Chairmen Hurd and Meadows, 
Ranking Members Kelly and Connolly, and members of the 
subcommittees. I'm honored to testify today, and I wish to 
acknowledge Representative Connolly's leadership in sponsoring 
FITARA. Since I served as a CIO of the IRS and later DHS, I 
hope my in-the-trenches experience is of value to help guide 
FITARA implementation.
    Earlier this year GAO placed improving the management of IT 
acquisitions and operations on its High Risk List. For decades, 
the government has been underperforming in its delivery of 
major IT programs. Deeply embedded cultural and skills issues 
must be addressed if we are to improve the government's 
delivery of IT. This is where FITARA can make a significant 
positive difference if implemented effectively.
    GAO has identified nine critical factors underlying 
successful major IT acquisitions. Yet how does an agency ensure 
these factors are top of mind and implemented for all IT 
acquisitions? My experience from participating in and reviewing 
hundreds of programs leads to two foundational areas of focus 
critical to success.
    The first area of focus is the program governance model, 
which should ensure a collaborative partnership between various 
stakeholder organizations that have key roles in the IT 
acquisition. Even the best program manager fails if the program 
governance model does not work.
    The second area of focus involves the Program Management 
Organization, PMO, having the requisite skills and proper 
representation of various stakeholders to operate effectively. 
All members of the PMO must be aligned and incentivized to work 
toward a common set of outcome-based success measures.
    FITARA must enable agency CIOs to ensure proper program 
governance and PMO models are in place for all significant IT 
acquisitions. I note that it is not the agency CIO that has the 
last say regarding major program decisions, but rather that the 
governance process is working effectively to ensure major 
decisions are made with all appropriate stakeholder input. For 
FITARA to be successful, it is critical that an initial rollout 
within agencies be effective. I'm very pleased to see the 
approach OMB and the new Federal CIO Tony Scott are taking to 
support this rollout.
    OMB recently issued draft FITARA implementation guidance 
based on seeking significant outside input. This will improve 
content, understanding, and buy-in over the longer term. Yet 
there's a wide disparity in the maturity level of IT 
organizations across the agencies. A number of agencies will 
struggle with both the what and how to implement FITARA. To 
support this implementation effort, the American Council for 
Technology and Industry Advisory Council, ACT-IAC, a nonprofit 
organization, is forming a working group to support the 
development of tools that can provide agencies help to 
implement FITARA.
    The workings group intent, is to draw from the best of both 
the public and private sectors' models for managing IT. The 
group will focus on providing a range of proven implementation 
models for budget formulation and oversight, program 
governance, and delegation of authorities that should cover the 
array of different agency models from centralized to highly 
federated management of IT.
    Mr. Darren Ash, CIO of the U.S. Nuclear Regulatory 
Commission, will serve as the government lead, and I will serve 
as the industry lead for this effort.
    Even with a solid FITARA implementation plan, success will 
be dependent on two additional factors. First, the agency CIO 
needs to have the leadership, management, and political 
experience to drive this change, as well as a deep 
understanding of IT management. And, second, the agency 
leadership must be supportive of the agency CIO, particularly 
in agencies that are operating in a federated environment. 
Congress, through these subcommittees, can support these 
efforts by demanding aggressive implementation of FITARA by 
agencies, development of measures for assessing FITARA's 
impact, and transparency in reporting of ongoing progress.
    The benefits of FITARA implementation will take years to 
realize so we will need to have persistence and patience. 
Implementation of this level of change takes 2 to 3 years, and 
benefits of that change being felt in year 3 and beyond. 
Regarding how to measure FITARA's success, I would start with 
the metrics GAO has spelled out regarding what is required to 
remove IT acquisition from their High Risk List. To these 
metrics I would add agency-specific measures of how IT can more 
effectively support the mission and business outcomes of the 
agencies. This current administration has a golden opportunity 
to set the correct foundation for implementing FITARA so that 
when the next administration arrives, the critical elements of 
FITARA are already taking root.
    And while I'm pleased with the work to date, it is critical 
to make enough progress during the next 18 months to ensure 
that leadership commitment to FITARA is sustained into the next 
Congress and administration. Thank you.
    Mr. Hurd. Thank you, Mr. Spires.
    [Prepared statement of Mr. Spires follows:]
   
   [GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]
   
   
    Mr. Hurd. You can't have a conversation on FITARA without 
comments from the distinguished gentleman from Virginia.
    I'd like to recognize Mr. Connolly for 5 minutes for 
opening remarks.
    Mr. Connolly. Thank you, Mr. Chairman, and thank you for 
being so gracious. I want to thank you and the committee for 
holding today's important hearing to examine the implementation 
of the bipartisan FITARA Act, or as we often prefer up here, 
Issa-Connolly. FITARA is the first major reform of the laws 
governing Federal IT management and procurement since the 
enactment of the Federal Clinger-Cohen Act of 1996. And I want 
to take a moment to recognize the leadership of our former 
colleagues, Bill Clinger and Senator William Cohen.
    Today there's widespread agreement that the text of the 
Clinger-Cohen Act was quite good and that the 1996 law held the 
potential to be truly transformative. However, in retrospect it 
is clear that the Clinger-Cohen Act, while establishing a solid 
statutory framework unfortunately fell short of achieving its 
full potential. There is also consensus that the primary 
weakness of that act was not the bill itself but actually its 
inadequate implementation, which was exacerbated by the absence 
of congressional oversight at that time. The latter being an 
unfortunate result in part of both authors departing Congress 
shortly after the law's enactment. That's why today's oversight 
hearing, Mr. Chairman, is so important to change that pattern 
of history.
    With the history of Clinger-Cohen in mind, and as the co-
author of FITARA, I'm committed to doing everything on our part 
to guarantee that we do not repeat the implementation mistakes 
of the past. And I'm so delighted that my colleague in arms, 
Mr. Meadows, shares that commitment. And I know Ms. Kelly does, 
and I know you do, Mr. Chairman, and that's great. And I know 
Mr. Issa has not lost interest in this either, although he's 
now in Judiciary Committee making music over there.
    We have to make sure that the FITARA implementation is not 
Clinger-Cohen 2.0. Congress must and will diligently monitor 
its implementation and won't accept unnecessary delays, 
improper half measures, and the stubborn preservation of the 
status quo. The good news here, though, is that the 
administration is on our same page. And I'm so pleased that the 
FITARA implementation has gotten off to a tremendous start in 
no small part due to the efforts of the four people in front of 
us.
    I want to commend the leadership, particularly the Office 
of Management and Budget, including our excellent witnesses 
today. In many respects, the FITARA guidance that they've 
issued is one of the best policy publications I've ever seen. 
It's enthusiastic, it's clear, and it is with the program. 
We're not fighting at all. From its content to the 
collaborative nature in which it was developed to the 
innovative and transparent manner in which it was published, 
OMB's efforts to implement FITARA truly represent a best 
practice and new milestone in good government. And I'm so 
pleased that since FITARA's enactment the administration's 
demonstrated full recognition of the importance of effective 
implementation.
    As OMB noted in its proposed guidance, ``FITARA is an 
historic law that represents the first major overhaul of 
Federal information technology, IT, in almost 20 years.'' I'm 
also pleased that GAO recognizes the potential to achieve 
billions of dollars in cost savings and cost avoidances by 
strengthening agency CIO authorities and promoting the 
elimination of wasteful and duplicative IT systems.
    At a February 2015 hearing held by our committee, the 
Honorable Gene Dodaro, the comptroller general explained GAO's 
rationale behind designating improving the management of IT 
acquisitions and operations as a new government-wide high risk 
area, stating, ``One of the reasons we put IT acquisitions and 
operations on the list is in order to elevate attention to make 
sure that FITARA,'' and, he says, ``Issa-Connolly is 
implemented effectively.'' God bless Gene Dodaro.
    Moving forward, there's bipartisan, bicameral support for 
fully implementing FITARA. A vast majority of members, I think, 
share the goal of dramatically curbing wasteful IT spending on 
antiquated IT systems and want to promote management practices 
that will prevent agencies from wasting billions of taxpayer 
dollars on IT boondoggles that fall years behind schedule and 
appear a staggeringly poor performance with shockingly high 
costs.
    There's also a recognition that Federal policymakers and 
agency administrators must cease relegating IT management to 
the cellar of an agency's organizational hierarchy. The bottom 
line is that FITARA's enactment represents the long overdue 
recognition that in the 21st Century effective governance is 
inextricably linked with how well government leverages 
technology. This reality of modern government underscores why 
it's incumbent upon both branches of government to work 
together in a pragmatic fashion to ensure we take advantage of 
the opportunities this legislation, I believe, affords us.
    So in closing, Mr. Chairman, I want to take a moment again 
to express my sincere gratitude and appreciation to the 
leadership of this committee and our subcommittees and to OMB 
and GAO especially in elevating the importance of this issue 
and the implementation of FITARA.
    Thank you. And I look forward to having a chance to 
dialogue with the panel.
    Mr. Hurd. Thank you, Mr. Connolly.
    Mr. Hurd. And now it's a pleasure to recognize my colleague 
from North Carolina, Chairman Meadows, for 5 minutes.
    Mr. Meadows. Thank you, Mr. Chairman. Thank each of you for 
your opening statements. I will apologize up front. I actually 
have another meeting I was supposed to be at 15 minutes ago. So 
the chairman was kind enough to let me go ahead with some of my 
questions.
    So Ms. Rung, let me start with you. With regards to these 
legacy systems that are out there, a lot has been talked about 
in terms of where they are, how much we're spending. How can we 
from a procurement standpoint allow a redo or a start over. 
We've got FITARA, we've got a number of these others, but it's 
all in the implementation as my good friend Mr. Connolly just 
outlined. What can we do to make sure that we are not sitting 
here 2 years from now with the same problem?
    Ms. Rung. Thank you for the question. As my colleague 
stated, you know, IT acquisition spend is approximately $80 
billion a year. So this is an important space for us to tackle, 
and I appreciate GAO's work in this area, and in particular in 
putting it on a High Risk List because it lends a energy and 
focus to some of our efforts to really address this area.
    When I think about IT acquisitions, I really think of it in 
two buckets. Really, there is the IT systems, which is a much 
different strategy in tackling that area, and I also think of 
IT commodities where we are really focused on how can we be 
more efficient.
    In the IT systems area, what I hear consistently from 
industry is that the issues and challenges start at the 
requirements phase. Right? Really early in the process. And a 
couple things we're doing in this space. I think it all comes 
down to the acquisition and IT workforce and do they have the 
skills and training to know how to put these acquisitions 
together. We're developing for the first time a specialized IT 
acquisition team. When I started in this job, I sat down with 
our former CTO, Todd Park, who talked about the success of the 
digital services team. But these are primarily technologists 
from Silicon Valley. He stated that we should be thinking about 
the acquisition equivalent of this.
    From that point on, we started to collaborate, along with 
my colleague Tony Scott, the Federal CIO, on creating a first 
certified digital IT acquisition team. We're going to start by 
pulling career employees, career contracting officers, from the 
agencies. We're going to put them through a training we're 
developing in partnership with industry, and we're going to 
send them back to the agencies early next year to really 
provide a hands-on approach in developing these acquisitions 
and thinking about can we write these requirements in a more 
agile way. To be more specific, oftentimes I hear from industry 
that our requirements or statements of work are several hundred 
pages long and overly government oriented and overly 
prescriptive, and then they are required to submit proposals 
that are several hundred pages long.
    What we'd like to move to through this new team is thinking 
about a more succinct statement of objectives, thinking about 
having industry submit short concept papers, and really trying 
to approach these acquisitions in a more modular manner, and I 
think that will have a significant impact in the IT system 
space.
    Mr. Meadows. All right. So let's assume that we do that and 
we take that and we break it down. Is there not a danger of 
looking at the old way that we've done acquisitions, whether 
it's procurement or getting rid of the systems that we've had 
that we run home again to that safety blanket and say: Well, 
we're willing to come half way. You know, instead of it being a 
100-page RFP, it's an 80 page. How do we make it more results 
driven?
    As a business guy, you know, all I wanted to do is perform 
a particular function and do it as effectively as we can, and 
yet we somehow seem to continue to run back to FORTRAN and 
COBOL kind of systems to keep them running.
    Ms. Rung. That's a great question. How do you have an 
impact in such a large complex space that represents overall 
$450 billion in spending where I have 3,300 different 
contracting offices across the globe. So how do you really make 
an impact and try to drive change? I think FITARA represents a 
major transformation in how we think about IT acquisitions. The 
way I'm approaching it is thinking about our efforts like a 
start-up company, and I'm focusing on a small team of people.
    I know that the first time that I develop this program to 
create a new specialized team or a new specialized IT cadre, I 
may not get it exactly right. I want to put them through this 
training that we're developing and partnership with industry. I 
want to send them back to the agencies to provide that hands-on 
assistance, but most likely I'm going to tweak that, and I want 
to scale it up over time. And I think what the digital service 
team has shown is that a small group of people can have a huge 
impact in this area.
    Mr. Meadows. I see I'm out of time. So I'm going to yield 
back to the chairman, but I would like the GAO, if you can let 
us know how we can help. You mentioned oversight being the 
critical component, how we can know whether we're making 
progress or not.
    A matrix, you know, best performers, worst performers, 
whatever we can do, if you would do that, and I won't ask you 
to respond to that, but I'll yield back to the chairman. Thank 
you.
    Mr. Hurd. Thank you, Mr. Chairman.
    Now I'd like to recognize my friend and ranking member, Ms. 
Kelly, for 5 minutes.
    Ms. Kelly. Thank you, Mr. Chairman.
    OMB's guidance will help agencies establish effective 
oversight of the management of their IT investments and 
resources.
    Mr. Scott, what is the desired outcome of the enhancements 
to agency oversight of IT resources? What benefits can be 
anticipated?
    Mr. Scott. I think there's a number of what I'd call 
success factors that we should look to over time as FITARA and 
the other things that we're doing get implemented.
    The first one I think is faster delivery of needed 
capability. In this world, speed of delivery is everything. And 
as is probably obvious, in most cases when you do things 
faster, you're limited in the amount of money you can spend 
doing it, and so there's a double benefit.
    The second thing I would say is efficiency of spend. And 
there are a number of different ways that we can measure that. 
I would then look to being on time and on budget as a classic 
measure. I don't think that goes away. We also have to make 
sure that the systems we deliver and the capabilities and 
infrastructure that we deliver are secure. And there's ways 
that we will measure that.
    And then I think we have to look at the underlying 
components our infrastructure and delivery capability, and make 
sure that's also modern. I think measures in each of those 
areas are the things that I would look for.
    Ms. Kelly. Let's speak a little bit about transparency. The 
guidance also provides for increased transparency and 
accountability of agency management of IT resources. So what 
are some examples of increased transparency regarding IT 
acquisitions and operations, and how will increased 
transparency contribute to effective congressional oversight?
    Mr. Scott. Well, the first thing you'll notice is in August 
of this year each of the agencies will be required to submit 
their self-assessment plan and their plan for FITARA 
implementation. And that will be made public and certainly 
we'll be all over it, and I'm sure this committee will also be 
looking at it along with GAO and others. And that's the first 
in a set of reports and deliverables that come out of FITARA.
    In addition, we're going to keep doing the PortfolioStat, 
TechStat, and CyberStat reviews that we do, and as was already 
mentioned, we have improvements under way to the IT dashboard 
as well. So I think all of those will help both with the 
timeliness but also the visibility and transparency of how this 
goes.
    Ms. Kelly. You said you're sure this committee will be all 
over it, but why do you think the GAO believes congressional 
oversight is so essential?
    Mr. Scott. Well, I think in this particular case, as 
there's a huge amount of transformation taking place in the IT 
industry and every business, government, and institution 
getting this right is table stakes for all interests, and I 
think given the various roles that the parties that you 
mentioned play, it's important that we have each of those 
perspectives in on this and that it's shared broadly across the 
community of interest.
    Ms. Kelly. My colleague, Ranking Member Connolly, a co-
author of this legislation, has repeatedly expressed a need for 
congressional oversight of the implementation of FITARA to help 
ensure the improvement it directs are achieved government-wide.
    Mr. Powner, what is at risk if congressional oversight is 
not maintained on agency implementation?
    Mr. Powner. Well, Ranking Member Kelly, I think if you look 
at the history, and it was mentioned here going back to 
Clinger-Cohen, the history of implementing effectively, going 
back to Clinger-Cohen, OMB's recent initiatives--our high risk 
area and a lot of FITARA is OMB's own initiatives that haven't 
been implemented to completion. That's the bottom line. And 
history tells us that if you leave it up to the administration, 
OMB, and the agencies, it doesn't work as well. But if you have 
Congress overseeing key areas to ensure that there's cost 
savings, a good area is incremental development. We all agree 
that we ought to go smaller to help with the delivery.
    If we got real serious about incremental development and 
implemented OMB's 6-month policy, maybe we shouldn't fund 
projects either from an appropriation perspective or from OMB's 
perspective that they can't deliver within the budget year. 
Let's look real hard at not funding those projects. They should 
deliver something within the budget year.
    Ms. Kelly. Mr. Scott, do you agree?
    Mr. Scott. I think many, many projects lend themselves to 
that kind of short incremental development, but I would say we 
have to be a little bit careful there, and I'm not trying to, 
you know, put a wet blanket on any of this. I think there's 
much more opportunity for us to do that than others.
    And so I strongly endorse that trend, but I think one of 
the challenges that I see already is there's already a funding 
sort of quagmire in the way some projects are managed, and one 
of the things that I do know greatly impacts the success of a 
project is if there's a lot of start/stop, start/stop, start/
stop, that leads to a ton of inefficiency and so on. So I'd 
prefer to see a mechanism that, you know, if the programs are 
meeting its goals and its deadline, there's not uncertainty 
about funding, and if there's problems, then you yank the cord.
    Ms. Kelly. I've run out of time. So thank you, but I look 
forward to working with the members of this committee to 
provide effective oversight of the implementation of FITARA 
reform to help ensure that needed improvements are achieved. So 
thank you all very much.
    Mr. Hurd. Mr. Walberg, 5 minutes is yours.
    Mr. Walberg. Thank you, Mr. Chairman.
    Mr. Powner, CIO integration into the IT investment 
decisionmaking process, as we have discussed here, is key to 
successful implementation of FITARA. How do we ensure that the 
CIO is actually integrated into the IT investment decision and 
the process associated with that within each agency and 
department?
    Mr. Powner. I think that's the key question. When you look 
at FITARA, that's the first provision and probably the most 
important is enhancing the CIO authorities. I think OMB 
deserves a lot of credit for their common baseline in what 
they're attempting to do to elevate the CIO authorities within 
each agency, ensuring that they're part of the budget approval 
and execution process. But you're absolutely right, and as Mr. 
Spires mentioned in his statement, there's some agencies that 
are going to really struggle with that because of their current 
setup. The way they're currently set up, they don't necessarily 
have that budget--that oversight of the budget approval and the 
execution to have the appropriate governance processes that 
Richard referred to. So that's the challenge. That is the 
challenge.
    So first of all you need the appropriate processes, but we 
also need the appropriate people. And I think one of the things 
hopefully with FITARA, it's going to attract even a better 
breed of CIOs into the Federal Government, if in fact it's a 
real CIO job. Some of the CIO jobs in the Federal Government 
aren't CIO jobs that you have in the private----
    Mr. Walberg. So it's not encouraging.
    Mr. Powner. Well, it can get a lot better, and clearly we 
have pockets of success. There are pockets of success that we 
can learn from where there are the appropriate authorities, and 
I think with the common baseline, it's a step in the right 
direction, but it's going to take time, and I think, again, 
your congressional oversight, when you look at these plans to 
fill the gaps that agencies have on the common baseline, that's 
going to be really important that we implement that 
effectively.
    Mr. Walberg. Mr. Scott, before I go to Mr. Spires to 
respond to that and add to it, Mr. Scott, responding to what 
Mr. Powner just ended his statement with, carry on with that 
thought.
    Mr. Scott. Well, I totally agree this is all about, you 
know, having capable and competent people. And I've added it as 
one of the priorities for my team in terms of things that we 
are spending a lot of time on.
    So it's looking at talent across the Federal Government, 
making sure that there's good development experiences for the 
talented people that are working in these roles, that they get 
exposed to multiple kinds of organizations and the broad set of 
things that are required of a CIO in a big organization. I 
think that's an important part of our responsibility as leaders 
to make sure that when we're gone, the next generation of 
leadership is in place and has the right skill sets to do the 
jobs that we're asking of them.
    Mr. Walberg. And the expectations on them and the 
accountability as well.
    Mr. Scott. Right.
    Mr. Walberg. Yeah. Mr. Spires.
    Mr. Spires. Yeah. I certainly would echo the thoughts about 
the importance of having the skill sets. I would pick up on 
this idea of having the proper support. You know, it's critical 
that the CIOs are empowered to be able to do what they need to 
do within these agencies, and particularly in those agencies 
that have federated environments where there's not just one 
single CIO organization, or IT organization.
    And I think that's even incumbent upon OMB and the 
administration to make sure that that happens and that the 
support is there from the agency leadership to enable that CIO 
to be effective. Because they're going to be dealing in a 
federated environment with bureaus, CIOs or other heads of IT 
and other organizations in that agency, and that all has to 
work collectively to be able to carry out FITARA in a 
distributed kind of manner.
    And the good news is that OMB has done a nice job with 
their guidance of laying out ways in which you can set that 
model up. But there are proven models to be able to work in 
that federated environment. So it's also going to be incumbent 
upon OMB to make sure that those agency models fit the agency 
well. And they've got a process for that review. I don't know 
if every agency is going to get it right the first time, but I 
think as there's an iterative process and a real drive to make 
this happen, over the next 18 months you should be able to get 
these models to work well.
    Mr. Walberg. Ms. Rung, tie the bow on this discussion here 
from your perspective, especially dealing with policy. Policy 
and personnel sometimes run amok. Help us in answering here.
    Ms. Rung. Well, to build upon what Mr. Spires talked about 
a little bit of the challenges of the federated system, what 
I've seen is the impact of that on the acquisition space. And 
without the CIOs really having accountability and authority, 
what I've seen in the acquisition space is that there are not 
owners of certain IT commodities. For example, mobile devices. 
No one in the agency feels accountability for the mobile 
devices. So you see lots of duplication and a lack of 
transparency.
    With reference to the workforce and ensuring, you know, we 
are, you know, focusing on the skills of our workforce, I echo 
everything that was said here. I think I approach it in two 
different ways. I mean, one, we want to make sure that we're 
holding our acquisition personnel accountable for performance. 
At the same time, I want to ensure we're lifting up and helping 
to train and strengthen our workforce and really recognize the 
good work that is going on across government.
    Mr. Walberg. Okay.
    Mr. Walberg. Thank you. My time is expired.
    Mr. Hurd. Thank you, sir. Now I'd now like to recognize Mr. 
Connolly for 5 minutes.
    Mr. Connolly. Thank you, Mr. Chairman, but could I just 
ask, if there were colleagues ahead of me before I arrived, I 
would certainly defer to them.
    Mr. Hurd. I would like to recognize Ms. Holmes Norton for 5 
minutes then.
    Mr. Connolly. Thank you. I want to be fair.
    Ms. Norton. Well, my good friend from Virginia is always 
fair. I certainly appreciate it.
    I went straight to the GAO report because I am particularly 
interested in diagnosis. We have the bill, and we are beginning 
its implementation. I went to page 2, in particular. We hear a 
great deal about IT failures, we hear about them in the public 
sector, we hear about them more often in the private sector. It 
leads me to believe that IT itself should be seen as still a 
developing science, why there is so many failures even from 
people who lose tremendously at the bottom line.
    So I'm interested, Mr. Powner, in page 2 of the GAO report, 
because the only thing worse than taking a long time to acquire 
or taking a long time for a system to come online is taking a 
long time and then the whole thing fails. You've spent billions 
of dollars down the drain. So on page 2 you list some very 
costly examples. Just to touch on a few. After 5 years, DOD had 
to just cancel its combat support system, or I won't list them 
all.
    Nine years, the VA scheduling and replacement project, then 
finally they just, you know, called it quits, but that's 9 
years' worth of money. Sixteen years, they should stick with 
them a long time. This is the tri-agency weather satellite 
program, a number of agencies in on this one, $5 billion in 16 
years.
    Now, so my first question is, is this kind of failure 
typical of large scale operations, or should we look for it in 
the public and private sector? I mean, are these--is this 
simply IT finding its way in truly large scale systems, because 
we see large scale systems in the private sector going 
overboard too, with far worse consequences.
    So first I want to know what's wrong, or are we in such a 
developmental stage that somehow these agencies, you know, they 
ought to stick with these things. I mean, we are in for a dime, 
we are in for a dollar, we're in until somebody throws us out, 
and why don't they get out sooner? Why do they spend the last 
dollar before they decide this just isn't working? And what can 
we do about it? Will FITARA do anything about it?
    Mr. Powner. Yeah, there's aspects of FITARA that would help 
greatly. So first of all, again, I'll emphasize incremental 
certifications by the CIOs of major IT systems. I agree with 
Mr. Scott's comments. Some of them you can't go real small, but 
you can do it with a lot more.
    Best practices, we've done a lot of best practices work on 
successful acquisitions. These are failures, and I can tell you 
about each one of them, but the successful ones, they typically 
all go small. The other thing is, I'm going to re-emphasize the 
TechStat process that OMB implemented right after the dashboard 
went live. There were about 50-some projects, 70-some meetings, 
and there were a lot of these projects that were halted, 
descoped, corrected, and there was great progress to the tune 
that OMB says $3 billion were saved.
    We need to go back to looking at these projects, because 
within agencies there's a reluctance to stop a project. I have 
a report coming out next week on a Department of Agriculture 
project. It's listed back in my testimony as something to look. 
You could add it to the failed list right now.
    Ms. Norton. What's the reluctance? What's the reason for 
the reluctance?
    Mr. Powner. The reluctance is to not acknowledge that we 
have these problems and to think that we can fix them.
    Ms. Norton. Will the CIO help that?
    Mr. Powner. The CIO should help with that, and I think 
sometimes not just terminating or canceling, but sometimes we 
can descope and have course correction on them. That's where 
these TechStat meetings with the right governance models can 
really help. And so we saw it right after the dashboard went 
live with OMB's meetings. It was a successful time correcting a 
lot of these troubled projects.
    Ms. Norton. I can't help but ask you when we just had this 
$4-, I don't know, million-dollar employee breach at the OPM. 
We've had one of those you list, it's a little less costly, was 
the retirement system, and that's been one of the OPM 
retirement system, that's been one that's been before this 
committee over and over again as a failure.
    To what do you ascribe what happened to the OPM?
    Mr. Powner. With the retirement systems, I looked at that 
years ago.
    Ms. Norton. The retirement system and the collapse reported 
last----
    Mr. Powner. There has been multiple starts and stops on 
that retirement system at OPM. I think we try to do too much. 
Why don't you start with the really simple retirement, a very 
simple employee, you know, stay at one agency and you start 
small and you deliver. I know when Mr. Spires was at IRS, he 
finally did process tax returns on a modern platform. You know 
what he did? He took a 1040EZ and did it. He went small and 
simple, and then they grew it, and everyone at IRS said, look, 
wow, we're now processing on a modern platform. No one really 
cared it was only a 1040EZ.
    We tried to do everything with the retirement system 
replacement. Again, going small really would help. I don't want 
to simplify this too much, but that would be a huge step in the 
right direction.
    Ms. Norton. Yeah we should do pilots on a lot of things. 
Why not on this? Thank you very much, Mr. Chairman.
    Mr. Hurd. Actually, I want to pick up on that topic. I 
recognize myself for 5 minutes, and maybe, Ms. Rung or Mr. 
Scott, this is appropriately directed to you.
    How do we hold people accountable for this stuff, right? 
You know, when people that are consistently on this high risk 
report, right, you know, when we had a conversation, a hearing 
on this topic earlier this year, I asked Gene Dodaro had 
anybody ever been fired for cost overrun and time overrun? And 
he said he couldn't remember that.
    And so, you know, the question is, is it the procurement 
officers, is it the line management officers? You know, on IT 
projects, does FITARA give the CIO enough power and authority 
in order to bring to bear some real consequences if these type 
of projects continue to go? And Mr. Scott, I'll open that one 
to you.
    Mr. Scott. Well, I think it does, and I think--but let me 
answer the question by leading up to it a little bit.
    Many of these projects, the failed ones that are, I think 
are notorious, you could sort of look at in the beginning and 
say what are the chances of this succeeding, and you could put 
a risk factor on that and you'd say, not high because it's too 
big, too complex, you know, not organized the right way, you 
know, there's a whole list of things that, you know, you could, 
you could probably criticize.
    And so I think that holding people accountable starts with 
what's the design, what's the intent of these things in the 
first place and making sure that there's good engagement across 
the agency leadership, including the CIO, where everybody 
looking at it says, ``I think we've got a chance of this 
succeeding because we've got the right approach, we've chunked 
it up into the right increments of deliverables and so on.''
    Mr. Hurd. But how do we, you know, I think it was you, Ms. 
Rung, that mentioned up front that it's the requirements 
process, so the problem with procurement now is we're asking, 
you know, describing the problem, and then sometimes in the 
procurement we are describing how the solution is supposed to 
be implemented and even including specific technologies, which 
is eliminating a lot of folks, you know, entrepreneurs, 
creativity, by also defining, you know, the solution to the 
problem.
    Ms. Rung. I think that's absolutely correct. I mean, my 
goal is to get to a point where we don't have to hold anyone 
accountable because the IT acquisition was a success, right. We 
want to fix and identify--identify and fix these issues way 
before we get to the point where we're calling for heads to 
roll.
    And you are indeed correct, that many of these problems 
start at the requirements phase. And I think it's quite 
literally training people in how to do these acquisitions in a 
much more agile way and how to write these acquisition 
requirements and providing that kind of hands-on assistance and 
getting to these acquisitions early.
    Mr. Hurd. Mr. Spires, question to you. Would could be the 
barriers of implementation with these lists with FITARA? Are 
there going to be CIOs across the agencies that actually don't 
want this authority because it's going to change the way they 
do things and they're going to actually have to do work now? 
How do you address, you know, a reticent person from, you know, 
actually having to do their job?
    Mr. Spires. I'm not going to put it all on the CIOs. I 
think what we face is cultural issues within many of these 
agencies. Many of these organizations, and I don't want to just 
pick only on the federated ones, but clearly the federated ones 
face this. They are used to a certain level of autonomy, and 
particularly in a lot of these programs. So you'll have major 
programs that have a lot of IT, but the mission people don't 
view them as, ``IT programs.''
    And that's been an issue because then you actually have 
situations where you're not using even close to best practice, 
you don't have the right kind of skill sets involved in 
oversighting these projects, and--I mean, we can bet what 
happens in those cases. So to me, what I like so much about 
FITARA and what I like about what OMB has done to date with the 
implementation guidance is this notion that, yes, we are going 
to empower the CIO, we are going to hold that individual 
accountable, and that individual within their organization is 
down the line going to have to make sure that these programs 
are set up for success.
    I've overseen a lot of programs, and I would echo what my 
colleagues just said from OMB, if you don't start right, you 
are almost doomed to failure. And I would much rather us start 
and say, oh, got to stop right away because we don't have the 
right people on board or we don't have the right acquisition 
strategy or the right procurement strategy. Let's get those 
things right out of the gate, then the success can happen. I've 
seen it time and time again.
    And to Mr. Powner's point, you've got to start small, have 
small wins, and then build off of that.
    Mr. Hurd. Thank you. Now, Mr. Connolly.
    Mr. Connolly. Thank you, Mr. Chairman. And again, welcome 
to our panel. The Project on Government Oversight, POGO, is a 
nonpartisan independent watchdog organization, and it noted 
last month the FITARA is, ``meant to strengthen the role of 
each agency CIO and executive responsible for all IT systems in 
the agency as well as to increase transparency in how IT funds 
are spent.'' However, the Department of Energy's 17 national 
laboratories would apparently prefer that this oversight and 
accountability requirement not apply to them.
    The 2016 Senate Energy and Water Development Appropriations 
bill actually includes an amendment that would exempt the 
energy department's national labs from key requirements of 
FITARA and the bill's predecessor, Clinger-Cohen.
    I wonder if you might comment on this whole issue of carve-
outs because I'm sure OMB has been getting some request for 
carve-outs. We have here, too. And my view is, gee, we haven't 
even learned how to walk yet. We are just getting to guidelines 
of implementation. It's awfully premature to be deciding we 
need to be carved out unless maybe you've got something you're 
worried about, but I'd be interested in your professional 
opinion, what about this situation with carve-outs?
    Ms. Rung. I'll start. So I appreciate the question. You 
know, we are certainly anxious to talk to the agencies if they 
have concerns and work with them to address their concerns. OMB 
has formally stated that they find the proposal to carve out 
the Department of Energy labs highly problematic. And it's our 
viewpoint that FITARA is a tremendous management tool for the 
agencies, and we are not keen on carving out the Department of 
Energy labs.
    Mr. Connolly. Mr. Powner, any view from GAO?
    Mr. Powner. Yeah, this is not the time to carve out. If you 
look at OMB's guidance, I think there's some flexibility in how 
you set this up when you have federated organizations, and the 
labs are quite federated. But when you look at, you know, what 
they're intending to do with that, that the CIO at DOE doesn't 
have the expertise, or FFRDC shouldn't be included, or R&D 
should not be included, if you step back and look at that, it 
probably should be included.
    R&D tied to IT should be under the CIO's authority, and 
when you really look at--we ought to let this bake awhile and 
not immediately start carving out.
    Mr. Connolly. Just to caution. What's happening is people 
wanting carve-outs are coming up here and seeking legislative 
redress before we've even implemented the bill that was just 
signed into law in December and giving ``chutzpah'' a whole new 
dimension of meaning.
    At any rate, I think it's worthy of your note and ours as 
well. We need to resist that temptation because I agree. It was 
designed to be a useful management tool that can save you money 
and make you more efficient. It's not an adversarial bill, and 
let's give it some time to marinate.
    CIOs, and I'll address this to you, Mr. Scott, and you, Mr. 
Spires, particularly, there are 250 people roughly, or when we 
wrote the bill 250 people with the title ``CIO'' spread out 
over 24 agencies. No private corporation would tolerate that. I 
don't care how big. When I go in my district and I meet with 
little and big companies, I kind of ask, you know, how many 
CIOs have you got, and they all look at me like, well, one. Not 
the Federal Government.
    So we didn't mandate by fiat you can only have one, but we 
tried to create incentives to infuse one person with authority 
and accountability and the flexibility in making decisions. I 
wonder, what is your take on that and how we ought to evolve, 
and Mr. Spires, you was one, and so I'd be interested 
particularly on your take on it.
    Mr. Scott. Well, I've actually worked in an organization 
that had multiple CIOs that was, you know, a fairly large 
enterprise. It wasn't 200, but you know, there was more than 
one, you know, in divisions and then corporate CIO and so on. 
And my response would be, I think you're on the right track. 
The important thing for us is to clearly define what the roles 
and responsibilities at the agency level are and then what the 
authorities are that they can delegate to others, and whether 
their title is CIO or chief bottle washer or whatever it 
happens to be, make sure where those accountabilities lie.
    Mr. Spires. Yeah, I certainly agree with Mr. Scott. And I 
would just add to that that I don't think it's necessarily bad, 
given how large some of these agencies are. I mean, like the 
one I was at, Homeland Security, it makes sense to have a 
federated model. You want an IT organization at a component 
level, as we call them, that really gets to understand the 
mission, needs, and understands that leadership team, and works 
closely with them. I think where we've gone awry, though, is 
that many of those components or bureaus at Treasury and the 
like, they view themselves as having to do it all. And what we 
need to do is move to a model where particularly when it comes 
to the commodity or infrastructure IT elements, where we can 
leverage by empower the Federal Government, we need to start do 
much more of that and to really start to reduce duplication.
    That's the other big point is we talk a lot about spending 
on legacy, but a lot of that is on systems, and when you start 
counting them up, and Mr. Powner here can comment on this, you 
know, we have way too many systems overall. And the way to 
start to reduce those is through good governance, through 
strong leadership at the agency level that's driving that 
simplification, which not only saves us a lot of money, I think 
it makes you run much more effectively, and it makes you 
actually a lot more secure, which is also a really key issue.
    Mr. Connolly. Thank you, Mr. Chairman.
    Mr. Hurd. Thank you. And I'd like to recognize my colleague 
from Iowa, Mr. Blum, for 5 minutes.
    Mr. Blum. Thank you, Mr. Chairman, appreciate it, and thank 
you very much to the panel for being here today and sharing 
your expertise and your insights with us.
    I have a question for Mr. Powner. Since 2010, the GAO has 
made 737 IT-related recommendations. As of January, only 23 
percent of those have been fully implemented. And I come from 
the private sector, and I am a career businessman. If this 
happened in my company, heads would roll. Can you tell me, A, 
what that number is today, and B, what, in your opinion, 
accounts for that delay?
    Mr. Powner. Yeah, I don't have an exact updated, slightly 
higher but not much, just a few percentages. You're absolutely 
right, so here's the challenge. When we make recommendations, 
we give agencies about 4 years that we follow up on a 4-year 
basis fairly aggressively to see if those recommendations are 
indeed implemented. Those 700-and-some recommendations do not 
include all of our information security, so that's just tied to 
IT management type things, so there's room for great 
improvement.
    One of the things we're doing--I know the Comptroller 
General Gene Dodaro, we've prioritized those recommendations by 
agency, and most of the priority recs do include several of 
these IT areas where there is 10 to 15 recommendations going to 
the heads of departments and agencies to really highlight the 
importance of implementing those recommendations going forward.
    So again, you're absolutely right. It's a great challenge. 
We're trying to do our best. At times, you know, some of the 
congressional oversight, you guys can help us with that, too, 
lean in on some of these agencies to be more focused on our 
recommendations. Hearings like this greatly help.
    Mr. Blum. I mean, I'm almost afraid to ask this, but are 
these not being implemented because we're understaffed or is it 
because the head of the agency doesn't view them as 
particularly important?
    Mr. Powner. I think it's a combination of things. I think 
sometimes there it's competing with priorities, no doubt, to be 
fair to some agencies, but also, too, I think there needs to be 
intense focus. Here's what happens. We go in and do a review, 
make recommendations. Many times you can go into that same 
agency 3 or 4 years later and we make the same recommendations 
all over again. And so that's where we just need, again, more 
aggressive followup, and it needs to be more of a priority at 
some of these agencies.
    Mr. Blum. Will FITARA help address these delays, in your 
opinion?
    Mr. Powner. We greatly hope so. So as an example, I'll tell 
you this. Data Center Consolidation is a great initiative, and 
we saved about $2 billion with Data Center Consolidation to 
date, but there's a lot of agencies that think they're done. We 
have $5.5 billion that we can continue to save, but we need 
focus on our recommendations. I highlighted six agencies in my 
oral statement that, frankly, they had a lot of consolidations 
with very little associated savings, and we highlighted that 
and made those recommendations, so we're going to continue to 
drive forward on those recs.
    Mr. Blum. Are there deadlines given like there would be in 
the private sector, given to resolve some of these 
recommendations that have been made, the 737? Do the department 
heads or agency heads give deadlines?
    Mr. Powner. Department heads and agencies are required 
within several months to get back to us on our recommendations 
after we write a report, and then, you know, typically, they 
are not implemented in that period of time, but again, then 
they are on the hook to report back to us on implementation. 
Again, we track them over a 4-year period. There are exceptions 
made typically by the comptroller general that he will extend 
that 4-year period for very important recs.
    Mr. Blum. Thank you. And my next question is to Mr. Scott, 
who was in the--or is in the private sector currently, I 
believe.
    Mr. Scott. Was.
    Mr. Blum. Was in the private sector. If you can just 
comment, Mr. Scott, briefly about the difference--is there a 
difference in finding qualified people for the private sector 
versus finding qualified people for the public sector?
    Mr. Scott. I would say there's probably two issues that I 
would talk about in that space. Yes, it is difficult both in 
the private sector and the public sector. The public sector has 
some additional hurdles associated with it, hiring authorities 
and so on that I know this committee and others have addressed 
over a period of time.
    Mr. Blum. Are any of those hurdles culture?
    Mr. Scott. I'm sure there are some. I've only been here 4 
months, so I'm not deeply steeped in the culture.
    Mr. Blum. I've only been here 4 months as well.
    Mr. Scott. Yeah, but I'm sure there are some of those as 
well. But I'll give you an example out of my private sector 
experience.
    We looked at hiring, and our ability to get the best 
talent, and one of the things that we discovered was not what 
we were paying, not what the job was or anything else, it was 
the speed with which we could get an offer in somebody's hands. 
And so quite often the person we wanted would have taken a job 
with us, but because we were slow, ended up taking a job 
somewhere else.
    And so one of the things I'm looking at are what are the 
things that we can do to be quicker at, you know, getting a job 
offer in the hands of the person that we want.
    Mr. Blum. Very good. Thank you. I'm out of time. Thank you, 
Mr. Chairman.
    Mr. Hurd. Thank you. And now it's a pleasure to recognize 
for 5 minutes my fellow computer scientist and colleague from 
the golden state, Mr. Lieu.
    Mr. Lieu. Thank you, Chairman Hurd, thank you for calling 
this important hearing. Thank you, Representative Connolly, for 
your work on FITARA, and to the panel, for your public service. 
Forty-five years ago we sent a man to the moon and brought him 
back, so it's not as if our government can't contract with very 
complicated systems, but we also didn't launch. It was only 80 
percent ready, right? We knew that thing was going to work. And 
it seems to me that, for whatever reason, in the public sector, 
I've noticed that the public sector will launch products they 
know are not ready.
    So the Affordable Care Act was a disaster at rollout, and 
people--there were people that knew it was not ready and it 
launched, and it's working well now and testing makes a huge 
difference. They just had to test on more people, figure out 
the bugs. I'm sure Chairman Hurd and I would agree that we've 
never seen a computer program work the first time.
    And it's not limited to the Federal Government. In Los 
Angeles County, LA Unified School District had a program that 
was just going to track students, figure out their classes, and 
where you're going to go, and they knew it wasn't ready because 
the papers reported it wasn't ready, and they launched anyway. 
It's one reason the superintendent resigned.
    And you see this happening, and I'm just curious, from your 
view, why is it that that happens? Because in the private 
sector, if Microsoft is about to launch a product and it's not 
ready, they don't launch. They push it back. They do more 
testing. They make sure when they launch it to the consumers, 
it doesn't crash the first time you use it. So I'm just 
curious, is it that CIOs are not trained adequately to know the 
thing doesn't work or is it the agency heads overriding them, 
or the CIO is not telling the agency head this thing isn't 
working? What is causing these launches of products that don't 
work the first time?
    Mr. Spires. Mr. Lieu, I will comment, having not been part 
of the Affordable Care Act launch but having worked at a couple 
of different agencies and seen the dynamics at times within 
government agencies that FITARA, really I believe, should 
address.
    And I call it a breakdown in governance, okay, where you 
end up in a situation where the people that actually understand 
what it takes to launch these systems no longer have a say in 
what actually is launched, when it's launched, how it's 
launched. And I hate to say it, but I have seen this happen a 
couple of times in government. And we need to make sure--and 
that's one of the paramount things about FITARA, is to empower 
the agency CIO.
    Now, you better have a competent agency CIO, right, but the 
agency CIO that understands IT management that says, what, 
we're not even--we're rushing this thing through testing to try 
to get it launched? We know that's going to fail, right. These 
are some basic things if you build IT systems you learn. Most 
of us have learned the hard way, I'm afraid.
    But these are things that you learn over time, and we need 
to make sure that that governance model is in place. It doesn't 
mean that the CIO has the ultimate say in everything, and 
that's the pushback you get, but that individual has a key seat 
at the table so when those discussions are happening, that 
individual says 80 percent chance this is going to fail if we 
do this. We have to find a different way. Those discussions 
have to happen.
    Mr. Lieu. Under FITARA, if the CIO believes that this 
system is not ready to go, can agencies still launch it?
    Mr. Scott. Well, our guidance is that in the agencies, they 
do the TechStats, and they're to do monthly reports. So if a 
project is read for 3 months in a row, there's a mandatory 
TechStat review, OMB is invited to that, and we'd certainly 
have a discussion at that point about whether the program was 
on track and ready to launch.
    So I think that, you know, regular review is one of the 
steps that you would look at. But I also--I actually worked at 
Microsoft for about 5.5 years and saw success and failure in 
big IT projects and so on, and the phenomena that Mr. Spires 
talked about is exactly the problem. There's not the level of 
transparency. You get an attitude that you're too big to fail, 
that you just have to go ahead. The information that needs to 
get to leadership to make the right decision doesn't get there, 
and people, you know, jump off the cliff and then and only then 
discover that there's a big problem.
    So I do think that FITARA helps us with visibility and 
transparency at a much more granular level that should help us 
avoid some of these.
    Mr. Lieu. Thank you, and I yield back.
    Mr. Hurd. Thank you, and I would like to thank the 
panelists. And I have a quick question to each one of you all, 
same question. Mr. Scott, I would like you to start off. What 
does successful implementation of FITARA look like?
    Mr. Scott. I think I mentioned earlier. To me, it's faster 
delivery. It's really speed. It's efficiency of our spend. It's 
projects that are on time and on budget and meeting the mission 
that they were designed for. They're secure, and that we have a 
modern infrastructure that those things run on. And if we did 
those things, I think we would declare this a success.
    Mr. Hurd. Ms. Rung.
    Ms. Rung. Congressman, while I appreciate all the kind 
words about the guidance, I know that the hard work begins 
today. And in addition to everything that Tony just 
articulated, for me, success is IT acquisitions comes off the 
high risk list.
    Mr. Hurd. Mr. Spires.
    Mr. Spires. I would certainly echo those sentiments. I 
would add to it. The CIOs in IT organizations in the Federal 
Government aren't there but to do anything else but to help 
ensure that the mission and the business of government is done 
in the agency that in which they live, right.
    So what I would add to that is, I would like to see a set 
of success criteria beyond what was just discussed that also 
talks about how it is that the IT organization is going to 
partner with the mission in order to figure out effectiveness 
measures so that 3 years to 5 years from now, that agency is 
operating more effectively than it is today through the use of 
information technology or enhanced by information technology,
    Mr. Hurd. Mr. Powner.
    Mr. Powner. So before I talk about acquisition, I'd talk to 
about operations because I think success starts with moving, 
and in my testimony, we have that breakdown on how much we have 
spend on legacy systems versus new development. There's a lot 
of savings on Data Center Consolidation and PortfolioStat, 
that's two of the seven provisions in FITARA.
    The first thing we need to do is we need to get out of this 
inefficient spend on legacy and find a way to move that money 
into the modernization bucket, and then success in the 
modernization bucket is quicker delivery. We talked a lot about 
processes, and those processes will help us get there, but if 
we don't move money from these old archaic systems to new 
technologies, we're not going to be successful. And if we don't 
ultimately deliver the new technologies quicker, that's not 
success.
    Mr. Hurd. Excellent. Thank you. I'd like to yield to Mr. 
Connolly.
    Mr. Connolly. Thank you. Mr. Chairman, that was a great 
question, and if I were to answer it, I'd say certainly two 
things. One is we can identify billions of savings that 
currently are inefficiently used. That's a definite metric on 
whether it's working or not. And secondly, can we get to a 
culture whereby we don't treat technology as a commodity to be 
purchased and managed, we see it rather as a transformative 
process that can completely reshape how we provide services and 
manage those services for the citizens we serve.
    Mr. Chairman, I just want to, on a personal note, in 
addition to thanking these panelists who have really been 
partners in the enterprise here, I want to thank two staff 
members who shepherded this legislation through two congresses 
with two very different Members of Congress coming together, 
nonetheless, and finding common ground, working with our Senate 
colleagues with which--a change over there that was not easy, 
and that's Rich Beutel, who is in the audience today. Thank 
you, Rich. And he worked on the majority staff and worked in a 
very bipartisan way, under not always easy circumstances. That 
deserves a lot of credit.
    And Ben Rodeside behind me in my staff who partnered with 
Rich also in a bipartisan manner, and there was no trial or 
tribulation too difficult for them, and they approached us with 
a wonderful creative spirit, and I am in their debt.
    Mr. Hurd. And as we continue to conduct oversight over the 
implementation of FITARA and IT acquisition reform, one of the 
things that the IT and the government ops subcommittees plan on 
doing is issuing regular scorecards and implement a grading 
system for compliance based on the rules and regulations of 
FITARA.
    I look forward to working with Ranking Member Kelly, Vice 
Chair Farenthold, Chairman Meadows, Representative Connolly, 
and members of the subcommittee on this issue. And I would like 
to thank our witnesses for taking the time to appear before us 
today. And if there's no further business, without objection, 
this subcommittees stands adjourned.
    [Whereupon, at 4:10 p.m., the subcommittees were 
adjourned.]


                                APPENDIX

                              ----------                              


               Material Submitted for the Hearing Record


[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]

                                 [all]