[House Hearing, 108 Congress]
[From the U.S. Government Publishing Office]
WHERE'S THE CIO? THE ROLE, RESPONSIBILITY AND CHALLENGE FOR FEDERAL
CHIEF INFORMATION OFFICERS IN IT INVESTMENT OVERSIGHT AND INFORMATION
MANAGEMENT
=======================================================================
HEARING
before the
SUBCOMMITTEE ON TECHNOLOGY, INFORMATION
POLICY, INTERGOVERNMENTAL RELATIONS AND
THE CENSUS
of the
COMMITTEE ON
GOVERNMENT REFORM
HOUSE OF REPRESENTATIVES
ONE HUNDRED EIGHTH CONGRESS
SECOND SESSION
__________
JULY 21, 2004
__________
Serial No. 108-260
__________
Printed for the use of the Committee on Government Reform
Available via the World Wide Web: http://www.gpo.gov/congress/house
http://www.house.gov/reform
U.S. GOVERNMENT PRINTING OFFICE
98-209 WASHINGTON : 2005
_________________________________________________________________
For sale by the Superintendent of Documents, U.S. Government Printing
Office Internet: bookstore.gpo.gov Phone: toll free (866)512-1800;
DC area (202) 512-1800 Fax: (202) 512-2250 Mail: Stop SSOP,
Washington, DC 20402-0001
COMMITTEE ON GOVERNMENT REFORM
TOM DAVIS, Virginia, Chairman
DAN BURTON, Indiana HENRY A. WAXMAN, California
CHRISTOPHER SHAYS, Connecticut TOM LANTOS, California
ILEANA ROS-LEHTINEN, Florida MAJOR R. OWENS, New York
JOHN M. McHUGH, New York EDOLPHUS TOWNS, New York
JOHN L. MICA, Florida PAUL E. KANJORSKI, Pennsylvania
MARK E. SOUDER, Indiana CAROLYN B. MALONEY, New York
STEVEN C. LaTOURETTE, Ohio ELIJAH E. CUMMINGS, Maryland
DOUG OSE, California DENNIS J. KUCINICH, Ohio
RON LEWIS, Kentucky DANNY K. DAVIS, Illinois
JO ANN DAVIS, Virginia JOHN F. TIERNEY, Massachusetts
TODD RUSSELL PLATTS, Pennsylvania WM. LACY CLAY, Missouri
CHRIS CANNON, Utah DIANE E. WATSON, California
ADAM H. PUTNAM, Florida STEPHEN F. LYNCH, Massachusetts
EDWARD L. SCHROCK, Virginia CHRIS VAN HOLLEN, Maryland
JOHN J. DUNCAN, Jr., Tennessee LINDA T. SANCHEZ, California
NATHAN DEAL, Georgia C.A. ``DUTCH'' RUPPERSBERGER,
CANDICE S. MILLER, Michigan Maryland
TIM MURPHY, Pennsylvania ELEANOR HOLMES NORTON, District of
MICHAEL R. TURNER, Ohio Columbia
JOHN R. CARTER, Texas JIM COOPER, Tennessee
MARSHA BLACKBURN, Tennessee BETTY McCOLLUM, Minnesota
PATRICK J. TIBERI, Ohio ------
KATHERINE HARRIS, Florida BERNARD SANDERS, Vermont
(Independent)
Melissa Wojciak, Staff Director
David Marin, Deputy Staff Director/Communications Director
Rob Borden, Parliamentarian
Teresa Austin, Chief Clerk
Phil Barnett, Minority Chief of Staff/Chief Counsel
Subcommittee on Technology, Information Policy, Intergovernmental
Relations and the Census
ADAM H. PUTNAM, Florida, Chairman
CANDICE S. MILLER, Michigan WM. LACY CLAY, Missouri
DOUG OSE, California STEPHEN F. LYNCH, Massachusetts
TIM MURPHY, Pennsylvania BETTY McCOLLUM, Minnesota
MICHAEL R. TURNER, Ohio
Ex Officio
TOM DAVIS, Virginia HENRY A. WAXMAN, California
Bob Dix, Staff Director
Dan Daily, Professional Staff Member/Deputy Counsel
Juliana French, Clerk
Adam Bordes, Minority Professional Staff Member
C O N T E N T S
----------
Page
Hearing held on July 21, 2004.................................... 1
Statement of:
Brubaker, Paul, executive vice president and chief marketing
officer, IS International; James Flyzik, partner, Guerra,
Kiviat, Flyzik & Associates; and Debra Stouffer, vice
president of strategic consulting services, Digitalnet..... 49
Johnson, Clay, III, Deputy Director for Management, Office of
Management and Budget; Karen Evans, Administrator, Office
of E-Government and Information Technology, Office of
Management and Budget; and David Powner, Director,
Information Technology Management Issues, U.S. Government
Accountability Office...................................... 8
Nelson, Kimberly, Assistant Administrator of Environmental
Information and Chief Information Officer, Environmental
Protection Agency; Steven Cooper, Chief Information
Officer, Department of Homeland Security; Vance Hitch,
Deputy Assistant Attorney General, Information Resources
Management and Chief Information Officer, U.S. Department
of Justice; and Ira Hobbs, Deputy Assistant Secretary for
Information Systems and Chief Information Officer,
Department of the Treasury................................. 77
Letters, statements, etc., submitted for the record by:
Brubaker, Paul, executive vice president and chief marketing
officer, IS International, prepared statement of........... 51
Clay, Hon. Wm. Lacy, a Representative in Congress from the
State of Missouri, prepared statement of................... 6
Cooper, Steven, Chief Information Officer, Department of
Homeland Security, prepared statement of................... 90
Evans, Karen, Administrator, Office of E-Government and
Information Technology, Office of Management and Budget,
prepared statement of...................................... 14
Flyzik, James, partner, Guerra, Kiviat, Flyzik & Associates,
prepared statement of...................................... 62
Hitch, Vance, Deputy Assistant Attorney General, Information
Resources Management and Chief Information Officer, U.S.
Department of Justice, prepared statement of............... 97
Hobbs, Ira, Deputy Assistant Secretary for Information
Systems and Chief Information Officer, Department of the
Treasury, prepared statement of............................ 104
Johnson, Clay, III, Deputy Director for Management, Office of
Management and Budget, prepared statement of............... 10
Nelson, Kimberly, Assistant Administrator of Environmental
Information and Chief Information Officer, Environmental
Protection Agency, prepared statement of................... 80
Powner, David, Director, Information Technology Management
Issues, U.S. Government Accountability Office, prepared
statement of............................................... 24
Putnam, Hon. Adam H., a Representative in Congress from the
State of Florida, prepared statement of.................... 3
Stouffer, Debra, vice president of strategic consulting
services, Digitalnet, prepared statement of................ 67
WHERE'S THE CIO? THE ROLE, RESPONSIBILITY AND CHALLENGE FOR FEDERAL
CHIEF INFORMATION OFFICERS IN IT INVESTMENT OVERSIGHT AND INFORMATION
MANAGEMENT
----------
WEDNESDAY, JULY 21, 2004
House of Representatives,
Subcommittee on Technology, Information Policy,
Intergovernmental Relations and the Census,
Committee on Government Reform,
Washington, DC.
The subcommittee met, pursuant to notice, at 2:40 p.m., in
room 2154, Rayburn House Office Building, Hon. Adam Putnam
(chairman of the subcommittee) presiding.
Present: Representatives Putnam, Miller, Murphy, Ose,
Turner, Clay, and Lynch.
Staff present: John Hambel, senior counsel; Dan Daly and
Shannon Weinberg, professional staff members/deputy counsels;
Juliana French, clerk; Felipe Colon, fellow; Jamie Harper,
legislative assistant; Colin Samples and Sean Hardgrove,
interns; Adam Bordes, minority professional staff member; and
Jean Gosa, minority assistant clerk.
Mr. Putnam. A quorum being present, this hearing of the
Subcommittee on Technology, Information Policy,
Intergovernmental Relations and the Census will come to order.
Good afternoon and welcome to the subcommittee's hearing on
``The Role, Responsibility and Challenge for Federal Chief
Information Officers and IT Investment Oversight and
Information Management.''
In 1996, Congress passed the landmark Clinger-Cohen Act,
bringing fundamental changes to the way the Federal Government
manages information technology. One of the most important parts
of the act was the establishment of the Chief Information
Officer as the position that leads agency efforts to manage IT.
Now, 8 years after the passage of Clinger-Cohen, we must
ask: Where is the CIO? Who do they report to? What authority do
they have? And why is the turnover for the position so high?
As many know, this subcommittee releases a report card on
each agency's implementation of the Federal Information
Security Management Act. On the last report card, the average
grade was a D. Additionally, the scores for implementing e-
government under the President's management agenda, although
improving, are not terribly encouraging.
The subcommittee has held several hearings throughout this
Congress examining the CIO's responsibilities, including
managing IT investment, developing agency-wide enterprise
architectures, and implementing sound information security
practices. Throughout these hearings, I have learned that CIOs
in the Federal Government are facing significant uphill
challenges in meeting their responsibilities.
To better understand these problems, I asked the Government
Accountability Office to examine the role of the CIO in Federal
agencies. As we will hear today, some of the findings, and the
questions they raise, are intriguing. For example:
The average tenure for a Federal CIO is only 23 months, yet
experts say that a CIO needs 3 to 5 years on the job to be
effective. CIOs often do not have control over all IT
investment in an agency.
Major bureaus may buy IT systems without going through the
CIO, making capital planning and effective IT management all
the more difficult.
CIOs juggle many responsibilities and often face internal
push back as they try to institute reforms at their agencies.
CIOs have 13 major areas of responsibilities, from IT
investment management to e-government to privacy. And with time
and new laws, the role is sure to expand.
Finally, Clinger-Cohen requires that CIOs at the largest
department and agencies report directly to the agency head, but
this is not always the case.
In an increasingly networked world, the Government has
become more dependent on information technology to deliver its
services. Federal agencies cannot operate efficiently without
solid leadership from a CIO that is supported by the top
officials in the agency.
I look forward to hearing from our panels of experts on
this topic, including the administration's leadership in
information technology, as well as former and current CIOs, to
see what this subcommittee and this Congress can do to improve
the situation.
I welcome all the witnesses.
[The prepared statement of Hon. Adam H. Putnam follows:]
[GRAPHIC] [TIFF OMITTED] 98209.001
[GRAPHIC] [TIFF OMITTED] 98209.002
Mr. Putnam. As is the case with all of our hearings, it is
being Webcast and can be viewed by going to reform.house.gov
and clicking on multimedia.
I would like to recognize the distinguished Member from
Missouri, the gentleman, Mr. Clay, for any opening remarks that
he may wish to have.
Thank you.
Mr. Clay. Thank you, Mr. Chairman, and I thank the
witnesses for taking their time to be with us today.
I consider today's hearing an opportunity to extend the
dialog our subcommittee established in March, when several of
today's witnesses testified about the strengths and weaknesses
of IT oversight within the CIO community. Since the Federal
Government will spend approximately $60 billion on IT in fiscal
year 2004, we must strive to utilize the best practices for
implementation and oversight of our Government's investments.
According to GAO's testimony, the CIO community is facing
challenges due to limited resources, a strained IT work force,
and the inconsistent delegation of IT management duties among
non-CIO personnel. Further, the lack of tenure among CIOs is
hindering agencies from achieving their long-term IT management
goals and objectives. Such factors tell us why agencies rarely
meet their full potential with regard to strategic planning, IT
investment management, and work force training and development.
At the heart of the matter are two issues. First, with an
average CIO tenure of 23 months, we must promote mechanisms to
ensure that long-term strategic planning and implementation
does not cease due to limited tenures among those who serve.
Second, I believe we ought to examine the issue of statutorily
authorized CIO responsibilities that are being delegated to
non-CIO personnel. Perhaps these problems stem from the lack of
tenure among CIOs, human capital deficiencies, or inadequate
agency planning. Nevertheless, it is our responsibility to
identify the root cause of these problems and seek out
appropriate remedies.
Thank you, Mr. Chairman, and I ask unanimous consent that
the full text of my remarks be included in the record.
Mr. Putnam. Without objection.
[The prepared statement of Hon. Wm. Lacy Clay follows:]
[GRAPHIC] [TIFF OMITTED] 98209.003
[GRAPHIC] [TIFF OMITTED] 98209.004
Mr. Putnam. With that, I would ask the first panel and
anyone accompanying you who will be answering your questions to
please rise for the administration of the oath.
[Witnesses sworn.]
Mr. Putnam. Note for the record that all the witnesses
responded in the affirmative, and we will move directly into
testimony.
Our first witness is Mr. Clay Johnson. We are very
appreciative of the time that he has made to be before this
subcommittee. Mr. Johnson is Deputy Director for Management at
the Office of Management and Budget, where he provides
governmentwide leadership to executive branch agencies to
improve agency and program performance. Before that he was
Assistant to the President for Personnel, responsible for the
organization that identifies and recruits 4,000 Government
officials. He received his undergraduate degree from Yale and a
master's from MIT's Sloane School of Management.
Welcome to the subcommittee, and we look forward to your
testimony. You are recognized.
STATEMENTS OF CLAY JOHNSON III, DEPUTY DIRECTOR FOR MANAGEMENT,
OFFICE OF MANAGEMENT AND BUDGET; KAREN EVANS, ADMINISTRATOR,
OFFICE OF E-GOVERNMENT AND INFORMATION TECHNOLOGY, OFFICE OF
MANAGEMENT AND BUDGET; AND DAVID POWNER, DIRECTOR, INFORMATION
TECHNOLOGY MANAGEMENT ISSUES, U.S. GOVERNMENT ACCOUNTABILITY
OFFICE
Mr. Johnson. Mr. Chairman, Ranking Member Clay, thank you
for having me here today. I bet that I am going to refer you to
Karen Evans for a lot of your questions, but let me give you my
general comments and a general view of IT and e-government in
the CIO world.
As you mentioned, Ranking Member Clay, we spend almost $60
billion a year on IT, more than anybody else in the world. We
ought to be nearly the best at it, and we are not, and we share
that goal. We need to figure out what we need to do to make
sure that we are the best at IT since this is a goal we share.
Something that the Federal Government does a lot of is
sending information to people and receiving information from
people; we send them money, they send us money. A lot of
information and money changes hands. We take large amounts of
information and we try to make sense of it for intelligence
purposes; we take a lot of information and put it in the hands
of Federal managers so that they can manage programs and costs
more effectively. We move a lot of information around, and it
costs us $60 billion a year to do that.
The CIO is the person in the agency who is responsible for
making sure that money is being spent most intelligently, and
that the IT operations are producing the functionality that we
intended when you all authorized and appropriated the money
consequently, the CIO is extremely important.
Relative to a couple of questions that have been asked and
suggested here, I personally do not believe that the CIO needs
to report to the Secretary of the department. The CIO needs to
work for somebody who can help him or her be successful, and
that is typically not the Secretary. The CIO is plenty
important in an organization without having to report to the
Secretary. I think the CIO ought to report to the senior
management person in an organization. At Homeland Security, for
instance, that is Under Secretary for Management, Janet Hale,
who works most closely with Jim Loy. In a lot of agencies, it
is the Deputy Secretary. To me, working for the Secretary is
not the issue; it is working with somebody who is most involved
in how the department is managed.
And I think in terms of the primary responsibility that a
CIO has, that the CIO in an organization does a whole lot. I
think the CIO's primary responsibility is to make sure that it
is very, very, very clear what a new IT project or an old IT
project is supposed to accomplish and what the desired
functionality is. Usually, is the bigger the project, the more
disastrous it is or the more telling it is. Oftentimes, we will
get in the middle of the development of new IT projects, and it
is not clear what it is we are trying to accomplish, and then
the problems begin. And the CIO, in my mind, is the regulator,
the person at the agency that can assure that does not happen.
Additionally, the CIO ensures that the program managers cannot
spend IT funds unless the disciplines are in place, and it is
really clear what we are supposed to be accomplishing, at what
cost, for whom, and by when. And that is the primary role, in
my opinion, from a 20,000 foot view, for a CIO. There are other
responsibilities as well, but I think our discussion here
should be what does the CIO need to have to make sure he or she
can perform that role most effectively.
[The prepared statement of Mr. Johnson follows:]
[GRAPHIC] [TIFF OMITTED] 98209.005
[GRAPHIC] [TIFF OMITTED] 98209.006
Mr. Putnam. Thank you, Mr. Johnson.
Our next witness, our most frequent witness, is Ms. Karen
Evans. Ms. Evans was appointed by President Bush to be the
Administrator of the Office of Electronic Government and
Information Technology at the Office of Management and Budget.
Ms. Evans is a 20-year veteran of the Federal Government.
Before joining OMB, she was Chief Information Officer at the
Department of Energy and served as vice chairman of the CIO
Council. Previously, she served at the Department of Justice as
Assistant and Division Director for Information System
Management.
Welcome again. You are recognized.
Ms. Evans. Good afternoon, Mr. Chairman and Ranking Member
Clay. Thank you for inviting me to speak about the critical
role that chief information officers play in driving increased
agency performance, achieving results, and serving our
citizens.
In fiscal year 2005, the Federal Government will spend $60
billion on information technology. This afternoon I will
outline the vision, strategy, and tools the Office of
Management and Budget and the Federal CIO Council have
developed to enable CIOs to be more successful.
Eight years ago Congress passed the Clinger-Cohen Act,
creating the position of CIO and elevating them to senior
management rank. Throughout the last 8 years, but especially
under the focused attention of the President's management
agenda and as a result of the E-Government Act of 2002, CIOs
have taken on new and expansive responsibilities.
To be most effective, the CIO should work most with and be
responsible to the department's top management person, which in
most cases, as previously stated, is the deputy secretary.
Without a high performing and capable CIO, an agency will not
be able to fully achieve the goals of the President, Congress,
and the American people.
As for my role, the OMB's Office of E-Government and
Information Technology is statutorily responsible for managing
Federal Government information technology and policy.
Throughout the past few years, we have implemented a series
of tools to support Federal CIOs.
First, we are empowering CIOs to drive business and
technology change through the President's management agenda
scorecard. Supported by their secretary and deputy secretary,
agency CIOs use the scorecard to manage agency performance.
Second, we are driving accountability and responsibility to
agency bureaus and program offices by requiring agencies to
score and remediate their exhibit 300 IT business cases before
submission to OMB. Also, we are requiring a closer alignment
between the 300's and the Program Assessment Rating Tool, or
the PART, to assist the CIO in ensuring that IT investments
enhance and compliment the overall objective of a particular
program.
Third, we are positioning CIOs to play a key part in the
long-term success of their agency through our investment in
enterprise architecture. Developing their enterprise
architecture, CIOs identify IT investments and develop a
blueprint for the future, including detailed transition plans.
Enterprise architecture, supported by budget and related data,
is bringing greater rigor and stronger decisionmaking to
information resource management.
Fourth, we are enabling CIOs to provide leadership for IT
investment performance by setting cost, schedule and
performance requirements. Agencies are required to use the same
standard used in industry. This will result in tighter
management and increased investment responsibility by the
immediate IT project manager and CIO.
Fifth, we are providing CIOs with the ability to realize
considerable cost savings for their agencies through
acquisition activities such as the SmartBuy program. This
allows dollars to be invested in providing better services and
stronger results for core mission responsibilities.
In addition to OMB, the Federal CIO Council plays a
critical role in supporting CIOs in fulfilling their obligation
to serve their fellow Americans, identify new governmentwide
solutions, and ensure their agency strategic goals are
achieved. The Council is successful because it exemplifies a
critical e-government principle: encouraging cooperation and
sharing of ideas and resources.
The Council is led by OMB Deputy Director for Management,
directed by myself, and vice-chaired by Dan Matthews, the CIO
at the Department of Transportation. The Council membership
consists of agency CIOs who chair committees focused on
critical issues before the Federal IT community. In
consultation with OMB, these committees are developing the
tools to assist their fellow CIOs and agency IT employees,
including the CIO strategic plan and the most recent
recommendations on IT work force project management
qualifications.
While the necessary tools are in place, the road ahead for
Federal CIOs is not without its challenges. To realize the
vision of the President's management agenda and the E-
Government Act of 2002, CIOs must provide leadership to achieve
their e-government migration milestones. In this, cross-agency
collaboration is critical, both within an agency and across
agencies. We need to continue to work in partnership with
Congress, industry, and State and local governments.
In conclusion, the administration will continue to work
with agency heads, CIOs, and the CIO Council to empower CIOs to
achieve results and transform our Federal Government into a
more citizen service organization.
We look forward to continued work with the committee on
this matter, and I would be pleased to take questions at the
appropriate time.
[The prepared statement of Ms. Evans follows:]
[GRAPHIC] [TIFF OMITTED] 98209.007
[GRAPHIC] [TIFF OMITTED] 98209.008
[GRAPHIC] [TIFF OMITTED] 98209.009
[GRAPHIC] [TIFF OMITTED] 98209.010
[GRAPHIC] [TIFF OMITTED] 98209.011
[GRAPHIC] [TIFF OMITTED] 98209.012
[GRAPHIC] [TIFF OMITTED] 98209.013
[GRAPHIC] [TIFF OMITTED] 98209.014
Mr. Putnam. Thank you, Ms. Evans.
Our third witness for this panel is David Powner. Dave
Powner is responsible for a large segment of GAO's information
technology work, including systems development and IT
investment management reviews. He has over 15 years of public
and private information technology-related experience. In the
private sector, he had several positions with Quest
Communications, including director of internal audits,
responsible for information technology and financial audits,
and director of information technology, responsible for Quest
digital subscriber lines software development efforts.
He has an undergraduate degree from the University of
Denver and a graduate's degree from Harvard.
Welcome to the subcommittee. You are recognized for 5
minutes.
Mr. Powner. Thank you, Mr. Chairman, Ranking Member Clay.
We appreciate the opportunity to testify on the report we are
releasing today on Federal CIOs. We have long been proponents
of having strong agency CIOs to lead technology solutions that
improve program performance.
Eight years ago the Clinger-Cohen Act first required agency
heads to designate CIOs. Effective CIOs can make significant
differences in building the capabilities needed to implement
improvements in the management of the billions spent annually
on IT.
This afternoon I will discuss CIO responsibilities and
reporting relationships, tenure, and major challenges. I will
also discuss actions to address our findings.
First, CIO responsibilities and reporting relationships. As
this chart to your left, Mr. Chairman, illustrates, the 27
major departments and agency CIOs are generally responsible for
most of the 13 key areas required by statute on critical to
effective information and technology management. Not
surprising, all 27 CIOs reported that they are responsible for
areas such as capital planning and investment management,
enterprise architecture, and information security.
However, not all CIOs are responsible for each of the areas
called for in law, and views were mixed as to whether it is
important for CIOs to have responsibilities for each of these
areas. A significant number of CIOs who do not hold these
responsibilities believe that it did not present a problem
because other organizational units were appropriately assigned
these duties. A few former CIOs told us that some of these
areas were distractions from CIOs' primary responsibilities.
Regarding reporting relationships, 19 of the 27 CIOs told
us that they report to the agency head as required by law.
Consistent with Mr. Johnson's comments, views were mixed as to
whether it is important for the CIO to report to the agency
head. Some stated that a direct reporting relationship was
crucial, especially when influencing budgets and policy
decisions. Others stated that organizational placement was not
as important as credibility and relationships with other key
executives.
Next, regarding CIO tenure since Clinger-Cohen was enacted.
The median tenure of agencies' permanent CIOs is just less than
2 years, or 23 months. Career CIOs, on average, stayed longer
than political appointees. Nevertheless, in either case CIOs
are staying less than the 3 to 5 years that was most commonly
cited by both current and former CIOs as the time needed for a
CIO to be effective.
Since 1996, only about a third of the permanent CIOs who
had completed their time in office stayed 3 years or more.
Among reasons cited for high turnover were the political
environment, pay differentials with the private sector, and the
significant challenges CIOs face. Too short a tenure can reduce
the CIO's effectiveness and ability to address the major
challenges cited. These challenges included implementing
effective IT governance practices, obtaining sufficient and
relevant resources, and communicating and collaborating within
the agency and with external partners.
Congress and agencies can take actions to address these
findings. With respect to Congress, hearings such as this, Mr.
Chairman, help to raise the issues and suggest solutions. To
further assist you in your oversight role, as requested, we are
beginning work on private sector CIO responsibilities and best
practices to complement the report we are releasing today.
Agencies too can take actions to address the high turnover
rate and challenges cited. Specifically, human capital
flexibilities such as recruiting bonuses, retention allowances,
and critical position pay authority may help to attract and
retain qualified candidates.
Regarding the major challenge of implementing effective
governance practices, GAO and others have issued guides to
assist agencies in institutionalizing sound governance such as
our IT investment management framework.
In summary, not all CIOs are responsible for the areas
called for in law, nor do they all report to the agency head.
In addition, most CIOs do not stay in office for the 3 to 5
years recommended. Given the many challenges facing CIOs,
having laws that focus on the most effective assignment of
responsibilities, flexibilities to lessen turnover, and
governance practices to effectively manage critical areas will
be essential.
This concludes my statement, Mr. Chairman. I would be
pleased to respond to any questions that you have at this time.
[The prepared statement of Mr. Powner follows:]
[GRAPHIC] [TIFF OMITTED] 98209.015
[GRAPHIC] [TIFF OMITTED] 98209.016
[GRAPHIC] [TIFF OMITTED] 98209.017
[GRAPHIC] [TIFF OMITTED] 98209.018
[GRAPHIC] [TIFF OMITTED] 98209.019
[GRAPHIC] [TIFF OMITTED] 98209.020
[GRAPHIC] [TIFF OMITTED] 98209.021
[GRAPHIC] [TIFF OMITTED] 98209.022
[GRAPHIC] [TIFF OMITTED] 98209.023
[GRAPHIC] [TIFF OMITTED] 98209.024
[GRAPHIC] [TIFF OMITTED] 98209.025
[GRAPHIC] [TIFF OMITTED] 98209.026
[GRAPHIC] [TIFF OMITTED] 98209.027
[GRAPHIC] [TIFF OMITTED] 98209.028
[GRAPHIC] [TIFF OMITTED] 98209.029
[GRAPHIC] [TIFF OMITTED] 98209.030
[GRAPHIC] [TIFF OMITTED] 98209.031
[GRAPHIC] [TIFF OMITTED] 98209.032
[GRAPHIC] [TIFF OMITTED] 98209.033
Mr. Putnam. Thank you very much.
I want to thank all of you for your opening remarks, and at
this time I will yield for the first round of questions to the
ranking member, the gentleman from Missouri.
Mr. Clay. Thank you, Mr. Chairman, and thank all the
panelists for being here today.
Mr. Johnson, GAO found that agency CIOs were unanimously
responsible for IT areas such as information security and IT
investment management, but were much less likely to be
responsible for areas such as information disclosure or
statistical policy, all of which they are statutorily
responsible for. Should the CIOs be responsible for each of
these 13 areas, and are OMB or the CIO Council planning to
respond to these findings?
Mr. Johnson. Ask Karen Evans after me, and you should pay
more attention to what she says than what I do. To answer your
question, if that is the law, then that is what they are
supposed to be doing, is one. I do think that 80+ percent of
the value of a CIO is in those top four, five, or six
categories. And when we have major problems in the IT arena, it
is because we have a $100 million project that is producing
nothing, or a $500 million project that is 2 years past due.
And that is where the bigger numbers are and bigger
opportunities to perform or fall behind.
But in terms of the CIO Council addressing those particular
things, I really don't know. If it was agreed to that is what
they are supposed to be doing, then that is what they are
supposed to be doing.
Mr. Clay. Let me ask you, then, a followup. Whose
responsibility does it become to fulfill the CIO's role when
the position is vacant? And are there circumstances where the
bureaucracy is demonstrating better results in agencies where
the CIO position is vacant?
Mr. Johnson. When the position is vacant, the chief
operating officer of an agency, which may be the head of a
smaller agency or under secretary for management at larger
departments will fill the vacancies. If there is a vacancy in a
political position or a career position, the work is supposed
to be go on. Big IT development projects are supposed to
continue on budget and on schedule. We are supposed to be
running these agencies, and they are responsible for
designating somebody to serve in an acting capacity in the
absence of a CIO; and it might be the deputy CIO, it might be
somebody from the outside, it might be any number of different
people. But we are not supposed to stop spending $60 billion
wisely just because the CIO is missing. We hold the operating
head of the agency responsible for everything that goes on in
that agency, whether all his or her senior positions are filled
or not. The absence of people in those positions is not an
excuse.
Mr. Clay. OK, thank you for that response.
And I will ask you, too, Ms. Evans. Welcome today. What
about GAO's findings that the agency CIOs were responsible for
IT areas such as information security and investment
management, but much less likely to be responsible for areas
such as information disclosure?
Ms. Evans. In looking at those responsibilities--and I have
had the opportunity to be an operational CIO, as well as being
in component organizations, and I have had the opportunity to
work with statistical agencies. Statistical agency and policy
coordination is usually jointly developed in those agencies
where statistical agencies are present, because by law
statistical agencies have information requirements that are
levied on them, as well, as to how they need to protect that
information before it is released out to the public. And so
usually what will happen is those responsibilities will be
jointly done. The two that you specifically mentioned are
usually jointly done with the general counsel's office and the
CIO's office, because there is an information dissemination
piece where the CIO's policies and rules and procedures would
come in place, but there is also a programmatic piece
associated with the management of that information.
So I think those two areas really highlight the partnership
that is required that a CIO must have into multiple program
areas, because we don't necessarily have the expertise in all
the program areas, so we have to partner with the appropriate
expertise that we need. So there is a programmatic aspect to
the two pieces that you have brought up that we would generally
rely on general counsel advice as well as the statistical heads
of the agencies as designated by law.
Mr. Clay. OK, let me ask one last question. Do you believe
the requirement to have agency CIOs report directly to the
agency heads still make sense in today's environment?
Ms. Evans. I would like to think that the focus of this is
that IT is a strategic asset, and so the agency head, or the
chief operating officer in this particular case, views IT as a
strategic asset; therefore, the CIO would be involved in those.
Do I think it is necessary that they directly report to the
secretary? I don't think that is the case. I think that what is
important is the way that IT is managed within that agency, and
that it is viewed as a strategic asset and that the CIO manages
it that way with the appropriate staff.
Mr. Clay. Thank you for your response.
My time has expired.
Mr. Putnam. Mr. Johnson, thank you again for being with us.
If you would just step back and in your time you have had an
opportunity to evaluate this, see what is working, what is not
working. If we were to make modifications to the law governing
CIOs, what changes to the statute make the most sense for the
operational day-to-day activities of making the Government
work, holding it accountable, and running it efficiently?
Mr. Johnson. Well, I have a better sense of what we need to
make sure that all of this happens. If you are asking what of
the Clinger-Cohen currently allows or doesn't allow, I don't
know. But what I think the CIO needs to be able to do, and
needs to be charged to do is to define really clearly what any
dollars spent on IT is supposed to produce which is their most
important role as I mentioned earlier. And oftentimes program
managers say we need a new intelligence system or a new
financial management system, and people start spending large
sums of money before it is really clearly defined what it is
that we are trying to accomplish. The CIO is the person that
the head of the agency, Karen, all of you, and I should look to
when we have IT projects that run amok, that are not producing
defined goals with defined benefits at an acceptable cost, on
schedule. That is their primary responsibility, in my mind, and
they are the ones that we should hold accountable for that.
If they need extra authorities or extra tools to be able to
do that, then we should allow that. I don't know what Clinger-
Cohen allows now or not, but I do know that all too often we
are not a very good client; we don't develop most of these
systems ourselves, we hire other people to come in, we act as
their client, and we work with them. The fact that we allow
large, large sums of money to be spent on these projects that
are years behind or have not achieved the functionality we
expect, says that we are not as good a client and as good a
spender of these resources as we should be. To me, we have to
be a disciplined client and a disciplined spender. This means
we have to be rigorously inclined to define what it is we
consider success and what it is we are trying to accomplish: by
when, for whom, and at what cost. And that is the discipline.
That is the rigor that is missing, I think, between a really
good spender of $60 billion and a not-so-wonderful spender of
$60 billion.
Mr. Putnam. What is the best management tool to impose that
discipline, that rigor, to have that accountability when
programs do go south? And, frankly, it happens more frequently
than any of us would like, and it involves an awful lot of
commas and zeros.
Mr. Johnson. I think it is a combination of things. I think
one of the things the President's management agenda points out
is the value of clearly defining what you expect to achieve in
human capital, in IT or budget integration, or competitive
sourcing. Then you can hold someone accountable for achieving
it, and you give quarterly updates on how good a job they are
doing. So, for instance, one of the things that the President's
management agenda does is require the IT operations in the
agencies to use Form 300's, which develop really well thought-
out business cases. Are the business cases acceptable or not;
do they define the adequacy of the management of the project,
the security provisions being made, the desired functionality,
and so forth? How good are our business cases, and does the
value of the system far exceed the cost? And we could talk
about what percent of the business cases are acceptable or not.
That is information, particularly with the bigger projects,
that we probably ought to be more interested in and pay more
attention to than we are.
But I think one of the things we have done is start to
publicize what percent of the case are acceptable or not and,
what percent of the systems are secure. That information is
public, and some agencies are great and some agencies are not
so great. We ought to be kind of hard on the agencies that are
not so great. We required CIOs to utilize earned value
management for all projects to determine whether projects are
on budget and on schedule. And we keep track of what percent of
the projects are within 30 percent of the planned budget and
schedule, as an intermediate goal, and the ultimate goal is to
get within 10 percent of the budget and schedule. That
information ought to be made public; people ought to be held
accountable for getting it to an acceptable level and holding
it there.
So it is a clear definition of success, and I think
information about how good each CIO is or how good each agency
is at achieving those standards should be made public. And we
ought to be relentless about it. I think that we do a good job
with the President's management agenda, but it can be even more
visible than what it is today, which is a charge to us. In the
past, what I heard a lot of people say about management issues
in general in the Federal Government was: we have always had
goals, we have always said we want to accomplish this with
GPRA, and we want to accomplish this with IT. What seems to be
new in the last couple of years is that we are actually
expecting people to achieve those goals, and we are actually
defining more clearly what success means. We are publishing
report cards, and we are publishing performance information and
letting the American people and Congress know who is achieving
those goals, who is not, and making it real clear that we
expect people to produce results.
There are things that we are employing now: earned value
management, Form 300's, President's management agenda. There
have been other things as well that will allow us to do that
even better. I don't know that we necessarily mandate those by
statute, but that discipline, I think is, in general, what is
called for.
Mr. Putnam. So the oversight, the scrutiny, and the
publicity that arises from failing to meet those goals then is
the accountability you speak of.
Mr. Johnson. Yes. Karen and I have talked about
understanding that the more money involved, the greater the
risk. Maybe there is a second and a third level of quality
control that should exist for large IT projects. How do we
ensure that it happens? Do we require it? Do we suggest it? I
don't know yet. But whenever we are trying to write something
new or develop a system, we are trying to do something that has
never been done before, so there is risk involved. We must find
out how to manage that risk. We just need to be more conscious
of our track record, ensuring that it is not going to go awry.
We need to try to do more things to make sure it doesn't. So,
to do so, we can identify where we do have problems, identify
where we do have success, make sure that we spread our best
practices and avoid our worst practices, and have lots of
clarity and accountability.
Mr. Putnam. Ms. Evans, having been on both sides of this,
is there enough accountability in the system currently on
individuals, on CIOs?
Ms. Evans. I would say that right now, based on the
statutes that we have in place, the authorities that are out
there and the responsibilities that we have, it is very clear
what we are supposed to do. I would echo the same comments that
Mr. Johnson has just made. And I was obviously in the Federal
Government when Clinger-Cohen was first passed, and have seen
how it continues to progress and evolve the roles, but the
difference now is the accountability. We always knew what we
were supposed to do; we have always had an A-130. We have
always had A-11s. We have always had the guidance going forward
of what we were supposed to do, but now OMB has stepped up and
the President, himself, with the scorecard is really in a very
public way publishing what are the expectations, what do we
expect agencies to do, how do we expect them to perform, and
holding them accountable, meeting with them quarterly and
asking them about the progress of how they are going, giving us
results that we can see, tangible results, not just telling us
that they are doing it, but us actually can see it, because
then, as the taxpayer, you will be able to see it as well, has
really made a difference.
And I have seen great, great changes that have occurred
with the introduction of the scorecard, holding the agencies
accountable, and it really has truly energized people within
the agencies because they know at the highest ranks of the
Federal Government their work is being looked at, and it is
important and it is making a difference.
Mr. Putnam. So Clinger-Cohen, has it had its intended
impact?
Ms. Evans. I would say yes. And I would say that you are
going to continue to see more things happen. I think that
Congress, 8 years ago, had the foresight to realize what
information technology was going to do, the impact that it was
going to have on the Federal Government. But as we continue to
evolve and as you see technology continues to just morph and
morph and morph, that it has had the impact; it has heightened
the awareness, it has made agencies' officials be held
accountable, and we are introducing more and more tools so
there is more clarity to what the intent of Clinger-Cohen
really was meant to be.
Mr. Putnam. The A-130 was last revised in late 2000. Is it
outdated, it is in need of revision, or is it OK the way that
it is?
Ms. Evans. You are right, it has not been updated since
2000; however, as each piece of legislation comes out, we have
implemented policy guidance to deal with the implementation of
that legislation. We are in a review process for it right now
to see if we really do need to update it, but there are no
policy gaps as far as guidance to the agencies are concerned,
because we have issued those. We are reviewing it. If we were
to update it, it wouldn't happen until the next fiscal year,
going into the next fiscal year.
Mr. Putnam. Mr. Powner, you pointed out the turnover in the
CIOs in your report.
Mr. Johnson, we have had hearings about this at all levels
of the Federal Government, the human capital problems.
How big a deal is it? Is it typical of what we are seeing
across the Federal Government, a little bit better, a little
bit worse, is it a crisis, is it one of many problems? How
would you characterize it?
Mr. Johnson. I know in the political appointees in general,
their adage is--which is what I was involved in with the
President when he first came to office--the average time
supposedly that somebody stays in a political position is 2\1/
2\ years or so, and the general reasons given for that is this
is hard work, the volume of work, the public scrutiny, it is
hard. You have been here long than I have. And it doesn't mean
necessarily someone leaves, but they stay in one job on point
11, 12 hour days, and 2\1/2\ years plus or minus, then they
tend to move to something else or the good ones are asked to do
something else, whatever, but 2\1/2\ years. So the fact that
the turnover for CIOs is 2 years doesn't strike me as being
dramatically different.
I know of CIOs who, in general, can come in and have a huge
impact on an organization within months, and I know other CIOs
that can come into an organization and be there for 3 or 4
years and have little impact. So I wish CIOs in general would
be there 3 or 4 years, versus one or two, but I am not sure
there is a direct correlation between time on the job and their
effectiveness.
This is a very hot market, and I don't know what impact the
IT and the Internet growth of the industry in the late 1990's
had on turnover. I would think it would be hard for us to
compete with people that are hiring our CIOs and paying them
lots of money and lots of stock options and so forth. It would
be easier when the market is not heated up like that.
I don't know that there is any immediate, direct problem
with CIO turnover, because I think a good CIO can come in and
have an impact in a very short period of time. I think the
primary thing is being able to hire them initially and get them
on board in a hurry, more so than once they are here, keeping
them and letting them grow into the job. We spend so much money
in almost every agency; we don't need to be hiring CIOs that
can take 18 months to get up to speed. Invariably, when they
walk in on the job, they have tens of millions of dollars of
projects that need to be managed and huge issues bigger than
anything they have ever faced, and they need to be effective
pretty much within the first couple of weeks.
Mr. Putnam. Ms. Evans, you chair the CIO Council. How would
you characterize the turnover issue?
Ms. Evans. I think it is indicative of the marketplace of
where we are competing. Is it a problem that their turnover is
every 18 months? Again, I would re-echo the same comments that
Mr. Johnson did. When you come into the job, you have to be
able to hit the ground running. You could be there 3, 4, 5
years and not be a very effective person, and not just as CIO,
but in any position. So do I see a change on the Council? They
come in, we come in, we bring them up to speed, we make sure
that the best practices are there so that they have everything
that they need to hit the ground running. But for the most
part, do I think that it impacts our overall performance on the
Council? I would say no, because we have our processes and our
procedures and our best practices; we continue to evolve those.
We have those in place so that we can ensure that the turnover
doesn't impact the functioning of the Council.
Mr. Putnam. Mr. Powner, do you agree with that?
Mr. Powner. In terms of the tenure and the turnover with
the CIOs, a couple things that we heard that actually could
help to mitigate some of the transition periods is the deputy
CIO position. Many CIOs mentioned to us the importance of that
position. The other thing that is very important, and this is
in line with what Ms. Evans is saying here, is when we have
performance-oriented goals, such as the E-Gov section of the
PMA, which really covers a number of those top seven areas
there, that keeps the focus on several key IT management areas,
whether we have turnover or not. That is very important. Your
grades, that is another area. Folks are very focused on those
grades, whether we have turnover at the CIO position or not,
because the heads of those agencies are clearly focused on
those grades and those scores.
Mr. Putnam. Thank you all very much. We have three panels
today, so we are going to move right along. I really appreciate
all of you coming down and spending some time with the
subcommittee. These are important issues and you have all been
very supportive of this subcommittee's agenda in working
together with you to improve our IT efficiency.
So the subcommittee will stand in recess and we will
arrange for the second panel.
[Recess.]
Mr. Putnam. If the witnesses and anyone accompanying them
will please rise and raise your right hands.
[Witnesses sworn.]
Mr. Putnam. Note for the record that all of the witnesses
responded in the affirmative. We will move immediately into
testimony.
I would like to welcome our witnesses for this panel and
introduce Paul Brubaker. Mr. Brubaker served as executive vice
president and chief marketing officer for IS International. He
has responsibility over marketing and helps guide IS toward
future opportunities. He joined IS with over 16 years of
experience in government services and the public sector. As the
former deputy CIO for the Department of Defense, Mr. Brubaker
was the Department of Defense's second highest ranking
technology official.
Welcome to the subcommittee. You are recognized for 5
minutes.
STATEMENTS OF PAUL BRUBAKER, EXECUTIVE VICE PRESIDENT AND CHIEF
MARKETING OFFICER, IS INTERNATIONAL; JAMES FLYZIK, PARTNER,
GUERRA, KIVIAT, FLYZIK & ASSOCIATES; AND DEBRA STOUFFER, VICE
PRESIDENT OF STRATEGIC CONSULTING SERVICES, DIGITALNET
Mr. Brubaker. Thank you, Mr. Chairman, Mr. Clay, and
members of the subcommittee. I am here today speaking as a
citizen. These are my own views and do not reflect those of my
firm, per my general counsel.
I was originally involved in developing the Clinger-Cohen
provisions, including the CIOs and the deputy CIO provisions
that were in the report language, as well as served at DOD, so
I think I have a fairly unique perspective on both the
formulation of the legislation and how it is applied at the
largest Federal agency.
I would like to commend you, Mr. Chairman and Mr. Clay, as
well as the General Accounting Office, for convening this
hearing today and undertaking this review. I would like to
point out that--you see these outlined over here in the chart
that GAO put forward--work before programs run amok, not after
they run amok. Management is another area responsibility in
developing and enhancing architectures, including operational
architectures, and standards is absolutely key, encouraging and
ensuring process change throughout the organization, and the
intent was for visionaries and strategic thinkers as it relates
to applying information technology in the enterprise. What is
the most useful reporting structure? Simply reporting to the
agency head. GAO made reference to a chief operations officer
in their report today, which I believe to be an excellent idea
and merits further study. Now, should a COO be established,
then I would highly recommend that both the CIO and the CFO
report directly to that person.
The bottom here is that a seat at the management table is
absolutely critical for a CIO to be effective; they should be
tantamount to the financial officer in terms of the
organizational structure. Wherever that CFO reports, the CIO
should report as well.
You asked about the specific duration of time in which a
CIO must remain in their position to be most effective.
Honestly, it has to be longer than 19 to 32 months, as was
outlined in the report, especially given the fact that the
general consensus out there in the management circles is that
you need 3 to 5 years to be effective. I would highly recommend
term appointments on the part of CIOs, certainly greater than 6
years, no more than 12; can be reappointed; perhaps some perks
related to retirement that would attract some of the best and
brightest of that position.
You asked about characteristics and qualifications that a
CIO should possess. Simply put, knowledge of applied technology
and a nose for transformation, a desire and a passion to
reform, and business acumen. It is absolutely critical that if
they are operating the capital planning and investment control
process, that they understand concepts like risk management,
risk mitigation, return on investment, and so forth.
Major challenges? In a word I can sum it up: culture. The
culture of the organization, when we introduced the concept of
CIO, was not all-embracing, and basically what you have is an
information-aged position that we are putting into an
industrial-aged bureaucracy, and, frankly, it has been
difficult and a long road to get it to work.
And I would be pleased to answer any questions that you may
have.
[The prepared statement of Mr. Brubaker follows:]
[GRAPHIC] [TIFF OMITTED] 98209.034
[GRAPHIC] [TIFF OMITTED] 98209.035
[GRAPHIC] [TIFF OMITTED] 98209.036
[GRAPHIC] [TIFF OMITTED] 98209.037
[GRAPHIC] [TIFF OMITTED] 98209.038
[GRAPHIC] [TIFF OMITTED] 98209.039
[GRAPHIC] [TIFF OMITTED] 98209.040
[GRAPHIC] [TIFF OMITTED] 98209.041
Mr. Putnam. Thank you very much.
Our second witness is James Flyzik. Mr. Flyzik is a partner
in a consulting company he co-founded. Before this, he served
as Senior Advisor to Governor Ridge in the Office of Homeland
Security. He provided advice on the national strategy and
information management. Prior to that, he was the Chief
Information Officer for the Department of the Treasury.
Welcome to the subcommittee. You are recognized for 5
minutes.
Mr. Flyzik. Mr. Chairman, Mr. Clay, distinguished members
of the subcommittee, it is my pleasure to testify today on
issues of critical importance to achieving world-class
performance within Government agencies. I have been involved in
information technology issues during my entire 27-year
government career, and I now work in the private sector to find
ways to help make government IT programs succeed. I applaud the
subcommittee for making these issues a priority.
I had the honor and privilege to work for the public for
over 27 years as a career civil servant. I held senior
information technology positions at Secret Service, Department
of Treasury, CIO, served as Vice Chair of the Federal CIO
Council from 1998 until 2002. I also had the privilege to head
up the IT team during the reinventing government program and
served on the administration's team during the crafting of the
Information Technology Reform Act, the Clinger-Cohen
legislation. I finished my career as an IT advisor to then
Governor Ridge, following the terrorist attacks of September
11. In all these roles, the empowerment of Federal CIOs was the
key issue that impacted program success.
My message today is simple: If the Government is to take
full advantage of the power of IT, it must make achieving
world-class IT implementation a priority on the agenda of the
heads of our Government agencies. I believe progress to date
has been good, but far short in what is needed and far short of
what Clinger-Cohen originally envisioned. Many CIOs today find
themselves being held responsible and accountable for results,
but lack the authority to impact the programs they are expected
to implement.
I participated in the GAO study of these issues. With that,
I will address the five questions posed by the subcommittee.
What are the responsibilities of a Federal CIO most
critical to success? The CIO must be responsible to bring best-
in-class IT practices to Government agencies. This implies
responsibility for gaining detailed understanding of the key
critical mission objectives and defining how IT can realize
these objectives. If we are to hold CIOs accountable for
program performance, then we need to empower them to make
strategic decisions about resources. This means
responsibilities for IT capital planning, investment decisions,
budget execution, program and portfolio management. I would
also suggest that an important responsibility for a CIO is to
become credible in an agency and part of that senior team
making strategic business decisions. This means becoming
credible to senior political executives, career executives,
middle management, and subordinates. Only when a CIO is seen as
a key player can he or she be influential in getting results. A
CIO will gain this credibility by understanding the business
objectives of the agency and how IT can add value to meeting
those objectives.
On the question of reporting structure, a CIO that reports
to the agency head immediately gains the empowerment of being
on the senior leadership team if that CIO has a seat at the
table. A seat at the table means being part of the strategic
decisionmaking, not merely a line on an organization chart. Can
other organizational models work? Yes, but only when the CIO
gains the empowerment to effectuate change and is seen as part
of that senior leadership. For example, during my tenure as CIO
at Treasury, I reported on a dotted line to the secretary for
all IT matters, but administrative reporting was through an
assistant secretary. Yet I believe this worked. Why? Because
the assistant secretary made it clear to all subordinate
bureaus that all IT budget and program decisions needed to be
approved by the CIO. In this case, it wasn't structure that
empowered, it was process. But I must also point out that
empowerment doesn't guarantee results. Empowerment provides the
opportunity for results. A competent CIO will get the results.
In reference to the question of time duration, I believe a
CIO cannot achieve any meaningful results if they are in that
role less than 2 years, based on budget and procurement cycles.
On the other hand, I also believe it is in the best interest of
Government agencies to bring in fresh ideas over time. I
believe it a good practice to rotate CIOs and into key CIO
Council executive committee positions to encourage the
development of alternative viewpoints. I believe CIOs should be
rewarded for innovative and creative enterprise approaches such
as heading up governmentwide initiatives.
In addressing the question of characteristics and
qualifications, I would like to point out that the Federal CIO
Council invested a great deal of time identifying many of the
technical and business skill sets required to be a successful
CIO. Universities now teach these. But rather than reiterate
these well documented qualifications, I would like to point out
that a good CIO needs to understand technology, but, more
importantly, how to apply that technology to solve business
problems. A good CIO has technical skills, finds ways to stay
current on technology, understand business practices and
business skills such as financial management, and know how to
build relationships, relationships with Congress, top managers
in the agency, the private sector, and their peers.
Challenges they face are numerous and dynamic. The delicate
balance of privacy versus national security, interoperability,
information sharing. But in my opinion, the most challenging
issue is the need to use technology to challenge and change
agency cultures, traditional institutionalized processes. We
have seen major programs continually plagued with cost overruns
and time delays. We see now new powerful approaches such as
performance-based acquisitions to address these. The concept is
simple, yet implementing these concepts requires not just the
CIO.
Mr. Chairman, to sum up, if UPS and the Federal Express can
tell you where and when your package is located at any point in
time during shipment with a click of a mouse, why can't
Government tell you when your tax return will arrive, how to
change your mailing address without going agency by agency,
when your street will be cleared from snow? Citizens demand and
expect fundamental government information in realtime.
I thank the subcommittee for giving me this opportunity to
make my points, and I look forward to working with you in any
way I can to help move these important issues forward. I would
be happy to answer questions when appropriate.
[The prepared statement of Mr. Flyzik follows:]
[GRAPHIC] [TIFF OMITTED] 98209.042
[GRAPHIC] [TIFF OMITTED] 98209.043
[GRAPHIC] [TIFF OMITTED] 98209.044
Mr. Putnam. Thank you very much.
Our third witness on this panel is Debra Stouffer. In
February 2003, Ms. Stouffer became vice president of strategic
consulting services at DigitalNet Government Solutions, where
she is responsible for developing and managing a comprehensive
suite of analytical and technical services designed to enable
government and commercial business leaders to achieve improved
mission performance. She previously served in the Federal
Government as the EPA Chief Technology Officer, as the Federal
Enterprise Architecture Program Manager at OMB, and as the
Department of Housing and Urban Development's Deputy Chief
Information Office for Information Technology Reform.
Welcome to the subcommittee. You are recognized.
Ms. Stouffer. Thank you. Good afternoon, Mr. Chairman and
members of the subcommittee. Thank you for inviting me here to
discuss the evolving role of the Federal CIO. My experience in
the public sector has shaped my perspectives on the topics that
I will share with you today.
In terms of the CIO's responsibilities and criticality, the
role of the Federal CIO today is broader and more complex than
it ever has been. Further, the statutory and regulatory
framework is complex as well. CIO responsibilities are derived
from numerous IT-related statutes and regulations. For example,
there are over nine IT-related statutes that lay out the CIO's
responsibilities, and just since 1994 at least 12 separate
memoranda and circulars issued by OMB related to Federal IT
policy and budget procedures.
New Federal CIOs often find it difficult to understand the
Federal requirements to which they must comply and the
competencies they must exhibit to perform effectively. Further,
CIO duties vary across the Federal Government, depending upon
the agency's size, complexity, and organizational structure. As
size and complexity increase and structure is disaggregated,
the influence the CIO has over business and budget decisions is
likely to diminish.
Until the past few years, Federal CIOs have been
responsible for the more traditional information resource
management concerns. Recently, however, as a result of the
administration's efforts to ensure Federal agencies are
citizen-focused and results-oriented, the CIO is increasingly
viewed as a change agent for business modernization and
transformation. Further, they must ensure that IT investments
are delivering intended results in terms of mission
performance, not just finishing on time and within budget.
In terms of reporting structure, many Federal CIOs report
to the executive heads of the agencies. I believe, however,
similar to many comments you have heard today, that based on
their evolving role, that CIO effectiveness would improve with
organizational reporting to their agency's COO, that is, those
executives responsible for the agency's day-to-day business
operations This would provide the CIO with equal footing among
agency business leaders in all key decisions regarding agency
business operations. In addition, Federal CIOs informally
report to the Administrator for Electronic Government at OMB;
however, this reporting structure is not clearly defined in the
E-Gov Act of 2002.
In regards to their optimal time duration, it should be
longer. Available evidence suggests that the median tenure of a
Federal CIO is about 2 years. Often, 3 to 5 years is needed to
lead business transformation. Equally important to tenure is
the ability to participate in executive decisions, an activity
often limited to politically appointed business leaders. Some
CIOs are politically appointed; others are not. All need to
have a seat at the table on their senior management teams.
Perhaps term appointments are an option.
In regards to personal traits and qualifications needed,
CIOs must certainly have the correct technical and business and
management skills to meet their agency's needs. Further, to
lead transformation, they must be strong leaders, strong
communicators, and have a strong business acumen.
Challenges include the following: understanding the
existing and complex Federal statutory and regulatory framework
for information resources management; recruiting and retaining
skilled IT professionals, to include project managers;
fostering business and cultural change to achieve e-government
transformation; maturing governance processes and integrating
those governance processes; and ensuring adequate resources for
cross-agency collaboration are identified and made available to
the people that are charged with implementing e-gov
initiatives.
In conclusion, Federal CIOs can and should play a
significant role in improving the management and performance of
the Federal Government, and ensuring that our Government is
more responsive to the needs of citizens. IT has transformed
the way that we all do business, and none of us can predict
what the future may hold. As the CIO role broadens and
expectations increase, so do the challenges. I am confident,
however, that with the proper support from Congress and the
administration, CIOs can be successful and effective in their
role.
I thank the committee for the opportunity to speak this
afternoon.
[The prepared statement of Ms. Stouffer follows:]
[GRAPHIC] [TIFF OMITTED] 98209.045
[GRAPHIC] [TIFF OMITTED] 98209.046
[GRAPHIC] [TIFF OMITTED] 98209.047
[GRAPHIC] [TIFF OMITTED] 98209.048
[GRAPHIC] [TIFF OMITTED] 98209.049
Mr. Putnam. Thank you very much. And I have been notified
that we are expecting a series of votes around 4, so I would
ask for your indulgence. We are going to cut the questions
short for this panel in hopes of being able to get through the
third panel before the voting bells go off.
This is a unique opportunity, I would assume, for former
CIOs to be able to come back and do essentially an exit
interview with Congress and have the opportunity to reflect on
what you wish someone would have told you or prepared you for
as you went into the job, so that is my first question: What
would you advise someone who is considering taking this job, in
its current role and its current form, with its current
responsibilities? What is it that you would share with them
that you wished someone had shared with you?
And we will begin with Mr. Brubaker.
Mr. Brubaker. Well, I came at this with a little different
background; I wasn't in the Federal Government, I had actually
come off the Hill and gone into industry for a few years. So
having been involved in what I thought I knew what the
requirements were, having been involved in drafting legislation
and the position description, if you will. My advice would be
don't expect the agency to have an understanding of the roles
and responsibility of the CIO when you walk in. Part of the job
is actually to educate your management and the people that you
work with and your colleagues in the agency as to what your
role is. The first time you start snooping around IT
investments--at least this was true when I was at the Defense
Department--people tend to get pretty excited; they feel
somewhat threatened. So you have to concentrate on your
governance processes, and the culture and how you are going to
overcome cultural obstacles, and have a proactive plan for
addressing those issues.
Mr. Putnam. Mr. Flyzik.
Mr. Flyzik. Yes, Mr. Chairman, and you are right, it is
kind of unique to have an opportunity to testify today, for the
first time, where I didn't need to go through a clearance
process with the legislative affairs, the legal counsel, OMB,
and all the other various chains, but be able to write and say
what I have been thinking. But with that in mind, I would
suggest to you, sir, that building relationships and
partnerships has to be a first step. As I mentioned in my
testimony, I believe a CIO can only be effective if they are
credible, and credible means building relationships within
their own agency, the career officials, the political
officials, members of the Hill like yourself and your staff,
and OMB and those others, and the private sector. I think there
is a very fine, delicate balance, too. A CIO needs to reach
out, get out in the community and build these partnerships, but
at the same time remember their responsibilities within their
own agency. And I think it is a very delicate challenge that
CIOs face to do that, but I think it is critical to gain that
credibility, because once one gains credibility, then one has
the power to effectuate change.
Mr. Putnam. Ms. Stouffer.
Ms. Stouffer. Several things are critical, in my opinion.
One is to know the business. The CIO has to understand the
business of the organization, understand where the performance
gaps are, and be able to apply technology to close those
performance gaps or enable business performance. Second,
obviously, know information technology. You can't offer up a
solution of enabling technology if you don't understand it and
know how to apply it. Third, in building relationships, you
need to communicate, communicate, communicate value, and you
have to do that differently with different stakeholders. So it
is important not to have one story, but to be able to
communicate the value of enabling technology to different
people in different ways so they understand it from their own
unique perspectives.
Mr. Putnam. I would ask all of you also if is it critical
that the CIO report directly to the head of the agency? And I
would ask you to be brief. Something more than yes or no.
Mr. Brubaker. At this moment, yes. I think I covered it in
my statement.
Mr. Flyzik. As mentioned in my statement, I think it
certainly helps gain that credibility I am talking about. I
also suggested that the key issue is can the CIO be in the
strategic management team and be empowered. If we are going to
hold the CIO accountable for results, then they need the
responsibility and the authority to control resources, both
financial and human resources, to get the job done.
Ms. Stouffer. In my opinion, it could be more effective for
them to report to the COO, and that is a different person in
different organizations. I say that because the head of an
organization or the secretary or administrator is typically
outward facing, they do a lot of externally-oriented work. The
deputy or whoever is effectively the COO of the organization
really runs the day-to-day business of that organization.
Informally, if not formally, the assistant secretaries and
administrators report to them anyway.
Mr. Putnam. Is turnover a big deal? And if so, how do we
fix it?
Ms. Stouffer.
Ms. Stouffer. I think that it is. And, I believe that term
appointments, and perhaps politically appointed term
appointments, might be one action to consider. It might help to
have term appointments that extend more than 18 months or 2
years. Often a CIO has even a shorter period than that to be
effective when they are politically appointed, because the time
it takes to bring them into the agency. Yet, because political
appointees start out with a great deal of credibility, they
have an easier time coming to the table with the other senior
business leaders. For this reason, perhaps a politically
appointed term would make the most sense.
Mr. Putnam. Mr. Flyzik.
Mr. Flyzik. Mr. Chairman, I believe the answer to that
question is it depends how effective the deputy and the staff
below the CIO are, and how well that succession planning has
been built. If you build a very strong team and effective
staff, then a program should be able to sustain its momentum
through a turnover process. If you can sell your program to the
ultimate customer of government, that is, the citizen of
government, then the program will live beyond an individual.
And the question is developing key players that can run those
programs coming up right behind that CIO.
Mr. Brubaker. Mr. Chairman, I strongly advocate term
appointments. In my written statement I gave a little more
detail on it, but I think a term appointment of at least 6
years for a CIO would be smart, with a Senate confirmation for
those who are statutorily required. You know, from personal
experience, people can't wait you out. I actually, during my
lame duck period, if you will, while the administration changed
and people knew I was going out, I actually had somebody tell
me that they were going to wait for the next guy, because I was
challenging a program and something that they wanted to do. So
I am a strong advocate of term appointments, political, with
Senate confirmation for the statutorily appointed ones.
Mr. Putnam. Why is it so important that a CIO have Senate
confirmation?
Mr. Brubaker. Why is it important?
Mr. Putnam. I know you would never get that question in the
Senate.
Mr. Brubaker. It is important for oversight purposes, to
make sure that you take a look at--it provides an opportunity
to talk about what that agenda is going to be. It provides an
opportunity for the appointee and the agency to commit to
certain types of oversight and to ensure that appointee is
going to be given the support on the part of the agency. It
gives you an opportunity to have a hearing, it gives you an
opportunity to talk to some of the agency officials to make
sure that they understand what the roles and responsibilities
are, and I think it is good to vet those people through that
process.
Mr. Putnam. How do we hold CIOs accountable?
Mr. Brubaker. Mr. Chairman, can I add something to that as
well?
Mr. Putnam. Sure.
Mr. Brubaker. If you are conducting oversight over other
PASes, Presidential appointment, Senate confirmed, there is a
hierarchy that is important as well, and I don't want to
underestimate that. If you are giving advice on technology
programs in an oversight capacity to somebody who is a
Presidential appointment that has been Senate confirmed, you
rank up there with them, and, frankly, that is another real
reason to have a Senate confirmation; it is a hierarchical, it
is a pecking order issue.
Mr. Putnam. It is an ego issue for the Senate.
But the accountability issue I think is important. How do
we really get down to holding CIOs responsible for $100 million
projects that go south, that fall 3 years behind, that are
abandoned midstream? What is the appropriate level of
accountability, what form does it take, and is it adequate?
Mr. Brubaker. There is an accountability issue, but there
is also a responsibility issue, and the issue that Clinger-
Cohen was a three-legged stool: you have responsibility that is
delineated on the part of OMB, you have responsibility that is
delineated to the agency head, and you have responsibility that
is delineated to the CIO; and they all have to work in concert.
And there is a lot of authority there, but there isn't the
commensurate responsibility because the law, frankly, hasn't
been implemented as it was originally envisioned. You know, can
you take somebody to the woodshed, if you will, on a program
that went south? Yes, you can do it, you can beat them up, but
if they didn't have absolute responsibility, authority, and
budget control over that program, then it is pretty difficult
to make a fair case that they were responsible for the program
going south. There is too much diffused responsibility and not
enough--you know, we used to refer to it as who is the single
belly button. Who is the single person that I can point to who
has absolute accountability, authority, responsibility for a
program? And, frankly, it is almost by design in the
bureaucracy that responsibility is diffused among a lot of
different people, because a lot of different people want to
play in that role.
And what Clinger-Cohen tried to do was delineate those
responsibilities and be clear about who was responsible for
what, and, frankly, we are not to that point yet; you have too
many people with their hands in that cookie jar, and then when
the cookie is gone, you can't figure out who took it.
Mr. Putnam. Mr. Flyzik.
Mr. Flyzik. Yes, sir. The accountability issue, as I
mentioned before, I am a big advocate of performance-based
approaches, and I think one can define performance metrics, as
well as with contractors. However, if we are going to hold the
CIOs responsible and accountable, they need to have the
authority to control those resources. I would suggest that when
a project is approved, particularly in a performance-based
environment, that CIO be given the authority and the budget to
put that program in place, and be held accountable, and have
the authority to control the resources necessary to get that
job done. And if more resources are needed, the authority to
work with the CFO and agency head to come back up to the
appropriations process and be completely in charge of the
program. I feel in a lot of cases were are holding CIOs
accountable because you have to hang someone when things don't
work. But, yet, if you look behind the scenes, did that CIO
really have the ability to control the financial resources and
the human resources in that agency?
I will give you an example. We talked today about the Ds
received in information system security. I believe a lot of
CIOs in Government know what it takes to address those
deficiencies in information system security, yet they lack the
dollars and the resources and the staff to do it, and the
authority to get that resources and staff. So I think we need a
model that, as when projects are approved, dollars are set
aside, but those dollars are controlled by the CIO, and then we
can hold them accountable.
Mr. Putnam. Ms. Stouffer.
Ms. Stouffer. I think there would be value in reworking the
entire statutory framework and providing more clarity regarding
roles and responsibilities and accountability. Clearly, the CIO
needs to have influence on the budget process, particularly as
it relates to information technology investments. So clearly
understanding that they have a place at the table in that
process is important. It would be helpful if OMB worked to
develop strategy that is consistent across the board on how we
pull funds when we do cross-agency initiatives. This strategy
would address consistent criteria for how agencies are assessed
for their share of an initiative making it easier for the CIOs
when they are actually trying to implement e-gov initiatives
and scramble for dollars at the same time.
So I think, again, one value would be to rework the entire
statutory framework and the guidance that is coming out of OMB,
provide some clarity, perhaps consolidate some of it in such a
way that it is easier to understand and point to; and I think
that would be useful.
Mr. Putnam. You have also served as a CTO.
Ms. Stouffer. Yes.
Mr. Putnam. Some agencies have them, some agencies do not.
Please, if you will, share our impressions of the value of
having a CTO as well as a CIO, and whether that is something
that should be adopted by every agency.
Ms. Stouffer. I believe that having a position entitled CTO
is valuable. I think that even where you have organizations
that don't have a position entitled CTO, you often have people
fulfilling that role entitled something else. Typically they
are more focused on the technology issues and less focused on
the information issues and the business issues associated with
performance gaps and leveraging technology to fill those gaps.
So they are very focused on technology. I think CTOs are
everywhere, they just have different titles at different
agencies.
Mr. Putnam. And finally, because we are going to need to
seat the third panel--I hate to cut this short, but we will be
submitting questions and answers for the record--as we have all
of these hearings, typically agency culture, personnel and
training are greater issues than technology itself in terms of
being an impediment to progress and to change. Has the role of
the CIO been fully accepted and worked into the management
structure of the agencies as you have seen it? Ms. Stouffer.
Ms. Stouffer. I believe that CIOs are becoming more and
more effective. Obviously, as technology advances and as CIOs
mature and their role in the organization is better understood,
they are having more and more of an impact. Technology has now
actually become disruptive in some cases because it is driving
certain business decisions in areas where it can actually
accomplish business needs. Having the knowledge of emerging
technologies, and how they can further desired business
outcomes is important. The CIO's contribution in making major
business and technology decisions is increasingly recognized.
So they are making progress.
Mr. Putnam. Mr. Flyzik.
Mr. Flyzik. Mr. Chairman, I believe the results are mixed
all over the Government. I believe in some Government agencies
you see CIOs making strategic decisions in part of every
strategic process that takes place; I think in others we have a
long way to go. I think in some agencies under secretaries,
assistant secretaries view the CIO as someone that gets in the
way and I need to find my way around that particular individual
in order to get my programs done. All in all, though, I think
we are moving in the right direction and I think hearings like
these are a good way to keep the momentum on the move in that
direction. I think culture change, sir, takes a long time. I
know my life at Treasury, I believe it took, in my opinion,
probably 10 years before we actually got into a true enterprise
environment from the days it was first talked about to where
everybody actually bought into a concept of an enterprise
approach to very large programs. I think culture is going to
take time, but I think we are moving in the right direction and
I think we have to keep the pressure on and keep momentum
moving in the right direction, and I applaud this subcommittee
for being a catalyst in doing that.
Mr. Putnam. Mr. Brubaker.
Mr. Brubaker. Yes, I think the prior two speakers are
right. It depends on the agency. Yes, in some cases; no in many
others. But from my view, my experience in government, things
seem to just be moving too slowly, and that is why I was
particularly pleased to see the advocacy of the chief operating
officer position in the GAO report. Maybe advocacy is too
strong of a word, but they mentioned it, and I have seen it in
the press and in some pronouncements out of GAO, where they
seem to be advocating for a chief operating officer position
that would be a term appointment with a contract that would
lead that management team of the CIO and the CFO to really
transform agencies. I think that is critical. I think you are
still dealing with that industrial age bureaucracy, if you
will, and we are expecting information age results out of it,
and it just doesn't work.
Mr. Putnam. Thank you all very much. I again apologize for
cutting this short, but we are interested in hearing from all
three panels before the meeting is broken up by votes.
So at this time the subcommittee will recess to set up the
third panel. Thank you all very much.
[Recess.]
Mr. Putnam. The third panel, I appreciate your patience and
your willingness to come before the subcommittee. Please rise
and raise your right hands for the administration of the oath.
[Witnesses sworn.]
Mr. Putnam. Note for the record that all the witnesses
responded in the affirmative.
Our first witness for this panel is Kim Nelson. Ms. Nelson
is the Assistant Administrator for Environmental Information
and Chief Information Officer at the EPA. Before joining EPA,
Ms. Nelson served the Commonwealth of Pennsylvania for 22
years. Notably, she was the first executive to hold the
position of chief information officer in Pennsylvania's
Department of Environmental Protection.
Thank you for joining the subcommittee again. Your
testimony is always very helpful. You are recognized for 5
minutes.
STATEMENTS OF KIMBERLY NELSON, ASSISTANT ADMINISTRATOR OF
ENVIRONMENTAL INFORMATION AND CHIEF INFORMATION OFFICER,
ENVIRONMENTAL PROTECTION AGENCY; STEVEN COOPER, CHIEF
INFORMATION OFFICER, DEPARTMENT OF HOMELAND SECURITY; VANCE
HITCH, DEPUTY ASSISTANT ATTORNEY GENERAL, INFORMATION RESOURCES
MANAGEMENT AND CHIEF INFORMATION OFFICER, U.S. DEPARTMENT OF
JUSTICE; AND IRA HOBBS, DEPUTY ASSISTANT SECRETARY FOR
INFORMATION SYSTEMS AND CHIEF INFORMATION OFFICER, DEPARTMENT
OF THE TREASURY
Ms. Nelson. Thank you, Mr. Chairman. I appreciate the
opportunity to return today and talk about some of the issues
that are on your agenda today, particularly the role of the
CIO. You have asked some important questions, and while I have
answered those in my written testimony, I will just briefly
touch on some of those as part of the oral testimony here
today.
First and foremost, I want to emphasize the fact that the
chief information officer title has the word information in it,
and that is important. What is also important is that the word
technology is not there. And what I want to emphasize is the
fact that it is the information component which I think is most
important to the role that we play in our organizations. And
while technology is important and we tend to talk a lot about
IT and technology, the fact is that technology is only an
enabler, and what you are looking for in a CIO is somebody who
can really work with people and organizations to achieve
results; and that takes a lot of work to work in concert with
people and processes to make a difference in your organization.
You have asked some questions about the responsibilities
that are most critical for a Federal CIO. I was looking at this
chart before the hearing began, and looked at all the
responsibilities that were listed there. In my own testimony, I
focused on those that are listed at the top as some of the most
important ones, and I think that is supported by the chart. I
would say, however, that the position I hold at EPA in fact
includes all of those responsibilities in whole or in part,
including the one at the bottom, statistical work. For
instance, this last year my office, in conjunction with our
Office of Research and Development, issued the first ever
Report on the Environment. And again that is significant
because it is the first time we were ever able to report to the
American public what we know about the condition of the
environment, and that is a way to use information to be able to
demonstrate real results. Again, the focus being on how we use
information.
Reporting structure has been a topic today. I do think it
is an important topic. I believe I am fortunate to have,
frankly, one of the best positions in the entire Federal
Government when it comes to the roles and responsibilities of a
CIO. At EPA I report to the administrator through the deputy
administrator. I have a position that is equal to the peers in
my organization that manage the business units, the air office,
the water office, the emergency response and waste office. So I
sit at the table at the same level and with the same political
appointment and confirmation by the Senate as the other people
who are setting policy within the organization. I think that is
important because if you look, frankly, at some of the most
recent Gartner research, what it shows is that it is important
to have that ability to sit at the table and have access to an
understanding of the business of the organization. And,
frankly, if I weren't at that same level, I would not be able
to interact with those that are making business and policy
decisions within the organization.
When we talk about the duration, I, of course, am new to
the Federal Government. I guess when you had your previous
panel here, I am the first one speaking who actually came in as
someone new to the Federal Government to have taken the CIO
position. I had 22 years in State government; I actually held a
very similar position in my agency shortly before I left there.
I came into this position fully expecting to stay at least 3
years, and in September will mark 3 years from the date I
arrived and November will be 3 years from the date I was
confirmed. And I expect it will take at least that amount of
time to achieve some of the things I wanted to do when I came
on board; and I cited a number of reasons why I think 3 years
is important in my testimony that I submitted.
Finally, some of the characteristics that are important to
the CIO; you have already heard about vision, leadership,
communication. They are all important. The bottom line is you
have to be able to deliver results.
And, last, the one point I want to make about the biggest
challenge. The single biggest challenge, in my mind today, is
the CIO's responsibility to manage enterprise-wide projects. We
talked about some of those at a hearing earlier. The governance
issues surrounding managing projects across agency are
considerable, and we are treading new water here. We are
breaking new ground, and it is critical we establish those
processes for managing these governmentwide projects.
So I will stop there and I will take questions later when
you are ready. Thank you.
[The prepared statement of Ms. Nelson follows:]
[GRAPHIC] [TIFF OMITTED] 98209.050
[GRAPHIC] [TIFF OMITTED] 98209.051
[GRAPHIC] [TIFF OMITTED] 98209.052
[GRAPHIC] [TIFF OMITTED] 98209.053
[GRAPHIC] [TIFF OMITTED] 98209.054
[GRAPHIC] [TIFF OMITTED] 98209.055
[GRAPHIC] [TIFF OMITTED] 98209.056
[GRAPHIC] [TIFF OMITTED] 98209.057
Mr. Putnam. Thank you.
Our next witness is Steven Cooper. Mr. Cooper was appointed
by President Bush to be the first CIO of the Department of
Homeland Security. He and his team have responsibility for the
information technology assets supporting 190 Federal employees
of the 22 agencies now comprising the new department. Before
joining Federal Government service, Mr. Cooper spent more than
20 years in the private sector as an information technology
professional.
Welcome to the subcommittee. You are recognized, sir, for 5
minutes.
Mr. Cooper. Thank you, Mr. Chairman. It is indeed my
pleasure to appear before you today and share a few views based
upon nearly 30 years as an information technology professional,
including the past 2\1/2\ in the Federal sector. I have served
as the CIO of the Department of Homeland Security since its
inception, and it has been a fairly significant learning curve
for me coming into the Federal environment. There is, as you
have heard from previous panelists, a significant amount of
legislation and statutory requirements which, in a very short
period of time, is fairly substantial to absorb. Therefore, I
would argue that one of the primary responsibilities of any CIO
is to ensure the optimal and appropriate use of information and
to understand the legislative and statutory requirements that
enable an agency to succeed and a CIO to be successful.
A CIO must also act as an agent of change by guiding
organizational and transformational and business process re-
engineering to most effectively meet the strategic and
operational objectives of the agency. I would argue that the
CIO is one of the very few individuals whose view of the agency
is always horizontal. Every day we see not a vertical view of
any particular business unit or organizational segment, but we
are the people who are held accountable for understanding how
all those moving parts and pieces that use information
technology fit together. It is in that context that I do think
that the placement of the CIO in the organization does become
important.
What is most important has been stated by my colleagues
here on this panel and the previous panelists, and that is the
seat at the business table is what is critical. The placement
in the organization, simply put, the higher the level, the more
that the placement kind of ensures the seat at the table. It
doesn't automatically imply that a CIO cannot succeed if they
do not report directly to the secretary. It makes it
significantly more difficult the more levels that the
individual is kind of down from the head of the agency, and you
have to offset that by the time it takes to then build the
credibility and gain the seat at the business table.
With regard to roles and responsibilities, primarily the
CIO is responsible for leading the use and application of all
IT assets deployed across the department, and that includes
both the human resources and the financial resources. That is
what actually ensures the ability to use information
effectively within the department. This is achieved, in my
opinion, by guiding the department's development and use of
enterprise architecture best practices, and they include
obtaining senior management employee buy-in and involvement,
demonstrating how IT can enable mission effectiveness and
efficiency; guiding the proper choice of technology to meet
mission goals; documenting and using portfolio management
techniques that allow rapid decisionmaking regarding IT
investment choices in very difficult times and also in a
resource-constrained environment.
As far as characteristics and qualifications that CIOs
should possess, good business skills, business mission
operation sense of what is going on in the agency, that is the
credibility; good management skills, ability to lead change,
working knowledge of IT gained from hands-on or practical
experience, great communication skills, and most importantly,
in my opinion, a sense of humor and a pretty tough skin. Guts
are in there somewhere. We have to be able to place mission
first and career second. We are held accountable for basically
everything in the IT environment. And I will leave to my
colleagues and previous panelists, and perhaps the question and
answer period, how best to actually accomplish accountability,
responsibility, and the blend thereof. I happen to think that a
whole lot of it has to do with metrics and performance
measures.
In closing, I would simply like to say that the opportunity
is unique at the moment inside the Department of Homeland
Security simply because we are still in a startup mode, and a
lot of what I face as a CIO in the Department of Homeland
Security, I am envious of other CIOs who have a bit more
stability and maturity to their organizations. So some of what
my experience has been may not be reflective or may not be
typical of what some of the other more mature departments and
other Federal CIOs may face.
I look forward to your questions.
[The prepared statement of Mr. Cooper follows:]
[GRAPHIC] [TIFF OMITTED] 98209.058
[GRAPHIC] [TIFF OMITTED] 98209.059
[GRAPHIC] [TIFF OMITTED] 98209.060
[GRAPHIC] [TIFF OMITTED] 98209.061
Mr. Putnam. Thank you very much.
Our next witness is Mr. Vance Hitch. Mr. Hitch serves as
the Chief Information Office of the Department of Justice. He
manages the Department's $1.7 billion IT program, overseeing
management acquisition and integration of the Department's
information resources. His oversight includes strategic
planning, policy, capital planning, systems development,
telecommunications, information security, data management,
enterprise architecture, e-government, and user computing.
Before coming to the Department of Justice, Mr. Hitch was a
senior partner with Accensure. He has 28 years of experience in
leading government organizations successfully through major
change initiatives.
Welcome to the subcommittee, sir. You are recognized.
Mr. Hitch. Thank you, Mr. Chairman. I am pleased to be here
to talk about my job and how it fits at the Department of
Justice and the Federal community.
As you have stated, I come from the outside, 27 years of
outside experience managing large IT projects and major change
programs, both in a variety of industries as well as
government. I have been the CIO of the Department of Justice
for 2 years this past April, so I already am senior to the
average CIO, which is hard to believe.
You asked a number of questions, responsibilities critical
to my success. I believe my principal responsibility as a CIO
is to create and lead an organization that will enable our
mission accomplishment through technology. That is first and
foremost my responsibility. And there is a lot of management
responsibilities that go along with, but I view my job as
mission accomplishment.
At the Department of Justice I came upon a very
decentralized organization, and, therefore, my job in
accomplishing that mission was to more strongly coordinate from
a central perspective the IT organization, and that has
required major change. That was particularly important in the
Department of Justice, since I came on board after September 11
and a new mission had been created at the Department of
Justice, and that was counterterrorism. So we really had to do
things differently than we had done before, which was a burning
platform for me; and I used that in terms of creating the
organization that I needed to carry out what I view as my
mission.
Some of the key responsibilities that I have are those that
are listed there on the chart by the GAO: obviously, enterprise
architecture, IT investment management, security, IT human
capital planning, and program oversight. And I think all of
those are important, but I do think having a major impact on
the IT budget is absolutely critical. Having the ability to
start and stop projects, if necessary, is important. So I think
those things are echoing what I have heard some of the other
panelists say.
One of the things that I did that is unique at the
Department of Justice that I used as a platform to help create
some of the change in carrying out my responsibilities was a
program that we are now pursuing called the Law Enforcement
Information Sharing Program. And initiated this program about a
year ago as a way of bringing together our various law
enforcement components who, as I said, grew up with strong
cultures of their own and as a decentralized organization, to
get them to better share information effectively. And that is
particularly important in our counterterrorism as well as our
law enforcement missions.
The way I did that was by creating subgroups to deal with
any policy changes we needed, any changes in our concept of
operations, as well as technology; and out of that technology
subgroup came what I call our strategic IT architecture for
information sharing at the Department of Justice. We now have
that as kind of the bible of what we are trying to do to
achieve information sharing, and what I am doing is mapping all
of the forty-some odd programs that we have and IT initiatives
that we have that many of them came before I became CIO at the
Department of Justice; they had their origins as stovepipe
systems. I am sure you have heard that term. So it was my job
to somehow fit them together.
This IT information sharing architecture is what lets me do
that, and I map into that architecture and then it basically
allows me to identify the changes necessary in each IT program
to achieve our overall information sharing goals. So that is
one of the ways I have used enterprise architecture as a tool
to help me achieve my mission.
You wanted some comments, and you got lots of them from
everybody, about the most important aspect of the reporting
structure, and what is the most effective way that we can
report. I will comment on what we have at the Department of
Justice, which I think works very well. I will say that it was
new with me coming on board, it did not exist prior to my
coming on board as the CIO in April of 2 years ago.
The reporting relationships that I have are I do report
directly to the Attorney General on matters of IT policy and IT
strategy, and I report to the Assistant Attorney General for
administration on operational matters. I think reporting to the
top of the organization is extremely important because I must
be viewed at the same table and I must be viewed as a peer of
the component heads, and those are the heads of the FBI, the
heads of the Drug Enforcement Agency, the U.S. Marshals, all
those major agencies within the Department of Justice. I must
be viewed as somebody who can be their helper in making things
happen at their agency and across the department in IT. And
that is the only way that I will be able to achieve my mission
of making IT a strategic enabler of our mission accomplishment,
which is law enforcement and counterterrorism across the whole
department.
As part of my reporting responsibilities, I sit on the
Strategic Advisory Council, which is chaired by the deputy
attorney general, and that includes all the members of the
largest components of the organization and deal with all
strategic matters. Obviously, I sit on it as a representative
of the IT interest of the whole department. I also sit on a
council called the National Security Coordinating Council
within the Department of Justice. It is composed of the
component heads, once again, of the law enforcement agencies,
and that enables me to get close to their business to make sure
that I have my finger on the pulse of what is our mission and
what we are trying to achieve from a law enforcement
standpoint. So I think those are critical reporting
relationships.
Commenting on the duration, the term that is necessary.
Basically, I believe 3 to 4 years is what is necessary to have
a lasting impact. Actually, I do believe that I was effective
almost immediately, and that is through having an impact on
individual programs that were already underway. But given the
fact that it takes at least 2 years to have an impact on the
budget itself, because of the budgeting cycle in the Federal
Government, to get those programs initiated and to make them
real, it is going to take at least 3 to 4 years to have them
implemented.
Concerning the characteristics, I think you have heard a
lot.
Mr. Putnam. We will get to this in questions, but I do want
to get to the testimony before we have votes, and your time has
expired. So if you could just summarize for us, please, and
then I will go to Mr. Hobbs.
Mr. Hitch. OK.
I don't think I have anything new to add in terms of
characteristics of a CIO, except I do want to add one, which is
persistence. You know, basically working in the Federal
Government is a big bureaucracy; it takes a long time to
accomplish things. I think you have to keep at it, go the extra
mile, do whatever it takes to earn respect and confidence of
the colleagues.
Major challenges, I think my biggest one is culture change,
because I said initially that we are going from a decentralized
organization to one which is much more strongly centrally
coordinated. The concept of a CIO was not there when I arrived,
so making that culture change to become an effective CIO in
that kind of organization is the biggest challenge that I face.
[The prepared statement of Mr. Hitch follows:]
[GRAPHIC] [TIFF OMITTED] 98209.062
[GRAPHIC] [TIFF OMITTED] 98209.063
[GRAPHIC] [TIFF OMITTED] 98209.064
[GRAPHIC] [TIFF OMITTED] 98209.065
[GRAPHIC] [TIFF OMITTED] 98209.066
Mr. Putnam. Thank you very much.
Our next witness is Mr. Hobbs. Mr. Ira Hobbs is the
Treasury Department's Chief Information Officer. Mr. Hobbs came
to Treasury from the U.S. Department of Agriculture, where he
has served as the Deputy Chief Information Officer for the past
7 years. He has an extensive background in Federal policy
development and information technology and program management,
including a 22-year career at USDA.
Welcome to the subcommittee, sir. You are recognized for 5
minutes.
Mr. Hobbs. Thank you. Mr. Chairman and members of the
subcommittee, thank you for inviting me here today to discuss
the roles and responsibilities of Federal chief information
officers. With the current Clinger-Cohen Act as our guide, I
have been one of many Federal executives working to improve our
Government's management of our information and IT resources.
While we still have many miles to go, I am proud of what, as a
community, we have achieved, and I hope my perspective will add
some value to our discussion this afternoon. Having already
heard from so many experienced executives, I will keep my
opening comments brief.
I am honored to be here today representing the U.S.
Department of the Treasury as its chief information officer.
Prior to joining Treasury, I did serve as the Deputy Chief
Information Officer of the Department of Agriculture, where I
worked for 7 years under three different political CIOs.
To be a successful Federal chief information officer, one
must practice executive leadership, and have strong management
and communication skills. Fundamentally, I believe these
qualities are more important than having a strong technical
background. The major challenges we face are not technical
challenges; addressing and overcoming them requires seasoned
and skilled leadership. Meeting these challenges also require
support from the secretary's office, time to learn
organizational business and culture, and to establish the
relationships necessary to effectively implement change;
prioritizing amongst the many competing responsibilities of a
CIO; and, most importantly, directing and motivating employees
and contractors who are the people every CIO relies on to get
the job done and results achieved.
In my experiences, some of the issues raised, such as the
time required for CIOs to achieve transformation, are mitigated
by having a strong deputy CIO. In addition to providing for
continuity and complimenting the skills of a CIO, a good deputy
CIO can shorten the learning curve of a new CIO and free the
CIO to focus on high-priority outward-facing initiatives while
the deputy CIO serves as the chief operating official
internally, making sure that all of the trains are kept running
and that they are kept running on time. This was the model
during my tenure as deputy CIO at the Department of
Agriculture, and I like to believe that it was a successful
one.
A large part of the progress we have made in recent years
is due to the statutory framework laid out by Congress in the
Clinger-Cohen Act and related legislation, the aggressive
implementation of these laws by the Office of Management and
Budget, and the continuing, maturing role of the Federal CIO.
Thank you for the opportunity to be present today to
present my thoughts, and I look forward to any questions that I
might be able to answer.
[The prepared statement of Mr. Hobbs follows:]
[GRAPHIC] [TIFF OMITTED] 98209.067
[GRAPHIC] [TIFF OMITTED] 98209.068
[GRAPHIC] [TIFF OMITTED] 98209.069
Mr. Putnam. Thank you very much. We appreciate all of your
testimony and I am particularly pleased that we are were able
to get through it without the votes interrupting us.
For all of you, how do your offices interact with the other
high-ranking officers in the agency, like the CFO, when making
capital planning decisions? And we will begin with Ms. Nelson.
Ms. Nelson. The partnership we have with the CFO is
probably the most important partnership in the agency. We have
set up a process since I have been at EPA as part of our
investment and planning process where the deputy CIO and the
deputy CFO oversee a committee made up of others throughout the
agency that review our portfolio, and it is through that
committee that is chaired by the two offices that the portfolio
is approved and then ultimately comes to me for final approval.
I work with the CFO to ensure that everything that is in that
portfolio is accounted for in our budget. So no longer are we
doing what we used to do, which is put business cases forward
when funding didn't exist in the budget for those business
cases.
Mr. Cooper. In the Department of Homeland Security, under
the under secretary for management, all of the CXOs, the chief
administrative officer, the chief human capital officer, the
chief procurement officer, the chief financial officer, chief
information, we meet twice a week and basically are in lockstep
on almost everything related to management, particularly the
financial budget process, capital planning and investment. I
would argue that within the department we have a very strong
and every effective relationship with the other chiefs, and we
will continue to mature those processes. It is also reflected
in our investment review process, which we have introduced into
the department.
Mr. Putnam. Mr. Hitch.
Mr. Hitch. At the Department of Justice , I report from an
operational standpoint to the assistant attorney general for
administration, to whom the controller reports. So I interact
on a regular basis with the controller and the CFO. From a more
form standpoint, I chair the IT investment management process
and I invite as members both the controller and the assistant
attorney general for administration to review all our IT
projects in some level of detail as they are coming along.
Also, in the budget process, which we go through, it seems
like, all the time, but we are going through right now for the
2006 budget year, I am involved in all of the budget
deliberations about all of the IT budget items, both in the
initial cuts as well as the final cut.
Mr. Putnam. Mr. Hobbs.
Mr. Hobbs. Being new to the Department of the Treasury, our
relationship is evolving; however, to start out, we have both a
chief financial officer and a budget officer. I have been
involved in all of the 2006 budget preparations in terms of
hearings by the deputy secretary with all of the major bureaus
and asked to comment and provide feedback on proposals in that
regard. The CFO and I have a relationship that we are starting
to evolve as we look at our capital investments and our ongoing
investments, and so I believe that we are on a firm footing to
establish a very strategic and tactical relationship in terms
of our reviewing the information technology budgets and
performance of IT investments for the department.
Mr. Putnam. Mr. Hobbs, you are relatively new to the
Treasury, you said your relationship is still evolving, but
tell us, if you would, were there major differences in process,
procedures, and approach, the fusion of the CIO into management
between the two Federal departments that you have now worked
for?
Mr. Hobbs. I think it is fair to say that they are
different. At the Department of Agriculture the process was a
lot more mature. The Department of Treasury has gone through a
fairly large reorganization that has pulled a lot of that
maturity out of its organizations. It is now being
reformulated, but I think they are on a very positive path. We
have some growing to do, we have some maturing to do, but the
deputy secretary has established a process where we all have an
equal seat at the table from a management perspective, and he
expects us to work together for a common good in terms of how
we deliver goods and services back to the citizens. That
involves a very active engagement and role by the CIO in the
budget and funding process of IT investments across the
department.
Mr. Putnam. Mr. Cooper, Mr. Hitch, let me ask you a twist
on the same question. Both of you have extensive private sector
experience, senior partner at Accensure. How dramatic a
difference did you find between your work at the private sector
for years and your career in the Federal world? Mr. Hitch
first.
Mr. Hitch. Well, it was pretty dramatic. I did have a taste
of what it might be like because during my career I worked with
the Federal Government on many major projects, as well as State
and local governments, so I knew kind of what I was getting
into, but you never really know for sure until you are there.
And then going through the budget process is where you really
learn how to operate in the Federal Government, I think,
effectively. So it was a very big change, but I do think my
background prepared me very well for the challenges that I
face, because we are dealing with very large projects, we are
dealing with culture change and major change programs, and as I
said in my statement, having a business perspective is
extremely important, because we are really managing a
portfolio. And then I think also the process orientation that I
bring, understanding the business processes, where you start.
You don't start with the technology. I think really having that
as a strong background really helps me be effective in my
organization, because that is why I said my main job, I
believe, is enabling the mission of the organization through
technology.
Mr. Putnam. Mr. Cooper.
Mr. Cooper. Yes. Having served as a CIO in the private
sector, it is, in my opinion, dramatically different. In the
private sector the CIO was a member of the executive committee;
there were basically about five or six people across the
company, and those people effectively sat at the same table,
heard all the same business decisions, participated in strategy
vision development for the corporation. That is a little
different than what I have experienced thus far in the
Department of Homeland Security. Not a value judgment, just
different.
One of the things that was able to be done in the private
sector, if business drivers or external events drove a change
in the business plan of the corporation, the ability of
basically the CIO to immediately reprioritize or reprogram or
change the investment of assets or the direction of programs or
something was in fact instantaneous. That is, again, a little
bit different in the Federal sector; there are more people
involved, it is a little bit lengthier process, honestly a
little bit more convoluted for me in the learning curve type of
situation.
The other thing that plays out is that there was a more
effective process to prioritize in the private sector across
different business units. The way I would exemplify that, in
the Department of Homeland Security I can tell you the top 10
of each of our under secretaries and/or their major programs.
Where I have a little bit more difficulty is determining which
of all of those top 10 are in fact the department's top 10.
Now, part of that is maturity, so this is not criticism. We are
learning, we are shaping, we are putting processes and we are
becoming more effective with each month that goes by. But that
is a significant difference. Those three examples that I give
you are significantly different than what I had experienced in
the private sector.
Mr. Putnam. Ms. Nelson, difference between State and
Federal?
Ms. Nelson. You know, I had the good fortune of having an
almost identical position in an environmental agency in State
government, so the transition here probably wasn't nearly as
startling as it was for somebody simply coming in from the
private sector. The roles, responsibilities, and reporting
relationship were almost identical. What is different, and I
tell everybody, are things like this. We didn't have anybody in
the general assembly who really cared and held hearings. We
didn't have anybody in our legislative and budget and finance
committee, which is comparable to GAO, who cared and audited or
wrote reports. We didn't have an inspector general who provided
the kind of oversight that we often get here. And, in fact, we
didn't have anything like a Clinger-Cohen Act. What we did,
while it is almost identical to the roles and responsibilities
I have now, we simply did because it was good government, and,
consequently, we often did it without a lot of oversight like
this.
Mr. Putnam. You have heard the second panel of former CIOs,
and like all good former Federal employees, they have an awful
lot of bolder statements to make than perhaps they would have
made had they still been on the payroll. What do you glean from
what they have shared with this subcommittee, what lessons
learned can you apply, particularly with respect to the
questions that we have asked both panels, the turnover, the
reporting to the top administrator? Most of you have touched on
this, but if you would address it more fully, just if you would
reflect on what they have said with regard to those and other
matters that they raised.
Mr. Hobbs, we will begin with you.
Mr. Hobbs. And here I was waiting for you to come the other
way.
Mr. Putnam. Well, I like to keep people off guard.
Mr. Hobbs. First with respect to the issue on turnover. I
think that succession planning is an integral part of any
manager's responsibility, for one never knows the moment, the
hour, the day when a person will leave. I believe very strongly
in the dual role of the CIO and the deputy CIO. My own
experiences have demonstrated over 7 years I served under three
different CIOs, yet our organization continued, I thought, to
move forward and to function.
I am not sure that going to term appointments means any
more than going to politically appointed positions means any
more than going to career appointed positions. I think it is
inherently the responsibility of each manager to prepare for
the organization in terms of when you are not there, not so
much for while you are there. So I think succession planning is
the key and I think that it is one of the missing elements that
we have in the Federal Government in terms of how we prepared
our organizations for transitions and transformations.
I believe it is also very critical, when we talk about
transformation, I hear people talking 3, 4, and 5 years. I
believe the transformations come in succession. And what I mean
by that is, as one of my colleagues here said today, it takes
2\1/2\ years to effect a budget process. That is one form if
transformation. It takes 2 or 3 years to impact people and
culture. That is another form of transformation. The important
thing is to establish an approach and a plan about how you are
going to do it and then build in the succession planning models
that allow your organization to function in your absence. I
believe that is key and critical for us who are in government
leading large organizations.
Mr. Putnam. Mr. Hitch.
Mr. Hitch. I do think turnover is an issue. I do think that
turnover is an issue for CIOs everywhere, not just in the
Federal Government. But I do think it is even more of an issue
in the Federal Government. I think that it does take a while to
have a lasting impact. I think you need to be effective early
on and you can be effective on a lot of issues early on, but to
have a lasting impact, to really change the culture, to really
change the programs, to really bring in the people that are
needed, at least in an organization that needs a lot of help
when you first get there, is going to take a while to do. So I
think turnover is an issue. I think the 3 to 4 year timeframe
is realistic and perhaps even optimistic and aggressive, in
terms of really getting something done, but I feel that is a
good benchmark. It somewhat depends on the maturity and the
depth of the organization you came in to run, if you are taking
over. I came into an organization that didn't have a real CIO
and didn't perform many of the Clinger-Cohen functions, so I
had to create an organization, fill those positions. So I think
that turnover is an issue depending on the stability and
maturity of the CIO organization within the agency you are
talking about.
Mr. Putnam. Mr. Cooper.
Mr. Cooper. I too would agree that I think turnover is an
issue and it is important to be addressed. I would actually
concur with what Mr. Hobbs said. I think the key points that he
raised, deputy succession planning, are fundamental and
critical success factors in addressing that.
But I would offer one additional observation that I
actually haven't heard mentioned in any of our three panels
today. One of the things that I have observed in a relatively
short period of time, so I have no data beyond about 2, 2\1/2\
years, the lure of the private sector for skilled and seasoned
chief information officers out of the Federal Government is
very, very significant. One of the things that obviously plays
a role in that is kind of the overall ability of the Federal
environment to compensate and incent and reward not just chief
information officers, but key career individuals across the
Federal Government. I would suggest that perhaps over time that
might be something that could be explored through surveys or
appropriate bodies to explore how much does compensation and
incentives play a role in decisions to leave the Federal
Government from a CIO position.
Ms. Nelson. In preparation for today's hearing, I actually
brushed up on some long overdue reading and research, and while
most of it confirmed my own suspicions, there was one thing
that I found very surprising, and it was a Gartner survey of
CEOs across the country. In response to a question about
transformation, they cited two things that most often get in
the way of transformation. The first was culture, and we have
talked about that on several occasions. The second,
interestingly enough, was IT, both technology and their
technology organizations, their IT organizations. They cited
them as often being slow, cumbersome, risk adverse, and getting
in the way of the changes they want to make.
That being the case, and in combination with another survey
that was done of what are the characteristics most exhibited by
successful government CIOs, one of those characteristics was
the fact that the CEO of the organization selected the CIO. And
I think those two go hand in hand to paint the picture that I
agree with. I believe a CIO can best serve the organization if
they are political, because that means they are sitting with
the most senior leadership in the organization. In most
agencies, the senior leadership is political; the cabinet head,
the deputy secretary. So in order to be able to sit at the
table to truly understand the business, the strategy, and the
policies of the organization, I do think you need a political
CIO.
I agree with Ira that you are going to have turnover. I
don't think the turnover of political CIOs is all that much
different than the turnover of political appointees in general.
So we just need to accept the fact that you are going to have
turnover, just like the Army accepts the fact that you can
bring people in for a couple of years and train them and put
them back out when there is a draft. Accept the fact and have a
strong deputy CIO, have a strong transition planning process,
and I think those two things combined can oftentimes achieve
the greatest results, because the CIO is close to the CEO, or
in government case, a deputy secretary or agency head,
understands the demands, understands they have a short time
period, and they will push for change.
Mr. Putnam. Mr. Cooper, you raised the issue of
compensation, which is a fair one to raise. I had been raising
the issue of accountability on the negative side. Compensation
is certainly an appropriate thing to bring up on the positive
side, on the encouragement, incentivizing side. It does raise a
number of interesting questions. For example, in Department of
Homeland Security, your department's budget is what?
Mr. Cooper. For IT or overall? Overall it is about $40
billion.
Mr. Putnam. And for IT?
Mr. Cooper. About 10 percent, about 4.2 of that.
Mr. Putnam. So slightly larger than most of the private
sector companies----
Mr. Cooper. That is correct.
Mr. Putnam [continuing]. That are attracting a lot of our
talent and paying them substantially more. I hate to ask you to
solve the question that you raised, but recognizing that it is
a legitimate issue, how do we arrange a schedule that is
commensurate with running the Department of Defense, running
the Department of Homeland Security or running the Department
of Justice or Treasury? Of course, I think Mr. Hobbs just goes
out to the printer in the back room and pulls a few sheets of
or something like that to take care of the Christmas bonus. But
if you don't work in that department, how do we compensate
people and compete with the private sector, knowing what people
would be worth in the private sector for far less
responsibility than what you carry?
Mr. Cooper. Mr. Chairman, would you allow me to think on
this for a week and get back to you?
Mr. Putnam. I would.
Mr. Cooper. I don't have a good answer. I am not trying to
duck the question at all; it is one that we really have talked
about a fair amount in the department. We simply just don't
have a real effective answer yet. There is perhaps a model that
might serve. I know, for example, that in the Department of
Veterans Affairs physicians actually are on slightly different
pay scales; they are able to pay higher than just what I think
of as the GS pay scale. I also know that in our own department
there are some incentives around our scientists for,
specifically, the reason that we have to compete with the
universities and the research institutes across the United
States. Those might serve as models for key technical personnel
in the Federal Government. But if you allow me to give it a
little bit more thought, I would like to comment.
Mr. Putnam. Sure. And there is an entire commission working
on it. I think this is what somebody gave Paul Volcker the job
of going and solving this problem. It is a legitimate issue,
but there are no easy answers considering the system of
government that we have.
Mr. Hitch, what brought you into public service? What
brought you into the public sector, coming from where you were?
Mr. Hitch. Yes, I kind of went in the reverse direction
from what we find in many of the CIOs who spend a long time
career in the Government and then went outside. Frankly, I came
to the Department of Justice to make something happen that I
would hope would help the national security of the country. And
I think that goal is something that is real, the desire to do
public service, just like people in Congress or anything else;
you are here to do public service. It is especially hard on
CIOs because there is such a huge disparate pay scale, and the
draw of the counterparts in the private sector funds that work
for us who make multiples. So I think a different pay schedule,
something like Steve was talking about, may be helpful.
I do think we do need to solve better, I think, the problem
of just accountability and responsibilities, because I hear it
in a lot of private discussions among CIOs, and I also have
experience in some of the components within Justice who brought
people in from the outside, very, very accomplished CIOs who
were on the outside, who came in basically because of changes
in culture and not able to adapt quickly enough to the culture,
an inability to make something happen in a realtime basis,
which is different in the Federal Government from the private
sector. You can make things happen faster in the private
sector, that is why I made the comment about persistence.
So I think the reporting relationships are important,
because that is what enables you to make something happen in
more of a reasonable time. It is going to take longer in the
government than it does in the private sector, but if you
aren't positioned properly in the organization and don't have
enough credibility and are viewed as a peer by the people that
you need to influence strongly in order to be effective, it is
a disincentive, so that is a reason a lot of people leave.
Mr. Putnam. I would like to give our panelists an
opportunity for closing comments as we wind this down. Give us
the answer to the question you wish you had been asked or final
thoughts, whatever you choose, beginning with Ms. Nelson. And,
Mr. Hobbs, you are going to get the last word for us. So, Ms.
Nelson, you are recognized.
Ms. Nelson. The day is late, everybody is tired, I am sure,
so I have said everything I needed to say or someone else has
said it. So thank you for the opportunity.
Mr. Putnam. Beautifully spoken.
Mr. Cooper.
Mr. Cooper. That is tough to follow, but I would echo the
same thing. Thank you.
Mr. Putnam. Mr. Hitch.
Mr. Hitch. I am not going to delay this any more.
Mr. Putnam. You all act like it is excruciating.
Mr. Hobbs. I guess, Congressman, the last word does come to
me. I think it important, from my perspective, that the role of
the Federal CIO continues to be examined, and certainly applaud
you for the work that you have done within our community in the
last couple of years and continue to ask us to raise the bar in
terms of performance and in terms of accountability and in
terms of results. But I also point out sometimes that when we
are called, it seems as if we are islands unto ourselves, that
we somehow are responsible for everything. And so I simply
point out what an old friend has always said to me: it is more
about the team than it is about the individual. And that team
is both the management group across the department, as well as
the organization that CIOs build. So sometimes I think it
important to examine team performance just as closely as we
look at the CIO's role. We hope sometimes to have more
authority and more responsibility than we actually have. So I
applaud you for your effort, but I also point out the team is
smarter than any one individual is ever going to be in terms of
improving the economy and the efficiency of government, and
that is where I believe the proof of the pudding truly lies,
with the team.
Mr. Putnam. Thank you very much. I appreciate the testimony
of all of our witnesses, and in the event that there may be
additional questions we did not have time for today, the record
will remain open for 2 weeks for submitted questions and
answers.
This meeting is adjourned.
[Whereupon, at 5 p.m., the subcommittee was adjourned, to
reconvene at the call of the Chair.]
[Additional information submitted for the hearing record
follows:]
[GRAPHIC] [TIFF OMITTED] 98209.070
�