Advertisement

Lawmakers unhappy with Pentagon’s claiming of FITARA exemptions

Some House members have had enough with the Pentagon's lack of transparency regarding its IT spending.
US Pentagon at sunset
(Getty Images)

House lawmakers Tuesday condemned the Defense Department for continually claiming exemptions from the Federal IT Acquisition Reform Act.

The Oversight and Government Reform Committee and the Government Accountability Office together issued the fourth iteration of the FITARA Scorecard on Tuesday, grading agencies on their compliance with the 2014 law, which enhances federal CIOs’ budget authority and increases their accountability for that spending.

While this scorecard was the first to give an agency an “A” grade — the U.S. Agency for International Development made dramatic progress after getting three straight “Ds” — DOD’s lone “F” irritated several committee members.

The Pentagon claims that many of its networks qualify as national security systems, and therefore they’re exempt from FITARA requirements, particularly tracking them on the federal IT Dashboard. Consequently, the DOD received a “D” on on each of the first three congressional FITARA assessments.

Advertisement

So when DOD deleted about $15 billion worth of its IT investments from the IT Dashboard recently, designating them as classified, national security systems, the department hit an all-time low in its FITARA compliance, Dave Powner, director of IT management issues  for the GAO, explained at Tuesday’s hearing.

Sure, “it’s OK” to have “exemptions for national security systems, but to have $15 billion magically appear under that umbrella doesn’t seem right,” Powner said.

“Well it doesn’t seem right to me either,” agreed Rep. Mark Meadows, R-N.C., threatening to pull his support of the administration’s request for increased DOD funding unless the department becomes more transparent in its spending.

Powner said if there’s any agency that need shouldn’t be exempt from FITARA, it’s the Defense Department. “If any organization needs a private sector type CIO, it’s DOD,” he said.

The committee called the hearing to question officials from the Department of Health and Human Services — another federated organization with a plagued history of FITARA Scorecard grades — on their lack of progress with the law. But many couldn’t get past the DOD’s score and the department’s seeming lack of cooperation to better it.

Advertisement

“They have their own little world,” FITARA co-author Rep. Darrell Issa, R-Calif., said. “They said they already fixed it with [an] earlier bill.”

Rep. Gerry Connolly, D-Va., who helped Issa write the legislation, called DOD’s management “recalcitrant” and “arrogant.”

“‘Don’t bother us of these troublesome requirements or standards. We are exempt from everything. We will police ourselves and we will set our own goals an objectives and metrics,'” Connolly said wryly of DOD’s regard for the law.

He continued: “The fact that they of course fall short of everybody else’s is immaterial. And what’s so disturbing about that is they’re the big budget. All of us agreed on a bipartisan basis to insist that they improve their performance, that they come into compliance like every other federal agency. And the burden is on them even greater because they have the dollars. They have the biggest budget of anybody, and they’re about to get bigger.”

Despite his frustration with the Pentagon, Connolly still pledged to help the DOD “get right with the Lord.”

Advertisement

“[W]e’re going to help them along on a bipartisan basis,” he said. “I believe the scorecard is a terribly important tool for measuring progress … it’s not designed to be a scarlet letter on anyone’s back. It’s designed to prod senior management provide the wherewithal to the CIO in a reporting sequence, but also empowerment.”

Rep. Will Hurd, the Texas Republican chairman of Government Reform’s IT Subcommittee, put the 24 agencies who must comply with FITARA on notice, saying that the committee will not relent in its mission to shore up federal IT.

“When the next cyberattack happens, and we’ve gone through all these conversations —guess what?” Hurd said. “We’re dragging everybody up in front of here. If we have to use subpoenas, we will. We’ve done it before, we’ll do it again.

“I want to make sure that you have all the authorities you can,” he said.

Latest Podcasts