VA’s Implementation of the FITARA Chief Information Officer Authority Enhancements

Report Information

Issue Date
Closure Date
Report Number
18-04800-122
VISN
State
District
VA Office
Information and Technology (OIT)
Report Author
Office of Audits and Evaluations
Report Type
Audit
Report Topic
Information Technology and Security
Major Management Challenges
Information Systems and Innovation
Recommendations
10
Questioned Costs
$0
Better Use of Funds
$0
Congressionally Mandated
No

Summary

Summary

The OIG conducted this audit to determine whether VA implemented key elements of the Federal Information Technology Acquisition Reform Act (FITARA) consistent with the requirements for Chief Information Officer Authority Enhancements (Section 831). Specifically, the audit team evaluated two groups of requirements involving the role of the VA chief information officer during fiscal year 2018. They related to the CIO (1) reviewing and approving all information technology (IT) asset and service acquisitions across the VA enterprise and (2) planning, programming, budgeting, and executing the functions for IT, including governance, oversight, and reporting. The audit team found that VA did not meet FITARA requirements and identified several causes. These include VA policies and processes that limited the chief information officer’s review of IT investments and the oversight of IT resources. The audit team noted that limitations to the chief information officer’s role could adversely affect VA’s ability to achieve its goal to modernize systems and focus resources more efficiently. The OIG made 10 recommendations to help the department meet FITARA requirements. The recommendations focused on VA ensuring that the chief information officer reviews and approves all IT acquisitions. A chief information officer assignment plan should also be submitted for the Office of Management and Budget’s review and approval. Other recommendations called for implementing an agencywide IT acquisition awareness and training program covering FITARA requirements; providing clear and consistent acquisition processes to ensure FITARA compliance; ensuring all VA administration and staff offices work with the chief information officer for planning, programming, budgeting, and execution of all IT resources; and implementing department-level oversight processes to ensure the chief information officer is a member of governance boards that make informed decisions on all IT resources across the agency.

Open Recommendation Image, SquareOpenClosed and Implemented Recommendation Image, CheckmarkClosed-ImplementedNot Implemented Recommendation Image, X character'Closed-Not Implemented
No. 1
Closed and Implemented Recommendation Image, Checkmark
to Information and Technology (OIT)
Closure Date: 12/14/2020
The OIG recommends the Chief of Staff for Veterans Affairs ensures the Chief Information Officer, in conjunction with VA administrations and program offices develop and implement policy to support the Federal Information Technology Acquisition Reform Act delegation process and submit a Chief Information Officer Assignment Plan for the Office of Management and Budget’s review and approval.
No. 2
Closed and Implemented Recommendation Image, Checkmark
to Information and Technology (OIT)
Closure Date: 12/14/2020
The OIG recommends the Chief of Staff for Veterans Affairs ensures the Chief Information Officer, in conjunction with VA administrations and program offices establish internal controls sufficient to ensure the Chief Information Officer or the appropriate delegate reviews and approves all information technology acquisitions, regardless of appropriation, and implement improved VA policies and procedures to reflect these business processes.
No. 3
Closed and Implemented Recommendation Image, Checkmark
to Information and Technology (OIT)
Closure Date: 6/9/2020
The OIG recommends the Chief of Staff for Veterans Affairs ensures the Chief Information Officer, in conjunction with VA administrations and program offices modify all VA policy and guidance regarding implementation of Federal Information Technology Acquisition Reform Act requirements to provide clear and consistent Information Technology acquisition processes across the department.
No. 4
Closed and Implemented Recommendation Image, Checkmark
to Information and Technology (OIT)
Closure Date: 12/14/2020
The OIG recommends the Chief of Staff for Veterans Affairs ensures the Chief Information Officer, in conjunction with VA administrations and program offices develop and implement agency wide information technology acquisition awareness and training programs to improve VA employees’ understanding of Federal Information Technology Acquisition Reform Act requirements and the Chief Information Officer’s authority to review and approval all information technology acquisitions.
No. 5
Closed and Implemented Recommendation Image, Checkmark
to Information and Technology (OIT)
Closure Date: 2/6/2023
The OIG recommends the Chief of Staff for Veterans Affairs ensures the Chief Information Officer, in conjunction with VA administration and staff offices revise VA Directive 6008 to clarify the Chief Information Officer’s authority and roles in the planning, programming, budgeting, and execution of all information technology resources.
No. 6
Closed and Implemented Recommendation Image, Checkmark
to Information and Technology (OIT)
Closure Date: 12/14/2020
The OIG recommends the Chief of Staff for Veterans Affairs ensures the Chief Information Officer, in conjunction with VA administration and staff offices develop and implement policies and procedures across all VA administration and staff offices to specifically identify and separate information resources from non-IT resources, regardless of funding appropriation.
No. 7
Closed and Implemented Recommendation Image, Checkmark
to Information and Technology (OIT)
Closure Date: 1/20/2022
The OIG recommends the Chief of Staff for Veterans Affairs ensures the Chief Information Officer, in conjunction with VA administration and staff offices establish policies and procedures for all VA administration and staff offices to work with the Chief Information Officer for planning, programming, budgeting, and execution of all information technology resources and to manage VA’s overall information technology portfolio with resources that effectively achieve program and business objectives.
No. 8
Closed and Implemented Recommendation Image, Checkmark
to Information and Technology (OIT)
Closure Date: 1/20/2022
The OIG recommends the Chief of Staff for Veterans Affairs ensures the Chief Information Officer, in conjunction with VA administration and staff offices establish and implement department-level information technology governance and oversight processes to ensure that the Chief Information Officer is a member of VA governance boards that inform decisions on all information technology resources across the agency, regardless of funding appropriation.
No. 9
Closed and Implemented Recommendation Image, Checkmark
to Information and Technology (OIT)
Closure Date: 12/14/2020
The OIG recommends the VA Assistant Secretary for Information and Technology fully develop and implement the Office of Information and Technology governance framework to ensure Federal Information Technology Acquisition Reform Act requirements are met.
No. 10
Closed and Implemented Recommendation Image, Checkmark
to Information and Technology (OIT)
Closure Date: 12/14/2020
The OIG recommends the VA Assistant Secretary for Information and Technology fully implement the functionality of the Office of Strategic Planning and Analysis to ensure Federal Information Technology Acquisition Reform Act compliance for information technology strategic planning.