VA’s Implementation of the FITARA Chief Information Officer Authority Enhancements

Veterans Affairs Office of Inspector General (OIG) sent this bulletin at 06/09/2020 01:55 PM EDT

Bookmark and Share

Having trouble viewing this email? View it as a Web page.

You are subscribed to Oversight Reports for Veterans Affairs Office of Inspector General (OIG). This information has recently been updated, and is now available.

Given VA's need to focus on the COVID-19 response, the OIG has developed interim measures for releasing oversight reports. At this time, the OIG is generally releasing only those reports relevant to the COVID-19 pandemic; statutorily required or responsive to congressional requests; or that involve compelling circumstances related to the welfare of veterans, the safety of patients and VA personnel, or pose significant risks to VA resources. The report VA's Implementation of the FITARA Chief Information Officer Authority Enhancements is statutorily required. 

 

VA’s Implementation of the FITARA Chief Information Officer Authority Enhancements
06/08/2020 08:00 PM EDT

The OIG conducted this audit to determine whether VA implemented key elements of the Federal Information Technology Acquisition Reform Act (FITARA) consistent with the requirements for Chief Information Officer Authority Enhancements (Section 831). Specifically, the audit team evaluated two groups of requirements involving the role of the VA chief information officer during fiscal year 2018. They related to the CIO (1) reviewing and approving all information technology (IT) asset and service acquisitions across the VA enterprise and (2) planning, programming, budgeting, and executing the functions for IT, including governance, oversight, and reporting. The audit team found that VA did not meet FITARA requirements and identified several causes. These include VA policies and processes that limited the chief information officer’s review of IT investments and the oversight of IT resources. The audit team noted that limitations to the chief information officer’s role could adversely affect VA’s ability to achieve its goal to modernize systems and focus resources more efficiently. The OIG made 10 recommendations to help the department meet FITARA requirements. The recommendations focused on VA ensuring that the chief information officer reviews and approves all IT acquisitions. A chief information officer assignment plan should also be submitted for the Office of Management and Budget’s review and approval. Other recommendations called for implementing an agencywide IT acquisition awareness and training program covering FITARA requirements; providing clear and consistent acquisition processes to ensure FITARA compliance; ensuring all VA administration and staff offices work with the chief information officer for planning, programming, budgeting, and execution of all IT resources; and implementing department-level oversight processes to ensure the chief information officer is a member of governance boards that make informed decisions on all IT resources across the agency.