No CIO exists in a silo: What the private sector can learn from federal IT
Operational environments differ, but CIOs across all industries experience difficulties in the policies outlined by GAO. It's time for the private sector to take notice.
CIOs who are superior technicians and leaders thrive. Without a combination of those skills, their role is diminished.
Known for its bluntness served in the form of recommendations and reminders, the Government Accountability Office (GAO) has a story to tell and it's not reserved for the public sector.
GAO puts out its regular, unabashed reports as updates on federal IT and its leaders. In its latest report on federal CIOs and their responsibilities, the GAO is nothing short of brutally honest.
The latest report found that most agencies' CIOs are taking on responsibilities, even those not required in policy, yet the 24 agencies in this report "were not always very effective" in the core policies needed in IT. Until agencies are able to embrace the core policies, their ability to execute "longstanding" IT missions will be challenged, according to the report.
"The takeaway for all CIOs, private and public sector, is that the fundamentals of good project and program governance remain foundational, and one ignores them at the enterprise's peril," Adam Firestone, chief engineering officer at Secure Channels, Inc., told CIO Dive.
GAO found none of the 24 federal agencies have the responsibilities of the CIO clearly addressed that is "consistent with federal laws and guidance," according to the report. The key policies GAO highlights in a CIO's role are IT leadership/accountability, budgeting, information security, investment management, strategic planning and workforce.
In some cases GAO found agencies are exercising some of the policies, they just don't have them formalized and documented, said Carol C. Harris, director of IT acquisition management issues at GAO, in an interview with CIO Dive.
No CIO exists in a silo. So many of these tendencies are similar to issues existing in the private sector. CIOs across all industries experience difficulties in the policies outlined by GAO, just in different operational environments. It's time for the private sector to take notice.
Birds of a feather flock together
Private sector CIOs have no obligation to pick up a GAO report and apply to their own organization, but it could help. If anything, private sector CIOs,"can probably empathize," with their federal counterparts, Tammy Alairys, principal, NA Technology Transformation Lead at EY, told CIO Dive.
Though missions differ, CIOs have common skills and approaches to IT.
Performance indicators between private and public sectors are closely aligned and yet "I cannot recall a time when a private sector CIO asked for insights of what is happening" in the public sector, Jenifer Williams, executive director, IT Advisory Services at EY, told CIO Dive.
A separation in IT continues between the sectors and its wreaking damage on cybersecurity, talent retention and modernization. Both sectors stand to benefit in some regard with a more transparent relationship, but more change is needed.
The policies outlined by GAO are meant to aid leadership in reevaluating an organization's mission and how it approaches it. This report serves as a "clarion call" for all IT to embrace that moment of reflection and self-examination, according to Firestone.
Questions like "does this policy echo some of the things outlined by GAO?" Followed by "if they share similarities, are we defining them clear enough," and so on, according to Firestone. A GAO report, in this sense, presents itself as an outline for private organizations to loosely base their own processes for review.
The frustrations of CIOs are also similar between the private and public sectors. Many federal CIOs do not have a direct reporting line to their agency's secretary or deputy secretary, resulting in a void of communication, according to Harris. If CIOs don't have direct access to other chief executives, "it's a missed opportunity in being able to effectively manage IT operations."
Private sector CIOs also have to fight for their voice at the C-suite table. But federal CIOs have laws in place, like the Federal Information Technology Acquisition Reform Act, to protect and promote their authority.
Still, legislation does not always cement their empowerment among other executives. If a CIO's skills and creativity are not enough to secure agency influence, how much will a law help?
Tall tale differences
Though GAO is often referred to as a government watchdog, portraying it that way is "potentially pejorative and counterproductive," said Firestone. Instead, GAO should be seen more as a "catalyst for informing positive cultural norms of introspection … one from which the private sector would do well to learn."
But right now, private sector CIOs aren't really keen on listening to a government watchdog, even if they are catalysts.
Even though a partnership between the sectors is needed, their differences aren't always in favor of the private. The federal government, for example, may have a lead in more effectively and practically emerging tech, like blockchain, than the private sector, according to to Williams.
Still, the public sector's confinements, in the form of legislation and regulation, have resulted in its introspection, according to Firestone. The government's self-examination is also something different from the way the private sector tends to work.
"The fact that such a culture may be spawned and nurtured in a regulatory incubator doesn't mean it's at all inapplicable to the private sector," he said. The differences in culture between the sectors opens the door to "educational synergy." The private sector can trade its agile culture and adaptivity with the public sector's own self-analysis.
Another difference is in how long a CIO stays in a role. The average tenure of CIOs in the private sector is about 4.3 years, and federal CIOs need about three to five years in office to be effective, according to Harris. However, the last year and a half invited uncertainty into federal IT leadership.
In one month last year, five federal CIOs departed their position. Such disruption can lead to unintended consequences like stalled projects and a loss in momentum. "The private sector CIO role is in a much more transitional state than the federal government CIO, which is still very traditional," said Williams. This boils down to more flexibility in private sector IT because of its rapid adoption of the anything as a service (XaaS) model.
Government IT is making its way to an XaaS model, but it's taking time. The process is slowed by demanding procurement and security processes and some oversight of the U.S. Federal CIO.
And while hiring is not necessarily the problem for GPS IT, retention is, especially when Silicon Valley-type companies are the competition.
"In general, the private sector will be asked to move more quickly, do more with less, work in a distributed model and drive new technology into the organization," said Alairys.
Follow Samantha Ann Schwartz on Twitter