[House Hearing, 106 Congress] [From the U.S. Government Publishing Office] THE PERFORMANCE OF FEDERAL CIOs: HOW DO THEY COMPARE TO CIOs IN THE PRIVATE SECTOR? ======================================================================= HEARING before the SUBCOMMITTEE ON GOVERNMENT MANAGEMENT, INFORMATION, AND TECHNOLOGY of the COMMITTEE ON GOVERNMENT REFORM HOUSE OF REPRESENTATIVES ONE HUNDRED SIXTH CONGRESS SECOND SESSION __________ MARCH 24, 2000 __________ Serial No. 106-174 __________ Printed for the use of the Committee on Government Reform Available via the World Wide Web: http://www.gpo.gov/congress/house http://www.house.gov/reform __________ U.S. GOVERNMENT PRINTING OFFICE 68-507 WASHINGTON : 2001 _______________________________________________________________________ For sale by the Superintendent of Documents, U.S. Government Printing Office Internet: bookstore.gpo.gov Phone: (202) 512-1800 Fax: (202) 512-2250 Mail: Stop SSOP, Washington, DC 20402-0001 COMMITTEE ON GOVERNMENT REFORM DAN BURTON, Indiana, Chairman BENJAMIN A. GILMAN, New York HENRY A. WAXMAN, California CONSTANCE A. MORELLA, Maryland TOM LANTOS, California CHRISTOPHER SHAYS, Connecticut ROBERT E. WISE, Jr., West Virginia ILEANA ROS-LEHTINEN, Florida MAJOR R. OWENS, New York JOHN M. McHUGH, New York EDOLPHUS TOWNS, New York STEPHEN HORN, California PAUL E. KANJORSKI, Pennsylvania JOHN L. MICA, Florida PATSY T. MINK, Hawaii THOMAS M. DAVIS, Virginia CAROLYN B. MALONEY, New York DAVID M. McINTOSH, Indiana ELEANOR HOLMES NORTON, Washington, MARK E. SOUDER, Indiana DC JOE SCARBOROUGH, Florida CHAKA FATTAH, Pennsylvania STEVEN C. LaTOURETTE, Ohio ELIJAH E. CUMMINGS, Maryland MARSHALL ``MARK'' SANFORD, South DENNIS J. KUCINICH, Ohio Carolina ROD R. BLAGOJEVICH, Illinois BOB BARR, Georgia DANNY K. DAVIS, Illinois DAN MILLER, Florida JOHN F. TIERNEY, Massachusetts ASA HUTCHINSON, Arkansas JIM TURNER, Texas LEE TERRY, Nebraska THOMAS H. ALLEN, Maine JUDY BIGGERT, Illinois HAROLD E. FORD, Jr., Tennessee GREG WALDEN, Oregon JANICE D. SCHAKOWSKY, Illinois DOUG OSE, California ------ PAUL RYAN, Wisconsin BERNARD SANDERS, Vermont HELEN CHENOWETH-HAGE, Idaho (Independent) DAVID VITTER, Louisiana Kevin Binger, Staff Director Daniel R. Moll, Deputy Staff Director David A. Kass, Deputy Counsel and Parliamentarian Lisa Smith Arafune, Chief Clerk Phil Schiliro, Minority Staff Director ------ Subcommittee on Government Management, Information, and Technology STEPHEN HORN, California, Chairman JUDY BIGGERT, Illinois JIM TURNER, Texas THOMAS M. DAVIS, Virginia PAUL E. KANJORSKI, Pennsylvania GREG WALDEN, Oregon MAJOR R. OWENS, New York DOUG OSE, California PATSY T. MINK, Hawaii PAUL RYAN, Wisconsin CAROLYN B. MALONEY, New York Ex Officio DAN BURTON, Indiana HENRY A. WAXMAN, California J. Russell George, Staff Director and Chief Counsel Randy Kaplan, Counsel Bryan Sisk, Clerk Trey Henderson, Minority Counsel C O N T E N T S ---------- Page Hearing held on March 24, 2000................................... 1 Statement of: Doll, Otto, commissioner, Bureau of Information and Technology, State of Arizona, president, National Association of State Information Resource Executives....... 34 Flyzik, Jim, Chief Information Officer, Department of the Treasury, vice chairman, CIO Council....................... 25 Knutson, Gerald J., vice president, Communications and Information Services, U.S. West............................ 64 Krupa, Suzanne, chief information officer, the Rowe Companies 70 McClure, David L., Associate Director, Governmentwide and Defense Information Systems, U.S. General Accounting Office 4 Letters, statements, et cetera, submitted for the record by: Doll, Otto, commissioner, Bureau of Information and Technology, State of Arizona, president, National Association of State Information Resource Executives, prepared statement of...................................... 37 Flyzik, Jim, Chief Information Officer, Department of the Treasury, vice chairman, CIO Council, prepared statement of 28 Horn, Hon. Stephen, a Representative in Congress from the State of California, prepared statement of................. 3 Knutson, Gerald J., vice president, Communications and Information Services, U.S. West, prepared statement of..... 66 McClure, David L., Associate Director, Governmentwide and Defense Information Systems, U.S. General Accounting Office, prepared statement of.............................. 7 THE PERFORMANCE OF FEDERAL CIOs: HOW DO THEY COMPARE TO CIOs IN THE PRIVATE SECTOR? ---------- FRIDAY, MARCH 24, 2000 House of Representatives, Subcommittee on Government Management, Information, and Technology, Committee on Government Reform, Washington, DC. The subcommittee met, pursuant to notice, at 10 a.m., in room 2154, Rayburn House Office Building, Hon. Stephen Horn (chairman of the subcommittee) presiding. Present: Representatives Horn and Turner. Staff present: J. Russell George, staff director and chief counsel; Randy Kaplan, counsel; Matt Ryan, senior policy director; Bonnie Heald, director of communications; Bryan Sisk, clerk; Ryan McKee, staff assistant; Trey Henderson, minority counsel; and Jean Gosa, minority assistant clerk. Mr. Horn. The Subcommittee on Government Management, Information, and Technology will come to order. The purpose of this hearing is to assess the effectiveness of Federal Government's chief information officers, the CIOs, in comparison to their counterparts in the public and private sectors. The Clinger-Cohen Act of 1996 required each of the major departments and agencies in the executive branch to appoint a CIO to manage the agencies' information technology programs. In addition, the Clinger-Cohen Act required that agencies reform their information technology management organizations based largely on the successful practices of the private sector. To emphasize the importance of the CIO's role in management, the act also required that the Federal CIOs report directly to agency heads. This morning the General Accounting Office will release a new executive guide entitled, ``Maximizing the Success of Chief Information Officers: Learning from Leading Organizations.'' This GAO guide acknowledges that the position of CIO in the Federal Government is still evolving. And, in fact, agencies are taking steps toward better utilizing the talents and leadership of their CIOs. However, the breathtaking speed of this information age demands an equally fast response from Federal agencies. From e-government and e-security to e-taxes, chief information officers in the private sector have provided the technical and managerial expertise that has successfully brought corporate America into an era dominated by high technology. The private sector knows that information management not only dictates how a business works, but increasingly defines what that business is. Federal CIOs must be empowered to provide the same type of leadership in government agencies. The Federal Government's senior management, the Cabinet Secretaries, agency leaders, their immediate staffs and the CIOs, must rise together to meeting the technical and management challenges that lie ahead. The Federal Government cannot respond to the information age in a stone age manner. We welcome our panel of witnesses, and we look forward to your testimony. [The prepared statement of Hon. Stephen Horn follows:] [GRAPHIC] [TIFF OMITTED] T8507.001 Mr. Horn. Let me explain how we work here. One, we swear in all the witnesses. No. 2, we go down the line of the agenda, and automatically your full statement is put in the record. We would like you to summarize it between 5 and 8 minutes, and that permits us to have a lot of time for questioning and a dialog between members of the panel. So if you would stand, raise your right hands, we will swear you in. And anybody that is going to be whispering to you, put them up, too. [Witnesses sworn.] Mr. Horn. The clerk will note that all five witnesses have affirmed the oath. Mr. McClure is the Associate Director for the Governmentwide and Defense Information Systems for the GAO. STATEMENT OF DAVID L. McCLURE, ASSOCIATE DIRECTOR, GOVERNMENTWIDE AND DEFENSE INFORMATION SYSTEMS, U.S. GENERAL ACCOUNTING OFFICE Mr. McClure. Thank you, Mr. Chairman. It is a pleasure to be here and talk about the role of the chief information officer in the Federal Government and to introduce our recent study on maximizing the success of chief information officers. Your subcommittee plays a very important role in focusing both oversight attention and facilitating constructive dialog on critical information management issues in the government, and we are looking forward to working with you in that regard. Mr. Chairman, we are witnessing an unparalleled movement into the electronic and digital age for business and government. In the Federal Government, technology investments are paramount to realizing the programmatic results expected under the Results Act, to improve basic fundamental management and to maximize human capital skills. IT projects, as you know, can produce spectacular improvements in operations and performance if managed well. They can leave legacies of costly failures if managed poorly. With the spending rate for IT approaching $40 billion annually, we can ill-afford not to manage these investments with increasing scrutiny and a demand for tangible benefits at acceptable cost. The CIO positions were created by the Clinger-Cohen Act in 1996 to tackle these issues. The progress to date is mixed and uneven. We certainly made a lot of progress in many areas. There is more interaction between Federal CIOs, program managers, and chief executives in the Federal agencies than in the past. Senior investment boards have been created and are being used on a consistent basis across almost all of the major Federal departments and agencies to make investment decisions. We have a very active CIO Council that has brought governmentwide attention to some important issues like security, critical infrastructure protection, IT human capital, and investment planning. The heavy involvement of the CIOs in the Y2K problem also helped to sensitize agency executives to the increasing role that technology is playing in helping to achieve their mission outcomes and in their daily operations. We have as a result of the Y2K experience a much better inventory of mission-critical systems in the Federal Government. However, we also have problem areas that continue to persist, and in our reviews of agencies since the Clinger-Cohen Act, we have noticed a consistent pattern of problems. There is inconsistent application of IT investment management across the government, and incomplete cost-benefit and risk data before projects are actually approved. Improvements are needed in software development, architecture, and certainly to security. These are areas where the Federal CIOs can certainly help make marked improvements and move the government forward. Today we are releasing our executive guide on maximizing the success of chief information officers. It is one in a series of guides that we have put out on best practices in information management and technology. Others have dealt with investment management, capital planning, security, and human capital, and many of these guides have formed governmentwide consensus on how to basically approach some of the fundamental IT management challenges in government. What I wanted to do with you today is give you some highlights of what we found in the study and answer any questions that you may have about the specifics. We have a chart up in the hearing room that basically outlines for you what we found in the study, and I just wanted to again point out some highlights. We found some critical success factors, some guiding principles, and some key players that are important to achieve success of CIOs. The first column, downward column, on the chart focuses on alignment and has to do with factors that are outside the domain of the CIO. This is an important point. In all of the case study organizations that we have looked at, the success of the CIO was heavily dependent upon executive management understanding, first, in the role of information management to the organization, and second, in figuring out the best positioning of the CIO in the organization structurally as well as the skill set that meets the organizational needs and problems that the company or the public sector organization is experiencing at that moment in time. There is no cookie-cutter approach to selecting a CIO. Our study showed that. There is a fundamental need for both business as well as technical skills. The key point is matching the right person to the organizational needs at that moment, and that direction coming from the executive level of the corporation. The second downward column deals with promoting organizational credibility, and this is, again, an important point to make in this regard. CIOs in these organizations focused on earning credibility and establishing credibility, and used a series of management approaches to do so. They managed to put in standards, processes, and basic approaches that consistently followed industry standards for good IT management. They were constantly focused on results, and balancing both short-term results with a need to show long-term improvement. The need for short-term results was critical for the CIOs to be able to establish their credibility record and to partner effectively with the business side of the organization. In the third column are our execution responsibilities. Once a CIO is positioned, and once he or she determines how to build credibility through informal and formal networks, we have to get down to the business of implementation. Several key practices were notable here. First, organizing the CIO organization in a way that, again, provided effective services and products to the organization that it served. Not all of them were formed in the same fashion, not all of them were focused on the same products and service delivery, but this was a dialog they had to have with the business of the corporation before they could figure out what skill sets and what particular products and services were critical to achieving mission or programmatic outcomes. The last column deals with developing human capital. This is pressing for private and public sector. It is a competitive market. We noticed in the best practice organizations that we looked at, there was a variety of techniques used for attracting, retaining, and refreshing skill sets. And there were a variety of techniques used to motivate employees internally to make sure that they executed their responsibilities in a very, very well-conducted fashion. If we compare the Federal agencies to those practices, we find one area of commonality, and that deals with credibility- building. We see a lot of success in the Federal CIOs in the last 4 years moving to use informal and formal means to establish credibility. In the other areas there is less commonality and distinct chart differences. Federal organizations don't go through the same process in which the chief executive officer along with the executive peers figure out what specific skills they need in a CIO before the selection is made. We see less interaction between the CIOs in the Federal Government and the executive management tier, and we also see less focus of the Federal CIOs on performance measurement both at the project level, but, more importantly, on the IT function itself, and how it is delivering value to the organization as a whole. So in conclusion, the study points out that there are indeed areas where we can learn to capitalize more on positioning and putting in place CIOs that can really make a difference. Agency leaders must help facilitate success in IT management. The CIOs are necessary, but alone they cannot do this job. They have to have top executive support. They have to have working partnerships with business--the business side of the organization, and they have to have skilled and motivated people to be able to pull off the vast range of responsibilities that they have. The CIOs themselves can reinforce these things, and in the years to come we should be looking for CIO credibility to be enhanced through attention to those specific areas. And progress has certainly been made, and it is admirable progress in the short time since the passage of the act. I will be happy to answer questions specifically about the guide as we move on. Mr. Horn. Thank you very much, Mr. McClure. [The prepared statement of Mr. McClure follows:] [GRAPHIC] [TIFF OMITTED] T8507.002 [GRAPHIC] [TIFF OMITTED] T8507.003 [GRAPHIC] [TIFF OMITTED] T8507.004 [GRAPHIC] [TIFF OMITTED] T8507.005 [GRAPHIC] [TIFF OMITTED] T8507.006 [GRAPHIC] [TIFF OMITTED] T8507.007 [GRAPHIC] [TIFF OMITTED] T8507.008 [GRAPHIC] [TIFF OMITTED] T8507.009 [GRAPHIC] [TIFF OMITTED] T8507.010 [GRAPHIC] [TIFF OMITTED] T8507.011 [GRAPHIC] [TIFF OMITTED] T8507.012 [GRAPHIC] [TIFF OMITTED] T8507.013 [GRAPHIC] [TIFF OMITTED] T8507.014 [GRAPHIC] [TIFF OMITTED] T8507.015 [GRAPHIC] [TIFF OMITTED] T8507.016 [GRAPHIC] [TIFF OMITTED] T8507.017 [GRAPHIC] [TIFF OMITTED] T8507.018 [GRAPHIC] [TIFF OMITTED] T8507.019 Mr. Horn. The document that I have been thumbing my fingers through looks like a very thorough job, and I believe you might have a best-seller at the Government Printing Office. Next is Mr. Jim Flyzik, Chief Information Officer, Department of the Treasury, and vice chairman of the CIO Council. Mr. Flyzik. STATEMENT OF JIM FLYZIK, CHIEF INFORMATION OFFICER, DEPARTMENT OF THE TREASURY, VICE CHAIRMAN, CIO COUNCIL Mr. Flyzik. Mr. Chairman and members of the subcommittee, I appreciate the opportunity to discuss the role of the chief information officer in the public and private sectors. First I want to thank the chairman and other members of this subcommittee for your continued support and encouragement toward the improvement of information technology performance and accountability in the Federal Government. As many of you know, I serve as the Deputy Assistant Secretary for Information Systems and Chief Information Officer for the Treasury Department. In this role I recognize I provide strategic direction and oversight for all information technology programs within the Treasury Department and its 14 bureaus. Since February 1998, I have served as the vice chair of the Federal CIO Council, where I play a key role in the strategic direction of the Council and the Federal Government's use of information technology. Today I would like to focus my comments on three issues: the evolution of the CIO in the Federal Government, some differences between the public and private sector CIO roles, and key challenges facing Federal CIOs. The role of the CIO in public sector is evolving through various stages. In the first stage the role was ill-defined, and the CIO was thought of as a technician and then perhaps as an adjunct to the CFO. As a result of the Clinger-Cohen Act, the work of the Federal CIO Council, the growth of the Internet, e-commerce, and the success in addressing the Y2K problem, the CIO is now progressing toward a business partner and a peer with senior management. CIOs were able to demonstrate their value and the value of technology to their organizations while addressing the serious issues involved with Y2K. In the private sector many CIOs have evolved into a chief technology officer, working side by side with the CEO, as evidenced by the many dot-com organizations. The public sector CIO has not yet reached this level of influence. As my colleague, the Associate Director of the GAO, has testified, most business decisions today involve technology. The CIO should be positioned at the table with the CEO, chief operating officer, and CFO where he can work as a team with senior management. It is critical that the CIO be involved in agency budget and resource allocation decisions. If CIOs are to be held responsible and accountable for results, they will need the authority to influence resource decisions. At Treasury I am fortunate to have an excellent working relationship with the CFO and other senior officials, which allows me to be involved in all investment decisions. There is also a disparity from agency to agency in the organizational placement and authority of the CIO. Regardless of the organization placement, however, CIOs must demonstrate value and earn credibility to be effective. Although many of the key IT challenges within the public and private sector are similar, there are several areas where they differ. As public employees, we must abide by statutory and regulatory requirements unique to the Federal Government. We agree that these requirements are important and necessary to guarantee the integrity of our actions for our citizens, but we must also recognize that they impose restraints on our ability to procure products and services, recruit IT professionals, and quickly make resource adjustments to meet dynamic market priorities. Let me explain. The public sector cannot compensate IT professionals at the same level as the private sector. We are constrained in hiring young IT professionals at entry levels competitive with the private sector. The private sector can recruit based on talent and based on market conditions. We also have a difficult time justifying promotions based on specialized technical skills. The Federal CIO Council is working closely with the Office of Personnel Management to address these concerns. Private sector CIOs can work directly with their CEO to make immediate decisions on resource allocation and procurement priorities to meet changing market drivers. Public sector CIOs must plan well in advance and work through various layers of government to achieve such change. Another concern is difficulty of the government to fund interagency and intergovernmental IT programs. Although the business cases for governmentwide efforts are compelling, the current appropriations processes make funding such projects problematic. The current ``passing of the hat'' approach to interagency project funding is not a viable long-term solution. The Federal CIO Council is working with OMB, the CFO Council, and other governmentwide groups to identify possible strategies to address this matter. CIOs in the public sector also carry unique responsibilities to set information policies within their agencies and comply with governmentwide policies. The public sector CIO must find ways to reduce paperwork burdens on the public, adopt sound records management programs, and disseminate government information. Last, I would like to mention some challenges facing Federal CIOs. There have been several studies focusing on these challenges. I had the opportunity to participate in many of these studies, including the fine work done by GAO in the report they are releasing at this hearing today. Some challenges CIOs face include taking advantage of rapidly evolving technology to make the government more effective, hiring and retaining skilled IT professionals in the government, assuring information system security and privacy in preventing unauthorized system intrusions, obtaining adequate funding particularly for interagency and intergovernmental programs, and empowering the CIO as a key decisionmaker and ensuring that we cost-effectively apply technology through such processes as IT capital planning and investment management within the agency. In summary, I would like to reiterate that the position of the CIO is evolving in a positive direction. I believe the Y2K success, the Internet, e-commerce, and other industry trends are creating a heightened awareness of the importance of information technology. This heightened awareness will accelerate the evolution of the Federal CIO consistent with the experiences in the private sector. It will also result in the true implementation of all provisions of the Clinger-Cohen Act. I would like to thank the subcommittee for the support it has given to the work of the Federal CIO Council. Without your support, we would not have been able to achieve the national success we enjoyed with Y2K. I would also like to express my appreciation and commend GAO for the excellent work they are doing in this area. I would like to thank the members of the subcommittee for the opportunity to present to you this morning. Mr. Chairman, this concludes my formal remarks, and I would be happy to respond to questions. Mr. Horn. Thank you, Mr. Flyzik. That is helpful testimony from the firing line. [The prepared statement of Mr. Flyzik follows:] [GRAPHIC] [TIFF OMITTED] T8507.020 [GRAPHIC] [TIFF OMITTED] T8507.021 [GRAPHIC] [TIFF OMITTED] T8507.022 [GRAPHIC] [TIFF OMITTED] T8507.023 [GRAPHIC] [TIFF OMITTED] T8507.024 [GRAPHIC] [TIFF OMITTED] T8507.025 Mr. Horn. Next is Mr. Otto Doll, the Commissioner of the Bureau of Information and Technology, the State of South Dakota, and president of the National Association of State Information Resource Executives. Mr. Doll, we are delighted to have you with us. STATEMENT OF OTTO DOLL, COMMISSIONER, BUREAU OF INFORMATION AND TECHNOLOGY, STATE OF ARIZONA, PRESIDENT, NATIONAL ASSOCIATION OF STATE INFORMATION RESOURCE EXECUTIVES Mr. Doll. Thank you, Mr. Chairman and members of the subcommittee. I appreciate the opportunity this morning to share the State's insight into the dynamics of the CIO-Governor relationship that has evolved over the last few years. Public sector CIOs can be of vital importance to our public leaders' decisionmaking on matters of governance. The proper alignment of information technology to government programs is a key enabler of effective government. A CIO who can support the chief executive's vision, whether of a mayor, Governor or the President, facilitates the achievement of government's goals. To achieve effective use of IT, the States have been gravitating to CIOs reporting to the Governor. NASIRE's survey shows 27 CIOs currently report to a Governor, up from 8 in 1996. A Cabinet-level reporting relationship appears critically important. Technology has become too important to the business of government today. IT is how business is delivered in government; therefore, the CIO must be a party to the highest level of business decisions. This is consistent with private sector's direction as shown by companies such as General Motors, whose CIO is at the board of directors level. Three variations on this CIO structure currently exist in State government today where the CIO reports to a Governor without an advisory board, to a Governor after consulting with an advisory board, or to a governing board and then to the Governor. NASIRE's survey also shows 29 States have some sort of technology commission in a supporting or oversight role. Separating technology from government programs seems impossible today. State CIOs are responsible for leading the Governor's visions and goals into action. As such, the CIO needs to inspire the leaders to dedicate political capital to the IT agenda. One powerful dynamic of IT, whether a State is driven by education, criminal justice, economic development or whatever, IT can enable any of them. State CIOs' scope of authority is primarily confined to the executive branch of government, but has expanded in many States to the educational systems, some into the judicial branch, and a few into the legislative branch. Based on objectives set by the Governors of the State, CIOs develop a process whereby each agency is learning within the constructs of their organization the breadth of the organizational information in a statewide sense while working toward these common objectives. The larger the enterprise view and responsibilities of the CIO, the better the IT solutions Government achieves. Functional authority of the State CIO is concentrated in enterprisewide hardware and software systems as opposed to the desktop world of personal computing, examples being telecommunications networks, large data processing centers, large information centers, data warehouses, and public access facilities. CIOs are gaining authority over IT purchasing and acquisitions, IT facilities, IT personnel, and office automation. By combining managerial and technical knowledge, the State CIO can contribute significantly by bringing to government economies and efficiencies of scale in procurement, interoperability of systems, elimination of duplicative processes, data-sharing capabilities, and security in privacy. State CIOs' scope of approval authority is usually overseeing of statewide IT plans and policies; approving statewide technical IT standards, rate schedules, budgets, personnel classifications, and salaries and resource acquisitions. CIOs are being asked to improve individual departmental IT rate schedules, personnel classifications, and resource acquisitions. Many States are considering their CIOs for operational control of IT assets. The CIO is then in the best position to ensure that IT investments are meeting the Governor's policy objectives. This approach matches the private sector where CIOs generally have budget and operational authority. NASIRE's survey showed that 30 State CIOs have responsibility in at least three of the following four categories: planning, policy, standards, and acquisitions. Some 25 percent of CIOs have minimum dollar thresholds on their scope of authority. Successful State CIOs spend most of their time offering perspective, context, and direction to both technology and program personnel. Considering the considerable size and rate of growth of IT expenditures by government, the CIO must advocate the wise deployment and use of IT resources to solve business problems or to capitalize on opportunities. Several elements have been found to contribute to successful Governor-CIO approaches. Shared IT vision by both the Governor and CIOs sets appropriate expectations of what technology can and cannot do. Strong accountability begets trust, the capital of governance. Sufficient level of authority allows working across agency and jurisdictional boundaries. Good management skills allows the CIO to get technologists and program personnel to realize the IT vision. Balance of business and governance orientations allows appropriate use of business principles in a public sector context. And finally, the ability to function in public administration allows the CIO to be effective in the political and civil service spheres. The State CIO also cooperates with local and Federal authorities, often serving as the facilitator of multijurisdictional initiatives. Governments see the value of sharing information, such as law enforcement has seen for many years, and integrating their processes in digital government is enabling, as is sharing IT infrastructure such as networks. Having a key authority figure in the CIO allows States to better coordinate resources across local, State, and Federal Government for the complex information systems required to solve the governance of today. The Y2K issue provided unique insight on the importance of the CIO position in government. Y2K presented the most extensive IT initiative ever undertaken, with coordination being required between governments, businesses, and the public. All aspects of IT were affected. Dealing with such a massive project showed that we cannot rely on the stovepipe models of the past. Until Governors took ownership of the Y2K problem through their CIOs and the Federal Government took ownership through the President's appointment of John Koskinen, the proper coordination of policy and processes was not possible. Mr. Koskinen, in essence, served as the CIO of the Federal Government. He brought accountability and action to bear on the Y2K challenge, just as the State CIOs were doing in the States, as were many county and city CIOs across the country. Mr. Koskinen aligned the numerous Federal agencies and provided a single point of contact for the States, just as the State CIOs were providing a single point of contact between the myriad of State agencies and the Federal Government. Why not have the structure in place to deal with nationwide law enforcement standardization, digital government initiatives, digital divide solutions, et cetera? In the increasingly technology-reliant world we live in, the CIO serves as the government's information management leader and key strategist to the decision points facing our political leaders. The role of aligning technology to achieve government program goals has never been so crucial to effective government. The CIO plays an essential role for making information technology work for government. Again, I appreciate the opportunity to share our thoughts and look forward to your questions. Mr. Horn. Well, thank you very much, Mr. Doll. That is very helpful information. [The prepared statement of Mr. Doll follows:] [GRAPHIC] [TIFF OMITTED] T8507.026 [GRAPHIC] [TIFF OMITTED] T8507.027 [GRAPHIC] [TIFF OMITTED] T8507.028 [GRAPHIC] [TIFF OMITTED] T8507.029 [GRAPHIC] [TIFF OMITTED] T8507.030 [GRAPHIC] [TIFF OMITTED] T8507.031 [GRAPHIC] [TIFF OMITTED] T8507.032 [GRAPHIC] [TIFF OMITTED] T8507.033 [GRAPHIC] [TIFF OMITTED] T8507.034 [GRAPHIC] [TIFF OMITTED] T8507.035 [GRAPHIC] [TIFF OMITTED] T8507.036 [GRAPHIC] [TIFF OMITTED] T8507.037 [GRAPHIC] [TIFF OMITTED] T8507.038 [GRAPHIC] [TIFF OMITTED] T8507.039 [GRAPHIC] [TIFF OMITTED] T8507.040 [GRAPHIC] [TIFF OMITTED] T8507.041 [GRAPHIC] [TIFF OMITTED] T8507.042 [GRAPHIC] [TIFF OMITTED] T8507.043 [GRAPHIC] [TIFF OMITTED] T8507.044 [GRAPHIC] [TIFF OMITTED] T8507.045 [GRAPHIC] [TIFF OMITTED] T8507.046 [GRAPHIC] [TIFF OMITTED] T8507.047 [GRAPHIC] [TIFF OMITTED] T8507.048 [GRAPHIC] [TIFF OMITTED] T8507.049 [GRAPHIC] [TIFF OMITTED] T8507.050 [GRAPHIC] [TIFF OMITTED] T8507.051 [GRAPHIC] [TIFF OMITTED] T8507.052 Mr. Horn. Next is Mr. Gerald J. Knutson, vice president, communications and information services, U.S. West. STATEMENT OF GERALD J. KNUTSON, VICE PRESIDENT, COMMUNICATIONS AND INFORMATION SERVICES, U.S. WEST Mr. Knutson. Mr. Chairman and members of the subcommittee, this is a unique opportunity for someone of the private sector to follow three distinguished gentlemen from the government sector in discussing this subject. I have had the opportunity in the past few weeks to review the GAO study, and was interviewed as part of an input group into the study. I had not really looked at it for some period of time, and then I was asked to prepare a written statement for this subcommittee, and I did do that. And then I went back and reviewed the final version of the document, and I was very surprised to see that the thoughts of the document paralleled the thoughts in my statement. Rather than being redundant with what you have heard out of David and out of Jim from the public sector perspective and the CIO perspective, which he does very well, and Otto from the State perspective, I really do concur with the points that they have highlighted and emphasized. They are extremely important points, and I would like to touch on four points, somewhat redundant, but I think they merit some further clarification. As was stated, the government spends about $40 billion annually on technology. In the private sector, we spend generally in the range of 5 to 10 percent of our company's revenue on technology investments. When we focus on spending these significant dollars, I think it is very, very important that the CIO is positioned properly. This has been the case for successful CIOs and successful companies in the private sector that the CIO does, in fact, become a significant member of the lead team and report directly into the CEO. That has been proposed, I know, in government, and it is working in various ways in the government, but until the CIO is recognized and given that authority and accountability across whatever organizational entity you are dealing with, it will be very difficult for that CIO to be successful. It is also important then in that process that the CIO participate in setting the visions for the company or the organization and in establishing strategies that are business- oriented. I am assuming the business entity does, in fact, set strategies, and that they know what direction they are going to go moving forward, and that the CIO is an active participant, and, as a result of participating, has an ability to go back and create the necessary strategies and set the priorities in spending the very scarce dollars that are required to do the work in technology. Another area that is very important is in the area of partnership. There must be established a mutual trust and confidence level between the CIO and the members of the lead team, and an ability to demonstrate that the CIO and the IM organization is able to deliver on their commitments and to be responsive to the needs of the business. What I have seen many times in the private sector is that you don't get that sense of trust and confidence between what the CIO is responsible for and the IM organization and what the leaders of the corporation or the lead executives would expect. Another area is in sponsorship. The CIO cannot be successful as an entity unto himself. He is very dependent upon having very strong sponsorship from the business side that is driving the requirements, driving the priorities, providing the funds and the people to make it successful. In what I have witnessed with the government is that there is a tendency to throw the problem over the wall and expect the CIO to pick it up and run within the confines of the technology community to make it successful, and you don't see an equal partner that has skin in the action and that is really involved and committed in supporting and sponsoring the work. Unless you get that type of partnership and involvement out of your business partner, it will be impossible for the CIO to be successful. The other area is in a partnership with the leader of the business entity or the government agency to help set the priorities and determine within the constraints of the budgets that are established, how they want to spend the funds and get the work done through the assistance of the CIO. But again, there has got to be very strong leadership from the business side supporting the CIO to make that successful. The last thing which was mentioned by Jim, and that is just the nature of the government and how it operates. The difficulty in getting funding; oftentimes the lack of continuity in leadership and political appointments make it difficult for a CIO to be successful. You need almost 3 to 5 years of involvement in turning things around and migrating legacy applications into future technology solutions. With the structure of the government, that becomes very difficult. Anything that can be done to create some continuity over the lifetime of that CIO, would be tremendously helpful in making the CIO position successful. With that I will be glad to answer any questions. Mr. Horn. Thank you very much, Mr. Knutson. We appreciate having you here. [The prepared statement of Knutson follows:] [GRAPHIC] [TIFF OMITTED] T8507.053 [GRAPHIC] [TIFF OMITTED] T8507.054 [GRAPHIC] [TIFF OMITTED] T8507.055 [GRAPHIC] [TIFF OMITTED] T8507.056 Mr. Horn. The next member from the private sector is Ms. Susan Krupa, the chief information officer of the Rowe Companies. You might tell us a little bit about the Rowe Companies. U.S. West we know about. STATEMENT OF SUZANNE KRUPA, CHIEF INFORMATION OFFICER, THE ROWE COMPANIES Ms. Krupa. Thank you, Mr. Chairman and members of the subcommittee and the other attendees here today, for the opportunity to present before you my testimony of my experiences in the private sector as well as some of my experiences in the public sector. The Rowe Companies is a five operating subsidiary firm. We are largely in the area of home furnishings manufacturing, which consists of Rowe Furniture, Mitchell Gold, and the Wexford Collection, which is a case goods company. In some of the challenges of CIOs in trying to attract talent, I grapple with those same challenges, having my manufacturing facilities that I am charged with managing the staff there, both engineering and technology staff, in the remote areas of the country, which is difficult to attract talent. We also have two retail subsidiaries, which are Storehouse Furniture, which is a national furniture chain, and Home Elements, which is a mid-Atlantic/Southeast, moving into the Midwest, home furnishing store as well. In my capacity at the Rowe Companies, Mr. Chairman, Mr. Birnbach is the chairman of the Rowe Companies, who I report directly to, and I state that here in this session just to emphasize the importance of the role of the CIO and where they need to report in the organization. I have direct responsibilities of reporting to the board of directors on a monthly or quarterly basis on the status of IT initiatives. These are mandates within the Rowe Companies. In my past experience, just to emphasize that point again, I was the CIO of KPMG Barons Group, which is the international consulting firm of the U.S. Firm KPMG Peat Marwick. There I reported to the chairman of KPMG Barons Group. I was part of that executive management team, and it is critical in both public and private sector to have the technology position leveraged within the business organization. Mr. Birnbach has made a commitment to proactively managing information systems rather than continually building upon the current systems investments in a reactionary manner. This approach positioned the systems to support the growing requirements and strategic direction of our business. He has charged me with creating an environment that includes both best business practices and technology talent in the furniture industry; that is, our industry. He has required me to capitalize on the synergies of the operating subsidiaries as well as exploit the advantages that are embedded in the autonomy of these operating subsidiaries, much like the disparate agencies--looking at Mr. Doll's testimony, he has disparate agencies to manage within State governments that have their very different requirements. I am sure the public area of waste and waterworks, if you will, is very, very different than the financial offices. So I am charged with the responsibility of meeting with those business unit heads, if you will, or agency heads, in Mr. Doll's case, and helping them in defining their requirements and finding where the opportunities are that we can leverage technology to help drive their business forward. We are a service organization. Information technology is a service organization. The Federal Government is a service organization in much of what it provides to the citizens of this country. That defines the criticality of the chief information officer within the Federal Government as well as the private sector. Some of the things that we at the Rowe Companies and my colleagues in the industry look at are a couple of terms that I would like to share with you today, and I hope that we take away and look in the Federal Government as a passionate vision and mission that we should move forward with in this century. The speed at which today's business environment is moving and changing demands that information systems are not only seen as operational tools, but as strategic systems that are employed to achieve competitive advantage. And yes, there is competitive advantage in the Federal Government. In this century it is a requirement to utilize technology to operate a global business with speed, efficiency and information. In order to effectively accomplish this business requirement, our information system strategies must communicate, interface, share, and be sustainable. In looking forward at the dynamic and evolving picture of what business represents, what we do, who we are, and where we are heading, we must continually ask ourselves what constitutes our core business. With that can be a process, our intellectual capital or property or business design. Nonetheless, it must always be aligned to where the market is, and that is directly translatable in the Federal Government. It must be aligned to what the business at hand is. Our core business may evolve faster than we have ever envisioned. Therefore, it is absolutely critical that we have business systems that assist and facilitate the management of the strategic inflection points. The mandate of all CIOs in this century is to motivate change to affect the way we fundamentally do business. Yes, this century we will change the way we do business both in the public and private sector. This century clearly represents the speed at which change can and will occur. CIOs should be committed to employing strategic technologies in the next 5 years that will define this new generation, not only in the private sector, more importantly in the public sector. We will need to in our respective industries capitalize on the intellectual capital of our team members who are the market-makers of the past century. We must exploit the boundlessness of the new team members that see the invisible to achieve what was once thought impossible. The Internet, the tool kits available to us today and the various technologies will allow us to accomplish these objectives and this vision. So I ask you today to empower the CIOs in the Federal Government to effect and motivate change as we have been empowered in the private sector to do so. I thank for your time and the opportunity to be here today. I would be happy to answer any questions. Mr. Horn. We thank you very much also. We are now going to begin the questioning, and I will start with Mr. Turner, the ranking member of the subcommittee, and if you have an opening statement, we will put that at the very beginning as if read. Mr. Turner will ask the questions for 10 minutes, and then I will take 10 minutes until we have the questions out on the table. Mr. Turner. Mr. Turner. Thank you, Mr. Chairman. The subject of this hearing is perhaps for our committee one of the most exciting subjects that we can discuss, because I think the utilization of information technology in government provides us with the best opportunity that we have had in the history of this country to reform government. The tools that can be utilized, that can be harnessed, will make government more efficient, much more cost-effective, much more consumer-friendly, and much more transparent and open. In the long term, our ability in government to use information technology is going to be the thing that is the real challenge of this century. Because if we do it successfully, we will increase the public's confidence in government, which is at an all-time low. We will be able to increase the accountability and the cost-effectiveness in government, and we will be able to provide the things by and large which the public demands from government. I understand we have 54 CIOs in Federal agencies currently, and I would assume, Mr. McClure, and you correct me if I'm wrong, that the emphasis that we have had on solving the Y2K problem has probably been the priority of CIOs throughout all of these agencies. And, of course, I guess many of these CIOs have not been in place for all that long, 2, maybe 3 years at the most, and this seems to be a critical time for this particular hearing because we know that the CIOs' role in helping solve the Y2K problem was all-consuming in many respects. Government, we all know, always works better when there is a crisis. I think the chairman has rightly proceeded with our committee to emphasize the issue of computer security, which is a hot topic and comes about as close to a crisis as we can talk about. But those of us who have served in government for a while know that it is always better to have a crisis to make things happen. I am hopeful that what we can learn from this hearing and the work of this committee are ways that we can look at information technology and its applications in government in a broader sense so that we can accomplish the goals that each of you have stated, and that is to make sure that chief information officers in the public sector operate like the successful companies in the private sector. Clearly, in the private sector if you are not applying information technology, you are falling behind; and the same is true in the Federal Government. I was interested in, Mr. Doll, and I am sure there are some examples of States in addition to your own that represent shining examples of successful implementation of information technology. Perhaps I can brag a little bit about the State of Texas, which was the leader, first in the Nation to promote the idea of using smartcards for electronic benefit transfer for the Food Stamp Program, which has saved millions of dollars, eliminated much fraud, and made that program much more accountable and efficient to ensure that those who are entitled to the benefits receive them. But in the early days of the State's efforts, from my experience in the State legislature, information technology officers or commissions, one of their first roles was to always review and make recommendations regarding the acquisition of computers and software for the various agencies so they would be sure that they were buying the right materials. Have we moved away in some of our better examples of State leadership-- have we moved away from that to the broader role of actually suggesting ways and encouraging and implementing information technology? Mr. Doll. Most definitely. State CIOs are more in an analytical view of how do you align technology to, in essence, digitize government as well as solve its problems. I think there is an inherent understanding that the more technology we can apply to what has in the past been a very paper-intensive, process-intensive organization called government, the better off the States will be. You are right, it is a very competitive environment out there. We are competing with each other on the State level as well. We kind of view ourselves much as private industry does. They compete with their competitors where we turn around and provide the best government possible to our citizens and our businesses within our State relative to applying technology as an enabler. So, yes, you will see us, whether it is South Dakota or whatever State, looking at how we take the technologies that are in existence, the ones that are on the horizon, and applying those to the process of governance. Mr. Turner. Are you in a position to have enough of an overview of the various States' activities to really be able to share with us what you think the best model is for chief information officer status at the State level? Mr. Doll. What we find in talking with my colleagues and the surveys that we have done, as I mentioned, we are quickly migrating to the chief information officer being at a Cabinet level; reporting directly to the Governor; having authority, at least from a visionary and a strategy standpoint, across all State government, executive branch for sure, and at times even over judicial and legislative branches; and we do not see that trend stopping. We feel that that is something that is just--in the future you will find all CIOs reporting to a Governor, and that is one thing for sure that I think is of the success model. I think the other key aspect is that the CIOs themselves are probably also going to get more and more responsibility over operational matters. Take a look at standardizing technology. I am lucky in South Dakota as the CIO because I have both operational and strategy. I set all standards for all State agencies. Most States have IT run by each of their State agencies, and so they have more of a coordination effort, whereas I have that direct line responsibility. I think that more States of the smaller and midlevel populationwise will be moving toward my model. Such States as Kentucky, that size of State is going to move more toward some of the operational responsibilities also now falling under that CIO. So I think those are two basic trends and what people feel they need to have, that level of authority, as well as have that level of exposure to what each of the State agency programs needs done, because with that level gives you access and input into decisionmaking about those programs. Mr. Turner. Mr. McClure, how does what we see going on in the Federal Government today match up with the models that Mr. Doll is talking about that he believes to be a successful model for CIOs? Mr. McClure. It has always been said that the States are the experimental stations for federalism, and I think what we see in the States is very reflective of what we see in the private sector. We actually spent time with the CIO in your State, Carolyn Purcell, a great example of a CIO focused on providing tremendous oversight and continuity to standards and to common approaches to systems being built across State agencies. In all of the States that we visited, three others in the study, what we found were CIOs were focused on the unique problems, situations and opportunities confronting State government. Although they are common, many of them had different needs at the time. In one State the CIO was charged with bringing spending under control and making sure that dollars were being spent wisely. In another State, a State CIO was focusing on e-government and making sure that service initiatives were being sent electronically. So very much in line with private sector models in which you will find that the CIO is matched for the problem and the opportunity that is being presented to the organization at that moment. And finding someone that can actually hit that problem on the head is very critical. There is a lot of correlation between State CIO models and what you see in the private sector. In the Federal Government we have a very mixed implementation with, again, the same story, but not nearly as much focus as we see in the States, where State CIOs are partnered with Governors and really participating at very high executive levels in decisionmaking for IT. Again, it is not across the board in the Federal Government. Mr. Flyzik sits in on some of the most important decisions made at the Treasury Department. He sits at the table. That is simply not uniform across all of the Federal agencies at this time. Mr. Turner. I yield back the balance of my time. Mr. Horn. Mr. McClure, let me pursue a couple of things here. Your testimony raised several challenges about Federal CIOs and what they face that may not be common in industry, including the nature of the Federal budget process, the lack of involvement of top management in key IT projects and human capital constraints. In your opinion, do you think we should look more toward what the private sector CIOs do in their entities, and try to make those opportunities for the Federal agencies, and particularly looking at the CIO management frameworks that would work and wouldn't work in government as to what you see out in the States and the major cities of America? Mr. McClure. I think there are some great opportunities for Federal CIOs to learn tools, techniques, and practices being used in the private sector that are clearly applicable in the Federal setting. I think Jim raised some very good points about differences in the Federal sector, that being mainly that our executive management levels at the Federal level are focused mostly on policy, less so on operations and management. We have a budget process that allows multiple entry points for funding streams to be changed. We have inflexible personnel systems compared to most private sector organizations. However, and I think Jerry will back me up on this as well, the private companies are faced with the same problems. There is high turnover in corporate executives, uncertainty in funding streams at many points in time, and there is a competitive hiring and retention market for all of us. So these are not insurmountable barriers for Federal CIOs. It just means the speed, the pace, and the direction in which you are going to see the reform in government might not parallel what you would see in the private sector. Mr. Horn. In your survey did you take a look to see if the CIOs were simply fully devoted to the CIOs? I had a problem about 5 years ago with a few agencies, one of which was the Treasury Department, where the Assistant Secretary for Management seemed to want to take over everything, and that is not what we did when we passed those laws. We want full-time CFOs and CIOs. They are big jobs, and they should not be diverted. That is why a lot of these agencies were not doing very well either. What did you find out in your survey? Do we have too many people under one hat, or do we get an independent CIO in the Federal Government? Mr. McClure. In the private sector and in the States, you see CIOs focused exclusively on IT issues. The reporting relationships may vary. You see CIOs in private sector reporting to CFOs, to the heads of the corporations. There is not a consistent model, but there is a clear difference. I think there has been tremendous improvement in the Federal sector in that the majority of CIOs in the Federal Government now are focused on IT. We have relatively few dual- hatted or multihatted CIOs. Mr. Horn. How many do we have? Can we get them for the record? Mr. McClure. I think there are approximately three CIOs among the 24 CFO agencies that are dual-hatted where they are either the CFO as well as the CIO, or they have another significant responsibility. That is a marked improvement from the years prior to the Clinger-Cohen Act. Mr. Horn. Do you remember the three? Mr. McClure. I believe I can. It is at HHS, at Justice, and there is one other. I can provide it for the record. Mr. Horn. As I remember, the lowest grade that we gave in the Y2K exercise was the Justice Department. That might explain something. Mr. McClure. The other is Department of Defense. Mr. Money at Defense is a multihatted CIO. Mr. Horn. Maybe we are just going to have to put it in the appropriations bill. They will probably get the message that way. The Federal Government, would they benefit from a Federal CIO, and would they act in the capacity role that Mr. Koskinen had? He wasn't really a CIO, he was a coordinator to get the job done, and he did a fine job. What is the General Accounting Office's sort of findings in that regard? Mr. McClure. We have been in favor of the concept of a Federal CIO. When the Clinger-Cohen Act was debated in its early stages, we were supportive of the creation of a national CIO, as it was being called at that time. I think there is a great deal of value that can be gained from having a person that can focus full-time attention on IT issues across the agency and department lines. Continuity, direction, and attention to issues could be ensured by that kind of position. We are spoiled. We have had a unique individual named John Koskinen serve in that capacity when he was Deputy Director for Management and did an admirable job; and as the Y2K Coordinator another very, very stellar job. I think what one has to look at is what person with what characteristics do you want in that position? Where do you want the position housed? Who should that person report to, and where should that position be housed? There was debate in the early years about putting it in OMB or making the Deputy Director for Management in effect the national CIO. As you know, that person also serves, in essence, as the national CFO and has focused a great deal of attention on financial management issues. So there is a great deal that can be gained from it. There can be a great deal gained from an individual serving in that capacity focusing only on the most pressing IT issues, whether that is critical infrastructure protection, security in general for IT, or for electronic government. We have shown the model can work, particularly if it is supported by both the Congress and the administration. Mr. Horn. What are the downsides of this? Do you know what might be wrong about it? Mr. McClure. Well, I think there are always pros and cons. If this person does not have the support from both Congress and the administration, if this person cannot work across the organizational lines of the government effectively and is not empowered to make things happen, and held accountable for making things happen, then I think we are fooling ourselves about the impact. In all situations where Mr. Koskinen has served in that capacity, he had those traits going for him. Mr. Horn. Just as a matter of history, I might say the Deputy Director of OMB for Management didn't really do anything at that point. He retired. And it's a good choice when he came out of retirement, but while he was in that job nothing much was happening on the year 2000. They should have been 10 years ahead of that. And the danger I see with a central CIO, is there's a tendency in bureaucracies for the counterparts in the agencies to say, well, we want to be on the good side of the OMB or whatever and pretty soon Secretaries lose their own people to the center of the operation because it's very heady. You go over there and you're in the White House complex in a way and they sort of get out of sight, and I say that based on a lot of experience, 18 years in the biggest education system in this country. And that's exactly what always happened when you had, say, 19 to 23 campuses and you had a headquarters type that didn't know a campus from a headquarters frankly but he was the headquarters type. So you'd find your top people just picked off and going to nothing but meetings usually and not much happening. But that's what makes me a little dubious about how you do it on a centralized basis. I think the key to Mr. Koskinen was his personality. When we got him out of retirement, and he did a superb job, he put the burden on the networks the CIO counsels and others that got the job done rather than create a whole permanent bureaucracy on the subject, and I think that's why the success came there. Do you have anything else on the pluses and the minuses? Mr. McClure. I think the same issues we talked about in the appointment of any CIO would apply to the national CIO. There has to be an understanding of what that position is needed for, where that position would be, and how you're going to hold a person accountable and make it a credible position. Those are really key factors that if we create that position need to be worked out so we're again not misleading anyone about what the intention or the purpose of the position is. Mr. Horn. Mr. Doll, I understand and to the private sector too where a lot of measurements are being developed by CIOs and that fascinates me because we frankly haven't done very well at the Federal Government in terms of measuring things and when we had a hearing a few years ago, we found that in South Carolina, in Minnesota, in Oregon, very exciting things were occurring in terms of the measurement of the effectiveness of the programs. This town is still too oriented on simply the finance side of it and I think they are struggling with how do you get an efficiency, an effectiveness measurement. What can you tell us about what the private sector and what the States are doing in that regard because that's exactly the kind of information a Governor needs, a chief executive officer needs, and which basically we haven't really had in this town because it's been so fiscally oriented. Mr. Doll. What we find in the States is not only a drive to account for IT resources and how they are used, but also on the outcome measures and that's probably the largest area of study that we see the States doing right now. An example will be look at how people have tackled education. All the States are doing an awful lot with education, whether it be South Dakota, and the fact that we measure not how many schools are connected to the Internet but how many simultaneous teachers, administrators, and students can be on-line, not just technology. So one thing that we find is that we still have to rely on measurements that may be taking place today at a programmatic level but ensuring that from the technology standpoint, we also have our set of measures that we're starting to drive those metrics into some of the base established metrics of our programs and that starts to give Governors a real view what are we getting for our money and also just how quickly are we evolving because we all understand unfortunately you cannot do these things overnight usually and that adoption and adaption of technology, whether it be by a citizen, a schoolchild, whomever, takes time. And so what we look for is the base measurements so that Kentucky, South Dakota, as I mentioned, Texas, even--I've seen some examples in California, Minnesota, Michigan, ones that I'm familiar with are really driving to metrics that allow people to understand when they make a decision, what's the impact. And that ultimately drives a lot of future decisions. Mr. Horn. Mr. Doll, has your association, the National Association of State Information Resource Executives, have they put out any compilation of these measurements? It seems to me you would have a best seller there. That's what people are searching for. Mr. Doll. We haven't to date. What we have established is we have an organization, and I know the acronym. It's SITC and I forget what is stands for. It's a State information technology consortium which is tackling those issues. They started with risk management and now they've moved into metrics and maybe through that effort we're going to be able to compile what's--and maybe even do case studies of what's working in the States. But at this point unfortunately I'm not able to give you a document. Mr. Horn. How about it, Mr. Knutson and Ms. Krupa, what do you feel on measurement standards besides the finance one? Mr. Knutson. We struggled over time to come up with meaningful measurements in the field of technology, but I think over recent years we have done a very good job, been able to measure things that are operationally oriented and we can pretty much demonstrate what the impact is to the business as a result of our success with those measurements. Things like availability and response time are things that people deal with on a day-to-day basis in using technology. The one where we've been having more difficulty with is in the area of how well do we deliver programs and projects and demonstrate quality relative to the work that's done in those areas. Now, the thing that we have found to be most successful is where we've been able to tie measurements to impacts, to customers, to employees, to shareholders, things of that nature where there's something real tangible that you can relate to in terms of what your performance might do in dealing with those people. The other thing we have found is you can measure, measure, measure, but unless the measurements drive the behavior that you want, they are very little value. We really focus on what are the key measurements that drive the behaviors within the company and within the organization that will give us the outcomes that the business expects in terms of service, in terms of dealing with products and services and more. Most importantly in terms of the impact on our customers, we try to tie the behavior-related measurements to what will be the impact on our customer. Mr. Horn. Ms. Krupa. Ms. Krupa. Thank you, Mr. Chairman. One of the things that we have embraced and I have brought a copy of today with me that I will share with my colleagues in the public sector, traditionally in the industry, most of the metrics were based on our Y return on investment or cost-benefit analysis. Today we have a new model. It's called return on opportunity. This model includes not only leveraging the technology that's out there and taking that into consideration, there are factors of the human side of it. Mr. Doll spoke to the adaptability and adoptability of the citizens, whether it be a schoolchild, a schoolteacher, or the Governor himself in the State of South Dakota. There is that factor that needs to be calculated. There's a cultural shift that needs to be measured and taken into consideration. Some of the metrics we are beginning to adopt in the Rowe Companies is this return on opportunity because we too are in an industry and in an environment where we have intellectual capital and human capital within our organization that has been with us for 40 plus years and sometimes it is quite difficult to take these individuals and bring them forward and have them adopt and adapt to these technological changes. So what we do is when we do put programs in place that help them adopt and adapt to these changes, we do have a metrics. This metrics, if I can just list off some of the things that it takes into consideration and it's the perfect metrics. Obviously everything can be improved upon for the electronic government or electronic business aspect of our industries today. It takes into consideration the decreasing of time to market. In translation into the Federal Government. That means the decrease in time it takes to deliver different and more quality services to the citizens within the State of the Federal Government. It also takes into consideration what is the overall value, what are the value propositions? The ROY really never took into consideration the value propositions, the ones that are the intangible, the feel good value propositions, which make people want to use the technology and leverage it in what they do every day, which clearly translates into reducing our operating costs both in the public and private sector. And I will leave copies of this. I'll make some copies today and ensure that my---- Mr. Horn. Thank you. We'll put it into the record at this point without objection. Mr. Flyzik, can you tell us what the CIO Council is working on when it comes to measurement standards that might be ideal across the whole Federal Government? Mr. Flyzik. Mr. Chairman, I acknowledge the fact that the government a few years back with Governor Clinger in the Government Performance Results Act that we weren't accustomed to doing good measures and working measures, and at the time we did create a committee called our capital planning and investment committee which was to look at that very issue. As opposed to each independent Governor agency trying to figure out how to do things, we decided we'd have a committee that would be able to look at best practices in the private sector, work being done by GAO. The committee has been working on new types of investment tools that we're looking to proliferate across government to be able to do a better job. The tools that we've been looking at focus on performance measures as a first step. What do we get in terms of measures for the investment. I also agree quite a bit with Ms. Krupa's statement that we not only need to look at quantifiable ROYs but in government we've got other qualitative aspects that need to be taken into account. In the case of Treasury where I have law enforcement bureaus, it's very difficult to put a quantifiable number on what is better public safety or better law enforcement. We have those unique issues, yet we all know they are important issues to the citizens of the country, so we need to find ways to use these investment tools to standardize across government. We've actually worked with members of your staff in the past of the subcommittee on some of the capital planning tools that we're looking to use and perhaps proliferate across government to standardize in what we're doing. Mr. Horn. Is that very helpful? Does the GAO have any comments now having listened to this discussion? Mr. McClure. Mr. Chairman, in 1998 we put out yet another best practices study on this very issue, performance measurement for IT. I would be glad to make a copy available to you. It argues for using a balanced set of measures, both quantifiable and qualitative that looks at the impact of IT on strategic directions of the organization, financial, customer and innovation and learning. It's very much a balanced basket of measures. That's really what we saw industry doing. We did the same thing looking at private sector and four State governments who had also put in these kinds of balanced, measured approaches. We can certainly make that available to you and have shared that with the CIO Council and have been very supportive of it. [Note.--The GAO report entitled, ``Executive Guide, Measuring Performace and Demonstrating Results of Information Technology Investments,'' may be found in subcommittee files.] Mr. Horn. Thank you. My turn has long since gone and I'm giving Mr. Turner 20 minutes for his questioning. Mr. Turner. Thank you, Mr. Chairman. I have come to the firm conviction that we do need a Federal Chief Information Officer. I noted, Mr. Chairman, your concerns about the pluses and the minuses. There's no question that if not structured properly, it could be ineffective, but it does seem to me when we look at some of the best State models, the CIO is a cabinet level, and I don't mean to necessarily say that our CIO, Federal CIO, you'd call him a cabinet officer. That implies, as the chairman feared, that somehow there's a big bureaucracy under him because that's the nature of Secretaries at the Federal level. The CIO at the Federal level needs to have direct access to the President, and he needs to be at the table so that his ideas can be shared as issues of government are discussed. And if a Federal CIO is properly empowered, it seems that he would then have the ability, Mr. Flyzik, to chair that CIO council that you're the vice chair of and when discussions occur about ideas for the implementation of new technology and trying to move toward an e-government, then the President and the Federal CIO can make the decision that we're going to choose this particular agency as the pilot program to see if it's going to work. For example, there's no reason in the not too distant future that every performance-based budgeting activity of every Federal agency should be real time where Federal managers can see at any moment what the status of those performance measures are. Now, if that's correct, obviously the way to proceed in that direction is to pick out one agency and direct that agency to do it so we can see how it works. It seems like where we are today is that, Mr. Flyzik, I would gather when you meet with your counterparts and the CIO Council, there's probably a room of very frustrated people not only because they struggle with their role within their agencies but because there is a lot of good ideas floating around and somebody has got to try it but nobody has any direction about who is supposed to jump first. If we could have a CIO at the Federal level who had direct access to the President where these ideas could be implemented on a pilot basis within the Federal agencies, we'd have our best opportunity to see meaningful information technology utilized in the Federal Government. Am I misstating the attitude, Mr. Flyzik, of those who gather--I guess you meet monthly? Mr. Flyzik. We meet as a full council every other month. We have an executive committee, which I also chair, which meets monthly, and we have six committees based on what we have identified as the key subject matter, such as we've talked about here today, the work force effectiveness, critical infrastructure, security privacy and so forth. They meet in some cases several times per month and they have working groups working with them. And you make some excellent points, Mr. Turner, and I think it's a mixed group. There are some CIOs that feel that they are empowered. There are others that I guess the term frustrated would pertain. Again I believe we're evolving in a positive direction. I think that term empowerment is the one I've heard this morning over and over again, and the feeling is that we do need some empowerment to do, as you talk about the central authority that has the ability to do intergovernmental, interagency coordination or as you talk about a kind of an executive agency approach. Some feel the CIO Council can rise to that role. Today I believe the Council lacks some authority to control resources to be able to rise to that level. The John Koskinen model had associated with it funding that was set aside for that particular program with some control over that funding. What we do not have as a Federal CIO Council is authority to control funding to that degree to be able to effectuate the kinds of change that you are referring to. I agree with the chairman's remarks that those are, so to speak, who would determine how it is implemented. I was also involved with the early days of Clinger-Cohen working with Members up here on that and the discussion at the time was downsizing, streamlining. We didn't want more bureaucracy. We wanted to do away with layers and layers of authorities and so forth that we felt needed to be. So if implemented incorrectly, we could wind up again with more layers of approval processes as opposed to streamlined empowerment of individual agency CIOs. Nevertheless, I do agree with your points that we need some authority that can put in place the kind of things we need to do on a governmentwide basis because the business cases are compelling, that it makes sense to do that from a customer perspective. Mr. Turner. Mr. McClure, I'm going to ask you this question. We don't have anybody on our panel today from OMB but in my investigation into the issue of a Federal CIO, one of the things that comes up is that the Office of Management and Budget is reluctant to support this kind of approach and obviously it's an infringement or perceived to be an infringement upon their turf. Address that issue for me and kind of get that out on the table because obviously we pursue this idea. That's one of the hurdles we're going to have to overcome. How do you view that issue? Mr. McClure. Well, I think the Office of Management and Budget, since the passage of Clinger-Cohen, along with the key players that helped put that legislation together have taken the position that accountability for IT has definitely been pushed to the agencies. You remember Clinger-Cohen eliminated the Brooks Act model in which it was really a tail-end look at procurement and acquisition by a central authority and instead we wanted focus at the front-end for planning of IT projects. In that spirit, I think OMB has pushed more of the accountability for planning of IT and results of IT into the agencies, agency heads, agency CIOs and that certainly is their interpretation of the spirit of that legislation. OMB's role is very key in this whole process. OMB reviews agencies' IT budget submissions as part of the process of constructing the President's budget and using the tools that are available under Clinger-Cohen, which is effective data and analysis showing a business case, effective cost estimates, and some estimates of return whether it's tangible or intangible, and improvements are some things that OMB has a role in examining and asking questions about it in the formulation of the budget. So I think their push back is that the accountability model has shifted under Clinger-Cohen more to the agencies. They do recognize the role they play in reviewing agency IT submissions and in that regard, again they play a critical role. Mr. Turner. Am I correct in sharing my concern that the suggestion of a Federal CIO is going to at least be met with some skepticism by some in OMB or am I misreading that concern? Mr. McClure. I don't know what the current position of OMB is on the topic. In the past they were not supportive of it for many of the reasons that I stated in the discussions on the debate of Clinger-Cohen up on the Hill before Mr. Cohen's committee. So I don't know what the current position is in terms of favoring or disfavoring the creation of the national CIO. Mr. Turner. Well, I guess that's an issue we're going to have to study further, obviously if there are legitimate concerns that need to be taken into account. But if I'm hearing you correctly, it sounds to me that the responsibility has been moved to the agency CIOs and therefore there may be less interest in providing leadership from the top than there should be and I guess in effect for me reinforces the idea that a Federal CIO who is near a cabinet level official might have an opportunity to provide the kind of leadership the executive branch and the President should be providing to the implementation of information technology. So I'd like to work with you on that because I want to pursue this. Mr. Flyzik, do you have any thoughts to offer on this subject? Mr. Flyzik. As I mentioned before, the empowerment issue comes to mind and the need for someone or somebody or some group to have the empowerment to do governmentwide and intergovernmental kinds of programs. The Koskinen model, as we talked about, worked in many ways because we were viewing government not as by agency by agency but as functional sectors of our country, and I think that is something that needs to be done because I think there are some tremendous opportunities. You mentioned smart cards in Texas for food stamps, obviously a very, very effective program, and if you step out and look at government from the point of view of the customer of government, they don't see a Department of Treasury and a Department of Justice and a Department of Agriculture, nor a Federal, State, local. To them there is one government. Therefore, we have this need and let's stay with your entitlement example. Today in this country we have people receiving SSA, SSI, Food Stamps, Medicare, Medicaid, Aid for Family with Dependent Children, and so forth and so forth. They are all dealing with independent government processes, entities sometimes filling out forms redundantly over and over and over again. There is this need for someone or somebody, some group to begin focusing on what we can do from that customer point of view. In my mind I have the virtual department of entitlements coming to the forefront here. That does not mean we need to reorganize the government. What it means is we need to take advantage of the inherent infrastructure and IT capability to coordinate what we're doing so we can deliver that one face to the customer. So someone applying for one entitlement program finds about all the other entitlement programs that are available on one smart card. We not only deliver those food stamps but we deliver SSA, SSI, or any other entitlement payments. I think we cannot only improve service but we can probably eliminate a lot of fraud, waste and abuse in these programs because we would have better capacity to identify those kinds of problems. I think all of us see these kinds of activities and the need for again a person or a group or someone in power to be able to work so we can fund these intergovernmental approaches where I think some of the real big payoffs in the government's use of technology in the future will come from. Mr. Turner. Thank you. Mr. Doll, when you surveyed the States, what sector of government has been the best example of the utilization of information technology? For example, are we seeing more progress made in agency-to-agency transfer of information? I suppose in Texas we have on our mind of course the success of the food stamp program and elimination of fraud in it. The issuance of licenses would seem to be an area which would be an easy one for State government. I don't see why anybody anymore would have to go to any State office and get a driver's license renewed. You ought to be able to look forward to the day when you can fill out the information and take the visual test and at some point you ought to be able to have your picture made right there and have that transferred to the office and printed out on that card that comes back to you. Where are the real areas that we've seen significant progress in terms of the out decision of information technology? Mr. Doll. I think you find utilization of technology in a number of the major programs. You mentioned food stamps. The whole welfare arena, social services activities, most definitely in the financial side of government. Obviously that's a natural progression to technology, early adopters they were. So in the past I think you'd see some of those major-- where you find, though, everybody's focus, even though I can't say that the majority of States are there because we're not in the areas of digital government where any and all permits are on-line. You will find today of course probably any form that you need to fill out in most States is physically available for you to download, fill out, and mail in or fax or what have you, maybe even e-mail but a true interactive on-line association between the citizen and State government. That's what everyone is working for and that's the hottest area of development currently. You find Arizona with some of the things they've done in the driver's license world, some of the permits in South Dakota, you can get your birth certificate, a copy of that on- line without having to talk to anybody, et cetera. Just as in South Dakota we're probably only down around 15, 20 percent of the transactions in South Dakota can be done on-line at this point. We have a project to turn that up to about 80, 90 percent over the next 18 months. We just started at the beginning of this year. So I think you will find that there is a quick shift to again automating the processes of government so that the citizen can do it from home, a business can do it from work, et cetera. Mr. Turner. Thank you. Mr. McClure, give me the best example of a Federal agency that has utilized information technologies to improve its efficiency, cost effectiveness, and consumer friendliness. What is the best example of an agency that's doing that, of course present company excepted? Mr. McClure. It's hard to point to the best, Mr. Turner. I think what we have and what we continue to find are pockets of excellence in government, as you would expect. We've seen and the CIO Council is very good at every year recognizing a handful--when I say a handful, anywhere from a dozen to two dozen successful IT projects in government where there have been specific, tangible, and recordable outcomes of improvement in service delivery or cost effectiveness. In the last year, the Council identified many projects dealing with e-commerce oriented activities, buying and paying of services on-line, similar to what Mr. Doll was talking about a moment ago. There have been examples of personnel systems that have been enhanced to be much more user friendly and much more dynamic rather than the old paper processes. Where we really need to focus our attention in the government, despite these successes, are on the large, large modernization projects where we are spending enormous sums of money with high expectations, and we have several of those that have been ongoing for years. Many of them are beginning to turn around that GAO has focused on and worked now collaboratively with the agencies to try to improve those successes. Mr. Turner. What agencies are you referring to? Internal Revenue Service? Mr. McClure. Certainly TSM modernization at IRS has been a turnaround. The Commissioner and new CIO have put in place many leading practices similar to what we have talked about today. Again, the story is not complete but the turnaround picture is quite promising. Decisions are being business led. There are business cases. There's attention to architecture. These are things that in the years past we didn't pay attention to. The same is true in some of the other modernizations, including FAA and the National Weather Service, where we have pointed out problems in the past but we're starting to see more and more management attention to standards, to good software practices, and to adequate management attention to the project outcomes. I think those are itself areas where we need to focus a great deal of our attention because of the vast sums of money that are being spent. Mr. Turner. Thank you, Mr. Chairman. Mr. Horn. Thank you, Mr. McClure, Mr. Doll, Mr. Knutson, I think you have flying arrangements before problems occur in the Midwest. If you have some parting words we'll be glad to have them and we'll keep the record open if on the plane you have nothing else to do except try to find a flight, why we'd be glad to put it in the record at this point without objection. So if you have any summation, we'd certainly welcome it. Mr. Knutson. The one thing I would say relative to a Federal level CIO is it appeared in the discussion there's a lot of expectation that by just naming that individual in that position certain things would happen. That may or may not be true. I think putting someone at the highest level possible in the area of technology is a very good decision. You can't assume by just doing that that the types of things that Jim was talking about will happen by default. You need very strong sponsorship from the agencies and the buy-in from those agencies and their willingness to give the authority to make things happen. Unless you have the complementary structure around that position from government as a whole, that position will not be successful. Mr. Horn. Mr. Doll, any parting comments? Mr. Doll. As I mentioned in my talk, we in the States have found and I believe it's a general consensus across the States that we looked hopefully that a national CIO will emerge in some form. Because we really saw the value. Year 2000 was the best example, but also in some of the things that are happening in the justice world. Security is another major concern for us as who do you have to go to right now. We know what it's like to going to all the agencies within State government. For us also to turn around and go from one to many within the Federal Government makes our lives harder, and so I would encourage you to consider that model because as we're moving to that model ourselves, I think we would say that it's been very successful in the States that have accomplished it and most of the States that are not there yet are talking or actually in the process of getting there and having that level of person within the organization. Finally, I'd say that that individual is not only key but very difficult to fill. We understand that. We get a lot of folks from the private industry these days into that role. And in my comments one of the things I mentioned was their ability to act within the political and civil service theater is very important. I come from the private sector myself even though I have some government service under my belt with GSA. At least I had exposure and some orientation to governance from that level and that is really key. If someone cannot operate within that realm, you're going to find it very, very difficult to succeed. Mr. Horn. One of the problems, obviously, on getting CIOs into the Federal Government and also at various levels is simply the financial situation, and what have you found in the private sector on that and how has that changed in the last 5 years? A lot of good people from the Federal Government have left for the private sector. Ms. Krupa. Mr. Chairman, I myself share the same sort of experience as Mr. Doll. I have worked both in public and private sector. And one of the, I think, challenges and opportunities for those of us who have been in the technology arena for quite some time is not to jump ship, and that also the same challenges occur in the private sector, not to jump ship, if you will, from one organization to the other. I think, as Mr. Doll said, it is difficult but what we have to look for in that individual in the Federal Government, the person coming into that position understanding the value that they are going to bring to that position and not so much a monetary driver and there are those people out there. It is going to be a search. It is going to be somewhat difficult, but I feel there are those senior level executives out there. Today I think sitting at this table is representative of the senior level executives that are out there that have made commitments to their organizations. I agree that the position needs to be structured and clearly defined, but I concur there needs to be a position at the national level that helps define strategy and vision and helps go to the different agencies and different State levels with those CIOs and collaborate. The one thing we don't do a good job in this country is, and Mr. Turner has cited over and over again in his questions, is who is doing what is communicate. We don't leverage the synergies and exploit the successes that we have from State to State, from agency to agency. And the private sector has grappled with that for years and we're just coming into that light. We've scratched the surface of how important communication is. I have five different operating subsidiaries, and I know in the order of magnitude in the Federal Government, it is small but the model I think is important to what you're trying to accomplish. They each have five different requirements. I have VPs and director of ITs so, if you will, CIOs in those operating subsidiaries, so I sit in that position in the private sector reporting at, if you will, the cabinet level, the executive level to the chairman to define strategy, to define a vision, to define missions to capitalize on the synergies in these operating subsidiaries. That's what we need to do I believe in the Federal Government. Mr. Horn. That's very well said and that reminds me that we are going to keep the record open. If you have some more good ideas on the way, please ship it to the staff here and we will be glad to put it in the record because what we want to do is get people talking just as you're talking about the communications among levels of government and private sector and nonprofit sector. Universities, some of us had chief information officers 20 years ago, so it isn't new to a lot of us. Would the gentleman from Texas have any more questions? If not, we're going to thank the staff that put this together and that's J. Russell George, staff director and chief counsel. I don't see him here right now. Matt Ryan is to my left, your right, senior policy director on these matters, Bonnie Heald, director of communications, sitting in the back there. Bryan Sisk, clerk, Ryan McKee, staff assistant. And for the minority we have Trey Henderson, counsel on behalf of Mr. Turner and the subcommittee minority; Jean Gosa, minority clerk; and we had two people deciphering all of our languages today and one was Doreen Dotzler. The other is Laurie Harris and we thank you both. With that we're adjourned. [Whereupon, at 11:42 a.m., the subcommittee was adjourned.]