Since the Federal Information Technology Acquisition Reform Act (FITARA) was signed into law in 2014, the Federal Information Technology Acquisition Reform Act (FITARA) was signed into law. And since then, federal organizations have taken many steps for improvement. These steps include:
- Consolidating data centers
- Improving risk management
- Managing the IT portfolio a lot better
These steps produced more proficiency and cost reduction.
The Government Accountability Office (GAO) recently released the 13th FITARA scorecard that indicated the continual increase of the federal agencies’ scores. Only seven agencies received a C or higher grade in 2015, and all 24 agencies received a C or higher in 2021.
And while these scores are amazing, please note that the federal government pays over $100 billion annually on IT investments. However, these investments are ineffectively managed.
If these agencies had a top-notch enterprise architecture (EA) solution, they wouldn’t have these issues. With this technology, agencies will have no problem with boosting their FITARA scores and more, in the following ways:
However, the federal government spends more than $100 billion every year on IT investments, but many of these technologies still aren’t managed effectively, according to the GAO. If agencies hope to continue improving their FITARA scores, they’ll need robust tools to collect accurate and complete data about their IT assets. This is where an enterprise architecture (EA) solution can be invaluable.
Here are three ways this technology can help agencies advance their technology business management maturity and boost their FITARA scores.
Data must be captured to calculate their FITARA scores. To calculate their FITARA scores, agencies must rely on data captured by their internal systems. To effectively capture this data, agencies also need a thorough inventory of their IT assets.
They need to know what virtual machines and physical servers are in their environment, what applications are running in their data centers, and what data these applications use and share.
An EA solution allows agencies to achieve a holistic view of their IT environment and better understand what assets they have and the business processes they support. With this tool, agencies also can establish their own completion criteria and measure against it. For example, this criterion could include application classification, application lifecycle, cost, software components and governance data. Once agencies set their criteria, they can measure the completeness of the data for each application to determine their score. This information also can be vital for decision-making and strategic planning, so an EA solution has long-term value for agencies beyond just reporting metrics to the GAO for FITARA scoring.
An EA solution, including alfabet, enterprise architecture integration tools, and more, is valuable for measuring the accuracy of the data. This data will then give data owners insights in one view.
Whether it’s application lifecycle or classification data, data owners ultimately are responsible for ensuring their data is accurate. However, this is difficult to do without visibility. It essentially provides a dashboard filled with details on the different attributes of an application. Using an EA tool, data owners also can set reminders for themselves to review applications or assets at specific intervals — for example, every 90 days — which provides another failsafe to ensure data accuracy.
An EA solution along with government resources, such as the NIST National Vulnerabilities Database (NVD), will help your organization to boost the FITARA scores and advance cyber maturity.
The NVD provides information about risks and threats. It’s particularly useful for finding out which products increase an agency’s security risks and the top 10 most common threats government organizations currently face. By using the common threats report, for example, an agency may be able to see that there are vulnerabilities associated with Apache web server version 2.4 or the Oracle HTTP server. From there, the organization can develop a plan of action to mitigate this specific vulnerability, which may include disabling the server’s FTP functionality or automating threat detection to identify and investigate potential anomalies more quickly.
In January, the federal government issued a mandate that requires agencies to implement a zero trust architecture strategy and meet specific cybersecurity standards. Adopting an EA solution not only will help agencies improve their FITARA scores, but also support their long-term cybersecurity strategy and better protect the high-value operational and citizen data they collect.
Powering Better IT Management and FITARA Scores
The GAO has recently added five scoring components. These components include:
- Measurements around software licensing
- Checking the use of capital funding
FITARA scoring is constantly evolving. In the last five years alone, the GAO has added five additional scoring components, including measurements around software licensing, cybersecurity and whether agencies are using capital funds for IT modernization initiatives.
In the future, agencies should expect more changes, which is why it’s critical to prepare for them now. Developing a comprehensive enterprise architecture strategy — supported by an EA tool with strong IT portfolio management capabilities — can give agencies more visibility into their data and IT assets, and potentially, pave the way for higher FITARA score.
For more information about an enterprise architecture solution and to boost your FITARA score, contact Software AG Government Solutions today. Software AG Government Solutions is a growth-based software organization committed to serving the Aerospace and Defense sector with IT solutions and local, state, and federal governments of the US. So, contact them today!
Want to improve or develop your EA strategy? Find out how our Alfabet planning & portfolio management tool can help.