Previously, we touched on a steps your agency can take to improve your Incremental Development grade on the FITARA scorecard. Today, we’ll address some tactics your agency can use to get a better grade on the on the Transparency and Risk Management section of the FITARA scorecard.
Many agencies have continued to struggle with predicting and mitigating risks on large IT projects. The Dashboard section of the scorecard is designed to accurately measure if agencies are monitoring and acknowledging project risks.
When the last FITARA Scorecard was released in June, half of the agencies received a Dashboard grade of ‘C’ or lower. Four of which received an ‘F’.
Additionally, there were five organizations who received an ‘A’ in this category. One of which was USAID who raised their grade from a ‘D’ to an ‘A’ in the latest grades. In a recent article released by Federal News Radio, USAID CIO, Jay Mahanand said,
“The major change that we made to improve our scores centered around acknowledging the importance of transparency in IT management. By prioritizing transparency and accountability as well as efficiency, we are able to deliver better information technology solutions.”
So how can you increase transparency for your agency? Below are three steps your agency can take to prioritize transparency and accountability and improve your Dashboard grade on the FITARA Scorecard.
Step 1: Develop Risk Assessment Methodology
In order to mitigate risks, it’s important to understand what projects are in your pipeline and what the potential risks are with each of those projects. As you begin to understand this, you can use this to create a methodology for assessing project risks.
- Project Census: Develop a central repository or dashboard of current and planned IT investments / projects. Tracking risks on all projects (major & minor) is a standard commercial best practice
- Gather Input: Use your internal stakeholders and external subject matter experts to determine the early indicators that a project going off track. Compile this information into a list.
- Involve GAO: Your score is partially dependent on the degree to which GAO understands and accepts your methodology. Schedule a time to with GAO to review your methodology.
Step 2: Simplify Risk Rating Process
The next step is to come up with a simple, repeatable system for assessing each project in your dashboard. This creates a standard measurement for each project that you and your contractors can follow. As a result, it will make it apparent when a project is at risk. You can do this by following the steps below.
- Focus on Key Indicators: Using the methodology developed above, identify the key metrics to calculate risk ratings.
- Manage Contactors to Your Incremental Milestones: Since risks need to be measured and reported monthly, invest some time in building a process and tools to make risk assessment and reporting easy. For example, this could be done in a facilitated 15-minute a month team meeting.
- Document Decisions: Maintain a record of why you rated project risks as you did, and the data you used to make your decision. You’ll be glad you have this tractability if the project is audited years in the future.
Step 3: Aggregate & Report Risks
The last element of your grade will be based on your ability to document and track risks identified within projects.
- Aggregate Results: Compile your risks across projects into the form required for the IT dashboard. If you aggregate multiple projects into a single entry on your dashboard, be sure you’ve documented your approach to aggregation.
- Report to OMB: Don’t forget, your FITARA grade is based on what you report to the IT dashboard. So, it’s important that you get into a monthly cadence with reporting your data.
By making these changes, your organization will not only improve your Dashboard grade on the FITARA scorecard, but you’ll also mitigate risks across all of your IT projects. By identifying risks early, it will not only save your organization time, but money as well.
Interested in learning about other ways you can improve your FITARA score? Read the first two blogs in our FITARA series which cover the Megabyte Compliance and Incremental Development portions of the scorecard.