f you haven't heard about the new chief information officer (CIO) at your agency, don't feel bad. Calls to public affairs offices soon after the Aug. 8 deadline for filling the new posts brought responses such as, "Chief information officer of what?" and "What's that? Why haven't I heard of that?" Created to wring some of the risk and expense from information technology investments in government, the CIO job remains shrouded in the same mystery and confusion often attached to information technology itself. Few in government know it, but most of the 24 agencies required to have their CIO candidates blessed by the Office of Management and Budget have done so. It's an inauspicious beginning for a job created to lead a revolution in the way government uses technology.
CIOs aren't entirely new to government. Many agencies already have them, usually in charge of the information systems shop. CIOs are common in the private sector, as well, though the title means different things to different companies. What is new in government is the type of CIO mandated for all Cabinet departments and recommended for all agencies by the 1996 Information Technology Management Reform Act (ITMRA). This CIO is a different creature who sits at the right hand of the agency head and kicks off a cascade of information technology (IT) changes designed to ripple through every office and outpost.
The anticipated reach of the CIO is so great that "only superpersons need apply," according to "The Chief Information Officer: A Seat at the Table," a report by the Association for Federal Information Resources Management.
The CIO duties and responsibilities set out by ITMRA and its follow-on reports are overwhelming. They range from mastering, maintaining and improving an agency's existing IT resources to challenging senior officials to reengineer their organizations to ferreting out and recommending IT innovations. The new-model CIO is to have "an enterprisewide view-a process orientation, as well as an understanding of the business, the technology and the organization-which offers a unique perspective to the senior executive team," according to a July 15 report by the Industry Advisory Council, a group of corporations working to bring private and public leaders together to discuss IT issues. CIOs are to conjure an agency IT vision and market it, advise senior officials on which IT investments to make, set agency standards for compatible systems, oversee IT acquisition, and make sure performance measures are built into every IT project. The CIO is expected to have or to build excellent relationships with the agency head, senior executives and managers; to know the agency culture and how to operate in the federal bureaucracy; and to be conversant in all the recent IT, acquisition and performance management laws and regulations. "Ultimately it's like whenever you have a complicated system: You want somebody who can walk on water," says John Koskinen, OMB's deputy director for management.
CIO Gene Pool
There's some concern whether such people even exist. "The challenge we face is finding enough qualified people," says a key aide to Sen. William Cohen, R-Maine, who authored ITMRA. "It's got to be somebody who has a strong business background, but who understands the relationship of technology to improving operations. They've got to have familiarity with large organizations." The source of the best CIO candidates is a matter of debate: Do they come from within or outside government? "Government CIOs have in their gene pool how to function in a bureaucracy," says Renato DiPentima, former Social Security Administration CIO, now in the same job with Systems Research and Applications in Arlington, Va. "People from the private sector side have problems because they can't function in government, but private sector people have good techniques and a big willingness to learn."
Also contentious is the discussion of which background-IT or general management-produces better candidates. David McClure, associate director of the General Accounting Office's Accounting and Information Management Division, has been reviewing the resumes of agency CIO candidates. "There's quite a mixed bag coming in," he says. "In some cases they've been people devoid of any technological expertise whatever. We're trying to impress on agencies that you want somebody with a demonstrated track record in putting in technology systems." Business researchers are on both sides of the debate, but slightly favor those with an IT background. Koskinen concurs. "My instinct is that if they have no experience managing IT issues it's a higher risk than if they have a lot of experience with IT and not as much experience on the business side," he says. "Most candidates have more IT background with a reasonable amount of it making IT decisions at a high level. They are comfortable with the jargon, but also with management and organization."
More important than their pedigrees is whether CIOs will be able to use their newly legislated access to top agency officials and power in IT decision-making. "The most important challenge is to ensure that the CIO is a major participant in agency management," Koskinen says. "When a senior official says 'We're going to automate this process,' and [the CIO] says 'Why are we doing this at all, couldn't somebody else be doing it?' those are hard questions. And the third [question]-'Is there a different way to do it to get more return?'-you're really asking questions people have not asked before. It's a big change for people who have historically thought of information technology as a technical issue two or three levels below this." CIOs won't solve agencies' IT problems alone, McClure says. "You can't go out and find a czar who magically resolves all your problems for you. IT decisions need to be made jointly with the other executives, not just by the CIO."
To guarantee CIOs a power base, the Clinton Administration and agencies must make CIOs major budget players, argues the Industry Advisory Council report. A CIO working group of 80 IT officials from 24 agencies says CIOs "must have both fiscal and organization authority over IT investments." Koskinen says agencies should guarantee CIOs budget power by having them lead investment boards reviewing IT proposals and deciding how resources should be allocated. "The budget process is deliberative," he says. "CIOs have to be players in the process."
In addition to budget authority, ITMRA envisions CIOs as cheerleaders for efforts to reengineer operations at their agencies. Some view this as a potential pitfall. Paul Strassman, the Defense Department's former director of information who is now a private consultant, suggests the reengineering role could doom CIOs to lousy relations with the very program managers they must win over to the new IT vision.
Leading reengineering efforts "makes [CIOs] extremely vulnerable in their relationship with their peers, on whose support they depend," Strassman argued in a recent article in Datamation magazine. "Reengineering focuses on eliminating unnecessary management positions and . . . has a devastating effect on management morale."
Koskinen argues that the chief information officers created under ITMRA are at less risk than Strassman fears. "The CIO is not mandating reengineering, he's raising the question so the agency head can make a knowledgeable decision on a question that wasn't raised before," he says. "If you say you need to automate accounting, the [CIO's] answer will be that you will have to customize a solution unless you change the way you do it so you can buy an off-the-shelf system."
The CIO's voice should be just one among many advocating rethinking, restructuring or streamlining operations, says GAO's McClure. "The senior executive team should have made the decision [that] they are going to ask themselves these questions before [making] IT investments," he says. "It won't work if they have not. You will have the CIO in an impossible political position in the agency."
A Whole New World
By far the greatest challenge confronting newly minted CIOs is putting in place the new performance-based system for managing and purchasing information technology called for by ITMRA. "Before [ITMRA], there was no capital planning. We bought systems without a business plan," says Joe Thompson, CIO at the General Services Administration. "Before, there were no measurable results. We measured paperwork, not whether we got results."
But the very emphasis on measuring IT's value already has many experts scratching their heads. "ITMRA wants you to make a decision based on the return on [an IT] investment before you commit to the investment. It's a whole new world," said Alvin Pesachowitz, the Environmental Protection Agency's OMB-approved CIO, at a forum of the Association for Federal Information Resources Management in April. "We can get our hands around what IT costs and maybe what kind of savings or expenses would be avoided via the application of IT. The problem is, I have to figure out what the net income is of the system built for Superfund. The investment in IT is a secondary effect of the decisions to invest more in Superfund or hazardous waste and what you need to do it effectively. In the private sector, it's not done that way. It's driven by the bottom line," Pesachowitz lamented.
But Pesachowitz is wrong. Even the private sector hasn't licked the problem of calculating the return on investment for IT. "Government or not, this is a knotty problem, says Howard Rubin, chairman of the Computer Science Department at Hunter College of the City University of New York. "There is definitely no standard way of dealing with the business value or calculating the return on investment for information technology. ROI is very contextual. What these guys have to do is create a food chain. What's the connection between cleaner air and systems? Not that it's a hard linkage, but they do have to understand and trace through the chain starting with cleaner air."
Koskinen, who admits he is an optimist, says the measurements can be done. "You're compelled, if you shorten the time [it takes to accomplish work, to] assign a monetary value. You can get some measure in terms of the time value of the money to the beneficiary," he says. "If you increase tornado warning time, you can figure the advantage of IT in property."
Build a Little, Test a Little
CIOs can ease some of the pressure of calculating IT's value by buying and measuring technology in smaller increments, says Koskinen. "We want to do less buying of 10-year development projects. The best private sector companies do modular purchasing and design. We have to do it so we measure in two- to three-year modules, so we can dump or adjust systems [that aren't producing] in that increment." Those with experience in the approach say it works. "In 1962, when I first came into this business, I saw a landscape littered with failures-grand plans and schemes designed to last a long time without a plan for change," says Barry Horton, principal deputy assistant Secretary of Defense for command, control, communications and intelligence. "With DoD's global command and control support system, we build a little, test a little, build a little, test a little, and we're adjusting as our customers and technologists say we should adjust. It's a much better system than if you do it all in advance and the design is frozen."
By building better business cases and buying incrementally, CIOs can ward off another looming problem: an increasingly stingy and skeptical Congress. Henry Philcox, former IRS chief information officer, now in the same post at DynCorp in Reston, Va., warns that election-year turnover causes big headaches in the IT world. "To have long-range planning is really, really tough in government. There's no patience. I had at least four to five changes in administration and congressional committee structures. I had to re-educate them every year and each time people came in with a very different viewpoint: 'You spent how much? On what?' "
Even armed with performance measures at regular intervals, CIOs will need forbearance from turf-conscious and impatient legislators, according to the Industry Advisory Council report. Putting a new IT system into effect "requires that Congress concur across various committees that the objectives of ITMRA supersede traditional appropriation and oversight processes," the report says. McClure cautions CIOs not to expect legislators to let up. "I don't think you'll see them giving it lots of time and patience," he says. "They recognize the difficulties and the barriers, but I don't think you will see them sit back and wait for change to happen." McClure says GAO is working with OMB and the Hill to at least make sure participants in the oversight process are asking the same questions agency senior executives should be asking themselves.
Whether or not Congress cooperates, CIOs are assured of help from other quarters. President Clinton ordered the creation of a CIO Council, an Information Technology Resources Board and a Government Information Technology Services Board. The resources board is a group of senior IT personnel from 14 agencies who will help with tough IT problems and publicize lessons. The services board is a group of agency experts in cross-cutting IT areas like electronic benefits and health care, who will promote interagency cooperation and develop governmentwide IT standards.
"The expertise in departments is not sufficient for the government at large, so the CIO [council] becomes a board of directors to make big business decisions," says GSA's Thompson. "If you talk about the FAA system, tax systems modernization, you're talking about the largest systems in the world. Most individual agencies do not have the expertise. Fortune 500 companies buy expertise, so we want to draw on expertise across the government and outside it."
The only real measure for CIOs' performance, ITMRA's success and IT's value is whether agencies reap technology's benefits. "It's not just about how you structure the case [for a project]," says Rubin. "If you concentrate on the justification side, you'll have a government with agencies that all have wonderful justifications and perhaps no benefits success at all." McClure says GAO, OMB and Congress have foreseen this problem. "We're not advocating agencies devote all their energy to devising grandiose justifications," he says. What counts, McClure and Rubin agree, is modifying the behavior of government and its managers. Agencies must understand, Rubin says, "We won't give you the money unless you have a damn good financial reason and you've proved you can harvest the benefits."