New Federal-State IT Funding Model?

Washington CIO Gary Robinson resigns, Dan Lohrmann named Michigan's acting chief technical officer.

by / February 19, 2009

With the election of Barack Obama as the new U.S. president, the public-sector CIO community senses an opportunity to change the status quo of federal funding for state and local programs, especially those involving IT.

In fiscal 2009, the federal government will deliver $300 billion for programs that states must administer - in many cases those that localities actually deliver. Add in Medicaid and that's about $600 billion that will flow from the feds down to state and local government. Embedded in that sum are funds for IT systems that nonfederal agencies and jurisdictions must acquire or develop, implement, maintain and secure.

State and local CIOs will tell you that the current system for distributing federal dollars to fund state and local IT systems is flawed at best, and many say it's completely broken.

In 2006, the National Association of State Chief Information Officers (NASCIO) issued a call for action on this problem, pointing out that "one of the foremost barriers to implementing an enterprise consolidation and shared-services environment lies in the often inconsistent application of federal programmatic rules for IT investments by the states. Problematically this inconsistency results in a process by which each state must negotiate how IT investments are applied, culminating in a variety of different interpretations and outcomes."

Last year Colorado CIO and NASCIO Director Mike Locatis took up the cause for reform. Colorado is consolidating its many IT systems and developing platforms for an enterprise architecture that would support shared services. Despite groundbreaking legislation to rework the state's IT systems into a more cohesive and manageable operation, Locatis realizes, based on other states' experiences, that federal guidelines may limit his options and reduce the needed flexibility to bring about the changes he and Gov. Bill Ritter envision. With the election of a new president, Locatis feels the chances for change are better than ever.

"A new administration gives us a new view and new hope that we can have some improvement in the federal-state-local delivery of these IT programs that are often linked to federal program delivery," he said.

Locatis believes the solution lies in a top-to-bottom overhaul of the existing model for identifying and investing in IT systems that support the increasingly complex services that citizens need. It starts with how the feds lead and organize IT, according to Locatis. He points to issues raised by U.S. Sen. Tom Carper, D-Del., in a July 2008 Senate Subcommittee Hearing about "The Dismal State of Information Technology Planning in the Federal Government." The hearing highlighted reports published by the Government Accountability Office (GAO) and various congressional committees that exposed the problem's depth. For example, 413 major IT projects worth a combined $25.2 billion are poorly planned, poorly performing or both, according to a 2008 GAO report.

What do federal IT failures have to do with state and local IT investments? "We need to correct that huge portfolio of failing or troubled IT projects and put them back on the right track, and then drive some of the great federal enterprise efforts through the programs to state and local governments so we don't have the feds delivering a litany of disparate projects that lack flexibility to state and local government," Locatis said.

Locatis believes that leadership from the top can help the flexibility of federal-state IT investments, in part by empowering federal agency CIOs to become involved in how federal programs are delivered to the states. "Clinger-Cohen [the Congressional act that created federal CIOs] has buried agency CIOs deep within the federal agency organization, where they lack the authority to get involved in delivering programs from the agency down to the state and local level," Locatis explained.

If federal CIOs can demonstrate to their agency program planners how the flexibility of enterprise architecture and shared services can help state and local CIOs do their job better, Locatis said, then some of the more restrictive federal guidelines that hamper flexible IT investments could be rolled back.

Currently federal-state IT delivery models vary from program to program - with a wide spectrum of results. They range from "point solutions" that bypass the states altogether, which limits any possibility to create standards and interoperability models that could lower IT costs; to matched program grants and state agency solutions that limit the use of enterprise architectures; to a few solutions that are either federated or enterprise in their approach, and thus more likely to succeed. In addition, most federal programs discourage the co-mingling of assets (i.e., hardware, such as servers) and funding between programs at the state level.

"The bottom line is that the current federal-program funding approach promotes costly state IT stovepipes," lamented Locatis. He wants a shift toward a shared-services model that would drive benefits in different directions, from program-specific staff, infrastructure and vendor support agreements to a shared-services model that allows the application of proven, cost-effective practices - like server and storage virtualization - and enterprise disaster recovery and security functions. This new model would let states use enterprise assets consistently across many programs.

More flexibility for how states can spend federal IT dollars would also result in better use of resources, such as cross-trained IT workers, greater adoption of enterprise standards and less operational risk in infrastructure and cyber-security.

Transitions, Career Changes

Washington state CIO Gary Robinson resigned his position as of Dec. 31, 2008. Robinson was the director of the Department of Information Services since 2005. His departure comes at a critical time in the state's IT mission, according to Paul W. Taylor, chief strategy office of the Center for Digital Government.

With a looming state budget deficit of almost $6 billion and cost overruns plaguing a proposed data center, the state IT executive position became a bigger challenge. In September 2008, Robinson was appointed NASCIO vice president and was slated to become president in 2010. NASCIO announced Utah CIO Steve Fletcher would replace Robinson as the association's vice president.

The IRS appointed Terence Milholland as the agency's chief technology officer. Milholland will be responsible for all aspects of the systems that operate the nation's tax infrastructure. He will oversee a multibillion dollar budget and the 7,000-person organization. The IRS maintains more than 400 systems that enable the processing of more than 200 million tax returns each year. The current CIO will report to him.

Long-time NASCIO member Karen Newman, Education Services Division director of the Mississippi Department of Information Technology Services (ITS), retired from the state after more than 29 years of service. As legislative liaison for ITS, she worked closely with the governor's office, Mississippi State Legislature members, and other statewide elected officials on technology and funding issues.

After becoming Michigan's first chief information security officer (CISO) in May 2002, Dan Lohrmann will be stepping up to be the state's acting chief technical officer and director of the Infrastructure Services Administration.

Trent Carpenter will assume the position of acting CISO and director of the Office of Enterprise Security.

Lohrmann will replace Deputy Director Patrick Hale, who left on Jan. 27 to take on the role as chief technical officer of Sparrow Hospital based in Lansing, Mich.

In November 2008, Governing magazine named Lohrmann one of eight government leaders to win the Public Officials of the Year award. He also won the CSO of the Year award in 2008 from SC Magazine, which sponsors the U.S. Awards Program for outstanding achievement in IT security.

Lohrmann is a regular contributor to Public CIO magazine, where he covers IT security in the column Security Adviser. He will continue to write and blog for Public CIO and will cover IT infrastructure and integration issues.