
Cyber Edu
What is FITARA?

What is FITARA?
The Federal Information Technology Acquisition Reform Act (FITARA) was passed by Congress in December in 2014 and represented the first major refresh of Federal information technology systems and infrastructure in almost 20 years. This historic law puts federal agencies in control of IT investments, but also requires them to provide the Office of Management and Budget (OMB) with the following information:
- A comprehensive inventory of data centers
- A consolidation and optimization strategy for data centers (including timelines, performance metrics, cost savings plans and investment)
- quarterly progress reports detailing the agency's strategy
The OMB will also provide agencies with a process to review their information technology investment portfolios to consolidate management and acquisition functions, reduce duplication and waste, and enhance cost savings.
In a nutshell, FITARA helps to create greater transparency for agency IT spending and provides agency CIOs with the authority they need to improve efficiencies and address challenges.
Identify and categorize cloud apps to access risk with Forcepoint CASB
Identify and categorize cloud apps to access risk with Forcepoint CASB
What Objectives Does FITARA Address?
FITARA addresses several objectives within Federal government agencies, including:
- Strengthening the accountability of federal agency CIOs for IT costs, security and performance
- Aligning IT resources with agency requirements and missions
- Improving planning, programming, budget, and execution for IT resources
- Improving transparency into IT resources
The FITARA Scoring System and How It Works
One of the most important aspects of FITARA is an annual "scorecard" that is used to grade agencies on how well their policies are aligning with the initiative.
This quarterly scorecard focuses on four key areas:
- IT Portfolio Review Savings - the total portfolio savings on each agency is divided by its total IT budget. The result is then compared to the ratio of the leading agency.
- Data Center Consolidation - this includes an inventory of existing data centers and also a strategy for optimizing and consolidating the data centers including any planned cost savings. Scores are based on the percentage of planned savings achieved.
- Risk Assessment Transparency - scores are based on whether the IT investment can accomplish its goals.
- Incremental Development - this score is based on the percentage of IT investments that delivered functionality every 6 months (compared with delivering functionality several years in the future).
How to Achieve a Better FITARA Score
Transparency is the key to achieving a better FITARA score, but it isn't always easy for agencies to achieve that transparency. It's not because they don't want to, but typically most don't have enough visibility into their networks and systems to allow transparency. The good news is that there are a number of ways to achieve greater visibility and an improved score as a result.
Software Licensing
Historically, it is usually the agencies that fail to provide updated software licensing inventories that achieve the lowest scores. This is usually because many license spending tends to be buried deep within the budget and forgotten about. Using automated software license discovery tools will help you to gain visibility of licenses across your agency, optimize your inventory and report the savings.
Risk Management
When you know and understand what technologies and applications are in use across your infrastructure, you immediately ascertain potential vulnerabilities and reduce risk. Software and network inventory monitoring solutions can provide IT professionals with insights into the components that are impacting their networks.
Application Optimization
Enhanced visibility can also help IT managers to identify any legacy applications that need to be modernized. Legacy applications that are critical to business operations could be a risk as they become increasingly hard to manage and continue to sit on obsolete hardware. However, modernization can be a challenge which is why applying a DevOps approach can help you to achieve your goals. As you continue to migrate your legacy applications to agile data centers, you can eliminate risk and reduce costly overheads.
Final Thoughts
For Federal government agencies that are affected by FITARA, the challenge is in understanding how to optimize your infrastructure so that your score improves and your vulnerabilities lessen. The key to that understanding is visibility.