USAID Has Gaps in Conforming With the Federal Information Technology Acquisition Reform Act

USAID develop and implement a governance structure so that the chief information officer position reports directly to the Administrator as required by the Federal Information Technology Acquisition Reform Act and the Clinger-Cohen Act.

USAID revise Automated Directives System 101 to give the chief information officer the roles, responsibilities, and authorities to oversee all annual and multiyear planning, programming, and budget execution decisions, and reports related to information technology resources, as required by the Federal Information Technology Acquisition Reform Act.

USAID develop and implement policies that give the chief information officer authority for formulating and executing the information technology budget and overseeing information technology resources, as required by the Federal Information Technology Acquisition Reform Act.

USAID revise Agency policies and procedures to provide the chief information officer with information needed for overseeing all information technology investments and acquisitions to prevent, detect, and correct shadow and hidden information technology.

USAID issue a written decision on whether to authorize DTRAMS, and take appropriate actions to comply with security assessment and authorization controls in National Institute of Standards and Technology Special Publication 800-53 Revision 4, "Security and Privacy Controls for Federal Information Systems and Organizations."

USAID document and implement an inventory validation process to accurately and completely document information technology investments, the information technology systems inventory, and the Federal Information Security Modernization Act reportable systems inventory.

USAID document and implement processes for maintaining accurate records for, and managing the consolidation and streamlining of, its information technology resources, systems, data centers, and other shared information technology services in compliance with Office of Management and Budget Memorandum M-15-14.

USAID revise Agency policies, procedures, and directives to adopt the definitions of terms and requirements presented in Office of Management and Budget Memorandum M-15-14, including (1) information technology budgetary resources, personnel, and facilities and (2) acquisitions and interagency agreements that include information technology and the services or equipment provided by such acquisitions or interagency agreements.

USAID document and implement a process to enforce the competency requirements for information technology staff, including those in information technology leadership positions, and complete the assessment of competency requirements for information technology staff.