Skip to main content

Information Technology: Biannual Scorecards Have Evolved and Served as Effective Oversight Tools

GAO-22-105659 Published: Jan 20, 2022. Publicly Released: Jan 20, 2022.
Jump To:

Fast Facts

The federal government annually spends more than $100 billion on IT investments—many of which have suffered from ineffective management. Congress and the President enacted laws, such as the Federal Information Technology Acquisition Reform Act (FITARA), to improve this.

Since November 2015, Congress has biannually assigned letter grades (i.e., A, B, C, D, or F) to 24 federal agencies on their efforts to implement FITARA and manage IT.

We testified that these scorecards have evolved beyond FITARA and have served as effective oversight tools that show steady improvement. In 2015, 7 agencies got a C or higher, but in 2021, all 24 agencies did so.

Biannual IT scorecards show steady improvement.

line graphic showing steady improvement between Nov. 2015 and Dec. 2021

Skip to Highlights


What GAO Found

The Subcommittee's biannual scorecards initially focused on agencies' progress in implementing statutory provisions contained in the Federal Information Technology Acquisition Reform Act (FITARA) on topics such as incremental development and data center consolidation. The scorecard evolved over time to include additional IT-related components such as Chief Information Officer (CIO) direct reporting, software licensing, and cybersecurity (see figure).

Biannual Scorecards Release Timeline with Associated Components

The biannual scorecards have served as effective tools for monitoring federal agencies' efforts in implementing statutory requirements and addressing other important IT issues. For example, the Subcommittee-assigned grades of agency performance have shown steady improvement. Specifically, from November 2015 through December 2021, agencies receiving C or higher grades increased from 29 to 100 percent (all agencies). For the most recent scorecard, 50 percent of agencies received an A or B. This escalation in grades reflects the notable improvements in components of the scorecard. For example:

  • Portfolio review savings. The amount of cost savings and avoidances reported from annually reviewing IT portfolios increased from $3.4 billion to $23.5 billion.
  • CIO direct reporting. The number of agency CIOs that report directly to the Secretary or Deputy increased from 12 to 16 of the 24 agencies.
  • Software licensing. The number of agencies with comprehensive, regularly updated software licensing inventories went from 3 to all 24, resulting in the removal of this component from the scorecard.

Going forward, it will be important for Congress to continue adapting oversight tools, such as the biannual scorecards, to meet the advancing federal IT landscape.

Why GAO Did This Study

The federal government annually spends more than $100 billion on IT and cyber-related investments; however, many of these investments have failed or performed poorly and have often suffered from ineffective management.

To improve the management of IT, Congress and the President enacted FITARA in December 2014. The law better enables Congress to monitor covered agencies' progress in managing IT and hold them accountable. FITARA applies to the 24 agencies subject to the Chief Financial Officers Act of 1990, although not all FITARA provisions apply to the Department of Defense.

In November 2015, this Subcommittee began issuing biannual scorecards as an oversight tool to monitor agencies' progress toward implementing FITARA and subsequently, other IT-related issues. The scorecards rely on publicly available data to track and assign federal agencies letter grades (i.e., A, B, C, D, or F). As of January 2022, thirteen scorecards had been released.

GAO was asked to testify on the evolution and effectiveness of the biannual scorecards. For this testimony, GAO relied primarily on previously issued products.

For more information, contact Carol C. Harris at (202) 512-4456 or

Full Report

Office of Public Affairs


CybersecurityData centersE-governmentFederal agenciesHigh-risk issuesInformation securityInformation systemsInformation technologyIT investment managementIT investmentsSoftwareTelecommunications