SBA CIO grapples with modernization
A House committee urged the Small Business Administration CIO to flatten the org chart and improve on cybersecurity.
Small Business Administration CIO Maria Roat testified on Capitol Hill on July 12 about her efforts to modernize her organization.
Small Business Administration CIO Maria Roat has made a raft of changes since taking over the job 10 months ago. Roat, a former CTO at the Department of Transportation and a veteran of the Department of Homeland Security and the Navy, told a House panel on July 12 that she was making progress in tackling organizational, technological and security issues that have dogged the agency for years.
Roat reported that the organizational structure has been shifted, with the CIO reporting to the chief operating officer and the digital service team reporting to the CIO. The SBA CIO now has been given approval power for acquisition plans for all new IT contracts, as a check against possible duplication and interoperability issues. These changes could potentially help improve SBA's dismal D- on the Federal IT Acquisition Reform Act report card issued in June.
SBA is due to spend just under $100 million on IT in fiscal year 2017, according to data on the IT Dashboard.
"What we've done in the last nine months has just been phenomenal, Roat told FCW after the hearing. "We are not taking little steps. We are taking big steps."
House Small Business Committee Chairman Rep. Steve Chabot (R-Ohio) asked about the 39 unresovled recommendations that the SBA inspector general had flagged in an October 2016 report. About 12 had been recently closed or soon would be, according to Roat.
Rep. Nydia M. Velázquez (D-N.Y.), the committee's ranking member, expressed her concerns over the agency's cyber shortfalls, telling FCW that "we should expect every federal agency to make cybersecurity a top priority -- so it is disconcerting that SBA's Office of CIO has had such severe problems for so long."
Congress is also looking at legislation that would bolster SBA's role as a resource providing help to small businesses looking to improve their own cybersecurity. A measure was introduced in June to expand training programs for small business development center employees to become proficient in cybersecurity strategy.
NEXT STORY: How FedRAMP Keeps Getting Faster