As of September 2015, the Food and Drug Administration (FDA), an agency within the Department of Health and Human Services (HHS), had developed and released a new information technology (IT) strategic plan, entitled Information Technology Strategic Plan, Version 1.0 . The plan, according to the agency's Chief Information Officer (CIO), was developed to help the FDA's Office of Information Management and Technology (OIMT) address business challenges facing the agency through the implementation of IT. The plan describes the current state of the agency's IT environment, along with OIMT's mission, vision, and the objectives of three strategic themes — quality service, security, and efficiency. The plan also defines performance measures and initiatives intended to support the office's strategic themes.
Nevertheless, the plan lacks key elements that the GAO previously recommended be included in a comprehensive strategy to align with the agency-wide mission and goals, and allow the plan to be used for managing IT investments to more effectively address business challenges. For example, FDA's IT strategic plan does not align with strategic priorities and goals that the agency defined for 2014 through 2018. Further, it does not identify results-oriented goals and performance measures and milestones, or targets for measuring the extent to which outcomes of IT initiatives support the FDA's ability to achieve agency-wide goals and objectives; strategies that the governing IT organization will use to support agency-wide goals and objectives; and key IT initiatives and interdependencies to be managed. The agency's CIO stated that this version of the strategic plan was developed to address challenges related to processes, technologies, roles, functions, and capabilities for improving the operations of OIMT, which has the responsibility for managing IT. However, the FDA has not yet defined schedules or milestones for managing and completing the development and implementation of future versions of the plan that would reflect actions intended to address the agency-wide mission and goals. Until the FDA incorporates these key elements of comprehensive IT strategic planning into its plan and fully implements the plan, it will lack critical information needed to align information resources with business strategies and investment decisions, and be hindered in determining whether outcomes of its IT initiatives are succeeding in supporting agency-wide goals.
IT systems are critical to the FDA's ability to achieve its mission. The GAO previously reported on limitations in a number of FDA's key IT areas, including data availability and quality, information infrastructure, the ability to use technology to improve regulatory effectiveness, and investment management. The GAO recommended that the FDA take actions to address these limitations, including the development of a comprehensive IT strategic plan to provide direction for modernizing the agency's IT environment.
The Food and Drug Administration Safety and Innovation Act of 2012 included a provision for the GAO to report on the FDA's progress regarding an IT strategic plan and implementation of the GAO's prior recommendations. This report provides an assessment of the (1) status of FDA's efforts to develop and implement an IT strategic plan that includes results-oriented goals, activities, milestones, and performance measures; and (2) extent to which the FDA has addressed the GAO's prior IT-related recommendations.
The GAO recommends that the FDA define schedules and milestones for incorporating into its IT strategic plan elements that align with the agency's mission and business strategies, and fully implement the plan.