Skip to main content

You are here

Submission #101

Submission information
Submitted by Mark Karkenny
Thu, 01/16/2020 - 8:33pm

SBA’s Maria Roat Proves Strategy and Speed Work Together

Many CIOs enter their role with an all-too common mindset that they must first draw up a perfect strategic plan before taking any steps. That doing anything less might label them as “tactical” rather “strategic. And all too often, they spend their first year and more creating elegant, complicated plans that invariably require greater budgets—and never come fully to fruition.

Ms. Maria Roat, chief information officer of the Small Business Administration (SBA), has proven a CIO can both fight fires and make transformational changes. In just three years, she moved the CIO office from a reactive, technical support organization into a proactive innovative services organization that’s responsive to SBA’s programs

Ms. Roat has 30 years of professional experience in information technology for the U.S. Department of Transportation, the Department of Homeland Security, the private sector, and in the Navy. Clearly, she learned important leadership as well as technology skills in these demanding environments—and SBA is now stronger for it. (To learn more about Ms. Roat’s background, please check out her bio.)

Recently, we talked with her to find out more about her work at the SBA and asked her to share some lessons learned with her ACT-IAC colleagues. Within a short piece like this, the following are just a few of the key steps Ms. Roat took: 

  • Made leadership and workforce changes, including building a strong leadership team with her Deputy, CTO, and CISO, and bolstering their IT workforce. From October 2016 to January 2017, the IT workforce vacancy rate dropped from 30% to 15%, proving that it’s possible to hire good people quickly in the federal government. In April 2018, she developed in partnership with their Chief Human Capital Office, an IT Workforce Strategic plan to continue to strengthen their workforce.
  • Focused on IT infrastructure. This included stabilizing and modernizing the network and desktops, and shutting down major components on their primary data center. She tackled these immediate needs, built credibility internally in the near-term, while still initiating broader strategic efforts.
  • Made strong cybersecurity gains. SBA was the first federal agency to deploy continuous diagnostic monitoring in a Federal Risk and Authorization Management Program-compliant cloud, saving approximately $250,000. In addition, SBA was one of three agencies chosen by the Office of Budget and Management (OMB) to participate in a trusted internet connection 90-day modernization pilot—and the only one to accomplish this within the timeline. And cyber improvements continue at SBA – a Cybersecurity Strategy was completed in January 2018, an enterprise cyber contract was awarded around that time, and Maria’s team continues to work closely with the Financial Sector on cyber threats and to upgrade their security tools.
  • Focused on modernizing SBA’s IT. This included stabilizing and updating the network, including a full inventory; upgraded to an Ethernet backbone; converged all voice and data circuits; deployed Windows 10/Office 2016 to over 1,200 laptops; and reviewed and evaluated all software and license agreements for reduction or to move to the cloud.
  • Launched a Cloud Initiative. In only 57 working days, the design, migration plan, and authority to operate (ATO) SBA’s cloud environment was completed! What’s more the move was self-funded through modernization savings, no new money was requested to complete this initial migration. And by the summer of 2018, her team was able to move the website to the cloud, making it a more reliable, resilient, web-based collaborative platform that is integrated with their desktop modernization effort.  

Ms. Roat and her team are now working more closely with the programs on mission modernization acquisitions, include providing a cloud platform for the Office of Investment and Innovation to create a funds-to-funds program that will involve tens of billions of dollars. They are also assisting the Office of Entrepreneurial Development on an acquisition to replace its main legacy system. These efforts include using customer relationship management tools to provide an end-to-end customer view as well as business intelligence tools to provide analytics as a service.

Lessons Learned

Ms. Roat shared some lessons learned, which are paraphrased below: 

  • Gain Credibility with Fast Tactical Wins - Having clear comprehensive strategic direction is important, but so are quick tactical wins that build credibility quickly with the agency’s leadership and workforce.  
  • Build the Right Team and Stay for Awhile - CIO tenure is important. Prior to Ms. Roat, there were eight CIOs in the preceding ten years. Ms. Roat has made a difference by staying at the helm for more than three years, building the right leadership team, and bolstering her workforce.  
  • Work Within Existing Budgets and Reinvest Savings - One of the pleasant surprises in talking with Ms. Roat is that she and her team made their early achievements without asking for additional funding. She delivered her results using existing funding and reinvested savings from other initiatives. Her budget was increased after her accomplishments became evident. 
  • Look to Cloud Migration for Significant Savings – Ms. Roat achieved savings from numerous initiatives, including improved governance and the elimination of software contracts. But turning to the cloud was particularly effective, including for and the data center modernization, in deploying virtual desktops rather than traditional hardware (this occurred during hurricanes Harvey, Irma, and Maria), and by creating a Continuous Diagnostics and Mitigation (CDM) program.


Ms. Roat offered a final piece of advice that I cannot overemphasize. And it’s not so much technology advice as it is a mindset. Too often, CIOs view the Office of Management and Budget policy and legislation as onerous rules they must comply with, rather than opportunities to improve IT management. The SBA team embraced Federal Information Technology Acquisition Reform Act, the Megabyte Act, and the President's Management Agenda. They used components of each to further support many of their IT modernization strategic initiatives like data center consolidation, software licensing, cloud migration, and cybersecurity improvements. In fact, Federal CIO Suzette Kent told us that she can always count on Maria to volunteer for OMB pilots and lead on key PMA initiatives. Ms. Roat and her team’s achievements over the past three years prove the value of that kind of thinking.

By Dave Powner, director of strategic engagement and partnerships at MITRE. This CIO SUCCESS STORY is the first in a series of brief case studies ACT-IAC contributors will write to share Federal IT lessons learned.

In 2020, ACT-IAC will be highlighting additional success story case studies that were prioritized from input from ACT-IAC members and the Federal CIO. These case studies include successes associated with working capital funds, IT metrics, EIS, GSA’s Centers of Excellence, and HHS emerging technologies. We are seeking volunteers to contribute to these case studies. Please contact Mike Howell at [email protected] or Dave Powner at [email protected] if you are interested.

Return to Newsletter