To require the Administrator of the Small Business Administration to implement certain recommendations relating to information technology modernization, and for other purposes.
Sponsors
Legislative Progress
Passed HouseReceived; read twice and referred to the Committee on Small …
Passed House (inferred from eh version)
Committed to the Committee of the Whole House on the …
Mr. Cisneros (for himself and Mr. Jack) introduced the following …
Summary
What This Bill Does
The SBA IT Modernization Reporting Act requires the Small Business Administration to fix problems with its computer systems by following recommendations from the Government Accountability Office (GAO). It mandates that SBA submit a detailed plan to Congress within 180 days explaining how it will improve its IT risk management, cybersecurity, and project planning.
Who Benefits and How
- Small businesses that rely on SBA systems (like loan applications and disaster assistance programs) benefit from more reliable, secure IT infrastructure
- IT contractors and consultants who work with federal agencies may see new opportunities as SBA upgrades its systems
- Government accountability advocates benefit from increased transparency through mandatory reporting and congressional briefings
Who Bears the Burden and How
- The Small Business Administration faces new compliance requirements including developing and implementing 11 specific IT policies
- SBA's Chief Information Officer and IT staff must create implementation plans, risk documentation, and cost estimates following GAO guidelines
- SBA leadership must provide briefings to Congress within 30 days of submitting their implementation plan
Key Provisions
- Requires SBA to implement GAO recommendations from the November 2024 report on IT modernization risks
- Mandates an implementation plan within 180 days covering risk management, cybersecurity, scheduling, and cost estimation
- Requires 11 specific policies including explicit risk documentation, risk management strategies, cyber risk planning, traceability analysis, and involvement of security experts in contractor selection
- Requires SBA to follow GAO best practices for project schedules and cost estimates
- Mandates a congressional briefing within 30 days of the plan submission
Evidence Chain:
This summary is derived from the structured analysis below. See "Detailed Analysis" for per-title beneficiaries/burden bearers with clause-level evidence links.
Primary Purpose
Requires the Small Business Administration to implement GAO recommendations on IT modernization risk management and submit an implementation plan to Congress.
Policy Domains
Legislative Strategy
"Improve federal agency IT modernization practices by requiring compliance with GAO best practices and risk management recommendations"
Likely Beneficiaries
- Small businesses relying on SBA IT systems
- Federal IT security and risk management professionals
- Government accountability advocates
Likely Burden Bearers
- Small Business Administration (compliance and reporting requirements)
- SBA IT staff (implementation workload)
Bill Structure & Actor Mappings
Who is "The Secretary" in each section?
- "the_administrator"
- → Administrator of the Small Business Administration
- "the_comptroller_general"
- → Comptroller General of the United States (GAO)
- "the_chief_information_officer"
- → Chief Information Officer of the Small Business Administration
We use a combination of our own taxonomy and classification in addition to large language models to assess meaning and potential beneficiaries. High confidence means strong textual evidence. Always verify with the original bill text.
Learn more about our methodology