VA two years behind schedule on issuing secure ID cards, IG concludes

Agency unlikely to be able to issue all 741,000 credentials until 2017

The Veterans Affairs Department is nearly two years behind schedule in implementing secure credentials for employees and contractors under a governmentwide directive, according to a new report from the VA's Office of Inspector General.

To date, the VA has issued approximately 9 percent of the necessary credentials to its workforce, including contractors, under Homeland Security Presidential Directive-12 HSPD-12), Belinda Finn, assistant IG for audits and evaluations, wrote in the Sept. 30 report.

In comparison, federal agencies overall issued about 59 percent of their HSPD-12 credentials by the deadline. Also, the VA issued some of those credentials without the required background investigations, the report said.

Related stories:

DHS falls behind in issuing HSPD-12 ID cards, IG says

Handheld devices verify fed worker identity for HSPD-12

“While VA has made little progress in implementing a reliable and effective program in compliance with HSPD-12, management efforts are underway to strengthen program implementation,” Finn wrote.

“VA is almost 2 years behind the governmentwide October 2008 deadline for full compliance with HSPD-12,” she added.

Furthermore, VA also is unlikely to meet the VA chief of staff’s October 2011 deadline and, if current issuance rates continue, probably will not issue all 741,000 credentials until 2017, Finn wrote.

Under the directive, federal agencies must issue personal identification cards that meet federal standards for access control and security.

In addition, the IG found that at the VA, the personality-identity verification program being used to support the credentialing does not meet all critical mission requirements, and controls needed to track and provide accountability over costs are week.

Finn blamed the VA’s lack of progress on an ineffective management and failure to make the program a priority.

Although a Program Management Office for HSPD-12 has been in place at the VA since October 2009, the office lacks the resources and critical management tools necessary to direct and operate a departmentwide program, Finn wrote in the report.

The IG made two recommendations:

  • That the VA's assistant secretary for operations, security, and preparedness ensure that the program management office has the necessary resources and management tools in place to direct and implement the HSPD-12 Program.
  • That the assistant secretary for operations, security, and preparedness and the assistant secretary for information technology address deficiencies in the personal identity verification system and other operational deficiencies in the HSPD-12 program.

VA officials agreed with the findings and recommendations.

About the Author

Alice Lipowicz is a staff writer covering government 2.0, homeland security and other IT policies for Federal Computer Week.

Cyber. Covered.

Government Cyber Insider tracks the technologies, policies, threats and emerging solutions that shape the cybersecurity landscape.


Reader comments

Wed, Oct 12, 2011 Truth Is washington, dc

The VA needs to stop trying to bring new hires on board too quickly, and slow down until the subject they are trying to hire has fingerprints taken, and the subject's investigation has been "SCHEDULED" by OPM Investigative Division. All too often the VA yields more to titles and pleasing people which in turns leads to circumventing the system. Besides the VA is really large and does not have the necessary staff to handle the volume of incumbents that it receives. The VA lacks the staff, and up to date technology equipment, properly trained contractors & employees, and space in order to do a sufficient job as required. This reports seems not to take none of that into consideration and is very one side and lacks depth.

Wed, Oct 6, 2010 Employee

I agree with Tim. What good are these cards really? The whole concept is useless. Just another DoD inspired security paranoia gravy train for some contractors to spend millions of tax dollars on cards no one really uses and with no definable purpose. A solution looking for a problem indeed.

Wed, Oct 6, 2010

Outsource it to DoD, and put them all under DEERS. A lot of recent VA hires probably already have a presence in DSEERS anyway.

Wed, Oct 6, 2010 Tim

These issues aside, the whole thing is a solution in search of a problem. I have a CAC card but don't see any advantge to it. I still use my facility card for electronic access and it will be years or decades before electronic entry systems are replaced at tremendous expense to the taxpayer to recognize these cards through the VA, which is the 2nd largest Federal department.

Tue, Oct 5, 2010

Typical Gov't work... two years into a three year plan and they are two years behind.... two years of pay for nuttin!

Show All Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group