VA and SBA downgraded on security
The Veterans Affairs Department and Small Business Administration fell a notch in the latest e-government ratings on the President’s Management Agenda scorecard because of IT security weaknesses.
Both lagged on progress in certification and accreditation of their major IT systems, causing them to slip.
“VA dropped to red in status primarily due to its security status, which impacted most of its business cases,” an Office of Management and Budget official said.
VA’s CIO, Robert McFarland, said: “The VA in general did not give it the attention it deserved. And the coordination, training and consulting that needs to get done is a difficult task, especially as big as we are and as decentralized as we are.”
Most of VA’s hundreds of systems reside across the country in its hospitals and other facilities. McFarland said the department is holding seminars for its systems officials and has put in place a blanket purchasing agreement with multiple vendors for services. VA plans to certify all its systems before the fall, he said.
SBA slipped from green to yellow. “Our situation is comparable to VA’s—having to do with our certification and accreditation processes and our plan of action and milestones processes,” SBA acting CIO Jerry Williams said.
The agency expects to turn around its security and be back to green on the PMA soon, he said. It is “not a slam dunk, but we are hoping that we can fix them” by the end of next month, Williams said.
Connect with the GCN staff on Twitter @GCNtech.