Outsourcing some services could be risky

One DHS agency is outsourcing disaster recovery

The Immigration and Customs Enforcement (ICE) agency recently issued a draft statement of work seeking a contractor to handle disaster preparations for the office of its chief information officer, and the move has raised eyebrows — and questions.

According to the statement, ICE is willing to pay as much as $25 million a year for services that include developing, building and maintaining plans and materials for a comprehensive disaster recovery organization that minimizes disruptions during disasters.

Separately, the Homeland Security Department's inspector general released an audit of disaster recovery planning for DHS’s headquarters complex in the District of Columbia, which does not include ICE’s headquarters. The public summary was only a single sentence; the rest was classified information.

Those events combine to form an unexpected picture: Disaster recovery planning is so sensitive that some agency leaders believe it should be classified, while others think it is suitable for handing off to outsiders.

However, the juxtaposition is not as unusual as it might appear.

“Unfortunately, it's not very strange at all,” said Steven Aftergood, director of the Federation of American Scientists’ secrecy project. “Outsourcing and classification seem to be primal instincts in many government agencies. Sometimes those steps are no doubt appropriate, but other times they are not. And in every case, they make public oversight and accountability more difficult, if not impossible."

While the effects of classifying information are clear, outsourcing also reduces oversight and accountability, he said. "The procedures that are used to hold government agencies accountable and transparent are often inadequate to deal with contractors," he said. "The Freedom of Information Act, the congressional budget justification process, and other oversight mechanisms are only indirectly applicable to contractors.  Government agencies must answer to Congress, or suffer the consequences.  But contractors answer above all to their contracting agencies.  Public accountability takes second place at best."

Overall, disaster recovery planning across federal agencies is a hodgepodge, agreed Ray Bjorklund, senior vice president and chief knowledge officer of FedSources, a market research firm in McLean, Va.

“Disaster recovery planning is in the eye of the beholder,” Bjorklund said. “There is no overarching guidance that I have seen.”

Some agencies, such as DHS, make disaster planning a higher priority, while for others, it is a less critical issue, and the resulting variety of approaches can seem haphazard, Bjorklund said.

Classification also varies. “There can be a lot of reasons why one agency might classify something while another wouldn’t — a lot of it depends on their mission,” said Jena McNeill, homeland security policy analyst at the Heritage Foundation. Overall, she praised the efforts.

“Recovery plans are just as vital as prevention and response — I am glad they are thinking on this,” McNeill said.

About the Author

Alice Lipowicz is a staff writer covering government 2.0, homeland security and other IT policies for Federal Computer Week.

Rising Stars

Meet 21 early-career leaders who are doing great things in federal IT.

Featured

  • SEC Chairman Jay Clayton

    SEC owns up to 2016 breach

    A key database of financial information was breached in 2016, possibly in support of insider trading, said the Securities and Exchange Commission.

  • Image from Shutterstock.com

    DOD looks to get aggressive about cloud adoption

    Defense leaders and Congress are looking to encourage more aggressive cloud policies and prod reluctant agencies to embrace experimentation and risk-taking.

  • Shutterstock / Pictofigo

    The next big thing in IT procurement

    Steve Kelman talks to the agencies that have embraced tech demos in their acquisition efforts -- and urges others in government to give it a try.

  • broken lock

    DHS bans Kaspersky from federal systems

    The Department of Homeland Security banned the Russian cybersecurity company Kaspersky Lab’s products from federal agencies in a new binding operational directive.

  • man planning layoffs

    USDA looks to cut CIOs as part of reorg

    The Department of Agriculture is looking to cut down on the number of agency CIOs in the name of efficiency and better communication across mission areas.

  • What's next for agency cyber efforts?

    Ninety days after the Trump administration's executive order, FCW sat down with agency cyber leaders to discuss what’s changing.

Reader comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group