VA two years behind schedule on issuing secure ID cards, IG concludes

Agency unlikely to be able to issue all 741,000 credentials until 2017

The Veterans Affairs Department is nearly two years behind schedule in implementing secure credentials for employees and contractors under a governmentwide directive, according to a new report from the VA's Office of Inspector General.

To date, the VA has issued approximately 9 percent of the necessary credentials to its workforce, including contractors, under Homeland Security Presidential Directive-12 HSPD-12), Belinda Finn, assistant IG for audits and evaluations, wrote in the Sept. 30 report.

In comparison, federal agencies overall issued about 59 percent of their HSPD-12 credentials by the deadline. Also, the VA issued some of those credentials without the required background investigations, the report said.


Related stories:

DHS falls behind in issuing HSPD-12 ID cards, IG says

Handheld devices verify fed worker identity for HSPD-12


“While VA has made little progress in implementing a reliable and effective program in compliance with HSPD-12, management efforts are underway to strengthen program implementation,” Finn wrote.

“VA is almost 2 years behind the governmentwide October 2008 deadline for full compliance with HSPD-12,” she added.

Furthermore, VA also is unlikely to meet the VA chief of staff’s October 2011 deadline and, if current issuance rates continue, probably will not issue all 741,000 credentials until 2017, Finn wrote.

Under the directive, federal agencies must issue personal identification cards that meet federal standards for access control and security.

In addition, the IG found that at the VA, the personality-identity verification program being used to support the credentialing does not meet all critical mission requirements, and controls needed to track and provide accountability over costs are week.

Finn blamed the VA’s lack of progress on an ineffective management and failure to make the program a priority.

Although a Program Management Office for HSPD-12 has been in place at the VA since October 2009, the office lacks the resources and critical management tools necessary to direct and operate a departmentwide program, Finn wrote in the report.

The IG made two recommendations:

  • That the VA's assistant secretary for operations, security, and preparedness ensure that the program management office has the necessary resources and management tools in place to direct and implement the HSPD-12 Program.
  • That the assistant secretary for operations, security, and preparedness and the assistant secretary for information technology address deficiencies in the personal identity verification system and other operational deficiencies in the HSPD-12 program.

VA officials agreed with the findings and recommendations.

About the Author

Alice Lipowicz is a staff writer covering government 2.0, homeland security and other IT policies for Federal Computer Week.

Featured

  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.