DHS makes moderate progress on IT management, IG says
Audit ranks success on 5 major management challenges
- By Alice Lipowicz
- Nov 29, 2010
The Homeland Security Department has made moderate progress in improving its management of IT, acquisition and emergency services in fiscal 2010 but advanced modestly on improving financial management and grants managements, according to a new internal audit from DHS Inspector General Richard Skinner.
The audit ranked DHS on five major management areas with additional scores in each area. Overall, the department received three "moderate" scores and two "modest" scores for the five major areas. The department achieved limited success in correcting material
weaknesses in IT controls at six of its 22 agencies. The weaknesses
affected IT access controls, processes to change IT controls, and IT
security management practices, the report states.
The lowest scores, indicating "limited" progress, were for the subcategory of IT controls that negatively affect financial systems at the Coast Guard and DHS' civilian agencies, the report dated Nov. 24 states. The single high score, a "substantial" rating of progress, was for civilian agencies' improvement in correcting weaknesses in handling of liabilities on the balance sheet, including accounts and grants payable, and legal, actuarial and environmental liabilities.
Coast Guard has IT control problems, audit saysAuditors: Coast Guard, FEMA weak on controls
Although the Transportation Security Administration eliminated a significant deficiency in IT controls during the year, substantial weaknesses remained at the Coast Guard, Federal Emergency Management Agency (FEMA), Immigration and Customs Enforcement (ICE), Customs and Border Protection (CBP), Federal Law Enforcement Training Center (FLETC) and the U.S. Citizenship and Immigration Services (USCIS) agencies, the report states.
Control deficiencies at FEMA and ICE were more severe than deficiencies at CBP, FLETC, and USCIS, the report concluded.
Also, FEMA “may not have a complete understanding of its control deficiencies,” the audit states, because FEMA reported that it corrected 28 weaknesses, while an independent audit recognized only five corrections.
Overall, auditors noted that financial systems are primarily legacy systems and have not been substantially updated since DHS was created in 2003.
“As a result, ongoing financial system functionality limitations are contributing to the department’s challenges in addressing systemic internal control weaknesses and strengthening the overall control environment,” the report states.
Larry Orluskie, a spokesman for the department, said DHS officials are working to increase accountability and performance measures in financial reporting and overall management. “We are currently in the process of assessing performance measures to align them with the Quadrennial Homeland Security Review and the Bottom Up Review and create a comprehensive performance plan that will provide the basis for strategic planning and management controls,” he said.
Alice Lipowicz is a staff writer covering government 2.0, homeland security and other IT policies for Federal Computer Week.