IG details unaddressed tech concerns at Commerce

Magnifying glass

IT systems, cyber-security and the nation's satellite programs dominate the Commerce Department's list of problems to address, according to that department's inspector general.

In late December, Commerce IG Todd Zinser sent the House Oversight and Government Reform Committee an itemized list of his office's highest-priority recommendations that have yet to be implemented.  The memo highlighted major IT security deficiencies in the National Telecommunications and Information Administration [NTIA] and security weaknesses in the International Trade Administration that increase the odds of a successful cyber-attack.

"For our NTIA audit, we determined that fundamental steps for securing NTIA's information and systems have not been taken," the IG's letter states. "For our ITA audit, we identified security weaknesses, including inadequate security categorization that may affect protection against critical information and security control deficiencies that increase the likelihood of a successful cyber-attack."

The review highlighted multiple IT security deficiencies for both agencies, including "inadequate security categorizations that jeopardize critical bureau information" for NTIA and "the presence of unauthorized software and use of unauthorized removable media" at ITA.

Both agencies have failed to implement two significant recommendations as of Dec. 28, the report states.

However, some of the corrective actions take years to fully implement, said Commerce spokesperson Dave Smith, so "the findings will appear outstanding in our responses to these types of periodic requests."

The IG's report highlighted lingering unimplemented recommendations in several other corners of Commerce as well.

In a September 2012 audit, for example, the National Oceanic and Atmospheric Administration was found to lack reliable cost-estimating for major systems acquisitions, which could jeopardize the effectiveness of its partnership with NASA to establish the Joint Polar Satellite System program to mitigate data gaps from decreased polar satellite coverage.

The audit found satellite launch costs varied greatly over a relatively short time period - a sign of unreliability - leading the IG to recommend NOAA develop a policy that adheres to cost-estimating best practices and to ensure an independent cost estimate tests the viability of the program's funding profile. The report estimates the recommendations to NOAA should be completed within one year.

In addition, the IG's status report to Congress highlights as-of-yet unfulfilled recommendations necessary to reduce the expect cost of the Census Bureau's 2020 decennial census from as much as $30 billion to somewhere between $12 billion to $18 billion. Among the most important, the report states, are the exploration of Internet and web-based response options, automated field data collection alternatives and properly utilizing administrative records.

The report also found that IT automation improvements could reduce development risk in the agency's project to develop the next generation of computer systems designed to automate patent processing, necessary to reduce a backlog of 700,000 unprocessed patents.

"Unless [the U.S. Patent and Trademark Office] improves its current long-term planning, it cannot guide the project's building and deployment strategies," the report states.


About the Author

Frank Konkel is a former staff writer for FCW.


  • Defense
    Soldiers from the Old Guard test the second iteration of the Integrated Visual Augmentation System (IVAS) capability set during an exercise at Fort Belvoir, VA in Fall 2019. Photo by Courtney Bacon

    IVAS and the future of defense acquisition

    The Army’s Integrated Visual Augmentation System has been in the works for years, but the potentially multibillion deal could mark a paradigm shift in how the Defense Department buys and leverages technology.

  • Cybersecurity
    Deputy Secretary of Homeland Security Alejandro Mayorkas  (U.S. Coast Guard photo by Petty Officer 3rd Class Lora Ratliff)

    Mayorkas announces cyber 'sprints' on ransomware, ICS, workforce

    The Homeland Security secretary announced a series of focused efforts to address issues around ransomware, critical infrastructure and the agency's workforce that will all be launched in the coming weeks.

Stay Connected