Oversight

IG details unaddressed tech concerns at Commerce

Magnifying glass

IT systems, cyber-security and the nation's satellite programs dominate the Commerce Department's list of problems to address, according to that department's inspector general.

In late December, Commerce IG Todd Zinser sent the House Oversight and Government Reform Committee an itemized list of his office's highest-priority recommendations that have yet to be implemented.  The memo highlighted major IT security deficiencies in the National Telecommunications and Information Administration [NTIA] and security weaknesses in the International Trade Administration that increase the odds of a successful cyber-attack.

"For our NTIA audit, we determined that fundamental steps for securing NTIA's information and systems have not been taken," the IG's letter states. "For our ITA audit, we identified security weaknesses, including inadequate security categorization that may affect protection against critical information and security control deficiencies that increase the likelihood of a successful cyber-attack."

The review highlighted multiple IT security deficiencies for both agencies, including "inadequate security categorizations that jeopardize critical bureau information" for NTIA and "the presence of unauthorized software and use of unauthorized removable media" at ITA.

Both agencies have failed to implement two significant recommendations as of Dec. 28, the report states.

However, some of the corrective actions take years to fully implement, said Commerce spokesperson Dave Smith, so "the findings will appear outstanding in our responses to these types of periodic requests."

The IG's report highlighted lingering unimplemented recommendations in several other corners of Commerce as well.

In a September 2012 audit, for example, the National Oceanic and Atmospheric Administration was found to lack reliable cost-estimating for major systems acquisitions, which could jeopardize the effectiveness of its partnership with NASA to establish the Joint Polar Satellite System program to mitigate data gaps from decreased polar satellite coverage.

The audit found satellite launch costs varied greatly over a relatively short time period - a sign of unreliability - leading the IG to recommend NOAA develop a policy that adheres to cost-estimating best practices and to ensure an independent cost estimate tests the viability of the program's funding profile. The report estimates the recommendations to NOAA should be completed within one year.

In addition, the IG's status report to Congress highlights as-of-yet unfulfilled recommendations necessary to reduce the expect cost of the Census Bureau's 2020 decennial census from as much as $30 billion to somewhere between $12 billion to $18 billion. Among the most important, the report states, are the exploration of Internet and web-based response options, automated field data collection alternatives and properly utilizing administrative records.

The report also found that IT automation improvements could reduce development risk in the agency's project to develop the next generation of computer systems designed to automate patent processing, necessary to reduce a backlog of 700,000 unprocessed patents.

"Unless [the U.S. Patent and Trademark Office] improves its current long-term planning, it cannot guide the project's building and deployment strategies," the report states.

 

About the Author

Frank Konkel is a former staff writer for FCW.

Rising Stars

Meet 21 early-career leaders who are doing great things in federal IT.

Featured

  • SEC Chairman Jay Clayton

    SEC owns up to 2016 breach

    A key database of financial information was breached in 2016, possibly in support of insider trading, said the Securities and Exchange Commission.

  • Image from Shutterstock.com

    DOD looks to get aggressive about cloud adoption

    Defense leaders and Congress are looking to encourage more aggressive cloud policies and prod reluctant agencies to embrace experimentation and risk-taking.

  • Shutterstock / Pictofigo

    The next big thing in IT procurement

    Steve Kelman talks to the agencies that have embraced tech demos in their acquisition efforts -- and urges others in government to give it a try.

  • broken lock

    DHS bans Kaspersky from federal systems

    The Department of Homeland Security banned the Russian cybersecurity company Kaspersky Lab’s products from federal agencies in a new binding operational directive.

  • man planning layoffs

    USDA looks to cut CIOs as part of reorg

    The Department of Agriculture is looking to cut down on the number of agency CIOs in the name of efficiency and better communication across mission areas.

  • What's next for agency cyber efforts?

    Ninety days after the Trump administration's executive order, FCW sat down with agency cyber leaders to discuss what’s changing.

Reader comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group