Oversight

GAO: FEMA needs framework to improve IT systems

FEMA Logo

The Federal Emergency Management Agency needs to develop a governing framework for the oversight and modernization of IT investments, and needs to address holes in its tech workforce, according to a Government Accountability Office report released May 5. Not doing so limits the agency's ability to adequately respond to major disaster, GAO said.

The review was launched to assess FEMA's progress in satisfying requirements of the 2006 Post-Katrina Emergency Management Reform Act, which mandated assessing and upgrading the agency's IT programs to aid its responses to emergency situations.

The findings track with a Department of Homeland Security inspector general report from November 2015, although improvements in IT modernization were noted by GAO auditors.

FEMA established an investment review board to examine IT purchases, and has made progress in modernizing its IT systems, GAO found. However, the report observed that the review board lacks fully defined responsibilities for members and working groups as well as clearly defined procedures for investment selection, that the IT strategic plan is outdated, and that the agency's IT modernization plan to eliminate aging and duplicative systems is incomplete.

The report also raises concerns that FEMA has not provided time frames to fulfill recommended actions regarding workforce management challenges, including an evaluation of its IT staffers.

As a result, the report stated, "the agency lacks adequate visibility into and oversight of IT investment decisions and activities… is limited in its ability to move toward its goal to modernize its systems and eliminate duplicative IT investments" and "has less assurance that its IT workforce will have the skills needed to successfully manage its programs."

Additionally, three emergency management programs reviewed by GAO were burdened with technical deficiencies in their risk management practices. All three programs had identified these risks, but none had developed a satisfactory mitigation plan.

"These weaknesses were due, in part, to a lack of FEMA policies to guide programs in implementing these key IT management controls," the report stated.

GAO recommended that FEMA define the roles of the investment board and associated entities, update its IT strategic plan and finalize its IT modernization plan and determine a timeframe to address workforce management challenges.

DHS concurred with the recommendations, and provided specific corrective action plans which are scheduled to be put in place by the end of 2016.

About the Author

Chase Gunter is a former FCW staff writer.

Featured

  • Veterans Affairs
    Veterans Affairs CIO Jim Gfrerer speaks at an Oct. 10 FCW event (Photo credit: Troy K. Schneider)

    VA's pivot to agile

    With 10 months on the job, Veterans Affairs CIO Jim Gfrerer is pushing his organization toward a culture of constant delivery.

  • Defense
    Dana Deasy, DOD Chief Information Officer, hosts a roundtable discussion on the enterprise cloud initiative with reporters, Aug. 9, 2019, at the Pentagon, Washington, D.C. (DoD photo by Air Force Staff Sgt. Andrew Carroll)

    DOD CIO 'very confident' that White House influence didn't guide JEDI award

    At his Senate confirmation hearing, Defense Department CIO Dana Deasy said the department's $10 billion cloud contract was awarded by a team of experts.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.