IG: OPM still lacking in planning for IT overhaul

Wikimedia image: U.S. Office of Personnel Management seal.

The Office of Personnel Management still has not carried out federally mandated planning practices for a project to overhaul the agency’s IT infrastructure that began two years ago, according to the OPM inspector general. The assessment is the latest blow to an ambitious application-migration project that has been plagued by questionable planning and the departure of its prime contractor.

"Most, if not all, of the supporting project management activities" required by the Office of Management and Budget have not been completed, the IG said in a report released May 26.

It is the latest scathing assessment the agency watchdog has issued of OPM's effort to revamp its IT security following a data breach in the spring of 2014. The project, which was known as the Shell but is now dubbed Infrastructure as a Service (IaaS), involves building infrastructure to house applications migrated from OPM's mainframe computers, according to the IG.

Earlier this month, prime contractor Imperatis abruptly quit the project, citing financial distress. An agency spokesman has said the company’s departure would have little impact on the project.

Nonetheless, the report issued by Acting IG Norbert Vint said OPM's lack of planning could continue to undercut the success of the project.

Before beginning the IT overhaul, OPM did not carry out a required “analysis of alternatives” to determine whether moving all infrastructure to the new Shell environment was worthwhile, according to the IG.

"We were told by [Office of the CIO] staff that OPM's former chief information officer [Donna Seymour] discussed possible alternatives with her staff, with input from Imperatis," the report states, but "no documentation was provided to us to support this assertion."

In their response to a draft of the IG's report, OPM officials said they planned to do an analysis of alternatives for migrating to the Shell.

The IG had previously criticized OPM for not doing a Major IT Business Case for the IaaS project, a move that would outline financing and a management strategy. OPM eventually completed a business case, but the IG's office did not like what it saw.

"Now that we have reviewed OPM's recent business case and its supporting activities in depth, we are even more concerned about the lack of disciplined capital planning processes," the report states.

Funding still a problem

Cost estimates for the IaaS project have been elusive. OPM has put the cost of some of the work at $93 million. That estimate, however, does not include the priciest phase of the project: the migration of systems to the Shell environment, according to former OPM IG Patrick McFarland.

Funding for work on IaaS has previously been a cause for concern for project insiders, according to documents obtained by FCW.

OPM has made progress in tallying IT systems that need to be moved to the Shell, according to the IG. Nonetheless, the report faulted OPM for making cost estimates for the project that were "unsupported by any detailed technical analysis" of the effort needed to modernize and migrate agency systems.

OPM agreed that it would benefit from better life cycle cost estimates. Officials said they plan to use a new framework to do so that was designed by Clifton Triplett, a senior IT adviser the agency hired last fall.

After a devastating breach of OPM systems that compromised at least 22 million federal records, the White House announced a new background check agency -- to be housed at OPM but run on systems built by the Defense Department -- to better protect the data. The new regime and its accompanying IT requirements make it even more important that OPM conduct the aforementioned “analysis of alternatives,” the IG report states.

The new background-check regime might also throw a wrench in OPM’s funding plans for the IaaS project. Officials had planned to use some revolving fund money from background investigations to bankroll the project, according to the IG. But with the IT systems for background checks no longer part of the Shell environment, "it would seem that a large portion of the planned funding source will not be available for the project," the report states.

About the Author

Sean Lyngaas is a former FCW staff writer.


  • Comment
    customer experience (garagestock/Shutterstock.com)

    Leveraging the TMF to improve customer experience

    Focusing on customer experience as part of the Technology Modernization Fund investment strategy will enable agencies to improve service and build trust in government.

  • FCW Perspectives
    zero trust network

    Why zero trust is having a moment

    Improved technologies and growing threats have agencies actively pursuing dynamic and context-driven security.

Stay Connected