Infrastructure

OIG: USPS not prepared for IT blackout

United States Postal Service logo. 

The U.S. Postal Service may be ill-prepared to fulfill essential operations in the event of an IT outage, according to a recent inspector general report.

The Post Office is required to have continuity of operations plans in place to prepare for a range of possible disruptions to normal postal operations, whether they're due to tech failures, cyber attacks or natural causes, such as rain, sleet, snow or gloom of night. 

But the IG found that USPS's IT management lacks complete continuity of operations plans, and USPS does not annually train personnel responsible for executing them.

To complement those emergency plans, IT management developed what it calls functional working group annex plans that address "essential information technology operations."

However, in a report dated March 29 and released publicly April 6, the IG found IT management's plans to be lacking.

Auditors found that USPS IT management did not annually review, update and test the plans. At least one of the plan sets had not been updated in years. The IG redacted the number of plans and when the most recent update took place from the report. (FCW has filed a FOIA request for an unredacted copy of the report.)

The watchdog also found that all of the plans reviewed had former employees listed as points of contact. 

The plans were also missing key requirements, such as identifying critical information system assets, alternative telecommunications services and procedures for using alternative processing centers that do not face the same threats as the initial site.

Additionally, auditors reported that USPS IT management did not provide annual training for personnel responsible for carrying out the plans. They warn that untrained staff "may not have the skills required to support essential functions" during a disruption of normal operations.

The IG noted that, during the audit, USPS took corrective action and began training its personnel to handle continuity of operations plans.

"These issues occurred because Postal Service Management did not have a policy that defined requirements for managing" the functional working group annex plans, the report stated.

Auditors also noted that the USPS information security handbook "references a non-existent management instruction policy … that was never finalized or published."   

The IG recommended USPS management to develop a policy for managing IT continuity of operations plans that includes annual reviews, updates and testing, based on federal directives and best practices, and to require annual training for all personnel responsible for carrying out the plan's responsibilities.

USPS management generally agreed with the two findings. Management also told the IG that it has begun to take corrective action and will complete each recommendation by Sept. 30.

About the Author

Chase Gunter is a staff writer covering civilian agencies, workforce issues, health IT, open data and innovation.

Prior to joining FCW, Gunter reported for the C-Ville Weekly in Charlottesville, Va., and served as a college sports beat writer for the South Boston (Va.) News and Record. He started at FCW as an editorial fellow before joining the team full-time as a reporter.

Gunter is a graduate of the University of Virginia, where his emphases were English, history and media studies.

Click here for previous articles by Gunter, or connect with him on Twitter: @WChaseGunter

The Fed 100

Read the profiles of all this year's winners.

Featured

  • Then-presidential candidate Donald Trump at a 2016 campaign event. Image: Shutterstock

    'Buy American' order puts procurement in the spotlight

    Some IT contractors are worried that the "buy American" executive order from President Trump could squeeze key innovators out of the market.

  • OMB chief Mick Mulvaney, shown here in as a member of Congress in 2013. (Photo credit Gage Skidmore/Flickr)

    White House taps old policies for new government makeover

    New guidance from OMB advises agencies to use shared services, GWACs and federal schedules for acquisition, and to leverage IT wherever possible in restructuring plans.

  • Shutterstock image (by Everett Historical): aerial of the Pentagon.

    What DOD's next CIO will have to deal with

    It could be months before the Defense Department has a new CIO, and he or she will face a host of organizational and operational challenges from Day One

  • USAF Gen. John Hyten

    General: Cyber Command needs new platform before NSA split

    U.S. Cyber Command should be elevated to a full combatant command as soon as possible, the head of Strategic Command told Congress, but it cannot be separated from the NSA until it has its own cyber platform.

  • Image from Shutterstock.

    DLA goes virtual

    The Defense Logistics Agency is in the midst of an ambitious campaign to eliminate its IT infrastructure and transition to using exclusively shared, hosted and virtual services.

  • Fed 100 logo

    The 2017 Federal 100

    The women and men who make up this year's Fed 100 are proof positive of what one person can make possibile in federal IT. Read on to learn more about each and every winner's accomplishments.

Reader comments

Mon, Apr 10, 2017

USPS doesn't function well under any conditions. There has been a marked decline in the last 10 years.

Sat, Apr 8, 2017 Crystal 6

The Author, nailed it. I say thus because i have a career of 32 years of service with the USPS.to the Author, hold to your core because it us righteous,laying out for all to see on paper. I personally ate up your writing as if it were home made chocolate. Yumm

Sat, Apr 8, 2017 Darin Ridgeway

Kind of funny we delivered the mail the old fashioned way for years. I'm sure I can do it again LOL!

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group