DOT watchdog finds flaws in IT working capital spend
- By Mark Rockwell
- Aug 10, 2017
An audit by the Department of Transportation's inspector general found errors in record keeping and inadequate technical planning related to a one-time $30 million cybersecurity working capital fund at the agency.
The department's Office of the CIO asked for a $30 million appropriation in 2011 to close the agency's most serious cybersecurity gaps. It was appropriated $29 million between fiscal 2012 and 2015 for that project, and the money was distributed through a working capital fund.
An audit released on Aug. 7 by the agency's IG, however, found that although the agency applied the funds strictly to the problem it set out to solve, it didn't spend all the money effectively. It also found the agency didn't plan adequately for its cybersecurity funding needs.
The IG said that $285,352 of $3.73 million in cybersecurity funds expended through the fund paid for services outside of the period of performance and scope of work outlined in OCIO's cybersecurity intra-agency agreements. That kind of error, it said, makes it difficult for the OCIO to ensure accuracy in customer agreements.
The Transportation Department took issue with one of the IG's findings that the cybersecurity appropriation didn’t meet reporting thresholds as a major stand-alone IT investment under Office of Management and Budget standards.
The IG disagreed with that assessment, saying that cybersecurity assets are a critical part of the agency’s capabilities that require more effective planning and management controls.
Under the Modernizing Government Technology bill making its way through congress, 24 agencies could get multiyear revolving funds like the one-time fund probed by the Transportation IG.
While the bill doesn't contain specific mentions of audits, it does have requirements for managers at agencies it covers to report twice a year on IT inventory and submit a summary of expenditures, said Mike Hettinger, former senior House aide who lobbies on behalf of IT vendors. Those reports would give agency IGs and the Government Accountability Office additional sources of data to draw on in their auditing capacity.
Mark Rockwell is a senior staff writer at FCW, whose beat focuses on acquisition, the Department of Homeland Security and the Department of Energy.
Before joining FCW, Rockwell was Washington correspondent for Government Security News, where he covered all aspects of homeland security from IT to detection dogs and border security. Over the last 25 years in Washington as a reporter, editor and correspondent, he has covered an increasingly wide array of high-tech issues for publications like Communications Week, Internet Week, Fiber Optics News, tele.com magazine and Wireless Week.
Rockwell received a Jesse H. Neal Award for his work covering telecommunications issues, and is a graduate of James Madison University.
Click here for previous articles by Rockwell.
Contact him at firstname.lastname@example.org or follow him on Twitter at @MRockwell4.