According to a new Department of Homeland Security (DHS) Inspector General (OIG), audit report, the Federal Emergency Management Agency’s (FEMA) information technology (IT) environment remains overly complex, difficult to secure and costly to maintain. While FEMA has made progress since the OIG’s 2011 information technology audit, much remains unresolved.
“An effective, integrated and secure IT infrastructure is vital for FEMA to carry out its mission,” said Inspector General John Roth. “Resolving some of these longstanding issues should be a top priority of FEMA’s leadership.”
The report, FEMA Faces Challenges in Managing Information Technology, cited ineffective IT management, poor planning and decentralized and stovepiped IT systems as contributing factors of the agency’s fragmented IT environment.
The IG found FEMA personnel do not have the data search and reporting tools they require, and contribute to inefficient, time-consuming business practices. As a result of FEMA’s IT limitations, there could be disaster assistance delays and the duplication of benefits.
“While FEMA created numerous IT planning documents, the agency hasn’t followed through on such plans, partly because of the high turnover in the CIO position,” the audit stated. “In the past ten years, the average tenure of the FEMA CIO has been 15 months; in the last three years alone, FEMA had four individuals in the CIO position.”
FEMA has struggled to implement effective agency-wide IT governance because its “CIO has limited control and budget authority to effectively lead the agency’s decentralized IT environment.”
In addition, the IG’s 36-page audit report stated, “new priorities disrupt the CIO’s efforts in enforcing a common IT strategic direction across the agency. The result is an overly complex IT environment with too many systems that have been developed, patched and interconnected in an ad hoc manner.”
FEMA concurred with the IG’s findings.