The Government Accountability Office found that the Census Bureau needs to address thousands of security issues afflicting multiple systems that the bureau will use to carry out the 2020 Census.
In its report published Aug. 30, GAO said that among the unresolved security problems detected during the bureau’s systems assessment process, 43 were deemed either “high risk” or “very high risk,” while more than 2,700 related to infrastructure components under development by the technical integration contractor.
While the bureau has made progress by completing the security assessments for 33 of the 44 systems needed to support the 2018 End-to-End Test, over 3,000 security weaknesses have been identified that will need to be addressed in the coming months. Because the 2020 Census involves collecting personal information from over a hundred million households across the country, it will be important that the bureau addresses system security weaknesses in a timely manner and ensures that risks are at an acceptable level before systems are deployed.
The GAO report found the Bureau continues to face significant challenges and risks in its efforts to manage the schedules, contracts, costs, and cybersecurity of its 2020 Census systems. “The Bureau’s schedule for developing systems to support the 2018 End-to-End Test has experienced delays. These delays have compressed the time available for system and integration testing, and several systems experienced problems during the 2018 End-to-End Test,” states the report. “In addition, the Bureau is currently revising the system development and testing schedule for the 2020 Census as a result of challenges experienced and lessons learned while completing these activities during the 2018 End-to-End Test. Continued schedule management challenges may compress the time available for the remaining system and integration testing and increase the risk that systems will not function as intended.”
In addition, the Bureau is still filling vacancies in the government program management office that is overseeing its key integration contractor. In June 2018, Bureau officials reported that 33 of the office’s 58 federal employee positions were vacant. This adds risk that the office may not be able to provide adequate oversight of contractor cost, schedule, and performance.
The Bureau reported that its estimated IT costs had grown from $3.41 billion in October 2015 to $4.97 billion in December 2017—an increase of $1.56 billion. This increase was due, in large part, to the addition of technical integration services and updated costs for other major contracts (such as the contract for mobile devices). The GAO said the amount of cost growth since the October 2015 estimate raises questions as to whether the Bureau has a complete understanding of the IT costs associated with the 2020 Census.
The Aug. 30 report makes no additional recommendations. Over the past decade, GAO has made 93 recommendations specific to the 2020 Census to address the issues raised. As of August, the Bureau had implemented 61 recommendations, and had taken initial steps—including developing action plans—to implement the other 32 recommendations.
