FEMA gets low marks for IT in new report

The Federal Emergency Management Agency's disaster-related IT systems are not integrated, and its IT strategic plan may not comply with the Homeland Security Department's strategic goals, according to a new report from DHS Inspector General Richard L. Skinner.

FEMA ? merged into DHS when the department was formed in March 2003 ? forms the bulk of the department's Emergency Preparedness and Response Directorate.

According to Skinner, improvements are needed in the directorate's IT systems. "[The] IT approach has met the disaster management challenges to date, including the four major hurricanes of 2004," the inspector general's report states. "However, a number of information and technology management issues limit the directorate's effectiveness."

Specifically, the inspector general found that the directorate's systems are not integrated and do not effectively support information exchange. Furthermore, the systems are governed by an enterprise architecture that is not fully updated.

"As a result, during significant disaster response and recovery operations, such as the 2004 hurricanes, IT systems cannot effectively handle increased workloads, are not adaptable to change and lack needed real-time reporting capabilities," the report states.

Skinner also discovered shortcomings in alignment of the directorate's IT strategic plan within DHS. "While the IT plan aligns with FEMA's outdated strategic plan, it does not reflect FEMA's integration into DHS and therefore may not support DHS' strategic goals." Also, the IT plan may not fit well with new departmentwide personnel-related IT initiatives such as eMerge2 and MaxHR.

FEMA Chief Information Officer Barry West disputed the report's findings. He questioned the validity of the inspector general's audit in an Aug. 3 letter, included in a "Management Comments" appendix, and offered other rebuttals to the inspector general's findings.

"We have reviewed the rewrite of the audit report and find it unacceptable," West wrote. "The report incorrectly characterizes our strategic planning and IT activities."

But Skinner rejected most of those arguments. "We do not agree with the EP&R [Emergency Preparedness and Response Directorate] CIO's response," he wrote in the report. "Given the IT issues expressed above, we believe that the EP&R CIO is not justified in referring to EP&R's 'highly performing, well-managed and staffed IT systems' and that our overall message that IT could be better managed is warranted."