GAO: Coast Guard Should Strengthen Asset Controls

The Coast Guard needs to develop a comprehensive inventory of information technology assets and set up procedures to oversee and ensure the success of its technology projects, according to a new report by the General Accounting Office.


The GAO found the Coast Guard has no policy for developing or maintaining an inventory of its IT assets and, in practice, keeps several different asset lists that are neither consistent nor comprehensive.


In addition, the maritime agency only tracks the performance of major system acquisitions or any operational system investments, the five-month study revealed.


"While [the Coast Guard] had many important information technology policies and practices in place, it did not always implement them consistently," said Joel Willemssen, managing director of information technology issues at GAO. The Coast Guard's practices "were not always in compliance with its policies," he said.


In fiscal year 2000, the agency estimated it would spend about $197 million on 81 IT initiatives. The GAO found that as a general practice, the Coast Guard closely monitored major projects, which account for nearly 25 percent of the agency's budget, but did not apply the same standards to smaller purchases or operational projects, even though they made up the bulk of the IT budget.


The GAO rated the Coast Guard strongest in software acquisition and made few recommended changes in the agency's handling of software development projects.


The report, issued Dec. 13 to the subcommittee on Coast Guard and maritime transportation of the House Committee on Transportation and Infrastructure, is a follow-up to a GAO briefing on the matter in September.


This is only the second comprehensive assessment of a federal agency's IT management policies and practices by the GAO, Willemssen said, so the GAO did not compare the Coast Guard's performance with that of other federal agencies.


The federal oversight agency examined five areas relating to information technology: investment management, IT architecture, software acquisition and development, information security and human capital.


Out of 38 criteria used to evaluate the five subjects, the Coast Guard got full marks in 13 for having policies and practices that were current and comprehensive, and for having practices that follow policies, procedures and generally accepted standards.


The agency received half-grades in 23 criteria, almost half of them in the areas of information security and utilization of human capital, indicating room for improvement in established policies and practices. The agency's only zero grades were in two criteria: asset tracking and performance oversight.