Homeland Security CIO needs more power, IG says

The Homeland Security Department's Chief Information Officer lacks sufficient authority to carry out plans for integrating the IT infrastructure throughout the department, according to a new report by Richard Skinner, the department's inspector general.

However, DHS officials, in a management response, disagreed with the criticisms and asserted that the CIO has enough power.

The inspector general's report outlines major management challenges at DHS, including shortcomings in procurement, financial management, border control and Federal Emergency Management Agency's disaster response and recovery.

With regard to IT systems, Skinner identified as a major challenge within DHS the need to create a single infrastructure for communications and information exchange. To meet that need, the CIO has developed an Information Technology Infrastructure Transformation Program, which includes consolidation of data centers to create a secure, sensitive but unclassified network and a common email system for DHS. As of September 2005 the plan was under review by DHS' senior leadership, the report said.

However, the CIO lacks the clout needed to carry out the plan, the report said. "The DHS CIO is not well positioned to accomplish these IT integration objectives" because the CIO is not a member of the senior management team with authority to strategically manage departmentwide technology assets, the report said. Furthermore, the CIO does not have sufficient staff to implement the program.

DHS officials disagreed, saying the CIO has the right amount of authority to accomplish its mission. DHS managers said the department's Infrastructure Transformation Office is overseeing the IT transformation including establishing an integrated enterprise network, common email and help desk; creating two data centers; and initiating a departmentwide video operations capability.

Also in the report, the inspector general said DHS faces hurdles in securing its IT infrastructure and improving FEMA's IT systems used to evaluate and mitigate risk, such as flood mapping systems.