IG: DHS falls short on IT recommendations

Originally posted at 5:27PM June 16, this story was updated at 10:45AM June 20

UPDATED: This story has been updated to include information on the total number of inspector general recommendations that the Homeland Security Department has successfully closed.

The Homeland Security Department still has 1,070 recommendations from its inspector general that have not been implemented, according to a new IG report.

The recommendations cover information technology, financial records, contracts, grants and other matters.

The report criticizes DHS for only putting into effect 27 of the 1,070 recommendations issued in more than 200 reports.

However, in its one-page reponse at the end of the report, DHS says the open recommendations represent less than a quarter of 4,500 recommendations that the IG has issued.

Among the 1,070 open recommendations, about half apply to the Federal Emergency Management Agency.

In the 321-page status report, the IG provided details on recommendations that have not been implemented.

For example, in September 2005, the IG faulted FEMA for gaps in security related data contained in the National Emergency Management Information System. As of December 2007, the four recommendations were not in effect, though an action plan had been submitted and the improvements were pending.

In December 2006, the IG criticized FEMA for failing to do long-range planning for its IT assets. A year later, the five recommendations were not implemented, though an action plan had been submitted and work was pending, the report said.

In addition, there are six recommendations still open pertaining to the U.S. Citizenship and Immigration Services' progress in modernizing its IT, the report said.

Although USCIS has accomplished the first phase of the work, remaining phases are on hold until organizational improvements are made that affect daily IT operations, the report said.

With regard to Customs and Border Protection's laptop PC security, the report said CBP still has not established standard security configurations that meet minimum requirements, has not set up effective procedures for patching and does not have an adequate inventory.

As of Dec. 31, 2007, four of the seven recommendations were open. The component has sent a corrective action plan, and implementation is pending.

About the Author

Alice Lipowicz is a staff writer covering government 2.0, homeland security and other IT policies for Federal Computer Week.

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

What is your e-mail address?

My e-mail address is:

Do you have a password?

Forgot your password? Click here


contracts DB

Washington Technology Daily

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.