Coast Guard CIO still needs full authority, audit finds
The Coast Guard's new IT management strategic plan and acquisition guidance earned kudos, but the CIO still does not have sufficient oversight authority, an audit concluded.
Despite progress on strategic planning for IT, the Coast Guard’s CIO still lacks the full authority to ensure an effective IT environment, according to an audit released today.
The Homeland Security Department’s Office of Inspector General said the Coast Guard’s C4IT Strategic Plan for fiscal 2011-2015 is up-to-date and in line with several internal strategic planning documents and with federal and DHS goals.
In addition, the Coast Guard’s Major Systems Acquisition Manual fits well within federal and departmental procurement guidance, wrote Frank Deffer, assistant inspector general for IT audits, in the report.
However, having insufficient authority means the CIO can't ensure effective management, the report states. “Although the Coast Guard has made progress, achieving a standard IT environment has been hampered by the CIO’s limited authority over some IT assets and spending,” Deffer wrote.
The CIO does not have authority over all IT personnel in the agency nor does the CIO have sufficient oversight of IT spending by field units, the report states.
Although a 2006 modernization plan called for expanding the CIO’s powers, there has been “no overall plan of action and target dates to complete the transition of authority,” Deffer wrote.
“Without such authority, the CIO cannot fully ensure that the Coast Guard IT environment is functioning effectively and efficiently,” Deffer concluded.
The audit also noted long-standing problems with existing infrastructures, including lack of network availability and shortcomings in the financial systems.
However, the Coast Guard earned a positive assessment of its strategic plans for IT management and acquisition.
“The Coast Guard has made progress establishing effective IT management practices,” Deffer wrote. “As a result, the [CIO] is positioned to support the Coast Guard’s mission and has controls in place to allow for effective acquisition decisions.”
Despite getting the thumbs-up for its planning efforts, the Coast Guard’s implementation still falls short due to the gaps in CIO authority and in existing systems, the audit states.
“Coast Guard systems and infrastructure do not fully meet mission needs,” Deffer wrote. “For example, Coast Guard field personnel do not have sufficient network availability, and the aging financial system is unreliable. In addition, command center and partner agency systems are not sufficiently integrated. These limitations have various causes, including technical and cost barriers, aging infrastructure that is difficult to support, and stovepiped system development. As a result, field personnel rely on inefficient workarounds to accomplish their mission.”
The report makes six recommendations, including transferring oversight of IT personnel and the field units’ IT spending to the CIO and developing a plan to expand broadband communication across the fleet. Coast Guard officials agreed to make the changes.