Audit: Labor Department IT Governance ‘Ambiguous,’ Unorganized 

JL Images/istockphoto.com

A report from the Office of the Inspector General showcases several weaknesses in the agency’s IT governance, particularly highlighting the lack of CIO oversight.

The Labor Department information technology governance infrastructure struggles to support agency operations, in part due to uncodified policies that place too heavy an emphasis on department staff to implement strategic decisions on an ad hoc basis, according to a new audit.

The audit, conducted by the agency’s inspector general and published Sept. 30, found that the existing IT governance within Labor lacked the organization necessary to make key decisions to improve agency operations and objectives. 

“We found IT governance at DOL was ambiguous, ad hoc, reliant on personnel to fulfill their duties without codified policies and procedures,” the audit reads. “In an ad hoc system where the processes are only as good as the staff currently executing them, the risk for failure through intentional or unintentional efforts remain high.”

Another major critique of the department’s current IT governance framework is the limited role the chief information officer plays in issuing directives and oversight. Auditors noted that without this leadership, the department is at risk of not being designed––or funded––to meet its goals.

The Labor CIO oversees the majority of the IT systems and governance within the agency, but auditors found some systems at the Bureau of Labor Statistics and the Office of the Chief Financial Officer are no longer under his purview. 

Auditors said the lack of visibility the office of the CIO has within Labor highlights the agency’s apparent failure to comply with key provisions of the Federal Information Technology Acquisition Reform Act, a federal law that gives the CIO of government agencies authority to oversee all IT governance and management. 

While officials interviewed for the audit pointed to Labor’s consistent compliance with FITARA, the agency confirmed its CIO did not report to the department’s secretary or deputy secretary. 

The OIG ultimately recommended five critical improvements to the agency’s IT governance structure, including reorganizing the CIO’s position to directly report to the department’s deputy secretary.

Ensuring the CIO has voting rights within Labor’s executive strategy and management committees, codifying and regulating IT governance policies, and delegating agency responsibilities were also recommended.

In response, Labor Associate Deputy Secretary Nikki McKinney disagreed with the report’s conclusions, along with one recommendation to give the CIO more agency in IT governance reporting akin to the agency’s assistant secretaries and chief financial officer. She wrote that the audit missed improvements in its IT infrastructure, particularly noting that the audit was conducted prior to the implementation of the new IT reporting practices. She also added that the Labor CIO has access to departmental authorities as mandated in FITARA, contrary to the audit’s results.

The audit was released two days after the department awarded Verizon an $887 million dollar EIS contract to overhaul portions of its IT infrastructure as existing contracts are set to expire.