The Federal Emergency Management Agency’s IT management environment is a total mess, a new report from the Department of Homeland Security’s inspector general asserts. And that mess, the IG argues, is adversely impacting the agency’s ability to fulfill its mission.
FEMA does not have an IT strategic plan, the report says, even though they’re mandatory under a 2016 rule from the Office of Management and Budget. FEMA also lacks an overview of its enterprise IT systems and their functions, known as enterprise architecture, according to the inspector general. This, too, is required for federal agencies under a 1996 law.
The report, published last week, blames “decentralized resource allocation” and a lack of CIO authority for the issues.
“FEMA personnel rely on more than 300 IT systems and databases to conduct day-to-day work,” the report states. “However, very few of these systems are under the CIO’s direct control. The CIO has authority over only 22 OCIO-owned systems out of 97 major FEMA IT systems.”
The challenges that the report details aren’t just academic — they actually made it hard for FEMA employees to do their jobs during (in the report’s parlance) the “2017 disaster season.”
That year included the devastating hurricanes Harvey, Maria and Irma. And wildfires in California killed at least 46 people while burning 1.2 million acres of land. All this meant FEMA had lots to do, but unfortunately the agency’s IT systems weren’t helping employees respond to the devastation.
“FEMA’s IT systems do not provide personnel with the functionality they need to conduct disaster response and recovery activities,” the report states. “As a result, personnel engaged in inefficient, time-consuming workarounds or relied on their own personal devices to accomplish urgent tasks.”
This new document details issues that arose after the disasters of 2017, but the underlying problems with IT management at FEMA are not new. “These deficiencies … were reported in prior OIG audits throughout the last 13 years,” the report states. The Government Accountability office has come to similar conclusions.
The report ends with four recommendations, including that the acting administrator give the agency’s CIO more authority, set IT management as an agencywide priority and craft an IT strategic plan. FEMA concurred with all recommendations, and offered information on actions it is taking to address them.
FEMA has had some CIO turnover in recent years. Longtime CIO Adrian Gardner was reassigned in May 2018, just months after the DHS IG claimed that he had misled them when describing progress made on recommendations made in a 2015 report. The role was then filled on an acting basis by deputy Patsy Garnett until the agency hired a new CIO, Lytwaive Hutchinson, in May 2019.