The Office of Congressional Workplace Rights lacks an IT strategic plan, which could delay upgrades — as was the case with its electronic system for securely making discrimination and harassment claims.
According to a recent Government Accountability Office report, the congressional office has been shoddy with planning for and managing its IT modernization to support the employment rules it enforces for more than 30,000 legislative employees.
The Congressional Accountability Act of 1995 Reform Act, passed in 2018, required the office to revise its claims process in response to increased awareness of workplace sexual harassment. One of the Reform Act requirements was to create a secure, electronic claims reporting system, dubbed SOCRATES, which became operational June 26 — seven days late.
While no claims were filed during the delay, congressional staff was confused by the delay because OCWR failed to use project schedules to manage SOCRATES and other IT requirements, according to the report.
GAO found OCWR made revisions to system architecture up to three weeks before its June 19 deadline and signed an interagency agreement for hosting SOCRATES with the Library of Congress a day before. But congressional staff was left in the dark.
OCWR cited problems with a fillable PDF form for electronic claims refreshing without saving user information if not submitted within a certain timeframe, as well as congressional staff requesting form revisions.
The office plans additional cybersecurity activities and IT upgrades, but none have project schedules, according to GAO.
“OCWR officials reported that they will be developing an IT strategic plan. However, as of October 2019, they were unable to provide additional documentation or a timeline for completion,” reads the report. “Without IT strategic planning, OCWR may be less able to set forth a longterm vision of OCWR’s IT environment and measure progress in carrying out its strategic initiatives.”
OCWR has yet to complete Reform Act requirements to create a permanent records program for claims and track and report data and assessments.
In the first case, the office doesn’t even have the policies and procedures in place to ensure claims records remains confidential when stored in multiple locations, according to GAO. The office reported scanning paper records to create electronic files and hiring a contractor in September to further develop the program.
GAO found another aspect of strategic planning being neglected is recruitment and retention of mission-critical IT staff.
“If OCWR does not continue to strategically assess and manage its human capital needs, it could again find itself with IT or other skills gaps that could negatively affect its ability to meet its mission,” reads the report.
GAO recommended the executive director of OCWR work with staff to develop an IT system projects schedule, address risks tied to maintaining a permanent records retention program, develop performance measures, collect data on education efforts, develop an IT strategic plan, and incorporate human capital management. OCWR agreed with the six recommendations.