DHS OIG Makes New Recs on Cloud, Data Center, Legacy IT Progress

The Department of Homeland Security (DHS) Office of the Inspector General (OIG) made three new recommendations to the agency on improving its cloud adoption, data center migration, and legacy IT oversight efforts in a new report released August 10.

“Without adequate progress in modernizing legacy IT,” OIG cautioned, “DHS personnel will remain dependent on outdated and unintegrated legacy systems, inadequate equipment, and manual workarounds to accomplish critical mission operations.”

As OIG explained, DHS has adopted an IT strategic plan to be completed by 2023 that guides the agency’s cloud transition and data center consolidation. Despite this effort, auditors found that not all DHS components have the standard guidance and funding to meet these efforts. OIG wrote that “ineffective planning and inexperience in executing complex IT modernization efforts” have negatively affected the agency’s ability to transition away from legacy equipment.

Learn more about flexible funding vehicles like TMF in this issue brief.

DHS human resources, financial management, and Federal Emergency Management Agency (FEMA) grants management IT systems were all listed as having at-risk legacy systems. Each system has been in place for about two decades, and lacks “key functionality” to support mission operations.

Further hindering its IT modernization effort, auditors found that DHS is not leveraging the Modernizing Government Technology (MGT) Act to improve IT modernization efforts. While the agency has now taken steps to establish internal processes in line with the MGT, OIG reported that officials are still uncertain about the benefits of doing so.

OIG’s recommendations to the DHS OCIO include:

  • Develop departmentwide guidance for implementing cloud technology and migrating legacy IT systems to the cloud;
  • Coordinate with components to develop and finalize a data center migration approach to accomplish strategic goals for reducing the footprint of IT infrastructure; and
  • Establish a process to assign risk rating to major legacy IT systems.

DHS officials concurred with all three OIG recommendations. “DHS remains committed to modernizing DHS technology and infrastructure, and will continue to identify and prioritize mission-critical legacy IT and infrastructure for modernization,” Government Accountability Office-OIG Liaison Jim Crumpacker wrote in a response letter.

Categories

Recent