For example, the EP&R Chief Information Officer (CIO) is making progress
with respect to IT planning, including the development of the agency's first IT
strategic plan. However, while the IT plan aligns with FEMA's outdated
strategic plan, it does not reflect FEMA's integration into DHS and therefore
may not support DHS' strategic goals. Additionally, to better align EP&R's
IT with the agency's strategic direction, integration with evolving DHS wide
initiatives, such as
, will prove challenging.
Further, EP&R CIO support to IT users could be improved. EP&R CIO staff,
including the national IT helpdesk, provided significant service during the
2004 hurricanes. However, additional guidance and training for systems users
is necessary to ensure that they have the knowledge and information needed to
perform their jobs. The EP&R CIO's office maintains up to date and often
online systems procedure manuals and guidance, but FEMA field personnel
are often unaware of these materials. In addition, the IT manuals online
describe the procedures necessary to complete actions in the systems, but they
do not contain the business context for when or how the procedures should be
used. Although EP&R's custom, complex systems require significant
amounts of front end instruction, users said that they received insufficient
Currently, EP&R systems are not integrated and do not effectively support
information exchange during response and recovery operations. Also, EP&R
has not fully updated its enterprise architecture to govern the IT environment.
As a result, during significant disaster response and recovery operations, such
as the 2004 hurricanes, IT systems cannot effectively handle increased
workloads, are not adaptable to change, and lack needed real time reporting
capabilities. Such problems usually are due to FEMA's focus on short term
IT fixes rather than long term solutions. Inadequate requirements definition,
alternatives analysis, and testing prior to systems deployment are
characteristics of this reactive IT management approach.
Although EP&R is working to introduce and web enable systems to resolve
disparity between its current IT environment and DHS expectations,
additional measures are needed. EP&R would benefit from strategically
managing IT by aligning its IT planning with DHS' direction as well as
ensuring systems users receive more timely training and communication.
Further, once broad based requirements are fully defined and documented,
and alternatives are analyzed, EP&R will be in a better position to complete
an enterprise architecture, and test and deploy the most appropriate
technology needed to support its response and recovery mission.
Emergency Preparedness and Response Could Better Integrate Information Technology
with Incident Response and Recovery