Prior assessments have identified concerns with several aspects of FEMA's IT
management. Specifically, in an August 2001 report,
the GAO identified
issues with NEMIS internal controls, reliability, usability, and training. A
July 2004 GAO report
discussed FEMA's property management controls and
highlighted concerns with asset accountability and the accuracy of data
recorded in the LIMS III system. In that report, GAO recommended that
FEMA's property system be linked to its acquisition and financial systems so
that certain key information could be available for effective property
management. In December 2003, we issued a report
on the NEMIS system
access controls, and identified related issues concerning separation of duties,
audit trails, and training which needed to be monitored. Further, a July 2004
DHS OIG report
discussed the need for component CIOs, such as the EP&R
CIO, to report to the department's CIO on IT issues to help ensure that
strategies are aligned and systems are consolidated for more effective use of
IT assets across the department.
Results of Audit
Challenges Remain in Aligning EP&R's IT Approach with DHS Mission
Information resource management plans support an agency's strategic plan for
fulfilling its mission. The 2004 DHS strategic plan contains specific response
and recovery goals and metrics. FEMA's strategic plan, however, is not
aligned with them. FEMA developed its strategic plan prior to becoming part
of the new department and has not updated it since then. EP&R's IT plan
aligns with FEMA's outdated plan, but does not line up fully with goals and
measures defined in the more recent DHS plan. As a result, EP&R's IT
systems approach may not support progress toward meeting DHS goals.
Updating its strategic and IT plans to reflect evolving DHS wide direction and
initiatives poses a major challenge for EP&R.
Disaster Assistance: Improvement Needed in Disaster Declaration Criteria and Eligibility Assurance Procedures
GAO 01 837, August 2001.
Federal Emergency Management Agency: Lack of Controls and Key Information for Property Leave Assets Vulnerable
to Loss or Misappropriation
, GAO 04 819R, July 2004.
Audit of the National Emergency Management Information System Access Control System
, DHS OIG 04 02, December
Improvements Needed to DHS' Information Technology Management Structure
, DHS OIG 04 30, July 2004.
Emergency Preparedness and Response Could Better Integrate Information Technology
with Incident Response and Recovery