support an alignment between DHS, FEMA, and response and recovery IT
initiatives. Our review showed clear disconnects among the planning
documents. Specifically, FEMA's strategic plan was created prior to the
agency becoming part of DHS, has not been updated since then, and
consequently does not align with specific response and recovery metrics
outlined in DHS' plan. We reviewed FEMA's IT strategic plan to
determine whether technology approaches and initiatives support response
and recovery mission goals and found that the IT plan is based on
FEMA's outdated strategic plan. As such, we recommended that both
FEMA's strategic and IT plans be updated.
Contrary to the EP&R CIO's statement, we neither assume nor state in our
report that FEMA's strategic plan is the only mechanism to ensure
alignment of FEMA plans and programs with DHS goals and objectives.
As stated above, we focused on FEMA's strategic plan, because the EP&R
CIO office identified this plan as the basis for IT planning and direction.
Further, according to the
Government Performance and Results Act of
, performance based management and budgeting must begin with an
overarching strategic plan. As a result of our review, we identified
misalignments between DHS' and FEMA's strategic planning documents
that we would be remiss in not discussing in our report. We did not seek
to analyze FEMA's overall strategic planning process, or any of the other
planning, programming, budgeting, and execution processes that the
EP&R CIO identified. Such processes were outside of the scope of our
We neither dispute nor discuss the EP&R CIO's assertion that the goals
and metrics identified in DHS' strategic plan were written by FEMA.
Again, our intent was to point out disconnects between DHS' and FEMA's
strategic planning documents and the need for FEMA updates to better
support IT planning. Nonetheless, we have revised our report to state that
FEMA not only participated in working groups to help develop the DHS
plan, but also defined and owns the response and recovery goals and
metrics outlined in the DHS plan.
We believe that the EP&R CIO's statement that some information in
FEMA's strategic plan has been outpaced by events helps support our
argument that the plan is outdated and needs to be revised. Even though
the main body of FEMA's strategic plan may remain applicable since the
agency has become part of DHS, updating the plan as we recommend will
help ensure that the FEMA and DHS plans do not conflict, but also
support each other. We have revised the language in our report to clarify
Emergency Preparedness and Response Could Better Integrate Information Technology
with Incident Response and Recovery