The House Oversight Committee chairman took aim at the Office of Personnel Management again on Monday for refusing to comply with IT safety recommendations from the Office of Inspector General.
“OPM continues to ignore serious concerns about their IT infrastructure improvement plan from the Inspector General,” Rep. Jason Chaffetz, R-Utah, said in a statement. “It’s unsettling that despite a data breach that put the sensitive, personal information of 21.5 million Americans at risk, OPM once again refuses to heed warnings from the IG.
“Ignoring the IG’s warnings largely got them into this mess in the first place,” Chaffetz added. “If OPM wants to regain the trust of Congress and the American people, they must make implementing the IG’s recommendations a top priority.”
Chaffetz was responding to a Sept. 3 report from the inspector general noting OPM’s objections to its recommendations. Primarily, the objections pertain to the OPM’s desire for more cash, and its refusal to implement what the IG considers a transparent budgeting process, he said.
Specifically, OPM rejected a recommendation to conduct an “OMB Major IT Business Case” analysis in relation to an ongoing system overhaul, and it rejected the need to use more than one contractor. The analysis would ensure the agency is conforming to principles applied to all federal agencies by the White House’s Office of Management and Budget.
In part, OPM said, it was refusing to implement those recommendations because Congress failed to provide the level of funding the agency requested this year. “OPM … commented that it has requested $21 million to ‘implement and sustain agency network upgrades’ and for ‘security software maintenance’ in its FY 2016 Congressional Budget Justification,” the OIG noted. Senate appropriators rejected that request in June.
The IG responded that efficiency and transparency in the budget were the precise reason an analysis was necessary. “The purpose of the Major IT Business Case proposal … is to ensure adherence to proper financing and project management principles,” the IG said. “But it is also designed … to ensure transparency in federal government IT spending.
“OPM’s refusal to develop a Major IT Business Case proposal for the overall project will result in costs being subsumed, and therefore hidden, within the individual IT investments. There will be no reporting mechanism to evaluate the overall costs of the project, which would, in effect, circumvent the transparency principles promoted by OMB,” the IG said.
OPM has been reeling from a hack that resulted in the theft of personnel files of more than 21 million Americans. OPM Director Katherine Archuleta resigned in July, leaving acting director Beth Cobert to take her place. That uncertainty in the agency’s leadership in conjunction with its limited budget, the IG stated, makes it particularly vital for OPM to conduct the recommended analysis.
