Submitting OIG:
Report Description:
The objective of our audit was to assess the U.S. Department of Education’s (Department) compliance with Federal Information Technology Acquisition Reform Act (FITARA) Chief Information Officer (CIO) authority enhancements and other selected requirements. We found improvements are needed in the Department’s compliance with CIO authority enhancements. Specifically, we found that the Department has fully implemented and documented in policy only 8 of the 17 CIO authority enhancements (47 percent). The Office of the Chief Information Officer was unable to provide evidence that 6 of the 17 CIO authority enhancements (35 percent) have been fully implemented and the
Department’s policies and procedures did not fully address 5 of the 17 CIO authority enhancements (29 percent) at the time we began our audit fieldwork, although 3 authority enhancements were later documented in revised guidance.In addition, we found that improvements are needed in the Department’s process for ensuring transparency and risk management of IT resources. Specifically, we found that the Department has not correctly classified all major IT investments, has not consistently adhered to its process for assessing the risk of IT investments, and has not always conducted TechStat sessions of high risk major IT investments as required by FITARA.
Date Issued:
Monday, September 23, 2019
Agency Reviewed / Investigated:
Submitting OIG-Specific Report Number:
A19S0002
Component, if applicable:
Office of Chief Information Officer
Location(s):
Washington, DC
United StatesType of Report:
Audit
Questioned Costs:
$0
Funds for Better Use:
$0
Number of Recommendations:
12
Report updated under NDAA 5274:
No
View Document:
Attachment | Size |
---|---|
FY19A19S0002030724v100SECURED.pdf | 4.35 MB |
Additional Details Link: