Federal Reports

The VA Office of Inspector General (OIG) conducted this audit to determine whether VA met the data center requirements of the Federal Information Technology Acquisition Reform Act. The OIG found that VA did not maintain complete and updated data center inventories or include sufficient plans for meeting the consolidation requirements, cost savings targets, and optimization targets for data centers at existing VA facilities. As a result, VA did not meet the Office of Management and Budget’s Fiscal Year FY 2018 target of $85.35 million in planned savings and cost avoidances. VA did not meet these requirements because the Office of Information & Technology (OIT) Deputy Chief Information Officer (CIO) for Service Delivery and Engineering communicated standards and reporting requirements to only OIT staff. Non-OIT staff who maintain information technology (IT) systems, including those with data center management responsibilities, were not notified. Also, VA’s National Data Center did not have an effective process to confirm the accuracy of reported data center information. The OIG found that without an accurate inventory of data centers or credible plans to increase efficiency and achieve savings, VA will continue to operate in an IT environment that is at greater risk for duplication and waste. This audit also examined an OIG Hotline complaint from March 2016 related to a potential data center leasing issue. The OIG investigated the complaint that funds were improperly spent but did not substantiate it. The OIG recommended VA determine which servers are subject to June 2017 Data Center Optimization Initiative guidance, communicate requirements to all staff responsible for VA data centers, validate the accuracy and completeness of reported data center information, establish a VA-wide data center inventory process, and ensure the Data Center Optimization Initiative strategic plan is complete and aligns to target goals.

Our audit objectives were to determine whether the U.S. Postal Service (1) fairly stated accounting transactions in the general ledger and whether selected controls surrounding those transactions were designed and operating effectively, and (2) properly tested, documented, and reported its examination of selected key financial reporting controls related to Headquarters and Accounting Services.

We determined that the Department of Homeland Security has established a process that provides guidance to identify required capabilities, gaps, and opportunities, which are found in capability needs documents. The Department also has controls in place to prevent components from circumventing this process. However, the Department validates noncompliant capability needs documents. DHS does not hold components accountable for failing to follow guidance and also has not provided adequate direction on how to implement the guidance. As a result, the Department cannot be assured that capability needs are properly identified. Additionally, Department analysts are not consistent when reviewing capability documents and applying departmental guidance and the acquisition decision making process is not always documented. This occurred because the Department has neither standard operating procedures to help its analysts consistently review documents and provide feedback, nor a written policy requiring documentation to support validation decisions. Inconsistent analyst reviews affect the Department’s ability to make informed decisions about components’ assessments of capability needs. It may result in components expending additional resources to develop capability documents and may delay the Department’s acquisition of needed goods and services. Furthermore, without proper documentation, issues identified during capability document reviews may not be addressed prior to validation. The Department concurred with the recommendations and described corrective actions taken. We consider three of the four recommendations closed. However, actions taken to address the remaining recommendation do not address the intent of the recommendation. Therefore, we consider the remaining recommendation open and unresolved.