[ISN] A chief who lacks clout

From: InfoSec News (isn@private)
Date: Mon Oct 25 2004 - 23:43:11 PDT


http://www.nwfusion.com/news/2004/1023achief.html

By Paul Roberts
IDG News Service
10/23/04

Steven Cooper, the first CIO of the U.S. Department of Homeland 
Security, is responsible for the IT assets used by 190,000 federal 
employees, but he's in a position that doesn't wield a lot of power. 
In fact, a July 2004 report from the DHS Office of the Inspector 
General found that the CIO lacks the authority to manage the 
department's technology assets and programs. 

The report, titled "Improvements Needed to DHS's Information 
Technology Management Structure," says the CIO is responsible for the 
creation of the department's communications infrastructure - 
consolidating disparate networks, data centers and systems inherited 
from member agencies. He oversees eight of the top 25 IT projects 
being implemented by civilian federal agencies, including the 
controversial US-VISIT visa program and the Integrated Wireless 
Network project that involves the Departments of Justice, Treasury and 
Homeland Security. (Then there's the matter of IT security: A 2003 
Inspector General report found that none of DHS's constituent parts 
had fully functioning IT security programs.) 

Despite these challenges, Cooper's office has been allotted limited 
resources - fewer than 65 employees to support a 180,000-person 
department. CIOs for member organizations within DHS have larger 
staffs than that. 

To make matters worse, the report noted that the CIO doesn't report to 
either the DHS secretary or deputy secretary, but to the 
undersecretary of management. That means the CIO has no authority over 
the CIOs for DHS member organizations, whom he is charged with 
overseeing. Furthermore, there is no written policy to formalize the 
DHS CIO's role toward CIOs of member organizations. 

But there's always a positive side. The report noted the creation of 
an Enterprise Infrastructure Board, which meets periodically to 
discuss IT integration strategies. And Cooper published an enterprise 
architecture and implementation plan. 

Still, changes are needed. OIG recommended that the CIO report to the 
Deputy Secretary.

DHS also needs to make it clear that CIOs in DHS member agencies 
report to Cooper's office along with the head of their agencies. And 
the DHS CIO should be given a staff that can carry out its enormous 
responsibilities. 



_________________________________________
Open Source Vulnerability Database (OSVDB) Everything is Vulnerable - http://www.osvdb.org/



This archive was generated by hypermail 2.1.3 : Tue Oct 26 2004 - 07:34:29 PDT