House Oversight Committee Chairman Jason Chaffetz (R-Utah) on Monday criticized the Office of Personnel Management (OPM) for declining to follow government recommendations when dealing with the fallout from a massive data breach.
“OPM continues to ignore serious concerns about their IT infrastructure improvement plan from the Inspector General,” Chaffetz said in a Monday statement. “It’s unsettling that despite a data breach that put the sensitive, personal information of 21.5 million Americans at risk, OPM once again refuses to heed warnings from the IG.”
{mosads}OPM’s inspector general in June issued a ”flash audit” report making two recommendations for the agency’s IT infrastructure improvements following the hack, both of which OPM rejected.
The IG suggested that OPM develop a formal project management document detailing the business plan for the improvements and that it not rely on a no-bid contract for later phases of the project.
In a Sept. 3 report released on Monday, the IG said that “based on documentation we have reviewed, we have determined that OPM is not in compliance with either best practices or its own policy.”
In its response to the IG’s report, OPM stated that the “timing, the effort required and the impact on the project’s schedule” of completing a formal business case would “only serve to stall the critical efforts already underway.”
The agency also said that a sole-source contract was “never intended” to be used for all of the improvements.
The IG responded in the Sept. 3 report that without a formal business case, “we continue to believe that there is a high risk of project failure.”
Chaffetz has led the charge in demanding accountability from the agency for allowing the hack. He campaigned vociferously for former OPM director Katherine Archuleta to either step down or be fired.
Archuleta resigned in July, something the OPM inspector general points to as evidence that “OPM should further develop its project management approach, and implement a procurement strategy that includes full and open competition for the later Project phases.”
Archuleta had defended the agency’s plan prior to her resignation, telling a Financial Services and General Government Subcommittee hearing that “all of our decisions are being tracked, documented and justified.”
“Ignoring the IG’s warnings largely got them into this mess in the first place,” Chaffetz said Monday. “If OPM wants to regain the trust of Congress and the American people, they must make implementing the IG’s recommendations a top priority.”