Officials say VA computer systems better, but still vulnerable

The Veterans Affairs Department continues to make incremental progress in its effort to overhaul information technology systems, but computer security is still a concern, government officials told House lawmakers Thursday.

An audit of VA's information technology program conducted over the last six months found that the department has made some important strides, but has yet to implement key information security initiatives or establish a comprehensive, integrated agency-wide security program, according to VA Inspector General Richard Griffin. Griffin testified before the House Veterans Affairs Committee's Subcommittee on Oversight and Investigations.

"Our audit work continues to identify significant security vulnerabilities that represent an unacceptable level of risk to VA operations and its mission of providing health care and delivering benefits to the nation's veterans," Griffin said.

The department is attempting to streamline agency services and plans to use technology to increase efficiency. But the effort to overhaul the agency's troubled information technology infrastructure has dragged on for 10 years at an excessive cost, House lawmakers noted.

"Billions of dollars have been invested in this," said Rep. Steve Buyer, chairman of the committee. "Unfortunately, little has come from the investment."

Thursday's hearing was the fifth time House lawmakers have asked the agency for information on progress on IT issues, Buyer said. In March the committee asked John Gauss, the VA's assistant secretary for information technology to outline his plan for advancing the project. Gauss committed to reforming the system and on Thursday cited his progress, including the approval and implementation of a plan for changing information systems, the creation of a Senior Executive Service-level position to run the program, and an analysis of staffing needs for the program. VA Secretary Anthony Principi also approved a measure giving the department's chief information officer oversight authority for information technology funds beginning in fiscal 2003.

"I believe these efforts demonstrate our very strong commitment, at all levels, to building an effective information technology program for the long-term," Gauss said. Joel Willemssen, managing director of information technology management issues at the General Accounting Office, told lawmakers that VA's information technology performance would require sustained management oversight. But Willemssen praised VA for its efforts to date, noting that only one other agency-the General Services Administration-had given its chief information officer authority over all information technology funding.

"The strength of VA's leadership and continued management commitment to achieving improvements will ultimately determine the department's degree of success," Willemssen said.