An Inspector General audit of the Securities and Exchange Commission’s handling of 2012-2013 data center relocations found that the agency’s failure to follow outlined steps in a contractor-developed plan resulted in potentially wasted funding.

In 2008 the SEC paid a private contractor $162,000 to develop a plan for relocating its data centers. The report found that the agency’s failure to adhere to timelines on this plan prevented its data providers from meeting agency needs.

“Because the agency derived little, if any, benefit from the 2008 data center relocation plan, we believe the $162,000 paid for the plan represents funds that the SEC may have wasted,” the report said.

In addition, the IG concluded that this failure also resulted the exposure of the first data provider to physical and environmental vulnerabilities, resulting in $370,000 in costs to mitigate the exposure.

“Additionally, we determined that the SEC did not adequately manage or monitor its data center contracts,” the report said. “Because of inadequate contract management, the SEC paid [data provider two] invoices containing formula errors resulting in $217,159 in overpayments (which has been refunded). We also identified about $2.8 million in unsupported costs paid to [data provider one].”

The report also found that the first data provider may be failing to meet a key contract requirement: to be a Tier III data center or greater under Telecommunications Industry Association standards.

“If the SEC does not take corrective action to validate certain costs and if all contract options are exercised, the agency will incur additional costs of about $2.7 million in funds that could be put to better use over the remaining life of D1’s contract.”

The SEC has come under fire in recent weeks for failing to disclose a 2016 cyberattack until September of this year. SEC Chairman Jay Clayton told the Senate Banking, Housing and Urban Affairs Committee last week that news of the breach should not limit the commission’s access to sensitive data or derail their mission.

The IG report recommended that the SEC conduct a comprehensive review of the 2012-2013 relocation to determine lessons learned and requested that the director of the Office of Acquisitions conduct a comprehensive review of the SEC’s Contracting Officers Representatives program.

Jessie Bur covered the federal workforce and the changes most likely to impact government employees for Federal Times.

Share:
More In IT & Networks
Six proven steps to Zero Trust
Agency leaders are working to adopt the mindset of trust nothing and verify everything to prioritize the transformation of legacy systems.
US must prepare for proliferation of cyber warfare
To build cyber resilience in this heightened threat environment, agencies must work closely with both international counterparts and industry to align on a proactive, global approach to all cyber threats –– not just state-sponsored attacks.
In Other News
Load More