The Reports Consolidation Act of 2000 requires that the Office of Inspector General identify the most serious management and performance challenges facing the Department. The OIG concludes that the most serious management and performance challenges to the Department are in the following areas:
Protecting its people and facilities from terrorist attacks continues to be one of the Department's highest priorities. Following the 1998 terrorist attacks against the U.S. embassies in Nairobi and Dar es Salaam and heightened U.S. security concerns in the wake of the terrorist attacks of September 11, 2001, the Department embarked on an ambitious program to construct or upgrade diplomatic missions that are inadequate and, in some cases, unsafe. The Department's program to replace 185 vulnerable embassies and consulates is in its early stages, but the pace of initiating and completing new construction projects has increased significantly over the past two years. From 1999 to 2003, the Department received approximately $2.7 billion for this program. As of September 30, 2003, the Department had completed seven projects to replace embassies and consulates at risk of terrorist or other attacks and had another 21 under construction. The Department has also received over $750 million to improve perimeter and compound security at existing facilities. Despite the Department's aggressive efforts, many embassies cannot expect new and safer buildings in the short term.
OIG contributed to the Department's priority of protecting people and facilities from terrorist attacks by conducting 11 limited-scope and nine full-scope inspections of overseas missions in 2003. Limited-scope inspections are confined to a review of physical security and emergency preparedness and are intended primarily to identify and correct weaknesses in the mission's defenses against a large-scale vehicle bomb attack. Full-scope inspections review the full range of a mission's security program, including emergency preparedness, physical, technical, procedural, information, and personnel security. In addition to these inspections, OIG completed two follow-up reviews - one at Embassy Berlin and the other at Embassy Moscow. These reviews examined each mission's compliance with the previous inspections' recommendations.
Because the majority of OIG's FY 2003 security inspections were limited to reviews of physical security and emergency preparedness, most of the security findings and recommendations of this period fell into these two categories, with emergency preparedness emerging as the area most needing improvement. OIG findings revealed the need for improvements in: 1) alerting personnel to take immediate action in response to an imminent vehicle bomb attack, 2) providing adequately stocked safe havens, and 3) conducting all Department-required emergency drills on an annual basis.
Approximately one-third of the security inspections found setback - the distance from the outermost perimeter barrier to the building's exterior wall - to be inadequate. Setback is a key factor in countering a vehicle bomb attack. The lack of adequate setback can be partially mitigated by other factors, such as acquiring abutting properties and closing or controlling access to surrounding streets. These inspections found that some measures such as street closure- or access-control had been taken, but that more needs to be done. Another common physical security deficiency at overseas posts is building exteriors that fail to meet the Department's security standards for forced-entry and ballistics protection, which provide mission personnel protection against a mob attack or violent demonstrations.
The increase in the use of the Internet, coupled with the dramatic expansion in computer interconnectivity, has changed the ways that the government, the nation, and much of the world communicate and conduct business. Without adequate safeguards, computer-supported Department operations could be at enormous risk and allow individuals and groups with malicious intent to intrude into inadequately protected systems. Among the worst scenarios, this access could allow intruders to launch attacks against other computer networks and systems, disrupt operations, commit fraud, or obtain sensitive information. Previous General Accounting Office, OIG, and Bureau of Diplomatic Security reports have identified persistent computer security weaknesses that place a variety of critical and mission-essential Department operations at risk of disruption, fraud, and unauthorized disclosure.
The Department recognizes that much more must be done to develop fully and ensure the continuity of its systems security program. As mandated by the Federal Information Security Management Act of 2002, OIG conducted an annual evaluation of the Department's information security programs. In the September 2003 report, OIG noted significant improvements over the previous year's evaluation. In response to one of the report's key recommendations, the Department successfully completed an overview of its management approach to information security for the FY 2003 draft Cyber Security Program Management Plan. The Department also was in the process of implementing a systems authorization plan to provide certification and accreditation for its new and existing major applications and general support systems. As of August 2003, five percent of its systems had been certified and accredited. Further, 77 percent of the Department's 217 systems have security-level determinations (up from 72 percent in FY 2002). However, only 3 percent have security plans (down from 15 percent in FY 2002). Other changes included an overhaul of the capital planning and investment control process and institutional organizational changes.
OIG also focused on the overall protection of classified information at home and abroad. OIG reviewed the protection of classified and unclassified information at overseas posts, as part of the nine full-scope security oversight inspections completed in FY 2003. OIG also conducted the second of three annual audits evaluating the protection of classified information at Main State, as required by the FY 2003 Intelligence Authorization Act. Several key areas, including the Department's financial system, require senior management attention in order to develop fully and ensure the continuity of the Department's systems security program.
The Department has made significant improvements in the area of financial management; however, serious problems persist and represent challenges that must be addressed. OIG is pleased to note that the Department has received unqualified (clean) opinions on its agency-wide statements for the past seven years, indicating that the statements were free of material misstatements, and has met the mandated deadline for the past three years. However, OIG's most recent audit of the Department's financial statements noted serious concerns related to information systems security, the adequacy of the Department's financial systems, undelivered orders, and managerial cost accounting. The unqualified opinion was achieved, for the most part, through the extensive efforts of the Department's financial management staff to overcome those weaknesses and produce auditable information. This underscores the need for the Department to improve its financial management systems.
Weaknesses in the Department's financial management systems are a long-standing problem. The audit of the FY 2002 financial statements identified inadequacies in the Department's financial and accounting systems. The Department has made substantial compliance with the Federal Financial Management Improvement Act a top priority, and improvement initiatives to achieve that goal are under way.
While the Department has made improvements in managing undelivered orders, including a database to track them, the balance is extremely high and, in fact, has grown over the past few years. For instance, the amount of undelivered orders increased from $3.3 billion in FY 2001 to over $5 billion in FY 2002. In addition, the annual audits of the financial statements have consistently found that a large portion of these obligations is unnecessary. During the FY 2002 audit, an independent accounting firm estimated that at least $230 million should have been deobligated. The Department is actively working to address this issue.
To address weaknesses related to managerial cost accounting that were identified during the annual audit of the financial statements, the Department is developing a Central Financial Planning System that it believes will address many of the concerns.
Overall, OIG FY 2003 reviews found staffing levels in the Department and at overseas posts to be generally adequate, with the exception of consular staffing overseas. In FY 2003, OIG continued to raise concerns about the number and training of consular personnel overseas. OIG identified junior officer rotational assignments as an impediment because visa processing positions were regularly filled by untrained junior officers, often for less than a full year. OIG also found that there was inappropriate assignment of junior officers "stretched" into key consular positions at higher grade levels, such as supervisory visa positions. In addition, OIG found first-tour officers staffing one-officer consular sections, a position that requires the depth of experience of a second-tour officer to meet the new levels of performance required to improve U.S. border security.
OIG believes significant progress has been made in addressing some of these concerns. For example, the Department initiated an extensive consular workload analysis throughout the Foreign Service to assess consular resource needs following the terrorist attacks of September 11, 2001. However, significant challenges remain, including insufficient numbers of officers, inexperienced officers placed in management positions, and undergraded positions, particularly as the consular workload has increased in response to new requirements for the use of visa biometrics and the need to interview more applicants.
OIG continued to review rightsizing issues at posts overseas to determine whether staffing was adequate to meet established goals and objectives. Where appropriate, recommendations were made to improve mission effectiveness through decreases or increases in staffing. OIG's review of Embassy Mexico City and its constituent posts, which comprise the largest U.S. nonmilitary presence outside the United States, found rightsizing to be the most urgent task confronting the Ambassador. OIG determined that staffing at the mission grew by more than 35 percent between December 1996 and December 2002, chiefly due to the increased consular workload, improved law enforcement cooperation, and the emphasis on national security since September 11, 2001. OIG recommended that the Department require all agencies at the mission to submit five-year projected staffing patterns to allow for improved coordination and control.
Since early 2002, OIG has reviewed aspects of the Department's consular operations, both domestic and overseas, that directly affect border and homeland security in the post-September 11, 2001, era. OIG is conducting these reviews to identify weaknesses that might allow visas, passports, and other types of immigration documentation to be issued to members of terrorist organizations and their supporters.
In FY 2003, OIG issued reports that reviewed the Department's domestic passport operations, diversity visa program, and nonimmigrant visa issuance policy. OIG identified several shortcomings such as a lack of uniformity in visa processing and, in the Bureau of Consular Affairs, the lack of planning staff to develop consular input into border security initiatives and directions. A review of nonimmigrant visa issuance policy and procedures found that the Department did not fully appreciate, at that time, the pivotal role of the consular function as part of a coordinated national effort to manage border security and that, despite significant progress in bringing uniformity to the visa process, more needs to be done if the process is to be made more secure. Among OIG's recommendations is the need to reconfigure or enlarge space at many posts to accommodate the new mandated requirements for visa operations.
In response, the Department sent cables to ambassadors outlining the importance of the visa function in achieving U.S. border security and the need to integrate the consular and visa operations into their broader mission programs, as well as the importance of training consular officers at post. The Department also is working to improve consular training modules. In addition, OIG is assisting the Department by conducting surveys with each overseas inspection to gather worldwide data regarding aspects of consular operations at posts abroad that can be used to review and measure the inspected mission's border security readiness. These surveys of four key "areas of emphasis" in the visa-issuing process - executive oversight, staffing, training, and consular facilities - will form the basis for an annual OIG review of the Department's progress in strengthening U.S. border security.
An OIG review of the Department's domestic passport fraud prevention programs found that the smuggling of children or the substitution of the photograph of one child for another was facilitated by a regulatory exemption allowing children under 14 not to appear personally to apply for U.S. passports. In response to OIG's recommendation, the Bureau of Consular Affairs notified overseas posts that it plans to revise passport regulations and the instructions on the passport application form to direct that children under 14 are required to appear personally when passport applications are executed on their behalf.
Strategic and performance planning, measurement, and budget integration continue to present challenges for the Department, although significant steps to meet and overcome them were taken in FY 2003. Some of the key challenges that OIG found include: communicating and institutionalizing the planning process, translating these efforts into awareness and understanding at both senior and working levels within the Department, developing meaningful and measurable performance indicators for all aspects of foreign diplomacy, ensuring that performance plans and results are used effectively in managing mission and bureau personnel and resources, improving the integration of mission and bureau performance plans and resource allocations, linking broader plans and goals to individual office and employee performance plans, and fully integrating performance goals, measures, and results with budget formulation and implementation processes and decisions.
During FY 2003, the Department devoted considerable effort to improving its planning and resource allocation process and to addressing weaknesses in its planning and performance reporting that had been identified by OMB and independent evaluation groups. The planning and resource allocation process receives attention at the highest levels of the Department, with the Deputy Secretary of State personally overseeing reviews of individual bureau performance plans and resource requests that focus on the linkage between a bureau's initiatives, programs, and resources and their desired results. Other Department efforts included establishing a joint strategic plan with the U.S. Agency for International Development, forming two joint councils to ensure coordination and collaboration on a variety of policy and management issues that cut across the two agencies, streamlining and automating the planning cycle, identifying new outcome and efficiency measures for many of its initiatives and programs and reducing the overall number of performance measures to focus on the most critical indicators, and issuing its first integrated performance budget.
OIG's work this past year on issues relating to the Department's strategic and performance planning and implementation efforts was focused largely on assessments of individual program and mission efforts rather than systemic activities. OIG inspections found that the streamlined and automated planning process had reduced some of the burden on overseas missions, although software problems were still an issue with some posts. In addition, at most successful missions inspected, Mission Performance Plans were being used effectively to manage priorities and performance, although their role in allocating resources was limited. OIG is working with the Department to establish a methodology and schedule to ensure verification and validation of the Department's most important performance measures.
Nearly 25 years ago, Congress sought to increase oversight of federal programs and operations, and to create a mechanism to report independently the results of these oversight reviews, with the passage of the Inspector General Act of 1978. The Act established Inspectors General to keep agency heads and Congress informed about program or operational deficiencies and gave them the authority and responsibility to be independent forces for effectiveness, efficiency, and economy within the federal government. On August 27, 1986, the U.S. Department of State's Office of Inspector General (OIG) was established under amendments to the Inspector General Act.
The State Department has a long history of mandated inspections and oversight to ensure program integrity. The 1906 Act to Reorganize the Consular Service of the United States required reviews of consular offices abroad to ensure the accurate accounting of consular fees and proper performance of their duties. In 1924, the Rogers Act expanded the inspection universe to include diplomatic as well as consular posts. This requirement was further expanded under the Foreign Service Act of 1946, which required Foreign Service inspectors to "inspect in a substantially uniform manner and at least once every two years the work of the diplomatic and consular establishments of the United States." The inspection cycle was extended to five years under the Foreign Service Act of 1980, which also established the Inspector General of the Department of State and the Foreign Service. To ensure that this function was carried out in an independent and objective manner, the Omnibus Diplomatic Security and Antiterrorism Act of 1986 required the establishment of an independent OIG at the Department by October 1, 1986, and increased the responsibilities of the office to include audits and investigations. The new State Department Inspector General was designated to serve concurrently as the Inspector General of the Arms Control and Disarmament Agency (ACDA).
Passage of the Omnibus Appropriation Act of 1996 (PL 104-28) merged the Office of Inspector General of the U.S. Information Agency (USIA), including the Broadcasting Board of Governors (BBG), with that of the Department and ACDA, effective April 26, 1996. The Foreign Affairs Reform and Restructuring Act of 1998 integrated ACDA into the Department on April 1, 1999, and USIA into the Department on October 1, 1999, completing the consolidation begun under the Office of Inspector General merger.
The Government Performance and Results Act of 1993 (Results Act) requires agencies to submit annual performance reports detailing their success in achieving the goals and measures in their annual performance plans. As the independent oversight body for the Department of State, as well as the Broadcasting Board of Governors, the Office of Inspector General has chosen to develop its own vision, mission, and strategic and performance goals and to submit individual performance plans and reports along with those of the Department.