Call for U.S. Congressional Investigation into Contract Fraud and Abuse by U.S. Department of Veterans Affiars
On Friday March 30, 2007, I wrote a blog post regarding a U.S. Department of Veterans Affairs outsourcing contract that has been grossly mismanaged.
This weekend I was reminded that there are still people who have the courage and integrity to do what is correct, even in the face of adversity.
A reader of this blog sent me the following anonymous email:
"As one of the people working on this contract I can tell you that a lot of good, hardworking people were hurt by the 'allowing the contract to expire' part - they came in unannounced at 4:30p.m. on a Friday and told everyone to leave "and do not lock your computers" - the VA wanted to remove as much evidence of their wrongdoing as possible to pin the blame solely on SecureInfo if they could; in order to save the government careers of many of the government employees involved. It worked; and it put a lot of people out of work - people who were not made aware that the VA Central Office was using the contract as their "personal IT checkbook". I won't go so far as to say some of the contractor management weren't complicit in this act; but too many people are interpreting this news as the contractors were all bad. It was the VA that abused the contract - they know exactly where all the computers and security equipment they bought is; in storage at their primary and secondary SOC sites."
First, let me say to Anonymous--thank you for having the courage to share your viewpoint. I'm sorry that hardworking people including yourself are the unfortunate victims of corporate and government greed and corruption. Wishing you the best in finding new career opportunities. Please let me know how I may be of assistance to you now or in the future.
Secondly, Anonymous makes several good points. The primary responsibility for the mismanagement of this contract lies with the Department of Veterans Affairs. I agree with Anonymous that the majority of the hardworking men and women (information security professionals) with the contracting firms are not the ones to blame.
Anonymous brought up an interesting comment regarding how the VA told those working on the project: "they came in unannounced at 4:30p.m. on a Friday and told everyone to leave "and do not lock your computers".
If that is true, from an IT Audit perspective I find that troubling. For the VA to tell their contractors to leave their computers logged in (logged in with the users credentials -- i.e. user-name and password) and not return is of concern and should be investigated further if the U.S. Congress launches any investigations. When those contractors leave the facilities, anyone could walk up to those computers and continue doing anything those contractors were doing--even perhaps as anonymous suggested: "the VA wanted to remove as much evidence of their wrongdoing as possible to pin the blame solely on SecureInfo if they could; in order to save the government careers of many of the government employees involved." The VA should have instead told the contractors to log out of their computers and then disabled all of their user accounts to preserve any audit trails for contractor access to VA systems and software applications. Asking the contractors to leave their accounts logged in, opens the possibility for reasonable doubt regarding the integrity of any audit trails.
As both a security professional and IT auditor, I cannot believe that the hardworking men and women at the contracting firms had any malicious intent to defraud our government. However, I do believe that the conduct by the VA and the management at the contracting firms need to be further investigated for their actions and mismanagement by the U.S. Congress.
Once again I will reiterate my call for a U.S. Congressional investigation to bring forth the facts and lay blame on those responsible for mismanaging and wasting our government's financial resources. Our men and women in uniform who serve honorably in our armed forces deserve to have a VA that is a faithful steward of the resources given to them to administer for the benefit of our veterans.
OK. I'll stop preaching to the choir. If anyone has any further comments on this topic please write to me and post a comment on this blog. Thank you for sharing.
Comments