SBA Faces Challenges in IT Investment, System Development and Security Controls
The SBA’s IG Office identified IT upgrades as a long-standing problem within the agency, which was exacerbated amid the COVID-19 pandemic. The report notes that investing in upgrades is essential to improve the portal interfaces for small businesses, FedScoop reported.
The watchdog also flagged the SBA’s outdated system development policies dating back to 2009 for not aligning with changes in the IT application landscape.
Another problem faced by the agency is its ineffective security controls. While the IG acknowledged some improvements in the areas of automated security control testing and protecting personally identifiable information, it made clear that the SBA’s overall information security rating ranged from levels 2 to 3, meaning that security controls were not up to par.
The agency only achieved a level 4 in terms of incident response. SBA continues to struggle with implementing security controls for user access, configuration management and security training.
Inaccurate procurement data and improper small business contract awards were also included in the SBA’s IT challenges for FY2022. The agency is launching a new certification management portal to address the problems but the IG said technical challenges could hinder progress.
SBA’s inaccuracies extend to grants assistance reporting, the IG added. The problem stems primarily from input errors associated with the use of the Procurement Request Information System Management, which requires manual data entry to obligate funds and authorize payments to grant recipients.
Category: Federal Civilian
Tags: federal civilian FedScoop IT challenges IT upgrades OIG SBA security controls Small Business Administration system development policies