On March 31, 2015, the US Government Accountability Office (GAO) released a report reviewing the Library of Congress information technology infrastructure and its management. According to the report, which was requested by the US House of Representatives Appropriations Subcommittee on the Legislative Branch:
GAO is recommending that the Library expeditiously hire a permanent CIO. GAO is also making 30 other recommendations to the Library aimed at establishing and implementing key IT management practices. The Library generally agreed with GAO’s recommendations and described planned and ongoing actions to address them…In January 2015, at the conclusion of GAO’s review, officials stated that the Library plans to draft an IT strategic plan within 90 days and hire a permanent CIO. If it follows through on these plans, the Library will be in a stronger position to address its IT management weaknesses and more effectively support its mission.
GAO’s review found that “significant weaknesses across several areas have hindered [the library’s] effectiveness.” According to GAO, these areas include:
- “Strategic planning: The Library does not have an IT strategic plan that is aligned with the overall agency strategic plan and establishes goals, measures, and strategies.”
- “Investment management: Although the Library obligated at least $119 million on IT for fiscal year 2014, it is not effectively managing its investments.”
- “Information security and privacy: The Library assigned roles and responsibilities and developed policies and procedures for securing its information and systems. However, its implementation of key security and privacy management controls was uneven.”
- “Service management: The Library’s Information Technology Services (ITS) division is primarily responsible for providing IT services to the agency’s operating units. While ITS has catalogued these services, it has not fully developed agreements with the other units specifying expected levels of performance. Further, the other units were often not satisfied with these services, which has contributed to them independently pursuing their own IT activities.”
- “Leadership: The Library does not have the leadership needed to address these IT management weaknesses.”