Nuclear Agency Network Falls Short Of Requirements
An internal investigation at the National Nuclear Security Administration blames network delays and cost overruns on poor planning and project management.
The National Nuclear Security Administration set about replacing its classified network in 2000. Now, three years after its due date and up to $180 million later, the network still isn't up to snuff.
That assessment, coming from NNSA's inspector general, stands in contrast to the agency's own sense of accomplishment. In April, the agency held a ribbon cutting ceremony for the network, which, by its estimate, cost about $60 million.
The Enterprise Secure Network, planned as a more secure replacement to NNSA's outdated SecureNet, is indeed operational. However, about 150 applications used for processing classified information weren't ready to run on the network, and the network isn't powerful enough to connect all of NNSA's supercomputers and classified systems.
The discrepancies over total cost are the result of improper cost tracking between 2000 and 2007, leading to a lack of visibility into cost, according to the report. The agency didn't put in place the ability to capture ESN-related spending on anything other than cybersecurity until 2006. After a review, NNSA found that the network actually cost between $153 and $180 million.
The delays and cost overruns stem largely from poor project planning and management, the inspector general concluded. The project management controls the agency used were designed for projects one-seventh the cost of the new network.
"Because of the lack of project management rigor, senior NNSA management officials were deprived of the information necessary to ensure that the ESN initiative was properly planned and executed, apply generally recognized best practices, and to properly track project costs," the report said.
The delays led to related problems, such as delays in weapons data consolidation. The report also found that, despite NNSA's stance that maintaining separate networks was bad for security and compatibility, the agency cut back the scope and capabilities so much that it will have to continue running multiple classified networks.
In response, NNSA said the inspector general's numbers were off and took issue with some of its characterizations. The inspector general stands by its findings.
To its credit, NNSA's CIO undertook multiple reviews of the program in the last few years and implemented a number of changes, including changing project leadership and adopting standard risk management and project management processes.
InformationWeek has published an in-depth report on leading-edge government IT -- and how the technology involved may end up inside your business. Download the report here (registration required).
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
IT Strategies to Conquer the CloudChances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.