VA Is Moving toward Full Compliance with Geospatial Data Covered Agency Responsibilities

The VA Office of Inspector General (OIG) conducted this audit to determine whether VA complied with the law governing geospatial data and to follow up on recommendations from its inaugural report. VA uses geospatial data to support budget, strategic planning, and policy decisions for benefits and services it provides. The OIG found VA met nine of the 12 applicable covered agency requirements of the law. According to VA officials, VA does not collect, hold, manage, or consume declassified geospatial data, and the OIG team did not find evidence to the contrary, making the related requirement not applicable. In its inaugural audit, the OIG found VA was not compliant with three covered agency requirements: (1) VA was unable to comply with requirement 1 due to the absence of an approved strategic plan from the Federal Geographic Data Committee, (2) VA had not established mandatory department-wide policies and responsibilities to promote the integration of geospatial data for requirement 3, and (3) VA had not ensured geospatial data and activities are included on VA record schedules that have been approved by the National Archives and Records Administration for requirement 4. Although VA has taken steps toward compliance with the requirements, all necessary actions have not been completed for requirements 1 and 3. In addition, although VA was previously compliant with requirement 9, it has not met additional recommended criteria to protect personal privacy and maintain confidentiality. The OIG recognizes the complexity of integrating multiple geographic information systems across the agency. In light of the significant progress VA has made to comply with the act’s requirements, the OIG is making no recommendations for improvement. The OIG encourages VA to complete its planned actions to ensure compliance.