|Performance and Accountability Report Fiscal Year 2007
Management and Performance Challenges Identified by the Inspector General
ACTING Inspector Generals Statement Summarizing the Major Management and Performance Challenges Facing the United States Patent and Trademark Office
Jon W. Dudas
In accordance with the provisions in the Reports Consolidation Act of 2000, we submit for your consideration, the management challenges facing USPTO, as identified by the Office of Inspector General. Detailed information about our work is available on our web site at:http://www.oig.doc.gov/.
Ensure That USPTO Uses Its Authorities and Flexibilities As A Performance-Based Organization To Achieve Better Results
USPTO plays a critical role in promoting the nation’s technological progress and protecting intellectual property rights—a task often viewed as daunting given the increasing number and complexity of patent applications. The agency’s 21st Century Strategic Plan outlined numerous initiatives to help reduce its large backlog of applications, ensure the quality of granted patents, and improve the productivity of its examiner corps. An OIG report on USPTO’s patent examiner production goals, performance appraisal plans, and awards highlighted actions the agency could take to stimulate and reward examiner production. A more recent GAO report on USPTO’s recruitment and retention efforts also called on agency managers to reassess examiner production goals, and noted that examiners often cited those goals as a primary reason for leaving the agency. In addition, GAO reported that attrition is continuing to offset USPTO’s hiring progress even with the use of many incentives and flexibilities to retain the workforce for longer periods.
One of those workplace incentives has been USPTO’s expansion of telework, allowing examiners to use laptops to work at offsite locations. Lost laptops and data security problems at other Commerce bureaus underscore the need for strong policies, procedures, and controls at USPTO to avoid similar problems and the potential compromise of sensitive patent information. (Information security is a separate challenge for the agency, as discussed below.)
The long-standing and growing backlog highlights other issues for USPTO and OIG attention: the need to expedite a fully electronic patent examination process and to carefully monitor the agency’s billion-dollar investment in high-risk time and materials and award fee contracts for related information technology services.
Clearly, recruitment, attrition, and information technology remain serious challenges for the agency. We will continue to monitor USPTO’s progress in those areas as well as its training programs and human resources or personnel operations, where we earlier found some questionable practices and the need for improved management controls.
Strengthen Information Security
The Federal Information Security Management Act (FISMA) requires that we annually assess USPTO’s efforts to safeguard data processed by its computer systems and networks. The continuing expansion of information technology means federal agencies face ever-increasing challenges in performing their missions while providing for the security of their sensitive information. Since enactment of FISMA in 2002, agencies have spent millions of dollars to improve the security of information on their computer systems and shared via the Internet. Yet weaknesses persist and breaches continue. At USPTO, IT security is a material weakness under the Federal Managers Financial Integrity Act.
The system security certification process is supposed to provide officials with complete, accurate, and trustworthy information on a system’s security status so they can make timely, credible, risk-based decisions on whether to authorize operation. Our review of USPTO’s certification and accreditation (C&A) packages continues to find a process that does not adequately identify and assess needed security controls. As a result, authorizing officials do not have the information they need to make sound accreditation decisions.
Two USPTO packages were included in our FY 2007 review sample—one for an agency system and one for a contractor system. Both lacked sufficient evidence to confirm that operational and technical controls are in place and operating as intended, leaving the certification agents and the authorizing official without adequate information about remaining vulnerabilities. Therefore, we recommended that USPTO again report IT security as a material weakness.
Senior management officials at USPTO are keenly aware and supportive of the need for improving the IT security program. The agency’s CIO has devoted considerable personal attention and resources to improving C&A. These efforts demonstrate a high level of commitment; unfortunately, their benefits have yet to translate into C&A processes that consistently produce packages showing adequate implementation of the required baseline level of security. Our annual FISMA work has been important in gauging the nature and extent of problems and progress at USPTO, and for offering solutions to help the agency fully comply with the law.
Elizabeth T. Barlow
|< Previous Page | Next Page >|
Is there a question about what the USPTO can or cannot do that you cannot find an answer for? Send questions about USPTO programs and services to the USPTO Contact Center (UCC). You can suggest USPTO webpages or material you would like featured on this section by E-mail to the firstname.lastname@example.org. While we cannot promise to accommodate all requests, your suggestions will be considered and may lead to other improvements on the website.