You might think that the all-consuming responsibility for an agency called the U.S. Office of Personnel Management would be managing the personnel who work for the U.S.
Unfortunately, that has proven too often to be not the case. OPM directors commonly have used some of their tenures to: (1) angle for higher-level jobs such as Cabinet positions, (2) advocate on issues favored by the White House even if they have little or no applicability to the federal workforce, or (3) campaign in support of a candidate who might help them with goals 1 and/or 2.
The most notorious of example of the third category happened when an OPM director was campaigning in sunny Florida during a presidential primary and thus was not on-site in the capital to decide whether to close agencies due to a snowstorm—the one regular action by OPM that gets attention outside federal personnel circles.
As mess-ups go that one was hard to top, but the most recent OPM director, Katherine Archuleta, managed it with the recent disclosures of massive breaches of data on federal employees—one involving personnel records, one involving security clearance background checks, both involving vast amounts of highly personal information.
If you’re the head of an operation that is going to demand its employees give you not only basic personal information such as Social Security numbers but also to be fingerprinted and to disclose mental health records, use of alcohol and illegal drugs, financial and legal troubles, contacts with foreign nationals and more, you should never take your eye off your duty to protect that information.
Yet that’s what a series of OPM directors did over two decades or so by not keeping up on cybersecurity. Many are trying to make this a partisan issue, but remember that over that period, there have been multiple OPM directors of each party, and control of the White House, the House and the Senate also bounced back and forth several times each. This was a bipartisan failure.
Yet the ship hit the iceberg while Archuleta was at the helm so she went down, the first OPM director to resign under pressure since the agency was created during the Carter administration.
She deserves some credit for recognizing, when she took over, that the cybersecurity of OPM had been neglected for too long—that is, that the ship was in treacherous waters. The problem was, she had no particular expertise in steering it out—that is, managing a huge IT project.
She never showed much urgency about it, either. Her comfort zone was in creating things like the vague “recruitment, engagement, diversity and inclusiveness” initiative, and in urging members of the public to sign up for coverage under the Affordable Care Act—an Obama administration priority, but totally separate from the health program that OPM runs for federal workers, retirees and their families.
The next OPM director, following this interim period when OMB essentially is filling the role of a guardian, almost certainly will be chosen for his or her ability to manage what likely will be a complex, costly and long-running effort to repair the damage and, finally, shut the barn door.
Which is too bad because OPM has gone too long paying too little attention to personnel management issues beyond security of personnel records. There also have been years of neglect on important issues such as the huge turnover of federal employees as baby boomers retire and the chore of moving up people qualified to replace them, plus hiring at the intake end.
How is the government doing? It’s hard to tell. Phased retirement was enacted into law three years ago to help the transitions of one group of people out and another group up, but only a few agencies are actually putting it in place, and OPM is not pressuring or even urging a broader use. There’s an opportunity for the next OPM director to show leadership.
How is OPM doing on the long-running problem of inaccurate and delayed processing of retirement applications? Under orders from Congress, OPM does report on that—monthly, in fact. The backlog is about the same as it has been for the last 18 months, even though that supposedly is one of the areas of major emphasis for automation and improvement. There’s another opportunity.
(By the way: Keeping retirement records in filing cabinets in an old mine in Pennsylvania doesn’t seem like such a bad idea anymore, does it?)
What about on the hiring end? Are agencies able to fill vacancies in high-demand occupations such as, ahem, cybersecurity? Are recruitment and retention incentives helping to make up for the difference in salaries and if they’re not, what does the government need to do differently? We don’t know; OPM hasn’t put out a report on that issue since one covering 2009.
Maybe work-life flexibility would help. Has telework been effective and how could it be improved? We don’t know; OPM’s annual report on that issue is now eight months overdue.
And that doesn’t begin to touch on issues such as the persistent reported pay gap with the private sector, the need to carry out the new self plus one option in the FEHB program, the lack of disability insurance, the lack of a meaningful connection between one’s performance and one’s compensation, the widely held view (even inside the government) that agencies don’t hold employees responsible for misconduct, and more.
Certainly the response to the cyber breaches will occupy much of OPM’s attention for the foreseeable future, and rightly so. But there’s so much personnel management that needs to be done too. It’s not too much to ask that the agency do both, is it?