Barriers to Performance
One of our favorite questions when we interview officials in states and localities is this: “Please tell us the major challenges you face.”
Since that question generally elicits interesting comments, we were intrigued to see how a handful of Texas agencies answered a similar question, posed by the Texas Sunset Advisory Commission in its 46-year-old Sunset Review process.
A word of background. Over a 12-year period, Texas Sunset reviews 131 agencies in the state. As of this writing, the Sunset website has a dozen listed that are part of the current two-year assessment process, which includes a lengthy self-evaluation that can extend to hundreds of pages. According to a September 2023 description of the Sunset system in Texas, “The Sunset process shines a light on state agencies and programs to see if they are still relevant in a changing world.”
The question that we read through (for the Board of Pardons and Parole; Correctional Managed Health Care Committee; Department of Criminal Justice; Department of Information Resources; Ethics Commission and Lottery Commission) was: Are there any barriers or challenges that impede the program’s performance, including any outdated or ineffective state laws? Explain. (For readers who would like to see this for themselves, this is Question 1M, under Part VII, “Guide to Agency Programs”.)
Although the agencies we looked at are very different in scope and size, we found many of the barriers and challenges that impede program performance were similar, including the following:
Staffing Shortages: This ubiquitous 2023 issue was most prominently a problem in the Department of Information Technology and the Department of Criminal Justice, but also in the separate Board of Pardons and Parole, in which staffing shortages cause scheduling issues for hearings.
Both of the larger departments hit on the impact of inadequate staffing in multiple programs, with Criminal Justice citing staffing as a “critical challenge for “securing and retaining qualified employees and correctional staff, and warning that “continued low staffing levels” presented security risks for “those working within the facilities and in turn for the public.”
For the Department of Information Resources, problems were listed as acute, particularly in the Austin Metroplex. Shortages were cited within information technology generally, and in cybersecurity and procurement positions. The department reported that its small internal audit staff had extreme difficulty holding onto auditors, with median auditor retention of 15 months, and 40% of auditors departing after less than a year and 70% within two years – a problem that has resulted in movement to a “managed outsource model” using an internal audit manager to oversee qualified professional firms.
In addition, the increase in cybersecurity threats, coupled with staff shortages has led to a staff workload that has become overwhelming, according to the self-evaluation report, while the lack of staff and resources at the local government level, including school districts, was portrayed as a serious issue, particularly given the aggressive nature of cyberattacks.
Outdated Technology, Manual Processes and Data Issues: The incarceration of felons still depends on “many key operations (that) rely on manual processes” – a problem that also increases the need for staff. Too much paper was also a challenge listed by the Lottery Commission, which noted that in Fiscal Year 2022, its Charitable Bingo Operations Division received 10,457 paper documents, which staff had to identify correctly, log, scan and verify within the Bingo Operations Services System. That division is also dependent on snail mail, with 23,190 pieces of mail sent out in FY2022.
Within the Department of Information Resources, the Office of the Chief Data Officer experiences “disparate source systems, unclean data, lack of an automated data pipeline . . . limited data modeling for self-service reporting and a lack of resources to perform in-depth data analysis and data analytics.”
Obsolete and Ambiguous Statutes: Requirements to use “traditional, registered or certified” mail was an issue brought up by the Texas Ethics Commission – even though it noted that “email is less expensive, faster and more reliable for letting filers (of disclosure forms) know of the legal requirements.”
Statutes that require advisory board membership by organizations that no longer exist was cited by the Department of Criminal Justice, while Information Resources brought up the government code that only requires mandatory cybersecurity training for state and local employees who perform at least 25% of their duties on a computer. In the current cybersecurity climate that doesn’t make sense, given that its employees who have less computer familiarity are most vulnerable to phishing attacks and other cyberthreats.
The problem of conflicting statutes was also raised by information resources in its discussion of its procurement and contracting processes. One big challenge is ambiguity in Texas laws that outline the state’s responsibility to protect critical infrastructure when it is by private service providers, many of whom “do not have to follow cybersecurity requirements and it is not clear where statutory responsibility lies for the cybersecurity protection of critical infrastructure,” according to the self-evaluation report.
Readers who are interested in learning more about the Sunset process in Texas can check out the very lengthy (but totally fascinating) self-evaluation reports here and a description of “Sunset in Texas” here.
In addition to the above commentary on barriers to performance, this week we’re sharing three other management-related finds from our internet travels.