Maryland tech officials lacked control of broadband project audit says

cyberspace

A new audit out of the federal BTOP broadband expansion project in Maryland shows that state technology officials lacked control over the project, adding Maryland to a group of states with troubled broadband expansion projects. CivSource previously reported on issues in West Virginia involving cost overruns, Colorado’s EAGLE-Net project is also raising questions. Seeing Maryland on this list is surprising, given the state’s history of successful and fairly large-scale technology projects.

According to an audit released by the state legislature, Department of Information Technology (DoIT) officials had issues with cash controls, contracting relationships and construction oversight. These same issues have also plagued states like West Virginia, which at one point blamed the earthquakes in Japan for being behind on their deployment timeline.

The One Maryland Broadband Network had a $158 million remit to build over 1000 miles of broadband fiber network backed by $115 million in federal money.

According to a story in the Maryland Reporter, “DoIT is ultimately responsible for successfully meeting grant objectives, but major parts of the project are being managed by sub-grantees.” This is where the problems start to arise, as the Department was unable to oversee those sub-grantees appropriately. The piece notes that one of those sub-grantees, the Inter-County Broadband Network (ICBN) managed approximately 60% of the spending on the project.

The audit also found that the compressed timeline from the point of federal award, to required federal deployment deadlines meant that DoIT picked its team from a pre-approved list of relationships thus limiting the competitiveness of the process. Internal oversight of these contracts was also lax, work orders went unsigned or unissued. Also troubling, as state agencies upgraded technologies, and moved onto cloud services access points and permissions were not closely monitored. DoIT had no way of enforcing the prohibition on storing sensitive, identifying information or monitor content on its cloud servers.