IT Group Offers 6 Questions Investigators Should Ask About Lois Lerner's Emails
The President of the International Association of Information Technology Asset Managers, a group with expertise in IT best practices, posed six questions she thinks lawmakers and the DOJ should ask about the loss of Lois Lerner's emails.
Recall that the IRS informed Congress earlier this year that nearly 2 years of Lerner's emails to outside agencies (such as the White House) were lost in a computer crash. This raised the eyebrows of investigators who note that the crash apparently happened about 10 days after a member of Congress expressed interest in the topic for which the emails were later subpoenaed. We've since learned that the email of six other individuals who may have had some relevant information were also lost.
Here are Dr. Barbara Rembiesa's 6 questions as released by IAITAM Monday. The press release was first highlighted by the Washington Post.
- What happened to the IRS's IT Asset Managers who appear to have disappeared at a key juncture? At organizations such as the IRS, the ordering of a hard drive destruction and the documenting of the process would be handled by trained IT Asset Managers — professionals with special training and certification. IAITAM's records show that at least three IT Asset Managers who were working at the IRS prior to the 13 May 2013 Inspector General Report were shuffled out from those positions around the time of that report. Investigators need to determine if these in-house IT Asset Managers were removed from the picture as the IRS email investigation heated up.
- Where is the documentation proving that Lois Lerner's hard drive was wiped or destroyed? Proper IT Asset Management requires clear proof and records of destruction when drives are wiped or destroyed. Until that documentation is provided, the hard drives should be considered lost, not destroyed.
- Were the drives destroyed by an outside vendor or firm? If so, by who, and can they verify the destruction? For federal government agencies, this kind of arrangement, in which a specialized IT Asset Destruction (ITAD) firm is called in to complete a hard drive wipe or destruction, is not unusual. If an ITAD firm was relied upon by the IRS in the case of the Lerner drives, it would add an entire second layer of documentation of the decision-making process leading up to the hard drive destruction.
- What are the IRS's specific policies and procedures on document retention when hard drives are damaged or destroyed? In large organizations, hard drives don't just get bulk erased. The IRS almost certainly has specific policies and procedures for hard drive reclamation and/or destruction. If the process was followed properly, there will documentation evidencing failed attempts to recover data from the hard drives and proper handling for destruction.
- What is the disaster recovery policy at the IRS? Data loss at large organizations is not uncommon. What would be unusual is the lack of a way for data to be recovered. Investigators need to understand exactly what the IRS would typically do in this kind of situation, if it was done, and, if not, why not.
- Where are Lois Lerner's emails from her Blackberry device? Are those secure? What is on the enterprise server? It is difficult to imagine that none of the emails in question were done on a mobile basis. If so, there may be a freestanding stream of email records that would not be impacted by the Lerner hard drive loss.
IAITAM has previous questioned the plausibility of the IRS' story about the missing emails. In a June press release President Rembiesa said, "The notion that these emails just magically vanished makes no sense
whatsoever. That is not how IT asset management at major businesses and
government institutions works in this country."