Auditors say DHS needs systems plan, stronger CIO
The Homeland Security Department's tardy progress on an IT strategic plan, enterprise architecture, capital planning and investment control are jeopardizing billions of dollars of systems investment, GAO said.
The Homeland Security Department's tardy progress on an IT strategic plan, enterprise architecture, capital planning and investment control are jeopardizing billions of dollars of systems investment, the General Accounting Office said in a report today.
The congressional audit agency recommended that DHS restrict spending on systems projects to high-priority projects and consider increasing the authority of the CIO. Congress now is reviewing legislation that could strengthen the CIO's authority.
DHS did not dispute the auditors' findings, but in a written response gave more details about efforts to create a functional strategic plan.
GAO said CIO Steve Cooper laid the blame for delays in launching the strategic plan on insufficient staff, higher-priority demands, such as starting a departmentwide e-mail system, and near-term, high-payoff opportunities such as consolidating DHS' wireless communications.
The department has established an investment review of projects by several committees, GAO said. But because there is as yet no strategic plan, DHS agencies still are using the strategic management structures and plans they had when they joined the superagency last year. Department officials also are relying on meetings between the headquarters IT organization and component agencies to coordinate systems activities, auditors said.
The use of legacy plans simply continues various approaches that spawned the diverse systems DHS inherited, GAO said. Meetings to coordinate plans rely "too heavily on oral communication about complex IT strategic issues that are not yet fully defined, which increases the chances of misunderstanding and missed opportunities for integration," according to the report.
Nor does the CIO have authority over departmentwide IT spending, the auditors said, adding that "such control is important for effective systems integration, as shown by GAO's research on successful private- and public-sector organizations and experience at public agencies."
DHS risks having to rework billions of dollars of IT investments until it defines and implements its IT strategic framework, they said. Until there is an IT strategic plan, DHS should limit its systems investments to these categories:
- Those required by Congress
- Inexpensive, low-risk projects
- Activities that support existing systems critical to the department's missions
- Those that deploy already developed and fully tested systems
- Projects that support the creation of a DHS strategic plan for computer operations.
NEXT STORY: Northrop Grumman to build DHS geospatial systems