DHS struggles to manage billions in IT investments, GAO finds

The Homeland Security Department continues to show weaknesses in its management of major information technology investments that total more than $6 billion a year, according to testimony by an official of the Government Accountability Office.

Since it began operating in 2003, the department has had difficulties in strengthening its IT workforce and in defining and applying effective IT acquisition management policies and procedures, Randolph Hite, director of IT architecture and systems issues at GAO, told a House subcommittee today.

Even when IT acquisition policies have been created, DHS officials have not always followed the rules, Hite said. For example, GAO reviews have shown that DHS does not always conduct executive-level reviews at key milestone points of its major acquisitions. Other problems include inconsistent and ineffective use of cost and schedule estimates, requirements development, test management, performance measurement, workforce management, identification and mitigation of risk and contract tracking and oversight, he said.

“Because of these weaknesses, major IT programs aimed at delivering important mission capabilities have not lived up to expectations,” Hite told the House Government Oversight and Reform Committee's Government Management Subcommittee.

In fiscal 2009, the department managed 279 major IT investments that totaled $6.2 billion, he said. Those investments include Customs and Border Protection’s Automated Commercial Environment electronic trade data portal and the Secure Border Initiative Network (SBInet) border surveillance system. They also included DHS-wide IT infrastructure, the Coast Guard’s Rescue 21 communications system, the Transportation Security Administration’s Secure Flight program and National Protection and Programs Directorate’s U.S. Visitor and Immigrant Status Indicator Technology (US-VISIT).

DHS has stayed on GAO's high-risk list since the Bush administration created DHS, and GAO still considers that department highly vulnerable to management challenges because of the difficulties of integrating the agencies and achieving the department’s missions, Hite said.

GAO has made several reports recommending improvements to DHS’ IT acquisitions process, and the department has implemented some of the advice. The department completed 14 acquisition reviews in 2008, and 18 reviews in 2009, including reviews of SBInet, US-VISIT, and Secure Flight. Seven additional reviews are scheduled for completion by Sept. 30.

To support acquisition oversight, the chief procurement officer has identified a need for 58 additional positions. DHS’s fiscal year 2010 budget request included 10 additional full time equivalent positions for acquisition oversight support.

However, the department still is not carrying out all recommended acquisition and investment management program practices, Hite said. "Without proper management controls in place, it is unlikely that investment oversight decisions will be made consistently and will best support mission needs," he said.

DHS officials said they established the Acquisition Program Management Division in the Office of the Chief Procurement Officer last year to deal with procurement-related management issues. The department also issued a new departmental directive and related guidance in November 2008 to provide a framework for management, support and review of programs, including IT acquisitions.