DHS IT consolidation remains a high-risk challenge
House panel told inadequate oversight threatens efforts to consolidate sprawling IT infrastructure
Despite improvement in the oversight and management of multibillion-dollar IT investments within the Homeland Security Department, efforts to consolidate sprawling information infrastructures while bringing new mission capabilities online are hampered by inadequate controls, experts told a House panel Sept. 15.
“In light of the importance of the department’s mission and the significance of the challenges facing it, in 2003 we designated the implementation of the department and its transformation as a high-risk undertaking, and we continue to do so today,” Randolph C. Hite, director of IT architecture and systems issues at the Government Accountability Office, told the House Oversight Committee's Government Management Subcommittee. “Failure to effectively address DHS’ management challenges and program risks could have serious consequences for our national security.”
Elaine Duke, DHS undersecretary for management, outlined organizational changes the department has made to improve IT oversight, including establishing an Acquisition Program Management Division under the chief procurement officer, as well as an Enterprise Architecture Board to ensure programs are aligned with the department’s Homeland Security Enterprise Architecture.
“It is important to note that DHS developed and implemented all the initiatives I’ve outlined while simultaneously managing an existing information technology program that has grown exponentially in the first six years of the department,” Duke told the subcommittee.
The challenges facing DHS since its creation in 2003 have been formidable. The department consisted of about 200,000 employees from 22 existing agencies, as well as a number of new offices, each with its own separately managed networks and services that included 24 data centers.
In the past six years, it has been working to integrate wide-area network services onto a single infrastructure, dubbed OneNet, and to consolidate the two dozen data centers into two. The department plans to increase its staffing for IT and procurement by 366 positions over the next two years, and still is working to complete a migration to a Homeland Security Data Network for classified IT services and the transition of the networking to the Networx contract.
The department’s IT spending for fiscal 2009 was $6.2 billion. The lion’s share of it — $1.7 billion, more than one-quarter of the total — was for Customs and Border Protection. Spending on the departmentwide infrastructure came in next at $1.5 billion.
GAO’s Hite acknowledged DHS efforts to oversee these expenditures but also noted its shortcomings.
“The extent to which DHS has actually implemented these investment and acquisition management policies and practices on major programs has been at best inconsistent, and in many cases quite limited,” he said. “Because of these weaknesses, major IT programs aimed at delivering important mission capabilities have not lived up to expectations.”
He cited a number of programs experiencing difficulty and falling behind schedule. Full deployment of the Coast Guard’s Rescue 21 search-and-rescue communications system, intended to replace the 30-year-old National Distress and Response System, has been pushed back from 2006 to 2017. The department has spent $732 million on the program through the current fiscal year and has requested $117 million for next year.
The U.S. Visitor and Immigrant Status Indicator Technology (US-VISIT) program has had a biometric entry system operating at about 300 points of entry since 2006. But although it has been evaluating exit systems since 2004, it is not yet in place. Spending on US-VISIT has totaled $2.5 billion, and the department has requested another $356 million for next year.
A 28-mile pilot program of the SBInet “virtual border fence” is in place in Arizona, but overall initial operating capability has been delayed. That program has cost $3.6 billion so far, with another $779 million requested for next year.
“The department has continued to work to establish effective corporate IT and acquisition management controls and capabilities, but progress across these disciplines has been uneven, and more remains to be done,” Hite said. “Until DHS fully institutionalizes these controls and capabilities, it will be challenged in its ability to effectively and efficiently acquire large-scale IT systems and thereby leverage technology to support transformation and achieve mission goals and results.”