DHS Management - High Risk Issue
The Department of Homeland Security (DHS) has improved its management of acquisition, financial, human capital, and information technology (IT) functions since its creation following the September 11 terrorist attacks. However, considerable work remains in these areas.
The Department of Homeland Security was created in 2003 following the September 11 terrorist attacks. Since that time, DHS has been on GAO’s High Risk List because DHS had to combine 22 agencies—several with major management challenges—into one department. Failure to effectively address DHS’s management and mission risks could have serious consequences for U.S. national and economic security.
DHS has made considerable progress in transforming its original component agencies into a single department. However, DHS continues to face challenges in its management of four key areas:
Acquisitions. DHS’s efforts to improve the performance of its major acquisition programs are noteworthy, but the programs continue to face challenges. Issues with staffing, funding, and defining the department’s requirements (what the department needs from the tools and assets it plans to acquire) increase the likelihood that major acquisition projects will
- 1. cost more than expected—reducing DHS’s buying power; and,
- 2. take longer to complete than expected—making frontline employees wait for new capabilities.
- Human Capital. DHS has made improvements in this area but has considerable work ahead. For example, DHS is implementing a human capital strategic plan and structured workforce planning. This should better prepare DHS to fill gaps in its workforce. However, Human Capital Assessment and Accountability Framework data—a subset of the Federal Employee Viewpoint Survey—indicate that DHS employee morale has remained low relative to other government agencies. DHS has developed plans for addressing this and—after a five-year period of declining scores—has improved its scores in 2016 and 2017. DHS needs to continue to focus on improving employee morale though continued emphasis on employee engagement, among other efforts.
- Financial Management. DHS is statutorily required to obtain audit opinions on both its financial statements and its internal control over financial reporting. DHS received a clean audit opinion on its financial statements for 5 consecutive years—fiscal years 2013 through 2017. However, there are significant issues with DHS’s internal controls over financial reporting, information technology and financial system functionality, and instances of non-compliance with laws and regulations. These deficiencies hamper DHS’s ability to provide reasonable assurance that its financial reporting is reliable and the department is in compliance with applicable laws and regulations. In addition, much work remains to modernize components' financial management systems. Without sound controls and systems, DHS faces long-term challenges in obtaining a clean audit opinion on internal controls over financial reporting, and ensuring its financial management systems generate reliable, useful, and timely information to inform the department’s day-to-day decision making.
IT. In 2014, DHS established and institutionalized a robust process for reviewing each of its IT investment portfolios across the entire department, to identify potentially duplicative investments and determine the most efficient allocation of resources within each portfolio. However, for the past 2 fiscal years, DHS has not fully sustained these investment management practices, which may limit its ability to identify potentially duplicative investments and consolidation opportunities department-wide.
In 2015, DHS also shifted its IT focus from acquiring assets to acquiring services. Now, DHS’s IT work includes acting as a service broker (i.e., an intermediary between the purchaser of a service and the seller of that service). According to DHS officials, this change requires a major transition in the skill sets of DHS’s IT workforce, as well as the hiring, training, and managing of staff with those new skill sets. The department initiated a workforce planning initiative—distinct from the initiative mentioned above—to specifically identify the skills needed to support this paradigm shift and address any gaps. According to DHS officials, they plan to complete this initiative in 2019.
Additionally, DHS has taken steps to enhance its information security program, but has continued to experience security weaknesses. According to the department’s financial statement auditor, DHS had made progress in correcting its prior year IT security weaknesses. However, in November 2014—for the 14th consecutive year—the auditor designated deficiencies in IT security controls over financial systems as a weakness.
GAO-17-799: Published: Sep 26, 2017. Publicly Released: Sep 26, 2017.
The Department of Homeland Security's (DHS) TRIO project represents a key effort to address long-standing financial management system deficiencies. During 2012 and 2013, the TRIO components—U.S. Coast Guard (Coast Guard), Transportation Security Administration (TSA), and Domestic Nuclear Detection Office (DNDO)—each completed an alternatives analysis (AA) to determine a preferred alternative f...
GAO-17-284: Published: May 18, 2017. Publicly Released: May 18, 2017.
The Department of Homeland Security (DHS) has fully implemented 28 of the 31 selected Federal Information Technology (IT) Acquisition Reform Act (FITARA) action plans; however, as of December 2016, DHS did not fulfill all aspects of 3 action plans. For example, one action plan is to use an updated process for reviewing troubled programs to provide support to such programs; however, DHS has not fin...
GAO-17-346SP: Published: Apr 6, 2017. Publicly Released: Apr 6, 2017.
The Department of Homeland Security planned to spend $7 billion in fiscal year 2016 on major acquisitions—including ships, screening equipment, and surveillance technology. We reviewed 26 of DHS's major acquisition programs and found that, for the first time, they all had approved cost, schedule, and performance baselines to measure progress. DHS has taken steps to strengthen management of its...
GAO-17-409T: Published: Feb 16, 2017. Publicly Released: Feb 16, 2017.
As GAO reported in its 2017 high-risk update, the Department of Homeland Security's (DHS) efforts to strengthen and integrate its management functions have resulted in the department meeting three and partially meeting two of GAO's criteria for removal from the High-Risk List (see table). For example, senior DHS officials demonstrated exemplary leadership commitment by frequently meeting with GAO...
GAO-17-171: Published: Oct 24, 2016. Publicly Released: Oct 24, 2016.
The Department of Homeland Security plans to invest over $180 billion on major IT systems, aircraft, and other major acquisitions to help secure the nation from the many threats it faces. Who helps DHS decide how to spend all that money? DHS's Joint Requirements Council was created in 2014 to help inform investment priorities and identify, develop, and approve department needs. Given that two-th...
GAO-16-338SP: Published: Mar 31, 2016. Publicly Released: Mar 31, 2016.
During 2015, 11 of the 25 Department of Homeland Security (DHS) programs GAO reviewed remained on track to meet their current schedule and cost goals. Eight programs experienced schedule slips, cost growth, or both, including 5 programs with life-cycle cost estimates that increased by a total of 18 percent. For the remaining six programs, DHS leadership had not approved baselines establishing thei...
GAO-16-253: Published: Feb 11, 2016. Publicly Released: Feb 25, 2016.
The Department of Homeland Security (DHS) has made very little progress in implementing its Human Resources Information Technology (HRIT) investment in the last several years. This investment includes 15 improvement opportunities; as of November 2015, DHS had fully implemented only 1, see table below.Status and Planned Completion Dates for Implementing the 15 Strategic Improvement Opportunities, a...
GAO-14-228T: Published: Dec 12, 2013. Publicly Released: Dec 12, 2013.
In September 2012, GAO reported that Department of Homeland Security (DHS) employees identified having lower average morale than the average for the rest of the federal government, but morale varied across components. Specifically, GAO found that, according to the Office of Personnel Management's 2011 Federal Employee Viewpoint Survey (FEVS), DHS employees had 4.5 percentage points lower job satis...