[House Hearing, 109 Congress]
[From the U.S. Government Publishing Office]




 
   DEPARTMENT OF HOMELAND SECURITY INFORMATION TECHNOLOGY MANAGEMENT 
                  CHALLENGES AND THE FUTURE OF eMERGE2

=======================================================================

                             JOINT HEARING

                               before the

                 SUBCOMMITTEE ON GOVERNMENT MANAGEMENT,
                      FINANCE, AND ACCOUNTABILITY

                                 of the

                     COMMITTEE ON GOVERNMENT REFORM

                                and the

                      SUBCOMMITTEE ON MANAGEMENT,
                       INTEGRATION, AND OVERSIGHT

                                 of the

                     COMMITTEE ON HOMELAND SECURITY

                        HOUSE OF REPRESENTATIVES

                       ONE HUNDRED NINTH CONGRESS

                             SECOND SESSION

                               __________

                             MARCH 29, 2006

                               __________

                           Serial No. 109-173

                     Committee on Government Reform

                           Serial No. 109-70

                     Committee on Homeland Security

                               __________

Printed for the use of the Committees on Government Reform and Homeland 
                                Security


  Available via the World Wide Web: http://www.gpoaccess.gov/congress/
                               index.html
                      http://www.house.gov/reform


                                 ______

                    U.S. GOVERNMENT PRINTING OFFICE
29-709                      WASHINGTON : 2006
_____________________________________________________________________________
For Sale by the Superintendent of Documents, U.S. Government Printing Office
Internet: bookstore.gpo.gov  Phone: toll free (866) 512-1800; (202) 512ï¿½091800  
Fax: (202) 512ï¿½092250 Mail: Stop SSOP, Washington, DC 20402ï¿½090001

                     COMMITTEE ON GOVERNMENT REFORM

                     TOM DAVIS, Virginia, Chairman
CHRISTOPHER SHAYS, Connecticut       HENRY A. WAXMAN, California
DAN BURTON, Indiana                  TOM LANTOS, California
ILEANA ROS-LEHTINEN, Florida         MAJOR R. OWENS, New York
JOHN M. McHUGH, New York             EDOLPHUS TOWNS, New York
JOHN L. MICA, Florida                PAUL E. KANJORSKI, Pennsylvania
GIL GUTKNECHT, Minnesota             CAROLYN B. MALONEY, New York
MARK E. SOUDER, Indiana              ELIJAH E. CUMMINGS, Maryland
STEVEN C. LaTOURETTE, Ohio           DENNIS J. KUCINICH, Ohio
TODD RUSSELL PLATTS, Pennsylvania    DANNY K. DAVIS, Illinois
CHRIS CANNON, Utah                   WM. LACY CLAY, Missouri
JOHN J. DUNCAN, Jr., Tennessee       DIANE E. WATSON, California
CANDICE S. MILLER, Michigan          STEPHEN F. LYNCH, Massachusetts
MICHAEL R. TURNER, Ohio              CHRIS VAN HOLLEN, Maryland
DARRELL E. ISSA, California          LINDA T. SANCHEZ, California
JON C. PORTER, Nevada                C.A. DUTCH RUPPERSBERGER, Maryland
KENNY MARCHANT, Texas                BRIAN HIGGINS, New York
LYNN A. WESTMORELAND, Georgia        ELEANOR HOLMES NORTON, District of 
PATRICK T. McHENRY, North Carolina       Columbia
CHARLES W. DENT, Pennsylvania                    ------
VIRGINIA FOXX, North Carolina        BERNARD SANDERS, Vermont 
JEAN SCHMIDT, Ohio                       (Independent)
------ ------

                      David Marin, Staff Director
                       Teresa Austin, Chief Clerk
          Phil Barnett, Minority Chief of Staff/Chief Counsel

   Subcommittee on Government Management, Finance, and Accountability

              TODD RUSSELL PLATTS, Pennsylvania, Chairman
VIRGINIA FOXX, North Carolina        EDOLPHUS TOWNS, New York
TOM DAVIS, Virginia                  MAJOR R. OWENS, New York
GIL GUTKNECHT, Minnesota             PAUL E. KANJORSKI, Pennsylvania
MARK E. SOUDER, Indiana              CAROLYN B. MALONEY, New York
JOHN J. DUNCAN, Jr., Tennessee

                               Ex Officio
                      HENRY A. WAXMAN, California

                     Mike Hettinger, Staff Director
               Tabetha Mueller, Professional Staff Member
                          Erin Phillips, Clerk
            Adam Bordes, Minority Professional Staff Member

                     COMMITTEE ON HOMELAND SECURITY

                   PETER T. KING, New York, Chairman
DON YOUNG, Alaska                    BENNIE G. THOMPSON, Mississippi
LAMAR S. SMITH, Texas                LORETTA SANCHEZ, California
CURT WELDON, Pennsylvania, Vice      EDWARD J. MARKEY, Massachusetts
    Chairman                         NORMAN D. DICKS, Washington
CHRISTOPHER SHAYS, Connecticut       JANE HARMAN, California
JOHN LINDER, Georgia                 PETER A. DeFAZIO, Oregon
MARK E. SOUDER, Indiana              NITA M. LOWEY, New York
TOM DAVIS, Virginia                  ELEANOR HOLMES NORTON, District of 
DANIEL E. LUNGREN, California            Columbia
JIM GIBBONS, Nevada                  ZOE LOFGREN, California
ROB SIMMONS, Connecticut             SHEILA JACKSON-LEE, Texas
MIKE ROGERS, Alabama                 BILL PASCRELL, Jr., New Jersey
STEVAN PEARCE, New Mexico            DONNA M. CHRISTENSEN, U.S. Virgin 
KATHERINE HARRIS, Florida                Islands
BOBBY JINDAL, Louisiana              BOB ETHERIDGE, North Carolina
DAVE G. REICHERT, Washington         JAMES R. LANGEVIN, Rhode Island
MICHAEL McCAUL, Texas                KENDRICK B. MEEK, Florida
CHARLIE DENT, Pennsylvania
GINNY BROWN-WAITE, Florida

         SUBCOMMITTEE ON MANAGEMENT, INTEGRATION, AND OVERSIGHT

                          MIKE ROGERS, Alabama
JOHN LINDER, Georgia                 KENDRICK B. MEEK, Florida
MARK E. SOUDER, Indiana              EDWARD J. MARKEY, Massachusetts
TOM DAVIS, Virginia                  ZOE LOFGREN, California
KATHERINE HARRIS, Florida            SHEILA JACKSON-LEE, Texas
DAVE G. REICHERT, Washington         BILL PASCRELL, Jr., New York
MICHAEL McCAUL, Texas                BENNIE G. THOMPSON, Mississippi, 
PETER T. KING, New York, Ex Officio      Ex Officio

                            C O N T E N T S

                              ----------                              
                                                                   Page
Hearing held on March 29, 2006...................................     1
Statement of:
    Williams, McCoy, Director, Financial Management and 
      Assurance, Government Accountability Office, accompanied by 
      Keith A. Rhodes, Chief Technologist, Applied Research and 
      Methods, Center for Technology and Engineering; Randolph C. 
      Hite, Director, Information Technology Architecture and 
      Systems Issues, U.S. Government Accountability Office; 
      Eugene Schied, Deputy Chief Financial Officer, Department 
      of Homeland Security; and Scott Charbo, Chief Information 
      Officer, Department of Homeland Security...................     5
        Charbo, Scott............................................    70
        Hite, Randolph C.........................................    28
        Schied, Eugene...........................................    68
        Williams, McCoy..........................................     5
Letters, statements, etc., submitted for the record by:
    Hite, Randolph C., Director, Information Technology 
      Architecture and Systems Issues, U.S. Government 
      Accountability Office, prepared statement of...............    31
    Platts, Hon. Todd Russell, a Representative in Congress from 
      the State of Pennsylvania, prepared statement of...........     3
    Schied, Eugene, Deputy Chief Financial Officer, Department of 
      Homeland Security; and Scott Charbo, Chief Information 
      Officer, Department of Homeland Security, prepared 
      statement of...............................................    72
    Thompson, Hon. Bennie G., a Representative in Congress from 
      the State of Mississippi, prepared statement of............   110
    Towns, Hon. Edolphus, a Representative in Congress from the 
      State of New York, prepared statement of...................   108
    Williams, McCoy, Director, Financial Management and 
      Assurance, Government Accountability Office, prepared 
      statement of...............................................     7


   DEPARTMENT OF HOMELAND SECURITY INFORMATION TECHNOLOGY MANAGEMENT 
                  CHALLENGES AND THE FUTURE OF eMERGE2

                              ----------                              


                       WEDNESDAY, MARCH 29, 2006

        House of Representatives, Subcommittee on 
            Government Management, Finance, and 
            Accountability, Committee on Government Reform, 
            joint with the Subcommittee on Management, 
            Integration, and Oversight, Committee on 
            Homeland Security,
                                                    Washington, DC.
    The subcommittees met, pursuant to notice, at 3:05 p.m., in 
room 2247, Rayburn House Office Building, Hon. Todd Russell 
Platts (chairman of the Subcommittee on Government Management, 
Finance, and Acountability) presiding.
    Present from the Committee on Government Reform, 
Subcommittee on Government Management, Finance, and 
Accountability: Representative Platts.
    Present from the Committee on Homeland Security, 
Subcommittee on Management, Integration, and Oversight: 
Representatives Rogers, Meek, and Jackson Lee.
    Staff present from the Committee on Government Reform, 
Subcommittee on Government Management, Finance, and 
Accountability: Mike Hettinger, staff director; Dan Daly, 
counsel, Tabetha Mueller, professional staff member; Erin 
Phillips, clerk; Adam Bordes, minority professional staff 
member; and Earley Green, minority chief clerk.
    Mr. Platts. The Government Reform Subcommittee on 
Government Management, Finance, and Accountability, joint with 
the Homeland Security Subcommittee on Management, Integration, 
and Oversight, will come to order.
    I would first like to welcome Chairman Rogers, chairman of 
the Homeland Security subcommittee, for joining us in this 
important hearing today. We will be joined shortly by ranking 
members of both committees as well. And if they have opening 
statements at that time when they join us, we will allow them 
to do so or submit them for the record.
    I am pleased to be holding this hearing with the other 
subcommittee. I want to thank Chairman Rogers and his 
subcommittee for their important work on these issues. 
Sometimes management issues are overlooked in the larger policy 
debate, but sound management is absolutely critical to the 
success of any program.
    One of the primary reasons for the creation of the 
department was to streamline processes and realize 
efficiencies. In short, to spend less on overhead and more on 
protecting America. The effective use of information technology 
is a key tool in reaching that goal, and today's hearing will 
take an important look at the initiatives now underway at the 
department.
    The success of eMerge2 has broad implications for the 
department, and the shared services model that is being 
employed will serve as an important test case for the 
Government-wide Financial Management Line of Business 
initiative being proposed by the Office of Management and 
Budget.
    Proper management of information technology, the eMerge2 
program in particular, is a top priority for our subcommittee, 
something we have followed closely for the past 3 years, and it 
is something we will continue to focus on.
    I look forward to hearing from our witnesses here today and 
appreciate the work that you all do in supporting DHS.
    [The prepared statement of Hon. Todd Russell Platts 
follows:]
[GRAPHIC] [TIFF OMITTED] T9709.001

    Mr. Platts. I now have the pleasure of recognizing the 
chairman of the Homeland Security subcommittee, Chairman 
Rogers.
    Mr. Rogers. Thank you.
    Today, we are holding a joint hearing to examine the status 
of the department's financial management resources and the 
integration of its information technology systems.
    I would first like to thank Chairman Platts and Ranking 
Member Towns for working with us on this hearing today. Our two 
subcommittees do share a common goal of strengthening the 
department's financial management while safeguarding taxpayer 
dollars.
    I would also like to welcome our panel of distinguished 
witnesses and thank them for being here today. I know you are 
busy, and it is very kind of you to take the time to be with 
us.
    When the department was formed in March 2003, it inherited 
19 different financial management systems. Through 
consolidation, that number is now down to eight. In 2004, the 
department announced a new initiative referred to as eMerge2. 
This effort would bring the entire department under one 
centralized financial management system.
    To accomplish this, DHS has spent approximately $18 million 
to begin the program, which was estimated to cost over $229 
million. Late last year, however, the department abruptly 
canceled the contract and shifted the direction of eMerge2.
    Today, we hope to hear what went wrong with the contract, 
what, if anything, the department received for its $18 million, 
and what the department plans for the future of eMerge2. We 
also will examine the steps the department is taking to 
integrate its information systems.
    I was disappointed to see, for example, that the department 
had recently received an ``F'' on the Government Reform 
Committee's annual computer security scoreboard for the 3rd 
year. Today, I hope we will find out why that grade hasn't 
improved.
    And with that, I will be happy to yield back to Chairman 
Platts, and thank you again for this joint hearing.
    Mr. Platts. Thank you, Chairman Rogers.
    And we will proceed to our witnesses. We are pleased to 
have four distinguished guests with us today as part of this 
hearing. As part of our process here of the subcommittee, we 
would ask all four of you to first stand and be sworn in.
    [Witnesses sworn.]
    Mr. Platts. Thank you. You may be seated.
    A clerk will note that the witnesses affirmed the oath.
    We are pleased to have with us, first, Mr. McCoy Williams, 
Director of Financial Management and Assurance, the Government 
Accountability Office; Mr. Randy Hite, Director, Information 
Technology Architecture and Systems, Government Accountability 
Office; Mr. Eugene Schied, Acting Chief Financial Officer, 
Department of Homeland Security; and Mr. Scott Charbo, Chief 
Information Officer, Department of Homeland Security.
    All four of your written testimonies have been submitted 
for the record. And again, we appreciate you being here with 
us.
    Mr. Williams, we are going to start with you, if you would 
like to proceed with your opening statement?

 STATEMENTS OF McCOY WILLIAMS, DIRECTOR, FINANCIAL MANAGEMENT 
AND ASSURANCE, GOVERNMENT ACCOUNTABILITY OFFICE, ACCOMPANIED BY 
   KEITH A. RHODES, CHIEF TECHNOLOGIST, APPLIED RESEARCH AND 
  METHODS, CENTER FOR TECHNOLOGY AND ENGINEERING; RANDOLPH C. 
HITE, DIRECTOR, INFORMATION TECHNOLOGY ARCHITECTURE AND SYSTEMS 
 ISSUES, U.S. GOVERNMENT ACCOUNTABILITY OFFICE; EUGENE SCHIED, 
    DEPUTY CHIEF FINANCIAL OFFICER, DEPARTMENT OF HOMELAND 
    SECURITY; AND SCOTT CHARBO, CHIEF INFORMATION OFFICER, 
                DEPARTMENT OF HOMELAND SECURITY

                  STATEMENT OF McCOY WILLIAMS

    Mr. Williams. Thank you.
    Mr. Chairmen, it is a pleasure to be here today to 
participate in this joint oversight hearing on the Department 
of Homeland Security's ongoing efforts to effectively manage 
its information technology projects.
    Today, we would like to provide our perspectives on the 
importance of DHS following best practices in developing and 
implementing its new financial management systems.
    Specifically, we would like to discuss the recurring 
problems we and others have identified in agencies' financial 
management systems development and implementation efforts, 
point out key financial management system modernization 
challenges at DHS, highlight the building blocks that form the 
foundation for successful financial management system 
implementation efforts.
    First, our work and that of the IGs over the years has 
shown that agencies have failed to employ accepted best 
practices and systems development and implementation that can 
collectively reduce the risk associated with implementing 
financial systems. These are commonly referred to as 
disciplined processes.
    In our recently issued report, we identified key causes of 
failures related to disciplined processes, such as requirements 
management, testing, and project management. As a case in 
point, we recently reported that the initial deployment of a $1 
billion Army system intended to improve depot operations was 
still not meeting users' needs. One reason was a breakdown in 
the requirements management process.
    Agencies have also faced challenges in implementing 
financial management systems due to human capital management 
issues related to strategic work force planning, human 
resources, and change management. By not identifying the right 
people with the right skills, agencies reduce their chances of 
successfully implementing and operating new financial 
management systems. For example, we identified human capital 
problems in systems projects at IRS, HHS, and VA.
    Second, DHS faces unique challenges in attempting to 
develop integrated financial management systems across the 
breadth of such a large and diverse department. DHS inherited a 
number of redundant financial management systems from 22 
diverse agencies. Among the weaknesses identified in prior 
financial audits were insufficient internal controls or 
processes to reliably report basic financial information.
    According to DHS officials, they recently decided to change 
the direction of eMerge2 project, which was supposed to 
consolidate and integrate the department's financial accounting 
and reporting systems. DHS's revised shared services approach 
will allow DHS components to choose from existing financial 
management service providers, mainly from within DHS.
    Third, based on industry best practices, we have identified 
four key concepts that we believe will be critical to DHS's 
ability to successfully complete its planned migration to 
financial management shared services providers.
    The four concepts are developing a concept of operations, 
defining standard business processes, developing a strategy for 
implementing DHS's approach across the department, and defining 
and effectively implementing disciplined processes. Careful 
consideration of these four concepts, each one building upon 
the next, will be integral to the success of DHS's strategy.
    In closing, with DHS at an important crossroads in 
implementing financial management systems, it has an excellent 
opportunity to use these building blocks to form a solid 
foundation on which to base its efforts and avoid the problems 
that have plagued so many other Federal agencies.
    This concludes our statement. We will be pleased to answer 
any questions.
    Thank you.
    [The prepared statement of Mr. Williams follows:]

    [GRAPHIC] [TIFF OMITTED] T9709.002
    
    [GRAPHIC] [TIFF OMITTED] T9709.003
    
    [GRAPHIC] [TIFF OMITTED] T9709.004
    
    [GRAPHIC] [TIFF OMITTED] T9709.005
    
    [GRAPHIC] [TIFF OMITTED] T9709.006
    
    [GRAPHIC] [TIFF OMITTED] T9709.007
    
    [GRAPHIC] [TIFF OMITTED] T9709.008
    
    [GRAPHIC] [TIFF OMITTED] T9709.009
    
    [GRAPHIC] [TIFF OMITTED] T9709.010
    
    [GRAPHIC] [TIFF OMITTED] T9709.011
    
    [GRAPHIC] [TIFF OMITTED] T9709.012
    
    [GRAPHIC] [TIFF OMITTED] T9709.013
    
    [GRAPHIC] [TIFF OMITTED] T9709.014
    
    [GRAPHIC] [TIFF OMITTED] T9709.015
    
    [GRAPHIC] [TIFF OMITTED] T9709.016
    
    [GRAPHIC] [TIFF OMITTED] T9709.017
    
    [GRAPHIC] [TIFF OMITTED] T9709.018
    
    [GRAPHIC] [TIFF OMITTED] T9709.019
    
    [GRAPHIC] [TIFF OMITTED] T9709.020
    
    [GRAPHIC] [TIFF OMITTED] T9709.021
    
    [GRAPHIC] [TIFF OMITTED] T9709.022
    
    Mr. Platts. Thank you, Mr. Williams.
    Before we move to Mr. Hite, we are pleased to be joined by 
the Homeland Security subcommittee ranking member, the 
gentleman from Florida, Mr. Meek. And I believe you would like 
to make an opening statement?
    Mr. Meek. Thank you, Mr. Chairman.
    I will make some brief comments, and I will enter the rest 
of my statement for the record.
    I am glad that both of our subcommittees have come together 
to have this hearing. This is the first time the Homeland 
Security and Government Reform Committees have had an oversight 
joint hearing as far as we know here, here at this level.
    But the fact that these two committees have come together 
today says a lot about the level of concern for Department of 
Homeland Security. I can tell you, as the ranking member of the 
oversight committee, the Homeland Security subcommittee, I am 
becoming more and more concerned with these kinds of hearings 
after the incident has happened and after the taxpayers' money 
has been wasted.
    I am also very concerned about the fact there is so much 
attrition over at the Department of Homeland Security, so that 
once you set the plan to recover or to make sure it never 
happens again, you have a whole other set of players in place. 
I am interested in learning today at this hearing how the 
corrections to make sure that the incident that has happened 
never happens again and jeopardize national security is put 
into place so that we don't have to have another hearing such 
as this one.
    This has very serious consequences for our national 
security, and I agree with many of the points that were made in 
the GAO report. Looking forward to hearing more about it.
    And with that, Mr. Chairman, I would like to just enter the 
rest of my comments for the record so that we can get the 
testimony, and we will have time for question and answers, sir.
    Thank you. Yield back.
    Mr. Platts. Thank you, Mr. Meek.
    And without objection, the rest of your testimony is 
entered into the record.
    And we will proceed, Mr. Hite, if you would like to proceed 
with your opening statement?

                 STATEMENT OF RANDOLPH C. HITE

    Mr. Hite. Thank you, Chairman Platts, Chairman Rogers, 
Ranking Member Meek.
    Let me begin by commending this subcommittee--or both 
subcommittees for holding this hearing on IT management at DHS, 
a subject that is, without question, as challenging for the 
department as it is important. Suffice it to say that while 
effective IT management is not the end all and be all when it 
comes to transforming the department, this transformation 
cannot occur without it.
    My statement today addresses the state of IT management at 
DHS and what I view as two interrelated planes. The first is 
establishing institutional or corporate-level IT management 
controls, and the second is actually managing individual IT 
programs in accordance with these controls.
    In effect, this collection of control mechanisms can be 
viewed as providing the means to desired end, that is, 
delivering systems that are on time and on budget and produce 
required capabilities and promised benefits.
    My bottom-line message is there has been mixed progress on 
these fronts. But overall, the department is not yet where it 
needs to be.
    To expand on this bottom line, let me first set the stage 
by identifying some of these institutional controls that I am 
referring to, all of which are spelled out in my written 
statement, and then focus on the department's performance thus 
far in implementing them, using key system investments as 
examples.
    One control is having and using an enterprise architecture, 
which can be viewed as a department-wide operational and 
technological blueprint that provides an authoritative frame of 
reference to guide and constrain the structure and the content 
of IT investments.
    Another is applying engineering and acquisition discipline 
and rigor when defining and designing and developing and 
testing and deploying and maintaining these IT systems.
    A third is having people with the right knowledge, skills, 
and abilities to execute all of these disciplines. And 
transcending each of these controls is an empowered Chief 
Information Officer to make it all happen.
    Over the last 3 years, we have reported on varying levels 
of progress in these areas. For example, we pointed out that 
the department's first version of its enterprise architecture 
provided a foundation upon which to build, but it was missing 
important content which limited its utility.
    Since then, the department has improved its approach to 
managing the architecture and has issued updated versions of 
it. The latest version includes some of the missing scope, and 
the department plans to keep building on this.
    We also found the department has introduced a standard 
template for capturing information about investments alignment 
with the architecture, although it has yet to document a 
methodology with explicit criteria for determining the degree 
of alignment.
    As another example, the department continues to recruit, 
hire, and train IT professionals, but has yet to develop a 
strategic approach to IT human capital management that provides 
for, first, understanding the current and needed work force 
numbers and qualifications and then pursuing explicit 
strategies for filling current and projected gaps in these 
capabilities.
    Now, concurrent with its ongoing efforts to strengthen 
corporate IT governance, the department has continued to invest 
heavily in new and enhanced systems, including IT 
infrastructure, such as shared networks, consolidated data 
centers, and IT systems better known for their catchy titles, 
such as ACE and US-VISIT and Secure Flight, to name a few.
    To the department's credit, some of these investments have 
resulted in increments of capabilities to assist DHS employees 
in doing their jobs. Examples include the initial core of a 
department-wide sensitive, but unclassified network known as 
OneNet, the entry side of US-VISIT, and the first four releases 
of ACE.
    However, other capabilities, such as the Atlas 
infrastructure initiative, the exit side of US-VISIT, and 
Secure Flight as a whole, are not operational after years of 
work.
    We have also reported that these and other IT investments 
have suffered from management weaknesses that both have caused 
problems and increased the risk of future problems.
    Examples include poor requirements definition, inadequate 
testing, limited program planning, unreliable cost and schedule 
estimating, poor security management, limited staffing, 
inadequate risk management, absence of independent verification 
validation, limited earned value, to name more than a few. Some 
of these weaknesses have been corrected on some programs, but 
others have not.
    So having said all of this, what needs to be done? Part of 
the answer lies in the litany of recommendations that we have 
made to address each of these institutional and program-
specific areas. To the department's credit, it has largely 
agreed with these recommendations, and some have been 
implemented. However, most are still works in process.
    In my view, our recommendations provide a comprehensive 
framework for strengthening DHS's IT management and increasing 
the chances that its investments will successfully play their 
roles in transforming how the department operates and how well 
it performs. We look forward to working constructively with the 
department in implementing them.
    This concludes my statement. I would be happy to answer any 
questions whenever you choose.
    [The prepared statement of Mr. Hite follows:]

    [GRAPHIC] [TIFF OMITTED] T9709.023
    
    [GRAPHIC] [TIFF OMITTED] T9709.024
    
    [GRAPHIC] [TIFF OMITTED] T9709.025
    
    [GRAPHIC] [TIFF OMITTED] T9709.026
    
    [GRAPHIC] [TIFF OMITTED] T9709.027
    
    [GRAPHIC] [TIFF OMITTED] T9709.028
    
    [GRAPHIC] [TIFF OMITTED] T9709.029
    
    [GRAPHIC] [TIFF OMITTED] T9709.030
    
    [GRAPHIC] [TIFF OMITTED] T9709.031
    
    [GRAPHIC] [TIFF OMITTED] T9709.032
    
    [GRAPHIC] [TIFF OMITTED] T9709.033
    
    [GRAPHIC] [TIFF OMITTED] T9709.034
    
    [GRAPHIC] [TIFF OMITTED] T9709.035
    
    [GRAPHIC] [TIFF OMITTED] T9709.036
    
    [GRAPHIC] [TIFF OMITTED] T9709.037
    
    [GRAPHIC] [TIFF OMITTED] T9709.038
    
    [GRAPHIC] [TIFF OMITTED] T9709.039
    
    [GRAPHIC] [TIFF OMITTED] T9709.040
    
    [GRAPHIC] [TIFF OMITTED] T9709.041
    
    [GRAPHIC] [TIFF OMITTED] T9709.042
    
    [GRAPHIC] [TIFF OMITTED] T9709.043
    
    [GRAPHIC] [TIFF OMITTED] T9709.044
    
    [GRAPHIC] [TIFF OMITTED] T9709.045
    
    [GRAPHIC] [TIFF OMITTED] T9709.046
    
    [GRAPHIC] [TIFF OMITTED] T9709.047
    
    [GRAPHIC] [TIFF OMITTED] T9709.048
    
    [GRAPHIC] [TIFF OMITTED] T9709.049
    
    [GRAPHIC] [TIFF OMITTED] T9709.050
    
    [GRAPHIC] [TIFF OMITTED] T9709.051
    
    [GRAPHIC] [TIFF OMITTED] T9709.052
    
    [GRAPHIC] [TIFF OMITTED] T9709.053
    
    [GRAPHIC] [TIFF OMITTED] T9709.054
    
    [GRAPHIC] [TIFF OMITTED] T9709.055
    
    [GRAPHIC] [TIFF OMITTED] T9709.056
    
    [GRAPHIC] [TIFF OMITTED] T9709.057
    
    [GRAPHIC] [TIFF OMITTED] T9709.058
    
    [GRAPHIC] [TIFF OMITTED] T9709.059
    
    Mr. Platts. Thank you, Mr. Hite.
    Mr. Schied.

                   STATEMENT OF EUGENE SCHIED

    Mr. Schied. Thank you, Chairman Platts, Chairman Rogers, 
Ranking Member Meek, for allowing me this opportunity to 
testify before you regarding the Department of Homeland 
Security's plans for its financial management systems and the 
future of the eMerge2 program.
    The Department of Homeland Security continues to make 
progress in improving financial management, but the progress 
admittedly does not come easy or quick.
    Our accomplishments to date reflect the rigorous effort of 
our financial management personnel and are evidenced by things 
such as the timely completion this past November of DHS's 
consolidated financial statements for the first time and the 
submission of those statements for audit, the unqualified 
opinion on the balance sheet this past year by the Customs and 
Border Protection, our work on internal controls to date, and 
OMB's A-123 implementation and implementation of the OMB A-123 
requirements, including the completion this past year of the 
GAO assessment tool used by DHS components to support the 
assertion made by the Secretary at the end of the year.
    And financial systems and accounting service successes to 
date that include, as mentioned by Chairman Rogers, the 
reduction of the number of financial service providers to date 
from 18 down to 8, a CBP and Secret Service implementation 
successful of new financial management systems, and the U.S. 
Coast Guard and FLETC becoming financial service providers to 
other components within the Department of Homeland Security.
    Particularly regarding systems, and specifically the 
department's eMerge2 program, it did not progress as we had 
originally planned, and DHS still needs to improve greatly its 
resource management systems. We have some systems that are 
aging. Others that fail to meet user requirements. Some that 
are not fully integrated between finance, procurement, and 
asset management.
    To meet these needs, rather than acquiring, configuring, 
and implementing a new system solution, as we initially started 
with the eMerge2 program, we are now looking to leverage 
investments that have already been made, both inside DHS and 
outside.
    By closely monitoring contract performance under the 
initial attempt at the eMerge2 solution implementation, we were 
able to determine really within several weeks of letting the 
initial eMerge2 task order that we had issues with how the 
project was progressing.
    We determined that the project had veered unacceptably off 
schedule, and we worked with the contractor in an attempt to 
get the project back on track. But when the risks ultimately 
were deemed to be too great, we chose to allow the blanket 
purchase agreement to expire and to retool our approach to meet 
our systems needs.
    Specifically, the primary reasons we decided to stop with 
the effort to build the new system solution include contractor 
performance issues; the challenge of undertaking a major change 
while still building the basic organizational capabilities 
within DHS to manage a project of this magnitude; consideration 
of the overall financial management issues faced by DHS, such 
as those cited in the annual financial audits; and recognition 
that recent DHS component financial systems and servicing 
successes, such as those I have just mentioned, presented 
viable alternatives to standing up a new system.
    We are now in the replanning effort of our eMerge2 effort 
to improve financial systems. We are looking at leveraging 
system investments that have been made to date, not only those 
within DHS, but also at the OMB financial management centers of 
excellence. And we are developing a 5-year plan not only for 
the improvement of financial management, but also how 
improvements in financial management services have to tie in 
with systems including internal controls and financial 
reporting.
    The eMerge2 program is an important element of improving 
financial management in DHS, but it is vital as DHS moves 
forward that the eMerge2 program not be viewed as separate from 
the larger context of financial management, which includes not 
only systems, but people and processes.
    Our efforts to fix audit weaknesses, improve financial 
management, strengthen internal controls, and modernize 
financial systems are all interrelated activities. Accordingly, 
before jumping headlong into further systems and service 
provider changes, DHS has to make sure that the prerequisite 
steps of solidifying financial management are taken.
    Central to eliminating all of DHS's reported material 
weaknesses and obtaining a clean financial statement audit 
opinion is a credible and enforceable corrective action and 
remediation process. This year, DHS is entirely revamping the 
corrective action process. It will be more standardized, and it 
will be more disciplined.
    Among our changes for this year are identifying root causes 
and underlying issues of our pervasive material weaknesses, 
particularly those involving fund balance with Treasury and 
financial reporting; formalizing a corrective action process 
through a management directive, through guidance, through 
training, then utilizing the authority from the Office of the 
Secretary to overcome cultural shifts and secure management 
commitment; leveraging an automated tool to help us track our 
corrective action process.
    We will also be partnering with the inspector general's 
office to ensure that our progress is monitored and that 
management is held accountable for the progress.
    In conclusion, while the eMerge2 program did not progress 
along the path we had originally envisioned, we managed the 
project in such a way that enabled us to minimize our risk and 
make course corrections before substantial sums of taxpayer 
dollars were expended.
    We are now moving along a path that will enable us to 
achieve our original goals of providing decisionmakers with 
critical resource management information, but at less risk to 
the Government. The new approach will also enable us to better 
incorporate needed improvements in DHS financial management 
practices into the design and rollout strategy of our new 
approach.
    Thank you again for the opportunity to testify here today, 
and I especially thank you for your leadership and continuing 
support in Homeland Security and its management programs. And I 
would be happy to answer any questions.
    Mr. Platts. Thank you, Mr. Schied.
    Mr. Charbo.

                   STATEMENT OF SCOTT CHARBO

    Mr. Charbo. Thank you, Chairmen Platts and Rogers, Ranking 
Member Meek.
    I would like to focus my comments on capital control 
processes and IT governance within the Department of Homeland 
Security.
    Currently at DHS, the IT Strategic Plan and Enterprise 
Architecture are developed from the DHS Strategic Plan, the 
Future Years Homeland Security Program [FYHSP], and the 
Secretary's Planning Priorities. These assist in framing our 
governance processes as we manage IT programs.
    The department's current IT budget is controlled and 
invested by the Capital Planning and Investment Control [CPIC] 
process. The department's enterprise architecture process, 
coupled to our CPIC process, ensures the department optimally 
invests and manages its annual budget.
    The investment strategy at the department is taking a 
review of the systems via portfolio view. These portfolios are 
managed through a Joint Resource Council [JRC], of the 
department leadership, then an IRB board, which reviews for 
major investments by each of those portfolios.
    Portfolio investments must meet specific criteria in order 
to be continuously funded. They must align to the DHS mission, 
have clear performance metrics. They must meet program and 
project control criteria as measured by earned value and 
demonstrate delivery of discrete technical capability at key 
milestones throughout the life cycle of the investment.
    In addition, the investment performance is assessed against 
the entire portfolio to ensure that budget dollars are 
allocated to initiatives that are delivering the most value to 
the mission.
    Our strategy of alignment, integration, and architecture is 
centered on the Technical Reference Model of the enterprise 
architecture. The TRM is used to establish standards and 
initial integration throughout DHS. These standards are 
enforced through the EA governance process.
    The eventual goal is to align requirements and reduce the 
number of products being used for particular functions to the 
standard products laid out in the TRM. We feel this will 
enhance information sharing as well.
    The department has the proper IT governance for its 
programs through the CPIC process and the Enterprise 
Architecture Board for the enterprise architecture. A strong 
part of this governance is the CIO Council. This consists of 
the department CIOs and the CIOs of the major components. This 
council provides a collaborative forum for DHS-wide IT 
decisionmaking, allows for the socialization of these 
decisions, and acts as the architecture board that is chaired 
by myself.
    The benefits of the council finalizing and disseminating 
the EA and CPIC processes are many fold. It aligns the 
investment decisions to the FYHSP goals and objectives, 
balances DHS resources across transformational portfolios and 
objectives, identifies redundancies in integration 
opportunities across DHS, and it maintains enterprise-level 
OMB, PMA, and congressional compliance.
    As the department moves forward with eMerge2 to achieve a 
clean financial opinion, standardization of DHS accounting 
structure and financial management business rules, processes, 
and procedures, those same principles mentioned--of proper 
program management, requirements alignment, IT governance, and 
risk mitigation--will be applied.
    Thank you. I look forward to your questions.
    [The prepared statement of Messrs. Schied and Charbo 
follows:]

[GRAPHIC] [TIFF OMITTED] T9709.060

[GRAPHIC] [TIFF OMITTED] T9709.061

[GRAPHIC] [TIFF OMITTED] T9709.062

[GRAPHIC] [TIFF OMITTED] T9709.063

[GRAPHIC] [TIFF OMITTED] T9709.064

[GRAPHIC] [TIFF OMITTED] T9709.065

[GRAPHIC] [TIFF OMITTED] T9709.066

[GRAPHIC] [TIFF OMITTED] T9709.067

[GRAPHIC] [TIFF OMITTED] T9709.068

    Mr. Platts. Thank you, Mr. Charbo, and, again, all four of 
our witnesses for your written testimony and oral statements.
    We will go into questions, and we will try to stay roughly 
to the 5-minute alternation between the Members.
    Mr. Williams, Mr. Hite, if we could start with kind of the 
big picture? And GAO has done a yeoman's job of trying to work 
with the department's agencies in putting forth the principles 
that your statement is talking about of what you need to do up 
front before moving forward with a major overhaul in your 
financial management plans.
    And yet despite your efforts, we have seen some challenges 
in how that has moved forward across the Federal Government, 
including here, where we had about $9 million spent on the 
initial eMerge2 plan and then a decision not to go that route 
and start over.
    In your combined experiences, in looking at the Federal 
Government compared to the private sector, how common what we 
are seeing in the Federal Government, whether it be DHS or we 
have seen it with DOD a number of times with huge sums--as much 
as $130 million spent before we pull the plug--how similar is 
that in the private sector, or does the private sector do a 
better job of kind of pre-planning and weighing all of those 
considerations before moving forward?
    Mr. Hite. One thing I would mention to start off is it is a 
lot easier for GAO to point out what should be done than to 
actually do it. So doing it is the harder part. So I just want 
to recognize that on the part of the department.
    But comparing public sector and private sector, a couple of 
things come to mind. One of which, similar outcomes, 
unsuccessful outcomes in the private sector are not going to 
get the publicity that they are going to get in the public 
sector. There is just not that kind of transparency that goes 
on.
    So my reading has shown that there are ample examples in 
the private sector where particularly COTS-based solutions have 
not been implemented successfully. And the reasons they have 
not been successful are pretty much the same as we found--have 
found across the board in the Federal Government.
    They deal with the fact that when--the premise or the 
supposition that is made by some when you are implementing a 
COTS solution is the product exists. All there is--all you have 
to do is implement it. What is going to take so long, or what 
is the big deal? Let us move this thing along. Let us have it 
in place and operating in a matter of months.
    But the reality of it is implementing a COTS solution is as 
difficult as it is designing and developing and implementing a 
custom solution. You still have to go through the same type of 
rigor and discipline in doing so, in clearly defining your 
requirements and making sure that they are complete and 
unambiguous that they can be, in fact, implemented properly 
within that COTS solution.
    There is a whole other issue associated with COTS 
solutions, and that is when you are buying that package, you 
are buying the embedded processes that go with that. And so, 
what you are talking about is changing the way that your 
organization does business. And so, that is a huge change 
management challenge that has to be dealt with.
    And that is not only just changing processes, but you are 
actually going to have people change their jobs, change their 
roles and responsibilities. And so, not only do you have to 
identify those kind of things, but you have to prepare the 
people for that kind of change, too. And that is something that 
you have to start doing up front.
    So that is a little bit of my perspective on the comparison 
of the two.
    Mr. Platts. Mr. Williams.
    Mr. Williams. And that is consistent with what we have 
observed also. I would agree fully.
    Mr. Platts. Mr. Schied and Charbo, looking back and I 
realize not in your exact position that you are in today, but 
your role in the department and your knowledge of how the 
initial eMerge2 plan was laid out, is there lessons learned 
that you could share with us today?
    What maybe could have been done different that would get 
you to where you are today with the shared services model 
approach that you are taking versus having spent time and money 
on the initial approach?
    And then also could you expand on what type of interaction 
up front went on between CFO's office and CIO in deciding on 
kind of the department-wide approach?
    Mr. Schied. In terms of lessons learned, I guess there were 
certainly a mix of sort of the positive and the negative.
    I think the positive was the fact that we did monitor the 
program quite closely. There was earned value management, IV&V 
quality control process in place that, again, gave us the 
warning flags literally within weeks that there was a 
divergence in where we were going. And so, enabled us to be 
able to take action and to work to try and address that before 
we got too far down the path.
    In terms of sort of going back to when eMerge2 was first 
launched, as you know, I was not in this position, and there 
was quite a period where I wasn't at Homeland Security as well, 
some of the lessons learned I think on the management side 
were, as I mentioned, first, just sort of the organizational 
capacity to be able to pull off a big project like this so 
early in the formative stages of the department.
    The amount of staffing that we had within the CFO's office. 
I joined the CFO's office literally just months after it first 
opened, and there were 20 people or so in the CFO's office at 
that time, in total. Most of them, actually, on detail.
    So I think there was some underestimation of the amount of 
management attention that is needed to produce a successful 
outcome in a project like this. And that perhaps wasn't taken--
sort of fully taken into account.
    Also, as I mentioned, eMerge2 was perhaps initially a 
little too separated from the overall realm of financial 
management within DHS in sort of recognizing some of the issues 
that existed in DHS financial management. You can't broken 
processes, ineffective processes, poor internal controls, and 
just throw them onto a new financial system and expect success.
    I think when DHS first stood up--and it really wasn't until 
the 2004 audit that we had the first sort of full scope review 
of DHS as a consolidated entity--I think by that time, it 
became obvious where some of the real internal controls and 
material weakness challenges were.
    And so, I think that sort of wasn't necessarily known at 
the outset of eMerge2, but was certainly part of what came into 
play as we went through really the past year, year and a half 
in trying to assess where we go first. There is a certain, 
again, prerequisite level of, I think, baseline operations that 
one needs to master before one sort of goes off and does 
another realm of transformation. It has been quite 
transformation enough just getting DHS pulled together, and 
those challenges still remain.
    In terms of--just before I throw it over to Scott--
collaboration, eMerge2 did go through the initial investment 
review process. It was a far probably less mature process back 
a couple of years ago when it first started than it exists 
today.
    It was actually prior to sort of the second round of 
investment review process the eMerge2 was going to go through 
basically to get the green light to move forward when it became 
obvious that the project wasn't succeeding fast enough, and 
there was no way we could take it through the investment review 
process further and expect basically permission to continue on. 
There were simply too many issues.
    So I think having that process and that discipline in 
place, knowing that you have to go before your peers on the 
Investment Review Board and justify your program and explain 
what is going on certainly makes managers accountable as to 
what they are presenting.
    Mr. Platts. Thank you.
    Mr. Charbo.
    Mr. Charbo. I would concur with what Eugene said. Coming 
into the department at the time, they asked me to take a look 
at it from a new perspective of the eMerge2 project before the 
cancellation, and I think we commented on some of the same 
points already briefed in the testimony.
    But it seemed as if, you know, there was a complex 
migration strategy of moving many variables at once, which may 
not deliver some of the outcomes.
    Our view from the IT side is not to overcomplicate things 
but assure, I think, the goal of a clean opinion in the 
accounting processes. When looking at the requirements, I think 
again it was overly complex, and I would concur with what GAO 
was stating about requirements management in this case.
    Coming from the private sector, I think we tend to make it 
a bit more simple, a bit more specific in the result. And I 
think, in this case, there were large wish lists and then not 
quite sure how to get there in the project.
    The procurement strategy as well may not have been optimal 
in that case. I think that is not unique to DHS. I think 
procurement is a challenge across the Government at the present 
time. So coming up with the right procurement strategy in this 
case is also a requirement.
    Mr. Platts. Thank you.
    And I certainly don't want to diminish the challenge of 
this effort and the timing of it, having just consolidated 22 
agencies, 170,000 employees, and all the different management 
systems, then trying to move forward. But you know, so we want 
to acknowledge that as one of the challenges in addition to the 
specific financial management aspect of the reform.
    And I guess the good news is that this process, Mr. Schied, 
that you reference that were in place to see where you were, 
that you were at that roughly $8 million to $9 million and said 
we don't want to go further, as opposed to going through that 
$229 million in total, as has happened at DOD already. And have 
the whole sum spent and then realizing it doesn't do what we 
need it to do. So those checks and balances certainly were 
important to not getting any further down the road.
    I now recognize Chairman Rogers for the purpose of 
questions.
    Mr. Rogers. I thank the chairman.
    Mr. Hite, you opened up making reference to the need for 
corporate-like institutional controls, and then you went on 
afterwards to make the point, you recognized these are easier 
things to find than to resolve.
    But in your opinion, why are we having problems finding 
corporate-like institutional controls and systems being 
implemented in DHS? Is it something inherent in the public 
system, in your view? Why isn't that happening?
    Mr. Hite. With respect to the corporate controls, even in 
an organization that has been around for a while, like, you 
know, pick your department du jour--Department of Defense--
trying to get all the different components to come together and 
want to pursue a line of strategy that is in the best interests 
of the whole as opposed to the best interests of their 
respective parts is a cultural change that has to occur.
    And this whole notion of taking an institutional approach 
to how you manage IT forces that cultural change, and there is 
an inherent resistance to it. Now you take 22 agencies----
    Mr. Rogers. But isn't there an inherent resistance, even in 
the private sector, to change, period? Why is the private 
sector able to bring that change about, and we can't see it in 
these public entities?
    Mr. Hite. I would submit that there are cases in the 
private sector where they aren't successful at bringing about 
those kind of changes, and in some cases, those institutions go 
out of business. There is the survivability of those 
organizations from a financial standpoint that is a great 
motivator. You know, fear and fear of failure is a tremendous 
motivator.
    In the Federal sector, these organizations have been around 
a long time, who came together with all the right intentions 
from a component standpoint, doing what they thought was the 
best interests of the component. To drop that because a 
department was formed and say, ``I'm willing to suboptimize 
what I am doing for the betterment of the department as a 
whole,'' would be a tough pill to swallow.
    And I think that for that kind of cultural change, a couple 
of things have to be in place. And I think there has to be, No. 
1, there would have to be stable and very strong leadership 
from the top. And there would have to be--part of that 
leadership would be a vision of how, collectively, the parts 
are going to work together for the betterment of the whole.
    And then there would have to be--from the human capital 
side, there has to be performance and accountability built in 
to how individuals are challenged, expectations are given to 
them, and how they are rewarded. And I think those would be the 
keys to the success and making that happen faster.
    I would say there is evidence that it is beginning to occur 
at the department.
    Mr. Rogers. I am anxious to see that. I mean, everything 
you described I agree with.
    But I make reference to the corporate-like reference that 
you used in your statement because one of the things I see in 
the private sector in business is people don't try to reinvent 
the wheel as much as we do and as much as we see on the Federal 
level. You find somebody that is doing something that works, 
and you replicate it.
    And DHS, Customs and Border Protection got a clean 
financial audit, and the financial management systems they have 
seem to be working. Why aren't we seeing the replication of 
that in the other agencies? What are they doing right that the 
other agencies aren't?
    Do they have a better technology? Do they have better 
software systems? Why did they get a clean audit? Why are they 
making it work and the other agencies are not? And I throw that 
to anybody. Eugene, you might want to take it first.
    Mr. Schied. I would say in the case of Customs and Border 
Protection, knowing what I do of their implementation of SAP, 
they did it, I think, in a very deliberative process, a very 
phased process.
    The financial reporting, the general ledger was, I believe, 
the last part of SAP that they stood up after they had done 
procurement and asset management. So I think that--and that is 
exactly the kind of what you described in terms of the reuse is 
what we are now looking to do.
    I want to--CBP did something. They seem to have gotten it 
right. The auditors have come in and this past year were able 
to give them an unqualified opinion on the balance sheet. We 
have some other successes within DHS.
    Over the past couple of years, the Coast Guard became the 
service provider to the Transportation Security Administration. 
They have some audit issues. But from a where do we go forward, 
you know, trying to decide whether you go for sort of the 
ultimate, which is, as Scott described, a system that sort of 
meets all your requirements, has everything that you could 
possibly want in it, versus just getting something that works 
and meets the basic needs.
    Mr. Rogers. It would seem logical to me that would be a 
success of approximation of what Scott referenced.
    Mr. Schied. Yes.
    Mr. Rogers. To find something that works and replicate it 
and then work toward to the ideal.
    Mr. Schied. Right.
    Mr. Rogers. Do you all sense that is what is happening? Do 
you all sense that is the desire of the department?
    Mr. Schied. Yes, for financial systems, and I think it is 
probably true with other systems as well. That is certainly 
where we are at.
    Mr. Rogers. Great.
    I want to shift just a minute to Mr. Williams and talk 
about human capital. We are going to be talking about that 
issue more in our subcommittee later. But you talked about the 
human capital asset problems you found.
    Well, tell me more about that. Tell me what shortcomings 
you found in the area of human capital that stood out to you.
    Mr. Williams. The bottom line in the area of human capital, 
we looked at it from the perspective of what DHS should be 
considering as they go forward in trying to implement new 
systems and, as we like to say in the financial management 
arena, achieve overall accountability of its operations.
    What we noted is that during the 1990's, there was a 
downsizing, and it was not just in the IT community, but across 
Government. You had some reductions, downsizing in the area of 
human capital. What the agency needs to do is to look at 
basically what are our needs in the area of human capital, and 
what do we currently have? And basically, we call that a gap 
analysis.
    What mix do we need? What type of experts do we need in 
these various areas in order to get the systems that we need 
and to get those systems operational? And what mix of people do 
we need to address what I consider another major component of 
trying to address this overall problem of accountability, and 
that is to put the policies and the procedures in place in 
order to produce information that is timely, reliable, and 
available for day-to-day decisionmaking.
    Mr. Rogers. Let me understand now. What you are making 
reference to was you saw system shortcomings, not shortcomings 
in human capital assets?
    Mr. Williams. Well, saying that the agency needs to look at 
what it currently has in place and come up with a strategy as 
far as what is needed and make a determination what is the gap 
between what I have and what I need in order to get to that 
goal that I am trying to achieve down the road.
    Mr. Rogers. I understand. The reason why I raised that 
issue is, it seems to me, that we have a real problem. And 
Ranking Member Meek brought it out in his opening statement. We 
have a real turnover problem in the upper levels of management 
throughout DHS. And it seems to me that is part of the reason 
why we are finding these shortcomings in not just in systems 
management, but in other areas as well.
    Mr. Williams. Yes.
    Mr. Rogers. I didn't know if you had noted that in your 
review or not?
    Mr. Williams. One of the things that we point out in the 
review or in the analysis of documents that we put together is 
that, first of all, you have to have the commitment from top 
management.
    Management has to be committed to the effort of what is 
going on in the area of trying to achieve accountability, 
trying to get systems in place, trying to improve the internal 
control environment, efforts to eliminate the material 
weaknesses that the outside auditors have reported on, efforts 
to get the agency in compliance with key laws and regulations 
that the auditors have identified, as well as reportable 
conditions that the auditors have identified.
    You need that commitment from the top, not only in words, 
but you need it in action. It needs to be a long-term 
commitment because a lot of these problems that we are talking 
about today and efforts that need to be underway in order to 
address these issues and to achieve ultimate accountability, it 
is not going to happen overnight. So you need that long-term 
commitment.
    Mr. Rogers. You are also going to have to have stability at 
the top, and we are not seeing that right now.
    Mr. Williams. That is correct.
    Mr. Rogers. I see my time is about up. So I will yield. I 
am looking forward to the next round of questions, though.
    Thank you, Mr. Chairman.
    Mr. Platts. Thank you, Chairman Rogers.
    I would like to recognize we have been joined by the 
gentlelady from Texas, Ms. Jackson Lee. Thank you for being 
part of the hearing, and I now recognize Ranking Member Meek 
and then Ms. Jackson Lee.
    Mr. Meek. Thank you, Mr. Chairman.
    I guess this is for our Chief Financial Officer. I know 
that you are acting at this time, Mr. Schied. I am assuming you 
are acting, and someone is holding confirmation at this point. 
Am I correct?
    Mr. Schied. Yes.
    Mr. Meek. OK. I appreciate your service. You mentioned 
something about 2 years at the department?
    Mr. Schied. I was actually at the department for a year 
when it first stood up, as the budget officer. I left for a 
year and then chose to come back.
    Mr. Meek. Good for you. But good for, hopefully, a little 
consistency there. We keep sending that message, but it is 
something that we have to deal with in our subcommittee with 
the department to try to make sure that folks are able to have 
an opportunity to stay at the department.
    Mr. Williams, you spoke in a very eloquent way that it has 
to be a commitment from the top. But as we have the revolving 
doors, and I just want to share with the committee this article 
that was in the USA Today of the ``Brain Drain Hits Homeland 
Security.'' And it talks about not just analysts leaving, but 
individuals that are sitting at this table making decisions and 
making statements before Congress.
    I want to just--I guess, Mr. Schied, if I could--ask you a 
question. You mentioned something about the eMerge2. You say 
you pulled the plug on it. You used that term ``pulled the 
plug'' before a lot of money was spent.
    How much money was spent? Because I am a little confused. I 
have in your written testimony here, it says that the total 
expenditure on eMerge2 contract with BearingPoint under the 
implementation of BPA--I guess that is the acronym for it--was 
$8.9 million.
    And then in a letter that was sent yesterday afternoon in 
response to Chairman Rogers and my letter that was dated on 
February 8th, on the second page, it says that the first phase 
of the Program 1, $9.4 million was spent, and then after that, 
the $8.9 million was spent on 2 for a total expenditure of 
$18.3 million. Is that correct, sir?
    Mr. Schied. That is correct. There were two phases of the 
project. The first phase was largely a requirements phase, and 
that was the $9.4 million that went to a couple of different 
contractors, and then $8.9 million was under the blanket 
purchase agreement.
    Mr. Meek. OK. Since your letter is not in the record, it 
was sent yesterday. I got it yesterday, and I believe the 
chairman got it yesterday. It was not in the record, I just 
wanted to make sure that was a part of our record here.
    Mr. Platts. Without objection, it is included.
    Mr. Meek. Thank you. Thank you, sir.
    Also, I guess one of the reasons why I wanted to get into 
that area because of the attrition rate at the department. We 
are going to have a new-found commitment to making sure that 
this works.
    I know that, Mr. Charbo, you have this council that you sit 
down with, with your other Chief Information Officers or 
information office at the Department of Homeland Security. I am 
going to give you some level of comfort, if you ask for it or 
not.
    In our subcommittee markup that we just had under the DHS 
Management Operations Improvement Act, we gave you line 
authority. Because I believe reading this report that I am 
looking at here, that is what needs to happen. You have to have 
the authority to be able to carry out the mission, and I am 
concerned about that.
    And Mr. Charbo, if I can ask you a question, under your 
existing--because we have legislation moving through the 
process that will--it is not about you. It is about your 
position. Giving you that line authority, will it help you 
implement the recommendations that the GAO has spent a lot of 
time on in pointing out?
    Mr. Charbo. It will. I mean, it will take some of the 
arguments away.
    Mr. Meek. I think what is important now is for, hopefully, 
the department above your, I guess, pay grade to embrace that 
philosophy that you just answered. I am glad you answered 
truthfully because if someone was to ask me do I want line 
authority, I would say yes because I want to lead, and I don't 
want to do it by committee.
    And I think it is important for us to be able to carry it 
out if we are going to implement any of these. I mean, what is 
happening right now and I think the reason why we have the 
attrition we have, Mr. Chairman, is the fact that folks are 
doing things by committee. And it is just not going to evolve.
    Now there was another point in the report that I may want 
to come back to, since we only have a few Members here, that 
would allow us to deal with the question, it was in the 
report--and I guess it is for the GAO, whichever one of you 
wants to answer it--on page 11 that talks about fixing 
requirements dealing with the system costs, anywhere from 10 to 
100 times more cost. I'm sorry. Ten to 100 times the cost of 
fixing it when requirements are defined.
    Do you know what I am referring to, sir?
    Mr. Williams. Yes.
    Mr. Meek. I want you to kind of elaborate on that because I 
do have a question after that, if you could?
    Mr. Williams. OK. We will get our chief technologist to 
talk to that particular point.
    Mr. Platts. Do you want to state for the record--and 
actually, Mr. Rhodes, could we have you stand and take the 
oath?
    [Witness sworn.]
    Mr. Platts. OK. The clerk will reflect an affirmative 
answer. Thank you.
    Please proceed.
    Mr. Rhodes. Mr. Meek, the variation is you have to think 
about software development sort of like you are firing a 
missile, and you are not directly aiming at your target, but 
you are going to do these course corrections along the way. 
Well, if you are trying to hit your target and you don't do any 
adjustments until later on, then you have to burn up a 
tremendous amount of fuel to hit your target.
    Well, here is the same situation. If you don't get clear 
definition of your requirements up front and certainly if you 
wait further on to where you are actually in final system 
integration or certainly if you are in deployment or in 
operations, then it takes a tremendous amount of money per line 
of code to fix it.
    And the greater concern associated with that is the 
problems that you introduce trying to fix things that arise. 
You fix one problem and make five more. So it is not just that 
one problem now costs you a lot more money. It is that problem, 
plus the other five you made now cost you a lot of money. You 
have to fix it up front rather than on the back end.
    Mr. Meek. OK. Well, that comes down to the implementing of 
the program, especially under our new way of doing business, I 
would assume, at the department.
    Mr. Rhodes. Absolutely.
    Mr. Meek. So that is so very, very important. I see that my 
time has expired.
    Hopefully, Mr. Chairman, we may get another round of 
questioning, and I can get a little further clarification. But 
thank you for that explanation. I yield back.
    Mr. Platts. Thank you, Mr. Meek. And we do plan to come 
back around.
    And before we move on to Ms. Jackson Lee, the previous 
witness, Mr. Keith Rhodes's title, Chief Technologist at the 
Government Accountability Office. So that we have that in the 
record.
    Thank you. Ms. Jackson Lee.
    Ms. Jackson Lee. Thank you very much, Mr. Chairman.
    That is about the way I feel. Let me go back to just an old 
contract that may be just that because it is in the history. 
And I just wanted to find out when the blanket contract was 
given to BearingPoint and SAIC, two of them, it looks like one 
was given in 2003, and then a subsequent one was given, and it 
was subsequently put on hold. After less than a year, however, 
the CFO put eMerge2 on hold.
    Did any of these contracts have performance provisions to 
them? Who can answer that? Measuring sticks of their 
performance? What is the terminology of a blanket contract?
    Mr. Schied. That is a blanket purchase agreement.
    Ms. Jackson Lee. Right.
    Mr. Schied. That meant that there was going to be an 
overall $220 million project or $229 million project divided up 
into specific task orders. And in the case of the blanket 
purchase agreement for eMerge2, we had a first task order. It 
was a firm fixed-price task order for $20 million. There were 
specific----
    Ms. Jackson Lee. And so, it was task specific? You do this 
task for $20 million?
    Mr. Schied. It was actually a series of tasks, a series of 
deliverables. And there was a schedule associated with that, 
and it was that each of the tasks in the various schedule that 
BearingPoint was to follow that allowed us to track their 
progress and to know in a fairly short amount of time that 
there was a divergence between their performance and what the 
contract called for.
    Ms. Jackson Lee. And did you all track the performance?
    Mr. Schied. Yes, ma'am.
    Ms. Jackson Lee. And what did you find? So, in essence, you 
had performance standards? I mean, what did you have to assess 
whether the work was being done and done timely?
    Mr. Schied. There was a project plan that identified 
everything that was supposed to be done under the contract. And 
then as products were delivered, they went through an 
acceptance process by the Government to determine whether or 
not the products that were being submitted met what was called 
for under the contract.
    Ms. Jackson Lee. I guess we don't have an IG here. Is there 
someone that believes that was this an effective approach, Mr. 
Schied? Was this an effective approach?
    Mr. Schied. Oh, I would say that it was in that we, again, 
quickly found out that there were problems, that the products 
that were being delivered weren't on time. They weren't 
acceptable. There is actually a chart that looks like this that 
we used to track the progress, and you will see a fair amount 
of red there. That indicated that there wasn't success that we 
had expected.
    So that, again, we, within a matter of weeks, realized it 
was not going right, called essentially at first a timeout. 
Ultimately decided that we were going to abandon that task 
order altogether. And rather than pay the $20 million, which is 
probably what costs were incurred, we wound up paying under 
this particular task order $6 million, which was the value of 
the products that we had ultimately accepted.
    Ms. Jackson Lee. Was this a settlement without court? Was 
this an internal, inner response that you got working with the 
company, saying that they had not performed?
    Mr. Schied. Yes. Correct.
    Ms. Jackson Lee. And so, the only amount that you paid was 
$6 million?
    Mr. Schied. Well, there were a couple of different 
contracts. And under this blanket purchase agreement, there 
were two different task orders.
    Ms. Jackson Lee. So you total up to what?
    Mr. Schied. Again, under this particular task order or 
under the blanket purchase agreement, this one was $8.9 
million.
    Ms. Jackson Lee. OK. So let me just in the course of that 
backdrop, are you now prepared to describe how eMerge2 the 
contract will be designed and awarded to ensure the best value 
for the taxpayer?
    For example, will the contract be open to full and fair 
competition? And how do you plan to structure the contract to 
ensure that the contractor delivers on time at or below cost? 
And are you somewhere in this process where the Homeland 
Security and the merger of all these different accounts can 
finally get a hold of the enormous stream of money that seems 
to be pouring out with no supervision, no checks and balances?
    Mr. Schied. At this point, we are going through a 
replanning phase. I believe at this point, we have abandoned 
any notion that we are going to go back and rebid that 
contract, that blanket purchase agreement that we had initially 
entered into.
    We are taking a totally different path. We are looking at 
reusing investments that have already been made, either through 
the OMB lines of business or leveraging existing investments 
that have been successfully implemented within DHS.
    I don't see that there is going to be another contract like 
there was with BearingPoint. We have decided to go a different 
route. We believe it will be less risk and less costly.
    Ms. Jackson Lee. But I am sorry. Can I just hear the 
different route that you are going?
    Mr. Schied. Oh, certainly. We are going through each--there 
is a DHS--when eMerge2 was initiated, at that time, looking 
across the systems that were in place within DHS, there were 
notable weaknesses in all of the systems. None of them 
completely met, for example, the JFMIP requirements.
    Since DHS came together in 2003 and since eMerge2 was 
initiated in 2003, there have been a number of changes. OMB has 
endorsed a lines of business approach. Customs and Border 
Protection has implemented successfully a core financial 
system. The Coast Guard has upgraded their core system and 
taken on the role of a service provider. The Secret Service has 
implemented a new system.
    So the environment has changed quite a bit since we 
initiated eMerge2. So it was a combination of factors of not 
being successful with where we were going with eMerge2 and 
seeing that the environment changed and there were 
opportunities that we could leverage that is taking us a 
different direction.
    Ms. Jackson Lee. Mr. Chairman, I thank you for the 
indulgence. I was going to ask for an additional 1 minute. I 
was going to ask unanimous consent for an additional 1 minute.
    I would just say to you that I know that the hearing has 
been going on for a while. I was in a Science Committee 
hearing. So I am directing this to the attention of the 
chairman.
    The gentlemen here are certainly fine public servants, but 
I am just shocked at the repetitiveness of what keeps coming up 
about expenditures. I know this is on one particular area, and 
I hear the acting director, and I appreciate his commentary. 
But $20 million was already spent, and they had to just let 
that go.
    In New Orleans, that is a separate story, but I think this 
is an important, enormously important challenge that we have, 
and I don't know how we are going to complete it. But 
certainly, there needs to be a great deal more work because 
money just seems to be spilling out with no accountability.
    And I don't know if bells are ringing, but let me just pose 
a question that maybe we can get--there are reports here, I 
understand that. But maybe we can get, at least pointedly on 
this issue, is just what money we lost? What money has been 
wasted in sort of a lump sum?
    And I yield back.
    Mr. Platts. Thank you, Ms. Jackson Lee. Appreciate the 
challenge here with schedules of us having to be at three or 
four different spots at once throughout the day.
    We did have earlier testimony about the sums, the $8.9 
million, and in the written testimony that goes into some 
detail of how it was spent. And certainly if there is a 
specific followup question you would like to submit, we will be 
keeping the record open for 2 weeks as well, if there is 
something more specific you would like them to provide.
    I want to pick up kind of where we were there with Ms. 
Jackson Lee on the cost and certainly in the intent of this 
hearing is to learn of what has transpired and, as asked 
earlier, what lessons have been learned and, hopefully, what 
knowledge has been gained, even though you haven't gone forward 
with the department-wide eMerge2 program. What did you learn 
from the dollars spent that you can now put to good use with 
the new approach?
    And so, that we are being responsible with taxpayer funds. 
And especially for this department, it is so critical because 
any dollar that we do lose is a dollar that is not available to 
actually be out there defending the country and our citizens. 
So your work is critically important to the lives of our 
citizens and to their security.
    With the new approach, originally you envisioned the 
department-wide approach, $229 million. And now with the new 
approach, is there a dollar figure? I know in the testimony we 
talk about that you have $48.4 million available in the current 
fiscal year. You have asked for an additional $18 million in 
the 2007 President's budget. So right there, we have about 
$76.5 million.
    Do you have a figure, taking this new shared services 
approach? What do you envision total cost being as compared to 
that $229 million?
    Mr. Schied. I think it would be a bit preliminary for me to 
really give you very finite estimate. Let me say in terms of 
the work that was done to date on eMerge2, there are a number 
of products that were produced under the original--under the 
money we basically already spent that will still be, I think, 
quite helpful for us going forward.
    For example, all of the requirements that were identified. 
Rather than looking to find a COTS system and to build that out 
to meet all of the requirements, it serves as a useful 
reference model when assessing other systems that are in place 
to determine what gaps there were.
    That is, what did we want? What can we get out of one of 
these existing systems? Where are the gaps, and what do we do 
about closing the gaps? Either decide that it is not that 
important or decide that we are going to conform, or obviously, 
we will need to conform to what is in place, but is there 
something about what was in the original requirements versus 
what we would be moving to that, going forward, say, if we were 
to reuse the CBP system or the Coast Guard system that we would 
want to keep an eye on to possibly upgrade at some point in the 
future?
    A lot of the costs are still going to be the same. That is, 
there was under the original eMerge2 project, there was going 
to be a data warehouse to give us greater visibility, to give 
management greater insight into information. And that will 
still be a part of the project and probably even more 
importantly so.
    The cost of cleaning up data and migrating components from 
the system we are on now to whatever the new target system will 
be, those costs will still be similar. I think in terms of 
total project range, quoted probably in the order of $150 
million to maybe $200 million.
    And so, I think it is probably less expensive than where we 
were going before. It will also be stretched out, I think, over 
a greater period of time versus where we were going before.
    Mr. Platts. On that specific point, one, my hope is I 
understand you can't give an exact figure or exact numbers, but 
in that saying it is a little preliminary, it kind of comes 
back to where we started is the hope that there is a pretty 
definitive plan of where you are going that should give you 
some guidance of what your costs are going to be as opposed to 
saying, well, we know we are going to spend $66.5 million, but 
not really know what that end cost is going to be.
    Well, that gets into the issue that we need to know that 
now, not a year from now, well, it is actually going to be $300 
million, not $150 million. So that does concern me that there 
has not been a better fleshing out of what that is going to be 
in the end.
    Mr. Schied. Well, we are still deciding just sort of who 
will be sort of clustering around. I mean, I want to reuse 
systems, but I don't know at this point whether I am sending 
everybody to one system or I am sending people to perhaps two 
different systems, if they will be inside the department or 
outside.
    That is part of the planning phase that we are going 
through now and that I foresee somewhat will depend on the 
timing of the confirmation of the next CFO, for him to be able 
to put his stamp on it. But sometime in the May/June timeframe 
is when I want to take it back through the investment review 
process.
    Scott right now controls all of my money, and he is pretty 
hard about making sure that before I spend it, I know what I am 
going to do with it.
    Mr. Platts. Well, Scott, that is a good approach. Stay 
focused on that approach.
    On the timeframe, May to June, as to when you kind of think 
you will have that plan and come back to that review, you 
talked about it may be over a longer period of time because 
originally, in the original plan, it was by this year, 2006----
    Mr. Schied. Right. We would be up on that.
    Mr. Platts [continuing]. We would have that department-wide 
plan. So now we are kind of starting over. Do you have a 
timeframe that you believe you are going to be able to pursue?
    Mr. Schied. Well, I mean, it is complicated by, again, our 
recognition of simply the challenges we face in terms of 
improving financial management in DHS. Most of the--many of 
sort of the first wave of components that were to migrate to a 
new system are currently being serviced by Immigration and 
Customs Enforcement. They contribute in a fairly significant 
way to the material weaknesses that we have in the department.
    Mr. Platts. Right.
    Mr. Schied. I walk the line between how fast I can say get 
their customers off their system and being serviced by somebody 
else and how much I need Immigration and Customs Enforcement to 
be able to fix the problems they have, which go not only to 
servicing, say, me because I am a customer of them, but also 
what supports their mission.
    I am at the point now where I have to focus probably for 
the next 18 months on Immigration and Customs Enforcement and 
the Coast Guard, improving their material weaknesses and 
improving controls before we are really ready about moving 
people onto different systems.
    Not to say that a lot of the work can't happen--there is 
work that can happen concurrently. We are not going to be 
sitting around for 18 months, figuring out what we are going to 
do with eMerge2. But it is not going to be like a September 
2006 kind of decision at this point.
    Mr. Platts. And you touch on exactly where I was going to 
go next. I am going to wait until we come back around to the 
next round. But on those centers and the problems that some, 
ICE and the Coast Guard already have and the ability to 
actually migrate within the department given some of the 
challenges that you have. But I will come back to that on the 
next round.
    I recognize Chairman Rogers.
    Mr. Rogers. I want to stick with Mr. Schied and go back to 
your reference to leveraging existing programs or investments. 
Tell me more about what you mean by that.
    Mr. Schied. Well, what happened over the past couple of 
years while eMerge2 was not making success, there were a number 
of successes going on within DHS. The Coast Guard became a 
service provider to TSA. That is, TSA was on Transportation's 
system. They weren't happy with that. They were going to be a 
part of the eMerge2 solution, but they wanted to move fairly 
quickly, quicker than we were going to schedule them for 
eMerge2.
    And so, they approached the department, along with the 
Coast Guard, asking to be able to move from Transportation onto 
the Coast Guard system. Both of them had been in Transportation 
together.
    But CFO Maner basically green-lighted that, allowed it to 
happen. And in 2005, TSA got not only the systems, but the 
financial services through the Coast Guard. And it was seeing 
that worked, and it seemed to work reasonably well, and seeing 
where CBP had upgraded their system or Secret Service had put 
in a system, we realized, look, other people are having some 
successes at this. We are not being that successful.
    OMB at the same time has, over the past year, promoted 
their lines of business. It really, I think, fostered a lot of 
the same kind of thinking, led us to the conclusion there are 
probably things here we can leverage.
    I mean, I now have half of the department, depending on how 
you want to measure it, on the Coast Guard, between Coast Guard 
and TSA being about half of the employees in the Department of 
Homeland Security.
    Mr. Rogers. So, in a nutshell, you are talking about 
replicating what they are doing in other agencies?
    Mr. Schied. That same idea, yes.
    Mr. Rogers. OK. Mr. Charbo, what do we get for $18 million?
    Mr. Charbo. I think--as Eugene pointed out, I think the one 
deliverable they have is the requirements baseline. That is 
reusable. That is not a short-term tasking. That is not an easy 
tasking. As has been pointed out, we have had 22 different 
systems and components that we were trying to bring in, all 
with the different wish lists of wanting to get to a different 
objective.
    So I believe what they got is that understanding of where 
those requirements are and some of the documentation it would 
take to move forward.
    Mr. Rogers. I want to go back and talk a little bit more 
about human capital. You made reference in your comments 
earlier that you were one of the people who were with the CFO's 
office when the department was originally stood up. Is that not 
correct?
    Mr. Schied. I was.
    Mr. Rogers. You were?
    Mr. Schied. Yes.
    Mr. Rogers. I am sorry. I got the wrong note on the wrong 
pad.
    What percentage of those people are still around?
    Mr. Schied. Percentage wise, very few. I mean, I could 
probably--again, there were maybe, a rough number, 20, when I 
joined, and it was shortly after DHS was stood up, actually in 
May 2003. I am guessing there is probably maybe one or two that 
are actually still within the CFO's office.
    Mr. Rogers. In your opinion, is that a significant factor 
in the problems that we are talking about here today in these 
management systems, or is that really an aside?
    Mr. Schied. I think specific to the CFO's office, it is 
somewhat an aside. I think the overall issue, sort of the 
bigger issue is just the number of people versus the turnover.
    There certainly has been turnover, and particularly with 
the office that is managing this particular project, there has 
been quite a bit of turnover, particularly since we decided to 
change direction. It is not really what the team envisioned.
    Mr. Rogers. The turnover throughout these departments, 
whether it is in the CFO's office or information systems, you 
don't think that personnel turnover is really the big reason 
why we are having problems?
    Mr. Schied. Oh, I think it does--I think it adds something 
to it. I would say particularly where we are at today versus 
where we started out, I mean, today, the CFO's office is 
somewhere between 80 and 90 staffed at versus the 20. I mean, 
when things started out, it was just very, very scantily 
staffed. Certainly some turnover does play its role, too, 
though.
    Mr. Rogers. I do think it was Mr. Charbo that made the 
point that you saw real problems in the procurement process. 
Was that you or Mr. Schied?
    Mr. Charbo. I did make the statement that----
    Mr. Rogers. Tell me about the shortcomings that you see in 
the procurement process.
    Mr. Charbo. Well, this is in general. It is awfully 
difficult to put together procurements in Government that are 
sort of focused on performance based that meet the general 
outcomes. I mean, often we have multiple procurements that 
overlap that you need to align those, integrate integrators 
toward a common goal.
    The timelines certainly are a challenge in a lot of the 
procurements. I mean, that is my perspective also coming in 
from outside of Government. I think that is a difference. You 
were asking differences earlier. I think that is a clear 
difference, and being able to make decisions and procure those 
and start the projects on a faster note.
    Finding the right vehicles, going through the processes, 
answering the questions that come in. That takes a long time, 
and that puts a burden on important key projects.
    Mr. Rogers. All right. And the last thing I want to ask 
about is this ``F'' that for the 3rd year the department has 
gotten from the Government Reform Committee's annual 
assessment, and I throw this out to anybody. Why is this 
continuing to happen?
    Mr. Charbo. Let me--I will comment on that. I think the 
first thing is, is coming into DHS, again, I changed the 
project around. You know, where we were is not where we wanted 
to be in that certification progress. I believe we had 20 
percent or less of our systems certified and accredited.
    We made it a key objective. It is one of my major 
initiatives. We had the Secretary make it one of his major 
initiatives. He wanted to make it that. We had him kick the 
project off at an IT security conference last October.
    And since that point, we are at 62 percent of our systems. 
Our goal at this point is we wanted to be at least 50 percent 
complete. So we are on target of meeting our 100 percent by the 
end of the year. That is our goal. That is our objective.
    We have made our executives accountable for that goal. They 
don't have any other performance mark. We made it real easy for 
them. Your goal is 100 percent certification and accreditation.
    So that is where we are moving toward. I think we are on 
the right plan, and we are looking to change that ``F'' next 
year.
    Mr. Rogers. Thanks a lot.
    Mr. Platts. Thank you, Chairman Rogers.
    Ranking Member Meek.
    Mr. Meek. Thank you, Mr. Chairman.
    Mr. Charbo, I want to ask you a quick question. I know that 
your predecessor, Steve Cooper, planned to develop the 
department-wide IT strategy plan. That plan was supposed to be 
released in the end of 2004. The plan still has not been 
released. Two years have passed, and the department has spent 
millions, if not billions, on technology without having a 
strategic plan.
    Do you believe that the department needs to have a 
strategic plan? And if I missed something and they do have a 
strategic plan, please share it with me.
    Mr. Charbo. We will share it with you. There is a 
department strategic plan, and our IT strategic plan does align 
with that department-wide plan. We are also in the process of 
creating a new strategic plan for IT. But we have a document 
that is our IT strategic plan, and we could share that with 
you.
    Mr. Meek. When was that document developed?
    Mr. Charbo. I believe it pre-dates myself as well. I am not 
sure of the exact publish date.
    Mr. Meek. OK. We would like to get a copy of it----
    Mr. Charbo. Sure.
    Mr. Meek [continuing]. So we will know exactly what is 
happening.
    Also, I guess this is for you, Mr. Hite. I understand that 
there was some mention of the Coast Guard and the whole 
integration, but I understand that the Coast Guard is servicing 
TSA for its financial management activities. Please explain how 
that works specifically as is each component running the same 
system, or has the same system been customized for each?
    And please explain the difference between consolidating 
them on the same system and allowing them to have similar core 
systems with customization? What impacts does it have on 
integration efforts?
    I am asking that because this is all going as we start to 
step off again to hopefully not step back in the same hole we 
just got out of. You can kind of elaborate on that a little 
bit.
    Mr. Hite. I will actually ask my colleague, who is the 
financial management expert, to respond.
    Mr. Meek. Whichever person that can answer that question 
better. We are all for the best information.
    Mr. Williams. OK. Basically, when you are talking about a 
service provider, it is similar to the National Finance Center 
that provides a payroll service for various agencies in the 
Federal Government.
    You have your operation in which you are processing 
transactions, be it accounting transactions or what have you, 
and that information is processed. You have policies and 
procedures within your organization as to how you are going to 
operate or your concept of operations. And information through 
various means is provided to the service provider. It could be 
manually, electronically, or what have you.
    That service provider would then actually process that 
financial data, that information, and produce reports and 
provide that information for the entity or the organization 
that it is providing the service for.
    Mr. Meek. So I don't think they have the same system. That 
is my question. I mean, they don't have an individual system, a 
customization. Is that needed?
    Mr. Schied. The Coast Guard and TSA do use two different 
instances of the Oracle system that the Coast Guard has in 
operation. That was part of the agreement when TSA came over. 
There were a number of improvements that they wanted to see 
made.
    Again, the Coast Guard does have a number of cited 
weaknesses. The TSA in assessing the Coast Guard system wanted 
some improvements. And if the Coast Guard--I think the Coast 
Guard, even if they didn't become a further service provider, 
very much wants to be able to standardize on the TSA instance 
of the system because I think they see it as an improvement 
over what they had, and that will just take some time and money 
for them to do that.
    I think if anyone is a service provider, they generally 
want to have a single instance of the system, the single 
version that all of their customers are serviced on rather than 
trying to operate multiple and somewhat different versions of 
the system.
    Mr. Meek. Yes. And you can see where the concern comes in. 
Even when you look at personnel issues or you look at mission, 
there are a lot of, you know, ``This is my little spot here in 
Department of Homeland Security, and don't you dare cross that 
line.''
    I mean it's almost like Mr. Charbo here, who has a great 
job. They have this council, and I don't think that there is a 
person at the head of the table who says, ``Well, we talked 
about this at the last council meeting. Why don't you have 
it?'' And no one feels a level of urgency to carry out any of 
these reports that we have.
    Mr. Chairman, I keep driving to that because we have a 
situation where taxpayers' money was wasted and national 
security was jeopardized. And you know, this is not about the 
crop report, you know, as it relates to corn or whatever the 
case may be.
    I don't want the National Corn Growers Association to get 
upset with me, but the real issue is this, is that this is 
national security. And you know, I feel and Chairman Rogers, we 
tried to address many of the management issues in our mark. But 
I think that it is important that we look at when you say 
``best practices'' or things that we have learned, I think that 
we have something to learn as policymakers.
    We believe that we have a department that we can say, 
``Well, this is the way it should be done because we are the 
representative of the American people,'' and you say, ``OK, 
fine.'' But you go back to the department, and then you have 
these little kingdoms that are out there, and they all have 
gates and drawbridges and all of those different things.
    And unless we give you the authority, which we have, in 
your case, to be able to carry out the mission and look at a 
GAO report and say, ``OK, fine. This is what we are going to 
use as our beacon of light toward improvement, then let us do 
it.''
    I don't know. Maybe I should buy lunch for you every 
Friday. I want you to stay in place so that we can get this in 
line. You know, I am joking. I am trying to be a little funny.
    But at the same time, we have to have a mission statement 
that will carry on even when the next person comes into the 
office, saying, ``Well, this is what we already have going.'' 
Because someone could look at it and say--it is like a letter 
almost. If I write a letter in my office, I hand it to my 
senior advisor. She looks at it. She changes it. It goes to the 
chief of staff. He looks at it. He changes it.
    And so, everyone starts changing this letter, and sooner or 
later, it is going to lose the original intent that I had tried 
to, I guess, share with the person I was writing the letter 
with.
    But Mr. Chairman, I believe we are going to have to address 
it because I think we have people here, people of good will who 
I know everyone at that table is for national security and for 
accountability and for saving the taxpayers money. But I think 
that we are going to have to further dig into how can we 
hopefully continue to fine-tune and sharpen?
    I think the department is a pencil and is dull, and we just 
need to sharpen it because when it is dull, it is kind of hard 
to write with. I think that is what you all are going through 
on a daily basis. We just need to get down to the bare facts of 
what is needed. That is difficult, and we understand that, but 
we don't want to have to legislate in haste.
    I think the department was, even though there was some 
thought went into it, it was a kind of ``We need to do this 
now. So let us do it.'' And now it has happened. Folks are 
getting more cemented in and in quick-drying cement, saying 
that this is the way the cookie is going to crumble. It doesn't 
work, especially when we are trying to make this happen.
    Mr. Chairman, that would be the conclusion. I won't have 
any closing statements. I wouldn't want to ask for another 
round. But I just want to thank you and Chairman Rogers for 
putting this hearing together. I think it was very insightful 
not only for me, but also for the staff that is listening.
    Some of the questions were answered. We were able to get 
some good things into the record.
    Mr. Platts. Thank you, Ranking Member Meek.
    And your point about getting to the bare facts is very 
important. And one of the things through the legislation that 
the House and Senate adopted with the department is the audit 
internal control is to try to get to that bedrock of the 
information capturing and then build from there forward. That, 
actually, I plan to get into a little bit in questions in the 
next round for myself.
    And your counsel that we really take what we learned and 
put it to action here is something that if I have the number 
right, I think GAO has done about 40 different reports in this 
general area, and the importance of the department, both our 
CFO and CIO to really lean on GAO for the knowledge they have 
as you move forward and to stay on the right track.
    The wealth of knowledge is there to be embraced and acted 
upon and to see GAO as a friendly partner, you know, to work 
hand in hand with you as you go forward.
    Ms. Jackson Lee.
    Ms. Jackson Lee. Thank you, Mr. Chairman.
    Following the line of questioning that has persisted all 
afternoon, I want to try to get to another component. Mr. 
Charbo, if you would? We know when we are talking about best 
practices and information technology, it calls for another 
component, which is the human capital.
    And I think some of my colleagues have mentioned some of 
our concern and maybe even disappointment at the seeming 
revolving door. Unfortunately, it is a very large department, 
and we are recognizing that more and more.
    When it first started, the Homeland Security Department was 
180,000 that we thought we were putting together. In the course 
of that, of course, in the merger, we are sure you lose people. 
But it seems that we have had a tough time.
    I want to know does the department now have sufficient 
information technology, human capital, the right skills to 
effectively carry out its mission now and in the future? If you 
answer yes, how do you know that DHS and the components have 
this capability? What is the analysis that has been performed 
to determine the capability? And if you don't feel we are 
there, can you explain the reasons why not and whether there is 
a plan to do so?
    And I also want Mr. Hite to comment on the human capital 
question. Mr. Schied, I would be interested in your overall 
view as to this fact that DHS did not receive a clean financial 
opinion in 2005. And we may have gone again over this, but how 
are we prospectively going to achieve that clean opinion as we 
look toward the future? And how do we give comfort to Americans 
that we are actually utilizing their tax dollars efficiently?
    Mr. Charbo.
    Mr. Charbo. I think one of the--addressing the IT human 
capital. We have a heavy contractor utilization in the 
department. So a lot of the gaps that we have done some 
analysis for, and we have prepared a plan. Even our conference 
report and the appropriation required us to produce a document 
this year that identified it, and that goes hand in hand with 
what the OMB requirement is, is to do the IT human capital gap 
analysis as well.
    So we have done that. We are identifying solutions or ways 
that we can mitigate those plans. Primarily, that is for a lot 
of the higher grade project/program management level positions. 
Some of the unique security or network administration positions 
that we have. Those are some of the areas that have been 
identified as gaps. But the tendency is to fill those with 
contract support in order to continue the systems operating and 
the mission moving forward.
    So we have done the initial analysis, and we are beginning 
to fill the gaps and publish that report.
    Ms. Jackson Lee. But are you telling me that you are using 
mostly contractors as part of the human capital?
    Mr. Charbo. At the department. At the department, a lot of 
the IT positions, which typically aren't identified as 
inherently Government, are filled with contract support.
    Now you need Government employees to supervise those 
contract employees. So, as we do the gap analysis for that, we 
have identified that solid program managers, solid IT project 
managers are areas that we need to fill in more robust.
    We look for lots of authorities in that area. Certain 
components have some direct-hire authorities. Others do not. So 
we are trying to sort of level that playing field. That is one 
of the gaps identified. That is one of the things that we would 
ask for some support in getting.
    Ms. Jackson Lee. You don't think that undermines 
institutional knowledge?
    Mr. Charbo. Using contractors?
    Ms. Jackson Lee. Yes.
    Mr. Charbo. No. I think that is the gap analysis that we 
have identified at the upper levels, the managing positions for 
IT, that is where we look for that institutional knowledge. 
There are a lot of IT positions that are administration or 
pulling cable, development. I mean, most of that is done on a 
contract basis.
    Ms. Jackson Lee. Thank you.
    Mr. Hite.
    Mr. Hite. Certainly. I will speak to strategic management 
of IT human capital at both the program level, the component 
level, and the department level because you want to do it at 
all levels. And basically, what we are talking about is 
understanding what is the suite of functions that we need to 
perform to execute this program or to execute a component's IT 
mission?
    What are the core competencies associated with those? Who 
do we have onboard now? How do they match up against those core 
competencies? Do we have an inventory of those skill sets? What 
are we going to need strategically going forward on a 
continuous basis? Where is that gap? And then what are our 
strategies for filling that gap?
    And contracting for services is part of strategy, but also 
certainly through hiring and retention and training are other 
strategies as well. Our work has shown at the program level, 
some of these large programs that we have looked at--for 
example, the ACE program--that kind of strategic approach to 
human capital management isn't going on. They recognize it. 
They intend--they have represented to us that they are going to 
work on that.
    At the component level, CBP, for example, which is the 
component that ACE resides within, that hasn't happened. They 
recognize it, and they have represented that they are going to 
work on that.
    At the department level, I look forward to seeing the IT 
human capital strategic plan that the--Mr. Charbo referenced. 
We are, by law, required to look at that once it is produced. I 
have not seen one to date. I am not aware of one.
    Ms. Jackson Lee. Thank you.
    Mr. Schied. In terms of improving on financial management 
and being able to provide some assurance, some positive 
assurance about the controls that we have in place, I guess I 
would point to a couple of initiatives that we have underway 
this year different from what we did last year.
    As you know in 2004, we had 10 material weaknesses and a 
disclaimer of opinion. And in 2005, we had 10 material 
weaknesses and a disclaimer of opinion. Obviously, something 
didn't work last year in terms of making the improvements that 
were expected. I think some improvements were made, but I was 
frustrated at the rate at which improvements have been made.
    So what is different this year? I think several things. 
First, the way we get out of the hole is through corrective 
action plans. And in all of the audit--the 10 material 
weaknesses break down to many reportable conditions, actually 
probably hundreds of specific findings that the auditors see 
when they come in and assess our financial statements.
    We have been kind of down at too low a level in trying to 
fix some of those problems. That is, you have to recognize that 
they all tie back up, and they all report back to--somehow 
relate back to the 10 material weaknesses. I think we are 
taking a more holistic approach at how to fix those.
    We are getting--and a couple of weeks ago, I wrote the 
inspector general to engage on the internal controls audit and 
identified the frustration I have and asked for their more 
active involvement this year at monitoring our corrective 
action plan process. We have changed the process itself.
    There is a management directive forthcoming that will 
identify a corrective action accountability official so that we 
have some clear lines of who is responsible for fixing which 
material weaknesses. While it may involve many different 
players, there is ultimately someone that has to be held 
accountable to fix each of the weaknesses.
    We are improving our ability to track the weaknesses so 
that, again, similar to what we had with the eMerge2 project, 
to know when are we off track, is there something we need to do 
about it? We will have a much more open system and a system 
that I believe the IG and the auditors will also look at to be 
able to track whether or not we are making the progress.
    What I found last year is you can go through, and you can 
execute the plans, and you can really get nowhere. And we want 
to certainly avoid that from coming about again this year.
    I think we are in a pretty good position to resolve a 
number of the material weaknesses this year. If we don't fully 
remediate them, I would expect that work can be done. It is 
really about probably an 18-month process to successfully 
eliminate I think all the weaknesses. We have a good chance of 
eliminating all the weaknesses. It is a lot of work, and we are 
committed.
    And the last thing I would point out, I guess, too, is most 
of the weaknesses are identified in two organizations--ICE and 
the Coast Guard. And in the past year, they have had a renewed 
commitment. I mean, there's a CFO at ICE that wasn't there 
before, a new assistant secretary. They have, you know, what 
used to be a plan that was about yea thick. It is now about yea 
thick. I mean they have put a lot more thought and effort into 
it.
    I think they have increased their staffing. Likewise, 
within the CFO's office, we have increased staffing 
particularly for the internal controls group that is going to 
be responsible for overseeing our corrective action plans. I 
think all of those things are going to make a difference.
    The Coast Guard is certainly stepping up to the challenge. 
They have a number of weaknesses that they need to fix. I got 
an e-mail a couple of weeks ago from Admiral Allen, forwarding 
me information just sort of out of the blue, showing how they 
are fixing some of their weaknesses. I mean, it is that tone at 
the top that really makes a difference as well.
    And last week, or actually it was a couple of weeks ago 
now, Admiral Allen, the Assistant Secretary for ICE, myself, 
the inspector general met with the Deputy Secretary to talk 
about progress. Those are all changes that have happened over 
the past several months and I think increase the likelihood 
that we will actually make progress and demonstrable progress.
    Ms. Jackson Lee. Wow. Thank you.
    The only question is, is that chart in the record that you 
keep holding up? Is that something that we can----
    Mr. Platts. I don't think it was in your written testimony.
    Mr. Schied. I can provide it.
    Ms. Jackson Lee. I would appreciate it.
    Mr. Platts. Without objection, we will have it entered into 
the record.
    Ms. Jackson Lee. I thank you, Mr. Chairman.
    Thank you very much, both, for the hearing.
    Mr. Platts. Thank you, Ms. Jackson Lee.
    Want to come back to the issue of the shared services and 
the center of excellence approach and first get an 
understanding that what you are envisioning with the new 
eMerge2 approach is basically in line with what OMB talks about 
with their centers of excellence, you know, line of business 
for financial management.
    And is that a correct understanding that it is one and the 
same?
    Mr. Schied. It is in alignment with, but I guess I would--I 
don't know that I could tell you it is necessarily one and the 
same. That is, basically, OMB says that their policy is that 
you will migrate to one of their particular centers of 
excellence, or you will yourself become a centers of excellence 
provider beyond your own agency.
    And OMB allows for certain exceptions to that, and I think 
we are one of the exceptions, and we are working closely with 
OMB on this. That is, we want to sort of apply a similar 
concept within DHS. I am not, at this point, interested in 
going out and selling my services to other Federal agencies.
    Mr. Platts. Now make sure, because we worked through this 
with OMB, and my staff will correct me if I get this wrong from 
our hearing with OMB, that it is exceptions, but not with the 
actual systems, the financial systems. There is a mandatory. 
You are either a center of excellence or you migrate to one. I 
think in that aspect, I thought it was mandatory that you have 
to do one or the other?
    Mr. Schied. I guess I understand it a little bit 
differently. I mean, certainly, we are not--I am not precluding 
at this point that some or I guess potentially even all of our 
systems will be met through OMB centers of excellence. I guess 
we are taking a somewhat broader approach within DHS in that 
not only do I want to migrate and consolidate systems, I am 
also interested in doing the same with the services because I 
think----
    Mr. Platts. And ideally, I think that is----
    Mr. Schied [continuing]. Hopefully that is where you will 
get the bang for the buck in terms of efficiencies, a smaller 
control environment, fewer systems, fewer processes in place.
    Mr. Platts. Are you working with OMB in assessing Customs 
and Border Patrol and Coast Guard, Federal Law Enforcement 
Training Center? Are you working with OMB in how you are 
assessing your own agencies as centers of excellence?
    Mr. Schied. We report to--at this point, we have weekly 
meetings with them, and they are monitoring our development of 
the plan. And they will have to approve whatever plan we have 
going forward.
    Mr. Platts. Are there specific agencies? I mean, the ones I 
am aware of seem to be Secret Service, Coast Guard, Federal Law 
Enforcement Training Center, and Customs and Border Protection. 
Are those the ones you are focusing on for your centers of 
excellence?
    Mr. Schied. Yes. I guess I had also just sort of--since it 
has been used several times. I don't really so much see it as 
centers of excellence, and this may be kind of splitting hairs 
a little bit. Centers of excellence could connote--if I had, 
say, multiple ones, say, CBP and Coast Guard--that they would 
be in some way sort of forever independent of each other.
    I think however we consolidate our efforts, we want to be 
able to also have a relationship between our centers of 
excellence, so it doesn't make them sound like they are islands 
unto themselves. I want to have a plan going forward. I think 
sort of a long-term vision is that we would also look for 
opportunities to have business arrangements even between the 
centers of excellence, say, one perhaps focused on one 
particular aspect of financial management, one on perhaps a 
different element.
    And in terms of centers of excellence concept, those are--
the ones you mentioned are the organizations we are 
interested--I mean, that we have been looking at so far. They 
are the ones that have the newer, relatively newer investments 
in systems.
    Or there were a couple of considerations that we looked at. 
How new is their system? How integrated is the system, that is, 
procurement, financial management, asset management?
    I think, long term, you want to drive, do as much 
integration of those systems as possible to eliminate, say, 
duplicate entry of financial information in the procurement 
system and then in the finance system, which is the case today 
in various places within DHS.
    Also their overall financial performance. FLETC, for 
example, CBP--FLETC hasn't had a stand-alone audit. We are 
having them go through that, I believe, this year for 2006. CBP 
has had a balance sheet audit this last year. They passed it. 
Next year, actually this current year, there will be a full 
scope audit.
    So we want to take into account financial performance. I 
mean, I think a financial service provider ought to be able to 
obtain certain standards of, say, excellence in order to be a 
financial service provider.
    Mr. Platts. I want to followup on that a little bit. Before 
I do, though, I wanted to check if either--did you want to make 
a statement before I continue on? Ms. Jackson Lee, before I 
continue on with some other questions, did you have other 
questions or comments?
    Ms. Jackson Lee. No. Simply to thank you, Mr. Chairman, and 
yield back to you for your questions and look forward to the 
answers of the questions that we have raised in this hearing.
    Thank you very much.
    Mr. Platts. Thank you.
    My, I guess, question or more a caution, I guess, is just 
to be working very closely with OMB on what they clearly want 
is mandatory versus what is discretionary and be able to be 
just done in-house regarding their Financial Management Line of 
Business approach.
    And in our hearing with the OMB last week, we got a little 
more delineation. But I think they still have a lot of 
questions they are trying to answer. So before you get too far 
down the path with your own entities, that you are certain are 
going to be line with what they actually are going to demand 
from you in the end.
    Mr. Schied. Certainly before we begin to execute on our 
plan, they will approve the plan.
    Mr. Platts. Let me switch to just one question on the 
internal controls audit and kind of where you stand with your 
contractor and kind of an update on the issue.
    Mr. Schied. OK. On internal controls, I mean, we have 
really, I think, over the past year have expanded our thinking 
quite a bit to not see internal controls and the financial 
audit and the material weaknesses and the corrective action 
plans and the audited financial statements as being separate 
things. They are one and the same thing.
    That is the weaknesses that the auditors find in the annual 
financial statement, they are material weaknesses. And they are 
material weaknesses that are known to us and that we are 
attacking. And so, as we go and go about assessing our internal 
controls, they are not separate processes. It is one and the 
same.
    And the way we are going about it this year is by 
identifying a couple of the pervasive weaknesses that I think 
will have ultimate ripple effects down to helping fix some of 
the other weaknesses cited by the auditors. That is financial 
reporting, financial management oversight, and fund balance 
with Treasury. Those are key weaknesses in the audit. They are 
a part of what our internal controls team is working on fixing, 
going through assessing what processes we have in place.
    By taking the internal controls sort of angle to our 
material weaknesses, it really gets us to looking at the 
systemic and root causes of the weaknesses we have in place. 
That is, we are not just trying to say put a band-aid on a 
particular weakness. We are looking at how the whole process 
works. You have to understand what process you have working in 
place to really get down to the root cause of the problems that 
you have and how you go about--how you are going to go about 
fixing it.
    I think in terms of the particular audit provision and how 
we are relating with the IG and the auditor, the IG, the 
auditor, GAO, I think also with you and your staff, have been 
kicking about what the actual audit would consist of for 2006. 
My understanding with the discussions with the IG at this point 
is that there is going to be some additional work that, in this 
case, KPMG will do in addition to just the financial statement 
audit.
    They will be looking at our internal controls and how we 
are managing them through the corrective action plan process 
that is I think the intention will be for KPMG to work with the 
IG to assess whether or not the changes that we are putting in 
place with the corrective action plan are effective. And then 
they are going to essentially periodically audit us on our 
performance against the corrective action plan as well as the 
financial statement.
    I think that, plus the ultimate statement of assurance that 
the Secretary provides at the end of the year, will perhaps 
form a basis for the IG then to provide some kind of opinion or 
express an opinion on the internal controls within DHS similar 
to what GAO does on behalf of basically the entire Federal 
Government.
    Mr. Platts. With the focus on your internal controls in 
that audit and an opinion being expressed, in-house--asked 
earlier, if I remember, by my colleagues--on the human capital 
side, do you believe you are in good shape with your own staff 
to be able to work with your contractor on the audit?
    Mr. Schied. It is certainly a growing staff. We have 
added--for 2006, Congress appropriated several new positions 
specifically to work--and that was actually the core that 
allowed us to reorganize within the financial management office 
to form a core team that will focus on internal controls and 
the corrective actions.
    I think that we have brought the staffing in just the 
finance office up to about 21 this year. I believe in the 2007 
request, there is probably eight more positions that would go 
toward the finance office as a whole and further bolster our 
efforts. So I don't think the staffing level is where it needs 
to be. The budget requests more.
    I would also say that we have put within the budget for 
2007 requests throughout DHS that the CFO's office was able to 
put. So, for example, you will see going through the budgets $1 
million requested in CBP, in FEMA, in ICE, in TSA; $2 million 
in the Coast Guard.
    It is a total of $16 million, actually almost $17 million 
that the department is looking for in 2007 specifically related 
to those internal controls and remediating the material 
weaknesses.
    So we have a good start this year. Congress provided 
additional positions and about $4 million. That, plus the 
additional $12 that we are looking for in 2007, will be able to 
expand the effort.
    Mr. Platts. And the importance of that effort, of getting 
to the root causes, as you said, is long term going to make a 
huge difference, I think, as you go forward. So we want that 
effort to succeed.
    I have three what I think will be very quick answers for 
the panel that will wrap things up here. First is just with Mr. 
Williams and Mr. Hite, in hearing testimony here today and your 
efforts day in and day out working with the department and 
taking this new approach, one of the questions earlier to Mr. 
Schied was the question of timeframe.
    Are you able to give your best guestimate on if we move 
forward as planned and are successful, when do you think we see 
the financial house in order at DHS?
    Mr. Williams. It is difficult to say at this particular 
point in time. When you look at an organization like the 
Department of Homeland Security that had 10 material 
weaknesses, 2 reportable conditions, 7 noncompliance with laws 
and regulations, you are looking at a huge organization that is 
very diverse.
    One of the things that I was glad to hear today is that 
there is a focus on the internal control issues because we, at 
GAO, have basically taken the position that achieving overall 
accountability is not just getting a clean opinion on your 
financial statements. We have known of situations where 
agencies have gotten a clean opinion on their financial 
statements on September 30th, and the books were out of balance 
on October 1st.
    The overall objective of the Chief Financial Officers Act 
was to have systems, policies, and procedures in place that 
would produce accurate, timely, and reliable information that 
could be used on a day-to-day basis.
    And I think when you get to the root causes, and that is 
addressing these internal control weaknesses--these reportable 
conditions, these other issues that would require new policies 
and procedures--in addition to just putting a new financial 
management in place, then you are getting to what the original 
intent of the Chief Financial Officers Act is.
    And a focus on the internal control environment, which is, 
as I said, what I heard today, I think is a step in the right 
direction for achieving overall financial accountability.
    Mr. Platts. And that reason for this committee and our 
efforts in pushing the importance of DHS being under the CFO 
Act and then fulfilling the goals of that act.
    Mr. Williams. That is correct. Because while the current 
administration was committed to the intent of the act, the 
overall philosophy behind the passage of the act back in 1990 
was you want a structure in place that not only is for today, 
but for 15, 20 years from today. That you are still getting 
that good accountability that we strive for.
    Mr. Platts. OK. Thank you, Mr. Williams.
    I think we are going to wrap up there, and if we do have 
any followups, we will do in writing. And any items that you 
are going to submit, we will be keeping the record open for the 
2 weeks.
    Appreciate all five of your testimonies and also your 
efforts day in and day out at GAO and at the department, and 
the work you are doing at the department certainly is about the 
safety and security ultimately of our citizens throughout the 
country.
    So, Chairman Rogers, did you have a closing comment? We 
certainly have been very pleased to partner with your 
subcommittee and look forward to continued cooperation and work 
with the department and GAO.
    This hearing stands adjourned.
    [Whereupon, at 4:57 p.m., the subcommittee was adjourned.]
    [The prepared statements of Hon. Edolphus Towns and Hon. 
Bennie G. Thompson, and additional information submitted for 
the hearing record follow:]

[GRAPHIC] [TIFF OMITTED] T9709.069

[GRAPHIC] [TIFF OMITTED] T9709.070

[GRAPHIC] [TIFF OMITTED] T9709.071

[GRAPHIC] [TIFF OMITTED] T9709.072

[GRAPHIC] [TIFF OMITTED] T9709.073

[GRAPHIC] [TIFF OMITTED] T9709.074

[GRAPHIC] [TIFF OMITTED] T9709.075

[GRAPHIC] [TIFF OMITTED] T9709.076

[GRAPHIC] [TIFF OMITTED] T9709.077

[GRAPHIC] [TIFF OMITTED] T9709.078

[GRAPHIC] [TIFF OMITTED] T9709.079

[GRAPHIC] [TIFF OMITTED] T9709.080

[GRAPHIC] [TIFF OMITTED] T9709.081

[GRAPHIC] [TIFF OMITTED] T9709.082

[GRAPHIC] [TIFF OMITTED] T9709.083

[GRAPHIC] [TIFF OMITTED] T9709.084

[GRAPHIC] [TIFF OMITTED] T9709.085

[GRAPHIC] [TIFF OMITTED] T9709.086

                                 
