[House Hearing, 110 Congress]
[From the U.S. Government Publishing Office]
AN OVERVIEW OF ISSUES AND CHALLENGES FACING THE DEPARTMENT OF HOMELAND
SECURITY
=======================================================================
FULL HEARING
of the
COMMITTEE ON HOMELAND SECURITY
HOUSE OF REPRESENTATIVES
ONE HUNDRED TENTH CONGRESS
FIRST SESSION
__________
FEBRUARY 7, 2007
__________
Serial No. 110-2
__________
Printed for the use of the Committee on Homeland Security
[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]
Available via the World Wide Web: http://www.gpoaccess.gov/congress/
index.html
__________
U.S. GOVERNMENT PRINTING OFFICE
35-261 PDF WASHINGTON : 2009
For sale by the Superintendent of Documents, U.S. Government Printing
Office Internet: bookstore.gpo.gov Phone: toll free (866) 512-1800;
DC area (202) 512-1800 Fax: (202) 512-2104 Mail: Stop IDCC,
Washington, DC 20402-0001
COMMITTEE ON HOMELAND SECURITY
BENNIE G. THOMPSON, Mississippi, Chairman
LORETTA SANCHEZ, California, PETER T. KING, New York
EDWARD J. MARKEY, Massachusetts LAMAR SMITH, Texas
NORMAN D. DICKS, Washington CHRISTOPHER SHAYS, Connecticut
JANE HARMAN, California MARK E. SOUDER, Indiana
PETER A. DeFAZIO, Oregon TOM DAVIS, Virginia
NITA M. LOWEY, New York DANIEL E. LUNGREN, California
ELEANOR HOLMES NORTON, District of MIKE ROGERS, Alabama
Columbia BOBBY JINDAL, Louisiana
ZOE LOFGREN, California DAVID G. REICHERT, Washington
SHEILA JACKSON LEE, Texas MICHAEL T. McCAUL, Texas
DONNA M. CHRISTENSEN, U.S. Virgin CHARLES W. DENT, Pennsylvania
Islands GINNY BROWN-WAITE, Florida
BOB ETHERIDGE, North Carolina MARSHA BLACKBURN, Tennessee
JAMES R. LANGEVIN, Rhode Island GUS M. BILIRAKIS, Florida
HENRY CUELLAR, Texas DAVID DAVIS, Tennessee
CHRISTOPHER P. CARNEY, Pennsylvania
YVETTE D. CLARKE, New York
AL GREEN, Texas
ED PERLMUTTER, Colorado
VACANCY
Jessica Herrera-Flanigan, Staff Director & General Counsel
Todd Gee, Chief Counsel
Michael Twinchek, Chief Clerk
Robert O'Connor, Minority Staff Director
(II)
C O N T E N T S
----------
Page
STATEMENTS
The Honorable Bennie G. Thompson, a Representative in Congress
From the State of Mississippi, and Chairman, Committee on
Homeland Security:
Oral Statement................................................. 1
Prepared Statenment............................................ 2
The Honorable Peter T. King, a Representative in Congress From
the State of New York, and Ranking Member, Committee on
Homeland Security.............................................. 3
The Honorable Marsha Blackburn, a Representative in Congress From
the State of Tennessee......................................... 34
The Honorable Christopher P. Carney, a Representative in Congress
From the State of Pennsylvania................................. 43
The Honorable Donna Christensen, a Delegate in Congress From the
U.S. Virgin Islands............................................ 36
The Honorable Charlie Dent, a Representative in Congress From the
State of Pennsylvania.......................................... 42
The Honorable Norman D. Dicks, a Representative in Congress From
the State of Washington........................................ 32
The Honorable Bob Etheridge, a Representative in Congress From
the State of North Carolian.................................... 28
The Honorable Al Green, a Representative in Congress From the
State of Texas................................................. 45
The Honorable Jane Harman, a Representative in Congress From the
State of California............................................ 24
The Honorable James R. Langevin, a Representative in Congress The
State of Rhode Island.......................................... 36
The Honorable Sheila Jackson Lee, a Representative in Congress
From the State of Texas:
Oral Statement................................................. 46
Prepared Statement............................................. 47
The Honorable Zoe Lofgren, a Representative in Congress From the
State of California............................................ 40
The Honorable Daniel E. Lungren, a Representative in Congress
From the State of California................................... 38
The Honorable Michael T. McCaul, a Representative in Congress
From the State of Texas........................................ 26
The Honorable Mike Rogers, a Representative in Congress From the
State of Alabama............................................... 22
The Honorable Loretta Sanchez, a Representative in Congress From
the State of California........................................ 21
The Honorable Mark E. Souder, a Representative in Congress From
the State of Indiana........................................... 30
Witnesses
The Honorable Richard L. Skinner, Inspector General, Department
of Homeland Security:
Oral Statement................................................. 6
Prepared Statement............................................. 8
The Honorable David M. Walker, Comptroller General of the U.S.
Government Accountability Office............................... 4
Accompanied by:
Mr. Norman Rabkin, Managing Director, Homleand Security and
Justice, Government Accountability Office.................... 42
Appendix
Response to Supplemental Questions from the Committee on Homeland
Security:
The Honorable Richard L. Skinner Responses..................... 55
The Honorable David M. Walker with Mr. Norman Rabkin Responses. 67
AN OVERVIEW OF ISSUES AND CHALLENGES FACING THE DEPARTMENT OF HOMELAND
SECURITY
----------
Wednesday, February 7, 2007
U.S. House of Representatives,
Committee on Homeland Security,
Washington, DC.
The committee met, pursuant to call, at 1:05 p.m., in Room
311, Cannon House Office Building, Hon. Bennie Thompson
[chairman of the committee] presiding.
Present: Representatives Thompson, Sanchez, Dicks, Harman,
Lofgren, Jackson Lee, Christensen, Etheridge, Langevin,
Cuellar, Carney, Clarke, Green, Perlmutter, King, Lungren,
Rogers, McCaul, Brown-Waite, Blackburn, Bilirakis, and Davis of
Tennessee.
Chairman Thompson. [Presiding.] The Committee on Homeland
Security will come to order.
The committee is meeting today to receive testimony on an
overview of issues and challenges facing the Department of
Homeland Security.
Today we will hear testimony from two distinguished
witnesses. Combined, they have written hundreds of reports
detailing the problems and challenges facing the Department of
Homeland Security.
From the outset, it was clear that the transformation of 22
agencies into one unfulfilled department would be a major
challenge. But we expected that by the fourth year of this
endeavor the department would be well on its path to stability.
Regrettably, instead, DHS seems to be wandering aimlessly
toward an uncertain destination.
Is it because of DHS's importance to our nation's security
that we must now allow basic problems or organizational
structure and administrative weaknesses to continue to hamper
its ability to accomplish its mission? Unfortunately, that is
what appears to be happening.
In Hurricane Katrina we saw firsthand that the failure to
get routine management, procurement and financial assistance
under control can and does hinder and sometimes even halts the
ability of this agency to get the job done. The kind of
dysfunction that occurred in response to Hurricane Katrina
cannot become standard practice for this department.
It will take an aggressive oversight to get DHS on track.
Our combined efforts--Congress's, the GAO's and the inspector
general's--are vital if the department is to become the kind of
agency the American people deserve.
And that is the purpose of today's hearing, to have a frank
discussion about the areas this committee needs to focus on
during the 110th Congress.
Let me just say I am troubled that the department is on
GAO's 2007 high-risk list, but I have to admit that it comes as
no surprise. The department was on the last high-risk list
published in 2005.
However, I am surprised to learn that the department has
not even taken the first step to get off the list. They have
not provided GAO with a complete corrective action plan.
On Friday, Mr. Chertoff will be here. I intend to ask him
when corrective action plans will be provided to GAO. I know
that writing these plans may be hard, but every journey must
start with a single step.
I am concerned that the IG has repeatedly found problems
with the department's financial management. This department has
never produced a clean financial statement. The American
taxpayers expect a federal agency to be able to report how it
is spending our money. I think we in Congress share that
expectation.
I look forward to hearing the testimony of our witnesses
today.
The chair now recognizes the ranking member of the full
committee, the gentleman from New York, Mr. King, for an
opening statement.
Prepared Statement of the Honorable Bennie G. Thompson, Chairman,
Committee on Homeland Security
Today we will hear testimony from two distinguished witnesses.
Combined, they have written hundreds of reports detailing the problems
and challenges facing the Department of Homeland Security.
From the outset, it was clear that the transformation of 22
agencies into one unified Department would be a major challenge. But we
expected that by the fourth year of this endeavor, the Department would
be well on the path to stability. Regrettably, instead DHS seems to be
wandering aimlessly toward an uncertain destination.
It is because of DHS importance to our nation's security that we
must not allow basic problems of organizational structure and
administrative weakness to continue to hamper its ability to accomplish
its mission.
Unfortunately, that is what appears to be happening.
In Hurricane Katrina, we saw first-hand that the failure to get
routine management, procurement, and financial systems under control
can does hinder and sometimes even halts the ability of this agency to
get the job done. The kind of dysfunction that occurred in response to
Hurricane Katrina cannot become standard practice for this Department.
It will take aggressive oversight to get DHS on track. Our combined
efforts--Congress, GAO and the Inspector General--are vital if the
Department is to become the kind of agency the American people deserve.
And that is the purpose of today's hearing--to have a frank
discussion about the areas this Committee needs to focus on during the
110th Congress. Let me just say, I am troubled that the Department is
on GAO's 2007 high risk list. But I have to admit that it comes as no
surprise. The Department was on the last HIGH RISK list, published in
2005. However, I am surprised to learn that the Department has not even
taken the first step to get off the list. They have not provided GAO
with a complete corrective action plan. On Friday, Mr. Chertoff will be
here. I intend to ask him when corrective action plans will be provided
to GAO. I know that writing these plans may be hard, but every journey
must start with a single step.
I am also concerned that the IG has repeatedly found problems with
the Department's financial management. This Department has never
produced a clean financial statement. The American taxpayers expect a
federal agency to be able to report how it is spending our money. I
think we in Congress share that expectation.
Mr. King. Yes, I thank Chairman Thompson for recognizing
me.
And let me at this first full committee hearing commend him
and congratulate him on his accession as chairman of the full
committee and, as I have done before, pledge him my full
cooperation and thank him for the extraordinary cooperation
that has gone on, not just between ourselves and among the
members but also between our staffs.
And I think both of us approach this as being a
nonpartisan, bipartisan effort. And while there may be specific
policy differences as we go forward, I assure him that we will
operate in good faith. And I know that he has certainly
demonstrated that good faith to me.
As far as the hearing today, I think this is a very vital
hearing. It is a very important hearing, realizing that now
this is the fourth year of the department and, obviously, I
believe more progress should have been made.
At the same time, I believe there has been considerable
progress. I don't think it is any accident that we have not
been attacked in 4 years.
The chairman mentioned Katrina, which obviously was a
disaster at many levels: at the local level, at the state
level, and indeed, at the federal level, where while the Coast
Guard performed admirably and the military performed admirably;
FEMA did not. And I am proud that last year, in a genuine
bipartisan effort, we were able to restructure and reform FEMA.
And thus far, the results are very positive.
Just last week's tornado in Florida by all accounts--I was
speaking to members of Congress who were involved and some
state officials. It appears that FEMA moved quickly, moved
effectively and that Director Paulson is doing a fine job. But
again, the full verdict is not in, and more remains to be done.
And it is certainly a work in progress.
As far as oversight of the department, obviously that has
to be done. I believe in the last session at that time Chairman
Rogers held a number of hearings which were very significant
and did expose severe shortcomings within the Department of
Homeland Security. So we can either look at the glass as being
half full or half empty.
But the bottom line is both the chairman and I strongly
believe that we have to go forward, we have to have aggressive
oversight. We have to have aggressive investigations. I look
forward to the testimony of the witnesses. Both of you have a
particularly vital role to play. And I can assure you that your
recommendations, your findings will be taken very seriously on
our side of the aisle. And I know they will on the majority's
side.
So with that, I will yield back the balance of my time and
look forward to the statements of the witnesses.
Chairman Thompson. Thank you very much.
I, too, want to echo what the ranking member said about the
cooperative relationship between Democrats and Republicans on
this committee. It has been good.
We all hold our responsibility very seriously. And we look
forward to continuing that relationship with the change. And I
think you will readily be able to see that as time goes on.
Other members of the committee are reminded that, under
committee rules, opening statements may be submitted for the
record.
I now welcome our panel of witnesses.
Our first witness, Mr. David Walker, began his 15-year term
as the comptroller general of the United States in 1998. As
comptroller general, Mr. Walker is the nation's chief
accountability officer and head of the U.S. Government
Accountability Office.
Our second witness, Mr. Richard Skinner, was confirmed as
the Department of Homeland Security's inspector general in
2005. Prior to his appointment, Mr. Skinner served as deputy
inspector general of the department since March of 2003. Truly,
he has been with the department since its inception and knows
it better than just about anyone in government.
Without objection, the witnesses' full statements will be
inserted into the record.
I now ask each witness to summarize his statement for 5
minutes, beginning with Mr. Walker.
STATEMENT OF HON. DAVID M. WALKER, COMPTROLLER GENERAL OF THE
UNITED STATES, GOVERNMENT ACCOUNTABILITY OFFICE
Mr. Walker. Chairman Thompson, Ranking Member King, other
members of the committee, I appreciate the opportunity to be
before you to address the management and programmatic
challenges relating to the Department of Homeland Security.
As all of you know, I have spoken extensively about our
nation's fiscal challenges and the need for fiscal prudence and
stewardship. However, irrespective of our fiscal situation, it
is very important for all departments and agencies, including
the Department of Homeland Security, to operate as efficiently
and effectively as possible in carrying out their mission.
We first designated at GAO the DHS's implementation and
transformation effort as a high-risk area in January of 2003.
As members of this committee are very familiar with, DHS
represented the second largest reorganization in the history of
the United States government, the first being the creation of
the Department of Defense in 1947. This is the 60th anniversary
of the Department of Defense, and we need to be in a lot better
shape in Homeland Security after 60 years than DOD is on the
management side. And let's hope we can.
The government pulled together 22 different agencies with
different cultures, with different systems, with different
traditions, with their own problems, and, quite frankly, many,
if not most, of these agencies were not primarily focused on
homeland security before September 11, 2001. So that is a major
transformation challenge.
We continued to have this on our high-risk list in 2005 and
2007, which was issued last week, for a variety of reasons. And
I will summarize a few.
Although DHS has issued guidance and plans to assist
management in the overall integration and transformation
effort, it lacks a comprehensive and integrated strategy with
specific overall goals, timelines and an accountability
mechanism as well as a team that is dedicated full-time to
support its overall transformation integration efforts.
DHS has a strategic plan. However, DHS and its components
must improve its planning by linking resources, which are
limited, to its goals and by promoting greater stakeholder
involvement to ensure that its resources are targeted toward
the highest priorities.
In this regard, DHS also needs to improve its risk
assessment process because, by definition, there is no such
thing as zero risk in today's world, and therefore, choices
have to be made about how to allocate limited resources to
mitigate the most risks. DHS is committed to a more risk-based
approach, but more progress needs to be made.
DHS has been unable to withstand an audit. It has 10 major
internal control weaknesses. And it also has a number of other
compliance challenges.
So these are a few of the challenges, not to mention human
capital and acquisition, which obviously are challenges as
well.
From a program standpoint, strengthening cargo and
passenger screening, visitor tracking and efforts to combat
illegal employment of non-citizens and non-legal residents is a
major challenge.
The Coast Guard's asset upgrading is a challenge on the
acquisition side. Balancing homeland security and personal
privacy is also a continuing challenge. Improving our disaster
preparedness and response efforts continues to be a major
challenge in light of Katrina, although progress has been made.
In summary, let me note that some progress clearly has been
made. But major challenges remain. It is going to take a number
of years for us to get to where we need to be with regard to
the Department of Homeland Security. Even in the private
sector, it takes 5 to 7 years, minimum, to engage in a major
transformation effort and able to have it stick beyond the
current leadership. It is going to take longer than that at
DHS.
All the more important to have a strategic integrated plan
with key metrics and milestones and appropriate accountability
mechanisms. It may also be important for DHS to have a chief
management official, which it has one now, but might need to be
restructured in order to help ensure success going forward.
Last, let me close by saying that both Rick and I yesterday
testified before the Appropriations Homeland Security
Subcommittee on a similar topic. And one of the issues that we
both noted was that both of us have a number of frustrations
with regard to failure to get timely access to documents and
individuals at the Department of Homeland Security. This is a
serious systemic issue.
I was, however, disappointed by some of our friends in the
fourth estate, namely the press, because neither Rick nor I
mentioned any particular person by name. Nor did we mention the
relationship of any particular persons at DHS with other high
ranking officials in this administration. This is a serious
systemic problem. No one person is to blame.
But this current situation needs to change. It takes us way
too long to get information. And there are way too many lawyers
involved, which frustrates our access. And if our access is
frustrated, it means we can't do the job necessary to support
the Congress in discharging its constitutional
responsibilities.
Thank you.
[The statement of Mr. Walker follows:] \1\
---------------------------------------------------------------------------
\1\ See GAO, ``HOMELAND SECURITY Management and Programmatic
Challenges Facing the Department of Homeland Security'', GAO-07-452T,
Wednesday, February 7, 2007, at www.gao.gov/cgi-bin/gerpt?GAO-07-452T.
---------------------------------------------------------------------------
Chairman Thompson. Thank you very much, Mr. Walker.
I now recognize Mr. Skinner to summarize his statement for
5 minutes.
STATEMENT OF HON. RICHARD SKINNER, INSPECTOR GENERAL,
DEPARTMENT OF HOMELAND SECURITY
Mr. Skinner. Thank you, Chairman Thompson, Ranking Member
King and members of the committee. Thank you for having me here
today.
Today what I would like to do is just focus on the
management support activities within FEMA. And that is
financial management, information technology management,
acquisition management and grants management.
Each of these activities transverses everything the
department does in all of its programs and all of its
operations. And each of these activities can have a profound
and direct impact on the ability for the department to carry
out its mission.
First, there are two important points I would like to make.
And Dave hit on one of them. And that is the environment in
which the department was stood up.
We have to keep in mind that when the department was stood
up in March of 2003, we brought together 22 disparate agencies
with their own cultures and ways of doing business. They also
brought with them their own management challenges, their own
material weaknesses and their own problems.
At the same time when we stood up, I believe the
department's management support activities were short-changed.
That is, while we brought in the entire operational assets of
these agencies and all of their programs on side of the ledger,
on the other side of the ledger, we did not bring in a
proportionate share of management support activities to support
those programs and activities and operations.
And to compound matters, the Management Directorate was
asked to support a new component in the office such as Science
and Technology and the Intelligence Analysis Directorate and
the Infrastructure Protection Directorate.
We have to remember that this was more than just a merger
of 22 agencies. It was also an acquisition. It was a
divestiture. It was a startup.
With regards to the financial management, as you know,
there were 4 years in a row now we were not able to offer an
opinion on the department's financial statements. In essence,
for the first 3 years, we just squandered 3 years.
The first year we went through the artificial exercise of
trying to prepare consolidated financial statements when, in
fact, we didn't even know what the components' capabilities
were or what their systems were capable of producing, let alone
what the staff resources capabilities were. And we were trying
to do this with a skeleton staff at headquarters.
We did the same thing for the second year. The second year
we went in and started focusing on doing electronic measure or
electronic merger of information. But again, this was e-merge.
And again, we still did not have a real clear understanding
what was going on within the department at the component level.
The third year we just ran in place. We had leadership
change. We had reorganization.
And then in the fourth year, although we issued a
disclaimer, behind the scenes there was considerable
improvements. For the first time ever, we started delving in
and digging down deep down to the root causes of our material
weaknesses.
And just recently the department has developed corrective
action plans. They are going to roll that up into a
departmental-wide playbook with performance matrix goals and
objectives.
We participated, reviewed that, offered recommendations.
And as it stands right now, we now have a long-term plan, and
we hope we can offer an unqualified opinion as soon as 2009.
With regards to the information technology, there too we
have some major management challenges, both at the component
level and at the department-wide level.
The department has made progress. Although slow, it has
made progress. We brought in over 2,000 systems. We have now
been able to reduce those down to 200 systems. As of September
30, 2006, we have credited and certified 85 percent of those
systems.
But there is still a lot more that we need to do. We still
do not have a department-wide platform or IT network. We still
have to remove stovepipes. This is particularly obvious in our
intelligence activities. We have intelligence functions
throughout the department that they can't talk to one another.
And therefore, we can't connect the dots.
With regards to acquisition management, obviously this is
where our greatest exposure to fraud, waste and abuse is. The
problem really dates back government-wide into the 1990s, our
shortsighted policies reducing the size of the federal
workforce.
On one hand, we were reducing the workforce. Who got hit
the hardest? Generally the management support activities,
particularly procurement. On the other side, or on the other
hand, we were increasing our procurement activities and our
reliance on contractors. This is most evident within DHS where
our reliance on contractors is very, very great.
If you look at our expenditures last year, over 40 percent
of our budget, $16 billion, was spent on contracts alone. This
compounded by the fact--I mean, we are in a catch-22 situation
here. We don't have the capability on one hand, the
infrastructure, to service all of these contracts. Yet we can't
slow them down or we can't stop them because of the urgency of
our mission.
What we have to do is proceed very cautiously on how we are
administering these contracts. And we have to find alternative
ways to ensure that we are getting our dollar's worth.
The last thing I wanted to touch upon is grants management.
And again, this is something I think we need to take in more--
and this includes Congress--needs to take a close look of how
we are delivering grants to our state and local partners.
If you look at our 2008 budget, for example, of all the
various grant programs we have, my fear is that we have become
stovepiped and, as a result, we are not as efficient with our
dollars as we should be.
The things that I think need to be considered is how we can
better involve the states in administering these grants on a
state-wide basis. And we also have to invest in resources to
ensure that we can provide oversight for those funds and
technical assistance to the states.
And finally, I think it is very important that we have
mechanisms in place to evaluate how well we are doing, what is
the impact of those grants, what are we receiving for our
money. Because a lot of money each year is being spent on our
grant programs.
Thank you. That concludes my opening remarks.
[The statement of Mr. Skinner follows:]
Prepared Statement of the Honorable Richard L. Skinner
Good afternoon, Mr. Chairman and Members of the Committee. I am
Richard L. Skinner, Inspector General for the Department of Homeland
Security (DHS). Thank you for the opportunity to discuss the major
management challenges facing DHS.
Since its inception in 2003, DHS has worked to accomplish the
largest reorganization of the federal government in more than half a
century. This task, creating the third largest Cabinet agency with the
missions of protecting the country against another terrorist attack,
responding to threats and hazards, ensuring safe and secure borders,
welcoming lawful immigrants and visitors, and promoting the free flow
of commerce, has presented many challenges to its managers and
employees. While DHS has made progress, it still has much to do to
establish a cohesive, efficient, and effective organization.
The major management challenges that we identify facing DHS
represent risk areas that we use in setting our priorities for audits,
inspections, and evaluations of DHS programs and operations. These
challenges are included in the department's Performance and
Accountability Report, which was issued on November 15, 2006. As
required by the Reports Consolidation Act of 2000, we update our
assessment of management challenges annually. Our latest major
management challenges report covers a broad range of issues, including
both program and administrative challenges. In total, we identified
nine categories of challenges including Catastrophic Disaster Response
and Recovery, Acquisition and Contract Management, Grants Management,
Financial Management, Information Technology Management, Infrastructure
Protection, Border Security, Transportation Security, and Trade
Operations and Security. A copy of that report is provided for the
record. I believe the department recognizes the significance of these
challenges and understands that addressing them will take a sustained
and focused effort.
Today, I would like to highlight four specific management
challenges facing the department:
Financial management,
Information technology management,
Acquisition management, and
Grants management.
These areas are the backbone of the department and provide the
structure and information to support the accomplishment of DHS'
mission. Some aspects of these challenges were inherited by the
department from their legacy agencies. However, the complexity and
urgency of DHS' mission have exacerbated the challenge in many areas.
These management challenges significantly affect the department's
ability to carry out its operational programs and provide the services
necessary to protect the homeland. The department's senior officials
are well aware of these issues and are making progress in resolving
them. Our oversight in these areas is intended to facilitate solutions.
For example, our audits in the area of acquisition management have
identified past trends and future risk areas. In November, we issued an
SBInet Risk Advisory report with recommendations for better managing
the risks associated with this major procurement. Also, during the past
year, we issued a series of audits assessing the department's
corrective action plans related to financial management improvements.
We will continue our intense oversight of these management areas to
ensure that solutions and corrective measures are identified and acted
upon.
FINANCIAL MANAGEMENT
Financial management has been a major challenge for DHS since its
creation in 2003. In 2006, DHS was again unable to obtain an opinion on
its financial statements, and numerous material internal control
weaknesses continued to be reported. KPMG, LLP, under contract with the
Office of Inspector General (OIG), has consistently issued a disclaimer
of opinion on DHS' financial statements.
DHS' material internal control weaknesses ranged from financial
management oversight and reporting at the department level to controls
surrounding the recording of individual account balances within DHS
bureaus. These control weaknesses, due to their materiality, are
impediments to obtaining a clean opinion and providing positive
assurance over internal controls at the department level. Achieving
these departmental goals is highly dependent upon internal control
improvements at the United States Coast Guard (USCG), Immigration and
Customs Enforcement (ICE), the Transportation Security Administration
(TSA), and the Office of the Chief Financial Officer.
To move forward, DHS must develop a comprehensive financial
management strategy that addresses organizational resources and
capabilities, inconsistent and flawed business processes, and
unreliable financial systems. An initial step in this process is to
prepare well-developed and comprehensive corrective action plans to
address known internal control weaknesses. During this past year, the
department has taken a thoughtful approach to developing such a plan
and has begun to implement corrective actions.
Concurrent with the department's efforts, we initiated a series of
performance audits to assess the effectiveness of DHS' corrective
action plans to address internal control weaknesses. Our objective in
conducting these performance audits was to determine the thoroughness
and completeness of both the overall corrective action plan process and
individual component plans developed to address specific financial
control weaknesses. These performance audits are intended to provide
ongoing feedback to DHS as it is developing and implementing corrective
action plans.
During fiscal year 2006, we anticipated progress in addressing
internal control deficiencies. DHS identified four areas for
improvement during the year. However, in our corrective action plan
audits, we reported that a coordinated, department-wide effort to
develop corrective action plans did not begin until the third quarter
of 2006 and is now in the process of being finalized. At the component
level, we identified well-developed corrective action plans at ICE, but
significant work remains ahead for the Coast Guard. During 2006, ICE
began its corrective action plan process early and our audit results
showed internal control improvements during the fiscal year.
In addition, the Federal Emergency Management Agency (FEMA) issued
approximately 2,700 mission assignments totaling about $8.7 billion to
federal agencies to help with the response to Hurricane Katrina. FEMA
historically has had significant problems issuing, tracking,
monitoring, and closing mission assignments. FEMA guidance on mission
assignments is often vague, and agencies' accounting practices vary
significantly, causing problems with reconciling agencies' records to
FEMA records. FEMA has developed a number of new, predefined mission
assignments to streamline some of the initial recurring response
activities. In addition, FEMA's Disaster Finance Center is working to
find a consensus among other federal agencies on appropriate supporting
documentation for billings. We are conducting a review of mission
assignments to DHS agencies and other Inspectors General are reviewing
mission assignments to their respective agencies.
INFORMATION TECHNOLOGY MANAGEMENT
Integrating the information technology (IT) systems, networks, and
capabilities of the various legacy agencies to form a single
infrastructure for effective communications and information exchange
remains one of DHS' biggest challenges. There are multiple aspects to
achieving such an IT infrastructure, as outlined below.
Security of Information Technology Infrastructure
The security of the IT infrastructure is another major management
challenge. As we reported in September 2006, based upon its annual
Federal Information Security Management Act evaluation, excluding its
intelligence systems, DHS achieved a significant milestone toward
strengthening its information security program by implementing a
department-wide remediation plan to certify and accredit all
operational systems by the end of fiscal year 2006. Further, some of
the means to assist DHS and its components in the implementation of its
information assurance program, which we identified in our fiscal year
2005 Federal Information Security Management Act report, also have been
addressed, such as developing a process to maintain a comprehensive
inventory.
However, additional information security audits we conducted this
past year showed challenges remain in controlling and addressing a
number of IT risks and vulnerabilities. These audits involved DHS
networks, databases, laptops, and Radio Frequency Identification
systems, as well as of major programs such as the Transportation
Workers Identification Credential and United States Visitor and
Immigrant Status Indicator Technology.
Specifically, DHS organizational components, through their
Information Systems Security Managers, have not completely aligned
their respective information security programs with DHS' overall
policies, procedures, and practices. Further, while DHS has issued
substantial guidance designed to create and maintain secure systems,
there exist areas where agency-wide information security procedures
require strengthening:
Certification and accreditation;
Vulnerability testing and remediation;
Contingency plan testing;
Incident detection, analysis, and reporting;
Security configurations; and
Specialized security training.
To address these issues, the Chief Information Officer must
identify ways to improve the review process and increase the
accountability of DHS component organizations. The department also must
establish a comprehensive management authority to ensure the
confidentiality, integrity, and availability of its vital intelligence
information.
Department-wide IT Infrastructure
Creating an adequate capability for relocating mission-critical
information systems to an alternate disaster recovery site in the event
of extended service disruptions or emergencies is one concern. The
department's IT infrastructure remains a collection of legacy networks,
systems, and data centers. Several elements of this IT infrastructure
do not have the ability to relocate to an alternate site that can be
used if their primary facility suffers an extended outage or becomes
inaccessible. However, due to a lack of sufficient funding and an
operational program to support an enterprise-wide disaster recovery
solution, DHS has been hindered in its efforts to provide an alternate
processing facility. This inability to restore the functionality of
DHS' critical IT systems following a service disruption or disaster
could negatively affect accomplishment of a number of essential DHS
missions, including passenger screening, grants processing, and
controlling the flow of goods across U.S. borders.
Similarly, significant resources and oversight are also needed to
accomplish the major undertakings of upgrading the DHS data
communications infrastructure and consolidating the various
organizations that provide data communications support. Currently, the
department is in the process of eliminating redundant firewalls,
replacing hardware encryption devices, and combining operations
centers--activities that are essential to supporting the efficient,
effective, and secure exchange of mission-critical information both
within DHS and with outside stakeholders.
DHS Component IT Management
IT management at the subcomponent level remains a major challenge,
as demonstrated by our audits and subsequent reports on the IT programs
and initiatives of selected DHS directorates and organizations. Our
November 2006 followup assessment reports that the United States
Citizenship and Immigration Services (USCIS) has made some progress by
placing priority on business transformation, taking steps to centralize
authority for IT personnel, initiating business process reengineering
activities, and upgrading desktops and servers at key field locations.
However, USCIS remains entrenched in a cycle of continual planning,
with limited progress toward achieving its long-term transformation
goals. Until USCIS addresses this issue, the bureau will not be in a
position to manage existing workloads or handle the potentially
dramatic increase in immigration benefits processing workloads that
could result from proposed immigration reform legislation. Similarly,
our December 2006 followup assessment of FEMA's efforts to upgrade its
principal disaster management system shows that the agency has made
progress in meeting short-term systems needs; however, more remains to
be done to address long-term planning and systems integration.
Our reviews of major IT programs and initiatives of the various
components also indicate program management problems. For example, in
September 2005, we reported that FEMA could benefit from improvements
to its 6-year, $1.5 billion program to digitize the maps used to
identify flood zones and determine insurance requirements. Although
FEMA is making progress in the flood map modernization program, FEMA
can better ensure program success by:
Reviewing and revising its mapping plan,
Enhancing program guidance,
Increasing contractor oversight,
Improving coordination with stakeholders,
Clearly defining requirements and contractor
expectations, and
Maintaining standard methodologies for mapping system
development.
Similarly, in August 2006, we reported on improvements USCG could
make in its efforts to design and implement command, control,
communications, computers, intelligence, surveillance, and
reconnaissance (C4ISR) systems as part of its estimated $24 billion
Integrated Deepwater System (Deepwater) program. Although the USCG has
made progress in the program, problems with contract oversight,
requirements management, systems certification and accreditation, and
IT testing place the Deepwater IT acquisition and C4ISR operations at
risk. Insufficient C4ISR funding has restricted accomplishing the
``system-of-systems'' objectives that are fundamental to ensuring
interoperability of Deepwater assets, such as ships and aircraft.
Meeting the training and IT support needs of Deepwater C4ISR users also
is key.
Information Sharing
The Homeland Security Act of 2002 makes coordination of homeland
security communication with state and local government authorities, the
private sector, and the public a key DHS responsibility. However, due
to time pressures, DHS did not complete a number of the steps essential
to effective planning and implementation of the Homeland Security
Information Network (HSIN)--the sensitive, but unclassified system it
instituted to help carry out this mission. As such, effective sharing
of the counter-terrorist and emergency management information critical
to ensuring homeland security remains an ongoing challenge for the
department. Resources, legislative constraints, privacy, and cultural
challenges--often beyond the control of HSIN program management--pose
obstacles to HSIN's success.
On a broader scale, DHS is challenged with incorporating data
mining into its overall strategy for sharing information to help detect
and prevent terrorism. Data mining aids agents, investigators, and
analysts in the discovery of patterns and relationships from vast
quantities of data. The Homeland Security Act authorizes DHS to use
data mining and tools to access, receive, and analyze information. Our
August 2006 report on DHS data mining activities identified various
stove-piped activities that use limited data mining features. For
example, Customs and Border Protection performs matching to target
high-risk cargo. The United States Secret Service automates the
evaluation of counterfeit documents. TSA collects tactical information
on suspicious activities. ICE detects and links anomalies indicative of
criminal activity to discover relationships. However, without
department-wide planning, coordination, and direction, the potential
for integrating advanced data mining functionality and capabilities to
address homeland security issues remains untapped.
Hurricane Katrina also highlighted the need for data sharing among
federal agencies following a catastrophic disaster. We see a need for
data sharing in three areas:
Real-time data exchange among agencies would help
verify eligibility of applicants for disaster assistance and
simplify the application process for victims.
Direct access to FEMA data by law enforcement agencies
would help identify and track convicted sex offenders and
suspected felons, and help locate missing children.
Computer data matching would help to prevent
duplicative payments and identify fraud.
FEMA is moving in the right directions on these issues. For
example, FEMA has granted direct access to its data to the Hurricane
Katrina Fraud Task Force for the purpose of investigating fraud.
However, progress is slow and much remains to be done. FEMA and the
federal community are not ready to meet the data sharing demands of the
next catastrophic disaster.
Another example of vital information sharing is the National Asset
Database. The National Infrastructure Protection Plan envisions a
comprehensive, national inventory of assets, known as the National
Asset Database, to help DHS coordinate the effort to protect the
nation's critical infrastructure and key resources. DHS is responsible
for integrating efforts to protect the chemical industry; commercial
facilities; dams; emergency services; commercial nuclear reactors,
materials, and waste; information technology; telecommunications;
postal and shipping; transportation systems; and government facilities.
A maturing National Asset Database is essential to developing a
comprehensive picture of the nation's critical infrastructure and key
resources. Management and risk-based resource allocation decisions
depend on having this comprehensive picture. As we reported in fiscal
year 2006, DHS is improving the development and quality of the National
Asset Database. We will continue to monitor and review how DHS uses the
National Asset Database to support its risk management framework, how
it coordinates infrastructure protection with other sectors, and how
its pursuit of basic vulnerability assessment standards can help
develop overarching departmental priorities.
ACQUISITION AND CONTRACT MANAGEMENT
Acquisition management is not just awarding a contract, but
fulfilling a mission need through a thoughtful, balanced approach that
considers cost, schedule, and performance. The urgency and complexity
of DHS' mission will continue to demand rapid pursuit of major
investment programs. In 2006, DHS spent about 40% of its budget through
contracts.
DHS must have an infrastructure in place that enables it to oversee
effectively the complex and large dollar procurements critically
important to achieving the DHS mission. While DHS continues to build
its acquisition management capabilities in the component agencies and
on the department-wide level, the business of DHS goes on and major
procurements continue to move. We identified significant risks and
vulnerabilities that might threaten the integrity of DHS' acquisition
management program. In general, DHS needs to improve its major
acquisitions planning, operational requirements definition, and
implementation oversight.
The prerequisite for effective acquisitions, that is, obtaining the
right, cost-effective systems and equipment to accomplish DHS'
missions, is program management. Complex and high-dollar contracts
require multiple program managers, often with varying types of
expertise. Several DHS procurements have encountered problems because
contract technical and performance requirements were not well defined.
DHS needs:
More certified program managers;
Comprehensive department-wide standards for program
management;
A strengthened investment review board process to
provide greater independent analysis and review;
Better defined technical requirements; and
More balance among schedule, cost, and performance
when expediting contracts.
The Office of the Chief Procurement Officer recently established a
program management advisory board, established standards for certifying
program managers, and promoted program management training
opportunities. The Office of the Chief Procurement Officer is assisting
program offices with acquisition planning, including templates and one-
on-one assistance.
In their transition into DHS, seven agencies retained their
procurement functions, including USCG, FEMA, and TSA. The expertise and
capability of the seven procurement offices mirrored the expertise and
capability they had before creation of DHS, with staff size that ranged
from 21 to 346 procurement personnel. DHS established an eighth
acquisition office, the Office of Procurement Operations, under the
direct supervision of the Chief Procurement Officer, to service the
other DHS components and manage department-wide procurements. Many DHS
procurement offices reported that their lack of staffing prevents
proper procurement planning and severely limits their ability to
monitor contractor performance and conduct effective contract
administration. The fiscal year 2007 DHS Appropriations Act provides
over 400 additional contract specialist positions to alleviate part of
the shortfall. Moreover, DHS is planning a contracting fellows program
with up to 100 entry-level positions to begin in fiscal year 2008.
In addition to awarding contracts, the Office of the Chief
Procurement Officer helps DHS components adhere to standards of conduct
and federal acquisition regulations in awarding and administering
contracts. This oversight role involves developing department-wide
policies and procedures, and enforcing those policies and procedures.
Both our office and the Government Accountability Office have
reported that the Office of the Chief Procurement Officer needs more
staff and authority to carry out its general oversight
responsibilities. The Government Accountability Office recommended that
DHS provide Office of the Chief Procurement Officer sufficient
resources and enforcement authority to enable effective, department-
wide oversight of acquisition policies and procedures. We made a
similar recommendation. The DHS, in response to our December 2006
report, Major Management Challenges Facing the Department of Homeland
Security, said that it disseminated the Acquisition Professional
Management Directive to identify and certify appropriately trained and
experienced program managers, contracting officer's technical
representatives, and authorized buying agents. It also has certified
348 program managers since 2004, and continues to focus on
qualifications and placement.
During fiscal year 2006, the Under Secretary for Management
established policies for acquisition oversight and directed each of the
eight heads of contracting activities to measure and manage their
acquisition organizations. Also, the number of oversight specialists in
the Acquisition Oversight Division is authorized to expand to nine
during fiscal year 2007. The Office of the Chief Procurement Office has
undertaken an outreach program to involve DHS component staff to manage
effectively and assist in acquisition oversight.
Common Themes in Our Audits of DHS Contracts
In prior years, we conducted audits and reviews of individual DHS
contracts, such as TSA's screener recruiting and TSA's information
technology services. More recently, we have completed audits relating
to the SBInet program, the Coast Guard's Deepwater program, and FEMA
contracting. Common themes and risks emerged from these audits,
primarily the dominant influence of expediency, poorly defined
requirements, and inadequate oversight that contributed to ineffective
or inefficient results and increased costs.
The department continues to pursue high-risk, complex, system-of-
systems acquisitions programs, such as SBInet and Deepwater. A
performance-based acquisition strategy to address the challenges of
these programs is, in our opinion, a good one. Partnering with the
private sector adds fresh perspective, insight, creative energy, and
innovation. It shifts the focus from traditional acquisition models,
i.e., strict contract compliance, into one of collaborative,
performance-oriented teamwork with a focus on performance, improvement,
and innovation. Nevertheless, using this type of approach does not come
without risks. To ensure that this partnership is successful, the
department must lay the foundation to oversee and assess contractor
performance, and control costs and schedules. This requires more effort
and smarter processes to administer and oversee the contractors' work.
Customs and Border Protection SBInet Program
On November 2, 2005, DHS announced a multiyear strategy to secure
America's borders and reduce illegal immigration, called the Secure
Border Initiative (SBI). A critical element of the SBI initiative is
the acquisition of technology, infrastructure, and personnel to gain
operational control of the nation's border--SBInet. The SBInet
procurement presents a considerable acquisition risk because of its
size and scope. We see risks and vulnerabilities similar to those
identified in previous OIG audits and reviews.
Customs and Border Protection awarded a multiple-year systems
integration contract in September 2006 to begin the SBInet multibillion
dollar initiative. We have monitored the initiation of the SBInet
program and provided a risk advisory with recommendations to address
observed weaknesses in the program. The department was fully responsive
during our SBInet review, agreed to our recommendations, and is
planning and pursuing corrective actions. However, the SBInet
procurement continues to present a considerable acquisition risk
because of its size and scope.
Our main concern about SBInet is that DHS is embarking on this
multibillion dollar acquisition project without having laid the
foundation to oversee and assess contractor performance and effectively
control cost and schedule. DHS has not properly defined, validated, and
stabilized operational requirements and needs to do so quickly to avoid
rework of the contractor's systems engineering and the attendant waste
of resources and delay in implementation. Moreover, until the
operational and contract requirements are firm, effective performance
management, and cost and schedule control, are precluded. As
acknowledged in our report, the department took actions to mitigate
risk during the course of our review and is planning further actions to
establish an effective performance management system for SBInet.
We also reported that the department does not have the capacity
needed to effectively plan, oversee, and execute the SBInet program;
administer its contracts; and control costs and schedule. The
department's acquisition management function lacks the appropriate work
force, business processes, and management controls for planning and
executing a major acquisition program such as SBInet. Without a
preexisting professional acquisition workforce, Customs and Border
Protection has had to create staffing plans, locate workspace, and
establish business processes, while simultaneously initiating one of
the largest acquisition programs in the department. DHS needs to move
quickly to establish the organizational capacity to properly oversee,
manage, and execute the program.
Coast Guard's Deepwater Program
USCG has also encountered a number of challenges in executing its
Deepwater Acquisition program despite the expenditure of more than $3
billion over 4 years. This is particularly true within the Deepwater
surface and air domains. Most recently, we identified management
deficiencies and inadequate technical oversight related to the
acquisition of the National Security Cutter. In this case, the Coast
Guard did not exercise sufficient oversight authority of the contract
with Integrated Coast Guard Systems to address design deficiencies.
Consequently, the National Security Cutter acquisition is expected to
cost more than originally planned and the cutters may be subject to
operational limitations that affect the ability of the Coast Guard to
execute its Deepwater mission.
Similar issues were previously identified related to the 110-foot
patrol boat conversion project. This project was curtailed at eight
cutters due to design, construction, performance, and cost concerns. In
December, the Coast Guard decided to take the eight converted cutters
out of service due to structural design deficiencies. In response to
these challenges, USCG accelerated plans to design, construct, and
deploy the composite Fast Response Cutter by more than 10 years as a
replacement for the 110-foot patrol boat. However, an independent
analysis has confirmed that the Fast Response Cutter design is outside
patrol boat design parameters, i.e., too heavy, too overpowered, and
not streamlined enough to reduce resistance. These concerns led to the
USCG's April 2006 decision to suspend work on the Fast Response Cutter
until these issues could be resolved or an alternative commercial off-
the-shelf design identified.
In the Deepwater air domain, the HH-65C helicopter and unmanned
aerial vehicle acquisitions have encountered schedule delays and cost
increases. These Deepwater design, construction, performance,
scheduling, and cost issues are expected to continue to present
significant challenges to USCG's Deepwater Program in the future.
The Coast Guard recognizes these challenges and is taking
aggressive actions to strengthen program management and oversight--such
as technical authority designation; use of independent, third party
assessments; consolidation of acquisition activities under one
directorate; and redefinition of the contract terms and conditions,
including award fee criteria. Furthermore, and most importantly, the
Coast Guard is increasing its staffing for the Deepwater program, and
reinvigorating its acquisition training and certification processes to
ensure that staff have the requisite skills and education needed to
manage the program. These steps should go a long way in improving the
management and oversight of the Deepwater program as it moves forward.
FEMA Procurements
We have also focused substantial work on FEMA contracting and have
identified numerous problems. FEMA is not well prepared to provide the
kind of acquisition support needed for a catastrophic disaster. FEMA's
overall response efforts suffer from:
Inadequate acquisition planning and preparation for
many crucial needs;
Lack of clearly communicated acquisition
responsibilities among FEMA, other federal agencies, and state
and local governments; and
Insufficient numbers of acquisition personnel to
manage and oversee contracts.
In February 2006, we reported that FEMA purchased mobile homes
without having a plan for how the homes would be used. As a result,
FEMA now has thousands of surplus mobile homes. In September 2006, we
reported that FEMA spent $7 million renovating a facility to shelter
evacuees. Because there was inadequate planning, the facility was never
needed. As a result, the facility was underused and the monies spent to
renovate were wasted.
FEMA has already made improvements, such as increasing the number
of standby contracts in place and ready to be executed when disaster
strikes. Also, DHS created a Disaster Response/Recovery Internal
Control Oversight Board to address many of the problems. We will soon
conduct a review of FEMA's overall acquisition management structure to
identify additional improvements that FEMA can make to be prepared
better for the next catastrophic disaster. We will review
organizational alignments and leadership, policies and procedures,
FEMA's acquisition workforce, and its information management. We are
also reviewing FEMA's system for accounting for property it has
purchased for disasters.
The urgency and complexity of DHS' mission will continue to demand
rapid pursuit of major investment programs. While DHS continues to
build its acquisition management capabilities in the component agencies
and on the department-wide level, the business of DHS goes on and major
procurements continue to move. Acquisition management will continue to
be an intense area of oversight for our office and an ongoing focus of
our audit efforts.
Providing Accurate and Timely Procurement Reporting
In July 2006, we reported on the challenges that DHS faces in
planning, monitoring, and funding efforts to ensure the accurate and
timely reporting of procurement actions to interested stakeholders. The
Executive Branch, the Congress, and the public rely upon such
procurement information to determine the level of effort related to
specific projects and also to identify the proportion of government
contracts that are awarded to small businesses. Currently, however, DHS
has several different contract-writing systems that do not
automatically interface with its Federal Procurement Data Systems--Next
Generation (FPDS-NG)--a government-wide procurement reporting system
that is accessible by the public. Some of the systems may need to be
replaced. Additionally, not all DHS procurements are entered into FPDS-
NG. For example, grants, mission assignments, and purchase card data
may not be entered into FPDS-NG, resulting in an understatement of DHS'
procurement activities.
DHS has undertaken a number of initiatives to improve its reporting
on procurement actions. These initiatives include interfacing the
various DHS contract-writing systems with FPDS-NG and ensuring that all
procurement information is entered into FPDS-NG immediately following
contract award. Such initiatives will not only enable real-time
reporting of DHS procurement actions, they also will allow DHS to rely
on General Services Administration databases to help eliminate contract
awards to ineligible vendors. The Office of the Chief Procurement
Officer has worked with each of the DHS components to improve the
accuracy, completeness, and timeliness of FPDS-NG data entry. DHS'
planned deployment of a single, contract-writing software system should
reduce duplicate data entry for each contract action. DHS is developing
routine reporting for non-FPDS-NG instruments.
GRANTS MANAGEMENT
Managing the multitude of grant programs within DHS poses a
significant challenge. Further, the grant programs of other federal
agencies that assist states and local governments in improving their
abilities to prepare for, respond to, and recover from acts of
terrorism or natural disasters compound this challenge. Congress
continues to authorize and appropriate funding for individual grant
programs within and outside of DHS for similar, if not identical,
purposes. In total, DHS manages more than 80 disaster and nondisaster
grant programs. For disaster response and recovery efforts, we have
identified 36 federal assistance programs that have the potential for
duplicating DHS grant programs. DHS must do more to coordinate and
manage grants that are stove-piped for specific, but often related
purposes, to ensure that they are contributing to our highest national
preparedness and disaster recovery goals, rather than duplicating one
another and being wasted on low-priority capabilities.
Disaster grant awards will be substantially larger than usual with
the more than $60 billion that Congress appropriated in late fiscal
year 2005 for disaster response and recovery efforts related to
Hurricanes Katrina, Wilma, and Rita. In the Gulf Coast states affected
by these hurricanes, numerous federal grants from different agencies
and components of DHS are going to state and local governments, private
organizations, and individuals for response and recovery from the
recent hurricanes, as well as for the next disaster or terrorist
attack. We are currently reviewing disaster grant activities throughout
the Gulf Coast and will continue to give special emphasis to Gulf Coast
disaster response and recovery grant spending.
In fiscal year 2007, DHS is expected to award about $3.4 billion in
state and local preparedness grants. We are reviewing individual
states' management of first responder grants and the effectiveness of
DHS' system for collecting data on state and local governments' risk,
vulnerability, and needs assessments. Our audits have reported on the
states' inability to manage effectively and monitor these funds, and to
demonstrate and measure improvements in domestic security. Our reports
also pointed out the need for DHS to monitor the preparedness of state
and local governments, grant expenditures, and grantee adherence to the
financial terms and conditions of the awards.
DHS faces a challenge in addressing its responsibility to become an
efficient and effective grants manager. For example, while the Office
of Grants and Training is tasked with financial and programmatic
monitoring and oversight for first responder grants, the Office of
Justice Programs with the Department of Justice does the accounting for
these grants. Given the billions of dollars appropriated annually for
disaster and nondisaster grant programs, DHS needs to ensure that
internal controls are in place and adhered to, and grants are
sufficiently monitored to achieve successful outcomes.
DHS needs to ensure that, to the maximum extent possible, disaster
and homeland security assistance go to those states, local governments,
private organizations, or individuals eligible to receive such
assistance and that grantees adhere to the terms and conditions of the
grant awards. DHS needs to continue refining its risk-based approach to
awarding first responder grants to ensure that areas and assets that
represent the greatest vulnerability to the public are as secure as
possible. It must incorporate sound risk management principles and
methodologies to successfully prepare for, respond to, recover from,
and mitigate acts of terrorism and natural disasters.
DHS management recognizes these challenges. DHS is planning a study
to provide a single grants management system for all nondisaster-
related grants. In addition, a risk-based grant allocation process was
completed in fiscal year 2006. DHS risk analysis was a critical
component of the process by which allocations were determined for such
programs as the Homeland Security Grant Program, Transit Security Grant
Program, Port Security Grant Program, and the Buffer Zone Protection
Program.
However, the support for the Gulf Coast hurricanes had a major
impact on DHS OIG's nondisaster work, resulting in some delays of
audits underway and planned, including the area of grants management.
This negative impact was reduced as temporary staff were hired and
trained, and employees detailed to Gulf Coast Hurricane Recovery
returned to the Office of Audits.
CATASTROPHIC DISASTER RESPONSE AND RECOVERY
In the wake of Hurricane Katrina, Congress responded quickly with
funds for immediate relief and recovery efforts. To date, emergency
appropriations totaling over $85 billion have been made available.
Additionally, Congress enacted over $35 billion in mandatory spending/
tax bills, bringing total relief dollars to more than $122 billion.
[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]
[Source: Senate Budget Committee, August 22, 2006]
Recognizing the need to protect taxpayers' dollars, the Office of
Management and Budget, in early September 2005, mandated that the
federal agencies involved in the disaster response and recovery efforts
develop a stewardship plan. The plan sets the framework for mitigating
risks associated with crisis procurement, managing the broad scope of
oversight work, and overseeing contracts awarded.
On the heels of the Office of Management and Budget/Department of
Homeland Security plan, the Inspectors General (IGs) involved in
oversight of disaster relief efforts developed a hurricane audit
coordination model. The model helped determine which recovery
activities each of the OIGs would audit and review.
Moreover, the OIG community was well poised to address the need for
oversight, as coordination of activities had already been established.
Prior to Hurricane Katrina, the President's Council on Integrity and
Efficiency (PCIE) and the Executive Council on Integrity and Efficiency
(ECIE) established a Homeland Security Roundtable, based on their
collective experience after the 9/11 attacks. The Roundtable was a
natural focal point around which hurricane recovery oversight revolved.
And, as Chairman of the PCIE's Homeland Security Roundtable, I was
tasked with coordinating its activities. Needless to say, Hurricane
Katrina oversight was our number one priority last year.
Through the Roundtable, the OIG community has been successful in
addressing issues of waste, fraud, and abuse. As of September 30, 2006,
through our coordinated activities we have:
Conducted audits or reviews of 835 contracts,
including 348 completed and 487 ongoing audits. These 835
contracts had a total contract value of $8.5 billion. Of this
amount, auditors reported questioned costs of $53.6 million, of
which $33.3 million was determined to be unsupported.
Reviewed contracts resulting in $80.9 million in
taxpayer funds that could have been put to better use.
Opened 1,756 cases, which resulted in 439 indictments,
407 arrests, and 255 convictions.
Additionally, in September 2005, I established the Office of Gulf
Coast Hurricane Recovery to take the lead in coordinating disaster-
related activities. I also appointed a separate Special Inspector
General for Gulf Coast Recovery. This action allowed us to stay current
on all disaster relief operations, and provide on-the-spot advice on
internal controls and precedent-setting decisions.
In turn, the lesson we learned from our experiences in Katrina
oversight is that the presence of an office directly responsible for
disaster assistance is essential. Therefore, in October 2006, we
established the Office of Disaster Assistance Oversight (DAO) to take
over, on a permanent basis, the work of the Office of Gulf Coast
Hurricane Recovery. I also appointed a permanent Deputy Inspector
General for Disaster Assistance Oversight.
The creation of the DAO has strengthened our ability to react
quickly and efficiently to a variety of disasters, and further advance
our collaborative efforts with other federal IGs. DAO also coordinates
the work of the 23 other federal IGs involved in the PCIE Roundtable;
actively participates on the Department of Justice's Hurricane Katrina
Fraud Task Force; and works closely with state and local auditors and
inspectors general, as well as the Government Accountability Office.
The DAO organizational structure to a great extent mirrors FEMA's
structure with offices addressing Response, Recovery, Mitigation, and
Acquisition. We have three field offices located in Oakland,
California, Denton, Texas, and Atlanta, Georgia. Additionally, we have
four suboffices co-located or near FEMA's Transitional Recovery
Offices, which allow us to work closely with state and local auditors
and inspectors general, as well as FEMA regional staff, in order to
take a hands-on approach to our oversight efforts. With a total staff
of 120 personnel exclusively dedicated to disaster oversight, our
structure allows us to be efficient and effective, and to give counsel
to address immediate oversight needs. As we continue into the recovery
phase of the disaster, we are changing our oversight focus from
immediate recovery to acquisition and contract management.
Overall, the work completed by the Gulf Coast Hurricane Office and
the DAO has been successful. However, in order to conduct the needed
oversight of FEMA's readiness, preparation, response, and recovery
related to Hurricane Katrina, we have had to substantially reallocate
our inspectors, auditors, and evaluation resources.
----------------
Mr. Chairman, this concludes my prepared statement. I have
highlighted four specific management challenges facing the department--
financial management, information technology management, acquisition
management, and grants management--that are the backbone of the
department and provide the structure and information to support the
accomplishment of DHS' mission. While some aspects of these challenges
were inherited by the department from their legacy agencies, the
complexity and urgency of DHS' mission has exacerbated the challenge in
many areas.
While the department's senior officials are well aware of these
problems and are making progress in resolving these issues, we must
continue to keep the department focused on these challenges. Our
continued oversight in these areas is intended to facilitate solutions
in order to significantly improve the department's ability to carry out
its operational programs.
I will be pleased to answer any questions you or the Members may
have.
Chairman Thompson. Thank you very much.
I thank all the witnesses for their testimony.
I will remind each member that he or she will have 5
minutes to question the panel.
I will now recognize myself for the beginning of the
questions.
Again, thank you very much for your very thoughtful
testimony.
I guess the first point for both of you gentlemen, Mr.
Walker and Mr. Skinner, is: Do you presently have the resources
necessary to do your job effectively?
Mr. Walker, will you respond?
Mr. Walker. I wouldn't say anything to you I haven't told
the appropriators. I do not believe that we have been treated
fairly in recent years.
GAO generated a $105 return for every $1 invested in the
agency, number one in the world. Second place is $10 to $1. And
we haven't kept pace with inflation for the last 4 years. That
is not in the interest of the Congress or the country. And I am
hopeful that we can rectify that in our fiscal 2008 budget.
Chairman Thompson. Thank you.
Mr. Skinner?
Mr. Skinner. Chairman Thompson, just like everyone else in
government and everyone else in DHS, we could always use
additional resources. We are stretched very, very, very thin.
And as a result of the Katrina and the Gulf Coast disasters,
which those expenditures are going to exceed probably when it
is all over with well over $200 billion.
We had to focus a lot of resources to provide oversight
audits, inspections and investigations of activities that are
occurring as a result of that very unfortunate event. That has
really hurt us because we have had to take over 75 people out
of our audit shop, investigation shop and reassign them to Gulf
Coast operations, which is really having a real major effect on
our ability to provide oversight in other parts of the
department.
Where we are really lacking, if anyone takes a close look
at our performance plans and the results of our work, is that
we are not providing the oversight of the billions of dollars
that are spent each year in the grant arena, for example. It is
just simply we don't have the resources to do it.
Chairman Thompson. Thank you.
Mr. Walker, you talked a little bit about interference with
investigations and what have you. I am concerned about that,
but I want both of you gentlemen to kind of give the committee
an example of the kind of interference your staff ran into in
trying to get information from the department.
Mr. Walker. Well, thank you, Mr. Chairman.
First, I don't believe I have ever used the word
``interference.'' And that is an example of how there was
misreporting of what we said yesterday.
Here is the problem. The problem is, it is my understanding
from my staff that every document that is to be provided to GAO
for review has to be reviewed by the chief counsel's office.
There is no reason for that. We have broad-based statutory
rights to documents. And I don't understand why these
documents, every document, has to be reviewed by a lawyer.
Second, it is also my understanding that on a selective
basis, not on an across-the-board basis, that members of the
chief counsel's office--and there are many members of the chief
counsel's office--want to sit in on interviews with regard to
selected officials. That has a chilling effect on the ability
of people to speak candidly with us.
My understanding is Rick has had similar problems. But
again, this is a systemic problem. It is not a particular
person. It is something that is systemic.
Mr. Skinner. Thank you. Yes, we have had similar problems.
But they are not the types of problems that GAO is
experiencing. And ours have been primarily within the area of
the Coast Guard. And there, because of draft guidelines that
have been published, it has created a shroud on our
interaction.
If you ask the Coast Guard, if you ask anyone in the
Department of Homeland Security, they will tell you they
cooperate with us. Generally speaking, they do cooperate with
us. With regards to Phil Perry and his office, they have always
been supportive of our operations. And the news media yesterday
really did a disservice in the way they interpreted the
comments we made yesterday.
Our problem, for example, at the Coast Guard presumes that
anytime we want to do an interview, that the supervisor must
sit in. Anytime we make contact with an individual within the
Coast Guard, they must report that to their supervisor. Anytime
we want a document, we must go through the audit liaison
officer to get that document where it is vetted and reviewed.
That is very cumbersome. It expends a lot of time, slows
down our ability to do our job in a timely manner. And it also,
like Mr. Walker said, it sends a chilling effect among those
that we are trying to interact with.
If they say they want to meet with us privately, which the
Coast Guard says they can, that also sends a message that we
may not be a--we, a member of the Coast Guard--is not a team
player. So therefore, there is a resistance. There is an
attitude there that it is not wise to meet with the IG
privately.
And then when they do meet with us with their supervisors,
they are constrained. They are not as open. As a result, we
generally have to do two interviews, one with the individual
with their supervisor and a second interview at night over the
telephone back-channel.
Chairman Thompson. One point of reference, is that
customary, to your knowledge, with other departments within
government?
Mr. Walker. Well, we deal with every department in
government. And, no, it is highly unusual. It is one thing for
the general counsel's office to be involved on an exception
basis in unusual circumstances. And that is fine, and that is
understandable. But to be involved with every document is
highly unusual. In fact, I think it is the only one that I know
of in government.
Chairman Thompson. Thank you very much.
I now yield to the ranking member of the committee for his
questions.
Mr. King. Thank you, Mr. Chairman.
My first question would be to Inspector General Skinner. It
is somewhat parochial, but I think it has an overriding arch to
it.
Back in October of 2005, New York City received credible
threats about an attack on its subway system. And the police
commissioner and the mayor increased security on the subways at
the time. Simultaneously with that, officials in the Department
of Homeland Security were downgrading the threat and were
trying to minimize it, and they were very critical of the mayor
and the police commissioner.
At the same time as that, it turns out that officials
within the Department of Homeland Security were actually
advising their relatives to stay off the subways. This was
actually before the threat was even announced, which to me,
certainly, violated some very important procedures as far as
leaking classified information.
I know you conducted an investigation of that. Can you tell
us what the status of the investigation is, what action was
taken against those individuals and more importantly than that,
what actions has the department taken to ensure that employees
of the department realize the absolute necessity of not leaking
secret information? And has that been impressed upon the
employees in the department?
Mr. Skinner. Thank you.
Yes, indeed, we did do an investigation of that incident.
And it is complete. And we had referred our findings back to
the program offices with recommendations for disciplinary
action. I will have to get back to you, Congressman King, on
exactly what those actions were. I know there were actions
under way. I just don't know what they were at this point in
time.
Mr. King. Is there any way of telling now whether or not
this was an unusually long period of time that the department
has taken? Or it is just that you are not aware of it at the
time?
Mr. Skinner. I am just not aware of the actions on that
particular case.
Mr. King. Okay, okay. If you could get back to me on that,
I would certainly appreciate it.
Mr. Skinner. I will.
Mr. King. Comptroller General Walker, the department has
undergone several transformations or reorganizations in the
past several years. There was Secretary Chertoff's second stage
review. Then last year there was the FEMA reformation and
restructuring. What impact have those reorganizations had on
the department, positive and negative?
And is it early enough yet to determine how effective the
FEMA reorganization has been, especially in view of how it
conducted itself, which I believe was in a positive way in the
recent tornado incident in Florida?
Mr. Walker. Well, I think it is too early to tell whether
or not the reorganization is going to be effective. And
obviously, that tornado was a tragic incident in Florida.
But the scale of that as compared to the scale of a Katrina
or something is obviously very, very different.
And frankly, I think we should have expected that people
would have been overwhelmed with Katrina. But I would have
hoped they would have done better, and I am sure you do, too.
Secondly, so with regard to that--I apologize. The first
part of your question, Mr. King, again, was?
Mr. King. Yes, the impact of these reorganizations have on
a new department. Are there any lessons learned from that?
Mr. Walker. Thank you.
Mr. King. And do you believe that we should consider more
reorganization or let this try to work its way through?
Mr. Walker. Any organization, whether you are in the public
sector, the private sector or the not-for-profit sector,
reorganizations are very disruptive. They have an adverse
impact on morale. It is very important that one step back, look
strategically, decide how best to align the organization to
achieve the objectives, implement it and leave it alone for a
period of time.
The morale at the Department of Homeland Security, based
upon the latest employee feedback survey, is, I believe, dead-
last of all the major departments and agencies.
Now, you can't say it is because of all these
reorganizations. But I can tell you, based upon my public-and
private-sector experience, including running a global operation
in the private sector and heading three federal agencies, you
know, reorganizations may be necessary at times but they should
be minimized and they are disruptive.
Mr. King. Do you believe the department is working
effectively to further this reorganization now? Or do you feel
it has become stalemated or stagnant?
Mr. Walker. My understanding is we are doing some related
work. And I would rather wait until that work is done before I
end up saying anything.
Mr. King. My time is running out. Mr. Chairman, I yield
back.
Chairman Thompson. Thank you very much.
We will now hear from the gentlewoman from California, Ms.
Sanchez.
Ms. Sanchez. Thank you, Mr. Chairman.
And thank you, both of you gentlemen, for your service to
our country and for the information you are giving us.
You know, my background is in strategic management. I used
to work for Booz-Allen. I was an investment banker. I have
international experience. I did a lot of M&A work, more
importantly, performance audits after M&A work.
Quite frankly, I voted against creating the Homeland
Security Department because I know how terrible it can be to
get two cultures together, let alone 22, and maybe not the
right 22, in an area and then not put them together really and
take away collective bargaining rights from its employees and
leaving the situation cost-neutral, as you alluded to, where
they picked up additional responsibilities but weren't allowed
to spend any more.
And, of course, I think one of the biggest problems we have
seen is that those who were smart enough or who had been there
long enough knew they had to get out of those departments. That
created voids. And you people came in. They didn't know how it
had been run before. Now we hire back contractors in order to
come in and tell the new people how the job is done.
We look at the situation of the staffing over at this
department, and we see that--and we still haven't gotten back
the numbers completely. But the fact of the matter is slots are
not filled. Lots of contracting slots are sitting there. So
just the whole issue of people is a big problem.
But I want to ask a couple of questions with respect to the
budget that just came out from the president and the fact that
DHS had been pushing to get the old hospital in D.C.--I wish
Ms. Norton was here--to sort of situate its employees in one
place and stop leasing wherever it is that they all are. And,
of course, then you do the cost savings analysis that saves
over $1 billion a year the sooner you get them out of those
leased offices.
But, you know, the drawback is it is up-front money that
you have to spend in order to get this old hospital
refurbished. And, of course, I hate to say it without Ms.
Norton here because, of course, she is very anxious to fill
that place up.
But my question to you is, do you think it would make a
difference if we did put these people together in one place and
gave them the secure lines some of them need and the access
some of them need? Or do you think that is not going to make
any difference, that they are just--and I have said this over
and over--chaotic and a confused department, which it has been
for the last--and I have sat on the committee since the
inception of that. Or do you think it might help?
Because in the president's budget, this issue of putting
everybody in one place has been zeroed out.
Mr. Skinner. I really wouldn't want to speculate that it
would make things better. But I could say that it would be more
efficient if we were all together because we spend an
inordinate amount of time commuting cross-town to meet with one
another because we are scattered all over town, at the Ronald
Reagan Building, up on 4th and High Street, down on Vermont
Avenue and places in Virginia. And it is very inconvenient. And
you lose hours a day just commuting back and forth for
meetings.
But I wouldn't want to speculate would it make us a more
cohesive, better managed. I don't think location drives
management. I think management drives management.
Ms. Sanchez. Okay, that is fair enough. Thank you.
Do you have a comment on that?
Mr. Walker. I think it could help, but I don't think it is
a panacea. I think clearly it could help to improve economy and
efficiency.
Ms. Sanchez. Maybe communications?
Mr. Walker. Possibly, yes. But it clearly comes down to
leadership and performance measurement rewards systems and a
variety of other things irrespective of where you are. As you
know, sometimes you can have everybody in one building but
psychologically there can be a difference between which floor
you are on plus which unit you are part of.
But it wouldn't hurt. And I think it would help.
Ms. Sanchez. Thank you, Mr. Chairman. I will yield back at
this point.
Chairman Thompson. Thank you very much.
The chair will now recognize other members for questions
that they may wish to ask the witnesses. In accordance with our
rules, I will recognize members who were present at the start
of the hearing based on seniority on the committee alternating
between majority and minority. Those members coming in later
will be recognized in the order of their arrival.
I now recognize the gentleman from Alabama, Mr. Rogers.
Mr. Rogers. Thank you, Mr. Chairman.
I want to thank the witnesses for being here. I would like
to address my questions to Mr. Skinner.
In the 109th Congress the subcommittee that I chaired held
three hearings on ISIS. For those who aren't familiar, that is
the Integrated Surveillance and Intelligence System. And, it
was a real disaster. We talked about ways that we could make
sure that didn't happen in the future, particularly as we went
into this new technology era. And then last September, SBInet
was announced.
And you released a report in November, a management
advisory report, that raised a lot of concerns about SBInet. I
would like to ask you, has DHS done much to address the
concerns in that management advisory? And if so, what have they
done?
Mr. Skinner. That is interesting because, as we speak
today, we are meeting with the SBInet folks to obtain an update
exactly where they are with regards to implementing the
recommendations we made there.
I can say that just from--because we are embedded there. We
are going to continue to work there because of the major-
because of the investment that we are putting in this
initiative. And I can say that we still have significant
problems.
The staffing, the project management team is still not
where it should be. And our major concern right now is, while
they can manage the one or two taskings that are out there, we
are in the process to issue several more taskings between now
and this summer. And that is going to stretch them very, very
thin to be able to manage the taskings that they currently have
then be involved in the process of initiating new taskings and
providing oversight of these additional taskings.
So it is something we need to watch very, very, very
closely. It is certainly not a best practices, the way we
proceeded with SBInet. But they did, in fact, take certain
safeguards this time, based on lessons learned from Deep Water,
for example, and they are moving at a slow pace, which is a
wise thing to do.
It is a short-ended contract with exit ramps in case things
don't go well. So in their pilot, the Tucson area, as I am sure
you are aware, before we go spread our wings into other areas.
But it is something that needs to be watched very, very
carefully.
Mr. Rogers. I get the impression from the way you described
that that you see staffing shortage problems.
Mr. Skinner. There is. There is.
Mr. Rogers. Not just with you, but with DHS.
Mr. Skinner. Yes.
Mr. Rogers. Okay.
Mr. Skinner. I might add very quickly we have got a report
coming out on SBInet next week. I would commend it to you.
And secondly, just a note for the record that I come from
Alabama as well.
Mr. Rogers. All right. War Eagle.
[Laughter.]
I wanted to ask about procurement. As you know, we talked
in the past about--and you made reference to it in your
management advisory acquisition and procurement staff
shortages. Have you seen any relief in this area?
Mr. Skinner. I know there is some very aggressive
initiatives both in our 2007--in the department's 2007 budget.
And you will see that as well in the 2008 budget.
Keep in mind that we inherited a budget in 2003. In 2004,
the president's budget was already up on the Hill. So the first
time the department was able to submit a budget was in 2005.
Unfortunately, it was focusing on operational issues in the
standup of things like the science and technology division.
In 2006 was the very first time, I believe, or 2007, that
we recognize that we have dug a hole for ourselves and we are
trying now to work our way out of that. It is going to be a
long-term effort.
The department, particularly under the leadership of Elaine
Duke, is taking some very innovative approaches to do stop gap
solutions until we can get fully staffed. And that is trying to
recruit in-house, doing certification, doing training.
And it goes beyond just procurement and acquisitions,
procurement officers. It is really a program management
capability. And we need additional training there. You can have
the best procurement shop in the world, but if you don't have
good program managers and they are well trained and they are
working hand in hand with your acquisition officer, a lot of
things can go wrong.
Mr. Rogers. Right. And a piece of good news, from the
chairman's standpoint. I met with Ms. Duke yesterday, and
talked at length about what they have been doing. I know the
department has gotten a black eye for morale. But apparently in
procurement there is a real good attitude, and they have got a
lot of people trying to join that department. But that is a
good thing.
I would ask that after this meeting you are going to have
this afternoon, if you could give us a report to my staff or to
the committee staff about what you learned from DHS's response
to that management advisory.
And last question, how much do you think SBInet is going to
cost?
Mr. Skinner. I don't know.
Mr. Rogers. That is what I thought.
Thank you, Mr. Chairman.
Chairman Thompson. Good question.
We will now have questions from the gentlelady from
California, Ms. Harman.
Ms. Harman. Thank you, Mr. Chairman. And thank you and
thank the ranking member for holding this hearing. These are
two witnesses who really know what they are talking about and
can be very helpful as we try to make our homeland security
program more effective.
Unlike Ms. Sanchez, I did support the legislation. And I
guess I am one of its godmothers, for better or worse. But the
goal was not to rearrange the deck chairs, but to create one
deck, one national, integrated strategy for homeland security,
which obviously has to include risk management, since, as you
point out and everyone here understands, we can't protect
against everything at all times.
It is disappointing to hear that, notwithstanding a huge
effort by many at DHS, we are still slow in reaching success.
So my first question is, do you think we will ever get there?
Mr. Walker. I think ultimately you can. I think from an
intellectual standpoint you can say that clearly by pulling the
people all together under one department with ultimately one
chain of command with the ability to hopefully interface more
effectively, I think you can get there.
And frankly, let me go back to the Department of Defense--
60 years--
Ms. Harman. Yes.
Mr. Walker. And it is a D on economy, efficiency,
transparency and accountability.
Ms. Harman. But, Mr. Walker, we don't have 60 years, as you
well know.
Mr. Walker. No, no, we are ahead of the Department of
Defense. I mean, you were only 4 years, right.
I mean, and so, can we be successful? Yes, I believe we
can.
Mr. Skinner. And I agree with Mr. Walker. Absolutely we can
be successful. But it is going to require transparency,
accountability, oversight, and a focused leadership.
But if we maintain that leadership and maintain our
discipline, yes, we can be successful. It is not going to be
easy, and it is not going to be done in a short period of time.
Ms. Harman. On that point, let me just ask a couple of
questions in combination so that I don't run out of time. I
don't want to abuse the time of other members.
Number one is whether you can put a timeframe or an
approximately timeframe short to long on when we can achieve
success.
Number two is a request, Mr. Chairman. I would like to
request more specific information on the role of contractors in
the Department of Homeland Security. I think it is a staggering
statistic that 40 percent of the budget, $16 billion, if I
heard you right, goes to outside contractors. And I would like
to know what it is that they do there so that we can hold them
accountable as we are trying to hold everyone else accountable.
Chairman Thompson. I agree.
Mr. Skinner. Yes, and I will provide you a breakdown of
where those funds are going.
Ms. Harman. Right. And my other question is, to piggyback
on the last one, about SBInet. I want to ask about the homeland
security information network and how we are doing with that.
And specifically, are we reinventing the wheel?
I mean, there are other information-sharing systems that
law enforcement, for example, is comfortable with, like RISNET
and LEO and LINX, a system I have learned about recently, which
is a naval criminal investigative services network.
And I am wondering whether those pre-existing systems were
researched before HSIN was developed and would an assessment of
those networks be useful now in trying to achieve in the
shortest possible timeframe real full integration so we can
share information.
Mr. Skinner. I am not sure if they were explored or not.
But I can say that as a result of our recent work in that area
that the department, in particular, Charlie Allen, who is
running our intelligence analysis shop now, is stepping back
and taking a broader view of what our options are, reaching out
to our partners such as the FBI for LEO and the Navy and other
areas to see if maybe we should just piggyback or work with
them hand in hand to ensure that communications between the
feds and the states and the locals.
Ms. Harman. As chairman of the relevant subcommittee here,
that is a high priority for us, because you can't share
information if you don't have the sharing mechanism, even if
you have the will.
How about an answer on timeframe for achieving a successful
integration in this department?
Mr. Skinner. Well, again, I don't know if I want to
speculate when you talk about integration of the entire
department. I can give you some timeframes for, for example, in
financial management.
We hope to have the ability to provide the Congress and the
public with reliable and timely financial statements that are
unqualified, audited opinions no later than 2009. And that
would be 3 years.
In the IT arena, we are plodding along. But we are looking
at 2008 to build a department-wide platform that is what their
out-goal is. Will they reach that? That is a very ambitious
goal, to have a department-wide network that will support
everyone.
In the area of grants management, I think we are very weak.
I don't think we are paying enough attention to what is going
on in our grants management arena. I think we might be doing a
good job of developing risk assessments as to how we are going
to award those funds. But we are doing that in a very stovepipe
manner. And I think maybe we need to slow up and take a look at
what we are doing.
Ms. Harman. Right. My time has expired.
I just, Mr. Chairman, would ask that Mr. Walker answer the
question about timeframe.
Mr. Walker. I can very quickly. Five to 10 years on a
consolidated basis, hopefully closer to 5. I am talking about
full integration and transformation.
And quite frankly, as I said before, it is 5 to 7-plus even
in the private sector. And this is a lot more complicated than
that. But it is not guaranteed unless they take certain steps.
Last thing, contractors: We have a major challenge
government-wide with contractors. We are using contractors more
than prudently appropriate. There are a lot of circumstances in
which we clearly should use contractors, and they do a good job
for us, and it may be necessary. But there are major issues
here beyond DHS.
Chairman Thompson. Thank you very much.
I now recognize the gentleman from Texas, Mr. McCaul.
Mr. McCaul. Thank you, Mr. Chairman.
Mr. Skinner, I want to direct my questions to you. Last
Congress we worked very well on the issues related to FEMA
fraud, waste and abuse issues. However, there was another
oversight issue regarding an investigation conducted by your
office that did not go quite as well.
As you are aware, last September when I was chairman of the
Investigations Subcommittee, I requested a briefing from your
office on the case involving Border Patrol agents Ramos and
Compean. I requested that meeting because we were hearing a lot
of allegations about the innocence, potential innocence. My
sole goal is to get to the truth of this case.
Now, I sent you the letter after that meeting requesting a
report of investigation that I was told that substantiate the
assertions that were made by members of your staff to several
members of Congress and committee staff.
In January of this year, I contacted your office for that
document again as I had not received it. And I was told by you
that, as I was no longer chairman, that this request would no
longer be honored and that I would have to submit my request
through the Freedom of Information Act. I have to say I think
that defies, to some extent, the authority of this committee.
Be that as it may, as of yesterday I received a production
pursuant to the Freedom of Information Act, and I have had a
chance to review that report. Many of the assertions that your
office made indeed turned out to be correct.
However, there are several that I want to entertain that
did not, in my view, add up. And I want to know specifically
what you are going to do about this.
One had to do with the allegation, very inflammatory, by a
member of your office that these agents stated on the day of
the shooting that they wanted to shoot a Mexican.
Mr. Skinner, I looked through this entire production, this
entire report, and nowhere is that statement found in this
report. I don't know if it exists in another report. If it
does, I would like to see that report.
In addition, we were told that the individuals, the agents,
knew the drug dealer was unarmed and did not fear for their
life at the time of shooting. However, as I read the memorandum
of activity, which is attached to your production, it clearly
states that Compean said that he began to shoot at Aldrete
because of the shiny object he thought he saw in his left hand
and because Aldrete continued to look back toward his
direction.
Compean explained that he thought the shiny object might be
a gun and that Aldrete was going to shoot at him because he
kept looking back at him as he ran away from him. It was then
that he began to shoot. That is according to Compean. That is
his statement.
Obviously, the jury believed differently in the outcome of
this trial. But the point remains that we were given various
representations from your office that we believed in. We
certainly believed in the good faith of your office. And I
believe that these representations became misrepresentations,
if not outright false statements to members of Congress.
So specifically, I wanted to hear from you what you intend
to do to hold your office accountable for these statements that
were made to members of Congress and to this committee.
Mr. Skinner. I would like to make, first, two points.
Those, say, misrepresentations were made to me as well.
Secondly, those misrepresentations were not deliberate. Our
policy is generally not to brief until an ROI has been
prepared. And we will only brief if requested by a chair of a
committee for the official business of that committee.
In this case, we agreed to brief on the two individuals
that had been convicted and sentenced, although our ROI had not
been completed. In fact, our report of investigation was not
completed until late November.
In preparation for the meeting with you and other members
of Congress, the individuals that briefed you were briefed
telephonically by members of the investigative team. And the
characterizations that they received they passed on to you. And
they were mischaracterizations.
For example, the briefer from, I believe, Texas told us
that--not me personally, but to our assistant IG for
investigations who subsequently briefed you--that they were out
to shoot the Mexican. The actual quote was they were out to
shoot the alien. It was not a Mexican. But that was the
characterization that was passed on to them. Unfortunately,
they repeated that to me, and they repeated that to you.
So far as being in fear of their life, that was a summation
of all of the evidence that they had gathered from other
witnesses. Keep in mind we did not investigate two agents,
Border Patrol agents here that were convicted or that were
prosecuted. We conducted an investigation of an incident. It
was a shooting incident. It involved 11 Customs and Border
Patrol agents.
When we initiated that investigation, we developed facts
surrounding the case. We brought that to the prosecutor. The
prosecutor then chose to prosecute two individuals. There were
three other individuals that are implicated as well. But the
prosecutor chose not to file charges against them. However, we
referred that to CBP to the management for administrative
action.
Those three people now have been disciplined; that is, been
given their notice to terminate employment with CBP. One has
already resigned. The other two I don't know what their current
status is.
But it is an unfortunate mischaracterization. I apologize
on behalf of our staff for that mischaracterization. But I just
wanted to make it perfectly clear it was not intentional. They
were not trying to suggest that this was greater or something
more than what it was to impress upon you that the conviction
was a justified conviction. They were just simply repeating
characterizations that were passed on to them.
Ms. Sanchez. [Presiding.] The gentleman's time has expired.
Mr. Etheridge for 5 minutes, of North Carolina.
Mr. Etheridge. Thank you, Madam Chairman.
Let me thank both of you for being here today.
Let me ask a question because in the ongoing response to
Hurricane Katrina--and I ask this question because it may just
be January and it is cold as blazes outside right now. For
those of us who live in North Carolina and in coastal
communities, we aren't too far from hurricane season again. I
know that may sound strange, but we live in that fear.
And in the ongoing response to Hurricane Katrina and Rita,
the GAO has identified significant fraud, waste and abuse in
the control weaknesses in FEMA's individual and household
programs and in the Department of Homeland Security's purchase
card account.
Can you share with us if FEMA has taken action on the
recommendations to address these weaknesses?
Mr. Walker. It is my understanding they have taken action
on some, but not all of those. And I would be happy to provide
some more information to your office, Mr. Etheridge.
Mr. Etheridge. Would you, please? Thank you.
Mr. Walker. I would be happy to do that.
Mr. Etheridge. I think that would be helpful.
Secondly, are efforts being made to determine whether the
systems will work in an actual disaster? You know, even though
we have taken action, have there been any dry runs, so to
speak? Because I think that is critical if we are going to--you
know, we could face another one in the very near future.
Mr. Walker. I understand. If I can provide that for the
record, I would appreciate that.
Mr. Etheridge. Okay, I appreciate that.
Mr. Walker. Because I don't know the answer.
Mr. Etheridge. Thank you.
Several OIG reports have identified problems with TSA
screeners and TSA airport procedures, as you well know. And I
have heard from many of my constituents about the
inconsistencies that have been applied to rules and other
issues with passenger screening, and, I guess, more
particularly and probably more specifically, dealing with the
hastily applied rule of liquids.
So in that regard, can you share with us the progress that
has been made in implementing the provisions of OIG's
regulations and what is being done to further ensure
consistency and clarity regarding the rules and procedures on
these airport screenings?
I think, you know, that is where the traveling public faces
it more readily. And we get feedback real quick.
Mr. Skinner. I am sure you do. And I travel a lot as well
as part of my job, and I do personally observe and see these
inconsistencies. There is a whole variety of reports that we
have issued with regard to TSA where they need to tighten up
not only their internal controls, but their business processes
and the way they do business.
We are doing a series of audits with regards to TSA right
now to follow up on the recommendations that we have made over
the last 2 to 3 years with regards to not only their
recruitment, but their processes at airports, not only for
passengers, but also for cargo, checked luggage, that type of
thing.
And if I may, if I can get back, we are looking right now,
probably sometime this summer, before we will have a report on
two or three of these areas that will be?
Mr. Etheridge. If you would get that back to us, I would
appreciate it.
Mr. Skinner. I would be happy to.
Mr. Etheridge. All right. Thank you.
The final question I have, Madam Chair, is my state of
North Carolina is a participate in the regional information
sharing system or RISS program. Given the problems you mention
in your report on I.T. infrastructure and the data system, what
is the prognostication for linking the homeland security
information network to RISS? And are procedures being developed
to avoid duplication and confusion should this linkage be
taking place?
Did you understand the question?
Mr. Skinner. Are you referring to--
Mr. Etheridge. It is the regional information sharing
system, okay, the regional information sharing system. And you
indicated a lot of problems you mentioned in the report in the
I.T. information and data system.
And my question is, what is the prognosis for linking the
homeland security network to RISS? And are procedures being
developed to avoid duplication and confusion when that linkage
takes place?
Mr. Skinner. Thank you. And may I get back to you on that?
Mr. Etheridge. You sure may. That would be fine.
Mr. Skinner. I am not real familiar--well, familiar with
the subject, but not the response or status.
Mr. Etheridge. That will be fine. Thank you, sir.
Thank you.
Ms. Sanchez. The gentleman's time has expired.
Mr. Etheridge. I yield back.
Ms. Sanchez. Before we go to Mr. Souder for 5 minutes, we
have, I believe, what is three votes on the floor, the last
votes of the day, 15-minute votes. So we will do his 5 minutes
and then we will break. We will go into the votes, and then we
will return.
That is, if our two gentlemen--how long do you all have? We
will probably be gone for about half an hour at least.
Mr. Walker. I have got a meeting on the Senate side at
3:30, which I need to do. So I can leave at about 3:20. I can
stay here until about 3:20.
Ms. Sanchez. Okay.
And Mr. Skinner?
Mr. Skinner. The same. I can stay at your convenience.
Ms. Sanchez. Okay. So we will take the gentleman from
Indiana, and then we will break for votes and we will return.
Mr. Souder. Mr. Skinner, I don't know how to adequately say
I found your answer to Mr. McCaul completely unsatisfactory,
that I think this is something that is going to get
increasingly embarrassing to the government in all aspects.
As somebody who initially was fairly calm about this matter
and the more I read and the more I see the documents and the
more I see the policies behind the documents, the American
people are going to question whether we have any commitment
whatsoever to the border based on the type of spin we have been
receiving.
And I find one of the most amazing things listening at the
beginning of the hearing the criticism from both of you about
the Coast Guard and thinking, you know, there is some truth to
this. If you have people who can't talk to the people who are
investigating and they always want to have their person up
higher that want to give a report, how are you, as auditors,
supposed to do this? Well, how are we, as congressmen, supposed
to do this?
If you want to, in effect, say we can't give you documents,
we have to have our staff screen with us until we can talk to
you, the very thing you were complaining about the agencies
about you do to us. And I am just appalled and embarrassed for
you.
Now, I have some particular questions regarding SBInet.
Over in government reform we are doing some Iraq
investigations. And we are all going to be talking with you
over the period of time. And one of the classic tradeoff
challenges is here because as a businessperson myself, I
understand to get corruption, to get tracking, you have to have
information. And too often the agencies are getting
stonewalled. We don't have enough staff.
We were yesterday talking about Iraq where they really
needed 800 accountants, and they had four to 10, and a third of
them got shot up. How do you do tracking? Because the classic
thing here on the border on SBInet, which is a huge challenge
right now, and I know we will be talking more about this over
time. And I read your statements with it.
As a practical matter, any effort in any section of this
border is going to be successful because they are just going to
move to another part. And at the same time, by the time we make
sure that every piece of fence works, every piece of technology
works and we do all this research and do the accounting with it
and make sure we have a plan, it is sometimes one of the
tradeoffs here. And this is what I would like you to address
structurally is we shouldn't rush because if we rush, we might
make a mistake.
So we have got a million illegals coming across. We have no
idea whether terrorists are coming through. We have contraband
coming every day and narcotics. We have potential other types
of contraband all the time coming across. How do you balance
the auditing challenge you have with the need for speed?
Because to some degree, any fence works temporarily.
Anything we do works temporarily. That if we sit back and wait
and do an immigration bill but don't have any border strategy,
we don't really have an immigration bill. Could you talk about
that tradeoff that you see constantly when you do oversight?
Mr. Skinner. That is an extreme challenge. And that is one
of the things I commented on earlier, is the urgency of our
mission and balancing that against our infrastructure and our
ability to support that mission.
With regards to the SBI and the SBInet initiative, SBInet
is only one part of a larger initiative. And we have to bring
it all together. To secure our entire borders nationwide north
and south is something that therein lies one of the problems we
have right now with SBInet, is that we don't have operational
requirements. What do we need?
Like you said, if we secure Tucson, they are going to come
in through Del Rio. If we secure Del Rio, they are going to
come in at El Paso. So we have to have an operational plan that
is put in place with measures and performance matrix that will
show us when we are going to do it, how much it is going to
cost to do it.
We also have to take into consideration the cost benefit of
doing all this. Do we want to spend billions of dollars and it
is not going to work? So it is just a major challenge.
But when I say proceed with caution, I am talking about
proceeding with caution. Find short-term solutions to ensure
that if we are going to invest $1 billion next year, which the
president is asking for in 2008, that we know at the end of the
year those monies were spent wisely, not necessarily--we still
need to proceed, but at the same time, we can take some steps
to ensure that we have oversight. I can assure you our office
will continue to provide oversight to the extent we can.
Mr. Walker. Mr. Souder, acquisitions and contracting is a
high-risk area across government. And it is particularly acute
in certain departments and agencies. The fact is we are relying
on contractors in new and unprecedented ways.
We are also entering into some contracting arrangements
such as the one with SBInet where we are employing an
integrator approach, which means we are providing more
flexibility to the contractors. With more flexibility, it means
you need to be that much more careful about conflicts. You have
to be very, very careful to define your objectives and to nail
down your requirements.
You have to make sure that you have appropriate interaction
and oversight as you go along because with more flexibility
means more risk. There are 15 systemic problems with our
acquisition and contracting system in the entire government,
which I will be happy to provide for the record.
We need to focus on those because, yes, you need to move
expeditiously, but you need to get it right. And all too many
cases we have gotten it wrong in some cases because we moved
too fast.
Ms. Sanchez. Thank you. The gentleman's time is expired.
Mr. Souder. Thank you. And would you provide the 15 for the
record?
Mr. Walker. I will be happy to do so.
Ms. Sanchez. We will recess.
Gentlemen, we will probably be gone about 30 minutes or a
little bit more, depending on the votes. So go grab a Coke or
something, and we will be back.
Thank you. We stand in recess.
[Recess.]
Mr. Dicks. [Presiding.] You know, in your opening remarks,
you talked a lot about DHS contractors and that 60 percent--was
it 40 percent or 60 percent of the DHS budget is spent on
contractors?
Mr. Skinner. Approximately 40 percent in 2006. In prior
years it has been building. In 2005 I think it was around 25
percent. In 2004 I believe it was around 25 percent.
Mr. Dicks. And you are concerned that we don't have good
oversight of these contracts? Or is there competition for these
contracts?
Mr. Skinner. Not all of them. My primary concern is that we
don't have the capacity to provide the oversight that is needed
to ensure that we are getting what we are paying for.
Mr. Dicks. Have you investigated any of these contracts,
any of them specifically?
Mr. Skinner. When you say investigate, yes, we have many
ongoing investigations on contracts that were let as a result
of Hurricane Katrina, Rita and Wilma a couple years ago. We
have done a lot of work in audits of various contracts to
determine whether--for example, the contract with Pearson to
hire the TSA screeners. We have done reviews of the Boeing
contract to install electronic detection or explosive detection
equipment at the airports, those type of things.
Yes, we are actively engaged in reviewing many of the major
contracts--
Mr. Dicks. Do you have enough staff to do your work?
Mr. Skinner. We can always use more staff, of course, as I
think everyone--
Mr. Dicks. What is your staff? How big is your staff?
Mr. Skinner. Currently right now we have approximately,
including those resources that are dedicated down in the Gulf
Coast, somewhere around 550.
Mr. Dicks. Now, are these all government? Or are some of
these contractors?
Mr. Skinner. Of those, no, those are not contractors. These
are all government employees. Some of those, approximately 60-
plus, I believe, are hired on a temporary basis to provide us
the coverage we need in the Gulf Coast.
Mr. Dicks. Okay. Now, one of the other issues that you
mentioned was there is the concern that you have the DHS on a
list of--and want to talk about that, Mr. Walker, on the list.
And they have not done a good job in coming back to you with
trying to show you that they are working to get off the list.
There is a number of things that you mentioned in your
testimony that the DHS hasn't done. And you mentioned that some
of the agencies were on this financial audit list prior to DHS
being created. Could you tell us which ones and kind of give us
a little overview on this problem?
Mr. Walker. In 2003, we put the DHS integration and
transformation effort on our high-risk list. And it has
remained on it through the two updates in 2005 and 2007. The
latest update being announced on January 31st.
We did that because of a number of reasons. One, there were
a number of major management challenges that existed in a
variety of these 22 agencies before they were put together. And
secondly, just the mere undertaking of trying to integrate 22
different agencies with different systems, with different
cultures, et cetera, is a massive undertaking.
What I mentioned before was was that while they had made
some progress, they have got a long way to go and that one of
the frustrations that we have been having is that we have not
been getting timely access to records and to individuals. It is
one thing to understand that there can be delays.
But it is becoming a systemic problem. And part of which is
because how they go about trying to clear the records and
different safeguards that they have in place that other
departments and agencies do not.
Mr. Dicks. Have you talked directly to Mr. Chertoff about
this, Secretary Chertoff?
Mr. Walker. I have spoken with Michael Jackson about it. I
have not spoken with Secretary Chertoff directly about it.
Mr. Dicks. Who have Chertoff and Jackson put in charge of
coming up with a plan and an approach so they get off this
list? Who is in charge of that? Is there somebody in charge? Do
they have a CFO? Obviously, it is Chertoff obviously. But--
Mr. Walker. Well, ultimately he is in charge. One would say
that Deputy Secretary Jackson is really focused more on
internal matters, more on operational matters. I know that OMB
has worked with DHS as well as all 27 of the high-risk areas to
come up with an action plan to get off the list. Some will be
able to get off a lot quicker than others. It is going to take,
I think, a number of years for DHS to get off.
Mr. Dicks. Well, give us for the record a list of the ones
that were in trouble financially and on your list prior to DHS
being created. And if any of them have gotten--well, of course,
they couldn't get off because the whole agency now is being
evaluated.
Mr. Walker. I will be happy to provide it for the record.
Let me just say this, that there is one area that relates
directly to the Department of Homeland Security. And that is
the overall integration transformation effort. There are other
areas that relate to the Department of Homeland Security
indirectly, for example, information sharing. They are
obviously part of the intelligence community. And there are
major challenges associated there.
Mr. Dicks. Ms. Blackburn, please, is recognized for 5
minutes.
Mrs. Blackburn. Thank you, Mr. Chairman.
Mr. Walker, always good to see you.
Mr. Walker. Good to see you.
Mrs. Blackburn. As I read your testimony and prepared for
today, I noticed that some of the themes that seem to come your
direction or come up in our conversations are still there. We
have systemic problems. We lack a comprehensive strategy. They
lack a comprehensive team.
There is too much bureaucracy. There are too many lawyers
involved in the process. And I thought how amazing it is that
we hear this from you. We hear it from the inspector general.
And we are hearing it from our constituents that are trying to
deal with federal agencies.
So, therefore, it should tell us that we really have a
problem in how the federal government is organized. And I
appreciate the wisdom that each of you bring to the discussion
and hopefully guidance that will help us to reduce some of the
bureaucracy and the repetitive nature of process that we find.
Mr. Walker, I have got several questions. I know I am not
going to get through them. I have actually got eight for you
and 16 for the inspector general, so I am going to submit some.
But I want to begin by talking about CIS. And the GAO report
mentions that CIS has improved their ability to deal with the
backlog of immigrant applications.
But I have read some instances in some reports where
federal contractors have thousands of applications that are
stored and where some of them have shredded tens of thousands
of applications and some of the paperwork in order to reduce or
give the appearance of reducing that backlog. And I would like
to have from you an awareness of what you have or how you see
that situation.
Mr. Walker. Well, first, we have done some related work and
noted some progress there. Candidly, at this hearing I heard
for the first time assertions that there may have been some
destruction in order to reduce the backlog. That is news to me.
And I think what we need to do is I will go back with our
people and find out what, if anything, we have heard of that
and also try to coordinate with Rick Skinner to see whether one
of us might want to follow up on that without duplicating
efforts.
Mrs. Blackburn. I thank you. What are they currently
showing as their backlog?
Mr. Walker. I don't have the numbers in front of me. I
would be happy to provide it for the record.
Mrs. Blackburn. You do not? That would be great.
The other thing that I would like to know about that
backlog is if they are including the applications that are
pending for security background clearance and checks or if
those have been moved on to another agency and figure out how
that has fit into that evaluation. Anyway, if we can quantify
that number, that would be helpful.
And then the other thing, if you feel like they have
sufficient resources to deal with that--it is a process, more
immigration applications if we were to have a temporary guest
worker program.
Mr. Walker. Right.
Mrs. Blackburn. To talk about a looking forward. One of the
things we do not ever do is look forward and say in 3 years, 5
years, 10 years how will we meet these needs and then plan
accordingly. And I think that we become so focused on an annual
budget.
I have some GIPRA questions, but I will submit those to
you.
Mr. Skinner, the SBInet program, I wanted to see if you see
that as a high-risk program. And also the timeline that DHS--if
they are making progress in finalizing their metrics and
targets and their goals for each of their task orders in that
SBInet timeline.
Mr. Skinner. Yes, we most certainly do see it as a high-
risk project.
Mrs. Blackburn. Okay.
Mr. Skinner. And each year we publish a document we refer
to as the 10 management challenges facing the department. And
that is included in that document as well and will continue to
be included in that document so long as the department does not
have--I mean, until they obtain the capacity to, one, manage an
initiative like this, a system-to-system type of initiative;
two, until they clearly define what their operational
requirements are; three, until they can put a price tag on
those operational requirements so that we can monitor how we
are spending those funds: Do we have cost underruns, overruns?
Mrs. Blackburn. Okay. Let me ask you then should they
postpone this program until they can address those problem
areas, major problem areas and establish those metrics.
Mr. Skinner. No, I think the approach--
Mrs. Blackburn. They should not? Okay.
Mr. Skinner. --that they are taking is a wise one, and that
is, let's pilot some of the initiatives we want to do and take
lessons learned from that before we expand. That will carry us
out until June.
They have an aggressive one. They have developed a
personnel plan. They claim they know what the mix of resources
they need to manage a project like this. It is approximately
somewhere between 290 and 300.
And, of course, that includes everything from the
engineers, I.T. types, contractor representatives, contractors
themselves and contractor support to help them to help the
project integration team to provide that oversight. If they
cannot build up to that capacity, then we will caution them you
need to slow down until you can build up to that capacity. But
right now, no, I would not recommend that we kill a project at
this point in time.
Mrs. Blackburn. Thank you. I yield back.
Mr. Skinner. Very quickly, we have a report coming out next
week, Ms. Blackburn, on SBInet next week. So you may want to
keep your eyes open for that.
Mrs. Blackburn. Okay. Thank you.
Mrs. Christensen. [Presiding.] Thank you. The gentlelady's
time is expired.
We next recognize Mr. Langevin for 5 minutes.
Mr. Langevin. Thank you, Madam Chair.
And, gentlemen, thank you for your testimony today.
Before I get to my questions, I want to comment just on Mr.
Skinner's answer. You mentioned Charlie Allen, the work that he
is doing on information sharing with local law enforcement and
how they are relooking at that whole information sharing
network. I think that is so important.
And I have raised that issue a number of times. I think it
is a problem with homeland security. It probably made a mistake
in the way it was trying to create a whole new network. I have
met with people from, for example, RISNET, the Regional
Information Sharing Network, in New England. And that is a tool
that law enforcement is already very comfortable with, familiar
with.
And to me it seemed counterintuitive at best, nonsensical
at worst, to not build on that system, something that law
enforcement is already working with. So I am glad to hear your
answer to Ms. Harman's question with respect to RISNET and just
the Regional Information Sharing Networks that already exist
and how Homeland Security is going to relook at that system.
But respect to my questions, starting with Mr. Walker, if I
could. The Bioshield program has experienced varying levels of
success since its inception 3 years. The program, as you know,
though was however recently dealt a major blow with the
cancellation of the contract for next generation anthrax
vaccine, which at the time was the only major procurement
contract under Bioshield.
Now, this program is obviously too important to fail. And
yet as it currently operates has not been operating very
successfully at all. Now, as chairman of the Subcommittee on
Emerging Threats, Cybersecurity and Science and Technology, I
plan to hold several hearings to explore how to fix the major
problems with Bioshield's operations.
And, in fact, in order to get the full understanding of the
program's failures, we are probably going to need to do joint
hearings with other committees tasked with oversight of health
and human services. And I am fully prepared to do so.
My question is what do you see are Bioshield's biggest
weaknesses. And do you think the Department of Homeland
Security and the Department of Health and Human Services are
equally responsible for the program's failures? And what key
steps would you advise DHS in particular to take to ensure the
program's success?
Mr. Walker. Well, we have done some work on this in the
past. I am familiar with some of it, but not all of it.
Clearly, I believe that there is a shared responsibility here
between DHS, HHS and possibly others with regard to this
program. We know that we have had circumstances in the past
where we have relied solely on a particular provider in some
circumstances.
I think one of the things that we have to do is we have to
define what our needs are, and we have to see what we can do in
order to identify multiple providers hopefully, ideally,
domestically, but if not, internationally. And I would be happy
to find out what else we have done and make that available to
you.
Mr. Langevin. Yes, I would like you to do that and paying
particularly close attention to Bioshield and maybe some of the
successes. I would like to know what progress they are making
from your perspective, but what we need to do to fix the
program. It is too important. The results could be in terms of
an attack and not being able to respond to one adequately would
be catastrophic. And Bioshield was meant to obviously prevent
that from happening.
Mr. Walker. I understand.
Mr. Langevin. Mr. Skinner, last year Congress cut a
significant portion of the president's requested budget for the
science and technology directorate. And these cuts came largely
because of congressional dissatisfaction with the directorate,
in part, because of the concerns that S&T was nothing more than
a hobby shop for program managers rather than a directorate
actually serving its customers.
Now, at the same time, Congress was also concerned about a
lack of transparent strategic planning at the directorate,
inadequate detail in its budget justifications and the
directorate's failure to more rapidly develop and adopt
technologies for homeland security purposes. Now,
Undersecretary Cohen took over the organization August 2006.
And since then he has been working to quickly try to right the
ship, if you will.
And this committee has held several hearings where the
undersecretary has been invited to testify. And by and large,
we are pleased with his progress. And knowing him from my other
work on the Armed Services Committee and my work in R&D, I know
that Secretary Cohen did an outstanding job as head of Office
of Naval Research. He comes to the table with a lot of
credibility.
But in spite of the changes at the top, serious problems
still exist within the directorate. So my question to you, Mr.
Skinner, is what is your office doing to ensure that the
problems that existed prior to Undersecretary Cohen's
appointment are being addressed.
And specifically, what is your office doing to oversee
S&T's efforts to develop a mature business model and prudent
project management practices? And also, what is your office
doing to ensure that the undersecretary develops a plan to
strengthen workforce recruitment and retention and improve
institutional knowledge base as well as create a culture of
responsibility within the directorate?
Mr. Skinner. Thank you. Historically we did not provide the
oversight of S&T that we should have. And that is because of
resource constraints. And I agree with you that historically
the S&T, I think, has lost its way, so to speak. It took on
operational issues when it shouldn't have. It did not reach out
to its customers. And as a result, it was meandering in the
department.
Since Undersecretary Cohen has come onboard, I have met
with him on multiple occasions, been briefed on his
reorganizational structure, his new plan of business, the way
he intends to utilize the S&T resources and service the
department in the states and the locals in a research and
development environment.
This year for the very first time we are getting involved
in S&T activities. Currently we are first going to learn more
about how S&T is run. So we are serving the S&T operations,
working with Mr. Cohen to get an understanding what his
organizational chart is, what his staffing requirements are and
where he is going to place his priorities and use the monies
that are allocated to him.
From there, we intend to develop a series of audits over
the next 3 years that will focus on those areas that both Mr.
Cohen, Secretary Chertoff and our office mutually--and
Congress, because we always solicit the input from the Congress
as well--as to those areas that we think would be everyone's
benefit that we provide more intense oversight.
If you look at our 2007 performance plan, which, in
essence, is an outline of the types of projects we intend to
take, we do now have a chapter dealing just with S&T
activities.
Mr. Langevin. Okay. Well, I see my time is expired. I look
forward to talking to you more about this. It is going to be a
theme that I am going to question you on when you come before
us again. I plan to exercise extensive oversight over the S&T
Directorate in particular because it has problems. So I look
forward to further discussions.
Mr. Skinner. We look forward to working with you.
Mr. Langevin. Thank you.
Mrs. Christensen. Thank you. The gentleman's time is
expired.
And the chair recognizes for 5 minutes Mr. Lungren.
Mr. Lungren. I thank the Madam Chairman.
I would like to yield my first minute to Mr. McCaul. He had
some follow-up on his questions earlier.
Mr. McCaul. I want to thank the gentleman for yielding his
time to me.
Mr. Skinner, let me first say that I appreciate your
honesty in response to my question. But the fact remains that
members of Congress were misled by your office, and members of
this committee were misled by your office. Your office is
charged with the responsibility of holding the Department of
Homeland Security accountable.
My question to you is, what are you going to do to hold
your own office accountable?
Mr. Skinner. The first thing we are going to do is I am now
asking my office to go back and reconstruct the series of
events that led to the misrepresentation at the meeting that
those members of my staff had with your staff. That is the
first thing I want to do.
The second thing I want to do is look at what processes and
internal controls we could put in place to ensure that we don't
repeat this mistake again. One of the lessons learned--and
because this was the first time that we--we generally don't
provide briefings prior to the production of a report from
which we can read and relate to and provide assurances of its
accuracy.
And one of the things we may have to do is tighten our
internal controls and our policies with regards to briefing of
congressional members or for that matter, even departmental
staff and leaders until our products are finished and we have
assurances up the chain that the internal controls, checks and
balances are in place and I have some level of assurances that
what we are going to be said or responses to questions that we
are going to be asked are, in fact, accurate and reliable.
Mr. McCaul. Well, let me say we certainly intend to follow-
up with your office.
And I would ask that Madam Chair consider holding a hearing
on this issue. I yield the balance of my time.
Mr. Lungren. Yield back the balance of your time. I
appreciate that.
Let me just ask two things, one to Mr. Skinner. And that is
you have talked about the difficulty with the national security
cutter program with the Coast Guard. And that is the first
major acquisition under the Deep Water Program.
The Deep Water Program, in my estimation, is absolutely
essential for the responsibilities of the Coast Guard going
forward. What do we need to do to make sure that we don't fall
behind on the Deep Water Program, but at the same time, ensure
that it is being managed properly? What internal changes needed
to be made?
Mr. Skinner. Yes, and I agree. The Deep Water Program is
very important, not only to the Coast Guard, but to this
country. Because if you look at the status of our Coast Guard
fleet, it is in dire need of upgrading to meet the missions
that lay ahead, particularly now after 9/11 and our terrorist
mission associated with the Coast Guard.
There is a lot going on now as a result of our report. And
Thad Allen--I have met with him, and I am sure that he will be
providing briefings as time goes on up here in front of this
committee. But he, in fact, is, one, reorganizing--has
reorganized the Coast Guard in its acquisition shop so that now
we have a place that someone can go to--we can go to, one place
that someone can be held accountable for the program, which did
not exist. It was diffused throughout the Coast Guard. Now we
have one place to go.
Secondly, he has provided technical authority to the
assistant commandant for systems who now can't override any
decisions made by the integrator who initially under the
original contract had that authority. Three, they are rewriting
the contract to ensure that the Coast Guard now can exercise
its authority over the contractor instead of entirely relying
totally on the contractor's specifications or designs. So there
is a lot going on there.
Mr. Lungren. Let me ask this question. We have criticized
in the past the Department of Defense for being too big and so
forth. But obviously they have enough people to manage programs
like this. Criticism of the Coast Guard was that they haven't
been in this business for 50 years.
Here we give them a major program. They don't have the
capability of doing it because they don't have the manpower to
do it and they don't have the experience to do it. What do you
say to that?
Mr. Skinner. That is absolutely true.
Mr. Lungren. How do we repair that?
Mr. Skinner. That is an initiative now that the Coast Guard
has under way to identify what those resources are. As early as
2002 when the contract was awarded, the IG from the Department
of Transportation did a survey of their capability to manage
something this large, a system-to-system performance-based
contract. At that time, they were saying you do not have the
capacity to manage something like this.
The Coast Guard disagreed. It is now 4 to 5 years later.
The Coast Guard recognizes now it does not have that
capability. There is an aggressive training program--or not
necessarily training program, but there is training as well.
But there is an aggressive hiring program right now to bring
the mix of resources.
They have also reached out to the chief procurement
officer--that would be Elaine Duke--to get their input as to
how they can organize and put together a meaningful
integration, an integrative project team. They hope to have
something done and reach their resource capability this year.
It is not something they are talking about doing in the
outyears. But it is this year they want to have those
capabilities.
Mr. Lungren. You used the word ``hope.'' I was hoping that
you would use the word ``confidence.''
Mr. Skinner. Well, you know, one of the things--and this is
something that we are experiencing as well, is it is very
difficult to get the right people in there. We are competing
with the private sector.
And when we say we need to go out and hire 1,000
procurement officers, it sounds easy enough until you go out
and try to hire them. Then when you only get two applications
and you are trying to hire 1,000, you know you have a problem.
We have to be able to--and so that is why I say hope. If we
can't hire those types of people, then we need to train them
in-house.
Mrs. Christensen. The gentleman's time is expired.
Mr. Lungren. Thank you.
Mrs. Christensen. And I know that the comptroller, Mr.
Walker, has to leave shortly. I would like to try to get in at
least another member.
The chair recognizes Ms. Lofgren for 5 minutes.
Ms. Lofgren. Thank you, Madam Chairman. And I will make my
first question to Mr. Walker since I know he has to leave.
Mr. Walker. Thank you.
Ms. Lofgren. The report reviews the progress of the US-
VISIT Program, something I am very interested in. And I am
concerned or interested in whether the additional funds in the
proposed 2008 budget will provide hiring sufficient staff with
the necessary skills and abilities to implement this program,
which hasn't been as effective as I had hoped so far.
And I am particularly interested in not only whether the
technological deficiencies that have been identified can be
addressed with what is budgeted and also the exit portion of
the system, which the secretary has indicated may not be
implemented at all. Can you advise us on that?
Mr. Walker. Yes, we have done work in this area. We are
continuing to do work in this area. The exit portion is a
challenge. There is no question about that. I think the other
thing we have to keep in mind is the US-VISIT Program works to
the extent that you have got people going through normal ports
of entry who are trying to do things above board.
And I think we have to recognize we have two types of
immigration problems and two types of border security problems,
one of which is where people are coming through official
borders where we have capabilities, and one of which is where
they are not.
Ms. Lofgren. Well, we know that.
Mr. Walker. And they are very different.
Ms. Lofgren. But, for example, we are looking at the visa
waiver program, the administration has proposed expanding the
visa waiver program. The trigger for visa waiver is what is the
overstay rate. Well, how are you going to know that if you
don't have the exit system in place?
Mr. Walker. And we clearly need to do something in order to
keep track of people who are in the country and who have
overstayed their visas. That is a major problem. And so, the
question would be is if this approach isn't going to work, then
what is the alternative to this that is being proposed.
Ms. Lofgren. Are the funds sufficient to bring up the exit
phase?
Mr. Walker. I haven't had a chance to look at what funds
are being proposed by the president in the 2008 budget. We can
take a look at that.
Ms. Lofgren. I would appreciate that. That would be very
helpful to me.
Mr. Walker. Thank you.
Ms. Lofgren. Thank you very much.
Mr. Skinner, you reported that DHS needs to strengthen its
partnerships with other governmental agencies, but also the
private sector in terms of IT To what extent has the department
reached out to the technology industry to integrate their
concerns, particularly as it relates to protections and
controls of our IT infrastructure?
Mr. Skinner. It is something that we haven't done a study
on, but I tell you that historically we have done a poor job
there. And the reason--
Ms. Lofgren. That is what I hear from the private sector.
Mr. Skinner. Yes, I feel comfortable saying that because we
do talk to the private sector. Cybersecurity is an area that is
also of interest to us, and it is something that we plan to do.
We now have now someone that is--after months and months of
that job being vacant and as a result, we were just meandering.
Now we have some leadership in there. I think we need to
give the individual some time to get his feet grounded. And
then it is time then to evaluate as to what his plans will be.
And quite frankly, right now I don't know what they are.
Ms. Lofgren. Well, in addition to his plans--and I haven't
had a chance to talk to Greg yet, but hopefully we will soon. I
mean, I have known him for many years. There is the plan that
the administration and Congress have adopted that was drafted
years ago.
We might want to revisit whether it is still enough or even
if it ever was enough. But whether we have implemented what has
already been the marching orders in addition to the legislation
passed and signed by the president in the 108th Congress.
Apparently you haven't looked at that yet.
Mr. Skinner. No, we have not.
Ms. Lofgren. I don't know what your workload is, but I
would find it very useful to have some information on those
points.
Mr. Skinner. Okay, thank you. And I will try to get that
information to you. I have our I.T. guru with me today in
anticipation of the cybersecurity question.
Ms. Lofgren. Very good.
I yield back. Thank you, Madam Chairman.
Mr. Walker. Madam Chair, with your permission, I am more
than willing to have our managing director for homeland
security and justice, Norm Rabkin, take my place. I have got a
meeting with the Senate chair, Joe Lieberman, that I have
already pushed back an hour, if that is all right.
Mrs. Christensen. Without objection, we would be happy to
have that--
Mr. Walker. He is manager of the Directorate of Homeland
Security and Justice. He is very familiar with these issues.
Thank you very much.
Mrs. Christensen. Thank you. And thank you for your
testimony and for staying so long with us.
And, Mr. Skinner, we hope that you will be able to
continue. We just have a few more members to ask some
questions.
Mr. Skinner. Sure, I will be pleased to.
Mrs. Christensen. And so, the chair now recognizes Mr. Dent
for 5 minutes.
Mr. Dent. Thank you, Madam Chairman.
Mr. Skinner, my question is directed to you. Eight Great
Lake states have pooled their DHS grant funds to obtain the
Project Athena technology, which utilizes existing technology
to perform a complete maritime domain awareness, which helps
secure the northern border. This project has been tested
successfully, as I understand it. However, DHS has rejected it.
Why is DHS rejecting technologies that are already
available to address pressing security issues in favor of
waiting for SIB net technologies, which are untested and
expensive? And I guess my main question is is this an efficient
use of resources? And do you feel that this is a proper way to
proceed?
Mr. Skinner. I am not familiar with the project, nor am I
familiar with DHS's objections. But I am certainly concerned if
the DHS is not taking these types of initiatives into
consideration when they do their overall assessment of what our
border control needs are. I will be happy to take a closer look
at this, if you suggest. And I could have our people meet with
your staff to get more background on this. And we can
incorporate this into our SBI ongoing review.
Mrs. Christensen. Excuse me. Could you just for a minute--
would the gentleman from GAO restate his name and title for the
record, please, before we go ahead?
Mr. Rabkin. My name is Norman Rabkin, R-A-B-K-I-N. I am the
managing director for homeland security and justice issues at
GAO.
Mrs. Christensen. Thanks.
You may continue, Mr. Dent. Sorry for the interruption.
Mr. Dent. I am just a bit perplexed as to why this project
has been rejected. And so, we really would appreciate some
follow-up from you and the other folks at DHS to help us
understand the reasoning behind the rejection.
Mr. Skinner. Sure. We will be pleased to, sir.
Mr. Dent. I yield back.
Mrs. Christensen. Thank you.
The chair now recognizes Mr. Carney for 5 minutes.
Mr. Carney. Thank you, Madam Chair. I appreciate it.
And, gentlemen, thank you for staying and waiting for the
recess to end so we can get back from voting. I just have a
couple of questions.
The first deals with the business transformation office. I
and I think many in the committee have had a difficult time
figuring out what the Business Transformation Office does. Can
you tell me what it does? And more importantly, can you tell me
what you think it ought to be doing?
Mr. Skinner. No, I cannot tell you what it does.
Mr. Carney. Why is that?
Mr. Skinner. It is just not on my radar screen, quite
frankly, at this point in time. We are spread so thin that I am
trying to focus our resources on the big dollar acquisitions,
Katrina and some major I.T. initiatives that I haven't taken a
look at that part of the department.
Mr. Carney. Okay. What was it intended to do? Do you
recall?
Mr. Skinner. I beg your pardon?
Mr. Carney. What was it intended to do?
Mr. Skinner. No, I don't know.
Mr. Carney. You don't? Okay.
Mr. Skinner. Yes.
Mr. Carney. The second question is--perhaps do you?
Mr. Rabkin. GAO has done a little bit of work at this. We
have looked at the extent to which the department has been
planning and trying to integrate the agencies into a cohesive
department. The Business Transformation Office had a role in
that area. And I will be glad to provide more specifics about
the results of our work.
Among other things we found, however, that it did not have
enough authority to carry out any of its plans. And my
understanding that it has since been disbanded.
Mr. Carney. Yet it still appears on the organization chart?
Is that correct?
Mr. Skinner. I don't believe it does.
Mr. Carney. Okay. That the office does not exist any more.
Is that correct?
Mr. Skinner. It doesn't appear on the organizational chart.
That is for certain. It may be buried in one of the
organizations or in the undersecretary of management's office.
Mr. Carney. Okay, thanks.
One quick one. As you both know, the department didn't
score very well on the last OPM survey. And, you know, we are
very familiar with this now. The departments have had similar
rankings a couple of years ago as well.
Can you explain why it didn't improve over 2 years, these
rankings, you know, and what are we doing to help it improve,
especially the morale of the employees?
Mr. Skinner. I really don't want to speculate without
knowing some real work and doing some follow-up work. But any
time you have a reorganization like we have just gone through
at DHS and where we have these very, very different cultures
coming together, it inherently will create some morale problems
as to who is going to have primacy or who is going to--the CBP,
for example.
Now, who is going to run the office, someone from Customs
or someone from INS? Same scenario you have over at ICE. Who is
going to run the field office, someone from INS or someone from
Customs?
And that in turn can, in fact, create some morale problems.
We have done some work in that area and have observed that in
those two offices. Throughout the rest of the department, it is
hard to say without doing some follow-up work and delving into
and looking behind the scenes for the questions.
Mr. Carney. Do you know if they looked behind the scenes
after the 2004 survey?
Mr. Skinner. I do not know if they have not. But I do know
that Secretary Chertoff and Deputy Secretary Michael Jackson
and Undersecretary Schneider are all very disturbed by the
results of this and are going to try to do their best to
address this issue because it is something that I think they
were shocked at when they heard it was as low as it was.
Incidentally, when you break it out organizationally, the OIG
came out pretty high.
Mr. Carney. Okay.
Mr. Rabkin, any insight into this?
Mr. Rabkin. One of the limitations of the survey is that
there is not much of a feedback loop from the people filling
out the survey, the employees, to the head of the agency. GAO
is a smaller agency. We weren't included in the executive
branch's survey. We conduct our own survey.
And we had an 80 percent response rate. And 60 percent of
the people responding wrote comments directly and
confidentially to the comptroller general that only he saw. And
it enabled him to get a good sense as to what the real issues
were, both positive and negative.
And I think that that is important to get. It is hard to do
in an agency the size of DHS for a hundred and some thousand
people to write comments to Secretary Chertoff.
Mr. Carney. Sure.
Mr. Rabkin. It is probably got to be broken up by
components. But I think it is an important loop.
Mr. Carney. Have redactive results at least been shared
with the department to give them some indication of strengths
and weaknesses?
Mr. Rabkin. Well, I don't think there was any--I think when
the survey was done, the people that responded just marked off
how satisfied they were with various issues, how much they
agreed with the issues. I don't think there was an opportunity
for them to provide narrative comments.
Mr. Carney. Is that a possibility in the future?
Mr. Rabkin. That is up to OPM. They run the survey.
Mr. Carney. Thank you.
Madam?
Mrs. Christensen. Yield back?
Mr. Carney. Yes.
Mrs. Christensen. The chair now recognizes Mr. Green for 5
minutes.
Mr. Green. Thank you, Madam Chair.
And I compliment you on the outstanding job that you are
doing. Because time is of the essence and Mr. Walker is not
here, I believe Mr. Rabkin, you are the person that I might
address my comments to.
If you will kindly turn to page 16 of the report titled,
``Management and Programmatic Challenges Facing the Department
of Homeland Security.'' On page 16--and I will give you an
opportunity to get there. We are in the first paragraph,
actually the first complete sentence.
In addition, TSA has not developed a strategy as required
for securing the various modes of transportation. That sentence
causes a great deal of consternation--as required for securing
the various modes of transportation.
Who required that the strategy be developed, sir?
Mr. Rabkin. My recollection is that there is a
congressional mandate that TSA provide the strategies for not
just the transportation security generally, but for the various
modes, aviation, commercial vehicles, rail, et cetera.
Mr. Green. And the indication is that the strategy, not the
implementation, but just the strategy itself has not been
developed. Can you explain why we don't have a strategy
developed, please?
Mr. Rabkin. I really can't. We have been waiting for them
to provide it to us also. You know, I think that is an
appropriate question to ask the secretary or the assistant
secretary for transportation security.
I think it is important for them to identify, as they have
for aviation, what the federal role is going to be, what the
private sector role is going to be, what role technology is
going to play in each of these various modes of transportation
security, how that we are going to balance the movement of
passengers and commerce with the need to provide additional
security. Very important policy questions that are being dealt
with on an ad hoc basis now. And that is why we are looking for
the strategy, to lay these things out more specifically.
Mr. Green. And is there some timeline that has been at
least addressed or talked about with reference to developing
this strategy?
Mr. Rabkin. There was a timeline that--Congress asked for
this information in a specific time. That has passed. And I am
not sure what the current expectations are.
Mr. Green. Let me go quickly to one other point. Early on
there was talk of persons having to have supervisors present
when you were quizzing witnesses and having to have the general
counsel to peruse documents before these documents could be
accorded you. Is this correct?
Mr. Rabkin. That is right. And with the documents, it is a
routine matter that we ask for documents. They are gathered by
DHS program officials. They flow through their liaisons to
their lawyers before they are provided to us. In selected cases
where we have asked to interview agency officials, the office
of general counsel has had its representatives at those
meetings.
Mr. Green. My concern is with getting all of these things
done. So my question to you is what can we do to assist you in
getting these done. Obviously not timely, because we have
already gone beyond the timeline originally accorded. What can
we do? Or is there something you would have us do?
Mr. Rabkin. In the case of the transportation security
strategies for the modes of transportation, I think that that
is an issue that, you know, the Congress and this committee can
take up with the department to explore just what the problem
is, whether there is a difference of opinion within the
administration, whether the administration is trying to work
out issues with the private sector that plays a significant
role in implementing these strategies. There could be a number
of reasons for that.
In terms of the access issues, I think that continued
support of the committee in terms of communications with the
department and, you know, support of our work is important.
And, you know, in the end, we are trying to deal with the
department as best we can balancing, you know, our needs to
satisfy you as our client with their needs to maintain some
control over what they give us. But in the end, I think it is--
Mr. Green. Because my time is almost up--I have about 10
seconds--let me just say this. In this post-9/11 era, not
having a strategy, if something should happen, God forbid that
it does. No one wants it to happen, but people think that
things may happen.
I think that the American population, the citizenry will
find that we have not done all that we should do. The people
are not going to be pleased knowing that a strategy has not
been developed, not the implementation, just the mere
development of the strategy. This causes a lot of concern.
Thank you. I yield back.
Mrs. Christensen. Was that a statement or a question? Thank
you. Your time is expired.
The chair next recognizes Congresswoman Sheila Jackson Lee
for 5 minutes.
Ms. Jackson Lee. Might I thank the chair very much for her
leadership and thank Mr. Skinner and the representative from
GAO for your presence here today.
Let me suggest that anguish is bipartisan. And I want to
pose some questions that have been offered by my colleagues on
the other side of the aisle. I have lived with this Border
Patrol debacle as well. This is the incident occurring in the
state of Texas about two Border Patrol agents. I think our
record is clear in this committee.
Last year we offered an amendment over and over again to
provide resources, power boats, computers, night goggles for
our Border Patrol. There is no questioning of our commitment to
the Border Patrol agency. Many of us on this committee,
Chairman Thompson and others, have walked along the border,
Arizona, California, Texas, and we have seen the hard work and
the difficult work that they have done.
Here is my frustration. My frustration is that we have
erred on the side of lacking in giving the agency the kind of
professional level it needs in terms of funding, in terms of
professional development, in terms of promotion.
And, Inspector Skinner, I would appreciate you speaking to
that issue. And then I would ask--we know there is now a copy
that has been made public of this incident. I believe that we
have not had as full an investigation as we should.
I believe the Department of Justice should be engaged in
that investigation. And maybe this report has a combination of
such. But before we begin to say what was covered or not, we do
know that individuals in the line of duty have now been charged
criminally.
That sets a very bad tone for others on the front line. And
so, it is important that we make sure that every stone needing
to be turned has been turned to assure the full briefing and
the full fairness of the particular individuals involved.
I happen to be a trained lawyer and served as a municipal
court judge and understand probable cause. And so, when I hear
the representation that prosecutorial discretion, we all know
that that is not a perfect system. And so, I don't know whether
that was the best direction to take. But I do know that our
Border Patrol agents are suffering from lack of training and
let me say lack of professional development and lack of growth.
My second question is--and I am sorry, you do not have a
name in front of you, so please excuse me. I know that I didn't
write it down. But I want to know whether or not the general
counsel and the Homeland Security is blocking to the extent of
obstruction of justice when the comptroller's office is asking
for documents to help us understand what is occurring in DHS
with respect to contracts, with respect to the fraudulent
utilization of money or the lack of oversight over the huge
dollars that have gone out on Katrina.
And my last point is is that we still have the victims of
Katrina and Rita suffering. And it seems to appall me that we
are now going to burden college students and others asking them
for reimbursement for mistakes that FEMA has made.
And I yield to you, Mr. Skinner, on those three points.
Prepared Statement of the Honorable Sheila Jackson Lee, a
Representative in Congress from the State of Texas
Mr. Chairman, I thank you for holding this hearing today regarding
the enormous internal challenges facing the Department of Homeland
Security. I would also like to welcome the individuals testifying
today, Mr. David Walker and the Honorable Richard Skinner, to help
enlighten us on this important issue.
Of greatest concern to me is the department's designation as ``high
risk'' by the Government Accountability Office since 2003, and the
seemingly minimal progress made to correct that ever since. Incredible
structural problems exist on every level, from financial statements to
the management strategy to the integration of personnel. While it
appears that some progress may have been made in the establishment of
technology standards and the implementation of its human capital
system, the DHS has not demonstrated sufficient efforts to correct its
problems as a whole.
First and foremost, the DHS has not submitted a comprehensive
corrective action plan to the GAO--the first and most basic step toward
being removed from the GAO's high risk list. In addition, the
Department's operations lack transparency and are generally unreceptive
to the GAO's attempts at oversight. This is entirely unacceptable and
must be corrected.
Epsecially after FEMA's embarrassing failures to handle the crises
of Hurricanes Katrina and Rita, we must see an increase in efforts to
correct departmental problems for the future. As the representative of
a district providing tens of thousands of housing units to Katrina
refugees, I am interested in learning about what more must be done to
correct the continued shortcomings.
As a Whole, issues regarding the control, coordination, and
management of finances are of great concern to me. Department-wide
efforts to address these deficiencies began much later last year than
anticipated by the Office of the Inspector General. Financial oversight
should be a top priority for the DHS. We must ensure that the American
people's tax dollars are used appropriately and efficiently.
As chair of the Subcommittee on Transportation Security and
Infrastructure Protection, I am most interested in hearing the
witnesses' testimony on these topics. I am pleased that the TSA has
been successful in implementing the Aviation and Transportation
Security Act, but further improvements in luggage screening are needed.
In addition, the management of security in rail and mass transit still
requires a great deal of work, and I look forward to hearing the
witnesses' recommendations on this issue.
Thank you Mr. Chairman, and I yield the balance of my time.
Mr. Skinner. Thank you. The first part of your question
dealt with the equipping our Border Patrol agents so that they
can get the job done.
Ms. Jackson Lee. And the incident that has now found two
convicted. Isn't it more on our side of lack of training, more
professional development and a more full investigation?
Mr. Skinner. I would welcome any other investigation to
look at how we conducted our review. I would like to make it
perfectly clear that we are just an investigative arm. We did
not prosecute, nor did we influence or were involved in the
verdict.
Ms. Jackson Lee. That is true. Yes.
Mr. Skinner. To set the record straight, we did not
investigate Compean and Ramos. We investigated like a shooting
incident. We investigate all shooting incidents.
Ms. Jackson Lee. Whether the procedures were correct.
Mr. Skinner. Those are the procedures. Those are the
requirements. So when we investigated, we investigated this
shooting incident. We learned through that investigation that
there were 11 Border Patrol agents involved in this shooting
incident.
We pulled together all the evidence that we had to the best
of our ability. We brought that to the U.S. attorney. The U.S.
attorney reviewed the evidence that we brought to him and made
a decision to prosecute two individuals.
Actually, our investigation demonstrated there were five
people that were involved in some wrongdoing. The prosecutor
opted to investigate two of those based on the evidence we
brought to him. In the other three cases, we referred that to
the department for their disciplinary action. Those people have
received notices of removal.
Ms. Jackson Lee. And you would welcome any other
investigation that might put this right, if you will, or might
add some more light on the subject?
Mr. Skinner. Yes, I would welcome anyone to come in and
investigate.
Ms. Jackson Lee. Well, that is a very positive step forward
because I am going to be asking for expanded investigations on
this issue.
Mr. Skinner. Because I am very confident in the work of our
agents.
Ms. Jackson Lee. I had two other questions. I know the
chairwoman is indulging me, but if you would.
Mr. Skinner. The other dealt with do they need training.
Ms. Jackson Lee. Is the general counsel of DHS obstructing
justice by denying various agencies information that they need
to investigate fraud, abuse in terms of the process and the
issues that we in Congress are concerned about, contractual, if
you will, failure in our contractual contracts that are being
made?
Mr. Skinner. Our concern is not with the denying us
information. It is the delays that are caused by the general
counsel having to review the documents before they are released
to us. And I realize that in certain situations delay becomes
denial.
And we are trying to be aggressive with the department and
our clients in keeping them posted here--our clients on the
Hill--keeping them posted on the developments. So we are not at
the point yet to say that we are being denied access.
We have various methods of legal recourse and a few
administrative steps before we get to use them. And we haven't
gotten that far yet. It is just getting to the point of being
very frustrating. We have been dealing with the department on
this and haven't made very much progress, which is why we just
wanted to bring it to your attention.
Ms. Jackson Lee. I thank the chair.
Mrs. Christensen. The gentlelady's time is expired.
If I have some time left over, I will yield back to you.
Ms. Jackson Lee. Thank you.
Mrs. Christensen. My questions are very brief. I am going
to use up my 5 minutes at this point.
And I want to thank both agencies for the work that they do
and the great service that you provide to this committee and I
am sure other committees so that we are better prepared to
provide the oversight with which we are charged.
I will ask Mr. Rabkin first. In Comptroller General
Walker's statement, he said that DHS continues to face
challenges balancing its homeland security mission with its
disaster preparedness and response mission. And as someone who
comes from an area of the country that is prone to hurricanes--
although most parts of the country seem to be these days--
because of past experiences we have come to rely on FEMA, not
only to help us recover, but to prepare for those disaster
events.
Given the experience of the department responding to
Hurricane Katrina and even Rita, are you familiar with any
corrective planning under way in the department that would
allow them to more effectively balance the security of
terrorist prevention mission with the disaster preparedness and
response mission?
Mr. Rabkin. I think it is getting to the point where the
department--I think most people recognize that to be prepared
to respond to any kind of hazard requires the same kinds of
capabilities and capacities in the first responders locally,
the state level and the federal level. There is very little
difference whether a disaster was caused by nature or caused by
humans. And people who respond to that, as I say, need
basically the same capabilities.
And I think FEMA and DHS recognize that, are trying to
identify, you know, what level is needed, how people can in
regional response can help each other so everybody doesn't need
to have duplicate capabilities that might be inefficient. So I
think they are moving in the right direction. I think they have
learned a lot of lessons.
Mrs. Christensen. Somewhere in one of the statements--I
believe it was still in Mr. Walker's statement--it spoke to
clarifying the scope of an authority between certain titles in
FEMA in particular, I think. And I remember when I met with the
federal coordinated officer and the other person for my region,
it was still confusing to me and to them. Do you know if they
have made any progress in clarifying the authority and the
responsibility of each of those offices, who reports to who and
how that is coordinated?
Mr. Rabkin. Yes, they have. I think that is another one of
the lessons that FEMA has learned. And they have clarified the
responsibilities, both based on the Stafford Act, what is
required in the Stafford Act in terms of responding to
disasters as well as the interactions among the federal
agencies. You know, whether it is going to work or not is
another story. But I think at least on paper they have
recognized the differences.
Mrs. Christensen. Mr. Skinner, just one brief question. Is
there one financial management system for the entire
department?
Mr. Skinner. No.
Mrs. Christensen. And why?
Mr. Skinner. I believe we have at least seven.
Mrs. Christensen. Is that a goal, to have it all be under
one--you talked about the difficulty in monitoring their
finances.
Mr. Skinner. Yes, there was discussions earlier on. And I
think when they were exploring with e-merge and e-merge II they
were looking to the feasibility of developing one financial
management system that can accommodate everyone. I don't think,
quite frankly, it is necessary or needed to invest in the
development of one financial system that will cover everyone in
the department.
We have some very good financial systems out there. CBP has
an excellent financial system that they use. And as a matter of
fact, they got an unqualified opinion. ICE, the platform on
which--their financial system is very good. It needs to be
tweaked. People need to be trained.
TSA has just transitioned over to the--to use the platform
over at the Coast Guard. I think with some tweaking we can use
that system, minimal investment.
The important thing is to have the capability when these
individual components prepare their financial statements that
we have a capability within the office of the CFO to be able to
bring that information in and prepare consolidated financial
management statements and also to prepare financial management
data that can be used to make informed decisions. That is where
we are really lacking right now, is not the need to create one
system, it is the need to provide the resources to bring it
together.
Mrs. Christensen. Thank you.
At this point, I believe that Congresswoman Jackson Lee had
one more question.
Ms. Jackson Lee. Yes.
Mrs. Christensen. I would recognize you for a second round.
Ms. Jackson Lee. I thank the distinguished chairwoman for
her kindness. And I am just going to pursue the line of
questioning that I had before because, Mr. Skinner, I had to
cut you off, Inspector General, and I had to cut the
distinguished gentleman off because of the time.
I want to make it very clear that this issue of the Border
Patrol agents is a bipartisan issue. The majority worked very
hard to, I think, answer the professional development questions
in the last Congress. And we intend to do it again, which is
provide all the needs of training, professional development and
growth. And that is part of what DHS is responsible for. And I
would appreciate it if you delve into that just a little bit.
On the other hand, I am going to officially ask that the
Department of Justice, which you are not the inspector general
for--I am going to take your leeway, if you will, certainly not
your instruction, but your leeway that we have an additional
investigation. And the issue, of course, is because you made it
very clear. And I am glad you put it on the record.
You did not prosecute. You did not indict. You did an
investigation, provided information. And the others who were
engaged or involved you decided to handle it administratively,
or as I understand it, they will be handled administratively,
firing or suspension.
That was not--the actions that you had were not
prosecutorial actions. And I think that should be made clear,
that DHS was not. And so, DOJ has to give us an explanation of
why the prosecuting attorney moved so quickly on this and did
not have either some of the relief. For those who are not
familiar, it is difficult to understand why this drastic action
was taken when there was so much hearsay involved in this
matter.
I am going to leave that question. And then I do want to
raise the question again. And you made the very appropriate
civil rights phenomena, which is justice delayed is justice
denied. I would appreciate the comptroller general and your
office getting back to the committee to let us know--and you
indicated--but quickly when it becomes justice denied.
I am very concerned about that. And I believe with this
huge mounting bill of fraud and the frustration of the American
people and their tax dollars being unaccounted for that we
really need to move quickly to get to the bottom of the massive
contracts and as well. Because I don't know why we are so
contracted out. I believe there are talented public servants
who can work for DHS.
And my last point--and this is a repeat, but I would like
you to expand on it. There is the desire--because I sound like
I may be duplicitous in my remarks--to ensure the protection of
American tax dollars. But there are victims in Hurricane
Katrina.
So rather than going after the big contractual abuses, we
are now going to try to ask college students to pay back for
some misstep or mistake that we have made. I would like some
explanation as to who are we going after. We have made paper
mistakes, as I understand, out of FEMA and DHS. And I
understand there is some effort to go back and get individual
$25 and $500, which to me sounds outrageous when we have
massive concerns about large contractors who are spending huge
amounts of money.
I understand one contractor has $19 million in travel
expenses. That is ridiculous. One of the programs that needs to
be investigated is the road home. But let me just end so that
you can answer on making sure that we focus on professional
development and training for our Border Patrol agents and then
to understand this situation about trying to get reimbursement
from people who are already victims.
And you might be the quickest answer. Will you please
advise us when it becomes justice denied on this refusal of
giving you documents?
Mr. Rabkin. We certainly will.
Ms. Jackson Lee. All right. Thank you.
Mr. Skinner?
Mr. Skinner. The concerns you are raising about the hiring,
the training--
Ms. Jackson Lee. Yes, that is what we should be focused on.
Mr. Skinner. That is something that we are also very
sensitive to. The reason being last year, this year, and next
year we will be doing tremendous amount of hiring to beef up
our capabilities along the border with Border Patrol agencies.
And therefore, in order to ensure that we are doing it right,
that we are bringing the right types of people to the job, that
we are adequately training these people to do the job, and that
we are adequately equipping them to do their job, that is a job
that we currently have ongoing.
And it will be something that will be a continuing process.
We will probably end up issuing a series of reports over the
next 1 to 2 to 3 years as we build up our capability along the
border in addition to the work we are doing with SBInet.
With regards to the--
Ms. Jackson Lee. Alleging that individuals got money
fraudulently and seeking to get it reimbursed. Many of these
are victims. All of this was paperwork, mistakes on behalf of
the agency and not these individuals.
Mr. Skinner. Yes, I agree wholeheartedly. We should not be
going after victims. And I don't care whether it is $200 or
$2,000. If they are, in fact, eligible for that assistance,
there is no reason that we should be changing the rules after
they receive the money and asking for it back.
I am not aware that FEMA or anyone else is suggesting that
we go back and seek refunds from those that received it
properly, or at least thought they were receiving it properly.
Ms. Jackson Lee. I think that is the key, thought they were
receiving it properly is really where we find some of these
victims.
Mr. Skinner. Because the process does allow for appeals and
allows you to present your case. You are right. We have major
procurement fraud out there that needs our attention.
Ms. Jackson Lee. Absolutely.
Mr. Skinner. I cannot be spending all of our resources,
very, very limited resources, following up on $2,000 cases for
the next 2 or 3 years.
Ms. Jackson Lee. I appreciate that.
Mr. Skinner. And we will be focusing on those large public
procurement, public corruption type cases, procurement cases
where there is large dollar value. We will be looking at the
actions that FEMA has taken to identify those people that may
have received funds improperly and what procedures they have in
place to try to obtain refunds for those victims.
The important thing is that is in the past. And we could
spend hundreds and hundreds of thousands of dollars trying to
recover $2,000 or $3,000. What we really need to focus our
attention and our resources and our finances on are the
internal controls to ensure that this does not happen again and
that when we give someone a check, we know we are giving it to
an eligible recipient.
Ms. Jackson Lee. I want to thank the chairwoman for her and
I want to thank the witnesses for their kind indulgence. I want
to thank the chairwoman for her indulgence and might offer that
we have a full committee hearing on these questions of
procurement and also this whole issue dealing with the Border
Patrol agents. I thank the gentlelady for her kindness.
Mrs. Christensen. You are very welcome, Congresswoman
Jackson Lee.
Mr. Green, did you have a further question?
Mr. Green. Actually, I will since the offer has been
extended.
Mr. Skinner, with reference to the Border Patrol agents,
who were the witnesses, if you know, that testified in that
case other than perhaps the person who was shot?
Mr. Skinner. Like I said, when we investigated the
incident, we identified at least 11 people that were involved,
directly, indirectly or aware of or should have been involved
in that shooting. Those individuals, I believe, all became
witnesses. Three of those individuals were granted immunity
from prosecution--these were CBP agents--for their testimony.
There may have been others. I don't have a recollection exactly
of all the people that provided testimony and evidence in that
particular trial.
Mr. Green. And you said CEP agents?
Mr. Skinner. CBP. I am sorry. Customs and Border. I have
been cautioned not to use acronyms before. Customs and Border
Patrol agents.
Mr. Green. And is it your testimony that these witnesses
testified on behalf of the defense or the state?
Mr. Skinner. I believe these individuals testified for the
state for the prosecutor.
Mr. Green. Thank you.
I yield back.
Mrs. Christensen. Thank you.
I want to take this opportunity to thank the witnesses for
their valuable testimony and the members for their questions.
The members of the committee may have additional questions
for the witnesses in writing. And we ask you to respond
expeditiously in writing to those questions.
Hearing no further business, the committee stands
adjourned.
[Whereupon, at 3:55 p.m., the committee was adjourned.]
APPENDIX: RESPONSE TO SUPPLEMENTAL QUESTIONS FROM THE COMMITTEE ON
hOMELAND SECURITY
----------
Responses from the Honorable Richard L. Skinner, Inspector General
Question 1.: Please explain why DHS has been unable to produce a
clean financial statement for the entire Department?
Response: DHS management is unable to assert that the consolidated
financial statements are reliable, primarily because they are unable to
reconcile their intergovernmental accounts, such as Fund Balance with
Treasury, or their assets (property, plant and equipment). The American
Institute of Certified Public Accountants and Government Auditing
Standards refer to this situation as a restriction on the scope of the
audit, and therefore the auditors are unable to render an opinion. In
addition, the financial statement audit report for 2006 lists several
other reasons why the department cannot get a clean opinion:
DHS' Office of Financial Management is unable to
reconcile legal liability
Transportation Security Administration (TSA) is unable
to prepare financial statements.
Federal Emergency Management Agency (FEMA) and the
Bureau of Immigrations & Customs Enforcement (ICE) are unable
to adequately and accurately support obligations and accounts
payable.
Question 2.: In addition to the Department's problems in carrying
out its responsibilities in implementing SBInet and the National
Security Cutter programs, are there any particular programs you would
like to bring to our attention as likely to present special challenges
for DHS?
Response: Our body of work to date has not identified programs
similar to CBP's SBInet and Coast Guard's Deepwater programs. As our
work progresses and similar challenges are identified within the
department, we will bring those programs to your attention.
Question 3.: Please explain how personnel and morale problems such
as those highlighted in the recent Office of Personnel Management
report, which highlighted the morale problems among employees at DHS,
have affected DHS's ability to accomplish its mission.
Response: In a January 31, 2007, message to all DHS employees, the
Deputy Secretary wrote to assure all employees that, starting at the
top, the leadership team across DHS is committed to address the
underlying reasons for DHS employee dissatisfaction and suggestions for
improvement. The Deputy Secretary stated that the Under Secretary for
Management, Paul Schneider, will join the Secretary and Deputy
Secretary in evaluating carefully the details of the OPM survey. The
first steps will be to analyze thoroughly the survey data, including
specific attention to those government organizations that are
recognized for their high performance in these areas, and determine the
specific steps to improvement. According to the Deputy Secretary, this
process will include the leadership team in each operating component
and every headquarters unit to discuss details of the survey with our
workforce. The Deputy Secretary committed to these tasks with a sense
of urgency and seriousness.
DHS OIG has not conducted any work in this area, and cannot report
directly on the effect that personnel and morale problems have on DHS'
ability to accomplish its mission.
Question 4.: Please provide information regarding investigations of
DHS's failure to build internal capacity while outsourcing many of its
responsibilities. In particular, please explain the extent to which DHS
over-relies on contractors to fill employee vacancies.
Response: We have several ongoing reviews that are looking at DHS'
internal contract oversight capacity, and will report on those projects
as work is completed. We have not conducted any work in the areas of
contractors filling employee vacancies, and cannot report directly on
the extent that DHS over-relies on contractors to fill employee
vacancies.
Question 5.: Please explain any and all concerns regarding DHS's
failure to set sufficient requirements for ``solutions based''
procurement contracts. Also, please explain whether there is sufficient
monitoring for the contractors who win these awards.
Response: The common term is a ``performance-based contract,''
wherein the government describes its needs in terms of what is to be
achieved, not how it is to be done. One appeal of performance-based
contracting is that it allows the government to focus on identifying
needs, objectives, and constraints and allows private sector to focus
on developing a business proposal to meet the needs and objectives. The
contracting approach shifts from looking for the low cost, technically
acceptable solution to looking for the best-value solution, which is
often more innovative than the traditional approach. To determine best
value, the government must measure performance trade offs and the cost-
effectiveness of the various proposed solutions.
Oversight in specifications-based (traditional) contracting is a
matter of determining whether or not the contractor complies with the
explicit terms of the contract. In performance-based contracting,
oversight is a matter of determining whether the contractor's solution,
when complete, will meet the mission needs specified in the contract.
Oversight focuses on program performance and improvement from a defined
baseline, not contract compliance.
Performance-based approaches, such as Statements of Objectives,
require the government to have stronger management and control
capabilities than traditional contracting. Before the government
selects a contractor and agrees on compensation, the government must be
able to articulate program needs. The government must be able to
evaluate each proposal's likelihood of achieving the program needs, on
time, and at a reasonable cost. It is in this area that we have raised
concerns regarding two major acquisition activities currently underway,
Deepwater and SBInet. In these cases the projects were initiated
without adequate project management capabilities in place. In both
cases, management now appears to be moving towards improving their
project management capabilities.
Question 6.: Please provide procedures and studies regarding the
adequacy of safeguards DHS has in place to enable small, minority and
disadvantaged businesses to have a fair chance in the procurement
process.
Response: We have not conducted any work in the area of small,
minority, and disadvantaged businesses, and therefore cannot report
directly on the safeguards DHS has in place to ensure fairness in the
procurement process for these businesses.
Question 7.: How many vacancies does DHS have and does it have
sufficient funding to hire the staff it needs?
Response: We have not conducted reviews of DHS staffing, vacancies,
or hiring practices. Therefore we cannot report directly on DHS'
funding to fill its vacancies.
Question 8.: Please provide information regarding any studies that
indicate that continuity of employees is an important factor in
organizational function and institutional memory? Also, please explain
the extent to which the widespread use of contractors cause continuity
problems within DHS?
Response: We have not conducted any work in the area of continuity
of employees, institutional memory, or the effect that the use of
contractors has on continuity problems, and therefore cannot report
directly on the importance of these factors on organizational function.
Question 9.: Please provide information regarding the extent to
which the Directorate of Management needs to be reorganized or even
eliminated.
Response: We have not conducted a review of the Management
Directorate, and therefore cannot report directly on any reorganization
or realignment issues.
Question 10.: Please provide us with the current functions of the
Business Transformation office. Provide examples of models that would
be suitable to further DHS's migration.
Response: We have not conducted a review of the Business
Transformation Office, nor on any models for organization
transformation or migration. Therefore, we cannot report directly on
the suitability of the Business Transformation Office or any
alternative.
Question 11.: Why do you think DHS ranked at the bottom of the
just-released OPM survey of job satisfaction among federal employees
and made so little progress in two years since OPM's previous survey?
What does DHS need to be doing now so that it improves two years from
now?
Response: Some aspects of the challenges facing DHS were inherited
by the department from its legacy agencies. However, the complexity and
urgency of DHS' mission have exacerbated the challenge in many areas.
These management challenges significantly affect the department's
ability to carry out its operational programs and provide the services
necessary to protect the homeland. The department's senior officials
have indicated the importance of addressing these challenges and have
identified plans to address them.
Question 12.: What steps have FEMA and DHS taken to resolve the
problems in FEMA's automated payment system, which uses out-dated
technology and, thus, had limited expansion capability to support
catastrophic disaster like Katrina?
Response: We understand that FEMA has contracted for an independent
analysis of its financial management system to address the system's
limitations. FEMA recently solicited proposals to perform a
requirements analysis of the functions and associated components of its
financial management system and to determine the best solution for
replacement. The analysis should determine whether one of the DHS
designated `Centers of Excellence' (Coast Guard, FLETC, Secret Service,
or CBP) is the best fit, or whether FEMA should have an independent
system to support the unique and surge requirements for the disaster
assistance missions. The contract was awarded the first week of
December 2006 and a final recommendation should be provided in April
2007. We will monitor FEMA's progress.
Question 13.: Please explain the extent to which FEMA has acted on
the numerous GAO recommendations for addressing significant fraud,
waste, and abuse in FEMA's Individuals and Households Program (IHP) and
in Department of Homeland Security's purchase card program.
Response: IHP: FEMA officials agree that more stringent controls
are preferable on the front end, but contend that the sheer magnitude
of the event dictated proceeding in the manner the agency did because
there was no time to develop and test additional front end controls.
FEMA has taken steps to implement new controls to limit fraud, waste,
and abuse. They have implemented an automated identity and occupancy
verification system to confirm identity and residency of applicants
registering for assistance. They continue to evaluate and strengthen
controls pertaining to identity, residence type, and cross-disaster
applicant checking.
Other controls implemented include:
Internet registration application that disallows
duplicate registrations was implemented in October 2005.
Identity proofing added to call center registration
application in February 2006.
Amended automated scripts ensuring no scripted
payments sent to applicants who fail identity proofing.
All applications taken through call centers from
August 2005 until February 2006 have been sent to contractor
for identity proofing to detect potentially fraudulent
applications and route for recoupment processing.
Real-time interaction between FEMA Service
Representative and applicant during registration to ensure any
failed identity check is correct before accepting application.
In June 2006, will add verification of occupancy and
ownership to registration process.
Flagging at-risk social security numbers to identify
potential fraud.
Developing state-of-the-art software to maintain data
on applicants in mobile homes and communicate real-time to
caseworkers and auto-determination system to prevent potential
overpayments.
System no longer accepts a Post Office Box as address
of damaged dwelling.
Purchase Cards: In July 2006, our office in conjunction with GAO
conducted a review of control weaknesses regarding purchase chards. We
reported a weak control environment and breakdowns in key controls
exposed DHS to fraud and abuse in its use of the purchase cards and
recommended that DHS improve the processes and internal controls over
its purchase card program. We will continue to monitor progress in
respect to Purchase Cards.
Question 14.: Has DHS begun to address any of GAO's seven
recommendations for improving DHS's oversight of cash advance funding
for first responder grants and associated interest liabilities? If so,
please explain how DHS is addressing these, including the
recommendation that urges the Department to identify the significant
issues that have resulted in delays in the drawdown and disbursement of
DHS grant funds?
Response: The Office of Grants and Training is preparing an action
plan to respond to the to the GAO recommendations, however, the
response is not yet final. While the office is already working on
implementing some of the recommendations, the pending reorganization
may affect the offices assigned responsibility for the recommendations
and issues.
Question 15.: As a result of the creation of Homeland Security in
2003, legacy INS and legacy Customs Special Agents were merged to
create the U.S. Immigration and Customs Enforcement agency. Customs
agents previously enforced over 400 federal laws and immigration agents
enforced laws pursuant to the Immigration and Nationality Act (Title
8). It appears that ICE agents are heavily focused on immigrations
investigations such as worksite enforcement. What measures are being
taken to insure a continuity of enforcement from both legacy missions?
Response: We have not specifically reviewed what measures are being
taken to insure continuity of enforcement from both legacy missions.
However, in our report, An Assessment of the Proposal to Merge Customs
and Border Protection with Immigration and Customs Enforcement, OIG-06-
04, November 2005, we addressed several coordination challenges
confronting Customs and Border Protection (CBP) and Immigration and
Customs Enforcement (ICE). We made 14 recommendations to overcome
interagency coordination and integration challenges confronting both
components. Those recommendations covered four areas, including:
1. Defining and communicating roles and responsibilities with
respect to policy and operational coordination between the
Department of Homeland Security (DHS) headquarters, CBP, and
ICE;
2. Conducting integrated planning and coordination of policies
and resources;
3. Reviewing, developing, and implementing policies and
procedures to improve and enhance operational coordination
between CBP and ICE; and
4. Providing oversight and implementing metrics and performance
measures to ensure that the actions and initiatives taken or
proposed achieve intended results.
In April 2006, the DHS Deputy Secretary responded by outlining the
activities and programs the department intends to implement to address
the 14 recommendations we made to improve coordination between CBP and
ICE and enhance interoperability at the field level.
In June 2006, we began a follow-up review of DHS' progress in
addressing coordination challenges between CBP and ICE. DHS has made
significant progress toward improving coordination and interoperability
between the two components. For example, DHS made organizational
changes with the department, including creating the Offices of Policy,
Operations Coordination, and Intelligence and Analysis. Senior
officials of CBP and ICE created the ICE-CBP Coordination Council to
provide a forum to address CBP and ICE policy and operational
coordination issues. In addition, the department established the Secure
Border Initiative and Border Enforcement Task Forces.
However, additional work is necessary. Most notably, CBP and ICE
can address the remaining challenges by placing increased emphasis on
(1) improving communication between CBP and ICE headquarters elements
and all levels of field personnel; (2) improving intelligence and
information sharing; (3) strengthening performance measures; and, (4)
addressing ongoing relational issues among some elements of the two
components. We anticipate releasing a final report by April 2007.
Question 16.: What hurdles exist in getting the Transportation
Sector Specific Plan that was due over two years ago finalized and
published?
Response: We have not conducted any work in the area of the
Transportation Sector Specific Plan, and therefore cannot report
directly on any hurdles to finalizing and publishing the plan.
Question 17.: In October of last year GAO sent a letter titled
Combating Nuclear Smuggling: DHS's Cost-Benefit Analysis to Support the
Purchase of New Radiation Detection Portal Monitors Was Not Based on
Available Performance Data and Did Not Fully Evaluate All the Monitors'
Costs and Benefits to the chairmen of both the House and Senate
appropriations committees. Has there been any activity in the Inspector
General's office to look at DNDO's cost-benefit analysis and if so what
are you finding?
Response: We met with Government Accountability Office (GAO)
officials in November 2006 to leverage information obtained on
previously conducted Domestic Nuclear Detection Office (DNDO) work,
such as the letter you referenced, and have mitigated our review
efforts of DNDO for potential overlap with current and future GAO
engagements. GAO officials said they would be conducting additional
work on DNDO's cost-benefit analysis to determine whether it provides a
reliable basis for making major procurement decisions, such as whether
to invest heavily in deploying a new portal monitor technology.
On December 20, 2006, we initiated a review assessing the DNDO's
progress in integrating detection and response capabilities. We are
examining DNDO programs and initiatives to support the integration of
domestic nuclear and radiological detection, notification, and response
systems, including DNDO's coordination efforts with other federal
agencies and state governments. In addition, we will evaluate whether
DNDO's programs overlap or duplicate those of other federal agencies
with nuclear/radiological detection responsibilities. An evaluation of
other governmental and nongovernmental entities with nuclear detection
and response responsibilities is not within the scope of this review.
We anticipate releasing a final report by July 2007.
Question 18.: As the government agency charged with securing the
nation's critical cyber infrastructure, how is DHS supposed to provide
adequate leadership to the nation's critical infrastructure owners when
the Department itself continues to receive failing grades on securing
its own critical infrastructure?
Response: In September 2006, the first Assistant Secretary for
Cyber Security and Telecommunications (CS&T) for DHS under the
Preparedness Directorate was appointed. Under this leadership, the
National Cyber Security Division is working collaboratively with public
and private sector entities to secure the nation's cyber
infrastructure. We are currently finalizing our second review of NCSD
operations and will be issuing our report in May 2007. While CS&T is
leading the movement in securing the nation's critical infrastructure,
the DHS Chief Information Security Officer (CISO) continues to improve
DHS' own critical infrastructure by ensuring that its components are
complying with FISMA requirements. The CISO continually monitors and
reports on the status of each component's FISMA scorecard to ensure
that all aspects of the information security program are being
achieved.
Question 19.: What steps have the Department taken to resolve flaws
in the way that FISMA evaluations are performed and what steps remain?
Response: DHS is developing an information security program that
standardizes the processes that its components must follow to ensure
that all FISMA standards and requirements are being met. As
illustration, the department first established its system inventory and
the continued updating of that inventory. Subsequently the department
undertook the goal to certify and accredit each of its systems. The
department is now focusing on the quality of its plan of action and
milestones and also of the systems certification and accreditations
performed. The department continues to mature its security program and
to review the quality of all of its FISMA processes.
The OIG has not conducted a complete evaluation of how the
department performs its own evaluations of FISMA compliance at the
department level and at each of its components. The OIG will review the
quality of the department's FISMA processes during its annual FISMA
evaluations.
Question 20.: What is your office doing to ensure that the problems
that existed with regard to improving laptop computer security, prior
to Jay Cohen's appointment as the Science and Technology Directorate
Under-Secretary are addressed? Specifically, what is your office doing
to oversee S&T's efforts to develop a mature business model and prudent
project management practices?
Response: In June and September 2006, the OIG issued laptop
security reports to S&T covering their unclassified and classified
systems respectively. In those reports we made several recommendations
designed to assist S&T in implementing adequate and effective security
policies and procedures related to the physical security of and logical
access to its government-issued laptop computers. S&T has taken steps
or planned corrective action to address the weaknesses we identified.
Through our compliance follow-up, we continue to monitor S&T's progress
in implementing their open recommendations. We are currently reviewing
the final DHS component included in our overall audit. A consolidated
DHS laptop security report will be issued in July 2007 on the status of
laptop security Department wide. The significance of laptop security
and the need for possible follow-up audits to address this area of
concern will be discussed during our March 2007 annual planning
conference.
We have combined two reviews from our 2007 performance plan that we
are conducting now. We are examining how S&T identifies, prioritizes
and determines funding for its Research and Development efforts. To
understand those processes, we are examining how the new organizational
structure and business procedures guide the Research, Transition,
Special Access Program, and HSARPA divisions. We are also addressing
the allocation of funding between the programs and the rationale
underlying the allocation. In addition, we are reviewing the procedures
for managing HSARPA projects. We hope to provide useful recommendations
to improve any S&T processes that appear to be deficient.
Question 21.: What is your office doing to ensure that Under
Secretary Cohen develops a plan to strengthen workforce recruitment and
retention; improve institutional knowledge base; and create a culture
of responsibility within the Directorate?
Response: We intend to conduct a review later this year that will
determine: (a) S&T's initiatives to attract and retain employees with
the skills necessary to advance the Directorate's mission; (b) its
processes for evaluating the effectiveness of its employees; and, (c)
the rates at which employees leave the Directorate as compared to other
research and development organizations. S&T's ability to retain its
workforce will have a direct effect on improving its institutional
knowledge base. In addition, our ongoing review of the Directorate's
procedures for managing HSARPA projects will reflect the responsibility
taken by the different layers of management for the success of those
projects.
Question 22.: The IG's office released a report called DHS'
Management of BioWatch Program, which mentioned a few problems,
especially with the Laboratory Response Network that does the analysis
of the material gathered in the environmental sensors used by BioWatch.
The report stated, however, that DHS was alerted to the problems and
that the IG was now satisfied that the labs are functioning properly.
Can you please quickly outline the problems you found and how the
problems were addressed?
Response: We included in our BioWatch report, a recommendation for
DHS to address and rectify after-action and previous operation findings
related to field and laboratory activities. DHS' actions taken and
planned should help to reduce the number of repeat findings, but our
report does not conclude, ``the labs are functioning properly.'' DHS
reported it developed and implemented a protocol to reduce deficiencies
identified and to ensure that jurisdictions promptly correct identified
deficiencies. As a result, we considered the recommendations resolved
and closed.
Our recommendation was based on the need to enhance management
controls for oversight of the field and laboratory operations, as
identified in two DHS reviews of BioWatch field operations. The fist
conducted in the Spring 2004 and the second in the Fall 2005.
The summary report of the first site round of visits identified
procedural deficiency issues in field collection, transport of filters,
and laboratory operations that needed to be addressed to ensure the
effectiveness of BioWatch. Examples of high error rates reported
related specifically to laboratory operations included the following:
Improper transfer of exposed filters.
Improper decontamination of the Chain-of-Custody (CoC)
bags, inner bags, and holders.
Procedural errors made in the handoff from the field
personnel to the laboratory personnel.
Improper quality control of critical reagents, the
substances used in detecting or measuring a component because
of their chemical or biological activity.
Improperly conducted Sample Management System (SMS)
functions.
Several of the areas in laboratory operations reported as requiring
improvement in the first round site visits were also reported in the
second round. The summary report of the second round included the
following suggestions from DHS for laboratory improvement:
Establish separate areas for sample receipt, SMS
functions (when performed at the laboratory), new filter holder
assembly, and sample processing.
Perform proper decontamination of CoC bags, inner
bags, and holders prior to filter cutting and transfer, as well
as scissors, cassette openers, and hood between samples.
Decontaminate bags (containing holders, cassettes, CoC
bags, and inner bags), DNA extract tubes, and any other
materials with bleach prior to removing from the biological
safety cabinet and hood.
Implement quality assurance and quality control on
reagents, including plates, strips, and verification panels,
upon arrival; and analyze environmental laboratory swipes and
swabs weekly.
Separate new filter holders from exposed holders
during sample collection by transporting them in separate
coolers or containers that can be easily decontaminated.
Question 23.: Please explain what steps DHS has taken and still
needs to take to address the findings from your office's summer 2006
report that criticized the Homeland Security Information Network's
(HSIN) rushed deployment schedule for resulting in a system that does
not support information sharing effectively, does not fully meet user
needs, and consequently is not relied upon by State, local, and tribal
law enforcement agencies.
Response: In September 2006, the department outlined several steps
that it had taken to address our HSIN report recommendations.
Specifically, the department's Office of Operations Coordination had
held a series of meetings, training sessions, conferences, and
briefings to clarify and communicate HSIN's mission and vision to
users, its relations to other systems, and its integration with related
federal systems. Through emergency management exercises, the department
had identified gaps in HSIN procedures, guidance, and training.
Addressing these gaps entailed providing users with over-the-shoulder
instruction and technical support, and assigning a program manager
within the newly established HSIN Joint Program Office responsibility
for tracking training and guidance development activities.
To increase stakeholder involvement, an HSIN Work Group, comprised
of a cross-section of DHS personnel, was taking steps to align business
processes, coordinate requirements, and create cross-functional program
governance. Further, an HSIN Advisory Committee, with intergovernmental
and industry representation, was to provide guidance and
recommendations to the HSIN program manager. In turn, the HSIN program
manager would work to ensure that performance metrics were established
and used to determine system and information sharing effectiveness. The
department did not respond to our recommendation on defining the
intelligence data flow model for HSIN and providing guidance to system
users on what information is needed, what DHS does with the
information, and what information DHS will provide.
Additionally, in December 2006, the Office of Operations
Coordination requested that we provide initial comments and feedback on
a strategic framework and implementation plan it had developed to
outline the HSIN vision, mission, and desired outcomes. We found,
however, that the draft documents focused primarily on components
within DHS with no mention of state, local, tribal, or private industry
stakeholders. As such, the documents did not address how all
stakeholders, not just DHS components, would be involved in the system
development lifecycle process. The Office of Operations Coordination
did not provide us a copy of the final strategic framework and
implementation plan.
Question 24.: In December 2005, your office issued an unclassified
summary of a report on the Department's Security Program and Practices
for its Intelligence Systems (OIG-06-3), in which you recommended that
the Department establish a single, comprehensive, and inclusive
information security program for its intelligence systems.
Specifically, you recommended that the Department (1) provide adequate
security for the information and information systems that support
intelligence operations and assets; and (2) ensure the confidentiality,
integrity, and availability of vital intelligence information. What
progress can you report to date?
Response: In September 2005, DHS formally appointed the Assistant
Secretary for Intelligence and Analysis as the Chief Intelligence
Officer for DHS, responsible for overseeing the department's
intelligence systems' security program. In October 2005, the Office of
Intelligence and Analysis (OI&A) was created to assume full
responsibility for the information assurance of DHS? Sensitive
Compartmented Information (SCI) systems, excluding those of the United
States Coast Guard (USCG). In March 2006, the Assistant Secretary for
Intelligence and Analysis was appointed as the Designated Approval
Authority (DAA) for DHS' intelligence systems. In April 2006, OI&A
appointed a Chief Information Officer (CIO). In July 2006, OI&A drafted
an Interim DHS Management Directive that delineates the
responsibilities for the oversight and evaluation of DHS' IT security
program for its intelligence systems. In August 2006, OI&A's CIO
appointed an Information Systems Security Manager to oversee the
department's intelligence activities. In October 2006, the Director for
Information Sharing and Knowledge Management established an
Intelligence Systems Board (ISB) to govern DHS' intelligence
activities. Representatives from each DHS component whose systems
process intelligence information, including USCG, are members of the
ISB.
More recently, based on our Fiscal Year 2006 review of DHS'
information security program and practices for its intelligence
systems, we reported that DHS established an IT security program for
its intelligence systems. However, challenges remain regarding the full
implementation and management of the information security program for
the department's intelligence systems, especially at the component
level. Our concerns focus on the coordination and management of the
security program for the department's intelligence systems. DHS must
address these concerns in order to provide adequate security for the
information and the information systems that support its intelligence
operations and assets and ensure the confidentiality, integrity, and
availability of vital intelligence information. Specific DHS component
information and issues related to the current state of DHS'
intelligence systems security is classified
Question 25.: Have you met with Secretary Chertoff to discuss that
you have encountered problems in gaining access to information and if
so, what mitigating measures did he recommend to assist your in gaining
access to the documents you need?
Response: As discussed in more detail in our audit, Acquisition of
the National Security Cutter, OIG-07-23 (January 2007), we prepared,
for the Secretary's signature, a one-page memorandum to all DHS
personnel identifying our authorities and instructing personnel to
cooperate with our office. We also prepared a four-page document
providing ``Frequently Asked Questions'' regarding interactions with
our auditors and inspectors. Both documents were provided to senior
department officials in July 2006, and despite repeated requests and
meetings, neither has been issued. In October 2006, the Secretary and
Deputy Secretary were present at a meeting regarding our cutter audit
during which the access issue was raised. At that time, we were told
the access issue was being worked. While our working relationship with
the Coast Guard has improved dramatically since the issuance of our
audit, we believe a permanent, department-wide solution is needed.
The following questions were asked during the hearing, the
Committee requests that responses be provided in writing.
Question 26.: What is the status of the investigation and what
action was taken against those individuals responsible for leaking
secret information after the recent leaks regarding an October 2005
subway threat in New York City?
Response: Our investigation is closed. The two department employees
resigned, one effective December 31, 2006, the other effective June 8,
2006, prior to the initiation of any administrative action. Allegations
against both individuals were declined criminally. While both had
received a secret briefing, the investigation did not disclose that
either actually leaked classified information to unauthorized persons.
Question 27.: What actions has the department taken to ensure that
employees of the Department realize the absolute necessity of not
leaking secret information after the recent leaks regarding an October
2005 subway threat in New York City?
Response: In accordance with Executive Order 12958, as amended, and
32 CFR Part 2001, the Department of Homeland Security (DHS) has
established programs and safeguards for the identification and
protection of classified information. Incidents involving the
mishandling or compromise of classified information are promptly and
thoroughly investigated to determine the cause, mitigate potential
damage, and implement measures to prevent recurrence. The Department
also has a security education, training and awareness program that
requires all DHS personnel, including contractors and sub-contactors,
receive a security orientation briefing upon initial assignment to the
Department. For those personnel who have been granted a security
clearance a separate security briefing is required prior to being
granted access to classified information and thereafter refresher
briefings are given each calendar year at approximately 12-month
intervals. Included in these briefings are sections that cover an
individual's obligation to protect classified information from
unauthorized disclosure and the potential for sanctions should they
fail to do so.
Question 28.: Please provide a report of what was learned from
DHS's response to the management advisory meeting held on the afternoon
of February 7, 2007.
Response: We are proceeding with our ongoing work regarding SBInet,
and continue to meet with DHS staff. Our review of the SBInet Baseline
is expected to be completed by the end of the year.
Question 29.: Please provide a detailed breakdown of how $16
billion (40% of DHS budget) is spent and why it's better spent on
contractors than in-house.
Response: We have not conducted a detailed analysis of DHS spending
through contracts, and have not made any assessment of contracted work
versus work performed in-house. We have several ongoing reviews that
are looking at significant DHS programs that use contracted resources,
such as CBP's SBInet and Coast Guard's Deepwater Program. In those
reports, we questioned the offices' over-reliance on contractors to
perform project oversight functions.
Question 30.: Several OIG reports have identified problems with TSA
screeners and TSA airport procedures. What progress has been made in
implementing OIG's recommendations and what is being done to further
ensure consistency and clarity regarding the rules and procedures on
airport screenings?
Response: As a result of two audits that our office has conducted
to test screeners' ability to detect prohibited items on passengers'
bodies, in their cabin-accessible property, and in their checked
baggage, we made several recommendations to TSA to enhance this aspect
of aviation security. We identified four broad areas in which TSA could
take action to improve screener performance, as measured by detection
rates: training; equipment and technology; policy and procedures; and
supervision. TSA has implemented several changes that are responsive to
our recommendations, and is incrementally working on taking additional
actions. In addition, we will shortly being starting a new round of
penetration testing to determine to what extent TSA's policies,
procedures, training, equipment, and supervision ensure that
Transportation Security Officers are able to prevent threat items from
being introduced into the sterile areas and checked baggage systems of
the nation's airports.
We also recently completed an audit that tested airport and air
carrier employees' ability to prevent unauthorized access to secured
areas of the airport. In our report we make 10 recommendations to
improve access control, but because we have not yet issued our report,
it is premature for us to discuss TSA's response.
Question 31.: What is the prognosis for linking the Homeland
Security Network to RISS and are procedures being developed to avoid
duplication and confusion when that linkage takes place?
Response: In June 2006, we reported that DHS had made some progress
in establishing interoperability between HSIN and similar federal
systems, such as the Regional Information Sharing Systems (RISS), which
is used to facilitate the exchange of critical information across
federal, state, and local law enforcement agencies. For example, DHS
had begun to allow products to be posted and shared between HSIN and
RISSNET, and was working with Department of Justice representatives to
achieve complete interoperability in 2006. However, we have performed
no follow-up work on this issue since the release of our report.
Questions from the Honorable Peter T. King, Ranking Minority Member
Question 32.: With respect to financial management, your testimony
discusses the Department's internal control weaknesses, specifically
those at the Coast Guard, Immigration and Customs Enforcement, and the
Transportation Security Administration.
Your testimony notes that the Department has taken
steps to address these issues. What is the Department doing to
resolve the weaknesses? What additional steps should the
Department take in this area?
Response: The Department is doing the following to resolve the
weaknesses:
The Department has developed a corrective action plan
to remediate internal control weaknesses.
The DHS Office of Financial Management, Coast Guard,
and Immigration and Customs Enforcement have engaged outside
contractors to assist in implementation of these corrective
action plans.
DHS Chief Financial Officer has implemented a rigorous
timeline and monitoring of progress to identify problems that
need to be addressed by the responsible party. DHS Chief
Financial Officer reports this information to the Deputy
Secretary.
These corrective action plans and this process help
the DHS Chief Financial Officer hold components accountable for
meeting corrective action milestones in order to remediate
internal control weaknesses.
The Office of Inspector General initiated a series of
performance audits to assess the effectiveness of DHS'
corrective action plans to address internal control weaknesses
and has provided recommendations for improvement.
With regard to additional steps, the Department needs
to continue to develop CAPS that identify the underlying root
causes, develop effective remediation plan with measurable
milestones, assign accountability for the CAP, and validate the
successful implementation of the CAP.
Question 33.: You note that FEMA has developed new predefined
mission assignments for disaster response and recovery, and you are
conducting a review of these assignments.
What has your examination determined thus far?
Will these predefined mission assignments help to
prevent waste in future disasters?
Response: FEMA issued approximately 2,700 mission assignments
totaling approximately $8.7 billion to Federal agencies to help respond
to Hurricane Katrina. FEMA historically has had significant problems
issuing, tracking, monitoring, and closing mission assignments. FEMA
guidance on the assignments is often vague, and agencies' accounting
practices vary significantly, causing problems with reconciling
agencies' records to FEMA records. FEMA has developed a number of new
pre-defined mission assignments to expedite some of the initial
recurring response activities. In addition, FEMA's Disaster Finance
Center is working to find a consensus among other Federal agencies on
appropriate supporting documentation for billings.
According to FEMA officials, 44 predefined mission assignments have
been in established with DOD, including 28 with USACE. In March 2007,
FEMA will add 8--10 more mission assignments with USDA, EPA, DOT, HHS
and HUD. The predefined mission assignments shorten the multi-tier MA
approval process and identify the typical services assigned to each
agency.
We are currently conducting a review of mission assignments to DHS
agencies, and other Inspectors General are reviewing mission
assignments to their respective agencies. As with pre-defined standby
contracts, pre-defined mission assignments will help to mitigate waste.
Question 34.: Your testimony notes the importance of data mining in
terrorism detection and prevention. However, you note that many of the
data mining activities within the Department are stove-piped within
each component.
What is the Department doing to ensure that this
information is shared throughout the Department to maximize the
effectiveness of this information?
Response: This year, we plan to include in our review access and
coordination for sharing of information critical in fighting terrorism
as they relate to data mining activities within the Department.
About half of the data mining activities reviewed in the ``Survey
of DHS Data Mining Activities'' were developed using custom-built
systems or proprietary software without regard to technological
compatibility and DHS-wide coordination with other programs, thereby
impeding information sharing. Additionally, some of the data mining
activities used the same commercial-off--the-shelf products, but did
not share information.
Many activities that were reviewed only collected and analyzed
small pieces of information for mission-restricted programs, such as
screening foreign flight crews or ensuring that special interest aliens
register with ICE. However, there may be a potential for coordinating
data access and mining for cross-cutting functions, such as, reporting
or analyzing suspicious or criminal activities, assessing risk,
targeting cargo, and authenticating documents and people.
Questions from the Honorable Marsha Blackburn, a Representative in
Congress from the State of Tennessee
Question 35.: You noted in your testimony that you believe more
data sharing is needed between FEMA and law enforcement, especially
with respect to identifying and tracking sex offenders and suspected
felons.
How does FEMA currently collect data on sex offenders
and missing children?
Response: FEMA does not collect data specific to sex offenders.
Rather, FEMA collects information from individuals applying for
disaster assistance to facilitate the delivery of disaster assistance.
The type of information collected by FEMA and contained in FEMA's
disaster assistance recovery files includes the applicant's name,
social security number, income information, address of damaged
property, current address, etc. Law enforcement officials have told us
that direct access to this information following a disaster is needed
to identify the whereabouts of registered sex offenders and to protect
those residing in FEMA shelters and trailer parks.
In respect to missing children, FEMA collects the names of children
living in the applicant's home at the time of the disaster. This
information is often needed by law enforcement to locate missing
children and to reunite them with their families. DHS and DOJ recently
established an agreement that provides law enforcement direct access to
FEMA disaster recovery assistance files for the purpose of locating
missing children displaced due to disasters. However, DHS and DOJ have
not established an arrangement that provides law enforcement direct
access to FEMA disaster assistance recovery files to identify the
whereabouts of sex offenders and fugitive felons following a disaster.
Where is this data stored and what do they usually do
with this information?
Response: Information collected from disaster assistance applicants
is stored in the National Emergency Management System (NEMIS). The
information collected from applicants is used to inspect damaged homes,
to verify information provided by the applicant, to make eligibility
determinations regarding the applicant's request for assistance, and to
identify and implement measures to reduce future disaster damage, and
for other purposes identified as routine uses, such as disclosing
information to prevent duplication of benefits.
Is it regulatory or statutory authority that is
preventing law enforcement access to this database?
Response: FEMA disaster assistance recovery files are a System of
Records protected by the Privacy Act of 1974 (5 U.S.C. 552a.). For law
enforcement to have direct access to this information, a routine use
needs to be established that allows the information to be disclosed and
an agreement between DOJ and DHS executed to permit direct access. We
have recently recommended to the FEMA Undersecretary for Federal
Emergency Management: (1) Add specific routine uses to the System of
Records Notice that authorizes the disclosure of FEMA disaster recovery
assistance files for the purpose of locating registered sex offenders
and fugitive felons in the aftermath of a disaster. (2) Develop and
execute agreements with DOJ, the coordinator for Public Safety and
Security under the National Response plan, to provide appropriate law
enforcement entities direct access to FEMA disaster recovery assistance
files for public safety and security efforts, including identifying the
whereabouts of registered sex offenders and fugitive felons.
Question 36.: The Deepwater Program:
Who requested the modification of the original designs
of the National Security Cutter (NSC)?
Response: The Coast Guard requested the modification of the
original designs of the National Security Cutter (NSC).
Why were the designs modified?
Response: According to the Coast Guard, the events of September 11,
2001 forced them to reconsider the performance requirements for assets
being acquired through the Deepwater Program, which included the NSC.
As a result, the Coast Guard issued a Revised Deepwater Implementation
Plan (the Plan) on 25 March 2005. Studies were also conducted by
several independent organizations such as the Brookings Institution and
RAND, which identified shortcomings in the original Deepwater solution
and recommended the Coast Guard investigate how to correct them. As a
result, during July 2003, the Commandant directed that an internal
Coast Guard study be conducted to analyze operational capability and
force structure gaps, and their impact on mission performance. The
resulting review helped the Coast Guard revise the performance
specifications for a wide array of Deepwater assets including the
NSC.These revised performance specifications for the NSC included:
A larger flight deck to accommodate all
variants of DHS and DOD HH-60 helicopters;
The installation of an anti-terrorism/Force
protection Suite to include underwater sonar to allow
the cutter to scan ports, approaches, facilities, and
high value assets for underwater mines and swimmers;
An updated weapons and command and control
suite; and,
Chemical, Biological, Radiological (CBR)
capability to allow the NSC to remain on scene and
operate in Weapons of Mass Destruction scenarios.
Changes to the original NSC designs began shortly after 9/11, and
continue to this day.
Although your office warned the Department not to
begin the production of the new NSCs, the Department decided to
begin production on 2 of them. Who made the decision?
Response: It was the Coast Guards own subject matter experts and
not the OIG that warneded Coast Guard not to begin production of NSCs 1
and 2. In a memorandum dated on March 29, 2004 from the Coast Guard's
Assistant Commandant for Systems (Admiral Erroll Brown) to the
Deepwater Program Executive Officer (PEO) Admiral Patrick Stillman,
where he expressed concern that there were significant structural
problems with the design of the NSC which compromise the safety and the
viability of the NSC's hull. Admiral Brown also requested ``the
impending Delivery Task Order (DTO) for the production and deployment
of the NSC (003OBC), be held in abeyance until a solution to the NSC's
structural design issues could be resolved. Despite the warning, the
Coast Guard authorized $140 million to commence the production and
deployment of NSC1. By January 2005, the Deepwater PEO had authorized
the issuance of DTOs valued at an additional $201 million for long lead
items and the construction and deployment of NSC2. It was not until
March 2005, more than 27 months after first being advised of the NSC
design deficiencies, did the Deepwater Program Office contract with the
U.S. Navy's Surface Warfare center (Carderock Division) to conduct a
fatigue assessment of the NSC.
Who was in charge to exercise technical and management oversight
authority over the NSCs?
Response: For the Coast Guard the authority resided with the
Deepwater Program Executive Officer (Rear Admiral Patrick Stillman).
For the ICGS/Northrop Grumman, the authority resided with the Vice
president and General Manager (ICGS) and the President, Northrop
Grumman Ship Systems.
Who made the decision to modify the designs of the
123-foot patrol boat?
Response: To our knowledge, the design of the 123-foot patrol boats
was not modified.
Did any Coast Guard technical experts analyze these
modifications for structural problems?
Response: It is our understanding the Coast Guard's Engineering and
Logistics Command (ELC) evaluated the 123-foot patrol boat design and
(like the NSC) made recommendations to the Deepwater PEO. Our review of
the construction issues with the 123' foot patrol boat did not include
an evaluation of the 123-foot design. Therefore, we do not know the
extent to which the ELC's recommendations were evaluated by the
Deepwater program office and incorporated into the 123-foot patrol boat
design.
In your opinion, has Commandant Thad Allen's efforts
to overhaul internal operations will provide greater oversight
of Deepwater acquisitions?
Response: The Coast Guard recognizes these challenges and is taking
aggressive action to strengthen program management and oversight--such
as technical authority designation; use of independent, third party
assessments; consolidation of acquisition activities under one
directorate; and redefinition of the contract terms and conditions,
including award fee criteria. Furthermore, and most importantly, the
Coast Guard is increasing its staffing for the Deepwater program, and
reinvigorating its acquisition training and certification processes to
ensure that staff have the requisite skills and education needed to
manage the program. The Coast Guard is also taking steps to improve the
documentation of key Deepwater related decisions. If fully-implemented,
these steps should significantly increase the level of management
oversight exercised over the air, surface, and C4ISR assets that are
acquired or modernized under the Deepwater Program.
Question 37.: What type of cost and manpower are necessary to form
a coherent IT infrastructure in DHS? Does DHS have competent personnel
and adequate management plans to accomplish this?
Response: We have not conducted work in this area in order to
answer these questions. We plan to address cost and manpower issues as
part of a comprehensive review of IT management at DHS in fiscal year
2008.
Response to Supplemental Questions
for the
Committee on Homeland Security
House of Representatives
Hearing on
Management and Programmatic Challenges Facing the Department of
Homeland Security
February 7, 2007
Responses from the Honorable David M. Walker, joint with Norman Rabkin
Question 1.: Please explain why DHS has been unable to produce a
clean financial statement for the entire Department.
Response: The Department of Homeland Security (DHS) has been unable
to obtain a ``clean'' opinion on its financial statements because of
existing financial management systems, controls and reporting problems.
DHS management and auditors have attributed many of DHS's difficulties
in financial management and reporting to the original stand-up of a
large, new, and complex executive branch agency without adequate
organizational expertise in financial management and accounting. GAO
identified DHS's transformation as a high risk area in fiscal year 2003
because DHS had to transform 22 agencies into one department and
inherited a number of operational and management challenges from legacy
components. For fiscal year 2006, DHS only had its Balance Sheet and
Statement of Custodial Activity subjected to audit. According to DHS's
Inspector General, the Office of Financial Management, U.S. Coast Guard
(USCG), Transportation Security Administration (TSA), Federal Emergency
Management Agency (FEMA), Immigration and Customs Enforcement (ICE),
and the Management Directorate were unable to provide sufficient
evidence to support account balances presented in these financial
statements and collectively contributed to the auditors' inability to
render an opinion on them. Further, DHS management and three of its
major components (USCG, TSA, and ICE) were unable to represent that the
financial statements were presented in conformity with U.S. generally
accepted accounting principles. The auditors identified 10 material
weaknesses in internal control resulting in an adverse opinion rendered
by DHS's Inspector General on controls over financial reporting and
compliance as of September 30, 2006. The auditors attributed these
conditions to a weak internal control environment and entity-level
controls such as limited staffing resources and lack of integrated
financial processes and systems.
Question 2.: In addition to the Department's problems in carrying
out its responsibilities in implementing SBInet and the National
Security Cutter programs, are there any particular programs you would
like to bring to our attention as likely to present special challenges
for DHS?
Response: Given the importance of major information technology (IT)
investments to DHS's transformation efforts, we have recommended that
the department adopt a strategic approach to managing these investments
that is grounded in (1) rigorous and disciplined investment management
and system acquisition processes and (2) a corporate enterprise
architecture to ensure that these investments can interoperate and are
not duplicative. Since making these recommendations, our work on
individual programs, such as US-VISIT, Secure Flight, and the Automated
Commercial Environment (ACE), has shown that the department has
continued to be challenged in its ability to manage its IT investments
in such a manner. We have ongoing work focusing on both DHS's corporate
approach to IT investment management and its enterprise architecture.
Question 3.: Please explain how personnel and morale problems such
as those highlighted in the recent Office of Personnel Management
report, which highlighted the morale problems among employees at DHS,
have affected DHS's ability to accomplish its mission.
Response: The Comptroller General convened a forum in September
2002 to identify useful practices from major private and public sector
mergers, to help federal agencies like DHS merge its various
originating components into a unified department. We found that the key
to a successful merger and transformation is to recognize the
``people'' element and implement strategies to help individuals
maximize their full potential in the new organization, while
simultaneously managing the risk of reduced productivity and
effectiveness that often occurs as a result of the changes.\1\ The
challenge of implementing and transforming DHS's 22 agencies into a
fully functioning department remained as a high-risk area on our
January 2007 update to our high-risk list.\2\ In particular, we noted
that DHS still has not developed a DHS-wide transformation strategy
that includes a strategic plan that identifies specific budgetary,
human capital, and other resources needed to achieve strategic goals.
We currently have ongoing work that addresses a number of human capital
issues at DHS. This work is being conducted at the request of the
Committee and we expect to issue our report later this year.
---------------------------------------------------------------------------
\1\ GAO, Highlights of a GAO Forum, Mergers and Transformation:
Lessons Learned for a Department of Homeland Security and Other Federal
Agencies, GAO-03-293SP (Washington, D.C.: Nov. 14, 2002) and Results-
Oriented Cultures: Implementation Steps to Assist Mergers and
Organizational Transformations, GAO-03-669 (Washington, D.C.: July 2,
2003).
\2\ GAO, High-Risk Series: An Update, GAO-07-310 (Washington, D.C.:
January 2007).
Question 4.: Please provide information regarding investigations of
DHS's failure to build internal capacity while outsourcing many of its
responsibilities. In particular, please explain the extent to which DHS
over-relies on contractors to fill employee vacancies.
Response: The work of the government is increasingly being
performed by contractors, including emergency and large-scale logistics
operations such as hurricane response and recovery and the war in Iraq.
In making sourcing decisions, organizations need to determine whether
internal capability or external expertise can more effectively meet
their needs. The Commercial Activities Panel, chaired by Comptroller
General Walker, noted in 2002 that determining whether the public or
the private sector would be the most appropriate provider of the
services the government needs is an important, and often highly
charged, question.\3\ The report also stated that determining whether
internal or external sources should be used has proved difficult for
agencies because of systems and budgeting practices that (1) do not
adequately account for total costs and (2) inhibit the government's
ability to manage its activities in the most effective manner possible.
---------------------------------------------------------------------------
\3\ Commercial Activities Panel, Final Report: Improving the
Sourcing Decisions of the Government (Washington, D.C.: 2002).
---------------------------------------------------------------------------
In prior work examining the competitive sourcing initiatives of
selected agencies which did not include DHS, we reported that several
agencies had developed strategic and transparent sourcing
approaches.\4\ The approaches included the comprehensive analysis of
factors such as mission impact, potential savings, risks, current level
of efficiency, market conditions, and current and projected workforce
profiles. The Congress could continue to monitor DHS's and other
agencies' reliance on contractors to carry out their basic missions.
Our ongoing work on several human capital issues at DHS should provide
some insight on the use of personal service contracts at the
department.
---------------------------------------------------------------------------
\4\ GAO, Competitive Sourcing: Greater Emphasis Needed on
Increasing Efficiency and Improving Performance, GAO-04-367
(Washington, D.C.: Feb. 27, 2004).
Question 5.: Please explain any and all concerns regarding DHS's
failure to set sufficient requirements for ``solution based''
procurement contracts. Also, please explain whether there is sufficient
monitoring for the contractors who win these awards.
Response: The Deepwater program has been designated as a
performance-based acquisition. If performance-based acquisitions are
not appropriately planned and structured, there is an increased risk
that the government may receive products or services that are over cost
estimates, delivered late, and of unacceptable quality. We have found
in our reviews of major systems that establishing clear requirements
ahead of time is critical to mitigating risk.\5\ Program requirements
are often set at unrealistic levels, then changed frequently as
recognition sets in that they cannot be achieved. As a result, too much
time passes, threats may change, and/or members of the user and
acquisition communities may simply change their minds. The resulting
program instability causes cost escalation, schedule delays, fewer
quantities, and reduced contractor accountability. GAO is presently
performing a review of how well DHS components are managing
performance-based services acquisition.
---------------------------------------------------------------------------
\5\ GAO, Homeland Security: Observations on the Department of
Homeland Security's Acquisition Organization and on the Coast Guard's
Deepwater Program, GAO-07-453T (Washington, D.C.: February 8, 2007).
---------------------------------------------------------------------------
In terms of monitoring contractor performance under the Deepwater
program, in 2004, we found that the Coast Guard had not developed
quantifiable metrics to hold the system integrator accountable for its
ongoing performance and that the process by which the Coast Guard
assessed performance after the first year of the contract lacked
rigor.\6\ We also reported that the Coast Guard had not begun to
measure the system integrator's performance on the three overarching
goals of the Deepwater program--maximizing operational effectiveness,
minimizing total ownership costs, and satisfying the customers. Coast
Guard officials told us that metrics for measuring these objectives had
not been finalized; therefore they could not accurately assess the
contractor's performance against the goals. However, at the time, the
Coast Guard had no time frame in which to accomplish this measurement.
According to a Coast Guard official, the Coast Guard evaluated the
contractor subjectively for the first award term period in May 2006,
using operational effectiveness, total ownership costs, and customer
satisfaction as the criteria. The result was a new award term period of
43 of possible 60 months.
---------------------------------------------------------------------------
\6\ GAO, Contract Management: Coast Guard's Deepwater Program Needs
Increased Attention to Management and Contractor Oversight, GAO-04-380
(Washington, D.C.: March 9, 2004).
Question 6.: Please provide procedures and studies regarding the
adequacy of safeguards DHS has in place to enable small, minority and
disadvantaged businesses to have a fair chance in the procurement
process.
Response: We recently reported that, of the prime contracting
dollars DHS awarded for Hurricane Katrina-related relief activities
between August 2005 and June 30, 2006, 24 percent of these funds (about
$1.6 billion) went to small businesses.\7\ Of the $1.6 billion DHS
awarded directly to small businesses, disadvantaged businesses received
$409 million, women-owned businesses received $243.7 million,
businesses located in historically underutilized business zones
(``HUBZones'') received $222.7 million, and veteran-owned businesses
received about $128 million.
---------------------------------------------------------------------------
\7\ GAO, Hurricane Katrina: Agency Contracting Data Should Be More
Complete Regarding Subcontracting Opportunities for Small Businesses,
GAO-07-205 (Washington, D.C.: March 1, 2007).
---------------------------------------------------------------------------
Our March 2007 report found that subcontracting accomplishment
information was not consistently available for the DHS prime contracts
that were awarded to large businesses for activities related to
Hurricane Katrina and which should have had subcontracting plans. These
plans are supposed to identify the types of work and the percentage of
subcontracting dollars prime contractors expect to award to certain
categories of small businesses, such as those that are disadvantaged or
owned by women or service-disabled veterans. We found that DHS's
systems had no information on subcontracting plan requirements for 70
percent of the contracting dollars that appeared to meet the criteria
for having subcontracting plans. Also, for 29 percent of the
contracting dollars, DHS's systems showed that a subcontracting plan
was not required. DHS officials indicated that $545 million of these
funds were miscoded, and should have been coded as having ``no
subcontracting possibilities.'' DHS officials were unable to explain
why the remaining $861 million were not required to have subcontracting
plans. In response to recommendations in our report, DHS plans to issue
guidance to all acquisition offices reinforcing previously issued
guidance regarding the importance of awarding all appropriate contracts
to small businesses and encouraging large businesses to subcontract all
appropriate work to small businesses.
Question 7.: How many vacancies does DHS have and does it have
sufficient funding to hire the staff it needs?
Response: According to DHS, it is difficult to quantify the number
of vacancies in an agency because there is no statutory definition of
the term. one measure of vacancies is the number of full time
equivalents (FTEs) budgeted by an agency that are not currently filled.
In each fiscal year, each agency allocates a certain number of FTEs to
each of its components based on budgetary and workload factors. Based
on data supplied by DHS, in fiscal year 2007 the department was
allocated 186,743 FTEs and, as of January 20, 2007, had 181,089 on
board personnel. According to DHS, the difference between the enacted
FTE's and on board personnel (5,654) may be the best basic currently
available indicator for the number of vacancies at DHS.
We lack sufficient information to judge the sufficiency of DHS'
funding to fill vacancies and DHS reported that it could not respond to
this question without first exploring the issue with each of its
components. The costs associated with filling vacancies depend on
variables such as the scarcity and source of skills needed. Previous
GAO work has explored the need for increased staffing in various DHS
components where DHS staffing shortfalls may affect its ability to
fully accomplish its mission. As one example, DHS faces challenges in
hiring experienced staff to oversee major procurements. The Secure
Border Initiative (SBI) program, a comprehensive, multiyear,
multibillion dollar program to secure U.S. borders and reduce illegal
immigration, proposed to hire 270 government and contractor personnel
in 2007. As of February 2007, DHS had hired 124 of the 270. We reported
in February of 2007 that SBI officials had expressed concerns about
difficulties in finding an adequate number of staff with the required
expertise to support the planned activities. As a second example,
Customs and Border Patrol (CBP) has identified its need to increase the
number of Border Patrol Agents by 6,000 by December 2008. For fiscal
year 2007, CBP budgeted $187,744--which included training costs,
equipment, salary and overhead costs--for each new border patrol agent.
DHS requested $481.1 million for 3,000 new Border Patrol Agents in the
fiscal year 2008 budget request. As the United States intensifies
efforts to secure the nation from illegal entrants and terrorists, we
can expect that both staffing and technological solutions will continue
to be proposed and that DHS and Congress will have to consider the
associated costs in an environment of competing priorities and resource
constraints.
Question 8.: Please provide information regarding any studies that
indicate that continuity of employees is an important factor in
organizational function and institutional memory. Also, please explain
the extent to which the widespread use of contractors cause continuity
problems within DHS.
Response: Our work on the private sector's experience with mergers
and acquisitions suggests that over 40 percent of executives in
acquired companies leave within the first year and 75 percent within
the first 3 years. While some turnover is to be expected and is
appropriate, the new organization must ``re-recruit'' its key talent to
limit the loss of needed individuals because they do not see their
place in the new organization. At the outset of any merger and
transformation, new organizations also recognize the value in creating
an employee knowledge and skills inventory, which would also help
strengthen institutional memory. Valuable information resides in the
originating organizational components, and when these components are
combined, these intellectual assets are extremely powerful and
beneficial to employees and stakeholders. Knowledge and skills
inventories not only capture the intellectual assets of the new
organization, but also signals to employees that their particular
expertise is valued by the organization and foster a knowledge-sharing
culture.
We have also discussed the importance of employee continuity in
various other reports. For example, we have reported that, while
workforce restructuring can have benefits for agencies, any downsizing
that may occur could lead to such negative effects as the loss of
corporate memory and expertise.\8\ We have also reported that the use
of human capital flexibilities, such as monetary recruitment and
retention incentives, can be highly effective in managing agency
workforces to help ensure the continuity of employees.\9\ In addition,
we have discussed the need for agencies to develop a more strategic
approach to managing the succession of senior executives and other
employees with critical skills. For example, we have highlighted
instances where agencies' succession planning and management efforts
(1) receive active support of top leadership; (2) link to the agencies'
strategic planning; (3) identify talent from multiple organizational
levels, early in their careers, or with critical skills; (4) emphasize
developmental assignments for high-potential employees in addition to
formal training; (5) address specific human capital challenges, such as
diversity; and (6) facilitate broader transformation efforts.\10\
---------------------------------------------------------------------------
\8\ GAO, Federal Downsizing: Better Workforce and Strategic
Planning Could Have Made Buyouts More Effective, GAO/GGD-96-62
(Washington, D.C.: Aug. 26, 1996).
\9\ GAO, Human Capital: Effective Use of Flexibilities Can Assist
Agencies in Managing Their Workforces, GAO-03-2 (Washington, D.C.: Dec.
6, 2002).
\10\ GAO, Human Capital: Insights for U.S. Agencies from Other
Countries? Succession Planning and Management Initiatives, GAO-03-914
(Washington, D.C.: Sept. 15, 2003) and Human Capital: Selected Agencies
Have Opportunities to Enhance Existing Succession Planning and
Management Efforts, GAO-05-585 (Washington, D.C.: June 30, 2005).
---------------------------------------------------------------------------
While we have not done work that addresses the impact of using
contractors on continuity problems at DHS, GAO has on-going work on
DHS's reliance on contractors and will be providing an update to
committee staff in the near future.
Question 9.: Please provide information regarding the extent to
which the Directorate of Management needs to be reorganized or even
eliminated.
Response: The Homeland Security Act of 2002 \11\ establishes that
the Under Secretary for Management is responsible for the transition
and reorganization process for the department and the Management
Directorate is currently responsible for carrying out this function. As
it may take several years, as in any merger, for the successful
implementation of the department, it is critical that DHS have a
dedicated team or leader in place to help manage its integration. As
the Comptroller General has testified, GAO continues to designate the
implementation and transformation of DHS as high risk because the
department had to transform 22 agencies--several with major management
challenges--into one department, and failure to effectively address its
management challenges and program risks could have serious consequences
for our national security. While the protection of the homeland is the
primary mission of the department, critical to meeting this challenge
is the integration of DHS's varied management processes, systems, and
people--in areas such as information technology, financial management,
procurement, and human capital--as well as in its administrative
services. In our recent high-risk report, we reported that DHS has yet
to implement a corrective action plan that includes a comprehensive
transformation strategy and its management systems--especially related
to financial, information, acquisition, and human capital management--
are not yet integrated and wholly operational.\12\
---------------------------------------------------------------------------
\11\ Pub. L. No. 107-296, Sec. 701(a) (9). Also, The Homeland
Security Act established five directorates within DHS for each of the
following areas: (1) management, (2) science and technology, (3)
information analysis and infrastructure protection, (4) border and
transportation security, and (5) emergency preparedness and response.
The U.S. Secret Service and the U.S. Coast Guard were also transferred
to DHS, but are not within a directorate.
\12\ GAO-07-310.
---------------------------------------------------------------------------
In 2005, we reported that as it was currently structured, the roles
and responsibilities of the DHS Under Secretary for Management
contained some of the characteristics of a Chief Operating Officer
(COO) or Chief Management Officer (CMO), but we suggested that the
Congress should consider whether a revised organizational arrangement
is needed to fully capture the roles and responsibilities of a COO/CMO
position, including whether the position contained sufficient authority
to elevate attention on management issues and transformational
change.\13\
---------------------------------------------------------------------------
\13\ GAO, Department of Homeland Security: A Comprehensive and
Sustained Approach Needed to Achieve Management Integration, GAO-05-139
(Washington, D.C.: Mar. 16, 2005).
Question 10.: Please provide us with the current functions of the
Business Transformation Office. Provide examples of models that would
be suitable to further DHS migration.
Response: At this time, we understand that the DHS Business
Transformation Office (BTO) has been eliminated. Because no two merger,
acquisition, or transformation efforts are exactly alike, the ``best''
approach for any given effort depends upon a variety of factors
specific to each context. Our prior work on mergers and
transformations, undertaken before the creation of DHS, concluded that
successful transformations of large organizations, even those faced
with less strenuous reorganizations than DHS, can take years to achieve
and certain key practices and implementation steps should be adopted to
ensure successful transformations.\14\ In our 2005 review of the
integration of DHS, we made recommendations based on these key
practices to assist DHS in building the infrastructure needed to manage
its merger or transformation and were particularly important to DHS at
this juncture in its management integration efforts.
---------------------------------------------------------------------------
\14\ GAO, Highlights of a GAO Forum, Mergers and Transformation:
Lessons Learned for a Department of Homeland Security and Other Federal
Agencies, GAO-03-293SP (Washington, D.C.: Nov. 14, 2002) and Results-
Oriented Cultures: Implementation Steps to Assist Mergers and
Organizational Transformations, GAO-03-669 (Washington, D.C.: July 2,
2003).
---------------------------------------------------------------------------
We recommended that DHS develop an overarching management
integration strategy for the department that would look across the
initiatives within each of the management functional units and clearly
identify the critical links that must occur among these initiatives,
among other things. The department should also use this strategy to
clearly communicate a consistent set of goals and the progress achieved
internally to all its employees, and externally to key stakeholders,
such as the Congress. In addition, we recommended that DHS designate a
dedicated implementation team, at the time that the BTO was just
forming, for the department's management integration and provide it
with the requisite authority and responsibility to help set priorities
and make strategic decisions to drive the integration across all
functions. The dedicated implementation team would also be responsible
for working with the Undersecretary for Management to develop and
implement the overarching management integration strategy. While the
BTO has been eliminated, we believe that it would be helpful for DHS to
have a dedicated team or coordinating body to help oversee and ensure
its management integration and transformation. See questions 22 and 31
for a more detailed discussion of the BTO and COO/CMO, respectively.
Question 11.: Why do you think DHS ranked at the bottom of the
just-released OPM survey of job satisfaction among federal employees
and made so little progress in two years since OPM's previous survey?
What does DHS need to be doing now so that it improves two years from
now?
Response: Seeking and monitoring employee attitudes and taking
appropriate follow-up actions, is one of the important implementation
steps in our work on organizational mergers and transformations.
Because people are drivers of any merger or transformation, it is vital
to monitor their attitudes, through pulse surveys, focus groups, or
confidential hotlines. While monitoring employee attitudes provides
good information, it is most important for employees to see that top
leadership not only listens to their concerns, but also takes actions
and makes appropriate adjustments in a visible way. We have not been
asked by the Congress, to date, to follow-up on the OPM survey results
at DHS. However, our prior work has shown that if DHS does not take
appropriate follow-up action on the survey results, negative attitudes
may translate into actions, such as employee departures, among other
things, that could have a detrimental effect on the continued
implementation and transformation of the department.
Question 12.: What steps have FEMA and DHS taken to resolve the
problems in FEMA's automated payment system, which uses out-dated
technology and, thus, had limited expansion capability to support
catastrophic disasters like Katrina?
Response: While GAO has not conducted additional work specifically
addressing the current status of the Federal Emergency Management
Agency's (FEMA) efforts to improve its automated payment system, the
Department of Homeland Security's Office of Inspector General reviewed
FEMA's Progress in Addressing Information Technology Management
Weaknesses in December 2006 (OIG-07-17) and reported that:
FEMA has made progress in several areas, particularly short-term
adjustments to prepare for the 2006 hurricane season. These
improvements primarily included increasing the National Emergency
Management Information System (NEMIS) capacity and online system access
and strengthening verification of registration data. In addition, FEMA
and its program offices specifically addressed our recommendations by
documenting training resources, developing a plan to implement its
enterprise architecture (EA), gathering requirements for new business
tools, and improving configuration management.
However, despite these positive steps, FEMA has not documented or
communicated a strategic direction to guide long-term IT investment and
system development efforts. FEMA also has not performed crosscutting
requirements gathering to determine business needs, which would allow
Information Technology Services Division (ITSD) personnel to analyze
alternatives to continued development of the complex, custom NEMIS
system. We note below several resource challenges for FEMA to
accomplish these tasks, including personnel needs, time limitations,
and funding constraints. For example, high-level officials acknowledged
the need for personnel who can effectively and efficiently manage
system development efforts, especially as key personnel are allocated
to assist in disaster and emergency response activities. Further, FEMA
officials told us that funding constraints also have prevented the
creation of sufficient training and testing environments. Therefore,
constrained by limited resources, FEMA has focused its efforts on
preparing for the 2006 hurricane season and has made little progress in
addressing long-term needs, such as updating strategic plans, defining
cross-cutting requirements, and evaluating systems alternatives.
Question 13.: Please explain the extent to which FEMA has acted on
the numerous GAO recommendations for addressing significant fraud,
waste, and abuse in FEMA's Individuals and Households Program (IHP) and
in Department of Homeland Security's purchase card program.
Response: As part of our audit of the FEMA's IHP and the DHS's
purchase card program, to date we have made 25 recommendations designed
to improve the management of these 2 programs. FEMA and DHS fully
concurred with 19 recommendations, and substantially or partially
concurred with the remaining 6 recommendations.
With respect to the purchase card program, DHS agreed with all our
recommendations and reported taking actions to address them. For
example, DHS stated that they had amended their purchase card manual in
order to incorporate suggested changes from our recommendations.
However, we have not performed testing to evaluate the effectiveness of
these actions.
With respect to the IHP, FEMA and DHS concurred with 13 of our
recommendations, and substantially or partially concurred with 6. DHS
and FEMA also reported that they have taken actions, or plan to take
actions, to implement many of our recommendations. These actions
include implementing identity and address verification on all IHP
registrations, implementing controls to prevent duplicate IHP
registrations using the same social security numbers, and implementing
a system change to prevent individuals from registering for assistance
using a Post Office box. However, we have not determined if these
actions adequately address all our recommendations, nor have we
performed audit or investigative work to test new controls. In
addition, in written comments on several of our reports, FEMA has
expressed concern and disagreement with some of our findings and
statistical projections of overall rates of potentially fraudulent and
improper payments. Until FEMA recognizes the significant weaknesses in
their individual assistance programs, they will continue to risk losing
billions of taxpayer dollars to fraud, waste, and abuse. We are also
planning to issue a follow up report to our December 6, 2006 testimony
which includes additional recommendations to DHS and FEMA on necessary
improvements to IHP and the purchase card program.
Question 14.: Has DHS begun to address any of GAO's seven
recommendations for improving DHS's oversight of cash advance funding
for first responder grants and associated interest liabilities? If so,
please explain how DHS is addressing these, including the
recommendation that urges the Department to identify the significant
issues that have resulted in delays in the drawdown and disbursement of
DHS grant funds.
Response: We were recently informed by DHS's Office of the Chief
Financial Officer that DHS's Preparedness Directorate's Office of
Grants and Training, which has been responsible for implementing our
recommendations, will be merged into FEMA and the recommendations will
be addressed by appropriate parties under the new organizational
structure. At this time, DHS plans to provide a response to our
recommendations by the end of April 2007.
Question 15.: As a result of the creation of Homeland Security in
2003, legacy INS and legacy Customs Special Agents were merged to
create the U.S. Immigration and Customs Enforcement agency. Customs
agents previously enforced over 400 federal laws and immigration agents
enforced laws pursuant to the Immigration and Nationality Act (Title
8). It appears that ICE agents are heavily focused on immigrations
investigations such as worksite enforcement. What measures are being
taken to insure a continuity of enforcement from both legacy missions?
Response: When ICE was created, it retained responsibility for
enforcing the customs and immigration laws that were the purview of its
legacy agencies. These include criminal statutes addressing the illegal
import and export of drugs, weapons, child pornography, stolen
antiquities, and other contraband, as well as alien smuggling, human
trafficking, and the international laundering and smuggling of criminal
proceeds. In March 2006 we testified that ICE's Office of
Investigations (OI) organizational structure and investigative
activities reflected those of both its principal legacy agencies--the
U.S. Customs Service and Immigration and Naturalization Service. To
ensure continuity of enforcement, OI established 3 major investigative
divisions--National Security, Finance and Trade, and Smuggling and
Public Safety--that incorporated the core missions and functions of
legacy immigration and customs investigations. In June 2006 we reported
ICE uses a combination of factors to allocate its investigative
resources, including whether an investigation indicates a potential
threat to national security, the execution of special programs run out
of headquarters divisions and units like Operation Community Shield,
which targets violent street gang members, and carry-over legacy
activities, such as support for implementation of the national drug
control strategy. Consequently, ICE performs a combination of
immigration--and customs-related investigations. Though we have not
assessed ICE's allocation of investigative resources recently, we found
that about half of ICE investigative resources were used for drug,
financial, and general alien investigations in fiscal years 2004 and
2005. The resource use in the other case categories pertains to
investigations of a variety of customs and immigration violations
including commercial fraud, general smuggling, human smuggling and
trafficking, identity fraud, document fraud, and worksite enforcement.
None of the investigative categories that apply to these violations
individually accounted for more than 8 percent of investigative
resource use during the period under study. In most instances these
other case categories accounted for 5 percent or less of resource use.
In order to guide the allocation of its investigative resources, we
recommended that DHS direct ICE to conduct a comprehensive risk
assessment to identify those violations with the highest probability of
occurrence and most significant consequences.\15\ DHS agreed with our
recommendation.
---------------------------------------------------------------------------
\15\ GAO, Homeland Security: Better Management Practices Could
Enhance DHS's Ability to Allocate Investigative Resources, GAO-06-462T
(Washington, D.C.: March 28, 2006).
Question 16.: What hurdles exist in getting the Transportation
Sector Specific Plan that was due over two years ago finalized and
published?
Response: GAO did not assess whether any hurdles existed or the
reasons for any delays in DHS' issuance of the Transportation Sector
Specific Plan. We have testified that it is important for DHS to
finalize and issue the plan and supporting plans as soon as possible so
that transportation stakeholders understand the federal government's
role with respect to security, as well as expectations for them. We
also testified on the importance of the Transportation Sector Specific
Plan and supporting plans being supported by relevant risk assessments
conducted or overseen by department.
Question 17.: In October of last year GAO sent a letter titled,
Combating Nuclear Smuggling: DHS's Cost-Benefit Analysis to Support the
Purchase of New Radiation Detection Portal Monitors Was Not Based on
Available Performance Data and Did Not Fully Evaluate All the Monitors'
Costs and Benefits to the chairman of both House and Senate
appropriations committees. Has there been any activity in the Inspector
General's office to look at DNDO's cost-benefit analysis and if so what
are you finding?
Response: We contacted the Director of Border and Transportation
Security in the DHS Inspector General's (IG) Office and were told the
DHS IG has not examined the Domestic Nuclear Detection Office's (DNDO)
cost-benefit analysis, nor does the DHS IG have any plans to examine
it.
Question 18.: As the government agency charged with securing the
nation's critical cyber infrastructure, how is DHS supposed to provide
adequate leadership to the nation's critical infrastructure owners when
the Department itself continues to receive failing grades on securing
its own critical infrastructure?
Response: DHS's continued shortfalls in fully implementing
effective information security over its computer systems could limit
its credibility in providing leadership to the nation's critical cyber
infrastructure owners. DHS needs to lead by example and improve its
information security. Also, in September 2006, DHS announced the
appointment of an Assistant Secretary for Cyber Security and
Telecommunications to better provide this leadership. While filling
this leadership position is an important step to enhancing DHS's
visibility to organizations that own and operate our nation's critical
infrastructures, DHS needs to improve on its efforts to fulfill its key
cybersecurity responsibilities. These responsibilities include
developing and enhancing national cyber analysis and warning
capabilities, providing and coordinating incident response and recovery
planning efforts, and identifying and assessing cyber threats and
vulnerabilities.
Question 19.: What steps have the Department taken to resolve flaws
in the way that FISMA evaluations are performed and what steps remain?
Response: The Department has reportedly increased the percentage of
systems for which controls had been tested and evaluated. In its
Federal Information Security Management Act (FISMA) report for 2004,
the department reported that 76 percent of its systems had been tested
and evaluated. For 2006, it reported that 88 percent of systems had
been evaluated, an increase of 12 percent. However, the department's
Office of Inspector General (OIG) reported in 2006 that only 64 percent
of the department's systems it reviewed had undergone such evaluations.
In addition, the OIG reported weaknesses with the way the department
documented control test results, residual risks, and contingency plan
test results. Thus, DHS needs to take steps to test and evaluate the
controls of all of its systems and adequately document the test results
and residual risks.
Question 20.: What is your office doing to ensure that the problems
that existed with regard to improving laptop computer security, prior
to Jay Cohen's appointment as the Science and Technology Directorate
Under-Secretary are addressed? Specifically, what is your office doing
to oversee S&T's efforts to develop a mature business model and prudent
project management practices?
Response: Although we have not been specifically requested to
review this issue at DHS? Science and Technology Directorate, GAO has
two on-going governmentwide audits that will address agency controls
related to laptop computer security. We are assessing federal policies
and procedures for protecting personal information on one audit and are
evaluating the use of encryption technologies at federal agencies on
another audit. Both of these audits will address elements of laptop
computer security and include the Department of Homeland Security.
Question 21.: What is your office doing to ensure that Under
Secretary Cohen develops a plan to strengthen workforce recruitment and
retention; improve institutional knowledge base; and create a culture
of responsibility within the Directorate?
Response: GAO's work on strategic workforce planning shows that it
addresses two critical needs, (1) aligning an organization's human
capital program with its current and emerging mission and programmatic
goals; and (2) developing long-term strategies for acquiring,
developing and retaining staff to achieve programmatic goals.\16\ While
we have not reviewed DHS's Science and Technology's Directorate's
strategic workforce planning or results-oriented culture, in December
2005, we evaluated the Directorate's ethics-related management controls
, particularly for its employees hired under the Intergovernmental
Personnel Act (IPA), and concluded that these controls needed
strengthening.\17\ Among other things, we recommended that the
Undersecretary of the Science and Technology Directorate needed to
finalize the Directorate's research and development process and define
and standardize the role of the IPA portfolio managers in this process,
and establish a monitoring and oversight program of ethic-related
management controls. Our ongoing work on several human capital issues
at DHS will also provide information on the use of IPA appointments at
the department.
---------------------------------------------------------------------------
\16\ GAO, Human Capital: Key Principles for Effective Strategic
Workforce Planning, GAO-04-39 (Washington, D.C.: Dec. 11, 2003).
\17\ GAO, Homeland Security: DHS Needs to Improve Ethics-Related
Management Controls for the Science and Technology Directorate, GAO-06-
206 (Washington, D.C.: Dec. 22, 2005).
Question 22.: In GAO-05-139, the GAO recommended that the
Department ``provide its Business Transformation Office (BTO) with the
authority and responsibility to serve as a dedicated integration team
and help develop and implement the strategy.''
Do you believe the Department has done this, and if
not what needs to be done?
What form do you believe a successful BTO in the
Department should take?
In as much specificity as possible, how would you
define the mission and goals of an effective BTO?
We understand that the BTO is being shut down. Do you
believe that the mission of the BTO can be performed
effectively within other parts of the Department, or is the
Department better served by having these functions centralized
in one office?
Response: As discussed in our response to question 10, to our
knowledge, DHS does not currently have a dedicated integration team nor
is the BTO in place to help guide its overall implementation and
transformation. In addition, while DHS has issued guidance and plans to
assist its integration efforts, on a function-by-function basis
(information technology and human capital, for example), it does not
have a comprehensive strategy, with overall goals and a time line, to
guide the management integration departmentwide.
GAO's research shows that it is important to dedicate a strong and
stable implementation team for the day-to-day management of a merger or
organizational transformation. Such a dedicated team should be vested
with necessary authority and resources to help set priorities, make
timely decisions, and move quickly to implement decisions for a
successful transformation. In addition, the team ensures that various
change initiatives are sequenced and implemented in a coherent and
integrated way. Furthermore, the team monitors and reports on the
progress of the integration to top leaders and across the organization,
enabling those leaders to make any necessary adjustments. Other
networks, including a senior executive council, functional teams, or
cross-cutting teams, can be used to help the implementation team manage
and coordinate the day-to-day activities of the merger or
transformation. The role of an integration team is to help monitor the
transformation and look for interdependencies among the individual
functional integration efforts. The dedicated team should report to the
highest levels of the organization and have the requisite
responsibility and authority to set priorities and make strategic
decisions for the integration, as well as implement the integration
strategy.
DHS actions, such as management directives clarifying roles for the
integration, can provide the Under Secretary for Management with
additional support. However, in our 2005 report, we noted that it was
still too early to tell whether the Under Secretary would have
sufficient authority to direct, and make trade-off decisions for the
integration, and institutionalize it departmentwide.\18\
---------------------------------------------------------------------------
\18\ GAO-05-139.
---------------------------------------------------------------------------
In addition to our responses above, as part of our follow-up on
recommendations made in our March 2005 report on DHS integration, DHS
provided us with its Management Directorate Strategic Plan, and a draft
plan on its high risk area of the implementation and transformation of
the department, which contains some information relative to developing
an agencywide management integration strategy, but there were no
timelines and milestones that would allow the completion of this
recommendation. To help ensure the completion of the transformation of
the department, our research indicates that a dedicated team, such as
the Business Transformation Office, can help ensure success.
Question 23.: It is our understanding that GAO has encountered
significant problems obtaining documentation from the Department of
Homeland Security. During the hearing, it was made clear the DHS is not
``denying'' the delivery of documentation, rather they are ``delaying''
the delivery of documentation. It is unclear to us what is meant by
``delayed.'' Please provide detailed examples of what GAO considers
``delayed,'' including examples of documents requested, dates the
documents were requested, and the dates the documents were received.
Response: DHS' process for handling documents and interviews
requested by GAO has caused inordinate delays. At many federal agencies
(and in some cases within DHS), we obtain what we need directly from
the program officials, often on the spot or very quickly after making
the request. The program staff keeps the agency liaisons informed of
interviews and documents provided to us. In contrast, the process used
in most of our interactions with DHS is overly layered and time-
consuming. We are required to submit requests for documents and
interviews to the component liaison staff, rather than directly to
program officials with whom we have met many times. The component
liaison often brings in component counsel (and sometimes DHS counsel).
The result is that on a broad range of our reviews our staff end up
waiting for weeks or months for information that could be provided
immediately or at least more quickly. In certain areas, specifically
reviews related to work on the response to Hurricane Katrina and
reviews involving FEMA and TSA, component counsel have reviewed
virtually every document before it is provided to us.
These procedures have caused delays which have impeded our ability
to meet timeframes for reporting to our requesters. DHS often provides
information very late in the process, when they realize that the
absence of specific data in our draft report will reflect negatively on
their programs. A related problem is that there has been a lack of
communication. It can take months for DHS to tell us that a document
doesn't exist. All we are told is that the agency is going through its
review process.
We need a commitment from DHS that it will streamline its review
processes to make them more efficient and that it will expedite our
requests for documents and meetings. It is much more effective when we
can deal directly with the program staff after we have held our
entrance conference at DHS. With regard to component counsel review of
documents, the original DHS management directive on GAO \19\ was set up
on the premise that counsel would not review all documents prior to
disclosure. Component counsel was to review only a subset of documents
to be provided to GAO, those identified by the component as potentially
being sensitive (a checklist provided to the component liaisons
identified the areas of sensitivity). To the extent that DHS finds it
necessary to screen certain sensitive documents, it should do this on
an exception basis. Other documents should be provided directly to GAO
without prior review or approval by counsel. If DHS foresees problems
providing a document (e.g., document doesn't exist or it raises special
sensitivities) it should advise GAO up front.
---------------------------------------------------------------------------
\19\ DHS GAO Management Directive #820, June 25, 2003.
---------------------------------------------------------------------------
In conjunction with GAO's own efforts to obtain access to documents
at DHS, congressional action has sometimes helped us to obtain
information. These actions can include a hearing where questions are
asked about the document delays, a letter signed from a Member to DHS,
or a phone call from a congressional staff member. We have generally
found that the Department is cooperative on reviews where the timing of
the release of DHS appropriations is related to the issuance of a GAO
review.
There are numerous instances of DHS delays in responding to GAO
document requests. The following are examples involving GAO work for
which you are a requester. First, in an audit of DHS detention
standards for aliens in its custody, we have experienced delays with
U.S. Immigration and Customs Enforcement (ICE) providing necessary
information and documentation. There have been multiple incidents
during the course of this engagement in which ICE provided only partial
information after lengthy delays. Each document, we were told by DHS
officials, had to go through the ICE legal vetting process. The
document requests included the following:
On September 27, 2006, GAO requested copies of American
Bar Association reviews of ICE detention facilities. The American Bar
Association performed the reviews and then provided them to ICE. The
ABA indicated to us that they had no problem with ICE providing the
information to GAO. Despite our requests, ICE still has not provided
copies of the reviews.
In October 2006, GAO requested copies of the latest ICE
compliance review for the San Diego Correctional Facility; Elizabeth
Contract Detention Facility; Denver Contract Detention Facility; and
the Suffolk County House of Corrections. They have yet to be provided,
despite our repeated requests for the documents.
On September 21, 2006, GAO requested a copy of the
detention facility telephone contract. ICE delayed for a month until
October 19, 2006, and then sent us a document that was almost entirely
redacted. The first ten pages of the contract were not included and the
rest of the contract had been significantly redacted by blacking out
pertinent information. ICE told GAO the redacted information was
``privileged,'' according to its lawyers. After repeated calls and
explanations of GAO's authority to access the information, ICE provided
the unredacted document.
We requested a set of additional documents related to the
detention phone contract on November 5, 2006. ICE did not respond to
this request for several months. Finally, ICE said they had the
documents ready for a January 17, 2007, meeting with GAO auditors. ICE
officials had the documents physically present at the meeting, but
would not let GAO have the documents or look at the documents because
they said they had not yet been vetted through their lawyers (even
though more than 2 months had passed since the original request). GAO
auditors made multiple follow-up calls, but ICE delayed another two and
a half weeks before providing the documents.
During a meeting in October 2006, we requested information
from the Department of Health and Human Services (HHS) regarding
medical treatment of detainees. HHS forwarded their response to DHS who
refused to give it to GAO until it had gone through the ICE attorneys'
``approval process.'' GAO did not get the information until February 9,
2007 (over 3 months later).
In another review that you joined as a requester, involving
terrorist watch lists, we experienced numerous delays in receiving
requested information from DHS, ranging from weeks to months. In one
case, we requested the status of DHS implementation of provisions of
Homeland Security Presidential Directives 6 and 11 that were directed
to DHS, including copies of applicable reports that were to be provided
to the President. We made this request in May 2006. In August 2006,
after several follow-up requests, our DHS audit liaison apologized for
the difficulty in finding someone at DHS to respond to our request. In
October 2006, the liaison referred us to the Director of the DHS
Screening Coordination Office, who told us the required reports had
been developed and that she would obtain copies for us. In February
2007, DHS finally provided a document that it said was compiled based
on the reports that it had submitted, excluding information related to
other departments and agencies.
The following questions were asked during the hearing, the
Committee requests that responses be provided in writing.
Question 24.: GAO has identified significant fraud, waste and abuse
in the control weaknesses in FEMA's individual and household programs
and in the DHS's purchase card account. What action has FEMA taken on
the recommendations to address these weaknesses?
Response: As noted in the response to question number 13, DHS
stated that they had amended their purchase card manual in order to
incorporate suggested changes from our recommendations. They have also
taken other actions, to include implementing identity and address
verification on all IHP registrations, implementing controls to prevent
duplicate IHP registrations using the same social security numbers, and
implementing a system change to prevent individuals from registering
for assistance using a Post Office box. However, we have not determined
if these actions adequately address all our recommendations, nor have
we performed audit or investigative work to test new controls.
Question 25.: What DHS components had financial management problems
before they were merged into the Department and what components have
them now?
Response: When DHS was created in March 2003 by merging 22 diverse
agencies, there were many known financial management weaknesses and
vulnerabilities in the inherited agencies. For 5 of the agencies that
transferred to DHS--Customs Service (Customs), Transportation Security
Administration (TSA), Immigration and Naturalization Service (INS),
Federal Emergency Management Agency (FEMA), and the Federal Law
Enforcement Training Center (FLETC)--auditors had reported 30
reportable conditions, 18 of which were considered material internal
control weaknesses. Further, of the four component agencies--Customs,
TSA, INS, and FEMA--that had previously been subject to stand-alone
audits, all four agencies--systems were found not to be in substantial
compliance with the requirements of the Federal Financial Management
Improvement Act of 1996 (FFMIA).
Some of these components continue to have financial management
weaknesses today. For example, the Office of Financial Management
(OFM), U.S. Coast Guard (USCG), TSA, FEMA, Immigration and Customs
Enforcement (ICE), and the Management Directorate were unable to
provide sufficient evidence to support account balances presented in
the financial statements and collectively contributed to the auditors'
inability to render an opinion. Further, DHS management and three of
its major components (USCG, TSA, and ICE) were unable to represent that
the financial statements were presented in conformity with U.S.
generally accepted accounting principles. USCG was previously part of
the Department of Transportation and its financial statements had never
been audited on a stand-alone basis. Those components that attributed
to material weaknesses in internal control for the area of financial
management and oversight in fiscal year 2006 were USCG and OFM.
Question 26.: We understand that FEMA's slow payment process for
victims during Katrina was the result of poor internal controls and
information sharing. What steps has the Department taken to resolve
those problems and what steps remain?
Response: As noted in the response to question 13 above, FEMA has
initiated changes that include identity and address verification on all
IHP registrations, implementing controls to prevent duplicate IHP
registrations using the same social security numbers, and implementing
a system change to prevent individuals from registering for assistance
using a Post Office box. If implemented and tested prior to a disaster,
effective internal controls over IHP registrations should not delay
providing assistance to individuals quickly. For example, many address
and identity validation processes can be accomplished almost
instantaneously and thus would not delay FEMA's response.
Question 27.: What are you currently showing as DHS's applications
backlog? Please separately provide the backlog for applications that
are pending for security background clearance checks.
Response: As of January 2007, DHS' U.S. Citizenship and Immigration
Services (USCIS) had about 3.4 million applications pending
adjudication. However, as defined by USCIS, its backlog of applications
constitutes only a portion of the inventory of all pending
applications. The Immigration Services and Infrastructure Improvements
Act defines backlog as the number of applications that have been
pending more than 6 months. However, USCIS' data systems cannot track
the number of applications that have been pending for more than 6
months. As a proxy, USCIS generally defines backlog as the number of
pending applications minus the number of applications received during
the last 6 months. USCIS also eliminates from its backlog estimate
applications for which an immigration benefit cannot be granted for
reasons outside of its control. For example, USCIS does not count
applications in which the State Department cannot grant a visa because
a visa allotment is not available and where USCIS is waiting for the
results of FBI name checks or additional information from the
applicant. In addition, USCIS does not include certain asylum
applications in its backlog count. Using USCIS' method for calculating
its backlog as described above, DHS reported that as of September 2006
its backlog had been eliminated. However, USCIS did acknowledge that
there were some applications that have been pending more than 6 months.
While we do not have any current information on the status of
applications awaiting security background clearance checks, as of
September 2006, USCIS reported about 157,000 applications were awaiting
the results of FBI name checks.
Question 28.: Are efforts being made to determine whether FEMA's
revamped systems will work in an actual disaster? For example, have
there been dry runs or other simulations?
Response: FEMA has conducted regional tabletop exercises for the
2006 hurricane season designed to improve understanding of federal,
state, and private-sector capabilities and expectations, including
those for evacuation and mass care. FEMA also plans to conduct regional
hurricane preparedness exercises prior to 2007 hurricane season. The
2006 exercises did not test the actual deployment and use of new
communications equipment, surveillance teams, and other changes that
FEMA has developed since Katrina.
FEMA has tested some of its newly developed capabilities in some
recent, smaller disasters, such as Hurricane Ernesto in 2006 and the
storms that recently wreaked destruction in the Southeast. However, to
our knowledge, FEMA has not conducted any exercises that have
realistically tested its newly developed capabilities in a
realistically simulated major disaster.
Under the Post-Katrina Reform Act, enacted in October 2006, FEMA is
to carry out a national training program to implement, and a national
exercise program to test and evaluate the National Preparedness Goal,
National Incident Management System, and the National Response Plan and
other related plans and strategies. Such training and exercises could
provide FEMA an opportunity to realistic test and evaluate the
improvements it is working to implement.
Question 29.: Does DHS have sufficient resources to deal with the
immigration applications if we were to have a temporary guest worker
program?
Response: In all likelihood, DHS would need additional resources to
implement a temporary guest worker program. According to one study, of
the estimated 11 million undocumented aliens in the United States in
2005, about 7 million were working. Assuming all or most of the 7
million apply for a temporary worker program, this number of applicants
would be more than the 6.7 million applications for all immigration
benefits USCIS completed in fiscal year 2006--in effect doubling
USCIS's workload. As it has done in the past, USCIS could hire
temporary adjudicators to deal with the expected surge in applications.
Under the law, immigration benefit application fees are to be set to
recover the full cost of providing immigration benefits.
Question 30.: We understand that FEMA's slow payment process for
victims during Katrina was the result of poor internal controls and
information sharing. What steps has the Department taken to resolve
those problems and what steps remain?
Response: As noted in the response to question 13 above, FEMA has
initiated changes that include identity and address verification on all
IHP registrations, implementing controls to prevent duplicate IHP
registrations using the same social security numbers, and implementing
a system change to prevent individuals from registering for assistance
using a Post Office box. If implemented and tested prior to a disaster,
effective internal controls over IHP registrations should not delay
providing assistance to individuals quickly. For example, many address
and identity validation processes can be accomplished almost
instantaneously and thus would not delay FEMA's response.
Questions from the Honorable Peter T. King, Ranking Minority Member
Question 31.: Mr. Walker, you have said that the Department of
Homeland Security and the Department of Defense each should establish a
new Deputy Secretary position specifically to focus on management and
transformation. You also advocated that this position should be filled
by longer-term executives to provide for greater continuity within the
departments.
A. What is your rationale for creating a new Deputy Secretary
position?
B. Why not simply augment the authorities of the existing Under
Secretary for Management within DHS?
C. Wouldn't a new Deputy Secretary be another layer of
bureaucracy which would overlap the role of the existing Deputy
Secretary at DHS and create confusion within the organization?
D. Wouldn't a longer-term executive serving in this new
position create inherent conflict with changes in leadership of
the Department?
Response: A. DHS faces enormous management and organizational
transformation challenges as it continues to simultaneously establish
itself, integrate numerous entities and systems, and protect the nation
from terrorism. Success would not simply result in a collection of
components in a new department, but the transformation of the various
programs and missions into a high-performing, focused organization.\20\
However, the size, complexity, and importance of DHS's mission make the
challenges involved especially daunting. As DHS and other agencies
across the federal government embark on large-scale organizational
change initiatives in order to address 21st century challenges, there
is a compelling need for a single organizational focus on key
management functions, such as human capital, financial management,
information technology, and acquisition management, as well as for
selected transformation initiatives within the department or agency. A
Chief Operating Officer (COO)/Chief Management Officer (CMO) or similar
position may effectively provide the continuing, focused attention
essential to successfully completing these multiyear
transformations.\21\
---------------------------------------------------------------------------
\20\ GAO, Highlights of a GAO Forum on High-Performing
Organizations: Metrics, Means, and Mechanisms for Achieving High
Performance in the 21st Century Public Management Environment, GAO-04-
343SP (Washington, D.C.: Feb. 13, 2004).
\21\ GAO, Highlights of a GAO Roundtable: The Chief Operating
Officer Concept: A Potential Strategy to Address Federal Governance
Challenges, GAO-03-192SP (Washington, D.C.: Oct. 4, 2002).
---------------------------------------------------------------------------
Establishing a COO/CMO position at DHS--with, importantly, the
appropriate level of responsibility and authority--could enable the
department to address the following.
Elevate attention on management issues and
transformational change. Top leadership attention is essential
to overcome organizations' natural resistance to change,
marshal the resources needed to implement change, and build and
maintain the organizationwide commitment to new ways of doing
business. We have previously reported that building an
effective DHS will require consistent and sustained leadership
from top management to ensure the needed transformation of
disparate agencies, programs, and missions into an integrated
organization.\22\
---------------------------------------------------------------------------
\22\ For example, see GAO-05-139, GAO-04-876R, and GAO-03-102.
---------------------------------------------------------------------------
Integrate various key management and transformation
efforts. The federal government often places management
responsibilities, such as information technology, human
capital, or financial management, into ``stovepipes'' and fails
to design and implement organizational transformation efforts
in a comprehensive, ongoing, and integrated manner. There needs
to be a single point within agencies with the perspective and
responsibility--as well as authority--to ensure the successful
implementation of functional management and, if appropriate,
transformation efforts.\23\
---------------------------------------------------------------------------
\23\ GAO, Chief Operating Officer Concept at DHS, GAO-04-876R
(Washington, D.C.: June 28, 2004).
---------------------------------------------------------------------------
Institutionalize accountability for addressing
management issues and leading transformational change.
Management weaknesses in some agencies are deeply entrenched
and longstanding and will take years of sustained attention and
continuity to resolve. In our previous work, we have noted that
the experiences of successful transformation initiatives in
large private and public sector organizations suggest that it
can often take at least 5 to 7 years until such initiatives are
fully implemented and the related cultures are transformed in a
sustainable manner.\24\ In the federal government, the frequent
turnover of the political leadership has often made it
extremely difficult to obtain the sustained attention required
to make needed changes.
---------------------------------------------------------------------------
\24\ GAO, Highlights of a GAO Forum: Mergers and Transformation:
Lessons Learned for a Department of Homeland Security and Other Federal
Agencies, GAO-03-293SP (Washington, D.C.: Nov. 14, 2002).
---------------------------------------------------------------------------
B. As currently structured, the roles and responsibilities of the
Under Secretary for Management at DHS contain some of the
characteristics of a COO/CMO position, such as elevating, integrating,
and institutionalizing responsibility for key functional management
initiatives. However, we have previously raised the issue of whether or
not the Under Secretary has sufficient authority to direct, and make
trade-off decisions for the management integration initiatives and the
institutionalization of them across the department.\25\ We have also
suggested that the Congress continue to closely monitor whether
additional leadership authorities are needed for the Under Secretary,
or whether a revised organizational arrangement is needed to fully
capture the roles and responsibilities of a COO/CMO position, including
a performance agreement and term limit.\26\
---------------------------------------------------------------------------
\25\ GAO-05-139.
\26\ GAO-05-139.
---------------------------------------------------------------------------
C.T1 As we have previously reported, the establishment of a COO/CMO
position needs to be considered carefully with regard to existing
positions and responsibilities so that it does not result in
unnecessary ``layering'' in a department or agency.\27\ Under this
concept, the COO/CMO provides a single organizational focus for key
management functions and change efforts. If the current Under Secretary
for Management position at DHS were elevated to a Deputy Secretary for
Management position, the incumbent would continue to be responsible for
coordinating and integrating key management functions, such as human
capital, financial management, information, technology, and acquisition
management, as well as selected transformation initiatives within the
department. The existing DHS Deputy Secretary position would then have
responsibility and authority for all mission-related components of the
department and the programmatic policies and operations of those
components.
---------------------------------------------------------------------------
\27\ GAO-04-876R.
---------------------------------------------------------------------------
Given the competing demands on deputy secretaries in executive
branch departments across the government to help execute the
President's policy and program agendas, it is not practical to expect
that they will be able to consistently undertake this vital integrating
responsibility. Moreover, while many deputy secretaries may be
nominated based in part on their managerial experience, it has not
always been the case, and not surprisingly, the management skills,
expertise, and interests of the deputy secretaries have always varied
and will continue to vary. As a result of short-term priorities and
other demands on the time of agency heads and their deputies, they
generally do not have the ability to focus enough dedicated attention
to management issues. Furthermore, top officials in the public sector
are typically political appointees who do not stay in their positions
long enough to effectively address key transformation initiatives.
D. In our prior work, we have concluded that sustained leadership
drives high-performing organizations to achieve results.\28\ A long-
term executive, such as a COO/CMO, could provide the continued focused
attention essential to completing organizational transformation
regardless of continual changes of the leadership in federal agencies.
High turnover among politically appointed leaders can make it difficult
to follow through with organizational transformation because the 5 to 7
years often needed to complete a transformation can easily outlast the
tenures of top political appointees.\29\ Given the continual turnover
in the leadership of federal agencies, it is particularly important for
appointees and senior career civil servants to develop good working
relationships from the beginning. People are the primary resource of
high-performing organizations and they need to be fully engaged for the
organization to achieve its mission and strategic goals and to
transform successfully.
---------------------------------------------------------------------------
\28\ GAO-04-343SP.
\29\ GAO, Results Oriented Cultures: Creating a Clear Linkage
Between Individual Performance and Organizational Success, GAO-03-488
(Washington, D.C.: Mar. 14, 2003).
---------------------------------------------------------------------------
Questions for the Record from the Honorable Marsha Blackburn
Question 32.: What is CIS's current backlog?
Does CIS count as a part of their backlog any
applications pending for security background checks or any that
are waiting for action from another agency?
If these were counted, what would be your estimate of
CIS's backlog?
In your opinion, does CIS have sufficient resources to
process more immigration applications if a temporary guest
worker program was implemented?
What types of risks would this type of program
generate?
Response: As we noted in our response to question 27, as of January
2007, USCIS had about 3.4 million applications pending adjudication.
However, USCIS considers only a portion of its pending applications
when computing its backlog and does exclude applications for which an
immigration benefit cannot be granted for reasons outside of its
control, such as applications where a visa is not yet available or
where USCIS is waiting for results of FBI name checks or additional
information from the applicant. Using USCIS' method for calculating its
backlog, DHS reported that as of September 2006 USCIS' backlog had been
eliminated. As we noted in our response to question 29, in all
likelihood, DHS would need additional resources to implement a
temporary guest worker program.
While it is difficult to predict what types of risks this type of
program could generate, results from some of our recent work may shed
some light on potential risks and challenges. In September 2006 we
reported on selected other countries' experience with foreign workers.
Experts and government officials noted that it was difficult to
successfully ensure foreign workers' on temporary work permits return
to their home countries, and as a result, countries we studied
estimated that a significant number of immigrants overstayed their work
permits, thus lapsing into illegal status. In addition, experts
suggested that temporary foreign worker programs or other initiatives
that increase the number of foreign workers legally admitted do not
help reduce illegal immigration flows but rather help increase
immigrant populations in receiving countries, which may encourage
further legal and illegal immigration flows. There is a risk that
individuals may fraudulently obtain a benefit under a temporary worker
program. In March 2006, we reported that immigration benefit fraud was
an ongoing and serious problem, accomplished by applicants submitting
fraudulent documents and sometimes facilitated by white collar and
other criminals. USCIS has not yet implemented some aspects of internal
control standards that could further enhance its ability to detect
fraud, such as providing adjudicators with the tools needed to better
detect fraud and performance goals to measure its benefit fraud
activities. In addition, although best practices advise that a credible
sanctions program is an integral part of fraud control, DHS did not
have a strategy for sanctioning those that commit fraud, limiting its
ability to project a convincing message that those who commit fraud
face a credible threat of punishment. Lastly, as was the case in 1986
when application processing resources were diverted to implement the
Immigration Reform and Control Act's legalization program, there is a
risk that application backlogs for other immigration benefits could
build because USCIS may have to divert resources to implement any new
temporary worker program.
Question 33.: Mr. Walker, DHS has implemented many requirements of
GPRA. What other requirements do they still need to meet?
Response: The Government Performance and Results Act (GPRA)
requires that agency strategic plans be updated at least every 3 years.
DHS has not yet updated its first strategic plan, which was released in
February 2004. In 2005, we reported that DHS's strategic plan does not
meet the GPRA-required element to describe the relationship between
annual and long-term goals, but does address the other five GPRA-
required elements--a mission statement, long-term goals, strategies to
achieve the goals, external key factors, and program evaluations.\30\
The linkage between annual and long-term goals is crucial for
determining whether an agency has a clear sense of how it will assess
progress toward achieving the intended results of its long-term goals.
DHS officials said that because of the limited time available to create
the strategic plan, they decided not to include a discussion of annual
performance goals in order to achieve broad consensus among agency
components on DHS's mission and long-term strategic goals and
objectives. We recommended that DHS's next strategic plan include such
a description. In addition, we recommended that DHS's next strategic
plan further develop the GPRA-required elements addressed in its first
strategic plan by adopting additional good strategic planning
practices, including a timeline for achieving long-term goals; a
description of the specific budgetary, human capital, and other
resources need to achieve those goals; a schedule of program
evaluations planned; and a discussion of strategies to ameliorate the
effect of any key external factors. DHS agreed with these
recommendations. DHS has also developed annual performance plans and
performance reports as required by GPRA, but we have not evaluated
whether these documents meet GPRA requirements.
---------------------------------------------------------------------------
\30\ GAO, Results Oriented Government: Improvements to DHS's
Planning Process Would Enhance Usefulness and Accountability, GAO-05-
300 (Washington, D.C.: Mar. 31, 2005).
Question 34.: What does DHS need to do to be in full compliance
with FFMIA?
Response: DHS needs to address its material weaknesses in internal
control and other reportable conditions reported by its independent
auditor that contributed to the department's non-compliance with the
Federal Financial Management Improvement Act of 1996 (FFMIA). For
example, DHS should conduct an assessment of its current financial
reporting process, with the goal of reducing complexity, implementing
appropriate internal controls, improving financial systems integration
and automating manual processes. FFMIA requires that agencies covered
by the Chief Financial Officers Act of 1990 implement and maintain
financial management systems that comply substantially with (1) federal
financial management system requirements, (2) applicable federal
accounting standards, and (3) the U.S. Government Standard General
Ledger at the transaction level. FFMIA emphasizes the need for agencies
to have systems that can generate timely, reliable, and useful
information with which to make informed decisions to ensure ongoing
accountability. According to its independent auditor, DHS and each
significant component of the department did not fully comply with at
least one of the requirements of FFMIA in fiscal year 2006. Until DHS
addresses the related material weaknesses in internal control and other
reportable conditions, the department will not be compliant with FFMIA.
Question 35.: Does DHS have an adequate plan that streamlines
coordination between FEMA and state and local governments?
Response: While the National Response Plan discusses the roles and
responsibilities of Federal, state, and local organizations in support
of domestic incident management, we have not evaluated the extent to
which the National Response Plan or other plans streamline coordination
between FEMA and state and local governments. We are currently
conducting a review of how states collaborate with each other--as well
as with key federal players such as FEMA--to efficiently deploy state,
local, and other resources across state lines in response to disasters
through the Emergency Management Assistance Compact. This work is being
conducted at the request of the Senate Committee on Homeland Security
and Governmental Affairs and we expect to issue our report later this
year, at which time we would be happy to share our findings with this
Committee.
Question 36.: How many procurement staff are needed to oversee
major acquisition projects?
Response: The number of procurement staff needed to oversee major
acquisition projects generally varies based on the complexity and size
for individual projects. Procurement and program management staff are
involved in oversight activities. DHS' workforce plan for fiscal years
2005--2008 includes a description of initiatives to certify and train
acquisition workforce professionals including contracting officers,
contracting officers' technical representatives, and program managers.
In September 2006, DHS reported on plans for increased staffing of the
eight component contracting offices and plans to initiate a program
manager needs assessment in the near future.
Question 37.: Who is the primary overseer of Coast Guard
acquisitions and Deepwater vessel designs?
Response: The Coast Guard is responsible for establishing, updating
and managing system operational requirements; responding to mission
demand and environment changes; and operating the system for the
Deepwater program. As the systems integrator, Integrated Coast Guard
Systems (ICGS) is responsible for designing and constructing the
system, developing associated concepts of operations and logistics
support plans, and delivering an Integrated Deepwater System that meets
system performance requirements. The Coast Guard and ICGS both have
responsibilities in managing the Deepwater acquisition. Central to the
management structure of the Deepwater program are Integrated Product
Teams (IPTs). IPTs are comprised of Coast Guard and ICGS members,
including subcontractors, who work collaboratively to accomplish a
specific objective within the acquisition program. The IPTs are ICGS-
led.\31\ IPTs serve as the Coast Guard's primary tool for managing the
program and overseeing the system integrator. We have reported that
IPTs have struggled to accomplish their mission.
---------------------------------------------------------------------------
\31\ Joint IPTs are ICGS-led with the exception of the Program
Management Team, which is co-chaired, and the Test and Evaluation IPT
which is Coast Guard led.
---------------------------------------------------------------------------
More broadly, the proper role of contractors in providing services
to the government is currently the topic of some debate. I believe
there is a need to focus greater attention on what type of functions
and activities should be contracted out and which ones should not.
There is also a need to review the current independence and conflict of
interest rules relating to contractors. Finally, there is a need to
identify the factors that prompt the government to use contractors in
circumstances where the proper choice might be the use of civil
servants or military personnel. Possible factors could include
inadequate force structure, outdated or inadequate hiring policies,
classification and compensation approaches, and inadequate numbers of
full-time equivalent slots.
Question 38.: Besides the lack of procurement staff to conduct
oversight, what other factors have caused problems in these areas?
Response: Since it was established in March 2003, DHS has been
faced with assembling 22 separate federal agencies and organizations
with multiple missions, values, and cultures into one cabinet-level
department. This mammoth task--one of the biggest mergers ever to take
place within the federal government--involves a variety of
transformational efforts, one of which is to design and implement the
necessary management structure and processes for acquiring goods and
services. To a great extent, the various acquisition organizations
within the department are still operating in a disparate manner, with
oversight of acquisition activities left primarily up to each
individual organization. DHS' progress in creating a unified
acquisition organization has been slowed by policy decisions that
create ambiguity. An October 2004 management directive emphasizes the
need for a unified, integrated acquisition organization but relies on a
system of dual accountability between the Chief Procurement Officer and
the heads of the department's organizations to make this happen. The
Chief Procurement Officer has been delegated the responsibility to
manage, administer, and oversee all acquisition activity across DHS,
but in practice enforcement of these activities is spread throughout
the department with unclear accountability. Further, the directive
states that the U.S. Coast Guard and U.S. Secret Service are
statutorily exempt from its application. Although the Homeland Security
Act provides that both the Coast Guard and the Secret Service shall be
maintained as distinct entities within the department, we found no
reasonable basis to conclude that the directive could not be made
applicable to them. Rather, it appears to be a policy decision that is
likely to hamper efforts to effectively integrate the acquisition
function in DHS.
Question 39.: What would be your recommendations on systems that
DHS should implement to prevent waste, fraud, and abuse?
Response: GAO has made numerous specific recommendations to FEMA
and DHS aimed at improving systems, processes, and internal controls
over the IHP and purchase card programs. In addition, GAO testified on
July 12, 2006 on the elements of a basic framework for fraud
prevention, detection, and prosecution related to individual disaster
assistance programs, and testified again on January 29, 2007 on fraud
prevention as part of the hurricane recovery effort. If DHS and FEMA
were to implement our specific recommendations and develop a
comprehensive fraud prevention framework as outlined in our
testimonies, DHS and FEMA should be in a position to effectively
minimize the risk for fraud, waste, and abuse within the purchase card
and individual assistance programs.
�