[House Report 114-162]
[From the U.S. Government Publishing Office]
114th Congress} {Report
1st Session} HOUSE OF REPRESENTATIVES {114-162
======================================================================
DHS IT DUPLICATION REDUCTION ACT OF 2015
_______
June 17, 2015.--Committed to the Committee of the Whole House on the
State of the Union and ordered to be printed
_______
Mr. McCaul, from the Committee on Homeland Security, submitted the
following
R E P O R T
together with
ADDITIONAL VIEWS
[To accompany H.R. 1626]
[Including cost estimate of the Congressional Budget Office]
The Committee on Homeland Security, to whom was referred
the bill (H.R. 1626) to reduce duplication of information
technology at the Department of Homeland Security, and for
other purposes, having considered the same, report favorably
thereon with an amendment and recommend that the bill as
amended do pass.
CONTENTS
Page
Purpose and Summary.............................................. 2
Background and Need for Legislation.............................. 2
Hearings......................................................... 3
Committee Consideration.......................................... 3
Committee Votes.................................................. 4
Committee Oversight Findings..................................... 4
New Budget Authority, Entitlement Authority, and Tax Expenditures 4
Congressional Budget Office Estimate............................. 4
Statement of General Performance Goals and Objectives............ 5
Duplicative Federal Programs..................................... 5
Congressional Earmarks, Limited Tax Benefits, and Limited Tariff
Benefits....................................................... 5
Federal Mandates Statement....................................... 6
Preemption Clarification......................................... 6
Disclosure of Directed Rule Makings.............................. 6
Advisory Committee Statement..................................... 6
Applicability to Legislative Branch.............................. 6
Section-by-Section Analysis of the Legislation................... 6
Changes in Existing Law Made by the Bill, as Reported............ 8
Additional Views................................................. 9
The amendment is as follows:
Strike all after the enacting clause and insert the
following:
SECTION 1. SHORT TITLE.
This Act may be cited as the ``DHS IT Duplication Reduction Act of
2015''.
SEC. 2. DHS INFORMATION TECHNOLOGY DUPLICATION REDUCTION.
(a) Information Technology Duplication Reduction.--Not later than 90
days after the date of the enactment of this Act, the Chief Information
Officer of the Department of Homeland Security shall submit to the
Committee on Homeland Security of the House of Representatives and the
Committee on Homeland Security and Governmental Affairs of the Senate a
report that includes the following:
(1) The number of information technology systems at the
Department of Homeland Security.
(2) An assessment of the number of such systems exhibiting
duplication or fragmentation.
(3) A strategy for reducing such duplicative systems,
including an assessment of potential cost savings or cost
avoidance as a result of such reduction.
(4) A methodology for determining which system should be
eliminated when there is duplication or fragmentation.
(b) Definitions.--In this Act:
(1) The term ``duplication or fragmentation'' of information
technology systems means two or more systems or programs that
deliver similar functionality to similar user populations.
(2) The term ``information technology'' has the meaning given
such term in section 11101 of title 40, United States Code.
(c) No New Authorization of Funding.--This section shall be carried
out using amounts otherwise appropriated or made available to the
Department of Homeland Security. No additional funds are authorized to
be appropriated to carry out this section.
PURPOSE AND SUMMARY
H.R. 1626 requires the Chief Information Officer (CIO) of
the Department of Homeland Security (DHS) to identify
duplicative or fragmented information technology (IT) systems
within the Department and develop a strategy to reduce such
duplication or fragmentation.
BACKGROUND AND NEED FOR LEGISLATION
The Department of Homeland Security plans to spend billions
of dollars in the next five years on IT systems to support its
mission to secure the Homeland. DHS has taken steps to reduce
IT duplication and fragmentation through their own initiative
as well as the guidance of the Office of Management and Budget
(OMB). In a recent report GAO-15-296: Information Technology
Additional OMB and Agency Actions Needed to Ensure Portfolio
Savings are Realized and Effectively Tracked, GAO reviewed the
PortfolioStat program which requires ``26 agencies to conduct
an annual review of their commodity IT portfolio to . . .
achieve savings by identifying opportunities to consolidate
investments or move to shared services,'' and is ``intended to
assist agencies in meeting the targets and requirements under
other OMB initiatives aimed at eliminating waste and
duplication and promoting shared services.'' DHS was one of the
agencies that the GAO report focused. According to the report,
DHS in 2013 indicated that through implementation of the
program, it could realize savings of $1.4 billion between 2013
and 2015. In 2014, DHS adjusted its estimates to a savings of
$446.7 million. In recent reviews of the IT systems at DHS by
the GAO and the DHS Office of the Inspector General (OIG) and
briefings for staff by the DHS CIO, it became apparent that
there were concerns about DHS IT internal controls, such as
being only partially implemented and duplicative in their
functions. For example, the Federal Emergency Management Agency
(FEMA) is a decentralized federal agency with offices
throughout the nation. There are numerous inventories of IT
systems within FEMA that are not shared adequately with
Department leadership. Depending on the definition of IT
systems and tools, FEMA's regional offices employ between 90
and 700 IT systems, according to OIG-11-69: Federal Emergency
Management Agency Faces Challenges in Modernizing Information
Technology. Further, FEMA's IT inventory continues to fluctuate
without reason leading the Committee to believe that there are
not sufficient IT governance controls in place. These issues
raise concerns regarding the insufficient management of time,
money, and IT systems.
The DHS IT Duplication Reduction Act of 2015 requires the
DHS CIO to identify duplicated or fragmented information
technology systems within DHS and develop a strategy to reduce
these duplications or fragmentations. Enactment of H.R. 1626 is
necessary to hold DHS accountable for the management of
information technology systems.
HEARINGS
No hearings were held on H.R. 1626. However, the Committee
held oversight hearings listed below.
On March 19, 2013, the Subcommittee on Oversight and
Management Efficiency held a hearing entitled ``DHS Information
Technology: How Effectively has DHS Harnessed IT to Secure Our
Borders and Uphold Immigration Laws?'' The Subcommittee
received testimony from Ms. Margie Graves, Deputy Chief
Information Officer, U.S. Department of Homeland Security; Mr.
David Powner, Director, Information Technology Management
Issues, Government Accountability Office; and Mr. Charles K.
Edwards, Deputy Inspector General, U.S. Department of Homeland
Security.
On February 6, 2014, the Subcommittee also held a hearing
entitled ``Examining Challenges and Wasted Taxpayer Dollars in
Modernizing Border Security IT Systems.'' The Subcommittee
received testimony from Mr. David Powner, Director, Information
Technology Management Issues, U.S. Government Accountability
Office; Mr. Charles Armstrong, Assistant Commissioner, Office
of Information and Technology, U.S. Customs and Border
Protection, U.S. Department of Homeland Security; and Mr.
Thomas Michelli, Chief Information Officer, Immigration and
Customs Enforcement, U.S. Department of Homeland Security.
COMMITTEE CONSIDERATION
The Committee met on May 20, 2015, to consider H.R. 1626,
and ordered the measure to be reported to the House with a
favorable recommendation, amended, by voice vote. The Committee
took the following actions:
The following amendments were offered:
An Amendment in the Nature of a Substitute offered by Hurd of
Texas (#1); was AGREED TO by voice vote.
An Amendment by Ms. Jackson Lee to the Amendment in the Nature
of a Substitute (#1A); was AGREED TO by voice vote.
Page 2, beginning line 7, insert the following: (D) A methodology
for determining which system should be eliminated when there is
duplication or fragmentation.
The Subcommittee on Oversight and Management Efficiency met
on May 13, 2015, to consider H.R. 1626, and ordered the measure
to be reported to the Full Committee with a favorable
recommendation, amended, by voice vote. The Committee took the
following actions:
The following amendment was offered:
An amendment offered by Mrs. Watson Coleman (#1); was AGREED
TO by voice vote.
Page 2, line 13, strike ``that are duplicative'' and insert
``exhibiting duplication or fragmentation''.
Page 2, line 18 strike subsection (b) and insert a new subsection
entitled ``(b) Definitions.''
COMMITTEE VOTES
Clause 3(b) of rule XIII of the Rules of the House of
Representatives requires the Committee to list the recorded
votes on the motion to report legislation and amendments
thereto.
No recorded votes were requested during consideration of
H.R. 1626.
COMMITTEE OVERSIGHT FINDINGS
Pursuant to clause 3(c)(1) of rule XIII of the Rules of the
House of Representatives, the Committee has held oversight
hearings and made findings that are reflected in this report.
NEW BUDGET AUTHORITY, ENTITLEMENT AUTHORITY, AND TAX EXPENDITURES
In compliance with clause 3(c)(2) of rule XIII of the Rules
of the House of Representatives, the Committee finds that H.R.
1626, the DHS IT Duplication Reduction Act of 2015, would
result in no new or increased budget authority, entitlement
authority, or tax expenditures or revenues.
CONGRESSIONAL BUDGET OFFICE ESTIMATE
The Committee adopts as its own the cost estimate prepared
by the Director of the Congressional Budget Office pursuant to
section 402 of the Congressional Budget Act of 1974.
U.S. Congress,
Congressional Budget Office,
Washington, DC, June 3, 2015.
Hon. Michael McCaul,
Chairman, Committee on Homeland Security,
House of Representatives, Washington, DC.
Dear Mr. Chairman: The Congressional Budget Office has
prepared the enclosed cost estimate for H.R. 1626, the DHS IT
Duplication Reduction Act of 2015.
If you wish further details on this estimate, we will be
pleased to provide them. The CBO staff contact is Mark
Grabowicz.
Sincerely,
Keith Hall,
Director.
Enclosure.
H.R. 1626--DHS IT Duplication Reduction Act of 2015
H.R. 1626 would require the Department of Homeland Security
(DHS), within 90 days of the bill's enactment, to prepare a
report for the Congress on duplicative information technology
systems in the department. DHS is currently carrying out
activities similar to those required by the bill. Thus, CBO
estimates that implementing H.R. 1626 would not significantly
affect spending by the department. Enacting H.R. 1626 would not
affect direct spending or revenues; therefore, pay-as-you-go
procedures do not apply.
H.R. 1626 contains no intergovernmental or private-sector
mandates as defined in the Unfunded Mandates Reform Act and
would not affect the budgets of state, local, or tribal
governments.
The CBO staff contact for this estimate is Mark Grabowicz.
The estimate was approved by H. Samuel Papenfuss, Deputy
Assistant Director for Budget Analysis.
STATEMENT OF GENERAL PERFORMANCE GOALS AND OBJECTIVES
Pursuant to clause 3(c)(4) of rule XIII of the Rules of the
House of Representatives, H.R. 1626 contains the following
general performance goals and objectives, including outcome
related goals and objectives authorized.
The performance goals and objectives of H.R. 1626 include
the Department of Homeland Security taking a complete inventory
of IT systems and developing a strategy to optimize the IT
portfolio. Systems determined crucial to the DHS mission by the
CIO must report whether there is a contingency plan in the
event said IT system was inoperable. The inventory should set a
baseline for DHS IT. The inventory assessment and strategy will
allow the Committee to conduct additional oversight on DHS IT
systems.
DUPLICATIVE FEDERAL PROGRAMS
Pursuant to clause 3(c) of rule XIII, the Committee finds
that H.R. 1626 does not contain any provision that establishes
or reauthorizes a program known to be duplicative of another
Federal program.
CONGRESSIONAL EARMARKS, LIMITED TAX BENEFITS, AND LIMITED TARIFF
BENEFITS
In compliance with rule XXI of the Rules of the House of
Representatives, this bill, as reported, contains no
congressional earmarks, limited tax benefits, or limited tariff
benefits as defined in clause 9(e), 9(f), or 9(g) of the rule
XXI.
FEDERAL MANDATES STATEMENT
The Committee adopts as its own the estimate of Federal
mandates prepared by the Director of the Congressional Budget
Office pursuant to section 423 of the Unfunded Mandates Reform
Act.
PREEMPTION CLARIFICATION
In compliance with section 423 of the Congressional Budget
Act of 1974, requiring the report of any Committee on a bill or
joint resolution to include a statement on the extent to which
the bill or joint resolution is intended to preempt State,
local, or Tribal law, the Committee finds that H.R. 1626 does
not preempt any State, local, or Tribal law.
DISCLOSURE OF DIRECTED RULE MAKINGS
The Committee estimates that H.R. 1626 would require no
directed rule makings.
ADVISORY COMMITTEE STATEMENT
No advisory committees within the meaning of section 5(b)
of the Federal Advisory Committee Act were created by this
legislation.
APPLICABILITY TO LEGISLATIVE BRANCH
The Committee finds that the legislation does not relate to
the terms and conditions of employment or access to public
services or accommodations within the meaning of section
102(b)(3) of the Congressional Accountability Act.
SECTION-BY-SECTION ANALYSIS OF THE LEGISLATION
Section 1. Short title
This section provides that bill may be cited as the ``DHS
IT Duplication Reduction Act of 2015''.
Section 2. DHS information technology duplication reduction
Section 2(a)--Report on IT duplication reduction
This subsection requires the DHS CIO to submit a report to
the House Committee on Homeland Security and the Senate
Committee on Homeland Security and Governmental Affairs within
90 days of enactment. The report must include the number of IT
systems at DHS; an assessment of duplicative and fragmented
systems; a strategy to reduce duplicative and fragmented
systems including potential cost savings or cost avoidance as a
result of reduced duplication and fragmentation; and a
methodology for reducing duplication and fragmentation of
information technology systems based on requirements defined by
OMB. The report to Congress must include information consistent
with actions taken under OMB's IT-management initiatives
including PortfolioStat and TechStat, which help CIOs identify
IT inefficiencies.
The Committee notes that the assessment of IT inventory
required under this bill could also contribute to the
Department's efforts at addressing certain information security
concerns facing the Department. In December 2014, the OIG
reported that a lack of oversight at DHS resulted in the
operation of IT systems without the required authority to
operate (ATO). According to the OIG's Evaluation of DHS'
Information Security Program for Fiscal Year 2014, 191 systems
were found to be operating at DHS without ATO in Fiscal Year
2014. As a result, DHS cannot ensure that sensitive information
is sufficiently protected. Specifically, the OIG found that the
unwillingness of components within DHS to comply with the
required continuous monitoring data feeds. Another example the
OIG cited was that FEMA had five top-secret systems operating
without proper authority, some since August 2013. Further, OIG
indicates that two components still use the Microsoft Windows
XP operating system, which might be vulnerable to potential
exploits since Microsoft has stopped providing software updates
to mitigate security vulnerabilities.
The Committee urges DHS to use the information submitted
under the terms of this bill consistent with the information
DHS is providing as part of OMB's IT-management initiatives
such as PortfolioStat and TechStat. The Committee encourages
senior DHS leaders to collaborate in the preparation of the
inventory mandated by this bill. The Federal Information
Technology Acquisition Reform Act (FITARA) provided enhanced
authorities for agency CIOs to manage IT systems. [Pub. Law
113-291, Title VIII, Subtitle D, section 831]. The Committee
expects DHS to utilize this authority to provide the
information requested in this legislation.
The Committee intends for component CIOs and the DHS CIO to
identify what IT functions component agencies can leverage
through existing enterprise IT capabilities, versus what needs
to be specifically tailored for each component based on unique
mission and/or security requirements. The Committee expects the
inventory and strategy to encompass ``commodity IT'' or
ubiquitous back-office systems such as e-mail, workplace
collaboration, asset management, and purchasing systems where
little justification exists to pursue increasing levels of
customization and thus fragmentation. The Department's
compliance with this Act serves as a catalyst to change
existing ways of doing business and force the DHS CIO community
to make difficult decisions. Based on the critique of IT
experts and CIOs, the Committee intends for the strategy to set
milestones in increments of no more than six month periods.
Given that the strategy is intended to be consistent with
current actions DHS is already taking, the inventory of IT
systems should be readily available to the CIO and therefore
should not require more than 90 days to generate.
Section 2(b)--Definitions
This bill defines duplication or fragmentation of
information technology systems as two or more systems or
programs that deliver similar functionality to similar user
populations. OMB guidance currently requires DHS to take steps
to improve the efficiency and management of IT systems under
its purview. The intent of this legislation is to coincide with
guidance issued by OMB. H.R. 1626 uses the definition of
information technology as defined in section 11101(6) of title
40, United States Code.
The Committee intends for Section 2 to hold DHS accountable
for the IT system resources it is employing in an effort to
improve transparency and efficiency. The Committee intends for
the component CIOs to work with the CIO of DHS to comply with
the requirements of this bill and ensure that standards and
controls for IT management are applied consistently across DHS.
Section 2(c)--No new authorizing of funding
No additional funding will be authorized to carry out the
requirements of this bill.
CHANGES IN EXISTING LAW MADE BY THE BILL, AS REPORTED
H.R. 1626, as reported, makes no changes to existing law.
ADDITIONAL VIEWS
In Committee, I supported the underlying legislation, the
``DHS IT Duplication Reduction Act of 2015'' (H.R. 1626) and I
believe it will help address duplication and fragmentation
within the Department of Homeland Security's (DHS) information
technology (IT) systems.
That said, I am disappointed that the Majority chose to
omit key information in its discussion of ``Agency Actions
Needed to Ensure Portfolio Savings Are Realized and Effectively
Tracked'' (GAO-15-296) from the underlying Committee Report.
While the Committee Report notes that the Department
significantly downgraded its estimated cost savings from
adoption of more robust oversight of its IT portfolio between
2013 and 2014, it leaves out that the Government Accountability
Office (GAO) attributed the change to DHS ``erroneously
mislabeled planned savings figures reported to GAO in 2013.
Specifically, DHS stated that planned savings they reported for
fiscal years 2013, 2014, and 2015 actually represented
cumulative savings from fiscal year 2011 through those years.''
I would also note that the same GAO report did not address
how agencies had begun implementing OMB's guidance to improve
IT portfolio management but that there are significant
Government-wide reforms underway that may have significant
implications for the implementation of this measure.
Bennie G. Thompson.