Information Technology: Major Federal Networks That Support	 
Homeland Security Functions (17-SEP-04, GAO-04-375).		 
                                                                 
A key information systems challenge in homeland security is	 
ensuring that essential information is shared in a timely and	 
secure manner among disparate parties in federal, state, and	 
local governments, and in the private sectors. This requires	 
communications networks that provide information-sharing	 
capabilities between the various levels of government--federal,  
state, and local. GAO's objective was to identify and describe,  
through agency reporting, major networks and examples of	 
applications that the agencies considered important in supporting
their homeland security functions. (For purposes of this review, 
GAO defined networks as "the data communication links that enable
computer systems to communicate with each other.") GAO		 
corroborated agency-provided information about networks used by  
multiple agencies. While agencies verified the accuracy of the	 
data about their networks, GAO cannot ensure that agencies	 
provided data on all applicable networks. In commenting on a	 
draft of this report, seven of the nine agencies generally	 
concurred with the facts contained in this report. Technical	 
comments were incorporated as appropriate. Two agencies declined 
to comment.							 
-------------------------Indexing Terms------------------------- 
REPORTNUM:   GAO-04-375 					        
    ACCNO:   A13155						        
  TITLE:     Information Technology: Major Federal Networks That      
Support Homeland Security Functions				 
     DATE:   09/17/2004 
  SUBJECT:   Counterterrorism					 
	     Domestic intelligence				 
	     Emergency preparedness				 
	     Government information dissemination		 
	     Information technology				 
	     National defense operations			 
	     National preparedness				 
	     Homeland security					 

******************************************************************
** This file contains an ASCII representation of the text of a  **
** GAO Product.                                                 **
**                                                              **
** No attempt has been made to display graphic images, although **
** figure captions are reproduced.  Tables are included, but    **
** may not resemble those in the printed version.               **
**                                                              **
** Please see the PDF (Portable Document Format) file, when     **
** available, for a complete electronic file of the printed     **
** document's contents.                                         **
**                                                              **
******************************************************************
GAO-04-375

                 United States Government Accountability Office

                     GAO Report to Congressional Requesters

September 2004

                                  INFORMATION
                                   TECHNOLOGY

        Major Federal Networks That Support Homeland Security Functions

                                       a

GAO-04-375

Highlights of GAO-04-375, a report to the Chairman, Senate Committee on
Governmental Affairs; the Chairman, House Committee on Government Reform,
and the Chairman of its Subcommittee on Technology, Information Policy,
Intergovernmental Relations and the Census

A key information systems challenge in homeland security is ensuring that
essential information is shared in a timely and secure manner among
disparate parties in federal, state, and local governments, and in the
private sectors. This requires communications networks that

September 2004

INFORMATION TECHNOLOGY

Major Federal Networks That Support Homeland Security Functions

Nine agencies identified 34 major networks that support homeland security
functions-32 that are operational and 2 that are being developed (see
table). Of these 34, 21 are single-agency networks designed for internal
agency communications. Six of the 34 are used to share information with
state and local governments; 4 share information with the private sector.

Numbers of Major Federal Homeland Security Networks

Operational In development

provide information-sharing Unclassified 8

capabilities between the various Sensitive But Unclassified 17 1 levels of
government-federal, Classifieda 7b 1c state, and local. 32 2 GAO's
objective was to identify and describe, through agency reporting, major
networks and examples of applications that the agencies considered
important in supporting their homeland security functions. (For purposes
of this review, GAO defined networks as "the data communication links that
enable computer systems to communicate with each other.") GAO corroborated
agency-provided information about networks used by multiple agencies.
While agencies verified the accuracy of the data about their networks, GAO
cannot ensure that agencies provided data on all applicable networks.

In commenting on a draft of this report, seven of the nine agencies
generally concurred with the facts contained in this report. Technical
comments were incorporated as appropriate. Two agencies declined

Source: GAO analysis of agency data.

aExcludes classified networks that are not publicly acknowledged.

bSecret (5), Top Secret (2).

cSecret.

The Department of Homeland Security is in the process of developing the
new Homeland Secure Data Network. It is intended to become a significant
vehicle for the sharing of homeland security information with state and
local governments and classified information among civilian agencies.

Agencies also provided examples of more than 100 major applications that
support homeland security mission areas. The following table describes 3
of 18 applications that GAO selected to illustrate the range of
applications used to support the various homeland security mission areas.

Three Network Applications That Provide Homeland Security Functions

                                  Responsible

Mission area Application department Network

Intelligence Modernized Joint Worldwide Intelligence and warning
Intelligence Defense Communications Systema Data Base (Classified/Top
Secret)

United States VisitorBorder and Immigration and Customs

transportation and Immigrant Status Homeland Enforcement Network security
Indicator Technology Security (Sensitive But Unclassified)(US-VISIT)

to comment. Patriot ActDomestic Treasury Communications Systema
counterterrorism Communications Treasury (Sensitive But
Unclassified)System

Source: GAO analysis of agency data.

aUsed by other agencies as well.

www.gao.gov/cgi-bin/getrpt?GAO-04-375.

To view the full product, including the scope and methodology, click on
the link above. For more information, contact David A. Powner at (202)
512-9286 or [email protected].

Contents

                                    Letter 1

Agency Comments and Our Evaluation 2

Appendixes

                                                                  Appendix I:
                                                                 Appendix II:
                                                                Appendix III:
                                                                 Appendix IV:
                                                                  Appendix V:

Briefing Provided to Staff of Congressional Requesters 5

Comments from the Department of Agriculture 54

Comments from the Department of the Treasury 55

Comments from the Department of Homeland Security 56

Comments from the Department of Health and Human
Services 58

Contents

Abbreviations

APHIS Animal and Plant Health Inspection Service
CDC Centers for Disease Control and Prevention
DHS Department of Homeland Security
DOD Department of Defense
DOE Department of Energy
DOJ Department of Justice
EPA Environmental Protection Agency
FBI Federal Bureau of Investigations
FDA Food and Drug Administration
FEMA Federal Emergency Management Agency
FSIS Food Safety Inspection Service
HHS Department of Health and Human Services
HSDN Homeland Secure Data Network
HUMINT human intelligence
IC intelligence community
JUTNet Justice United Telecommunications Network
JWICS Joint Worldwide Intelligence Communications System
LAN local area network
NIPRNet Non-Classified Internet Protocol Router Network
OIG Office of Inspector General
SBU sensitive but unclassified
SIPRNet Secret Internet Protocol Router Network
USDA Department of Agriculture
VPN virtual private network
WAN wide area network

This is a work of the U.S. government and is not subject to copyright
protection in the United States. It may be reproduced and distributed in
its entirety without further permission from GAO. However, because this
work may contain copyrighted images or other material, permission from the
copyright holder may be necessary if you wish to reproduce this material
separately.

A

United States Government Accountability Office Washington, D.C. 20548

September 17, 2004

The Honorable Susan M. Collins Chairman, Committee on Governmental Affairs
United States Senate

The Honorable Tom Davis Chairman, Committee on Government Reform House of
Representatives

The Honorable Adam H. Putnam Chairman, Subcommittee on Technology,
Information Policy, Intergovernmental Relations and the Census House of
Representatives

As you know, one of the information systems challenges in the homeland
security area is ensuring that critical information is shared in a timely
and secure manner with a variety of parties in federal, state, and local
governments, as well as in the private sector. It is important that
federal networks meet the vital communications needs of effective homeland
security, and do so in an efficient manner that includes information
sharing between the various levels of government. You asked us to identify
the major networks and examples of applications that are operational or
being developed by federal agencies to share information in support of
homeland security functions.1

We conducted work at the federal agencies that have major roles in
supporting these homeland security functions and asked agency officials to
identify and describe the networks and major applications considered most
important in supporting the homeland security functions for which they are
responsible. We obtained and analyzed information from 9 agencies on 34
different networks and over 100 applications. We conducted our work from
January through July 2004, in accordance with generally accepted
government auditing standards.

1We defined "homeland security" and its related functions according to the
Department of Homeland Security's National Strategy for Homeland Security
(July 2002). It defines homeland security as "a concerted national effort
to prevent terrorist attacks within the United States, reduce America's
vulnerability to terrorism, and minimize the damage and recover from
attacks that occur."

On July 30, we provided your offices with briefing information on the
results of this review. The purpose of this letter is to provide the
published briefing materials to you. (See app. I.)

In summary, we identified 34 major networks that support homeland security
functions-32 operational and 2 in development. Twenty-one of the 34 are
single-agency networks, indicating that they are used only for internal
agency communications. Further, 6 of the 34 networks share information
with state and local governments; 4 share information with the private
sector. One of the 2 networks under development-the Department of Homeland
Security's (DHS) Homeland Secure Data Network-is intended to become a
significant vehicle for future sharing of homeland security information
with state and local governments and classified information among civilian
agencies. The other network in development, the Department of Justice's
JUTNet (Justice United Telecommunications Network), is to replace the
department's existing network and transport information among departmental
components. Agencies also identified the Internet as a major network for
supporting homeland security functions. Cost data were not available for
all networks, but of the networks for which data were available, estimates
totaled about $1 billion per year for fiscal years 2003 and 2004.

In addition, agencies provided descriptions of over 100 applications as
examples of those that use existing networks, including the Internet, to
share information in support of homeland security. For example, DHS's
United States Visitor and Immigrant Status Indicator Technology (US-VISIT)
collects, maintains, and shares information on foreign nationals with the
Departments of Commerce, Justice, State, and Transportation using its
ICENet (Immigration and Customs Enforcement Network). And, the Department
of Defense's Modernized Intelligence Data Base supports anti-terrorist
activities through near-real-time, synchronized dissemination of military
intelligence using its JWICS (Joint Worldwide Intelligence Communications
System) network.

Agency Comments and 	We received written comments on a draft of this
report from the Director, Departmental GAO/OIG Liaison at the Department
of Homeland Security,

Our Evaluation	the Chief Counsel to the Inspector General at the
Department of Health and Human Services (HHS), the Deputy Assistant
Secretary and Chief Information Officer at the Department of the Treasury,
and the Chief Information Officer at the Department of Agriculture (USDA).
These four agencies generally concurred with the facts contained in our
report. DHS

officials provided technical comments generally consisting of changes to
descriptive information, which we incorporated as appropriate. HHS
officials provided information on another network it felt should have been
included, which we incorporated as appropriate. It also provided
additional examples of applications related to homeland security, which we
did not include because we had already reported significant examples of
applications. The Departments of Defense and Justice, and the
Environmental Protection Agency, provided oral comments stating that they
concurred with the facts in the report. The Departments of State and
Energy declined to comment. Written comments for DHS, HHS, Treasury, and
USDA are reproduced in appendices II through V.

Regarding our statement that the initial DHS enterprise architecture does
not include many of the networks we identified, DHS stated that the
initial enterprise architecture supported internal business processes and
systems and that future versions will address federal and other business
partners external to DHS. Regarding the Homeland Secure Data Network, the
department agreed with our finding that it is a significant initiative for
the sharing of classified homeland security information and that it has
developed a program plan to allow for future expansion of this effort.

Treasury officials raised concerns regarding the sensitivity of
information related to the networks and applications described in this
report. We have been cognizant of the sensitivity of this information
during the course of this engagement and have asked the agencies to review
the report for information they deem too sensitive for public release,
which they have done. The information in this report has been approved for
public release by the agencies responsible for their specific networks.

As agreed with your offices, unless you publicly announce its contents
earlier, we plan no further distribution of this report until 30 days from
the date on the report. At that time, we will send copies of the report to
the Chairmen and Ranking Minority Members of other Senate and House
committees and subcommittees having authorization and oversight
responsibilities for homeland security. We will also send copies to the
Secretary of Homeland Security and to the other agencies that participated
in our review. In addition, the report will be available at no charge on
the GAO Web site at http://www.gao.gov.

Should you or your offices have any questions about matters discussed in
this report, please contact me at (202) 512-9286 or by e-mail at

[email protected]. You may also contact M. Yvonne Sanchez, Assistant
Director, at (202) 512-6274 or by e-mail at [email protected]. Major
contributors to this report also included James C. Houtz, M. Saad Khan,
Nicholas H. Marinos, Teresa F. Tucker, and William F. Wadsworth.

David A. Powner Director, Information Technology Management Issues

Appendix I

Briefing Provided to Staff of Congressional Requesters