Post-Hearing Question From the May 8, 2003, Hearing on Barriers to Information Sharing at the Department of Homeland Security
Gao ID: GAO-03-985R July 7, 2003
This letter provides GAO's response for the record to the question posed by Congress concerning whether GAO believes that the Department of Homeland Security should consolidate databases in order to enable the correlation of relationships in that data that can point to developing threats.
Standardizing and consolidating stovepiped databases can offer significant benefits. In particular, it can help reduce or eliminate duplicative data capture and storage and enable faster data access and better data consistency, which can reduce costs as well as improve data reliability and sharing. Analyzing these benefits in relation to associated costs and risks, such as security and privacy, provides a basis for informed decisions about not only consolidation but also the appropriate level of consolidation. Effective development of enterprise architectures provides for performing such analysis. In the case of federal watch lists, we identified indicators (such as the number and variability of the lists and the commonality of their purposes) of opportunities to consolidate and standardize. Consequently, we recommended that the Department of Homeland Security determine the extent of watch list consolidation needed to accomplish its mission and that such consolidation be done as part of the department's efforts to develop an enterprise architecture.
GAO-03-985R, Post-Hearing Question From the May 8, 2003, Hearing on Barriers to Information Sharing at the Department of Homeland Security
This is the accessible text file for GAO report number GAO-03-985R
entitled 'Post-hearing Question From the May 8, 2003, Hearing on
Barriers to Information Sharing at the Department of Homeland Security'
which was released on July 07, 2003.
This text file was formatted by the U.S. General Accounting Office
(GAO) to be accessible to users with visual impairments, as part of a
longer term project to improve GAO products' accessibility. Every
attempt has been made to maintain the structural and data integrity of
the original printed product. Accessibility features, such as text
descriptions of tables, consecutively numbered footnotes placed at the
end of the file, and the text of agency comment letters, are provided
but may not exactly duplicate the presentation or format of the printed
version. The portable document format (PDF) file is an exact electronic
replica of the printed version. We welcome your feedback. Please E-mail
your comments regarding the contents or accessibility features of this
document to Webmaster@gao.gov.
This is a work of the U.S. government and is not subject to copyright
protection in the United States. It may be reproduced and distributed
in its entirety without further permission from GAO. Because this work
may contain copyrighted images or other material, permission from the
copyright holder may be necessary if you wish to reproduce this
material separately.
July 7, 2003:
The Honorable Tom Davis:
Chairman, Committee on Government Reform:
House of Representatives:
Subject: Post-hearing Question From the May 8, 2003, Hearing on
Barriers to Information Sharing at the Department of Homeland
Security:
Dear Mr. Chairman:
As requested, this letter provides our response for the record to the
question posed by Representative Michael Turner to GAO, in your letter
of June 13, 2003.
The GAO recently released a report on the sharing of terrorist watch
lists between federal, state, and local agencies (GAO-03-322).[Footnote
1] The report discussed the importance of an enterprise architecture
that served all agencies' needs. The report went on to discuss the role
of database architectures as an integral component of the overall
enterprise architecture. Specifically, the report pointed out the
problems encountered unless data is consolidated as opposed to relying
on decentralized databases. The report recommends that the agencies
move to consolidate these watch lists.
While your report is specific to terrorist watch lists, I am interested
in whether you believe that the Department of Homeland Security should
also be consolidating other "stovepiped" databases in order to enable
the correlation of relationships in that data that can point to
developing threats. Can you comment on this?
Standardizing and consolidating stovepiped databases can offer
significant benefits. In particular, it can help reduce or eliminate
duplicative data capture and storage and enable faster data access and
better data consistency, which can reduce costs as well as improve data
reliability and sharing. Analyzing these benefits in relation to
associated costs and risks, such as security and privacy, provides a
basis for informed decisions about not only consolidation but also the
appropriate level of consolidation. Effective development of enterprise
architectures provides for performing such analysis.
In the case of federal watch lists, we identified indicators (such as
the number and variability of the lists and the commonality of their
purposes) of opportunities to consolidate and standardize.
Consequently, we recommended that the Department of Homeland Security
determine the extent of watch list consolidation needed to accomplish
its mission and that such consolidation be done as part of the
department's efforts to develop an enterprise architecture.
We believe this approach--analyzing information and data needs and
solutions within the context of an enterprise architecture--is also
necessary to determine the extent to which all existing systems of the
department's 22 component agencies should be standardized and
consolidated. In fact, during the subject hearing, the department's
chief information officer testified that it plans to develop and use an
enterprise architecture to guide its systems consolidation and
integration. He stated that the department plans to issue the
enterprise architecture by the fall of 2003.
If you have any questions concerning this information, please contact
me at (202) 512-3439 or hiter@gao.gov, or Gary Mountjoy, Assistant
Director, at (202) 512-6367 or mountjoyg@gao.gov.
Sincerely yours,
Randolph C. Hite:
Director, Information Technology Architecture and Systems Issues:
Signed by Randolph C. Hite:
(310264):
FOOTNOTES
[1] U.S. General Accounting Office, Information Technology: Terrorist
Watch Lists Should Be Consolidated to Promote Better Integration and
Sharing, GAO-03-322 (Washington, D.C.: April 15, 2003).
The Justia Government Accountability Office site republishes public reports retrieved from the U.S. GAO These reports should not be considered official, and do not necessarily reflect the views of Justia.