Department of Homeland Security
Progress Made in Implementation of Management and Mission Functions, but More Work Remains Gao ID: GAO-08-457T February 13, 2008The Department of Homeland Security (DHS) began operations in March 2003 with missions that include preventing terrorist attacks from occurring within the United States, reducing U.S. vulnerability to terrorism, minimizing damages from attacks that occur, and helping the nation recover from any attacks. GAO has reported that the implementation and transformation of DHS is an enormous management challenge and that the size, complexity, and importance of the effort make the challenge especially daunting and critical to the nation's security. GAO's prior work on mergers and acquisitions found that successful transformations of large organizations, even those faced with less strenuous reorganizations than DHS, can take at least 5 to 7 years to achieve. This testimony is based on GAO's August 2007 report evaluating DHS's progress between March 2003 and July 2007, selected reports issued since July 2007, and our institutional knowledge of homeland security issues.
Since its establishment, DHS has made progress in implementing its management and mission functions in the areas of acquisition, financial, human capital, information technology, and real property management; border security; immigration enforcement and services; aviation, surface transportation, and maritime security; emergency preparedness and response; critical infrastructure protection; and science and technology. In general, DHS has made more progress in its mission areas than in its management areas, reflecting an initial focus on protecting the homeland. While DHS has made progress in implementing its functions in each management and mission area, we identified challenges remaining in each of these areas. These challenges include providing appropriate oversight for contractors; improving financial management and controls; implementing a performance-based human capital management system; implementing information technology management controls; balancing trade facilitation and border security; improving enforcement of immigration laws, enhancing transportation security; and effectively coordinating the mitigation and response to all hazards. Key issues that have affected DHS's implementation efforts are agency transformation, strategic planning and results management, risk management, information sharing, partnerships and coordination, and accountability and transparency. For example, GAO designated DHS's implementation and transformation as high-risk. While DHS has made progress in transforming its component agencies into a fully functioning department, it has not yet addressed key elements of the transformation process, such as developing a comprehensive transformation strategy. The Homeland Security Act of 2002, as amended, requires DHS to develop a transition and succession plan to guide the transition of management functions to a new Administration; DHS is working to develop and implement its approach for managing the transition. DHS has begun to develop performance goals and measures in some areas in an effort to strengthen its ability to measure its progress in key areas. We commend DHS's efforts and have agreed to work with the department to provide input to help strengthen established measures. DHS also has not yet fully adopted and applied a risk management approach in implementing its mission functions. Although some DHS components have taken steps to do so, this approach has not yet been implemented departmentwide. DHS's 5-year anniversary provides an opportunity for the department to review how it has matured as an organization. As part of our broad range of work reviewing DHS's management and mission programs, GAO will continue to assess DHS's progress in addressing high-risk issues. In particular, GAO will continue to assess the progress made by the department in its transformation and information sharing efforts.
GAO-08-457T, Department of Homeland Security: Progress Made in Implementation of Management and Mission Functions, but More Work Remains
This is the accessible text file for GAO report number GAO-08-457T
entitled 'Department of Homeland Security: Progress Made in
Implementation of Management and Mission Functions, but More Work
Remains' which was released on February, 2008.
This text file was formatted by the U.S. Government Accountability
Office (GAO) to be accessible to users with visual impairments, as part
of a longer term project to improve GAO products' accessibility. Every
attempt has been made to maintain the structural and data integrity of
the original printed product. Accessibility features, such as text
descriptions of tables, consecutively numbered footnotes placed at the
end of the file, and the text of agency comment letters, are provided
but may not exactly duplicate the presentation or format of the printed
version. The portable document format (PDF) file is an exact electronic
replica of the printed version. We welcome your feedback. Please E-mail
your comments regarding the contents or accessibility features of this
document to Webmaster@gao.gov.
This is a work of the U.S. government and is not subject to copyright
protection in the United States. It may be reproduced and distributed
in its entirety without further permission from GAO. Because this work
may contain copyrighted images or other material, permission from the
copyright holder may be necessary if you wish to reproduce this
material separately.
Testimony:
Before the Subcommittee on Homeland Security, Committee on
Appropriations, House of Representatives:
United States Government Accountability Office:
GAO:
For Release on Delivery Expected at 10:00 a.m. EST:
Wednesday, February 13, 2008:
Department Of Homeland Security:
Progress Made in Implementation of Management and Mission Functions,
but More Work Remains:
Statement of David M. Walker:
Comptroller General of the United States:
GAO-08-457T:
GAO Highlights:
Highlights of GAO-08-457T, testimony before the Subcommittee on
Homeland Security, Committee on Appropriations, House of
Representatives.
Why GAO Did This Study:
The Department of Homeland Security (DHS) began operations in March
2003 with missions that include preventing terrorist attacks from
occurring within the United States, reducing U.S. vulnerability to
terrorism, minimizing damages from attacks that occur, and helping the
nation recover from any attacks. GAO has reported that the
implementation and transformation of DHS is an enormous management
challenge and that the size, complexity, and importance of the effort
makes the challenge especially daunting and critical to the nation‘s
security. GAO‘s prior work on mergers and acquisitions found that
successful transformations of large organizations, even those faced
with less strenuous reorganizations than DHS, can take at least 5 to 7
years to achieve. This testimony is based on GAO‘s August 2007 report
evaluating DHS‘s progress between March 2003 and July 2007; selected
reports issued since July 2007; and our institutional knowledge of
homeland security issues.
What GAO Found:
Since its establishment, DHS has made progress in implementing its
management and mission functions in the areas of acquisition,
financial, human capital, information technology, and real property
management; border security; immigration enforcement and services;
aviation, surface transportation, and maritime security; emergency
preparedness and response; critical infrastructure protection; and
science and technology. In general, DHS has made more progress in its
mission areas than in its management areas, reflecting an initial focus
on protecting the homeland. While DHS has made progress in implementing
its functions in each management and mission area, we identified
challenges remaining in each of these areas. These challenges include
providing appropriate oversight for contractors; improving financial
management and controls; implementing a performance-based human capital
management system; implementing information technology management
controls; balancing trade facilitation and border security; improving
enforcement of immigration laws, enhancing transportation security; and
effectively coordinating the mitigation and response to all hazards.
Key issues that have affected DHS‘s implementation efforts include
agency transformation, strategic planning and results management, risk
management, information sharing, partnerships and coordination, and
accountability and transparency. For example, GAO designated DHS‘s
implementation and transformation as high-risk. While DHS has made
progress in transforming its component agencies into a fully
functioning department, it has not yet addressed key elements of the
transformation process, such as developing a comprehensive
transformation strategy. DHS must also develop a transition and
succession plan to guide the transition of management functions to a
new Administration, as required by legislation. DHS has set a target
time frame for completing this plan. DHS also has not always
implemented effective strategic planning efforts and has not yet fully
developed performance measures for some of its programs. DHS has begun
to develop performance goals and measures in an effort to strengthen
its ability to measures its progress in key areas. We commend DHS‘s
efforts and have agreed to work with the department to provide input to
help strengthen established measures. DHS also has not yet fully
adopted and applied a risk management approach in implementing its
mission functions. Although some DHS components have taken steps to do
so, this approach has not yet been implemented departmentwide.
DHS‘s 5 year anniversary provides an opportunity for the department to
review how it has matured as an organization. As part of our broad
range of work reviewing DHS management and mission programs, GAO will
continue to assess DHS‘s progress in addressing high-risk issues. In
particular, GAO will continue to assess the progress made by the
department in its transformation and information sharing efforts, and
assessing whether any progress made is sustainable over the long term.
What GAO Recommends:
While this testimony contains no new recommendations, GAO has made
approximately 900 recommendations to DHS to strengthen departmental
operations. DHS has implemented some of these recommendations and taken
actions to address others.
To view the full product, including the scope and methodology, click on
[hyperlink, http://www.GAO-08-457T]. For more information, contact Norm
Rabkin at (202) 512-8777.
[End of section]
Mr. Chairman and Members of the Subcommittee:
I appreciate the opportunity to appear today to discuss the Department
of Homeland Security's (DHS) efforts to implement its management and
mission functions. DHS began operations in March 2003 with missions
that include preventing terrorist attacks from occurring within the
United States, reducing U.S. vulnerability to terrorism, minimizing
damages from attacks that occur, and helping the nation recover from
any attacks. The department has initiated and continued the
implementation of various policies and programs to address these
missions as well as its nonhomeland security functions.[Footnote 1] DHS
has also taken a number of actions designed to integrate its management
functions and to transform its component agencies into an effective
cabinet-level department. Prior to the creation of DHS, we testified on
whether the reorganization of government agencies might better address
the nation's homeland security needs.[Footnote 2] At that time, we
identified that the nation had a unique opportunity to create an
effective and performance-based organization to strengthen the nation's
ability to protect its borders and citizens. We noted that the
magnitude of the challenges that the new department would face would
require substantial time and effort to overcome and that the
implementation of the new department would be extremely complex.
In 2003 we designated the implementation and transformation of DHS as
high-risk because it represented an enormous undertaking that would
require time to achieve in an effective and efficient manner.[Footnote
3] We further identified that the components that became part of the
department already faced a wide array of existing challenges, and any
failure to effectively carry out its mission would expose the nation to
potentially serious consequences. In designating the implementation and
transformation of DHS as high-risk, we noted that building an effective
department would require consistent and sustained leadership from top
management to ensure the needed transformation of disparate agencies,
programs, and missions into an integrated organization. Our prior work
on mergers and acquisitions, undertaken before the creation of DHS,
found that successful transformations of large organizations, even
those faced with less strenuous reorganizations than DHS, can take at
least 5 to 7 years to achieve.
Given our nation's current fiscal condition, it is critically important
for federal departments--including DHS--to operate as efficiently as
possible in carrying out their missions. I have spoken extensively
about the fiscal crisis our nation faces with the coming retirement of
the baby boom generation and the related growth in entitlement
spending. The current financial condition in the United States is worse
than is widely understood and is not sustainable. Meeting the long-term
fiscal challenge will require (1) significant entitlement reform; (2)
reprioritizing, restructuring, and constraining other spending
programs; and (3) additional revenues--such as through a reformed tax
system. These efforts will require bipartisan cooperation and
compromise.
In August 2007, we reported on the progress DHS had made since its
inception in implementing its management and mission
functions.[Footnote 4] We identified specific actions that DHS was to
achieve based on legislation, homeland security presidential
directives, DHS strategic planning documents, and other sources, and
reported on the progress the department made in implementing these
actions.
My testimony addresses the progress made by DHS in implementing its
management and mission functions in the areas of acquisition,
financial, human capital, information technology, and real property
management; border security; immigration enforcement; immigration
services; aviation, surface transportation, and maritime security;
emergency preparedness and response; critical infrastructure and key
resources protection; and science and technology. My testimony also
addresses key issues that have affected the department's implementation
efforts. These key issues include agency transformation, strategic
planning and results management, risk management, information sharing,
partnerships and coordination, and accountability and transparency. My
statement is based on the results of our August 2007 report evaluating
the extent to which DHS has achieved congressional and Administration
expectations set out for DHS in its management and mission areas;
selected products we issued on DHS since July 2007; and our
institutional knowledge of homeland security and various government
organizational and management issues. For our August 2007 report on DHS
progress, we conducted our work from September 2006 to July 2007. We
updated this work with selected reports in February 2008. We conducted
our work in accordance with generally accepted government auditing
standards. Those standards require that we plan and perform the audit
to obtain sufficient, appropriate evidence to provide a reasonable
basis for our findings and conclusions based on our audit objectives.
We believe that the evidence obtained provides a reasonable basis for
our findings and conclusions based on our audit objectives.
Summary:
DHS has made progress in implementing its management and mission
functions. For example, in its management areas DHS has made progress
in:
* implementing a strategic sourcing program to increase the
effectiveness of its buying power;
* taking steps to prepare corrective action plans for its internal
control weaknesses;
* issuing plans for its human capital system;
* taking actions to establish and institutionalize information
technology management controls; and:
* developing an asset management plan for its real property.
In its mission areas, DHS has made progress in:
* refining the screening of foreign visitors to the United States and
providing training for border personnel;
* conducting immigration enforcement actions at worksites and reducing
its backlog of immigration benefit applications;
* strengthening passenger, baggage, and air cargo screening at
airports;
* establishing security standards and conducting assessments and
inspections of surface transportation modes;
* developing programs for collecting information on incoming ships and
working with the private sector to improve and validate supply chain
security;
* enhancing emergency preparedness and response capabilities, such as
issuing a revised National Response Framework;
* identifying and assessing critical infrastructure threats and
vulnerabilities; and:
* coordinating with federal, state, local, and private sector entities
on homeland security technologies.
However, we identified challenges remaining in each of these areas.
These challenges include:
* providing appropriate oversight for contractors;
* improving financial management controls and correcting internal
control weaknesses;
* implementing a performance-based human capital management system;
* refining and implementing controls for information technology
management;
* improving the regulation of commercial trade while ensuring
protection against the entry of illegal goods and dangerous visitors at
U.S. ports of entry;
* improving enforcement of immigration laws, including worksite
immigration laws, and the provision of immigration services;
* fully integrating risk-based decision-making into some transportation
security programs; and:
* coordinating with states and first responders as they train and
practice under a revised National Response Framework.
A variety of cross-cutting issues have affected DHS's efforts to
implement its management and mission functions. These key issues are
agency transformation, strategic planning and results management, risk
management, information sharing, partnerships and coordination, and
accountability and transparency.
* We initially designated the implementation and transformation of DHS
as a high-risk area because it represented an enormous undertaking that
would require time to achieve and the components that were merged into
DHS already faced a wide array of existing challenges. We continued
this designation in 2005 and 2007 in part because DHS's management
systems and functions were not yet fully integrated and wholly
operational.[Footnote 5] We have recommended, among other things, that
agencies on the high-risk list produce a corrective action plan that
defines the root causes of identified problems, identifies effective
solutions to those problems, and provides for substantially completing
corrective measures in the near term. As of February 2008, DHS had not
yet completed such a corrective action plan. Moving forward, it will
also be important for DHS to develop comprehensive plans for managing
the upcoming transition between administrations to ensure continuity in
operations and minimize vulnerabilities, as required by legislation.
& DHS has not always implemented effective strategic planning efforts
and has not yet fully developed performance measures or put in place
structures to help ensure that the agency is managing for results. For
example, we have reported that some DHS component agencies have
encountered challenges in developing outcome-based goals and measures
to assess the performance of its programs. Since issuance of our August
2007 report, DHS has begun to develop performance goals and measures
for some areas in an effort to strengthen its ability to measures its
progress in key management and mission areas. We commend DHS's efforts
to measure its progress in these areas and have agreed to work with the
department to provide input to help strengthen established measures.
* Although the Secretary of Homeland Security has identified risk-based
decision making as a cornerstone of departmental policy, we have
reported that DHS can strengthen its efforts in applying risk-based
principles in support of its investment decisions. Some DHS component
agencies, such as the Coast Guard, have taken steps to apply risk-based
decision making in implementing some of its mission functions. However,
other components have not utilized such an approach or could strengthen
risk management efforts. To help support the application of risk-based
principles in homeland security investment decisions, I convened an
expert forum on risk management in October 2007 to discuss effective
risk management practices, challenges in implementing risk management
in homeland security, and solutions to address existing challenges. We
expect to share the results of this forum over the next few months.
* We designated information sharing for homeland security as high-risk
in part because the nation lacked an implemented set of governmentwide
policies and processes for sharing terrorism-related information. The
federal government has issued a strategy for how it will put in place
the overall framework and policies for sharing information with
critical partners and an implementation plan for the "information
sharing environment" required by the Intelligence Reform and Terrorism
Prevention Act of 2004, as amended. However, this environment remains
in the planning stage, and we have noted that completing the
environment is a complex task that will take multiple years and long-
term administration and congressional support and oversight and will
pose cultural, operational, and technical challenges that will require
a collaborated response. DHS has taken some steps to implement its
information sharing responsibilities, such as providing support for
information "fusion" centers.[Footnote 6]
* DHS has faced some challenges in developing effective partnerships
with other federal, state, local, private and nonprofit sector, and
international stakeholders, and in clarifying the roles and
responsibilities of these various partners. The National Strategy for
Homeland Security underscores the importance of DHS partnering with
other stakeholders. DHS has taken action to strengthen partnerships and
coordination efforts with public and private sector entities, such as
partnering with the Department of Transportation to strengthen the
security of surface modes of transportation, airlines to improve
aviation passenger and cargo screening, and the maritime shipping
industry to facilitate containerized cargo inspections. However, more
work remains as DHS seeks to form effective partnerships to leverage
resource and effectively carry out its homeland security
responsibilities.
* Accountability and transparency are critical to the department
effectively integrating its management functions and implementing its
mission responsibilities. We have reported that it is important that
DHS make its management or operational decisions transparent enough so
that Congress can be sure that it is effectively, efficiently, and
economically using the funding it receives annually[Footnote 7]. We
have encountered delays at DHS in obtaining access to needed
information. Over the past year, we have discussed ways to resolve
access issues with DHS, and our access has improved in certain areas.
For example, TSA has worked with us to improve their process for
providing us access to documentation. However, we continue to believe
that DHS needs to make systematic changes to its policies and
procedures for providing information to GAO to increase the
transparency of its efforts. Legislation enacted in December 2007
reinforces this position by restricting a portion of funds appropriated
to the DHS Office of Secretary and Executive Management until DHS
certifies and reports that it has revised its departmental guidance for
working with GAO and the DHS Office of Inspector General (IG) and
directing DHS to make these revisions in consultation with GAO and the
DHS I[Footnote 8]G. We look forward to collaborating with the
department on proposed revisions to its guidance.
Background:
In July 2002 President Bush issued the National Strategy for Homeland
Security. The strategy set forth overall objectives to prevent
terrorist attacks within the United States, reduce America's
vulnerability to terrorism, and minimize the damage and assist in the
recovery from attacks that occur. The strategy further identified a
plan to strengthen homeland security through the cooperation and
partnering of federal, state, local, and private sector organizations
on an array of functions. It also specified a number of federal
departments, as well as nonfederal organizations, that have important
roles in securing the homeland, with DHS having key responsibilities in
implementing established homeland security mission areas. This strategy
was updated and reissued in October 2007.
In November 2002 the Homeland Security Act of 2002 was enacted into
law, creating DHS. The act defined the department's missions to include
preventing terrorist attacks within the United States; reducing U.S.
vulnerability to terrorism; and minimizing the damages and assisting in
the recovery from attacks that occur within the United States. The act
further specified major responsibilities for the department, including
the analysis of information and protection of infrastructure;
development of countermeasures against chemical, biological,
radiological, and nuclear, and other emerging terrorist threats;
securing U.S. borders and transportation systems; and organizing
emergency preparedness and response efforts. DHS began operations in
March 2003. Its establishment represented a fusion of 22 federal
agencies to coordinate and centralize the leadership of many homeland
security activities under a single department.[Footnote 9]
We have evaluated many of DHS's management functions and programs since
the department's establishment and have issued over 400 related
products. In particular, in August 2007 we reported on the progress DHS
had made since its inception in implementing its management and mission
functions.[Footnote 10] We also reported on broad themes that have
underpinned DHS's implementation efforts, such as agency
transformation, strategic planning, and risk management. Over the past
5 years, we have made approximately 900 recommendations to DHS on ways
to improve operations and address key themes, such as to develop
performance measures and set milestones for key programs and implement
internal controls to help ensure program effectiveness. DHS has
implemented some of these recommendations, taken actions to address
others, and taken other steps to strengthen its mission activities and
facilitate management integration.
DHS Has Made Progress in Implementing Its Management and Mission
Functions but Has Faced Challenges in Its Implementation Efforts:
DHS has made progress in implementing its management and mission
functions in the areas of acquisition, financial, human capital,
information technology, and real property management; border security;
immigration enforcement; immigration services; aviation, surface
transportation, and maritime security; emergency preparedness and
response; critical infrastructure and key resources protection; and
science and technology. Overall, DHS made more progress in implementing
its mission functions than its management functions, reflecting an
initial focus on implementing efforts to secure the homeland. DHS has
had to undertake these critical missions while also working to
transform itself into a fully functioning cabinet department--a
difficult undertaking for any organization and one that can take, at a
minimum, 5 to 7 years to complete even under less daunting
circumstances. As DHS continues to mature as an organization, we have
reported that it will be important that it works to strengthen its
management areas since the effectiveness of these functions will
ultimately impact its ability to fulfill its mission to protect the
homeland.
Management Areas:
Acquisition Management. DHS's acquisition management efforts include
managing the use of contracts to acquire goods and services needed to
fulfill or support the agency's missions, such as information systems,
new technologies, aircraft, ships, and professional services. Overall,
DHS has made progress in implementing a strategic sourcing program to
increase the effectiveness of its buying power and in creating a small
business program. However, DHS's progress toward creating a unified
acquisition organization has been hampered by various policy decisions.
In September 2007 we reported on continued acquisition oversight issues
at DHS, identifying that the department had not fully ensured proper
oversight of its contractors providing services closely supporting
inherently government functions.[Footnote 11] For example, we found
that DHS program officials did not assess the risk that government
decisions may be influenced by, rather than independent from,
contractor judgments. Federal acquisitions policy requires enhanced
oversight of contractors providing professional and management support
services that can affect government decision making, support or
influence policy development, or affect program management. However,
most of the DHS program officials and contracting officers we spoke
with were unaware of this requirement, and, in general, did not believe
that their professional and management support service contracts
required enhanced oversight. We made several recommendations to DHS to
address these issues, including that DHS establish strategic-level
guidance for determining the appropriate mix of government and
contractor employees to meet mission needs; assess program office staff
and expertise necessary to provide sufficient oversight of selected
contractor services; and review contracts for selected services as part
of the acquisition oversight program.
Financial Management. DHS's financial management efforts include
consolidating or integrating component agencies' financial management
systems. In general, since its establishment, DHS has been unable to
obtain an unqualified or "clean" audit opinion on its financial
statements. For fiscal year 2007, the independent auditor issued a
disclaimer on DHS's financial statements and identified eight
significant deficiencies in DHS's internal controls over financial
reporting, seven of which were so serious that they qualified as
material weaknesses. DHS has taken steps to prepare corrective action
plans for its internal control weaknesses by, for example, developing
and issuing a departmentwide strategic plan for the corrective action
plan process and holding workshops on corrective action plans. Until
these weaknesses are resolved, DHS will not be in a position to provide
reliable, timely, and useful financial data to support day-to-day
decision making.
Human Capital Management. DHS's key human capital management areas
include pay, performance management, classification, labor relations,
adverse actions, employee appeals, and diversity management. Congress
provided DHS with significant flexibility to design a modern human
capital management system, and in October 2004 DHS issued its human
capital strategic plan. DHS and the Office of Personnel Management
jointly released the final regulations on DHS's new human capital
system in February 2005. Although DHS intended to implement the new
personnel system in the summer of 2005, court decisions enjoined the
department from implementing certain labor management portions of the
system. DHS has since taken actions to implement its human capital
system. In July 2005 DHS issued its first departmental training plan,
and in April 2007, it issued its Fiscal Year 2007 and 2008 Human
Capital Operational Plan. However, more work remains for DHS to fully
implement its human capital system, including developing a market-based
and performance-oriented pay system.
Information Technology Management. DHS's information technology
management efforts should include developing and using an enterprise
architecture, or corporate blueprint, as an authoritative frame of
reference to guide and constrain system investments; defining and
following a corporate process for informed decision making by senior
leadership about competing information technology investment options;
applying system and software development and acquisition discipline and
rigor when defining, designing, developing, testing, deploying, and
maintaining systems; establishing a comprehensive, departmentwide
information security program to protect information and systems; having
sufficient people with the right knowledge, skills, and abilities to
execute each of these areas now and in the future; and centralizing
leadership for extending these disciplines throughout the organization
with an empowered Chief Information Officer. DHS has undertaken efforts
to establish and institutionalize the range of information technology
management controls and capabilities noted above that our research and
past work have shown are fundamental to any organization's ability to
use technology effectively to transform itself and accomplish mission
goals. However, the department has significantly more to do before each
of its management controls and capabilities is fully in place and is
integral to how each system investment is managed. For example, in
September 2007 we reported on our assessment of DHS's information
technology human capital plan.[Footnote 12] We found that DHS's plan
was largely consistent with federal guidance and associated best
practices. In particular, the plan fully addressed 15 and partially
addressed 12 of 27 practices set forth in the Office of Personnel
Management's human capital framework. However, we reported that DHS's
overall progress in implementing the plan had been limited. We
recommended, among other things, that roles and responsibilities for
implementing the information technology human capital plan and all
supporting plans be clearly defined and understood. Moreover, DHS has
not fully implemented a comprehensive information security program.
While it has taken actions to ensure that its certification and
accreditation activities are completed, the department has not shown
the extent to which it has strengthened incident detection, analysis,
and reporting and testing activities.
Real Property Management. DHS's responsibilities for real property
management are specified in Executive Order 13327, "Federal Real
Property Asset Management," and include the establishment of a Senior
Real Property Officer, development of an asset inventory, and
development and implementation of an asset management plan and
performance measures. In June 2006, the Office of Management and Budget
(OMB) upgraded DHS's Real Property Asset Management Score from red to
yellow after DHS developed an Asset Management Plan, developed a
generally complete real property data inventory, submitted this
inventory for inclusion in the governmentwide real property inventory
database, and established performance measures consistent with Federal
Real Property Council standards.[Footnote 13] DHS also designated a
Senior Real Property Officer.
Mission Areas:
Border Security. DHS's border security mission includes detecting and
preventing terrorists and terrorist weapons from entering the United
States; facilitating the orderly and efficient flow of legitimate trade
and travel; interdicting illegal drugs and other contraband;
apprehending individuals who are attempting to enter the United States
illegally; inspecting inbound and outbound people, vehicles, and cargo;
and enforcing laws of the United States at the border. DHS has made
some progress in, for example, refining the screening of foreign
visitors to the United States and providing training and personnel
necessary to fulfill border security missions. In particular, as of
December 2006 DHS had a pre-entry screening capability in place in
overseas visa issuance offices and an entry identification capability
at 115 airports, 14 seaports, and 154 of 170 land ports of
entry.[Footnote 14] Furthermore, in November 2007 we reported on
traveler inspections at ports of entry and found that U.S. Customs and
Border Protection (CBP) had some success in identifying inadmissible
aliens and other violators.[Footnote 15] However, we also identified
weaknesses in CBP's operations at ports of entry and have reported on
challenges DHS faced in implementing its comprehensive border
protection system, called SBInet, and in leveraging technology,
personnel, and information to secure the border. For example, in our
November 2007 report on traveler inspections, we identified weaknesses
in CBP's operations, including not verifying the nationality and
admissibility of each traveler, which could increase the potential that
terrorists and inadmissible travelers could enter the United States. In
July 2007, CBP issued detailed procedures for conducting inspections,
including requiring field office managers to assess compliance with
these procedures. However, CBP had not established internal controls to
ensure that field office managers share their assessments with CBP
headquarters to help ensure that the new procedures were consistently
implemented across all ports of entry and reduced the risk of failed
traveler inspections. We recommended that DHS implement internal
controls to help ensure that field office directors communicate to
agency management the results of their monitoring and assessment
efforts and formalize a performance measure for the traveler inspection
program that identifies CBP's effectiveness in apprehending
inadmissible aliens and other violators.
Immigration Enforcement. DHS's immigration enforcement mission includes
apprehending, detaining, and removing criminal and illegal aliens;
disrupting and dismantling organized smuggling of humans and contraband
as well as human trafficking; investigating and prosecuting those who
engage in benefit and document fraud; blocking and removing employers'
access to undocumented workers; and enforcing compliance with programs
to monitor visitors. Over the past several years, DHS has strengthened
some aspects of immigration enforcement. For example, since fiscal year
2004 U.S. Immigration and Customs Enforcement (ICE) has reported
increases in the number of criminal arrests and indictments for
worksite enforcement violations. ICE also has begun to introduce
principles of risk management into the allocation of its investigative
resources. However, ICE has faced challenges in ensuring the removal of
criminal aliens from the United States. The agency has also lacked
outcome-based performance goals and measures for some its programs,
making it difficult for the agency and others to fully determine
whether its programs are achieving their desired outcomes.
Immigration Services. DHS's immigration services mission includes
administering immigration benefits and working to reduce immigration
benefit fraud. Although DHS has made progress in reducing its backlog
of immigration benefit applications, improvements are still needed in
the provision of immigration services, particularly by strengthening
internal controls to prevent fraud and inaccuracy. U.S. Citizenship and
Immigration Services (USCIS) has established a focal point for
immigration fraud, outlined a fraud control strategy that relies on the
use of automation to detect fraud, and has performed some fraud
assessments to identify the extent and nature of fraud for certain
benefits. However, USCIS has faced challenges in establishing a case
management system to manage applications and provide management
information and making other technological enhancements to its
application and adjudication processes, such as collecting and storing
biometric information on applicants and expanding its online
application filing capabilities. In July 2007, we reported on USCIS's
transformation efforts, noting that USCIS's transformation plans
partially or fully addressed most key practices for organizational
transformations.[Footnote 16] For example, USCIS had taken initial
steps in addressing problems identified during past efforts to
modernize by establishing a Transformation Program Office that reports
directly to the USCIS Deputy Director to ensure leadership commitment;
dedicating people and resources to the transformation; establishing a
mission, vision, and integrated strategic goals; focusing on a key set
of priorities and defining core values; and involving employees.
However, we found that more attention was needed in the areas of
performance management, strategic human capital management,
communications, and information technology management. We recommended
that DHS document specific performance measures and targets, increase
focus on strategic human capital management, complete a comprehensive
communications strategy, and continue developing sufficient information
technology management practices.
Aviation Security. DHS's aviation security mission includes
strengthening airport security; providing and training a screening
workforce; prescreening passengers against terrorist watch lists; and
screening passengers, baggage, and cargo. Since the Transportation
Security Administration (TSA) was established in 2001, it has focused
much of its effort on aviation security and has developed and
implemented a variety of programs and procedures to secure commercial
aviation. For example, TSA has undertaken efforts to strengthen airport
security; hire and train a screening workforce; prescreen passengers
against terrorist watch lists; and screen passengers, baggage, and
cargo. TSA has implemented these efforts in part to meet numerous
mandates for strengthening aviation security placed on the agency
following the September 11, 2001, terrorist attacks. However, DHS has
faced challenges in developing and implementing a program to match
domestic airline passenger information against terrorist watch lists;
fielding needed technologies to screen airline passengers for
explosives; and fully integrating risk-based decision making into some
of its programs. In November 2007, we reported that TSA continued to
face challenges in preventing unauthorized items from being taken
through airport checkpoints.[Footnote 17] Our independent testing
identified that while in most cases transportation security officers
appeared to follow TSA's procedures and used technology appropriately,
weaknesses and other vulnerabilities existed in TSA's screening
procedures.
Surface Transportation Security. DHS's surface transportation security
mission includes establishing security standards and conducting
assessments and inspections of surface transportation modes, including
passenger and freight rail, mass transit, highways, commercial
vehicles, and pipelines. Although TSA initially focused much of its
effort and resources on meeting legislative mandates to strengthen
commercial aviation security after September 11, 2001, TSA has more
recently placed additional focus on securing surface modes of
transportation, including establishing security standards and
conducting assessments and inspections of surface transportation modes
such as passenger and freight rail. However, more work remains for DHS
in developing and issuing security standards for all surface
transportation modes and in more fully defining the roles and missions
of its inspectors in enforcing security requirements.
Maritime Security. DHS's maritime security responsibilities include
port and vessel security, maritime intelligence, and maritime supply
chain security. DHS has developed national and regional plans for
maritime security and response and a national plan for recovery, and it
has ensured the completion of vulnerability assessments and security
plans for port facilities and vessels. DHS has also developed programs
for collecting information on incoming ships and working with the
private sector to improve and validate supply chain security. However,
DHS has faced challenges in implementing certain maritime security
responsibilities including, for example, a program to control access to
port secure areas and to screen incoming cargo for radiation. In
October 2007, we testified on DHS's overall maritime security efforts
as they related to the Security and Accountability for Every (SAFE)
Port Act of 2006.[Footnote 18] In that testimony we noted that DHS had
improved security efforts by establishing committees to share
information with local port stakeholders and taking steps to establish
interagency operations centers to monitor port activities, conducting
operations such as harbor patrols and vessel escorts, writing port-
level plans to prevent and respond to terrorist attacks, testing such
plans through exercises, and assessing security at foreign ports. We
further reported that DHS had strengthened the security of cargo
containers through enhancements to its system for identifying high-risk
cargo and expanding partnerships with other countries to screen
containers before they are shipped to the United States. However, we
reported on challenges faced by DHS in its cargo security efforts, such
as CBP's requirement to test and implement a new program to screen 100
percent of all incoming containers overseas--a departure from its
existing risk-based programs. Among our recommendations were that DHS
develop strategic plans, better plan the use of its human capital,
establish performance measures, and otherwise improve program
operations.
Emergency Preparedness and Response. DHS's emergency management
mission, now primarily consolidated in the Federal Emergency Management
Agency (FEMA), includes prevention, mitigation, preparedness for,
response to, and immediate recovery from major disasters and
emergencies of all types, whether the result of nature or acts of man.
The goal is to minimize damage from major disasters and emergencies by
working with other federal agencies, state and local governments,
nongovernment organizations, and the private sector to plan, equip,
train, and practice needed skills and capabilities to build a national,
coordinated system of emergency management. The Post-Katrina Emergency
Management Reform Act of 2006 specifies a number of responsibilities
for FEMA and DHS in the area of emergency preparedness and response
designed to address many of the problems identified in the various
assessments of the preparation for and response to Hurricane Katrina.
It addresses such issues as roles and responsibilities, operational
planning, capabilities assessments, and exercises to test needed
capabilities. DHS has taken some actions intended to improve readiness
and response based on our work and the work of congressional committees
and the Administration. For example, in January 2008 DHS issued a
revised National Response Framework intended to further clarify federal
roles and responsibilities and relationships among federal, state, and
local governments and responders, among others. However, these
revisions have not yet been tested. DHS has also made structural
changes in response to the Post-Katrina Emergency Management Reform Act
that, among other things, are designed to strengthen FEMA. DHS has also
announced a number of other actions to improve readiness and response.
However, until states and first responders have an opportunity to train
and practice under some of these changes, it is unclear what impact, if
any, they will have on strengthening DHS's emergency preparedness and
response capabilities.
Critical Infrastructure and Key Resources Protection. DHS's critical
infrastructure and key resources protection activities include
developing and coordinating implementation of a comprehensive national
plan for critical infrastructure protection, developing partnerships
with stakeholders and information sharing and warning capabilities, and
identifying and reducing threats and vulnerabilities. DHS has developed
a national plan for critical infrastructure and key resources
protection and undertaken efforts to develop partnerships and to
coordinate with other federal, state, local and private sector
stakeholders. DHS has also made progress in identifying and assessing
critical infrastructure threats and vulnerabilities. For example, in
July and October 2007 we reported on critical infrastructure sectors'
sector-specific plans.[Footnote 19] We reported that although nine of
the sector-specific plans we reviewed generally met National
Infrastructure Protection Plan requirements and DHS's sector-specific
plan guidance, eight plans did not address incentives the sectors would
use to encourage owners to conduct risk assessments, and some plans
were more comprehensive than others when discussing their physical,
human, and cyber assets, systems, and functions. We recommended that
DHS better (1) define its critical infrastructure information needs and
(2) explain how the information will be used to attract more users. We
also reported that the extent to which the sectors addressed aspects of
cyber security in their sector-specific plans varied and that none of
the plans fully addressed all 30 cyber security-related criteria. DHS
officials said that the variance in the plans can primarily be
attributed to the levels of maturity and cultures of the sectors, with
the more mature sectors--sectors with preexisting relationships and a
history of working together--generally having more comprehensive and
complete plans than more newly established sectors without similar
prior relationships. Regarding cyber security, we recommended a
September 2008 deadline for sector-specific agency plans to fully
address cyber-related criteria. Although DHS has made progress in these
areas, it has faced challenges in sharing information and warnings on
attacks, threats, and vulnerabilities and in providing and coordinating
incident response and recovery planning efforts. For example, we
identified a number of challenges to DHS's Homeland Security
Information Network, including its coordination with state and local
information sharing initiatives.[Footnote 20]
Science and Technology. DHS's science and technology efforts include
coordinating the federal government's civilian efforts to identify and
develop countermeasures to chemical, biological, radiological, nuclear,
and other emerging terrorist threats. DHS has taken steps to coordinate
and share homeland security technologies with federal, state, local,
and private sector entities. However, DHS has faced challenges in
assessing threats and vulnerabilities and developing countermeasures to
address those threats. With regard to nuclear detection capabilities,
in September 2007 we reported on DHS's testing of next generation
radiation detection equipment.[Footnote 21] In particular, we reported
that the Domestic Nuclear Detection Office (DNDO) used biased test
methods that enhanced the performance of the next generation equipment
and that, in general, the tests did not constitute an objective and
rigorous assessment of this equipment. We recommended that DNDO delay
any purchase of this equipment until all tests have been completed,
evaluated, and validated.
Cross-cutting Issues Have Hindered DHS's Implementation Efforts:
Our work has identified cross-cutting issues that have hindered DHS's
progress in its management and mission areas. We have reported that
while it is important that DHS continue to work to strengthen each of
its core management and mission functions, it is equally important that
these key issues be addressed from a comprehensive, departmentwide
perspective to help ensure that the department has the structure and
processes in place to effectively address the threats and
vulnerabilities that face the nation. These issues are: (1)
transforming and integrating DHS's management functions; (2) engaging
in effective strategic and transition planning efforts and establishing
baseline performance goals and measures; (3) applying and improving a
risk management approach for implementing missions and making resource
allocation decisions; (4) sharing information with key stakeholders;
and (5) coordinating and partnering with federal, state, local, and
private sector agencies entities. In addition, accountability and
transparency are critical to the department effectively integrating its
management functions and implementing its mission responsibilities.
Agency Transformation:
DHS has faced an enormous management challenge in its transformation
efforts as it works to integrate 22 component agencies. Each component
agency brought differing missions, cultures, systems, and procedures
that the new department had to efficiently and effectively integrate
into a single, functioning unit. At the same time it has weathered
these growing pains, DHS has had to fulfill its various homeland
security and other missions. DHS has developed a strategic plan, is
working to integrate some management functions, and has continued to
form necessary partnerships to achieve mission success. Nevertheless,
in 2007 we reported that DHS's implementation and transformation
remained high-risk because DHS had not yet developed a comprehensive
management integration strategy and its management systems and
functionsæespecially related to acquisition, financial, human capital,
and information managementæwere not yet fully integrated and wholly
operational. We identified that this array of management and
programmatic challenges continued to limit DHS's ability to carry out
its roles under the National Strategy for Homeland Security in an
effective, risk-based way.
We have recommended, among other things, that agencies on the high-risk
list produce a corrective action plan that defines the root causes of
identified problems, identifies effective solutions to those problems,
and provides for substantially completing corrective measures in the
near term. Such a plan should include performance metrics and
milestones, as well as mechanisms to monitor progress. OMB has stressed
to agencies the need for corrective action plans for individual high-
risk areas to include specific goals and milestones. GAO has said that
such a concerted effort is critical and that our experience has shown
that perseverance is critical to resolving high-risk issues. In the
spring of 2006, DHS provided us with a draft corrective action plan
that did not contain key elements we have identified as necessary for
an effective corrective action plan, including specific actions to
address identified objectives. As of February 2008, DHS had not yet
completed a corrective action plan. According to DHS, the department
plans to use its revised strategic plan, which is at OMB for final
review, as the basis for its corrective action plan.
The significant challenges DHS has experienced in integrating its
disparate organizational cultures and multiple management processes and
systems make it an appropriate candidate for a Chief Operating Officer/
Chief Management Officer (COO/CMO) as a second deputy position or
alternatively as a principal undersecretary for management position.
Designating the Undersecretary for Management at DHS as the CMO at an
Executive Level II is a step in the right direction, but this change
does not go far enough. A COO/CMO for DHS with a limited term that does
not transition across administrations will not help to ensure the
continuity of focus and attention needed to protect the security of our
nation. A COO/CMO at the appropriate organizational level at DHS, with
a term appointment, would provide the elevated senior leadership and
concerted and long-term attention required to marshal its
transformation efforts.
As part of its transformation efforts, it will be especially important
for the department to effectively manage the approaching transition
between administrations and sustain its transformation through this
transition period. Due to its mission's criticality and the increased
risk of terror attacks during changes in administration as witnessed in
the United States and other countries, it is important that DHS take
steps to help ensure a smooth transition to new leadership. According
to the Homeland Security Act of 2002, as amended, DHS is required to
develop a transition and succession plan to guide the transition of
management functions to a new Administration by December 2008.[Footnote
22] DHS is working to develop and implement plans and initiatives for
managing the transition. Moreover, the Homeland Security Advisory
Council issued a report in January 2008 on the pending transition,
making recommendations in the broad categories of threat awareness,
leadership, congressional oversight/action, policy, operations,
succession, and training. DHS is taking action to address some
challenges of the approaching transition period, including filling some
leadership positions traditionally held by political appointees with
career professionals. The department is also undertaking training and
cross-training of senior career personnel that would address the
council's concerns for leadership and operational continuity. However,
some other Homeland Security Advisory Council recommendations, such as
building a consensus among current DHS officers regarding priority
policy issues, could prove more difficult for DHS to implement,
particularly in light of the need to clarify roles and responsibilities
across the department and its ongoing transformation efforts.
Strategic Planning and Results Management:
Strategic planning is one of the critical factors necessary for the
success of new organizations. This is particularly true for DHS, given
the breadth of its responsibility and the need to clearly identify how
stakeholders' responsibilities and activities align to address homeland
security efforts. However, DHS has not always implemented effective
strategic planning efforts and has not yet fully developed performance
measures or put into place structures to help ensure that the agency is
managing for results. DHS has developed performance goals and measures
for some of its programs and reports on these goals and measures in its
Annual Performance Report. However, some of DHS's components have not
developed adequate outcome-based performance measures or comprehensive
plans to monitor, assess, and independently evaluate the effectiveness
of their plans and performance. Since the issuance of our August 2007
report, DHS has begun to develop performance goals and measures for
some areas in an effort to strengthen its ability to measures its
progress in key management and mission areas. We commend DHS's efforts
to measure its progress in these areas and have agreed to work with the
department to provide input to help strengthen established measures.
Risk Management:
DHS cannot afford to protect everything against all possible threats.
As a result, the department must make choices about how to allocate its
resources to most effectively manage risk. Risk management has been
widely supported by the President and Congress as a management approach
for homeland security, and the Secretary of Homeland Security has made
it the centerpiece of departmental policy. A risk management approach
can help DHS make decisions more systematically and is consistent with
the National Strategy for Homeland Security and DHS's strategic plan,
which have all called for the use of risk-based decisions to prioritize
DHS's resource investments regarding homeland security-related
programs. DHS and several of its component agencies have taken steps
toward integrating risk-based principles into their decision-making
processes. On a component agency level, the Coast Guard, for example,
has developed security plans for seaports, facilities, and vessels
based on risk assessments. TSA has also incorporated risk-based
decision making into a number of its programs, such as programs for
securing air cargo, but has not yet completed these efforts.
In October 2007, I convened an expert forum on risk management to
assist Congress and federal agencies, including DHS, by advancing the
national dialogue on risk management challenges in homeland security
and by helping to identify potential solutions to these complex
challenges. The forum brought together a diverse array of experts,
including representatives from DHS, other government agencies,
nonprofit organizations, industry, and academia. The purpose of the
forum was to identify: (1) lessons learned from leading organizations
regarding the effective use of risk management practices; (2) key
challenges faced by public and private organizations in adopting and
implementing a risk-based approach for homeland security; and (3)
actions that should be taken in the near-and long-term to address the
most pressing of these challenges. Several themes emerged from the
discussion, including the idea of creating a chief risk officer for
government, the need to improve risk communication, and overcoming
political obstacles to risk management. The plurality of the
participants agreed that improving risk communication was the single
greatest challenge in applying principles of risk management to
homeland security and suggested a number of ways to use risk
communication practices to better educate and inform the public. The
participants also proposed a number of steps that could be taken in the
near future to strengthen risk management practices and to stimulate
public discussion and awareness of risk management concepts. We are
working with the department to share ideas raised at the forum to
assist them as they work to strengthen their risk-based efforts. We
will be issuing a summary of this forum in the coming months.
Information Sharing:
In 2005, we designated information sharing for homeland security as
high-risk and continued that designation in 2007. In doing so, we
reported that the nation had not implemented a set of governmentwide
policies and processes for sharing terrorism-related information but
had issued a strategy on how it would put in place the overall
framework, policies, and architecture for sharing with all critical
partners--actions that we and others have recommended. The Intelligence
Reform and Terrorism Prevention Act of 2004, as amended, requires that
the President create an "information sharing environment" to facilitate
the sharing of terrorism-related information, yet this environment
remains in the planning stage. An implementation plan for the
environment, which was released in November 2006, defines key tasks and
milestones for developing the information sharing environment,
including identifying barriers and ways to resolve them, as we
recommended. We have noted that completing the information sharing
environment is a complex task that will take multiple years and long-
term administration and congressional support and oversight and will
pose cultural, operational, and technical challenges that will require
a collaborated response.
DHS has taken some steps to implement its information sharing
responsibilities and support other information sharing efforts. For
example, states and localities are creating their own information
fusion centers, some with DHS support. In October 2007 we reported that
some state and local fusion centers had DHS personnel assigned to them;
access to DHS's unclassified information networks or systems, such as
the Homeland Security Information Network; and support from DHS grant
programs.[Footnote 23] However, some state and local fusion centers
reported challenges to accessing DHS's information systems and
identified issues in understanding and using federal grant funds. To
improve efforts to create a national network of fusion centers, we
recommended that the federal government determine and articulate its
role in, and whether it expects to provide resources to, fusion centers
over the long term to help ensure their sustainability.
Partnerships and Coordination:
To secure the nation, DHS realizes it must form effective and sustained
partnerships among its component agencies and with a range of other
entities, including other federal agencies, state and local
governments, private and nonprofit sectors, and international partners.
The National Strategy for Homeland Security recognizes the importance
of partnerships as the foundation for establishing a shared
responsibility for homeland security among stakeholders. We have
reported on difficulties faced by DHS in its coordination efforts. For
example, in September 2005 we reported that TSA did not effectively
involve private sector stakeholders in its decision-making process for
developing security standards for passenger rail assets. We recommended
that DHS develop security standards that reflect industry best
practices and can be measured, monitored, and enforced by TSA rail
inspectors and, if appropriate, rail asset owners. DHS agreed with
these recommendations. DHS has worked to strengthen partnerships and
has undertaken a number of coordination efforts with public and private-
sector entities. These include, for example, partnering with the
Department of Transportation to strengthen the security of surface
modes of transportation, airlines to improve aviation passenger and
cargo screening, the maritime shipping industry to facilitate
containerized cargo inspection, and the chemical industry to enhance
critical infrastructure protection at such facilities. In addition,
FEMA has worked with other federal, state, and local entities to
improve planning for disaster response and recovery. Although DHS has
taken action to strengthen partnerships and improve coordination, we
found that more work remains to support the leveraging of resources and
the effective implementation of its homeland security responsibilities.
Accountability and Transparency:
Accountability and transparency are critical to the department
effectively integrating its management functions and implementing its
mission responsibilities. We have reported that it is important that
DHS make its management and operational decisions transparent enough so
that Congress can be sure that it is effectively, efficiently, and
economically using the billions of dollars in funding it receives
annually.[Footnote 24] We have encountered delays at DHS in obtaining
access to needed information, which has impacted our ability to conduct
our work in a timely manner. Since we highlighted this issue last year
to this subcommittee, our access to information at DHS has improved.
For example, TSA has worked with us to improve their process for
providing us with access to documentation. DHS also provided us with
access to its national level preparedness exercise. However, we
continue to experience some delays in obtaining information from DHS,
and we continue to believe that DHS needs to make systematic changes to
its policies and procedures for how DHS officials are to interact with
GAO. We appreciate the Subcommittee's assistance in helping us seek
improved access to DHS information and support the provision in the
Consolidated Appropriations Act, 2008, that restricts a portion of
DHS's funding until DHS reports on revisions to its guidance for
working with GAO and the DHS IG. We look forward to collaborating with
the department on proposed revisions to its GAO guidance.
Concluding Observations:
Next month DHS will be 5 years old, a key milestone for the department.
Since its establishment, DHS has had to undertake actions to secure the
border and the transportation sector and defend against, prepare for,
and respond to threats and disasters while simultaneously working to
transform itself into a fully functioning cabinet department. Such a
transformation is a difficult undertaking for any organization and can
take, at a minimum, 5 to 7 years to complete even under less daunting
circumstances.
Nevertheless, DHS's 5-year anniversary provides an opportunity for the
department to review how it has matured as an organization. As part of
our broad range of work reviewing DHS management and mission programs,
we will continue to assess in the coming months DHS's progress in
addressing high-risk issues. In particular, we will continue to assess
the progress made by the department in its transformation and
information sharing efforts. Further, as DHS continues to evolve and
transform, we will review its progress and performance and provide
information to Congress and the public on its efforts.
This concludes my prepared statement. I would be pleased to answer any
questions you and the Subcommittee Members may have.
GAO Contact and Staff Acknowledgments:
For further information about this testimony, please contact Norman J.
Rabkin, Managing Director, Homeland Security and Justice, at 202-512-
8777 or rabkinn@gao.gov. Other key contributors to this statement were
Jason Barnosky, Cathleen A. Berrick, Kathryn Bolduc, Anthony
Cheesebrough, Rebecca Gambler, Kathryn Godfrey, Christopher Keisling,
Thomas Lombardi, Octavia Parks, and Sue Ramanathan.
[End of section]
Footnotes:
[1] Examples of nonhomeland security functions include Coast Guard
search and rescue and naturalization services.
[2] GAO, Homeland Security: Critical Design and Implementation Issues,
GAO-02-957T (Washington, D.C.: July 17, 2002).
[3] GAO, High-Risk Series: An Update, GAO-03-119 (Washington, D.C.:
January 2003).
[4] GAO, Department of Homeland Security: Progress Report on
Implementation of Mission and Management Functions, GAO-07-454
(Washington, D.C.: August 17, 2007).
[5] GAO, High-RiskSeries: An Update, GAO-05-207 (Washington, D.C.:
January 2005) and GAO, High-Risk Series: An Update, GAO-07-310
(Washington, D.C.: January 2007).
[6] In general, a fusion center is a collaborative effort to detect,
prevent, investigate, and respond to criminal and terrorist activity.
GAO, Homeland Security: Federal Efforts Are Helping to Alleviate Some
Challenges Encountered by State and Local Information Fusion Centers,
GAO-08-35 (Washington, D.C.: Oct. 30, 2007).
[7] GAO-07-454.
[8] Consolidated Appropriations Act, 2008, Pub. L. No. 110-161, Div. E,
121 Stat. 1844 (2007).
[9] These 22 agencies, offices, and programs were U.S. Customs Service;
U.S. Immigration and Naturalization Service; Federal Protective
Service; Transportation Security Administration; Federal Law
Enforcement Training Center; Animal and Plant Health Inspection
Service; Office for Domestic Preparedness; Federal Emergency Management
Agency; Strategic National Stockpile and the National Disaster Medical
System; Nuclear Incident Response Team; Domestic Emergency Support
Team; National Domestic Preparedness Office; Chemical, Biological,
Radiological, and Nuclear Countermeasures Program; Environmental
Measures Laboratory; National BW Defense Analysis Center; Plum Island
Animal Disease Center; Federal Computer Incident Response Center;
National Communications System; National Infrastructure Protection
Center; Energy Security and Assurance Program; Secret Service; and U.S.
Coast Guard.
[10] GAO-07-454.
[11] GAO, Department of Homeland Security: Improved Assessment and
Oversight Needed to Manage Risk of Contracting for Selected Services,
GAO-07-990 (Washington, D.C.: Sept. 17, 2007).
[12] GAO, Information Technology: DHS's Human Capital Plan Is Largely
Consistent with Relevant Guidance, but Improvements and Implementation
Steps Are Still Needed, GAO-07-425 (Washington, D.C.: Sept. 10, 2007).
[13] The Administration's agency scorecard for real property management
was established in fiscal year 2004 to measure each agency's progress
in implementing Executive Order 13327 on "Federal Real Property Asset
Management."
[14] A port of entry is generally a physical location, such as a
pedestrian walkway and/or a vehicle plaza with booths, and associated
inspection and administration buildings, at a land border crossing
point, or a restricted area inside an airport or seaport, where entry
into the country by persons and cargo arriving by air, land, or sea is
controlled by U.S. Customs and Border Protection.
[15] GAO, Border Security: Despite Progress, Weaknesses in Traveler
Inspections Exist at Our Nation's Ports of Entry, GAO-08-219
(Washington, D.C.: Nov. 5, 2007).
[16] GAO, USICS Transformation: Improvements to Performance, Human
Capital, and Information Technology Management Needed as Modernization
Proceeds, GAO-07-1013R (Washington, D.C.: July 17, 2007).
[17] GAO, Aviation Security: Vulnerabilities Exposed through Covert
Testing of TSA's Passenger Screening Process, GAO-08-48T (Washington,
D.C.: Nov. 15, 2007).
[18] GAO, Maritime Security: The SAFE Port Act: Status and
Implementation One Year Later, GAO-08-126T (Washington, D.C.: Oct. 30,
2007).
[19] GAO, Critical Infrastructure Protection: Sector Plans and Sector
Councils Continue to Evolve, GAO-07-706R (Washington, D.C.: July 10,
2007) and GAO, Critical Infrastructure Protection: Sector-Specific
Plans' Coverage of Key Cyber Security Elements Varies, GAO-08-113
(Washington, D.C.: Oct. 31, 2007).
[20] The Homeland Security Information Network is DHS's primary conduit
for sharing information on domestic terrorist threats, suspicious
activity reports, and incident management.
[21] GAO, Combating Nuclear Smuggling: Additional Actions Needed to
Ensure Adequate Testing of Next Generation Radiation Detection
Equipment, GAO-07-1247T (Washington, D.C.: Sept. 18, 2007).
[22] See 6 U.S.C. § 341(a)(9)(B).
[23] GAO-08-35.
[24] GAO-07-454.
GAO's Mission:
The Government Accountability Office, the audit, evaluation and
investigative arm of Congress, exists to support Congress in meeting
its constitutional responsibilities and to help improve the performance
and accountability of the federal government for the American people.
GAO examines the use of public funds; evaluates federal programs and
policies; and provides analyses, recommendations, and other assistance
to help Congress make informed oversight, policy, and funding
decisions. GAO's commitment to good government is reflected in its core
values of accountability, integrity, and reliability.
Obtaining Copies of GAO Reports and Testimony:
The fastest and easiest way to obtain copies of GAO documents at no
cost is through GAO's Web site [hyperlink, http://www.gao.gov]. Each
weekday, GAO posts newly released reports, testimony, and
correspondence on its Web site. To have GAO e-mail you a list of newly
posted products every afternoon, go to [hyperlink, http://www.gao.gov]
and select "Subscribe to Updates."
Order by Mail or Phone:
The first copy of each printed report is free. Additional copies are $2
each. A check or money order should be made out to the Superintendent
of Documents. GAO also accepts VISA and Mastercard. Orders for 100 or
more copies mailed to a single address are discounted 25 percent.
Orders should be sent to:
U.S. Government Accountability Office:
441 G Street NW, Room LM:
Washington, D.C. 20548:
To order by Phone:
Voice: (202) 512-6000:
TDD: (202) 512-2537:
Fax: (202) 512-6061:
To Report Fraud, Waste, and Abuse in Federal Programs:
Contact:
Web site: [hyperlink, http://www.gao.gov/fraudnet/fraudnet.htm]:
E-mail: fraudnet@gao.gov:
Automated answering system: (800) 424-5454 or (202) 512-7470:
Congressional Relations:
Ralph Dawn, Managing Director, dawnr@gao.gov:
(202) 512-4400:
U.S. Government Accountability Office:
441 G Street NW, Room 7125:
Washington, D.C. 20548:
Public Affairs:
Chuck Young, Managing Director, youngc1@gao.gov:
(202) 512-4800:
U.S. Government Accountability Office:
441 G Street NW, Room 7149:
Washington, D.C. 20548:
