Skip to main content

Homeland Security: Despite Progress, DHS Continues to Be Challenged in Managing Its Multi-Billion Dollar Annual Investment in Large-Scale Information Technology Systems

GAO-09-1002T Published: Sep 15, 2009. Publicly Released: Sep 15, 2009.
Jump To:
Skip to Highlights

Highlights

The Department of Homeland Security (DHS) invested more than $6 billion in 2009 on large-scale, information technology (IT) systems to help it achieve mission outcomes and transform departmentwide operations. For DHS to effectively leverage these systems as mission enablers and transformation tools, it needs to employ a number of institutional acquisition and IT management controls and capabilities, such as using an operational and technological blueprint to guide and constrain system investments (enterprise architecture) and following institutional policies, practices, and structures for acquiring and investing in these systems. Other institutional controls and capabilities include employing rigorous and disciplined system life cycle management processes and having capable acquisition and IT management workforces. As GAO has reported, it is critical for the department to implement these controls and capabilities on each of its system acquisition programs. GAO has issued a series of reports on DHS institutional controls for acquiring and managing IT systems, and its implementation of these controls on large-scale systems. GAO was asked to testify on how far the department has come on both of these fronts, including its implementation of GAO's recommendations. To do this, GAO drew from its issued reports on institutional IT controls and IT systems, as well as our recurring work to follow up on the status of our open recommendations.

Full Report

Office of Public Affairs

Topics

Agency missionsChief information officersContract oversightEnterprise architectureHuman capital planningInformation technologyInternal controlsIT acquisitionsPerformance measuresProcurement planningProcurement policyProcurement practicesProgram managementRisk managementStrategic planningSystems designSystems development life cyclePolicies and proceduresProgram implementation