Financial Management Systems:
DHS Faces Challenges to Successfully Consolidate Its Existing Disparate Systems
GAO-10-210T, Oct 29, 2009
In June 2007, GAO reported that the Department of Homeland Security (DHS) had made little progress in integrating its existing financial management systems and made six recommendations focused on the need for DHS to define a departmentwide strategy and embrace disciplined processes. In June 2007, DHS announced its new financial management systems strategy, called the Transformation and Systems Consolidation (TASC) program. GAO's testimony provides preliminary analysis of the status of its prior recommendations and whether there were additional issues identified that pose challenges to the successful implementation of the TASC program. GAO reviewed relevant documentation, such as the January 2009 Request for Proposal and its attachments, and interviewed key officials to obtain additional information. GAO provided a draft report that this testimony is based on to DHS on September 29, 2009, for review and comment. After reviewing and considering DHS' comments, GAO plans to finalize and issue the report including providing appropriate recommendations aimed at improving the department's implementation of the TASC program.
GAO's preliminary analysis shows that DHS has begun to take actions to implement four of the six recommendations made in the 2007 report; however, none of these recommendations have been fully implemented. GAO recognizes that DHS cannot fully implement some of the recommendations aimed at reducing the risk in accordance with best practices until the contract for TASC is awarded. DHS has taken, but not completed, actions to (1) define its financial management strategy and plan, (2) develop a comprehensive concept of operations, (3) incorporate disciplined processes, and (4) implement key human capital practices and plans for such a systems implementation effort. DHS has not taken the necessary actions on the remaining two recommendations, to standardize business processes across the department, including applicable internal control, and to develop detailed consolidation and migration plans since DHS will not know the information necessary to develop these items until a contractor is selected. While some of the details of the department's standardization of business processes and migration plans depend on the selected new system, DHS would benefit from performing critical activities, such as identifying all of its affected current business processes so that DHS can analyze how closely the proposed system will meet the department's needs. GAO's preliminary analysis during this review also identified two issues that pose challenges to the TASC program--DHS' significant risks related to the reliance on contractors to define and implement the new system and the lack of independence of the contractor hired to perform the verification and validation (V&V) function for TASC. DHS plans to rely on the selected contractor to complete key process documents for TASC such as detailed documentation that governs activities such as requirements management, testing, data conversion, and quality assurance. The extent of DHS' reliance on contractors to define and implement key processes needed by the TASC program, without the necessary oversight mechanisms to ensure that (1) the processes are properly defined and (2) effectively implemented, could result in system efforts plagued with serious performance and management problems. Further, GAO identified that DHS' V&V contractor was not independent with regard to the TASC program. DHS management agreed that the V&V function should be performed by an entity that is technically, managerially, and financially independent of the organization in charge of the system development and/or acquisition it is assessing. Accordingly, DHS officials indicated that they have restructured the contract to address our concerns by changing the organization that is responsible for managing the V&V function.