This is the accessible text file for GAO report number GAO-06-497T entitled 'GAO's High-Risk Program' which was released on March 15, 2006. This text file was formatted by the U.S. Government Accountability Office (GAO) to be accessible to users with visual impairments, as part of a longer term project to improve GAO products' accessibility. Every attempt has been made to maintain the structural and data integrity of the original printed product. Accessibility features, such as text descriptions of tables, consecutively numbered footnotes placed at the end of the file, and the text of agency comment letters, are provided but may not exactly duplicate the presentation or format of the printed version. The portable document format (PDF) file is an exact electronic replica of the printed version. We welcome your feedback. Please E-mail your comments regarding the contents or accessibility features of this document to Webmaster@gao.gov. This is a work of the U.S. government and is not subject to copyright protection in the United States. It may be reproduced and distributed in its entirety without further permission from GAO. Because this work may contain copyrighted images or other material, permission from the copyright holder may be necessary if you wish to reproduce this material separately. Testimony: Before the Subcommittee on Oversight of Government Management, the Federal Workforce, and the District of Columbia, Committee on Homeland Security and Governmental Affairs, U.S. Senate: For Release on Delivery Expected at 2:30 p.m. EST Wednesday, March 15, 2006: GAO's High-Risk Program: Statement of David M. Walker: Comptroller General of the United States: GAO-06-497T: GAO Highlights: Highlights of GAO-06-497T, a testimony before the Subcommittee on Oversight of Government Management, the Federal Workforce, and the District of Columbia, Committee on Homeland Security and Governmental Affairs, U.S. Senate: Why GAO Did This Study: GAO audits and evaluations identify federal programs and operations that in some cases are high risk due to their greater vulnerabilities to fraud, waste, abuse, and mismanagement. Increasingly, GAO also has identified high-risk areas that are in need of broad-based transformations to address major economy, efficiency, or effectiveness challenges. Since 1990 with each new Congress, GAO has reported on its high-risk list. GAO’s most recent update, in January 2005, presented the 109th Congress with the latest status of existing and new high-risk areas warranting attention by both the Congress and the administration. Lasting solutions to high-risk problems offer the potential to save billions of dollars, dramatically improve service to the American public, strengthen public confidence and trust in the performance and accountability of our national government, and ensure the ability of government to deliver on its promises. What GAO Found: Our January 2005 high-risk update summarized progress to date in addressing high-risk problems, corrective actions under way, and additional actions needed. As part of that update, the high-risk designation was removed for three areas and four new areas were added to the high-risk list. This administration has looked to our high-risk program on various initiatives such as the President’s Management Agenda. Also, federal departments and agencies have shown a continuing commitment to addressing the root causes associated with high-risk challenges. Since GAO’s last update, OMB has worked with agencies in getting action plans, with specific goals and milestones, in place for individual high- risk areas. This initiative offers potential for noteworthy progress, but implementing and sustaining the effort will be key to success. The Congress, too, continues to play an important role through its oversight and, where appropriate, legislative action targeted at the problems within high-risk areas. More than 60 hearings involving high- risk areas have taken place since our last update. Today, GAO is designating a new high-risk area: the National Flood Insurance Program. The program, due to the unprecedented magnitude and severity of floods resulting from hurricanes in 2005, has incurred recent losses. These losses—estimated at $23 billion, more than the total claims paid in the history of the program—illustrate the risk associated with the federal government’s exposure for claims coverage in catastrophic loss years. This statement also addresses several ongoing high-risk issues: * DOD cannot ensure that the more than $200 billion it spends annually is used wisely and results in weapon systems and capabilities delivered to the warfighter as originally promised, or that its business practices, such as the fees paid to its contractors, promote good acquisition outcomes. * The Postal Service has made significant progress in addressing some challenges related to its transformation efforts and long-term outlook but continues to face significant challenges, such as declining First- Class Mail volumes and an unsustainable business model, that threaten its financial viability. * Although DHS has made some progress in the department’s transformation and implementation, it continues to face significant challenges in several key areas, such as strategic planning, information sharing, disaster management and partnering with others. * Terminations of large underfunded pension plans have created a $23 billion deficit for PBGC's Single Employer Insurance Program and additional claims seem likely in the near future; legislation is pending to address various aspects of these problems. What GAO Recommends: GAO has made hundreds of recommendations related to areas it has designated as high risk. Perseverance by the administration in implementing GAO’s recommended solutions and continued oversight and action by the Congress are essential. www.gao.gov/cgi-bin/getrpt?GAO-06-497T. To view the full product, click on the link above. For more information, contact George Stalcup at (202) 512-9490 or stalcupg@gao.gov. [End of section] Mr. Chairman, Senator Akaka, Members of the Subcommittee: Thank you for the opportunity to discuss GAO's work related to high- risk areas identified in our 2005 high-risk update. As you know, we are scheduled to provide our next full update in January 2007, at the beginning of the 110th Congress. Today, I will talk about continuing efforts to address problem areas that we have identified through our high-risk program, discuss several individual high-risk issues, as well as a range of emerging issues and longer range challenges facing our government. I am also today designating a new high-risk area, the National Flood Insurance Program. I want to commend both of you and this Subcommittee in drawing needed attention to these important problems. Since our last update report in January 2005, the hearings you have held and follow-up you have done has been helpful, particularly for high-risk issues within the Department of Defense. As you know, this administration has looked to our high-risk program to help shape various governmentwide initiatives such as the President's Management Agenda. Clay Johnson, OMB's Deputy Director for Management, has directed agencies to develop action plans, complete with goals and milestones for reducing risk in areas GAO has designated as high risk. This is very encouraging, although a sustained effort will be needed. The "high-risk" program was begun in 1990 under the direction of my immediate predecessor, the Honorable Charles A. Bowsher. Since 1993, we have issued reports providing updates on the program at the onset of each new Congress. This effort, which is actively supported by your subcommittee, as well as the full Senate Committee on Homeland Security and Governmental Affairs and the House Committee on Government Reform, has brought a much-needed focus to problems that are impeding effective government and costing the taxpayers billions of dollars each year. During my tenure as Comptroller General, our high-risk program has increasingly focused on those major programs and operations that are in need of urgent attention and transformation in order to ensure that our national government functions in the most economical, efficient, and effective manner possible. We also continue to focus on federal programs and operations when they are at high risk because of their greater vulnerabilities to fraud, waste, abuse, and mismanagement. As this subcommittee knows, we have made hundreds of recommendations to improve these high-risk operations. Moreover, our focus on high-risk problems contributed to the Congress enacting a series of governmentwide reforms to address critical human capital challenges, strengthen financial management, improve information technology practices, and instill a more results-oriented government. Overall, our high-risk program has served to identify and help resolve serious weaknesses in areas that involve substantial resources and provide critical services to the public. Since our program began, the government has taken high-risk problems more seriously and has made long-needed progress toward correcting them. In some cases, progress has been sufficient for us to remove the high-risk designation. For example, in our most recent update, Student Financial Aid Programs was one of the three areas for which we removed the high-risk designation. This area had been on the high-risk list since 1990, and provides an example of the importance and benefit of a strong management commitment and a sustained effort in addressing these often long-standing problems. In 1998, the Congress established the Department of Education's (Education) Office of Federal Student Aid as the government's first performance-based organization, thus giving it greater flexibility to better address long-standing management weaknesses with student aid programs. In 2001, Education created a team of senior managers dedicated to addressing key financial and management problems throughout the agency, and in 2002, the Secretary of Education made removal from GAO's high-risk list a specific goal and listed it as a performance measure in Education's strategic plan. Education continued to improve the financial management of student financial aid programs, taking additional steps to address our concerns about systems integration, reporting on defaulted loans, and human capital management, which led to the removal of the high-risk designation for this area last year. In fact, 8 of the 16 areas removed from the list over the years were among the 14 programs and operations we included on our initial high- risk list in 1990 at the outset of our program. These results demonstrate that sustained attention and commitment by the Congress and agencies to resolving serious, long-standing high-risk problems have paid off, as root causes of the government's exposure for over half the areas on our original high-risk list have been successfully addressed. To determine which federal government programs and functions should be designated high risk, we used our guidance document, Determining Performance and Accountability Challenges and High Risks.[Footnote 1]In determining whether a government program or operation is high risk, we consider whether it involves national significance or a management function that is key to performance and accountability. We also consider whether the risk is: * an inherent problem, such as may arise when the nature of a program creates susceptibility to fraud, waste, and abuse, or: * a systemic problem, such as may arise when the programmatic; management support; or financial systems, policies, and procedures established by an agency to carry out a program are ineffective, creating a material weakness. Further, we consider qualitative factors, such as whether the risk: * involves public health or safety, service delivery, national security, national defense, economic growth, or privacy or citizens' rights, or: * could result in significantly impaired service; program failure; injury or loss of life; or significantly reduced economy, efficiency, or effectiveness. In addition, we also consider the exposure to loss in monetary or other quantitative terms. At a minimum, $1 billion must be at risk--major assets, revenue sources, and so on. Before making a high-risk designation, we also consider the corrective measures an agency may have planned or under way to resolve a material control weakness and the status and effectiveness of these actions. When legislative and/or agency actions, including those in response to our recommendations, result in significant and sustainable progress toward resolving a high-risk problem, we remove the high-risk designation. Key determinants here include a demonstrated strong commitment to and top leadership support for addressing problems, the capacity to do so, a corrective action plan, and demonstrated progress in implementing corrective measures. These determinations are based on the independent and professional judgment of appropriate GAO personnel. Consistent with these criteria, we removed the high-risk designation for three areas and designated four new high-risk areas as part of our January 2005 update report. Our objective for the high-risk list is to bring "light" to these areas as well as "heat" to prompt needed "actions." Long-term Fiscal Challenge: The specific issues I will discuss today--indeed, the specific issues we discuss in the high-risk reports--all take place in the context of what is arguably our greatest risk: the long-term fiscal outlook. We are currently on an imprudent and unsustainable fiscal path. We are a debtor nation--and we are borrowing from abroad at record rates. And on the domestic fiscal front the miracle of compounding works against us. This will only get worse on our current path. Importantly, if we act before a crisis forces us to act, we can, over time, turn compounding from an enemy to potential ally. GAO's high-risk series is part of our effort to assist the Congress in dealing with one of its important obligations--to exercise prudence and due care in connection with taxpayer funds. Even if we were operating in a time of surplus, no government should waste its taxpayers' money. Further, it is important for everyone to recognize that waste, fraud, abuse, and mismanagement are not victimless activities. Resources are not unlimited, and when they are diverted for inappropriate, illegal, inefficient, or ineffective purposes, both taxpayers and legitimate program beneficiaries are cheated. Both the administration and the Congress have an obligation to safeguard benefits for those who deserve them and avoid abuse of taxpayer funds by preventing diversions. Beyond preventing obvious abuse, the government also has an obligation to modernize its priorities, practices, and processes to meet the demands and needs of today's changing world. While we should have zero tolerance for fraud and abuse, we must also recognize that we will never in fact achieve zero fraud and abuse. Acknowledging this is not giving in; rather, it means we recognize that safeguarding taxpayer funds will be an ongoing effort. We should also have zero tolerance for waste--but here we must recognize that "waste" is a much more difficult concept than "fraud" or "abuse." The term can be used for things we all would agree are waste- -for example, paying too much for supplies or unnecessary redundancy or duplication of administrative functions. The term is also, however, sometimes used in the debate about government activities and priorities. One citizen may see a given program or initiative as wasteful while another sees it as an important governmental activity. This debate should be part of the reexamination of programs and activities. I would suggest that it is wasteful to allocate limited revenues based on wants versus needs versus a more threat-based, risk- based, or other targeted approach. In previous testimonies, I have discussed oversight and stewardship of taxpayer funds on three levels: * vulnerability to fraud, waste, and abuse; * improving the economy, efficiency, and effectiveness of programs; and: * a fundamental reassessment of government programs and activities-- whether designed as spending programs or tax preferences. All three levels are important. While the high-risk series is heavily targeted to the first two of these, it provides information and insight into the third. New High-Risk Area: National Flood Insurance Program: We will continue to use the high-risk designation to draw attention to the challenges associated with the economy, efficiency, and effectiveness of government programs and operations in need of broad- based transformation. Our list of issues continues to evolve over time. Our objective is to reflect important problem areas identified in our work, with a goal of identifying the root causes of vulnerabilities and actions needed on the part of the agencies involved and, if appropriate, the Congress. In this vein, I would like to call your attention to the National Flood Insurance Program (NFIP). * It is highly unlikely that the NFIP will generate sufficient revenues to repay funds borrowed from the Treasury to cover claims for the unprecedented magnitude and severity of flood losses resulting from hurricanes in 2005, as well as any exposure for future claims coverage in catastrophic loss years. * Over the last 15 years we have reported on a variety of issues that affect the program, including concerns related to the sufficiency of the program's financial resources, compliance with mandatory purchase requirements, the costly impact of repetitive loss properties, and most recently our concerns about FEMA's billion dollar flood map modernization efforts and management and oversight of the NFIP. * FEMA has taken some steps to address these concerns, for example, by working to reduce the number of subsidized properties and repetitive loss properties insured by the NFIP, increase participation in the program, implement requirements of the Flood Insurance Reform Act of 2004[Footnote 2] and improve its management and oversight of the program, and more strategically plan to update the nation's flood maps, the foundation of the NFIP. Nonetheless, the agency faces long-standing and complex challenges that make it likely that these issues will continue. For these reasons, we are today designating a new high-risk area: the National Flood Insurance Program (NFIP). The unprecedented magnitude and severity of flood losses resulting from hurricanes in 2005 illustrated the extent to which the federal government has exposure for flood claims coverage in catastrophic loss years and the decision for this designation. The nation's flood losses in 2005 created unprecedented challenges for the Federal Emergency Management Agency (FEMA) as the Department of Homeland Security (DHS) organization responsible for managing the NFIP. As shown in figure 1, FEMA estimates that Hurricanes Katrina, Rita, and Wilma are likely to generate claims and associated payments of about $23 billion--far surpassing the total of about $15 billion in claims paid in the entire history of the NFIP up to those events. Figure 1: NFIP Claims Payments from 1968 to August 2005 and Estimated Payments for Hurricanes Katrina, Rita, and Wilma: [See PDF for image] [End of figure] About 90 percent of all natural disasters in the United States involve flooding. However, flooding is generally excluded from homeowner policies that typically cover damage from other losses, such as wind, fire, and theft. Because of the catastrophic nature of flooding and the inability to adequately predict flood risks, private insurance companies have largely been unwilling to underwrite and bear the risk of flood insurance. The NFIP, established in 1968, provides property owners with some insurance coverage for flood damage. From its inception in 1968 until August 2005, the NFIP paid about $15 billion in insurance claims, primarily from policyholder premiums that otherwise would have been paid through taxpayer-funded disaster relief or borne by home and business owners themselves. During the 1990s, we reported concerns regarding the NFIP, particularly problems related to the sufficiency of the program's financial resources to meet future expected losses and compliance with mandatory purchase requirements. Our work has continued to focus on these issues since fiscal year 2000, along with issues identified by our work regarding the challenges FEMA faces in implementing its $1.5 billion flood map modernization efforts and plans to address repetitive loss properties and enhance its management and oversight of the program. To limit the federal government's exposure for claims coverage in catastrophic loss years, FEMA must continue to provide programs to help states, communities, and individuals plan and implement mitigation strategies to reduce damage to homes, schools, public buildings, and critical facilities from future floods and other hazards for example, by encouraging them to (1) adopt and enforce more stringent building codes for construction in areas at risk of flooding and stricter development regulations and zoning ordinances that steer development away from areas at risk of flooding and (2) use public funds to acquire damaged homes or businesses in flood-prone areas, demolish or relocate the structures, and use properties for open space, wetlands, or recreational uses. FEMA must also take effective action to address long- standing program issues and meet several major challenges facing the NFIP that we have identified in our prior work regarding the inherent solvency of the program, FEMA's management and oversight of the program, and modernizing the nation's flood maps to provide an accurate basis for the NFIP in the future. The program's financial resources are insufficient to meet future expected losses, in part because policy subsidies and repetitive loss properties have contributed to continuing losses to the program. Specifically, the program is not actuarially sound because of the number of policies in force that are subsidized--about 29 percent at the time of our 2003 testimony on this issue.[Footnote 3] As a result of these subsidies, some policyholders with dwellings that were built before flood plain management regulations were established in their communities pay premiums that represent about 35 to 40 percent of the true risk premium. In January 2006, FEMA estimated a shortfall in annual premium income because of policy subsidies at $750 million. Moreover, at the time of our 2004 testimony,[Footnote 4] there were about 49,000 repetitive loss properties--those with two or more losses of $1,000 or more in a 10-year period--representing about 1 percent of the 4.4 million buildings insured under the program. From 1978 until March 2004, these repetitive loss properties represented about $4.6 billion in claims payments. The extent of participation in the program may also contribute to its financial insolvency. Specifically, the level of noncompliance with current mandatory purchase requirements by affected property owners is unknown and voluntary participation in the program is limited. Some in Congress have expressed interest in assessing the feasibility of expanding mandatory purchase requirements beyond current special high- risk flood hazard areas. It is essential that FEMA provide effective management and oversight of NFIP operations because the agency largely relies on others to address these issues. FEMA's role for the NFIP is principally one of establishing policies and standards that others generally implement on a day-to-day basis and providing financial and management oversight of those who carry out those day-to-day responsibilities. For example, in our October 2005 report,[Footnote 5] we said that FEMA faces a challenge in providing effective oversight of the 95 insurance companies and thousands of insurance agents and claims adjusters who are primarily responsible for the day-to-day process of selling and servicing flood insurance policies. The unprecedented impact of Hurricane Katrina on hundreds of thousands of homeowners in the Gulf Coast has also highlighted the importance of FEMA's efforts to develop accurate, digital flood maps in implementing its $1.5 billion Flood Map Modernization program. Accurate, up-to-date flood maps are needed for builders and developers to make good decisions on where to build and to ensure that property owners have information on the flood risks they face in rebuilding entire communities devastated by the hurricanes. However, our work[Footnote 6] and the work of the DHS Inspector General[Footnote 7] has shown, among other things, that FEMA faces a major challenge in working with its contractor and state and local partners of varying technical capabilities and resources to produce accurate digital flood maps. In developing those maps, we recommended that FEMA develop and implement data standards that will enable FEMA, its contractor, and its state and local partners to identify and use consistent data collection and analysis methods for developing maps for communities with similar flood risk. Some stakeholders have questioned the adequacy of FEMA's estimates of the cost and schedule for completing its map modernization efforts. FEMA has taken some steps to address these concerns. Regarding its efforts to improve the solvency of the program, FEMA reported that the number of subsidized properties insured by the NFIP dropped from about 70 percent in 1978 to about 30 percent in 1999; however, this trend appears to have slowed in that since 1999 FEMA reports that the number of subsidized properties has only decreased by about 6 percent. Similarly, FEMA has made efforts to reduce the number of repetitive loss properties. However, FEMA has not yet implemented a pilot program authorized by the Flood Insurance Reform Act of 2004 specifically targeting the most severely repetitive loss properties, and, in any case, this program will only address a small number of these properties. Specifically, about 6,000 repetitive loss properties that have accounted for about $792 million in losses since 1978 could be considered for mitigation efforts funded through the pilot program. FEMA also has efforts under way to increase participation in the NFIP by marketing flood insurance policies. However, as noted in a recent evaluation of mandatory compliance conducted for FEMA,[Footnote 8] FEMA does not have a central role in implementing the mandatory purchase requirement. The evaluation recommended that FEMA should explore opportunities to exercise a leadership role in promoting compliance and in assisting the federal entities for lending regulation to meet their obligations related to the mandatory purchase of flood insurance. Regarding FEMA's management and oversight of the program, the agency is implementing the Flood Insurance Reform Act (FIRA) of 2004. However, as we noted in our report,[Footnote 9] FEMA's use of a sampling strategy for quality control purposes uses an approach that is not statistically valid, and thus does note provide management with the information needed to assess the overall performance of the private insurance companies who sell flood insurance. FEMA needs this information, including the overall accuracy of the underwriting of NFIP policies and the adjustment of claims, to have reasonable assurance that program objectives are being achieved. FEMA program officials did not agree with our recommendation stating that the agency's method of selecting samples for operational reviews was more appropriate than the random probability sample we recommended. Regarding map modernization efforts, FEMA issued the Multi-Year Flood Hazard Identification Plan[Footnote 10] that describes FEMA's strategy for updating flood maps used for NFIP purposes and addresses several of our recommendations. The current version of the plan (version 1.5, issued June 2005) updates FEMA's anticipated schedule and funding for flood map updates through fiscal year 2009. While the plan establishes levels of risk for determining the level of data definition and reliability used for flood maps, it does not define criteria (high population, high density, or high anticipated growth) or how the agency will apply them in assigning risk categories for flood maps to determine the level of data definition and reliability needed for future mapping projects. Echoing these concerns, the DHS Inspector General in reviewing the plan also concluded, among other things, that the plan should be revised to improve the sequencing and funding for mapping efforts in high-risk areas.[Footnote 11] Finally, some have questioned the adequacy of FEMA's estimates of the cost and schedule for completing its map modernization efforts. For example, the FEMA Office of Inspector General reported on this issue in September 2000 noting that implementation would cost $750 million between 2001 and 2007. When we reported on the plan in March 2004, FEMA's estimated cost had increased to $1 billion for a 5-year program from 2003-2008. By September 2005, when the DHS Office of Inspector General reviewed the status of the program, the estimated budget was $1.5 billion for a 6 year program extending to 2009. In testifying on the issue in July 2005, a representative of the Association of State Flood Plain Managers cited an analysis conducted by the Association in August 2005 which estimated that FEMA's map modernization program could cost as much as $2-3 billion. The increasing frequency, severity, and economic impact of flood events on the nation place increasing pressure on FEMA and DHS to address these concerns and enhance the program's ability to provide an insurance alternative to disaster assistance and reduce future flood damage through floodplain management. Under my authority, we are currently reviewing the NFIP in light of the unprecedented demands and unique challenges the hurricanes of 2005 placed upon FEMA and Gulf Coast communities. As part of this effort, we are also reassessing many of the longstanding issues and concerns we and others have raised regarding the key aspects of the program I have discussed here today. In conducting our review, we have, and plan to continue to, coordinate our efforts with this subcommittee and other key Congressional stakeholders to ensure that you are informed and continue to have the opportunity to provide input to our ongoing efforts. The complex and, in many cases, long-standing nature of the management challenges associated with the NFIP and the flood map modernization program (upon which the NFIP relies for producing accurate and readily accessible flood maps) will continue to increase the federal government's exposure to potentially billions of dollars of NFIP claims for coverage in future catastrophic loss years. This suggests the need for greater and sustained national focus and management attention by both FEMA and DHS. Just as flood insurance reform legislation in 1994[Footnote 12] and 2004 mandated changes to improve the effectiveness of, and participation in the program, the Congress, too, will continue to play an important role through legislative actions needed to assist FEMA and DHS in addressing these challenges. Our objective in making this new high-risk designation today is to draw that needed attention and, in turn, action. Status of Other Selected High-Risk Areas: For other areas on our 2005 high-risk list, efforts to address problems continue on several fronts, but major challenges remain. I want to touch on several current high-risk issues today. DOD High-Risk Areas Persist: Given its size and mission, the Department of Defense (DOD) is one of the largest and most complex organizations to manage in the world. DOD spends billions of dollars each year to sustain key business operations that support our forces, including information systems and processes related to acquisition and contract management, financial management, supply chain management, business system modernization, and support infrastructure management. Recent and ongoing military operations in Iraq and Afghanistan and new homeland defense missions have led to newer and higher demands on our forces in a time of growing fiscal challenges for our nation. For years, GAO has reported on inefficiencies, such as the lack of sustained leadership, the lack of a strategic and integrated business transformation plan, and inadequate incentives. Moreover, the lack of adequate transparency and appropriate accountability across DOD's major business areas results in billions of dollars of wasted resources annually. To its credit, DOD has embarked on a series of efforts to reform its business operations, including modernizing underlying information technology (business) systems. However, serious challenges and inefficiencies remain. In fact, eight individual items on GAO's high-risk list and several government wide high-risk areas apply to DOD. At the highest levels, DOD's civilian and military leaders appear committed to reform; however, the department faces significant challenges in achieving its transformation goals. In addition, this overall transformation effort will take many years of sustained attention by leaders at all levels in order to succeed. Management of DOD's Weapon Systems Acquisitions and Contractor Oversight: One area in particular that I would like to highlight today pertains to DOD's management of its major weapon systems acquisitions and its contractors. As the largest buyer in the federal government and as the agency entrusted with the nation's defense, DOD has an obligation to ensure that its funds are spent wisely and result in weapons systems and capabilities being delivered to the warfighter when needed. Over the last 5 years, DOD has doubled its planned investments in new weapon systems from about $700 billion in 2001 to nearly $1.4 trillion in 2006. Overall, DOD now spends more than $200 billion annually on goods and services. While DOD eventually fields the best weapon systems in the world, we have consistently reported that the programs take significantly longer and cost significantly more money and deliver fewer quantities and capabilities than the business cases that supported the acquisitions originally promised. Similarly, we have reported that DOD is unable to assure that it is using sound business practices to acquire the goods and services needed to meet the warfighter's needs. DOD's policies may incorporate best practices, but its actual decisions and actions are not consistent therewith. Unfortunately, DOD has a track record of over promising and under delivering in connection with key acquisition and other business outcomes. We have identified DOD's weapon systems and contract management as high- risk areas for more than a decade. While each has some unique issues that can be addressed on a case-by-case basis, there are other elements that need to be addressed from a broader acquisition context. In this regard, we testified earlier this month that the business case and business arrangements were key to the success of the Army's Future Combat System (FCS).[Footnote 13] The FCS is a networked family of weapons and other systems in the forefront of efforts by the Army to become a lighter, more agile, and more capable combat force. In total, projected investment costs for the FCS are estimated to be about $200 billion. While we found a number of compelling aspects of the FCS program, the elements of a sound business case for such an acquisition program--firm requirements, mature technologies, a knowledge-based acquisition strategy, a realistic cost estimate, and sufficient funding--are not yet present. Similarly, we noted that just as important, DOD needed to ensure the FCS's business arrangements, primarily in the nature of the development contract and in the lead system integrator approach, preserved the government's ability to make informed business decisions in the future. We looked at one element of a sound business arrangement--the award and incentives fees provided to the contractors to promote excellence in performance--in a report issued in December 2005.[Footnote 14] In that report, we noted that DOD programs routinely engage in award-fee practices that do not hold contractors accountable for achieving desired outcomes and undermine efforts to motivate contractor performance, such as: * evaluating contractors on award-fee criteria that are not directly related to key acquisition outcomes (e.g., meeting cost and schedule goals and delivering desired capabilities to the warfighter); * paying contractors a significant portion of the available fee for what award-fee plans describe as "acceptable, average, expected, good, or satisfactory" performance; and: * giving contractors at least a second opportunity to earn initially unearned or deferred fees. As a result, DOD paid out an estimated $8 billion in award fees on contracts in GAO's study population, regardless of whether acquisition outcomes fell short of, met, or exceeded DOD's expectations. We have identified numerous other examples in which DOD failed to execute its contracts properly, creating unnecessary risks and paying higher prices than justified. For example, in March 2005, we reported that deficiencies in DOD's oversight of service contractors placed DOD at risk of paying the contractors more than the value of the services they performed.[Footnote 15] In other reports, we identified numerous issues in DOD's use of interagency contracting vehicles that contributed to poor acquisition outcomes.[Footnote 16] These issues, along with those we have identified in DOD's acquisition and business management processes, present a compelling case for change.[Footnote 17] By implementing the recommendations we have made on individual issues, DOD can improve specific processes and activities. At the same time, by working more broadly to improve its acquisition practices, DOD can set the right conditions for becoming a smarter buyer, getting better acquisition outcomes, and making more efficient use of its resources in what is sure to be a more fiscally constrained environment. Then, assessments such as the Quadrennial Defense Review can be valuable. Unless changes are made, however, DOD will continue on a course where wants, needs, and affordability are mismatched, with predictably unsatisfactory results. U.S. Postal Service Transformation Efforts and Long-term Outlook: In 2001, we placed the Postal Service's (the Service) transformation and long-term outlook on our high-risk list because it faced formidable financial, operational, and human capital challenges that threatened its long-term viability. We called for prompt, aggressive action by the Service in addressing these challenges and for a structural transformation that would modernize the Service's outdated business model. Since then, the Service has made significant progress in addressing some of the challenges we identified, such as cutting costs, improving productivity, downsizing its workforce, and improving its financial reporting. Much of the Service's recent financial success, however, was due to legislation passed in 2003 that reduced the Service's annual pension benefit payments, thus enabling the Service to achieve record net incomes, repay over $11 billion of outstanding debt, and delay rate increases until January 2006. Despite the temporary relief provided by the legislation, the Service continues to face many challenges that will increase pressure for rate increases both in the short term and over time. These challenges include: * generating sufficient revenues as First-Class Mail volume declines and the mail mix changes to volume growth in primarily lower contribution mail; * controlling costs and improving productivity as growth in expenses continues to outpace revenues; compensation and benefit costs rise; workhour reductions become more difficult to realize and the number of delivery points continues to increase; * addressing other financial issues, such as growing unfunded retiree health obligations, required multi-billion dollar escrow payments, and military service pension obligations; * managing workforce changes related to retirements and network consolidations; * providing reliable data to assess performance; * maintaining high-quality universal services; and: * addressing external uncertainties, such as pending postal reform legislation, four vacancies on the Postal Service's Board of Governors, and potential security risks from biohazard and other threats. Recently, the Service issued an updated Strategic Transformation Plan (Plan) that details its goals and strategies for the next 5 years. We support the intent of the Plan, including the Service's recent efforts to begin optimizing its operating network. However, as we recently reported, the success of the Service's optimization efforts will require enhanced transparency of its decision-making criteria, effective coordination with all key stakeholders, and a process for evaluating and measuring performance. Furthermore, we continue to believe that the Plan's incremental steps alone cannot remedy the major challenges facing the Service. Despite its efforts, the Service's underlying business model depends on growing mail volume to mitigate rate increases and cover its universal service costs. This model is unsustainable because it lacks the necessary incentives and flexibilities to achieve sufficient cost savings needed to offset growing personnel costs, declining mail volumes, and the continued expansion of the Service's delivery network. We continue to believe that comprehensive postal reform is urgently needed to modernize the Service's business model. Recognizing that the future of postal services remains at risk, the House and Senate have each passed postal reform bills that now are pending conference deliberations. Both bills would give the Service additional flexibility in pricing and allow it to retain earnings, create incentives to reduce costs and increase efficiency, reduce the administrative burden of the rate-making process, enhance transparency and accountability, eliminate the escrow fund, transfer military service pension costs back to the Department of the Treasury (the Treasury), and begin prefunding retiree health benefits. The legislation aims to encourage cost cutting that could restrain future rate increases and also improves the fairness and balance of cost burdens for current and future ratepayers by beginning to prefund retiree health benefits. It is important that this legislation be enacted as soon as possible to begin the Service's overdue transition to a modernized business model. Although the legislation may result in short-term rate increases, these increases are likely to be more modest and predictable than the significant and frequent rate increases that would be needed if no action is taken to eliminate the escrow requirement, transfer military service pension costs back to the Treasury, and begin prefunding growing retiree health benefit obligations. Implementing and Transforming DHS: We designated DHS's transformation as a high-risk area in 2003 because DHS had to transform 22 agencies into one department, DHS inherited a number of operational and management challenges from its component legacy components, and failure to effectively address its management challenges and program risks could have serious consequences for our national security. Overall, DHS has made some progress, but continues to face serious challenges in several key areas, such as strategic planning, management, programmatic areas, and forming effective partnerships to achieve desired outcomes. * DHS's strategic plan does not detail the associated resources necessary to carry out its mission and achieve its strategic goals and to demonstrate the viability of the strategies and approaches presented for achieving its long-term goals. In addition, stakeholder involvement in the planning processes of DHS programs requiring stakeholder coordination to implement has been limited. Also, DHS has called for risk-based approaches to prioritize its resource investments for critical infrastructure. However, while some components of DHS have taken initial steps to apply elements of risk management to operations and decision making, DHS has not completed a comprehensive national threat and risk assessment for the department. Any risk-based approach must involve efforts from and commitment by DHS, the administration, and the Congress. Moreover, DHS continues to face challenges in sustained leadership. * Further, key areas of management pose challenges for DHS leadership, including financial management, information technology, and human capital and acquisitions. For example, DHS continues to face significant financial reporting problems, as evidenced by the disclaimer opinion on its consolidated financial statements in fiscal years 2005 and 2004 and continuing financial reporting deficiencies at Immigration and Customs Enforcement and the Coast Guard. DHS has made progress in implementing key federal information security requirements, yet it continues to face challenges in fulfilling the requirements mandated by the Federal Information Security Management Act. The district court has partially enjoined DHS's implementation of its human capital management system, and the lack of clear accountability hampers DHS's efforts to integrate the acquisition functions of its numerous organizations into an effective whole: * Key challenges remain in DHS programmatic areas. A number of challenges that had been experienced by the Immigration and Naturalization Service have continued in the new organizations now responsible for immigration enforcement functions. Several factors limit Customs and Border Protection's ability to successfully target containers to determine if they are high risk, including staffing imbalances. Although DHS has crafted a strategic plan to show how US- VISIT is aligned with DHS's mission goals and operations, the plan has yet to be approved, causing its integration with other departmentwide border security initiatives to remain unclear. In addition, delays by the Transportation Security Administration continue in deploying technologies at checkpoints to screen for explosives on the body. * Finally, in the area of partnering, the response to Hurricane Katrina demonstrated that DHS also faces challenges when coordinating efforts across the federal government. During incidents of national significance, including Hurricane Katrina, the overall coordination of federal incident management activities is executed through the Secretary of Homeland Security. Other federal departments and agencies are to cooperate with the secretary in the secretary's domestic incident management role. Our initial field work on the response to Hurricane Katrina indicates that a lack of clarity in roles and responsibility resulted in disjointed efforts of many federal agencies involved in the response, a myriad of approaches and processes for requesting and providing assistance, and confusion about who should be advised of requests and what resources would be provided within specific time frames. PBGC Single-Employer Insurance Program: We first designated the Pension Benefit Guaranty Corporation (PBGC)'s single-employer insurance program--a program that insures benefits for 34.2 million workers and retirees in about 28,800 defined benefit pension plans--for the high risk list in July 2003 because of concerns about its long-term financial viability. The program remains high risk as the program's financial condition has worsened from a $9.7 billion surplus in 2000 to nearly a $22.8 billion accumulated deficit as of the end of fiscal year 2005. Recent years have produced several terminations of large underfunded plans and the strong likelihood of additional terminations in the near future. While cyclical economic conditions have contributed to the program's financial troubles, it remains threatened by the results of globalization and deregulation or competitive restructuring of industries that have led to the bankruptcy of sponsors with large underfunded plans and a regulatory framework that has permitted sponsors to defer plan contributions. For example, total underfunding among insured single-employer plans has exceeded $450 billion over the last two fiscal years; $108 billion of the underfunding is attributable to plans sponsored by companies whose credit quality is below investment grade. Both the House and Senate recently passed comprehensive pension reform bills, each with different features that must be resolved in conference. The bills address many areas of concern that we previously highlighted, including the appropriate interest rates for liability valuation, more credible funding standards, increased premiums, addressing the funding of shutdown benefits, improving the timeliness of disclosures to participants, and clarifying the uncertain legal environment for hybrid pension plans. A consequence of even carefully crafted and well balanced reform is that some additional sponsors could choose to terminate their plans in a defined benefit system that has already seen declines in participation. However, such reform remains an important first step to maintaining a financially stable pension system that protects the retirement benefits of workers and retirees by providing employers reasonable funding flexibility in return for enhanced transparency and accountability for meeting the promises they make to their employees. In many ways, the problems facing PBGC's single-employer program highlight the broader challenges confronting 21ST century American retirement security. These challenges, including the long term financial weakness of Social Security and Medicare, the decline of the private defined benefit pension system, and our poor personal saving rate (which was negative in 2005), are severe and structural in nature. Unaddressed, these problems will not only erode the retirement safety net that was painstakingly built over several generations but threaten our nation's future economic security and thus the basic living standards of the American people. Emerging Issues: In addition to specific areas that we have designated as high risk, there are other important broad-based challenges facing our government that are serious and merit continuing close attention. One of these involves the use of risk management, a strategy for helping policymakers make investment and other decisions by assessing risks, evaluating alternatives, and taking actions under conditions of uncertainty. Risk management has applications for deliberate acts of terror as well as natural disasters, such as hurricanes and earthquakes. We have recently advocated using a risk management framework for making investment decisions to develop capabilities and the expertise to use them to respond to catastrophic disasters, such as Hurricane Katrina.[Footnote 18] Such a strategy has been endorsed by the Congress and the President as a way to strengthen the nation against possible terrorist attacks. In this regard, DHS has been charged with establishing a risk management framework across the federal government to protect the nation's critical infrastructure and key resources. DHS's work is done in a setting where substantial gaps in security remain, but resources for closing these gaps are limited. Within this context, in January of last year, we noted that DHS had not completed risk assessments to set priorities on where scarce resources were most needed. Our December 2005 report examined the risk management efforts of DHS and found that while a great amount of effort has been expended, there is a long way to go in implementing risk management in a way that helps inform decisions on programs and resource allocation.[Footnote 19] The most progress has been made in assessing risks of individual assets, such as port facilities and oil refineries. However, translating this information into comparisons and priorities across assets and infrastructure sectors remains a major challenge. DHS is unable to provide adequate assurance to the Congress or the country that the federal government is in a position to effectively manage risk in national security efforts. DHS has much more to do to more effectively manage risk as part of its homeland security responsibilities within current and expected resource levels. In the short term, progress depends heavily on continuing to improve policies and procedures for assessing risks, evaluating alternatives, and integrating these efforts into the annual cycle of program and budget review. An area that DHS believes needs further attention is working with intelligence communities to develop improved analysis and data on the relative probability of various threat scenarios. Efforts to strengthen data, methodology, and policy would help inform decisions on setting relative priorities and on making spending decisions. In the longer term, progress will rest heavily on how well DHS coordinates the homeland security risk management effort. Currently, various risk assessment approaches are being used, and in many ways, these approaches are neither consistent nor comparable. DHS has been challenged in establishing uniform policies, approaches, guidelines, and methodologies for infrastructure protection and risk management activities within and across sectors. In addition, integrating disparate systems, such as risk management with program and budget management, remains a long-term challenge. Shifting organizations toward this nexus of using risk-based data as part of annual management review cycles will take time, attention, and leadership. The Secretary of DHS has said that operations and budgets of its agencies will be reviewed through the prism of risk, but doing this is made difficult by the level of guidance and coordination that has been provided so far. DOD introduced its version of a risk management framework in 2001 to enable the department's senior leadership to better balance near-term demands against preparations for the future. However, in November 2005, we similarly found that additional steps are needed before this framework is fully implemented and DOD can demonstrate real and sustainable progress in using a risk-based and results-oriented approach to strategically allocate resources across the spectrum of its investment priorities within current and expected resource levels.[Footnote 20] We reported that while DOD has established four risk areas--force management, operational, future challenges, and institutional--as well as certain performance goals and measures, DOD's risk management framework's measures (1) do not clearly demonstrate results, (2) do not provide a well-rounded depiction of performance across the department, and (3) are not being systemically monitored across all quadrants. In addition, the framework's performance goals and measures are not clearly linked to DOD's current strategic plan and strategic goals. Without better measures, clear linkages, and greater transparency, DOD will be unable to fully measure progress in achieving strategic goals or demonstrate to the Congress and others how it considered risks and made trade-off decisions, balancing needs and costs for weapon system programs and other investment priorities. DOD faces four key challenges that affect its ability to fully implement the risk management framework, or a similar risk-based and results-oriented management approach: (1) overcoming cultural resistance to the transformational change represented by such an approach in a department as massive, complex, and decentralized as DOD; (2) maintaining sustained leadership and clear accountability for this cultural transformation; (3) providing implementation goals and timelines to gauge progress in transforming the culture; and (4) integrating the risk management framework with decision support processes and related reform initiatives into a coherent, unified management approach for the department. DOD recently stated in its Quadrennial Defense Review (QDR) Report, issued last month, that it is now taking advantage of lessons learned from the initial implementation phase to refine and develop a more robust framework to enable decision making. Unfortunately, our preliminary review of the QDR suggests that little progress has been made in choosing between wants, needs, affordability, and sustainability in connection with major Defense programs and acquisitions. Furthermore, more emphasis needs to be placed on the Department's overall business transformation efforts. We will continue to monitor DOD's efforts in these areas. We will also continue to monitor other management challenges identified through our work. While not high risk at this time, these areas warrant continued attention. For example, at the U.S. Census Bureau (Bureau), a number of operational and managerial challenges loom large as the Bureau approaches its biggest enumeration challenge yet, the 2010 Census. The Bureau will undertake an important census test and make critical 2010 Census operational and design decisions in the coming months--and we will continue to closely monitor the Bureau's program to assist the Congress in its oversight and the Bureau in its decision making. Both the Executive Branch and the Congress Have Important Roles: Continued focus by both the executive branch and the Congress is needed in implementing our recommended solutions for addressing these high- risk areas. Top administration officials have expressed their commitment to maintaining momentum in seeing that high-risk areas receive adequate attention and oversight. In fact, the current administration has looked to our high-risk program in shaping such major governmentwide initiatives as the President's Management Agenda (PMA), which has at its base many of the areas we had previously designated as high risk. For example, in 2001, the PMA identified human capital management, an area which we designated as a governmentwide high-risk issue earlier that year, as a top priority. Following our January 2003 update, in which we designated management of federal real property a governmentwide high-risk area, the administration added a Federal Asset Management Initiative to the PMA and the President signed an executive order aimed at addressing long-standing federal real property management issues. More recently, the Office of Management and Budget (OMB) has led an initiative to prompt agencies to develop detailed action plans for each area on our high-risk list. These plans are to identify specific goals and milestones to address and reduce the risks identified by us within each high-risk area. Further, OMB has encouraged agencies to consult with us regarding the problems our past work has identified, and the many recommendations for corrective actions they have made. For example, in cooperation with OMB, DOD has developed a plan to show progress toward the long-term goal of resolving problems and removing supply chain management from our list of high-risk areas within the department. DOD issued the first iteration of the plan in July 2005 and, since then, has regularly updated it. Based on our review of the plan, we believe it is a good first step toward improving supply chain management in support of the warfighter although the department faces challenges and risks in successfully implementing its proposed changes across the department and measuring progress. Since our October 2005 testimony before you, we have held monthly meetings with DOD and OMB officials to receive updates on the plan and gain a greater understanding of the initiatives DOD proposes to implement. Progress to date on other individual plans has varied, but this initiative offers the potential for helping to foster progress on long-needed improvements. Such concerted efforts by agencies and ongoing attention by OMB are critical; our experience over the past 15 years has shown that persistence and perseverance is required to fully resolve high- risk areas. The Congress, too, will continue to play an important role through its oversight and, where appropriate, through various legislative actions, particularly in addressing challenges in broad-based transformations. As I have repeatedly noted, the creation of a COO/CMO position in select agencies, especially the Department of Defense, could help to elevate attention on management issues and transformational change, integrate various key management and transformation efforts, and institutionalize accountability in leading these changes. I am pleased that you have both endorsed this concept by introducing legislation to create deputy secretary for management positions for the Departments of Defense and Homeland Security.[Footnote 21] I continue to believe that there is a strong need for such a senior leadership position to provide the continued focus and integrated approach required to address the significant and long-standing transformation and management challenges facing these departments. Over the past 13 months, your subcommittee alone has held 5 hearings relating to our high-risk areas, covering the list in total as well as individual areas in DOD, including personnel security clearances, supply chain management, as well as business systems modernization and overall business transformation. Together, committees and subcommittees in both houses have held more than 60 hearings since our last high-risk update report, involving 20 of the 25 areas on GAO's January 2005 high- risk list. I have personally testified in many of these hearings. This level of oversight, coupled with related legislation, where appropriate, is very instrumental to making real and sustainable progress in these areas. Forward-looking Focus Needed: Addressing the important problems identified by our high-risk program will in many cases encompass the need for transformation and, for some challenges, require action by both the executive branch and the Congress. However, if we are going to meet the long-term fiscal challenge and other emerging challenges confronting the nation, we must also engage in a fundamental reexamination of what government does and how it does it, who does it, and how it gets financed. Although prompted by fiscal necessity, such a fundamental review of major program and policy areas can also serve the vital function of updating the federal government's programs and priorities to meet current and future challenges. While we should be striving to maintain a government that is free of waste, fraud, abuse, and mismanagement, it should also remain effective and relevant to a changing society--a government that is as free as possible of outmoded, duplicative, and ineffective commitments and operations. Many current federal programs and policies, in fact, were designed decades ago to respond to trends and challenges that existed at the time of their creation, and may no longer be well suited, designed, or targeted to address current national priorities. Our recent entry into a new century has helped to remind us of how much has changed in the past several decades--rapid shifts in the aging of our population, globalization of economic transactions, significant advances in technology, and changing security threats. If government is to effectively address these trends, it cannot accept its existing programs, policies, and activities as "givens." Outmoded, duplicative, and effective commitments and operations are an unnecessary burden on the present and future that can erode the capacity of our nation to better align its government with the needs and demands of a changing world and society. Last year, we pulled together our insights and previous work for the Congress in another report, entitled 21st Century Challenges: Reexamining the Base of the Federal Government ([Hyperlink, http://www.gao.gov/cgi-bin/getrpt?GAO-05-325SP]). That report provides policymakers with a comprehensive compendium of those areas throughout government that could be considered ripe for reexamination and review. It includes a number of illustrative questions for the Congress and other policymakers to consider as they carry out their various constitutional responsibilities. These questions span a broad range of budget categories and federal operations, including discretionary and mandatory spending and tax policies and programs. Answering these questions and addressing the challenges raised in the 21st century challenges report will invariably entail difficult political choices between competing programs that promise benefits to many Americans but are collectively unaffordable in the long run at current and expected revenue levels. We recognize that this kind of examination and the hard choices necessary to mitigate the risks inherent in conducting "business as usual" may take a generation to address. But the potential disruption from related changes can be lessened, and the options policymakers can consider will be greater, if the necessary policy changes are made sooner rather than later. However, in the final analysis, as you well know, only elected officials can decide whether, when, and how best to proceed to address these important issues. We hope that our reports on our high-risk program, as well as our report on 21st Century challenges, along with the follow-up work we are committed to doing for the Congress, will continue to be used by various congressional committees, such as yours, as you consider which areas of government to examine and act on. Mr. Chairman, Senator Akaka, and members of the subcommittee, this concludes my testimony. I would be happy to answer any questions you may have. (450476): FOOTNOTES [1] GAO, Determining Performance and Accountability Challenges and High Risks, GAO-01-159SP (Washington, D.C.: November 2000). [2] Bunning-Bereuter-Blumenauer Flood Insurance Reform Act of 2004, Pub. L. No. 108-264, 118 Stat. 712 (2004). [3] GAO, Flood Insurance: Challenges Facing the National Flood Insurance Program, GAO-03-606T (Washington, D.C.: Apr. 1, 2003). [4] GAO, National Flood Insurance Program: Actions to Address Repetitive Loss Properties, GAO-04-401T (Washington, D.C.: Mar. 11, 2004). [5] GAO, Federal Emergency Management Agency: Improvements Needed to Enhance Oversight and Management of the National Flood Insurance Program, GAO-06-119 (Washington, D.C.: Oct. 18, 2005). [6] GAO, Flood Map Modernization: Program Strategy Shows Promise, but Challenges Remain, GAO-04-417 (Washington, D.C.: Mar. 31, 2004). [7] Department of Homeland Security, Office of Inspector General, Office of Information Technology, Challenges in FEMA's Flood Map Modernization Program, OIG-05-44 (Washington, D.C.: September 2005). [8] American Institutes for Research, The National Flood Insurance Program's Mandatory Purchase Requirement: Policies, Processes, and Stakeholders (Washington, D.C.: March 2005). [9] GAO, Federal Emergency Management Agency: Improvements Needed to Enhance Oversight and Management of the National Flood Insurance Program, GAO-06-119 (Washington, D.C.: Oct. 18, 2005). [10] Federal Emergency Management Agency, Multi-Year Flood Hazard Identification Plan, Draft FY04-FY08, Version 1.0 (Washington, D.C.: November 2004). [11] Department of Homeland Security, Office of Inspector General, Office of Information Technology, Challenges in FEMA's Flood Map Modernization Program. [12] National Flood Insurance Reform Act of 1994, Pub. L. No. 103-325, §§ 501-584, 108 Stat. 2160, 2255-87 (1994). [13] GAO, Defense Acquisitions: Business Case and Business Arrangements Key for Future Combat System's Success, GAO-06-478T (Washington, D.C.: Mar. 1, 2006). [14] GAO, Defense Acquisitions: DOD Has Paid Billions in Award and Incentive Fees Regardless of Acquisition Outcomes, GAO-06-66 (Washington, D.C.: Dec. 19, 2005). [15] GAO, Contract Management: Opportunities to Improve Surveillance on Department of Defense Service Contracts, GAO-05-274 (Washington, D.C.: Mar.17, 2005). [16] GAO, Interagency Contracting: Problems with DOD's and Interior's Orders to Support Military Operations, GAO-05-201 (Washington, D.C.: Apr. 29, 2005), and Interagency Contracting: Franchise Funds Provide Convenience, but Value to DOD is Not Demonstrated, GAO-05-456 (Washington, D.C.: July 29, 2005). [17] GAO, DOD Acquisition Outcomes: A Case for Change, GAO-06-257T (Washington, D.C.: Nov.15, 2005). [18] GAO, Hurricane Katrina: GAO's Preliminary Observations Regarding Preparedness, Response, and Recovery, GAO-06-442T (Washington D.C.: March 2006). [19] GAO, Risk Management: Further Refinements Needed to Assess Risks and Prioritize Protective Measures at Ports and Other Critical Infrastructure, GAO-06-91 (Washington D.C.: Dec. 15, 2005). [20] GAO, Defense Management: Additional Actions Needed to Enhance DOD's Risk-Based Approach for Making Resource Decisions, GAO-06-13 (Washington, D.C.: Nov. 15, 2005). [21] Senators Ensign, Akaka, and Voinovich introduced S. 780 on April 14, 2005, to create a Deputy Secretary of Defense for Management, who would report to the Secretary of Defense and serve for a term of 7 years with an annual performance agreement. Senators Akaka and Voinovich introduced S. 1712 on September 15, 2005, to create a Deputy Secretary of Homeland Security for Management, who would report to the Secretary of Homeland Security and serve for a term of 5 years with an annual performance agreement.