GAO-10-911T, Department of Homeland Security: Progress Made in Implementation and Transformation of Management Functions, but More Work Remains


This is the accessible text file for GAO report number GAO-10-911T 
entitled 'Department of Homeland Security: Progress Made in 
Implementation and Transformation of Management Functions, but More 
Work Remains' which was released on September 30, 2010. 

This text file was formatted by the U.S. Government Accountability 
Office (GAO) to be accessible to users with visual impairments, as 
part of a longer term project to improve GAO products' accessibility. 
Every attempt has been made to maintain the structural and data 
integrity of the original printed product. Accessibility features, 
such as text descriptions of tables, consecutively numbered footnotes 
placed at the end of the file, and the text of agency comment letters, 
are provided but may not exactly duplicate the presentation or format 
of the printed version. The portable document format (PDF) file is an 
exact electronic replica of the printed version. We welcome your 
feedback. Please E-mail your comments regarding the contents or 
accessibility features of this document to Webmaster@gao.gov. 

This is a work of the U.S. government and is not subject to copyright 
protection in the United States. It may be reproduced and distributed 
in its entirety without further permission from GAO. Because this work 
may contain copyrighted images or other material, permission from the 
copyright holder may be necessary if you wish to reproduce this 
material separately. 

Testimony: 

Before the Subcommittee on Oversight of Government Management, the 
Federal Workforce, and the District of Columbia, Committee on Homeland 
Security and Governmental Affairs, U.S. Senate: 

United States Government Accountability Office:
GAO: 

For Release on Delivery: 
Expected at 2:30 p.m. EST:
Thursday, September 30, 2010: 

Department of Homeland Security: 

Progress Made in Implementation and Transformation of Management 
Functions, but More Work Remains: 

Statement of Cathleen A. Berrick, Managing Director: 
Homeland Security and Justice Issues: 

GAO-10-911T: 

GAO Highlights: 

Highlights of GAO-10-911T, a testimony before the Subcommittee on 
Oversight of Government Management, the Federal Workforce, and the 
District of Columbia, Committee on Homeland Security and Governmental 
Affairs, U.S. Senate. 

Why GAO Did This Study: 

Since 2003, GAO has designated implementing and transforming the 
Department of Homeland Security (DHS) as high risk because DHS had to 
transform 22 agencies—-several with significant management challenges—-
into one department, and failure to effectively address its mission 
and management risks could have serious consequences for national and 
economic security. This high-risk area includes challenges in 
management functional areas, including acquisition, information 
technology, financial, and human capital management; the impact of 
those challenges on mission implementation; and management 
integration. GAO has reported that DHS’s transformation is a 
significant effort that will take years to achieve. This testimony 
discusses DHS’s progress and actions remaining in (1) implementing its 
management functions; (2) integrating those functions and 
strengthening performance measurement; and (3) addressing GAO’s high-
risk designation. This testimony is based on GAO’s prior reports on 
DHS transformation and management issues and updated information on 
these issues obtained from December 2009 through September 2010. 

What GAO Found: 

DHS has made progress in implementing its management functions, but 
additional actions are needed to strengthen DHS’s efforts in these 
areas. 

* DHS has revised its acquisition management oversight policies, and 
its senior-level Acquisition Review Board reviewed 24 major 
acquisition programs in fiscal years 2008 and 2009. However, more than 
40 major programs had not been reviewed, and DHS does not yet have 
accurate cost estimates for most of its major programs. 

* DHS has undertaken efforts to establish information technology 
management controls and capabilities, but its progress has been uneven 
and major information technology programs, such as the SBInet virtual 
fence, have not met capability, benefit, cost, and schedule 
expectations. 

* DHS has developed corrective action plans to address its financial 
management weaknesses. However, DHS has been unable to obtain an 
unqualified audit opinion on its financial statements, and for fiscal 
year 2009, the independent auditor identified six material weaknesses 
in DHS’s internal controls. Further, DHS has not yet implemented a 
consolidated departmentwide financial management system. 

* DHS has issued plans for strategic human capital management and 
employee development. Further, its scores on the Partnership for 
Public Service’s 2010 rankings of Best Places to Work in the Federal 
Government improved from prior years, yet DHS was ranked 28 out of 32 
agencies on scores for employee satisfaction and commitment. 

DHS has also taken action to integrate its management functions by, 
for example, establishing common policies within management functions. 
The Implementing Recommendations of the 9/11 Commission Act of 2007 
required DHS to develop a strategy for management integration. In a 
2005 report GAO recommended that a management integration strategy 
contain priorities and goals. DHS developed an initial plan in 
February 2010 that identified seven initiatives for achieving 
management integration. While a step in the right direction, among 
other things, the plan lacked details on how the initiatives 
contributed to departmentwide management integration. DHS is working 
to enhance its management integration plan, which GAO will review as 
part of the 2011 high-risk update. DHS also has not yet developed 
performance measures to fully assess its progress in integrating 
management functions. 

Since GAO first designated DHS’s transformation as high risk, DHS has 
made progress in transforming into a fully functioning department. 
However, it has not yet fully addressed its transformation, 
management, and mission challenges, such as implementing effective 
management policies and deploying capabilities to secure the border 
and other sectors. In 2009 GAO reported that DHS had developed a 
strategy for managing its high-risk areas and corrective action plans 
to address its management challenges. While these documents identified 
some root causes and corrective actions, GAO reported that they could 
be improved by DHS identifying resources needed for implementing 
corrective actions and measures for assessing progress. 

What GAO Recommends: 

This testimony contains no new recommendations. GAO has made over 100 
recommendations to DHS since 2003 to strengthen its management and 
integration efforts. DHS has implemented many of these recommendations 
and is in the process of implementing others. 

View [hyperlink, http://www.gao.gov/products/GAO-10-911T] or key 
components. For more information, contact Cathleen A. Berrick at (202) 
512-3404 or berrickc@gao.gov. 

[End of section] 

Mr. Chairman and Members of the Subcommittee: 

I appreciate the opportunity to appear today to discuss the Department 
of Homeland Security's (DHS) efforts to transform its component 
agencies and integrate departmentwide management functions into a 
single, fully functioning department. DHS began operations in March 
2003 with missions that included preventing terrorist attacks from 
occurring within the United States, reducing the nation's 
vulnerability to terrorism, minimizing damages from attacks that 
occur, and helping the nation recover from any attacks. The creation 
of DHS represented one of the largest reorganizations and 
consolidations of government agencies, personnel, programs, and 
operations in recent history, initially bringing together 
approximately 180,000 employees from 22 originating agencies. More 
than 7 years later, DHS is now the third largest federal government 
department with more than 200,000 employees and an annual budget of 
more than $40 billion. DHS has taken a number of actions to transform 
its component agencies and integrate and strengthen its management 
functions into an effective cabinet-level department. In addition, DHS 
has issued various reports and strategic documents to guide the 
implementation of its mission and the integration and strengthening of 
its management functions, including a revised strategic plan, the 
Quadrennial Homeland Security Review Report, and the Bottom-Up Review 
Report.[Footnote 1] However, we have continued to report that more 
work remains to integrate and strengthen DHS's acquisition, 
information technology, financial, and human capital management 
functions to better support the department's ability to fulfill its 
various missions.[Footnote 2] 

In 2003, we designated the implementation and transformation of DHS as 
high risk because it represented an enormous and complex undertaking 
that would require time to achieve in an effective and efficient 
manner, and it has remained on our high-risk list since.[Footnote 3] 
We reported that the components that became part of DHS already faced 
a wide array of existing challenges, and any failure to effectively 
carry out the department's mission would expose the nation to 
potentially serious consequences. In designating the implementation 
and transformation of DHS as high risk, we noted that building an 
effective department would require consistent and sustained leadership 
from top management to ensure the transformation of disparate 
agencies, programs, and missions into an integrated organization, 
among other needs. Our prior work on mergers and acquisitions, 
undertaken before the creation of DHS, found that successful 
transformations of large organizations, even those faced with less 
strenuous reorganizations than DHS, can take years to achieve. 
[Footnote 4] We have made over 100 recommendations to DHS over the 
past 7 years to strengthen the department's transformation and its 
integration and implementation of management functions. DHS has 
implemented many of these recommendations and is in the process of 
implementing others. 

Within the DHS implementation and transformation high risk area, we 
identified as at risk the implementation of acquisition, information 
technology, financial management, and human capital management 
functions; the impact of weaknesses in those management functions on 
DHS's accomplishment of its missions, such as DHS's deficiencies in 
financial management hindering the department's ability to use 
reliable financial data to support day-to-day decision making; and the 
integration of management functions within and across the department. 
[Footnote 5] In November 2000, we published our criteria for removing 
any area from the high-risk list.[Footnote 6] Specifically, agencies 
must have (1) a demonstrated strong commitment and top leadership 
support to address the risks; (2) the capacity (that is, the people 
and other resources) to resolve the risks; (3) a corrective action 
plan that identifies the root causes, identifies effective solutions, 
and provides for substantially completing corrective measures near 
term, including but not limited to, steps necessary to implement 
solutions we recommended; (4) a program instituted to monitor and 
independently validate the effectiveness and sustainability of 
corrective measures; and (5) the ability to demonstrate progress in 
implementing corrective measures. 

My testimony today discusses DHS's progress and actions remaining in: 

* implementing its management functions in the areas of acquisition, 
information technology, financial, and human capital management; 

* integrating management functions within and across the department 
and strengthening the department's performance measures; and: 

* addressing our designation of DHS implementation and transformation 
as high risk. 

My statement is based on our January 2009 high-risk update and GAO 
reports on DHS's management areas, management integration, and 
performance measurement.[Footnote 7] In addition, we obtained updated 
information from DHS from December 2009 through September 2010 on its 
transformation and management integration efforts and its plans to 
revise its departmentwide performance measures through meetings and 
communication with DHS officials, including the former and current 
Under Secretary for Management and Deputy Under Secretary for 
Management. We also reviewed DHS's initial plan for management 
integration. We conducted our work in accordance with generally 
accepted government auditing standards. Those standards require that 
we plan and perform the audit to obtain sufficient, appropriate 
evidence to provide a reasonable basis for our findings and 
conclusions based on our audit objectives. We believe that the 
evidence obtained provides a reasonable basis for our findings based 
on our audit objectives. 

In summary, DHS has made progress in implementing its management 
functions, but additional actions are needed to strengthen DHS's 
efforts in these areas. For example, DHS has revised its oversight 
policies for acquisition and information technology management, 
developed corrective action plans to address financial management 
internal control weaknesses, and developed human capital plans for 
strategic human capital management and employee training and 
development. However, we identified challenges remaining in DHS's 
management areas. For example, while DHS reviewed 24 major acquisition 
programs through its Acquisition Review Board in fiscal years 2008 and 
2009, more than 40 major programs had not been reviewed, and DHS does 
not yet have accurate cost estimates for most of its major programs. 
[Footnote 8] While DHS has made progress in strengthening its 
enterprise architecture, the department has not yet adequately 
addressed how it determines that its information technology 
investments align with that architecture.[Footnote 9] DHS has also not 
yet implemented a consolidated departmentwide financial management 
system and, since its establishment, has been unable to obtain an 
unqualified audit opinion on its financial statements. DHS has also 
faced challenges in identifying and addressing barriers to equal 
employment opportunities and improving its foreign language 
capabilities. DHS has taken action to integrate its management 
functions by, for example, establishing common policies, procedures, 
and systems within individual management functions, such as human 
capital management. The Implementing Recommendations of the 9/11 
Commission Act of 2007 (9/11 Commission Act) required DHS to develop a 
strategy for management integration, and in a 2005 report GAO 
recommended that a management integration strategy contain such 
elements such as priorities and implementation goals.[Footnote 10] DHS 
developed an initial plan in February 2010 that identified seven 
initiatives for achieving management integration. While a step in the 
right direction, among other things, we noted that the plan lacked 
details on how the initiatives contributed to departmentwide 
management integration and linked to the department's overall strategy 
for transformation. DHS is revising the initial management integration 
plan and is working to enhance it to include a framework for 
strengthening acquisition management. We will review DHS's revised 
management integration plan as part of our 2011 high-risk update. In 
addition, since we first designated the implementation and 
transformation of DHS as high risk, the department has made progress 
in addressing the criteria GAO established in 2000 for removing 
agencies from the high-risk list. Specifically, DHS has developed a 
strategy for managing its high-risk area and corrective action plans 
to address challenges in each of its management areas. The strategy 
and plans addressed several of the high-risk criteria, such as 
identifying some of the root causes of problems and corrective actions 
to address the causes, but did not address other elements, such as the 
resources needed to implement corrective actions and measures to 
assess implementation efforts. 

In order to address the high-risk designation, DHS needs to meet our 
five high-risk criteria and, within the context of these criteria, 
address specific actions and outcomes within its management areas and 
management integration and demonstrate measurable, sustainable 
progress in implementing those actions. These actions and outcomes 
include validating required acquisition documents at each major 
milestone in the acquisition review process, implementing information 
technology investment management practices that have been 
independently assessed as having satisfied the capabilities associated 
with stage three of our Information Technology Investment Management 
Framework, and linking workforce planning efforts to strategic and 
program-specific planning efforts to identify current and future human 
capital needs, among others.[Footnote 11] 

DHS Has Made Progress in Implementing Its Management Functions, but 
Additional Actions Are Needed to Strengthen These Functions: 

DHS has made progress in implementing its acquisition, information 
technology, financial, and human capital management functions, but 
continues to face obstacles and weaknesses in these functions that 
could hinder the department's transformation and implementation 
efforts. For example, DHS has faced challenges in implementing 
acquisition management controls, a consolidated financial management 
system, and a strategic human capital plan, among other things. As DHS 
continues to mature as an organization, it will be important that the 
department continue to work to strengthen its management functions 
since the effectiveness of these functions affects its ability to 
fulfill its homeland security and other missions. 

Acquisition management. While DHS has made recent progress in 
clarifying acquisition oversight processes, it continues to face 
obstacles in managing its acquisitions and ensuring proper 
implementation and departmentwide coordination. We previously reported 
that DHS faced challenges in acquisition management related to 
acquisition oversight, cost growth, and schedule delays.[Footnote 12] 
In June 2010, we reported that DHS continued to develop its 
acquisition oversight function and had begun to implement a revised 
acquisition management directive that includes more detailed guidance 
for programs to use when informing component and departmental decision 
making.[Footnote 13] We also reported that the senior-level 
Acquisition Review Board had begun to meet more frequently and 
provided programs decision memorandums with action items to improve 
performance. However, while the Acquisition Review Board reviewed 24 
major acquisition programs in fiscal years 2008 and 2009, more than 40 
major acquisition programs had not been reviewed, and programs had not 
consistently implemented review action items identified as part of the 
review by established deadlines. DHS acquisition oversight officials 
raised concerns about the accuracy of cost estimates for some of its 
major programs, making it difficult to assess the significance of the 
cost growth we identified. In addition, over half of the programs we 
reviewed awarded contracts to initiate acquisition activities without 
component or department approval of documents essential to planning 
acquisitions, setting operational requirements, and establishing 
acquisition program baselines. Programs also experienced other 
acquisition planning challenges, such as staffing shortages and lack 
of sustainment. For example, we reported that the U.S. Visitor and 
Immigrant Status Indicator Technology (US-VISIT) did not sufficiently 
define what capabilities and benefits would be delivered, by when, and 
at what cost, which contributed to development and deployment delays. 
In addition, we reported that three Coast Guard programs we reviewed-- 
Maritime Patrol Aircraft, Response Boat-Medium, and Sentinel--reported 
placing orders for or receiving significant numbers of units prior to 
completing testing to demonstrate that what the programs were buying 
met Coast Guard needs. Our prior work has found that resolution of 
problems discovered during testing can sometimes require costly 
redesign or rework.[Footnote 14] 

We have made a number of recommendations to DHS to strengthen its 
acquisition management functions, such as (1) reinstating the Joint 
Requirements Council--the department's requirements review body--or 
establishing another departmental joint requirements oversight board 
to review and approve acquisition requirements and assess potential 
duplication of effort; (2) ensuring that budget decisions are informed 
by the results of investment reviews; (3) identifying and aligning 
sufficient management resources to implement oversight reviews 
throughout the investment life cycle; and (4) ensuring major 
investments comply with established component and departmental review 
policy standards. DHS generally concurred with these recommendations 
and reported taking action to begin to address some of them, including 
developing the Next Generation Periodic Reporting System to capture 
and track key program information, and monitoring cost and schedule 
performance, contract awards and program risks. 

Based on our work on DHS's acquisition management, we have identified 
specific actions and outcomes that we believe the department needs to 
achieve to address its acquisition management challenges. We believe 
that these actions and outcomes are critical to addressing the 
underlying root causes that have resulted in the high-risk 
designation. In particular, DHS should demonstrate and sustain 
effective execution of a knowledge-based acquisition process for new 
and legacy acquisition programs by, among other things, (1) validating 
required acquisition documents in a timely manner at each major 
milestone; (2) establishing and operating a Joint Requirements 
Council, or a similar body, to review and validate acquisition 
programs' requirements; (3) ensuring sufficient numbers of trained 
acquisition personnel at the department and component levels; and (4) 
establishing and demonstrating measurable progress in achieving goals 
that improve acquisition programs' compliance with departmental 
policies. 

Information technology management. DHS has undertaken efforts to 
establish information technology management controls and capabilities, 
but in September 2009 we reported that DHS had made uneven progress in 
its information technology management efforts to institutionalize a 
framework of interrelated management controls and capabilities. 
[Footnote 15] For example, DHS had continued to issue annual updates 
to its enterprise architecture that added previously missing scope and 
depth, and further improvements were planned to incorporate the level 
of content, referred to as segment architectures, needed to 
effectively introduce new systems and modify existing ones. Also, we 
reported that DHS had redefined its acquisition and investment 
management policies, practices, and structures, including establishing 
a system life cycle management methodology, and it had increased its 
acquisition workforce.[Footnote 16] Nevertheless, challenges remain 
relative to, for example, implementing the department's plan for 
strengthening its information technology human capital and fully 
defining key system investment and acquisition management policies and 
procedures for information technology. Moreover, the extent to which 
DHS had actually implemented these investment and acquisition 
management policies and practices on major information technology 
programs had been inconsistent. For example, our work showed that 
major information technology acquisition programs had not been 
subjected to executive-level acquisition and investment management 
reviews. As a result, we reported that major information technology 
programs aimed at delivering important mission capabilities, such as 
the Rescue 21 search and rescue system and the Secure Border 
Initiative Network (SBInet) virtual border fence, had not lived up to 
their capability, benefit, cost, and schedule expectations because of, 
for example, deficiencies in development and testing, and lack of risk 
management processes and key practices for developing reliable cost 
and schedule estimates.[Footnote 17] We have made a range of 
recommendations to strengthen DHS information technology management, 
such as establishing procedures for implementing project-specific 
investment management policies, and policies and procedures for 
portfolio-based investment management. We reported that while DHS and 
its components have made progress, more needs to be done before DHS 
can ensure that all system acquisitions are managed with the necessary 
rigor and discipline. 

Based on our work, we have identified actions and outcomes that we 
believe would help the department address challenges in information 
technology management that have contributed to our designation of DHS 
implementation and transformation as high risk. For example, DHS 
should, among other things, demonstrate measurable progress in 
implementing its information technology human capital plan and 
accomplishing defined outcomes, including ensuring that each system 
acquisition program office is sufficiently staffed. DHS should also 
establish and implement information technology investment management 
practices that have been independently assessed as having satisfied 
the capabilities associated with stage three of our Information 
Technology Investment Management Framework.[Footnote 18] In addition, 
the department should establish enhanced security of the department's 
internal information technology systems and networks. 

Financial management. DHS has made progress in addressing its 
financial management and internal controls weaknesses, but has not yet 
addressed all of them or developed a consolidated departmentwide 
financial management system. Since its establishment, DHS has been 
unable to obtain an unqualified audit opinion on its financial 
statements (i.e., prepare a set of financial statements that are 
considered reliable). For fiscal year 2009, the independent auditor 
issued a disclaimer on DHS's financial statements and identified eight 
deficiencies in DHS's internal control over financial reporting, six 
of which were so significant that they qualified as material 
weaknesses.[Footnote 19] Until these weaknesses are resolved, DHS will 
not be in position to provide reliable, timely, and useful financial 
data to support day-to-day decision making. DHS has taken steps to 
prepare and implement corrective action plans for its internal control 
weaknesses through the Internal Control Playbook, DHS's annual plan to 
design and implement departmentwide internal controls. 

In addition, in June 2007 and December 2009 we reported on DHS's 
progress in developing a consolidated financial management system, 
called the Transformation and Systems Consolidation (TASC) program, 
and made a number of recommendations to help DHS address challenges 
affecting the departmentwide financial management integration. 
[Footnote 20] In June 2007, we reported that DHS had made limited 
progress in integrating its existing financial management systems, and 
we made six recommendations focused on the need for DHS to define a 
departmentwide strategy and embrace disciplined processes necessary to 
properly manage the specific projects.[Footnote 21] We followed up on 
these recommendation in our December 2009 report and found that DHS 
had begun to take actions to implement four of our six 2007 
recommendations but had not yet fully implemented any of them. 
Specifically, DHS had made progress in (1) defining its financial 
management strategy and plan, (2) developing a comprehensive concept 
of operations, (3) incorporating disciplined processes, and (4) 
implementing key human capital practices and plans for such a systems 
implementation effort. However, DHS had not yet taken the necessary 
actions to standardize and reengineer business processes across the 
department, including applicable internal controls, and to develop 
detailed consolidation and migration plans. While some of the details 
of the department's standardization of business processes and 
migration plans depend on the selected new financial management 
system, DHS would benefit from performing a gap analysis and 
identifying all of its affected current business processes so that DHS 
can analyze how closely the proposed system will meet the department's 
needs. In addition, we reported that DHS's reliance on contractors to 
define and implement the new financial management system, without the 
necessary oversight mechanisms to ensure that the processes were 
properly defined and effectively implemented, could result in system 
efforts plagued with serious performance and management problems. We 
reported that these issues placed DHS at risk for implementing a 
financial management system that does not meet cost, schedule, and 
performance goals. We recommended that DHS establish contractor 
oversight mechanisms to monitor the TASC program; expedite the 
completion of the development of the TASC financial management 
strategy and plan so that the department is well positioned to move 
forward with an integrated solution; and develop a human capital plan 
for the TASC program that identifies needed skills for the acquisition 
and implementation of the new system. DHS agreed with our 
recommendations and described actions it had taken and planned to take 
to address them, noting, for example, the importance of being vigilant 
in its oversight of the program. 

Based on our work on DHS's financial management we have identified 
specific actions and outcomes that we believe the department needs to 
address to resolve its financial management challenges. Among other 
things, DHS should develop and implement a corrective action plan with 
specific milestones and accountable officials to address the 
weaknesses in systems, internal control, and business processes that 
impede the department's ability to integrate and transform its 
financial management. DHS should also sustain clean opinions on its 
departmentwide financial statements, adhere to financial system 
requirements in accordance with the Federal Financial Management 
Improvement Act of 1996,[Footnote 22] and have independent auditors 
report annually on compliance with the act. [Footnote 23] In addition, 
DHS should establish contractor oversight mechanisms to monitor the 
contractor selected to implement TASC and successfully deploy TASC to 
the majority of DHS's components, such as the Coast Guard, the Federal 
Emergency Management Agency, and the Transportation Security 
Administration. 

Human capital management. DHS has issued various strategies and plans 
for its human capital activities and functions, such as a human 
capital strategic plan for fiscal years 2009-2013 that identifies four 
strategic goals for the department related to talent acquisition and 
retention; diversity; employee learning and development; and policies, 
programs, and practices.[Footnote 24] DHS is planning to issue an 
updated strategic human capital plan in the coming months. While these 
initiatives are promising, DHS has faced challenges in implementing 
its human capital functions. For example, our prior work suggests that 
successful organizations empower and involve their employees to gain 
insights about operations from a frontline perspective, increase their 
understanding and acceptance of organizational goals and objectives, 
and improve motivation and morale.[Footnote 25] DHS's scores on the 
2008 Office of Personnel Management's Federal Human Capital Survey--a 
tool that measures employees' perceptions of whether and to what 
extent conditions characterizing successful organizations are present 
in their agency--and the Partnership for Public Service's 2010 
rankings of the Best Places to Work in the Federal Government improved 
from prior years. However, in the 2008 survey, DHS's percentage of 
positive responses was 52 percent for the leadership and knowledge 
management index, 46 percent for the results-oriented performance 
culture index, 53 percent for the talent management index, and 63 
percent for the job satisfaction index.[Footnote 26] In addition, in 
2010, DHS was ranked 28 out of 32 agencies in the Best Places to Work 
ranking on overall scores for employee satisfaction and commitment. 
[Footnote 27] 

In addition, our prior work has identified several workforce barriers 
to achieving equal employment opportunities and the identification of 
foreign language needs and capabilities at DHS. In August 2009 we 
reported that DHS had developed a diversity council, among other 
initiatives, but that DHS had generally relied on workforce data and 
had not regularly included employee input from available sources to 
identify triggers to barriers to equal employment opportunities, such 
as promotion and separation rates.[Footnote 28] We also reported that, 
according to DHS, it had created planned activities to address these 
barriers, but modified target completion dates by up to 21 months and 
had not completed any planned activities due to staffing shortages. In 
June 2010 we reported on DHS's foreign language capabilities, noting 
that DHS has taken limited actions to assess its foreign language 
needs and existing capabilities and to identify potential shortfalls. 
[Footnote 29] Assessing hiring needs is crucial in achieving a range 
of component and departmentwide missions. As just one example, 
employees with documented proficiency in a variety of languages can 
contribute to U.S. Immigration and Customs Enforcement's intelligence 
and direct law enforcement operations, but staff with these 
capabilities are not systematically identified. 

We have made several recommendations to help DHS address weaknesses 
concerning equal employment opportunity and assessments of foreign 
language needs and capabilities within human capital management. For 
example, we recommended that DHS identify timelines and critical 
phases along with interim milestones as well as incorporate employee 
input in identifying potential barriers to equal employment 
opportunities. DHS concurred with our recommendations and reported 
taking action to address them, such as revising plans to identify 
steps and milestones for departmental activities to address barriers 
to equal employment opportunities, and developing a strategy for 
obtaining departmentwide employee input. We also recommended that DHS 
comprehensively assess its foreign language needs and capabilities and 
identify potential shortfalls. DHS concurred with our recommendations 
and reported taking actions to address them, such as developing a task 
force consisting of DHS components and offices that have language 
needs in order to identify requirements and assess the necessary 
skills. 

Based on our work on human capital management at the department, we 
have identified various actions and outcomes for DHS to achieve to 
address those human capital management challenges that have 
contributed to our designation of DHS implementation and 
transformation as high risk. The department should, among other 
things, develop and implement a results-oriented strategic human 
capital plan that identifies the department's goals, objectives, and 
performance measures for strategic human capital management and that 
is linked to the department's overall strategic plan. DHS also needs 
to link workforce planning efforts to strategic and program-specific 
planning efforts to identify current and future human capital needs, 
and improve DHS's scores on the Federal Employee Viewpoint Survey. 
[Footnote 30] In addition, DHS should develop and implement mechanisms 
to assess and provide opportunities for employee education and 
training, and develop and implement a recruiting and hiring strategy 
that is targeted to fill specific needs. 

DHS Has Taken Action to Integrate Its Management Functions and Develop 
Performance Measures, but Could Strengthen Its Integration and 
Performance Measurement Efforts: 

DHS has taken actions to integrate its management functions and to 
strengthen its performance measures to assess progress in implementing 
these functions, but the department has faced challenges in these 
efforts. We have reported that while it is important that DHS continue 
to work to implement and strengthen its management functions, it is 
equally important that DHS address management integration and 
performance measurement from a comprehensive, departmentwide 
perspective to help ensure that the department has the structure, 
processes, and accountability mechanisms in place to effectively 
monitor the progress made to address the threats and vulnerabilities 
that face the nation.[Footnote 31] Management integration and 
performance measurement are critical to the successful implementation 
and transformation of the department. 

Management integration. DHS has put in place common policies, 
procedures, and systems within individual management functions, such 
as human capital, that help to vertically integrate its component 
agencies.[Footnote 32] However, DHS has placed less emphasis on 
integrating horizontally, and bringing together its management 
functions across the department through consolidated management 
processes and systems.[Footnote 33] In November 2009, we reported that 
DHS had not yet developed a strategy for management integration as 
required by the 9/11 Commission Act and with the characteristics we 
recommended in our 2005 report.[Footnote 34] Specifically, we 
recommended that the strategy (1) look across the initiatives within 
each of the management functional units, (2) clearly identify the 
critical links that must occur among these initiatives, (3) identify 
tradeoffs and set priorities, (4) set implementation goals and a time 
line to monitor the progress of these initiatives to ensure the 
necessary links occur when needed, and (5) identify potential 
efficiencies, and ensure that they are achieved. In the absence of a 
management integration strategy, DHS officials stated that documents 
such as management directives and strategic plans addressed aspects of 
a management integration strategy and could help the department to 
manage its integration efforts. However, we reported that without a 
documented management integration strategy, it was difficult for DHS, 
Congress, and other key stakeholders to understand and monitor the 
critical linkages and prioritization among these various efforts. We 
also reported that while DHS increased the number of performance 
measures for its Management Directorate, it had not yet established 
measures for assessing management integration across the department. 
We reported that without these measures DHS could not assess its 
progress in implementing and achieving management integration. We 
recommended that once a management integration strategy was developed, 
DHS establish performance measures for assessing management 
integration. DHS stated that the department was taking actions to 
address our recommendation. 

Since our November 2009 report, DHS has taken action to develop a 
management integration strategy. Specifically, DHS developed and 
provided us with an initial management integration plan in February 
2010. The initial plan identified seven priority initiatives for 
achieving management integration: 

* Enterprise governance. A governance model that would allow DHS to 
implement mechanisms for integrated management of DHS programs as 
parts of broader portfolios of related activities. 

* Balanced workforce strategy. Workforce planning efforts to identify 
the proper balance of federal employees and private labor resources to 
achieve the department's mission. 

* TASC. DHS initiative to consolidate financial, acquisition, and 
asset management systems, establish a single line of accounting, and 
standardize business processes. 

* DHS headquarters consolidation. The collocation of the department by 
combining existing department and component leases and building out 
St. Elizabeths campus in Washington, D.C. 

* Human resources information technology. Initiative to consolidate, 
replace, and modernize existing departmental and component payroll and 
personnel systems. 

* Data center migration. Initiative to move DHS component agencies' 
data systems from the agencies' multiple existing data centers to two 
DHS consolidated centers. 

* Homeland Security Presidential Directive 12 personal identification 
verification cards deployment. Provision of cards to DHS employees and 
contractors for use to access secure facilities, communications, and 
data. 

This initial management integration plan contained individual action 
plans for each of the seven initiatives. In March 2010, we met with 
DHS officials and provided oral and written feedback on the initial 
plan. We noted that, for example: 

* the action plans lacked details on how the seven initiatives 
contribute to departmentwide management integration and links to the 
department's overall strategy for transformation; 

* the performance measures contained in the plans did not identify 
units of measure, baseline measurements, or target metrics that would 
be used to measure progress; 

* the impediments and barriers described in the plans did not align 
with identified risks and the strategies for addressing these 
impediments and barriers; and: 

* the plans did not identify planned resources for carrying out these 
initiatives. 

DHS officials told us the department is working to enhance its initial 
management integration plan to include a framework for strengthening 
the department's acquisition management. We plan to review the changes 
DHS is making to the initial management integration plan as part of 
our work for the 2011 high-risk update. 

Based on our work and recommendations on management integration, we 
have identified specific actions and outcomes for DHS that we believe 
will help the department address those management integration 
challenges that contributed to our designation of DHS implementation 
and transformation as high risk. Specifically, we believe that 
addressing these actions and outcomes within the individual management 
functional areas of acquisition, information technology, financial, 
and human capital management would help DHS to integrate those 
functions. For example, to successfully implement the TASC program, 
the Chief Financial Officer would need to work with the Chief 
Procurement Officer to establish effective mechanisms for overseeing 
the contractor selected to implement the TASC program; the Chief 
Information Officer to ensure that data conversions and system 
interfaces occur when required; and the Chief Human Capital Officer to 
ensure that relevant personnel at the department and component levels 
are trained on use of the TASC program once the system is implemented. 
In addition, DHS should revise its strategy for management integration 
to address the characteristics for such a strategy that we recommended 
in 2005. 

Performance measurement. DHS has not yet fully developed performance 
measures or put into place structures and processes to help ensure 
that the agency is managing for results. Performance measurement 
underpins DHS's efforts to assess progress in strengthening programs 
and operations and in implementing corrective actions to integrate and 
strengthen management functions. DHS has developed performance goals 
and measures for its programs and reports on these goals and measures 
in its Annual Performance Report. However, DHS's offices and 
components have not yet developed outcome-based performance measures 
to monitor, assess, and independently evaluate the effectiveness of 
their plans and performance.[Footnote 35] We have reported that the 
lack of outcome goals and measures hinders the department's ability to 
effectively assess the results of program efforts and whether the 
department is using its resources efficiently.[Footnote 36] 

Over the past 2 years, we have worked with DHS to provide feedback on 
the department's Government Performance and Results Act (GPRA) 
performance goals and measures through meetings with officials from 
the department and its offices and components.[Footnote 37] Our 
feedback has ranged from pointing out components' limited use of 
outcome-oriented performance measures to assess the results or 
effectiveness of programs to raising questions about the steps taken 
by DHS or its components to ensure the reliability and verification of 
performance data. In response to this feedback and its own internal 
review efforts, DHS took action to develop and revise its GPRA 
performance goals and measures for some areas in an effort to 
strengthen its ability to assess its outcomes and progress in key 
management and mission areas. For example, from fiscal year 2008 to 
2009, DHS reported adding 58 new measures, retiring 18 measures, and 
making description improvements to 67 existing performance measures. 
From fiscal year 2009 to 2010, DHS reported adding 32 new performance 
measures, retiring 24 measures, and making description improvements to 
37 existing performance measures. DHS is continuing to work on 
developing and revising its performance measures to improve its focus 
on assessing results and outcomes and to align its measures to the 
goals and objectives established by the Quadrennial Homeland Security 
Review. In August and September 2010, we provided feedback on the 
department's proposals for outcome-oriented performance measures 
aligned with the Quadrennial Homeland Security Review's goals and 
objectives. We look forward to continuing working with the department 
to provide feedback to help strengthen its ability to assess the 
outcomes of its efforts. 

DHS Has Taken Actions to Transform into an Integrated Department, but 
Has Not Yet Fully Addressed Its Transformation Challenges: 

Since we first designated the implementation and transformation of DHS 
as high risk in 2003, the department has made progress in its 
transformation efforts in relation to the five criteria we established 
in November 2000 for removing agencies from the high-risk list, but 
has not yet fully addressed its transformation, management, and 
mission challenges, such as implementing effective management policies 
and deploying capabilities to secure the border and other sectors. In 
January 2009, we reported that DHS had developed its Integrated 
Strategy for High Risk Management outlining the department's overall 
approach for managing its high-risk areas and the department's 
processes for assessing risks and proposing initiatives and corrective 
actions to address its risks and challenges.[Footnote 38] We also 
reported that DHS had developed corrective action plans to address 
challenges in the areas of acquisition, financial, human capital, and 
information technology management. The corrective action plans 
addressed some, but not all, of the factors we consider in determining 
whether agencies can be removed from our high-risk list. Specifically, 
the strategy and corrective action plans identified senior officials 
with the responsibility for managing DHS's transformation high-risk 
area and for implementing the corrective action plans. The strategy 
and plans defined some root causes for problems within management 
areas, identified initiatives and corrective actions to address the 
causes, and established milestones for completing initiatives and 
actions, though we noted that these elements could have been better 
defined to, for example, more clearly address the management 
challenges we have identified. The strategy also included a framework 
for DHS to monitor the implementation of its corrective action plans 
primarily through various departmentwide committees: 

However, we reported that the strategy and corrective action plans did 
not contain measures to gauge the department's progress and 
performance in implementing corrective actions, or identify the 
resources needed by DHS for carrying out the corrective actions 
identified. The strategy and corrective actions plans consistently 
cited limited resources as a challenge or constraint in implementing 
corrective actions. Further, we reported that required elements in the 
strategy and corrective action plans could be strengthened or 
clarified, including linking initiatives and corrective actions in the 
corrective action plans to root causes and milestones. In addition, we 
reported that while DHS had developed a framework for monitoring 
progress, the department had just begun to implement its corrective 
action plans. We recommended that for DHS to successfully transform 
into a more effective organization, it needed to (1) revise its 
Integrated Strategy for High Risk Management and related corrective 
action plans to better define root causes, include resources required 
to implement corrective actions, and identify key performance measures 
to gauge progress; and (2) continue to identify, refine, and implement 
corrective actions to improve management functions and address 
challenges. We have identified and communicated to DHS specific 
actions and outcomes that we believe the department needs to address 
within each of its management areas and for management integration. We 
believe that these actions and outcomes will help DHS address our high-
risk criteria by, among other things, identifying root causes for 
problems within each management area, developing and implementing 
corrective actions to address those root causes, and demonstrating 
measurable, sustainable progress in implementing the correction 
actions. 

Since our 2009 high-risk update, DHS has taken actions to address the 
high-risk designation. For example, DHS and GAO have held regular, 
joint meetings, including periodic meetings that also involve Office 
of Management and Budget officials, to discuss the department's 
progress in addressing the high risk designation and its overall 
transformation efforts. DHS and GAO have also discussed the 
department's planned revisions to its Integrated Strategy for High 
Risk Management and corrective action plans for its management areas. 
However, as of September 2010, DHS has not yet provided us with an 
updated strategy or corrective actions plans to address the high-risk 
designation, as promised. DHS officials told us that the department is 
currently revising its strategy and will provide us with the updated 
strategy in the coming months. We will continue to assess DHS's 
implementation and transformation efforts, including any updated 
strategy and corrective action plans, as part of our work for the 2011 
high-risk update, which we plan to issue in January 2011. 

This concludes my prepared testimony. I would be happy to respond to 
any questions that members of the Subcommittee may have. 

Contacts and Acknowledgments: 

For questions regarding this testimony, please contact Cathleen A. 
Berrick, Managing Director, Homeland Security and Justice at (202) 512-
3404 or berrickc@gao.gov, or David C. Maurer, Director, Homeland 
Security and Justice at (202) 512-9627 or maurerd@gao.gov. Contact 
points for our Offices of Congressional Relations and Public Affairs 
may be found on the last page of this testimony. Other key 
contributors to this statement were Rebecca Gambler, Assistant 
Director; Minty Abraham; Labony Chakraborty; Tara Jayant; Thomas 
Lombardi; Emily Suarez-Harris; and Juan Tapia-Videla. 

[End of section] 

Related GAO Products: 

Department of Homeland Security: Assessments of Selected Complex 
Acquisitions, [hyperlink, http://www.gao.gov/products/GAO-10-588SP] 
(Washington, D.C.: June 30, 2010). 

Department of Homeland Security: DHS Needs to Comprehensively Assess 
Its Foreign Language Needs and Capabilities and Identify Shortfalls, 
[hyperlink, http://www.gao.gov/products/GAO-10-714] (Washington, D.C.: 
June 22, 2010). 

Department of Homeland Security: A Comprehensive Strategy Is Still 
Needed to Achieve Management Integration Departmentwide, [hyperlink, 
http://www.gao.gov/products/GAO-10-318T] (Washington, D.C.: Dec. 15, 
2009). 

Financial Management Systems: DHS Faces Challenges to Successfully 
Consolidating Its Existing Disparate Systems, [hyperlink, 
http://www.gao.gov/products/GAO-10-76] (Washington, D.C.: December 4, 
2009). 

Department of Homeland Security: Actions Taken Toward Management 
Integration, but a Comprehensive Strategy Is Still Needed, [hyperlink, 
http://www.gao.gov/products/GAO-10-131] (Washington, D.C.: November 
20, 2009). 

Homeland Security: Despite Progress, DHS Continues to Be Challenge in 
Managing Its Multi-Billion Dollar Investment and Large-Scale 
Information Technology Systems, [hyperlink, 
http://www.gao.gov/products/GAO-09-1002T] (Washington, D.C.: September 
15, 2009). 

Equal Opportunity Employment: DHS Has Opportunities to Better Identify 
and Address Barriers to EEO in Its Workforce, [hyperlink, 
http://www.gao.gov/products/GAO-09-639] (Washington, D.C.: August 31, 
2009). 

High-Risk Series: An Update, [hyperlink, 
http://www.gao.gov/products/GAO-09-271] (Washington, D.C.: January 
2009). 

Department of Homeland Security: Progress Made in Implementation of 
Management Functions, but More Work Remains, [hyperlink, 
http://www.gao.gov/products/GAO-08-646T] (Washington, D.C.: April 9, 
2008). 

Department of Homeland Security: Progress Report on Implementation of 
Mission and Management Functions, [hyperlink, 
http://www.gao.gov/products/GAO-07-454] (Washington, D.C.: August 17, 
2007). 

Homeland Security: Departmentwide Integrated Financial Management 
Systems Remain a Challenge, [hyperlink, 
http://www.gao.gov/products/GAO-07-536] (Washington, D.C.: June 21, 
2007). 

Department of Homeland Security: A Comprehensive and Sustained 
Approach Needed to Achieve Management Integration, [hyperlink, 
http://www.gao.gov/products/GAO-05-139] (Washington, D.C.: March 16, 
2005). 

Results-Oriented Cultures: Implementation Steps to Assist Mergers and 
Organizational Transformations, [hyperlink, 
http://www.gao.gov/products/GAO-03-669] (Washington, D.C.: July 2, 
2003). 

Determining Performance and Accountability Challenges and High Risks, 
[hyperlink, http://www.gao.gov/products/GAO-01-159SP] (Washington, 
D.C. November 2000). 

[End of section] 

Footnotes: 

[1] Department of Homeland Security, One Team, One Mission, Securing 
Our Homeland: U.S. Department of Homeland Security Strategic Plan, 
Fiscal Years 2008-2013 (Washington, D.C.); Department of Homeland 
Security, Quadrennial Homeland Security Review Report: A Strategic 
Framework for a Secure Homeland (Washington, D.C., February 2010); and 
Department of Homeland Security, Bottom-Up Review Report (Washington, 
D.C., July 2010). We are currently assessing DHS's Quadrennial 
Homeland Security Review and will report on the results of that work 
later this year. 

[2] GAO, Department of Homeland Security: Progress Made in 
Implementation of Management Functions, but More Work Remains, 
[hyperlink, http://www.gao.gov/products/GAO-08-646T] (Washington, 
D.C.: Apr. 9, 2008). 

[3] We have identified six high-risk areas involving DHS that need 
broad-based transformation to address major economy, efficiency, or 
effectiveness challenges. Among the six areas that we have designated 
as high risk, there are four in which DHS has primary responsibility: 
(1) Implementing and Transforming the Department of Homeland Security; 
(2) the National Flood Insurance Program; (3) Protecting the Federal 
Government's Information Systems and the Nation's Critical 
Infrastructure; and (4) Establishing Effective Mechanisms for Sharing 
Terrorism-Related Information to Protect the Homeland. The other two 
areas, Strategic Human Capital Management and Managing Federal Real 
Property, are governmentwide areas for which DHS does not have overall 
leadership responsibilities. GAO High-Risk Series: An Update, 
[hyperlink, http://www.gao.gov/products/GAO-09-271] (Washington, D.C.: 
Jan. 2009); High-Risk Series: An Update, [hyperlink, 
http://www.gao.gov/products/GAO-07-310] (Washington, D.C.: Jan. 2007); 
High-Risk Series: An Update, [hyperlink, 
http://www.gao.gov/products/GAO-05-207] (Washington, D.C.: Jan. 2005); 
and High-Risk Series: An Update, [hyperlink, 
http://www.gao.gov/products/GAO-03-119] (Washington, D.C.: Jan. 2003). 

[4] [hyperlink, http://www.gao.gov/products/GAO-08-646T]. 

[5] We define management integration as the development of consistent 
and consolidated processes, systems, and people--in areas such as 
information technology, financial management, procurement, and human 
capital--as well as in its security and administrative services, for 
greater efficiency and effectiveness. 

[6] [hyperlink, http://www.gao.gov/products/GAO-09-271] and GAO, 
Determining Performance and Accountability Challenges and High Risks, 
[hyperlink, http://www.gao.gov/products/GAO-01-159SP] (Washington, 
D.C.: November 2000). 

[7] [hyperlink, http://www.gao.gov/products/GAO-09-271]. See also the 
related GAO products list at the end of this statement. 

[8] The Acquisition Review Board reviews DHS acquisitions for 
executable business strategy, resources, management, accountability, 
and alignment to strategic initiatives. It also approves acquisitions 
to proceed to their next acquisition lifecycle phases upon 
satisfaction of applicable criteria. 

[9] An enterprise architecture is a departmentwide operational and 
technological blueprint to guide and constrain acquisitions. 

[10] See Pub. L. No. 110-53, § 2405(a)(3), 121 Stat. 266, 548 ( 2007) 
(codified at 6 U.S.C. § 341(a)(9), and GAO, Department of Homeland 
Security: A Comprehensive and Sustained Approach Needed to Achieve 
Management Integration, [hyperlink, 
http://www.gao.gov/products/GAO-05-139] (Washington, D.C.: Mar. 16, 
2005). 

[11] GAO, Homeland Security: Despite Progress, DHS Continues to Be 
Challenged in Managing Its Multi-Billion Dollar Annual Investment in 
Large-Scale Information Technology Systems, [hyperlink, 
http://www.gao.gov/products/GAO-09-1002T] (Washington, D.C.: Sept. 15, 
2009); and Information Technology Investment Management: A Framework 
for Assessing and Improving Process Maturity, version 1.1, [hyperlink, 
http://www.gao.gov/products/GAO-04-394G] (Washington, D.C.: March 
2004). GAO's Information Technology Investment Management Framework 
provides a method for evaluating and assessing an organization's 
institutional capacity for selecting and managing its information 
technology investments. At maturity stage three of this framework, 
organizations have in place capabilities that assist in establishing 
selection, control, and evaluation structures, policies, procedures, 
and practices that are required by the investment management 
provisions of the Clinger-Cohen Act of 1996. 

[12] GAO, Department of Homeland Security: Billions Invested in Major 
Programs Lack Appropriate Oversight, [hyperlink, 
http://www.gao.gov/products/GAO-09-29] (Washington, D.C.: Nov. 18, 
2008), and Department of Homeland Security: Better Planning and 
Assessment Needed to Improve Outcomes for Complex Service 
Acquisitions, [hyperlink, http://www.gao.gov/products/GAO-08-263] 
(Washington, D.C.: Apr. 22, 2008). 

[13] GAO, Department of Homeland Security: Assessments of Selected 
Complex Acquisitions, [hyperlink, 
http://www.gao.gov/products/GAO-10-588SP] (Washington, D.C.: June 30, 
2010). 

[14] See, for example, GAO, Best Practices: High Levels of Knowledge 
at Key Points Differentiate Commercial Shipbuilding from Navy 
Shipbuilding, [hyperlink, http://www.gao.gov/products/GAO-09-322] 
(Washington, D.C.: May 13, 2009); Joint Strike Fighter: Significant 
Challenges and Decisions Ahead, [hyperlink, 
http://www.gao.gov/products/GAO-10-478T] (Washington, D.C.: Mar. 24, 
2010); and Uncertainties Remain Concerning the Airborne Laser's Cost 
and Military Utility, [hyperlink, 
http://www.gao.gov/products/GAO-04-643R] (Washington, D.C.: May 17, 
2004); and [hyperlink, http://www.gao.gov/products/GAO-10-588SP]. 

[15] [hyperlink, http://www.gao.gov/products/GAO-09-1002T]. 

[16] A system life cycle management process normally begins with 
initial concept development and continues through requirements 
definition to design, development, various phases of testing, 
implementation, and maintenance. 

[17] Rescue 21 is a Coast Guard program to modernize a 30-year-old 
search and rescue communications system used for missions 20 miles or 
less from shore, referred to as the National Distress and Response 
System. SBInet is the technology component of a U.S. Customs and 
Border Protection program known as the Secure Border Initiative, which 
is to help secure the nation's borders and reduce illegal immigration 
through physical infrastructure (e.g., fencing), surveillance systems, 
and command, control, communications, and intelligence technologies. 

[18] [hyperlink, http://www.gao.gov/products/GAO-09-1002T] and 
[hyperlink, http://www.gao.gov/products/GAO-04-394G]. 

[19] A material weakness is a significant deficiency, or a combination 
of significant deficiencies, that result in more than a remote 
likelihood that a material misstatement of the financial statements 
will not be prevented or detected. A significant deficiency is a 
control deficiency, or combination of control deficiencies, that 
adversely affects the entity's ability to initiate, authorize, record, 
process, or report financial data reliably in accordance with 
generally accepted accounting principles such that there is more than 
a remote likelihood that a misstatement of the entity's financial 
statements that is more than inconsequential will not be prevented or 
detected. 

[20] GAO, Homeland Security: Departmentwide Integrated Financial 
Management Systems Remain a Challenge, [hyperlink, 
http://www.gao.gov/products/GAO-07-536] (Washington, D.C.: Jun. 21, 
2007), and Financial Management Systems: DHS Faces Challenges to 
Successfully Consolidating Its Existing Disparate Systems, GAO-10-76 
(Washington, D.C.: Dec. 4, 2009). 

[21] Disciplined processes have been shown to reduce the risks 
associated with software development and acquisition efforts to 
acceptable levels and are fundamental to successful system 
implementations. A disciplined process includes, among other things, 
management, testing, data conversion and system interfaces, risk and 
project management, and other related financial management activities. 

[22] Pub. L. No. 104-208, Div. A, tit. I § 101(f), tit. VIII, 110 
Stat. 3009, 3009-389 (1996). See generally 31 U.S.C. § 3512 and 
accompanying note. This act requires agencies to implement financial 
management systems that substantially comply with (1) federal 
financial management systems requirements, (2) federal accounting 
standards, and (3) the U.S. Standard General Ledger at the transaction 
level. 

[23] Division A, Section 101(f), Title VIII of Public Law 104-208. 

[24] DHS, Human Capital Strategic Plan, Fiscal Years 2009-2013 
(Washington, D.C.). 

[25] GAO, High-Risk Series: Strategic Human Capital Management, 
[hyperlink, http://www.gao.gov/products/GAO-03-120] (Washington, D.C.: 
January 2003). 

[26] Department of Homeland Security: 2008 Federal Human Capital 
Survey Results (Washington, D.C.: 2008). The leadership and knowledge 
management index indicates the extent to which employees hold their 
leadership in high regard, both overall and on specific facets of 
leadership. The results-oriented performance culture index indicates 
the extent to which employees believe their organizational culture 
promotes improvement in processes, products and services, and 
organizational outcomes. The talent management index indicates the 
extent to which employees think the organization has the talent 
necessary to achieve its organizational goals. The job satisfaction 
index indicates the extent to which employees are satisfied with their 
jobs and various aspects thereof. 

[27] Partnership for Public Service and the Institute for the Study of 
Public Policy Implementation at the American University School of 
Public Affairs, The Best Places to Work in the Federal Government 
(Washington, D.C.: 2010). 

[28] GAO, Equal Employment Opportunity: DHS Has Opportunities to 
Better Identify and Address Barriers to EEO in Its Workforce, 
[hyperlink, http://www.gao.gov/products/GAO-09-639] (Washington, D.C.: 
Aug. 31, 2009). The Equal Employment Opportunity Commission uses the 
term "triggers" to refer to indicators of potential barriers to equal 
employment opportunity. 

[29] GAO, Department of Homeland Security: DHS Needs to 
Comprehensively Assess Its Foreign Language Needs and Capabilities and 
Identify Shortfalls, [hyperlink, 
http://www.gao.gov/products/GAO-10-714] (Washington, D.C.: June 22, 
2010). DHS has a variety of responsibilities that utilize foreign 
language capabilities, including investigating transnational criminal 
activity and staffing ports of entry into the United States. 

[30] The Federal Employee Viewpoint Survey is the Office of Personnel 
Management's new name for its former Federal Human Capital Survey. 

[31] [hyperlink, http://www.gao.gov/products/GAO-08-646T]. 

[32] Vertical integration refers to integration of these elements-- 
processes, systems, and people--within management functions, from the 
department level down through each of the corresponding management 
functions in the component agencies. 

[33] Horizontal integration refers to integration of the elements 
mentioned across management functions, such as the integration of 
human capital management and financial management activities in areas 
related to payroll. GAO, Department of Homeland Security: A 
Comprehensive Strategy Is Still Needed to Achieve Management 
Integration Departmentwide, [hyperlink, 
http://www.gao.gov/products/GAO-10-318T] (Washington, D.C.: Dec. 15, 
2009). 

[34] GAO, Department of Homeland Security: Actions Taken Toward 
Management Integration, but a Comprehensive Strategy Is Still Needed, 
[hyperlink, http://www.gao.gov/products/GAO-10-131] (Washington, D.C.: 
Nov. 20, 2009) and GAO-05-139. 

[35] Outcome-based measures focus on the impact or results of 
activities. 

[36] GAO, Department of Homeland Security: Progress Report on 
Implementation of Mission and Management Functions, [hyperlink, 
http://www.gao.gov/products/GAO-07-454] (Washington, D.C.: Aug. 17, 
2007). 

[37] GPRA requires executive agencies to complete strategic plans in 
which they define their missions, establish results-oriented goals, 
and identify the strategies that will be needed to achieve those 
goals. GPRA also requires executive agencies to prepare annual 
performance plans that articulate goals for the upcoming fiscal year 
that are aligned with their long-term strategic goals. Finally, GPRA 
requires executive agencies to measure performance toward the 
achievement of the goals in the annual performance plan and report 
annually on their progress in program performance reports. 

[38] [hyperlink, http://www.gao.gov/products/GAO-09-271]. 

[End of section] 

GAO's Mission: 

The Government Accountability Office, the audit, evaluation and 
investigative arm of Congress, exists to support Congress in meeting 
its constitutional responsibilities and to help improve the performance 
and accountability of the federal government for the American people. 
GAO examines the use of public funds; evaluates federal programs and 
policies; and provides analyses, recommendations, and other assistance 
to help Congress make informed oversight, policy, and funding 
decisions. GAO's commitment to good government is reflected in its core 
values of accountability, integrity, and reliability. 

Obtaining Copies of GAO Reports and Testimony: 

The fastest and easiest way to obtain copies of GAO documents at no 
cost is through GAO's Web site [hyperlink, http://www.gao.gov]. Each 
weekday, GAO posts newly released reports, testimony, and 
correspondence on its Web site. To have GAO e-mail you a list of newly 
posted products every afternoon, go to [hyperlink, http://www.gao.gov] 
and select "E-mail Updates." 

Order by Phone: 

The price of each GAO publication reflects GAO’s actual cost of
production and distribution and depends on the number of pages in the
publication and whether the publication is printed in color or black and
white. Pricing and ordering information is posted on GAO’s Web site, 
[hyperlink, http://www.gao.gov/ordering.htm]. 

Place orders by calling (202) 512-6000, toll free (866) 801-7077, or
TDD (202) 512-2537. 

Orders may be paid for using American Express, Discover Card,
MasterCard, Visa, check, or money order. Call for additional 
information. 

To Report Fraud, Waste, and Abuse in Federal Programs: 

Contact: 

Web site: [hyperlink, http://www.gao.gov/fraudnet/fraudnet.htm]: 
E-mail: fraudnet@gao.gov: 
Automated answering system: (800) 424-5454 or (202) 512-7470: 

Congressional Relations: 

Ralph Dawn, Managing Director, dawnr@gao.gov: 
(202) 512-4400: 
U.S. Government Accountability Office: 
441 G Street NW, Room 7125: 
Washington, D.C. 20548: 

Public Affairs: 

Chuck Young, Managing Director, youngc1@gao.gov: 
(202) 512-4800: 
U.S. Government Accountability Office: 
441 G Street NW, Room 7149: 
Washington, D.C. 20548: