Skip to main content

Homeland Security Acquisitions: Earlier Requirements Definition and Clear Documentation of Key Decisions Could Facilitate Ongoing Progress

GAO-17-346SP Published: Apr 06, 2017. Publicly Released: Apr 06, 2017.
Jump To:

Fast Facts

The Department of Homeland Security planned to spend $7 billion in fiscal year 2016 on major acquisitions—including ships, screening equipment, and surveillance technology.

We reviewed 26 of DHS's major acquisition programs and found that, for the first time, they all had approved cost, schedule, and performance baselines to measure progress. DHS has taken steps to strengthen management of its major acquisitions, but some programs continued to fall short of their goals.

We made recommendations to help DHS further improve its acquisition management, including that the Department define technical requirements earlier in the acquisition process.

Equipment in Transportation Security Administration's Passenger Screening Program

Photograph of equipment in Transportation Security Administration's Passenger Screening Program

Photograph of equipment in Transportation Security Administration's Passenger Screening Program

Skip to Highlights

Highlights

What GAO Found

For the first time since GAO began its annual assessments of the Department of Homeland Security's (DHS) major acquisitions, all 26 programs that were reviewed had a department-approved baseline. During 2016, over half of the programs reviewed (17 of the 26) were on track to meet their initial or revised schedule and cost goals. However, 7 of these 17 programs only recently established baselines, 6 of which operated for several years and deployed capabilities without approved baselines. The remaining 9 programs experienced schedule slips, including 4 that also experienced cost growth. The table shows the schedule and cost changes across all 26 programs reviewed, much of which was driven by changes in a few programs.

2016 Schedule and Cost Changes for the 26 Major DHS Acquisition Programs GAO Reviewed

Average change in schedule (in months)

Acquisition cost change

(in millions of dollars)

Life-cycle cost change

(in millions of dollars)

6

988.3 (1.6 percent)

1,571.5 (0.8 percent)

Source: GAO analysis of Department of Homeland Security (DHS) data. | GAO-17-346SP.

As of January 2017, 14 of the 26 programs deployed capabilities before meeting all key performance parameters (KPP)—the most important requirements that a system must meet. As a result, DHS may be deploying much-needed capabilities—such as border surveillance equipment and Coast Guard cutters—that do not work as intended. Programs did not meet KPPs for a variety of reasons, such as KPPs were not yet ready to be tested, systems failed to meet KPPs during testing, or KPPs were poorly defined. Contrary to acquisition best practices, DHS policy requires programs to establish schedule, cost, and performance baselines prior to gaining full knowledge about the program's technical requirements. As a result, DHS programs do not match their needs with available resources before starting product development, which increases programs' risk for cost growth, schedule slips, and inconsistent performance.

In 2016, DHS strengthened implementation of its acquisition policy by, for example, focusing on program staffing needs, requiring programs to obtain department-approval for key acquisition documents, and revising the process for when programs breach their cost goals, schedules, or KPPs. However, DHS could better document leadership's acquisition decisions to improve insight into cases that diverge from policy. For example, DHS approved six programs to proceed through the acquisition life cycle even though required documentation was not comprehensive or had not been approved, as required by DHS's policy. Senior DHS officials told GAO these decisions were also based on discussions held at the programs' formal acquisition reviews, but these considerations were not documented. Federal internal control standards require clear documentation of significant events. DHS leadership's decisions may be reasonable, but unless these decisions are documented, insight for internal and external stakeholders is limited. Furthermore, no programs reported a performance breach, even though some programs had not met KPPs. DHS's policy is not clear on how to determine whether a performance breach has occurred. As a result, DHS lacks insight into potential causes of performance issues that may contribute to poor outcomes.

Why GAO Did This Study

In fiscal year 2016, DHS planned to invest about $7 billion in major acquisitions. DHS's acquisition activities are on GAO's High Risk List, in part due to program management, requirements, and funding issues.

The Explanatory Statement accompanying the DHS Appropriations Act, 2015 included a provision for GAO to review DHS's major acquisitions. This report, GAO's third annual review, addresses the extent to which (1) DHS's major acquisition programs are on track to meet schedule and cost goals, (2) these programs are meeting KPPs, and (3) DHS has strengthened implementation of its acquisition policy.

GAO assessed DHS's 15 largest acquisition programs that were in the process of obtaining new capabilities as of May 2016, and 11 additional programs that GAO or DHS identified were at risk of poor outcomes. For all 26 programs, GAO reviewed key documentation, assessed performance against baselines established since DHS's 2008 acquisition policy, and met with program officials. GAO also met with DHS acquisition officials and assessed DHS's policies and practices against GAO acquisition best practices and federal internal control standards.

Recommendations

DHS should ensure that programs define technical requirements before setting baselines; document rationale for key acquisition decisions; and clarify when not meeting KPPs constitutes a breach. DHS concurred with GAO's recommendations.

Recommendations for Executive Action

Agency Affected Recommendation Status
Department of Homeland Security To mitigate the risk of poor acquisition outcomes and strengthen the department's investment decisions, the Secretary of Homeland Security should direct the Undersecretary for Management to update the acquisition policy to require that major acquisition programs' technical requirements are well defined and key technical reviews are conducted prior to approving programs to initiate product development and establishing Acquisition Program Baselines, in accordance with acquisition best practices.
Closed – Implemented
In providing comments on this report, DHS concurred with our recommendation and stated that it planned to initiate a study to assess how to better align its processes for technical reviews and acquisition decisions. Upon completion of the study, DHS updated its Acquisition Management Instruction in May 2019, which adjusted the acquisition life cycle. Specifically, the updated instruction requires programs to conduct key technical reviews--including a preliminary design review and system definition review--prior to establishing the program's acquisition program baseline. In fiscal year 2021, DHS updated its policy and guidance governing technical reviews, the Systems Engineering Life Cycle (SELC) Instruction and SELC Guidebook, which align with the changes made in the Acquisition Management Instruction. The updates to the Acquisition Management Instruction and SELC Instruction and Guidebook are consistent with acquisition best practices and will help ensure programs accumulate more knowledge before establishing baselines and beginning development.
Department of Homeland Security To mitigate the risk of poor acquisition outcomes and strengthen the department's investment decisions, the Secretary of Homeland Security should direct the Undersecretary for Management to update the acquisition policy to specify that acquisition decision memorandums clearly document the rationale of decisions made by DHS leadership, such as, but not limited to, the reasons for allowing programs to deviate from the requirement to obtain department approval for certain documents at Acquisition Decision Events and the results of considerations or trade-offs.
Closed – Implemented
In providing comments on this report, DHS concurred with our recommendation and stated that it had begun expanding the content included in Acquisition Decision Memorandums (ADM) to include greater detail and that future ADMs would address the status of the acquisition documentation. In March 2017, DHS updated the guidance for writing ADMs in a handbook for Office of Program Accountability and Risk Management staff, thus making progress toward satisfying the recommendation. In May 2019, DHS's official acquisition policy was updated and included requirements to document decisions made by DHS leadership into ADMs and that deviations from DHS's acquisition policy will be documented in an ADM. As part of our annual assessment process, we have reviewed several ADMs since we made the recommendation in April 2017. The actions taken in these ADMs reflect the updates to DHS's acquisition policy, including documentation of leadership approval for programs to deviate from requirements and trade-offs considered in these decisions. These actions meet the intent of the recommendation.
Department of Homeland Security To mitigate the risk of poor acquisition outcomes and strengthen the department's investment decisions, the Secretary of Homeland Security should direct the Undersecretary for Management to update the acquisition policy to specify at what point minimum standards for KPPs should be met, and clarify the performance data that should be used to assess whether or not a performance breach has occurred.
Closed – Implemented
In providing comments on this report, DHS concurred with our recommendation. DHS has updated guidance related to its performance breaches in a handbook for Office of Program Accountability and Risk Management staff. Specifically, DHS identified that programs must meet all KPPs by Acquisition Decision Event 3, the point at which DHS leadership approves the program to transition into sustainment, and clarified that operational test data should be used to assess whether a performance breach has occurred. DHS's Under Secretary for Management issued a policy directive in November 2017 to communicate the new guidance across the department, which will be included in the next revision to the department's acquisition policy.

Full Report

GAO Contacts

Topics

Agency evaluationsFederal acquisitionsOperational testingPerformance appraisalProgram evaluationRequirements definitionSchedule slippagesSystems testingAcquisition managementAcquisition programsCost and scheduleAcquisition policy