Staffing, budget woes hobble Homeland Security IT management

The Homeland Security Department has significantly improved oversight of its information technology investments, but staffing shortages and inconsistent budget and management practices at the department's individual agencies thwart more coordination, according to a report the DHS inspector general released on Monday.

Comment on this article in The Forum.The IG credited the department with better defining the chief information officer's responsibilities and authority and strengthening the management structure and reporting relationships the department CIO has with the chief information officers at DHS' 22 component agencies.

But the department still has yet to hire enough staff needed to properly manage the IT infrastructure and oversee projects, the IG reported. In December 2007, the DHS Office of the CIO had authority to hire 111 employees to support more than 208,000 employees, but the office filled only 71 of those positions, or 64 percent. In addition, the office has had a difficult time retaining the IT staff it does hire, the IG said. The turnover rate for the past two years has been about 47 percent.

"This has limited the DHS CIO's ability to effectively execute departmentwide IT management functions," the inspector general concluded.

Contractors accounted for about 83 percent of the positions in the CIO office, performing functions such as implementation of President Bush's e-government initiatives, managing portfolios and overseeing capital planning. The high percentage of contractors creates a situation in which new contractors must be trained every time previous ones are reassigned.

DHS officials said a variety of reasons have led to the staffing shortfall, including lack of qualified applicants to fill authorized positions, the federal government's complex and lengthy hiring process, and the requirement that all employees in the CIO office obtain a classified clearance, which further delays hiring. The high turnover is the result of a demanding work environment, which often includes frequent overtime officials said.

The CIO office plans to increase the number of government employees by encouraging management to convert contractor positions to full-time government positions when possible.

The IG also reported that complex budget and inconsistent accounting practices have made it difficult for CIOs to manage technology investments. The 1996 Clinger-Cohen Act requires CIOs to review their agencies' IT budgets to find savings and better coordinate investments. In addition, a DHS management directive issued in February 2007 requires CIOs in its component agencies to submit for approval by the department chief all IT acquisitions in excess of $2.5 million and to prepare a separate IT budget across all programs and activities.

But component CIOs failed to meet that requirement, because programs often are funded through direct appropriations or other sources, for example, eliminating them from investment decisions, the IG reported. In October 2007, the IG found that the Transportation Security Administration's CIO had budget authority for only 26 percent of the agency's total IT spending. Programs and offices outside the CIO's authority managed the other three-quarters of the IT budget.

"As a result, component CIOs may not be able to accomplish department IT budget responsibilities or reporting requirements until existing component-level budget functions are centralized and updated," the IG reported. "Until IT budget data is fully consolidated at the department level, the DHS CIO will not attain complete visibility of IT spending across components, hindering the ability to influence technology decisions and investments."

The CIO office also should ensure compliance with its IT acquisition review, the IG reported. DHS implemented an IT acquisition review process in November 2006, which requires component CIOs to submit investment requests to the CIO office for approval. From November 2006 through September 2007, the CIO office reviewed 243 acquisitions totaling about $3.2 billion, or about 57 percent of the department's total fiscal 2007 IT budget of $5.6 billion. Of the 243 acquisitions submitted, the office identified 132, or 54 percent, that had some issue that needed to be resolve.

Partially responsible for component CIOs not submitting acquisitions for review, CIO office officials said, are programs that Congress directly funds or have high-profile visibility, such as the Custom and Border Protection's Secure Border Initiative, known as SBInet, a program to erect a virtual fence using cameras and sensors along the United State's southwest border with Mexico. These high-profile projects are managed by executive leadership boards. Another reason component CIOs failed to follow the review process was increased administrative burdens.

"As a result, departmentwide IT acquisitions oversight remains limited while significant portions of IT acquisitions are not yet being reviewed to ensure alignment with IT policy, standards, objectives and goals," the IG reported.