TSA Web site evolves into information hub

The Transportation Security Administration has finished the initial rollout of an information technology platform that brings together internal software, the agency's public Web site and information it sends to airports and other transportation hubs. Now the agency is easing into a phase that will extend existing applications to more users and expand the system's capabilities.

The massive e-government project has allowed TSA to collapse more than half of almost 80 legacy security systems it inherited from the Federal Aviation Administration into one. TSA ultimately will consolidate them all, said Sara Hebert, e-government program manager in TSA's Office of Strategic Management and Analysis.

Created following the Sept. 11, 2001, terrorist attacks and later folded into the Homeland Security Department, TSA is starting from scratch in a sense, Hebert said. Its leaders can create the agency's culture and develop its IT approach with no history to worry about. At the same time, though, the agency does have to absorb existing systems and consolidate their functions.

"We had new laws and a new mission and a new organization that had to be created," said Greg Pellegrino, e-government leader at Deloitte Consulting, which designed the platform for TSA. "What we set out to do was to build a digital model for how TSA would ultimately operate."

TSA launched applications for specific user groups based on priority, Hebert said. The legal group got access to the case management system first, for example.

"The initial application launches were intended to deploy basic functionality to a subset of the users," she said. "For each of the applications that have been rolled out right now, we will be extending our user groups. For example, we will be adding law enforcement to our case management applications. Similarly, we need to build out the functionality of the applications. We already have a couple of those applications under way."

Old and new mandates drive much of the expansion, she said. The Maritime Safety Act requires self-assessments for port facilities, for example. And to follow a new DHS requirement that compels physical security surveys in transportation-related locations, TSA is adding the needed fields to an existing system for creating location profiles.

The agency's challenges started before it even went to work, Pellegrino said. The public held TSA responsible for inconsistent security at airports months before the agency actually took over the security duties.

"They were going to take that responsibility eventually, by federalizing the security force, but they hadn't done it yet," he said. "Here comes TSA, and TSA is now faced with the country seeing those inconsistencies, seeing different messages. It was critical for TSA to be able to get a handle on that and get effective communications out into the field."

Deloitte's work started with an analysis of TSA's constituents, Pellegrino said. Deloitte brought experience from the business world to apply to TSA's business needs. For a government agency, "success or failure in meeting customer needs equals profit and loss" in the business world, he said. The analysis covered a 10-week strategic planning phase that included 70 sessions with focus groups and other constituent meetings.

As a result of the meetings, Deloitte developed an "outside-in" e-government model, providing shared capabilities and various information delivery channels, such as wireless devices and the Internet, along with telephones and in-person meetings. "Regardless of channel, we needed to be able to provide consistent, relevant information," Pellegrino said.

The Web-enabled, Unix-based system uses a common data model so applications such as content management, search, directory services, business intelligence and Web services look and work the same for all users. TSA awarded Deloitte a five-year contract worth up to $205 million that began in January so the company could continue the work it initiated.

The system's alert notification feature summarizes the success of Deloitte's approach, Pellegrino said.

"This is where it all comes together and highlights the end-to-end connectivity the platform provides," he said. "It is designed to allow you not only to design an alert, but it also provides the capability to have content notification.

"If there are changes to information in the platform, an alert can be triggered automatically," he said. "If I want to be notified every time there's a policy change or a speech is made, I can drive that to the different channels that are preferred by the users. The fabric of communications is in place and can scale without programmers having to be standing by."

The fledgling agency has moved rapidly in developing and deploying the platform, said Rishi Sood, principal analyst with Gartner Inc. The platform is a "major step forward" and came together smoothly in part because TSA began with a cleaner slate than most agencies get.

"That is one of the biggest benefits they have, that it is a relatively new organization with a relatively new charter," he said. "They don't have the existing investments that other agencies have."

"They have had the challenge of needing to stand up a lot of things extremely quickly," said Carol Kelly, government IT analyst with the META Group Inc. "If you look at the human capital functions, the training and the resources required, they've done a good job of getting it stood up."

"What TSA faced when [it was] created back in November 2001 was the challenge of ramping up an organization to meet the mandates and provide the right infrastructure and tools to have as functioning an organization as possible," Pellegrino said. "I would characterize this kind of start-up as unprecedented."

The analysts said that a critical aspect is whether Deloitte or other vendors can replicate the success of TSA's approach in other agencies. TSA had an advantage in having no built-up corporate culture or set of business processes to change, but other agencies should still be able to learn from them, Sood said.

How the system grows will depend on what the government asks of TSA in the future, he added. "It's going to be dependent on how the charter of TSA evolves," he said. "The heart of this organization is going to be focused on information dissemination. There are a number of constituent groups who need to be informed in different ways."

***

A stepping stone approach

Here's a timeline of the Transportation Security Administration's rollout of its information technology platform:

September 2002: Created system to manage contact information.

November 2002: Developed content management system for keeping Web site up-to-date.

November 2002: Launched TSA public Web site.

January 2003: Launched Homeland Security Department public Web site, which operates on TSA's infrastructure.

April 2003: Updated contact list.

April 2003: Rolled out applications including incident management, case management, security operations management and user management.