TIGTA: IRS wasted money in early HSPD-12 efforts

The development of standard identification cards under the governmentwide Homeland Security Presidential Directive 12 initiative is supposed to help provide security in a cost-efficient manner. But the Internal Revenue Service, the lead for the Treasury Department’s implementation of HSPD-12, wasted $3.5 million on unnecessary hardware, software and services in its early efforts because of poor management and oversight, the Treasury Inspector General for Tax Administration (TIGTA) said.

“As the lead bureau for Treasury, IRS is charged with ensuring the funds are spent prudently,” said Michael Phillips, deputy IG for audit, in the report posted Dec. 20.

Under HSPD-12, agencies so far were to have verified and/or completed background investigations and issued identification cards for all employees with fewer than 15 years of service. By October 2008, agencies must do the same for federal workers with more than 15 years’ service. Treasury has estimated that it would cost $421 million over 14 years to build and maintain an HSPD-12 system, including enrollment, card printing with encryption of personal data, systems infrastructure and card maintenance. It has committed $30 million to the HSPD-12 initiative to date.

The TIGTA investigation evaluated IRS’ HSPD-12 activities from the beginning of the program in 2005 through May 2007. As a result of the audit, IRS switched in May from its stand-alone approach to the managed services available through the General Services Administration to acquire the smart cards.

In its evaluation of IRS activities at the time, TIGTA found that the IRS project team did not manage contracts for the program effectively. Statements of work were too general to hold contractors accountable for work performed, and IRS paid vendors without verifying that work was performed, according to TIGTA. For example, IRS spent $837,616 to purchase 18 public-key infrastructure servers that were not used for the program and were not needed until sometime in the future of the program.

IRS had hired Booz Allen Hamilton, Mitre and Presidio to develop and implement the HSPD-12 requirements. TIGTA found that the statements of work for Mitre’s task order were adequate but those for the other two were not well-defined. IRS also used existing contracts with Booz Allen Hamilton to perform work related to the HSPD-12 program and charging those existing contracts for HSPD-12 work. The products were identified too generally to track and manage, the report states.

One of the problems was that IRS did not prepare a formal business case for the HSPD-12 program, which is one of its established governance procedures. The IRS HSPD-12 project management office did prepare an internal business case, but it did not comply with IRS’ business case requirements and was not submitted to the Treasury HSPD-12 governance committees, the report states. As a result, the governance committees did not have sufficient information with which to make critical management decisions for the program.

“Many of the problems experienced by the HSPD-12 program are similar to those we have reported previously in the IRS Business Systems Modernization program,” Phillips said. Those include improving key management processes, managing the increasing complexity and risks of the program and ensuring that contractor performance and accountability are effectively managed.

In response to the audit, IRS said it has already started to implement TIGTA’s recommendations, including the move to GSA’s shared service provider, said David Grant, director of IRS Procurement. IRS reorganized its HSPD-12 program management office to align with the change.

“We continue to improve our internal administrative processes, document our project files and demonstrate our decision-making process,” Grant said in a letter dated Nov. 26.

TIGTA directed that for future contracts, IRS should separate tasks by function to improve monitoring of contractor performance, ensure supporting documents for hours worked and require the HSPD-12 program manager to provide written certification for labor hours worked on contracts before any payments are made, TIGTA said. The program manager also should document all costs adequately and assign costs to specific task orders. IRS Chief Information Officer Art Gonzalez should also coordinate with Treasury to consider combining its PKI efforts with those of the General Services Administration and ensure that the executive steering committees responsible for providing oversight to information technology projects enforce use of IRS Enterprise Life Cycle requirements.

Other examples of overspending that TIGTA found that IRS could have avoided were:

  • $1,940,397 spent to purchase 350,000 PKI certificates in March and September 2005.

  • $431,035 spent to establish an identification badge laboratory to create a test environment for issuing HSPD-12 identification badges.

  • $91,618 spent to reimburse the General Services Administration for preparing a request for procurement for acquiring another contractor’s services.

  • $188,160 paid to a contractor for one person to perform clerical duties in an 11-month period.

About the Author

Mary Mosquera is a reporter for Federal Computer Week.

The Fed 100

Save the date for 28th annual Federal 100 Awards Gala.


  • computer network

    How Einstein changes the way government does business

    The Department of Commerce is revising its confidentiality agreement for statistical data survey respondents to reflect the fact that the Department of Homeland Security could see some of that data if it is captured by the Einstein system.

  • Defense Secretary Jim Mattis. Army photo by Monica King. Jan. 26, 2017.

    Mattis mulls consolidation in IT, cyber

    In a Feb. 17 memo, Defense Secretary Jim Mattis told senior leadership to establish teams to look for duplication across the armed services in business operations, including in IT and cybersecurity.

  • Image from Shutterstock.com

    DHS vague on rules for election aid, say states

    State election officials had more questions than answers after a Department of Homeland Security presentation on the designation of election systems as critical U.S. infrastructure.

  • Org Chart Stock Art - Shutterstock

    How the hiring freeze targets millennials

    The government desperately needs younger talent to replace an aging workforce, and experts say that a freeze on hiring doesn't help.

  • Shutterstock image: healthcare digital interface.

    VA moves ahead with homegrown scheduling IT

    The Department of Veterans Affairs will test an internally developed scheduling module at primary care sites nationwide to see if it's ready to service the entire agency.

  • Shutterstock images (honglouwawa & 0beron): Bitcoin image overlay replaced with a dollar sign on a hardware circuit.

    MGT Act poised for a comeback

    After missing in the last Congress, drafters of a bill to encourage cloud adoption are looking for a new plan.

Reader comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group