GAO criticizes HSIN Next Gen management

Related Links

GAO Report

Government auditors say the $62 million upgrade of the Homeland Security Department’s platform for sharing sensitive but unclassified information with state and local authorities faces risks due to insufficient project management controls.

The Homeland Security Information Network Next Gen, the platform with which DHS plans to replace the existing HSIN, could face “increased project costs, delayed schedules and performance shortfalls” if weaknesses in its planning, requirements development and management, and risk management are not addressed, the Government Accountability Office said.

In a report released Oct. 8, GAO recommended that controls be implemented before DHS starts to migrate users to HSIN Next Gen’s initial operating capability and concluded that “investing money given the current state of management controls puts the project at risk.”

According to GAO, DHS halted further improvements on the original HSIN in September 2007 and has since focused on HSIN Next Gen. In May, DHS awarded a contract worth as much as $62 million to General Dynamics to work on HSIN Next Gen.

DHS plans to begin migrating users to the new version beginning in May 2009. The original network has been criticized for not meeting certain user requirements.

In a written response to GAO’s report, Roger Rufe, director of DHS’ Office of Operations Coordination, said the decision to upgrade to HSIN Next Gen meets the growing needs of HSIN users. He added that the current platform “does not provide the necessary capabilities required to provide the necessary trust and interoperability.”

According to GAO’s report, HSIN does not support role-based access controls and two-factor authentication. The new system is a key part of a portal-consolidation effort aimed at reducing the number of Web-based systems used to share sensitive but unclassified information.

DHS spokesman Russ Knocke acknowledged the challenges associated with the original HSIN, but said the platform has served an important role in sharing information during the Hurricane Katrina emergency, during the current hurricane season and in ongoing efforts to combat gang activities.

He also said GAO’s suggestion that further investment under the current management structure puts the project at risk is illogical. By that logic, he said, every project would have to be perfect before it could go forward. He also said the project already had core management elements in place.

GAO auditors criticized HSIN Next Gen’s acquisition strategy, saying the practice of “engaging a contractor and commencing work before implementing mature controls is not a recipe for success.”

Rufe said in his response that the project would phase in different users at different points based on industry best practices. DHS officials say they are continuing to work with user groups to develop requirements.

The report states that DHS has gathered and analyzed requirements from critical infrastructure users but had not done so for all other HSIN users or developed a process for managing changes to requirements.

GAO said DHS “has initiated some important steps in establishing sound and capable acquisition controls, but much remains to be accomplished before DHS management efforts can be considered effective and thereby minimize the risks associated with HSIN Next Gen delivering promised capabilities and benefits on time and within budget.”

About the Author

Ben Bain is a reporter for Federal Computer Week.

Featured

  • Telecommunications
    Stock photo ID: 658810513 By asharkyu

    GSA extends EIS deadline to 2023

    Agencies are getting up to three more years on existing telecom contracts before having to shift to the $50 billion Enterprise Infrastructure Solutions vehicle.

  • Workforce
    Shutterstock image ID: 569172169 By Zenzen

    OMB looks to retrain feds to fill cyber needs

    The federal government is taking steps to fill high-demand, skills-gap positions in tech by retraining employees already working within agencies without a cyber or IT background.

  • Acquisition
    GSA Headquarters (Photo by Rena Schild/Shutterstock)

    GSA to consolidate multiple award schedules

    The General Services Administration plans to consolidate dozens of its buying schedules across product areas including IT and services to reduce duplication.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.