GAO criticizes HSIN Next Gen management

Related Links

GAO Report

Government auditors say the $62 million upgrade of the Homeland Security Department’s platform for sharing sensitive but unclassified information with state and local authorities faces risks due to insufficient project management controls.

The Homeland Security Information Network Next Gen, the platform with which DHS plans to replace the existing HSIN, could face “increased project costs, delayed schedules and performance shortfalls” if weaknesses in its planning, requirements development and management, and risk management are not addressed, the Government Accountability Office said.

In a report released Oct. 8, GAO recommended that controls be implemented before DHS starts to migrate users to HSIN Next Gen’s initial operating capability and concluded that “investing money given the current state of management controls puts the project at risk.”

According to GAO, DHS halted further improvements on the original HSIN in September 2007 and has since focused on HSIN Next Gen. In May, DHS awarded a contract worth as much as $62 million to General Dynamics to work on HSIN Next Gen.

DHS plans to begin migrating users to the new version beginning in May 2009. The original network has been criticized for not meeting certain user requirements.

In a written response to GAO’s report, Roger Rufe, director of DHS’ Office of Operations Coordination, said the decision to upgrade to HSIN Next Gen meets the growing needs of HSIN users. He added that the current platform “does not provide the necessary capabilities required to provide the necessary trust and interoperability.”

According to GAO’s report, HSIN does not support role-based access controls and two-factor authentication. The new system is a key part of a portal-consolidation effort aimed at reducing the number of Web-based systems used to share sensitive but unclassified information.

DHS spokesman Russ Knocke acknowledged the challenges associated with the original HSIN, but said the platform has served an important role in sharing information during the Hurricane Katrina emergency, during the current hurricane season and in ongoing efforts to combat gang activities.

He also said GAO’s suggestion that further investment under the current management structure puts the project at risk is illogical. By that logic, he said, every project would have to be perfect before it could go forward. He also said the project already had core management elements in place.

GAO auditors criticized HSIN Next Gen’s acquisition strategy, saying the practice of “engaging a contractor and commencing work before implementing mature controls is not a recipe for success.”

Rufe said in his response that the project would phase in different users at different points based on industry best practices. DHS officials say they are continuing to work with user groups to develop requirements.

The report states that DHS has gathered and analyzed requirements from critical infrastructure users but had not done so for all other HSIN users or developed a process for managing changes to requirements.

GAO said DHS “has initiated some important steps in establishing sound and capable acquisition controls, but much remains to be accomplished before DHS management efforts can be considered effective and thereby minimize the risks associated with HSIN Next Gen delivering promised capabilities and benefits on time and within budget.”

About the Author

Ben Bain is a reporter for Federal Computer Week.

Featured

  • Contracting
    8 prototypes of the border walls as tweeted by CBP San Diego

    DHS contractors face protests – on the streets

    Tech companies are facing protests internally from workers and externally from activists about doing for government amid controversial policies like "zero tolerance" for illegal immigration.

  • Workforce
    By Mark Van Scyoc Royalty-free stock photo ID: 285175268

    At OPM, Weichert pushes direct hire, pay agent changes

    Margaret Weichert, now acting director of the Office of Personnel Management, is clearing agencies to make direct hires in IT, cyber and other tech fields and is changing pay for specialized occupations.

  • Cloud
    Shutterstock ID ID: 222190471 By wk1003mike

    IBM protests JEDI cloud deal

    As the deadline to submit bids on the Pentagon's $10 billion, 10-year warfighter cloud deal draws near, IBM announced a legal protest.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.