Advisory committee criticizes DHS info-sharing upgrade
A panel of outside experts advising the Homeland Security Department on the development of the department's effort to upgrade its computer-based platform for sharing sensitive but unclassified information with DHS' partners has found the project to have a series of “deficiencies."
The advisory panel has recommended that until those problems are fixed, DHS spend no additional money on the upgrade project except to improve business plans and processes.
Those recommendations from the Homeland Security Information Network Advisory Committee (HSINAC) obtained by Federal Computer Week echo many of the findings in a Government Accountability Office report issued Oct. 8. DHS plans to finish migrating users to the Homeland Security Information Network Next Generation (HSIN Next Gen) platform from the current Homeland Security Information Network (HSIN) by next October.
The HSINAC memo to DHS leadership, dated Sept. 17, criticized DHS’ efforts to engage the eventual users of the HSIN Next Gen platform as “immature and under-resourced.” The panel also said HSIN Next Gen lacked a “fully articulated business strategy with prudent management controls” and there is an "inadequate definition" of HSIN Next Gen's role with respect to other information-sharing systems.
The advisory committee also said the project lacks “interagency coordination and cooperation; a cohesive implementation plan; and a fully implemented end-user requirements generation and validation process.”
In addition, the advisers said DHS should fix the current HSIN system as a "stop gap while developing a plan to implement HSIN Next Generation." According to GAO, DHS halted further improvements on the original HSIN in September 2007 and has since focused on HSIN Next Gen. HSIN Next Gen is an upgrade to the current HSIN system.
The HSIN Next Gen upgrade will cost up to $62 million, and according to GAO, DHS estimates it has spent a total of $91 million on the current HSIN through fiscal 2008.
“No further funds should be expended for HSIN Next Generation except for the development and vetting of a cohesive business plan and implementation of a sound requirements generation and vetting process,” until the deficiencies are rectified, the HSINAC panel recommended.
The original HSIN, now in use, has been criticized for not meeting user requirements. In July, two of the House Homeland Security Committee’s senior Democrats asked DHS to suspend work on HSIN Next Gen until requirements for the platform’s users had been defined and validated. Also, GAO said its report of Oct. 8 that “investing money given the current state of management controls puts the project at risk.”
In May, DHS awarded a contract worth as much as $62 million to General Dynamics to work on HSIN Next Gen. The first phase of the effort, that was driven by the HSIN Critical Sectors (HSIN-CS) priority requirements, was completed on Aug. 25.
The advisory panel said, “For an unknown reason, the urgent need to upgrade/replace HSIN Current with HSIN Next Generation has outpaced the planning and implementation of good management procedures to include a full compilation of user input into the overall design.”
In a response letter, a copy of which was also obtained by FCW, DHS’ director for operations coordination and planning agreed with several of the recommendations, but said the department shouldn't stop spending money on the project.
Roger Rufe wrote in the letter dated Oct. 14 that an interruption in the project would “degrade DHS’ ability to perform its homeland security mission” and jeopardize the department's established relationships with federal and non-federal partners. He also said the advisory panel's recommendations did not reflect funding requests or the "mission integration process" presented to the HSINAC.
He also disagreed with the assertion that HSIN did not have a clear definition causing confusion with other federal systems. Rufe also said DHS’ methodology to upgrade HSIN’s software “will result in an effective and efficient information sharing and collaboration portal.”
“Waiting until all requirements for all portals and systems have been identified and then aligned into an integrated architecture across all users and mission areas is not operationally practical,” Rufe wrote.
Rufe also defended the project's implementation schedule, adding that future phases will continue to be based on input from HSIN users. He also said "significant progress" had been made to strengthen the project's management controls that included HSIN being removed from the Office of Management and Budget's Management Watchlist.
DHS spokesman Russ Knocke said the department will also be working with OMB on a business plan in the coming weeks and that HSIN Next Gen's development was early in a multi-step process. He also said that although HSIN has had challenges, the current platform has played an important role in sharing information. Knocke said that DHS appreciated the committee's feedback but said some of the conclusions appeared to be based on misunderstandings.
A senior OMB official acknowledged working with DHS on the HSIN Next Gen project. "We are exercising our oversight and management authority and working with the agency to address their needs," said Karen Evans, OMB administrator for e-government and information technology.
Meanwhile, the advisory committee wrote that although DHS’ current methodology could result in optimal technology architecture, it will not matter if the platform’s end users feel disenfranchised and decide not to use the platform.
“Without resolving the issues of duplicative and redundant systems, the development of a cohesive and coordinated implementation plan based on sound business policies and operational requirements, and the proactive involvement of end users in the development of HSIN Next Generation technology architecture – it may not matter,” the committee wrote.
Ben Bain is a reporter for Federal Computer Week.