Protective Services risk assessment system fails, GAO says
- By Alice Lipowicz
- Aug 15, 2011
The Federal Protective Service’s new risk assessment information system is millions of dollars over budget, two years behind schedule and despite corrective efforts is not functional, according to a new report from the Government Accountability Office.
Three years ago, the service funded the Risk Assessment and Management Program (RAMP), which was expected to cost $21 million, with delivery by July 31, 2009.
Now the cost of RAMP has soared to $57 million and the system isn't operating effectively, the GAO said in a report published on Aug. 15.
“RAMP is over budget, behind schedule, and cannot be used to complete Facility Security Assessments and reliable guard inspections as intended,” the report said.
Union: Contractors weaken Federal Protective Service
Until the service makes improvements in its project management of RAMP, “it risks repeating some of the same mistakes it made during the last four years, which have resulted in significant expenditures on a risk assessment and management system that is not functional,” GAO concluded.
As of June 2011, $35 million had been spent on developing RAMP, the report said. Costs increased partly because the service made changes in original system requirements, and the contractor accommodated the changes.
Aside from the cost and scheduling problems, the new system also does not work effectively because the agency did not verify the accuracy of the federal facility data it contains, and there is no edit function that allows inspectors to edit the data when necessary.
The system also lacks a process to verify training and certification for 13,200 contract guards at federal facilities, and does not incorporate certain security standards dating from April 2010, GAO continued.
GAO recommended that the Homeland Security Department and director of the protective service evaluate the cost and benefits of continuing with RAMP, or whether an alternative would be more effective.
GAO also recommended increasing the use of project management best practices; establishing a process for verifying the accuracy of federal facility and guard certification and training data before entering the data into RAMP; and developing an interim solution for completing security assessments while RAMP’s problems are fixed.
DHS officials agreed with the recommendations.
Alice Lipowicz is a staff writer covering government 2.0, homeland security and other IT policies for Federal Computer Week.