IG: DHS needs better management for OneNet

The Homeland Security Department’s program to consolidate its component agencies’ network infrastructures into one wide-area network is delayed and isn’t saving the department money, according to a new report from DHS’ inspector general.

The department hasn’t completed many activities associated with the OneNet project, and progress is limited three years after the project’s original fiscal 2006 completion date, a redacted version of the report states. The problems happened because DHS hasn’t provided effective oversight or leadership for the project, and management needs to be improved, the report states.

OneNet will ultimately provide a global communications environment that offers improved security and interoperability throughout the department, and DHS says the program will give its agencies secure data, voice, video, tactical radio and satellite communications, according to the report released Sept. 15.

Meanwhile, the IG detailed steps that DHS' Customs and Border Protection, the steward of the program, has taken to consolidate existing infrastructures. However, without the required management oversight and leadership, CBP “may not be able to fully consolidate components’ existing infrastructures into OneNet,” the report states.

“Increased risks exist that the OneNet implementation may be further delayed, preventing DHS from obtaining a consolidated [information technology] infrastructure that is capable of supporting the department’s mission and providing unified IT services to all components,” the report states.

DHS will have spent $149 million of the projected $502 million it will cost to put the OneNet in place by the end of fiscal 2009, the IG said.  The department had estimated it would save $871 million by consolidating its existing network infrastructures and data centers, the report states.

Meanwhile, IG found DHS had put in place adequate security controls for OneNet and didn’t find any critical vulnerabilities that could be exploited to gain unauthorized access to the network. The audit, completed between January and April 2009, also found DHS was performing adequate networks and security monitoring related to OneNet.

However, the IG also said DHS was delayed in getting component agencies to use the department’s Trusted Internet Connection, a governmentwide program to consolidate agencies’ gateways to the Internet that was started by the Office of Management and Budget in November 2007. DHS is putting TIC in place as part of OneNet project.

To deal with the problems, the IG made nine recommendations, some of which were partially redacted in the released report. DHS concurred with five of the recommendations, but didn’t with four. For example, DHS agreed with recommendations to update its Project Management Plan for OneNet and establish schedules for its agencies to ensure their timely migration to OneNet and TIC.

Meanwhile, the IG recommended that DHS strengthen its oversight of OneNet implementation by establishing a completion date and interim milestones for the project.

However, the department didn’t concur, saying the project has a strong leadership team that oversees the project daily, as well as a multifaceted oversight program.