DHS faces IT management challenge, GAO says

A "formidable information and technology management challenge" faces the Homeland Security Department, according a report released today by the Government Accountability Office.

In the report, GAO auditors wrote that the department must establish seven disciplines: information technology strategic planning; enterprise architecture; IT investment management; systems development and acquisition management; information security management; information management; and IT human resources management.

DHS' progress has been slow in establishing each of the seven areas departmentwide, while DHS officials continue to invest hundreds of millions of dollars in supporting systems, auditors wrote.

For instance, enterprise architecture is not derived from a DHS or national corporate business strategy. "Moreover, it is missing most of the content necessary to effectively guide and constrain IT investments," stated the report, which officials wrote in August and released today.

Department officials plan to issue a new version of the enterprise architecture in September 2004, according to the report.

In acquisition management, the report highlighted problems with process controls associated with acquiring software-intensive systems, managing and conducting testing, and measuring the performance of a system.

For IT human resources management, DHS officials have begun strategic workforce planning at the headquarters level, but agency officials have not yet systematically gathered necessary human resources data, the report said.

GAO's recommendations include:

* Establishing IT goals and performance measures that address how information and technology management contributes to program productivity, the efficiency and effectiveness of agency operations, and service to the public.

* Establishing milestones for the initiation and completion of major information and technology management activities.

* Analyzing whether DHS officials have appropriately deployed IT staff with the relevant skills to obtain their target IT structure and whether those employees are allocated appropriately.

In a written response to the GAO report, Anna Dixon, the director of the DHS' departmental GAO/OIG liaison for the chief financial officer, said initial road maps have been deployed for each of the eight priority areas, including information sharing, governance, IT human capital, enterprise architecture, mission rationalization, infrastructure, portfolio management and information security. "Over the next few months, each priority area will develop goals, performance measures and timelines for implementation," the letter states.

Dixon's letter also cites the creation of an Enterprise Architecture Board, chaired by the DHS chief information officer. As far as workforce management issues, DHS officials are analyzing their staff to determine if IT professionals have the right skills for the areas in which they are deployed, Dixon wrote.