No longer a performance model, TSA’s ITMS provides lessons

Once considered a model for performance-based contacting, the Transportation Security Administration’s massive Information Technology Managed Services (ITMS) program is now receiving criticism for some of its faults. A new audit report details the project’s missteps and provides insight into the challenges of managing such contracts.

The recent report by the Homeland Security Department’s inspector general details the failures of the $1 billion contract with Unisys to provide telecommunications, IT infrastructure and managed services at 429 airports, 21 field offices and TSA’s Transportation Security Operations Center. TSA lacked the staff to oversee such a complex acquisition and did not have the proper performance measures in place, the report states.

“The broad scope of requirements and short time frames for implementation caused difficulty in establishing a realistic contract ceiling, structuring specific tasks and establishing reasonable prices for those tasks,” DHS Inspector General Richard Skinner wrote.

Rep. Don Young (R-Alaska), chairman of the House Transportation and Infrastructure Committee, requested the audit.

Although most of the original money has been spent and many airports still lack a basic IT structure, the agency has since adopted a better-managed acquisition strategy, the report states.

TSA awarded the contract in 2002. By the beginning of fiscal 2006, spending had nearly reached the contract ceiling although few products or services had been delivered. TSA officials projected that by the beginning of fiscal 2006, the cost would exceed $834 million. Including option years, the contract was to extend into fiscal 2009, meaning 83 percent of the contract’s spending limit had been spent in less than half of the time allotted for the contract, according to the report. The report faults Unisys for often performing work under the ITMS contract without receiving authorizations to proceed from TSA’s contracting office.

Although the report presents considerable evidence of poor contract management, the IG found that the contract had made appropriate use of small businesses. “TSA has taken an aggressive approach to ensure that Unisys complies with small-business subcontractor management responsibilities,” Skinner wrote.

TSA let the original Unisys contract expire because of IG recommendations from a draft report. In December 2005, the agency awarded the company a bridge contract, under which TSA has implemented sound business practices and addressed the weaknesses that the IG’s office identified in the original draft audit report, Skinner wrote.

The bridge contract has enabled the agency to retain equipment leased under the initial ITMS contract and support a transition to a new departmentwide homeland security contract, once one is in place. Under a DHS enterprisewide contract it would no longer be a TSA project, and the IT services would be interoperable with other DHS agencies, said TSA spokeswoman Amy Kudwa. TSA also has taken parts of the original Unisys work and competed it outside of the bridge contract, she said.

In a statement responding to the IG report, Unisys officials detailed some of the company’s accomplishments under the ITMS contract, such as providing “state-of-the-art technology and communications equipment” to the airports, success rates in implementing equipment such as high-speed access and networking, and satisfaction ratings.

“Unisys successfully met ITMS contract requirements and, in some cases, exceeded them to earn a performance award,” company officials said.

Kudwa said TSA has only awarded $900,000 in performance incentives to date, even though Unisys is eligible for $2.9 million per quarter in performance incentives. Unisys noted that the IG report indicates high customer satisfaction with Unisys, including an average rating of 4.78 on a 5.0 scale. Federal security directors rated Unisys’ ITMS performance a 7.3 on a scale of 1 to 10, with 10 representing excellent. The directors blamed the ITMS problems on inadequate funding, not Unisys’ performance.

“It is not unusual in complex government contracts of this type for the government and the contractor to have questions arise regarding contract obligations,” Unisys officials wrote regarding the IG report. “Unisys has been working with TSA to address the issues that arose on the original ITMS contract.… TSA has indicated publicly its satisfaction with Unisys’ performance on the ITMS contract.”

The IG report states that TSA faced congressionally mandated deadlines and stiff budget constraints when launching the program, which made it difficult to create a workable management structure for the contract. TSA officials agreed, adding that the agency has taken steps to fix those management woes. “The contract was in the early days of TSA, and they had minimal staff and infrastructure,” Kudwa said. “They relied on industry to meet deadlines.”

The tight time frames and massive scope of ITMS would present a challenge for any contractual relationship, and the failures should be put into context, said Chip Mather, a partner at Acquisition Solutions. TSA and Unisys were building IT services from scratch, and the unique demands of the new agency and complexities of managing such a contract resulted in the rocky start, he said.

When the contract was awarded, ITMS was regarded as a unique approach and a potential model for agencies. Government and industry officials touted ITMS’ focus on results and planning. But as some of the pitfalls become visible, experts say there is still much to learn in managing performance-based contracts.

The government is used to directing contractors, Mather said, and performance-based contracts are the antithesis of that. Now, if the contract doesn’t work, it’s no longer just the vendor’s fault. Under a performance-based contract, contractor failure means government failure, he said. “Managing a performance-based contract requires a new set of skills and techniques,” he said. “It is clear that just awarding a performance-based contract is not the end-all, be-all. You have to manage it for results.”

Mather said agencies should prepare to manage a performance-based contract starting on the day of its release. Successfully managing a contract requires a cultural transformation, strategic linkage and governance — disciplines that should be established in the beginning.

Agencies may call a contract performance-based, but actually developing the performance measures and managing them is much more difficult, said Steve Kelman, a Federal Computer Week columnist and a professor at Harvard University’s Kennedy School of Government.

“We need to be careful not to make performance-based contacting just a slogan,” he said. “We need to make it the reality of the way we do contracting.”

DHS isn’t alone in the struggle to execute a performance-based contract, Kelman said. But the good news is that agencies now feel the pressure to move to this form of contracting.

“The fact that people are feeling under the gun to do performance-based contracting will lead to some situations where people do it just in name but other situations where people will do it in reality,” he said. “Now the challenge is more widely to translate that aspiration into contracting reality.”

Robert Guerra, a partner at consulting firm Guerra Kiviat, said that rather than call into question the validity of performance-based contracting, the failures show the concept of performance-based acquisitions was lost in the execution of ITMS.

In a true performance-based contract, the customer is supposed to tell the vendor the objective, rather than detailing hours and rates, and the vendor would then come back with the cost and measures, he said.

“The hard part is the philosophy, not awarding the contract,” he said.

Michael is a writer based in Chicago.

Highlights from the auditor’s reportThe Homeland Security Department’s Office of Inspector General audit examined the Transportation Security Administration’s $1 billion Information Technology Managed Services contract with Unisys.

Here are some of the findings:

  • TSA had a small staff overseeing several major acquisitions when it awarded the Unisys contract, and it was under mandated timeline and budget constraints.

  • By the beginning of fiscal 2006, more than 80 percent of the contract ceiling had been spent in less than half of the allotted time.

  • Actual costs exceeded planned costs, but Unisys failed to supply all promised services and products.

  • TSA lacked adequate performance measures two years into the program, and the existing measures were limited to a small portion of the contract’s deliverables.

  • TSA did not give airport security directors the high-speed connections necessary for daily operations.

  • Unisys properly used small-business subcontractors.
  • Source: Homeland Security Department

    X
    This website uses cookies to enhance user experience and to analyze performance and traffic on our website. We also share information about your use of our site with our social media, advertising and analytics partners. Learn More / Do Not Sell My Personal Information
    Accept Cookies
    X
    Cookie Preferences Cookie List

    Do Not Sell My Personal Information

    When you visit our website, we store cookies on your browser to collect information. The information collected might relate to you, your preferences or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. However, you can choose not to allow certain types of cookies, which may impact your experience of the site and the services we are able to offer. Click on the different category headings to find out more and change our default settings according to your preference. You cannot opt-out of our First Party Strictly Necessary Cookies as they are deployed in order to ensure the proper functioning of our website (such as prompting the cookie banner and remembering your settings, to log into your account, to redirect you when you log out, etc.). For more information about the First and Third Party Cookies used please follow this link.

    Allow All Cookies

    Manage Consent Preferences

    Strictly Necessary Cookies - Always Active

    We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

    Sale of Personal Data, Targeting & Social Media Cookies

    Under the California Consumer Privacy Act, you have the right to opt-out of the sale of your personal information to third parties. These cookies collect information for analytics and to personalize your experience with targeted ads. You may exercise your right to opt out of the sale of personal information by using this toggle switch. If you opt out we will not be able to offer you personalised ads and will not hand over your personal information to any third parties. Additionally, you may contact our legal department for further clarification about your rights as a California consumer by using this Exercise My Rights link

    If you have enabled privacy controls on your browser (such as a plugin), we have to take that as a valid request to opt-out. Therefore we would not be able to track your activity through the web. This may affect our ability to personalize ads according to your preferences.

    Targeting cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

    Social media cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.

    If you want to opt out of all of our lead reports and lists, please submit a privacy request at our Do Not Sell page.

    Save Settings
    Cookie Preferences Cookie List

    Cookie List

    A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes:

    Strictly Necessary Cookies

    We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

    Functional Cookies

    We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

    Performance Cookies

    We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

    Sale of Personal Data

    We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

    Social Media Cookies

    We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

    Targeting Cookies

    We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.