This is the accessible text file for GAO report number GAO-03-250 entitled 'Homeland Security: Information Technology Funding and Associated Management Issues' which was released on January 14, 2003. This text file was formatted by the U.S. General Accounting Office (GAO) to be accessible to users with visual impairments, as part of a longer term project to improve GAO products’ accessibility. Every attempt has been made to maintain the structural and data integrity of the original printed product. Accessibility features, such as text descriptions of tables, consecutively numbered footnotes placed at the end of the file, and the text of agency comment letters, are provided but may not exactly duplicate the presentation or format of the printed version. The portable document format (PDF) file is an exact electronic replica of the printed version. We welcome your feedback. Please E-mail your comments regarding the contents or accessibility features of this document to Webmaster@gao.gov. Report to the Chairman and Ranking Minority Member, Permanent Subcommittee on Investigations, Committee on Governmental Affairs, U.S. Senate: December 2002: Homeland security: Information Technology Funding and Associated Management Issues: GAO-03-250: GAO Highlights: Highlights of GAO-03-250, a report to the Chairman and Ranking Minority Member, Permanent Subcommittee on Investigations, Committee on Governmental Affairs, U.S. Senate: Why GAO Did This Study: Information technology (IT) will play a critical role in strengthening our nation’s homeland security against potential future attacks. Specifically, IT will help enable the nation to identify potential threats, share information more readily, provide mechanisms to protect our homeland, and develop response capabilities. The Permanent Subcommittee on Investigations of the Senate Committee on Governmental Affairs requested that we identify, for fiscal years 2002 and 2003, IT funding targeted for purposes related to homeland security in those departments and agencies that play a key role in this mission area and, using our prior work, report on the IT management issues facing these organizations. In commenting on a draft of this report, agencies provided technical comments that were incorporated in the report, as appropriate. What GAO Found: We identified $2.9 billion in IT funding for homeland security for fiscal year 2002 and for fiscal year 2003. For fiscal year 2002, $1.2 billion of it is for organizations (agencies, departments, or components of these) proposed to move to the Department of Homeland Security. For fiscal year 2003, $1.7 billion is for organizations proposed to move to the new department. Total reported IT funding for homeland security is likely understated. For example, there may be other potential costs that are not reflected in reported totals, including multi-agency IT infrastructure (for example, secure networks), new intelligence systems, and funding for existing agency missions that appear to be related to homeland security (for example, Department of Defense, Federal Aviation Administration). Of those organizations with significant IT funding that are proposed to move to the new department, the FBI’s National Infrastructure Protection Center (NIPC), the Immigration and Nationalization Service (INS), the Coast Guard, and Customs have a large number of GAO recommendations from our prior work that still require action (see figure below). Although we did not have specific open recommendations for many of the organizations proposed to move to the Department of Homeland Security, most are from parent organizations that, based on our prior work, still face IT management issues. The majority of open recommendations are associated with securing information, having an architecture or blueprint to guide system development efforts, managing IT investments, and developing and acquiring information systems. Since September 1996, we have reported that poor information security is a widespread federal problem and therefore have designated it a governmentwide high-risk area. Highlights Figure: Selected Departmentseith Open GAO IT Recommendations and Associated Homeland Security IT Funding Requested for Fiscal Year 2003: [See PDF for image] [End of image] Contents: Letter: Agency Comments: Appendixes: Appendix I: Homeland Security IT Funding and Associated Management Issues: Appendix II: Homeland Security IT Funding, by CFO Agency: Appendix III: Open Recommendations, by CFO Agency: December 13, 2002: The Honorable Carl Levin Chairman The Honorable Susan Collins Ranking Minority Member Permanent Subcommittee on Investigations Committee on Governmental Affairs United States Senate: Information technology (IT) will play a critical role in strengthening our nation’s homeland security against potential future attacks. Specifically, IT will help enable the nation to identify potential threats, share information more readily, provide mechanisms to protect our homeland, and develop response capabilities. As you requested, our objectives were to identify fiscal years 2002 and 2003 IT funding targeted for purposes related to homeland security in those departments and agencies that play a key role in this mission area and, using our prior work, report on the IT management issues facing these departments and agencies. To identify IT funding targeted for purposes related to homeland security in fiscal years 2002 and 2003, we requested and reviewed budget documentation from each of the 24 chief financial officer (CFO) departments and agencies, including their Exhibit 300s,[Footnote 1] Exhibit 53s,[Footnote 2] and other documents that identify IT funding for homeland security. In addition, we reviewed the Office of Management and Budget’s (OMB) June 2002 Annual Report to Congress on Combating Terrorism and the President’s June 2002 report entitled The Department of Homeland Security. To report on the IT management issues facing the 24 CFO departments and agencies, we reviewed GAO IT products for fiscal years 1997-2002. We identified the recommendations from these products, which we organized by department or agency, and categorized them into specific IT areas (for example, information security). Subsequently, we followed up on each recommendation to determine whether action had been taken to address it.[Footnote 3] On October 1, 2002, we provided a briefing to your offices on the results of this work.[Footnote 4] The briefing slides are included as appendixes I-III. As agreed with your offices, the purpose of this letter is to provide the published briefing slides to you. In brief, we identified $2.9 billion in IT funding for homeland security for fiscal year 2002 and for fiscal year 2003. For fiscal year 2002, $1.2 billion is for organizations (agencies, departments, or components of these) proposed to move to the Department of Homeland Security. For fiscal year 2003, $1.7 billion is for organizations proposed to move to the new department. However, total reported IT funding for homeland security is likely understated, because there may be other potential costs that are not reflected in reported totals, including multi-agency IT infrastructure (for example, secure networks), new intelligence systems, and funding for existing agency missions that appear to be related to homeland security (for example, Department of Defense, Federal Aviation Administration). The majority of the funding requested for fiscal year 2003 was reported by the Department of Justice’s Immigration and Naturalization Service (INS), the Department of Transportation’s Transportation Security Agency, and the Department of the Treasury’s United States Customs Service. Beginning with the fiscal year 2004 budget submission, agencies are to indicate in Exhibit 53s whether IT projects are related to homeland security. The organizations that are proposed to move to the new department will face IT management issues. Of those organizations with significant IT funding that are proposed to move to the new department, the FBI’s National Infrastructure Protection Center, the INS, the Coast Guard, and Customs have a large number of GAO recommendations that still require action. Although we did not have specific open recommendations for many of the organizations proposed to move to the Department of Homeland Security, most are from parent organizations that, based on our prior work, still face IT management issues. Of those recommendations that still require action, the majority of open recommendations are associated with securing information (information security), having an architecture or blueprint to guide system development efforts (enterprise architecture), managing IT investments (investment management), and developing and acquiring information systems (systems development and acquisition). Since September 1996, we have reported that poor information security is a widespread federal problem and therefore have designated it a governmentwide high-risk area. Agency Comments: We provided a draft of this report to the 24 CFO departments and agencies for comment. Several departments and agencies provided oral technical comments that we have incorporated into this report, as appropriate. As agreed with your staff, unless you publicly announce the contents of this report earlier, we plan no further distribution of it until 30 days from the date of this letter. At that time, we will send copies of this report to other interested congressional parties. We also will make copies available to others upon request. In addition, the report will be available at no charge on the GAO Web site at http:// www.gao.gov. Should you or your staff have any questions on matters discussed in this report, please contact me at (202) 512-6408. I can also be reached by E-mail at WillemssenJ@gao.gov. Key contributors to this report were Lester Diamond, Joanne Fiorino, Robert Kershaw, Dave Powner, Karl Seifert, Kevin Secrest, and Eric Winter. Signed by Joel C. Willemssen: Joel C. Willemssen Managing Director, Information Technology Issues: [End of section] Appendixes: Appendix I: Homeland Security IT Funding and Associated Management Issues: [See PDF for image] [End of figure] [End of section] Appendix II: Homeland Security IT Funding, by CFO Agency: [See PDF for image] [End of figure] [End of section] Appendix III: Open Recommendations, by CFO Agency: [See PDF for image] [End of figure] FOOTNOTES [1] Exhibit 300s are federal budget documents containing program and project information and associated cost, schedule, and performance information. [2] Exhibit 53s list all of the IT projects and their associated costs within a federal organization and are to be prepared each year as part of the budget process in accordance with OMB Circular A-11. [3] Our approach focused on agencies and areas where we have conducted IT reviews and was not intended to reflect IT management capabilities across the government. Also, it did not include Inspector General reports. [4] We have amended the briefing as of November 22, 2002, to include minor changes and technical updates. GAO’s Mission: The General Accounting Office, the investigative arm of Congress, exists to support Congress in meeting its constitutional responsibilities and to help improve the performance and accountability of the federal government for the American people. GAO examines the use of public funds; evaluates federal programs and policies; and provides analyses, recommendations, and other assistance to help Congress make informed oversight, policy, and funding decisions. GAO’s commitment to good government is reflected in its core values of accountability, integrity, and reliability. Obtaining Copies of GAO Reports and Testimony: The fastest and easiest way to obtain copies of GAO documents at no cost is through the Internet. GAO’s Web site ( www.gao.gov ) contains abstracts and full-text files of current reports and testimony and an expanding archive of older products. The Web site features a search engine to help you locate documents using key words and phrases. You can print these documents in their entirety, including charts and other graphics. Each day, GAO issues a list of newly released reports, testimony, and correspondence. GAO posts this list, known as “Today’s Reports,” on its Web site daily. The list contains links to the full-text document files. To have GAO e-mail this list to you every afternoon, go to www.gao.gov and select “Subscribe to daily E-mail alert for newly released products” under the GAO Reports heading. Order by Mail or Phone: The first copy of each printed report is free. Additional copies are $2 each. A check or money order should be made out to the Superintendent of Documents. GAO also accepts VISA and Mastercard. Orders for 100 or more copies mailed to a single address are discounted 25 percent. Orders should be sent to: U.S. General Accounting Office 441 G Street NW, Room LM Washington, D.C. 20548: To order by Phone: Voice: (202) 512-6000: TDD: (202) 512-2537: Fax: (202) 512-6061: To Report Fraud, Waste, and Abuse in Federal Programs: Contact: Web site: www.gao.gov/fraudnet/fraudnet.htm E-mail: fraudnet@gao.gov Automated answering system: (800) 424-5454 or (202) 512-7470: Public Affairs: Jeff Nelligan, managing director, NelliganJ@gao.gov (202) 512-4800 U.S. General Accounting Office, 441 G Street NW, Room 7149 Washington, D.C. 20548: