GAO-08-646T, Department of Homeland Security: Progress Made in Implementation of Management Functions, but More Work Remains


This is the accessible text file for GAO report number GAO-08-646T 
entitled 'Department Of Homeland Security: Progress Made in 
Implementation of Management Functions, but More Work Remains' which 
was released on April 9, 2008.

This text file was formatted by the U.S. Government Accountability 
Office (GAO) to be accessible to users with visual impairments, as part 
of a longer term project to improve GAO products' accessibility. Every 
attempt has been made to maintain the structural and data integrity of 
the original printed product. Accessibility features, such as text 
descriptions of tables, consecutively numbered footnotes placed at the 
end of the file, and the text of agency comment letters, are provided 
but may not exactly duplicate the presentation or format of the printed 
version. The portable document format (PDF) file is an exact electronic 
replica of the printed version. We welcome your feedback. Please E-mail 
your comments regarding the contents or accessibility features of this 
document to Webmaster@gao.gov. 

This is a work of the U.S. government and is not subject to copyright 
protection in the United States. It may be reproduced and distributed 
in its entirety without further permission from GAO. Because this work 
may contain copyrighted images or other material, permission from the 
copyright holder may be necessary if you wish to reproduce this 
material separately. 

Testimony: 

Before the Subcommittee on Management, Investigations, and Oversight, 
Committee on Homeland Security, House of Representatives: 

United States Government Accountability Office: 
GAO: 

For Release on Delivery: 
Expected at 2:00 p.m. EST:
Wednesday, April 9, 2008: 

Department Of Homeland Security: 

Progress Made in Implementation of Management Functions, but More Work 
Remains: 

Statement of Norman J. Rabkin: 
Managing Director: 
Homeland Security and Justice Issues: 

GAO-08-646T: 

GAO Highlights: 

Highlights of GAO-08-646T, a testimony before the Subcommittee on 
Management, Investigations, and Oversight, Committee on Homeland 
Security, House of Representatives. 

Why GAO Did This Study: 

The Department of Homeland Security (DHS) began operations in March 
2003 with missions that include preventing terrorist attacks from 
occurring within the United States, reducing U.S. vulnerability to 
terrorism, minimizing damages from attacks that occur, and helping the 
nation recover from any attacks. GAO has reported that the 
implementation and transformation of DHS is an enormous management 
challenge. GAO’s prior work on mergers and acquisitions found that 
successful transformations of large organizations, even those faced 
with less strenuous reorganizations than DHS, can take at least 5 to 7 
years to achieve. This testimony addresses (1) the progress made by DHS 
in implementing its management functions; and (2) key issues that have 
affected the department’s implementation efforts. This testimony is 
based on GAO’s August 2007 report evaluating DHS’s progress between 
March 2003 and July 2007; selected reports issued since July 2007; and 
GAO’s institutional knowledge of homeland security and management 
issues. 

What GAO Found: 

Within each of its management areas—acquisition, financial, human 
capital, information technology, and real property management—DHS has 
made some progress, but has also faced challenges. 

* DHS has recognized the need to improve acquisition outcomes and taken 
some positive steps to organize and assess the acquisition function, 
but continues to lack clear accountability for the outcomes of 
acquisition dollars spent. The department also has not fully ensured 
proper oversight of its contractors providing services closely 
supporting inherently government functions. 

* DHS has designated a Chief Financial Officer and taken actions to 
prepare corrective action plans for its internal control weaknesses. 
However, DHS has been unable to obtain an unqualified audit opinion of 
its financial statements, and for fiscal year 2007 the independent 
auditor identified significant deficiencies in DHS’s internal control 
over financial reporting. 

* DHS has taken actions to implement its human capital system by, for 
example, issuing a departmental training plan and human capital 
operational plan. Among other things, DHS still needs to implement a 
human capital system linked to its strategic plan, establish a market-
based and more performance-oriented pay system, and seek more routine 
feedback from employees. 

* DHS has taken actions to develop information technology management 
controls, such as developing an information technology human capital 
plan and developing policies to ensure the protection of sensitive 
information. However, DHS has not yet fully implemented a comprehensive 
information security program or a process to effectively manage 
information technology investments. 

* DHS has developed an Asset Management Plan and established 
performance measures consistent with Federal Real Property standards. 
However, DHS has yet to demonstrate full implementation of its Asset 
Management Plan or full use of asset management inventory information. 

Various cross-cutting issues have affected DHS’s implementation 
efforts. For example, DHS has not yet updated its strategic plan and 
put in place structures to help it manage for results. 

Accountability and transparency are critical to effectively 
implementing DHS’s management functions. GAO has experienced delays in 
obtaining access to needed information from DHS, though over the past 
year, GAO’s access has improved. GAO is hopeful that planned revisions 
to DHS’s guidance for working with GAO will streamline our access to 
documents and officials. 

DHS’s 5 year anniversary provides an opportunity for the department to 
review how it has matured as an organization. As part of our broad 
range of work, GAO will continue to assess DHS’s progress in addressing 
high-risk issues. In particular, GAO will continue to assess the 
progress made by the department in its transformation efforts and 
whether any progress made is sustainable over the long term. 

What GAO Recommends: 

While this testimony contains no new recommendations, GAO has made over 
900 recommendations to DHS over the past 5 years to strengthen 
departmental operations. DHS has implemented some of these 
recommendations and is in the process of implementing others. 

To view the full product, including the scope and methodology, click on 
[hyperlink, http://www.gao.gov/cgi-bin/getrpt?GAO-08-646T]. For more 
information, contact Norm Rabkin at (202) 512-8777 or rabkinn@gao.gov. 

[End of section] 

Mr. Chairman and Members of the Subcommittee: 

I appreciate the opportunity to appear today to discuss the Department 
of Homeland Security's (DHS) efforts to implement its management 
functions. DHS began operations in March 2003 with missions that 
include preventing terrorist attacks from occurring within the United 
States, reducing U.S. vulnerability to terrorism, minimizing damages 
from attacks that occur, and helping the nation recover from any 
attacks. The department has initiated and continued the implementation 
of various policies and programs to address these missions as well as 
its nonhomeland security functions.[Footnote 1] DHS has also taken a 
number of actions designed to integrate its management functions and to 
transform its component agencies into an effective cabinet-level 
department. Prior to the creation of DHS, we testified on whether the 
reorganization of government agencies might better address the nation's 
homeland security needs.[Footnote 2] At that time, we identified that 
the nation had a unique opportunity to create an effective and 
performance-based organization to strengthen the nation's ability to 
protect its borders and citizens. We noted that the magnitude of the 
challenges that the new department would face would require substantial 
time and effort to overcome, and that the implementation of the new 
department would be extremely complex. 

In 2003, we designated the implementation and transformation of DHS as 
high risk because it represented an enormous undertaking that would 
require time to achieve in an effective and efficient manner.[Footnote 
3] We further identified that the components that became part of the 
department already faced a wide array of existing challenges, and any 
failure to effectively carry out its mission would expose the nation to 
potentially serious consequences. In designating the implementation and 
transformation of DHS as high risk, we noted that building an effective 
department would require consistent and sustained leadership from top 
management to ensure the needed transformation of disparate agencies, 
programs, and missions into an integrated organization. Our prior work 
on mergers and acquisitions, undertaken before the creation of DHS, 
found that successful transformations of large organizations, even 
those faced with less strenuous reorganizations than DHS, can take at 
least 5 to 7 years to achieve. 

In August 2007, we reported on the progress DHS had made since its 
inception in implementing its management and mission 
functions.[Footnote 4] We identified specific actions that DHS was to 
achieve based on legislation, homeland security presidential 
directives, DHS strategic planning documents, and other sources, and 
reported on the progress the department made in implementing these 
actions. 

My testimony today addresses (1) the progress made by DHS in 
implementing its management functions in the areas of acquisition, 
financial, human capital, information technology, and real property 
management; and (2) key issues that have affected the department's 
implementation efforts. My statement is based on the results of our 
August 2007 report evaluating the extent to which DHS has achieved 
congressional and Administration expectations set out for them in its 
management and mission areas; selected products we issued on DHS since 
July 2007; and our institutional knowledge of homeland security and 
various government organizational and management issues. For our August 
2007 report on DHS progress, we conducted our work from September 2006 
to July 2007. In April 2008, we updated this work with selected 
reports. We conducted our work in accordance with generally accepted 
government auditing standards. Those standards require that we plan and 
perform the audit to obtain sufficient, appropriate evidence to provide 
a reasonable basis for our findings and conclusions based on our audit 
objectives. We believe that the evidence obtained provides a reasonable 
basis for our findings and conclusions based on our audit objectives. 

Summary: 

DHS has made progress in implementing its management functions in the 
areas of acquisition, financial, human capital, information technology, 
and real property management. However, we have identified challenges 
remaining in each of these areas. 

* DHS has made some progress in strengthening its acquisition 
management functions. For example, DHS has recognized the need to 
improve acquisition outcomes and taken some positive steps to organize 
and assess the acquisition function, but continues to lack clear 
accountability for the outcomes of acquisition dollars spent. The 
department also has not fully ensured proper oversight of its 
contractors providing services closely supporting inherently government 
functions. 

* In the area of financial management, although it has designated a 
Chief Financial Officer and taken steps to prepare corrective action 
plans for its internal control weaknesses, DHS has been unable to 
obtain an unqualified audit opinion on its financial statements, and 
for fiscal year 2007, the independent auditor issued a disclaimer on 
DHS's financial statements and identified significant deficiencies-- 
the majority of which were so serious they qualified as material 
weaknesses--in DHS's internal control over financial reporting. DHS 
needs to subject all its financial statements to annual audits and 
correct the identified internal control weaknesses. 

* DHS has taken steps to implement its human capital system. For 
example, in July 2005 DHS issued a departmental training plan and in 
April 2007 issued its Fiscal year 2007 and 2008 Human Capital 
Operational Plan. However, DHS still needs to implement a human capital 
system that links to its strategic plan, implement more effective 
processes to recruit and hire employees with needed skills, establish a 
market-based and more performance-oriented pay system, seek more 
routine feedback from employees, and implement its training plan. 

* DHS has undertaken efforts to establish various information 
technology management controls and capabilities. For example, DHS 
organized information technology management in the Office of the Chief 
Information Officer, developed an information technology human capital 
plan that is largely consistent with federal guidance and best 
practices, and developed policies and procedures to ensure the 
protection of sensitive information. However, DHS has not fully 
implemented a comprehensive information security program. Furthermore, 
it has not yet fully aligned all of its investments with a 
comprehensive enterprise architecture or implemented a process to 
effectively manage its information technology investments. 

* In the area of real property management, DHS has developed an Asset 
Management Plan, developed a generally complete real property data 
inventory, submitted this inventory for inclusion in the governmentwide 
real property database, and established performance measures consistent 
with Federal Real Property standards. However, in August 2007 we 
reported that DHS had yet to demonstrate full implementation of its 
asset management plan and full use of asset inventory information and 
performance measures in management decisionmaking. 

A variety of cross-cutting issues have affected DHS's efforts to 
implement its management functions. For example, DHS has not issued an 
updated strategic plan and has not yet fully developed adequate 
performance measures or put in place structures to help ensure that the 
agency is managing for results. Accountability and transparency are 
critical to effectively implementing DHS's management functions. We 
have experienced delays in obtaining access to needed information from 
DHS components, though over the past year, our access has improved in 
certain areas. We are hopeful that planned revisions to its 
departmental guidance for working with us and its Office of Inspector 
General (IG) will streamline our access to needed documents and agency 
officials. 

Background: 

In July 2002, President Bush issued the National Strategy for Homeland 
Security. The strategy set forth overall objectives to prevent 
terrorist attacks within the United States, reduce America's 
vulnerability to terrorism, and minimize the damage and assist in the 
recovery from attacks that occur. The strategy further identified a 
plan to strengthen homeland security through the cooperation and 
partnering of federal, state, local, and private sector organizations 
on an array of functions. It also specified a number of federal 
departments, as well as nonfederal organizations, that have important 
roles in securing the homeland, with DHS having key responsibilities in 
implementing established homeland security mission areas. This strategy 
was updated and reissued in October 2007. 

In November 2002, the Homeland Security Act of 2002 was enacted into 
law, creating DHS. The act defined the department's missions to include 
preventing terrorist attacks within the United States; reducing U.S. 
vulnerability to terrorism; and minimizing the damages, and assisting 
in the recovery from, attacks that occur within the United States. The 
act further specified major responsibilities for the department, 
including the analysis of information and protection of infrastructure; 
development of countermeasures against chemical, biological, 
radiological, and nuclear, and other emerging terrorist threats; 
securing U.S. borders and transportation systems; and organizing 
emergency preparedness and response efforts. DHS began operations in 
March 2003. Its establishment represented a fusion of 22 federal 
agencies to coordinate and centralize the leadership of many homeland 
security activities under a single department.[Footnote 5] 

We have evaluated many of DHS's management functions and programs since 
the department's establishment, and have issued over 400 related 
products. In particular, in August 2007, we reported on the progress 
DHS had made since its inception in implementing its management and 
mission functions.[Footnote 6] We also reported on broad themes that 
have underpinned DHS's implementation efforts, such as agency 
transformation, strategic planning, and risk management. Over the past 
five years, we have made over 900 recommendations to DHS on ways to 
improve operations and address key themes, such as to develop 
performance measures and set milestones for key programs and implement 
internal controls to help ensure program effectiveness. DHS has 
implemented some of these recommendations, taken actions to address 
others, and taken other steps to strengthen its mission activities and 
facilitate management integration. 

DHS Has Made Progress in Implementing Its Management Functions, but Has 
Faced Challenges in Its Implementation Efforts: 

DHS has made progress in implementing its management functions in the 
areas of acquisition, financial, human capital, information technology, 
and real property management. Overall, DHS has made more progress in 
implementing its mission functions--border security; immigration 
enforcement; immigration services; and aviation, surface 
transportation, and maritime security; for example--than its management 
functions, reflecting an initial focus on implementing efforts to 
secure the homeland. DHS has had to undertake these critical missions 
while also working to transform itself into a fully functioning cabinet 
department--a difficult undertaking for any organization and one that 
can take, at a minimum, 5 to 7 years to complete even under less 
daunting circumstances. As DHS continues to mature as an organization, 
we have reported that it will be important that it works to strengthen 
its management areas since the effectiveness of these functions will 
ultimately impact its ability to fulfill its mission to protect the 
homeland. 

Acquisition Management. DHS's acquisition function includes managing 
and overseeing nearly $16 billion in acquisitions to support its broad 
and complex missions, such as information systems, new technologies, 
aircraft, ships, and professional services. DHS has recognized the need 
to improve acquisition outcomes and taken some positive steps to 
organize and assess the acquisition function, but continues to lack 
clear accountability for the outcomes of acquisition dollars spent. A 
common theme in our work on acquisition management is DHS's struggle to 
provide adequate support for its mission components and resources for 
departmentwide oversight. DHS has not yet accomplished its goal of 
integrating the acquisition function across the department. For 
example, the structure of DHS's acquisition function creates ambiguity 
about who is accountable for acquisition decisions because it depends 
on a system of dual accountability and cooperation and collaboration 
between the Chief Procurement Officer (CPO) and the component heads. In 
June 2007, DHS officials stated that they were in the process of 
modifying the lines of business management directive, which exempts the 
Coast Guard and the Secret Service from complying, to ensure that no 
contracting organization is exempt.[Footnote 7] This directive has not 
yet been revised. 

In September 2007, we reported on continued acquisition oversight 
issues at DHS, identifying that the department has not fully ensured 
proper oversight of its contractors providing services closely 
supporting inherently government functions.[Footnote 8] The CPO has 
established a departmentwide program to improve oversight; however, DHS 
has been challenged to provide the appropriate level of oversight and 
management attention to its service contracting and major investments, 
and we continue to be concerned that the CPO may not have sufficient 
authority to effectively oversee the department's acquisitions. DHS 
still has not developed clear and transparent policies and processes 
for all acquisitions. Concerns have been raised about how the 
investment review process has been used to oversee its largest 
acquisitions, and the investment review process in still under 
revision. We have ongoing work reviewing oversight of DHS's major 
investments which follows-up on our prior recommendations.[Footnote 9] 
Regarding the acquisition workforce, our work and the work of the DHS 
IG has found acquisition workforce challenges across the department; we 
have ongoing work in this area as well. 

Financial Management. DHS's financial management efforts include 
consolidating or integrating component agencies' financial management 
systems. DHS has made progress in addressing financial management and 
internal control weaknesses and has designated a Chief Financial 
Officer, but the department continues to face challenges in these 
areas. However, since its establishment, DHS has been unable to obtain 
an unqualified or "clean" audit opinion on its financial statements. 
For fiscal year 2007, the independent auditor issued a disclaimer on 
DHS's financial statements and identified eight significant 
deficiencies in DHS's internal control over financial reporting, seven 
of which were so serious that they qualified as material weaknesses. 
[Footnote 10] DHS has taken steps to prepare corrective action plans 
for its internal control weaknesses by, for example, developing and 
issuing a departmentwide strategic plan for the corrective action plan 
process and holding workshops on corrective action plans. While these 
are positive steps, DHS and its components have not yet fully 
implemented corrective action plans to address all significant 
deficiencies--including the material weaknesses-- identified by 
previous financial statement audits. According to DHS officials, the 
department has developed goals and milestones for addressing these 
weaknesses in its internal control over financial reporting. Until 
these weaknesses are resolved, DHS will not be in position to provide 
reliable, timely, and useful financial data to support day-to-day 
decision making. 

Human Capital Management. DHS's key human capital management areas 
include pay, performance management, classification, labor relations, 
adverse actions, employee appeals, and diversity management. DHS has 
significant flexibility to design a modern human capital management 
system, and in October 2004 DHS issued its human capital strategic 
plan. DHS and the Office of Personnel Management jointly released the 
final regulations on DHS's new human capital system in February 2005. 
Although DHS intended to implement the new personnel system in the 
summer of 2005, court decisions enjoined the department from 
implementing certain labor management portions of the system. DHS has 
since taken actions to implement its human capital system. In July 2005 
DHS issued its first departmental training plan, and in April 2007, it 
issued its Fiscal Year 2007 and 2008 Human Capital Operational Plan. 
This plan identifies five department priorities--hiring and retaining a 
talented and diverse workforce; creating a DHS-wide culture of 
performance; creating high-quality learning and development programs 
for DHS employees; implementing a DHS-wide integrated leadership 
system; and being a model of human capital service excellence. DHS has 
met some of the goals identified in the plan, such as developing a 
hiring model and a communication plan. However, more work remains for 
DHS to fully implement its human capital system. For example, DHS has 
not yet taken steps to fully link its human capital planning to overall 
agency strategic planning nor has it established a market-based and 
more performance-oriented pay system. DHS has also faced difficulties 
in developing and implementing effective processes to recruit and hire 
employees. Although DHS has developed its hiring model and provided it 
to all components, we reported in August 2007 that DHS had not yet 
assessed components' practices against the model.[Footnote 11] 
Furthermore, employee morale at DHS has been low, as measured by the 
results of the 2006 U.S. Office of Personnel Management Federal Human 
Capital Survey. DHS has taken steps to seek employee feedback and 
involve them in decision making by, for example, expanding its 
communication strategy and developing an overall strategy for 
addressing employee concerns reflects in the survey results. In 
addition, although DHS has developed a department-level training 
strategy, it has faced challenges in fully implementing this strategy. 

Information Technology Management. DHS's information technology 
management efforts should include: 

* developing and using an enterprise architecture, or corporate 
blueprint, as an authoritative frame of reference to guide and 
constrain system investments; 

* defining and following a corporate process for informed decision 
making by senior leadership about competing information technology 
investment options; 

* applying system and software development and acquisition discipline 
and rigor when defining, designing, developing, testing, deploying, and 
maintaining systems; 

* establishing a comprehensive, departmentwide information security 
program to protect information and systems; 

* having sufficient people with the right knowledge, skills, and 
abilities to execute each of these areas now and in the future; and: 

* centralizing leadership for extending these disciplines throughout 
the organization with an empowered Chief Information Officer. 

DHS has undertaken efforts to establish and institutionalize the range 
of information technology management controls and capabilities noted 
above that our research and past work have shown are fundamental to any 
organization's ability to use technology effectively to transform 
itself and accomplish mission goals. For example, DHS has organized 
roles and responsibilities for information technology management under 
the Chief Information Officer. DHS has also developed an information 
technology human capital plan that is largely consistent with federal 
guidance and associated best practices. In particular, we reported that 
the plan fully addressed 15 and partially addressed 12 of 27 practices 
set forth in the Office of Personnel Management's human capital 
framework. However, we reported that DHS's overall progress in 
implementing the plan had been limited. With regard to information 
technology investment management, DHS has established a management 
structure to help manage its investments. However, DHS has not always 
fully implemented any of the key practices our information technology 
investment management framework specifies as being needed to actually 
control investments. Furthermore, DHS has developed an enterprise 
architecture, but we have reported that major DHS information 
technology investments have not been fully aligned with DHS's 
enterprise architecture. In addition, DHS has not fully implemented a 
comprehensive information security program. While it has taken actions 
to ensure that its certification and accreditation activities are 
completed, the department has not shown the extent to which it has 
strengthened incident detection, analysis, and reporting and testing 
activities. 

Real Property Management. DHS's responsibilities for real property 
management are specified in Executive Order 13327, "Federal Real 
Property Asset Management," and include the establishment of a Senior 
Real Property Officer, development of an asset inventory, and 
development and implementation of an asset management plan and 
performance measures. In June 2006, the Office of Management and Budget 
upgraded DHS's Real Property Asset Management Score from red to yellow 
after DHS developed an Asset Management Plan, developed a generally 
complete real property data inventory, submitted this inventory for 
inclusion in the governmentwide real property inventory database, and 
established performance measures consistent with Federal Real Property 
Council standards.[Footnote 12] DHS also designated a Senior Real 
Property Officer. However, in August 2007 we reported that DHS had yet 
to demonstrate full implementation of its asset management plan and 
full use of asset inventory information and performance measures in 
management decision making.[Footnote 13] 

Cross-cutting Issues Have Hindered DHS's Implementation Efforts: 

Our work has identified various cross-cutting issues that have hindered 
DHS's progress in its management areas. We have reported that while it 
is important that DHS continue to work to strengthen each of its core 
management functions, it is equally important that these key issues be 
addressed from a comprehensive, departmentwide perspective to help 
ensure that the department has the structure and processes in place to 
effectively address the threats and vulnerabilities that face the 
nation. These issues include agency transformation, strategic planning 
and results management, and accountability and transparency. 

Agency Transformation. In 2007 we reported that DHS's implementation 
and transformation remained high risk because DHS had not yet developed 
a comprehensive management integration strategy and its management 
systems and functionsæespecially related to acquisition, financial, 
human capital, and information technology managementæwere not yet fully 
integrated and wholly operational.[Footnote 14] We have recommended, 
among other things, that agencies on the high-risk list produce a 
corrective action plan that defines the root causes of identified 
problems, identifies effective solutions to those problems, and 
provides for substantially completing corrective measures in the near 
term. Such a plan should include performance metrics and milestones, as 
well as mechanisms to monitor progress. In March 2008 we received a 
draft of DHS's corrective action plan and have provided the department 
with some initial feedback. We will continue to review the plan and 
expect to be able to provide additional comments on the plan in the 
near future. 

Strategic Planning and Results Management. DHS has not always 
implemented effective strategic planning efforts, has not yet issued an 
updated strategic plan, and has not yet fully developed adequate 
performance measures or put into place structures to help ensure that 
the agency is managing for results. DHS has developed performance goals 
and measures for some of its programs and reports on these goals and 
measures in its Annual Performance Report. However, some of DHS's 
components have not developed adequate outcome-based performance 
measures or comprehensive plans to monitor, assess, and independently 
evaluate the effectiveness of their plans and performance. Since 
issuance of our August 2007 report, DHS has begun to develop 
performance goals and measures for some areas in an effort to 
strengthen its ability to measures its progress in key management and 
mission areas. We commend DHS's efforts to measure its progress in 
these areas and have agreed to work with the department to provide 
input to help strengthen established measures. 

Accountability and Transparency. Accountability and transparency are 
critical to the department effectively integrating its management 
functions and implementing its mission responsibilities. We have 
reported that it is important that DHS make its management and 
operational decisions transparent enough so that Congress can be sure 
that it is effectively, efficiently, and economically using the 
billions of dollars in funding it receives annually.[Footnote 15] We 
have encountered delays at DHS in obtaining access to needed 
information, which have impacted our ability to conduct our work in a 
timely manner. Since we highlighted this issue last year to this 
subcommittee, our access to information at DHS has improved. For 
example, TSA has worked with us to improve its process for providing us 
with access to documentation. DHS also provided us with access to its 
national level preparedness exercise. Moreover, in response to the 
provision in the DHS Appropriations Act, 2008, that restricts a portion 
of DHS's funding until DHS certifies and reports that it has revised 
its guidance for working with GAO.[Footnote 16] DHS has provided us 
with a draft version of its revised guidance. We have provided DHS with 
comments on this draft and look forward to continuing to collaborate 
with the department. 

Concluding Observations: 

DHS is now 5 years old, a key milestone for the department. Since its 
establishment, DHS has had to undertake actions to secure the border 
and the transportation sector and defend against, prepare for, and 
respond to threats and disasters while simultaneously working to 
transform itself into a fully functioning cabinet department. Such a 
transformation is a difficult undertaking for any organization and can 
take, at a minimum, 5 to 7 years to complete even under less daunting 
circumstances. 

Nevertheless, DHS's 5-year anniversary provides an opportunity for the 
department to review how it has matured as an organization. As part of 
our broad range of work reviewing DHS management and mission programs, 
we will continue to assess in the coming months DHS's progress in 
addressing high-risk issues. In particular, we will continue to assess 
the progress made by the department in its transformation and 
information sharing efforts, and assessing whether any progress made is 
sustainable over the long term. Further, as DHS continues to evolve and 
transform, we will review its progress and performance and provide 
information to Congress and the public on its efforts. 

This concludes my prepared statement. I would be pleased to answer any 
questions you and the Subcommittee Members may have. 

GAO Contact and Staff Acknowledgments: 

For further information about this testimony, please contact Norman J. 
Rabkin, Managing Director, Homeland Security and Justice, at 202-512- 
8777 or rabkinn@gao.gov. Other key contributors to this statement were 
Cathleen A Berrick, Anthony DeFrank, Rebecca Gambler, and Thomas 
Lombardi. 

[End of section] 

Footnotes: 

[1] Examples of nonhomeland security functions include Coast Guard 
search and rescue and naturalization services. 

[2] GAO, Homeland Security: Critical Design and Implementation Issues, 
[hyperlink, http://www.gao.gov/cgi-bin/getrpt?GAO-02-957T] (Washington, 
D.C.: July 17, 2002). 

[3] GAO, High-Risk Series: An Update, [hyperlink, 
http://www.gao.gov/cgi-bin/getrpt?GAO-03-119] (Washington, D.C.: 
January 2003). 

[4] GAO, Department of Homeland Security: Progress Report on 
Implementation of Mission and Management Functions, [hyperlink, 
http://www.gao.gov/cgi-bin/getrpt?GAO-07-454] (Washington, D.C.: Aug. 
17, 2007). 

[5] These 22 agencies, offices, and programs were U.S. Customs Service; 
U.S. Immigration and Naturalization Service; Federal Protective 
Service; Transportation Security Administration; Federal Law 
Enforcement Training Center; Animal and Plant Health Inspection 
Service; Office for Domestic Preparedness; Federal Emergency Management 
Agency; Strategic National Stockpile and the National Disaster Medical 
System; Nuclear Incident Response Team; Domestic Emergency Support 
Team; National Domestic Preparedness Office; Chemical, Biological, 
Radiological, and Nuclear Countermeasures Program; Environmental 
Measures Laboratory; National BW Defense Analysis Center; Plum Island 
Animal Disease Center; Federal Computer Incident Response Center; 
National Communications System; National Infrastructure Protection 
Center; Energy Security and Assurance Program; Secret Service; and U.S. 
Coast Guard. 

[6] [hyperlink, http://www.gao.gov/cgi-bin/getrpt?GAO-07-454]. 

[7] GAO, Department of Homeland Security: Progress and Challenges in 
Implementing the Department's Acquisition Oversight Plan, [hyperlink, 
http://www.gao.gov/cgi-bin/getrpt?GAO-07-900] (Washington, D.C.: June 
13, 2007). 

[8] GAO, Department of Homeland Security: Improved Assessment and 
Oversight Needed to Manage Risk of Contracting for Selected Services, 
[hyperlink, http://www.gao.gov/cgi-bin/getrpt?GAO-07-990] (Washington, 
D.C.: Sept. 17, 2007). 

[9] GAO, Homeland Security: Successes and Challenges in DHS's Efforts 
to Create an Effective Acquisition Organization, [hyperlink, 
http://www.gao.gov/cgi-bin/getrpt?GA0-05-179] (Washington, D.C.: Mar. 
29, 2005). 

[10] A material weakness is a significant deficiency, or a combination 
of significant deficiencies, that result in more than a remote 
likelihood that a material misstatement of the financial statements 
will not be prevented or detected. A significant deficiency is a 
control deficiency, or combination of control deficiencies, that 
adversely affects the entity's ability to initiate, authorize, record, 
process, or report financial data reliably in accordance with generally 
accepted accounting principles such that there is more than a remote 
likelihood that a misstatement of the entity's financial statements 
that is more than inconsequential will not be prevented or detected. 

[11] [hyperlink, http://www.gao.gov/cgi-bin/getrpt?GAO-07-454]. 

[12] The administration's agency scorecard for real property management 
was established in fiscal year 2004 to measure each agency's progress 
in implementing Executive Order 13327 on "Federal Real Property Asset 
Management." 

[13] [hyperlink, http://www.gao.gov/cgi-bin/getrpt?GAO-07-454]. 

[14] GAO, High-Risk Series: An Update, [hyperlink, 
http://www.gao.gov/cgi-bin/getrpt?GAO-07-310] (Washington, D.C.: 
January 2008). 

[15] [hyperlink, http://www.gao.gov/cgi-bin/getrpt?GAO-07-454]. 

[16] Consolidated Appropriations Act, 2008, Pub. L. No. 110-161, Div. 
E, 121 Stat. 1844, 2042 (2007) (requiring further that DHS define in a 
memorandum to its employees the roles and responsibilities of the DHS 
IG). 

[End of section] 

GAO's Mission: 

The Government Accountability Office, the audit, evaluation and 
investigative arm of Congress, exists to support Congress in meeting 
its constitutional responsibilities and to help improve the performance 
and accountability of the federal government for the American people. 
GAO examines the use of public funds; evaluates federal programs and 
policies; and provides analyses, recommendations, and other assistance 
to help Congress make informed oversight, policy, and funding 
decisions. GAO's commitment to good government is reflected in its core 
values of accountability, integrity, and reliability. 

Obtaining Copies of GAO Reports and Testimony: 

The fastest and easiest way to obtain copies of GAO documents at no 
cost is through GAO's Web site [hyperlink, http://www.gao.gov]. Each 
weekday, GAO posts newly released reports, testimony, and 
correspondence on its Web site. To have GAO e-mail you a list of newly 
posted products every afternoon, go to [hyperlink, http://www.gao.gov] 
and select "E-mail Updates." 

Order by Mail or Phone: 

The first copy of each printed report is free. Additional copies are $2 
each. A check or money order should be made out to the Superintendent 
of Documents. GAO also accepts VISA and Mastercard. Orders for 100 or 
more copies mailed to a single address are discounted 25 percent. 
Orders should be sent to: 

U.S. Government Accountability Office: 
441 G Street NW, Room LM: 
Washington, D.C. 20548: 

To order by Phone: 
Voice: (202) 512-6000: 
TDD: (202) 512-2537: 
Fax: (202) 512-6061: 

To Report Fraud, Waste, and Abuse in Federal Programs: 

Contact: 

Web site: [hyperlink, http://www.gao.gov/fraudnet/fraudnet.htm]: 
E-mail: fraudnet@gao.gov: 
Automated answering system: (800) 424-5454 or (202) 512-7470: 

Congressional Relations: 

Ralph Dawn, Managing Director, dawnr@gao.gov: 
(202) 512-4400: 
U.S. Government Accountability Office: 
441 G Street NW, Room 7125: 
Washington, D.C. 20548: 

Public Affairs: 

Chuck Young, Managing Director, youngc1@gao.gov: 
(202) 512-4800: 
U.S. Government Accountability Office: 
441 G Street NW, Room 7149: 
Washington, D.C. 20548: