Summary

Information technology (IT) will play a critical role in strengthening our nation's homeland security against potential future attacks. Specifically, IT will help enable the nation to identify potential threats, share information more readily, provide mechanisms to protect our homeland, and develop response capabilities. The Permanent Subcommittee on Investigations of the Senate Committee on Governmental Affairs requested that we identify, for fiscal years 2002 and 2003, IT funding targeted for purposes related to homeland security in those departments and agencies that play a key role in this mission area and, using our prior work, report on the IT management issues facing these organizations. In commenting on a draft of this report, agencies provided technical comments that were incorporated in the report, as appropriate.

We identified $2.9 billion in IT funding for homeland security for fiscal year 2002 and for fiscal year 2003. For fiscal year 2002, $1.2 billion of it is for organizations proposed to move to the Department of Homeland Security. For fiscal year 2003, $1.7 billion is for organizations proposed to move to the new department. Total reported IT funding for homeland security is likely understated. For example, there may be other potential costs that are not reflected in reported totals, including multi-agency IT infrastructure, new intelligence systems, and funding for existing agency missions that appear to be related to homeland security. Of those organizations with significant IT funding that are proposed to move to the new department, the FBI's National Infrastructure Protection Center (NIPC), the Immigration and Nationalization Service (INS), the Coast Guard, and Customs have a large number of GAO recommendations from our prior work that still require action. Although we did not have specific open recommendations for many of the organizations proposed to move to the Department of Homeland Security, most are from parent organizations that, based on our prior work, still face IT management issues. The majority of open recommendations are associated with securing information, having an architecture or blueprint to guide system development efforts, managing IT investments, and developing and acquiring information systems. Since September 1996, we have reported that poor information security is a widespread federal problem and therefore have designated it a governmentwide high-risk area.