The Department of Homeland Security (DHS) plays a critical role in securing the United States against a number of threats—from protecting the nation’s borders to mitigating damaging cyber attacks and preventing attacks by radical Islamist jihadists. However, oversight reports have uncovered serious deficiencies significantly impacting DHS’s ability to efficiently and effectively secure the homeland.
In light of these reports, the House Committee on Homeland Security’s Subcommittee on Oversight and Management Efficiency held a hearing last Thursday to examine DHS’s performance and provide recommendations to improve homeland security.
“These reports show serious deficiencies in how DHS secures the border, protects federal buildings from cyber attacks, and manages billions of taxpayer dollars,” said subcommittee chairman Scott Perry (R-Penn.). “DHS must act on these and other recommendations to improve our homeland security.”
Testifying before the committee, DHS Inspector General John Roth asserted DHS faces management challenges in four major areas: unity of effort, acquisition management, cybersecurity and IT management, and financial management.
In January, DHS’s Inspector General said its “roadmap” for the DHS programs and operations it plans to evaluate in FY 2015 in its Annual Performance Plan will “assess DHS’s progress in meeting the most critical issues it faces.” The plan could change, though, the Inspector General said, due to “future developments and requests from DHS management and Congress that may occur as the year progresses.”
Unity of effort
Roth reported DHS has struggled with unity of effort since its creation. DHS has attempted to transform itself into a cohesive agency since its creation in the aftermath of the September 11, 2001 terrorist attacks, but bringing together 22 disparate agencies to form the third largest cabinet level department has continued to prove challenging.
Dr. Daniel M. Gerstein, senior policy researcher at the RAND Corporation, told lawmakers that, “It should be no surprise that the result was a loose confederation of components—such as the Transportation Security Administration [TSA], Secret Service, Federal Emergency Management Agency (FEMA), and US Coast Guard, to name a few—overseen by a relatively small number of under resourced departmental staff.”
Roth agreed, saying, “We have observed that the components often have similar responsibilities and challenges, but many times operate independently and do not unify their efforts, cooperate, or share information.”
Lack of collaboration among DHS components, as well as disregard for DHS policies, has hampered operations and lead to wasteful spending on a number of occasions. For example, one DHS Inspector General report found DHS did not effectively manage its inventory of pandemic preparedness supplies, including protective equipment and antiviral drugs, calling into question the ability of DHS personnel to effectively respond to a pandemic.
Homeland Security Today previously reported that the stockpile contained 4,982 bottles of hand sanitizer, 84 percent of which was expired. Moreover, TSA’s stock of pandemic protective equipment included about 200,000 respirators that were beyond the 5-year usability guaranteed by the manufacturer.
The glut in supplies means millions of dollars were wasted on unnecessary drugs and equipment that needed to be replaced.
Gerstein also observed a lack of national preparedness, which he believes was highlighted by the response to the Ebola outbreak, the critical shortfalls surrounding the fire in a Washington Metro station several weeks ago, and the growing number of cybersecurity incidents.
"In considering the case for change, it is worth noting that under the leadership of Secretary [Jeh] Johnson, the department has committed to building the capacities and institutions that will be required,” Gerstein said, noting, “These efforts are critical and must continue.”
DHS’s Inspector General plans to continue to monitor the department’s efforts toward achieving unity of effort in FY 2015. One audit scheduled for release in June will assess whether DHS has the information it needs to effectively manage its warehouses. Another forthcoming audit will examine whether DHS’ oversight of its training centers ensures the most cost-effective use of resources.
“A unified culture within DHS is necessary for better homeland security, as well as deriving efficiencies from the integration of operations,” Roth told the panel.
Acquisition management
Since DHS acquires more than $25 billion worth of goods and services each year, the magnitude of the department’s procurements is a major challenge to managing risks and measuring performance.
Moreover, Roth explained, “components do not always follow acquisition guidance, which leads to cost overruns, missed schedules and mediocre acquisition performance.”
For example, as Homeland Security Today reported that a recent DHS Inspector General audit determined that although Customs and Border Protection (CBP) has spent hundreds of millions of taxpayer dollars over the course of 8 years on its drone initiative, it “has yet to prove the value of its Unmanned Aircraft System program while drastically understating the costs.” Nor can CBP “demonstrate how much the program has improved border security.”
In addition, another DHS Inspector General audit found CBP did not effectively manage employee housing in Ajo, Arizona. As a result, CBP spent about $680,000 for each house that was built, which was significantly more than the Ajo average home price of $86,500.
Moving forward into FY 2015, DHS’ Inspector General plans to release an audit of CBP’s acquisition of an integrated fixed tower (IFT) system, as well as a report assessing whether the US Coast Guard is effectively managing the acquisition of eight Legend-class National Security Cutters, which will replace its 1960s-era High Endurance Cutters.
“We are moving towards a more proactive approach by performing audits throughout the acquisition process,” Roth said. “This approach would allow for course corrections early in the acquisition lifecycle before full investment in a program occurs — addressing cost, schedule, and performance problems as they occur, thus protecting a long-term investment.”
Cybersecurity and IT management
Numerous recent audits highlight some of the challenges DHS faces in protecting IT infrastructure.
A July 2015 Inspector General audit found the National Protection and Programs Directorate made progress expanding its Enhanced Cybersecurity program to share cyber threat information with qualified Commercial Service Providers and ultimately to 16 critical infrastructure sectors. However, limited outreach and resources slowed the expansion.
The Inspector General also found the department has made progress in improving its information security program, yet, despite this progress DHS and its components continued to operate information systems without the proper authority, hindering protection of sensitive information.
The auditor also determined “DHS’s oversight and enforcement of these policies undermines the department’s efforts.”
Gerstein noted, however, that DHS has come a long way, saying, “Close collaboration between the private sector and the National Cybersecurity and Communications Integration Center on emerging cybersecurity issues in several critical infrastructure areas—including in the financial and energy sectors—also demonstrates how far the department has come.”
Financial management
According to Roth, in FY 2014, DHS obtained an unmodified (clean) opinion on all financial statements for the first time in its history. While Roth said this is a significant achievement, additional improvements are still needed. In particular, FEMA has experienced a number of challenges in managing its disaster assistance program.
Last fall, Homeland Security Today reported that a Government Accountability Office (GAO) audit found DHS needs to more accurately account for federal funding provided to fusion centers. In fact, FEMA has a history of struggling to accurately track grant funding provided to fusion centers.
A majority staff report by House Committee on Homeland Security Chairman Michael McCaul (R-Texas) and Subcommittee on Counterterrorism and Intelligence Chairman Peter King (R-NY) found “FEMA’s inability to accurately account for these funds is unacceptable, and the committee has been closely monitoring FEMA’s progress to correct this serious deficiency.”
Moreover, earlier this year Homeland Security Today reported a recent DHS Inspector General report found FEMA needs to improve its oversight of the Homeland Security Grant Program (HSGP), which assists state and local agencies in preventing, protecting, mitigating, responding to and recovering from terrorist attacks, major disasters and other emergencies.
Another Inspector General audit report found deficient insurance review processes used by FEMA resulted in the agency overfunding its Fiscal Year 2004-2005 Florida hurricane grants by more than $177 million, leaving the government liable for an estimated $1 billion in future disaster costs.
“FEMA officials must assure that aid recipients’ private insurers bear their share of disaster losses before they approve the use of federal funds,” Roth said. “And it is unconscionable that those officials would also leave the taxpayers liable for future losses by defying policy and ignoring the requirement that recipients obtain insurance coverage for future storms.”
In addition, a 2014 GAO report found that while disaster response costs have steadily risen, FEMA has not taken proper action to curb its administrative costs. Citing a 2012 analysis of 1,221 small, medium and large federal disaster declarations from 1989 through 2011, GAO said the average administrative cost doubled from 9 percent to 18 percent.
In response, DHS’s Inspector General plans to continue to look for ways to help FEMA improve grant management in FY 2015.
Recommendations
Gerstein recommended DHS focus on five critical areas to bring about DHS reform: authorities and responsibilities; legislation and oversight; strategy formulation, planning, effectiveness of operations and resource allocation.
Gerstein emphasized that oversight challenges and legislation shortfalls require several important initiatives to be implemented. Legislation serves to guide the department, but is lacking in many key areas including cybersecurity, technology policy and privacy.
According to Gerstein, “More than 120 committees, subcommittees, caucuses and commissions claim some degree of jurisdiction over DHS. This fractured oversight results in conflicting guidance, micromanagement on low-level issues, a lack of strategic direction and overreporting."
In July, congressional oversight of homeland security received a particularly harsh rebuke in a report by members of the now decade-old 9/11 Commission who were reconvened by the Bipartisan Policy Center and Annenberg Public Policy Center of the University of Pennsylvania to update their original recommendations ten years ago.
The panel was unequivocal in stating that “Congressional reform is the most important unfulfilled recommendation of the 9/11 Commission” in their report, Today’s Rising Terrorist Threat and the Danger to the United States: Reflections on the Tenth Anniversary of The 9/11 Commission Report.
The panel chastised the “fragmented congressional oversight of the Department of Homeland Security.”
To assist Congress in its oversight and streamlining of the congressional oversight process, Gerstein recommended DHS submit an annual report, saying, “Such a requirement would institutionalize a strategy-to-resources discussion of ends, ways and means on a more regular basis than the four-year Quadrennial Homeland Security Review (QHSR).”
Gerstein explained, however, that his recommendations are not meant to imply DHS has not already been making progress in many of these areas, but rather DHS reform efforts must be more than rhetoric. Failure of past reform efforts is due largely to failure to codify changes through legislation.
“The time for reexamining the department and streamlining our nation’s homeland security efforts is now,” Gerstein said. “Ensuring that preparedness and response capabilities will keep pace necessitates a comprehensive review, followed by vigorous implementation.”
Editor’s note: Before he stepped down on May 16, 2014 as the longest serving DHS policy chief, David Heyman talked to Homeland Security Today exclusively about DHS’s 2014 QHSR. Former DHS procurement chief Dr. Nick Nayak and DHS procurement ombudsman Jose Arrieta also wrote about improving DHS acquisition outcomes in their August/September Homeland Security Today cover report.
