DHS to Manage and Improve IT Operations

Paul A. Schneider, U.S. Department of Homeland Security Under Secretary For Management, testified before the U.S. House of Representatives Committee on Homeland Security Subcommittee on Management, Investigations, and Oversight. The following is the portion of his testimony regarding information technology.
The Department has established and institutionalized Department-wide business processes and systems for managing information. The DHS Chief Information Officer (CIO) Scott Charbo, heads the CIO Council, whose membership includes the CIOs from all of the DHS components. The council works to standardize business practices where it makes sense across the Department in order to improve information sharing. These efforts will improve our IT operations and reduce costs by eliminating duplicative IT systems. At this time, more than 60% of information management investments are managed through earned value principles.

Moreover, the DHS CIO has established program management offices (PMOs) to oversee selected major investments. In addition, DHS has awarded the EAGLE and FirstSource contracting agreements, the largest contracting vehicles in the Federal Government for the procurement of IT and program management services, which should result in more streamlined and cost-effective procurements.

• The Department's Enterprise Architecture Board (EAB) reviews investments at various stages in the IRP and CPIC cycles.
• The EAB has published the DHS Enterprise Architecture Version 2.0 to be consistent with best business practices. The Homeland Security Enterprise Architecture 2006 was rated "green" by OMB and rated 5th of 27 in the Federal Government for maturity by GAO. The enterprise architecture informs the creation of DHS strategic plans and all investment reviews.
• Consolidation of major networks and systems continues, reducing seven wide-area networks and creating one common e-mail operation.
• The first 24,000 square feet of the primary data center has been opened. The next 40,000 square feet is under construction and due to open in July. We have migrated systems and more are scheduled to move. The RFP for the second DHS data center has been released.

The Chief Information Officer is working to unify and improve DHS' IT security that is essential to accomplishing our mission. The DHS CIO and Chief Financial Officer (CFO) are working through the Internal Controls Assessment Project to bring information security policy and actions to the Federal Information Security Management Act (FISMA) standards. We are executing a plan to fix identified FISMA deficiencies.

• When we held our first IT security conference (Fall 2005), certification & accreditation (C&A) completion was approximately 22%. We have since increased C&A completion to 95% (Fall 2006), which reflects a 73% increase.
• A baseline list of systems has been integrated into our budget and procurement process.
• Security controls testing increased from 54% to 87% of DHS systems.
• Annual DHS-wide IT security awareness stands at 88% with training for certain specialized job functions at 97%.
• Key policies and procedures have been revised to assure protection of personal identifiable information.