GAO Department of Homeland Security Ten Years After 9/11 Progress Review

Progress Made and Work Remaining in Implementing Homeland Security Missions 10 Years after 9/11

GAO-11-919T
31 pages
September 7, 2011

Since it began operations in 2003, DHS has implemented key homeland security operations and achieved important goals and milestones in many areas to create and strengthen a foundation to reach its potential. As it continues to mature, however, more work remains for DHS to address gaps and weaknesses in its current operational and implementation efforts, and to strengthen the efficiency and effectiveness of those efforts to achieve its full potential. DHS’s accomplishments include developing strategic and operational plans; deploying workforces; and establishing new, or expanding existing, offices and programs. For example, DHS

issued plans to guide its efforts, such as the Quadrennial Homeland Security Review, which provides a framework for homeland security, and the National Response Framework, which outlines disaster response guiding principles;

successfully hired, trained, and deployed workforces, such as a federal screening workforce to assume security screening responsibilities at airports nationwide; and

created new programs and offices to implement its homeland security responsibilities, such as establishing the U.S. Computer Emergency Readiness Team to help coordinate efforts to address cybersecurity threats.

Such accomplishments are noteworthy given that DHS has had to work to transform itself into a fully functioning department while implementing its missions—a difficult undertaking that can take years to achieve. While DHS has made progress, its transformation remains high risk due to its management challenges. Examples of progress made and work remaining include:

Border security. DHS implemented the U.S. Visitor and Immigrant Status Indicator Technology program to verify the identities of foreign visitors entering and exiting the country by processing biometric and biographic information. However, DHS has not yet determined how to implement a biometric exit capability and has taken action to address a small portion of the estimated overstay population in the United States (individuals who legally entered the country but then overstayed their authorized periods of admission). DHS also deployed infrastructure to secure the border between ports of entry, including more than 600 miles of fencing. However, DHS experienced schedule delays and performance problems with the Secure Border Initiative Network, which led to the cancellation of this information technology program.

Aviation security. DHS developed and implemented Secure Flight, a program for screening airline passengers against terrorist watchlist records. DHS also developed new programs and technologies to screen passengers, checked baggage, and air cargo. However, DHS does not yet have a plan for deploying checked baggage screening technologies to meet recently enhanced explosive detection requirements, a mechanism to verify the accuracy of data to help ensure that air cargo screening is being conducted at reported levels, or approved technology to screen cargo once it is loaded onto a pallet or container.

Emergency preparedness and response. DHS issued the National Preparedness Guidelines that describe a national framework for capabilities based preparedness, and a Target Capabilities List to provide a national-level generic model of capabilities defining all-hazards preparedness. DHS is also finalizing a National Disaster Recovery Framework. However, DHS needs to strengthen its efforts to assess capabilities for all-hazards preparedness, and develop a long-term recovery structure to better align timing and involvement with state and local governments’ capacity. DHS should also improve the efficacy of the grant application process by mitigating duplication or redundancy within the various preparedness grant programs.

Chemical, biological, radiological and nuclear (CBRN) threats. DHS assessed risks posed by CBRN threats and deployed capabilities to detect CBRN threats. However, DHS should work to improve its coordination of CBRN risk assessments, and identify monitoring mechanisms for determining progress made in implementing the global nuclear detection strategy.

GAO’s work identified three themes at the foundation of DHS’s challenges.

Leading and coordinating the homeland security enterprise. DHS has made important strides in providing leadership and coordinating efforts among its stakeholders. However, DHS needs to take additional action to forge effective partnerships and strengthen the sharing and utilization of information, which has affected its ability to effectively satisfy its missions. For example, the expectations of private sector stakeholders have not been met by DHS and its federal partners in areas related to sharing information about cyber-based threats to critical infrastructure. In 2005, GAO designated information sharing for homeland security as high risk because the federal government faced challenges in analyzing and sharing information in a timely, accurate, and useful way.

Implementing and integrating management functions for results. DHS has enhanced its management functions, and has plans in place to further strengthen the management of the department for results. However, DHS has not always effectively executed or integrated these functions. In 2003, GAO designated the transformation of DHS as high risk because DHS had to transform 22 agencies into one department. DHS has demonstrated strong leadership commitment and begun to implement a strategy to address its management challenges. However, these challenges have contributed to schedule delays, cost increases, and performance problems in major programs aimed at delivering important mission capabilities, such as the Coast Guard’s Deepwater Program to modernize ships and aircraft. DHS also faced difficulties in deploying technologies that meet defined requirements. Further, DHS does not yet have enough skilled personnel to carry out activities in various areas, such as acquisition management; and has not yet developed an integrated financial management system, impacting its ability to have ready access to reliable information for informed decision making.

Strategically managing risks and assessing homeland security efforts. Forming a new department while working to implement statutorily mandated and department-initiated programs and responding to evolving threats, was, and is, a significant challenge facing DHS. Key threats have impacted DHS’s approaches and investments. It is understandable that these threats had to be addressed immediately as they arose. However, limited strategic and program planning by DHS and limited assessment to inform approaches and investment decisions have contributed to programs not meeting strategic needs in an efficient manner.