recommended reading

GAO to DHS: Give IT Officials a Seat at the Table

Travelers at Seattle-Tacoma International Airport undergo luggage security screening at a TSA checkpoint.

Travelers at Seattle-Tacoma International Airport undergo luggage security screening at a TSA checkpoint. // Ted S. Warren/AP

Twenty-four of the Homeland Security Department's 36 major acquisitions are information technology programs, but the agency’s Office of the Chief Information Officer doesn’t have an official voice or vote on the council that reviews and prioritizes all the agency’s investments.

That’s a big problem, according to a Government Accountability Office audit released this week, because DHS spends billions of dollars on IT each year across its component agencies, which include the U.S. Coast Guard, the Federal Emergency Management Agency, the Secret Service, and Customs and Border Protection.

Yet, the agency’s IT office has no official vote on DHS’ Joint Requirements Council, which was reinstated in 2014 after a former version of the council went defunct in the mid-2000s. The new council is charged with informing investment priorities across all of DHS, identifying, developing and ultimately approving the department’s needs.

» Get the best federal technology news and ideas delivered right to your inbox. Sign up here.

“The OCIO currently serves as a nonvoting adviser to the JRC, even though most of DHS’ major acquisition programs are information technology related,” the audit states. “Making the OCIO’s role more formal could help minimize the risk that programs will begin with poorly developed requirements. Given that two-thirds of such investment priorities are IT-related, the OCIO needs a more permanent seat on the council.”

The current JRC board consists of a chair and 13 principals, who are senior executives across DHS headquarters and seven operational components. The JRC informs two key senior-level entities: the Deputy’s Management Action Group and the Acquisition Review Board. DMAG provides recommendations to the deputy secretary regarding annual program and budget review, while the Acquisition Review Board uses JRC input to ensure acquisition programs align with DHS’ strategic initiatives and milestones. JRC also provides “input to the budgeting process through various DHS organizations,” according to the audit, so it is difficult to understate its effect on the agency.

The audit recommends Secretary of Homeland Security Jeh Johnson direct the council to make OCIO an official member. It is unclear whether DHS will adhere to the recommendation, but a move to do so would mirror the spirit of recent IT acquisition law. The Federal Information Technology Acquisition Reform Act, for example, calls for CIOs to have budget authority over IT investments.

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats

JOIN THE DISCUSSION

Close [ x ] More from Nextgov