OMB approved Homeland Security's flawed financial management contract award

The Homeland Security Department improperly awarded CACI a contract worth nearly $500 million for a financial management system by changing contract requirements mid-competition without allowing vendors to submit revised proposals, according to a legal decision by federal auditors.

The Government Accountability Office verdict, released Wednesday, also noted that the Office of Management and Budget green-lighted the award. The purpose of the program, known as Transformation and Systems Consolidation, or TASC, is to connect financial management networks across Homeland Security agencies to a central application.

Before it awarded the contract for TASC, initially estimated to cost $1 billion, DHS reduced the scope of the program, and decided to seek a vendor to transfer only the Federal Emergency Management Agency to the new financial management system during the first phase of the program. FEMA accounts for about 3 percent of users departmentwide. The original request for proposals required that potential contractors be able to shift 20 percent of users during that period. But DHS did not amend the solicitation, or allow vendors to submit revised proposals before picking CACI for the pared-back project in November 2010. The contract awarded to CACI was worth a potential $450 million.

OMB approved the contract after reviewing all agency financial systems under development to ensure they complied with new rules designed to improve management and oversight of complex information technology projects.

"In response to OMB direction, DHS adopted a migration approach that was expected to take place over the first two years of the contract, and that required migration of a significantly smaller volume of end users as compared to the [original] assumptions upon which offerors were required to base their proposals," the legal decision states.

This issue was one of several problems cited in a decision that backs a protest by rival software firm Global Computer Enterprises to annul the CACI contract. The GAO ruling calls for Homeland Security to redo the vendor selection process in light of the new approach. But the decision does not specify whether the department should open the competition to the entire marketplace, or just the few companies -- perhaps only GCE -- whose original offers would meet the new conditions.

Homeland Security spokesman Larry Orluskie said, "We are currently assessing GAO's findings and recommendations to determine the way forward. The modernization of the department's financial, acquisition and asset systems remains a key priority for DHS."

Even before DHS awarded the work, Congress and incumbent contractors urged the department to kill the initiative because of substandard planning that the department's inspector general flagged last summer. The IG revealed that the department failed to complete key planning papers, cost projections and staffing estimates, and forbade the chief information officer from reviewing the project. The program office restricted the involvement of Chief Information Officer Richard Spires out of concerns about disrupting separate, ongoing court protests against TASC, according to the IG audit.

GCE officials declined to comment. CACI and OMB officials did not respond to requests for comment in time for publication.

"The OMB review of the financial management systems is one of the trigger points that caused these requirements to change," said Ray Bjorklund, chief knowledge officer at FedSources, a research firm. "Those were very valuable, but there can be unintended consequences from doing these kinds of reviews, putting things on halt."

Still, he said, DHS should have taken care to revise its request for proposals.

GAO protest decisions are nonbinding, but agencies typically follow them. Repeating the entire selection process could take months.

"They do really have to go back now and change the RFP and reopen the solicitation to some degree," Bjorklund said. "In the meantime, DHS still doesn't have an integrated financial management system."

The auditors also determined CACI's bid failed to comply with a work requirement that any proposed technology must currently be "integrated" and operational elsewhere in the federal government.

"In light of CACI's multiple references to its improvement or modification of the solution in use at [an agency whose name was redacted], we think the agency was on notice that there was significant doubt as to whether CACI met the integrated solution requirement," GAO officials wrote.

The decision specifically recommends DHS reevaluate its requirements for the scope of work covered by TASC, revise its original solicitation to reflect any new requirements and then obtain revised proposals.

The auditors also requested that DHS revisit the department's decision to seek an integrated system that is currently in use in the federal government, and relax the solicitation if necessary. Then, Homeland Security should evaluate bids on the revised RFP from vendors, they said. GAO did not spell out whether DHS should accept bids from new vendors or just proposals from GCE and CACI.