What level of oversight is needed and by whom?
In light of continued project failures, should expenditure plans be prepared, reviewed, and approved for the Transformation and Systems Consolidation (TASC) project in light of the Emerge2 project failure?
Are expenditure plans an effective method for helping the Department meet cost, schedule, and performance objectives of its information technology projects?
Expenditure plan reviews have proven to be an effective method of providing accountability for projects. For example, we recently reviewed5 DHS’s Science and Technology (S&T) Directorate’s Expenditure Plan, noting that the projected expenditures were not broken out and justified as required by law. The S&T Directorate was established by the Homeland Security Act of 2002 to, among other things, coordinate the federal government’s civilian efforts to identify and develop countermeasures to emerging terrorist threats to our nation. Our review found that the S&T Directorate’s fiscal year 2007 expenditure plan, including related documentation and other information provided by S&T program officials, did not fully satisfy the conditions set forth in the Department of Homeland Security Appropriations Act of 2007.6 Specifically, management and administrative costs were not broken down by program, project, and activity (PP&A) as required by the Act. The Congress could use a similar expenditure plan approach to help provide oversight for DHS’s Transformation and Systems Consolidation (TASC) project, particularly in light of the failed eMerge2 project.
While expenditure plans can provide valuable and useful information, additional types of information are needed to fully assess the effectiveness of the processes being used to manage a project. For example, in addition to all project costs being correctly shown on an expenditure plan, the agency and others need assurance that
the risks associated with the project have been reduced to acceptable levels and
the future planned costs are realistic. These matters are best determined by
effectively implementing the disciplined processes necessary to manage a given project.
Further, given the importance of IT to DHS’s mission performance and outcomes, it is vital for the department to adopt and employ an effective institutional approach to IT investment management. We have previously recommended7 that DHS devote the appropriate attention to the development and implementation of effective investment management processes. This includes fully defining and documenting project- and portfolio-level policies and procedures that oversee (i.e., control) IT projects and systems, including specifying the procedural rules for the investment boards’ operations and decision-making during project oversight. Without this, DHS lacks the institutional capability needed to help ensure that it is investing in IT projects that
5GAO, Department of Homeland Security: Science and Technology Directorate’s Expenditure Plan, GAO-07-868 (Washington, D.C.: June 22, 2007). 6Pub. L. No. 109-295, 120 Stat. 1355, 1375 (2006). 7GAO, Information Technology: DHS Needs to Fully Define and Implement Policies and Procedures for Effectively Managing Investments, GAO-07-424 (Washington, D.C.: Apr. 27, 2007).
GAO-07-1157R DHS Posthearing Questions