210 House Capitol Visitor Center
Chairman Perry, Ranking Member Correa, and distinguished members of the Subcommittee, thank you for the opportunity to appear today to discuss financial systems modernization (FSM) at the Department of Homeland Security (DHS). My comments will focus on our progress to date, challenges we have experienced, and why we are on the right path for this initiative.
We acknowledge that improving DHS financial management systems has been a long-term effort, but during our recent modernization efforts, we have achieved successes, and continue to achieve planned milestones. Twenty-three months ago, we successfully moved the Domestic Nuclear Detection Office (DNDO) to a new shared services baseline solution that provides increased functionality, reduces audit risk, and provides real-time integration. We are preparing to move the Transportation Security Administration (TSA) functionality into production. The current solution meets 75 percent of DNDO, TSA, and the U.S. Coast Guard’s (USCG) requirement needs. Once TSA is in production, 85 percent of DHS functional requirements for DNDO, TSA, and the USCG financial, acquisition, and asset management will be met.
Additionally, U.S. Customs and Border Protection (CBP) is on a modernized platform, the Federal Law Enforcement Training Centers (FLETC) have performed a successful upgrade to its current financial system, and the U.S. Secret Service is finalizing its implementation of a solution upgrade to occur in October 2017. We will continue to build on these successes as we move forward.
DHS has had a critical need to modernize its financial management systems from its inception. When DHS was first established, there were 13 separate core financial systems across its components, operating under legacy policies and disparate business processes. These systems were comprised of outdated technology, were mostly non-integrated—with many still relying on manual processes which led to inconsistent data and reporting—and did not fully support DHS goals of strong, integrated internal controls and enhanced efficiency and security.
Previous attempts to integrate DHS components’ financial, asset, and acquisition management systems include the 2004 eMerge2 Program, which was halted due to its inability to build the necessary and critical integration among various commercial software products, and the Transformation and Systems Consolidation (TASC) program.
The Department’s efforts to modernize its financial management systems have been subject to repeated legal challenges before the Government Accountability Office (GAO), the U.S. Court of Federal Claims, and the Court of Appeals for the Federal Circuit. Most recently, the Inter-Agency Agreement process with the Department of the Interior (DOI) was challenged. The Department prevailed in that litigation (and the appeal) in October 2016.
Despite having a complex mission and systems that are not interoperable, DHS has been able to achieve and sustain an unmodified–clean–audit opinion on our financial statements for the past four years.
Working together, the financial management community launched a multi-year effort to drive the Department toward a clean audit opinion and a full accounting for how it spends taxpayer dollars. Through dedication of senior leadership, development and implementation of standard policies and processes for financial reporting such as the DHS Accounting Classification Structure (ACS) and Common Appropriation Structure (CAS), hiring of talented professionals, commitment of our workforce, improvement of our business intelligence tools, and consistent and continuous training, DHS has achieved audit success and reduced the number of material weaknesses in our internal controls over financial reporting from 18 to three.
After the TASC program was halted, DHS again moved to meet its financial management system needs by following direction provided by the Under Secretary for Management (USM) in a September 2011 memorandum, Moving Forward with Financial Systems Projects. The approach was to modernize components with the greatest business need for modernized financial management systems and leverage business intelligence to aggregate data in lieu of acquiring a Department-wide solution.
In establishing the FSM program, we followed the OMB memorandum M-13-08, Improving Financial Management Systems Through Shared Services, which prescribed a shared service approach for new core accounting systems proposals or mixed systems upgrades. Following the direction of the previous USM and the OMB directive’s guidance, DHS identified the USCG, with TSA and DNDO as their customers, as the components with the most critical need to update their current system.
OMB provided a limited number of Federal Shared Service Providers (FSSP) certified to service large cabinet-level agencies such as DHS. The DOI’s Interior Business Center (IBC) is one of four OMB-designated FSSPs certified through Treasury’s Office of Financial Innovation and Transformation (FIT). In 2013, DHS established an Inter-Agency Agreement for a Discovery phase to evaluate the IBC solution and its fit for DNDO, TSA and the USCG.
Through the Discovery process, IBC validated they could transition the three components to their solution, and DHS confirmed that the IBC solution would meet the components’ functional and operational support needs. DHS and IBC worked closely with OMB and Treasury to obtain approval to proceed with implementation. As a pilot, DNDO, a small DHS component, migrated to the accounting solution in November 2015 and then migrated to the procurement part of the solution in March 2016.
Overall, this integrated solution provides improved functionality and integration, has a lower risk of information security issues, will provide a consolidated view of project costs across components, and increases transparency and reliability of information. The solution also supports the implementation of the DHS ACS.
Throughout our four-year partnership, there have been several challenges including an incomplete understanding of the requirements and complexities related to providing a standard solution for a Cabinet-level agency the size of DHS. The recent GAO audit also highlighted five categories that name many of the areas where we faced these challenges: complex requirements, project resources, project schedule, project cost, and project management and communications.
Late in 2016, IBC informed DHS they would not be able to continue the USCG implementation and could not support further engagement activities with other DHS components as planned. DHS and IBC agreed that preserving the investment DHS has made is now paramount and will move us forward while delivering the best value for the Government. However, the current structure of the project between IBC and DHS is not sustainable. DHS and IBC determined the best path is to move the software solution to a new hosting location, or data center, and for DHS to assume operation of the system while we continue the TSA and USCG migrations.
Both IBC and DHS have worked closely together to build out the remaining requirements for TSA. TSA will transition to the system once data migration, user training, and organizational change management activities are complete, the system stability has been proven, and any risks to auditability are mitigated. Moving forward, our FSM approach will shift from leveraging FSSPs to reemphasizing the DHS business process standardization and further reducing our system footprint where possible.
We have found our personnel have the deepest understanding of DHS mission needs and how they are best supported through systems and processes. Our management team remains fully engaged and integrated; the Office of the Chief Information Officer and the Office of the Chief Procurement Officer are particularly involved in the day-to-day work of implementing our integrated financial management solution. We have reached out to components and brought in additional subject matter expertise across relevant business process areas, strengthened our testing and evaluation program, involved systems engineers from the DHS Science & Technology Directorate, and are working closely with the Office of Program Accountability and Risk Management to meet best practices and minimize risks.
The decision to leverage the solution currently in use by DNDO provides the best available option to meet DHS financial management needs for TSA and USCG within a reasonable timeframe. DHS will preserve its robust governance structure, with Acquisition Review Board oversight, and a fully engaged FSM Executive Steering Committee. Additionally, the DHS Management Chiefs and Components will continue working closely together to ensure success as the FSM initiative moves forward.
To apply the lessons learned from the IBC engagement and better support the initiative going forward, DHS has changed its implementation approach from individual component projects to a single initiative and added a Joint Program Management Office (JPMO). The JPMO provides centralized program governance and streamlined decision-making; this stands in contrast to our effort with IBC, where governance and decision making was split across two entities.
The JPMO is responsible for successful execution, schedule maintenance, risk management, and all other program management activities. The JPMO is staffed with DHS Headquarters and component subject matter experts working together to better identify and mitigate risk, implement risk mitigation plans, increase component integration, and support business process standardization across the Department.
DHS will leverage internal program management processes and expertise to lead the program and introduce implementation support tools to perform requirements management, evaluate system performance, and coordinate and document testing. We will require earned value management from our vendors and establish quality controls for services and deliverables. We will increase transparency into costing and status, using a time and materials methodology initially and transitioning to a firm fixed price once we have a very clear picture of our detailed requirements for the hosting and system integrators.
The GAO-17-799 Report examines the extent to which DHS followed best practices in analyzing alternatives and selecting its FSM approach; whether DHS used best practices when managing the risks of using IBC; and the key factors and challenges that have impacted the FSM program and DHS’s plans for completing key priorities. DHS concurs with both GAO recommendations to improve guidance related to conducting Analysis of Alternatives and to improve our risk management approach. Actions are already in progress to address these recommendations, and they will be incorporated into the current FSM efforts.
In summary, DHS has made a significant investment in the IBC financial management solution, which has delivered a standardized baseline solution with increased functionality and integration for DNDO and will deliver improved financial operations for TSA and USCG when they migrate. We will continue to move forward, exercising sound business judgment, obtaining the best value for the Department, and striving for a wise use of public resources while maintaining our clean audit opinion, mitigating risks, and incorporating lessons learned. We cannot keep patching our legacy systems at components and never realize the benefits that come from moving to a modern integrated business solution that meets our requirements. We will continue to keep you updated on the progress of our plan for the transition from IBC.
Chairman Perry, Ranking Member Correa, and distinguished members of the Subcommittee, thank you again for the opportunity to testify today and I look forward to your questions.