Изображения страниц
PDF
EPUB

Critical Infrastructure Protection: Significant Challenges in Safeguarding
Government and Privately Controlled Systems from Computer-Based
Attacks (GAO-01-1168T, September 26, 2001).

Critical Infrastructure Protection: Significant Challenges in Protecting Federal
Systems and Developing Analysis and Warning Capabilities (GAO-01-1132T,
September 12, 2001).

Critical Infrastructure Protection: Significant Challenges in Developing Analysis,
Warning, and Response Capabilities (GAO-01-1005T, July 25, 2001).

Critical Infrastructure Protection: Significant Challenges in Developing Analysis,
Warning, and Response Capabilities (GAO-01-769T, May 22, 2001).

Critical Infrastructure Protection: Significant Challenges in Developing National
Capabilities (GAO-01-323, April 25, 2001).

Critical Infrastructure Protection: Challenges to Building a Comprehensive
Strategy for Information Sharing and Coordination (T-AIMD-00-268, July 26,
2000).

Critical Infrastructure Protection: Comments on the Proposed Cyber Security
Information Act of 2000 (T-AIMD-00-229, June 22, 2000).

Critical Infrastructure Protection: National Plan for Information Systems
Protection (AIMD-00-90R, February 11, 2000).

Critical Infrastructure Protection: Comments on the National Plan for Information
Systems Protection (T-AIMD-00-72, February 1, 2000).

Critical Infrastructure Protection: Fundamental Improvements Needed to Assure
Security of Federal Operations (T-AIMD-00-7, October 6, 1999).

Critical Infrastructure Protection: Comprehensive Strategy Can Draw on Year 2000
Experiences (AIMD-00-1, October 1, 1999).

Disaster Assistance

Disaster Assistance: Improvement Needed in Disaster Declaration Criteria and Eligibility Assurance Procedures (GAO-01-837, August 31, 2001).

Federal Emergency Management Agency: Status of Achieving Key Outcomes and
Addressing Major Management Challenges (GAO-01-832, July 9, 2001).

FEMA and Army Must Be Proactive in Preparing States for Emergencies (GAO-01-850, August 13, 2001).

Budget and Management

Results-Oriented Budget Practices in Federal Agencies (GAO-01-1084SP, August 2001).

Managing for Results: Federal Managers' Views on Key Management Issues Vary Widely Across Agencies (GAO-010592, May 2001).

Determining Performance and Accountability Challenges and High Risks (GAO-01-159SP, November 2000).

Managing for Results: Using the Results Act to Address Mission Fragmentation and
Program Overlap (GAO/AIMD-97-156, August 29, 1997).

Government Restructuring: Identifying Potential Duplication in Federal Missions and Approaches (GAO/T-AIMD-95-161, June 7, 1995).

Government Reorganization: Issues and Principals (GAO/T-GGD/AIMD-95-166, May 17, 1995).

Reorganization

FBI Reorganization: Initial Steps Encouraging but Broad Transformation Needed (GAO02-865T, June 21, 2002).

Grant Design

Grant Programs: Design Features Shape Flexibility, Accountability, and Performance Information (GAO/GGD-98-137, June 22, 1998).

Federal Grants: Design Improvements Could Help Federal Resources Go Further (GAO/AIMD-97-7, December 18, 1996).

Block Grants: Issues in Designing Accountability Provisions (GAO/AIMD-95-226,
September 1, 1995).

Management

A Model of Strategic Human Capital Management (GAO-02-373SP, March 15, 2002).

High Risk Series: An Update (GAO-01-263, January 2001).

STANFORD UNIVERSITY LIBRARIES

107-2 Hearing: Protecting The Homeland
Y 4.J 89/2:S.HRG.107-928

30

30

[graphic][subsumed][subsumed][subsumed]

is vital for Congress to address the total spending for homeland security as well as to ensure that the total allocations are in fact implemented subsequently in the authorization and appropriations process. In addition, DHS must also track the spending for the non-homeland security missions of the department.

As we have indicated, many important activities relevant to homeland security will continue to be housed in other agencies outside the department, such as the protection of nuclear power plants and drinking water, and require the new department to work collaboratively. The proposed legislation addresses this challenge in several instances by authorizing the new department to transfer and/or control resources for some of these related programs. For instance, the department is given authority to set priorities for research on bioterrorism by the Department of Health and Human Services, but it is unclear how this will occur.

Although consolidating activities in one department may produce savings over the longer term, there will be certain transition costs in the near term associated with setting up the new agency, acquiring space, providing for new information systems, and other assorted administrative expenses. Some of these costs, such as developing new systems, may be one time in nature, while others, such as the overhead necessary to administer the department will be continuing. Congress may very well decide that these new costs should be absorbed from the appropriations of programs and agencies being consolidated into the department. Indeed, it appears that the Administration's proposal seeks to facilitate this by authorizing the Secretary to draw up to five percent of unobligated balances from accounts to be included in the new department after notification to the Congress. While these transfers may be sufficient to fund the transition, the costs of the transition should be transparent to Congress up front as it considers the proposed new department.

The initial estimated funding for the new department is $37.7 billion. This estimate reportedly includes the total funds, both for homeland and non-homeland security missions of the incoming agencies and programs. Agencies and programs migrating to the new department have different financial systems, as well as financial management challenges. Further, the new department would have numerous financial relationships with other federal departments, as well as state and local government and the private sector. It will be essential that the department have very strong financial stewardship to manage these funds. It is important to re-emphasize that the department should be brought under the Chief Financial Officers (CFO) Act and related financial management statutes. A Chief Financial Officer, as provided by the CFO Act, would be a significant step to ensuring the senior leadership necessary to cut across organizational boundaries to institutionalize sound financial systems and practices and provide good internal controls and accountability for financial resources. Systems that produce reliable financial information will be critical to managing day-to-day operations and holding people accountable.

Acquisition Management

Sound acquisition management is central to accomplishing the department's mission. While the details are still emerging, the new department is expected to spend billions annually to acquire a broad range of products, technologies, and services from private-sector companies. Getting the most from this investment will depend on how well the department manages its acquisition activities. Our reports have shown that that some of the government's largest procurement operations are not always particularly well run. In fact, three agencies with major

procurement operations - DOD, DOE and NASA -- have been on our high-risk list for the last 10 years.

28

To ensure successful acquisition outcomes, and effectively integrate the diverse organizational elements that will comprise the new department, we believe the department needs to adopt a strategic perspective on acquisition needs, including the establishing a Chief Acquisition Officer. Key elements of a strategic approach involve leadership, sound acquisition strategies, and a highly skilled workforce. Our acquisition best practices work29 shows that a procurement executive or chief acquisition officer plays a crucial role in implementing a strategic approach to acquisition. At the leading companies we visited, such officials were corporate executives who had authority to influence decisions on acquisitions, implement needed structural process or role changes, and provide the necessary clout to obtain buy-in and acceptance of reengineering and reform efforts. Good acquisition outcomes start with sound acquisition strategies. Before committing substantial resources, the department should look across all of its organizational elements to ensure that requirements are linked to mission needs and costs and alternative solutions have been considered. Finally, having the right people with the right skills to successfully manage acquisitions is critical to achieving the department's mission. Many agencies are experiencing significant skill and experience imbalances. This will be a particular leadership challenge for the acquisition function.

The administration's proposal would allow the department to deviate from the normal federal acquisition rules and laws. Certainly, there could be situations where it might be necessary to expedite or streamline procurement processes so that the department is not handicapped in its ability to protect American citizens against terrorism. We support such flexibilities in these situations. However, it is not clear from our review of the administration's proposal exactly what flexibilities are being requested. Moreover, depending on how farreaching such flexibilities go, we are concerned about whether the department will have an acquisition workforce with the skills and capabilities to execute the acquisition function outside of the normal procurement structure.

Risk Management

A risk assessment is central to risk management and involves the consideration of several factors. Generally, the risk assessment process is a deliberate, analytical approach to identify which threats can exploit which vulnerabilities in an organization's specific assets. The factors to consider include analyzing the vulnerabilities, identifying and characterizing the threat, assessing the value of the asset, identifying and costing countermeasures, and assessing risks. After these factors are considered, an organization can decide on implementing actions to reduce the risk. It is very difficult to rank threats. However, it is more constructive to consider a range of threats and review the vulnerabilities and criticality of assets when contemplating decisions on resource allocations toward homeland security. As a nation, we must be able to weather a variety of threat-oriented scenarios with prudent planning and execution. Therefore it is very important to ensure that the right resources are applied to the most appropriate areas based on a risk based management approach.

[blocks in formation]

20

Best Practices: Taking a Strategic Approach Could Improve DOD's Acquisition of Services, January 18, 2002 (GAO-02-230).

« ПредыдущаяПродолжить »