A review of 24 major acquisition programs at the Department of Homeland Security found fewer were on track to meet approved baseline goals in 2017 than in 2016, according to a new report by the Government Accountability Office (GAO).
In 2017, 10 of the 24 programs reviewed were on track to meet schedule and cost goals versus 17 of 26 programs reviewed by congressional auditors in 2016, says the report, which was released on May 17. It warns that some of the programs that are in compliance with their Acquisition Program Baseline (APB) are at risk of schedule slips or cost growth.
GAO reviewed 28 of the department’s 70 major acquisition programs, including all 16 that are considered Level 1, which pertains to program having life-cycle cost estimates of at least $1 billion.
DHS uses APBs to establish schedule, baseline cost and key performance parameters to measure a program against achieving its goals.
GAO continues to believe that DHS’ acquisition management policy is “generally sound” although shortcomings still exist, pointing to its April 2017 report on major acquisition program that showed 14 of the 26 program reviewed “deployed capabilities before meeting all key performance parameters.”
In the latest report, GAO says that in in 2017 12 programs had schedule slips with six being in breach of the APB, and that two other programs changed or breached their cost goals. The six programs in breach of their schedule face delays of six to 66 months, the report says. The other six programs with schedule slips haven’t revised their goals yet so the extent of the delays is unknown.
Not all breaches appear to be related entirely to program execution. For example, the report says that the Coast Guard’s National Security Cutter (NSC) was re-baselined in November 2017 to account for a ninth ship, which was provided by Congress and is one more than the original program of record. Still, GAO says the Coast Guard has revised life-cycle cost estimates for the NSC to account for design changes on some systems, including structural enhancements for the first two vessels.
Full operational capability for the NSC program has also been purposely delayed until September 2021 to account for delivery of the ninth ship, which is slated for September 2020. Congress in the fiscal year 2018 omnibus appropriations bill added funds for two more NSCs that weren’t requested.
DHS last summer re-baslined the APB for the cyber security program known as Continuous Diagnostics and Mitigation (CDM) to account for changes to cost, schedule and key performance parameters. GAO says the changes were made in part due to gaps found in the first phase of the program in the number of devices on federal agency networks that needed tools supplied by approved contractors under CDM. The report says that gaps ranged between 19 and 384 percent versus original plans at 12 agencies.
GAO also says that full operational capability for CDM slipped four years because deployment plans were redefined.
GAO says the department’s management of its programs can be strengthened in two areas, including the need to conduct program reassessments if a program has breached the APB “to ensure it is still relevant or affordable,” and for DHS to consider the results of program reviews after they’ve been deployed by relevant components.