Skip to main content

Homeland Security: Planned Expenditures for U.S. Visitor and Immigrant Status Program Need to Be Adequately Defined and Justified

GAO-07-278 Published: Feb 14, 2007. Publicly Released: Feb 14, 2007.
Jump To:
Skip to Highlights

Highlights

The Department of Homeland Security (DHS) has established a program--the U.S. Visitor and Immigrant Status Indicator Technology (US-VISIT)--to collect, maintain, and share information, including biometric identifiers, on selected foreign nationals who travel to the United States. By congressional mandate, DHS is to develop and submit for approval an expenditure plan for US-VISIT that satisfies certain conditions, including being reviewed by GAO. GAO was required to determine if the plan satisfied these conditions, follow up on recommendations related to the expenditure plan, and provide any other observations. To address the mandate, GAO assessed plans against federal guidelines and industry standards and interviewed the appropriate DHS officials.

Recommendations

Recommendations for Executive Action

Agency Affected Recommendation Status
Department of Homeland Security To ensure that US-VISIT is better defined and justified and that our prior recommendations aimed at instilling greater results-oriented performance management and accountability in the program are fully implemented, the Secretary of DHS should direct the US-VISIT Acting Program Director to report regularly to the Secretary and to the DHS authorization and appropriations committees on the range of program risks associated with not having fully satisfied all expenditure plan legislative conditions, reasons why they were not satisfied, and steps being taken to mitigate these risks.
Closed – Not Implemented
Over the last 3 years, the US-VISIT program office has not reported to the DHS Secretary and the DHS authorization and appropriation committees on program risks associated with not fully satisfying expenditure plan legislative conditions, reasons for not satisfying them, and steps being taken to mitigate these risks. For example, we reported that the fiscal year 2007 expenditure plan only partially satisfied such legislative conditions as compliance with OMB capital planning and investment control guidance and compliance with the DHS enterprise architecture and that the plan did not satisfy the condition that it include a comprehensive US-VISIT strategic plan. However, the risk-related reports that the US-VISIT program office subsequently submitted to DHS leadership did not address these unsatisfied legislative conditions. Further, while program officials told us that they have periodically met with relevant congressional committees, and during these meetings they discuss program risks related to expenditure plans, we have yet to receive any evidence to support these statements. Further, staff with the House and Senate appropriations subcommittees who are responsible for US-VISIT told us that they could not recall program officials addressing these risks when they met.
Department of Homeland Security To ensure that US-VISIT is better defined and justified and that our prior recommendations aimed at instilling greater results-oriented performance management and accountability in the program are fully implemented, the Secretary of DHS should direct the US-VISIT Acting Program Director to limit planned expenditures for exit pilots and demonstration projects until such investments are economically justified and until each investment has a well-defined evaluation plan. The projects should be justified on the basis of costs, benefits, and risks, and the evaluation plans should define what is to be achieved and should include a plan of action and milestones and measures for demonstrating achievement of pilot and project goals and desired outcomes.
Closed – Implemented
DHS reassessed its plans for an exit capability, including the exit pilots and demonstration project, and decided to discontinue the demonstration project in November 2006 and to cancel the exit pilots in May 2007.
Department of Homeland Security To ensure that US-VISIT is better defined and justified and that our prior recommendations aimed at instilling greater results-oriented performance management and accountability in the program are fully implemented, the Secretary of DHS should direct the US-VISIT Acting Program Director to work with the DHS Enterprise Architecture Board to identify and mitigate program risks associated with investing in new US-VISIT capabilities in the absence of a DHS-wide operational and technological context for the program. These risks should reflect the absence of fully defined relationships and dependencies with related border security and immigration enforcement programs.
Closed – Implemented
DHS has implemented this recommendation through two mechanisms that identify and mitigate risks related to investing in new US-VISIT capabilities. First, new US-VISIT investments are assessed in department-level reviews to ensure alignment with the DHS enterprise architecture (EA) and to examine how they map to the department's business model. According to US-VISIT officials, the department's Enterprise Architecture Board conducts Enterprise Architecture Decision reviews for the key Acquisition Decision Events specified in DHS Directive 102-01. The reviews are to assess investments for overlap and/or duplication of capability, validation against the architecture standards and methodologies, and compliance with the department's Technical Reference Model, and to identify reusable business processes for potential future consolidation and interoperability throughout DHS. Based on documentation from a January 2011 Enterprise Architecture Decision review, and a subsequent February 2011 Acquisition Decision Event review, for a new investment to improve US-VISIT's system architecture and enhance biometric interoperability with other agencies, we verified that these reviews examined risks for the project, although none were identified. Second, US-VISIT officials reported that the program conducts architectural risk assessments throughout the systems engineering life cycle to ensure that projects conform to the EA and minimize unnecessary cost, duplication and redundancy. We confirmed that the July 2010 US-VISIT Risk Management Plan identifies technical and architecture risks as a major risk category and requires the capture and management of risks through the project life cycle. The plan also specifies that this category of risk aligns with those of the department's Next Generation Periodic Reporting System in order to facilitate escalation through monthly reporting to the DHS senior leadership, if required. According to the officials, the program proactively captures and manages architecture-related risks within its risk data repository and conducts quarterly reviews of all risks within the repository.
Department of Homeland Security To ensure that US-VISIT is better defined and justified and that our prior recommendations aimed at instilling greater results-oriented performance management and accountability in the program are fully implemented, the Secretary of DHS should direct the US-VISIT Acting Program Director to limit planned expenditures for program management-related activities until such investments are economically justified and have well-defined plans detailing what is to be achieved, include a plan of action and milestones, and should include measures for demonstrating progress and achievement of desired outcomes. The investments should be justified on the basis of costs, benefits, and risks.
Closed – Not Implemented
Although DHS agreed with this recommendation in comments on our report and has taken some steps to better define its program management expenditures, it has not completed an economic justification of its program management investments or defined a detailed set of actions, milestones, and measures that would link its program management activities to program outcomes. Although the department has provided greater detail on how program management funds are to be expended in US-VISIT expenditure plans since fiscal year 2007, the planned expenditures were not economically justified on the basis of costs, benefits, and risks. Further, while these plans described program management goals and general timeframes for their completion, they did not contain plans of action with meaningful measures for demonstrating progress in achieving the stated goals. According to program officials, DHS has been conducting a bottom-up financial review of US-VISIT that is to economically demonstrate the program's investment in program management-related activities, and is to provide OMB with historic and projected program management costs. However, while GAO was told by US-VISIT officials that this review was underway in April 2010, in July 2011, US-VISIT officials stated that the program was still responding to that review.

Full Report

Office of Public Affairs

Topics

AccountabilityBiometricsCongressional oversightDocumentationFinancial analysisHomeland securityImmigration and naturalization lawInvestment planningProcurement planningProgram evaluationProgram managementStrategic planningCost analysisTransparency