Homeland Security:

DHS Enterprise Architecture Continues to Evolve but Improvements Needed

GAO-07-564: Published: May 9, 2007. Publicly Released: May 9, 2007.

Additional Materials:

Contact:

Randolph C. Hite
(202) 512-6256
contact@gao.gov

 

Office of Public Affairs
(202) 512-4800
youngc1@gao.gov

GAO designated the transformation of the Department of Homeland Security (DHS) as high risk in 2003, and it continues to do so today. One essential tool for facilitating organizational transformation is an enterprise architecture (EA)--a corporate blueprint that serves as an authoritative frame of reference for information technology investment decision making. The Congress required DHS to submit a report that includes its EA and a capital investment plan for implementing it. The Congress also required that GAO review the report. In June 2006, DHS submitted this report to the Congress. GAO's objective was to assess the status of the EA, referred to as DHS EA 2006, and the plan for implementing it. To meet this objective, GAO analyzed architectural documents relative to its prior recommendations; evaluated stakeholder comments and the process used to obtain them; and analyzed the implementation plan against relevant guidance.

DHS EA 2006 has evolved beyond prior versions, but missing architecture content and limited stakeholder input constrain its usability. While the architecture partially addresses each of the prior GAO recommendations concerning the content of DHS's architecture, the full depth and breadth of EA content that the recommendations solicited is still missing. For example, GAO recommended that DHS use, among other things, an analysis of the gaps between the current ("as-is") and future ("to-be") states of the architecture to define missing and needed capabilities and form the basis for its transition plan. However, DHS EA 2006 does not include a transition plan and it does not include any evidence of a gap analysis. In addition, department stakeholders, including component organizations and the department's EA support contractor, provided a range of comments relative to the completeness, internal consistency, and understandability of a draft of DHS EA 2006, but the majority of the comments were not addressed. Moreover, key stakeholders, such as the Coast Guard and the Transportation Security Administration, did not comment on the draft. GAO found that the extent of stakeholder participation was limited because the approach EA officials used to solicit input did not clearly define the type of information being requested and did not provide sufficient time for responding. Furthermore, DHS's capital investment plan for implementing its architecture is not based on a transition plan and is missing key information technology (IT) investments. Thus, the plan does not provide a comprehensive roadmap for transitioning the department to a target architectural state. Also, the plan does not account for all of DHS's planned investments in IT (excluding about $2.5 billion in planned IT investments). Without an architecture that is complete, internally consistent, and understandable, the usability of the DHS's EA is diminished, which in turn limits the department's ability to guide and constrain IT investments in a way that promotes interoperability, reduces overlap and duplication, and optimizes overall mission performance.

Recommendations for Executive Action

  1. Status: Closed - Implemented

    Comments: DHS has taken actions that are consistent with the intent of this recommendation. In particular, DHS is using a GAO-developed matrix that explicitly maps HLS EA 2008 content to our recommendations aimed at adding needed architectural depth and breadth. In addition, according to the DHS chief architect, future versions of the HLS EA will include a traceability matrix that maps HLS EA content to our recommendations.

    Recommendation: To ensure that DHS fully implements our prior EA recommendations and effectively solicits and addresses stakeholder comments on incremental versions of its EA, the Secretary of Homeland Security should direct the department's Chief Information Officer (CIO) to include in future versions of the department's EA a traceability matrix that explicitly maps EA content to our recommendations in sufficient detail to demonstrate their implementation.

    Agency Affected: Department of Homeland Security

  2. Status: Closed - Implemented

    Comments: DHS has taken actions to solicit stakeholder comments on the latest version of its enterprise architecture (i.e., HLS EA 2009). Specifically, it identified the type of information requested (e.g., the accuracy of component's functions) and allowed time (i.e., from October 6, 2008 to October 31, 2008) for formally obtaining and responding to comments. In addition, stakeholders were allowed to informally comment and provide feedback on the EA throughout the year, according to the DHS chief architect.

    Recommendation: To ensure that DHS fully implements our prior EA recommendations and effectively solicits and addresses stakeholder comments on incremental versions of its EA, the Secretary of Homeland Security should direct the department's CIO to ensure that future efforts to solicit stakeholder comments on the department's EA employ an effective approach that includes clearly defining the type of information requested and allowing sufficient time for obtaining and responding to these comments.

    Agency Affected: Department of Homeland Security

 

Explore the full database of GAO's Open Recommendations »

Dec 10, 2014

Sep 25, 2014

Sep 23, 2014

Jun 10, 2014

May 22, 2014

May 12, 2014

May 8, 2014

Looking for more? Browse all our products here