Information Technology:
Improvements for Acquisition of Customs Trade Processing System Continue, but Further Efforts Needed to Avoid More Cost and Schedule Shortfalls
GAO-08-46: Published: Oct 25, 2007. Publicly Released: Oct 25, 2007.
Additional Materials:
- Highlights Page:
- Full Report:
- Accessible Text:
Contact:
(202) 512-6256
contact@gao.gov
Office of Public Affairs
(202) 512-4800
youngc1@gao.gov
The Department of Homeland Security (DHS) established the Automated Commercial Environment (ACE) program to replace and supplement existing cargo processing technology. According to the fiscal year 2007 DHS appropriations act, DHS is to develop and submit an expenditure plan for ACE that satisfies certain conditions, including being reviewed by GAO. GAO reviewed the plan to (1) determine whether the expenditure plan satisfies the legislative conditions, (2) determine the status of 15 open GAO recommendations, and (3) provide observations about the expenditure plan and DHS's management of the program. To address the mandate, GAO assessed plans and related documentation against federal guidelines and industry standards and interviewed the appropriate DHS officials.
The ACE expenditure plan satisfies many--but not all--of the legislative conditions specified in the fiscal year 2007 DHS appropriations act. Specifically, the plan (with related program documentation and officials' statements) complies with acquisition rules, requirements, guidelines, and management practices of the federal government; includes a DHS certification that an independent verification and validation agent is under contract; was reviewed and approved by DHS and the Office of Management and Budget (OMB); and was reviewed by GAO. In addition, it partially satisfies conditions for meeting the capital planning and investment control review requirements established by OMB in Circular A-11 (part 7), including information security, and for complying with the DHS enterprise architecture. DHS has implemented eight open GAO recommendations made during the past 4 years, including those related to performance measures and targets, independent verification and validation, cost estimation, and program reporting. Seven other recommendations made during this time are in the process of being implemented. With respect to these seven, DHS has taken steps to satisfy each, such as establishing an accountability framework, reducing overlap and concurrence among ACE releases, and completing a privacy impact assessment, and actions are under way or planned to more fully address them. GAO is making three new observations about the expenditure plan and the management of ACE. First, the program is taking needed steps to redefine requirements for several ACE releases because of limitations in the completeness of original requirements, but this redefinition is likely to introduce significant program schedule delays and cost increases. Second, the changes to ACE requirements have led to replacement of a key commercial product, but the new product carries the risk of negatively impacting user productivity. Third, the automated database used for managing ACE risks is incomplete and does not contain information needed to adequately inform program decisions. All told, DHS has continued to make progress on ACE, and the program is better positioned today for delivering promised capabilities and benefits than it has been in the past. Nevertheless, key program management practices relating to, for example, human capital management, requirements management, and risk management remain a challenge, and other management areas, such as information security and architecture alignment, continue to require attention. As a result, GAO sees major program schedule delays and cost overruns on the horizon. To improve ACE management and minimize exposure to risk, it is important for DHS to remain vigilant in its efforts to satisfy ACE legislative requirements, fully implement prior GAO recommendations, and keep Congress fully informed about the program's status, plans, and risk.
Recommendations for Executive Action
Status: Closed - Implemented
Comments: As of May 2011, U.S. Customs and Border Protection (CBP) had substantially met this recommendation by reporting to Congress in its quarterly reports on the status of unmet legislative conditions and our recommendations. In a series of reports from fiscal year 2006 through 2011, CBP individually identified all of the unmet conditions and recommendations from this report except one (for the legislative condition that the Automated Commercial Environment (ACE) spend plan satisfy capital planning and investment control review requirements established by OMB in Circular A-11), described actions taken to satisfy them and implement mitigation strategies, and informed Congress when its actions were complete. As a result, Congress was better informed of CBP's progress in strengthening its management of ACE and could more fully determine whether ACE was meeting its program performance goals.
Recommendation: To further strengthen ACE management and promote accountability for ACE performance and results, the Secretary of Homeland Security should direct the Customs and Border Protection (CBP) Commissioner to ensure that future quarterly reports to the House and Senate Appropriations Committees disclose the risks and associated mitigation strategies of not having fully satisfied the expenditure plan legislative conditions and not having completed implementation of all our prior recommendations.
Agency Affected: Department of Homeland Security
Status: Closed - Implemented
Comments: U.S. Customs and Border Protection (CBP) demonstrated implementation of this recommendation in its report to Congress for the third quarter of fiscal year 2009. This report related results from its analysis of redefined requirements and commercial products for the Automated Commercial Environment (ACE), and presented its conclusion that no long-term cost or schedule impacts were anticipated because the new solution would (a) be better integrated with CBP architecture, (b) meet ACE requirements with equivalent development efforts, (c) address performance concerns with hardware additions, and (d) not affect the ACE architecture. The report also described the status and impacts of changing its commercial off-the-shelf solution from SAP Enterprise Portal to SAP Transaction Server. Finally, the report documented a lesson learned by stating that CBP realized the necessity of early identification and resolution of issues such as this, and had reorganized its architecture team to provide more oversight across release teams. By implementing this recommendation, CBP has provided Congress with additional assurance that it has appropriately analyzed ACE's requirements and commercial solution when making changes, and has instituted a mechanism to address similar situations in the future.
Recommendation: To further strengthen ACE management and promote accountability for ACE performance and results, the Secretary of Homeland Security should direct the CBP Commissioner to ensure that future quarterly reports to the House and Senate Appropriations Committees the status and impacts on the program's estimated cost and schedule and lessons learned from ongoing efforts to redefine requirements and to implement a different commercial off-the-shelf product than originally selected.
Agency Affected: Department of Homeland Security
Status: Closed - Implemented
Comments: U.S. Customs and Border Protection (CBP) demonstrated implementation of this recommendation in two reports submitted to Congress after our report was issued. In October 2009 and March 2010, CBP reported to Congress on the ways it was improving risk management for its Automated Commercial Environment, which included tracking the draft mitigation strategies to the associated risks, discussing the status of risks at weekly meetings, and updating the risk database based on these discussions. The 2010 congressional report also described a risk response plan and listed generic risk mitigation for schedule, cost, requirements management, and other program risks. Program artifacts we examined from 2010--such as risk tracking and mitigation status spreadsheets, risk tracking data base reports, and risk meeting minutes--were consistent with the risk management improvements CBP reported to Congress. As a result, Congress is better informed of ACE's risk management approach and efforts, and CBP's process and decisions for managing risk are more consistently documented and communicated.
Recommendation: To further strengthen ACE management and promote accountability for ACE performance and results, the Secretary of Homeland Security should direct the CBP Commissioner to ensure that future quarterly reports to the House and Senate Appropriations Committees the program's plans and actions for improving ACE risk management and its current inventory of program risks, including their associated mitigation strategies and the status of the strategies' implementation.
Agency Affected: Department of Homeland Security
Explore the full database of GAO's Open Recommendations
»
Jan 19, 2021
-
Federal Rulemaking:
Selected EPA and HHS Regulatory Analyses Met Several Best Practices, but CMS Should Take Steps to Strengthen Its AnalysesGAO-21-151: Published: Dec 17, 2020. Publicly Released: Jan 19, 2021.
Jan 13, 2021
-
Department of Energy Contracting:
Improvements Needed to Ensure DOE Assesses Its Full Range of Contracting Fraud RisksGAO-21-44: Published: Jan 13, 2021. Publicly Released: Jan 13, 2021.
Dec 16, 2020
-
Data Governance:
Agencies Made Progress in Establishing Governance, but Need to Address Key MilestonesGAO-21-152: Published: Dec 16, 2020. Publicly Released: Dec 16, 2020.
Dec 9, 2020
-
2020 Census:
The Bureau Concluded Field Work but Uncertainty about Data Quality, Accuracy, and Protection RemainsGAO-21-206R: Published: Dec 9, 2020. Publicly Released: Dec 9, 2020.
Dec 3, 2020
-
2020 Census:
Census Bureau Needs to Assess Data Quality Concerns Stemming from Recent Design ChangesGAO-21-142: Published: Dec 3, 2020. Publicly Released: Dec 3, 2020. -
2020 Census:
Census Bureau Needs to Ensure Transparency over Data QualityGAO-21-262T: Published: Dec 3, 2020. Publicly Released: Dec 3, 2020.
Nov 30, 2020
-
Federal Buying Power:
OMB Can Further Advance Category Management Initiative by Focusing on Requirements, Data, and TrainingGAO-21-40: Published: Nov 30, 2020. Publicly Released: Nov 30, 2020.
Nov 24, 2020
-
Disaster Response:
Agencies Should Assess Contracting Workforce Needs and Purchase Card Fraud RiskGAO-21-42: Published: Nov 24, 2020. Publicly Released: Nov 24, 2020.
Nov 23, 2020
-
Federal Contracting:
Actions Needed to Improve Department of Labor's Enforcement of Service Worker Wage ProtectionsGAO-21-11: Published: Oct 29, 2020. Publicly Released: Nov 23, 2020.
Nov 18, 2020
-
Federal Telework:
Key Practices That Can Help Ensure the Success of Telework ProgramsGAO-21-238T: Published: Nov 18, 2020. Publicly Released: Nov 18, 2020.
Looking for more? Browse all our products here