U.S. Secret Service:

Action Needed to Address Gaps in IT Workforce Planning and Management Practices

GAO-19-60: Published: Nov 15, 2018. Publicly Released: Nov 15, 2018.

Additional Materials:

Contact:

Carol C. Harris
(202) 512-4456
HarrisCC@gao.gov

 

Office of Public Affairs
(202) 512-4800
youngc1@gao.gov

What GAO Found

The U.S. Secret Service (Secret Service) Chief Information Officer (CIO) fully implemented 11 of 14 selected information technology (IT) oversight responsibilities, and partially implemented the remaining 3. The CIO partially implemented the responsibilities to establish a process that ensures the Secret Service reviews IT contracts; ensure that the component's IT policies align with the Department of Homeland Security's (DHS) policies; and set incremental targets to monitor program progress. Additional efforts to fully implement these 3 responsibilities will further position the CIO to effectively manage the IT portfolio.

Of the 15 selected practices within the 5 workforce planning and management areas, the Secret Service fully implemented 3 practices, partly implemented 8, and did not implement 4 (see table). Within the strategic planning area, the component partly implemented the practice to, among other things, develop IT competency needs. While the Secret Service had defined general core competencies for its workforce, the Office of the CIO (OCIO) did not identify all of the technical competencies needed to support its functions. As a result, the office was limited in its ability to address any IT competency gaps that may exist. Also, while work remains to improve morale across the component, the Secret Service substantially implemented the employee morale practices for its IT staff.

The U.S. Secret Service's Implementation of 15 Selected Leading Practices Associated with 5 Workforce Planning and Management Areas for Its Information Technology Workforce

Workforce area

Overall area rating

Number of practices fully implemented

Number of practices partly implemented

Number of practices not implemented

1. Strategic planning

Minimally implemented

0

2

1

2. Recruitment and hiring

Minimally implemented

0

1

2

3. Training and development

Minimally implemented

0

2

1

4. Employee morale

Substantially implemented

2

1

0

5. Performance management

Substantially implemented

1

2

0

Total

 

3

8

4

Source: GAO analysis of data provided by U.S. Secret Service officials. | GAO-19-60.

Secret Service officials said the gaps in implementing the workforce practices were due to, among other things, their focus on reorganizing the IT workforce within OCIO. Until the Secret Service fully implements these practices for its IT workforce, it may be limited in its ability to ensure the timely and effective acquisition and maintenance of the component's IT infrastructure and services.

Of the two selected IT project monitoring practices, DHS and the Secret Service fully implemented the first practice to monitor the performance of the Information Integration and Technology Transformation (IITT) investment. In addition, for the second practice—to monitor projects on incremental development metrics—the Secret Service fully implemented the practice on one of IITT's projects and partially implemented it on another. In particular, OCIO did not fully measure post-deployment user satisfaction with the system on one project. OCIO plans to conduct a user satisfaction survey of the system by September 2018, which should inform the office on whether the system is meeting users' needs.

Why GAO Did This Study

Commonly known for protecting the President, the Secret Service also plays a leading role in investigating and preventing financial and electronic crimes. To accomplish its mission, the Secret Service relies heavily on the use of IT infrastructure and systems. In 2009, the component initiated the IITT investment—a portfolio of programs and projects that are intended to, among other things, improve systems availability and security in support of the component's business operations.

GAO was asked to review the Secret Service's oversight of its IT portfolio and workforce. This report discusses the extent to which the (1) CIO implemented selected IT oversight responsibilities, (2) Secret Service implemented leading IT workforce planning and management practices, and (3) Secret Service and DHS implemented selected performance monitoring practices for IITT. GAO assessed agency documentation against 14 selected component CIO responsibilities established in DHS policy; 15 selected leading workforce planning and management practices within 5 topic areas; and two selected leading industry project monitoring practices that, among other things, were, in GAO's professional judgment, of most significance to managing IITT.

What GAO Recommends

GAO is making 13 recommendations, including that the Secret Service establish a process that ensures the CIO reviews all IT contracts, as appropriate; and identify the skills needed for its IT workforce. DHS concurred with all recommendations and provided estimated dates for implementing each of them.

For more information, contact Carol C. Harris at (202) 512-4456 or HarrisCC@gao.gov.

Recommendations for Executive Action

  1. Status: Open

    Comments: DHS concurred with this recommendation. We will continue to monitor the department's efforts to implement it.

    Recommendation: The Director should ensure that the CIO establishes and documents an IT acquisition review process that ensures the CIO or the CIO's delegate reviews all contracts containing IT, as appropriate. (Recommendation 1)

    Agency Affected: Department of Homeland Security: United States Secret Service

  2. Status: Open

    Comments: DHS concurred with this recommendation. We will continue to monitor the department's efforts to implement it.

    Recommendation: The Director should update the enterprise governance policy to specify (1) the CIO's current role and responsibilities on the Executive Resources Board, to include developing and reviewing the IT budget formulation and execution; and (2) the Deputy CIO's role and responsibilities on the Enterprise Governance Council. (Recommendation 2)

    Agency Affected: Department of Homeland Security: United States Secret Service

  3. Status: Open

    Comments: DHS concurred with this recommendation. We will continue to monitor the department's efforts to implement it.

    Recommendation: The Director should ensure that the Secret Service develops a charter for its Executive Resources Board that specifies the roles and responsibilities of all board members, including the CIO. (Recommendation 3)

    Agency Affected: Department of Homeland Security: United States Secret Service

  4. Status: Open

    Comments: DHS concurred with this recommendation. We will continue to monitor the department's efforts to implement it.

    Recommendation: The Director should ensure that the CIO includes product quality and post-deployment user satisfaction metrics in the modular outcomes and target measures that the CIO sets for monitoring agile projects. (Recommendation 4)

    Agency Affected: Department of Homeland Security: United States Secret Service

  5. Status: Open

    Comments: DHS concurred with this recommendation. We will continue to monitor the department's efforts to implement it.

    Recommendation: The Director should ensure that the CIO identifies all of the required knowledge and skills for the IT workforce. (Recommendation 5)

    Agency Affected: Department of Homeland Security: United States Secret Service

  6. Status: Open

    Comments: DHS concurred with this recommendation. We will continue to monitor the department's efforts to implement it.

    Recommendation: The Director should ensure that the CIO regularly analyzes the IT workforce to identify its competency needs and any gaps it may have. (Recommendation 6)

    Agency Affected: Department of Homeland Security: United States Secret Service

  7. Status: Open

    Comments: DHS concurred with this recommendation. We will continue to monitor the department's efforts to implement it.

    Recommendation: The Director should ensure that, after OCIO completes an analysis of the IT workforce to identify any competency and staffing gaps it may have, the Secret Service updates its recruiting and hiring strategies and plans to address those gaps, as necessary. (Recommendation 7)

    Agency Affected: Department of Homeland Security: United States Secret Service

  8. Status: Open

    Comments: DHS concurred with this recommendation. We will continue to monitor the department's efforts to implement it.

    Recommendation: The Director should ensure that the Office of Human Resources (1) develops and tracks metrics to monitor the effectiveness of the Secret Service's recruitment activities for the IT workforce, including their effectiveness at addressing skill and staffing gaps; and (2) reports to component leadership on those metrics. (Recommendation 8)

    Agency Affected: Department of Homeland Security: United States Secret Service

  9. Status: Open

    Comments: DHS concurred with this recommendation. We will continue to monitor the department's efforts to implement it.

    Recommendation: The Director should ensure that the Office of Human Resources and OCIO adjust their recruitment and hiring plans and activities, as necessary, after establishing and tracking metrics for assessing the effectiveness of these activities for the IT workforce. (Recommendation 9)

    Agency Affected: Department of Homeland Security: United States Secret Service

  10. Status: Open

    Comments: DHS concurred with this recommendation. We will continue to monitor the department's efforts to implement it.

    Recommendation: The Director should ensure that the CIO (1) defines the required training for each IT workforce group, (2) determines the activities that OCIO will include in its IT workforce training and development program based on its available training budget, and (3) implements those activities. (Recommendation 10)

    Agency Affected: Department of Homeland Security: United States Secret Service

  11. Status: Open

    Comments: DHS concurred with this recommendation. We will continue to monitor the department's efforts to implement it.

    Recommendation: The Director should ensure that the CIO ensures that the IT workforce completes training specific to their positions (after defining the training required for each workforce group). (Recommendation 11)

    Agency Affected: Department of Homeland Security: United States Secret Service

  12. Status: Open

    Comments: DHS concurred with this recommendation. We will continue to monitor the department's efforts to implement it.

    Recommendation: The Director should ensure that the CIO collects and assesses performance data (including qualitative or quantitative measures, as appropriate) to determine how the IT training program contributes to improved performance and results (once the training program is implemented). (Recommendation 12)

    Agency Affected: Department of Homeland Security: United States Secret Service

  13. Status: Open

    Comments: DHS concurred with this recommendation. We will continue to monitor the department's efforts to implement it.

    Recommendation: The Director should ensure that the CIO updates the performance plans for each occupational series within the IT workforce to include the relevant technical competencies, once identified, against which IT staff performance should be assessed. (Recommendation 13)

    Agency Affected: Department of Homeland Security: United States Secret Service

 

Explore the full database of GAO's Open Recommendations »

Oct 10, 2019

Oct 2, 2019

Sep 25, 2019

Sep 11, 2019

Aug 15, 2019

Jul 30, 2019

May 23, 2019

Apr 29, 2019

Apr 10, 2019

Mar 14, 2019

Looking for more? Browse all our products here