Skip to Highlights

What GAO Found

Approximately two-thirds of the Department of Homeland Security’s (DHS) major information technology (IT) investments are meeting their cost and schedule commitments (i.e., goals). Specifically, out of 68 major IT investments in development, 47 were meeting cost and schedule commitments. The remaining 21—which total about $1 billion in spending—had one or more subsidiary projects that were not meeting cost and/or schedule commitments (i.e., they exceeded their goals by at least 10 percent, which is the level at which the Office of Management and Budget (OMB) considers projects to be at increased risk of not being able to deliver planned capabilities on time and within budget.)

The primary causes for the cost and schedule shortfalls were (in descending order of frequency):

  • inaccurate preliminary cost and schedule estimates,
  • technology issues in the development phase,
  • changes in agency priorities,
  • lack of understanding of user requirements, and
  • dependencies on other investments that had schedule shortfalls.

Eight investments had inaccurate cost and schedule estimates. For example, DHS’s Critical Infrastructure Technology investment had a project where actual costs were about 16 percent over the estimated cost, due in part to project staff not fully validating cost estimates before proceeding with the project. In addition, six investments had technical issues in the development phase that caused cost or schedule slippages. For example, DHS’s Land Border Integration investment had problems with wireless interference at certain sites during deployment of handheld devices used for scanning license plates, which caused a project to be about 2.5 months late. In past work on DHS investments, GAO has identified some of the causes of DHS’s shortfalls and made recommendations to strengthen management in these areas (e.g., cost estimating, requirements), and DHS has initiated efforts to implement the recommendations.

DHS often did not adequately address shortfalls and their causes. GAO’s investment management framework calls for agencies to develop and document corrective efforts to address underperforming investments. DHS policy requires documented corrective efforts when investments experience cost or schedule variances. Although 12 of the 21 investments with shortfalls had defined and documented corrective efforts, the remaining 9 did not. Officials responsible for 3 of the 9 investments said they took corrective efforts but were unable to provide plans or any other related documentation showing such action had been taken. Officials for the other 6 investments cited criteria in DHS’s policy that excluded their investments from the requirement to document corrective efforts. This practice is inconsistent with the direction of OMB guidance and related best practices that stress developing and documenting corrective efforts to address problems in such circumstances. Until DHS addresses its guidance shortcomings and ensures each of these underperforming investments has defined and documented corrective efforts, these investments are at risk of continued cost and schedule shortfalls.

Why GAO Did This Study

DHS has responsibility for the development and management of the IT systems for the 22 federal agencies and offices under its jurisdiction. Of its 363 IT investments, 68 are in development and are classified by DHS as a “major” investment that requires special management attention because of its mission importance. Given the size and significance of these investments, GAO was asked to determine the (1) extent to which DHS IT investments are meeting their cost and schedule commitments, (2) primary causes of any commitment shortfalls, and (3) adequacy of DHS’s efforts to address these shortfalls and their associated causes.

To address these objectives, GAO analyzed recent cost and schedule performance for DHS’s major IT investments, as reported to OMB. To identify the primary cause(s) of any shortfalls and whether any corrective efforts were being taken to address them, GAO analyzed project plans and related documentation and interviewed responsible DHS officials and compared the corrective efforts to applicable criteria to assess their adequacy.

Skip to Recommendations


GAO is recommending that the Secretary of Homeland Security direct the appropriate officials to address the guidance shortcomings and develop corrective actions for all major IT investment projects having cost and schedule shortfalls. In commenting on a draft of this report, DHS concurred with GAO’s recommendations.

Recommendations for Executive Action

Agency Affected Recommendation Status
Department of Homeland Security The Secretary of Homeland Security should direct the appropriate officials to establish guidance that provides for developing corrective efforts for major IT investment projects that are experiencing cost and schedule shortfalls of 10 percent or greater, similar to those identified in this report.
Closed - Implemented
In response, DHS updated its information technology (IT) investment management guidance to address developing and documenting corrective efforts for cost and schedule shortfalls. For example, in October 2012, DHS issued guidance on managing IT investment baselines that calls for (1) rebaselining investment projects experiencing a 10 percent or greater cost or schedule variance and (2) developing and documenting corrective action plans to address the cause of the cost or schedule variance. In addition, in June 2013, DHS updated its guidance on reporting investment information to the Office of Management and Budget's federal IT dashboard, to call for program managers to develop corrective action plans if their investments have an overall cost or schedule variance of 10 percent or greater. Specifically, the guidance calls for the plans to include a description of the circumstances of the variances and what if any corrective actions are being taken to rectify the circumstances and the timeframe for completing them. The guidance also provides that if an investment's project exceeds, or is expected to exceed, this 10 percent threshold, investment officials are to notify their component agency top management.
Department of Homeland Security The Secretary of Homeland Security should direct the appropriate officials to ensure that major IT investment projects with shortfalls of 10 percent or greater have defined and documented corrective efforts.
Closed - Implemented
On March 12, 2013, the Department of Homeland Security's Chief Information Officer issued a memo directiong the program mangers of the projects cited in our report (as having cost or schedule shortfalls of 10 percent or greater and not having corrective action plans) to develop such plans by April 15, 2013. Consequently, eight of the nine programs developed corrective action plans.

Full Report

GAO Contacts