DOCSLIB.ORG

Gao-19-60, Us Secret Service

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Gao-19-60, Us Secret Service United States Government Accountability Office Report to Congressional Committees November 2018 U.S. SECRET SERVICE Action Needed to Address Gaps in IT Workforce Planning and Management Practices GAO-19-60 November 2018 U.S. SECRET SERVICE Action Needed to Address Gaps in IT Workforce Planning and Management Practices Highlights of GAO-19-60, a report to congressional committees Why GAO Did This Study What GAO Found Commonly known for protecting the The U.S. Secret Service (Secret Service) Chief Information Officer (CIO) fully President, the Secret Service also implemented 11 of 14 selected information technology (IT) oversight plays a leading role in investigating responsibilities, and partially implemented the remaining 3. The CIO partially and preventing financial and electronic implemented the responsibilities to establish a process that ensures the Secret crimes. To accomplish its mission, the Service reviews IT contracts; ensure that the component’s IT policies align with Secret Service relies heavily on the the Department of Homeland Security’s (DHS) policies; and set incremental use of IT infrastructure and systems. In targets to monitor program progress. Additional efforts to fully implement these 3 2009, the component initiated the IITT responsibilities will further position the CIO to effectively manage the IT portfolio. investment—a portfolio of programs and projects that are intended to, Of the 15 selected practices within the 5 workforce planning and management among other things, improve systems areas, the Secret Service fully implemented 3 practices, partly implemented 8, availability and security in support of and did not implement 4 (see table). Within the strategic planning area, the the component’s business operations. component partly implemented the practice to, among other things, develop IT GAO was asked to review the Secret competency needs. While the Secret Service had defined general core Service’s oversight of its IT portfolio competencies for its workforce, the Office of the CIO (OCIO) did not identify all of and workforce. This report discusses the technical competencies needed to support its functions. As a result, the office the extent to which the (1) CIO was limited in its ability to address any IT competency gaps that may exist. Also, implemented selected IT oversight while work remains to improve morale across the component, the Secret Service responsibilities, (2) Secret Service substantially implemented the employee morale practices for its IT staff. implemented leading IT workforce planning and management practices, The U.S. Secret Service’s Implementation of 15 Selected Leading Practices Associated with 5 and (3) Secret Service and DHS Workforce Planning and Management Areas for Its Information Technology Workforce Number of Number of Number of implemented selected performance practices fully practices partly practices not monitoring practices for IITT. GAO Workforce area Overall area rating implemented implemented implemented assessed agency documentation 1. Strategic planning Minimally implemented 0 2 1 against 14 selected component CIO 2. Recruitment and responsibilities established in DHS hiring Minimally implemented 0 1 2 policy; 15 selected leading workforce 3. Training and planning and management practices development Minimally implemented 0 2 1 within 5 topic areas; and two selected 4. Employee morale Substantially implemented 2 1 0 leading industry project monitoring 5. Performance management Substantially implemented 1 2 0 practices that, among other things, were, in GAO’s professional judgment, Total 3 8 4 of most significance to managing IITT. Source: GAO analysis of data provided by U.S. Secret Service officials. | GAO-19-60. Secret Service officials said the gaps in implementing the workforce practices What GAO Recommends were due to, among other things, their focus on reorganizing the IT workforce within OCIO. Until the Secret Service fully implements these practices for its IT GAO is making 13 recommendations, workforce, it may be limited in its ability to ensure the timely and effective including that the Secret Service acquisition and maintenance of the component’s IT infrastructure and services. establish a process that ensures the CIO reviews all IT contracts, as Of the two selected IT project monitoring practices, DHS and the Secret Service appropriate; and identify the skills fully implemented the first practice to monitor the performance of the Information needed for its IT workforce. DHS Integration and Technology Transformation (IITT) investment. In addition, for the concurred with all recommendations second practice—to monitor projects on incremental development metrics—the and provided estimated dates for Secret Service fully implemented the practice on one of IITT’s projects and implementing each of them. partially implemented it on another. In particular, OCIO did not fully measure View GAO-19-60. For more information, post-deployment user satisfaction with the system on one project. OCIO plans to contact Carol C. Harris at (202) 512-4456 or conduct a user satisfaction survey of the system by September 2018, which [email protected]. should inform the office on whether the system is meeting users’ needs. United States Government Accountability Office Contents Letter 1 Background 9 The Secret Service CIO Fully Implemented Most of the Required Responsibilities 22 The Secret Service Did Not Fully Implement the Majority of the Selected Leading Planning and Management Practices for Its IT Workforce 29 The Secret Service and DHS Implemented Selected Leading Monitoring Practices for the IITT Investment 48 Conclusions 53 Recommendations for Executive Action 54 Agency Comments and Our Evaluation 55 Appendix I Objectives, Scope, and Methodology 58 Appendix II Description of the U.S. Secret Service’s Information Integration and Technology Transformation Investment’s Programs and Projects 72 Appendix III Comments from the Department of Homeland Security 76 Appendix IV GAO Contact and Staff Acknowledgments 83 Tables Table 1: Levels of the Department of Homeland Security’s (DHS) Acquisition Programs 10 Table 2: Selected Component-Level Chief Information Officer (CIO) Responsibilities Outlined in Department of Homeland Security (DHS) Policies and Guidance 14 Table 3: The U.S. Secret Service’s Information Integration and Technology Transformation (IITT) Investment’s Programs and Projects with Capabilities in Planning or Development and Modernization, as of June 2018 18 Table 4: The U.S. Secret Service’s Information Integration and Technology Transformation Investment’s Capabilities That Are in Operations and Maintenance 20 Page i GAO-19-60 Secret Service IT Table 5: Summary of the U.S. Secret Service Chief Information Officer’s (CIO) Implementation of 14 Selected Component-Level CIO Responsibilities Outlined in Department of Homeland Security (DHS) Policies 23 Table 6: Selected Workforce Planning and Management Areas and Selected Leading Practices Associated with Each Area 30 Table 7: The U.S. Secret Service’s Implementation of Five Selected Workforce Planning and Management Areas and 15 Selected Associated Leading Practices for Its Information Technology (IT) Workforce, as of June 2018 31 Table 8: The U.S. Secret Service’s Implementation of Selected Leading IT Strategic Workforce Planning Practices, as of June 2018 33 Table 9: The U.S. Secret Service’s Implementation of Selected Leading Recruitment and Hiring Practices, as of June 2018 37 Table 10: The U.S. Secret Service’s Implementation of Selected Leading Training and Development Practices, as of June 2018 40 Table 11: The U.S. Secret Service’s Implementation of Selected Leading Practices for Improving the Morale of Its Information Technology (IT) Workforce, as of June 2018 43 Table 12: The U.S. Secret Service’s Implementation of Selected Leading Performance Management Practices, as of June 2018 46 Table 13: Department of Homeland Security’s and the U.S. Secret Service’s Implementation of Selected Leading Practices for Monitoring the Performance of One Program and Three Projects within the Information Integration and Technology Transformation Investment 50 Table 14: Selected Workforce Planning and Management Areas and Selected Associated Practices 66 Table 15: The U.S. Secret Service’s Information Integration and Technology Transformation Investment’s Programs and Projects That Had Capabilities in Planning or Development and Modernization, as of June 2018 73 Page ii GAO-19-60 Secret Service IT Figures Figure 1: Department of Homeland Security Acquisition Life Cycle for Major Acquisition Programs 11 Figure 2: The U.S. Secret Service’s Planned Information Technology (IT) Spending (dollars in millions) for Fiscal Year 2018 15 Abbreviations CIO Chief Information Officer DHS Department of Homeland Security FY fiscal year IT information technology IITT Information Integration and Technology Transformation OCIO Office of the Chief Information Officer Secret Service United States Secret Service This is a work of the U.S. government and is not subject to copyright protection in the United States. The published product may be reproduced and distributed in its entirety without further permission from GAO. However, because this work may contain copyrighted images or other material, permission from the copyright holder may be necessary if you wish to reproduce this material separately. Page iii GAO-19-60 Secret Service IT Letter 441 G St. N.W. Washington, DC 20548 November 15, 2018 The Honorable Ron Johnson Chairman The Honorable
Load more

Recommended publications
  • Good Governance Standard for Public Services
    The Good Governance Standard for Public Services The Independent Commission on Good Governance in Public Services Good Governance Standard for Public Services © OPM and CIPFA, 2004 OPM (Offi ce for Public Management Ltd) CIPFA (The Chartered Institute of Public 252b Gray’s Inn Road Finance and Accountancy) London 3 Robert Street WC1X 8XG London tel: 020 7239 7800 WC2N 6RL fax: 020 7837 5800 tel: 020 7543 5600 email: offi [email protected] fax: 020 7543 5700 web: www.opm.co.uk web: www.cipfa.org.uk ISBN: 1 898531 86 2 This book may not, in part or in whole, be copied, photocopied, translated or converted into any electronic or machine-readable form without prior written permission from OPM or CIPFA. Design and layout by Amanda Little Printed by Hackney Press Ltd II Good Governance Standard for Public Services Contents Membership of the Commission .....................................................................................iv Foreword ......................................................................................................................v About the Commission ..................................................................................................vi Using the Standard ....................................................................................................... 1 Principles of good governance ....................................................................................... 4 1. Good governance means focusing on the organisation’s purpose and on outcomes for citizens and service users ..................................................................7
    [Show full text]
  • State of Federal Information Technology
    State of Federal Information Technology January 2017 The State of Federal IT Federal of State The THE STATE OF FEDERAL IT About the Report The State of Federal IT report represents more than six months of work by the Federal CIO Council (CIOC), in partnership with GSA’s Office of Government-wide Policy (OGP), to provide an independent, comprehensive analysis of the current Federal IT environment. The CIOC and OGP provided the core project management team and enlisted the support of a liaison from the Office of the Federal CIO to provide data and relevant artifacts and to facilitate the research for the report. The CIOC enlisted the support of two contractor teams to create content for the report. The first team of REI Systems, Inc., and Incapsulate, LLC, focused on the perspectives of Federal agencies and a detailed analysis of the current policy landscape. The second team, Gartner, Inc. focused their research on how to leverage lessons learned and leading practices from organizations outside the Federal space. To carry out their research, the teams conducted more than 45 interviews with agency CIOs, the Federal CIO and DCIO, and Federal CISO and DCISO, and numerous other Federal IT leaders. Underpinning these interviews was rigorous policy analysis, evaluation of publicly available agency IT strategy documents such as Information Resource Management plans, and review of public reports/data on Federal IT such as the IT Dashboard. STATE OF FEDERAL IT REPORT / PUBLIC RELEASE VERSION 1.0 SOFIT-2 The State of Federal IT Federal of State The THE STATE OF FEDERAL IT Acknowledgements This report would not be possible without the tireless efforts of REI Systems, Inc; Incapsulate, LLC; and Gartner, Inc.
    [Show full text]
  • Corporate Governance Standard for the Civil Service
    Corporate Governance Standard for the Civil Service 0 Contents Introduction ........................................................................................... 1 Governance Principles, and Overview of Governance Framework .. 3 Chapters Chapter 1 - Department Overview ........................................................ 7 Chapter 2 - Ministerial and Senior Management Roles & Assignment of Responsibilities ..................................... 10 Chapter 3 - Management Board and other Governance Structures 16 Chapter 4 - Audit, Assurance and Compliance Arrangements ........ 22 Chapter 5 - Bodies under the Aegis of the Department ................... 26 Appendix A .......................................................................................... 30 Appendix B .......................................................................................... 33 1 Introduction Good Governance Good governance is central to the effective operation of Government Departments; it is vitally important in effectively discharging their statutory and policy obligations. It ensures that a framework of structures, policies and processes are in place to deliver on these obligations and it allows for an objective assessment of management and corporate performance. The development and implementation of Departments’ Governance Frameworks should be clearly led at senior management level. Scope of Standard The focus of this Standard is on Government Departments (i.e. all Departments and Central Government Offices in the Civil Service1, hereafter
    [Show full text]
  • Schering-Plough Corporation ______Corporate Governance Guidelines (Approved by the Board of Directors on July 10, 2007)
    Schering-Plough Corporation ______________________________ Corporate Governance Guidelines (Approved by the Board of Directors on July 10, 2007) Schering-Plough Corporation is committed to the patients who use our products – through the innovative discovery, development and marketing of new therapies and treatment programs that can improve their health and extend their lives -- while providing solid long- term performance to shareholders. Schering-Plough has long recognized good corporate governance as one key to achieving its commitment, first adopting its Statement of Corporate Director Policies in 1971, which among other things required that a majority of the Board be independent. Schering-Plough’s Vision is “to earn trust every day.” These Corporate Governance Guidelines are fundamental to achieving our mission. Board Composition and Director Qualifications. Directors are recommended for nomination by the Nominating and Corporate Governance Committee and are nominated by the full Board. The Nominating and Corporate Governance Committee annually assesses the needs of the Board and recommends the criteria for selecting new Directors. All nominees must meet the following minimum criteria for Directors: 1. Nominees have the highest ethical character and share the values of Schering-Plough as reflected in the Leader Behaviors: shared accountability and transparency, cross- functional teamwork and collaboration, listening and learning, benchmark and continuously improve, coaching and developing others and business integrity. 2. Nominees are highly accomplished in their respective field, with superior credentials and recognition. 3. The majority of Directors on the Board are required to be independent as required by the New York Stock Exchange listing standards and the more restrictive Schering-Plough Board Independence Standard set forth below.
    [Show full text]
  • Governance Framework 2019
    GOVERNANCE FRAMEWORK 2019 Contents Joint Foreword from Chair and Chief Executive .....................................................................................................4 Introduction to the PAS Governance Framework ....................................................................................................5 Background ............................................................................................................................................................5 1. Good Governance ..........................................................................................................................................5 2. Scope of Standard ...........................................................................................................................................5 3. Context of Civil Service Renewal Plan ........................................................................................................6 4. Links with Existing Guidance on Governance.............................................................................................6 5. Flexibility within this Standard.......................................................................................................................6 6. Publication of Governance Arrangements .................................................................................................7 7. Constitutional and Legal Framework ...........................................................................................................7 Key requirements
    [Show full text]
  • Commission on Public Service Governance and Delivery: Full Report
    Commission on Public Service Governance and Delivery Full Report January 2014 Printed on recycled paper Print ISBN 978 1 4734 0837 1 Digital ISBN 978 1 4734 0836 4 © Crown copyright 2014 WG19847 Contents Foreword Chapter 1: Introduction 1 Chapter 2: Complexity 21 Chapter 3: Scale and Capability 67 Chapter 4: Governance, Scrutiny and Delivery 114 Chapter 5: Leadership, Culture and Values 160 Chapter 6: Performance and Performance Management 190 Chapter 7: Our Diagnosis 251 Annex A: Commission Member Biographies 266 Annex B: Commission Remit 269 Annex C: Written call for evidence – service providers 272 Annex D: Written call for evidence – service users 285 Annex E: List of responses 287 Annex F: Complexity – Detailed Reasoning and Recommendations 292 Annex G: Complexity – Health and Adult Social Care 304 Annex H: Scale and Capability – Details of Merger Proposals 316 Annex I: Leadership, Culture and Values – Public Service Values 328 Annex J: List of Recommendations 334 Errata This version of the Commission’s report corrects two minor typographical errors in the original: 1. In paragraph 4.99 on page 147, the name of NHS Wales’s performance website has been corrected and is now shown as a hyperlink. 2. In the table on page 322 (Option 2b: 11 local authorities) the population figure for Neath Port Talbot has been corrected. There is a minor consequential change to the figure for projected Band D council tax for the merged area in the same table. Foreword In April 2013 the First Minister for Wales established the Commission on Public Service Governance and Delivery. We were tasked with examining all aspects of governance and delivery in the devolved public sector in Wales.
    [Show full text]
  • Author Guidelines for 8
    Proceedings of the 54th Hawaii International Conference on System Sciences | 2021 Implementing Global Business Services in a Plural Sourcing Context: Conceptualizing Modes of Service Governance Albert Plugge Shahrokh Nikou Delft University of Technology Åbo Akademi University & The Netherlands Stockholm University [email protected] [email protected] Abstract During the last decade firms decided to bundle in - house and outsourced business services and create To increase organizational responsiveness, firms flexibility to cater for changing internal circumstances. nowadays seek various approaches in delivering This approach resulted in a plural sourcing global shared business services. Today, global arrangement [7]. Today, plural sourcing is considered operating firms apply a plural sourcing model that to be the modus operandi of firms [8]. Literature consists of both in-house and outsourced business demonstrates multiple explanations for plural sourcing, services. As such, service governance is needed to ranging from safeguarding against vendor opportunism manage interdependencies between vendors, both in - [9] to complementarity of knowledge and incentives house and outsourced. However, as far as we know no [7]. In contrast to make-or-buy relationships, plural study has yet addressed how global business services sourcing arrangements create an inherent coordination are governed within the context of plural sourcing. We problem. Hence, service governance is needed to conducted 68 semi-structured interviews with executive manage interdependencies between vendors (e.g., in- management of international firms and distributed a house and outsourced). survey questionnaire to explore service governance As far as we know, no study, however, a ddressed modes. As a result, we identify five service governance how global business services are governed within the modes: regional, global, centralized, de-centralized context of plural sourcing.
    [Show full text]
  • The Good Governance Guide for NHS Wales Boards
    AcademiWales 1 The Good Governance Guide for NHS Wales Boards Doing it right, doing it better Acknowledgements Academi Wales would like to thank Mike Ponton for his leading contribution in the development of this guide and wish to acknowledge the contributions made by the following individuals: Jo Carruthers, Andrew Goodall, Steve Combe, Paul Schanzer, Hannah Evans, Alun Lloyd and Andrew Bunn. The content of this guide includes regular citations of literature and quotations. In particular, extensive use of material derived from the Welsh Government NHS Wales governance e-manual, the Welsh NHS Confederation’s governance e-handbook and Pocket guide to governance, the Welsh Government’s fourth edition of Setting the Direction - A Board Member’s Guide, and the NHS England Leadership Academy’s publication The Healthy NHS Board 2013 – Principles of Good Governance. About the guide The guide is in two parts: first guidance on the characteristics of good governance in public service as a whole; second, a detailed exposition of corporate governance in the NHS in Wales. The framework for the guide is based on the Welsh Government’s Citizen-Centred Governance Principles, which apply to all public bodies in Wales. These principles integrate all aspects of governance and embody the values and standards of behaviour expected at all levels of public services in Wales. The guide will support public service organisations in defining and implementing their governance arrangements. It provides direction, guidance and support to Board members and staff to enable them to fullfil their own responsibilities and ensure their organisations meet the standards of good governance set for the public service in Wales.
    [Show full text]
  • Chief Information Security Officer
    Job Code: ..…… 101364 Position #: (NUNC) (E) Developed by: …..… KK Reviewed by:… LK, DLJ Approved by: …….… LK Date: …….......... 05/19 University of Rhode Island Position Description TITLE: Chief Information Security Officer DIVISION: Academic Affairs / Administration and Finance REPORTS TO: Chief Information Officer GRADE: 16 SUPERVISES: Professional and Technical staff BASIC FUNCTION: Establish and maintain the information security program to ensure that information assets and associated technology, applications, systems, infrastructure and processes are adequately protected in the digital ecosystem in which we operate. Identify, evaluate and report on legal and regulatory, IT, and cybersecurity risk to information assets, while supporting and advancing business objectives. Lead the information security program, while coordinating disparate drivers, constraints and personalities, while maintaining objectivity and a strong understanding that cybersecurity is foundational for the university to deliver on its strategic goals and objectives. As part of the IT leadership team, collaboratively work with ITS partners to secure information assets and associated technology, applications, systems and processes in the wider ecosystem in which the university operates. Actively collaborate with university leadership to determine acceptable levels of risk for the university. Lead, inspire, motivate and evaluate the work of the unit while striving for continuous process improvement and staff professional development. ESSENTIAL DUTIES AND RESPONSIBILITIES: In support of Core Responsibilities, facilitate an information security governance structure through the implementation of a hierarchical governance program, including the formation of an information security steering committee or advisory board. Provide regular reporting on the current status of the information security program to enterprise risk teams, the President’s leadership team as part of a strategic enterprise risk management program, thus supporting business outcomes.
    [Show full text]
  • Good Governance Standard for Public Services
    CIMFP Exhibit P-01797 Page 1 The Good Governance Standard for Public Services The Independent Commission on Good Governance in Public Services CIMFP Exhibit P-01797 Page 2 Good Governance Standard for Public Services © OPM and CIPFA, 2004 OPM (Offi ce for Public Management Ltd) CIPFA (The Chartered Institute of Public 252b Gray’s Inn Road Finance and Accountancy) London 3 Robert Street WC1X 8XG London tel: 020 7239 7800 WC2N 6RL fax: 020 7837 5800 tel: 020 7543 5600 email: offi [email protected] fax: 020 7543 5700 web: www.opm.co.uk web: www.cipfa.org.uk ISBN: 1 898531 86 2 This book may not, in part or in whole, be copied, photocopied, translated or converted into any electronic or machine-readable form without prior written permission from OPM or CIPFA. Design and layout by Amanda Little Printed by Hackney Press Ltd II CIMFP Exhibit P-01797 Page 3 Good Governance Standard for Public Services Contents Membership of the Commission .....................................................................................iv Foreword ......................................................................................................................v About the Commission ..................................................................................................vi Using the Standard ....................................................................................................... 1 Principles of good governance ....................................................................................... 4 1. Good governance means focusing on the
    [Show full text]
  • The Role of the Chief Information Officer of the Government of Canada
    DRAFT for discussion only Not for publication without the permission of the author Coming to terms with new information and communications technologies: The role of the Chief Information Officer of the Government of Canada David C.G. Brown Doctoral Candidate, Carleton University Senior Associate, Public Policy Forum Ottawa Canadian Political Science Association Annual Meeting Public Administration Section Ottawa, Ontario May 27, 2009 1 Institutional stability and change are issues that are common to public administration and public policy. Organization has always been a central concern in the study of public administration (Gow and Hodgetts) and in recent years institutions have assumed a prominent role in the study of public policy (Lecours). Common ground is provided when the institutional arrangements and dynamics of government organization are themselves the object of policy analysis and treated as policy instruments. In the Canadian variant of the Westminster model, the federal government has a long history of policy-driven organizational change. Energized in the first instance by the work of the Glassco Commission in the early 1960s, this has been a feature of Canadian public administration ever since. Ministerial portfolios and the associated government departments and agencies have over time been structured and re-shaped to correspond to assumptions about the clusters of public policies and programs that are considered appropriate for meeting the requirements of Canadian society and economy. These clusters both reflect and shape policy sectors (or sub-systems, following Howlett and Ramesh) that include a wide and constantly evolving combination of institutional actors in and outside the public sector. A similar dynamic is at work in the institutional environment for public sector management, where functional disciplines such as human resources and financial management can be seen as the internal counterparts of policy sectors, each with a well-defined, but not static, institutional environment.
    [Show full text]
  • ITIL Service Strategy
    SEC1 OGC Service Strategy.qxd 20/5/07 11:50 Page i Service Strategy London: TSO SEC1 OGC Service Strategy.qxd 20/5/07 10:01 Page ii Published by TSO (The Stationery Office) and available from: Online www.tsoshop.co.uk Mail,Telephone, Fax & E-mail TSO PO Box 29, Norwich, NR3 1GN Telephone orders/General enquiries: 0870 600 5522 Fax orders: 0870 600 5533 E-mail: [email protected] Textphone 0870 240 3701 TSO Shops 123 Kingsway, London,WC2B 6PQ 020 7242 6393 Fax 020 7242 6394 16 Arthur Street, Belfast BT1 4GD 028 9023 8451 Fax 028 9023 5401 71 Lothian Road, Edinburgh EH3 9AZ 0870 606 5566 Fax 0870 606 5588 TSO@Blackwell and other Accredited Agents Published for the Office of Government Commerce under licence from the Controller of Her Majesty’s Stationery Office. © Crown Copyright 2007 This is a Crown copyright value added product, reuse of which requires a Click-Use Licence for value added material issued by OPSI. Applications to reuse, reproduce or republish material in this publication should be sent to OPSI, Information Policy Team, St Clements House, 2-16 Colegate, Norwich, NR3 1BQ, Tel No (01603) 621000 Fax No (01603) 723000, E-mail: [email protected], or complete the application form on the OPSI website http://www.opsi.gov.uk/click-use/value-added-licence- information/index.htm OPSI, in consultation with Office of Government Commerce (OGC), may then prepare a Value Added Licence based on standard terms tailored to your particular requirements including payment terms The OGC logo ® is a Registered Trade Mark of the Office of Government Commerce ITIL ® is a Registered Trade Mark, and a Registered Community Trade Mark of the Office of Government Commerce, and is Registered in the U.S.
    [Show full text]