Dan Johnson, EVP of Public Services, urged lawmakers and government agency heads to see the big picture to protect Homeland Security investments in his testimony to the U.S. House of Representatives Subcommittee on Technology and Procurement Policy.

His message: “As federal, state, and local governments assess new technology, they should begin by carefully determining what information and data is needed now and in the future in the war against terrorism.” June 7, 2002.

Testimony

Federal Document Clearing House Congressional Testimony

June 7, 2002 Friday

SECTION: CAPITOL HILL HEARING TESTIMONY

LENGTH: 2117 words

COMMITTEE: HOUSE GOVERNMENT REFORM

SUBCOMMITTEE: TECHNOLOGY AND PROCUREMENT POLICY

HEADLINE: INFORMATION SHARING AND HOMELAND SECURITY

BILL-NO: H.R. 4629     Retrieve Bill Tracking Report

Retrieve Full Text of Bill

TESTIMONY-BY: S. DANIEL JOHNSON, EXECUTIVE VICE PRESIDENT

AFFILIATION: BearingPoint

BODY:

Statement of S. Daniel Johnson Executive Vice President - Public Services BearingPoint

Committee on House Government Reform Subcommittee on House Technology and Procurement Policy

JUNE 7, 2002

Mr. Chairman and Members of the Subcommittee, thank you for this opportunity to share some of BearingPoint's views on the topic of homeland security.

BearingPoint is one of the world's leading systems integration and management consulting firms. We employ over 9,000 people worldwide, fulfill the needs of over 2,500 clients, and have revenues approaching $3 billion. Over two years ago we separated completely from KPMG LLP, the tax and audit firm, and in February of 2001, we were the first of the Big Five to become a publicly held corporation. I lead BearingPoint's Public Services sector and am responsible for our federal, state and local, higher education and health care work.

BearingPoint is leading or is on teams modernizing some of the federal government's largest justice, defense, and information technology programs, including projects at Customs, the Internal Revenue Service, the Coast Guard, and the Department of Defense. And we have been contracted to provide homeland security work to many other government agencies. For example, at the Immigration and Naturalization Service (INS) we are working on an entry/exit system to document the arrival and departure of aliens at U.S. ports of entry and we are assisting the INS Office of Inspections develop a strategic plan geared towards today's rapidly changing world. We are supporting the Transportation Security Agency (TSA) to define mission activities and business processes, to develop the infrastructure to manage and monitor those processes, and to develop the top-level concept of the automated information system to support performance management. Also at TSA, we are supporting efforts to prepare and coordinate new security operations that will help ensure air passenger safety at the nation's 429 commercial airports.

We also have a significant state and local practice and currently have ongoing projects in approximately 26 states, ranging from statewide information technology systems to helping them improve their business processes. In the aftermath of September 11th, we worked closely with our New York clients to provide recovery assistance to the New York Port Authority and the Department of Finance. This consisted of activities ranging from providing office space to those who had been displaced by the collapse of the World Trade Centers, to providing communications support to help these agencies reestablish their computer network systems.

Mr. Chairman, based on over forty years of experience in serving federal, state, and local customers, I believe we are uniquely qualified to discuss change management issues and technology acquisition measures as they relate to homeland security. Homeland security should be considered as a condition that shatters all the assumptions of the past; affects all levels of government; and requires a new level of cooperation and collaboration between federal, state, and local governments and the private sector. This poses many challenges. Aside from what I believe is the single most important challenge - creating and maintaining a sense of urgency — I would like to highlight just a few others.

Exposure

The first is mitigating the risk of exposing valuable information to our enemies. While public discourse on our progress in responding to the threat of terrorism is necessary, releasing too much detail of that response could further expose the very vulnerabilities we are trying to address. Mr. Chairman, that exposure should be managed with the highest regard for security. Even the simple act of publicly identifying requirements and solutions could pose a risk since the underlying problem could be taken advantage of by our enemies during the time that solutions are being developed. In addition, the playing field we are on is fluid - today's solutions are not necessarily adequate for tomorrow's problems - and we must make certain we do not expose unforeseen shortcomings in our current efforts.

Cultural limitations

The second challenge is that significant "cultural limitations" continue to exist which will delay the resolution of our nation's vulnerabilities. Limitations to speedy solutions are classic and include: time; the difficulties in changing the government's structure where information and processes are stove piped within bureaus and agencies to a new model of increased interagency coordination; a need for strong vertical and horizontal authority; a slow transition to performance-based acquisition and accountability; and the shifting of priorities and money before real results can be achieved.

Compounding the problem of shifting funding levels is the likelihood that funding for homeland security will become more and more embedded in agency, state, local and commercial budgets vs. continuous special funding. Homeland security funding could become very difficult to track and therefore could inadvertently be shifted away from real homeland security missions. We feel it is extraordinarily important to match this shift to an even more heightened sense of priority for agency accountability, performance, metrics, and flexibility so that agency leadership and Congress, in its oversight capacity, can be certain that these critical missions are achieved.

Information Technology and Data Gaps

Third: As agencies look across their investments, with an eye towards addressing homeland security missions, they must first understand that gaps in information technology are based on gaps in information and data and not the reverse. Before looking for new technology solutions, agencies must first determine what information is needed and assess whether or not it will be needed in the future. They must match this with their understanding of what the problems are, what technologies exist today to address the problem, and how can they best leverage those technology solutions and improve upon them. Then, and only then, can agencies take the next step of determining what else needs to be done - what other technologies must be acquired. Agencies should be asking themselves: What do we have? Can we connect what already exists? What don't we have? How do we get it? And how do we connect all of this?

One example of how technology can be used to effectively close information gaps, and one that we are intimately familiar with, is the Pennsylvania Criminal Justice Network, commonly called JNET. The project was initiated in 1997 in response to Governor Ridge's priority for consolidated agency projects and was conceived after the Chief Information Officer (CIO) received multiple requests from criminal justice agencies for funding to develop redundant systems. In response, JNET was established to unify disparate justice and public safety networks across the state. It provides a common on-line environment that allows authorized state, county, and local officials to access offender records and other criminal justice information across participating agencies.

The JNET example is notable in that it has faced and overcome many of the challenges that exist at the federal level today, namely territorial issues about sharing information with other agencies, privacy concerns, and the need for strong executive sponsorship. For example, each participating agency controls what information it shares and who is authorized to see it. Territorial concerns have been addressed by implementing the architecture gradually and in stages. As agencies began to see the benefit of information sharing in their everyday jobs, they became more comfortable in sharing greater amounts of information. The governance structure of the program also has played a key role in JNET's success, leading the General Accounting Office (GAO) to cite it as a leadership example for CIOs (GAO-01-376G).

This system has also played a role on the federal level and was used immediately after September 11th by the FBI to identify suspects from United Airlines Flight 93 that crashed in Western Pennsylvania. Using JNET, the FBI was able to identify a suspected terrorist by checking the flight passenger list against a driver's license photo. Another suspected terrorist was identified using arrest record information and was located in a correctional facility.

JNET currently includes several federal agencies, 17 state agencies, the cities of Pittsburgh and Philadelphia, 20 counties as well as some smaller municipalities. As of May 2002, 3,200 individuals are using the system; approximately 300 are on the municipal level. 5,000 users are expected by the end of the year.

Leverage existing capabilities

Fourth: Even prior to September 11th, a great deal of effort was being directed at reforming federal, state and local government management and processes. The pace of this transformation quickened in the early nineties with the growing emphasis on acquisition reform and I commend this subcommittee and its members on those efforts. The resulting agency modernizations and reengineering efforts underway now should serve as the foundations for many agencies' responses to homeland security threats. We urge you to exploit those management realignments wherever possible and to resist the temptation to start from scratch at each agency.We recommend that you leverage the best practices at those agencies in order to drive expansion of capabilities across government.

Similarly, the federal government should get a firm grasp on the technologies that are being employed today and the information they currently have available and try to match those technologies to identifiable problems. Agencies should then leverage those investments across government versus instituting new technology solutions when they don't have a clear characterization of what is needed.

Acquiring New Technology

Lastly: Mr. Chairman, we commend you for introducing H.R. 4629, which "would establish a program to encourage and support carrying out innovative proposals to enhance homeland security'. Its provisions for the streamlined acquisition of innovative solutions are certainly needed. In addition to the provisions of the bill, we feel this panel should urge federal agencies to make certain that before the government test bed concept takes hold, the government clearly understands the business problems it is trying to solve.

As stressed in H.R. 4629, it is important to focus on the selection of the right technologies. Of equal importance, however, is the successful deployment and use of these technologies in fulfilling the mission and objectives of homeland security.

In our experience, application of the IT investment and portfolio management disciplines, promoted by the Clinger-Cohen Act, General Accounting Office guidance, and the Office of Management and Budget budgeting process, is essential to the success of any program, especially a technology program of the magnitude of homeland security. These disciplines will establish a solid and consistent framework in order to initially justify the value of the technologies being selected and improve the probability that these technologies will successfully enable the mission and goals of homeland security.

Similar to the standards promoted in the very disciplined Exhibit 300 reporting process that agencies go through to rationalize their IT investments (OMB Circular A130 requirements for budgeting), a set of standard criteria should be established in order to streamline and focus the screening of these technology proposals and to normalize the evaluation of their potential as well as provide a mechanism to monitor the implementation and deployment process. Using this type of an approach, each proposal is viewed as a component of an overall homeland security technology portfolio. The portfolio would be continuously monitored and adjusted as new proposals were presented and technologies were tested and implemented and would ensure that all components of homeland security are considered against the framework of: detection; prevention; preparedness; response; and recovery.

The IT portfolio discipline is an essential management element that will provide all involved a clear view of the nation's commitment to homeland security priorities and objectives and how they are being enabled by technology investments.

Mr. Chairman, again, thank you for holding this important hearing today. I look forward to working closely with you and the rest of this subcommittee in any way you deem appropriate.