Outages of critical systems a problem at CBP, say auditors
Some critical information technology systems managed by Customs and Border Protection are prone to periodic outages, says the Homeland Security Department office of inspector general.
In a redacted report (.pdf) dated June 29, the DHS OIG says one of those systems is Secure Flight, the Transportation Security Administration system for matching no-fly lists to airline passenger manifests.
"Some outages were prolonged," the report states--the number of outages is redacted.
The report identifies several challenges the CBP chief information officer faces, including aging infrastructure and an ongoing decrease in budget. The DHS agency has an IT budget of $1.5 billion during the current fiscal year. Most of that goes toward the operations and maintenance of outdated infrastructure, auditors say, despite the fact that the CIO estimates that agency demand for storage and processing capacity now increases at a rate of 50 percent per year. The CBP office of information technology's budget has gone down by $335 million since fiscal 2009, auditors also say.
Components of CBP, meanwhile, told auditors they're not always happy with the office of information technology. Office of Air and Marine staff said they need software that's not on the approved list to undertake tasks such as planning flights and aircraft maintenance and need access to prohibited websites, which include some owned by the Defense Department.
As a way of getting around the approved list, some Air and Marine staff have set up stand-alone computers, a fact that auditors note "may create security, integration, and maintenance challenges."
Border Patrol officers told auditors they're prevented from recording or transmitting live video from scope trucks (pickups with cameras mounted on the flatbed), meaning that agents back at the command center can't see the feed nor use it as evidence.
Another system used by the Border Patrol is the Next Generation of Enforce, known as e3, which captures enforcement actions undertaken by agents. The system doesn't have data fields for all the information personnel needed to fill out a form generated for each illegal alien deported via the Alien Transfer Exit Program. Seven southwestern Border Patrol sectors are involved in the deportation program, and since December 2010, agents in one sector have taken to entering alien data into e3 and also into Excel in order be able to produce data necessary for filling out the form.
The CIO, meanwhile, has taken steps to ensure that agencies submit, per regulations, projects projected to be worth up to $2.5 million to his office for review (projects worth more go to the DHS CIO for review). The review is necessary to ensure that components buy systems that align with the CBP enterprise architecture and wider DHS policy, but some parts of CBP still bypass the review, auditors say. The CBP CIO review process takes too long, they told auditors.
In its official response to the audit (signed by James Tomshcek, the assistant commissioner of internal affairs), CBP said its implementing changes to the e3 that should eliminate the need to enter data again in spreadsheets, and added that "efforts have been renewed " to achieve full component compliance with the CBP CIO review requirement.
- download the report, OIG-12-95 (.pdf)