The structure and approach that the Department of Homeland Security (DHS) is taking with its resurrected Joint Requirements Council (JRC) is “sound” but given that most of the department’s major acquisitions are information technology programs it needs to add the chief information officer’s office as a principal member, the Government Accountability Office (GAO) says in a new report.
The JRC was first established within DHS in 2003 but lacked attention from senior management despite identifying some overlapping investments, says the report, Joint Requirements Council’s Initial Approach is Generally Sound and it is Developing a Process to Inform Investment Priorities (GAO-17-171). The body quit meeting in 2006 before being reinstituted by Homeland Security Secretary Jeh Johnson in 2014, GAO says.
The JRC validates proposed capability needs and requirements for all major acquisition programs and reviews capability needs and requirements documentation for non-major acquisition programs.
GAO says that the processes that the JRC has set up or is in the process of standing up “are generally consistent with key practices found at the center of successful mergers and organizational transformations.” Still, it says, some of the department’s operational components and program offices “lack the capacity to develop sound requirements,” although the JRC is aware of this.
The JRC has a rotating chair and 13 principal members who have a vote in matters but one shortcoming is the fact that the Office of the Chief Information Officer (OCIO) is only a non-voting adviser despite most DHS major acquisition programs being IT related, the report says.
“Making the OCIO’s role more formal could help minimize the risk that programs will begin with poorly developed requirements,” GAO says.
The report says that so far both the OCIO and the Office of the Chief Procurement Officer in DHS, which is also a non-voting member of the JRC, feel they have been properly included in the council’s deliberations.
GAO also says that the keys to ensuring the JRC maintains its structure and management approach and is effective include backing from senior department leaders, focus on key principles and priorities, and maintain a “coherent mission and integrated strategic priorities.”
The JRC has seven portfolio teams made up of officials from the components and headquarters offices for seven priority areas: cybersecurity; domain and situational awareness; enterprise management support; immigration management; incident management; screening; and securing and law enforcement.
The JRC advises the department’s Acquisition Review Board (ARB) on capability gaps, needs and requirements. The ARB is the acquisition decision authority for major acquisition programs.