311 House Office Building
Chairman Duncan, Ranking Member Barber, and distinguished Members of the Subcommittee, thank you for the opportunity to appear before you on behalf of the dedicated men and women of U.S. Customs and Border Protection (CBP) to discuss our efforts to modernize aging information technology systems in support of our border security mission. We appreciate the Subcommittee’s leadership and your continued efforts to ensure the security of the American people.
Chairman Duncan, Ranking Member Barber, and distinguished Members of the Subcommittee, thank you for the opportunity to appear before you on behalf of the dedicated men and women of U.S. Customs and Border Protection (CBP) to discuss our efforts to modernize aging information technology systems in support of our border security mission. We appreciate the Subcommittee’s leadership and your continued efforts to ensure the security of the American people.
As the unified border security agency of the United States, CBP is responsible for securing our nation’s borders while facilitating the flow of legitimate international travel and trade that is so vital to our nation’s economy. Within this broad responsibility, our priority mission remains to prevent terrorists and terrorist weapons from entering the United States. Today, I will discuss efforts we are making at CBP to continue effective delivery, within budget, of TECS Modernization, one of our key border security systems to support the missions of CBP, DHS and other federal law enforcement agencies.
Background
TECS (no longer an acronym) is a key border enforcement system supporting the vetting of travelers entering the United States and the requirements of other federal agencies used for law enforcement and immigration benefit purposes. TECS supports the sharing of information about people who are inadmissible or may pose a threat to the security of the United States through the creation and query of “lookout records.” TECS is used by more than 70,000 users, including users from more than 20 federal agencies that use TECS in furtherance of their missions. TECS receives and processes traveler manifests from carriers and supports primary and secondary inspections for almost a million travelers and almost half a million vehicles at United States ports of entry (POEs) each day. TECS not only collects and creates border security information, but also shares that data with other systems and agencies. TECS also provides access to National Criminal Information Center (NCIC) and the International Justice and Public Safety Network (Nlets), as appropriate. TECS provides security and privacy controls to ensure users can only run transactions and access data to which they are authorized. TECS also includes extensive auditing of user actions for internal control purposes.
A typical “TECS Check” regarding a particular individual provides authorized users information on:
- Lookout records;
- Entries into and exits from the United States;
- Previous secondary inspections; and
- NCIC wants and warrants.
Because TECS is over 25 years old and uses dated architecture and technology that are difficult to enhance and expensive to maintain, TECS is migrating to a new enterprise architecture that will provide a solid foundation for the future, enable enhanced capabilities, maintain high performance and availability, and align with other DHS modernization activities. The program provides for highly scalable functionality that meets constantly emerging user requirements.
The modernization of the legacy TECS system is being accomplished through two separate but coordinated programs, one within CBP and the other within U.S. Immigration and Customs Enforcement (ICE). Each is funded and being executed separately in support of each agency’s mission requirements. While both modernization programs remain focused on continued support of each agency’s unique mission, both programs coordinate closely on common interests regarding planning, development, and data migration efforts.
CBP’s TECS Mod Program
CBP began its eight year TECS Modernization or “TECS Mod” efforts in Fiscal Year (FY) 2008. A specific challenge to CBP’s modernization effort is that modifications cannot interrupt existing TECS functionality or availability. CBP’s TECS system must be available to support border crossing operations 24 hours a day, 7 days a week. The need for high availability requires redundant hardware and failover processes to allow system maintenance with little or no interruption to end users of the system.
CBP’s TECS Mod program is transitioning functionality incrementally with five projects, focusing on major functional areas to decrease risk and to continue providing existing capabilities to the end user until modernization is complete. In addition to the five functional area projects, CBP TECS Mod also includes two overarching efforts to address infrastructure and security. The program includes migration of data from the legacy source system to the target databases, developing services for interfaces, and deploying a modernized web-based user interface (portal) to support TECS online users, ensuring compliance with security and privacy policies. The five functional area projects are:
- Secondary Inspection (SI):
This project supports processing of travelers referred from primary inspection and creates a modernized graphical user interface. - High Performance Primary Query and Manifest Processing (HPPQ):
This project focuses on modernizing services and functionalities essential for primary inspection (person/vehicle) query functions. HPPQ also modernizes Advance Passenger Information System (APIS) receipt and processing of arriving and departing international traveler manifests. - Travel Document and Encounter Data (TDED):
This project manages travel document data from the Department of State, U.S. Citizenship and Immigration Services, and State, Provincial, and Tribal governments. TDED also modernizes the way encounter data, which include person and vehicle crossing (entry/exit) data, I-94 arrival/departure data, and Currency and Monetary Instrument Report data, are made available for TECS online users and primary and secondary inspections. - Lookout Record Data and Screening Services (LRDS):
This project will modernize the creation, maintenance and query of lookout records for online users and interfaces with other systems. LRDS will also provide TECS data query capabilities and services to the law enforcement community via system to system interfaces or services. Additionally, the LRDS project will support current query capabilities for DHS component users with authorization to access NCIC, Nlets, and criminal history information. - Primary Inspection Processes (PIP):
This project will modernize primary inspections (Air, Sea, and Land) user interfaces, services and processes. PIP will also modernize current Alternate Inspection (AI) processing which includes any inspection that is not conducted at an air, sea, vehicle, or pedestrian primary booth.
Program Governance and Oversight
The CBP TECS Modernization Executive Steering Committee (ESC) provides oversight of the TECS modernization effort. As CBP’s Chief Information Officer and Office of Information and Technology (OIT) Assistant Commissioner, I chair the ESC, which includes members from CBP offices; DHS’s Under Secretary for Science and Technology, Chief Information Officer, and Chief Financial Officer; representatives from stakeholder groups; and ICE’s TECS Mod Program Manager. The ESC, which meets every two months, monitors the program’s cost, schedule, and performance, reviews risk management mitigation activities, and ensures corrective actions are identified.
Additional oversight and governance of CBP’s TECS Mod program is provided by existing policies and guidance from DHS’s Office of the Chief Information Officer (OCIO), Office of the Undersecretary for Management, and the Director of Operational Test and Evaluation. All three offices play key roles in overseeing DHS’s major acquisition programs and are very involved with CBP TECS Mod. Further, DHS’s Office of Program Accountability and Risk Management (PARM) works to ensure the effectiveness of the overall program execution governance process by providing independent assessments of major investment programs, and by identifying emerging risks and issues that DHS and its components need to address. I hold a monthly Program Management Review (PMR), attended by OCIO and PARM representatives, which covers schedule, cost, risks/issues and other topics. In addition to these formal meetings, Mr. Thomas Michelli, ICE’s Chief Information Officer, and I hold regular meetings to coordinate TECS Mod activities, and our program staffs meet frequently for detailed collaboration.
Program Management
CBP’s TECS Mod effort is led by the TECS Mod Program Management Office (PMO) within OIT’s Passenger Systems Program Directorate (PSPD). PSPD manages applications which support CBP’s traveler vetting and processing systems at U.S. ports of entry. It has successfully delivered several high profile border security systems, including Trusted Traveler, Electronic System for Travel Authorization (ESTA), and Western Hemisphere Travel Initiative (WHTI).
Vital aspects of CBP TECS Mod’s strong program governance and program management are the risk and requirements management processes. CBP TECS Mod’s risk management processes include a strategy outlining techniques and procedures for identifying sources of risks, and how to categorize, analyze, and prioritize identified risks. Additionally, each of CBP’s five TECS Mod projects have a government Project Manager whose responsibilities include identifying, verifying, analyzing, documenting, and tracking project risks, as well as communicating risk issues to the TECS Mod Program Risk Manager.
CBP’s TECS Mod requirements management process was revised and improved in 2012, resulting in better organization, tracking, analysis, and communication of program requirements. These practices include a standardized plan to identify requirement types, such as operational, functional or technical, and to attribute mandatory and optional traits for each requirement, such as source, date certified, and status. Requirements are elicited at user sessions, supported by key users identified by the CBP Office of Field Operations (OFO) and additional user communities within CBP, DHS, and/or partnering government agencies (PGAs). Once functionality is developed, it undergoes rigorous developmental and user acceptance testing, followed by independent operational testing to ensure that the functionality is consistent with the approved requirements and satisfies user needs.
Program Schedule and Cost
The TECS Mod Acquisition Program Baseline (APB), the program’s guiding document, provides the program milestones for key schedule events, including objective dates and threshold dates. The APB also specifies program cost objectives and thresholds to ensure the program stays within budget. The CBP TECS Mod program has stayed within budget since it began in FY 2008. The PMO collaborated with the DHS Cost Center of Excellence in March 2012 to refine the Life Cycle Cost Estimate (LCCE) to ensure risk sensitivity was addressed and to validate the accuracy and approach of the LCCE. The LCCE has recently been updated to reflect actual costs for FY 2012 and FY 2013 as well as the impact of the pause of the PIP project. The current LCCE is $692.557M (threshold level) covering planning, development and maintenance costs from FY 2008 through FY 2021.
The TECS Mod master schedule provides visibility into program and project activities aligning with the APB. The schedule is reviewed and maintained by the TECS Mod Project Schedule Manager. CBP TECS Mod is continually improving and refining information in the schedule as a result of project and program maturity. The detailed schedule is reviewed biweekly and progress of major milestones is tracked. Despite challenges such as the size, detail, and complexity of a schedule with over 20,000 tasks, the current process allows the Program Manager to monitor the APB milestones, decision gates, and major deliverables and to ensure successful project management and delivery within planned dates.
The CBP TECS Mod scheduling process has helped the program deliver timely incremental functionality and stay on track for completion of the total program. Because of FY 2013 budget uncertainty and sequestration, the CBP ESC decided to pause PIP, the last project under TECS Mod. As a result, the CBP TECS Mod schedule was recently revised to restart PIP late in the second quarter of FY 2014 and to move the program completion date from the end of FY 2015 to mid FY 2016. The APB has been updated with the revised schedule and is currently going through the approval process within CBP and DHS.
Program Performance
Some CBP TECS Mod functionalities have already been delivered, such as the modernized Secondary Inspection application, which is being used successfully at air, land, and sea ports of entry. The modernized High Performance Primary Query Service was made operational in 2012 and is now being used by the Advance Passenger Information System. In FY 2013, TECS Mod delivered additional functionality such as implementing TECS portal, a web-based interface which will replace the current terminal-only access, for the TDED and LRDS projects. The first phase of this user-facing functionality includes lookout and travel document queries. In FY 2014, TECS Mod will deliver new functionality such as enhancements to query and lookout applications.
CBP has made significant progress with our TECS Mod Program to date, and we anticipate completion of program development and Full Operational Capability (FOC) in mid FY 2016. While six milestones were not met early in the program, by incorporating additional operational capabilities and adjusting to address technology implementation challenges, we have met all other major milestones and have been delivering modernized functionality incrementally as planned. Program planning and execution can always be improved; however, CBP TECS Mod has strong schedule, risk, and requirements management practices in place, which have facilitated delivery of required functionality on schedule and within budget. The PMO has grown in staff and matured its management processes since the program began in 2008.
The CBP TECS Mod program has made significant progress, reached many milestones and the program is in good overall health. GAO report GAO-14-62, DHS’s Efforts to Modernize Key Enforcement Systems Could be Strengthened, published December 5, 2013, contained four recommendations for CBP’s TECS Mod program. DHS and CBP concurred with three of the recommendations and is in the process of resolving and implementing these recommendations. Although CBP did not concur with GAO’s recommended changes to our schedule process based on the fact that our established process has proven to be effective and efficient, we will continue to refine and improve upon our current model.
Conclusion
CBP is working hard to continue incrementally delivering TECS Mod functionality and completing the program within budget by mid FY 2016. We are continuing to improve the management of all our programs by ensuring effective oversight, and by harnessing best practices in how we run those diverse programs. These efforts enhance CBP’s multilayered approach to vetting and identifying potential travelers to the United States who may pose a threat to the homeland.
Thank you for allowing me the opportunity to testify before you today. I look forward to answering your questions.