[House Hearing, 112 Congress]
[From the U.S. Government Publishing Office]





          DEPARTMENT OF HOMELAND SECURITY FINANCIAL MANAGEMENT

=======================================================================

                                HEARING

                               before the

                SUBCOMMITTEE ON GOVERNMENT ORGANIZATION,
                  EFFICIENCY AND FINANCIAL MANAGEMENT

                                 of the

                         COMMITTEE ON OVERSIGHT
                         AND GOVERNMENT REFORM

                        HOUSE OF REPRESENTATIVES

                      ONE HUNDRED TWELFTH CONGRESS

                             FIRST SESSION

                               __________

                              MAY 13, 2011

                               __________

                           Serial No. 112-49

                               __________

Printed for the use of the Committee on Oversight and Government Reform









         Available via the World Wide Web: http://www.fdsys.gov
                      http://www.house.gov/reform



                  U.S. GOVERNMENT PRINTING OFFICE
70-522 PDF                WASHINGTON : 2011
-----------------------------------------------------------------------
For sale by the Superintendent of Documents, U.S. Government Printing 
Office Internet: bookstore.gpo.gov Phone: toll free (866) 512-1800; DC 
area (202) 512-1800 Fax: (202) 512-2104  Mail: Stop IDCC, Washington, DC 
20402-0001












              COMMITTEE ON OVERSIGHT AND GOVERNMENT REFORM

                 DARRELL E. ISSA, California, Chairman
DAN BURTON, Indiana                  ELIJAH E. CUMMINGS, Maryland, 
JOHN L. MICA, Florida                    Ranking Minority Member
TODD RUSSELL PLATTS, Pennsylvania    EDOLPHUS TOWNS, New York
MICHAEL R. TURNER, Ohio              CAROLYN B. MALONEY, New York
PATRICK T. McHENRY, North Carolina   ELEANOR HOLMES NORTON, District of 
JIM JORDAN, Ohio                         Columbia
JASON CHAFFETZ, Utah                 DENNIS J. KUCINICH, Ohio
CONNIE MACK, Florida                 JOHN F. TIERNEY, Massachusetts
TIM WALBERG, Michigan                WM. LACY CLAY, Missouri
JAMES LANKFORD, Oklahoma             STEPHEN F. LYNCH, Massachusetts
JUSTIN AMASH, Michigan               JIM COOPER, Tennessee
ANN MARIE BUERKLE, New York          GERALD E. CONNOLLY, Virginia
PAUL A. GOSAR, Arizona               MIKE QUIGLEY, Illinois
RAUL R. LABRADOR, Idaho              DANNY K. DAVIS, Illinois
PATRICK MEEHAN, Pennsylvania         BRUCE L. BRALEY, Iowa
SCOTT DesJARLAIS, Tennessee          PETER WELCH, Vermont
JOE WALSH, Illinois                  JOHN A. YARMUTH, Kentucky
TREY GOWDY, South Carolina           CHRISTOPHER S. MURPHY, Connecticut
DENNIS A. ROSS, Florida              JACKIE SPEIER, California
FRANK C. GUINTA, New Hampshire
BLAKE FARENTHOLD, Texas
MIKE KELLY, Pennsylvania

                   Lawrence J. Brady, Staff Director
                John D. Cuaderes, Deputy Staff Director
                     Robert Borden, General Counsel
                       Linda A. Good, Chief Clerk
                 David Rapallo, Minority Staff Director

   Subcommittee on Government Organization, Efficiency and Financial 
                               Management

              TODD RUSSELL PLATTS, Pennsylvania, Chairman
CONNIE MACK, Florida, Vice Chairman  EDOLPHUS TOWNS, New York, Ranking 
JAMES LANKFORD, Oklahoma                 Minority Member
JUSTIN AMASH, Michigan               JIM COOPER, Tennessee
PAUL A. GOSAR, Arizona               GERALD E. CONNOLLY, Virginia
FRANK C. GUINTA, New Hampshire       ELEANOR HOLMES NORTON, District of 
BLAKE FARENTHOLD, Texas                  Columbia















                            C O N T E N T S

                              ----------                              
                                                                   Page
Hearing held on May 13, 2011.....................................     1
Statement of:
    Sherry, Peggy, Deputy Chief Financial Officer and Acting CFO, 
      Department of Homeland Security............................     4
Letters, statements, etc., submitted for the record by:
    Cummings, Hon. Elijah E., a Representative in Congress from 
      the State of Maryland, prepared statement of...............    31
    Sherry, Peggy, Deputy Chief Financial Officer and Acting CFO, 
      Department of Homeland Security, prepared statement of.....     8

 
          DEPARTMENT OF HOMELAND SECURITY FINANCIAL MANAGEMENT

                              ----------                              


                          FRIDAY, MAY 13, 2011

                  House of Representatives,
Subcommittee on Government Organization, Efficiency 
                          and Financial Management,
              Committee on Oversight and Government Reform,
                                                    Washington, DC.
    The subcommittee met, pursuant to notice, 11:36 a.m., in 
room 2247, Rayburn House Office Building, Hon. Todd Russell 
Platts (chairman of the subcommittee) presiding.
    Present: Representatives Platts, Lankford, Amash, Towns, 
and Connolly.
    Staff present: Ali Ahmad, deputy press security; Adam 
Bordes, senior policy analyst; Molly Boyl, parliamentarian; 
Sharon Casey, senior assistant clerk; Tabetha C. Mueller, 
professional staff member; Beverly Fraser Britton, minority 
counsel; and Cecelia Thomas, minority counsel, deputy clerk.
    Mr. Platts. This hearing of the Subcommittee on Government 
Organization, Efficiency and Financial Management will come to 
order. Before I make a brief opening statement, I do want to 
thank both my colleagues for juggling schedules around the 
floor schedule, as well as our witness for juggling her 
schedule to accommodate the change in our starting time.
    In 2003 and 2004, I was honored to work with then also 
Ranking Member Towns to sponsor the Department of Homeland 
Security Financial Accountability Act. That law placed the 
Department under the CFO Act, requiring a Senate-confirmed CFO, 
and imposed the first-ever statutory requirement for an audit 
of internal controls at a Federal agency. When DHS was created 
in 2002, it inherited substantial financial management 
challenges, particularly from the legacy Immigration and 
Naturalization Service, which had been a component of the U.S. 
Department of Justice, as well as the U.S. Coast Guard, 
formerly under the Department of Transportation. Financial 
management at the Coast Guard presented a unique challenge in 
that its books had never been subject to a financial audit.
    Recognizing the many challenges facing the Department, 
Ranking Member Towns and I wanted to address the root causes of 
financial management problems before they became ingrained in 
this new Department. Therefore, the law that we passed focused 
on remediating internal control weaknesses by requiring a 
separate assertion and audit opinion of the Department's 
internal controls over financial reporting.
    While the Department certainly has made progress, we still 
have a long way to go. DHS still does not have a clean audit 
opinion, and we are particularly concerned that the Department 
does not currently have a Senate-confirmed CFO.
    Our witness here today, Ms. Peggy Sherry, is a career civil 
servant. And we certainly are grateful for your many years of 
service to the Department, to your fellow citizens, to your 
Nation. Ms. Sherry is the acting CFO. And while we applaud her 
efforts, we certainly look forward to the administration, along 
with the Secretary of the Department, working together to get a 
Senate-confirmed CFO in place, as intended and required by the 
law.
    I am pleased by the progress that DHS has made to address 
specific weaknesses, and I agree with the Department's strategy 
of foregoing stand-alone audits at components in favor of 
directing staff resources to correcting pervasive material 
weaknesses.
    The Department made a decision this past Thursday to cancel 
its most recent procurement efforts regarding a major financial 
management system, and I am glad that we have this chance here 
today to have some discussion about that action. Mr. Towns and 
I remember all too well the debate that surrounded eMerge2, and 
the efforts in 2003 and thereafter that was abandoned after a 
substantial amount of money had already been spent. The 
successor to eMerge2, TASC, was able to leverage some of that 
money, but there were certainly some sunk costs that were not 
benefited to the American people. I understand the Department 
is taking a new approach, and we look forward to hearing how 
that change will focus DHS and help it reach its goal of good 
financial management.
    I will add that most of the material weaknesses still on 
the books are related to processes and not systems, and 
regardless of what decisions DHS makes on how it will integrate 
its information systems, the underlying processes must be 
fixed, must be corrected, for that system to function properly.
    Again, we are delighted to have Ms. Sherry with us as a 
witness. I yield to the ranking member, the gentleman from New 
York, Mr. Towns, for the purpose of an opening statement.
    Mr. Towns. Thank you very much. Let me thank the chairman 
of the full committee, who is also here, and of course chairman 
of the subcommittee, and my good friend Mr. Connolly from the 
great State of Virginia. The DHS Financial Accountability Act, 
which you and I cosponsored, as you indicated, Mr. Chairman, is 
one of the most important pieces of legislation that affects an 
issue that we are both committed to: proper financial 
management within the U.S. Government. This hearing will 
provide us with up-to-date information on how DHS is managing 
its finances. And I thank you for holding this hearing.
    Ms. Sherry, as the acting chief financial officer at DHS, 
everyone in your agency reports to you how well financial 
accountability is proceeding. I welcome you, and I am anxious 
and eager to hear your testimony.
    The Department of Homeland Security has an extremely 
important mission: to ensure a homeland that is safe, secure, 
and resilient against terrorism and other hazards. That mission 
protects each and every one of us, and we must provide the 
necessary support in order for it to be carried out.
    The GAO and DHS Inspector General have been keeping your 
financial management system under constant scrutiny. It is 
encouraging to see that the Department has made some 
improvements in internal controls over the years. Material 
weaknesses are down from 18 to 6 across the Department. 
Improper payments have been decreased from nearly $929,000 down 
to $38,000. That is real improvement. That is truly great work.
    However, there is still room for improvement. It is 
absolutely critical that DHS establish an integrated financial 
system. It is nearly impossible to achieve an unqualified audit 
opinion without one. DHS has been on the GAO's High Risk List 
since its creation. You have to work on not becoming a 
permanent resident of that list.
    I see from the testimony that your office is working very 
closely with the Coast Guard to improve internal controls. I 
would like to hear more about those efforts and the work being 
done with the other DHS components.
    I want to thank you for being here today. We look forward 
to hearing from you as to how we might be able to improve 
financial management, but also to say to you that we are here 
to also help. If there are some things that we need to do, let 
us know. We want to work together, because we feel this is 
very, very important.
    On that note, Mr. Chairman, I yield back.
    Mr. Platts. I thank the gentleman.
    We will now move to our witness' opening statement. We are 
delighted to have Peggy Sherry here, acting CFO of the 
Department, and deputy chief financial officer if we get a 
Senate-confirmed CFO. Ms. Sherry has been with the Department 
from 2007, as director of financial management. She is 
responsible for developing Department-wide financial management 
policy, preparing Department-wide financial reports, and 
leading the Department's financial audits.
    And prior to joining DHS, Ms. Sherry was deputy chief 
financial officer for the U.S. Holocaust Memorial Museum, and 
an auditor with GAO for more than 9 years, overseeing numerous 
financial audits. And certainly appreciate your work at GAO, as 
one who has great regard for the work of GAO and its important 
partnership with Members of Congress as we oversee the 
operation of the Federal Government.
    Again, we are delighted to have you here, and look forward 
to your testimony. The practice of the committee is to swear in 
all of our witnesses. If I could ask you to stand and raise 
your right hand.
    [Witness sworn.]
    Mr. Platts. Let the record reflect that the witness has 
affirmed the oath.
    And we will proceed to your statement. I think the clock is 
set at 7 minutes. If you need to go over, you are it. So if you 
need additional time, that is not a problem. And then we will 
go to questions.
    Mr. Connolly. Mr. Chairman.
    Mr. Platts. Yes.
    Mr. Connolly. I just want to say in your introduction of 
our witness today, one of the most singular and important 
facets of her life is that she is a constituent of the 11th 
District of Virginia. And we are proud to have her here.
    Ms. Sherry. I am delighted to be there.
    Mr. Platts. To the gentleman from Virginia, I sincerely 
apologize. Not realizing that, I would have had you do the 
introduction, Mr. Connolly. And I apologize.
    Mr. Towns. I would have objected.
    Mr. Platts. But we are delighted to have you, especially as 
a constituent of the gentleman from Virginia. And we will allow 
you to proceed.

 STATEMENT OF PEGGY SHERRY, DEPUTY CHIEF FINANCIAL OFFICER AND 
          ACTING CFO, DEPARTMENT OF HOMELAND SECURITY

    Ms. Sherry. Thank you, sir. I appreciate it very much. And 
thank you, Chairman Platts, Ranking Member Towns, and members 
of the committee, for the opportunity to provide an update on 
the Department of Homeland Security's progress in implementing 
the Financial Accountability Act of 2004 and the financial 
management improvements we have achieved since 2009.
    The Accountability Act gave our Department the foundation 
it needed to successfully structure and improve financial 
management and corrective action planning for DHS through 
internal controls over financial reporting, accountability 
reports, and audit opinions.
    DHS began improvements to our financial management 
structure in fiscal year 2005. And since that time, we have 
continued to show significant improvements in our annual 
financial report and audits. DHS now has only six material 
weaknesses, and has isolated the issues on the balance sheet to 
one component.
    I continue to work with Secretary Napolitano, Deputy 
Secretary Lute, and our component CFOs to build on our 
significant progress. Our approach to improving internal 
controls over financial reporting focuses on identifying root 
causes, executing corrective actions, setting achievable 
milestones, and providing strong oversight to strengthen 
Department-wide internal controls and to significantly improve 
key financial areas. I am pleased to report that by using this 
strategy in fiscal year 2010, improvements made by the U.S. 
Coast Guard and other components increased the Department's 
auditable balance sheet to approximately 90 percent.
    After achieving several successful stand-alone audit 
opinions, the Department is focused on receiving a full-scope 
audit opinion. And my staff and I are working diligently toward 
this target. In fiscal year 2010, Secretary Napolitano 
committed to the goal of receiving a qualified audit opinion on 
the DHS consolidated balance sheet this fiscal year. Once we 
achieve this audit result, we are well-positioned to expand the 
audit scope to include the other statements, as is required by 
law.
    In order to receive an opinion on our consolidated balance 
sheet in fiscal year 2011, specific improvements and corrective 
actions must be made at the U.S. Coast Guard. Admiral Papp, the 
Commandant of the Coast Guard, issued an all-hands directive 
memo to his staff, both civilian as well as military, this past 
January that stressed the importance of corrections required to 
achieve success with the audit in fiscal year 2011.
    My staff meets regularly with the Coast Guard to monitor 
their financial strategy for audit readiness, also known as 
their FSTAR plan. I also meet frequently with the Coast Guard 
leadership, staff, and our auditors to discuss progress.
    Coast Guard is demonstrating controls over current year 
activity, they are verifying the accuracy of accounting data, 
and they are analyzing the financial impact of their legacy 
systems. By executing corrective action plans and monitoring 
risk throughout the year, the U.S. Coast Guard is putting the 
Department on a path to attaining a balance sheet opinion in 
fiscal year 2011.
    However, because of the deficiencies in their current 
financial system, the Coast Guard is still unable to fully 
remediate all of its financial management issues. Many DHS 
systems are not modernized and have system functionality as 
well as security weaknesses. In addition to functionality 
issues, most legacy systems do not comply with the Federal 
Financial Management System Requirements, Accounting Standards, 
and the U.S. General Ledger at the transaction level.
    DHS is analyzing alternative strategies to meet the 
Department's requirements based on recent Federal information 
technology policy changes and various advances in IT and 
security. DHS only requires system modernizations where there 
are currently severe deficiencies in systems security, and 
functionality. We are focusing on our most critical needs 
first, and will approach correcting those needs in small, 
manageable segments.
    While the audit is A critical tool to measuring our 
progress as a Department from year to year, we are committed to 
expanding our success beyond the elements in the annual 
financial statement audit. The Accountability Act rightly 
highlights the importance of internal controls over financial 
reporting and implementing planning, programming, and budgeting 
for the Department. We strongly agree with those tenets, and 
have established processes and controls to comply with 
governmentwide initiatives like the Improper Payments Reduction 
Act, and open government, as well as audit recommendations from 
both the OIG and the GAO. I am pleased to report that DHS was 
found fully compliant with the Improper Payments Information 
Act since 2009.
    We are committed to being strong stewards of the taxpayer 
dollars, and we worked closely with OMB to make sure DHS was 
prepared to implement new improper payment reporting 
requirements. Today, all DHS components assess each of their 
programs for risk, using standard guidance provided by my 
office. And programs potentially at high risk for improper 
payments are tested based on these assessments.
    Since implementing these controls in fiscal year 2008, DHS 
has significantly lowered estimated improper error rates at 
FEMA, on average, from about 9 percent to 2 percent. Improper 
payment amounts identified by recovery auditors have also 
dropped, from about $929,000 in 2008 to just $38,000 in fiscal 
year 2010, even though the amount of data provided for recovery 
auditors to review has increased significantly from year to 
year.
    The Accountability Act also focuses on the need to report 
internal controls over financial reporting. This set the 
foundation for DHS to develop a financial management strategic 
plan each year. My office just published the Department's Fifth 
Annual Internal Controls Playbook, that establishes mission 
action plans and focuses on our most significant internal 
control findings. The playbook also supports moving our focus 
beyond internal controls over financial reporting, and 
expanding improvements to internal controls over operations by 
using government charge cards and risk-management initiatives 
to reduce the risk of waste, fraud, and abuse.
    Based on risk areas in the playbook, my office has 
established a bank card assessment team that meets weekly to 
implement corrective actions to strengthen the Department's 
internal controls in the bank card program.
    The Department also continues to refine and update the 
Financial Management Policy Manual. This provides all DHS 
employees with standard processes to follow for budgetary 
policy, financial reporting, and bank card management. A recent 
update to the Financial Management Policy Manual is the 
addition of our Financial Assistance Awards and Oversight 
section, which contains 11 new policies to streamline and 
standardize grants management at DHS. The policy manual puts 
management control systems in place to efficiently achieve the 
DHS mission.
    In compliance with the Accountability Act, our program 
analysis and evaluation division works with the formal 
planning, programming, budgeting, and execution system to guide 
the development of a 5-year budget and performance plan. These 
efforts produce the annual budget request and the Future Years 
Homeland Security Program report, another tenet outlined in the 
FAA. Clearly, the Accountability Act has provided DHS with the 
foundation for strong financial management and internal 
controls.
    However, to carry out this important legislation, we must 
rely on our most valuable resource at DHS, our people. At DHS, 
there are over 2,500 financial management professionals across 
the Department. In order to hire and retain the most qualified 
work force, I sponsor various departmental and training 
programs within my office. I support a rotational fellows 
program, provide new-hire training for the Department-wide CFO 
employees. I host an annual CFO conference, attended by over 
300 DHS financial managers. We offer resource training programs 
for all program analysis and evaluation staff. And we offer an 
appropriations law training course for all Department-wide CFO 
employees.
    Providing training opportunities and supporting career 
development not only better equips our staff to perform their 
jobs, but also helps us to retain our staff. Using the 
objectives outlined in the Accountability Act, we continue to 
make significant progress toward improving financial management 
at DHS. And I am very fortunate to work with such a dedicated 
staff and have the support of our senior leadership as we 
continue these efforts.
    I appreciate the support we have received from this 
committee and Congress, and I look forward to working with you 
in the future. And I am happy to take any of the questions you 
may have. Thank you.
    Mr. Platts. Thank you, Ms. Sherry.
    [The prepared statement of Ms. Sherry follows:]
    



    Mr. Platts. Again, we appreciate both the written testimony 
and your oral testimony here today, and your dedicated efforts 
at DHS in trying to help rein in a challenging assignment.
    I want to start first with kind of the premise when we did 
the accountability legislation several years back and the issue 
of the importance of the CFO position. As I mentioned in my 
opening statement, we are anxious for us to get back to a 
Senate-confirmed appointee. Again, not in any way a reflection 
on or lack of faith and trust in you, but is sending that 
message of the importance of the CFO role.
    Can you give us any idea where we stand with the Secretary, 
with the administration, on that process and what we can expect 
here in the near future?
    Ms. Sherry. Thank you, Congressman. First, I will say that 
I think in the position that I have been in, and having had the 
opportunity to serve as acting as well as the deputy CFO, I 
have enjoyed very strong support from DHS leadership. Both the 
Secretary, as well as Deputy Secretary Lute and Under Secretary 
Rafael Borras, have provided very good support to my office. So 
I will say that.
    Having said that, though, your question is a very good one. 
And what I would have to do is direct you to the White House at 
this particular point, as they are really in charge of Senate-
confirmed political positions.
    Mr. Platts. So there has been no discussions with you or 
the Secretary from personnel at the White House about a 
timeframe or where things currently stand?
    Ms. Sherry. No, sir, not directly with me, as far as where 
things actually stand. I do know it is clearly an important 
initiative for the Secretary as well as for the White House.
    Mr. Platts. We hope that the Secretary and the White House 
do take it seriously, because bottom line is it is the law. And 
we put it in law, Mr. Towns and I, with our colleagues in the 
House and Senate and the former President, because of the 
importance of emphasizing this position.
    In your role as acting CFO and deputy CFO, how would you 
describe your access to the Secretary? Is it a direct 
communication? If you have an issue you can go right to the 
Secretary? Or do you need to go to the deputy secretary, under 
secretary?
    Ms. Sherry. No, I do have direct access. In fact, stressing 
the importance of getting the Coast Guard to get a clean 
opinion, I had the opportunity to talk directly with the 
Secretary and to emphasize to her the support--how important it 
was for us to be able to reach out to the Coast Guard and to, 
you know, kind of set that goal. And she went right out on 
record and said that even though it is a high-risk prospect, 
still, for us to be able to get a qualified opinion in 2011, 
just because, as you all have indicated, it is a complex agency 
and there was a lot of work that needed to get done and still 
needs to get done at the Coast Guard, she absolutely went out 
and provided in writing, as well as sent a memo at the 
beginning of this calendar year, to remind everyone that no one 
is letting up.
    It is not just the Coast Guard, but all of the other 
improvements that we have done throughout the Department. All 
components were responsible for working toward this qualified 
opinion this year.
    So absolutely, the ability to be able to go and talk about 
basic financial management needs, in addition to many, many 
meetings with her on the overall budget itself. You know, it is 
very critically important to the Secretary.
    Mr. Platts. I am very pleased to hear that, a testament to 
you and the Secretary to have and maintain that relationship 
and that open communication. In fact, your being here to 
testify as the acting CFO, we are appreciative of that 
commitment as well by your presence here today.
    On the issue of the decision to forego moving forward with 
the TASC program and to kind of start again with a Department-
wide financial management system, a couple questions. The last 
effort with eMerge2, we had spent about $9 million before a 
decision that it just wasn't going to work. We got some benefit 
I think from those costs as we moved to the new effort, with a 
decision to kind of start over.
    Can you give us a ballpark of what have taxpayers spent 
that is maybe not totally lost, but not getting the result that 
our hope was when we started over the second time?
    Ms. Sherry. Sir, you are referring specifically to TASC and 
the TASC program?
    Mr. Platts. Yes.
    Ms. Sherry. I am happy to do that. We received so far in 
total--what we actually had was some carryover even from the 
eMerge program, where the Department was not spending that, but 
we were allowed to keep that as carryover. So in addition to 
the funding that we have been fortunate to have received in 
fiscal year 2009 and 2010, and then a little bit in 2011, in 
total we had about $47 million. Of the $47 million, we have 
obligated about $4.8 million. When I say ``obligated,'' what we 
did is we initially went to award in November 2010. We issued 
our first TASC order against the contract in late February 
2011. That was to stand up the program management office, the 
contract program management office, which would complement my 
office, my program management office, which was really a 
blending of components as well as the different disciplines. 
But they were Federal employees. Ten days after the TASC order 
was issued, we----
    Mr. Platts. Protest.
    Ms. Sherry. Exactly. So what we have obligated has really 
been the $3\1/2\ as it related to the TASC order, as well as 
$1.8 million as it related to program support within my office. 
And since we had to stop work, I really don't have any invoices 
against that. But that kind of gives you the magnitude of 10 
days' worth of the contract. But what we did get for that was 
an integrated master schedule, a draft integrated master 
schedule, because we had really just gotten out of the gate on 
this, OK. We got an integrated master schedule as well as an 
earned value management, a draft plan for that, as well as a 
draft training plan as well.
    But what it doesn't speak to is the value that we have also 
gotten from this time around, was really as it relates to the 
data cleanup efforts, the things that the Department has been 
doing, preparing, in order to be able to get to the contract. 
And that would require working with the components that have 
the most critical business need, really looking at the data 
cleanup initiative.
    Mr. Platts. So if I understand in numbers, $9 million that 
was spent on eMerge2, and then a different direction, and we 
spent somewhere in the $3\1/2\ million, or you obligated----
    Ms. Sherry. We have just obligated it.
    Mr. Platts. But you haven't gotten invoices.
    Ms. Sherry. That is exactly right. That is exactly right.
    Mr. Platts. So of the $40-plus million that was kind of set 
aside for this, the overwhelming bulk of that has not been 
spent.
    Ms. Sherry. Yes, sir, that is correct. That is correct. And 
any of the Federal energies that we have spent as a part of my 
base budget itself has been preparing for the data cleanup and 
the change management, many of the things that I am going to be 
able to use anyway.
    Mr. Platts. OK. That was my followup. So what you have done 
internally, you are not going to lose that.
    Ms. Sherry. Absolutely not. All it has done is set the 
Department that much closer to really being able to manage this 
really well. So none of that has been lost.
    Mr. Platts. OK. I have some followups on that, but I want 
to yield to the ranking member first, and then we will come 
back around. So I yield to the gentleman from New York.
    Mr. Towns. Thank you very much.
    Ms. Sherry, you mentioned that the most valuable resource 
DHS has is its people. And I want you to know I agree with you 
wholeheartedly on that. GAO reported in December 2009 that DHS 
hired staff in anticipation of implementing the TASC system. My 
question to you is, now that you have scrapped it, what 
happened to these staff people?
    Ms. Sherry. They are still part of my base annual budget. 
So I still have them. And what we have been working on, even 
before we went to award, what we have been working on is 
working with the components that have that critical business 
need, that still need to get their accounting systems replaced, 
all right, or modernized, working with them to be able to get 
their data cleaned up. Because what you can't do is have data 
that is not really ready to move to the new system if it is not 
cleaned up. Or if your balances aren't good, then there is no 
sense moving garbage into the new system. So we have worked 
with the components to be able to clean up their data.
    We worked on developing change management plans, because so 
much of one of these financial systems modernizations really 
centers around change management, changing people, the way 
people do their business; also focused around the business 
process, standardization of business process. So what we have 
been doing, sir, is really setting the foundation, getting the 
Federal Government ready for the contract is what we have been 
doing with my Federal staff.
    Mr. Towns. Right. I think this points out in terms of the 
statement that the chairman raised early on is the confirmation 
part. Because when you have to scrap a program, and then you 
move, and then you scrap another one, I think that the 
consistency is just so important in terms of--and that is the 
reason why I think that we really need to push for this 
confirmation. Because I think that needs to be done.
    But anyway, let me just move along to another question. In 
your opinion, what is the worst-case scenario for DHS if they 
fail to integrate disciplined processes that GAO recommends 
before a new financial management system contract is awarded?
    Ms. Sherry. What an integrated financial system really 
brings, the value that it really brings to the Department is 
really sustainability. It introduces effectiveness and 
efficiency. And what we have at this particular point in the 
Department--not throughout the Department, because some of our 
components do have modernized systems, and they are in good 
shape--but some of the components, about 75 percent of my 
overall resources, they are on systems, these components are on 
systems that are either they are legacy, they are proprietary, 
they are not necessarily supported anymore. And in many 
instances they are not integrated with an acquisition system or 
with the asset system. And as a result, what that means is I 
can't have strong internal controls. It is not just up to the 
system to have good internal controls, but the sustainability 
is really critical in order to be able to have these integrated 
systems.
    In addition, it allows you to be much more efficient in the 
work that you do. I think that from a standpoint of where do 
you actually have your people working, if they are doing manual 
processes, where they are having to do manual reconciliations 
in order to be able to make sure the contracts that are 
recorded in your procurement system actually marry up with what 
you are actually reporting in your core financial system, 
having to do those manual reconciliation processes not only is 
not overly efficient or effective, I could be using them maybe 
to do heavy analytics, you know, especially as we need in these 
current fiscal times.
    But what it also does is introduce internal control risk, 
the ability to be able to have something obligated in your 
contract system; if for whatever reason it doesn't make its way 
into your general ledger system, there is the potential to have 
some severe funds control, internal control weaknesses.
    Mr. Towns. Right. Thank you very much.
    Let me just say to Mr. Chairman before I yield back, that 
maybe what we need to do is to send a letter indicating the 
fact that this is the law, and that we hope that they will move 
forward with confirmation, and just sort of send it from the 
committee. I think maybe to let them know that--I really view 
this as being very serious. And I think that we should try to 
state it. I yield back on that note.
    Mr. Platts. I thank the gentleman, and certainly share that 
perspective, and am glad to partner with you in urging the 
White House to move as quickly. And maybe that will be the 
first step, and then we will urge our Senate colleagues to move 
quickly, too. That sometimes is one of the problems with 
confirmation.
    So I yield to the gentleman from Virginia, Mr. Connolly.
    Mr. Connolly. Thank you very much, Mr. Chairman. I thank 
you for holding this hearing, and again welcome Ms. Sherry.
    USCIS, FLETC, ICE, have only one remaining material 
weakness each, while the Coast Guard still has six. What are 
some of the factors, in your view, that explain the differences 
in internal controls among the different components that we 
have such variance?
    Ms. Sherry. The remaining material weaknesses at the 
Department level, which is really the six, which is really 
comprised of the various conditions throughout the various 
components, really can only be corrected by having strong--the 
tenets basically that come from the Accountability Act. What 
you need to be able to do is to identify what is the root cause 
of the material weakness or the significant deficiency. You 
need to be able to--so rather than just responding to 
potentially an auditor's finding, where they identify an issue, 
if you just respond to that issue without really identifying 
what was the root cause, what was the reason for actually 
having that material weakness, what is going to end up 
happening is you will continue to do work, but what you won't 
do is actually correct the internal control findings.
    And so by using the Internal Controls Playbook, which is 
really our annual strategic plan for how to correct our 
internal control weaknesses, we were able to work with 
components--in particular, my Department--through the A-123 
process, to work with them to be able to look at how their 
internal controls were designed and whether or not they were 
designed effectively, and to look at, through the performance 
audits that we did also as a result of the Accountability Act, 
to find out how well we were doing as far as developing 
corrective action plans. So the idea that you could develop a 
plan that may not be responsive to the problem is not going to 
ultimately end up reducing your material weaknesses.
    What we have done with the Coast Guard and with the other 
components we were able to do before that, is to kind of crack 
that code, all right, working with us. They were able to 
identify--and I think the magnitude of some of their issues 
were clearly a lot smaller than the Coast Guard as well.
    But what we have done with the Coast Guard, working with 
them over the last couple years, and it is detailed in what 
they call their FSTAR, that is their audit remediation plan--or 
their audit readiness plan--what we have been able to do is 
work with them to have them understand how to do that root 
cause analysis. So rather than just responding to an audit 
finding, they are now able to actually dig into what is the 
system issue, what is the process issue, what is the people 
issue? You know, how does it actually relate to the remediation 
on the financial statements as well as the internal controls?
    Mr. Connolly. Are there incentives within DHS to make sure 
that various components of DHS take material weaknesses 
seriously and understand we have to have an unqualified audit?
    Ms. Sherry. Yes, sir, there are. In fact, what we do is the 
Department Office of CFO, what we do is we meet with each of 
the component CFOs at, least annually, on an offsite retreat, 
where what we do is we jointly establish what our goals and 
objectives are for the year, as well as for the foreseeable 
future. And then what I am able to do is I take those goals 
that we all agree on, and getting the clean opinion and 
correcting the material weaknesses as well as things that are 
at the less significant level of a material weakness, we then 
place them in the CFO's plans, performance plans, annual 
performance plans, as an objective that they must meet. And 
then what we do is we meet with them periodically, and then 
again at the year to just basically assess where they are at. I 
then report that up to the Secretary and to the deputy 
secretary.
    So what you have is really, again, what the GPRA Act really 
wants us to be able do is put that performance--decide what the 
outcome that you are trying to achieve is, and then put those 
goals into the various plans. And then that is what we do, sir, 
to be able to get them to understand the importance.
    Mr. Connolly. Given the progress that has been made, 
obviously people do take it seriously. And I think it is a 
testament to your effectiveness as well, Ms. Sherry.
    Ms. Sherry. Thank you, sir.
    Mr. Connolly. Going back to the TASC order--and I am going 
to be running out of time real fast here--which breaks up the 
contract into smaller component parts, is there an opportunity 
here, though, for DHS, for especially acquisition personnel, to 
gain better contract management skills and technical expertise 
as we do that, so more people have a chance to participate and 
develop the requisite skills? Because Chairman Platts and I are 
both very concerned, and I know Mr. Towns is as well, about the 
whole issue of acquisition training in the Federal Government. 
So in the loss here of the reversal of the contract, is there 
also, however, perhaps an opportunity?
    Ms. Sherry. There is great opportunity. Yes, there is great 
opportunity to do that. In fact, the under secretary for 
management and the deputy secretary, as well as the Secretary, 
are very interested in making sure that we start to get this 
right. And I think that we have made some really good 
improvements, as demonstrated by the integrated plan that we 
have for addressing the GAO high-risk issue as it relates to 
transforming management, not just financial management, but as 
it relates to transforming management within the Department.
    The other thing that we have done really well as it relates 
to this particular acquisition is to start to have some of that 
not only horizontal integration, but also the vertical 
integration. One of the things that we are trying do in the 
Department is to really invigorate the overall governance 
process. So what we should be doing is we should be looking at 
these major acquisitions on a more real-time basis. But we 
should also be bringing all the right stakeholders and 
decisionmakers to the table to really review these.
    And what we had with TASC was what is called the executive 
steering committee, which was made up--it is chaired by the 
under secretary for management, has all the lines of business 
chiefs on it, you know, within the Department. And then we also 
have as members on there, members from the various components. 
So you would have your CIO, you would have your CPO, you would 
have your CFO, various components that actually participate on 
this steering committee. So that, sir, also I think is a really 
good way for us to be able to get our hands around that 
acquisition management throughout the Department.
    Mr. Connolly. Thank you very much, Mr. Chairman.
    Mr. Platts. I thank the gentleman, and would just make a 
note that I know the gentleman from Virginia is working on some 
legislation to try to better train our acquisition personnel 
across the Federal Government. And I look forward to working 
with him as we seek to advance that objective.
    Mr. Connolly. I thank my friend.
    Mr. Platts. We are going to do another round of questions 
to give you a chance to kind of catch your breath and settle 
in. I am going to followup on the TASC recent announcement. It 
is my understanding that DHS is no longer requiring that it be 
housed in an enterprise data center, and that it not 
necessarily is going to be a single contract vehicle for the 
financial management system.
    Does this mean that we are going to have permanently, some 
legacy systems that are kind of on their own; or is it just in 
the immediate term, but eventually the goal still is to have 
all systems kind of be united in one Department-wide system?
    Ms. Sherry. I think we will have to look at that as we go 
forward, you know, as we analyze the various strategies. But 
where our real requirement is at this particular point is to 
modernize those systems that are in critical need to be able to 
do that. And that speaks to over 70 percent of the budgetary 
resources, components that need those modernized systems, or 
well over half the Department as it is anyway.
    So what we really want to do, based on the changes in IT 
policy, governance, just the way that we look at financial, 
these systems modernizations, in addition to the grave fiscal 
environment that we are currently in as well, it really makes 
sense for us to focus in on our critical business needs and 
those systems that need to be modernized.
    So I think as we lay out our overall strategy, we will 
consider how we will include those components that already have 
modernized systems. But really it is focusing on those critical 
business needs now and being able to implement this in small, 
manageable segments.
    Mr. Platts. And because of where the Coast Guard is, that 
is going to heavily focus on the Coast Guard.
    Ms. Sherry. Yes, sir. The Coast Guard clearly needs to have 
changes to their system. It needs to modernize their system. 
That probably is the main component that really I will struggle 
with in order to be able to get a full-scope audit done. So I 
am going to be able to get my qualified opinion on the balance 
sheet without the system, without us modernizing their current 
system. I would not be able to do that for the full-scope audit 
with the Coast Guard.
    In addition, you have FEMA that also has functionality as 
well as system security issues that must be addressed. This is 
also a critical business need.
    And then ICE, which is the accounting service provider for 
five other DHS components, also is identified as having system 
security and functionality issues. So we will focus in on those 
critical business needs first.
    Mr. Platts. And maybe that addresses my question that I was 
going to ask specifics, because in your testimony you talk 
about the Department's Fifth Annual Internal Controls Playbook, 
and identifying some plans and milestones, areas of focus. And 
you reference in there the Department's most significant 
internal control challenges. Is that coming back to really what 
you just walked through with FEMA, with Coast Guard?
    Ms. Sherry. Absolutely. The being not compliant with the 
FFMIA and with A-127, basically the good tenets to be able to 
say how you should be able to have good data quality. You 
should be able to have complete data. You should be able to 
have timely data to be able to provide to all your 
stakeholders, as well as to the key decisionmakers of the 
Department. A $57 billion agency, you know, we have some 
serious internal control issues. And especially modernizing our 
systems would really be able to move us forward in that area.
    Mr. Platts. That is what this committee, Mr. Towns and I 
working together in the past and again now, is really getting 
the systems in place, where it is day-in and day-out access to 
that information, as opposed to that manual--you know, edits 
that are being done to rectify problems. But that it is a, you 
know, tomorrow if you need information, you know, you can go to 
the system, pull it up, and then make informed decisions.
    Ms. Sherry. Absolutely.
    Mr. Platts. That commitment that you have made to that 
effort is one that we strongly support. You have talked about 
the component CFOs, and you are working with them, and your 
quarterly meetings, and how you try to kind of keep everyone on 
the same page. How is, I will say, the chain of command or the 
line of authority from you to the component CFOs? Do they 
answer directly to you or to their agency head and then to you?
    Ms. Sherry. They answer directly to their agency head. But 
there is the dotted line to the Department CFO. So as I said, I 
have the ability to be able to reach into their performance 
plans. In order to be able to hire into those positions, the 
Department will weigh in. We also weigh in on very critical 
other hires such as your budget director or potentially a PA&E 
director.
    Mr. Platts. That was my specific followup, that hiring 
aspect. So you don't have final say, but you can express an 
opinion on who is in these positions?
    Ms. Sherry. We absolutely can. And I will tell you, I don't 
know that we have ever gone to the limit, to be able to say if 
I had the final say or not. We have always been able to--they 
have always been able to work very cooperatively. And they do 
look to us to be able to provide that input as well.
    Mr. Platts. I asked that--another agency that we work with 
in detail is NASA. And one of the challenges we found there was 
you are the one that is responsible for the Department-wide 
audit and your financial statement; yet in NASA, the center 
CFOs were not very responsive to the agency CFO. It doesn't 
sound like that is an issue here.
    Ms. Sherry. We are very fortunate. What we also do is I 
meet with them more regularly than just quarterly. I also meet 
with them monthly. We have CFO council meetings, where it is 
the entire world that we work with, you know, budget as well as 
program analysis, as well as internal controls. And what we 
also do is we meet with them much more regularly as it relates 
to the critical internal control issues.
    So for instance, I will meet with them as well as their 
senior staff on a monthly basis during the time--once we come 
out with our ICOFR Playbook, once they have signed on to coming 
up with the corrective action plan and what the ultimate 
outcome that they are trying to achieve is, they actually have 
to come in and work with me on a monthly basis and report to me 
on the progress.
    That has gone very well. And we have very little difficulty 
getting the component CFOs and the senior management staff 
really wanting to be able to improve financial management in 
DHS.
    Mr. Platts. It sounds like a pretty across-the-board team 
effort, everyone on the same page.
    Ms. Sherry. Yes, sir.
    Mr. Platts. That is great. I am going to squeeze in one 
other before yielding to my colleagues, who may have other 
questions.
    In talking about the internal controls audit, performance 
audit, is it a fair statement to say that based on your 
experience at DHS, this approach that was legislated in the 
Accountability Act is one that we should at least be 
considering for other departments and agencies, helping them to 
get to that bedrock of good financial management?
    Ms. Sherry. It has worked very well in the Department. It 
really has. And I think many of the other agencies are probably 
more fortunate than I am as far as the number of material 
weaknesses that they have. So hopefully they are able to do 
this through FMFIA, hopefully that they have gotten that in 
there.
    I do think that for the Department, though, it has not only 
been helping us with the internal controls over financial 
reporting, but it has really become the way we do life at DHS. 
The improvements that we have made in complying with the 
Improper Payments Act, it is about internal controls is really 
all it is. It is about identifying what your risk areas are, to 
really identifying the root causes for making improper 
payments, establishing strong corrective action plans, 
monitoring them, and then ultimately doing the right thing such 
as recovering the money that you may have improperly paid. If 
you didn't actually improperly pay something, but it was 
something else, such as lack of supporting documentation, or 
people didn't sign off that made it an improper payment, you 
correct that. You correct that issue. And so for DHS the entire 
framework of the Accountability Act has really worked very well 
for us.
    Mr. Platts. You touched on a specific issue I want to 
followup on, the improper payments. But let me see if, Mr. 
Lankford, did you have any questions?
    Mr. Lankford. You can go to Mr. Towns.
    Mr. Platts. We will go to Mr. Towns and then come back. OK. 
Yield to the gentleman from New York.
    Mr. Towns. Thank you very much, Mr. Chairman. We talked 
about the material weaknesses at the Coast Guard. What are the 
weaknesses?
    Ms. Sherry. They contribute to six of the Department's 
overall material weaknesses. The first talks about financial 
management and reporting. They have a material weakness in 
internal controls and system functionality. They have one, 
actually the only one contributing to our fund balance with 
Treasury material weakness. They have weaknesses in property, 
plant and equipment; actuarial and other liabilities; and then 
in budgetary accounting. Those are the six remaining material 
weaknesses at the Department. And because of the pervasive 
nature of the Coast Guard, they contribute to each of those.
    Mr. Towns. Right. You know, does any of this have anything 
to do with turnover of staff, in terms of not staying?
    Ms. Sherry. At the Coast Guard specifically?
    Mr. Towns. Yeah, Coast Guard and then in general.
    Ms. Sherry. I think you touch on a fantastic point that we 
have really been trying to fix at the Department in the last 
couple of years, and that is really developing core 
competencies. I do know that the Commandant is very interested 
in doing that, developing--making sure that you have those 
right core competencies, and that the rotation, the amount of 
time that you have with people rotating in the Coast Guard is 
the right amount of time so that you can actually develop those 
core competencies.
    So I think it is less overall a problem at the overall 
Department. And frankly, at the Coast Guard it is no longer 
really a problem because what they are doing is they are 
building those core competencies. And what they are doing is 
they are identifying where their skill gaps are, and then what 
you are doing is you are bringing in the right people at the 
right time and putting them in the right job. So we saw that 
both at the Coast Guard just recently, you know, and then we 
also saw that at the TSA just this past year. What they did is 
they really looked at overall skill gaps, and then they brought 
in the right people to be able to address the magnitude of the 
issues that we had.
    Mr. Towns. I was thinking in terms of whether the 
Department has recorded all of its property and plants and 
equipment. How are you doing with that? Because that has been a 
problem.
    Ms. Sherry. And clearly, it is one of our largest assets. 
And the remaining material weaknesses that we have outside of 
the Coast Guard on property, plant and equipment, is at the 
TSA. And the TSA in 2009 actually had what is called a 
disclaimer condition. And really all the disclaimer condition 
means is when the auditors come in and take a look at the 
account balances, they just simply don't have enough evidence 
there. So what they end up saying basically is, I can't tell if 
this balance is any good. The work that the TSA did during 
2008, 2009, allowed them to actually remove that disclaimer 
condition in 2010, which basically meant that the auditors were 
able to satisfy them at the amount that we have recorded on the 
books for TSA property, they were OK with it. They said that it 
was what is called materially correct.
    Having said that, TSA still had some remaining internal 
control weaknesses, and we do expect to remediate that material 
weakness this year at the TSA. And it really starts to become 
very segmented, because through that strong root cause analysis 
that they have done, it starts to become segmented to just a 
couple issues that they are able--such as they may do their 
inventories and they do their reconciliations, and they make 
sure things are recorded correctly.
    But in TSA's case, there were things such as accounting 
issues, such as recording what we call other direct costs. And 
it just becomes a real narrow slice of what they actually 
needed to fix.
    So from a Department-wide perspective, we are fixing what 
we can. Even the Coast Guard has done an awful lot of work at 
property, plant and equipment. And they have done inventories 
throughout the entire Coast Guard of their small boats and 
ships and the different pieces of personal property. And what 
they are doing is building what they call assertion packages 
over property, plant and equipment. The reason why we don't 
have that on our fix-this-year list is because there is still 
real property, which is part of that overall line item, that 
they are still working on.
    So Coast Guard is developing the internal processes in 
order to be able to build those assurances so I will be able to 
get that. Ultimately, I will be able to take that off as 
disclaimer condition as well.
    Mr. Towns. I don't want to put you on the spot, but are 
there any impediments we should deal with from a congressional 
standpoint?
    Ms. Sherry. Can I get back to you on that? At this point I 
can't think of any.
    Mr. Towns. OK. All right. Thank you. I yield back.
    Ms. Sherry. Thank you, sir.
    Mr. Platts. Thank the gentleman. I yield to the gentleman 
from Oklahoma, Mr. Lankford.
    Mr. Lankford. Thank you, Mr. Chairman. Thank you for being 
here.
    Let me just bounce a couple things off. You had on your 
list earlier a statement about system security and 
functionality issues, and listed specifically Coast Guard, 
FEMA, and ICE on that one. Can we talk a little bit about--we 
talked a little bit about Coast Guard. Can we talk a little bit 
about the ICE side of that? What does that mean, to say that we 
are dealing with functionality issues and system security?
    Ms. Sherry. System security means that they have typically 
access controls--the three controls that we talk about when it 
comes to system would be access controls, change management 
controls, and then just in general security controls. So what 
we do is, as the auditors do an audit, they will look through 
whether or not they have strong internal controls around those 
particular areas. When it comes to functionality, it is really 
how well is the system working. So you go beyond just is it a 
secure system.
    And the main reason the auditors will do that is it allows 
them to be able to rely on the transactions that are recorded 
in an accounting system without having to do so much detail 
work, without having to pull really large samples and to test 
them and to do all that. So it is an efficiency thing. But it 
is also clearly internal controls. IT security is clearly a 
very critical thing. You need to be able to make sure that you 
don't have people that have improper access and stuff into your 
system.
    Mr. Lankford. Just clarifying that, so is there a hardware 
issue based on old equipment, software issue based on just not 
up to speed on it, or management, personnel, and process, where 
it is a people issue not handling that?
    Ms. Sherry. I think it is going to be all of it. It 
typically is a combination of those.
    Mr. Lankford. OK.
    Ms. Sherry. And what the Department has is overall guidance 
that each of the components need to follow as it relates to 
systems security. And what they need to do is we set--I don't 
do it, the CIO's office and the chief security officer does 
that. They set those standards, and then the components need to 
meet those. All right. And what it does is, it tells you kind 
of what the best practices are around access controls, you 
know, systems security, and change management.
    In some instances, it is because of legacy systems, and 
they are just old, and it is hard to be able to do it. So as a 
for instance, you know, the length of a password. You know, in 
order to be able to have a good password it should be X number 
of digits in length, and you should be able to have special 
characters, etc. Some of the legacy systems--and so what the 
Department will do is we will come out and we will say that is 
the standard. You need to meet the standard. In some instances, 
if it is a legacy system you are not going to potentially--
maybe you don't have enough digits in order to be able do that. 
So there will be instances like that.
    Other times it is a people thing. For instance, in the 
security manual or internal controls best practices, you should 
have background investigations, for instance, of the people 
that have access to a particular level of data, or have the 
ability to be able to change code, they ought to have a certain 
level of background investigation. So it is the ability of the 
component that they have the ability to be able to do that.
    But typically, there are some impediments there. So what we 
do as part of the audit is we actually work with them on the IT 
piece in particular, where it is a joint meeting with my 
office, it is the IG, and our independent auditor are there. 
The CIO and the chief security officer is there of not just the 
headquarters, but also the components. And what we do is we 
walk through each one of those and make sure that we have 
strong corrective action plans to be able to address them.
    The functionality piece of it is just really outside of 
just the security, even though typically impacted by security, 
would be things such as does the system allow duplicate 
payments? Do you know what I mean? So clearly, it is a 
functional issue. You should be able to build in controls into 
your system such that you can prevent a duplicate payment 
unless you have some sort of a person override, which you know 
you can detect and correct. But if the system is in such--has a 
functionality weakness, it may make a double payment and you 
don't know about it until after the fact. That is the 
distinction between the two.
    Mr. Lankford. Right. So ultimately, at this point we have 
hardware, software, and management issues. We may or may not 
have money that is flowing out of the door that is consistent 
with what we would hope it would be accomplished. And we are 
not able to get a good audit yet. That is coming. Am I picking 
up a trend here?
    Ms. Sherry. No, we have what are called compensating 
controls. All right? And that is the part where it becomes 
inefficient. You know, what the Accountability Act allows you 
to be able do is to identify your root cause. In addition to 
that, the Department has strong risk assessments. So we try to 
be more forward leaning, not waiting until a problem happens. 
But if you identify a particular weakness that you can't 
necessarily build into your system because maybe it is--and I 
will use the Coast Guard as a for instance--because maybe the 
way that their system was modified due to change management 
weaknesses, you are not actually able to, in certain instances, 
actually to get down to an actual transaction level. And 
clearly you can't audit unless can you get to a transaction. 
But we have identified that as the root cause, but instead what 
we put in place are compensating controls, which basically we 
have to do something other than the most effective and 
efficient thing we should do in order to be able to correct for 
that. So we have compensating controls.
    In the case of the duplicate payments, we caught that. Do 
you know what I mean? Because we have--ideally, you want to 
prevent this type of a problem versus detecting the type of a 
problem. And oftentimes that will be what your compensating 
controls end up being.
    So no, I think--we just don't do business as efficiently as 
we could because of integration. You know, we have reliance on 
manual processes and reliance on compensating controls. Just 
the other thing--I am sorry, I get on a roll here--is basically 
the internal controls. The more of those that you have that are 
actually part of the system, the much more efficient the 
overall agency is going to be.
    Mr. Lankford. Right. So it makes it seamless.
    Ms. Sherry. Yes, sir, that is exactly right.
    Mr. Lankford. Thank you. I yield back.
    Mr. Platts. I thank the gentleman. Just a final issue I 
want to touch on on improper payments. And it is recent 
coverage of FEMA and the payment of relief to flood victims and 
other natural disasters. And then the letter in the mail 
saying, Hey, 3 years ago we paid you $20,000, you know, our 
mistake, and you have 30 days to pay it back.
    I guess if you can give me an update. Because I mean this 
is clearly a failure of good internal controls is that money 
was being paid out inappropriately, and according to some of 
the statements in the news coverage of this, where FEMA 
personnel were kind of encouraging the individuals to apply, 
saying, Hey, this is something you are entitled to. You need to 
go after. They get it. They spend it on home repairs, whatever 
it may be, and now 3 years later or more.
    Can you give us an update? Because I know in the article it 
does reference FEMA, you know, in December the Inspector 
General being critical of FEMA for not going after hundreds of 
millions of dollars of improper payments related to Katrina and 
several other disasters, and that FEMA believes it has moved 
from about 14 percent of error rate down to about a 3 percent 
error rate. That is good news.
    I guess my two main points, if you can try to address this: 
One, is that accurate? Have we put in place better controls 
that we are getting down to a smaller and smaller error rate? 
And if so, what were the main changes that resulted in that 
significant change from 14 to 3 percent error rate? And then 
how are we dealing with the real-life impact on these 
individuals who went through pretty trying circumstances, 
through no wrongfulness on their part got compensated, have 
spent that money, and now are being asked to--you know, what 
are we doing to go out of our way to work with these 
individuals, if we are, to recoup anything from them?
    Ms. Sherry. I probably can't address the second part of 
your question, sir, but we could get back to you with a 
response if you would like on it, just because that is not 
necessarily within my actual area.
    Mr. Platts. Please. Yeah.
    [The information referred to follows:]
    [Note.--The information referred to was not provided to the 
committee.]
    Ms. Sherry. But the first part of your question is directly 
in my area. And you are exactly right. We worked very closely 
with FEMA in particular as it relates to--that is improper 
payments right there; that is what we are talking about.
    Mr. Platts. A perfect example.
    Ms. Sherry. What we have done in particular as it relates 
to the individual household payments is worked with them really 
on the front-end process. I mean the idea here is to prevent--
you should be preventing your improper payments. Even though we 
are in compliance with the Improper Payment Act, that is really 
not--I mean, that is exactly what we need to do.
    But what we really want to do is to prevent the improper 
payments in the first place. So what we have done is we have 
worked--we work with all the components, but in particular FEMA 
worked on what we call the front-end processing errors that 
they would have. So what they did is instead of--what they did 
is, they tightened up their controls around, you know, doing--
you know, checking for duplicate people who were applying, you 
know, for two benefits or whatever, making sure that you had 
valid Social Security numbers. You know, things of that nature. 
And for them to have been able to have gone from that 7 percent 
down to the roughly 3 percent error rate, they did that really 
by focusing on some of the those front-end internal controls.
    They are still testing. What they do as part of their 
annual improper payments testing, they test individual 
household payments. In fact, we actually do it quarterly now 
with them. We make sure that we actually do the testing more 
realtime, so that we can make sure that we stay really 
responsive. And what they are finding is just even better 
results. All right?
    So this type of preventive-type controls, you know, rather 
than having to go after people to get money back, you know, 
really trying to prevent that up front. So that is what we are 
doing, working with them, as well as working with them and 
their other high-risk programs working through those same kind 
of things.
    Mr. Platts. I kind of equate it to Mr. Connolly's about 
acquisition personnel and the training up front. They are doing 
it right, rather than trying to correct it after the fact. Same 
here.
    And you may not be able to address this. This really goes 
to the HR side of the training of the personnel. I guess I 
assume that if there is a flood in Mississippi or wherever, 
Iowa, that there is a cadre of FEMA personnel who are well 
trained, and this isn't the first time they are doing it. They 
go out and they know. Is it just in that training was not up to 
snuff that they were having such a higher error rate? Or was it 
because of just the timing of a lot of disasters? And so it 
wasn't a breakdown in training, but a lot of new personnel? You 
may not be able to address that today.
    Ms. Sherry. I can't address that directly. And I can get 
back to you on that. I was not in the Department at that 
particular time.
    Mr. Platts. Right.
    Ms. Sherry. But I did have the opportunity, when I did join 
the Department, to work closely with FEMA to examine what those 
internal control failures were. And what we did is we worked 
with them for several years. In fact, when we had the 
hurricanes for Ike and Gustav, what we did is we actually 
tested those internal controls. And I think it was the IG who 
tested behind them and came back with saying yeah, what you are 
doing as far as tightening these preventive-type controls here 
are working. But I suspect it was probably a combination of 
many of the things, sir, that you talked about. But if you 
would like, we could get back to you on that.
    Mr. Platts. Yeah. If you could followup with the committee.
    [The information referred to follows:]
    [Note.--The information referred to was not provided to the 
committee.]
    Ms. Sherry. Happy to do that.
    Mr. Platts. You know, what is the main thing they did to 
get from perhaps double-digit to now low single-digit error 
rate?
    And then also the other issue, I understand outside of your 
domain, is how they are working where an innocent citizen got a 
payment and--because I understand that there is, you know, the 
citizen can petition for it to be forgiven, or a payment plan. 
I guess what I would like to know is how customer-oriented are 
we? Because if it is a citizen who has done nothing wrong, to 
get a letter saying--even the initial letter saying, Hey, you 
owe this money and we would like it in 30 days. If it was our 
fault, I hope that letter is also laying out we would like 30 
days, we understand this might create a financial hardship, so 
please contact us and we will work with you for repayment. I 
hope we are doing that up front, versus kind of a, you know, a 
letter saying, Hey, pay up, and then after the fact we come 
back.
    Ms. Sherry. We will look at that, sir. Absolutely.
    Mr. Platts. If you could followup with the committee, that 
would be great.
    [The information referred to follows:]
    [Note.--The information referred to was not provided to the 
committee.]
    Mr. Platts. If no other questions, I just want to thank you 
for your testimony here today, but most importantly for your 
work, day in and day out. And, really, you get your arms around 
a very important assignment. Because the more efficient and 
well managed the Department is, the more effective it is going 
to be in serving our Nation in a lot of critically important 
missions.
    Also thank your staff there with you as well, who work day 
in and day out with you at the Department. We certainly want to 
be a partner for you.
    And it kind of goes to Mr. Towns, I think his last 
question, if you do have something to put on our list that we 
can do to better assist, because that is what we want to do, we 
want to partner with you, assist in any way we can, if there is 
something legislatively that you need, we stand ready to work 
with you and your colleagues to try to make that happen, to 
allow you to be as effective as possible.
    Ms. Sherry. Thank you, sir. I appreciate the opportunity to 
be here today. Thank you.
    Mr. Platts. You are welcome. And we will keep the record 
open for 2 weeks for any additional information. Otherwise, 
this hearing stands adjourned.
    [Whereupon, at 12:43 p.m., the subcommittee was adjourned.]
    [The prepared statement of Hon. Elijah E. Cummings 
follows:]