Before the Senate Committee on Homeland Security and Government Affairs

Statement of Dr. James Jay Carafano

Senior Research Fellow

The Heritage Foundation

Before the Senate Committee on Homeland Security and Government Affairs

Chairwoman Collins and other distinguished Members of the committee, I am honored to testify before the Committee today.[1] Thank you for the opportunity to discuss the conclusions of the task force chaired by myself, on behalf of The Heritage Foundation, and David Heyman of The Center for Strategic and International Studies. The task force's report, DHS 2.0: Rethinking the Department of Homeland Security,[2] evaluated the department's capacity to fulfill its mandate as set out in the Homeland Security Act of 2002.

My comments today are an abbreviated version of my written testimony, which I hope will be included in the record. Today, I will focus on the key management and organizational challenges raised by the task force. I will address: 1) the report and how its recommendations were developed, 2) leadership principles that could be used to guide implementation of the report's recommendations and specific examples where they could be applied, and 3) next steps for the department and Congress.

The findings and recommendations of the task force can be found on The Heritage Foundation's web site at www.heritage.org/Research/HomelandDefense/sr02.cfm. The report includes a bibliography of the documents we found most useful in our research.

Why This Report? Why Now?

Before I discuss the report, I would like to share with the Committee our rationale for undertaking this study and why the task force feels it is imperative that issues concerning the management and organization of the Homeland Security Department receive prompt attention from Congress and the department's new leadership.

We have learned a lot since 9/11. Americans have had ample time to dwell on the challenges of protecting the nation against foreign threats in the 21st century and to review the efficacy of our response to these dangers. It is time to rethink the place of the Department of Homeland Security in this effort.

The Task Force began by assessing the effectiveness of the department. On November 25, 2002, the Homeland Security Act of 2002 transferred over 22 federal entities, some intact and some in part, and 180,000 employees into a single department-the Department of Homeland Security (DHS). A requirement to revisit the organization and management of the department should have been axiomatic. Complex mergers are bound to encounter resistance, unanticipated problems, and obstacles that can't be overcome without decisive intervention by the organization's leadership. Identifying these challenges and addressing them must be a priority.

Nor is it prudent to wait much longer to address management and organizational challenges. Experience reminds us that it takes only a few years for bureaucracies to become entrenched and virtually impossible to change. The creation of the Department of Defense is a case in point. In the debates over the 1947 National Security Act, and again, as President, Dwight Eisenhower lobbied for reorganizing the Pentagon to ensure that Army, Navy, Marine, and Air Force assets would work closely together. He failed to overcome the political opposition and the service parochialisms that blocked reforms. As a result, fundamental problems in joint operations went unaddressed until 1986 with the passage of the Goldwater-Nichols Act.[3] The lesson is clear. Fix it at the beginning or live with the mistakes for a long time.

What We Did

A task force with members from academia, research centers, the private sector, and Congressional staff from both sides of the aisle and chaired by homeland security experts at The Heritage Foundation and The Center for Strategic and International Studies examined the effectiveness of the new department in four areas: management, roles and missions, authorities, and resources.

Based on this analysis, conducted through seminars, an extensive literature search, and interviews, the task force developed 40 major recommendations for improving the oversight, organization, and operation of DHS. We believe that, taken together, this report makes the case for a significant reorganization of the department to empower the Secretary, and creates a more effective and efficient instrument for preventing and responding to terrorist threats.

The report is divided into four sections. Each one presents the conclusions of the task force. The sections address how well DHS is fulfilling its mandate as defined by the Homeland Security Act. The four areas are:

Management. Considers the organization and functions of the DHS secretariat and its capacity to integrate and effectively direct departmental activities and to provide a coherent vision for the future.

Roles and Missions. Presents findings and recommendations concerning the organization and conduct of operations for the department's most critical security tasks.

Authorities. Addresses the adequacy of the legal authorities and policies governing significant department activities.

Resources. Looks at limitations in the department's ability to efficiently and effectively allocate resources to respond to critical missions.

Each section consists of findings and recommendations agreed upon by the task force. The findings represent what we believe to be significant statements of fact that are affecting the department's performance. Recommendations are measures that the task force proposes be undertaken by the Administration and Congress to improve the organization and operation of the department. Major recommendations in the report include:

• Strengthening the Secretary of Homeland Security's policymaking function by creating an Undersecre­tary for Policy.
• Empowering the secretary by establishing a "flatter" organizational structure through: (1) consolidating and strengthening agencies with overlapping missions; (2) eliminating middle-management (director­ate) layers over border and transportation security, preparedness and response, and information analysis and infrastructure protection; and (3) having the agencies report directly to the secretary via the Deputy Secretary of Homeland Security.
• Rationalizing government spending by establishing a risk-based mechanism for department-wide resource allocation and grantmaking and by developing pre-determined "response packages" to respond to catastrophic terrorism.
• Clarifying authorities and national leadership roles for bio-defense, cyberdefense, and critical infrastructure protection.
• Improving departmental oversight by rationalizing congressional committee structure and establishing permanent oversight committees in the House of Representatives and the Senate.

What We Learned

In retrospect, there are three principles that could guide implementing the report's recommendations. They are:

• Make reorganizing the management of the department a first priority;
• Develop a future vision of the department to guide further reorganization; and
• Divide department activities between operational responsibilities and support functions under different chains of command.

I will now discuss each of these in turn and use a specific challenge now facing the department and recommendations from our report to illustrate how the principles could be applied.

Focus on Management First

It is interesting to note that, in concert with the DHS 2.0 report, the DHS Inspector General (IG) identified management as a significant issue. "Integrating its many separate components into a single, effective, efficient, and economical department," the IG wrote, "remains one of DHS' biggest challenges."[4] As the IG report points out, the department lacks "horsepower" within the secretariat to set policies and programs department-wide. Critical support personnel are distributed throughout the department and not accountable to the chief officers (such as the Chief Information Officer) who are responsible for integrating and coordinating departmental functions. Nor do the chiefs have sufficient staff and resources.

The weaknesses in DHS management are critical because they cut against the core rationale for passing the Homeland Security Act of 2002-gaining the synergy of having most of the key federal agencies with homeland security responsibilities grouped in one department.

DHS attempts to "work around" these management challenges by relying on a concept called "dual accountability," where agency staff are asked to report both to the heads of their agencies and chief officers in the secretariat.[5]Dual accountability can be a successful management process in mature organizations with well-established procedures, strong organizational cultures, and clear roles and missions. DHS lacks these kinds of formal institutions. DHS requires a cleaner management structure based on a chief-operating officer model and supported by staff organized and empowered to integrate activities department-wide.

The Problem of Policy

For example, improving the department's capacity to develop integrated policies is one area where there is a substantial need for better management .The DHS Secretary currently lacks a policy apparatus, from which to lead the development of proactive, strategic homeland security policy-let alone to anything beyond "managing by the inbox," and responding to the crises of the day. DHS also currently lacks a high-level policy officer with staff, authority, and gravitas to articulate and enforce policy guidance throughout and across the department. DHS needs a more substantial capability to provide guidance for integrating current efforts.

When DHS was formed from dozens of existing U.S. government agencies and programs, it absorbed several legacy policy analysis units from its component agencies. In addition, the patent need for policy analysis led some DHS components to form their own small policy analysis units. The proliferation of policy centers within DHS has only magnified the challenge of forging coherent guidance.

Nowhere is the need for policy integration more apparent than in international affairs. Until recently, the Office of International Affairs (OIA) and the Department's Deputy Chief of Staff for Policy and-subsequent to her departure-an "Advisor to the Secretary for Policy" conducted parallel international affairs operations. Individuals from both offices called department-wide meetings to discuss international affairs; met with foreign government representatives; recommended scheduling of meetings for the Secretary with foreign officials; traveled internationally; drafted department-level documents for the Secretary's consideration on international issues; assumed the lead for international meetings, conferences, or trips by the Secretary; and participated in interagency meetings that addressed international issues. In most instances, OIA has been unaware of the international activities of individuals assigned to the Office of the Chief of Staff.

Among the international offices in each of the DHS directorates and separate agencies it is not clear where to look for international policy guidance. The Office of International Enforcement established within the Directorate of Border and Transportation Security is a case in point. The office, in conjunction with the Deputy Chief of Staff for Policy vetted options for restructuring the international affairs of the Department, excluding OIA from its deliberations.

Our report recommended establishing a unified policy planning staff, headed by an Under Secretary for Policy who would report directly to the Secretary via the Deputy. The Under Secretary would serve as the Secretary's chief policy official within the Department. The responsibilities of the Undersecretary for Policy should be established by law. The responsibilities for international affairs should be included in the secretariat. They should include:

1. Coordinate DHS policy. The Under Secretary would establish and direct a formal policymaking process for the department and oversee a Policy Making Board;
2. Conduct long-range policy planning. The Under Secretary's staff would conduct long-range strategic planning, including "what-if" scenario-based planning-a task other DHS components invariably neglect as they grapple with daily crises and other pressing short-term demands;
3. Prepare critical strategic documents, such as a strategy for preventing terrorists for entering the United States. The Under Secretary's office would help compose the department's most important documents;
4. Conduct program analysis. The Under Secretary would assist with DHS programming. In particular, his or her analysts would evaluate ongoing and proposed programs (including planned research and development efforts) in terms of overall DHS priorities and resources; and
5. Prepare net assessments. The Under Secretary's planners would conduct periodic net assessments and research specific issues of interest to the Secretary and other DHS leaders that cut across the department's components or for which the leadership desires another opinion.

As part of this reorganization the law should convert the position of the Office of International Affairs Director to an assistant secretary under the Under Secretary for Policy, eliminating the redundancy of roles between the Chief of Staff's office and OIA, and realigning all DHS-wide international policymaking activity under an undersecretary. The law should clearly delineate the key responsibilities of the Assistant Secretary for Policy (International Affairs). They should include: (1) Coordinating policy regarding international activities among the DHS agencies; (2) Coordinating international visits of the secretary related to protocol issues; and (3) Ensuring DHS representation in dealing with international institutions, including the United Nations, NATO, the EU, the International Maritime Organization, and the World Customs Organization. 

Focusing on management first, reorganizing the secretariat so that it could more effectively integrate department-wide activities such as policymaking and international affairs, is a prerequisite for improving the performance of DHS.

Envisioning the Future

One hotly debated issue relates to the division of roles and missions within the department. The creation of DHS was supposed to consolidate agencies with overlapping missions. Since its formation, DHS has made some positive efforts to group the right activities under the right organization. Moving the Office of Air and Maritime Interdiction under Customs and Border Protection (CBP) and shifting the Federal Marshal Service to Immigration and Customs Enforcement (ICE) are cases in point. However, a broader assessment needs to be made across the department.

There is reluctance to undertake such a review based on the argument that the organizations have not yet absorbed all the changes heaped upon them. Such thinking is shortsighted. DHS needs to be constructed not to accommodate the present, but to build toward the ideal organization of the future. Therefore, DHS needs to articulate how it envisions conducting its missions five to ten years from now and let this vision drive the organizational design.

One Face at the Border and Beyond?

How DHS should structure to address border, transportation, and internal customs and immigration enforcement offers a case where there is serious need to "envision the future" and use that vision to drive reorganization. In "consolidating" responsibility for border, immigration, and transportation security, DHS actually increased the number of involved agencies to eight and created more problems that now need solving. In addition, it has failed to clearly delineate the missions of agencies within DHS that also have border, immigration, or transportation security responsibilities.

In particular, the split of responsibilities between Customs and Border Protection and Immigration and Customs Enforcement was done without a compelling reason-other than the vague descriptive notion that CBP would handle "border enforcement," and ICE would handle "interior enforcement." Indeed, in various interviews, not one person has been able to coherently argue why CBP and ICE were created as separate operational agencies.

The proposal in our report would rationalize border security and immigration enforcement by merging CBP and ICE eliminating the Directorate of Border and Transportation Security (BTS). BTS has neither the staff nor infrastructure to integrate the operations of CBP and ICE on a consistent basis-outside the occasional task force, like the Arizona Border Control Initiative. Nor does it have a policy operation with sufficient influence with the Secretary to resolve policy conflict. Merging CBP and ICE will bring together under one roof all of the tools of effective border and immigration enforcement: Inspectors, Border Patrol Agents, Special Agents, Detention and Removal Officers, and Intelligence Analysts-and realize the objective of creating a single border and immigration enforcement agency.

Whether this specific recommendation makes sense or not depends in large part on the department's vision for controlling the border and enforcing immigration laws over the next decade. Once DHS articulates its long-term strategy for how it plans to fulfill its functional responsibilities, it will be prepared to address the need for further consolidation and reorganization. Envisioning the future could be an important tool for determining the most efficient division of roles and missions within the department.

Divide Responsibilities

In reviewing the task force's recommendations, it is apparent that our proposals evolved into an effort to divide functional responsibilities in the department between "operational" agencies (e.g., border control and interior enforcement) and "support" staff and directorates (e.g., planning, policy, and acquisition). This is a sound management principle because it focuses agencies on a critical mission, rather than trying to do everything. The Defense Department explicitly follows this model. Combatant commanders are charged with "running the war." The services are responsible "raising, training, preparing, and sustaining" the force. It is a model that works well because it encourages organizations to focus on their core competencies.

Preparedness, Protection, Response-Drawing the Line

Nowhere is their greater need to rethink how responsibilities are divided than in the missions of protection, preparedness, and response. In practice, protection and preparedness are "support" functions. Response is an "operational" function. Yet, DHS has divided these responsibilities "helter skelter" throughout the department. The ability of the DHS Secretary to lead is hampered by the fragmentation of key responsibilities at least eight entities:

1. The DHS Emergency Preparedness & Response (EP&R) Directorate.This Directorate is primarily the Federal Emergency Management Agency (FEMA), but it also includes within it certain efforts to coordinate with state, local, and private entities on preparing for disasters, including terrorist attacks;
2. The Infrastructure Protection (IP) piece of the DHS Information Analysis and Infrastructure Protection (IAIP) Directorate. The job of IP is to identify critical infrastructure warranting protection, prioritize efforts, and work with state, local, and private entities to secure this infrastructure. Within the IP subdirectorate is the office in charge of cybersecurity;
3. The DHS Office of State and Local Government Coordination and Preparedness (OSLGCP).This entity the product of merging the Office of State and Local Coordination, and the Office of Domestic Preparedness-works with state and local governments on identifying needs, coordinating efforts, and doling out DHS grant money for critical infrastructure protection and preparedness;
4. Transportation Security Administration (TSA);
5. The U.S. Coast Guard.In addition to its operational responsibilities, the Coast Guard is also responsible for protecting seaports through risk assessments, reviewing facility security plans, developing Area Maritime Security Plans, coordinating Area Maritime Security Committees, and facilitating Port Security Grants with the Maritime Administration. The Coast Guard also has Maritime Safety and Security Teams, and Strike Teams, to respond to incidents at the ports;
6. Office of Private Sector Liaison. This office has primarily been an ombudsman for private efforts to influence DHS policy in various areas, but it conceivably could be a forum for working with the private sector on critical infrastructure protection and preparedness for attacks;
7. DHS Science and Technology Directorate Office of WMD Operations and Incident Management (WMDO-IM).This new office, within the S&T Directorate, is intended to provide rapid scientific and technical expertise and decisionmaking in response to WMD attacks and incidents; 
8. Department of Health and Human Services- Assistant Secretary for Public Health Emergency Preparedness, and the Centers for Disease Control (CDC).These agencies outside DHS are central to our ability to prepare for and respond to a bioterrorism attack. 

Meshing operational and support functions in one agency, as is the case in FEMA illustrates the problem. For example, in September the FEMA preparedness office in Emmitsburg, Maryland had planned a conference for all its regional directors. The FEMA response to the hurricanes in Florida required canceling the meeting because preparedness personnel had to be deployed to supplement response personnel. A similar situation occurred after the September 11 attacks: By some accounts FEMA cancelled all preparedness activities for the next six months. Changes in operational tempo should not bring a halt to national preparedness activities. Yet, that is what normally happens in organizations where "here and now requirements" take priority and trump other actions. In such organizations, "peripheral" non-operational activities never receive adequate priority.

The fragmentation of DHS leadership efforts into discrete-and often competing-agencies hampers efficiency. While the task force did not recommend the transfer of agencies from outside DHS given the important interrelationships with their home Departments (e.g., the interrelationship between the Assistant Secretary of HHS for Public Health Emergency Preparedness with broader public health issues), we do advocate-at a minimum-further consolidations within DHS, to unify and focus DHS efforts and enable the Secretary to work effectively with other departments on the critical national priorities of securing critical infrastructure, preparing for terrorist attacks, and responding to them.

The recommendation of the DHS 2.0 report is to consolidate DHS critical infrastructure protection, preparedness, and State/Local/Private coordination efforts under an Undersecretary for Protection and Preparedness. This would consolidate the following agencies: (1) the Infrastructure Protection component of the Information Analysis and Infrastructure Protection Directorate; (2) Office of State and Local Government Coordination and Preparedness (OSLGCP); (3) the non-operational transportation infrastructure protection mission of TSA, (4) the "preparedness" piece of the EP&R Directorate; (5) the private sector preparedness mission of the Office of Private Sector Liaison; and (6) grantmaking authority for the DHS. Consolidating these disparate efforts would provide the DHS Secretary with a stronger platform from which to lead national efforts, determine priorities, identify critical vulnerabilities, work with state/local/private sector entities on securing those vulnerabilities and preparing for attacks, empower them to make grants to help get the job done, and induce cooperation.

Additionally, the task force recommended focusing all DHS "response" missions into FEMA, and strengthening the agency. FEMA should be engaged squarely in its traditional role of planning for the national (not just federal) response to emergencies, including terrorist attacks, and then implementing them where necessary. Likewise, the task force proposed eliminating the EP&R Directorate. Both the proposed Undersecretary for Protection and Preparedness and FEMA should report directly to the secretary via the deputy.

Consolidating operational efforts renders unnecessary the "middle management" directorate layer. Meanwhile grouping support functions under authorities like the Undersecretary for Protection and Preparedness will help consolidate support activities throughout the department. In both cases, efforts to divide responsibilities and establish centers of competency and excellence along functional lines should enhance the effectiveness of DHS.

Where Do We Go From Here

Our report called for the President and Congress to establish a non-partisan commission to review the performance of the department and assess its capacity to fulfill the missions outlined in the Homeland Security Act and report back within six months. Without permanent oversight committees in the Senate and House, we felt Congress would be unable to effectively address the challenge of restructuring DHS. Things have changed. The Task Force applauds the action taken in both chambers to create permanent committees. With Congressional oversight of the department's management now consolidated in appropriate committees, Congress could consider alternative paths for moving forward. One would have Congress move now to legislate key management reforms and establish a routine authorization process and then address rethinking roles and missions, authorities, and resources in a more deliberate manner through a combination of reviews conducted by DHS and an independent panel answering to Congress. This strategy might proceed as follows:

Step #1. Legislate Undersecretaries for Policy and Protection and Preparedness and abolish the Undersecretary for Emergency Preparedness and Response. Establish Chief Operating Officer functions under the Deputy Secretary.

Step #2. Implement an Authorization Process for DHS. An authorization bill for DHS could serve as a critical statutory management tool providing means to exercise stronger oversight of important DHS activities such as key personnel programs, performance of critical missions, major research programs, and information technology investments.

Step# 3. Establish a Requirement for Periodic Reviews. Congress should establish a requirement for DHS to conduct quadrennial reviews to access the department's strategies, force structure, resources, and appreciation of the threat. The Quadrennial Homeland Security Review   (QSR) should be timed to coincide with the mid-point of the presidential term. The first QSR should be specifically tasked to address roles and missions, authorities, and resources.

Step #4. Create a one-time National Homeland Security Panel. In parallel with the first QSR, the Congress should establish a non-partisan National Security Review Panel (NSP). The NSP should be charged with providing an independent assessment of the QSR as well as assessing the efforts of DHS in the context of larger national security programs and strategies.                                                                                  

Conclusion

DHS now faces the same challenges that confronted the Pentagon in 1947. In terms of efficiencies and improved coordination, the simple solution of corralling over 180,000 employees into one agency has been done. What remains is the hard work-implementing human capital, acquisition, and information technology programs; building security systems that match the national strategy; and standing watch every day against terrorist attacks. Oversight of these activities requires an effective management structure within the department and the support and guidance of this committee. Now is the time for action.

Once again, thank you, Chairman Collins, and the rest of the Committee for holding this important hearing and for inviting me to participate. I look forward to answering any question you might have.