PROBLEMS HINDERED UPGRADE PROGRAM IMPLEMENTATION
A number of problems hindered GSA's implementation of the security upgrade program. First, GSA officials told us that they believed it was incumbent on GSA to implement as soon as possible security upgrades in as many buildings as possible after the Oklahoma City bombing incident. However, they said they were faced with both limited time and staff to help plan and implement the program, so mistakes were made. Second, GSA faced program funding source uncertainties throughout the upgrade program. Third, many of the initial decisions made about the need for upgrades had to be reevaluated, changed, or cancelled. Finally, many of the initial cost estimates for completing the upgrades proved to be unrealistic. Because of these problems, program implementation was slowed; GSA was unable to meet program goals; and it now estimates that additional funds will be needed in fiscal year 1998 to complete upgrades approved through September 26, 1997. In addition, GSA had not established specific program effectiveness goals, outcomes, or measures, nor had it specified in its performance plan how it intended to verify performance data. Thus, GSA does not know whether or to what extent federal office buildings' vulnerability to acts of terrorism and other forms of violence has been reduced.
GSA'S URGENCY TO IMPLEMENT THE PROGRAM
FPS regional and headquarters staff told us that the time frames imposed on them for completing building assessments and cost estimates for security upgrades by the DOJ report created a difficult environment for GSA. Thousands of building security committees had to be organized and assisted in determining security upgrade needs fairly quickly. As a result, the quality of these initial efforts may have suffered. Further, with the first anniversary of the Oklahoma bombing rapidly approaching, GSA wanted to place as much added security as was possible into its buildings by the April 19, 1996, anniversary date because of concerns about further bombings or other acts of violence that might occur.
At the time of the Oklahoma City bombing incident in April 1995, GSA was in the process of streamlining its operations and downsizing its headquarters and regional staff, including those of FPS--GSA's arm responsible for managing its nationwide physical security and law enforcement programs. GSA reduced its full-time equivalent employees from about 20,200 in fiscal year 1993 to about 14,400 at the end of fiscal year 1997. FPS was responsible for coordinating and implementing GSA's building security upgrade program, and as of July 31, 1995, FPS employed 972 regional staff, including a force of 376 uniformed Federal Protective Police Officers, 199 physical security specialists, 66 criminal investigators, 331 other staff, and a number of contract security guards. In March 1996, PBS documents showed that it planned to hire 150 more police officers as the result of a study that showed that PBS needed 508 additional regional staff--347 police officers, 26 physical security specialists, 26 criminal investigators, and 109 other staff--to support the enhanced security levels stemming from its implementation of the security upgrades recommended by the DOJ report.
From the beginning of the upgrade program, according to FPS staff and a member of the DOJ report task force from the U.S. Marshals Service, there was little time available to develop the desired level of implementation guidance and training for FPS staff and the thousands of BSCs. Further, FPS staff said that the ratio of GSA-operated buildings to FPS physical security specialists added to the difficulties. For example, in one GSA region, we were told that the region had responsibility for about 1,000 buildings but had only 15 FPS physical security specialists available to assist BSCs with the building risk assessments. Nationwide, a total of about 200 FPS physical security specialists were responsible for assisting in the assessment of over 8,000 GSA-operated buildings.
An FPS official told us that in this challenging environment--deadlines, staff reductions, and significant levels of effort required by many players--it was not surprising that program implementation mistakes occurred. However, the FPS official believed that GSA has taken great strides in significantly improving the level of security in its buildings.
PROGRAM FUNDING UNCERTAINTIES
According to GSA officials, uncertainties over where funds could be obtained to purchase and operate security upgrades have hindered program implementation. In addition, concerns about the availability of funds for the program contributed to FPS's decisions to delay approval of some types of more costly upgrades requested by BSCs and to place those requests into a "pending" status. Some of these pending requests were subsequently cancelled and voided or removed from the building security upgrade program by FPS because of funding uncertainties. Further, GSA and OMB have not yet reached agreement on how best to fund all the costs of the security program in the future.
Initial Program Funding Shifted From Other Programs
By February 1996, GSA had received requests for security upgrades from thousands of BSCs. Although GSA had established the implementation of the building security upgrade program as one of its top priorities, GSA faced the challenge of identifying and obtaining funds for acquiring and operating the security upgrades during a period when overall federal budget constraints and uncertainties existed. No funds were included in GSA's fiscal year 1996 budget for maintaining security at the enhanced levels that began immediately after the bombing in Oklahoma City, or for funding the security upgrades requested by the BSCs. Further, GSA was experiencing a shortfall in the Federal Buildings Fund (FBF) because of an overestimation of rental revenue from federal agencies due to several reasons.
According to GSA officials, delays in congressional approval of many federal agencies' fiscal year 1996 appropriations were occurring and adding to the uncertainties of how the upgrades were to be funded. Without knowing the available funding that could be expected from the FBF and/or customer federal agencies, GSA officials said that it had to proceed with what information was available in making program decisions, setting program priorities, and working to complete upgrades, while recognizing that planning and implementation adjustments would be necessary.
On February 29, 1996, the GSA Administrator asked tenant agencies to help fund the security upgrade program. He stated that within its own funding constraints, GSA had been paying for certain security enhancements, primarily additional contract guard services, for the past 9 months. He asked the tenant agencies to reimburse GSA about $84 million for these cost in fiscal year 1996. He further stated that he would commit GSA to provide $79.5 million from the FBF to pay for the acquisition costs of security upgrades in fiscal year 1996.
According to GSA staff, shortly thereafter, GSA received indications that many tenant agencies would be unable to pay their share of the security upgrade costs in fiscal year 1996. At about this same time, GSA requested congressional authority to reprogram $119.8 million in fiscal year 1996 FBF funds from other planned building activities and to use these funds for the security program: (1) $40 million from GSA's installation acquisitions payment activity and (2) $79.8 million from the building repairs and alterations program consisting of $13.5 million from the Internal Revenue Service Center modernization project, Holtsville (Brookhaven), New York; $49.3 million from the chlorofluorocarbons replacement program; $12.6 million from the energy reduction program; and $4.4 million from the basic building repairs and alterations program. In April 1996, GSA received congressional approval from the cognizant House and Senate Appropriations Subcommittees to reprogram the $119.8 million in funds previously made available for other FBF programs.
According to GSA, in its fiscal year 1997 appropriation, Congress directed GSA to spend about $240 million from the FBF for the building security upgrade program--$175 million for the operations costs of security upgrades and $65 million for the capital costs of security upgrades. However, because of GSA's overestimation of FBF revenues, GSA made available only about $130 million of the $175 million from the buildings operations program for security operations. Thus, in fiscal year 1997, a total of about $195 million was made available from the FBF for the security program.
According to GSA, for fiscal year 1998, Congress appropriated about $130 million for the operations costs of security upgrades but GSA did not request nor receive from Congress any additional capital funds for the building security upgrade program. However, because additional security upgrade requests were received from BSCs in the last half of fiscal year 1997, and because additional funds were needed to complete previously approved upgrades, GSA determined in October 1997 that it could need an additional $7.8 million in fiscal year 1998 to complete upgrades approved as of September 26, 1997. GSA planned to obtain these additional capital funds through a reprogramming of funds from other fiscal year 1998 FBF accounts.
Some Upgrades Delayed Due to Lack of Funding
Also, because of funding uncertainties, in early 1996 FPS placed into a "pending" status upgrade requests involving relatively expensive items, such as the purchase of parking areas adjacent to GSA buildings and fire suppression and fire detection systems. The DOJ report had included these security measures in its recommended standards for some buildings. Later in 1996, FPS advised its regions that upgrade requests for these items were to be voided. FPS decided that security measures, such as fire suppression and fire detection systems, would be considered separate and apart from the building security upgrade program.
Funding Source for Future Security Program Costs Uncertain
As recommended by the DOJ report, GSA has been working with OMB to increase future FBF revenues to more closely approximate its expenditures for the GSA security program at its upgraded level. However, GSA and OMB have not yet reached complete agreement on how and when to increase the rent that GSA charges tenant federal agencies so that rental revenues will be sufficient to pay for the costs of GSA's building security program.
Rent that GSA charges federal agencies for space and services it furnishes is set by the GSA Administrator, who is authorized by law to charge agencies for furnished services, space, quarters, maintenance, repair, or other facilities. The law states that the rates and charges shall approximate commercial charges for comparable space and services. The law does not require that GSA's rental charges be based on its actual costs of providing the space and services, which include security. Thus, GSA's rental charges are based primarily on GSA's periodic market price appraisals for comparable space, not on GSA's actual costs to provide the space.
GSA's practice when determining the amount of rent to charge federal agencies has been to include a charge for security. This fee consists of two components: (1) the basic service charge of 6 cents per square foot that, coupled with other funds from the FBF, is used for control center operations, criminal investigations, protective services activities, and administration of FPS programs; and (2) a building-specific fee that is used along with other funds from the FBF to pay for commercial equivalent items, such as contract security guard services, and security alarm systems' installation and maintenance. According to GSA, because GSA's expenditures for security have historically exceeded the amount charged to agencies for security, the FBF has absorbed the excess expenditures.
According to GSA, its obligations for security have increased significantly following the Oklahoma City bombing incident, and its security charges billed to tenant agencies have not kept pace. Before the incident, GSA's records show that it obligated about $96 million for security in fiscal year 1994. Following the incident, GSA's records show that it obligated $257 million for security in fiscal year 1997--an increase of nearly 168 percent in 3 years. According to GSA, from fiscal years 1994 through 1997, GSA's obligations for the building security program have exceeded security charges billed to tenant agencies by about $540 million. GSA has projected about $260 million in obligations for fiscal year 1998 and has budgeted about $251 million for fiscal year 1999 for building security. GSA projects that its obligations for security will exceed security related revenue by about $228 million in fiscal year 1998 and by about $112 million in fiscal year 1999.
The DOJ report recommended that GSA consider increasing rents to cover the added costs of upgrading security. GSA is required to obtain OMB approval for the rent it charges federal agencies. GSA and OMB officials said they were not in a position to increase rents in fiscal years 1996 and 1997 to help pay for increased costs of security because agencies need to know their rent costs at least 2 years in advance to provide sufficient time for annual budget development and approval. GSA requested an increase in rents for fiscal years 1998 and 1999 as part of a comprehensive effort to redesign its system for determining rent charges and fees for services such as security.
As a pilot project, OMB approved part of the requested rent increase--an increase in building-specific fees to recover the cost associated with security operations for new lease agreements made in 1998, and for all leases beginning in fiscal year 1999. OMB also allowed GSA to increase its basic service charge for security from 6 cents to 16 cents per square foot for new lease agreements made in 1998 and 1999.
According to GSA and OMB officials, OMB did not allow GSA to increase the basic service charges for existing leases for fiscal years 1998 and 1999 because a comprehensive rent reform proposal was under development by GSA. These officials expect to complete this action by the end of fiscal year 1998. Also, they are continuing to discuss how agencies' rent charges will reflect GSA's costs for security in fiscal year 2000 and beyond.
Decisions about funding GSA's security program are complex and involve tradeoffs among competing needs and funding sources. These decisions are important for both federal agencies and the FBF. There are a number of options for addressing the security funding issue. These include allowing the FBF to continue to fund the excess security costs, decreasing expenditures for security, or increasing revenues by either raising security charges or obtaining additional direct appropriations to cover the shortfall. The option or options selected could affect the government's investment in the existing inventory of federal buildings as well as GSA's ability to meet the government's future space needs.
INITIAL UPGRADE DECISIONS REEVALUATED, MODIFIED, OR VOIDED
Another problem affecting the implementation of the security upgrade program was the need to reevaluate the initial decisions about building security upgrade needs. According to GSA officials, many of these decisions were changed, or even cancelled and voided, for a number of reasons. Because of these changes, it was more difficult for GSA to order priorities, allocate funds, and set realistic completion schedules and goals; delays and inefficiencies in the program resulted. Also, these changes created challenges for GSA in maintaining the reliability of the tracking system, and in some cases, the system was not updated to reflect the changes.
Security upgrade decisions often had to be reevaluated, changed, or voided because of several building-unique issues that surfaced after GSA's initial efforts to identify building security upgrade needs. For example, many GSA-owned and -operated buildings are considered "historic." For some of these buildings, issues raised by historical societies about the effects of installing certain security upgrades had to be addressed by GSA. In one region we visited, GSA had to find an alternative method for mounting surveillance cameras for monitoring a building's outside perimeter because of concerns raised by the historical society about the adverse effects of mounting the cameras on the building. GSA decided to attached the cameras to poles near the building instead of to the building itself. This alternative method for utilizing the cameras to upgrade security required additional design work, time, and cost for GSA.
There were other instances in which building owners and/or nongovernment tenants in GSA-leased buildings expressed concerns or objections to approved security upgrades, such as the use of magnetometers to screen people entering the building. Some approved and some completed upgrades subsequently had to be cancelled. During our building site visits, both we and the GSA OIG staff found examples of approved, and sometimes completed, upgrades that were voided because of subsequent reevaluations.
Another example involves the Social Security Administration (SSA). During 1996 and 1997, SSA officials expressed concerns to GSA that it did not need certain security upgrades that GSA was placing in some SSA-occupied buildings. SSA believed that some of the upgrades, mainly metal detectors and security guards, were not necessary, particularly at some SSA store-front locations that deal with the public. In addition, SSA expressed concern about how these security measures would be funded. SSA believed that some security upgrades were requested and implemented without sound criteria. GSA stated that the upgrades were approved only after being requested by each building's BSC. SSA, however, said that the BSCs sometimes requested upgrades without sound security knowledge and the presence and oversight of a GSA physical security specialist. After negotiating with SSA, GSA removed upgrades from some SSA locations and agreed to assess the need for upgrades at other locations.
In still other instances, security upgrades requested and/or approved required extensive discussion, coordination, and/or approvals from local municipalities prior to completion. Examples of security upgrades involving these situations included perimeter barriers, such as planters and concrete bollards, that were to be placed on sidewalks or curbs owned by cities or other municipalities, or where city-owned parking meters along the streets around the GSA-operated building were to be eliminated.
Changes to approved security upgrades were also necessitated when one or more federal agency tenants moved out of or into a building, thus changing the security needs of the building. Also, as GSA acquired new space in buildings not previously assessed, the related security needs had to be assessed and addressed. Further, FPS staff also told us that some BSCs that initially did not request security upgrades later reconsidered and requested upgrades for their buildings. We noted in the upgrade tracking system a number of requests for upgrades initiated between April 1 and December 30, 1997. During this period, over 800 new approved requests for upgrades, totaling about $20 million in estimated capital costs and $11 million in estimated annual operating costs, were recorded in the upgrade tracking system.
The extent to which these upgrade program changes have occurred is reflected by the changes in the number of buildings with approved upgrades, the number of approved upgrades, the number of completed upgrades, and the number of cancelled upgrades as reflected by the upgrade tracking system. According to the tracking system, the number of buildings and the number of approved security upgrades decreased between March 25, 1996, and December 30, 1997--from 2,789 total buildings with 8,577 approved upgrades to 2,564 buildings with 7,885 approved upgrades. Also, the number of completed upgrades and the number of voided upgrades reported increased from 6,194 to 6,841, and from 3,373 to 3,652, respectively, between August 29, 1997, and December 30, 1997.
UPGRADE COST ESTIMATES NOT RELIABLE
FPS's security upgrade tracking system did not provide upgrade program managers with reliable cost estimates for completing and operating security upgrades because initial cost estimates shown in the system often did not reflect building-specific installation requirements or other factors affecting cost. Although GSA regional staff developed more accurate cost estimates as upgrades were completed, the upgrade tracking system was not designed to readily add revised cost estimates to the individual upgrade records. As a result, upgrade cost estimates in the tracking system varied significantly with the actual obligations recorded in the accounting system, thus lessening the tracking system's effectiveness as a management tool for GSA and BSC program decisionmakers. Without readily available and more accurate cost estimates, BSC and GSA decisionmakers were not in a good position to judge the cost/benefit of various upgrade options nor to determine reliable estimates of funds needed to implement and operate the security upgrades.
According to GSA, the DOJ report contained general cost estimating guidelines for certain recommended security upgrades for BSC's and FPS security specialists' use when estimating the costs of needed building security upgrades. FPS recorded the BSC upgrade requests and associated cost estimates in the upgrade tracking system. GSA regional staff developed more accurate cost estimates after the requests were approved, often after further engineering and design work and consideration of building-specific conditions. Although regional GSA building and contracting staff could have been aware of the revised estimates, FPS did not provide a means for readily including the more accurate cost estimates in the upgrade tracking system. FPS regional staff told us that updated estimates could have been shown in the tracking system by voiding the existing upgrade record and then creating a new upgrade record with the revised cost estimate, but this alternative was not often employed.
In August 1997, FPS headquarters staff identified in the tracking system 98 buildings for which the estimated cost of the upgrades varied significantly from the actual obligations incurred. They found that the estimated capital costs of these upgrades totaled about $10.4 million compared to $29 million in obligations recorded in the accounting system for these upgrades--a difference of $18.6 million, or 179 percent.
From information we obtained from FPS headquarters, we found that for most of the buildings (57 of 98 with differences of $9.7 million), the estimated costs were lower than the actual obligations incurred for completing the upgrades because the estimates made by the BSC were too low. For example, for seven of these buildings, FPS regional explanations to headquarters indicated that additional costs of $2.3 million were obligated to complete the upgrades because of unexpected problems: for six historic buildings additional costs had to be incurred, including three buildings where closed circuit television cameras had to be mounted on poles rather than attached to the buildings ($1.1 million in additional costs); and for one building, while installing barriers around the building, old fuel oil tanks were discovered and had to be removed ($1.2 million in additional costs).
Our further analysis of FPS data obtained from the tracking system and accounting system in September 1997 showed that the estimated costs of upgrades approved for 551 buildings in 11 GSA regions varied significantly, both up and down, from the actual costs obligated to complete the upgrades. For 348 buildings, the cost estimate of the upgrades totaled $18.2 million more than the actual costs obligated; for 202 buildings, the estimated costs were $14.3 million less that the actual costs obligated; and for 1 building, the estimated costs equaled the actual costs obligated.
PROGRAM IMPLEMENTATION GOALS NOT MET
The DOJ report called for GSA to complete security assessments and upgrade cost estimates by October 15, 1995, for its high-risk (level-IV) buildings, and by February 1, 1996, for the remaining lower risk buildings (level I - III). Although the DOJ report didn't specify goals for GSA's completion of the security upgrades, GSA established and subsequently revised goals for completing upgrades in level IV and lower level buildings several times over the last 2 years. However, GSA did not fully meet the goals for completing security assessments called for in the DOJ report, nor did it meet goals it established for the completion of the security upgrades.
In November 1995, GSA indicated that it had met the goals established by the DOJ report for evaluating the security needs and estimating the costs of upgrades for all level IV buildings. GSA told the Senate Subcommittee on Transportation and Infrastructure that, in accordance with the DOJ report's recommendation and the President's directive, it had established 429 level-IV building security committees and had received over 2,500 upgrade requests from these committees. Also, later that same month, GSA told OMB that $222.6 million would be needed in fiscal years 1996 and 1997 to pay for the upgrades in these 429 buildings. However, we believe that GSA did not fully meet either goal specified in the DOJ report because (1) security evaluations and requests for upgrades were not made for some level-IV buildings until after November 1995, and (2) in October 1997, much later than the target dates of October 15, 1995, and February 1, 1996, we found indications that not all of GSA's buildings, including some level-IV buildings, had been evaluated for upgrade needs after November 1995.
GSA reported to us that by March 1996 the number of level-IV buildings had increased to over 700. GSA stated that the increase was partly because DOJ requested GSA to reclassify certain buildings containing court-related tenants from lower levels to level IV, and partly because additional level-IV building security committees conducted building evaluations and provided GSA with upgrade requests after November 1995.
Concerning GSA's internal goals, GSA initially established a goal to have all security upgrades completed for level-IV buildings by September 30, 1996, but GSA didn't meet this goal. Subsequently, GSA established a new goal to have upgrades completed in all buildings by September 30, 1997; this goal was not met either, and now GSA's goal is September 30, 1998, for completing all upgrades approved as of September 26, 1997. GSA's tracking system indicated that GSA had completed about 85 percent of the approved upgrades for all building levels by October 3, 1997, and reached the 90-percent mark by March 31, 1998.
PROGRAM EFFECTIVENESS GOALS AND MEASURES
GSA has not established several key program evaluation mechanisms for its building security program that could assist it in determining how effective its security program has been in reducing or mitigating building security risks or in shaping new security program initiatives. These features are (1) specific goals, outcomes, and performance indicators for the security program, such as reducing the number of thefts or unauthorized entries; (2) establishing and implementing systematic security program evaluations that would provide feedback on how well the security program is achieving its objectives and contributing to GSA's strategic goals; and (3) ensuring that a reliable performance data information system is place.
GSA has established goals and measures for its security program both apart from and in connection with the Government Performance and Results Act of 1993 (the Results Act). However, these goals and measures are output or activity oriented. They do not address the outcomes, or results, expected to be achieved by the security upgrade program as envisioned by the Results Act and encouraged by OMB.
As required by the Results Act, GSA prepared a strategic plan dated September 30, 1997, for fiscal years 1998 through 2002, and also prepared an annual performance plan for fiscal year 1999. GSA's building security program is specifically addressed in both the strategic plan and the annual performance plan. In its strategic plan, under "Goal #4: Anticipate Future Workforce Needs," GSA identified the objective: "Ensure that all Federal buildings in the GSA inventory meet the highest Federal standards in terms of accessibility, energy consumption, security, systems, technology and maintenance." In its description of this objective, GSA's strategic plan states that
"In the wake of the Oklahoma City bombing, GSA has bolstered all of its security systems. To ensure that we have the highest levels of security in place, we are implementing all the security measures recommended in the Justice Department's Vulnerability Assessment of Federal Facilities."
In its first annual performance plan under the Results Act for fiscal year 1999, dated March 5, 1998, GSA identified the following two performance goals: (1) implement all security measures recommended in the Department of Justice's Vulnerability Assessment of Federal Facilities, and (2) provide for the safety of workers and visitors in GSA space. Further, GSA identified as performance indicators the percentage of security countermeasures completed in levels I-III and level-IV buildings. This indicator serves as a measure of the program's output, but no indicators were identified that would enable measurement of program outcomes, particularly relating to GSA's second performance goal for the security program. Indicators based on such security incidents as the number of building break-ins, reductions in the number of thefts, and the number of weapons and other prohibited items detected on persons and in packages are some examples that might be considered in setting performance outcome goals and indicators.
Under the Results Act, GSA is required to include in its strategic plan a schedule of evaluations to be done during the period covered by its plan. GSA did not include such a schedule or otherwise identify evaluations to be done in its strategic plan. We believe that scheduling and carrying out continuous security program evaluations would provide GSA managers with data to assess the effectiveness of the security program, and would facilitate GSA strategic planning and goal setting under the Results Act for its security program. In addition, at the time of the Oklahoma federal building bombing in April 1995, GSA's building security inspection and risk assessment program required regional physical security specialists to periodically inspect security at GSA-operated buildings, complete building risk assessments based on established criteria, and recommend security improvements. According to an FPS official, this inspection program was curtailed after July 1995 so that the regional physical security specialists could focus on assisting the BSCs in determining building security needs based on the DOJ report's recommended minimum security standards.
After the Oklahoma bombing incident, an October 1995 internal "lessons learned" report made 30 recommendations for improving aspects of GSA's building security operations, including a recommendation that GSA conduct a comprehensive review of its current risk assessment methodology to ensure that a wider range of risks were addressed with increased emphasis on acts of mass violence. Specifically, the recommendation was that GSA's current risk assessment methodology, which addressed the safety of federal workers from theft and assault, be revised to one that addresses acts of terrorism and other violence. The principal conclusion of the report was that GSA's security and law enforcement processes currently in place did not adequately address the threat environment.
In a November 25, 1997, progress report that FPS sent to the PBS Commissioner, FPS reported that actions on 20 of the 30 "lessons learned" recommendations had been completed. However, action had not yet been completed to review and modify its risk assessment methodology. Although the November 1997 progress report stated that FPS planned to complete actions on this recommendation by the 4th quarter of fiscal year 1998, we believe that this is a very significant recommendation that should be completed as soon as possible. The recommendations completed by FPS related to security program aspects such as contingency planning for emergencies and disasters involving criminal activities and acts of mass violence, as well as intelligence sharing between agencies with security-related missions. Completion of revisions recommended in its building risk assessment methodology and the resumption of FPS's periodic building inspection and risk assessment program would provide updated evaluations on a building-by-building basis of how well security measures have operated and whether they continue to be appropriate for future threats that may arise. Further, these evaluations could form the basis for overall evaluations of the building security program and provide data for GSA's annual performance measurement and evaluations under the Results Act.
DATA VERIFICATION AND VALIDITY
The Results Act requires GSA to describe in its annual performance plans the means to be used to verify and validate the performance measures it intends to use to determine whether it met its performance goals. GSA's 1999 annual performance plan contains a general description of how it intends to verify performance data, including audits of its financial records and systems and high-level quarterly meetings to review financial and programmatic results. However, GSA's description does not identify specific controls to be used to verify and validate performance data on an ongoing basis. Such controls could include periodic data reliability tests, computer edit controls, and supervisory reviews of data. The significant problems we and GSA's OIG have identified with GSA's data on its progress in, and costs associated with, implementing the security upgrade program, suggest that a more detailed discussion of the specific means GSA intends to use to verify and validate security program data in GSA's Year 2000 performance plan would be helpful.
The accuracy of the data in GSA's tracking system is particularly important because Executive Order 12977, dated October 19, 1995, requires GSA to coordinate efforts to establish a governmentwide database of security measures in place at all federal facilities. Further, an accurate reflection of the status of the security upgrade program and its cost will provide GSA, OMB, and Congress with important information needed for determining how much money has been spent on the program and how best to fund the costs of upgrades still needed.