FB pixel

DHS is failing in risk management for new biometric ID system — report

 

The U.S. Department of Homeland Security (DHS)

It is hard to imagine an information system — a biometric identity management system, no less — that has been asked to work without a major upgrade for 30 years. But it is not hard to find.

That would be Ident, the automated biometric ID system managed by the U.S. government’s Office of Biometric Identity Management. It is the focus of a new report by the Government Accountability office, which wants to know why Ident has not been retired yet.

The Department of Homeland Security was due to replace Ident with the Homeland Advanced Recognition Technology, or HART, system this year, but it is delayed.

By federal government standards, HART is not too late. The $4.3 billion project, begun in 2016, is now expected to be fully operational by 2024. But still, it is not a good look for a department viewed by many as the final barrier between American lives and those who wish to take them.

The GAO was tasked with accounting for the delay; national security, law enforcement and immigration officials need the data for critical decision-making.

Among the problems identified with development of the biometrics project, GAO analysts found that the DHS CIO was using outdated program-review policy, which likely has resulted in critical departmental IT programs would not know about newer specific process requirements.

And the department has fully implemented four of seven risk-management best practices. Three are partially implemented, and, according to the GAO, there are plans to complete only two of the remaining practices.

That could hamper the Homeland Security Department in its ability to “effectively monitor the status of risks and mitigation plans.”

Analysts recommended that project staff keep records of risk-mitigation discussions, including those about the resources that required to handle risk.

Similarly, they write that risk owners must maintain accurate and status updates for each mitigation plan.

Perhaps more alarming is the office’s finding that the way IT purchases are handled has “contributed to an increased level of risk for the program,” and could cause more cost overruns and delays.

The government is not, for example, “fully reviewing the contractor’s work products,” monitoring costs or maintaining traceability of requirements.

It is up to the DHS to accept and implement the GAO recommendations.

Article Topics

 |   |   |   |   |   |   |   |   | 

Latest Biometrics News

 

Rights groups urge priority to human rights in AI Act implementation

A group of more than 20 civil rights organizations has signed a letter urging the European Commission to prioritize human…

 

Reality Defender dials in on voice deepfake fraud in banking

As deepfake technology evolves, the variety and sophistication of phishing attacks continues to increase. Organizations may wonder how to protect…

 

Salto Systems releasing new facial recognition access control product

Spanish identity management and electronic locking company Salto Systems is launching a new biometric access control product this month.  The…

 

Microblink, Au10tix, Veriff answer increased demand for AI-enabled IDV

A growing demand for advanced identity verification has driven recent wins for digital identity vendors. Microblink, Au10tix and Veriff are…

 

GAO: Cybersecurity workforce management falls short, impacting security across the board

A new U.S. Government Accountability Office (GAO) audit found that despite notable advancements, federal departments still face substantial barriers to…

 

Pakistan switches digital ID applications from website to mobile app

Pakistan’s National Database and Registration Authority (NADRA) is closing down its public service website and launching a mobile app to…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Viewed This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events