Monday, August 29, 2005

Arlington, Virginia

Mr. Morales: Good morning and welcome to The Business of Government Hour. I'm Albert Morales, your host and managing partner of The IBM Center for The Business of Government. We created the center in 1998 to encourage discussion and research into new approaches to improving government effectiveness. You can find out more about the center by visiting us on the web at www.businessofgovernment.org.

Ms. Kelly: Good morning, Al. Pleasure to be here.

Mr. Morales: And joining us in our conversation, also from IBM, is Paul Hempstead. Good morning, Paul.

Ms. Kelly: I think many people -- although not everyone in the country -- knows right now that the Department of Homeland Security is largely a protective agency. I think -- obviously, we were created in the aftermath of September 11th and the tragedy that occurred around the country, and people think of us as an antiterrorism agency, but that's -- I would consider it a part of the larger mission of the department, which includes everyone from FEMA, as well as the Secret Service and the Coast Guard and the border protection services, and all of the parts of our former immigration services.

So we are a service agency, we are about protecting the homeland, but we are also about making an accessible and protective and safe space for citizens and visitors to this country. And I think that recent events that -- and recent changes Secretary Chertoff has made to the department really reflect that, with the appointment of chief medical officer, for example, to counteract medical threats, bioterrorist threats, and also to look for biohazards across the country, patterns and emerging trends. We're dealing, you know, with everything from local outbreaks of the flu, really, to kind of national and international epidemics that might be a threat to our homeland as well. So it's not just the terror cells that we -- you know, we think about and we hear about on television, but it's man-made and natural disasters, it is medical threats, it's bio threats, it's every kind of imaginable thing that we want to prepare for and be aware of and hopefully both act to prevent but also act to mitigate. So it's a very -- it's a wonderful mission, and I'm incredibly honored to be a part of it. I've been here since, really, almost day one. I was appointed two weeks after the department opened its doors under Secretary Ridge and the team that was in place at that point, and I've just been incredibly honored to be a part of that team and the current team as well.

The mission of the Privacy Office within the department is a unique one. Again, I'm honored to have been chosen to be the first statutorily required and appointed chief privacy officer for any federal agency. And that's not to say there aren't incredibly talented and excellent privacy and Freedom of Information Act specialists and personnel and leaders across the federal service because they already are. This is just a unique amalgamation of those responsibilities and those requirements in one office, and I can just tell you a few minutes about the office and what it does. First, our statute has five main components, and they include everything from overseeing all Privacy Act -- privacy impact assessment requirements, the Freedom of Information Act compliance across the entire department, legislative and regulatory proposals that might impact personal privacy, and interestingly enough, a reporting relationship, which is fairly clear, that we must report on complaints and concerns to Congress and to the public, which gives us a little bit of an outside kind of ombudsman feel to the office. But it is really largely -- and obviously it is intended to be a helpmate of the department. I hear people define us as what we are not. We're not the general counsel. We're not the inspector general. We're not a number of things. And all those things are true -- we don't pretend to be any of those things.

We are operational, and our operation is to include privacy in all major decisions and to make sure that privacy is considered and is codified, is built into programs, and is educated, is brought to our personnel in meaningful ways. We have done everything from videotaped learning modules to on-site classes for all of our new employees at headquarters. You know, any way we can reach our employees, we'll do it. And privacy, of course, means a lot of things to a lot of people. It means not just personal data -- what information the government knows about you and when and why, but also what kind of pat-downs are you getting at the airport and who's looking through your baggage and all the different ways that the department comes into contact with people. So we try to instill a sense of respect, a sense of dignity for the individual. So our role is a little bit of everything; it's policy, it's technology, it's legal, but every person -- including me -- that works in our office wants to be at the Department of Homeland Security to help our overall mission, which is to keep our country safe.

Mr. Hempstead: Nuala, that is certainly a broad set of issues. Could you provide some context for our listeners and describe the size and budget of your office?

Ms. Kelly: Our headquarters office right now numbers probably around 30 professionals, and we have a headquarters budget that's somewhere in the neighborhood of 5 or $6 million. We also oversee and have kind of a dotted-line reporting relationship -- or policy oversight over an additional 400-some personnel who practice Privacy Act, privacy impact assessment, and the Freedom of Information Act work across the department with a combined budget there of -- I want to say over 35 million. So those sound like big numbers, of course; when you think about the context of homeland security, that's actually a fairly small office. But I think we have a big impact considering our size. Not only, obviously, do I report directly to the secretary, but we're involved in management and decision-making and policy and program decision-making at all levels, at the very lowest level right on the front lines of what Homeland does, at the border and at airports and the like, and at the highest levels as well, about where we're going to put our resources and what directions we're taking major programs.

Mr. Hempstead: We understand your appointment was announced in April of 2003. You've been over there for over two years. You say you have a staff of 30. Do you do any investigative kind of work? And as being Congressionally mandated, do you also report to Congress from time and again?

Ms. Kelly: Thanks for that question. I know people at the department shudder when the word "investigation" is used in association with my office. I would say we review programs. We've certainly said publicly we had some concerns about a number of programs and have worked successfully with those programs to talk about what the right of privacy frameworks are and what the best practices are for personal information. So yes, we do review when the public raises concerns or when Congress raises concerns, or when, you know, concerns are raised even within the department. We'll go to various programs, and we'll say, listen, we're going to sit with you side-by-side. And it probably feels from the receiving end a little bit like an inspector general audit, although we like to be a little friendlier and a little more in-house. And we do report the results publicly; we've issued a number of public reports on the status of, say, for example, the use of personal information in the airline context, which is of great concern publicly, but also has a great validity in our homeland security work.

We are -- I think in the Fall, you'll see reports on the Matrix program, which, again, was incredibly worthwhile program about law enforcement sharing of information across state lines. Again, I think most people think that happens already, so -- but there were concerns about who was going to have access to the information, for what purposes, where it was going to be housed, and most importantly, the security of information. Something you've seen over and over again in the private sector in the last year, people are, I think, going to be increasingly concerned about their government having and being able to secure their personal information as well. We've got to demonstrate that we respect personal information; if we're going to require it for use for -- even the most valid purposes in the government space -- which I think are for homeland security -- let's just show that we can do this right, we can do this thoughtfully.

We do report to Congress at least annually and we've actually been asked to report more frequently than that through specific legislative direction and through coming in for hearings and testimony and the like. So again, this was a Congressionally mandated and created office, and a number of our godfathers and godmothers are still in Congress; a number actually have left and are still looking over us with great pride from the private sector as well. But we do go up to meet with both members and staff frequently, and we've been very grateful for their support. You know, I probably sound like an incredibly na�ve Washingtonian, but I really do believe that the support is very bipartisan. There isn't anyone I can think of walking down the street who'd say I don't really like privacy. You know, I think that's something everyone can get behind, and it's just a question of doing it right and thoughtfully and again, not impeding the mission of the Department of Homeland Security, but really strengthening it.

Mr. Hempstead: You described your role as being partly within, partly without or outside the department. Given this duality of roles, how do you ensure collaboration with your colleagues across DHS?

Ms. Kelly: I think by showing, first of all, a fundamental respect for what the mission is. You know, I was just -- I was doing some research online for a personal trip this weekend, and I came across some of the coverage of some of the folks on airplanes on 9/11 -- and I have a little girl named Nora, and one of the women who died had a one-year-old daughter named Nora. And these stories, again -- I mean, even four years later, still resonated with me, and I actually had family members and friends -- I'm from New York, I had just moved down a couple weeks before 9/11 -- who were in the World Trade Center, some of whom were injured and lost their lives. And so, you know, we all at this department support this mission and remember why it is we came and what it is we're about doing. I'm sure there are people at the department who sometimes think we're making their lives harder -- and that's probably true, we are probably making a few more steps to their getting their program out the door -- but again, it's with the thought that we are doing the tough scrub inside the department to make sure we have made the right choices about the use of personal information and about the impact on the individual because, you know, what we're about, again, is not only preserving our safety and our security, but preserving our way of life with a minimal intrusion by our government. And so when I say I'm partly within-without, I mean within, we are a helpmate, we are an educator, we are, again, assisting the operations; outside the department, we're a listener, we're there to hear the concerns of the public, we're there to bring them in and again, to operationalize them, to make them real, to make them hearable to departmental leadership. I think so many times the discourse in this country becomes so intolerant of the other side, and I really see our role as a translator, someone to say, you know, we have respect, we are privacy professionals. Every person I've hired, they are profoundly someone who cares about personal privacy and is educated in fair information and principles, not only domestically, but internationally as well.

So we come from that framework, but we're also Americans, and we also care about this country, and we also care about this department. So I think we sit on the fence, we sit on the line between, you know, those who would criticize the department and those who would defend it at all -- you know, with no ability to hear criticism. So I hope we've done that, and I think we've done it to greater and lesser, you know, success depending on the day.

Mr. Morales: How is DHS building Privacy Office? We will ask DHS Chief Privacy Officer Nuala O'Connor Kelly to share with us when the conversation about management continues on The Business of Government Hour.

Mr. Morales: Welcome back to The Business of Government Hour. I'm your host, Albert Morales and this morning's conversation is with Nuala O'Connor Kelly, chief privacy officer at the Department of Homeland Security. Also joining us in our conversation is Paul Hempstead.

Ms. Kelly: It's an unusually drafted provision, our statutory authority, in that most reports issued by the department, obviously, are issued by the secretary. So it's a little quirk of drafting, but I think it was intended to be, frankly, actually, much more than that, and I've talked to some of the staffers, and they intended for this office to have, as I was saying a little earlier, kind of an ombudsman-like quality and ability to report in a kind of an unconstrained manner about concerns and about their -- the response of the department to public concern and outcry about privacy invasion or privacy complaints. We've reported a number of times, not just in our annual report, but in specific instances, we've been asked to investigate or analyze, really, the use of the no-fly list in the airline context. We've been asked to review the use of commercial data by the department to make sure that it's meeting public expectations. And we see these, really, as constructive ways to tell the public what the department's doing, but also to tell folks at the department here's the right way to be doing these things, and you know, here's the way to succeed with our programs, but also keeping privacy in mind at all times. And so we've been lucky to have just a really good relationship with the members of Congress who oversee our office and who've expressed concerns about these issues at the department. And again, they fall on both sides of the aisle. I think privacy is a universal issue, really, more than a Republican or Democrat one.

Mr. Morales: Nuala, many of the organizations within DHS have very long histories and well-formed cultures. How is your office contributing to the culture at DHS?

Ms. Kelly: I am fascinated -- absolutely fascinated -- by organization culture because I came from a high-tech company that was five years old, and it was run by -- I think at the time, a 37-year-old billionaire, and at 32, I was probably the second-oldest person in the company, so you know, it was really a fun, fun job, and a great place to work and a great entrepreneurial environment. That's a very different culture from any government organization, almost. There are parts of the Department of Homeland Security that date back to several centuries ago. It is hard to make change in cultures that are that old and that well-established. And we have other parts of the department that are brand new, that were created in the department's enabling statutes, so we've got two-year-old departments and 200-year-old departments within the Department of Homeland Security.

I think the challenge for all of us is to create a unified culture, and I'm so incredibly impressed by some of the language that Deputy Secretary Michael Jackson has used about creating one DHS where employees understand that their career trajectory is tied to the department, that they can succeed, you know, as a Coast Guard agent who does a -- or a member who goes to do a detail in the Secret Service or in the Customs and Border section, or in enforcement agencies, that there is respect for professionalism and growth and opportunity across the department that isn't tied to any one subset of the department. I have a lot of respect for the organizations like the Customs Service, for example, that date back, I think to the Constitution. I think people have mentioned that a number of times. But they have developed a career personnel track that is among the most professional, I would say, in the federal service. It attracts a terrifically high caliber of employee and promotes employees for their best work. I think we want to look across the department and build on what's already working and build those structures out and then also take this opportunity as a brand new two-year-old agency to be a little entrepreneurial, to be a little more open to new ways of doing things.

You know, I think people have been talking about -- for decades now -- bringing a private-sector kind of ethos into the government space. There are terrifically talented people; I think I've been more than impressed by the folks I've been able to hire and that I work with at DHS and across the service. Let's train and manage and promote them in a way and with the speed and with the benefits that you can see in the private sector. There are certainly benefits to being a government employee, but there are downsides in some of the inflexibilities as well, so let's kind of clean those weeds out of the way of the good folks who are trying to get work done.

Mr. Morales: Nuala, you touched a little bit upon collaboration. What are some of the other critical success factors or challenges in working across an organization the size of DHS?

Ms. Kelly: I think translating, making sure that our mission is explained within the department in a way that people understand that it's part of supporting the overall DHS mission. You know, we're not just there to put a rubber stamp on a program, to say, yeah, it's great, it's super, it's a terrific idea. We are going to ask the hard questions, but in asking the hard question, it's to get to the endgame, which is to get a worthwhile valid idea out the door and in a manageable timeframe and in a manageable way that respects the individual, respects the citizen. Often, folks are so focused -- and sometimes, I'm sure that the same criticism could be levied of my office -- we're so focused on our own mission, we can't necessarily conceive of how important others' missions are as well. And so just making sure we all understand it's really -- it really is one team, one fight, as Husband said, that we all have our part to play in the larger drama of DHS, but that it's about getting to the finish line.

Mr. Hempstead: Nuala, DHS interfaces with several different federal agencies. Many of them do not have chief privacy officers. How do you ensure that privacy issues are handled according to DHS standards and other applicable laws to people like the intelligence community and other civil agencies?

Ms. Kelly: Well, thanks for making me sound so important that I get to tell everybody else what to do, but that's not exactly the case. But in fact, there are more and more chief privacy officers that are statutorily required. We've had statutory mandates for a number of other federal agencies that have exactly followed our statutory language and in fact, enhanced it and expanded on it. We've got a great new person over at the National Intelligence Director, a privacy and civil liberties officer. We've got statutory language that encourages or, in fact, requires every federal agency to name a senior government official who is the overseeing person for privacy policy for each federal agency. I think you're seeing federal agencies come to that view that you need a senior person with a lens on privacy, and you know, I'm joking when I say that it was because of our office. It's really largely mirroring or imitating the private sector, which has had great success. Really, one of the leading chief privacy officers in the country is Harriet Pearson at IBM, who I think actually has a much bigger title, but she was one of the early leaders of the viewpoint that you can have a successful privacy practice within an organization.

I don't know if you guys want to get into international, but our way of looking at privacy is a little different in structure, but not necessarily in principle, to the rest of the world in that we have embedded privacy officers within our federal agencies and within our companies. You know, other parts of the world have free-standing offices that are separate and apart from their federal agencies -- you know, there are different ways to do it, but I think the proof is in the pudding -- you know, what's the outcome, do we see good and thoughtful programs and policies and new business products coming out of these institutions, and I think the answer is yes. I think you've seen great success with privacy officers in the private sector, and I think that the federal government is really following that lead and realizing, also, that the use of personal information has become one of the most compelling concerns about any organization that has information and that needs information to do its job, whether it's a bank, a hospital, or a federal agency.

Mr. Hempstead: Well, you mentioned international partner agencies. What about other partnerships? What are critical to the privacy office where you are? Perhaps private sector, advocacy groups, individual citizens?

Ms. Kelly: Absolutely. And let me run down the list with -- starting with our own agency first, actually. We work every single day with our Office of General Counsel and our various other leadership offices, our policy office, our international shop, you know, the program officers across the department. So partnering with the leadership, but also partnering at kind of a mid and lower and all throughout the levels of our agencies are the right way to do the job and to make sure the job's getting done across the federal service, obviously, with privacy offices, but also with our partner agencies, Justice and Defense and the intelligence community as kind of one, you know, operational force. And I think the idea, really, after 9/11 is to break down the walls, make sure that the information is going where it's supposed to be going and not where it's not supposed to be going. Our mission is to make sure that information is used legitimately and thoughtfully and in a limited fashion, but not that no information is used because information really is one of the lifebloods of our War on Terror.

I think we're forgetting our state and local partners here in this conversation, that they are our crucial -- and you see that again in any number of front-line activities, any kind of natural or man-made disaster is going to require our state and local, our first responders, and they are, you know, the people who are on the front lines of this, and we need to make sure that they have timely information in a manner that can save lives. So, you know, good and thoughtful and fast and effective information-flow is going to be essential to making sure people are moved to the right parts of the country or deployed in a way that's going to be helpful. So we are very much in favor of technologies that can both assist, but also constrain the flow of information. With good thoughtful rules at the outset, we can do that.

Mr. Morales: Nuala, you mentioned earlier that education is core to the mission of your office. Can you describe the steps that the Privacy Office is taking to educate others on the privacy concerns?

Ms. Kelly: Within the department, we have education programs, really, almost in every part of the federal service already. There are requirements under the Privacy Act and FSMA and a number of other laws to make sure our employees have been trained in Privacy Act requirements and, really, privacy policy. We've undertaken a particularly robust training program at headquarters, where we sit, to make sure that every new employee has gotten a class from a member of the Privacy Office. We're really looking at what's being done already. Again, Customs has a terrific online privacy training program, INS has some terrific technologies about limiting information flow and access to certain kinds of information, and what we're trying to do from our standpoint is really be the champion of the programs that are working well and to say, hey, here's a really good idea, you guys might want to copy that. Or if a division comes to us and says, you know, we really want to implement this, we say we don't necessarily need to reinvent the wheel, although you're welcome to go out an look at what's being offered in the private sector and get people to compete for, you know, terrific resources, but let's build on what's already there, let's not be reinventing the wheel.

So within the department, we're both the champion, but also the actual teacher. And then outside the department, again -- you know, I didn't talk enough about our relationship not only domestically and internationally, but also with the advocacy community and the public. I mean, we really see ourselves as bringing in and making real the concerns of individuals and of organized advocacy groups and being ourselves educated and then turning around and educating others in the department about these concerns and why they're valid, and in a way that can be heard.

Mr. Morales: How are privacy concerns impacting investigative technology? We will ask DHS Chief Privacy Officer Nuala O'Connor Kelly to explain this to us when the conversation about management continues on The Business of Government Hour.

Mr. Morales: Welcome back to The Business of Government Hour. I'm your host, Albert Morales and this morning's conversation is with Nuala O'Connor Kelly, chief privacy officer at the Department of Homeland Security. Also joining us in our conversation is Paul Hempstead.

Nuala, you've described yourself -- and please take this term lightly - as a geek at heart. What is the promise of technology in the privacy arena?

Ms. Kelly: Oh, no worries. I'm the one that said it, and I remember distinctly having said it. I came from a high-tech company, so I am a geek to a certain extent, and I do believe that there is tremendous potential in a number of the technologies the Department is considering using and is already using, both to strengthen identification and identity management, but also to put limits on the use of personal information by this department and other parts of the federal service. The promise of technology, I think, is greater accuracy. For example, many of the watch lists really seem to run off name and date of birth, and our airline tickets obviously are named, and so everyone who's got that name is going to match that individual. So, you know, that's just one kind of data management tool that people are considering is, what's the limited amount of information that's necessary to prevent those kind of mismatches and misidentifications?

But in a more robust way, the use of technology like biometrics and RFID and other kinds of identity management tools, I know they strike fear in the hearts of many who say, oh, I don't want my picture taken, I don't want my fingerprint taken -- and I understand the cultural concerns not only in this country, but in many other parts of the world. We do want to be sensitive and thoughtful about not only the concerns of our own citizens, but really the impact we're having internationally as well in programs like, for example, US-VISIT that is engaging in and meeting visitors to this country at the border. But we also do want a greater strengthening at our border of who's coming in and out, and I think the VISIT program, for example, is a tremendous success story in not only the use of technology, but in building in privacy principles and privacy practices into its foundation.

So I think the answer, really, is there are ways to do the things we need to do to make our country safer, but in a way that is thoughtful and respectful of individual privacy, and that technology can be one of the tools. I think the promise of technology, particularly biometrics, is greater accuracy and therefore cutting down on mismatches and misidentifications at the airport, at the border, wherever, but also through that, allowing our employees to focus on the issues that are really of concern, the people who really might be a correct match with a watch list or some other law enforcement activity, and really focus those resources. And again, I go back to VISIT just because it's a great real-life case study, but they've been able to arrest felons and folks who are wanted domestically and internationally on very, very serious violent crimes, as well as visa and border infractions. And so, you know, I think this is a powerful example of technology done right and our ability to protect ourselves and to create a strong border.

Mr. Morales: We understand that your office drafted a policy notice that covers access and redress opportunities for all persons, regardless of their country of origin. Can you tell us more about this notice and how your office is implementing this policy?

Ms. Kelly: As a principle, we in our office have very much tried to model our thinking on really universal fair information principles. And when you look at privacy law elsewhere in the world, you'll see that those privacy laws cover you when you're visiting that country or having any interaction with the Italian government or the French government or the like. And so to the extent that we have many international agreements that are reciprocal, we have tried very hard where we can to encourage the department to allow for and create access and redress programs that allow any individual, regardless of their citizenship or country of origin to access their information and correct it.

Now, let me be perfectly candid that I'm not inventing something new here. Our CIS -- our Citizen Immigration Service -- has had a fairly similar policy for some time, and that is really because the Freedom of Information Act allows for a person of any country of origin to see their own data through a FOIA request and access it and see what is known about them. This is really a practical principle because so many of our files of citizens and non-citizens become commingled in the process of folks becoming citizens that it just makes sense, it's more practical, it's more doable to cover the systems as they're known by -- systems of records notice under the Privacy Act or through FOIA protections. And we've just tried to encourage the department to think about those protections as really linked.

In a recent negotiation we had with the European Union on release of passenger name records, again, we relied heavily on the strength of our Freedom of Information Act, which I will argue is really second to none internationally. I think folks don't realize that we're constantly getting calls in our office from privacy and information commissioners from other countries saying, how do you do it and what do you do and, you know, what are the principles that you engage on. And I think you're seeing a growing trend of accountability and concern, and it's a way that citizens can -- in our country can petition our own government for correction and in the most minute sense, a correction of their own record. So it is a policy that combines the strength of Privacy Act and FOIA and really just says there's not practical difference between what we're doing for our own citizens and what we're doing for citizens of other worlds -- other countries. It's something we haven't gotten credit for enough internationally, and we should.

Mr. Hempstead: Let's see: you mentioned before your interaction with -- and, in fact, your impact upon -- the US-VISIT program. I did want to ask you about another program because we understand that your office recently completed a privacy assessment review of TSA's registered traveler pilot program. Could you tell us about the review process and some of the privacy issues that you evaluated?

Ms. Kelly: Certainly. And, of course, the review process for RT -- or registered travelers -- no different than the same PIA -- Privacy Impact Assessment -- process that every major program -- really, every program that has personal information in the department goes through very routinely now, and I give, you know, all the credit in the world to our staff that works on PIAs in our office, led by Becky Richards, our chief compliance officer in the Privacy Office, who came from a terrific organization called TRUSTe, the online seal program that really did compliance and auditing and training of online companies, and I'm just tremendously delighted that we're able to bring that kind of lens of operational efficiency and really just routine analysis of privacy and fair information principles to the DHS framework. Any program -- RT and any other program that's a new idea, a new pilot, has to do a PIA by law, and the idea behind a PIA is simply -- like an environmental impact assessment or any other paperwork reduction notice -- to consider what the impact is of this new program on the individual and on that individual's personal information. The PIAs -- we've really drilled down on the program folks that they are responsible for drafting the initial PIA and that's because they understand better than anyone else what the program does, and it makes sense for the program folks who take ownership of privacy as a principle and a practice for their own program. It's not something that we from headquarters, down from above, say you must do it this way; it's got to be something that's really learned and lived by the program personnel.

Now, that's not to say that the first year, we weren't sitting there side-by-side helping them write every single word because we sure were, but it's the old adage, teach a man to fish -- you know, I think this year we've had a smoother program, and next year, again, you're going to see more completed and more fully fleshed-out PIAs coming into our office at a later time in the evolution because the folks writing them will have done them before and be more comfortable doing them. So it's really a bottom-up division of labor, really, where the folks running the program, this is part of their tool kit, it's part of their to-do list, really, they're -- the PIAs are scrubbed by the CIOs for the various divisions because, obviously, it's a technology-heavy requirement. The E-gov Act requirement is particular to the new uses of technology or new technologies that impact personal information. The DHS-wide PIA requirement's a little bit broader for new programs, generally, and new use of personal information.

You know, in a perfect world, they come to our office a little further baked, you know, and closer to being done, and are reviewed by our office. And what we're looking for, really, is have you considered what the impact is on the individual. When you're asking for, you know, name and date of birth, do you really need it? Is that all you need? Do you need more, are you going to come back to us six months from now and ask for more? You know, if you're asking for 16 different things, is that all really, really necessary, or could you do with less? And sometimes the answer is, we really need all 16 things, and that's okay if you can really show a demonstrable law-enforcement or counterterrorism reason. Or, you know, have you considered other technologies that might work better.

A perfect case -- and we get a lot of press about the use of various technologies for screening at the airports or for screening for drugs or contraband or weapons, and what we're asking in those cases -- and again, I have not personally looked at that technology in a little while -- but the analysis I went through with both CBP -- Customs and Border -- and TSA when they first started looking at them was, what is the functionality you need, what do you need to look for, metal or plastics or explosives or -- you know, what are you looking for, and then what's the least invasive version of that that you can look for. And you know, by simply asking those questions, I think we've seen a great evolution both because of the great ingenuity in the private sector responding to those concerns, but also because of our folks saying, you know, guys, we really need to go back to the drawing board and look at something that's not going to show people's personal parts when they're walking through some screening, you know, program at the airport, but really just finds the bad stuff. And we've -- you know, we've seen great movement in the technology sector to say, okay, there are ways to look at this technology that will find the metal or the explosives or the this or the that but not be so kind of personally revealing about someone's physique. You know, just by asking the questions, I think we've started a very good conversation, a very good dialogue that's been very much responded to by the private sector as well as our employees.

Mr. Hempstead: Many of these programs use biometrics. Perhaps you take a minute to explain what biometric technology is, how it's playing a role at DHS, and what are the privacy concerns, and how DHS is approaching those concerns.

Ms. Kelly: Biometrics is a big word that people use to mean a lot of things, but kind of in a nutshell, it's any unique identifier that is kind of attached to your person. Whether it would be a picture or a fingerprint or a retinal scan or iris scan or even -- some people have seen the hand geometry access controls to various buildings which will measure the shape or the size of your hands or your relationship of your various body parts. There are facial geometry as well that shows the relationship of your various kind of -- you know your cheekbone to your chin, that sort of thing. So there are lots of different biometrics. And I know, again, they really -- to use a technical term -- they creep people out, and so we need to really dial down the dialogue, is what I keep saying. Let's talk practically what are we talking about, what are people's fears, and how do we resolve them. And -- case in point -- and we're not the lead agency on this, obviously, the State Department is -- but the use of biometrics in passports really has increased not only in this country, but elsewhere as well, and I'd like to say, you know, guys, listen, we have two biometrics already on your passport. You've got a photograph, and you got your signature. So we've had biometrics in this country for a long, long time.

Now, this is not to be na�ve or, you know, or disingenuous about the fact that the ability to store, to transmit, to translate, and to amalgamate biometrics has certainly changed profoundly. You know, your signature and your photograph were not heretofore storable in some, you, know, distant computer somewhere that you didn't know about. And so we need to be concerned and vigilant about those changes, but the reality is biometrics have historically always been used to identify you. I mean, signatures have been around for I don't know how many centuries now, but you know, before that, it was mark your X here. So this is not unusual and nor should it be considered a terrible, terrible development; if anything, it can be a very, very positive development, as I was saying before, and a way to correctly identify that you're you, that somebody else hasn't stolen your identity, that someone else hasn't appropriated your passport, and that you are the legitimate holder of these travel documents, and you have the right to move about this country or some other country. You know, I think this is a great strengthening of our -- not only our ability to have our own border, but to allow people across it for legitimate means, which is every country's right, really, but also to facilitate travel, to make things faster and easier and better at the airport, and I think we're all in favor of shorter lines. But part of what my office is concerned about is not only saying when things are going wrong, but also when things are going right. Let's talk about the good technologies and the good uses of them. Let's not jump on every bandwagon for every brilliant new idea, but you know, let's evaluate and be thoughtful about them. But we can be a champion, I think, for good and responsible use of technologies in the private sector and the government space as well.

We do need to be vigilant, as I was saying, about the amalgamation and the creation of the -- you know, what people call the big brother databases and these kinds of things. By creating good rules -- and you know, the Privacy Act, I think, is one of the most overlooked statutes in the federal government. It requires every federal agency to say upfront what it's going to do with information, where it's going to store it, and how it's going to secure it, and all sorts of things that I think the federal -- the government should be explaining to its citizens. And by having those conversations again early on, by simply enforcing the law as it's written, we are able to really have the dialogue at the front end about, okay, we've got now a fairly good-sized database, US-VISIT, with finger scans and biometric -- digital photographs. How are we planning on using these, what are the legitimate public policy purposes for which we are using them, and thinking very seriously about -- you know, there are concerns and issues always about once you've got the data, you're going to turn around and use it for something else, and I think we -- our office needs to be vigilant, as does the public, about those concerns. But it is not, again, the technology itself that is the concern, it is the public policy and the forces driving change that we need to, you know, have the dialogue with. No technology by itself is good or bad, but many of them can be very, very helpful to strengthening our identity management and our ability to know who's crossing our borders and who's coming in and out of the country.

Mr. Morales: What does the future hold for the DHS Privacy Office? We will ask Chief Privacy Officer Nuala O'Connor Kelly to explain this to us when the conversation about management continues on The Business of Government Hour.

Mr. Morales: Welcome back to The Business of Government Hour. I'm your host, Albert Morales and this morning's conversation is with Nuala O'Connor Kelly, chief privacy officer of the Department of Homeland Security. Also joining us in our conversation is Paul Hempstead.

Ms. Kelly: I think that the increased need and the increased speed of information flow. The increased need, again, very legitimate for our information-sharing efforts with not only the private sector, but within the intelligence community and with our state and local partners. With that, I think, comes an increasing need for rules and frameworks to constrain that data and to make sure it's only used for legitimate purposes. And again, I think there are good rules we can build on already; for example, some of our agencies have auditing mechanisms where they can see what employees have accessed what data and who's gotten into what database -- incredibly important and strong. But we've got to create, I think, a level playing field where everybody kind of knows what the rules are, that -- and there are agencies have done this already -- IRS has a great culture, they've had a privacy advocate for a long time. Folks know that, you know, your IRS files are sacred, and they shouldn't be looked at by anyone but the agents working on those cases. We've got to make sure we've got that same kind of environment and culture at DHS.

Mr. Hempstead: Nuala, we are focusing on the future here, so we can't let you get away without talking some about Secretary Chertoff's reorganization, what the impacts are, the Chief Privacy Office, and any good or bad points that you want to say about him.

Ms. Kelly: Everyone at the department -- at least, you know, the folks that I've worked with closely and have talked to about this -- are really delighted and all the major developments are very positive, including the new personnel that have come into the department. We are delighted with the support that we've gotten from Secretary Chertoff and Deputy Secretary Jackson. We also have a great working relationship with Stewart Baker, who's the new assistant secretary for Policy Designate, who I think we will be working incredibly closely with in the coming years and have in the past already. So from my office's standpoint, we're delighted by the support, we're delighted by, you know, all the public and private statements we've gotten from our leadership on the privacy office, but also speaking, you know, on a more global basis, all of the changes that were made, I think, largely were incredibly welcomed, not only by folks in the department, but members of Congress who were supportive -- you know, I thought, gosh, if there's anyone who's going to be offended, it might be members of Congress because they created the department and the structure that it was. But it was incredibly appropriate after two years to take a look, take a step back, and say, what's working, what can we do better. You know, nothing had been too set in stone, so two years into it was a good time to take on that review and say what might work a little better, what might streamline some, you know, reporting relationships and make this department achieve its mission even more fully. I am thrilled with the time I've spent at the department, and, you know, I don't know what the future holds, I don't know if more change is in the works, but we've been very grateful so far for the support we've gotten.

Mr. Hempstead: And what are some of the lessons learned from your first two years as chief privacy officer? What would you share with a new counterpart in another agency?

Ms. Kelly: Hire the best people -- of course, you can't have any of mine -- but go out and find some really stellar people because they will A, make you look really good, but also the work is hard, but it's incredibly enriching, incredibly rewarding. And I wake up in the morning, and I'm astounded by the quality of people and the caliber of people I've been able to attract to this office, and it has nothing to do with me and everything to do with the work and the mission of the overall department. We have begged, borrowed, and stolen the best people from the federal service -- I mean, just name a -- I shouldn't name a few names because I will not be able to name all 30 of them, but my chief of staff, the number two person in our office, Maureen Cooney, who came from the Federal Trade Commission, who was really one of the number one international privacy specialists in the federal service. And Toby Levine, who followed her, our senior policy advisor from FTC. As I mentioned, Becky came from TRUSTe. Peter Sand from a state agency in technology and privacy -- this list could go on and on.

That was just a few examples of folks from other federal agencies, folks from the private sector, and folks from state and local agencies, and folks from within the department who we've lifted up and brought to headquarters as well. So we've looked to where the talent is and brought together a team that I think really works, and then everybody's got their slice of the pie, and they are in charge of it, and that has worked really tremendously well. It's not all lawyers, it's not all technologists, it's not all government people, it's people who bring a variety of different viewpoints, but who are willing to, you know, to do the hard work and to also sell internally. I think -- and the number one -- the number two issue is really don't underestimate how many times you're going to have to explain what a privacy officer is and does because I still seem to be doing it even today, two years later, and that's just because it's something new, and we need to -- you know, the onus is on us to demonstrate that we have some added value for the department. And I think we have demonstrated that.

Mr. Morales: Nuala, you've had just a fantastic career, and I'd love to hear a little bit more about it and also what advice could you give a person who's interested in a career in public service?

Ms. Kelly: I was lucky to get into public service, as I mentioned, right around 9/11, and that really has shaped my career as a New Yorker, and, you know, as someone who really believes in creating a safe space. But I can't underestimate the opportunity that I think public service, particularly DHS, holds. You know, it really gets you up in the morning to know that you're helping and that you're helping make the country safer and that you're helping make the department better in its treatment of privacy and the protection of the individual. So, you know, that can take you a long way in your energy level.

I think it's hard to break into the government. I think -- you know, I see people trying to apply from the outside, and it's an onerous process, but it's well worth getting into. You know, I've kind of accidentally found my niche, but finding something you love to do and -- whether it's public or private sector -- has been lucky for me and hopefully will work for others as well.

Mr. Morales: Well, Nuala, your energy and enthusiasm certainly shows.

Ms. Kelly: Well, thank you both so very much for your time. I'm delighted to be here. And if people have other questions for me or want to learn more about the office, we do have our own little slice of the DHS website; it's www.dhs.gov/privacy.

Mr. Morales: This has been The Business of Government Hour featuring a conversation with Nuala O'Connor Kelly, chief privacy officer of the Department of Homeland Security. Be sure and visit us on the web at www.businessofgovernment.org. There you can learn more about our programs and get a transcript of today's fascinating conversation. Once again, that's www.businessofgovernment.org.

As you enjoy the rest of your day, please take time to remember the men and women of our armed and civil services abroad who can't hear this morning's show on how we're improving their government, but who deserve our unconditional respect and support.

Friday, May 16, 2005

Arlington, Virginia

Mr. Lawrence: Good morning and welcome to The Business of Government Hour. I'm Paul Lawrence, partner in charge of The IBM Center for The Business of Government. We created the Center in 1998 to encourage discussion and research into new approaches to improving government effectiveness. You can find out more about the Center by visiting us on the web at www.businessofgovernment.org.

Mr. Basham: Good morning. Good morning, Paul.

Mr. Lawrence: And also joining us in our conversation from IBM is Dave Abel.

Mr. Basham: Yes, I'd be happy to. As a matter of fact, I suppose most people are familiar with the Secret Service's mission with regard to the protection of the President of the United States, the Vice President, and members of their families and others, but what many people don't realize and know is that the Secret Service actually had its origins for a totally different purpose. Back following the Civil War, 1865, approximately one third to one half of all of the currency in circulation at that time was believed to be counterfeit, and the Secretary of Treasury at the time, Secretary Hugh McColloch, approached the President, and advised the President that the counterfeiting problem was so significant that it was actually threatening the financial stability of the United States, and that as a matter of fact, the whole reconstruction effort of the South was being threatened.

So the Secretary asked the President if he would authorize the creation of an organization within the Treasury Department to combat this counterfeiting problem, and that day, the President did in fact authorize the creation of a law enforcement component within Treasury to do that. Ironically, that was April 14, 1865. That night, of course, those of who know history, Abraham Lincoln went to Ford's Theatre and was assassinated. So therefore one of the last acts of one this country's greatest presidents was to in fact create an organization that would protect the financial integrity and financial infrastructure of the United States. And we continue to do that today.

Another sort of an interesting fact is that the first chief of the Secret Service, by name of William Wood; at the time, he was the Director of Corrections for the D.C. jail system, and his first three employees were in fact inmates from the D.C. jail system. But I can tell you, we have done a better job since then of recruiting and hiring our agents and officers, but the idea that the first chief had, as well as the Department of Treasury, was if they were in fact going to establish the credibility of the currency of this country, they had to suppress the counterfeit currency from getting into the hands of the public. And the way they did that was through undercover operations. And of course these inmates who were in the D.C. jail were in fact master counterfeiters. And so he used their knowledge and expertise in order to infiltrate those various operations out there that were in fact counterfeiting U.S. currency. And the idea, again, was to suppress it, and to prevent it from getting it into the hands of the public.

All of the operatives at the time were undercover, and in fact, the Service was in fact a secret service within the Department of Treasury to deal with this problem of counterfeiting, and therefore, that's how the name was derived, and we continue to this day to be the United States Secret Service. And not until 1901, after this country saw in a period of 35 years the assassination of three of our presidents: Lincoln, Garfield, and McKinley, and we were tasked with the responsibility in 1901 to protect Teddy Roosevelt, and was our first actual presidential protection responsibility. And of course, that's been expanded, now that we protect not just the president, but vice president, members of their family, heads of state, heads of government that visit this country.

And then in 1922, the White House police was established to protect the actual physical building that the president was housed in, and other buildings around Washington, D.C., and they are now the Uniformed Division of the United States Secret Service. So that's a little bit of a glimpse of the history and how we came to be charged with the dual responsibilities of investigations and protection. But I can tell you that that early philosophy and methodology of suppressing and preventing crimes from occurring before they hit the public has been one that we have embraced and continue to embrace to this day. We still approach our investigations and protective responsibilities with that idea in mind. We don't want to investigate the assassination of a president, we want to prevent it.

Mr. Lawrence: Tell us about the size of your team. How do you think about the Secret Service, in terms of the size, and in particular, given the story you told about the first employees, the skill sets of the team?

Mr. Basham: Well, we're made up of a number of different entities, not only special agents but Uniformed Division officers, technicians, attorneys, scientists; the normal components that go into an organization such as investigative protective agencies, such as the Secret Service. You know, many people ask me today what's the difference between when I came on the job and what we're looking for in people who are coming on the job today, and I tell them when I came on the job, they issued me a gun, a badge and a horse, and today it's a gun, a badge and a computer. They now have a whole different arena that they are dealing in.

The skill sets we are interested in today are people who are comfortable in cyberspace, with computers, and dealing in the financial sector, and looking at it from that perspective, versus heretofore, you had an investigator, as you would typically look at an investigator's skill sets as being someone who's out there plodding away knocking on doors. And today, that's changed. Someone sitting thousands of miles away can attack our financial infrastructure with merely a key stroke. And so we're looking for people who have analytical skills, who have computer skills -- that's not to say that we still don't rely upon basic investigative tools and skills that you develop over time. So it's really changed a great deal over the past ten or fifteen years, and we're recognizing that, and not only are we recruiting from that set of skill sets, we're also training individuals in those kinds of skill sets.

Mr. Abel: You highlighted that the Secret Service started in the Department of Treasury, but we also know that it transitioned into the Department of Homeland Security recently. How has that transition impacted the operation of the Service?

Mr. Basham: Well, the one factor that I think is unique to the Secret Service, whenever we were moved from the Department of Treasury to the Department of Homeland Security, we went intact. Our mission and our resources were all intact when we moved. Others were broken up in some respects, which did have an effect, and it's had an effect on trying to bring the Department together from those 22 different agencies, but we didn't have to deal with the same sorts of problems that others who migrated to the Department of Homeland Security had to face.

Our mission literally has not changed. Our focus has not changed. Now, what I think we bring to the Department is a model, in many respects, as to what the Department's mission is today is very, very similar to the Secret Service's mission, and that is about prevention; that is about putting the resources in place; building the partnerships which we've had to rely upon for so many years, because we are a relatively small agency. We've always had to rely upon state, local, and other federal assets in order for us to accomplish our mission. The Department, I think, recognizes that for them to be successful, those same sorts of partnerships with state, local, and other federal agencies have to be there in order for us to able to accomplish to incredibly critical mission that the Department is facing today.

Mr. Abel: When you mentioned partnerships, it seems like one of the organizations with whom you have to have the most extensive partnership is the Federal Bureau of Investigation. What type of relationship does the Secret Service have with the FBI?

Mr. Basham: I feel that our relationship with the FBI continues to improve. I think since 9/11, I think everyone in law enforcement, in the intelligence community, recognizes that we need to do a better job of sharing information, sharing resources, and sharing commitment that we will do whatever is necessary in order to prevent another occurrence such as what happened on 9/11. And the way we do that is by constantly -- the communications between those various agencies out there.

You know, the time when keeping a secret from others that could provide some opportunity to prevent something from happening, I don't believe the American public is going to be patient or understanding if something occurs, and the reason that it occurred was because there were turf battles or turf issues -- we have just got to figure out a way to get around those, and to push that idea down through the agencies, through the organizations.

You know, the Director of the FBI, the Director of the Central Intelligence Agency, and NSA, all of us understand the need for that cooperation, that sharing, and now it's our responsibility to drive that down through the various agencies and components to make sure that everyone understands that that's a necessity and a requirement if we're going to be successful.

Mr. Lawrence: That's an interesting point about sharing.

Mr. Lawrence: Welcome back to The Business of Government Hour. I'm Paul Lawrence, and this morning's conversation is with Ralph Basham, Director of the U.S. Secret Service.

Mr. Basham: Dave, my role is not unlike the role of any chief executive, in that I have the overall responsibility for managing the day-to-day sort of global affairs of the United States Secret Service, but I also see my role as being there to support the mission of the organization, and whether that means getting them the resources or getting them the training or working through Congress and the administration to ensure that that funding is there to provide them with those tools to get the job done. It's also to keep the organization focused, focused on the mission of the organization. And as we've discussed, it's a dual mission of both investigations and protection, and to make sure that we maintain a balance between those two functions. On the one hand, it is the strength of our organization to have the dual mission. On the other hand, it also at times can be the Achilles' heel, in that we need to constantly be looking at shifting resources as demand requires.

And as you know, last year being an election year was an incredibly demanding year for the Service in that we had a number of special security events, plus the campaign and the conventions, but I also had to make sure that the organization was continuing to be focused on our responsibilities to the financial sector, in that we are the service provider to the financial sector for criminal activities that continue to go on regardless of whether or not there's a campaign for the presidency or not.

So it's my responsibility to make sure we keep those balanced; to make sure that our personnel have the tools that they need to get that done, and that we are constantly looking for opportunities to improve upon our mission requirements, whether it's technology or other things out there that I need to bring to bear. So it's not unlike any other CEO in government or outside of government.

Mr. Lawrence: What are the strategic goals of the Secret Service?

Mr. Basham: Well, I just hit upon one. We have got to look to technology. Technology, we recognize, is going to be the key if we are going to be successful in the future in combating the threats and challenges in both of our dual missions. The goal is to ensure that the levels of resources are appropriate to the responsibilities. I can tell you that, for instance, last year, during the campaign, as again I said, we are a relatively small organization. We put 1.7 million hours of overtime on our people in addition to the regular hours. And the goal here is to balance the workforce so that we are not putting those kinds of demands on our people on a quadrennial basis.

And so to get that balance, and to make sure that we have the ability to meet the mission requirements, and at the same time, not put our people through such a rancorous year as that we need to look at technology. So it's looking at technology, looking at the workforce and the requirements of the workforce are the goal that we're trying to work toward. And the Congress and the administration have been very, very supportive; I have to say, along those lines, but recognizing that our strategies have to be aligned with those goals and strategies of the administration as well, and the Congress.

Mr. Lawrence: Let's focus for a minute on a different piece of the mission that you handle. There are events that become designated as National Special Security Events, or NSSEs.

Mr. Basham: Right.

Mr. Lawrence: How many of those do you average a year?

Mr. Basham: Well, it's difficult to say that we have an average, because last year, for example, we had five. We had the G-8, which was the Group of Eight meetings, in Sea Island, Georgia, which was designated a National Special Security Event. On the heels of that -- literally on the heels of that -- the funeral of former President Reagan was designated as a National Special Security Event; we had the two conventions, which were the Democratic and Republican conventions in Boston and New York, and we had the inauguration. And each one of those brings with it its own challenges.

But the idea is to -- when one of these are designated by the Secretary of Homeland Security as an National Special Security Event, the Secret Service is charged with a design and a plan and the implementation of an operational security plan. And that is to bring all of the elements of the federal government to the table to ensure that where you have these gatherings of large people, that a process is in place to bring whatever elements, whatever components are necessary to pull that off in a safe, secure way. The FBI is charged as the lead investigative agency for a National Special Security Event, and the Federal Emergency Management Agency is charged with the consequence management for those events, so that the three entities come together as a group and discuss all of the facets of that particular event, and make sure that the planning and the other responsibilities have been coordinated. And it's all about coordinating those federal assets.

Mr. Abel: If we look at one event, like the inauguration, we'll just use that as an example, what do you need to do to be able to design and plan and implement security with things like state and local authorities, the local police department? What are some of the things you need to do to be able to coordinate security?

Mr. Basham: Well, first of all, let me just say that none of these events could be done without the support and cooperation of state, local, and other federal law -- as well as public safety first responders begin brought together. Now, the one advantage of an inauguration is we know that it's going to happen every four years. Now, this was the first inauguration following the 9/11 attacks. But the planning of the inauguration had been going on for some time. Clearly, it was an elevated threat situation when you have that number of people coming together, but we have been doing this for many years.

In fact, we go back to -- I believe the first one that we were involved in was in 1886 or something. So we know that the various elements that go into the planning are fairly basic. We know the sites that have to be secured; we know how those sites should be secured. The challenge is being able to bring the resources in and find the resources. And without the Metropolitan Police Department, without the Capitol Police, without the U.S. Park Police, without the Department of Defense, there is absolutely no way that that could have been accomplished without those partnerships that have been in place for many, many years.

But it's really -- the basics are there, and it is really expanding upon those basic -- as these challenges change -- 9/11 clearly brought about a higher level of threat, but we look at not only what we are presented with on the surface, but we look at what's under the surface, and we look at what's above the surface. So whether it's air, land, or sea, or whether it's subterranean, we have to look at every aspect of it to make sure that that package is put together, and that safe and secure package is in place for not just the President, but also the public as well. And that's quite a challenge, as you can imagine.

Mr. Lawrence: Your investigative mission also includes a Forensic Services Division. Could you tell us about the service this division provides?

Mr. Basham: Well, the Secret Service's Forensic Services Division provides forensic examination of -- whether it be documents or whether it be handwriting. So it is literally a forensic examination that has been done by experts; whether it is a letter threatening the President of the United States, or whether it's a financial instrument that's suspected of being forged. We have the capability of examining those documents, that handwriting. We have one of the largest supplies of inks in the world that we can do comparisons with. We have one of the largest files on handwriting samples that we can use to determine whether or not someone who may have shown a direction of interest toward the President has done it in the past. So it's an investigative tool that is used and presented in court by experts, based upon that forensic examination of whatever evidence they are presented.

Now, we also are in a partnership with the National Center for Missing and Exploited Children, and we do a lot of work with them in forensic examination of evidence to help support their role in protecting our nation's children. So whether it's fingerprints or handwriting or inks, we have that capability of examining those and comparing those to known sources.

Mr. Lawrence: That's interesting, especially about the supply of ink.

Mr. Lawrence: Welcome back to The Business of Government Hour. I'm Paul Lawrence. This morning's conversation is with Ralph Basham, Director of the U.S. Secret Service.

Mr. Basham: Well, we recognize, first of all, that crime in the Information Age has changed from -- I guess we can best describe it as crime in the Industrial Age, recognizing, as I said before, someone can attack our systems thousands of miles away by merely use of keystrokes on a computer. So we've had to adjust our thinking. The whole globalization issue, combined with the information revolution, has really made us rethink the way we approach our responsibilities. In fact, information, as you know, which was once used as a tool to facilitate information, it is now the target. Information is basically the world's new currency; it provides access; it shows our vulnerabilities and weaknesses. And now we're looking at information itself needs to be protected, and attacks on information need to be aggressively investigated.

As you have seen in recent months, large corporations have been hacked into, and information, personal identification has been gained, and is used to acquire -- and for criminal purposes. So we've had to adjust our thinking to, again, going back to the basics of how we go about our business. And that is, we look at the threat, we assess the vulnerability, and then we try to develop countermeasures to deal with that vulnerability. This is a new vulnerability; this is a new threat in the Information Age and in cyber, because of the access that criminals have using technology. We have to get out in front of that. We have to get out in front of the technology in order to come up with countermeasures.

And we are working very closely with the financial community, the financial industry, the financial services sector, to look at vulnerabilities, and to come up with those countermeasures that are going to prevent those vulnerabilities from being exposed. So therefore, we have several initiatives. Let me give you an example of a case that we just worked recently. We dubbed it as Operation Firewall. And what that was, it was a case, an investigation, that involved, I believe, six different countries, eight cities around the United States.

These individuals were carrying on a criminal enterprise tapping in to corporations, obtaining information, credit card numbers, social security numbers, and they had an open market on the internet selling and trading that information. And literally, I think we ended up shutting it down with losses somewhere in the neighborhood of $4 or $5 million. But it was estimated that the potential loss from that criminal enterprise could have reached a billion dollars. And so we were able to work that investigation, shut that down in I think a fairly timely fashion, and be able to gain a lot of information as to how these criminal enterprises are conducted, how they work. This was literally, as far as I'm concerned, kids, who are comfortable in cyber; they understand cyber; they understand how the system works, and they were actually taking advantage of those weaknesses. It was a huge criminal enterprise. So we, along with the partners in the financial services sector, are able to now take what we learned, those best practices, and apply it to our investigations, but also building countermeasures to prevent those kinds of intrusions from occurring in the future.

Mr. Abel: Well, what's real interesting about that case is that five, six, seven years ago, that capability wouldn't have existed, before the proliferation of the internet. And Paul mentioned before, I was thinking before, what would your reaction have been 30 years ago when you started with the Secret Service, and somebody asked you what the impact of blackberries would be on crime.

Mr. Basham: Right, right, right.

Mr. Abel: So what are the things that we're going to be seeing in the next couple of years that you're concerned about? What trends and technologies do you feel start to give a rise to even more advanced crime as we move forward?

Mr. Basham: Well, again, I think it's just the expansion of the internet. I think it's the constant development of technology that not only provides services to us such as computers and Blackberries. Criminals have the same capabilities; they have the same access, and they aren't restricted by any rules or any regulations or any policies. So our concern is that unless we are able to come to some way of regulating, of controlling that access, I feel that this is going to continue to be one of the big challenges that we're going to face.

In fact, right now, identity theft is the biggest challenge from a criminal enterprise that we are seeing. And as you saw in a couple of cases just recently, Choice Point, Lexis-Nexis, were hacked into; that information was extracted and then sold. And so unless we can build some firewalls in there, for no better term, to restrict that access, then we're going to continue to see these kinds of criminal activities. And it is to me an emerging problem, one that we're absolutely going to have to use technology to fix and to address.

Mr. Abel: Well, one of the things that is most difficult about these types of crimes is the ease with which they cross local, state, and federal authorities and boundaries. How do you relate with state and local authorities on issues like cyber crime?

Mr. Basham: Well, we have a number of -- The Patriot Act actually mandated that the Secret Service establish electronic crimes task forces around the country. We currently have fifteen established electronic crime task forces, and I believe we have another eight or so working groups that -- what it does, it brings together not just the federal resources, but it brings together state and local; it brings together private sector; it brings together academia, to take a look at these kinds of criminal activities, and working together to come up with solutions to fix those vulnerabilities. So these electronic crimes task forces have been very, very successful throughout the country. And it is, again, tapping into those state, local, and federal assets to get that done.

Mr. Abel: It's interesting that you mentioned the private sector. As I was thinking through, I was thinking state, I was thinking local. What more can the private sector do to be able to help on issues like identity theft?

Mr. Basham: Well, it's interesting, because I do a lot of speaking engagements to the financial services sector, and we talk about shared responsibility. Historically, the financial services sector has been a very cloistered sector, because what happens to them affects their bottom line. But if you attack one of these institutions and attack it successfully, you literally are attacking the entire sector, because those vulnerabilities can be exposed in other institutions. So it's about the willingness to provide information to law enforcement authorities that can get in at an early stage and work with them, because after all, they are the experts. I mean, when you think about it, they know their business; they understand the business; they understand when those occurrences happen. And the financial services sector is now much, much more cooperative with the law enforcement community, realizing that without that partnership, those vulnerabilities are going to be further exposed, which means it's going to affect those bottom lines.

Mr. Lawrence: These have got to be sophisticated crimes, requiring talented people on both sides. In terms of sort of folks in the Secret Service, what type of challenges do you have recruiting and retaining people to deal with these very sophisticated crimes?

Mr. Basham: We have seen an awful lot of interest in the private sector in acquiring individuals who have the sorts of investigative, technical talents that Secret Service's employees possess. In fact, we invest an awful lot in our agents in training in the forensic examination of these crimes, and we're seeing that the private sector sees now the benefits of building a protection around their different companies and facilities from a cyber perspective. And if you combine the investigative tools that are developed with agents in the Service as well as that forensic capability, you've got quite a package there, and it's a very attractive package for the private sector to draw, and they are able to better pay for those kinds of services.

So it is a challenge. However, I have to say that we have an awful lot of committed and dedicated people in the organization. They understand how critical the mission is, and they understand that if we're going to be successful, we're going to need to maintain that talent within the agency to be able to work these types of criminal activities. Although that's not to say that we don't lose people, but I'm happy to say that we've been able to maintain our staffing at a very reasonable level.

Mr. Lawrence: Those are some tough economics, the way you laid it out.

Mr. Lawrence: Welcome back to The Business of Government Hour. I'm Paul Lawrence, and this morning's conversation is with Ralph Basham, Director of the U.S. Secret Service.

Mr. Basham: Dave, I think that what we will see is that -- and I believe Secretary Ridge made several comments that we want security to be engrained in our daily lives. Not that it should dominate our daily lives. Look, no agency, no government entity, no matter how large, no matter how well-funded, can single-handedly deal with this problem or with this issue of security. It's going to take every single entity, whether it be federal, state, local, private citizens, in order to ensure that we have a safe, secure, open society.

And we don't want to create paranoia out there, although the Secret Service is, I suppose, paid to be paranoid, which is probably a good thing, but it has to be inculcated into the thinking of everybody in this country. And if you think about the fact that the adversary, their goal, their mission, is to attack us, to attack us in our homes and our places of work, our places of worship, to attack our nation's leaders. And it is our responsibility, my responsibility as well as everyone in this country, I believe, to ensure they don't succeed in accomplishing their goal, and we have to ensure that our citizens and our leaders are capable of living and working and worshiping and leading in a safe, secure, environment.

And so it has to become a part of the way we think. Corporations have a responsibility to protect their own assets, whether it's a nuclear power plant somewhere, or if it's a financial infrastructure, all those are subject to and susceptible to attacks. And I think what hopefully will happen is we all working together creating these partnerships, creating that sense of making sure we're looking out for one another, and that we do: if we see a problem; if we see something that concerns us, that we will notify someone. We never know when one piece of information may in fact lead to a solution that would prevent our citizens of this country from being attacked.

Mr. Abel: How much of the mission in the future of the Secret Service is going to be the promotion of security understanding by private citizens, by public corporations? How much of it will be the development of this continued thinking in the public?

Mr. Basham: I think the idea behind the creation of the Department of Homeland Security was to do just that, and that was to bring all of the various parts together, all 22 agencies that had some responsibility in the area of security and safety together, and to be able to provide one face at the border, if you will, and one face to the American public, that's charged with that responsibility of providing information, not only to our federal counterparts, but to our state and local counterparts, to American citizens; information that they can use in order to provide in many respects their own safe, secure environment.

And so therefore, I think the administration's idea of bringing these various components together and sharing that information, sharing those resources, and giving the federal government one face, is going to be the key to the future, in terms of a safe, secure America.

Mr. Abel: In the course of this morning, we've talked about more change in the Secret Service over the past five years than in many decades before that. We've seen a transition from Treasury to the Department of Homeland Security; we've seen transition to a culture in prevention of terrorism; and we've seen investigation and prevention in the world of the internet and cyber crime. Do you see major trends coming that will carry as much impact and change in the organization in the next five to ten years?

Mr. Basham: I really cannot say that I'm such a visionary that I can answer that question in an articulate fashion. I can only say that the Secret Service recognizes that we've got to be constantly looking for opportunities to better carry out this mission and its function. As I said earlier, I think technology is the key, and even within the Department of Homeland Security, we are relying upon other elements within that department to assist us in coming up with strategies and coming up with methods that we can apply to our mission. And at the same time, we're looking for opportunities to provide the Department of Homeland Security with -- whether it be expertise or resources -- to assist them in that same fashion.

So I should never be shocked at developments, although I am, but I'm afraid I probably couldn't give you a good answer as to what the future holds with respect to the challenges, and perhaps the solutions.

Mr. Lawrence: Ralph, it's clear from our conversation that you're a dedicated public servant who's spent his entire career in public sector law enforcement. What advice from that perspective would you give someone interested in a career in public service, and maybe even concentrating and focusing on law enforcement?

Mr. Basham: Well, I have to tell you that I don't know that I could imagine a more rewarding career, public service. Recognizing that it brings with it challenges; certainly personal and professional sacrifices, which all of us have had to make, particularly in law enforcement. These officers, agents, and personnel and willing to go out every day and go about their jobs, recognizing that the threat is there every day that they may not return home to their family and to their loved ones.

But having said that, a career in law enforcement is one that is incredibly exciting and challenging. Opportunities within the Secret Service are not limited to just to the gun-carrying individuals, agents and officers. We have technicians and scientists, forensic experts and analysts, and just a wide range of responsibilities and jobs that are out there that are available to individuals who do want to get involved in public service, regardless of whether it's law enforcement or whatever. Again, in my opinion, there is no more rewarding career than to be able to provide a service to this country and to its citizens.

And as I said, the mission of the Secret Service has changed over the years. The skills necessary to do the job today are different than they were when I came on the job. And I would strongly recommend, whether it's a Secret Service, or wherever it might be, that someone who's interested in law enforcement should do research on the missions and the responsibilities of those organizations that they may have an interest in.

I tell you, one of the most disappointing things that I see when individuals come in and they're looking for employment is that they don't know exactly how the agency is tasked, and the responsibilities the agencies have. You need to have an understanding of -- when you walk in to that interview or that session, what the mission is, and how you can provide a service to that mission and that responsibility.

But we are constantly recruiting and looking for individuals who are looking for a career that I consider very fast paced and rewarding, and yet at the same time can be incredibly fun. So if anyone is interested in looking at what the opportunities are within the Secret Service, they can certainly go our website, www.secretservice.gov, and that would provide them with a lot of information about the organization. But I would encourage them to not just look at the Service, but to expand across. The FBI is a wonderful agency. So is ATF. So there's a lot of opportunities, but having said that, too, looking to gain experiences in a wide range of positions that will help them as they apply for positions within government, particularly in law enforcement.

Mr. Lawrence: Ralph, that'll have to be our last question. We're out of time. Dave and I want to thank you for joining us this morning.

Mr. Basham: Well, Dave, Paul, it's been a great experience and a wonderful opportunity to tell people about the mission and the great organization that the Secret Service is. And I know you all provide a tremendous service to the public as well, so thank you very much for the opportunity, and I hope it's been informative.

Mr. Lawrence: Thank you very much, Ralph.

Friday, October 29, 2004

Arlington, Virginia

Mr. Lawrence: Good morning and welcome to The Business of Government Hour. I'm Paul Lawrence, partner in charge of The IBM Center for The Business of Government. We created The Center in 1998 to encourage discussion and research into new approaches to improving government effectiveness. You can find out more about our programs and publications by visiting us on the web at www.businessofgovernment.org.

The Business of Government Radio Hour features a conversation about management with a government executive who is changing the way government does business. Our conversation this morning is with Andy Maner, Chief Financial Officer of the Department of Homeland Security.

Good morning, Andy.

Mr. Maner: Good morning.

Mr. Lawrence: And joining us in our conversation, also from IBM, is Dave Abel.

Good morning, Dave.

Mr. Abel: Good morning, Paul.

Mr. Lawrence: Well, Andy, let's start by talking about the Department of Homeland Security and the Office of Budget and Finance. Could you give us some background and describe the size and composition?

Mr. Maner: Well, the CFO's office at Homeland Security really encompasses about five different functions: that includes budget, finance and accounting or financial management, strategic planning, financial systems, and GAO and IG audit liaison. So those are the primary functions that make up the office of the CFO at DHS.

Mr. Lawrence: What type of skills do you have on your team? What are the skills that people have on your team?

Mr. Maner: Well, it certainly varies, of course, by office. You would normally have quite a bit of budget expertise, both execution and formulation experience, in your budget office. In the finance office, you typically might have, of course, CPAs, accounting types. And then in strategic planning, as you move into financial systems, these are people with a broad background of either accounting, budget, or possibly systems experience. So it is a bit of a blend, but you do tend to find people who do focus on numbers or systems, per se.

Mr. Lawrence: And are they a tenured team? As you were describing the offices, I thought about level of complexity and imagined somewhat older, more experienced.

Mr. Maner: It's a range. Again, when you look at Homeland, really in any of our offices, where people came from, their age, their experience, it's a variety, because when we set up the Department, we inherited a lot of people from other departments. That was part of the transformation and how Homeland was created, and then we've hired a lot since then. So you would definitely find a blend of people. And as you know, I think good financial management personnel don't grow on trees, and so you have to work pretty hard to find good people, especially in a major metropolitan area like this, which you have to compete for resources quite a bit with private sector firms, et cetera.

Mr. Abel: Let's focus a little bit on you. What are your specific roles and responsibilities as the Chief Financial Officer for DHS?

Mr. Maner: Well, in a sentence or two, it's, of course, to be the steward of the financial resources that exist in the Department of Homeland Security. So it is certainly my job to obtain the financial resources that drive our department, but it's also to be the steward of those resources, to make sure they're spent in the right way and we execute according to regulations and laws that govern our department and others. So it's being the primary financial conscience, if you will, of the organization. That's how I describe it.

Mr. Abel: Let's talk a little bit about your background. What experiences did you have before being appointed to CFO?

Mr. Maner: My background is really about a 50-50 blend of private sector and public sector experience, and some of it revolved around financial management and some of it didn't. My career began in government. I was in the first Bush administration for a few years. And after we lost the election, I guess we say, I continued to stay with President Bush for about six months, six to nine months after that.

I stayed in government after that and went over to Somalia for a time to help set up the -- what is now called the Coalition Provisional Authority over there. It was really the civilian-military mix in Somalia. So I stayed there for a while doing just a little bit of everything in terms of running that organization. That was a U.N.-sponsored organization.

After coming back from Somalia, in fact, being evacuated from Somalia, I really focused on the private sector portion of my career. I was at the Chicago Board of Trade for a time. I got my MBA in finance and then really moved into more of an entrepreneurial phase of starting companies and managing those, growing them, merging them, et cetera.

After 9/11, I came back into government, was pulled back into public service, and I was at Customs, where I was the Chief of Staff there. But, you know, primarily, one of the great experiences of the Customs, couple years I spent there, was that after Homeland was created, I was in charge of the merger of Customs, which was the merging of Customs and many parts of the old INS and parts of the Department of Agriculture.

So, in a sentence or two, it's really a blend of private and public sector experience, which I just find fascinating, that mix.

Mr. Lawrence: What drew you back to public service?

Mr. Maner: Well, public service, there's just nothing like it in my mind. In fact, I hope my career continues to be that blend. The stakes that exist in public service, I think for people who have been in it for a long time, they often forget about the dollar amounts they're dealing with and the high-level stakes that they're dealing with, but I just find that public service is the most noble cause that exists. And it's hard, and a lot of times, there's not a handbook. You're constantly under scrutiny and you just -- there's not a lot of room for error. So I think it's the noblest calling, and I personally enjoy it very, very much.

Mr. Abel: With this balance between public and private sector work, what are the major differences in working in each of those sectors?

Mr. Maner: Well, I think there are a lot of differences. I think it's interesting in financial management, I actually kind of view the public and private sector as kind of coming a little bit closer together with Sarbanes-Oxley and some of the new requirements put on the private sector. The private sector's getting a feel for somewhat greater oversight, which certainly exists in the government. So there's a similarity there, or at least a growing similarity.

But in the private sector, accountability of people is a very important thing. You get issued a task and you have to do that task, and oftentimes your compensation rides on it or, in some cases, your job rides on it. That's one difference. I think you have to spend more time in the government cultivating and training your people, because that's going to be your team. And so I have found in the public sector, I spend more time on people issues, and that can be a positive and a negative, but I think you have to work hard to develop your own people.

I would say, I would have said three years ago, that the public sector moved at a slower pace than the private sector. But from my experience here at Homeland Security, I wouldn't say that anymore. We're moving at a very, very fast pace. So maybe I'm saying that some of the differences are narrowing between the two.

Mr. Abel: Has the experience in the Department of Homeland Security and the pace, with which it's moving, has that changed some of the challenges that the public sector faces in performing its mission?

Mr. Maner: Well, I think that there isn't room for error. I think we all come to work at DHS knowing that -- I mean, there's a lot of clich�s about Homeland Security, about, you know, you have to be right 100 percent of the time, you can't ever be wrong. But yeah, I think it's changed the complexity of government for sure, because my given day and that of my employees is we have a mission to carry out, and that is to support the Department and to make sure our frontline people have what they need to get the job done. But almost a secondary job, but takes just as much time, we have to build a department. Those are almost two full-time jobs right there. So the people that work for me and I think work in the Department, they have stepped up to that and it's not easy. And so it's not -- when they talk to their friends at other departments, it's not always the same lifestyle, for sure.

Mr. Lawrence: Andy, as you were describing your career, I couldn't help but think that you've had some pretty profound moments in your career, and thinking about those lessons learned. So let me take you through what I heard: part of an administration that was not selected to come back; being in Somalia, a very difficult situation; getting an MBA and a specialized career; and then sort of 9/11. I'm curious about, you know, the lessons you learned in a couple of those situations and how you're applying them now in your job.

Mr. Maner: Well, I think that it's interesting that my first job out of college was working for the President of the United States, and so what is something that you learn there? You learn a very high stakes existence pretty quickly. I think you learn to deal with adversity. I think you learn to deal with a look around you that is not complete; it's up to you to fill in the blanks. And that's what I think management and leadership is, is filling in the spectrum for your employees. And I think at an early age being in the White House taught that.

In Somalia, again, I actually did think that being in Somalia would be the hardest job I ever had in my life, but maybe Homeland might surpass that. But Somalia was -- there was no handbook. There was no handbook for how to achieve peace. There was no handbook for how to contain starvation. There was no handbook for how to do nation-building, as it was -- that was a new term back then. And you just had to figure it out. You had to get the resources and figure it out.

And so those experiences at a young age, for me, really taught me that it's really about initiative and about leadership. And people often ask me, well, you were the CFO, but you were in the press office in the White House. How are those similar? Well, to me, these are management jobs. What I'm in now, it's not important if I'm a CPA or an MBA, it's important that I manage, and that's really what I've been trying to build in my life is that capability.

Mr. Lawrence: Interesting, especially the part about filling in the blanks.

How is the budget for the Department of Homeland Security formulated and how is the money allocated? We'll ask Andy Maner, CFO of the Department, to take us through this when The Business of Government Hour continues.

(Intermission)

Mr. Lawrence: Welcome back to The Business of Government Hour. I'm Paul Lawrence, and today's conversation is with Andy Maner, Chief Financial Officer at the Department of Homeland Security.

And joining us in our conversation is Dave Abel.

Mr. Abel: Andy, beginning with the budget for 2005, a performance budget is going to substitute for the annual performance plan required by the Government Performance and Results Act. Can you give us some details about this?

Mr. Maner: Well, the overall budget process is really quite intricate in government, and it's about getting the resources. But as you suggested, it's about providing the results for those dollars. And so we spend a lot of time in the Department formulating the budget and looking at what initiatives should the Department be doing. You know, of course, resources are not unlimited, and so we are trying very, very hard to put together a package that reflects the current threat picture against the United States, and that's really what we try and do.

And then, of course, once we move into where we have signed a bill, we move very hard into tracking that money and trying to make sure it's doing what it's designed to do. And there are many, many avenues in government to do that from when you send your 300 submissions over to OMB to Homeland actually has one more assignment, and it has to provide a future years budget, a five-year look at our budget.

So there are many acronyms and many papers that fly around, but what it all culminates with is on February -- the first Tuesday of every February, we will hand a budget to the Congress. The President will hand a budget to Congress. And by that point, it's obviously our goal to have it very tight, have there be no doubt what those resources are to be used for.

Mr. Abel: This whole process is very interesting, so maybe we can dive into some of those components. You mentioned that there's a strategic plan and a future years Homeland Security program. There's also the planning program and budgeting system. How do these components work together? What's the vision or view of how these components should relate with each other?

Mr. Maner: Well, again, as you suggested, there are lots of acronyms and lots of things. What we are trying to do, and we're not done, is to create a year-long calendar that everybody knows and everybody understands. And by everyone I mean the agencies, the agency heads, Congress, OMB. And so every department does it slightly different.

And so we've had to build ours, and so you begin really in the spring formulating for a budget two years from now. And so you would go through, and we will build our budgets off of a strategic plan. We want our budgets to reflect the strategic plans that we've put forth to the Congress so that people know, hey, we are trying to fund these types of initiatives.

And so you don't want to -- having to do a five-year budget allows you to not start from scratch each year. You know really, you have the base of your programs, but the threat picture may change. And so each budget cycle, you want to make sure you engage the agencies, you want to make sure they have a chance to make their pitch to not only me and our staff, but to the Secretary or to the Deputy Secretary.

So all of those things, and you mentioned, you know, PBBS, again another acronym for programming, planning, budgeting, and execution, which is really -- that's really important. That's a system, and we haven't perfected it, but we're trying to get to a calendar that everyone understands.

Mr. Abel: Yeah. How far along are you in the implementation of this method? How's it being received within the organizations at DHS?

Mr. Maner: I think it's being received okay. I think that everyone at DHS, you know, is used to new things coming at them, and we try and not tip people over with a lot of new requirements. We are really asking for the same thing we've asked for the last two years, but we're doing it in a more concise and a more transparent format. And, you know, as I say, it's all driven by the calendar. You have to submit your budget in the summer for two years from now, then you get your pass back, and then you submit on the first Tuesday in February.

So I think it's being received well. Again, most people have been in government. So as it relates to budget, they kind of know the drill.

Mr. Abel: So if we shift from the budgeting/planning side to the execution side, for 2005, DHS requested $40.2 billion, which is a 10 percent increase over last year. Can you tell us a little bit about how that money gets allocated on the bill side, and the operations then come after the planning phase?

Mr. Maner: Sure. Again, we allow -- you want people to begin to think about the budget in an unconstrained way first, which is if you had all the money in the world, what would you do to secure America? Then you hone it down. And then, of course, our '05 budget gets submitted by the President, and then the Congress really passes that. And of course, our '05 bill was just passed in October, so we're very pleased to have a 2005 appropriation.

But for us, we have many, many operating agencies and only a small amount of money. And so we allow people to pitch their budgets as to how they affect and better the strategic plan of the Department. And so for us, it's not any different than any other department. We want the people who have the most innovative programs, who do the most to secure and have the most performance metrics for those dollars to get the money.

In Homeland, we have such great agencies that we inherited, and some new very important startup agencies, such as IAIP, which an intelligence analysis unit; we have science and technology, which is an R&D component. So again, our funding is pretty well spread to all of our components, and again, the success for any budget is to work with the administration and then to work with Congress, and you spend most of your summer doing that and having hearings.

Mr. Lawrence: Andy, you talk about the fact that you would have many demands for the scarce resources you have. How is conflict resolved in that situation, conflict in the sense that, you know, everybody wants the little that's left?

Mr. Maner: We've had a very great -- we had a very -- and again, I've only been here for this budget cycle, the '05 and into the '06, so I can -- but we've had a great experience in that the Secretary and the Deputy Secretary have believed very strongly in bringing together the senior management team at every turn so that they are hearing the programs of all of the agencies. Instead of just coming in, and let's say I'm the commandant of the Coast Guard, and pitching my budget, I will actually hear at a forum everyone's budget. And I have found that everyone realizes that while they're not the only one doing great work, there's a lot of great work going on in the Department. So as it relates to budget, I think we've been able to really reduce that conflict that could exist.

And frankly, though, Homeland Security's been very well funded by the administration and Congress. So, you know, we don't have maybe as much conflict as we would if we weren't getting upticks in our budget.

Mr. Lawrence: You talked about execution at the end of the planning and allocating the budget, so I'd like to talk about one of the management initiatives that's going on, e-MERGE2, or the Electronically Managing Enterprise Resources for Government Efficiency and Effectiveness. Can you give us some background on this project that I believe just recently started?

Mr. Maner: E-MERGE2 is really a financial systems effort, but you could call it a financial transformation effort. It is Homeland Security's attempt to really cajole the financial systems, the many, many that we had inherited, into a more usable format. And I'm careful not to say that you want just one system, but e-MERGE is an effort to make sure that we have a way to very quickly have visibility into our finances and the billions of dollars of grants we give out very quickly, and to integrate that with our procurement asset management systems. So e MERGE2 is really our backbone for creating one DHS.

As a financial manager or as a secretary, if you don't have good visibility into how dollars are spent and you can't get a dashboard of what these things look like and how you're doing, you really don't have full control over your department. And so that's what e-MERGE is designed to do.

It's worth saying, though, that the government in general has struggled with these types of efforts. Some people have been very successful at rolling out and some people have not. We're trying, as in a lot of areas of Homeland, to not repeat mistakes of the past. We've spent a lot of time on due diligence and looking at what other departments have done, what's worked, what hasn't worked. And so we are trying to do this in a 21st century way.

Mr. Lawrence: Well, I'd be curious to learn about what you learned in the due diligence and also tie that into -- I thought your wording was interesting, that this is a transformation project. I'm sort of wondering what the vision here around those things are.

Mr. Maner: Well, we've learned that you can't just take systems, throw them out, and replace them with the perfect system, because it doesn't really work. Every -- anything you do in financial management revolves around the system and the process with which you use the system. So we're about the work of trying to, you know, create and market those processes in a way that says -- and how you bring the system in; the system is really just the -- that's the tool that allows you to do it, but you need to create a common set of practices and processes to do that, and that's what we're trying to do.

Mr. Lawrence: And the transformation comes from the new processes?

Mr. Maner: Yeah, the transformation is remembering that the financial management staff that we inherited at Homeland and my own staff and that in the Bureau's, they are from virtually five different departments, possibly even more, so they all have different processes. They think about things totally different. So transformation is to transform that thinking into one line of thinking. And that doesn't necessarily mean everyone needs to be on the same system at the same time, but it does mean that everyone needs to follow a common set of processes, and that's transformation.

Mr. Lawrence: How about a timeframe, where we are and how long this will take? Because I know everything at the Department of Homeland Security has to happen fast, but this doesn't sound fast the way you described it.

Mr. Maner: Well, again, I think this will take, you know, at least three years to get the roots deeply engrained, and this isn't going to happen overnight, as you suggest. However, I've often said that financial management is a journey and you have to make progress every year, but you don't need to make one great leap. This year, we're focused on visibility and making sure we have a common set of financials that I can review and see how everyone's doing against their execution; and we want to see -- have visibility into our grants. Again, one of the -- the Secretary says this all the time, one of the primary drivers of Homeland Security is our interaction with state and locals. We produce and provide a lot of money out there, and we want to make sure we have the right visibility into how that's being spent.

Mr. Lawrence: That's interesting, especially the point about visibility.

Management guidance for this administration comes from the President's Management Agenda. How is the Department of Homeland Security implementing the PMA? We'll ask Andy Maner, CFO of the Department, to explain this to us when The Business of Government Hour returns.

(Intermission)

Mr. Lawrence: Welcome back to The Business of Government Hour. I'm Paul Lawrence, and this morning's conversation is with Andy Maner. Andy's the Chief Financial Officer at the Department of Homeland Security.

And joining us in our conversation is Dave Abel.

Mr. Abel: Andy, in the last segment, we talked a little bit about the due diligence that you did looking at other agencies' implementation of financial management systems. What are some of the things that you learned in looking at other organizations, and how did it change how you will move forward with e MERGE2?

Mr. Maner: Well, it's a good question, Dave. And first of all, I'd make the broader point that the words "due diligence" are often not well understood. Due diligence is something that the private sector takes very, very seriously, and earlier in the show, we talked about differences between the private sector and public sector. When you're taking on a task or a project this big, I think it behooves you to do lots of due diligence, as much as you can do. If you think about the private sector, before they acquire a company, before they do a system, they do lots of due diligence. It's where that word came from. The government I think doesn't take enough time to do it. I think there are lots of examples, and there's lots of data out there that you can learn from. And one of the things we've tried to infuse into e-MERGE and other places within Homeland is do due diligence, look around the federal government and find the best practice and find the things that didn't work.

While we were doing the e-MERGE procurement, there were some pretty high-profile stories out there about some systems that hadn't worked and some agencies that had failed. And what we did was just take a timeout and make sure we understood what was driving that. Again, I don't think that the press always reports these things; that they don't take the care to really dig into why a system's failed, because most people don't understand it. But we took a couple months to do that, and that really pushed our procurement back, but I'd much rather do that up front than somewhere in the middle or at the end of the program. So we've tried to infuse that into e MERGE.

Mr. Abel: Did that make changes to what you'll do going forward as well? Did it make changes to milestones or the direction of the program, what you learned in that research?

Mr. Maner: Most of what we learned, believe it or not, was about project management. It wasn't about technology. It was about how you manage a project of this size. And it gets back to some fundamental things, which is about project buy-in. And sure, there's a lot of data conversion issues, but, to me, what I learned, and this was both from the private sector and the public sector, I spent personally a lot of time talking to companies, all of their things revolved around management.

Mr. Abel: Speaking of management, Steve Cooper, the CIO from DHS, has a great quote on e MERGE2, that it's "changing the wheels on a moving car." What are some of the biggest management challenges dealing with the merging of 22 different agencies' financial systems?

Mr. Maner: You could actually take Steve's quote and blow it up to reflect the whole department. I mean, it's changing engines in mid-flight, changing the wheels on a moving car. Homeland Security doesn't have time to sit, make it perfect, and then relaunch. We have to move.

The biggest management challenges are about getting people to see and accept a one DHS vision, and that revolves around people, processes, systems, and locations. Those are the four ways that I look at our management challenges. And I'm careful not to try and attack all four at once. You know, you say where are the financial management people in the Department? Well, that one's really not important now.

What's important now is that we set up standard operating processes and we work the systems angle. There will be time to work on the people. Do we have the right skills sets? Are they in the right cities? Do we have too many of this, too many of that? One example I'd give you is when we created Homeland Security, we had 19 different financial management providers. We've consolidated that in one year down to 10, and this year we will be down to 8. So we're doing some consolidation, and that does remain to be one of the goals that I have.

Mr. Lawrence: The management agenda for this administration is in the President's Management Agenda. How's DHS doing implementing the PMA?

Mr. Maner: Well, there's really two parts of the PMA that I look at very closely, and, of course, that's budget and performance integration and financial management. And we talked a little bit earlier in the show about how you link budget and performance, and that's both a top-down and a bottom-up approach. And the second is financial management and making sure we have clean financials and we are stewarding the money properly.

DHS, in 2003, did a financial audit, as an example, when it wasn't required to. We did that to start getting people in the habit of financial management and accountability. We did another of course, we did an audit this year and, again, we were more ready for it this year. So the PMA drives a lot of what we do. We still have a long way to go on it. I think Homeland being a remember, I think one of the most compelling parts about Homeland is it is a collection of mergers; it's a collection of acquisitions, startups. It's really a conglomerate of a lot of different things. And we can't treat any of our agencies the same. We might have a startup over here or we might have the Coast Guard that is over 200 years old. So you have to treat them very, very differently.

Mr. Lawrence: I'm curious about your perspective on the linkage between budget and performance, especially around management. I mean, some argue that it's being done. But until we can link, you know, budget to sort of accountability at an individual level and begin to make some hard choices, and by that I mean not necessarily giving more money to programs that are in trouble, but maybe taking money and giving it to the programs that are really doing well so that we can be more effective, I'm curious about where you think budget and performance integration is relative to where it has to go.

Mr. Maner: Well, any CFO anywhere in the government, and I'm sure in the private sector, will tell you that there is no mountaintop, there is no peak, it is something that evolves, it is something that continues. One of the things we are trying to do at Homeland is get away from the belief that if it was in my budget last year, it's in my budget for the next year, and then I'll add some new initiatives on top of it. I call that mining the base. I don't think the government does that well enough. And that's one of the things we're trying to do at Homeland, to say we have, as you suggested earlier, almost a $40 billion budget, what was working in '05? What didn't work? What didn't secure the homeland? So that we can move those resources, and that's accountability. That's taking resources from a program that's not working and giving it to someone that has a program and a way to measure the program.

So again, I'll go back to my "it's a journey." You have to get better every day. We have a ways to go here, but we're pretty committed to it.

Mr. Lawrence: Well, let me drill more on this mining the base, because it sounds very -- tell us about some of the management challenges and what works doing that.

Mr. Maner: Well, again, mining the base, or whatever you want to call it, is all about visibility, and we talked about it. Now I'm linking e-MERGE into this discussion, because if you don't have visibility into the dollars, you are forever in an information-gathering mode, and I would rather be in an information analysis mode. We have, of course, a great staff who is constantly on the hunt for information, but it takes a lot of time in government to get the information, and I'd rather spend more time analyzing the data so that I can look at a secretary of my department and say let me tell you, I know this program, it's working and here's how I know it's working and I would recommend this to it the next year. So it's really, really about visibility.

Mr. Abel: Andy, technology is a leverage in most of the things that are done in the Department, and when we think of technology, we tend to think of the technology in fulfilling the mission in the field. But technology has to be a big lever for you, an advantage for you to getting visibility, to getting to analyze information in the way that you need to be able to make decisions. What are some of the ways that you're using information technology and e-government initiatives to enhance financial performance at the Department?

Mr. Maner: Well, technology is, as you suggest, the great lever for really moving successful programs forward. My reliance on technology will come down to systems, to the financial systems or to e-MERGE. Certainly you can have tactical pieces of technology that allow you to do budget formulation better or allow you to do a certain thing in finance better, produce your financial statements, that sort of thing. But really, for us, it comes down to having an integrated system that will provide us better visibility. So there's tactical things using technology you can, but you really -- for us, we are going to have to do a broader step, which is e-MERGE.

Mr. Lawrence: That's an interesting point, especially about the visibility and technology.

What are the implications and management challenges of being the CFO for a young or relatively new cabinet agency? We'll ask Andy Maner of the Department of Homeland Security for his perspective when The Business of Government Hour returns.

(Intermission)

Mr. Lawrence: Welcome back to The Business of Government Hour. I'm Paul Lawrence, and this morning's conversation is with Andy Maner, the Chief Financial Officer at the Department of Homeland Security.

And joining us in our conversation is Dave Abel.

Mr. Abel: Andy, previously, we talked a little bit about in the development of the budget, developing the budgets for the mission without resource constraints. But in the real world, in the Department, there are resource constraints. How do you work collaboratively to be able to fulfill the mission of the Department with those resource constraints in place?

Mr. Maner: Well, the best thing you can do -- again, we're about the business of supporting the mission, and so the best thing you can do is run -- is you have to start a process that allows people to think uninhibited. You have great policy minds. There's a lot of great people in Homeland who have come from the intel community or DoD or other places. You've got to let them be thinking about how best to do this. Then -- and then you can put the box around it that says, well, we can only afford this much this year, but, hey, let's think about putting some of this in '07, let's build on this and start to show a vision that we're serious about this program.

And so Homeland and the way we do budgeting allows us to do that and allows us to show a commitment to a certain program. And I think that's good for the mission, because I think it allows people to come to Homeland and say, wow, I can get a program done here, funded and done here. So that's how we do it, and it really does start with, as any problem is ever solved in the private sector, you brainstorm first, unconstrained by things, and then you hone in on what you can do.

Mr. Abel: I would imagine one of the most difficult decisions that you have to make is to prioritize how you apply the resources of the Department. How do you make the determination and the tradeoffs of what to do now versus what to do tomorrow?

Mr. Maner: It is; it's very tough. It's very tough because we have some very compelling missions in Department of Homeland Security. We have the Coast Guard, which is fulfilling a very important port security role and really maritime security role. You have Customs and Border Protection, which is making great leaps on the border and really creating a border that's much more efficient and much more tighter against terrorism and other forms of illegal immigration.

So you have some great agencies, and so it is tough. But that's why, as we talked in the middle or earlier, that you have your whole management team involved. And the Secretary makes a decision based on his input from his senior management team, his or her senior management team, and that's what we've done and that's really worked for us. And because we're still growing and because homeland security as a term, it didn't even really exist before 9/11, we're still evolving. We still have TSA in a growth mode. We still have CBP securing the borders. We're going to need to be doing this prioritization for a long time.

Mr. Abel: When you turn on the television or when you read the newspaper and you read about the Department of Homeland Security, you often read about new technology, you read about new whiz-bang devices to be able to achieve parts of the mission. But when you really get down to it, the Department of Homeland Security is about people. It's about the right people in the right place to be able to protect our country. What is the Department doing to be able to invest in its human resources?

Mr. Maner: Well, as you suggest, the way we approach technology is technology is the enabler. We know we're not going to grow to millions of people in the Department. We have to make the people that we have more efficient, and there's a few ways to do that. The first and probably the foremost way to do that is give them technology that works. Give the Customs and Border Protection inspector the right radiation equipment. Give him or her the right entry system with US-VISIT. So the best way you can do it, in my opinion, is to give them the tools to do their job better.

When you take it off of mission and you take it into something, a mission support role, like our office, it's about investing in people. I don't want to be hiring 15, 20 people new every year. I want people to stay. I want people to want to work at Homeland Security because of the mission, and then I want to develop them. I want them to be able to say I was in budget last year; maybe I'm going to go take a tour and work in accounting or financial management. So I'm going to rotate people. I'm going to do all the things that I've learned in the private sector about job enrichment to make people want to stay with me or, at a minimum, in Homeland Security.

Mr. Abel: Now, the Department has unique flexibilities in the employment of civil servants. How does that program, the HR program, relate to you and the Chief Financial Officer's office?

Mr. Maner: Homeland Security has done a structure where a lot of our offices are under an Under Secretary for Management, and I think that allows us to really gather together with the CIO, human capital, CFO, chief procurement officer to make sure we're leaning forward on practices in government. And you mentioned the HR one specifically, but there's -- we do have some unique flexibilities, and I want to make sure we're taking advantage of those because, again, we say it all the time, we don't want to be another department of government, we want to be the leading department. We want to be a 21st century department that people want to work for. We're not there yet. People are still thinking, oh, Homeland, it's really hard, should I go there? But we think with our mission and the funding we've received, this is a really good place to work.

Mr. Abel: So shifting gears a little bit, in order to be able to effectively use the budget that you've been given and to work in a resource-constrained environment, you need to focus on efficiency and effectiveness of your programs. Currently, DHS is working to achieve that 100 percent of the programs will have at least one efficiency measure. What other steps do you think needs to be taken to be able to accomplish this goal?

Mr. Maner: Well, again, I think we're still in an education mode. We need to understand these programs, and you and I talked earlier about looking at past programs. And I think the one thing that we're going to make sure we're doing is looking at the past performance of programs, maybe they're even 10 years old or 20 years old, and make sure they're fulfilling their mission. I don't want to see us just looking at the new things and saying, well, how are we doing on baggage screening or on port security? I want to look at all of the functions, trade enforcement, all of the things we do, figure out if they are doing their mission. If not, close them down and do new things.

Mr. Lawrence: You're the CFO of a relatively young department. When you meet at the CFO Council and talk to the CFOs of more mature departments, how do your conversations reconcile? What are the management issues, and are they different or similar?

Mr. Maner: Well, those conversations usually begin with them, my counterparts, patting me on the back and wishing me luck. But again, I think we mentioned the idea of two full-time jobs, and right now, we do have two full-time jobs. We have to support the mission of homeland security, but we have to build a department, one that will stay if administrations change. This department's here to stay.

And so for me, that's about building and developing people; it's about providing visibility of financials and budget information; it's about integrating the financial management people within Homeland to make sure we're doing things one way; and dare I say this in the financial management community, it's actually about having some fun, too, while you're doing that, and certainly we try and do that at work. It's something that I've always done. I've had -- I've worked for some people who have had some serious jobs in their life. I've worked for two presidents, and I've always noticed that they have fun. And we deal with some pretty serious subjects, but if you provide a fun place to work, I believe that you can get a lot done. And if people -- if they dread coming to work and they don't understand their mission and they don't understand how they fit into the mission, you're not going to get good work out of them.

Mr. Lawrence: As you indicated in the first segment when we talked about your career, you've moved through both the sectors, public and private, about half the time. So I'd like to ask you to be reflective and what advice would you give to someone perhaps interested in or just starting out in a career in public service?

Mr. Maner: Well, again, I talk to my friends from business school all the time who are off making lots and lots of money and excelling in the corporate ladder. And I think we have equal respect for each other, because I believe that what's happening here in public service, here in Washington right now, is a redefining of government. And certainly this -- these last four years, we have a new focus in this country. Everyone, every American, is focused on security, somehow, some way. The financial viability of our companies all revolves around security. And so the government, the public sector, is leading the way in how we are going to do business and how these things are going to happen.

So at Homeland, I believe -- my advice to people is come, try out government. The money is good. It's not -- you know, as you move through your career, it might not stay, but in an entry-level position, you can make good money, you will get a higher level of responsibility, you will be dealing with bigger budget numbers, and you will just have a lot more interaction with I think policymakers than you would in the private sector. So I just think it's a wonderful place to start a career and to really, you know, immerse yourself.

Mr. Lawrence: Andy, that'll have to be our last question. Dave and I want to thank you for fitting us in your very busy schedule and being with us this morning.

Mr. Maner: Great. Well, I appreciate both of your time. And I would also mention that if people are interested in working in the government at all or, of course, working at Homeland Security, you could learn more about Homeland Security at www.dhs.gov and, of course, www.usa.jobs.gov, which is a great place to learn about opportunities at Homeland and in the government.

Mr. Lawrence: Thank you, Andy.

Mr. Maner: Thanks.

Mr. Lawrence: This has been The Business of Government Hour, featuring a conversation with Andy Maner, Chief Financial Officer at the Department of Homeland Security.

Be sure and visit us on the web at businessofgovernment.org. There, you can learn more about our programs and research and get a transcript of today's fascinating conversation. Once again, that's businessofgovernment.org .

This is Paul Lawrence. Thank you for listening.

Arlington, Virginia

Wednesday, April 3, 2002

Mr. Lawrence: Welcome to The Business of Government Hour.   I'm Paul Lawrence, a partner at PricewaterhouseCoopers and the co-chair of The Endowment for The Business of Government.  We created The Endowment in 1998 to encourage discussion and research about new approaches to improving government effectiveness.  Find out more about The Endowment by visiting us on the web at endowment.pwcglobal.com.

The Business of Government Hourfeatures a conversation about management with a government executive who is changing the way government does business.  Our conversation this morning is with Major General James Jackson, Commanding General, U.S. Army, Military District of Washington.  

Good morning, General Jackson.

Gen. Jackson: Good morning, Paul.

Mr. Lawrence: And joining us in our conversation is another PwC partner, Brian Dickson. 

Good morning, Brian.

Mr. Dickson: Good morning, Paul.

Mr. Lawrence: Well, General Jackson, although most of our listeners have probably witnessed the ceremonies and events that MDW orchestrates, could you give us a sense of its roles and the responsibilities?

Gen. Jackson: I have three major missions.  The first one deals with something we saw during 9/11, which is to respond to any crises or disaster or any kind of special security operation inside what we call the National Capital Region, which is just roughly a big goose-egg in and around Washington, D.C., Arlington, and the surrounding territory. 

The second one deals with providing base operations support for five different installations that work for me, ranging as far away as Fort Hamilton, New York up in Brooklyn, and as far down south as A.P. Hill, Virginia. 

And then the last one is the thing that most listeners might be most familiar with is the official ceremonial part of our business and public events which we conduct on an annual basis.

Mr. Lawrence: How large is your MDW team?

Gen. Jackson: I have a staff that is several hundred.  And then of course the command across the board ranges -- is approximately around 7,000 people, split between military and civilian.

Mr. Lawrence: And what type of skills will these people have?  You described such a range of activities.  I'm curious.

Gen. Jackson: Well, I pretty much run the gambit of all skills.  For example, I have operators whose job it is is to plan and control operations.   Much of what you saw during 9/11 -- those people were involved with that.  I have personnel people to keep track of people, both civilian and military, and take care of them.

I have a ceremonial staff that provides oversight and guidance as far as the events we do at both the White House, and then of course anything we do for the Department of Defense in and around the city.  I have logistics personnel who deal with that part of the business.  I have personnel who look at the garrison functions, or the functions that take place on a day-to-day basis on all those five installations.

And so I pretty much run the gambit.   I've got lawyers to take care of the contractual issues and some what we call the Uniform Code of Military Justice, the legal part of our business.  And of course, I've got Arlington National Cemetery and people like that.   So it pretty much runs the gambit.    

Mr. Dickson: Can you talk a little bit about what it's like to be a commanding general?

Gen. Jackson: I guess the first thing you say, it's great.  It's good to be in charge.  Most of us spend our lifetime in this business wanting to command and to be in positions where we pretty much are the senior authority in an organization.   Of course, we temper that with understanding we all work for somebody.  So we're not necessarily always the end to the food chain.

The job is a good one.   It's fun to be part of everything that an organization does.  And so, kind of as a CEO kind of person, I have my fingers pretty much spread across a little bit of everything that goes on in the command.   While I won't be the most knowledgeable on any specific subject, I might be able to argue that I know a little bit about everything.  And my job is to find out or know where the experts are who can give me that detailed information at the right time.

Mr. Lawrence: General, can you tell us a little bit about your career in the Army, some of your highlights that have brought you to this point?

Gen. Jackson: Sure.   I come from a military family.   My father served 33 years, World War II, Korea.  And so he was -- I guess I grew up in a military family.  And I respond to people who ask me where's my hometown, that I really don't have one.  I've been all over the country. 

I've served 30 years.   Started out after graduation out of college serving in the 82^ndAirborne Division, and then continued to multiple assignments with some Special Ops units and some -- with the Airborne forces, primarily in the light infantry side, which just means we do mostly walking or jumping and that kind of thing.

And through a variety of different command and staff positions, that has ultimately brought me to here.   I've served overseas in Korea twice, across the United States in multiple different locations.   I was checking the other day, by chance, and reminded myself that in 20 years of marriage with my wife, we've moved 13 times.  So we tend to move a lot.  And I have in the meantime been able to raise three daughters that are great kids.

Mr. Lawrence: Normally, we ask what drew you to public service, but I think you answered that by virtue of your family.  But I'm wondering what kept you in public service.  I can't help but imagine you had other opportunities throughout your career.

Gen. Jackson: I'm not so sure that public service itself is what I focus or I see the military as, to be quite honest.  But the fact that I stayed in the military I think is an important one.   And the fact that dealing with people tends to be something that is interesting and exciting.  

I had it explained to me years ago that you can be in charge of things -- equipment -- and you'll see the same thing pretty much every day.  When you work with people, you are always surprised, because people do so many different things.

And I have found working with people to be a really exciting part of the job.  And so as a leader, my job is to interface with people.   So that's what I do all day long, and that's what's been bringing me back to achieve a 30-year career.

Mr. Lawrence: Which jobs in your career have given you the most interesting challenges?

Gen. Jackson: Well, I'll be honest and say any time I've been in command, be it from the company level, which is about an organization of 150, up to regimental size, which is several thousand, and then into the job I'm at now, which is multiple thousand -- any time you're in charge of something, you draw more satisfaction from the business.  

But I would tell you also that any time I've dealt with soldiers in the role of -- be it jumping out of airplanes or any kind of operations we've done, it has brought me great satisfaction, because of the things that they do and the way they operate, and the kinds of people they are.

And all you've got to do is turn on the TV any night and see the kinds of things that are going on in Afghanistan today and kind of recognize that.  These young kids are just great, and 18, 22 years old.  And the real challenge is be careful what you ask them to do, because they're going to do it.  And you need to be right. 

Mr. Lawrence: What were the positions or the events that trained you to be in command?

Gen. Jackson: Well, I think it's something that you gain by exposure and experience over time.   Obviously, you know, you go through your formative years in college, you've got four years there.   And then you start in the Army as a young second lieutenant, and you start to learn.   You're a dry sponge, soaking up everything that comes across your path. 

And you also learn by contact with other people.  I would say that I am a composite of everybody I've ever worked for or worked with.   I see things that they do that I like, and I steal them and I try and emulate those some way.   And so I am a real composite.   I couldn't really articulate any single thing that's mine; someone else's that I've taken on and decided that I think that's the right way to go about doing business.

Mr. Lawrence: Was the learning taking place at a technical level or a management level, a general management level?

Gen. Jackson: I think both.   There is a tremendous technical side to our business that most Americans who have no Service experience probably have trouble comprehending.  Many Americans, their only connection to the military is what they see on television or what they see in the movies.  And I would tell you that the complexity of the operations, just as an example, the things going on in Afghanistan are surprising.

I mean, most people would find them to be daunting when you stop and think about trying to build an event that involves multiple things to try and happen all at the same time or very close together.  And they're all mutually supportive.  It gets to be a very technically demanding business.

From a management perspective, you're growing every day.  If you aren't improving and growing and learning in everything you do, then you have no business being where you are.  And I think any major CEO or CEO of any organization would tell you the same thing: he's learning every day.

Mr. Lawrence: Let me ask you about leadership.  In your opinion, what are the top qualities of a good leader?

Gen. Jackson: Well, I think that's a very broad question.  And I could give you a litany of answers.  But I guess I would come back to things that have always stuck with me.   And first of all, as a leader, I've always carried with me -- I've got two major responsibilities.   One is to get my job done, and the other is to take care of the people who work for me, who are going to be accomplishing that work for me.  And if you think about those two things in the way you deal with people, you really can't go wrong. 

And I guess the third thing I would tell you, I label the trait, the character trait of the ability to adapt to change as being the most significant.  And that's -- even how you adapt from one job to another, how you adapt when you're working for one boss and all of a sudden you get a new boss -- how do you adapt between being in a command position versus a staff position?

And how do you adapt to just change in your environment?  9/11 brought some changes to the way we live in this country.   The question is, how do we adapt to deal with that change?  Good leaders, great leaders can do that.

Mr. Lawrence: That's a good stopping point.  Come back with us after the break as we continue our conversation with General Jackson of the Military District of Washington. 

In our next segment, we'll ask him about the events of 9/11 and how they have affected his team and the challenges it's presented. 

This is The Business of Government Hour.

(Intermission)

Mr. Lawrence: Welcome back to The Business of Government Hour.   I'm Paul Lawrence, a partner with PricewaterhouseCoopers.  And today's conversation is with Major General James Jackson, Commanding General, U.S. Army, Military District of Washington. 

And joining us in our conversation is another PwC partner, Brian Dickson.

Mr. Dickson: General Jackson, can you talk to us a little bit about what you were doing on the morning of September 11^th, and how your day progressed in the immediate aftermath of the tragedy of that day?

Gen. Jackson: Sure.   Actually, we were in a staff meeting, so I was sitting at the head of the table with my entire staff.   And my aide brought in a note to me, and indicated that an airplane had run into one of the Twin Towers in New York City, to which I read and discounted it as some wayward pilot who couldn't fly very well. 

So we continued with the meeting.   And then, shortly after, he came in again and said there had been a second plane, to which we indicated, or it was quickly obvious to us that coincidence didn't happen this way.   So we cancelled the meeting and went and started watching the TV to see what had happened.

Shortly thereafter, someone came into the office and indicated there was a rather large smoke plume coming up from across the river, which is where the Pentagon is.  So we walked outside the building and took a look, and sure enough recognized that this was something bad that had just happened over there.

We went back inside, talked about it a little bit, and then decided that we would change clothes, get into our go-to-business suits, the BDUs, battle dress uniform, fatigues, and take a ride over to the Pentagon.  And that pretty much started the day.  And we stayed at the Pentagon probably until about 10:00, 11:00 that night, went back to the office, got some sleep real quick, went home, got cleaned up, and went back to work about 3:00 in the morning.

Mr. Dickson: Can you describe the scene that you found upon arrival at the Pentagon? 

Gen. Jackson: Yeah, sure.   Well, obviously, we got there, and it was somewhat chaotic.  And there was a lot of people moving about.  There were obviously some people who were trying to apply some coherency to the situation.  And they were pretty much gathering up a bunch of volunteers to assist in handling any casualties if they found them. 

As we assessed the situation and linked up with the fire chief, who we were told was going to be the incident commander, I asked him what he needed and what we could do to help.   And his first response was: "I need some manpower."  Well, as it so happens, that's one of the things we can provide, and so we made some phone calls.   And within an hour, we had brought some troops down. 

The initial operations on the site was to apply some degree of coherency to what's going on, and the troops came in to backfill the volunteers.  The volunteers weren't dressed properly, and their organization was rather loose, as you might imagine.  Bringing in soldiers as part of organizations, I can line them up very quickly; I've got a chain of command I can deal with and I can control them better.  

And it allowed us to allow the volunteers to go home, see family members, call family members and then to basically get back to work doing the things that they are required to do.   An interesting note is that none of the military functions that go on in the Pentagon stopped.   And so we freed those people up to go back to doing what they're supposed to do, and allowed us to do the work we were supposed to do.  And basically was providing support to the fire chief, who was the incident commander at the site.

Mr. Dickson: Does your organization -- are you still involved in recovery efforts at this point?

Gen. Jackson: No, not as such.   The recovery operations have stopped.  As you know, the building's being repaired and fixed, and I'm being told they're ahead of schedule.  The only thing we're still doing is we have collected some personal effects, both from the building itself as we cleared it, and also stuff that has been identified as personal effects from the individual remains that were retrieved from the site.   And our job, the organization that works for me, is to identify those, catalogue them, and then make them available to family members in the event they wish to identify them and claim them.   And that process is still going on, just because it's a very painstaking and detailed process.   And we expect it to conclude somewhere this summer.

Mr. Dickson: In the aftermath of September 11^th, how have you adjusted your priorities and your organization to meet the new challenges that the country faces?

Gen. Jackson: Well, the most significant that we're dealing with right now is the added security that we've established on all our installations.  In fact, we started drifting towards that back in August, with the attempt to get back to controlling access to our installations, because they do house a lot of people, and some sensitive assets that need to be protected.

So we were well on our way.   And so, since September 11^th, we have just continued on that, and remained at the high level of alert that we're at. 

The other thing that I would offer is more of a broad-brush approach.  And that is to deal with change in itself.  Obviously, since 9/11, lots of things have changed.   And so as those things change, they cause other changes.  And we have to deal with those on a day-to-day basis.

And those kinds of things are happening.  Not just the security on bases, but other things that we've become more attuned to.   You know, cyber security.   We're talking about reviewing all our contingency plans, taking a look at them, seeing if we can improve some of our communications capabilities, and the other things that we might be able to do to make our response to something like this or something similar to this in the future, go better.  And so that eats up a lot of our time.

Mr. Dickson: What type of planning or preparation pre-September 11^th had you done for events like that? 

Gen. Jackson: Well, obviously, we've got some plans.  I mean, we go out and write some and we prepare them.  But we can't write a plan for every eventuality.   As a matter of fact, someone asked me after this if we had a plan.  I said: "Yeah, we had a plan.  But we didn't have a plan that talked about what we did if a plane flew into the Pentagon." 

The interesting thing is we didn't need a plan for that.  We took the plan we had, we modified it, and that's what senior people get paid to do, is to deal with those kinds of changes.  And we executed the modified plan.  And it worked exceptionally well.

Mr. Lawrence: Let me follow that up with another question about working together.  You talked about working with the Arlington Fire Department.    I know that the FBI and FEMA were involved.  I wonder, you know, what the lessons are working across organizations like that?

Gen. Jackson: We had a great relationship with all the people and all the organizations that came in and worked at the Pentagon.  I think the biggest lesson was that the system that's in place across the country, the Incident Command System that they have, the Federal Response Plan that is in place, is a good one.

In this case, inside the United States, the military does not take the lead.  Even though that was military land in the Pentagon, the guy in charge of the operation was in fact the fire chief out of Arlington.   And that's where I reported, and I worked for him, basically.

I asked him what he wanted me to do.   And if he asked, and if there was something I could do for him, we provided it.   It was a very collegial, cooperative kind of environment, and it works great.

As the fire chief slid out of that command role, because the fire was out and the structural damage to the building had been taken care of, the crime scene part came up, and then the FBI took over.  No problem.   I then start working for the FBI, doing the things they want me to do.

Once the FBI was done with the building, they turned it back over to us, and then we continued to do the things we had to do until we were complete, and then we gave it back to the Pentagon folks.

The value of the working across the interdepartmental and interagency work that we did was manifested by our relationship that we have established over time, because we live in the city, we work in the city, we know these people.  We talk to them, we review our plans together, and we have a relationship.

That relationship is built on trust and on capability.  We understand what each of us brings to the fray, and what things we should be able to do.   And we don't look at doing someone else's job, we do what we can do best.  And in this case, it worked out exceptionally well.   The people that we worked with on 9/11 were just wonderful folks, and great leaders and great people in their communities.

The interesting thing is the relationships that we built have just increased in significance, in that we still talk to each other, go see each other, and spend time together.   And that's what makes things work, is that interrelationships that we've built.

Mr. Lawrence: You've talked about the value of relationships.  You obviously didn't begin building those relationships on the morning of 9/11.   What were you doing before to build relationships with those groups?

Gen. Jackson: Well, interestingly, the Inaugural that we had for President Bush brought us all together, because of the significant event in Washington, D.C. and the kinds of stuff that happens there, the security aspects, the volume of people that come in, and the military participation, and the fact that we help prepare and plan the whole -- the inaugural, at least the parade portion and some of the rest of the stuff that is done.

We have to sit down and talk.   And you go through a lengthy process of building a plan, executing it on a tabletop or on a floor, and then rehearsing it.  And so throughout that event, over a period of several weeks, we become very close, and we get to understand. 

So I know pretty much or have met every police senior member throughout the District, and certainly in the surrounding counties.  Some fire chiefs, I've known.  We train periodically with their own search-and-rescue people, because I have a search-and-rescue element.  And they train together.

And so that's where we build those relationships.    

Mr. Lawrence: That's a good stopping point.  Stick with us as we continue our discussion about management with General Jackson of the Military District of Washington.  

When we come back, we'll ask him about the challenges of managing Arlington Cemetery. 

This is The Business of Government Hour.

(Intermission)

Mr. Lawrence: Welcome back to The Business of Government Hour. I'm Paul Lawrence, a partner in PricewaterhouseCoopers.  And today's conversation is with Major General James Jackson, Commanding General, U.S. Army, Military District of Washington.

And joining us in our conversation is another PwC partner, Brian Dickson. 

Well, General Jackson, one of the things that I've always been most impressed about MDW is Arlington National Cemetery.  Could you describe the management challenges one faces in operating a cemetery, or operating the cemetery?

Gen. Jackson: The biggest challenge with Arlington is space.  We're fast running out of space. Where it sits geographically, it's bounded by a variety of different things.  And so we're concerned that at some point in time, we'll just run out of ground.

We're building plans to be able to take us well into this century, beyond 2050, and a little bit further than that to be able to do the things we have to do.  But there's going to have to be some other innovative ways to deal with it.  And that's why we're building things like columbariums for cremation and so forth.

The other aspect is that we run anywhere from about 28 funerals a day, and average about 24.   But we can go as high as up to 28.   And we inter both Army and of course all the other services.  Regardless of which service is participating, I could have elements of my own participating, depending on the level of the funeral.  Depending on the individual veteran, there are certain honors that are rendered based upon what level that individual worked.   And so we go through a fairly lengthy process to figure all that out so that we render proper honors for all of them.

But as you might expect, Arlington has a lot of emotion tied to it.  And we deal with that as best we can, because we have families that are deserving of our attention at this point in time in their lives.   As far as they're concerned, that's the most important thing that's happened at that point in time in their lives.   And we deal with that.

Overall, things operate very smoothly.   One thing I would pass on to all your listeners is that as a veteran, if you're out there, you need to make sure that your paperwork and stuff is available and properly set aside so when the time comes, your family is properly prepared.  And there is a degree of paperwork associated with everything we do.   And if you don't have that available, you can make things a little bit more difficult.  

And there are ways to deal with that.   All you've got to do is pick up the phone and call, and people can be happy to provide that information to you either through the veterans' services, or, of course, you can Arlington itself.

Mr. Lawrence:   From personal experience, as well as talking to people who have been involved at a ceremony at Arlington National Cemetery, the response is all very, very positive.   And so my question to you is how does it run so well?  How does everything, with 20 or 28 ceremonies, how does it all work so well?

Gen. Jackson:   Well, we've had lots of time to perfect that.  In all honesty, we have had lots of time.  And over time, the experience causes people to be able to find ways to make it better.   Additionally, I would tell you that the young people and all the folks that we have working down there are focused keenly on that one event.  And they take it very seriously.

The soldiers who participate in Arlington will tell you to a man that they are very proud to be able to provide that service to veterans who have served their country, and now they're paying their last respects.  And so every time I've witnessed a funeral, I've never seen anything but a tremendous sense of dedication and desire on the part of everybody to render those honors properly.  And it ranges from the very top down to the

lowest-ranking individual, to include family members who receive some honors.

Mr. Dickson: General, I know from my work with the Army that you personally, and also the Military District of Washington, has taken a leading role in developing innovative ways to managing your post infrastructure, including moving out into some innovative approaches in the area of privatization.  Could you talk about what you're doing in this area?

Gen. Jackson:   Basically, it's a fairly simplistic approach, but it's complicated as you get into details.   The simplistic part is that the U.S. Army is good at many things.  But some things we're not as good at as the private industry.   And so the desire is to -- let's go get the experts to do the things that they're good at, and let's let us go back to doing the things we're good at.

And so running installations and providing utilities to an installation is not something you learn about in the Army.   And maybe we ought to go out and find those experts.  And so that's what we're doing.  We're trying to bring them in -- all with the stated goal of being more efficient and effective with the dollars that the taxpayers give us.

Another example would be the Residential Community Initiative, which is RCI, in short.   But it's just a fancy way of finding out how we can build new houses, or improve the maintenance on the existing housing that we have on our installations. 

For example, the house I live in is 100 years old.  Everything you do to that house is now historically based.  And so it costs us money to be able to do that, and it costs more money than you might on a younger house.

But how do we go about fixing all this old infrastructure that in some cases we can't tear down because of the preservation and the historical requirements?  And so we took at look at that, and the Army decided the best way to do that is to partner with private firms who build houses.   And we pay for them by using the housing allowance that we receive -- if you own a house and you're living off the installation, you forfeit that when you move into government quarters.

Well, in this case, we won't forfeit it any more.  We will take that money and pay the private contractor who has built the house.   And they're contracting to do this, or building this partnership for long term.  The one up at Fort Meade is a company called Piscern Real Estate, and they're tied in for 50 years right now.

So they see -- the novel approach here is, here's an American business that is not necessarily concerned with instantaneous gratification or profit.  He is building his program to make money over 50 years.   And he's partnering with the military to do that.

And so we are going to get newer houses, better-maintained houses while he gets a

long-term return on his investment, which is kind of novel.

Mr. Lawrence: You said it was a simple concept, yet it was hard to do.  What's the hard-to-do part about?

Gen. Jackson: Well, the hard part is because it's new.  No one's done this before.  And so you're kind of groping as you go, trying to figure out how to do it.   As you break new ground, it just causes new things to occur, and things that you haven't thought of necessarily.

There were some hurdles.   There's legal hurdles; there's some political concerns.  And there's also just the issue of how do we go about maintaining a relationship for 50 years with a private entity?  You know, when was the last time the military built a partnership, a literal partnership, with a commercial entity?  And so that's the difficult part, putting together the product or the process so that it produces the product you want and at the quality you want to give our people the kind of living standards that they deserve.  

Mr. Lawrence: What are your special authorities as the commanding general of MDW?

Gen. Jackson: First of all, one of the extra functions I have is to function as the general court martial convening authority for all of the elements in and around the National Capital Region.   What that basically means is when there's an infraction or some kind of  legal problem, I'm the decisionmaker as to whether we take that to a court martial or we process it with another way.

So I will deal with all the military who work in the Pentagon and throughout the area from, again, as close as Fort Meade, Fort Belvoir and all the other agencies who, while they may not work for me, they will still fall under my jurisdiction for this.

The last time we counted, it's over 90 different organizations.  The other interesting part that falls to me is we have elements of Navy, Marine Corps, Air Force and Coast Guard that also work in the Capital Region that have jobs similar to mine.  And so what we do is we constantly interface with them so that we all know what each other's doing to try and facilitate the jobs.

Because again, in a crisis situation, we might very well need their assets to assist us, and so we work together.

Additionally, in the area of joint ceremonies, either at the White House or dealing with the Department of Defense, my organization takes the lead and all the others follow what we do.   And they'll take instructions from us.

Mr. Dickson: As the commanding general for the Military District of Washington, you have jurisdiction over both Army soldiers and a large number of civilians.  What are the significant cultural differences between these two groups?

Gen. Jackson:   You know, that's an interesting question, because before I came here, I  might have answered it a lot differently than I will today.   I will tell you today that I find very little difference between good workers, be they civilian or military.   I mean, good workers, good employees do things well, regardless of what clothing they wear and what their background is.  They just want to strive to do well, and they'll do well. 

Now, there's those that aren't so good, and then there's lots of differences with those.   But I have not-so-good that wear uniforms sometimes, too.  So, again, there's a commonality there that I don't really think transcends culture here.  So I would offer that in my job, that the people I've worked with, both civilian and military, I've found to be very capable, able, dedicated.  And they desire to do a great job.  And therefore, there's really no difference between either one of them.  And I'm blessed.   I've got good folks who work for me, and those problems don't seem to take up much of my time.

Mr. Lawrence: That's a good stopping point.  Rejoin us after the break as we continue our discussion with General Jackson of the Military District of Washington. 

This is The Business of Government Hour.

(Intermission)

Mr. Lawrence: Welcome back to The Business of Government Hour. I'm Paul Lawrence, a partner at PricewaterhouseCoopers.  And today's conversation is with Major General James Jackson, commanding general, U.S. Army, Military District of Washington. 

Joining us in our conversation is another PwC partner, Brian Dickson.

Mr. Dickson: General Jackson, I'm aware that the Military District of Washington is also playing a leading role in helping the Army improve its technology infrastructure and to develop more standard approaches to using information technology.   Can you talk a little bit about your efforts in this area? 

Gen. Jackson: The Pentagon has decided to take the lead, and to develop a program to do all those things you mentioned.  Our part is to kind of  be the test bed, or be a laboratory to take some of their ideas and actually put them into place and see how they work.  We're a relatively small command as Army commands go.   And so we can do that with a fairly small overhead, and we can see if it works.

The whole purpose behind it is to try and make our organizations more effective, more efficient by using not only common business practices, but also technology, by re-engineering the current technologies to give us the ability to get to information that is important and critical for us to make better decisions.   And we're doing things like remoting our servicing capability for our computers.  We have that capability now to basically reach into a computer and fix a software problem without ever having to send a service member down to touch the machine.  It can be done from a remote site.

Looking at consolidating our information techniques, our ability to store information in a database so that it makes it available for more people to get to, so that you, one, know that information is available so you can go retrieve it quickly and make it go.  And it's just a matter of trying to take all these tools and make them available to the decisionmakers.

Mr. Dickson: People who are technologists often talk about the introduction of technology changes organizations.   And in many ways, they say that when they get rid of the middle managers, they flatten the structure because they're able to do the kind of things you just described.   And I'm curious.   Can you imagine that happening to the Army?  It somehow seems counterintuitive to think that a structure that has lasted so long in history would change.

Gen. Jackson: I guess what I have learned over my 30 years is don't ever say never, because you'll probably be bit after a while.   I think those kinds of changes are worth looking at and exploring.  I think the Army has got ways to improve itself, and this may be one of them.   My only caution would be we need to look at it and address it.  And if we think it's going to work, then we move ahead.

And certainly our civilian and military leaders are taking a look at these things.   I know General Shinseki is working hard to do what he's calling the transformation business, to transform the Army into a different organization that can better meet the nation's needs.  

You know, if you don't change, to adapt, or adapt to the environment you're dealing in, sooner or later, you're going to become inconsequential or superfluous, and you'll go away.

Mr. Lawrence: What might be some of those differences?  Does that mean different way that the members of the Army do their jobs, would it mean different type jobs?  What?

Gen. Jackson: I think both those, certainly.  Obviously, there's many different ways to accomplish the same role.   And we should be looking for ways that are more efficient and more effective all the time.   Some jobs will go away.  

We've got new jobs today that weren't around 30 years ago when I came in the Army.   One of the little vignettes I tell my people is just the PCs, the personal computers that we're dealing with today, there weren't in the Army 30 years ago.  And today, when I'm standing in front of a big group, I ask them: "Is there anyone here who does not have a PC on your desk?"   And no hands go up.

That has affected the way we move information.  I mean, e-mail has taken away the old buck slip, the handwritten note.  Very rarely do we do that anymore.  Now, I do some because it carries a little bit of added weight sometimes.   But the point is the routine way of transferring information now has become the computer.

Just take a look at your own organizations and ask yourself what happens when the computer goes down?  What if the system breaks?  You find out you're all of a sudden got lots of spare time on your hands.   Because a tool has been taken away that you've become very accustomed to.  And so that has changed.  And that's just one example, which is not necessarily a big one, but it's been one example that has reached out and touched almost everybody in the military.

Mr. Lawrence: There's still talk about the coming wave of retirements of individuals in government.   Is this a challenge to MDW?

Gen. Jackson:  I don't think so.   You know, we have been having people retire in the military for many, many years.   In fact, it comes to all of us sooner or later.  And we have procedures in place to deal with that.  We have incentives, and we retain the people that we want to retain and that want to stay with us.  And we have a program to do that.  I think it's just the way we do business, and it's one of the things that we deal with every day.  

Mr. Dickson: Sir, is MDW heavily involved in recruiting and the retention of soldiers?   And what are you folks doing to try to improve recruitment and retention?

Gen. Jackson: Overall, recruiting has been a good story for the Army, although I personally -- my command -- does not get involved in recruiting initial entry soldiers, the first-time people coming in.

But my understanding is the Army is doing well across the board.   And in the area of retaining soldiers, my command does do that, and we're doing very well.   At this point in time, we're about 117 percent of our stated goals up to this point in time.

And we have a variety of different ways we deal with that in the way of incentives.   Some monetary incentives; college education that can be provided through the GI bill; training choices.   And the one that seems to pop up most readily in our command is the option to re-enlist, to stay where you're at.   And about half of our re-enlistments that are retention of soldiers comes in that category, which means people are pretty much happy with what they're doing, and they're going to stay with us, or try to stay with us longer.

And so right now, that's all going pretty well for us.

Mr. Dickson: Do you focus a lot on improving or maintaining a high quality of life for the soldiers as a means for ensuring high retention rates?  And what kinds of things are you doing in that area? style="font-WEIGHT: normal">

Gen. Jackson:  We are doing things to affect the lifestyle of the soldiers.  We've got some programs in place called wellness, and a wellness program that is designed to look at how you treat the whole family as opposed to just the soldier.  We need to recognize that if the soldier's going home upset, or has a family life that's not doing too well, he's not going to be very good on duty.

Mr. Lawrence: What advice would you give a young person interested in the military?  

Gen. Jackson: I would ask him to stay in school, learn all you can, be as good a student as you can.   Remember that you're going to go through high school, like most of us, once.  Get as much as you can out of that.  And then if you have a desire to come to the Army, get yourself in good physical shape, keep yourself as morally straight as you possibly can, and step forward.  But be prepared for challenges, and be prepared to face some things new in your life.   And the Army will in fact bring those things out.

But we look forward to bringing on every young able-bodied American citizen who wants to serve.   And I think there's a value added to every life that comes in and participates with us, because there's things we can do for them that probably are fairly unique.

Mr. Lawrence: I've heard about two programs.   Perhaps you could tell me more about them, Twilight Tattoo and Spirit of America.  

Gen. Jackson: Well, Twilight Tattoo is our summer program that occurs out on the White House Ellipse.   We do it every Wednesday at 7:00.   We're going to start April 17^th, and we'll go to mid-July.  And it's about an hour, hour and a half, or a little over an hour show.  And it's intended to basically provide the viewer a snapshot of what the Army has done over time, and some of the assets that are available within MDW.   But it's an historically based show that talks a little bit about the Army over the years.   And then it also gives them an opportunity to see some of the more visible assets that are available to me and that we put on the show. 

Some music.   It's all built around music.   We try to build it with some of the more contemporary music, which is rather difficult for an old person like me.   But I've got folks who help me with that.  And so the intent is to reach out to young people and to make it both an enjoyable but an informative event.

Spirit of America is really a large musical show that is done up in the MCI Arena.  We'll be doing that 26 through 29 September.   And what it amounts to, it's a patriotic version of any kind of a show that you might see.   And it's again designed around the Army, and what kinds of things we've done or meant to the country, and what the country means to the Army.  And it's put on by all our soldiers.  I mean, there's no professional actors there.  These are our people who are taught how to do this.  

And we write the show from scratch, and then put it on.  And we were going to do it last year.  But as you know, with the 9/11 events, it was decided that we would cancel that event.   And so we're going to come back this year, and hope that the public comes out and spends an evening with us or an afternoon with us, and hope they learn something, and also hope they enjoy themselves.

Mr. Lawrence: Well, those certainly sound interesting, but I'm afraid we're out of time.  

Brian and I want to thank you very much, General Jackson, for being with us this morning.

Gen. Jackson:  My pleasure.   Thank you.

Mr. Lawrence: This has been The Business of Government Hour, featuring a conversation with Major General James Jackson, commanding general, U.S. Army, Military District of Washington. 

Be sure and visit us at the web at endowment.pwcglobal.com.  There you can learn more about our programs, and get a transcript of today's interesting conversation.  Once again, that's endowment.pwcglobal.com.

This is Paul Lawrence.   See you next week.