“(a) Requirements within Department in event of breach.—

“(1) NOTIFICATIONS.—

“(A) NOTIFICATION OF BREACH.—If a breach occurs in a major acquisition program, the program manager for such program shall notify the Component Acquisition Executive for such program, the head of the component concerned, the Executive Director of the Program Accountability and Risk Management division, the Under Secretary for Management, and the Deputy Secretary not later than 30 calendar days after such breach is identified.

“(B) NOTIFICATION TO SECRETARY.—If a breach occurs in a major acquisition program and such breach results in a cost overrun greater than 15 percent, a schedule delay greater than 180 days, or a failure to meet any of the performance thresholds from the cost, schedule, or performance parameters specified in the most recently approved acquisition program baseline for such program, the Component Acquisition Executive for such program shall notify the Secretary and the Inspector General of the Department not later than five business days after the Component Acquisition Executive for such program, the head of the component concerned, the Executive Director of the Program Accountability and Risk Management Division, the Under Secretary for Management, and the Deputy Secretary are notified of the breach pursuant to subparagraph (A).

“(2) REMEDIATION PLAN AND ROOT CAUSE ANALYSIS.—

“(A) IN GENERAL.—If a breach occurs in a major acquisition program, the program manager for such program shall submit to the head of the component concerned, the Executive Director of the Program Accountability and Risk Management division, and the Under Secretary for Management in writing a remediation plan and root cause analysis relating to such breach and program. Such plan and analysis shall be submitted at a date established at the discretion of the Under Secretary for Management.

“(B) REMEDIATION PLAN.—The remediation plan required under this subparagraph (A) shall—

“(i) explain the circumstances of the breach at issue;

“(ii) provide prior cost estimating information;

“(iii) include a root cause analysis that determines the underlying cause or causes of shortcomings in cost, schedule, or performance of the major acquisition program with respect to which such breach has occurred, including the role, if any, of—

“(I) unrealistic performance expectations;

“(II) unrealistic baseline estimates for cost or schedule or changes in program requirements;

“(III) immature technologies or excessive manufacturing or integration risk;

“(IV) unanticipated design, engineering, manufacturing, or technology integration issues arising during program performance;

“(V) changes to the scope of such program;

“(VI) inadequate program funding or changes in planned out-year funding from one 5-year funding plan to the next 5-year funding plan as outlined in the Future Years Homeland Security Program required under section 874;

“(VII) legislative, legal, or regulatory changes; or

“(VIII) inadequate program management personnel, including lack of sufficient number of staff, training, credentials, certifications, or use of best practices;

“(iv) propose corrective action to address cost growth, schedule delays, or performance issues;

“(v) explain the rationale for why a proposed corrective action is recommended; and

“(vi) in coordination with the Component Acquisition Executive for such program, discuss all options considered, including the estimated impact on cost, schedule, or performance of such program if no changes are made to current requirements, the estimated cost of such program if requirements are modified, and the extent to which funding from other programs will need to be reduced to cover the cost growth of such program.

“(3) REVIEW OF CORRECTIVE ACTIONS.—

“(A) IN GENERAL.—The Under Secretary for Management shall review the remediation plan required under paragraph (2). The Under Secretary may approve such plan or provide an alternative proposed corrective action within 30 days of the submission of such plan under such paragraph.

“(B) SUBMISSION TO CONGRESS.—Not later than 30 days after the review required under subparagraph (A) is completed, the Under Secretary for Management shall submit to the congressional homeland security committees the following:

“(i) A copy of the remediation plan and the root cause analysis required under paragraph (2).

“(ii) A statement describing the corrective action or actions that have occurred pursuant to paragraph (2)(b)(iv) for the major acquisition program at issue, with a justification for such action or actions.

“(b) Requirements relating to congressional notification if breach occurs.—

“(1) NOTIFICATION TO CONGRESS.—If a notification to the Secretary is made under subsection (a)(1)(B) relating to a breach in a major acquisition program, the Under Secretary for Management shall notify the congressional homeland security committees of such breach in the next quarterly Comprehensive Acquisition Status Report, as required by title I of division D of the Consolidated Appropriations Act, 2016, (Public Law 114–113) following receipt by the Under Secretary of notification under such subsection.

“(2) SIGNIFICANT VARIANCES IN COSTS OR SCHEDULE.—If a likely cost overrun is greater than 20 percent or a likely delay is greater than 12 months from the costs and schedule specified in the acquisition program baseline for a major acquisition program, the Under Secretary for Management shall include in the notification required in paragraph (1) a written certification, with supporting explanation, that—

“(A) such program is essential to the accomplishment of the Department’s mission;

“(B) there are no alternatives to the capability or asset provided by such program that will provide equal or greater capability in both a more cost-effective and timely manner;

“(C) the new acquisition schedule and estimates for total acquisition cost are reasonable; and

“(D) the management structure for such program is adequate to manage and control cost, schedule, and performance.

“(c) Definitions.—In this section:

“(1) ACQUISITION.—The term ‘acquisition’ has the meaning given such term in section 131 of title 41, United States Code.

“(2) ACQUISITION PROGRAM.—The term ‘acquisition program’ means the process by which the Department acquires, with any appropriated amounts, by contract for purchase or lease, property or services (including construction) that support the missions and goals of the Department.

“(3) ACQUISITION PROGRAM BASELINE.—The term ‘acquisition program baseline’, with respect to an acquisition program, means a summary of the cost, schedule, and performance parameters, expressed in standard, measurable, quantitative terms, which must be met in order to accomplish the goals of such program.

“(4) BEST PRACTICES.—The term ‘best practices’, with respect to acquisition, means a knowledge-based approach to capability development that includes—

“(A) identifying and validating needs;

“(B) assessing alternatives to select the most appropriate solution;

“(C) clearly establishing well-defined requirements;

“(D) developing realistic cost assessments and schedules;

“(E) securing stable funding that matches resources to requirements;

“(F) demonstrating technology, design, and manufacturing maturity;

“(G) using milestones and exit criteria or specific accomplishments that demonstrate progress;

“(H) adopting and executing standardized processes with known success across programs;

“(I) establishing an adequate workforce that is qualified and sufficient to perform necessary functions; and

“(J) integrating the capabilities described in subparagraphs (A) through (I) into the Department’s mission and business operations.

“(5) BREACH.—The term ‘breach’, with respect to a major acquisition program, means a failure to meet any cost, schedule, or performance threshold specified in the most recently approved acquisition program baseline.

“(6) CONGRESSIONAL HOMELAND SECURITY COMMITTEES.—The term ‘congressional homeland security committees’ means—

“(A) the Committee on Homeland Security of the House of Representatives and the Committee on Homeland Security and Governmental Affairs of the Senate; and

“(B) the Committee on Appropriations of the House of Representatives and of the Senate.

“(7) COMPONENT ACQUISITION EXECUTIVE.—The term ‘Component Acquisition Executive’ means the senior acquisition official within a component who is designated in writing by the Under Secretary for Management, in consultation with the component head, with authority and responsibility for leading a process and staff to provide acquisition and program management oversight, policy, and guidance to ensure that statutory, regulatory, and higher level policy requirements are fulfilled, including compliance with Federal law, the Federal Acquisition Regulation, and Department acquisition management directives established by the Under Secretary for Management.

“(8) MAJOR ACQUISITION PROGRAM.—The term ‘major acquisition program’ means a Department acquisition program that is estimated by the Secretary to require an eventual total expenditure of at least $300,000,000 (based on fiscal year 2017 constant dollars) over its life cycle cost.”.