This is the accessible text file for GAO report number GAO-05-520T 
entitled 'DOD's High-Risk Areas: Successful Business Transformation 
Requires Sound Strategic Planning and Sustained Leadership' which was 
released on April 13, 2005. 

This text file was formatted by the U.S. Government Accountability 
Office (GAO) to be accessible to users with visual impairments, as part 
of a longer term project to improve GAO products' accessibility. Every 
attempt has been made to maintain the structural and data integrity of 
the original printed product. Accessibility features, such as text 
descriptions of tables, consecutively numbered footnotes placed at the 
end of the file, and the text of agency comment letters, are provided 
but may not exactly duplicate the presentation or format of the printed 
version. The portable document format (PDF) file is an exact electronic 
replica of the printed version. We welcome your feedback. Please E-mail 
your comments regarding the contents or accessibility features of this 
document to Webmaster@gao.gov. 

This is a work of the U.S. government and is not subject to copyright 
protection in the United States. It may be reproduced and distributed 
in its entirety without further permission from GAO. Because this work 
may contain copyrighted images or other material, permission from the 
copyright holder may be necessary if you wish to reproduce this 
material separately. 

Testimony: 

Before the Subcommittee on Readiness and Management Support, Committee 
on Armed Services, U.S. Senate: 

For Release on Delivery Expected at 10:00 a.m. EDT Wednesday, April 13, 
2005: 

DOD's High-Risk Areas: 

Successful Business Transformation Requires Sound Strategic Planning 
and Sustained Leadership: 

Statement of David M. Walker, Comptroller General of the United States: 

GAO-05-520T: 

GAO Highlights: 

Highlights of GAO-05-520T, a testimony before the Subcommittee on 
Readiness and Management Support, Committee on Armed Services, U.S. 
Senate: 

Why GAO Did This Study: 

In January 2005, GAO released its 2005 high-risk series update report 
for the 109th Congress. GAO's high-risk series has increasingly focused 
on major government programs and operations that need urgent attention 
and transformation to ensure that the U.S. government functions in the 
most economical, efficient, and effective manner possible. GAO also 
emphasizes those federal programs and operations that are at high risk 
because of their greater vulnerabilities to fraud, waste, abuse, and 
mismanagement. Of the 25 areas on GAO's 2005 high-risk list, 8 are 
Department of Defense (DOD) programs or operations and 6 are 
governmentwide high-risk areas for which DOD shares some 
responsibility. These high-risk areas touch on all of DOD's major 
business operations. DOD's failure to effectively address these many 
high-risk areas results in billions of dollars of waste each year and 
inadequate accountability to Congress and the American people. 

The Subcommittee asked GAO to provide its views on (1) DOD's high-risk 
areas, including those it shares responsibility for with other federal 
agencies; (2) an emerging challenge for DOD that merits close 
attention, involving DOD's approach to risk management; and (3) key 
elements, such as a chief management official, to successfully address 
these high-risk areas and achieve business transformation reform. 

What GAO Found: 

GAO has reported on inefficiencies and inadequate transparency and 
accountability across DOD's major business areas, resulting in billions 
of dollars of wasted resources annually. As shown in the following 
table, these problems have resulted in GAO's designation of eight DOD 
areas as high-risk, two of which were newly added this year. Progress 
in addressing one of these new high-risk areas--DOD's overall approach 
to business transformation--is needed to confront the other seven 
areas. DOD also shares some responsibility for six other governmentwide 
high-risk areas, including strategic human capital management. Although 
DOD's senior leaders have shown commitment to business management 
reform, little tangible evidence of actual improvement has been seen to 
date. 

Years When Specific DOD Areas on GAO's 2005 High-Risk List Were First 
Designated as High Risk: 

Year designated as high risk. 

Area: DOD approach to business transformation; 
Year designated as high risk: 2005. 

Area: DOD personnel security clearance program; 
Year designated as high risk: 2005. 

Area: DOD support infrastructure management; 
Year designated as high risk: 1997. 

Area: DOD business systems modernization; 
Year designated as high risk: 1995. 

Area: DOD financial management; 
Year designated as high risk: 1995. 

Area: DOD weapon systems acquisition; 
Year designated as high risk: 1990. 

Area: DOD contract management; 
Year designated as high risk: 1992. 

Area: DOD supply chain management[A]; 
Year designated as high risk: 1990. 

Source: GAO. 

[A] This area, formerly entitled DOD inventory management, was expanded 
to include distribution and asset visibility. 

[End of table]

In addition to the specific high-risk areas, there are other broad-
based challenges facing our government that merit continuing close 
attention. One emerging area of concern involves the need for DOD along 
with other agencies to develop and use a strategic risk-based approach 
for establishing goals, evaluating and setting priorities, and making 
difficult resource decisions across the department. Strategically 
managing risks and investment decisions is crucial for DOD as it faces 
growing questions about the affordability and sustainability of current 
defense spending. 

To move forward, there are three key elements that DOD must incorporate 
into its business management reform efforts to successfully address the 
systemic management problems related to its high-risk areas. First, any 
reform efforts must include a comprehensive, integrated strategic plan 
with results-oriented performance measures, including a well-defined 
blueprint (an enterprise architecture) to guide and constrain 
implementation of such a plan. Second, central control of system 
investments is crucial for successful transformation. Finally, a 
legislatively created Deputy Secretary of Defense for Management is 
essential for providing the strong and sustained executive leadership 
needed if reform efforts are to succeed. 

www.gao.gov/cgi-bin/getrpt?GAO-05-520T. 

To view the full product, click on the link above. For more 
information, contact Sharon Pickup at (202) 512-9619 or pickups@gao.gov 
or Gregory Kutz at (202) 512-9505 or kutzg@gao.gov. 

[End of section]

Mr. Chairman and Members of the Subcommittee: 

Thank you for the opportunity to discuss the Department of Defense's 
(DOD) "high-risk" programs and operations summarized in GAO's 2005 high-
risk series update report.[Footnote 1] During my tenure as Comptroller 
General, our high-risk series has increasingly focused on those major 
government programs and operations that need urgent attention and 
transformation to ensure that our national government functions in the 
most economical, efficient, and effective manner possible. We also 
emphasize those federal programs and operations that are at high risk 
because of their greater vulnerabilities to fraud, waste, abuse, and 
mismanagement. Some of these high-risk programs and operations are in 
need of transformation, and several will require action by both the 
executive branch and Congress for successful transformation to occur. 

Given its size and mission, DOD is one of the largest and most complex 
organizations to effectively manage in the world. While DOD maintains 
military forces with significant capabilities, it continues to confront 
pervasive, decades-old management problems related to its business 
operations, including systems and processes, that support these forces. 
Of the 25 areas on our 2005 high-risk list, 8 are DOD programs or 
operations and 6 are governmentwide high-risk areas for which DOD 
shares some responsibility. These high-risk areas touch on all of DOD's 
major business operations. DOD's failure to effectively address these 
high-risk areas results in billions of dollars of wasted resources each 
year and inadequate accountability to Congress and the American people. 
In some cases, such as DOD's financial management and weapon systems 
acquisition areas, we have been highlighting high-risk challenges for a 
decade or more. To its credit, the Office of Management and Budget 
(OMB) has worked closely with a number of agencies that have high risk 
issues, but to-date has been less involved with DOD. Recently, Clay 
Johnson, OMB's Deputy Director for Management reaffirmed plans to 
refocus on GAO's high risk list in order to make as much progress as 
possible during the Bush Administration's second term. He also 
committed to place additional emphasis on DOD's high-risk areas, 
including working to help ensure that DOD has action plans for 
addressing all new "high-risk" areas. Given the magnitude of DOD's 
problems and the stakes involved, I believe it is critical that OMB 
actively collaborate with the department to ensure it establishes the 
action plans and milestones needed to address its high risk areas. 
Continued oversight by Congress, such as this hearing, is key to 
achieving change at DOD and, in the case of some areas, legislative 
action will be needed. 

Today, I will provide my perspectives on (1) DOD's high-risk areas, 
including those for which it shares responsibility with other federal 
agencies; (2) an emerging challenge that merits close attention, 
involving the need for DOD and other federal agencies to develop 
comprehensive approaches for risk management; and (3) three key 
elements to successfully address these high-risk areas and achieve 
needed reforms. In particular, I will emphasize two suggestions for 
legislative consideration--the need for central control of systems 
investment funding and a chief management official--that I have 
previously testified about.[Footnote 2] Implementation of these two 
suggestions would provide the sustained top-level leadership and 
accountability needed by DOD to better permit the effective use of 
transition plans, processes, systems, people, and tools and thereby 
increase the likelihood of successful business transformation. 

My statement is based on previous GAO reports and our work was 
performed in accordance with generally accepted government auditing 
standards. 

Summary: 

While DOD began the new millennium with military forces second to none, 
it has not been effective in managing its business operations. At a 
time when DOD is challenged to maintain a high level of operations 
while competing for resources in an increasingly fiscally constrained 
environment, weaknesses in DOD's business operations continue to result 
in reduced efficiencies and effectiveness. The Secretary of Defense has 
estimated that improving business operations could save 5 percent of 
DOD's annual budget. This represents a savings of about $22 billion a 
year, based on the fiscal year 2004 budget. 

Continuing problems within DOD's business operations and transformation 
initiatives have resulted in our designation of eight DOD-specific 
programs and operations to our 2005 high-risk list, which includes two 
new areas and the expansion of a third area. First, we added DOD's 
overall approach to business transformation to the high-risk list 
because of our concern over DOD's lack of adequate management 
accountability and the absence of a strategic and integrated action 
plan for the overall business transformation effort. Unless DOD makes 
progress in its overall business transformation effort, we believe that 
it will continue to have difficulties in confronting the other seven 
DOD-specific high-risk areas in an integrated, departmentwide approach. 
Second, we added DOD's personnel security clearance program to the list 
because the increased delays and growing backlogs of security 
clearances for DOD personnel, contractors, and others present a range 
of risks in today's security environment. Finally, we expanded our 
prior high-risk area of inventory management to include DOD's 
management of certain key aspects of its supply chain, including 
distribution, inventory management, and asset visibility, because of 
issues related to supporting the warfighter during Operation Iraqi 
Freedom. The remaining DOD-specific high-risk areas cover other major 
business operations such as support infrastructure management, business 
systems modernization, financial management, weapon systems 
acquisition, and contract management. Although the Secretary of Defense 
and senior leaders have shown commitment to business management 
transformation, little tangible evidence of actual improvement has been 
seen in DOD's business operations to date. In addition, DOD has not 
taken the steps necessary to achieve and sustain business reform on a 
broad, strategic, departmentwide, and integrated basis. 

In addition to the DOD-specific high-risk areas, DOD shares 
responsibility for six other high-risk areas that are governmentwide in 
scope. A first and critical governmentwide high-risk area, strategic 
human capital management, has remained high risk because some federal 
human capital strategies are still not appropriately constituted to 
meet current and emerging challenges or drive the transformations 
necessary for agencies to meet these challenges. The National Defense 
Authorization Act for Fiscal Year 2004[Footnote 3] has given DOD 
significant authorities to address the way in which defense civilian 
employees are hired, compensated, promoted, and disciplined, and 
proposed regulations to implement these authorities have been jointly 
released by the Secretary of Defense and the Acting Director of the 
Office of Personnel Management (OPM). The remaining five governmentwide 
high-risk areas include managing federal real property, protecting 
federal information systems and the nation's critical infrastructure, 
establishing appropriate and effective information-sharing mechanisms 
to improve homeland security, modernizing federal disability programs, 
and managing interagency contracting more effectively. 

There are other important broad-based challenges facing our government 
that we will be closely monitoring even though we have not yet 
categorized them as high risk. One emerging area of concern involves 
the need for DOD along with other agencies to develop and use a 
strategic risk-based approach for establishing goals, evaluating and 
setting priorities, and making difficult resource decisions. 
Strategically managing risks and investment decisions across the 
department is crucial for DOD as it faces growing questions about the 
affordability and sustainability of the rate of growth in defense 
spending and the shift in focus from conventional threats posed by the 
Cold War era to more unconventional and asymmetric threats evidenced in 
the events of September 11, 2001. To its credit, we understand that DOD 
is attempting to implement a risk management framework for making 
broad, strategic investment decisions across the department, and we are 
monitoring this effort. 

Regarding the way forward, there are three essential elements that DOD 
must incorporate into its business transformation efforts if it is to 
successfully address the systemic management problems related to its 
high-risk areas. First, in our experience, a successful business 
transformation effort must include a comprehensive, integrated business 
transformation strategic and action plan with results-oriented 
performance measures that link institutional, unit, and personnel 
goals, measures, and expectations. Second, we propose that those 
responsible for business systems modernization control the allocation 
and execution of funds for DOD business systems. Finally, due to the 
complexity and long-term nature of these efforts, strong and sustained 
executive leadership is needed if they are to succeed. We believe one 
way to ensure this strong and sustained leadership over DOD's business 
management reform efforts would be to create a full-time, executive-
level II position for a Chief Management Official (CMO), who would 
serve as the Deputy Secretary of Defense for Management. We believe 
that the new CMO position should be filled by an individual appointed 
by the President and confirmed by the Senate, for a set term of 7 years 
with the potential for reappointment. Articulating the role and 
responsibilities of the position in statute and establishing a term 
that spans administrations underscores the importance of a 
professional, nonpartisan approach to this business management-
oriented position. This position would elevate, integrate, and 
institutionalize the attention essential for addressing key stewardship 
responsibilities, such as strategic planning, enterprise architecture 
development and implementation, information technology management, and 
financial management, while facilitating the overall business 
management transformation within DOD. 

DOD's High-Risk Areas, Including Governmentwide High-Risk Areas: 

Numerous systems problems, inefficiencies, and wasted resources 
continue to trouble DOD's business operations, resulting in our 
designation of 14 high-risk areas that are either DOD-specific programs 
or governmentwide high-risk areas for which DOD shares some 
responsibility. As shown in table 1, we have designated two new high-
risk areas for DOD this year. The first, DOD's approach to business 
management transformation, represents an overarching high-risk area, 
encompassing the other seven key DOD-specific business operations that 
we have designated as individual high-risk areas. The second, DOD's 
personnel security clearance program, was added to our 2005 high-risk 
list because of delays in completing hundreds of thousands of 
background investigations and adjudications (a review of investigative 
information to determine eligibility for a security clearance). Many of 
the remaining DOD-specific areas have been on the list for a decade or 
more. In addition to the DOD-specific high-risk areas shown in table 1, 
I will later discuss the six governmentwide areas, such as human 
capital management, for which DOD shares responsibility with other 
federal agencies. 

Table 1: Years When Specific DOD Areas on GAO's 2005 High Risk List 
Were First Designated as High Risk: 

Area: DOD approach to business transformation; 
Year designated high risk: 2005. 

Area: * DOD personnel security clearance program; 
Year designated high risk: 2005. 

Area: * DOD support infrastructure management; 
Year designated high risk: 1997. 

Area: * DOD business systems modernization; 
Year designated high risk: 1995. 

Area: * DOD financial management; 
Year designated high risk: 1995. 

Area: * DOD weapon systems acquisition; 
Year designated high risk: 1990. 

Area: * DOD contract management; 
Year designated high risk: 1992. 

Area: * DOD supply chain management[A]; 
Year designated high risk: 1990[A]. 

Source: GAO. 

[A] This area was formerly entitled DOD inventory management. 

[End of table]

DOD's Approach to Business Transformation: 

DOD's approach to business management transformation represents an 
overarching high-risk area, encompassing several other key business 
operations. Over the years, DOD has embarked on a series of efforts to 
reform its business management operations, including modernizing 
underlying information technology (business) systems. However, serious 
inefficiencies remain. As a result, the areas of support infrastructure 
management, business systems modernization, financial management, 
weapon systems acquisition, contract management, and supply chain 
management remain high-risk DOD business operations. We now consider 
DOD's overall approach to business transformation to be a high-risk 
area because (1) DOD's business improvement initiatives and control 
over resources are fragmented; (2) DOD lacks a clear strategic and 
integrated business transformation plan and investment strategy, 
including a well-defined enterprise architecture to guide and constrain 
implementation of such a plan; and (3) DOD has not designated a senior 
management official responsible and accountable for overall business 
transformation reform and related resources. 

Unless DOD makes progress in overall business transformation, we 
believe it will continue to have difficulties in confronting other 
problems in its business operations. DOD spends billions of dollars to 
sustain key business operations intended to support the warfighter, 
including systems and processes related to support infrastructure, 
[Footnote 4] finances, weapon systems acquisition, the management of 
contracts, and the supply chain. We have previously testified on 
inefficiencies in DOD's business operations, such as the lack of 
sustained leadership, the lack of a comprehensive and integrated 
business transformation strategic and action plan, and inadequate 
incentives.[Footnote 5] Moreover, the lack of adequate transparency and 
accountability across DOD's major business areas results in billions of 
dollars of wasted resources annually at a time of increasing military 
operations and growing fiscal constraints. 

Business transformation requires long-term cultural change, business 
process reengineering, and a commitment from both the executive and 
legislative branches of government. Although sound strategic planning 
is the foundation on which to build, DOD needs clear, capable, 
sustained, and professional leadership to maintain the continuity 
necessary for success. Such leadership would provide the attention 
essential for addressing key stewardship responsibilities--such as 
strategic planning, performance management, business information 
management, and financial management--in an integrated manner, while 
helping to facilitate the overall business transformation effort within 
DOD. 

Personnel Security Clearance Program: 

The second high-risk area is DOD's personnel security clearance 
program. Delays in completing hundreds of thousands of background 
investigations and adjudications (a review of investigative information 
to determine eligibility for a security clearance) have led us to add 
the DOD personnel security clearance program to our 2005 high-risk 
list. Personnel security clearances allow individuals to gain access to 
classified information. In some cases, unauthorized disclosure of 
classified information could reasonably be expected to cause 
exceptionally grave damage to national defense or foreign relations. 
DOD has approximately 2 million active clearances as a result of 
worldwide deployments, contact with sensitive equipment, and other 
security requirements. While our work on the clearance process has 
focused on DOD, clearance delays in other federal agencies suggest that 
similar impediments and their effects may extend beyond DOD. 

Since at least the 1990s, we have documented problems with DOD's 
personnel security clearance process, particularly problems related to 
backlogs and the resulting delays in determining clearance 
eligibility.[Footnote 6] Since fiscal year 2000, DOD has declared its 
personnel security clearance investigations program to be a systemic 
weakness[Footnote 7]--a weakness that affects more than one DOD 
component and may jeopardize the department's operations. An October 
2002 House Committee on Government Reform report also recommended 
including DOD's adjudicative process as a material weakness.[Footnote 
8] As of September 30, 2003 (the most recent data available), DOD could 
not estimate the full size of its backlog, but we identified over 
350,000 cases exceeding established time frames for determining 
eligibility.[Footnote 9]

DOD has taken steps to address the backlog--such as hiring more 
adjudicators and authorizing overtime for adjudicative staff--but a 
significant shortage of trained federal and private-sector 
investigative personnel presents a major obstacle to timely completion 
of cases. Other impediments to eliminating the backlog include the 
absence of an integrated, comprehensive management plan for addressing 
a wide variety of problems identified by us and others. In addition to 
matching adjudicative staff to workloads and working with OPM to 
develop an overall management plan, DOD needs to develop and use new 
methods for forecasting clearance needs and monitoring backlogs, 
eliminate unnecessary limitations on reciprocity (the acceptance of a 
clearance and access granted by another department, agency, or military 
service), determine the feasibility of implementing initiatives that 
could decrease the backlog and delays, and provide better oversight for 
all aspects of its personnel security clearance process. The National 
Defense Authorization Act for Fiscal Year 2004[Footnote 10] authorized 
the transfer of DOD's personnel security investigative function and 
over 1,800 investigative employees to OPM. This transfer took place in 
February 2005. While the transfer eliminated DOD's responsibility for 
conducting the investigations, it did not eliminate the shortage of 
trained investigative personnel needed to address the backlog. Although 
DOD retained the responsibility for adjudicating clearances, OPM is now 
accountable for ensuring that investigations are completed in a timely 
manner. 

Support Infrastructure Management: 

The third high-risk area is DOD's support infrastructure management, 
which we first identified as being high risk in 1997. DOD has made 
progress and expects to continue making improvements in its 
infrastructure management, but much work remains to be done. DOD's 
support infrastructure includes categories such as force installations, 
central logistics, the defense health program, and central training. 
DOD's infrastructure costs continue to consume a larger-than-necessary 
portion of its budget than DOD believes is desirable, despite 
reductions in the size of the military force following the end of the 
Cold War. For several years, DOD also has been concerned about its 
excess facilities infrastructure, which affects its ability to devote 
more funding to weapon systems modernization and other critical needs. 
DOD reported that many of its business processes and much of its 
infrastructure are outdated and must be modernized. Left alone, the 
current organizational arrangements, processes, and systems will 
continue to drain scarce resources. 

DOD officials recognize that they must achieve greater efficiencies in 
managing their support operations. DOD has achieved some operating 
efficiencies and reductions from such efforts as base realignments and 
closures, consolidations, organizational and business process 
reengineering, and competitive sourcing. It also has achieved 
efficiencies by eliminating unneeded facilities through such means as 
demolishing unneeded buildings and privatizing housing at military 
facilities. In addition, DOD and the services are currently gathering 
and analyzing data to support a new round of base realignments and 
closures in 2005 and facilitating other changes as a result of DOD's 
overseas basing study. 

Despite this progress, much work remains for DOD to transform its 
support infrastructure to improve operations, achieve efficiencies, and 
allow it to concentrate resources on the most critical needs. 
Organizations throughout DOD need to continue reengineering their 
business processes and striving for greater operational effectiveness 
and efficiency. DOD needs to develop a plan to better integrate, guide, 
and sustain the implementation of its diverse business transformation 
initiatives in an integrated fashion. DOD also needs to strengthen its 
recent efforts to develop and refine its comprehensive long-range plan 
for its facilities infrastructure to ensure adequate funding to support 
facility sustainment, modernization, recapitalization, and base 
operating support needs. DOD generally concurs with our prior 
recommendations in this area and indicates it is taking actions to 
address them. A key to any successful approach to resolving DOD's 
support infrastructure management issues will be addressing this area 
as part of a comprehensive, integrated business transformation effort. 

Business Systems Modernization: 

The fourth high-risk area is DOD's business systems modernization 
program, which we first designated as high risk in 1995. We continue to 
categorize DOD's business systems modernization program as a high-risk 
area because of a lack of an enterprise architecture to guide and 
constrain system investments and ineffective management oversight, 
system acquisition, and investment management practices. As a result, 
DOD's current operating practices and over 4,000 systems function in a 
stovepiped, duplicative, and nonintegrated environment that contributes 
to DOD's operational problems. For years, DOD has attempted to 
modernize these systems, and we have provided numerous recommendations 
to help guide its efforts. For example, in 2001 we provided DOD with a 
set of recommendations to help it develop and implement an enterprise 
architecture (or modernization blueprint) and establish effective 
investment management controls.[Footnote 11] Such an enterprise 
architecture is essential for DOD to guide and constrain how it spends 
billions of dollars annually on information technology systems. We also 
made numerous project-specific and DOD-wide recommendations aimed at 
getting DOD to follow proven best practices when it acquired system 
solutions.[Footnote 12] While DOD agreed with most of these 
recommendations, to date the department has made limited progress in 
addressing them. 

In May 2004, we reported that after 3 years and over $203 million in 
obligations, DOD had not yet developed a business enterprise 
architecture containing sufficient scope and detail to guide and 
constrain its departmentwide systems modernization and business 
transformation.[Footnote 13] One reason for this limited progress is 
DOD's failure to adopt key architecture management best practices that 
we recommended,[Footnote 14] such as developing plans for creating the 
architecture; assigning accountability and responsibility for 
directing, overseeing, and approving the architecture; and defining 
performance metrics for evaluating the architecture. Under a provision 
in the Ronald W. Reagan National Defense Authorization Act for Fiscal 
Year 2005,[Footnote 15] DOD must develop an enterprise architecture to 
cover all defense business systems and related business functions and 
activities that is sufficiently defined to effectively guide, 
constrain, and permit implementation of a corporatewide solution and is 
consistent with the policies and procedures established by the Office 
of Management and Budget (OMB). Additionally, the act requires the 
development of a transition plan that includes an acquisition strategy 
for new systems and a listing of the termination dates of current 
legacy systems that will not be part of the corporatewide solution, as 
well as a listing of legacy systems that will be modified to become 
part of the corporatewide solution for addressing DOD's business 
management deficiencies. 

In May 2004, we also reported that the department's approach to 
investing billions of dollars annually in existing systems had not 
changed significantly.[Footnote 16] As a result, DOD lacked an 
effective investment management process for selecting and controlling 
ongoing and planned business systems investments. While DOD issued a 
policy that assigns investment management responsibilities for business 
systems, in May 2004 we reported[Footnote 17] that DOD had not yet 
defined the detailed procedures necessary for implementing the policy, 
clearly defined the roles and responsibilities of the business domain 
owners (now referred to as core business mission areas), established 
common investment criteria, or ensured that its business systems are 
consistent with the architecture. 

To address certain provisions and requirements of the Ronald W. Reagan 
National Defense Authorization Act for Fiscal Year 2005,[Footnote 18] 
on March 24, 2005, the Deputy Secretary of Defense directed the 
transfer of program management, oversight, and support responsibilities 
regarding DOD business transformation efforts from the Office of the 
Under Secretary of Defense, Comptroller, to the Office of the Under 
Secretary of Defense for Acquisition, Technology, and Logistics 
(OUSD(AT&L)). According to the directive, this transfer of functions 
and responsibilities will allow the OUSD(AT&L) to establish the level 
of activity necessary to support and coordinate activities of the newly 
established Defense Business Systems Management Committee (DBSMC). As 
required by the Act, the DBSMC, with representation including the 
Deputy Secretary of Defense, the designated approval 
authorities,[Footnote 19] and secretaries of the military services and 
heads of the defense agencies, is the highest ranking governance body 
responsible for overseeing DOD business systems modernization efforts. 
While this committee may serve as a useful planning and coordination 
forum, it is important to remember that committees and task forces do 
not lead, people do. In addition, DOD still needs to designate a person 
to have overall responsibility and accountability for this effort for a 
sustained period of time. This person must have the background and 
authority needed to successfully achieve the related objectives for 
business systems modernization efforts. 

On March 19, 2005, the Deputy Secretary of Defense delegated the 
authority for the review, approval, and oversight of the planning, 
design, acquisition, development, operation, maintenance, and 
modernization of defense business systems to the designated approval 
authority for each business area.[Footnote 20] However, according to 
DOD's annual report to congressional defense committees on the status 
of the department's business management modernization program, DOD has 
not yet established investment review boards below the DBSMC for each 
core business mission. The statutory requirements enacted as part of 
the Ronald W. Reagan National Defense Authorization Act for Fiscal Year 
2005[Footnote 21] further require that the DBSMC must agree with the 
designated approval authorities' certification of funds exceeding $1 
million for the modernization of business systems before funds can be 
obligated. More importantly, the obligation of these funds without the 
requisite approval by the DBSMC is deemed a violation of the Anti-
Deficiency Act.[Footnote 22]

As DOD develops a comprehensive, integrated business transformation 
plan, such a plan must include an approach to resolve the business 
systems modernization problems. We were recently briefed on the 
department's conceptual framework for business system modernization. 
While the framework has merit and is a good first step, the department 
will need to translate its framework into a comprehensive and 
integrated plan of action. This plan should include priorities, key 
stakeholders, timeframes, and accountability and it should be linked to 
institutional, unit, and individual reward systems. To this end, it is 
critical that DOD provide the implementation of our many business 
systems modernization-related recommendations in this plan. 

Financial Management: 

The fifth high-risk area is DOD's financial management program, which 
we first designated as high risk in 1995. As I testified before the 
House Committee on Government Reform in February 2005,[Footnote 23] and 
as discussed in our report on the U.S. government's consolidated 
financial statements for fiscal year 2004,[Footnote 24] DOD's financial 
management deficiencies, taken together, represent a major impediment 
to achieving an unqualified opinion on the U.S. government's 
consolidated financial statements. DOD continues to face financial 
management problems that are pervasive, complex, long-standing, and 
deeply rooted in virtually all of its business operations. DOD's 
financial management deficiencies adversely affect the department's 
ability to control costs, ensure basic accountability, anticipate 
future costs and claims on the budget, measure performance, maintain 
funds control, prevent fraud, and address pressing management issues. 

Our recent reports and testimonies on Army reserve and national guard 
pay issues clearly illustrate the impact deficiencies in DOD's 
financial management have had on the very men and women our country is 
depending on to perform our military operations. For example, in 
February 2005, we reported that the Army's process for extending active 
duty orders for injured soldiers lacks an adequate control environment 
and management controls[Footnote 25]--including (1) clear and 
comprehensive guidance, (2) a system to provide visibility over injured 
soldiers, and (3) adequate training and education programs. The Army 
also has not established user-friendly processes--including clear 
approval criteria and adequate infrastructure and support services. 

Poorly defined processes for extending active duty orders for injured 
and ill reserve component soldiers have caused soldiers to be 
inappropriately dropped from their active duty orders. For some, this 
has led to significant gaps in pay and health insurance, which has 
created financial hardships for these soldiers and their families. 
Based on our analysis of Army manpower data during the period from 
February 2004 through April 7, 2004, almost 34 percent of the 867 
soldiers who applied for extension of active duty orders--because of 
injuries or illness--lost their active duty status before their 
extension requests were granted. For many soldiers, this resulted in 
being removed from active duty status in the automated systems that 
control pay and access to benefits such as medical care and access to a 
commissary or post exchange that allows soldiers and their families to 
purchase groceries and other goods at a discount. Many Army locations 
have used ad hoc procedures to keep soldiers in pay status; however, 
these procedures often circumvent key internal controls and put the 
Army at risk of making improper and potentially fraudulent payments. 
Finally, the Army's nonintegrated systems, which require extensive 
error-prone manual data entry, further delay access to pay and 
benefits. 

The Army recently implemented the Medical Retention Processing (MRP) 
program, which takes the place of the previously existing process in 
most cases. The MRP program, which authorizes an automatic 179 days of 
pay and benefits, may resolve the timeliness of the front-end approval 
process. However, the MRP program has some of the same problems as the 
existing process and may also result in overpayments to soldiers who 
are released early from their MRP orders. 

DOD's senior civilian and military leaders have taken positive steps to 
begin reforming the department's financial management operations. 
However, to date, tangible evidence of improvement has been seen in 
only a few specific areas, such as internal controls related to DOD's 
purchase card and individually billed travel card programs. Further, we 
reported in September 2004[Footnote 26] that while DOD had established 
a goal of obtaining a clean opinion on its financial statements by 
2007, it lacked a written and realistic plan to make that goal a 
reality. DOD's continuing, substantial financial management weaknesses 
adversely affect its ability to produce auditable financial information 
as well as provide accurate and timely information for management and 
Congress to use in making informed decisions. 

Overhauling the financial management and related business operations of 
one of the largest and most complex organizations in the world 
represents a daunting challenge. Such an overhaul of DOD's financial 
management operations goes far beyond financial accounting to the very 
fiber of the department's wide-ranging business operations and its 
management culture. It will require (1) sustained leadership and 
resource control, (2) clear lines of responsibility and accountability, 
(3) plans and related results-oriented performance measures, and (4) 
appropriate individual and organizational incentives and consequences. 
DOD is still in the very early stages of a departmentwide overhaul that 
will take years to accomplish. DOD has not yet established a framework 
to integrate improvement efforts in this area with related broad-based 
DOD initiatives, such as human capital reform. However, successful, 
lasting reform in this area will only be possible if implemented as 
part of a comprehensive and integrated approach to transforming all of 
DOD's business operations. 

Weapon Systems Acquisition: 

The sixth high-risk area is DOD's acquisition of weapon systems. We 
designated this as a high-risk area in 1990, and it remains so today. 
While DOD's acquisition process has produced the best weapons in the 
world, it also consistently yields undesirable consequences--such as 
cost increases, late deliveries to the warfighter, and performance 
shortfalls. Such problems were highlighted, for example, in our reviews 
of DOD's F/A-22 Raptor, Space-Based Infrared System, Airborne Laser, 
and other programs. Problems occur because DOD's weapon programs do not 
capture early on the requisite knowledge that is needed to efficiently 
and effectively manage program risks. For example, programs move 
forward with unrealistic program cost and schedule estimates, lack 
clearly defined and stable requirements, use immature technologies in 
launching product development, and fail to solidify design and 
manufacturing processes at appropriate junctures in development. 

When programs require more resources than planned, the buying power of 
the defense dollar is reduced and funds are not available for other 
competing needs. It is not unusual for estimates of time and money to 
be off by 20 to 50 percent. When costs and schedules increase, 
quantities are cut and the value for the warfighter--as well as the 
value of the investment dollar--is reduced. In these times of 
asymmetric threats and netcentricity, individual weapon system 
investments are getting larger and more complex. Just 4 years ago, the 
top five weapon systems cost about $281 billion; today, in the same 
base year dollars, the five weapon systems cost about $521 billion. If 
these megasystems are managed with traditional margins of error, the 
financial consequences--particularly the ripple effects on other 
programs--can be dire. 

While weapon systems acquisition continues to remain on our high-risk 
list, DOD has undertaken a number of acquisition reforms over the past 
5 years. Specifically, DOD has restructured its acquisition policy to 
incorporate attributes of a knowledge-based acquisition model and has 
reemphasized the discipline of systems engineering. In addition, DOD 
recently introduced new policies to strengthen its budgeting and 
requirements determination processes in order to plan and manage weapon 
systems based on joint warfighting capabilities. While these policy 
changes are positive steps, implementation in individual programs will 
continue to be a challenge because of inherent funding, management, and 
cultural factors that lead managers to develop business cases for new 
programs that over-promise on cost, delivery, and performance of weapon 
systems. 

It is imperative that needs be distinguished from wants and that DOD's 
limited resources be allocated to the most appropriate weapon system 
investments. Once the best investments that can be afforded are 
identified, then DOD must follow its own policy to employ the knowledge-
based strategies essential for delivering the investments within 
projected resources. Making practice follow policy is not a simple 
matter. It is a complex challenge involving many factors. One of the 
most important factors is putting the right managers in their positions 
long enough so that they can be both effective and accountable for 
getting results. 

Contract Management: 

The seventh high-risk area is DOD's contract management program, which 
we designated as a high-risk area in 1992. DOD, the government's 
largest purchaser at over $200 billion in fiscal year 2003, is unable 
to assure that it is using sound business practices to acquire the 
goods and services needed to meet the warfighter's needs. For example, 
over the past decade DOD has significantly increased its spending on 
contractor-provided information technology and management support 
services, but it has not yet fully implemented a strategic approach to 
acquiring these services. In 2002, DOD and the military departments 
established a structure to review individual service acquisitions 
valued at $500 million or more, and in 2003 they launched a pilot 
program to help identify strategic sourcing opportunities. To further 
promote a strategic orientation, however, DOD needs to establish a 
departmentwide concept of operations; set performance goals, including 
savings targets; and ensure accountability for achieving them. In March 
2004, we reported that if greater management focus were given to 
opportunities to capture savings through the purchase card program, DOD 
could potentially save tens of millions of dollars without sacrificing 
the ability to acquire items quickly or compromising other 
goals.[Footnote 27]

DOD also needs to have the right skills and capabilities in its 
acquisition workforce to effectively implement best practices and 
properly manage the goods and services it buys. However, DOD reduced 
its civilian workforce by about 38 percent between fiscal years 1989 
and 2002 without ensuring that it had the specific skills and 
competencies needed to accomplish current and future DOD missions, and 
more than half of its current workforce will be eligible for early or 
regular retirement in the next 5 years. We found that inadequate 
staffing and the lack of clearly defined roles and responsibilities 
contributed to contract administration challenges encountered in 
Operation Iraqi Freedom (OIF).[Footnote 28] Further, we have reported 
that DOD's extensive use of military logistical support contracts in 
OIF and elsewhere required strengthened oversight.[Footnote 29] Just 
recently, we identified surveillance issues in almost a third of the 
contracts we reviewed. We also noted that some personnel performing 
surveillance had not received required training, while others felt that 
they did not have sufficient time in a normal workday to perform their 
surveillance duties.[Footnote 30] DOD has made progress in laying a 
foundation for reshaping its acquisition workforce by initiating a long-
term strategic planning effort, but as of June 2004 it did not yet have 
the comprehensive strategic workforce plan needed to guide its efforts. 

DOD uses various techniques--such as performance-based service 
contracting, multiple-award task order contracts, and purchase cards--
to acquire the goods and services it needs. We have found, however, 
that DOD personnel did not always make sound use of these tools. For 
example, in June 2004, we reported that more than half of the task 
orders to support Iraq reconstruction efforts we reviewed were, in 
whole or in part, outside the scope of the underlying 
contract.[Footnote 31] In July 2004, we found that DOD personnel waived 
competition requirements for nearly half of the task orders 
reviewed.[Footnote 32] As a result of the frequent use of waivers, DOD 
had fewer opportunities to obtain the potential benefits of 
competition--improved levels of service, market-tested prices, and the 
best overall value. We also found that DOD lacked safeguards to ensure 
that waivers were granted only under appropriate circumstances. 

Our work has shown that DOD would benefit by making use of commercial 
best practices, such as taking a strategic approach to acquiring 
services; building on initial efforts to develop a strategic human 
capital plan for its civilian workforce; and improving safeguards, 
issuing additional guidance, and providing training to its workforce on 
the appropriate use of contracting techniques and approaches.[Footnote 
33] DOD is undertaking corrective actions, but because most efforts are 
in their early stages, it is uncertain whether they can be fully and 
successfully implemented in the near term. A key to resolving DOD's 
contract management issues will be addressing them as part of a 
comprehensive and integrated business transformation plan. 

Supply Chain Management: 

The eighth high-risk area is DOD's supply chain management program. In 
1990, we identified DOD's inventory management as a high-risk area 
because inventory levels were too high and the supply system was not 
responsive to the needs of the warfighter. We have since expanded the 
inventory management high-risk area to include DOD's management of 
certain key aspects of its supply chain, including distribution, 
inventory management, and asset visibility, because of significant 
weaknesses we have uncovered since our 2003 high-risk series was 
published. For example, during OIF, the supply chain encountered many 
problems, including backlogs of hundreds of pallets and containers at 
distribution points, a $1.2 billion discrepancy in the amount of 
material shipped to--and received by--Army activities, cannibalized 
equipment because of a lack of spare parts, and millions of dollars 
spent in late fees to lease or replace storage containers because of 
distribution backlogs and losses. Moreover, we identified shortages of 
items such as tires, vehicle track shoes, body armor, and batteries for 
critical communication and electronic equipment. These problems were 
the result of systemic deficiencies in DOD's supply chain, including 
inaccurate requirements, funding delays, acquisition delays, and 
ineffective theater distribution. 

While DOD reports show that the department currently owns about $67 
billion worth of inventory, shortages of certain critical spare parts 
are adversely affecting equipment readiness and contributing to 
maintenance delays. The Defense Logistics Agency (DLA) and each of the 
military services have experienced significant shortages of critical 
spare parts, even though more than half of DOD's reported inventory--
about $35 billion--exceeded current operating requirements. In many 
cases, these shortages contributed directly to equipment downtime, 
maintenance problems, and the services' failure to meet their supply 
availability goals. DOD, DLA, and the military services each lack 
strategic approaches and detailed plans that could help mitigate these 
critical spare parts shortages and guide their many initiatives aimed 
at improving inventory management. 

DOD's continued supply chain problems also resulted in shortages of 
items in Iraq. In an April 8, 2005, report, we reported that demands 
for items like vehicle track shoes, batteries, and tires exceeded their 
availability because the department did not have accurate or adequately 
funded Army war reserve requirements and had inaccurate forecasts of 
supply demands for the operation.[Footnote 34] Furthermore, the Army's 
funding approval process delayed the flow of funds to buy them. 
Meanwhile, rapid acquisition of other items faced obstacles. Body armor 
production was limited by the availability of Kevlar and other critical 
materials, whereas the delivery of up-armored High Mobility Multi-
Purpose Wheeled Vehicles and armor kits was slowed by DOD's decisions 
to pace production. In addition, numerous problems, such as 
insufficient transportation, personnel, and equipment, as well as 
inadequate information systems, hindered DOD's ability to deliver the 
right items to the right place at the right time for the warfighter. 
Among the items the department had problems delivering were generators 
for Assault Amphibian Vehicles, tires, and Meals Ready-to-Eat. 

In addition to supply shortages, DOD also lacks visibility and control 
over the supplies and spare parts it owns. Therefore, it cannot monitor 
the responsiveness and effectiveness of the supply system to identify 
and eliminate choke points.[Footnote 35] Currently, DOD does not have 
the ability to provide timely or accurate information on the location, 
movement, status, or identity of its supplies. Although total asset 
visibility has been a departmentwide goal for over 30 years, DOD 
estimates that it will not achieve this visibility until the year 2010. 
DOD may not meet this goal by 2010, however, unless it overcomes three 
significant impediments: developing a comprehensive plan for achieving 
visibility, building the necessary integration among its many inventory 
management information systems, and correcting long-standing data 
accuracy and reliability problems within existing inventory management 
systems. 

DOD, DLA, and the services have undertaken a number of initiatives to 
improve and transform DOD's supply chain. Many of these initiatives 
were developed in response to the logistics problems reported during 
OIF. While these initiatives represent a step in the right direction, 
the lack of a comprehensive, departmentwide logistics reengineering 
strategy to guide their implementation may limit their overall 
effectiveness. A key to successful implementation of a comprehensive 
logistics strategy will be addressing these initiatives as part of a 
comprehensive, integrated business transformation. 

DOD Management Weaknesses Contribute to Governmentwide High-Risk Areas: 

I would now like to spend a few minutes discussing the six 
governmentwide high-risk areas where DOD shares responsibility with 
other federal agencies. First, I would like to provide our preliminary 
observations on DOD's attempt to address a critically important 
governmentwide high-risk area--strategic human capital management--
through its new human resources management system, the National 
Security Personnel System (NSPS). I also will briefly discuss DOD's 
need to address five additional governmentwide high-risk challenges as 
part of the transformation of its business management practices. 

Strategic Human Capital Management: 

Successful implementation of NSPS is essential for DOD as it attempts 
to transform its military forces and defense business practices in 
response to 21st century challenges. In addition, this new human 
resource management system, if properly designed and effectively 
implemented, could serve as a model for governmentwide human capital 
transformation. DOD is one of several federal agencies that has been 
granted the authority by Congress to design a new human capital system 
as a way to address the first governmentwide high-risk area, strategic 
human capital management. This effort represents a huge undertaking for 
DOD, given its massive size and geographically and culturally diverse 
workforce. As I recently testified on DOD's proposed NSPS 
regulations,[Footnote 36] our ongoing work continues to raise questions 
about DOD's chances of success in its efforts to effect fundamental 
business management reform, such as NSPS. I would like to acknowledge, 
however, that DOD's NSPS regulations take a valuable step toward a 
modern performance management system as well as a more market-based and 
results-oriented compensation system. 

On February 14, 2005, the Secretary of Defense and the Acting Director 
of OPM released the proposed NSPS regulations for public comment. Many 
of the principles underlying those regulations are generally consistent 
with proven approaches to strategic human capital management. For 
instance, the proposed regulations provide for (1) elements of a 
flexible and contemporary human resources management system, such as 
pay bands and pay for performance; (2) rightsizing of DOD's workforce 
when implementing reduction-in-force orders by giving greater priority 
to employee performance in its retention decisions; and (3) continuing 
collaboration with employee representatives. (It should be noted, 
however, that 10 federal labor unions have filed suit alleging that DOD 
failed to abide by the statutory requirements to include employee 
representatives in the development of DOD's new labor relations system 
authorized as part of NSPS.)

Despite this progress, we have three primary areas of concern about the 
proposed NSPS regulations. DOD's proposed regulations do not (1) define 
the details of the implementation of the system, including such issues 
as adequate safeguards to help ensure fairness and guard against abuse; 
(2) require, as we believe they should, the use of core competencies to 
communicate to employees what is expected of them on the job; and (3) 
identify a process for the continuing involvement of employees in the 
planning, development, and implementation of NSPS. 

DOD also faces multiple implementation challenges once it issues its 
final NSPS regulations. Given the huge undertaking NSPS represents, 
another challenge is to elevate, integrate, and institutionalize 
leadership responsibility for this large-scale organizational change 
initiative to ensure its success. A chief management official or 
similar position can effectively provide the continuing, focused 
leadership essential to successfully completing these multiyear 
transformations. Additionally, DOD could benefit if it develops a 
comprehensive communications strategy that provides for ongoing, 
meaningful two-way communication to create shared expectations among 
employees, employee representatives, managers, customers, and 
stakeholders. Finally, appropriate institutional infrastructure could 
enable DOD to make effective use of its new authorities. At a minimum, 
this infrastructure includes a human capital planning process that 
integrates DOD's human capital policies, strategies, and programs with 
its program goals, mission, and desired outcomes; the capabilities to 
effectively develop and implement a new human capital system; and a set 
of adequate safeguards--including reasonable transparency and 
appropriate accountability mechanisms--to help ensure the fair, 
effective, and credible implementation and application of a new system. 

We strongly support the need for government transformation and the 
concept of modernizing federal human capital policies within both DOD 
and the federal government at large. There is general recognition that 
the federal government needs a framework to guide human capital reform. 
Such a framework would consist of a set of values, principles, 
processes, and safeguards that would provide consistency across the 
federal government but be adaptable to agencies' diverse missions, 
cultures, and workforces. 

Other Related Governmentwide High-Risk Areas: 

In addition to the governmentwide human capital high-risk area, DOD 
shares responsibility for five other high-risk areas. These areas are 
managing federal real property, protecting federal information systems 
and the nation's critical infrastructure, establishing appropriate and 
effective information-sharing mechanisms to improve homeland security, 
modernizing federal disability programs, and managing interagency 
contracting more effectively. 

* Managing federal real property: In January 2003, we designated 
federal real property as a high-risk area due to long-standing problems 
with excess and underutilized property, deteriorating facilities, 
unreliable real property data, and costly space challenges. To better 
manage federal real property, DOD is preparing for a round of base 
realignments and closures (BRAC) in 2005 to eliminate excess physical 
capacity and rationalize its infrastructure with the defense strategy. 
For BRAC 2005, we will continue to serve as an independent and 
objective observer of the process and will assess and report on DOD's 
decision-making processes leading up to the proposed realignment and 
closure recommendations. From our vantage point, we will determine to 
what extent DOD follows a clear, transparent, consistently applied 
process--one where we can see a logical flow between DOD's analysis and 
its decision making. Although we do not attend or participate in 
deliberative meetings involving BRAC, we are permitted access to the 
minutes of these meetings and to officials involved in the process. 

* Protecting federal information systems and the nation's critical 
infrastructure: Although DOD has made some improvements, significant 
information security weaknesses at DOD as well as other federal 
agencies continue to place a broad array of federal operations and 
assets at risk of fraud, misuse, and disruption. In November 2002, for 
example, a British computer administrator was indicted on charges that 
he accessed and damaged 98 computers in 14 states from March 2001 
through March 2002, causing some $900,000 in damage to the computers. 
The attacks rendered the networks of the Earle Naval Weapons Station in 
New Jersey and the Military District of Washington inoperable. We 
reported in 2003 that DOD had undertaken a defensewide information 
assurance program to promote integrated, comprehensive, and consistent 
practices across the department to prevent similar attacks on its 
information systems and had recently issued policy guidance and 
implementation instructions.[Footnote 37] However, we found that DOD 
did not have mechanisms in place for comprehensively measuring 
compliance with federal and department information security policies 
and ensuring that those policies are consistently practiced throughout 
DOD. In fact, DOD reported several material control weaknesses, which 
included needing to decrease the time necessary for correcting reported 
weaknesses and ensuring that computer security policies were enforced 
and security capabilities were tested regularly. 

* Establishing appropriate and effective information sharing mechanisms 
to improve homeland security: Recent events and changes in the overall 
security environment have served to reinforce the importance of having 
appropriate and effective information and knowledge-sharing mechanisms 
in place that cross organizational, geographic, and sectoral 
boundaries. Progress has been made since the tragic events of September 
11, 2001, but much remains to be done. Achieving success in this area 
will involve the combined efforts of many agencies, including DOD, as 
well as a range of other key players. 

* Modernizing federal disability programs: Our work examining federal 
disability programs has found that these programs are neither well 
aligned with 21st century realities nor positioned to provide 
meaningful and timely support for Americans with disabilities. Since 
GAO designated this area as high risk in 2003, the Department of 
Veterans Affairs (VA) and the Social Security Administration (SSA) have 
made some progress toward improving their disability programs. However, 
both VA and SSA still have difficulties managing their disability 
programs. They experience lengthy processing times for disability 
claims and lack a clear understanding of the extent of possible 
inconsistencies in their disability decisions. Furthermore, these 
programs remain grounded in outmoded concepts of disability that have 
not been updated to reflect the current state of science, medicine, 
technology, and labor market conditions. The U.S. government is faced 
with the return of more than 10,000 servicemembers who have sustained 
combat-related injuries in the current conflicts in Afghanistan and 
Iraq. Reassessing the impact of disabilities on their work capacity is 
especially important in light of recent advances in medicine and 
improved prosthetics, which have enabled some service members to return 
to active duty. This example illustrates the potential for better 
aligning federal disability programs with social changes that focus on 
supporting the work capacities of all people with disabilities. In 
light of the projected shrinkage of the workforce, focusing on work 
capacity is becoming increasingly important for the U.S. economy. The 
last two National Defense Authorization Acts afford us an opportunity 
to develop information and analysis that could be used to reassess the 
basis for current federal disability policies. The National Defense 
Authorization Act for Fiscal Year 2004 established the Veterans' 
Disability Benefits Commission.[Footnote 38] This commission is charged 
with studying the benefits provided to compensate and assist veterans 
who suffer disabilities attributable to military service, and their 
survivors.[Footnote 39] The law requires the commission to study, among 
other things, the appropriateness of such benefits, the appropriate 
standard for determining whether a veteran's disability should be 
compensated, and the appropriateness of a schedule for rating 
disabilities based on average impairment of earning capacity. The 
Ronald W. Reagan National Defense Authorization Act for Fiscal Year 
2005 mandated a GAO study of the disability benefits that are payable 
under federal, state, and local laws to federal, state, and local 
government employees.[Footnote 40] To the extent feasible, the study is 
to focus on benefits for disabilities incurred in the performance of 
jobs in which employees perform tasks with risks that are analogous to 
the risks associated with the performance of military tasks by members 
of the armed forces. In addition, DOD is mandated to study the adequacy 
of current and projected disability benefits that are available to 
disabled members and former members of the armed forces for service-
connected disabilities,[Footnote 41] including a comparison of the 
disability benefits for members of the armed forces with commercial and 
other private sector disability benefits. We believe these studies 
should provide important information and analysis for deliberations on 
more fundamental reform of the design, cost, and feasibility of federal 
disability programs. 

* Managing interagency contracting: In recent years, federal agencies 
have been making a major shift in the way they procure many goods and 
services. Rather than spending a great deal of time and resources 
contracting for goods and services themselves, they are making greater 
use of existing contracts already awarded by other agencies, in 
particular for buying services. These contracts are designed to 
leverage the government's aggregate buying power and provide a much-
needed simplified method for procuring commonly used goods and 
services. These contract vehicles offer the benefits of improved 
efficiency and timeliness; however, they need to be effectively 
managed. Our work and that of some agency inspectors general has 
revealed instances of improper use of interagency contracts. For 
example, we recently reviewed selected DOD contracts and task orders 
for Iraq reconstruction and found some task orders under the General 
Services Administration (GSA) schedules program that did not satisfy 
legal requirements for competition because the work was not within the 
scope of the underlying contracts.[Footnote 42] More broadly, the GSA 
Inspector General conducted a comprehensive review of the contracting 
activities of GSA's Federal Technology Service, an entity that provides 
contracting services for agencies across the government, and reported 
that millions of dollars in fiscal year 2003 awards did not comply with 
laws and regulations. Administration officials have acknowledged that 
the management of interagency contracting needs to be improved. As the 
largest customer for interagency contracts, it is particularly 
important that DOD successfully tackle the challenge of better managing 
its use of interagency contracts. We have reported on challenges DOD 
has faced in using interagency contracts. For example, we found that 
DOD waived competition requirements for a significant percentage of 
supply schedule orders we reviewed, frequently based on an expressed 
preference to retain the services of incumbent contractors.[Footnote 
43] DOD concurred with our recommendations to develop guidance for the 
conditions under which waivers of competition may be used, require 
documentation to support waivers, and establish approval authority 
based on the value of the orders. In conjunction with the OMB and GSA, 
DOD is taking a number of steps--including developing new skills 
assessments, setting standards for the acquisition workforce, and 
coordinating training programs aimed at improving the capacity of the 
federal acquisition workforce--to properly handle the growing and more 
complex workload of service acquisitions. DOD also has recently issued 
a new policy designed to improve oversight of its use of other 
agencies' contracts. 

Need for Risk Management Approaches Is an Emerging Concern: 

In addition to specific areas that we have designated as high risk, 
there are other important broad-based challenges facing our government 
that are serious and merit continuing close attention. One emerging 
area of concern involves the need for instilling a disciplined approach 
within DOD, as well as other agencies, for identifying and managing 
risk across a wide range of programs, operations, and functions. As a 
framework for decision making, we have advocated a comprehensive threat 
and risk management approach that fully links strategic goals to plans 
and budgets, assesses the values and risks of various courses of action 
as a tool for setting priorities and allocating resources, and provides 
for the use of performance measures to assess outcomes. 

Emerging requirements from the changing security environment, coupled 
with increasingly limited fiscal resources across the federal 
government, emphasize the need for DOD to develop and use a risk-based 
strategic framework for establishing realistic goals, evaluating and 
setting priorities, and making difficult resource decisions. 

In its strategic plan, the September 2001 Quadrennial Defense Review, 
DOD outlined a new risk management framework consisting of four 
dimensions of risk--force management, operational, future challenges, 
and institutional--to use in considering trade-offs among defense 
objectives and resource constraints. According to DOD, these risk areas 
are to form the basis for DOD's annual performance goals. They are to 
be used to track performance results and link to planning and resource 
decisions. We recognize what a large undertaking developing a 
departmentwide risk management framework will be and understand that 
DOD is still in the process of implementing this approach. However, it 
remains unclear how DOD will use this risk management framework to 
measure progress in achieving business and force transformation. It 
also remains unclear how the framework will be used to correct 
limitations we have previously identified in DOD's strategic planning 
and budgeting, including the use of overly optimistic assumptions in 
estimating funding needs, which often result in a mismatch between 
programs and budgets. We are currently monitoring DOD's efforts to 
implement its risk management framework. 

Sound Strategic Planning, Centralized Control over Business Systems 
Investments, and Sustained Leadership Are Key to Successfully 
Addressing DOD's High-Risk Areas: 

Although DOD has a number of initiatives to address its high-risk 
areas, we believe that DOD must fundamentally change its approach to 
the overall business transformation effort before it is likely to 
succeed. We believe there are three critical elements of successful 
transformation--developing and implementing an integrated strategic and 
action plan along with an enterprise architecture to guide and 
constrain implementation of such a plan, establishing central control 
over systems investment funds, and providing sustained leadership. To 
ensure these elements are incorporated into the department's overall 
business management, we believe Congress should legislatively create a 
full-time, high-level executive with long-term "good government" 
responsibilities that are professional and nonpartisan in nature. This 
executive should have appropriate authority over all of DOD's business 
operations, as well as central control of all business transformation-
related funding with the designated approval authorities assigned 
responsibility for transformation activities within their specific 
business process areas. 

Reform Efforts Must Include an Integrated, Comprehensive Strategic 
Plan: 

Our prior work indicates that agencies that are successful in achieving 
business management transformation undertake strategic planning and 
strive to establish goals and measures that align at all levels of the 
agency.[Footnote 44] The lack of a comprehensive and integrated 
strategic and action plan linked with performance goals, objectives, 
and rewards has been a continuing weakness in DOD's business management 
transformation. Since 1999, for example, we have recommended that a 
comprehensive and integrated strategy and action plan be developed for 
reforming DOD's major business operations and support 
activities.[Footnote 45] In 2004, we suggested that DOD clearly 
establish management accountability for business reform.[Footnote 46] 
While DOD has been attempting to develop an enterprise architecture for 
modernizing its business processes and supporting information 
technology assets for the last 4 years, it has not developed a 
comprehensive and integrated strategy or action plan for managing its 
many business improvement initiatives. Nor has DOD assigned overall 
management responsibility and accountability for such an effort. Unless 
these initiatives are addressed in a unified and timely fashion, DOD 
will continue to see billions of dollars, which could be directed to 
other higher priorities, wasted annually to support inefficiencies in 
its business functions. 

At a programmatic level, the lack of clear, comprehensive, and 
integrated performance goals and measures has handicapped DOD's past 
reform efforts. For example, we reported in May 2004[Footnote 47] that 
the lack of performance measures for DOD's business management 
transformation initiative--encompassing defense policies, processes, 
people, and systems--made it difficult to evaluate and track specific 
program progress, outcomes, and results. As a result, DOD managers 
lacked straightforward road maps showing how their work contributed to 
attaining the department's strategic goals, and they risked operating 
autonomously rather than collectively. 

Finally, DOD has not established a clear linkage among institutional, 
unit, and individual results-oriented goals, performance measures, and 
reward mechanisms for undertaking large-scale organizational change 
initiatives that are needed for successful business management reform. 
Traditionally, DOD has justified its need for more funding on the basis 
of the quantity of programs it has pursued rather than on the outcomes 
its programs have produced. DOD has historically measured its 
performance by resource components, such as the amount of money spent, 
people employed, or number of tasks completed. Incentives for its 
decision makers to implement behavioral changes have been minimal or 
nonexistent. The establishment of an integrated, comprehensive 
strategic plan could help DOD address these systemic management 
problems. 

Central Control over Business Systems Investment Funds Is Crucial: 

DOD's current business systems investment process, in which system 
funding is controlled by DOD components, has contributed to the 
evolution of an overly complex and error-prone information technology 
environment containing duplicative, nonintegrated, and stovepiped 
systems. We have made numerous recommendations to DOD to improve the 
management oversight and control of its business systems modernization 
investments. However, as previously discussed, a provision of the 
Ronald W. Reagan National Defense Authorization Act for Fiscal Year 
2005,[Footnote 48] consistent with the suggestion I have made in prior 
testimonies,[Footnote 49] established specific management oversight and 
accountability with the "owners" of the various core business mission 
areas. This legislation defined the scope of the various business areas 
(e.g., acquisition, logistics, finance, and accounting), and 
established functional approval authority and responsibility for 
management of the portfolio of business systems with the relevant under 
secretary of defense for the departmental core business mission areas 
and the Assistant Secretary of Defense for Networks and Information 
Integration (information technology infrastructure). For example, the 
Under Secretary of Defense for Acquisition, Technology, and Logistics 
is now responsible and accountable for any defense business system 
intended to support acquisition activities, logistics activities, or 
installations and environment activities for DOD. 

This legislation also requires that the responsible approval 
authorities establish a hierarchy of investment review boards, the 
highest level being the DBSMC, with DOD-wide representation, including 
the military services and defense agencies. The boards are responsible 
for reviewing and approving investments to develop, operate, maintain, 
and modernize business systems for their business-area portfolio, 
including ensuring that investments are consistent with DOD's business 
enterprise architecture. However, as I pointed out earlier, DOD has not 
yet established the lower-level investment review boards as required by 
the legislation. 

Although this recently enacted legislation clearly defines the roles 
and responsibilities of business systems investment approval 
authorities, control over the budgeting for and execution of funding 
for systems investment activities remains at the DOD component level. 
As a result, DOD continues to have little or no assurance that its 
business systems modernization investment money is being spent in an 
economical, efficient, and effective manner. Given that DOD spends 
billions on business systems and related infrastructure each year, we 
believe it is critical that those responsible for business systems 
improvements control the allocation and execution of funds for DOD 
business systems. However, implementation may require review of the 
various statutory authorities for the military services and other DOD 
components. Control over business systems investment funds would 
improve the capacity of DOD's designated approval authorities to 
fulfill their responsibilities and gain transparency over DOD 
investments, and minimize the parochial approach to systems development 
that exists today. In addition, to improve coordination and integration 
activities, we suggest that all approval authorities coordinate their 
business systems modernization efforts with a chief management official 
(CMO) who would chair the DBSMC. Cognizant business area approval 
authorities would also be required to report to Congress through a CMO 
and the Secretary of Defense on applicable business systems that are 
not compliant with review requirements and to include a summary 
justification for noncompliance. 

Chief Management Official Is Essential for Sustained Leadership of 
Business Management Reform: 

As DOD embarks on large-scale organizational change initiatives, such 
as business management transformation, the complexity and long-term 
nature of these initiatives requires the development of an executive 
position capable of providing strong and sustained leadership--over a 
number of years and various administrations. One way to ensure 
sustained leadership over DOD's business transformation efforts would 
be to create a full-time executive-level II position for a CMO, who 
would serve as the Deputy Secretary of Defense for Management. This 
position would elevate, integrate, and institutionalize the attention 
essential for addressing key stewardship responsibilities, such as 
strategic planning, human capital management, performance and financial 
management, acquisition and contract management, and business systems 
modernization, while facilitating the overall business management 
reforms within DOD. 

The day-to-day demands placed on the Secretary of Defense, the Deputy 
Secretary, and others make it difficult for these leaders to maintain 
the oversight, focus, and momentum needed to resolve the weaknesses in 
DOD's overall business operations. This is particularly evident given 
the demands that the Iraq and Afghanistan postwar reconstruction 
activities and the continuing war on terrorism have placed on current 
leaders. Likewise, the breadth and complexity of the problems and their 
overall level within the department preclude the under secretaries, 
such as the DOD Comptroller, from asserting the necessary authority 
over selected players and business areas while continuing to fulfill 
their other responsibilities. A CMO could provide the sustained and 
focused leadership that these other top officials are unable to 
provide. 

If created, the new CMO position could be filled by an individual 
appointed by the President and confirmed by the Senate, for a set term 
of 7 years with the potential for reappointment. Articulating the roles 
and responsibilities of the position in statute would help to create 
unambiguous expectations and underscore Congress's desire to follow a 
professional, nonpartisan approach to the position. In that regard, an 
individual appointed to the CMO position should have a proven track 
record as a business process change agent in large, complex, and 
diverse organizations--experience necessary to spearhead business 
process transformation across DOD and serve as an integrator for DOD's 
needed business transformation efforts. Further, to improve 
coordination and integration activities, we suggest that all business 
systems modernization approval authorities designated in the Ronald W. 
Reagan National Defense Act of 2005[Footnote 50] coordinate their 
efforts with the CMO, who would chair the Defense Business Systems 
Management Committee that DOD recently established to comply with the 
act. Cognizant business area approval authorities would also be 
required to report to Congress through the CMO and the Secretary of 
Defense on applicable business systems that are not compliant with 
review requirements and include a summary justification for 
noncompliance. In addition, the CMO would enter into an annual 
performance agreement with the Secretary that sets forth measurable 
individual goals linked to overall organizational goals in connection 
with the department's business transformation efforts. Measurable 
progress toward achieving agreed-upon goals would be a basis for 
determining the level of compensation earned, including any related 
bonus. In addition, the CMO's achievements and compensation would be 
reported to Congress each year. 

Mr. Chairman and Members of the Subcommittee, this concludes my 
prepared statement. I would be happy to answer any questions you may 
have at this time. 

(350689): 

FOOTNOTES

[1] GAO, High-Risk Series: An Update, GAO-05-207 (Washington, D.C.: 
January 2005), issued for the 109TH Congress. 

[2] GAO, Department of Defense: Further Actions Are Needed to 
Effectively Address Business Management Problems and Overcome Key 
Business Transformation Challenges, GAO-05-140T (Washington, D.C.: Nov. 
18, 2004). 

[3] Pub. L. No. 108-136,  1101, 117 Stat. 1392, 1621 (Nov. 24, 2003) 
(amending subpart I of part III of title 5, United States Code). 

[4] Support infrastructure includes categories such as force 
installations, central logistics, the defense health program, and 
central training. 

[5] GAO-05-140T; GAO, Department of Defense: Long-standing Problems 
Continue to Impede Financial and Business Management Transformation, 
GAO-04-907T (Washington, D.C.: July 7, 2004), and DOD Business Systems 
Modernization: Billions Continue to Be Invested with Inadequate 
Management Oversight and Accountability, GAO-04-615 (Washington, D.C.: 
May 27, 2004). 

[6] GAO, DOD Personnel: Inadequate Personnel Security Investigations 
Pose National Security Risks, GAO/NSIAD-00-12 (Washington, D.C.: Oct. 
27, 1999). 

[7] Department of Defense Annual Statement of Assurance, Fiscal Year 
2000 and Fiscal Year 2001; Department of Defense Performance and 
Accountability Report, Fiscal Year 2002 (Jan. 31, 2003) and Fiscal Year 
2003 (Dec. 23, 2003). 

[8] Committee on Government Reform, Defense Security Service: The 
Personnel Security Investigations (PSI) Backlog Poses a Threat to 
National Security, H.R. Rep. No. 107-767 (Washington, D.C.: Oct. 24, 
2002). 

[9] GAO, DOD Personnel Clearances: DOD Needs to Overcome Impediments to 
Eliminating Backlog and Determining Its Size, GAO-04-344 (Washington, 
D.C.: Feb. 9, 2004). 

[10] Pub. L. No. 108-136  906 (Nov. 24, 2003). 

[11] GAO, Information Technology: Architecture Needed to Guide 
Modernization of DOD's Financial Operations, GAO-01-525 (Washington, 
D.C.: May 17, 2001). 

[12] GAO-04-615 and Department of Defense: Further Actions Needed to 
Establish and Implement a Framework for Successful Financial and 
Business Management Transformation, GAO-04-551T (Washington, D.C.: Mar. 
23, 2004); DOD Business Systems Modernization: Important Progress Made 
to Develop Business Enterprise Architecture, but Much Work Remains, GAO-
03-1018 (Washington, D.C.: Sept. 19, 2003); DOD Financial Management: 
Integrated Approach, Accountability, Transparency, and Incentives Are 
Keys to Effective Reform, GAO-02-497T (Washington, D.C.: Mar. 6, 2002); 
Defense Management: New Management Reform Program Still Evolving, GAO-
03-58 (Washington, D.C.: Dec. 12, 2002); Information Technology: 
Architecture Needed to Guide Modernization of DOD's Financial 
Operations, GAO-01-525 (Washington, D.C.: May 17, 2001); and DOD 
Financial Management: Integrated Approach, Accountability, and 
Incentives Are Keys to Effective Reform, GAO-01-681T (Washington, D.C.: 
May 8, 2001). 

[13] GAO, DOD Business Systems Modernization: Limited Progress in 
Development of Business Enterprise Architecture and Oversight of 
Information Technology Investments, GAO-04-731R (Washington, D.C.: May 
17, 2004). 

[14] GAO-01-525. 

[15] Ronald W. Reagan National Defense Authorization Act for Fiscal 
Year 2005, Pub. L. No. 108-375, 332, 118 Stat. 1811, 1851 (Oct. 28, 
2004) (codified, in part, at 10 U.S.C. 186, 2222). 

[16] GAO-04-731R. 

[17] GAO-04-731R. 

[18] 10 U.S.C. 2222. 

[19] The designated approval authorities are the Under Secretary of 
Defense for Acquisition, Technology, and Logistics for business systems 
related to acquisition, logistics and installations and environment; 
the Under Secretary of Defense (Comptroller)for business systems 
related to financial management and strategic planning and budgeting; 
the Under Secretary of Defense for Personnel and Readiness for business 
systems related to human resource management; and the Assistant 
Secretary of Defense for Networks and Information Integration/Chief 
Information Officer of the Department of Defense for business systems 
related to information technology infrastructure or information 
assurance. 

[20] Approval authorities include the Under Secretary of Defense for 
Acquisition, Technology, and Logistics; the Under Secretary of Defense 
(Comptroller); the Under Secretary of Defense for Personnel and 
Readiness; and the Assistant Secretary of Defense for Networks and 
Information Integration/Chief Information Officer of the Department of 
Defense. These approval authorities are responsible for the review, 
approval, and oversight of business systems and must establish 
investment review processes for systems under their cognizance. 

[21] Pub. L. No. 108-875,  332, 118 Stat. 1811, 1854 (Oct. 28, 2004) 
(codified at 10 U.S.C.  2222 (a)(2)). 

[22] 31 U.S.C. 1341(a)(1)(A); see 10 U.S.C.  2222(b). 

[23] GAO, Fiscal Year 2004 U.S. Government Financial Statements: 
Sustained Improvement in Federal Financial Management Is Crucial to 
Addressing Our Nation's Future Fiscal Challenges, GAO-05-284T 
(Washington, D.C.: Feb. 9, 2005). 

[24] For our report on the U.S. government's consolidated financial 
statements for fiscal year 2004, see U.S. Department of the Treasury, 
Financial Report on the United States Government (Washington, D.C.: 
December 2004), 33-53, which can be found on GAO's Web site at 
www.gao.gov. 

[25] GAO, Military Pay: Gaps in Pay and Benefits Create Financial 
Hardships for Injured Army National Guard and Reserve Soldiers, GAO-05-
125 (Washington, D.C.: Feb. 17, 2005). 

[26] GAO, Financial Management: Further Actions Are Needed to Establish 
Framework to Guide Audit Opinion and Business Management Improvement 
Efforts at DOD, GAO-04-910R (Washington, D.C.: Sept. 20, 2004). 

[27] GAO, Contract Management: Agencies Can Achieve Significant Savings 
on Purchase Card Buys, GAO-04-430 (Washington, D.C., Mar. 12, 2004). 

[28] GAO, Rebuilding Iraq: Fiscal Year 2003 Contract Award Procedures 
and Management Challenges, GAO-04-605 (Washington, D.C.: June 1, 2004). 

[29] GAO, Military Operations: DOD's Extensive Use of Logistics Support 
Contracts Requires Strengthened Oversight, GAO-04-854 (Washington, 
D.C.: July 19, 2004); and Defense Logistics: High-Level DOD 
Coordination Is Needed to Further Improve the Management of the Army's 
LOGCAP Contract, GAO-05-328 (Washington, D.C.: Mar. 21, 2005). 

[30] GAO, Contract Management: Opportunities to Improve Surveillance on 
Department of Defense Service Contracts, GAO-05-274 (Washington, D.C. 
Mar. 17, 2005). 

[31] GAO-04-605. 

[32] GAO, Contract Management: Guidance Needed to Promote Competition 
for Defense Task Orders, GAO-04-874 (Washington, D.C.: July 30, 2004). 

[33] GAO, Best Practices: Improved Knowledge of DOD Service Contracts 
Could Reveal Significant Savings, GAO-03-661 (Washington, D.C.: June 9, 
2003); and Best Practices: Taking a Strategic Approach Could Improve 
DOD's Acquisition of Services, GAO-02-230 (Washington, D.C.: Jan. 18, 
2002). 

[34] GAO, Defense Logistics: Actions Needed to Improve the Availability 
of Critical Items during Current and Future Operations, GAO-05-275 
(Washington, D.C.: Apr. 8, 2005). 

[35] GAO, Defense Inventory: Improvements Needed in DOD's 
Implementation of Its Long-Term Strategy for Total Asset Visibility of 
Its Inventory, GAO-05-15 (Washington, D.C.: Dec. 6, 2004). 

[36] GAO, Human Capital: Preliminary Observations on Proposed DOD 
National Security Personnel System Regulations, GAO-05-432T 
(Washington, D.C.: Mar. 15, 2005). 

[37] GAO, Information Security: Further Efforts Needed to Fully 
Implement Statutory Requirements in DOD, GAO-03-1037T (Washington, 
D.C.: July 24, 2003). 

[38] Pub. L. No. 108-136,  1501, 117 Stat. 1392, 1677 (Nov. 24, 2003). 

[39]  1502. 

[40] Pub. L. No. 108-375,  666(d). 

[41]  666(a). 

[42] GAO-04-605. 

[43] GAO-04-874. 

[44] GAO, Defense Management: Tools for Measuring and Managing Defense 
Agency Performance Could Be Strengthened, GAO-04-919 (Washington, D.C.: 
Sept. 13, 2004). 

[45] GAO, Defense Reform Initiative: Organization, Status, and 
Challenges, GAO/NSIAD-99-87 (Washington, D.C.: Apr. 21, 1999). 

[46] GAO-04-551T. 

[47] GAO-04-731R. 

[48] Pub. L. No. 108-375, 332. 

[49] GAO-04-551T; and GAO, Department of Defense: Further Actions 
Needed to Establish and Implement a Framework for Successful Business 
Transformation, GAO-04-626T (Washington, D.C.: Mar. 31, 2004). 

[50] 10 U.S.C.  222(f).