Key Issues > High Risk > DOD Business Systems Modernization
High Risk Medallion

DOD Business Systems Modernization

This information appears as published in the 2017 High Risk Report.

View the 2017 Report

  1. Share with Facebook 
  2. Share with Twitter 
  3. Share with LinkedIn 
  4. Share with mail 

The Department of Defense (DOD) spends billions of dollars each year to acquire modernized systems that are fundamental to achieving its business transformation goals, including systems that address key areas such as personnel, financial management, health care, and logistics. While DOD’s capacity for modernizing its business systems has improved over time, significant challenges remain. These challenges include fully defining and establishing management controls for business systems modernization. Such controls are vital to ensuring that DOD can effectively and efficiently manage an undertaking with the size, complexity, and significance of its business systems modernization, and minimize the associated risks. DOD’s effort to modernize its business systems environment has been designated as high risk since 1995.

DOD Business Systems Modernization

DOD has demonstrated elements of leadership commitment and has made progress in this area by taking steps to manage the modernization of its business systems more effectively and efficiently. For example, the department has begun to implement an improved investment management framework and processes, and has established the capacity to use its federated architecture to identify potentially duplicative investments. However, more needs to be done to leverage DOD's capacity to identify potentially duplicative investments, and to ensure that, among other things, systems are reviewed at appropriate levels as part of the department's improved investment management framework.

In addition, DOD's business systems modernization efforts continue to fall short of cost, schedule, and performance expectations, and the department has not yet established an action plan (or plans) highlighting how it intends to improve its use of its business architecture, improve its business system investment management process, or improve its business system acquisition outcomes. The department can leverage the federal information technology (IT) dashboard as a mechanism for beginning to monitor progress in improving its business system acquisition outcomes. Nevertheless, without an action plan, DOD lacks a baseline against which it can monitor broader progress in its business systems modernization efforts.

Further, the National Defense Authorization Act for Fiscal Year 2017 and its accompanying conference report include provisions that might impact how the department will manage its business systems. Specifically, the act establishes a Chief Management Officer and the accompanying conference report calls for the department to develop a plan by June 2017 to implement a more optimized organizational structure and processes to support information management and cyber operations, including the policy, direction, oversight, and acquisition functions associated with, among other things, business systems. The impact of these provisions on the department's business systems modernization efforts remains to be seen.

Although more needs to be done to address this high-risk issue, DOD has achieved important benefits by implementing our recommendations. For example, fiscal years 2013 and 2014 saw total financial savings of $970 million due to the department cancelling the Air Force's Expeditionary Combat Support System because of significant cost and schedule overages discovered as a result of increased oversight.

DOD must more fully demonstrate leadership commitment and progress in implementing critical IT modernization management controls. For example, the department needs to address the provisions of the conference report accompanying the Fiscal Year 2017 National Defense Authorization Act that call for DOD to develop a plan by June 2017 to implement a more optimized organizational structure and processes to support, among other things, business systems. DOD also needs to ensure that its business system investments are managed with the kind of rigor and discipline embodied in relevant acquisition management guidance and best practices so that each investment will deliver expected benefits and capabilities on time and within budget. In addition, DOD should ensure that its information reported on the Office of Management and Budget's IT Dashboard is reliable and, over time, demonstrates improved achievement of cost, schedule, and performance expectations.1 DOD should also demonstrate that it is improving its guidance on incrementally developing IT systems to help ensure a timely delivery of needed capabilities, consistent with the Federal IT Acquisition Reform provisions of the Carl Levin and Howard P. 'Buck' McKeon National Defense Authorization Act for 2015.2

In addition, DOD needs to take steps to address key portfolio management practices documented in our IT Investment Management Framework. For example, DOD has not yet defined criteria for reviewing defense business systems at an appropriate DOD level based on factors such as complexity, scope, cost, and risk in support of the certification and approval process. DOD also needs to develop plans defining how it will ensure that it is using its federated business architecture to identify and address potentially duplicative investments within its business systems environment.

Further, DOD should demonstrate that plans exist for addressing these various actions and associated recommendations, and that it is monitoring progress against these plans and demonstrating progress and related outcomes. DOD also needs to ensure that it has the appropriate capacity in place by conducting needed human capital analyses.


[1] The dashboard aims to provide transparency for these investments to aid public monitoring of government operations. It is to do so by reporting, among other things, how agency chief information officers rate investment risk.

[2] The Federal IT Acquisition Reform provisions of the Carl Levin and Howard P. 'Buck' McKeon National Defense Authorization Act for Fiscal Year 2015 require that OMB capital planning guidance require that the chief information officer of each covered agency, including DOD, certify that IT investments are adequately implementing incremental development, as defined in the guidance.

Looking for our recommendations? Click on any report to find each associated recommendation and its current implementation status.
  • portrait of Carol C. Harris
    • Carol C. Harris
    • Director, Information Technology
    • harriscc@gao.gov
    • (202) 512-4456