This is the accessible text file for GAO report number GAO-06-647 
entitled 'Information Technology: Agencies and OMB Should Strengthen 
Processes for Identifying and Overseeing High Risk Projects' which was 
released on July 17, 2006. 

This text file was formatted by the U.S. Government Accountability 
Office (GAO) to be accessible to users with visual impairments, as part 
of a longer term project to improve GAO products' accessibility. Every 
attempt has been made to maintain the structural and data integrity of 
the original printed product. Accessibility features, such as text 
descriptions of tables, consecutively numbered footnotes placed at the 
end of the file, and the text of agency comment letters, are provided 
but may not exactly duplicate the presentation or format of the printed 
version. The portable document format (PDF) file is an exact electronic 
replica of the printed version. We welcome your feedback. Please E-mail 
your comments regarding the contents or accessibility features of this 
document to Webmaster@gao.gov. 

This is a work of the U.S. government and is not subject to copyright 
protection in the United States. It may be reproduced and distributed 
in its entirety without further permission from GAO. Because this work 
may contain copyrighted images or other material, permission from the 
copyright holder may be necessary if you wish to reproduce this 
material separately. 

Report to the Chairman, Committee on Government Reform, House of 
Representatives: 

United States Government Accountability Office: 

GAO: 

June 2006: 

Information Technology: 

Agencies and OMB Should Strengthen Processes for Identifying and 
Overseeing High Risk Projects: 

High Risk IT Projects: 

GAO-06-647: 

GAO Highlights: 

Highlights of GAO-06-647, a report to the Chairman, Committee on 
Government Reform, House of Representatives 

Why GAO Did This Study: 

In August 2005, the Office of Management and Budget (OMB) issued a 
memorandum directing agencies to identify high risk information 
technology (IT) projects and provide quarterly reports on those with 
performance shortfalls—projects that did not meet criteria established 
by OMB. GAO was asked to (1) provide a summary identifying by agency 
the number of high risk projects, their proposed budget for fiscal year 
2007, agency reasons for the high risk designation, and reported 
performance shortfalls; (2) determine how high risk projects were 
identified and updated and what processes and procedures have been 
established to effectively oversee them; and (3) determine the 
relationship between the high risk list and OMB’s Management Watch 
List—those projects that OMB determines need improvements associated 
with key aspects of their budget justifications. 

What GAO Found: 

In response to OMB’s August 2005 memorandum, the 24 major agencies 
identified 226 IT projects as high risk, totaling about $6.4 billion in 
funding requested for fiscal year 2007. Agencies identified most 
projects as high risk because their delay or failure would impact the 
essential business functions of the agency. In addition, agencies 
reported that about 35 percent of the high risk projects—or 79 
investments—had a performance shortfall, meaning the project did not 
meet one or more of these four criteria: establishing clear baselines, 
maintaining cost and schedule variances within 10 percent, assigning a 
qualified project manager, and avoiding duplication with other 
investments (see figure). 

Figure: Number of High Risk Projects with and without Performance 
Shortfalls (as of March 2006): 

[See PDF for Image] 

Source: GAO analysis of 24 CFO agencies' March 2006 high risk reports. 

[End of Figure] 

Although agencies, with OMB’s assistance, generally evaluated their IT 
portfolio against the criteria specified by OMB to identify their high 
risk projects, the criteria were not always consistently applied. 
Accordingly, GAO identified several projects that appeared to meet 
OMB’s definition for high risk but were not determined by agencies to 
be high risk. In addition, OMB does not define a process for updating 
high risk projects. As a result, agencies had inconsistent updating 
procedures. Regarding oversight of these projects, agencies either 
established special procedures or used their existing investment 
management processes. OMB staff stated that they review the projects’ 
performance and corrective actions planned. However, OMB has not 
compiled the projects into a single aggregate list, which would serve 
as a tool to analyze and track the projects on a governmentwide basis. 

High risk projects and Management Watch List projects are identified 
using different criteria. The former is meant to track the management 
and performance of projects, while the latter focuses on an agency’s 
project planning. Both sets of projects require attention because of 
their importance in supporting critical functions and the likelihood 
that their performance problems could potentially result in billions of 
taxpayers’ dollars being wasted if the problems are not detected early. 

What GAO Recommends: 

GAO is recommending that the Director of OMB (1) direct agencies to 
consistently apply the criteria for designating projects as high risk, 
(2) establish a structured, consistent process to update high risk 
projects, and (3) develop a single list of high risk projects and their 
deficiencies. In comments on a draft of this report, OMB disagreed with 
the need for our recommendations. GAO continues to believe they are 
needed to reinvigorate the high risk process. 

[Hyperlink, http://www.gao.gov/cgi-bin/getrpt?GAO-06-647]. 

To view the full product, including the scope and methodology, click on 
the link above. For more information, contact David A. Powner at (202) 
512-9286 or pownerd@gao.gov. 

[End of Section] 

Contents: 

Letter: 

Results in Brief: 

Background: 

Federal Agencies Identified 226 Projects as High Risk: 

Processes Exist to Identify and Oversee High Risk Projects, but 
Opportunities Exist to Improve These Processes: 

High Risk and Management Watch List Projects Identified Using Different 
Criteria: 

Conclusions: 

Recommendations for Executive Action: 

Agency Comments and Our Evaluation: 

Appendix I: Objectives, Scope, and Methodology: 

Appendix II: Comments from the Office of Management and Budget: 

Appendix III: Summary of High Risk IT Projects by Department or Agency: 

Appendix IV: GAO Contact and Staff Acknowledgments: 

Tables: 

Table 1: Management Watch List Budget for Fiscal Years 2004, 2005, 
2006, and 2007: 

Table 2: Number of Projects on Management Watch List for Fiscal Years 
2004, 2005, 2006, and 2007: 

Table 3: Number of High Risk Projects and Funding by Department/Agency: 

Table 4: Reasons for High Risk Designation by Department/Agency: 

Table 5: Summary of High Risk Projects for the Department of 
Agriculture: 

Table 6: Summary of High Risk Projects for the Department of Commerce: 

Table 7: Summary of High Risk Projects for the Department of Defense: 

Table 8: Summary of High Risk Projects for the Department of Education: 

Table 9: Summary of High Risk Projects for the Department of Energy: 

Table 10: Summary of High Risk Projects for the Department of Health 
and Human Services: 

Table 11: Summary of High Risk Projects for the Department of Homeland 
Security: 

Table 12: Summary of High Risk Projects for the Department of Housing 
and Urban Development: 

Table 13: Summary of High Risk Projects for the Department of Interior: 

Table 14: Summary of High Risk Projects for the Department of Justice: 

Table 15: Summary of High Risk Projects for the Department of Labor: 

Table 16: Summary of High Risk Projects for the Department of State: 

Table 17: Summary of High Risk Projects for the Department of 
Transportation: 

Table 18: Summary of High Risk Projects for the Department of Treasury: 

Table 19: Summary of High Risk Projects for the Department of Veterans 
Affairs: 

Table 20: Summary of High Risk Projects for the Environmental 
Protection Agency: 

Table 21: Summary of High Risk Projects for the General Services 
Administration: 

Table 22: Summary of High Risk Projects for the National Aeronautics 
and Space Administration: 

Table 23: Summary of High Risk Projects for the National Science 
Foundation: 

Table 24: Summary of High Risk Projects for the Nuclear Regulatory 
Commission: 

Table 25: Summary of High Risk Projects for the Office of Personnel 
Management: 

Table 26: Summary of High Risk Projects for Small Business 
Administration: 

Table 27: Summary of High Risk Projects for the Social Security 
Administration: 

Table 28: Summary of High Risk Projects for the U.S. Agency for 
International Development: 

Figures: 

Figure 1: Reported Data for Projects with Performance Shortfalls: 

Figure 2: Number of Agencies High Risk Projects with and without 
Performance Shortfalls (as of March 2006): 

Abbreviations: 

CFO: chief financial officer: 

CIO: chief information officer: 

EVM: earned value management: 

IT: information technology: 

LOB: line of business: 

OMB: Office of Management and Budget: 

United States Government Accountability Office: 
Washington, DC 20548: 

June 15, 2006: 

The Honorable Tom Davis: 
Chairman: 
Committee on Government Reform: 
House of Representatives: 

Dear Mr. Chairman: 

The federal government increasingly relies on information technology 
(IT) systems to provide essential services affecting the health, 
economy, and defense of the nation. To assist in providing these 
important services, the President's budget request for fiscal year 2007 
proposed approximately $64 billion for IT projects. In the budget 
request, the Office of Management and Budget (OMB) stated that about 30 
percent of 857 major IT projects needed improvements in key aspects of 
their budget justifications and consequently were placed on the 
Management Watch List. OMB began using this tool, initially referred to 
as the At-Risk List, in the fiscal year 2004 budget request, as a means 
to monitor the performance of agencies' IT investments. 

In April 2005,[Footnote 1] we reported on OMB's processes and criteria 
for including IT projects on its Management Watch List. We reported 
that although these processes allowed OMB to identify opportunities to 
strengthen investments and promote improvements in IT management, OMB 
had not compiled a single, aggregate list identifying these projects 
and their weaknesses, nor had it developed a structured, consistent 
process for deciding how to follow up on corrective actions. 
Accordingly, we recommended that OMB develop a central list of projects 
and their deficiencies. 

To continue to ensure that taxpayers' dollars were being invested 
wisely, in August 2005 OMB issued a memorandum directing federal 
agencies to identify high risk IT projects--those requiring special 
attention from oversight authorities and the highest level of agency 
management because of one or more of four reasons. The reasons are (1) 
the agency failed to demonstrate the ability to manage complex 
projects; (2) the projects had exceptionally high development, 
operating, or maintenance costs; (3) the projects are addressing 
deficiencies in the agencies' ability to perform mission critical 
business functions; or (4) the projects' delay or failure would impact 
the agencies' essential business functions. The memorandum also 
required agencies to begin, in September 2005, to provide quarterly 
reports to OMB on identified high risk projects that had performance 
shortfalls, meaning that they did not meet one or more of four 
performance evaluation criteria. The performance criteria are (1) 
establishing baselines with clear cost, schedule, and performance 
goals; (2) maintaining the project's cost and schedule variances within 
10 percent; (3) assigning a qualified project manager; or (4) avoiding 
duplication by leveraging interagency and governmentwide investments. 

To gain insight into the processes for identifying and overseeing these 
high risk projects, our objectives were to (1) provide a summary of 
high risk projects that identifies by agency the number of high risk 
projects, their proposed budget for fiscal year 2007, agency reasons 
for the high risk designation, and reported performance shortfalls; 
(2) determine how high risk projects were identified and updated and 
what processes and procedures have been established to effectively 
oversee them; and (3) determine the relationship between the high risk 
list and OMB's Management Watch List. To address these objectives, we 
reviewed quarterly performance reports on high risk projects from each 
of the 24 chief financial officer (CFO) departments and 
agencies.[Footnote 2] These reports were self-reported, and we did not 
independently verify the data. However, we asked all agencies to 
confirm the data in appendix III on their high risk projects. We also 
reviewed and analyzed OMB's policies and procedures and interviewed 
officials from OMB's Office of E-Government and Information Technology. 
Moreover, we obtained information from each of the 24 CFO agencies to 
determine how high risk projects were identified and updated and what 
policies and procedures had been established to effectively monitor the 
projects. We performed our work from October 2005 through May 2006 in 
accordance with generally accepted government auditing standards. 
Appendix I contains details about our objectives, scope, and 
methodology. 

Results in Brief: 

In response to OMB's memorandum, the 24 CFO agencies identified 226 IT 
projects as high risk, totaling about $6.4 billion and representing 
about 10 percent of the President's total IT budget request for fiscal 
year 2007. According to the agencies, these projects were identified as 
such mainly because of one or more of the four reasons provided in 
OMB's August 2005 memorandum. The most frequent reason reported by 
agencies for a project being designated as high risk was because its 
delay or failure would impact the agency's essential business 
functions, comprising about 70 percent of the projects identified. In 
addition, agencies reported that 79 of the 226 high risk projects, 
representing about 35 percent or collectively totaling about $2.2 
billion in fiscal year 2007 planned funding, had a performance 
shortfall primarily in one of the four performance areas to be reported 
on--maintaining the project's cost and schedule variances within 10 
percent. 

Although agencies, with OMB's assistance, generally evaluated their IT 
portfolio against the four criteria specified by OMB to identify their 
high risk projects, the criteria were not always consistently applied. 
In addition, OMB has not defined a process for updating the list, 
specifically, 

* OMB's criteria were not always consistently applied. As a result, 
some agencies reported using reasons other than OMB's criteria to 
identify high risk projects. Further, we identified several projects 
that appeared to meet OMB's criteria for high risk, but agencies did 
not identify them as such. 

* OMB's guidance does not define a process for updating high risk 
projects, including identifying new projects and removing current ones. 
As a result, agencies had different procedures for updating the list. 

To oversee high risk projects, agencies reported having either 
established special procedures or using existing investment management 
processes. However, we have previously reported on numerous weaknesses 
associated with agencies' existing investment management processes and 
made several recommendations to improve them. Until these 
recommendations are implemented, agencies may not be able to 
effectively monitor their investments' performance. To perform 
oversight of high risk projects, OMB analysts review the quarterly 
performance reports of these projects to determine how well the 
projects are progressing and whether the actions described in the 
planned improvement efforts are adequate. However, OMB does not compile 
a single aggregate list of high risk projects. By not maintaining a 
single list, OMB is not fully exploiting the opportunity to use the 
quarterly reports as a tool for analyzing high risk projects on a 
governmentwide basis and is limiting its ability to identify and report 
on the full set of IT investments across government that requires 
special oversight and greater agency management attention. 

The high risk projects and the Management Watch List projects are 
identified using different sets of criteria. The high risk projects are 
meant to track the execution of projects while the Management Watch 
List focuses on project planning. However, agencies identified 37 high 
risk projects that were also on OMB's Management Watch List. While the 
criteria for the two types of projects differ, both require close 
attention because of their importance in supporting critical functions 
and the likelihood that performance problems associated with them could 
potentially result in billions of taxpayers' dollars being wasted if 
they are not detected early. 

To improve the way high risk projects are identified and updated, we 
are recommending that the Director of OMB direct agencies to ensure 
that they are consistently applying the criteria for the high risk 
designation. We also recommend the Director of OMB establish a process 
for agencies to update high risk projects on a regular basis. Finally, 
we are recommending OMB develop a single aggregate list of high risk 
projects aimed at improving the reporting and oversight of high risk 
projects on a governmentwide basis. 

In commenting on a draft of this report, OMB's Administrator for E- 
Government and Information Technology stated that she appreciated our 
careful review of OMB's process for identifying and overseeing high 
risk projects. However, OMB disagreed with our recommendations. 
Specifically, regarding our recommendations to direct agencies to 
consistently apply the criteria for designating projects as high risk 
and to establish a structured, consistent process to update the initial 
list of high risk projects, OMB stated that the process and criteria 
for designating projects as high risk are clear and that some 
flexibility in the application of the criteria is essential. While some 
flexibility in the application of the criteria may be appropriate, we 
believe these criteria should be applied more consistently so that 
projects that clearly appear to meet them, such as those we mention in 
the report, are identified. 

OMB also disagreed with our recommendation to develop a single 
aggregate list of projects and their deficiencies to perform adequate 
oversight and management. As noted in the report, we believe that, by 
not having this list, OMB is not fully exploiting the opportunity to 
use the agencies' quarterly reports as a tool for analyzing high risk 
projects on a governmentwide basis and for tracking governmentwide 
progress. In addition, OMB is limiting its ability to identify and 
report on the full set of IT investments across the federal government 
that require special oversight and greater agency management attention. 

Background: 

Each year, OMB and federal agencies work together to determine how much 
government plans to spend for IT and how these funds are to be 
allocated. Over the past decade, federal IT spending has risen to an 
estimated $64 billion in fiscal year 2007. 

OMB plays a key role in overseeing these IT investments and how they 
are managed, stemming from its predominant mission: to assist the 
President in overseeing the preparation of the federal budget and to 
supervise budget administration in Executive Branch agencies. In 
helping to formulate the President's spending plans, OMB is responsible 
for evaluating the effectiveness of agency programs, policies, and 
procedures; assessing competing funding demands among agencies; 
and setting funding priorities. OMB also ensures that agency reports, 
rules, testimony, and proposed legislation are consistent with the 
President's budget and with administration policies. In carrying out 
these responsibilities, OMB depends on agencies to collect and report 
accurate and complete information; these activities depend, in turn, on 
agencies having effective IT management practices. 

To drive improvement in the implementation and management of IT 
projects, Congress enacted the Clinger-Cohen Act in 1996 to further 
expand the responsibilities of OMB and the agencies under the Paperwork 
Reduction Act.[Footnote 3] In particular, the act requires agency 
heads, acting through agency chief information officers (CIO), to, 
among other things, better link their IT planning and investment 
decisions to program missions and goals and to implement and enforce IT 
management policies, procedures, standards, and guidelines. OMB is 
required by the Clinger-Cohen Act to establish processes to analyze, 
track, and evaluate the risks and results of major capital investments 
in information systems made by executive agencies. OMB is also required 
to report to Congress on the net program performance benefits achieved 
as a result of major capital investments in information systems that 
are made by executive agencies.[Footnote 4] 

OMB is aided in its responsibilities by the Chief Information Officers 
Council as described by the E-Government Act of 2002.[Footnote 5] The 
council is designated the principal interagency forum for improving 
agency practices related to the design, acquisition, development, 
modernization, use, operation, sharing, and performance of federal 
government information resources. Among the specific functions of the 
CIO Council are the development of recommendations for the Director of 
OMB on government information resources management policies and 
requirements and the sharing of experiences, ideas, best practices, and 
innovative approaches related to information resources management. 

Prior Review on Governmentwide IT Investment Management Has Identified 
Weaknesses: 

Only by effectively and efficiently managing their IT resources through 
a robust investment management process can agencies gain opportunities 
to make better allocation decisions among many investment alternatives 
and further leverage their investments. However, the federal government 
faces enduring IT challenges in this area. For example, in January 2004 
we reported on mixed results of federal agencies' use of IT investment 
management practices.[Footnote 6] Specifically, we reported that 
although most of the agencies had IT investment boards responsible for 
defining and implementing the agencies' IT investment management 
processes, no agency had fully implemented practices for monitoring the 
progress of its investments. Executive-level oversight of project-level 
management activities provides organizations with increased assurance 
that each investment will achieve the desired cost, benefit, and 
schedule results. Accordingly, we made several recommendations to 
agencies to improve their practices. 

OMB's Management Watch List Intended to Correct Project Weaknesses and 
Business Case Deficiencies: 

In carrying out its responsibilities to assist the President in 
overseeing the preparation of the federal budget, OMB reported in the 
President's fiscal year 2004 budget that there were 771 IT investment 
projects on what was called the At-Risk List (later referred to as the 
Management Watch List). This list included mission-critical projects 
that did not successfully demonstrate sufficient potential for success 
based on the agency Capital Asset Plan and Business Case, also known as 
the exhibit 300, or did not adequately address IT security. To identify 
projects for inclusion on the Management Watch List, OMB used scoring 
criteria contained in OMB Circular A-11[Footnote 7] that the agency 
established for evaluating the justifications for funding that federal 
agencies submitted for major investments[Footnote 8] and for ensuring 
that agency planning and management of capital assets is consistent 
with OMB policy and guidance. This evaluation is carried out as part of 
OMB's responsibility to help ensure that investments of public 
resources are justified and that public resources are wisely invested. 

In presenting the fiscal year 2005 budget, OMB reported that there were 
621 major projects on the Management Watch List, consisting of mission- 
critical projects that needed to improve performance measures, project 
management, and IT security. OMB staff described this assessment as 
again being based on evaluations of the exhibit 300s that agencies 
submitted to justify project funding. Agencies were required to 
successfully correct identified project weaknesses and business case 
deficiencies; otherwise, they risked OMB's placing limits on their 
spending. 

In April 2005,[Footnote 9] we reported on OMB's development of its 
Management Watch List. We concluded that OMB's scoring of the exhibit 
300s addressed many critical IT management areas and promoted the 
improvement of investments. However, because OMB did not compile a 
single aggregate list[Footnote 10] and had not developed a structured, 
consistent process for deciding how to follow up on corrective actions 
being taken by the agencies, the agency missed the opportunity to use 
its scoring process more effectively to identify management issues that 
transcended individual agencies, to prioritize follow-up actions, and 
to ensure that high-priority deficiencies were addressed. To take 
advantage of this potential benefit, we recommended that OMB compile a 
single aggregate list and use the list as the basis for selecting 
projects for follow up and for tracking follow-up activities by 
developing specific criteria for prioritizing the IT projects included 
on the list. 

OMB has continued to report on its Management Watch List in the most 
recent President's budget request. Table 1 shows the budget information 
for projects on the Management Watch List for fiscal years 2004, 2005, 
2006, and 2007. 

Table 1: Management Watch List Budget for Fiscal Years 2004, 2005, 
2006, and 2007: 

Fiscal years (in billions): Fiscal year 2004 budget; 
Total IT budget: $59.0; 
IT budget for Management Watch List projects: $20.9; 
Percentage of budget for Management Watch List projects: 35%. 

Fiscal years (in billions): Fiscal year 2005 budget; 
Total IT budget: $60.0; 
IT budget for Management Watch List projects: $22.0; 
Percentage of budget for Management Watch List projects: 37%. 

Fiscal years (in billions): Fiscal year 2006 budget; 
Total IT budget: $65.0; 
IT budget for Management Watch List projects: $15.0; 
Percentage of budget for Management Watch List projects: 23%. 

Fiscal years (in billions): Fiscal year 2007 budget request; 
Total IT budget: $64.0; 
IT budget for Management Watch List projects: $9.9; 
Percentage of budget for Management Watch List projects: 15%. 

Source: GAO analysis of OMB data. 

[End of table] 

Table 2 shows the number of projects on the Management Watch List for 
fiscal years 2004, 2005, 2006, and 2007. 

Table 2: Number of Projects on Management Watch List for Fiscal Years 
2004, 2005, 2006, and 2007: 

Fiscal year: Fiscal year 2004; 
Total IT projects: 1400; 
Management Watch List projects: 771; 
Percentage of projects on Management Watch List: 55%. 

Fiscal year: Fiscal year 2005; 
Total IT projects: 1200; 
Management Watch List projects: 621; 
Percentage of projects on Management Watch List: 52%. 

Fiscal year: Fiscal year 2006; 
Total IT projects: 1087; 
Management Watch List projects: 342; 
Percentage of projects on Management Watch List: 31%. 

Fiscal year: Fiscal year 2007 (proposed); 
Total IT projects: 857; 
Management Watch List projects: 263; 
Percentage of projects on Management Watch List: 31%.  

Source: GAO analysis of OMB data. 

[End of table]

OMB's August 2005 Memorandum on Improving Performance of High Risk IT 
Projects: 

To continue improving IT project planning and execution, OMB issued a 
memorandum in August 2005 to all federal chief information officers, 
directing them to begin taking steps to identify IT projects that are 
high risk and to report quarterly on their performance. As originally 
defined in OMB Circular A-11 and subsequently reiterated in the August 
2005 memorandum, high risk projects are those that require special 
attention from oversight authorities and the highest levels of agency 
management because of one or more of the following four reasons: 

* The agency has not consistently demonstrated the ability to manage 
complex projects. 

* The project has exceptionally high development, operating, or 
maintenance costs, either in absolute terms or as a percentage of the 
agency's total IT portfolio. 

* The project is being undertaken to correct recognized deficiencies in 
the adequate performance of an essential mission program or function of 
the agency, a component of the agency, or another organization. 

* Delay or failure of the project would introduce for the first time 
unacceptable or inadequate performance or failure of an essential 
mission function of the agency, a component of the agency, or another 
organization. 

As directed in the memorandum, by August 15, 2005, agencies in 
collaboration with OMB were required to initially identify their high 
risk IT projects using these criteria. In addition, OMB subsequently 
provided additional instructions through e-mails to agencies. Through 
these instructions, OMB directed agencies to declare all e-government 
and line of business (LOB) initiatives managed by their agency[Footnote 
11] as high risk. In addition, the instructions specified that partner 
agencies[Footnote 12] consider investments associated with migrations 
to an e-government or LOB initiative as high risk until they have 
completed migration or OMB determines they should no longer be 
designated as high risk. 

For the identified high risk projects, beginning September 15, 2005, 
and quarterly thereafter, CIOs were to assess, confirm, and document 
projects' performance. Specifically, agencies were required to 
determine, for each of their high risk projects, whether the project 
was meeting one or more of four performance evaluation criteria: (1) 
establishing baselines with clear cost, schedule, and performance 
goals; (2) maintaining the project's cost and schedule variances within 
10 percent; (3) assigning a qualified project manager; and (4) avoiding 
duplication by leveraging inter-agency and governmentwide investments. 
If a high risk project meets these four performance evaluation 
criteria, agencies are instructed to document this using a standard 
template provided by OMB and provide this template to oversight 
authorities (e.g., OMB, agency inspectors general, agency management, 
and GAO) on request. 

If any of the identified high risk projects have performance 
shortfalls, meaning that the project did not meet one or more of the 
four performance evaluation criteria, agencies are required to document 
the information on these projects on the standard template and provide 
it to OMB along with copies to the agency inspector general. For each 
of these projects, agencies must specify, using the template, (1) the 
specific performance shortfalls, (2) the specific cause of the 
shortfall, (3) a plan of action and milestones actions needed to 
correct each shortfall, and (4) the amount and source of additional 
funding needed to improve performance. 

Federal Agencies Identified 226 Projects as High Risk: 

In response to OMB's August 2005 memorandum, as of March 2006, the 24 
CFO agencies identified 226 IT projects as high risk, totaling about 
$6.4 billion and representing about 10 percent of the President's total 
IT budget request for fiscal year 2007. According to the agencies, 
these projects were identified as such mainly because of one or more of 
the four reasons provided in OMB's memorandum. About 70 percent of the 
projects identified were reported as high risk because their delay or 
failure would impact the agency's essential business functions. 
Moreover, about 35 percent of the high risk projects--or 79 
investments, totaling about $2.2 billion in fiscal year 2007 planned 
funding, were reported as having performance shortfalls primarily 
because of cost and schedule variances exceeding 10 percent. 

High Risk Projects Identified Total About $6.4 Billion for Fiscal Year 
2007: 

As of March 2006, the 24 CFO agencies identified 226 IT investments as 
high risk. Collectively, five agencies--the Small Business 
Administration, National Aeronautics and Space Administration, Office 
of Personnel Management, and the Departments of Veterans Affairs and 
Homeland Security--identified about 100 of these projects.[Footnote 13] 

According to the President's most recent budget, about $6.4 billion has 
been requested for fiscal year 2007 by the 24 CFO agencies for the 226 
high risk projects. Five of these agencies--the Departments of Defense, 
Homeland Security, Transportation, Veterans Affairs, and Justice, 
account for about 70 percent of the total high risk budget, totaling 
about $4.5 billion. Table 3 shows the number of high risk projects and 
associated funding reported by each of the 24 CFO agencies. 

Table 3: Number of High Risk Projects and Funding by Department/Agency: 

Department/agency: Department of Agriculture; 
Number of high risk projects (as of March 2006): 12; 
Total high risk FY2007 request (in millions): $133.5. 

Department/agency: Department of Commerce; 
Number of high risk projects (as of March 2006): 4; 
Total high risk FY2007 request (in millions): 183.0. 

Department/agency: Department of Defense; 
Number of high risk projects (as of March 2006): 6; 
Total high risk FY2007 request (in millions): 782.2. 

Department/agency: Department of Education; 
Number of high risk projects (as of March 2006): 12; 
Total high risk FY2007 request (in millions): 157.1. 

Department/agency: Department of Energy; 
Number of high risk projects (as of March 2006): 5; 
Total high risk FY2007 request (in millions): 82.2. 

Department/agency: Department of Health and Human Services; 
Number of high risk projects (as of March 2006): 9; 
Total high risk FY2007 request (in millions): 458.0. 

Department/agency: Department of Homeland Security; 
Number of high risk projects (as of March 2006): 17; 
Total high risk FY2007 request (in millions): 910.7. 

Department/agency: Department of Housing and Urban Development; 
Number of high risk projects (as of March 2006): 3; 
Total high risk FY2007 request (in millions): 18.0. 

Department/agency: Department of Interior; 
Number of high risk projects (as of March 2006): 3; 
Total high risk FY2007 request (in millions): 67.4. 

Department/agency: Department of Justice; 
Number of high risk projects (as of March 2006): 9; 
Total high risk FY2007 request (in millions): 503.3. 

Department/agency: Department of Labor; 
Number of high risk projects (as of March 2006): 8; 
Total high risk FY2007 request (in millions): 62.3. 

Department/agency: Department of State; 
Number of high risk projects (as of March 2006): 5; 
Total high risk FY2007 request (in millions): 43.8. 

Department/agency: Department of Transportation; 
Number of high risk projects (as of March 2006): 13; 
Total high risk FY2007 request (in millions): 1,385.6. 

Department/agency: Department of Treasury; 
Number of high risk projects (as of March 2006): 8; 
Total high risk FY2007 request (in millions): 266.9. 

Department/agency: Department of Veterans Affairs; 
Number of high risk projects (as of March 2006): 33; 
Total high risk FY2007 request (in millions): 871.7. 

Department/agency: Environmental Protection Agency; 
Number of high risk projects (as of March 2006): 6; 
Total high risk FY2007 request (in millions): 46.6. 

Department/agency: General Services Administration; 
Number of high risk projects (as of March 2006): 9; 
Total high risk FY2007 request (in millions): 97.4. 

Department/agency: National Aeronautics and Space Administration; 
Number of high risk projects (as of March 2006): 16; 
Total high risk FY2007 request (in millions): 55.1. 

Department/agency: National Science Foundation; 
Number of high risk projects (as of March 2006): 1; 
Total high risk FY2007 request (in millions): 2.5. 

Department/agency: Nuclear Regulatory Commission; 
Number of high risk projects (as of March 2006): 4; 
Total high risk FY2007 request (in millions): 1.7. 

Department/agency: Office of Personnel Management; 
Number of high risk projects (as of March 2006): 15; 
Total high risk FY2007 request (in millions): 116.7. 

Department/agency: Small Business Administration; 
Number of high risk projects (as of March 2006): 21; 
Total high risk FY2007 request (in millions): 15.2. 

Department/agency: Social Security Administration; 
Number of high risk projects (as of March 2006): 6; 
Total high risk FY2007 request (in millions): 106.8. 

Department/agency: U.S. Agency for International Development; 
Number of high risk projects (as of March 2006): 1; 
Total high risk FY2007 request (in millions): 11.4. 

Department/agency: Total; 
Number of high risk projects (as of March 2006): 226; 
Total high risk FY2007 request (in millions): $6,379.1. 

Source: GAO analysis of agencies' March 2006 high risk performance 
reports. 

[End of table] 

Most Projects Reported as High Risk Because Their Delay or Failure 
Could Impact Mission Performance: 

Agencies reported 195 of the 226 projects as meeting one or more of the 
reasons defined by OMB. Specifically, more than half of the agencies 
reported that their IT projects were identified as high risk because 
delay or failure of the project would result in inadequate performance 
or failure of an essential mission function. About one fourth of the 
projects were determined to be high risk because of high development, 
operating, or maintenance costs. In addition, three agencies identified 
11 projects as high risk because of the inability to manage complex 
projects. Table 4 summarizes the OMB reasons for high risk 
designations. 

Table 4: Reasons for High Risk Designation by Department/Agency: 

Department/agency: Department of Agriculture;  
Reasons[A]: The agency has not consistently demonstrated the ability to 
manage complex projects: 6; 
Reasons[A]: The project has exceptionally high development, operating, 
or maintenance costs: 2; 
Reasons[A]: The project was addressing deficiencies in the agencies' 
ability to perform mission critical business functions: 1; 
Reasons[A]: The projects' delay or failure would impact the agencies' 
essential business functions[B]: 3. 

Department/agency: Department of Commerce; 
Reasons[A]: The agency has not consistently demonstrated the ability to 
manage complex projects: 0; 
Reasons[A]: The project has exceptionally high development, operating, 
or maintenance costs: 3; 
Reasons[A]: The project was addressing deficiencies in the agencies' 
ability to perform mission critical business functions: 0; 
Reasons[A]: The projects' delay or failure would impact the agencies' 
essential business functions[B]: 4. 

Department/agency: Department of Defense; 
Reasons[A]: The agency has not consistently demonstrated the ability to 
manage complex projects: 0; 
Reasons[A]: The project has exceptionally high development, operating, 
or maintenance costs: 6; 
Reasons[A]: The project was addressing deficiencies in the agencies' 
ability to perform mission critical business functions: 6; 
Reasons[A]: The projects' delay or failure would impact the agencies' 
essential business functions[B]: 6. 

Department/agency: Department of Education; 
Reasons[A]: The agency has not consistently demonstrated the ability to 
manage complex projects: 0; 
Reasons[A]: The project has exceptionally high development, operating, 
or maintenance costs: 3; 
Reasons[A]: The project was addressing deficiencies in the agencies' 
ability to perform mission critical business functions: 5; 
Reasons[A]: The projects' delay or failure would impact the agencies' 
essential business functions[B]: 9. 

Department/agency: Department of Energy; 
Reasons[A]: The agency has not consistently demonstrated the ability to 
manage complex projects: 0; 
Reasons[A]: The project has exceptionally high development, operating, 
or maintenance costs: 2; 
Reasons[A]: The project was addressing deficiencies in the agencies' 
ability to perform mission critical business functions: 1; 
Reasons[A]: The projects' delay or failure would impact the agencies' 
essential business functions[B]: 3. 

Department/agency: Department of Health and Human Services; 
Reasons[A]: The agency has not consistently demonstrated the ability to 
manage complex projects: 0; 
Reasons[A]: The project has exceptionally high development, operating, 
or maintenance costs: 5; 
Reasons[A]: The project was addressing deficiencies in the agencies' 
ability to perform mission critical business functions: 4; 
Reasons[A]: The projects' delay or failure would impact the agencies' 
essential business functions[B]: 8. 

Department/agency: Department of Homeland Security; 
Reasons[A]: The agency has not consistently demonstrated the ability to 
manage complex projects: 0; 
Reasons[A]: The project has exceptionally high development, operating, 
or maintenance costs: 0; 
Reasons[A]: The project was addressing deficiencies in the agencies' 
ability to perform mission critical business functions: 0; 
Reasons[A]: The projects' delay or failure would impact the agencies' 
essential business functions[B]: 3. 

Department/agency: Department of Housing and Urban Development; 
Reasons[A]: The agency has not consistently demonstrated the ability to 
manage complex projects: 0; 
Reasons[A]: The project has exceptionally high development, operating, 
or maintenance costs: 0; 
Reasons[A]: The project was addressing deficiencies in the agencies' 
ability to perform mission critical business functions: 2; 
Reasons[A]: The projects' delay or failure would impact the agencies' 
essential business functions[B]: 0. 

Department/agency: Department of Interior; 
Reasons[A]: The agency has not consistently demonstrated the ability to 
manage complex projects: 0; 
Reasons[A]: The project has exceptionally high development, operating, 
or maintenance costs: 1; 
Reasons[A]: The project was addressing deficiencies in the agencies' 
ability to perform mission critical business functions: 1; 
Reasons[A]: The projects' delay or failure would impact the agencies' 
essential business functions[B]: 3. 

Department/agency: Department of Justice; 
Reasons[A]: The agency has not consistently demonstrated the ability to 
manage complex projects: 0; 
Reasons[A]: The project has exceptionally high development, operating, 
or maintenance costs: 4; 
Reasons[A]: The project was addressing deficiencies in the agencies' 
ability to perform mission critical business functions: 6; 
Reasons[A]: The projects' delay or failure would impact the agencies' 
essential business functions[B]: 1. 

Department/agency: Department of Labor; 
Reasons[A]: The agency has not consistently demonstrated the ability to 
manage complex projects: 1; 
Reasons[A]: The project has exceptionally high development, operating, 
or maintenance costs: 3; 
Reasons[A]: The project was addressing deficiencies in the agencies' 
ability to perform mission critical business functions: 0; 
Reasons[A]: The projects' delay or failure would impact the agencies' 
essential business functions[B]: 6. 

Department/agency: Department of State; 
Reasons[A]: The agency has not consistently demonstrated the ability to 
manage complex projects: 0; 
Reasons[A]: The project has exceptionally high development, operating, 
or maintenance costs: 1; 
Reasons[A]: The project was addressing deficiencies in the agencies' 
ability to perform mission critical business functions: 1; 
Reasons[A]: The projects' delay or failure would impact the agencies' 
essential business functions[B]: 4. 

Department/agency: Department of Transportation; 
Reasons[A]: The agency has not consistently demonstrated the ability to 
manage complex projects: 0; 
Reasons[A]: The project has exceptionally high development, operating, 
or maintenance costs: 4; 
Reasons[A]: The project was addressing deficiencies in the agencies' 
ability to perform mission critical business functions: 0; 
Reasons[A]: The projects' delay or failure would impact the agencies' 
essential business functions[B]: 4. 

Department/agency: Department of Treasury; 
Reasons[A]: The agency has not consistently demonstrated the ability to 
manage complex projects: 4; 
Reasons[A]: The project has exceptionally high development, operating, 
or maintenance costs: 4; 
Reasons[A]: The project was addressing deficiencies in the agencies' 
ability to perform mission critical business functions: 3; 
Reasons[A]: The projects' delay or failure would impact the agencies' 
essential business functions[B]: 4. 

Department/agency: Department of Veterans Affairs; 
Reasons[A]: The agency has not consistently demonstrated the ability to 
manage complex projects: 0; 
Reasons[A]: The project has exceptionally high development, operating, 
or maintenance costs: 3; 
Reasons[A]: The project was addressing deficiencies in the agencies' 
ability to perform mission critical business functions: 1; 
Reasons[A]: The projects' delay or failure would impact the agencies' 
essential business functions[B]: 31. 

Department/agency: Environmental Protection Agency; 
Reasons[A]: The agency has not consistently demonstrated the ability to 
manage complex projects: 0; 
Reasons[A]: The project has exceptionally high development, operating, 
or maintenance costs: 0; 
Reasons[A]: The project was addressing deficiencies in the agencies' 
ability to perform mission critical business functions: 0; 
Reasons[A]: The projects' delay or failure would impact the agencies' 
essential business functions[B]: 6. 

Department/agency: General Services Administration; 
Reasons[A]: The agency has not consistently demonstrated the ability to 
manage complex projects: 0; 
Reasons[A]: The project has exceptionally high development, operating, 
or maintenance costs: 2; 
Reasons[A]: The project was addressing deficiencies in the agencies' 
ability to perform mission critical business functions: 0; 
Reasons[A]: The projects' delay or failure would impact the agencies' 
essential business functions[B]: 6. 

Department/agency: National Aeronautics and Space Administration; 
Reasons[A]: The agency has not consistently demonstrated the ability to 
manage complex projects: 0; 
Reasons[A]: The project has exceptionally high development, operating, 
or maintenance costs: 2; 
Reasons[A]: The project was addressing deficiencies in the agencies' 
ability to perform mission critical business functions: 2; 
Reasons[A]: The projects' delay or failure would impact the agencies' 
essential business functions[B]: 14. 

Department/agency: National Science Foundation; 
Reasons[A]: The agency has not consistently demonstrated the ability to 
manage complex projects: 0; 
Reasons[A]: The project has exceptionally high development, operating, 
or maintenance costs: 0; 
Reasons[A]: The project was addressing deficiencies in the agencies' 
ability to perform mission critical business functions: 0; 
Reasons[A]: The projects' delay or failure would impact the agencies' 
essential business functions[B]: 1. 

Department/agency: Nuclear Regulatory Commission; 
Reasons[A]: The agency has not consistently demonstrated the ability to 
manage complex projects: 0; 
Reasons[A]: The project has exceptionally high development, operating, 
or maintenance costs: 0; 
Reasons[A]: The project was addressing deficiencies in the agencies' 
ability to perform mission critical business functions: 0; 
Reasons[A]: The projects' delay or failure would impact the agencies' 
essential business functions[B]: 4. 

Department/agency: Office of Personnel Management; 
Reasons[A]: The agency has not consistently demonstrated the ability to 
manage complex projects: 0; 
Reasons[A]: The project has exceptionally high development, operating, 
or maintenance costs: 1; 
Reasons[A]: The project was addressing deficiencies in the agencies' 
ability to perform mission critical business functions: 1; 
Reasons[A]: The projects' delay or failure would impact the agencies' 
essential business functions[B]: 14. 

Department/agency: Small Business Administration; 
Reasons[A]: The agency has not consistently demonstrated the ability to 
manage complex projects: 0; 
Reasons[A]: The project has exceptionally high development, operating, 
or maintenance costs: 2; 
Reasons[A]: The project was addressing deficiencies in the agencies' 
ability to perform mission critical business functions: 0; 
Reasons[A]: The projects' delay or failure would impact the agencies' 
essential business functions[B]: 19. 

Department/agency: Social Security Administration; 
Reasons[A]: The agency has not consistently demonstrated the ability to 
manage complex projects: 0; 
Reasons[A]: The project has exceptionally high development, operating, 
or maintenance costs: 3; 
Reasons[A]: The project was addressing deficiencies in the agencies' 
ability to perform mission critical business functions: 0; 
Reasons[A]: The projects' delay or failure would impact the agencies' 
essential business functions[B]: 1. 

Department/agency: U.S. Agency for International Development; 
Reasons[A]: The agency has not consistently demonstrated the ability to 
manage complex projects: 0; 
Reasons[A]: The project has exceptionally high development, operating, 
or maintenance costs: 0; 
Reasons[A]: The project was addressing deficiencies in the agencies' 
ability to perform mission critical business functions: 1; 
Reasons[A]: The projects' delay or failure would impact the agencies' 
essential business functions[B]: 0. 

Department/agency: Totals; 
Reasons[A]: The agency has not consistently demonstrated the ability to 
manage complex projects: 11; 
Reasons[A]: The project has exceptionally high development, operating, 
or maintenance costs: 51; 
Reasons[A]: The project was addressing deficiencies in the agencies' 
ability to perform mission critical business functions: 35; 
Reasons[A]: The projects' delay or failure would impact the agencies' 
essential business functions[B]: 154. 

Source: GAO analysis based on agency information. 

[A] In selected cases, departments or agencies identified more than one 
reason for the designated high risk projects. 

[B] According to OMB staff, projects identified as high risk per OMB's 
additional instructions on e-government or lines of business 
initiatives met this reason. 

[End of table] 

A total of 31 projects were identified as high risk using rationale 
other than OMB's four criteria. In these cases, agencies reasons 
included that the business cases had weaknesses or approved baselines 
were not established. 

Agencies Identified 79 Projects with Performance Shortfalls: 

Agencies identified about 35 percent of the high risk projects as 
having performance shortfalls. Specifically, for the last reporting 
quarter--March 2006--agencies identified 79 investments, totaling about 
$2.2 billion in fiscal year 2007 planned funding, as having performance 
shortfalls. The most frequent reason provided for the shortfalls was 
cost and schedule variances exceeding 10 percent. By contrast, only two 
projects were reported by agencies as having an overlapping or 
duplicative IT investment. 

Since September 2005, the number of projects with performance 
shortfalls has increased--from 58 projects in September 2005 to 67 
projects in December 2005 to the 79 in March 2006. For the September 
and December 2005 and March 2006 reporting periods, figure 1 
illustrates that agencies have reported that most of the weaknesses 
were in cost and schedule variances not within 10 percent and that 
there was an increase in projects that do not have clear baseline 
information on cost, schedule, and performance goals. 

Figure 1: Reported Data for Projects with Performance Shortfalls: 

[See PDF for image] 

Source: GAO analysis of 24 CFO agencies' September and December 2005 
and March 2006 high risk reports. 

[End of figure] 

Figure 2 illustrates the number of agency high risk projects with and 
without shortfalls as of March 2006. The majority of the agencies 
reported that their high risk projects did not have performance 
shortfalls in any of the four areas identified by OMB. In addition, six 
agencies--the departments of Commerce, Energy, Housing and Urban 
Development, and Labor, and the National Aeronautics and Space 
Administration and the National Science Foundation--reported that none 
of their high risk projects experienced any performance shortfalls. 

Figure 2: Number of Agencies High Risk Projects with and without 
Performance Shortfalls (as of March 2006): 

[See PDF for image] 

Source: GAO analysis of 24 CFO agencies' March 2006 high risk reports. 

[End of figure] 

For the identification of all high risk projects by agency including 
funding, reasons for the high risk designation, specific performance 
shortfalls, and planned improvement efforts, see appendix III. 

Processes Exist to Identify and Oversee High Risk Projects, but 
Opportunities Exist to Improve These Processes: 

Although agencies, with OMB's assistance, generally identified their 
high risk projects by evaluating their IT portfolio against the four 
criteria specified by OMB, the criteria were not always consistently 
applied. In addition, OMB did not define a process for updating the 
list. To oversee high risk projects, agencies reported having 
investment management practices in place; however, we have previously 
reported on agencies' maturing investment management processes and have 
made several recommendations to improve them. OMB staff perform their 
oversight of high risk projects by reviewing the quarterly performance 
reports, but they do not have a single aggregate list to analyze 
projects and for tracking progress on a governmentwide basis. Unless 
they address the issues regarding the identification, update, and 
oversight of high risk projects, OMB and agencies could be missing 
opportunities to perform these activities more effectively. 

High Risk Projects Identified Primarily Using OMB's Criteria, but 
Criteria Not Always Consistently Applied: 

Agencies primarily used the criteria defined in OMB's August 2005 
memorandum in determining the initial list of high risk projects; 
however, the criteria were not always consistently applied. 
Specifically, most agencies reported that officials from the Office of 
the CIO compared the criteria against their current portfolio to 
determine which projects met OMB's definition. They then submitted the 
list to OMB for review. According to OMB and agency officials, after 
the submission of the initial list, examiners at OMB worked with 
individual agencies to identify or remove projects as appropriate. 
According to most agencies, the final list was then approved by their 
CIO. 

However, OMB's criteria for identifying high risk projects were not 
always consistently applied. 

* In several cases, agencies did not use OMB's criteria to identify 
high risk projects. As previously discussed, some agencies reported 
using other reasons to identify a total of 31 high risk projects. For 
example, the Department of Homeland Security reported investments that 
were high risk because they had weaknesses associated with their 
business cases based on the evaluation by OMB. The Department of 
Transportation reported projects as high risk because two did not have 
approved baselines, and four had incomplete or poor earned value 
management[Footnote 14] (EVM) assessments. 

* Regarding the first criterion for high risk designation--the agency 
has not demonstrated the ability to manage complex projects--only three 
agencies reported having projects meeting this criterion. This appears 
to be somewhat low, considering that we and others have previously 
reported on weaknesses in numerous agencies' ability to manage complex 
projects. For example, we have reported in our high risk series on 
major programs and operations that need urgent attention and 
transformation in order to ensure that our federal government functions 
in the most economical, efficient, and effective manner 
possible.[Footnote 15] Specifically, the Department of Defense's 
efforts to modernize its business systems have been hampered because of 
weaknesses in practices for (1) developing and using an enterprise 
architecture, (2) instituting effective investment management 
processes, and (3) establishing and implementing effective systems 
acquisition processes. We concluded that the Department of Defense, as 
a whole, remains far from where it needs to be to effectively and 
efficiently manage an undertaking with the size, complexity, and 
significance of its departmentwide business systems modernization. We 
also reported that, after almost 25 years and $41 billion, efforts to 
modernize the air traffic control program of the Federal Aviation 
Administration, the Department of Transportation's largest component, 
are far from complete and that projects continue to face challenges in 
meeting cost, schedule, and performance expectations.[Footnote 16] 
However, neither the Department of Defense nor the Department of 
Transportation identified any projects as being high risk because of 
their inability to manage complex projects. 

* While agencies have reported a significant number of IT projects as 
high risk, we identified other projects on which we have reported and 
testified that appear to meet one or more of OMB's criteria for high 
risk designation including high development or operating costs and 
recognized deficiencies in adequate performance but were not identified 
as high risk. Examples we have recently reported include the following 
projects: 

* The Decennial Response Integration System of the Census Bureau is 
intended to integrate paper, Internet, and telephone responses. Its 
high development and operating costs are expected to make up a large 
portion of the $1.8 billion program to develop, test, and implement 
decennial census systems. In March 2006,[Footnote 17] we testified that 
the component agency has established baseline requirements for the 
acquisition, but the bureau has not yet validated the requirements or 
implemented a process for managing them. We concluded that, until these 
and other basic contract management activities are fully implemented, 
this project faced increased risks that the system would experience 
cost overruns, schedule delays, and performance shortfalls. 

* The National Polar-Orbiting Operational Environmental Satellite 
System--an initiative managed by the Departments of Commerce and 
Defense and the National Aeronautics and Space Administration--is to 
converge two satellite programs into a single satellite program capable 
of satisfying both civilian and military requirements. In November 
2005,[Footnote 18] we reported that the system was a troubled program 
because of technical problems on critical sensors, escalating costs, 
poor management at multiple levels, and the lack of a decision on how 
to proceed with the program. Over the last several years, this system 
has experienced continual cost increases to about $10 billion and 
schedule delays, requiring difficult decisions about the program's 
direction and capabilities. More recently, we testified[Footnote 19] 
that the program is still in trouble and that its future direction is 
not yet known. While the program office has corrective actions under 
way, we concluded that, as the project continues, it will be critical 
to ensure that the management issues of the past are not repeated. 

* The Rescue 21 project is a planned coastal communications system of 
the Department of Homeland Security. We recently reported[Footnote 20] 
that inadequacies in several areas contributed to Rescue 21 cost 
overruns and schedule delays. These inadequacies occurred in 
requirements management, project monitoring, risk management, 
contractor cost and schedule estimation and delivery, and executive 
level oversight. Accordingly, the estimated total acquisition cost has 
increased from $250 million in 1999 to $710.5 million in 2005, and the 
timeline for achieving full operating capability has been extended from 
2006 to 2011. 

For the projects we identified as appearing to meet OMB's criteria for 
high risk, the responsible agencies reported that they did not consider 
these investments to be high risk projects for reasons such as (1) the 
project was not a major investment; (2) agency management is 
experienced in overseeing projects; or (3) the project did not have 
weaknesses in its business case. In particular, one agency stated that 
their list does not include all high risk projects, it includes only 
those that are the highest priority of the high risk investments. 
However, none of the reasons provided are associated with OMB's high 
risk definition. 

While OMB staff acknowledged that the process for identifying high risk 
projects might not catch all projects meeting the criteria, they stated 
that they have other mechanisms for determining the performance of all 
IT projects, including high risk projects, such as the review of earned 
value management data. Nevertheless, without consistent application of 
the high risk criteria, OMB and executives cannot have the assurance 
that all projects that require special attention have been identified. 

Process for Updating High Risk Projects Is Not Defined: 

OMB's guidance does not define a process for updating high risk 
projects that have been identified including identifying new projects 
and removing current ones. In the absence of such guidance, agencies 
use different procedures, for example, for removing projects from the 
list. Specifically, some agencies reported removing projects from the 
list if they no longer meet OMB's criteria and other agencies reported 
removing a project if it (1) is completed or moves into operations; (2) 
has become compliant with its cost and schedule baseline goals; (3) is 
no longer considered a major IT investment; (4) becomes on track and 
maintains this status within specific cost, schedule and performance 
for a minimum of two quarters; or (5) addresses major weaknesses such 
as earned value management requirements. 

While OMB staff acknowledge that there is no defined process for 
updating the set of projects, they stated that agencies are in constant 
communication with individual analysts at OMB through e-mails, phone 
calls, or meetings to identify new high risk projects if they meet the 
definition or remove old ones if they no longer meet the criteria. 
Nevertheless, without guidance for updating high risk projects on a 
continuing basis, OMB and agency executives cannot be assured they have 
identified the appropriate projects that should be designated as high 
risk. 

OMB and Agencies Can Further Improve Oversight of High Risk Projects: 

All 24 CFO agencies reported having procedures for overseeing high risk 
projects. While some agencies reported using their current investment 
management processes for specific oversight, other agencies established 
additional oversight procedures. For example, one agency developed and 
documented specific procedures for sending a quarterly data call to the 
program offices that have high risk investments. The program office 
then completes a template capturing current performance information and 
sends it to the Office of the CIO for review and feedback. The CIO 
office forwards it to OMB, as required. In contrast, some other 
agencies reported that these projects are managed as part of their 
current investment review process--requiring the investment review 
board to perform control reviews along with other investments. 

While procedures for overseeing high risk projects are positive steps, 
we have previously reported that agencies generally have weaknesses in 
project oversight. In particular, we reported that agencies did not 
always have important mechanisms in place for agencywide investment 
management boards to effectively control investments, including 
decision-making rules for project oversight, early warning mechanisms, 
and/or requirements that corrective actions for underperforming 
projects be agreed upon and tracked.[Footnote 21] To remedy these 
weaknesses, we have made several recommendations to improve processes 
for effective oversight, many of which remain open. Until agencies 
establish the practices needed to effectively manage IT investments 
including those that are high risk, OMB, agency executives, and 
Congress cannot be assured that investments are being properly managed. 

OMB's oversight of high risk projects, in turn, entails reviewing the 
performance reports on a quarterly basis. Specifically, according to 
OMB staff, individual analysts review the quarterly performance reports 
of projects with shortfalls to determine how well the projects are 
progressing and whether the actions described in the planned 
improvement efforts are adequate. These officials also stated that the 
OMB analysts review the quarterly reports for completeness and 
consistency with other performance data already received on IT 
projects. This includes quarterly e-Gov Scorecards,[Footnote 22]earned 
value management data, and the exhibit 300. For projects without 
shortfalls, officials stated that while the memorandum does not direct 
agencies to submit these reports, agencies communicate the status of 
these projects to the appropriate officials. According to OMB, the 
reporting requirement for high risk projects enhances oversight by 
capturing all key elements in a single report and providing oversight 
authorities and agency management early indicators of any problems or 
shortfalls since the reporting is conducted on a quarterly basis. 

However, OMB does not maintain a single aggregate list of high risk 
projects. OMB staff told us they do not construct a single list because 
they did not see such an activity as necessary in achieving the intent 
of the guidance--to improve project planning and execution. Consistent 
with our Management Watch List observations and 
recommendations,[Footnote 23] we believe that by not having a single 
list, OMB is not fully exploiting the opportunity to use the quarterly 
reports as a tool for analyzing high risk projects on a governmentwide 
basis and for tracking governmentwide progress. It is limiting its 
ability to identify and report on the full set of IT investments across 
the federal government that require special oversight and greater 
agency management attention. 

High Risk and Management Watch List Projects Identified Using Different 
Criteria: 

The high risk projects and Management Watch List projects are 
identified using different sets of criteria. In addition, while the 
identification of high risk projects centers on an agency's oversight 
of the project's performance, the Management Watch List focuses more on 
a project's planning. 

As discussed previously, the high risk list consists of projects 
identified by the agencies with the assistance of OMB, using specific 
criteria established by OMB, including memorandum M-05-23. As discussed 
previously, these projects are reported quarterly by the agencies to 
OMB on a template focusing on each project's performance in four 
specified areas[Footnote 24] and noted shortfalls. The agencies are 
also to report planned corrective actions addressing the shortfalls. 

On the other hand, OMB determines projects to be included on its 
Management Watch List based on an evaluation of exhibit 300 business 
cases that agencies submit for major projects as part of the budget 
development process. This evaluation is part of OMB's responsibility 
for helping to ensure that investments of public resources are 
justified and that public resources are wisely invested. Each exhibit 
300 is assigned a score in 10 different categories, the results of 
which determine whether an individual project (or investment) warrants 
being included on the Management Watch List. This may result in OMB's 
asking the agency to submit a remediation plan to address the 
weaknesses identified in the agency's business case. 

While the criteria for identifying the Management Watch List projects 
and high risk projects differ, Management Watch List projects can also 
be high risk. For example, of the 226 total number of high risk 
projects, agencies identified 37 of these projects as being on OMB's 
Management Watch List,[Footnote 25] with 19 of these projects having 
performance shortfalls. According to OMB staff, identifying and 
addressing poorly planned projects as part of the Management Watch List 
process could result in fewer projects with performance shortfalls over 
time. Nevertheless, both types of projects require close attention 
because of their importance in supporting critical functions and the 
likelihood that performance problems associated with them could 
potentially result in billions of taxpayers' dollars being wasted if 
they are not detected early. 

Conclusions: 

OMB and agencies' efforts to identify 226 high risk projects are 
important steps in helping focus management attention on critically 
important IT projects. Although many projects were appropriately 
identified as high risk initiatives consistent with OMB's guidance, 
OMB's criteria were not always consistently applied. As a result, 
projects that appear to be high risk were not always identified as 
such. Further, because OMB has not provided guidance on how the initial 
set of high risk projects list should be updated, agencies do not have 
a consistent process for doing so. 

Agencies and OMB have both taken actions to ensure oversight of the 
high risk projects. Specifically, agencies are using existing oversight 
procedures or ones they have specifically established for the high risk 
projects and OMB is reviewing quarterly reports. However, weaknesses 
remain: agencies need to implement specific recommendations we have 
previously made to improve their practices for overseeing projects. 
Finally, OMB has not developed a single aggregate list of high risk 
projects to track progress, perform governmentwide analysis, and report 
the results to Congress. 

While the criteria for high risk projects and those on the Management 
Watch List differ, both types of projects support critical business 
functions and could experience performance problems that could become 
costly to address if they are not detected early. Given this, the 
Management Watch List projects and the high risk projects both require 
continued attention. 

Recommendations for Executive Action: 

In order for OMB to take advantage of the potential benefits of using 
the quarterly performance reports as a tool for identifying and 
overseeing high risk projects on a governmentwide basis, we are 
recommending that the Director of OMB take the following three actions: 

* Direct federal agency CIOs to ensure that they are consistently 
applying the criteria defined by OMB. 

* Establish a structured, consistent process to update the initial list 
of high risk projects on a regular basis, including identifying new 
projects and removing previous ones to ensure the list is current and 
complete. 

* Develop a single aggregate list of high risk projects and their 
deficiencies and use that list to report to Congress progress made in 
correcting high risk problems, actions under way, and further actions 
that may be needed. OMB could consider using the information we have 
developed in appendix III as a starting point for developing this 
single list. 

In implementing these recommendations, OMB should consider working with 
the CIO Council to help ensure governmentwide acceptance of these 
actions. 

Because we have outstanding recommendations aimed at (1) improving 
agencies' investment management practices[Footnote 26] and (2) using 
the Management Watch List as a tool for analyzing, setting priorities, 
and following up on IT projects,[Footnote 27] we are not making any new 
recommendations in this report regarding these issues. 

Agency Comments and Our Evaluation: 

OMB's Administrator for the E-Government and Information Technology 
provided written comments on a draft of this report (reprinted in app. 
II). In these comments, OMB stated that it appreciated our careful 
review of OMB's process for identifying and overseeing high risk 
projects. However, the agency disagreed with our recommendations and 
made other observations. 

In its comments, OMB stated that it is concerned about our 
interpretation of the goals and intent of the high risk process in 
comparison to GAO's high risk list. Our intent is not to confuse the 
goals and intent of the two efforts. Nevertheless, as noted in our 
report, some major programs and operations have been placed on our high 
risk list because of weaknesses in key agency management practices, and 
this is consistent with OMB's first criterion for high risk 
designation--the agency has not demonstrated the ability to manage 
complex projects. 

In its comments, OMB also observed that the policy for identifying and 
overseeing high risk projects is separate and apart from OMB's 
Management Watch List and presents oversight authorities with 
information that differs in focus, timing, and expected results. While 
we agree with OMB that the two policies are different and acknowledge 
this in our report, we also noted in the report that Management Watch 
List projects can also be high risk. We believe projects from both 
lists warrant close attention because of their importance in supporting 
critical functions and the likelihood that performance problems 
associated with them could potentially result in billion of taxpayers' 
dollars being wasted if they are not detected early. 

Regarding our recommendations to direct agencies to consistently apply 
the criteria for designating projects as high risk and to establish a 
structured, consistent process to update the initial list of high risk 
projects, OMB stated that the process and criteria for designating 
projects as high risk are clear and that some flexibility in the 
application of the criteria is essential. While some flexibility in the 
application of the criteria may be appropriate, we believe these 
criteria should be applied more consistently so that projects that 
clearly appear to meet them, such as those we mention in the report, 
are identified. 

OMB also disagreed with our recommendation to develop a single 
aggregate list of projects and their deficiencies to perform adequate 
oversight and management. As noted in the report, we believe that, by 
not having this list, OMB is not fully exploiting the opportunity to 
use the agencies' quarterly reports as a tool for analyzing high risk 
projects on a governmentwide basis and for tracking governmentwide 
progress. In addition, OMB is limiting its ability to identify and 
report on the full set of IT investments across the federal government 
that requires special oversight and greater agency management 
attention. 

As agreed with your offices, unless you publicly announce its contents 
earlier, we plan no further distribution of this report until 30 days 
from the date of this letter. At that time, we will send copies to 
other interested congressional committees, the Director of the Office 
of Management and Budget, and other interested parties. Copies will 
also be made available at no charge on our Web site at [Hyperlink, 
http://www.gao.gov]. 

If you have any questions on matters discussed in this report, please 
contact me at (202) 512-9286 or at pownerd@gao.gov. Contact points for 
our Offices of Congressional Relations and Public Affairs may be found 
on the last page of this report. GAO staff who made major contributions 
to this report are listed in appendix IV. 

Sincerely yours, 

Signed by: 

David A. Powner: 
Director, Information Technology Management Issues: 

[End of section] 

Appendix I: Objectives, Scope, and Methodology: 

Our objectives were to (1) provide a summary of high risk projects that 
identifies by agency the number of high risk projects, their proposed 
budget for fiscal year 2007, agency reasons for the high risk 
designation, and reported performance shortfalls; (2) determine how 
high risk projects were identified and updated and what processes and 
procedures have been established to effectively oversee them; and (3) 
determine the relationship between the high risk list and OMB's 
Management Watch List. 

We conducted our work at OMB and the 24 chief financial officer (CFO) 
agencies in Washington, D.C. The 24 agencies are the departments of 
Agriculture, Commerce, Defense, Education, Energy, Health and Human 
Services, Homeland Security, Housing and Urban Development, the 
Interior, Justice, Labor, State, Transportation, the Treasury, and 
Veterans Affairs; and the Environmental Protection Agency, General 
Services Administration, National Aeronautics and Space Administration, 
National Science Foundation, Nuclear Regulatory Commission, Office of 
Personnel Management, Small Business Administration, Social Security 
Administration, and U.S. Agency for International Development. 

To address the first objective, we requested and reviewed documentation 
that identifies, for each agency, the number of high risk projects, 
their proposed budget for fiscal year 2007, agency reasons for the high 
risk designation, and reported performance shortfalls. In particular, 
we reviewed agency performance reports on high risk projects for 
September and December 2005 and March 2006 that identified high risk 
projects and planned improvement efforts, if any. We did not 
independently verify the information contained in these performance 
reports. However, we asked all 24 CFO agencies to confirm the data in 
appendix III regarding their high risk projects. Furthermore, we 
obtained the funding information for all high risk projects for fiscal 
years 2005, 2006, and 2007 from the Report on IT Spending for the 
Federal Government, Exhibit 53. We did not verify these data. 

To address the second objective, we used a structured data collection 
instrument to better understand the 24 CFO agencies' processes and 
procedures for identifying and overseeing high risk projects. All 24 
agencies responded to our structured questionnaire. We did not verify 
the accuracy of the agencies' responses; however, we reviewed 
supporting documentation that selected agencies provided to validate 
their responses. We contacted agency officials when necessary for 
follow-up information. We then analyzed the agencies' responses. 

Moreover, we identified and reviewed prior GAO reports on projects with 
weaknesses that met OMB's high risk definition. Finally, to gain 
insight into OMB's processes and procedures to oversee the high risk 
list, we reviewed related policy guidance, including its Memorandum on 
Improving IT Project Planning and Execution (M-05-23, dated August 4, 
2005), and the Clinger-Cohen Act. We also interviewed OMB staff 
including the chief of the Information Technology and Policy Branch. 

To address the third objective, we interviewed OMB staff who are 
responsible for developing and monitoring the high risk list and 
Management Watch List, including the chief of the Information 
Technology and Policy Branch. In addition, we reviewed our prior work 
on OMB's Management Watch List, (GAO-05-276), to better understand the 
processes for placing projects on the Management Watch List and 
following up on their corrective actions. Finally, we requested 
information from the 24 CFO agencies on which of their high risk 
projects were also on the Management Watch List. Two of the 24 agencies 
did not identify how many of their high risk projects were also on the 
Management Watch List. 

We conducted our work in Washington, D.C., from October 2005 through 
May 2006 in accordance with generally accepted government auditing 
standards. 

[End of section] 

Appendix II: Comments from the Office of Management and Budget: 

Executive Office Of The President: 
Office Of Management And Budget: 
Washington, D.C. 20503: 

June 9, 2006: 

Mr. David A. Powner Director: 
Information Technology Management Issues: 
Government Accountability Office: 
441 G Street, NW: 
Washington, DC 20548: 

Dear Mr. Powner: 

Thank you for the opportunity to comment on the Government 
Accountability Office's (GAO) draft report titled, "Information 
Technology: Agencies and OMB should Strengthen Processes for 
Identifying and Overseeing High Risk Projects" (GAO-06-647). 

We appreciate GAO's careful review of the Office of Management and 
Budget's (OMB) policy for improving information technology project 
planning and execution, specifically the process for identifying and 
overseeing high risk projects. However, we remain concerned regarding 
GAO's interpretation of the goals and intent of the high risk process 
with GAO's own "high risk list." Our high risk policy allows for 
oversight authorities and agency management to have information on how 
high risk projects are performing at least quarterly to ensure improved 
execution and performance. 

For proper context of the report, it is important to note this is a new 
policy process and is designed to supplement and complement existing 
oversight and internal agency processes, not replace them. 
Additionally, it is important to note our policy is focused on 
management and oversight activities with the goal of managing risk and 
avoiding problems before taxpayers' dollars are wasted. As we noted 
during GAO's review, this policy is separate and apart from OMB's 
Management Watch List and presents oversight authorities (e.g., OMB, 
agency Inspectors General, agency management, and GAO) with information 
differing in focus, timing, and expected results. 

The draft report recommends OMB direct agencies to consistently apply 
the criteria for designating projects as high risk and to establish a 
structured, consistent process to update the initial list of high risk 
projects. We believe the process and the criteria for designating 
projects as high risk are clear in the policy and some flexibility in 
the application of the criteria is essential. We do not believe 
flexibility in the process equals inconsistency in the application of 
the criteria. The report incorrectly implies agencies will not be able 
to oversee their own projects without additional guidance on this 
narrowly-focused process when in fact, the report itself suggests 
agencies are using this policy as an opportunity to improve their 
internal oversight. 

The draft report also recommends OMB develop a single list of high risk 
projects and their deficiencies. We disagree with your assessment that 
an aggregated government-wide list is necessary for OMB to perform 
adequate oversight and management. As noted above, the intent of the 
policy is to ensure agency and oversight authority efforts result in 
improved execution and performance. OMB uses the high risk reports in 
the larger context of OMB's budget and program oversight processes. 

Thank you for the opportunity to review and comment on your draft 
report on this important issue. 

Sincerely, 

Signed by: 

Karen S. Evans: 
Administrator for E-Government and Information Technology: 

[End of section] 

Appendix III: Summary of High Risk IT Projects by Department or Agency: 

Table 5: Summary of High Risk Projects for the Department of 
Agriculture: 

Investment name: National Animal Identification System; 
Investment type: major; 
FY2005 actuals (in millions): $7.5; 
FY2006 enacted (in millions): $7.8; 
FY2007 request (in millions): $4.9;  
Reasons for high risk designation[A]: C; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Financial Management Modernization Initiative; 
Investment type: major; 
FY2005 actuals (in millions): 0.0; 
FY2006 enacted (in millions): 0.0; 
FY2007 request (in millions): 52.7; 
Reasons for high risk designation[A]: B; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Financial Management Systems; 
Investment type: major; 
FY2005 actuals (in millions): 1.1; 
FY2006 enacted (in millions): 0.9; 
FY2007 request (in millions): 1.3; 
Reasons for high risk designation[A]: A; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A[B]. 

Investment name: Corporate Insurance Information Systems; 
Investment type: major; 
FY2005 actuals (in millions): 5.3; 
FY2006 enacted (in millions): 4.4; 
FY2007 request (in millions): 5.0; 
Reasons for high risk designation[A]: A; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A[B]. 

Investment name: Infrastructure Modernization, Support, and Training; 
Investment type: major; 
FY2005 actuals (in millions): N/A; 
FY2006 enacted (in millions): 11.0; 
FY2007 request (in millions): 9.2; 
Reasons for high risk designation[A]: A; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/ A[B]. 

Investment name: Strategic Data Analysis; 
Investment type: major; 
FY2005 actuals (in millions): 2.1; 
FY2006 enacted (in millions): 3.8; 
FY2007 request (in millions): 3.8; 
Reasons for high risk designation[A]: A; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A[B]. 

Investment name: Emerging Information Technology Architecture; 
Investment type: major; 
FY2005 actuals (in millions): 0.6; 
FY2006 enacted (in millions): 1.0; 
FY2007 request (in millions): 2.7; 
Reasons for high risk designation[A]: A; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Common Information Management System; 
Investment type: major; 
FY2005 actuals (in millions): 0.0; 
FY2006 enacted (in millions): 0.0; 
FY2007 request (in millions): 0.0; 
Reasons for high risk designation[A]: A; 
Performance shortfall: Unclear baselines, schedule variance not within 
10 percent, and qualified project manager is not in place; 
Planned improvement efforts: Component agency has 20 people currently 
enrolled in project management training and revising business case. The 
investment has been elevated to the Undersecretary level to address 
management issues; 
Action date: ongoing. 

Investment name: Modernize and Innovate the Delivery of Agricultural 
Systems; 
Investment type: major; 
FY2005 actuals (in millions): $0.0; 
FY2006 enacted (in millions): $2.2; 
FY2007 request (in millions): $16.6; 
Reasons for high risk designation[A]: B; 
Performance shortfall: Unclear baselines, schedule variance not within 
10 percent, and qualified project manager is not in place; 
Planned improvement efforts: Revising business case and addressing 
project management issues; 
Action date: ongoing. 

Investment name: ConnectHR; 
Investment type: major; 
FY2005 actuals (in millions): 12.2; 
FY2006 enacted (in millions): 36.5; 
FY2007 request (in millions): 28.0; 
Reasons for high risk designation[A]: D; 
Performance shortfall: Duplication with other investments; 
Planned improvement efforts: Component agency has signed agreements for 
conversion to enterprise human resource integration; 
Action date: 9/ 30/06. 

Investment name: Human Resources LOB: Service Center; 
Investment type: major; 
FY2005 actuals (in millions): 4.5; 
FY2006 enacted (in millions): 9.8; 
FY2007 request (in millions): 8.3; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Human Resources LOB: ePayroll migration; 
Investment type: major; 
FY2005 actuals (in millions): 2.5; 
FY2006 enacted (in millions): 4.6; 
FY2007 request (in millions): 1.0; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Source: OMB FY2007 Exhibit 53 and Department of Agriculture documents. 

[A] Reasons for high risk designation include: 

A=The agency has not consistently demonstrated the ability to manage 
complex projects. 

B=The project has exceptionally high development, operating, or 
maintenance costs, either in absolute terms or as a percentage of the 
agency's total IT portfolio. 

C=The project is being undertaken to correct recognized deficiencies in 
the adequate performance of an essential mission program or function of 
the agency, a component of the agency, or another organization. 

D=The projects' delay or failure would introduce for the first time 
unacceptable or inadequate performance or failure of an essential 
mission function of the agency, a component of the agency, or another 
organization. (Note: According to OMB staff, projects identified as 
high risk per OMB's additional instructions on e-government or lines of 
business initiatives met this reason.) 

E=Other. 

[B] While USDA officials reported that there are no specific 
performance shortfalls in these investments, they stated that, due to 
poor project management, these business cases have been consistently 
weak and that they are continuing to try and remediate the weaknesses 
in the documentation. 

[End of table] 

Table 6: Summary of High Risk Projects for the Department of Commerce: 

Investment name: Master Address File/Topologically Integrated 
Geographic Encoding and Referencing Enhancements; 
Investment type: major; 
FY2005 actuals (in millions): $81.2; 
FY2006 enacted (in millions): $79.6; 
FY2007 request (in millions): $73.7; 
Reasons for high risk designation[A]: B, D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Advanced Weather Interactive Processing System; 
Investment type: major; 
FY2005 actuals (in millions): 49.5; 
FY2006 enacted (in millions): 46.8; 
FY2007 request (in millions): 50.3; 
Reasons for high risk designation[A]: B, D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Field Data Collection Automation; 
Investment type: major; 
FY2005 actuals (in millions): 5.5; 
FY2006 enacted (in millions): 35.5; 
FY2007 request (in millions): 59.0; 
Reasons for high risk designation[A]: B, D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: e-Travel; 
Investment type: IT migration investment portion of a larger asset; 
FY2005 actuals (in millions): 0.0; 
FY2006 enacted (in millions): 0.2; 
FY2007 request (in millions): 0.0; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall[B]; 
Planned improvement efforts: N/A. 

Source: OMB FY2007 Exhibit 53 and Department of Commerce documents. 

[A] Reasons for high risk designation include: 

A=The agency has not consistently demonstrated the ability to manage 
complex projects. 

B=The project has exceptionally high development, operating, or 
maintenance costs, either in absolute terms or as a percentage of the 
agency's total IT portfolio. 

C=The project is being undertaken to correct recognized deficiencies in 
the adequate performance of an essential mission program or function of 
the agency, a component of the agency, or another organization. 

D=The projects' delay or failure would introduce for the first time 
unacceptable or inadequate performance or failure of an essential 
mission function of the agency, a component of the agency, or another 
organization. (Note: According to OMB staff, projects identified as 
high risk per OMB's additional instructions on e-government or lines of 
business initiatives met this reason.) 

E=Other. 

[B] According to agency officials, this initiative is on hold. 

[End of table] 

Table 7: Summary of High Risk Projects for the Department of Defense: 

Investment name: Joint Tactical Radio SystemCluster 1; 
Investment type: major; 
FY2005 actuals (in millions): $131.0; 
FY2006 enacted (in millions): $191.7; 
FY2007 request (in millions): $10.7; 
Reasons for high risk designation[A]: B, C, D; 
Performance shortfall: Cost and schedule variances not within 10 
percent; 
Planned improvement efforts: Defense Acquisition Executive established 
a Joint Program Executive Officer with acquisition authority across all 
product lines in 2nd quarter fiscal year 2005. This officer 
commissioned an independent assessment of program cost, schedule, and 
performance, and technical maturity in spring 2005. The Defense 
Acquisition Executive last reviewed progress on the project's planning 
on November 22, 2005. 

Investment name: Defense Integrated Military Human Resources System; 
Investment type: major; 
FY2005 actuals (in millions): 68.0; 
FY2006 enacted (in millions): 104.1; 
FY2007 request (in millions): 51.4; 
Reasons for high risk designation[A]: B, C, D; 
Performance shortfall: Cost and schedule variances not within 10 
percent; 
Planned improvement efforts: On December 1, 2005, Deputy Secretary of 
Defense determined project is a viable solution for Army personnel and 
pay and transferred the program to the new Business Transformation 
Agency; 
Air Force assessment will be briefed to the Defense Business Systems 
Management Committee on March 23, 2006. The Navy assessment will start 
March 13, 2006, followed by the Marine Corps in fiscal year 2007; 
Completion date is to be determined. 

Investment name: Expeditionary Combat Support System; 
Investment type: major; 
FY2005 actuals (in millions): $54.0; 
FY2006 enacted (in millions): $80.5; 
FY2007 request (in millions): $212.4; 
Reasons for high risk designation[A]: B, C, D; 
Performance shortfall: Schedule variance not within 10 percent; 
Planned improvement efforts: Systems Integrator Source Selection under 
way. Program will realign schedule subsequent to systems integrator 
contract award in June 2006. 

Investment name: Global Combat Support SystemArmy; 
Investment type: major; 
FY2005 actuals (in millions): 182.9; 
FY2006 enacted (in millions): 141.2; 
FY2007 request (in millions): 219.8; 
Reasons for high risk designation[A]: B, C, D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A[B]. 

Investment name: Logistics Modernization Program; 
Investment type: major; 
FY2005 actuals (in millions): 65.6; 
FY2006 enacted (in millions): 111.2; 
FY2007 request (in millions): 109.5; 
Reasons for high risk designation[A]: B, C, D; 
Performance shortfall: Unclear baselines; 
Planned improvement efforts: An Army 3-star level review was conducted 
on February 1, 2006, and the Office of the Secretary of Defense, 
Networks and Information Integration, Overarching Integrated Product 
Team was briefed on February 2, 2006. The program office will undergo 
another Overarching Integrated Product Team review in June 2006 and 
will submit for Office of the Secretary of Defense approval a baseline 
that includes metrics for cost, schedule, and performance. 

Investment name: Navy Enterprise Resource Planning; 
Investment type: major; 
FY2005 actuals (in millions): 66.0; 
FY2006 enacted (in millions): 115.4; 
FY2007 request (in millions): 178.4; 
Reasons for high risk designation[A]: B, C, D; 
Performance shortfall: Cost and schedule variances not within 10 
percent; 
Planned improvement efforts: The prime contract was fully defined on 
January 2, 2006. The program rebaselining is planned to be completed in 
the 3rd quarter of fiscal year 2006.  

Source: OMB FY2007 Exhibit 53 and Department of Defense documents. 

[A] Reasons for high risk designation include: 

A=The agency has not consistently demonstrated the ability to manage 
complex projects. 

B=The project has exceptionally high development, operating, or 
maintenance costs, either in absolute terms or as a percentage of the 
agency's total IT portfolio. 

C=The project is being undertaken to correct recognized deficiencies in 
the adequate performance of an essential mission program or function of 
the agency, a component of the agency, or another organization. 

D=The projects' delay or failure would introduce for the first time 
unacceptable or inadequate performance or failure of an essential 
mission function of the agency, a component of the agency, or another 
organization. (Note: According to OMB staff, projects identified as 
high risk per OMB's additional instructions on e-government or lines of 
business initiatives met this reason.) 

E=Other. 

[B] This program is undergoing predevelopment activity and awaiting 
approval to begin development. Program to be restructured to fit within 
budget. 

[End of table]

Table 8: Summary of High Risk Projects for the Department of Education: 

Investment name: Advance (Aid Delivery); 
Investment type: major; 
FY2005 actuals (in millions): $92.9; 
FY2006 enacted (in millions): $145.1; 
FY2007 request (in millions): $95.9; 
Reasons for high risk designation[A]: B; 
Performance shortfall: Cost and schedule variances not within 10 
percent; 
Planned improvement efforts: The use of earned value management 
techniques will closely monitor the project's development and 
production schedule. Project schedule agreed to by upper management, 
constantly overseen; 
Action date: 6/15/06. 

Investment name: Common Services for Borrowers; 
Investment type: major; 
FY2005 actuals (in millions): 33.9; 
FY2006 enacted (in millions): 31.3; 
FY2007 request (in millions): 28.1; 
Reasons for high risk designation[A]: B, D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Data Strategy; 
Investment type: major; 
FY2005 actuals (in millions): 2.2; 
FY2006 enacted (in millions): 3.0; 
FY2007 request (in millions): 5.0; 
Reasons for high risk designation[A]: B, D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: E-Authentication; 
Investment type: Joint effort for more than one agency; 
FY2005 actuals (in millions): 0.7; 
FY2006 enacted (in millions): 2.8; 
FY2007 request (in millions): 0.3; 
Reasons for high risk designation[A]: D; 
Performance shortfall: Project manager is not yet qualified; 
Planned improvement efforts: The project manager is attending IT 
project manager certification program; 
Action date: 6/ 15/06. 

Investment name: ID Access Control System; 
Investment type: major; 
FY2005 actuals (in millions): 1.2; 
FY2006 enacted (in millions): 1.5; 
FY2007 request (in millions): 0.5; 
Reasons for high risk designation[A]: C; 
Performance shortfall: Cost and schedule variances not within 10 
percent; 
Planned improvement efforts: Rebaseline the cost and schedule based on 
changing requirements; 
Action date: 6/15/06. 

Investment name: Education Resource Information Center; 
Investment type: major; 
FY2005 actuals (in millions): $6.4; 
FY2006 enacted (in millions): $6.7; 
FY2007 request (in millions): $6.7; 
Reasons for high risk designation[A]: C; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Education Data Exchange Network; 
Investment type: major; 
FY2005 actuals (in millions): 14.7; 
FY2006 enacted (in millions): 5.7; 
FY2007 request (in millions): 5.4; 
Reasons for high risk designation[A]: C, D; 
Performance shortfall: Cost and schedule variances not within 10 
percent and project manager is not qualified; 
Planned improvement efforts: The project manager is serving in a 
temporary capacity as the office is going through reorganization; 
Action date: 6/15/06. 

Investment name: Financial Management Support System; 
Investment type: major; 
FY2005 actuals (in millions): 8.5; 
FY2006 enacted (in millions): 12.3; 
FY2007 request (in millions): 5.4; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Grants Administration and Payment System; 
Investment type: major; 
FY2005 actuals (in millions): 2.7; 
FY2006 enacted (in millions): 2.3; 
FY2007 request (in millions): 2.8; 
Reasons for high risk designation[A]: C, D; 
Performance shortfall: Project manager is not qualified; 
Planned improvement efforts: The project manager is attending IT 
project manager certification program; 
Action date: 6/15/ 06. 

Investment name: G5Grants Management Re-Design; 
Investment type: major; 
FY2005 actuals (in millions): 0.6; 
FY2006 enacted (in millions): 2.5; 
FY2007 request (in millions): 3.3; 
Reasons for high risk designation[A]: D; 
Performance shortfall: Cost and schedule variances not within 10 
percent and project manager is not qualified; 
Planned improvement efforts: The project manager is scheduled to 
complete IT project manager certification program; 
Action date: 6/15/06. 

Investment name: Migrant Student Information Exchange; 
Investment type: major; 
FY2005 actuals (in millions): 0.8; 
FY2006 enacted (in millions): 3.8; 
FY2007 request (in millions): 2.5; 
Reasons for high risk designation[A]: C, D; 
Performance shortfall: Project manager is not qualified; 
Planned improvement efforts: The project manager is attending IT 
project manager certification program; 
Action date: 6/15/ 06. 

Investment name: Travel Management System; 
Investment type: major; 
FY2005 actuals (in millions): 0.5; 
FY2006 enacted (in millions): 1.9; 
FY2007 request (in millions): 1.2; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A.  

Source: OMB FY2007 Exhibit 53 and Department of Education documents. 

[A] Reasons for high risk designation include: 

A=The agency has not consistently demonstrated the ability to manage 
complex projects. 

B=The project has exceptionally high development, operating, or 
maintenance costs, either in absolute terms or as a percentage of the 
agency's total IT portfolio. 

C=The project is being undertaken to correct recognized deficiencies in 
the adequate performance of an essential mission program or function of 
the agency, a component of the agency, or another organization. 

D=The projects' delay or failure would introduce for the first time 
unacceptable or inadequate performance or failure of an essential 
mission function of the agency, a component of the agency, or another 
organization. (Note: According to OMB staff, projects identified as 
high risk per OMB's additional instructions on e-government or lines of 
business initiatives met this reason.) 

E=Other. 

[End of table]

Table 9: Summary of High Risk Projects for the Department of Energy: 

Investment name: EE State Grants Administration; 
Investment type: major; 
FY2005 actuals (in millions): $1.8; 
FY2006 enacted (in millions): $1.8; 
FY2007 request (in millions): $1.7; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Integrated Management Navigation System; 
Investment type: major; 
FY2005 actuals (in millions): 34.1; 
FY2006 enacted (in millions): 29.8; 
FY2007 request (in millions): 27.2; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Advanced Simulation and Computing Future Platform; 
Investment type: major; 
FY2005 actuals (in millions): 0.0; 
FY2006 enacted (in millions): 0.0; 
FY2007 request (in millions): 25.0; 
Reasons for high risk designation[A]: B; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Integrated Cyber Security Initiative; 
Investment type: major; 
FY2005 actuals (in millions): 10.4; 
FY2006 enacted (in millions): 23.5; 
FY2007 request (in millions): 25.0; 
Reasons for high risk designation[A]: B, C; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Integrated Security System; 
Investment type: major; 
FY2005 actuals (in millions): 3.3; 
FY2006 enacted (in millions): 3.3; 
FY2007 request (in millions): 3.3; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Source: OMB FY2007 Exhibit 53 and Department of Energy documents. 

[A] Reasons for high risk designation include: 

A=The agency has not consistently demonstrated the ability to manage 
complex projects. 

B=The project has exceptionally high development, operating, or 
maintenance costs, either in absolute terms or as a percentage of the 
agency's total IT portfolio. 

C=The project is being undertaken to correct recognized deficiencies in 
the adequate performance of an essential mission program or function of 
the agency, a component of the agency, or another organization. 

D=The projects' delay or failure would introduce for the first time 
unacceptable or inadequate performance or failure of an essential 
mission function of the agency, a component of the agency, or another 
organization. (Note: According to OMB staff, projects identified as 
high risk per OMB's additional instructions on e-government or lines of 
business initiatives met this reason.) 

E=Other. 

[End of table] 

Table 10: Summary of High Risk Projects for the Department of Health 
and Human Services: 

Investment name: CDC Public Health Information Network: BioSense; 
Investment type: major; 
FY2005 actuals (in millions): $50.0; 
FY2006 enacted (in millions): $49.5; 
FY2007 request (in millions): $47.5; 
Reasons for high risk designation[A]: B, C, D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: CMS Healthcare Integrated General Ledger Accounting 
System; 
Investment type: major; 
FY2005 actuals (in millions): 99.4; 
FY2006 enacted (in millions): 149.9; 
FY2007 request (in millions): 139.4; 
Reasons for high risk designation[A]: B, C, D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: CMS MMA Title I and II applications; 
Investment type: major; 
FY2005 actuals (in millions): 108.5; 
FY2006 enacted (in millions): 114.9; 
FY2007 request (in millions): 103.7; 
Reasons for high risk designation[A]: B, D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: HHS Unified Financial Management System; 
Investment type: major; 
FY2005 actuals (in millions): 62.5; 
FY2006 enacted (in millions): 57.9; 
FY2007 request (in millions): 64.0; 
Reasons for high risk designation[A]: B, C, D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: IHS Resource and Patient Management System; 
Investment type: major; 
FY2005 actuals (in millions): 47.1; 
FY2006 enacted (in millions): 45.3; 
FY2007 request (in millions): 54.6; 
Reasons for high risk designation[A]: D; 
Performance shortfall: Unclear baselines and project manager is not 
qualified; 
Planned improvement efforts: Baseline revision is completed and will be 
submitted to the agency Investment Review Board for review/approval 
3/14/06; 
Project manager has completed 2 courses of a 7 course master's 
certification program. 

Investment name: NIH OD Electronic Research Administration; 
Investment type: major; 
FY2005 actuals (in millions): 44.9; 
FY2006 enacted (in millions): 42.1; 
FY2007 request (in millions): 43.4; 
Reasons for high risk designation[A]: B, C; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Federal Health ArchitectureManaging Partner; 
Investment type: major; 
FY2005 actuals (in millions): 2.2; 
FY2006 enacted (in millions): 2.3; 
FY2007 request (in millions): 3.4; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Grants.govFind and Apply; 
Investment type: major; 
FY2005 actuals (in millions): 1.9; 
FY2006 enacted (in millions): 0.8; 
FY2007 request (in millions): 1.9; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: HHS Human Resources Line of Business (LOB); 
Investment type: Joint effort for more than one agency; 
FY2005 actuals (in millions): $0.1; 
FY2006 enacted (in millions): $0.1; 
FY2007 request (in millions): $0.1; 
Reasons for high risk designation[A]: D; 
Performance shortfall: Unclear baselines; 
Planned improvement efforts: Governance issues remain unclear. 
Specifically, it is imperative that a financing strategy be in place 
and that migrations be adequately funded before the Shared Service 
Centers start servicing new customers. 

Source: OMB FY2007 Exhibit 53 and Department of Health and Human 
Services documents. 

[A] Reasons for high risk designation include: 

A=The agency has not consistently demonstrated the ability to manage 
complex projects. 

B=The project has exceptionally high development, operating, or 
maintenance costs, either in absolute terms or as a percentage of the 
agency's total IT portfolio. 

C=The project is being undertaken to correct recognized deficiencies in 
the adequate performance of an essential mission program or function of 
the agency, a component of the agency, or another organization. 

D=The projects' delay or failure would introduce for the first time 
unacceptable or inadequate performance or failure of an essential 
mission function of the agency, a component of the agency, or another 
organization. (Note: According to OMB staff, projects identified as 
high risk per OMB's additional instructions on e-government or lines of 
business initiatives met this reason.) 

E=Other. 

[End of table] 

Table 11: Summary of High Risk Projects for the Department of Homeland 
Security: 

Investment name: United States Visitor and Immigrant Status Indicator 
Technology; 
Investment type: major; 
FY2005 actuals (in millions): $341.0; 
FY2006 enacted (in millions): $341.0; 
FY2007 request (in millions): $407.4; 
Reasons for high risk designation[A]: E; 
Weaknesses in business case; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: SBInet; 
Investment type: major; 
FY2005 actuals (in millions): 84.7; 
FY2006 enacted (in millions): 38.5; 
FY2007 request (in millions): 139.3; 
Reasons for high risk designation[A]: E; 
Weaknesses in business case; 
Performance shortfall: Project is in initial phase; 
therefore, baselines have not been approved and earned value management 
is not yet required. Program manager is not qualified; 
Planned improvement efforts: Project manager enrolled in training to 
achieve level III certification. 

Investment name: eNEMIS; 
Investment type: major; 
FY2005 actuals (in millions): 14.0; 
FY2006 enacted (in millions): 13.9; 
FY2007 request (in millions): 14.0; 
Reasons for high risk designation[A]: E; 
Weaknesses in business case; 
Performance shortfall: Unclear baselines; 
Planned improvement efforts: Corrective actions not reported. 

Investment name: Disaster Management; 
Investment type: major; 
FY2005 actuals (in millions): 14.2; 
FY2006 enacted (in millions): 10.9; 
FY2007 request (in millions): 10.3; 
Reasons for high risk designation[A]: E; 
Weaknesses in business case; 
Performance shortfall: Program manager is not qualified; 
Planned improvement efforts: Certification application to be submitted 
to DHS by 1/31/06. 

Investment name: Homeland Security Information Network; 
Investment type: major; 
FY2005 actuals (in millions): 9.0; 
FY2006 enacted (in millions): 20.5; 
FY2007 request (in millions): 22.8; 
Reasons for high risk designation[A]: E; 
Weaknesses in business case; 
Performance shortfall: Unclear baselines and program manager is not 
qualified; 
Planned improvement efforts: Conducting internal Investment Review 
Board making "within threshold adjustments" to key work breakdown 
structure by 6/1/06 and assign a fully qualified project manager by 
3/15/06. 

Investment name: National Asset Data Base; 
Investment type: major; 
FY2005 actuals (in millions): 12.6; 
FY2006 enacted (in millions): 12.6; 
FY2007 request (in millions): 12.6; 
Reasons for high risk designation[A]: E; 
Weaknesses in business case; 
Performance shortfall: Unclear baselines and program manager is not 
qualified; 
Planned improvement efforts: Appropriate resources have been contacted 
to complete the approval of the baseline documentation and project 
manager certification by 5/24/06. 

Investment name: Priority Telecommunications Service; 
Investment type: major; 
FY2005 actuals (in millions): $116.6; 
FY2006 enacted (in millions): $118.2; 
FY2007 request (in millions): $120.3; 
Reasons for high risk designation[A]: E; 
Weaknesses in business case; 
Performance shortfall: Unclear baselines, project manager is not 
qualified, and duplication exists between other investments; 
Planned improvement efforts: Submit baseline documents by 3/1/06 and 
project manager certification by 2/15/06 to prepare for the Investment 
Review Board briefing scheduled for 4/26/06. 

Investment name: Information Systems Security LOB; 
Investment type: major; 
FY2005 actuals (in millions): 0.0; 
FY2006 enacted (in millions): 0.0; 
FY2007 request (in millions): 0.0; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall[B]; 
Planned improvement efforts: N/A. 

Investment name: SAFECOM; 
Investment type: non-IT; 
FY2005 actuals (in millions): 8.5; 
FY2006 enacted (in millions): 0.0; 
FY2007 request (in millions): 0.0; 
Reasons for high risk designation[A]: D, E; 
Weakness in the area of performance goals; 
Performance shortfall: Cost and schedule variances not within 10 
percent; 
Planned improvement efforts: Create detailed project plans to satisfy 
earned value management criteria; 
Action date: 10/1/05. 

Investment name: Alien Flight Student Program; 
Investment type: major; 
FY2005 actuals (in millions): 9.1; 
FY2006 enacted (in millions): 10.0; 
FY2007 request (in millions): 10.0; 
Reasons for high risk designation[A]: E; 
Weaknesses in business case; 
Performance shortfall: Cost and schedule variances not within 10 
percent; 
Planned improvement efforts: Briefing to the component agency's 
administrator on need for funding; 
Action date: 4/14/06. 

Investment name: Hazmat Threat Assessment Program; 
Investment type: major; 
FY2005 actuals (in millions): 10.1; 
FY2006 enacted (in millions): 28.1; 
FY2007 request (in millions): 27.8; 
Reasons for high risk designation[A]: E; 
Weaknesses in business case; 
Performance shortfall: Program manager is not qualified; 
Planned improvement efforts: Project manager has developed and is 
implementing a training plan to achieve certification; 
Action date: 7/31/07. 

Investment name: Registered Traveler; 
Investment type: major; 
FY2005 actuals (in millions): 15.0; 
FY2006 enacted (in millions): 23.0; 
FY2007 request (in millions): 35.1; 
Reasons for high risk designation[A]: E; 
Weaknesses in business case; 
Performance shortfall: Program manager is not qualified; 
Planned improvement efforts: Training plan in place and program office 
is looking to backfill position; 
Action date: 12/30/06. 

Investment name: Transportation Worker Identification Credentialing; 
Investment type: major; 
FY2005 actuals (in millions): 5.0; 
FY2006 enacted (in millions): 10.0; 
FY2007 request (in millions): 20.0; 
Reasons for high risk designation[A]: E; 
Weaknesses in business case; 
Performance shortfall: Unclear baselines and schedule variance not 
within 10 percent; 
Planned improvement efforts: Revised deployment schedule is contingent 
on completing the investment review process; 
Action date: fiscal year 2006, 3rd quarter. 

Investment name: Secure Flight[C]; 
Investment type: IT program; 
FY2005 actuals (in millions): 44.9. 
FY2006 enacted (in millions): 94.3. 
FY2007 request (in millions): 54.7. 
Reasons for high risk designation[A]: E; 
Weaknesses in business case; 
Performance shortfall: Unclear baselines; 
Planned improvement efforts: Currently rebaselining program; 
Action date: 3/25/06. 

Investment name: Crew Vetting[C]; 
Investment type: major; 
FY 2005 actuals (in millions): [C]; 
FY2006 enacted (in millions): [C]; 
FY2007 request (in millions) [C]; 
Reasons for high risk designation[A]: E; 
Weaknesses in business case; 
Performance shortfall: [Empty]; 
Planned improvement efforts: Component agency officials are giving 
technical assistance to develop and present an approved baseline to DHS 
by 3/15/06 and project manager certification to be granted April 2006. 

Investment name: Nationwide Automatic Identification System; 
Investment type: major; 
FY2005 actuals (in millions): 24.0; 
FY2006 enacted (in millions): 27.3; 
FY2007 request (in millions): 19.1; 
Reasons for high risk designation[A]: E; 
Weaknesses in business case; 
Performance shortfall: Unclear baselines; 
Planned improvement efforts: Corrective actions not reported. 

Investment name: eMerge2; 
Investment type: major; 
FY2005 actuals (in millions): 49.0; 
FY2006 enacted (in millions): 17.8; 
FY2007 request (in millions): 17.3; 
Reasons for high risk designation[A]: D; 
Performance shortfall: Project manager is not qualified; 
Planned improvement efforts: Since current project manager is acting, 
DHS will hire an individual with appropriate certification level. 

Source: OMB FY2007 Exhibit 53 and Department of Homeland Security 
documents. 

[A] Reasons for high risk designation include: 

A=The agency has not consistently demonstrated the ability to manage 
complex projects. 

B=The project exceptionally high development, operating, or maintenance 
costs, either in absolute terms or as a percentage of the agency's 
total IT portfolio. 

C=The project is being undertaken to correct recognized deficiencies in 
the adequate performance of an essential mission program or function of 
the agency, a component of the agency, or another organization. 

D=The projects' delay or failure would introduce for the first time 
unacceptable or inadequate performance or failure of an essential 
mission function of the agency, a component of the agency, or another 
organization. (Note: According to OMB staff, projects identified as 
high risk per OMB's additional instructions on e-government or lines of 
business initiatives met this reason.) 

E=Other. 

[B] According to agency officials, this investment is in the initial 
concept phase and therefore has not been approved or funded. 

[C] According to agency officials, since Secure Flight and Crew Vetting 
were considered as one investment in the fiscal year 2007 budget 
submission, the 2005 actuals, 2006 enacted and 2007 request are the 
same for both projects. They will be separate investments in fiscal 
year 2008. 

[End of table] 

Table 12: Summary of High Risk Projects for the Department of Housing 
and Urban Development: 

Investment name: FHA Subsidiary Ledger; 
Investment type: major; 
FY2005 actuals (in millions): $11.8; 
FY2006 enacted (in millions): $11.9; 
FY2007 request (in millions): $6.8; 
Reasons for high risk designation[A]: C; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: HUD Integrated Financial Management Project; 
Investment type: major; 
FY2005 actuals (in millions): 4.4; 
FY2006 enacted (in millions): 4.7; 
FY2007 request (in millions): 9.0; 
Reasons for high risk designation[A]: C; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Enterprise Income Verification; 
Investment type: major; 
FY2005 actuals (in millions): 4.5; 
FY2006 enacted (in millions): 2.6; 
FY2007 request (in millions): 2.2; 
Reasons for high risk designation[A]: E; 
Supports the presidential initiative for a citizen- centered, results-
oriented, market-based government; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Source: OMB FY2007 Exhibit 53 and Department of Housing and Urban 
Development documents. 

[A] Reasons for high risk designation include: 

A=The agency has not consistently demonstrated the ability to manage 
complex projects. 

B=The project has exceptionally high development, operating, or 
maintenance costs, either in absolute terms or as a percentage of the 
agency's total IT portfolio. 

C=The project is being undertaken to correct recognized deficiencies in 
the adequate performance of an essential mission program or function of 
the agency, a component of the agency, or another organization. 

D=The projects' delay or failure would introduce for the first time 
unacceptable or inadequate performance or failure of an essential 
mission function of the agency, a component of the agency, or another 
organization. (Note: According to OMB staff, projects identified as 
high risk per OMB's additional instructions on e-government or lines of 
business initiatives met this reason.) 

E=Other. 

[End of table] 

Table 13: Summary of High Risk Projects for the Department of Interior: 

Investment name: Recreation One-Stop; 
Investment type: major; 
FY2005 actuals (in millions): $0.3; 
FY2006 enacted (in millions): $5.7; 
FY2007 request (in millions): $11.0; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Geospatial One-Stop; 
Investment type: major; 
FY2005 actuals (in millions): 9.1; 
FY2006 enacted (in millions): 6.2; 
FY2007 request (in millions): 3.7; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Financial Business Management System; 
Investment type: major; 
FY2005 actuals (in millions): 50.2; 
FY2006 enacted (in millions): 49.7; 
FY2007 request (in millions): 52.7; 
Reasons for high risk designation[A]: B, C, D; 
Performance shortfall: Schedule variance not within 10 percent; 
Planned improvement efforts: New contract was awarded that includes 
requirement for contractor to use an ANSI Standard 748-compliant EVMS. 
An Integrated Baseline Review is under way and will be completed by 
March 31, 2006. Project will request DOI Investment Review Board 
approval of new baseline in April. 

Source: OMB FY2007 Exhibit 53 and Department of Interior documents. 

[A] Reasons for high risk designation include: 

A=The agency has not consistently demonstrated the ability to manage 
complex projects. 

B=The project has exceptionally high development, operating, or 
maintenance costs, either in absolute terms or as a percentage of the 
agency's total IT portfolio. 

C=The project is being undertaken to correct recognized deficiencies in 
the adequate performance of an essential mission program or function of 
the agency, a component of the agency, or another organization. 

D=The projects' delay or failure would introduce for the first time 
unacceptable or inadequate performance or failure of an essential 
mission function of the agency, a component of the agency, or another 
organization. (Note: According to OMB staff, projects identified as 
high risk per OMB's additional instructions on e-government or lines of 
business initiatives met this reason.) 

E=Other. 

[End of table] 

Table 14: Summary of High Risk Projects for the Department of Justice: 

Investment name: Integrated Wireless Network; 
Investment type: Joint effort for more than one agency; 
FY2005 actuals (in millions): $159.0; 
FY2006 enacted (in millions): $89.7; 
FY2007 request (in millions): $180.0; 
Reasons for high risk designation[A]: B; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Unified Financial Management System; 
Investment type: major; 
FY2005 actuals (in millions): 66.0; 
FY2006 enacted (in millions): 82.1; 
FY2007 request (in millions): 118.0; 
Reasons for high risk designation[A]: B, C; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Litigation Case Management System; 
Investment type: major; 
FY2005 actuals (in millions): 2.5; 
FY2006 enacted (in millions): 6.5; 
FY2007 request (in millions): 13.2; 
Reasons for high risk designation[A]: C; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Grants.gov (managing partner); 
Investment type: major; 
FY2005 actuals (in millions): 0.6; 
FY2006 enacted (in millions): 0.5; 
FY2007 request (in millions): 0.8; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Sentinel; 
Investment type: major; 
FY2005 actuals (in millions): 4.3; 
FY2006 enacted (in millions): 197.6; 
FY2007 request (in millions): 100.0; 
Reasons for high risk designation[A]: B, C; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Next Generation IAFIS; 
Investment type: major; 
FY2005 actuals (in millions): 14.1; 
FY2006 enacted (in millions): 60.0; 
FY2007 request (in millions): 57.4; 
Reasons for high risk designation[A]: B; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Law Enforcement National Data Exchange; 
Investment type: major; 
FY2005 actuals (in millions): 28.3; 
FY2006 enacted (in millions): 15.9; 
FY2007 request (in millions): 24.6; 
Reasons for high risk designation[A]: C; 
Performance shortfall: Unclear baselines; 
Planned improvement efforts: The planned contract award of the 
development contract is January 2007. The ANSI/EIA-748 compliance will 
occur in April 2007; 
Action date: 1/22/07. 

Investment name: Regional Data Exchange; 
Investment type: major; 
FY2005 actuals (in millions): 5.0; 
FY2006 enacted (in millions): 5.0; 
FY2007 request (in millions): 5.0; 
Reasons for high risk designation[A]: C; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Terrorist Screening Database Upgrade; 
Investment type: major; 
FY2005 actuals (in millions): 3.2; 
FY2006 enacted (in millions): 3.9; 
FY2007 request (in millions): 4.3; 
Reasons for high risk designation[A]: C; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Source: OMB FY2007 Exhibit 53 and Department of Justice documents. 

[A] Reasons for high risk designation include: 

A=The agency has not consistently demonstrated the ability to manage 
complex projects. 

B=The project has exceptionally high development, operating, or 
maintenance costs, either in absolute terms or as a percentage of the 
agency's total IT portfolio. 

C=The project is being undertaken to correct recognized deficiencies in 
the adequate performance of an essential mission program or function of 
the agency, a component of the agency, or another organization. 

D=The projects' delay or failure would introduce for the first time 
unacceptable or inadequate performance or failure of an essential 
mission function of the agency, a component of the agency, or another 
organization. (Note: According to OMB staff, projects identified as 
high risk per OMB's additional instructions on e-government or lines of 
business initiatives met this reason.) 

E=Other. 

[End of table] 

Table 15: Summary of High Risk Projects for the Department of Labor: 

Investment name: New Core Financial Management System; 
Investment type: major; 
FY2005 actuals (in millions): $9.9; 
FY2006 enacted (in millions): $6.2; 
FY2007 request (in millions): $14.0; 
Reasons for high risk designation[A]: B, D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: GovBenefits; 
Investment type: major; 
FY2005 actuals (in millions): 5.5; 
FY2006 enacted (in millions): 4.5; 
FY2007 request (in millions): 4.5; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: EFAST; 
Investment type: major; 
FY2005 actuals (in millions): 19.2; 
FY2006 enacted (in millions): 21.9; 
FY2007 request (in millions): 19.9; 
Reasons for high risk designation[A]: B; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: EFAST2; 
Investment type: major; 
FY2005 actuals (in millions): 0.0; 
FY2006 enacted (in millions): 0.0; 
FY2007 request (in millions): 17.8; 
Reasons for high risk designation[A]: B; 
Performance shortfall: No performance shortfall[B]; 
Planned improvement efforts: N/A. 

Investment name: Technical Information Retrieval System; 
Investment type: non-major; 
FY2005 actuals (in millions): 0.4; 
FY2006 enacted (in millions): 0.2; 
FY2007 request (in millions): 0.0; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: E-Grants; 
Investment type: major; 
FY2005 actuals (in millions): 2.0; 
FY2006 enacted (in millions): 0.6; 
FY2007 request (in millions): 1.2; 
Reasons for high risk designation[A]: A, D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Enterprise HR Integration; 
Investment type: major; 
FY2005 actuals (in millions): 0.9; 
FY2006 enacted (in millions): 2.0; 
FY2007 request (in millions): 4.3; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: E-Travel; 
Investment type: non-major; 
FY2005 actuals (in millions): 1.4; 
FY2006 enacted (in millions): 0.6; 
FY2007 request (in millions): 0.6; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Source: OMB FY2007 Exhibit 53 and Department of Labor documents. 

[A] Reasons for high risk designation include: 

A=The agency has not consistently demonstrated the ability to manage 
complex projects. 

B=The project has exceptionally high development, operating, or 
maintenance costs, either in absolute terms or as a percentage of the 
agency's total IT portfolio. 

C=The project is being undertaken to correct recognized deficiencies in 
the adequate performance of an essential mission program or function of 
the agency, a component of the agency, or another organization. 

D=The projects' delay or failure would introduce for the first time 
unacceptable or inadequate performance or failure of an essential 
mission function of the agency, a component of the agency, or another 
organization. (Note: According to OMB staff, projects identified as 
high risk per OMB's additional instructions on e-government or lines of 
business initiatives met this reason.) 

E=Other. 

[B] According to agency officials, this investment is not an active 
program. 

[End of table] 

Table 16: Summary of High Risk Projects for the Department of State: 

Investment name: State Messaging and Archive Retrieval Toolset; 
Investment type: major; 
FY2005 actuals (in millions): $32.1; 
FY2006 enacted (in millions): $39.7; 
FY2007 request (in millions): $3.9; 
Reasons for high risk designation[A]: B, C, D; 
Performance shortfall: Schedule variance not within 10 percent; 
Planned improvement efforts: On October 17, 2005, the Under Secretary 
for Management signed a task order authorizing the initiation of a 
detailed contingency planning effort for this investment. A report on 
this planning effort was submitted by the Chief Information Officer to 
the Under Secretary for Management on February 13, 2006. 

Investment name: Joint Financial Management System; 
Investment type: major; 
FY2005 actuals (in millions): 7.9; 
FY2006 enacted (in millions): 16.2; 
FY2007 request (in millions): 13.2; 
Reasons for high risk designation[A]: E; 
Interagency; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: e-Travel; 
Investment type: Joint effort for more than one agency; 
FY2005 actuals (in millions): 0.1; 
FY2006 enacted (in millions): 0.0; 
FY2007 request (in millions): 0.0; 
Reasons for high risk designation[A]: D; 
Performance shortfall: Cost variance not within 10 percent; 
Planned improvement efforts: OMB and the General Services 
Administration, the managing partner of this e-government initiative, 
have been consistently apprised of the problems with the vendor's 
software and the efforts the Department of State has made to help the 
vendor design the needed functionality; 
The international version of the software is scheduled to be released 
by the vendor near the end of fiscal year 2006. Department of State 
anticipates a significant amount of testing prior to using the 
international capabilities of this software in a production 
environment. As a result, this will push the first overseas pilot into 
fiscal year 2007. 

Investment name: Consolidated American Payroll System and Interagency e-
Payroll Migration; 
Investment type: major; 
FY2005 actuals (in millions): $5.5; 
FY2006 enacted (in millions): $5.5; 
FY2007 request (in millions): $1.5; 
Reasons for high risk designation[A]: D; 
Performance shortfall: Schedule variance not within 10 percent; 
Planned improvement efforts: The National Finance Center is assessing 
the impact of system modifications to meet the Department of State's 
payroll processing requirements. System development efforts by the 
National Finance Center will determine the implementation schedule for 
the agency and the center's migration activities and overall costs for 
both agencies; 
The National Finance Center has committed to providing a written cost 
estimate by March 17, 2006. 

Investment name: Integrated Personnel Management System; 
Investment type: major; 
FY2005 actuals (in millions): 23.0; 
FY2006 enacted (in millions): 24.0; 
FY2007 request (in millions): 25.2; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A.  

Source: OMB FY2007 Exhibit 53 and Department of State documents. 

[A] Reasons for high risk designation include: 

A=The agency has not consistently demonstrated the ability to manage 
complex projects. 

B=The project has exceptionally high development, operating, or 
maintenance costs, either in absolute terms or as a percentage of the 
agency's total IT portfolio. 

C=The projects is being undertaken to correct recognized deficiencies 
in the adequate performance of an essential mission program or function 
of the agency, a component of the agency, or another organization. 

D=The projects' delay or failure would introduce for the first time 
unacceptable or inadequate performance or failure of an essential 
mission function of the agency, a component of the agency, or another 
organization. (Note: According to OMB staff, projects identified as 
high risk per OMB's additional instructions on e-government or lines of 
business initiatives met this reason.) 

E=Other. 

[End of table] 

Table 17: Summary of High Risk Projects for the Department of 
Transportation: 

Investment name: Advanced Technologies and Oceanic Procedures; 
Investment type: major; 
FY2005 actuals (in millions): $106.6; 
FY2006 enacted (in millions): $91.7; 
FY2007 request (in millions): $82.2; 
Reasons for high risk designation[A]: E; 
Incomplete EVM assessment, behind schedule; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: En Route Automation Modernization; 
Investment type: major; 
FY2005 actuals (in millions): 261.6; 
FY2006 enacted (in millions): 330.1; 
FY2007 request (in millions): 376.2; 
Reasons for high risk designation[A]: B, D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Wide Area Augmentation System; 
Investment type: major; 
FY2005 actuals (in millions): 122.6; 
FY2006 enacted (in millions): 117.4; 
FY2007 request (in millions): 133.1; 
Reasons for high risk designation[A]: B, E; 
Incomplete EVM assessment and historically behind schedule and/or over 
cost; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Terminal Automation Mod. & Rep; 
Investment type: major; 
FY2005 actuals (in millions): 0.0; 
FY2006 enacted (in millions): 19.8; 
FY2007 request (in millions): 32.1; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Terminal Radar Digitizing, Replacement, and 
Establishment; 
Investment type: major; 
FY2005 actuals (in millions): 93.0; 
FY2006 enacted (in millions): 69.7; 
FY2007 request (in millions): 77.4; 
Reasons for high risk designation[A]: E; 
Poor EVM quality; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Automated Weather Observation System/Automated Surface 
Observing System; 
Investment type: major; 
FY2005 actuals (in millions): 27.4; 
FY2006 enacted (in millions): 25.8; 
FY2007 request (in millions): 27.3; 
Reasons for high risk designation[A]: E; 
Poor EVM quality; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: FAA Telecommunications Infrastructure; 
Investment type: major; 
FY2005 actuals (in millions): 143.3; 
FY2006 enacted (in millions): 232.5; 
FY2007 request (in millions): 246.0; 
Reasons for high risk designation[A]: B, E; 
Poor EVM quality, out of variance; 
Performance shortfall: Schedule variance not within 10 percent; 
Planned improvement efforts: Corrective actions taken to put the 
program back on track to meet fiscal year 2007 target date for full 
implementation. 

Investment name: Next Generation Vhf Air/Ground Communications (Segment 
1); 
Investment type: major; 
FY2005 actuals (in millions): 29.5; 
FY2006 enacted (in millions): 34.1; 
FY2007 request (in millions): 26.9; 
Reasons for high risk designation[A]: E; 
Out of variance; 
Performance shortfall: Schedule variance not within 10 percent; 
Planned improvement efforts: Program rebaselined in December 2005 and 
corrective actions taken that bring it within variance limits. 

Investment name: Traffic Flow ManagementModernization; 
Investment type: major; 
FY2005 actuals (in millions): 48.2; 
FY2006 enacted (in millions): 92.6; 
FY2007 request (in millions): 106.5; 
Reasons for high risk designation[A]: E; 
Out of variance; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Standard Terminal Automation Replacement System; 
Investment type: major; 
FY2005 actuals (in millions): $132.9; 
FY2006 enacted (in millions): $119.5; 
FY2007 request (in millions): $86.6; 
Reasons for high risk designation[A]: B, D, E; 
Poor EVM quality; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Consolidated Financial Management; 
Investment type: major; 
FY2005 actuals (in millions): 65.7; 
FY2006 enacted (in millions): 63.6; 
FY2007 request (in millions): 50.3; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: System-Wide Information Management; 
Investment type: major; 
FY2005 actuals (in millions): 7.9; 
FY2006 enacted (in millions): 13.9; 
FY2007 request (in millions): 24.0; 
Reasons for high risk designation[A]: E; 
No approved baselines; 
Performance shortfall: Investment Review Board has not baselined this 
project; 
Planned improvement efforts: Requires a baseline; 
Action date: 6/2006. 

Investment name: Automatic Dependent SurveillanceBroadcast; 
Investment type: major; 
FY2005 actuals (in millions): 7.9; 
FY2006 enacted (in millions): 22.0; 
FY2007 request (in millions): 117.0; 
Reasons for high risk designation[A]: E; 
No approved baselines; 
Performance shortfall: Investment Review Board has not baselined this 
project; 
Planned improvement efforts: Requires a baseline; 
Action date: 6/2006. 

Source: OMB FY2007 Exhibit 53 and Department of Transportation 
documents. 

[A] Reasons for high risk designation include: 

A=The agency has not consistently demonstrated the ability to manage 
complex projects. 

B=The project has exceptionally high development, operating, or 
maintenance costs, either in absolute terms or as a percentage of the 
agency's total IT portfolio. 

C=The project is being undertaken to correct recognized deficiencies in 
the adequate performance of an essential mission program or function of 
the agency, a component of the agency, or another organization. 

D=The projects' delay or failure would introduce for the first time 
unacceptable or inadequate performance or failure of an essential 
mission function of the agency, a component of the agency, or another 
organization. (Note: According to OMB staff, projects identified as 
high risk per OMB's additional instructions on e-government or lines of 
business initiatives met this reason.) 

E=Other. 

[End of table] 

Table 18: Summary of High Risk Projects for the Department of Treasury: 

Investment name: BSA Direct; 
Investment type: major; 
FY2005 actuals (in millions): $9.6; 
FY2006 enacted (in millions): $7.2; 
FY2007 request (in millions): $3.4; 

Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Customer Account Data Engine; 
Investment type: major; 
FY2005 actuals (in millions): 105.9; 
FY2006 enacted (in millions): 113.8; 
FY2007 request (in millions): 120.5; 

Reasons for high risk designation[A]: A, B, C; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Filing and Payment Compliance (Blended); 
Investment type: major; 
FY2005 actuals (in millions): 0.2; 
FY2006 enacted (in millions): 32.6; 
FY2007 request (in millions): 20.0; 

Reasons for high risk designation[A]: A, B, C; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: HR Connect; 
Investment type: major; 
FY2005 actuals (in millions): 23.6; 
FY2006 enacted (in millions): 24.0; 
FY2007 request (in millions): 23.9; 

Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Integrated Financial System/CORE Financial System; 
Investment type: major; 
FY2005 actuals (in millions): 9.4; 
FY2006 enacted (in millions): 18.5; 
FY2007 request (in millions): 18.5; 

Reasons for high risk designation[A]: A, B; 
Performance shortfall: Cost variance not within 10 percent; 
Planned improvement efforts: The development, modernization, 
enhancement costs are expected to fall within tolerance as a result of 
closeout costs being reported. 

Investment name: Modernized e-File; 
Investment type: major; 
FY2005 actuals (in millions): 69.2; 
FY2006 enacted (in millions): 67.7; 
FY2007 request (in millions): 55.4; 

Reasons for high risk designation[A]: A, B, C; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Oracle Federal Financial Systems; 
Investment type: major; 
FY2005 actuals (in millions): 2.9; 
FY2006 enacted (in millions): 3.3; 
FY2007 request (in millions): 4.0; 

Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Treasury Foreign Intelligence Network; 
Investment type: major; 
FY2005 actuals (in millions): 3.5; 
FY2006 enacted (in millions): 16.2; 
FY2007 request (in millions): 21.2; 

Reasons for high risk designation[A]: D; 
Performance shortfall: Schedule variance not within 10 percent; 
Planned improvement efforts: The corrective action for the schedule 
variance is being handled as part of the restructuring and re-planning 
activity in 1st quarter fiscal year 2006. 

[End of table] 

Source: OMB FY2007 Exhibit 53 and Department of Treasury documents. 

[A] Reasons for high risk designation include: 

A=The agency has not consistently demonstrated the ability to manage 
complex projects. 

B=The project has exceptionally high development, operating, or 
maintenance costs, either in absolute terms or as a percentage of the 
agency's total IT portfolio. 

C=The project is being undertaken to correct recognized deficiencies in 
the adequate performance of an essential mission program or function of 
the agency, a component of the agency, or another organization. 

D=The projects' delay or failure would introduce for the first time 
unacceptable or inadequate performance or failure of an essential 
mission function of the agency, a component of the agency, or another 
organization. (Note: According to OMB staff, projects identified as 
high risk per OMB's additional instructions on e-government or lines of 
business initiatives met this reason.) 

E=Other. 

Table 19: Summary of High Risk Projects for the Department of Veterans 
Affairs: 

Investment name: Health Admin Center; 
IT Operations2007; 
Investment type: major; 
FY2005 actuals (in millions): $9.7; 
FY2006 enacted (in millions): $13.3; 
FY2007 request (in millions): $11.3; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Fee Basis Replacement2007; 
Investment type: major; 
FY2005 actuals (in millions): 8.6; 
FY2006 enacted (in millions): 7.6; 
FY2007 request (in millions): 0.0; 
Reasons for high risk designation[A]: D; 
Performance shortfall: Unclear baselines, and cost and schedule 
variances not within 10 percent; 
Planned improvement efforts: This project is being terminated. 

Investment name: VistA Legacy2007; 
Investment type: major; 
FY2005 actuals (in millions): 437.7; 
FY2006 enacted (in millions): 451.9; 
FY2007 request (in millions): 460.3; 
Reasons for high risk designation[A]: B; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: VistA Imaging2007; 
Investment type: major; 
FY2005 actuals (in millions): 79.7; 
FY2006 enacted (in millions): 67.6; 
FY2007 request (in millions): 51.6; 
Reasons for high risk designation[A]: D; 
Performance shortfall: Unclear baselines, and cost and schedule 
variances not within 10 percent; 
Planned improvement efforts: A new performance measurement baseline 
with associated cost and schedule variances will be submitted for OMB 
approval. 

Investment name: Scheduling Replacement Project2007; 
Investment type: major; 
FY2005 actuals (in millions): 18.7; 
FY2006 enacted (in millions): 12.8; 
FY2007 request (in millions): 12.9; 
Reasons for high risk designation[A]: D; 
Performance shortfall: Unclear baselines, and cost and schedule 
variances not within 10 percent; 
Planned improvement efforts: A new performance measurement baseline 
with associated cost and schedule variances will be submitted for OMB 
approval. 

Investment name: Health Data Repository2007; 
Investment type: major; 
FY2005 actuals (in millions): 40.3; 
FY2006 enacted (in millions): 24.2; 
FY2007 request (in millions): 26.8; 
Reasons for high risk designation[A]: D; 
Performance shortfall: Unclear baselines, and cost and schedule 
variances not within 10 percent; 
Planned improvement efforts: A new performance measurement baseline 
with associated cost and schedule variances will be submitted for OMB 
approval. 

Investment name: Enrollment (Includes Income Verification)2007; 
Investment type: major; 
FY2005 actuals (in millions): 12.9; 
FY2006 enacted (in millions): 14.9; 
FY2007 request (in millions): 11.8; 
Reasons for high risk designation[A]: D; 
Performance shortfall: Unclear baselines, and cost and schedule 
variances not within 10 percent; 
Planned improvement efforts: A new performance measurement baseline 
with associated cost and schedule variances will be submitted for OMB 
approval. 

Investment name: VistA Laboratory IS System Re-engineering2007; 
Investment type: major; 
FY2005 actuals (in millions): 5.2; 
FY2006 enacted (in millions): 3.3; 
FY2007 request (in millions): 18.4; 
Reasons for high risk designation[A]: D; 
Performance shortfall: Unclear baselines, and cost and schedule 
variances not within 10 percent; 
Planned improvement efforts: A new performance measurement baseline 
with associated cost and schedule variances will be submitted for OMB 
approval. 

Investment name: HealtheVet VistA2007; 
Investment type: major; 
FY2005 actuals (in millions): $45.7; 
FY2006 enacted (in millions): $42.9; 
FY2007 request (in millions): $71.6; 
Reasons for high risk designation[A]: D; 
Performance shortfall: Unclear baselines, and cost and schedule 
variances not within 10 percent; 
Planned improvement efforts: A new performance measurement baseline 
with associated cost and schedule variances will be submitted for OMB 
approval. 

Investment name: MyHealtheVet2007; 
Investment type: major; 
FY2005 actuals (in millions): 21.4; 
FY2006 enacted (in millions): 13.1; 
FY2007 request (in millions): 16.6; 
Reasons for high risk designation[A]: B, C, D; 
Performance shortfall: Unclear baselines, and cost and schedule 
variances not within 10 percent; 
Planned improvement efforts: A new performance measurement baseline 
with associated cost and schedule variances will be submitted for OMB 
approval. 

Investment name: Medical and Prosthetic Research2007; 
Investment type: major; 
FY2005 actuals (in millions): 20.4; 
FY2006 enacted (in millions): 23.1; 
FY2007 request (in millions): 23.0; 
Reasons for high risk designation[A]: D; 
Performance shortfall: Unclear baselines, and cost and schedule 
variances not within 10 percent; 
Planned improvement efforts: A new performance measurement baseline 
with associated cost and schedule variances will be submitted for OMB 
approval. 

Investment name: Decision Support System Legacy2007; 
Investment type: major; 
FY2005 actuals (in millions): 19.3; 
FY2006 enacted (in millions): 19.3; 
FY2007 request (in millions): 19.5; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Allocation Resource Center2007; 
Investment type: major; 
FY2005 actuals (in millions): 4.8; 
FY2006 enacted (in millions): 2.9; 
FY2007 request (in millions): 2.9; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Patient Financial Services System2007; 
Investment type: major; 
FY2005 actuals (in millions): 36.7; 
FY2006 enacted (in millions): 9.4; 
FY2007 request (in millions): 0.0; 
Reasons for high risk designation[A]: B; 
Performance shortfall: Unclear baselines, and cost and schedule 
variances not within 10 percent; 
Planned improvement efforts: A new performance measurement baseline 
with associated cost and schedule variances will be submitted for OMB 
approval. 

Investment name: Decision Support System Modernization2007; 
Investment type: major; 
FY2005 actuals (in millions): 2.5; 
FY2006 enacted (in millions): 0.5; 
FY2007 request (in millions): 0.0; 
Reasons for high risk designation[A]: D; 
Performance shortfall: Unclear baselines, and cost and schedule 
variances not within 10 percent; 
Planned improvement efforts: This project is being terminated. 

Investment name: Pharmacy Re-Engineering and IT Support2007; 
Investment type: major; 
FY2005 actuals (in millions): 17.8; 
FY2006 enacted (in millions): 16.0; 
FY2007 request (in millions): 16.9; 
Reasons for high risk designation[A]: D; 
Performance shortfall: Unclear baselines, and cost and schedule 
variances not within 10 percent; 
Planned improvement efforts: A new performance measurement baseline 
with associated cost and schedule variances will be submitted for OMB 
approval. 

Investment name: Payroll/HR Systems2007; 
Investment type: major; 
FY2005 actuals (in millions): 12.3; 
FY2006 enacted (in millions): 14.1; 
FY2007 request (in millions): 14.2; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Financial Management System2007; 
Investment type: major; 
FY2005 actuals (in millions): 13.9; 
FY2006 enacted (in millions): 16.0; 
FY2007 request (in millions): 16.1; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: e-Payroll2007; 
Investment type: IT migration investment portion of a larger asset; 
FY2005 actuals (in millions): $6.1; 
FY2006 enacted (in millions): $5.5; 
FY2007 request (in millions): $7.1; 
Reasons for high risk designation[A]: D; 
Performance shortfall: Unclear baselines, and cost and schedule 
variances not within 10 percent; 
Planned improvement efforts: A new performance measurement baseline 
with associated cost and schedule variances will be submitted for OMB 
approval. 

Investment name: VA wide e-Travel Solution2007; 
Investment type: major; 
FY2005 actuals (in millions): 2.4; 
FY2006 enacted (in millions): 4.2; 
FY2007 request (in millions): 3.6; 
Reasons for high risk designation[A]: D; 
Performance shortfall: Unclear baselines, and cost and schedule 
variances not within 10 percent; 
Planned improvement efforts: A new performance measurement baseline 
with associated cost and schedule variances will be submitted for OMB 
approval. 

Investment name: VA-Learning Management System2007; 
Investment type: major; 
FY2005 actuals (in millions): 1.9; 
FY2006 enacted (in millions): 0.9; 
FY2007 request (in millions): 5.4; 
Reasons for high risk designation[A]: D; 
Performance shortfall: Unclear baselines, and cost and schedule 
variances not within 10 percent; 
Planned improvement efforts: A new performance measurement baseline 
with associated cost and schedule variances will be submitted for OMB 
approval. 

Investment name: Federal Health Information Exchange2007; 
Investment type: major; 
FY2005 actuals (in millions): 4.6; 
FY2006 enacted (in millions): 4.8; 
FY2007 request (in millions): 4.9; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: BDN Maintenance and Operations2007; 
Investment type: major; 
FY2005 actuals (in millions): 20.8; 
FY2006 enacted (in millions): 21.8; 
FY2007 request (in millions): 21.8; 
Reasons for high risk designation[A]: D; 
Performance shortfall: Unclear baselines, and cost and schedule 
variances not within 10 percent; 
Planned improvement efforts: A new operational baseline with associated 
cost and schedule variances will be submitted for OMB approval. 

Investment name: BIRLS/VADS2007; 
Investment type: major; 
FY2005 actuals (in millions): 2.7; 
FY2006 enacted (in millions): 2.5; 
FY2007 request (in millions): 2.5; 
Reasons for high risk designation[A]: D; 
Performance shortfall: Unclear baselines, and cost and schedule 
variances not within 10 percent; 
Planned improvement efforts: An operational baseline with associated 
cost and schedule variances will be submitted for OMB approval. 

Investment name: C&P Maintenance and Operations (non-BDN)2007; 
Investment type: major; 
FY2005 actuals (in millions): 54.4; 
FY2006 enacted (in millions): 17.9; 
FY2007 request (in millions): 15.8; 
Reasons for high risk designation[A]: D; 
Performance shortfall: Schedule variance not within 10 percent; 
Planned improvement efforts: No planned improvement efforts reported. 

Investment name: Education Maintenance and Operations (non-BDN)2007; 
Investment type: major; 
FY2005 actuals (in millions): 1.1; 
FY2006 enacted (in millions): 7.4; 
FY2007 request (in millions): 1.8; 
Reasons for high risk designation[A]: D; 
Performance shortfall: Unclear baselines, and cost and schedule 
variances not within 10 percent; 
Planned improvement efforts: An operational baseline with associated 
cost and schedule variances will be submitted for OMB approval. 

Investment name: Insurance System Maintenance and Operations2007; 
Investment type: major; 
FY2005 actuals (in millions): $8.5; 
FY2006 enacted (in millions): $7.3; 
FY2007 request (in millions): $7.9; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Loan Guaranty Maintenance and Operations2007; 
Investment type: major; 
FY2005 actuals (in millions): 9.1; 
FY2006 enacted (in millions): 10.3; 
FY2007 request (in millions): 10.0; 
Reasons for high risk designation[A]: D; 
Performance shortfall: Unclear baselines, and cost and schedule 
variances not within 10 percent; 
Planned improvement efforts: A new operational baseline with associated 
cost and schedule variances will be submitted for OMB approval. 

Investment name: Program Integrity/Data Management2007; 
Investment type: major; 
FY2005 actuals (in millions): 10.9; 
FY2006 enacted (in millions): 9.8; 
FY2007 request (in millions): 9.5; 
Reasons for high risk designation[A]: D; 
Performance shortfall: Unclear baselines, and cost and schedule 
variances not within 10 percent; 
Planned improvement efforts: An operational baseline with associated 
cost and schedule variances will be submitted for OMB approval. 

Investment name: The Education Expert System2007; 
Investment type: major; 
FY2005 actuals (in millions): 1.8; 
FY2006 enacted (in millions): 3.3; 
FY2007 request (in millions): 3.2; 
Reasons for high risk designation[A]: D; 
Performance shortfall: Unclear baselines, and cost and schedule 
variances not within 10 percent; 
Planned improvement efforts: A new performance measurement baseline 
with associated cost and schedule variances will be submitted for OMB 
approval. 

Investment name: VR&E Maintenance and Operations (non-BDN)2007; 
Investment type: major; 
FY2005 actuals (in millions): 5.4; 
FY2006 enacted (in millions): 2.7; 
FY2007 request (in millions): 2.7; 
Reasons for high risk designation[A]: D; 
Performance shortfall: Unclear baselines, and cost and schedule 
variances not within 10 percent; 
Planned improvement efforts: An operational baseline with associated 
cost and schedule variances will be submitted for OMB approval. 

Investment name: Burial Operations Support System2007; 
Investment type: major; 
FY2005 actuals (in millions): 1.0; 
FY2006 enacted (in millions): 1.0; 
FY2007 request (in millions): 1.0; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Automated Monument Application System2007; 
Investment type: major; 
FY2005 actuals (in millions): 0.6; 
FY2006 enacted (in millions): 0.7; 
FY2007 request (in millions): 0.6; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A.  

Source: OMB FY2007 Exhibit 53 and Department of Veterans Affairs 
documents. 

[A] Reasons for high risk designation include: 

A=The agency has not consistently demonstrated the ability to manage 
complex projects. 

B=The project has exceptionally high development, operating, or 
maintenance costs, either in absolute terms or as a percentage of the 
agency's total IT portfolio. 

C=The project is being undertaken to correct recognized deficiencies in 
the adequate performance of an essential mission program or function of 
the agency, a component of the agency, or another organization. 

D=The projects' delay or failure would introduce for the first time 
unacceptable or inadequate performance or failure of an essential 
mission function of the agency, a component of the agency, or another 
organization. (Note: According to OMB staff, projects identified as 
high risk per OMB's additional instructions on e-government or lines of 
business initiatives met this reason.) 

E=Other. 

[End of table]

Table 20: Summary of High Risk Projects for the Environmental 
Protection Agency: 

Investment name: PeoplePlusHR; 
Investment type: major; 
FY2005 actuals (in millions): $3.9; 
FY2006 enacted (in millions): $2.6; 
FY2007 request (in millions): $2.9; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: e-Rulemaking; 
Investment type: major; 
FY2005 actuals (in millions): 10.7; 
FY2006 enacted (in millions): 1.2; 
FY2007 request (in millions): 1.8; 
Reasons for high risk designation[A]: D; 
Performance shortfall: Cost variance not within 10 percent; 
Planned improvement efforts: A rebaseline will be requested and 
monitored by operational analysis rather than earned value management 
until development funds are reauthorized. 

Investment name: EZ-Hire; 
Investment type: non-major; 
FY2005 actuals (in millions): 0.6; 
FY2006 enacted (in millions): 0.4; 
FY2007 request (in millions): 0.4; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Financial Replacement System; 
Investment type: major; 
FY2005 actuals (in millions): 19.5; 
FY2006 enacted (in millions): 28.2; 
FY2007 request (in millions): 37.0; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Integrated Contracts Management System; 
Investment type: major; 
FY2005 actuals (in millions): 2.3; 
FY2006 enacted (in millions): 3.0; 
FY2007 request (in millions): 3.0; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Integrated Grants Management System; 
Investment type: major; 
FY2005 actuals (in millions): 2.4; 
FY2006 enacted (in millions): 1.6; 
FY2007 request (in millions): 1.5; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Source: OMB FY2007 Exhibit 53 and Environmental Protection Agency 
documents. 

[A] Reasons for high risk designation include: 

A=The agency has not consistently demonstrated the ability to manage 
complex projects. 

B=The project has exceptionally high development, operating, or 
maintenance costs, either in absolute terms or as a percentage of the 
agency's total IT portfolio. 

C=The project is being undertaken to correct recognized deficiencies in 
the adequate performance of an essential mission program or function of 
the agency, a component of the agency, or another organization. 

D=The projects' delay or failure would introduce for the first time 
unacceptable or inadequate performance or failure of an essential 
mission function of the agency, a component of the agency, or another 
organization. (Note: According to OMB staff, projects identified as 
high risk per OMB's additional instructions on e-government or lines of 
business initiatives met this reason.) 

E=Other. 

[End of table] 

Table 21: Summary of High Risk Projects for the General Services 
Administration: 

Investment name: CHRIS; 
Investment type: major; 
FY2005 actuals (in millions): $5.7; 
FY2006 enacted (in millions): $7.2; 
FY2007 request (in millions): $6.3; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: eAuthentication; 
Investment type: major; 
FY2005 actuals (in millions): 2.1; 
FY2006 enacted (in millions): 2.3; 
FY2007 request (in millions): 3.1; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Enterprise Customer Relationship Management System; 
Investment type: major; 
FY2005 actuals (in millions): 12.5; 
FY2006 enacted (in millions): 17.4; 
FY2007 request (in millions): 18.4; 
Reasons for high risk designation[A]: E; 
This is a large project in the initial stage; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: eTravel; 
Investment type: major; 
FY2005 actuals (in millions): 10.2; 
FY2006 enacted (in millions): 9.9; 
FY2007 request (in millions): 9.1; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Federal Asset Sales Program; 
Investment type: major; 
FY2005 actuals (in millions): 2.8; 
FY2006 enacted (in millions): 2.4; 
FY2007 request (in millions): 1.8; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: FMLoB COE/Pegasys; 
Investment type: major; 
FY2005 actuals (in millions): 28.9; 
FY2006 enacted (in millions): 39.9; 
FY2007 request (in millions): 40.1; 
Reasons for high risk designation[A]: B; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: GSA Preferred; 
Investment type: non-major; 
FY2005 actuals (in millions): 10.6; 
FY2006 enacted (in millions): 18.0; 
FY2007 request (in millions): 3.0; 
Reasons for high risk designation[A]: B; 
Performance shortfall: Unclear baselines, cost, and schedule variances 
not within 10 percent and project manager is not qualified; 
Planned improvement efforts: Based on the results of an independent 
assessment, GSA has determined that this investment is not meeting the 
current and future business objectives. As a result, GSA is terminating 
this investment; 
GSA has initiated a data migration initiative that will enable 
migration of the two regions to the legacy system. Will provide 
quarterly updates on progress of migration activity; 
Action date: fiscal year 2007, 4th. 

Investment name: Integrated Acquisition Environment; 
Investment type: major; 
FY2005 actuals (in millions): $9.4; 
FY2006 enacted (in millions): $4.3; 
FY2007 request (in millions): $3.9; 
Reasons for high risk designation[A]: D; 
Performance shortfall: Cost variance not within 10 percent and project 
manager is not qualified; 
Planned improvement efforts: Update task planned start and end dates on 
protest resolution and project manager will continue required training 
to meet CIO program manager certification criteria; 
Action date: fiscal year 2006, 4th quarter. 

Investment name: USA Services; 
Investment type: major; 
FY2005 actuals (in millions): 11.3; 
FY2006 enacted (in millions): 11.5; 
FY2007 request (in millions): 11.7; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Source: OMB FY2007 Exhibit 53 and General Services Administration 
documents. 

[A] Reasons for high risk designation include: 

A=The agency has not consistently demonstrated the ability to manage 
complex projects. 

B=The project has exceptionally high development, operating, or 
maintenance costs, either in absolute terms or as a percentage of the 
agency's total IT portfolio. 

C=The project is being undertaken to correct recognized deficiencies in 
the adequate performance of an essential mission program or function of 
the agency, a component of the agency, or another organization. 

D=The projects' delay or failure would introduce for the first time 
unacceptable or inadequate performance or failure of an essential 
mission function of the agency, a component of the agency, or another 
organization. (Note: According to OMB staff, projects identified as 
high risk per OMB's additional instructions on e-government or lines of 
business initiatives met this reason.) 

E=Other. 

[End of table] 

Table 22: Summary of High Risk Projects for the National Aeronautics 
and Space Administration: 

Investment name: E-Rulemaking; 
Investment type: Joint effort for more than one agency; 
FY2005 actuals (in millions): $0.2; 
FY2006 enacted (in millions): $0.4; 
FY2007 request (in millions): $0.3; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Business Gateway; 
Investment type: Joint effort for more than one agency; 
FY2005 actuals (in millions): 0.0; 
FY2006 enacted (in millions): 0.1; 
FY2007 request (in millions): 0.1; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Geospatial One-Stop; 
Investment type: Joint effort for more than one agency; 
FY2005 actuals (in millions): 0.2; 
FY2006 enacted (in millions): 0.3; 
FY2007 request (in millions): 0.0; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Grants.Gov; 
Investment type: Joint effort for more than one agency; 
FY2005 actuals (in millions): 0.5; 
FY2006 enacted (in millions): 0.5; 
FY2007 request (in millions): 0.5; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: E-Training; 
Investment type: Joint effort for more than one agency; 
FY2005 actuals (in millions): $1.0; 
FY2006 enacted (in millions): $0.0; 
FY2007 request (in millions): $0.0; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Recruitment One Stop; 
Investment type: Joint effort for more than one agency; 
FY2005 actuals (in millions): 0.0; 
FY2006 enacted (in millions): 0.0; 
FY2007 request (in millions): 0.0; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: E-Payroll; 
Investment type: Joint effort for more than one agency; 
FY2005 actuals (in millions): 1.0; 
FY2006 enacted (in millions): 0.0; 
FY2007 request (in millions): 0.0; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: E-Travel; 
Investment type: Joint effort for more than one agency; 
FY2005 actuals (in millions): 0.2; 
FY2006 enacted (in millions): 0.5; 
FY2007 request (in millions): 0.0; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Integrated Acquisition Environment; 
Investment type: Joint effort for more than one agency; 
FY2005 actuals (in millions): 1.8; 
FY2006 enacted (in millions): 1.3; 
FY2007 request (in millions): 1.4; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: E-Records Management; 
Investment type: Joint effort for more than one agency; 
FY2005 actuals (in millions): 0.0; 
FY2006 enacted (in millions): 0.0; 
FY2007 request (in millions): 0.0; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: E-Authentication; 
Investment type: Joint effort for more than one agency; 
FY2005 actuals (in millions): 0.4; 
FY2006 enacted (in millions): 0.5; 
FY2007 request (in millions): 0.6; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Financial Management Line of Business; 
Investment type: Joint effort for more than one agency; 
FY2005 actuals (in millions): 0.1; 
FY2006 enacted (in millions): 0.1; 
FY2007 request (in millions): 0.1; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Human Resource Management Lines of Business; 
Investment type: Joint effort for more than one agency; 
FY2005 actuals (in millions): 0.0; 
FY2006 enacted (in millions): 0.0; 
FY2007 request (in millions): 0.1; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Information Systems Security Line of Business; 
Investment type: Joint effort for more than one agency; 
FY2005 actuals (in millions): 0.0; 
FY2006 enacted (in millions): 0.0; 
FY2007 request (in millions): 0.0; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Core Financial; 
Investment type: major; 
FY2005 actuals (in millions): 38.3; 
FY2006 enacted (in millions): 87.3; 
FY2007 request (in millions): 37.9; 
Reasons for high risk designation[A]: B, C; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Contract Management Module; 
Investment type: major; 
FY2005 actuals (in millions): 16.6; 
FY2006 enacted (in millions): 37.4; 
FY2007 request (in millions): 14.1; 
Reasons for high risk designation[A]: B, C; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Source: OMB FY2007 Exhibit 53 and National Aeronautics and Space 
Administration documents. 

[A] Reasons for high risk designation include: 

A=The agency has not consistently demonstrated the ability to manage 
complex projects. 

B=The project has exceptionally high development, operating, or 
maintenance costs, either in absolute terms or as a percentage of the 
agency's total IT portfolio. 

C=The project is being undertaken to correct recognized deficiencies in 
the adequate performance of an essential mission program or function of 
the agency, a component of the agency, or another organization. 

D=The projects' delay or failure would introduce for the first time 
unacceptable or inadequate performance or failure of an essential 
mission function of the agency, a component of the agency, or another 
organization. (Note: According to OMB staff, projects identified as 
high risk per OMB's additional instructions on e-government or lines of 
business initiatives met this reason.) 

E=Other. 

[End of table] 

Table 23: Summary of High Risk Projects for the National Science 
Foundation: 

Investment name: E-Human Capital; 
Investment type: major; 
FY2005 actuals (in millions): $0.7; 
FY2006 enacted (in millions): $1.6; 
FY2007 request (in millions): $2.5;  
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Source: OMB FY2007 Exhibit 53 and National Science Foundation 
documents. 

[A] Reasons for high risk designation include: 

A=The agency has not consistently demonstrated the ability to manage 
complex projects. 

B=The project has exceptionally high development, operating, or 
maintenance costs, either in absolute terms or as a percentage of the 
agency's total IT portfolio. 

C=The project is being undertaken to correct recognized deficiencies in 
the adequate performance of an essential mission program or function of 
the agency, a component of the agency, or another organization. 

D=The projects' delay or failure would introduce for the first time 
unacceptable or inadequate performance or failure of an essential 
mission function of the agency, a component of the agency, or another 
organization. (Note: According to OMB staff, projects identified as 
high risk per OMB's additional instructions on e-government or lines of 
business initiatives met this reason.) 

E=Other. 

[End of table] 

Table 24: Summary of High Risk Projects for the Nuclear Regulatory 
Commission: 

Investment name: e-Travel; 
Investment type: non-major; 
FY2005 actuals (in millions): $0.1; 
FY2006 enacted (in millions): $0.5; 
FY2007 request (in millions): $0.3; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Disaster Management Information System; 
Investment type: Joint effort for more than one agency; 
FY2005 actuals (in millions): N/A; 
FY2006 enacted (in millions): N/A; 
FY2007 request (in millions): N/A; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Learning Management System; 
Investment type: non- major; 
FY2005 actuals (in millions): 0.5; 
FY2006 enacted (in millions): 0.5; 
FY2007 request (in millions): 0.5; 
Reasons for high risk designation[A]: D; 
Performance shortfall: Cost and schedule variance not within 10 
percent; 
Planned improvement efforts: Complete security certification and 
accreditation process; 
Action date: pending. 

Investment name: Electronic Information Exchange; 
Investment type: major; 
FY2005 actuals (in millions): 0.8; 
FY2006 enacted (in millions): 0.7; 
FY2007 request (in millions): 0.9; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Source: OMB FY2007 Exhibit 53 and Nuclear Regulatory Commission 
documents. 

[A] Reasons for high risk designation include: 

A=The agency has not consistently demonstrated the ability to manage 
complex projects. 

B=The project exceptionally high development, operating, or maintenance 
costs, either in absolute terms or as a percentage of the agency's 
total IT portfolio. 

C=The project is being undertaken to correct recognized deficiencies in 
the adequate performance of an essential mission program or function of 
the agency, a component of the agency, or another organization. 

D=The projects' delay or failure would introduce for the first time 
unacceptable or inadequate performance or failure of an essential 
mission function of the agency, a component of the agency, or another 
organization. (Note: According to OMB staff, projects identified as 
high risk per OMB's additional instructions on e-government or lines of 
business initiatives met this reason.) 

E=Other. 

[End of table] 

Table 25: Summary of High Risk Projects for the Office of Personnel 
Management: 

Investment name: Information Systems Security Line of Business; 
Investment type: Joint effort for more than one agency; 
FY2005 actuals (in millions): $0.0; 
FY2006 enacted (in millions): $0.0; 
FY2007 request (in millions): $0.0; 
Reasons for high risk designation[A]: D; 
Performance shortfall: Unclear baselines, cost and schedule variances 
not within 10 percent, and project manager is not qualified; 
Planned improvement efforts: The Office of Personnel Management's 
project coordinator will work with OMB staff and interagency 
Information Systems Security Line of Business participants to clarify 
governmentwide and agency goals. Once the goals are clarified, the 
baseline cost and schedule will be developed. Agency will assess the 
project manager against the agency's qualification guidelines. 

Investment name: Retirement Systems Modernization; 
Investment type: major; 
FY2005 actuals (in millions): 5.4; 
FY2006 enacted (in millions): 52.7; 
FY2007 request (in millions): 43.2; 
Reasons for high risk designation[A]: B, C, D; 
Performance shortfall: Unclear baselines, and cost and schedule 
variance not within 10 percent; 
Planned improvement efforts: This project is still in the planning 
phase and a baseline is being developed. 

Investment name: Financial Management Line of Business; 
Investment type: Joint effort for more than one agency; 
FY2005 actuals (in millions): 0.0; 
FY2006 enacted (in millions): 0.1; 
FY2007 request (in millions): 0.1; 
Reasons for high risk designation[A]: D; 
Performance shortfall: Cost and schedule variance not within 10 
percent; 
Planned improvement efforts: Corrective actions not reported. 

Investment name: Human Resources Management Line of Business; 
Investment type: major; 
FY2005 actuals (in millions): 5.8; 
FY2006 enacted (in millions): 8.0; 
FY2007 request (in millions): 6.7; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Enterprise Human Resources Integration; 
Investment type: major; 
FY2005 actuals (in millions): 12.8; 
FY2006 enacted (in millions): 36.8; 
FY2007 request (in millions): 36.4; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: E-Training; 
Investment type: major; 
FY2005 actuals (in millions): $3.0; 
FY2006 enacted (in millions): $3.1; 
FY2007 request (in millions): $3.1; 
Reasons for high risk designation[A]: D; 
Performance shortfall: Schedule variance not within 10 percent; 
Planned improvement efforts: The Human Resources Management Line of 
Business/ Human Resource Development Project Management Office will 
closely monitor the delivery of activities on the enterprise 
architecture, Workforce Development Roadmap, and performance management 
sub- projects. OPM requested the completion of remaining baseline 
corrections to resolve located schedule errors. 

Investment name: Recruitment One Stop/USA Jobs; 
Investment type: major; 
FY2005 actuals (in millions): 6.9; 
FY2006 enacted (in millions): 7.6; 
FY2007 request (in millions): 7.9; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: E-Clearance; 
Investment type: major; 
FY2005 actuals (in millions): 6.1; 
FY2006 enacted (in millions): 5.4; 
FY2007 request (in millions): 5.6; 
Reasons for high risk designation[A]: D; 
Performance shortfall: Cost and schedule variances not within 10 
percent; 
Planned improvement efforts: For both the cost/ and schedule variances, 
the agency is updating out estimate to complete to reflect a realistic 
timeline given the current circumstances with external stakeholders. 

Investment name: Personnel Investigations Processing Systems; 
Investment type: major; 
FY2005 actuals (in millions): 9.9; 
FY2006 enacted (in millions): 12.9; 
FY2007 request (in millions): 13.3; 
Reasons for high risk designation[A]: E; 
Designated by OMB; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: e-Rulemaking; 
Investment type: Joint effort for more than one agency; 
FY2005 actuals (in millions): 0.0; 
FY2006 enacted (in millions): 0.2; 
FY2007 request (in millions): 0.2; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Fed Asset Sales; 
Investment type: Joint effort for more than one agency; 
FY2005 actuals (in millions): $0.0; 
FY2006 enacted (in millions): $0.0; 
FY2007 request (in millions): $0.0; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Business Gateway; 
Investment type: Joint effort for more than one agency; 
FY2005 actuals (in millions): 0.0; 
FY2006 enacted (in millions): 0.2; 
FY2007 request (in millions): 0.1; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Disaster Management; 
Investment type: Joint effort for more than one agency; 
FY2005 actuals (in millions): 0.0; 
FY2006 enacted (in millions): 0.0; 
FY2007 request (in millions): 0.0; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: E-Travel; 
Investment type: IT migration investment portion of a larger asset; 
FY2005 actuals (in millions): 0.0; 
FY2006 enacted (in millions): 0.0; 
FY2007 request (in millions): 0.0; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: E-Authentication; 
Investment type: IT migration investment portion of a larger asset; 
FY2005 actuals (in millions): 0.0; 
FY2006 enacted (in millions): 0.5; 
FY2007 request (in millions): 0.1; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Source: OMB FY2007 Exhibit 53 and Office of Personnel Management 
documents. 

[A] Reasons for high risk designation include: 

A=The agency has not consistently demonstrated the ability to manage 
complex projects. 

B=The project exceptionally high development, operating, or maintenance 
costs, either in absolute terms or as a percentage of the agency's 
total IT portfolio. 

C=The projects is being undertaken to correct recognized deficiencies 
in the adequate performance of an essential mission program or function 
of the agency, a component of the agency, or another organization. 

D=The projects' delay or failure would introduce for the first time 
unacceptable or inadequate performance or failure of an essential 
mission function of the agency, a component of the agency, or another 
organization. (Note: According to OMB staff, projects identified as 
high risk per OMB's additional instructions on e-government or lines of 
business initiatives met this reason.) 

E=Other. 

[End of table] 

Table 26: Summary of High Risk Projects for Small Business 
Administration: 

Investment name: GovBenefits.gov; 
Investment type: Joint effort for more than one agency; 
FY2005 actuals (in millions): N/A; 
FY2006 request (in millions): N/A; 
FY2007 request (in millions): $0.1; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: USA Services; 
Investment type: Joint effort for more than one agency; 
FY2005 actuals (in millions): 0.0; 
FY2006 request (in millions): 0.0; 
FY2007 request (in millions): 0.0; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: E-Rulemaking; 
Investment type: Joint effort for more than one agency; 
FY2005 actuals (in millions): 0.2; 
FY2006 request (in millions): 0.2; 
FY2007 request (in millions): 0.2; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Federal Asset Sales; 
Investment type: Joint effort for more than one agency; 
FY2005 actuals (in millions): 0.0; 
FY2006 request (in millions): 0.0; 
FY2007 request (in millions): 0.0; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Geospatial One-Stop; 
Investment type: Joint effort for more than one agency; 
FY2005 actuals (in millions): 0.0; 
FY2006 request (in millions): 0.0; 
FY2007 request (in millions): 0.0; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Disaster Management; 
Investment type: Joint effort for more than one agency; 
FY2005 actuals (in millions): 0.0; 
FY2006 request (in millions): 0.0; 
FY2007 request (in millions): 0.0; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Grants.gov; 
Investment type: Joint effort for more than one agency; 
FY2005 actuals (in millions): 0.0; 
FY2006 request (in millions): 0.2; 
FY2007 request (in millions): 0.1; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: E-Training; 
Investment type: Joint effort for more than one agency; 
FY2005 actuals (in millions): 0.0; 
FY2006 request (in millions): 0.0; 
FY2007 request (in millions): 0.0; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Recruitment One-Stop; 
Investment type: Joint effort for more than one agency; 
FY2005 actuals (in millions): N/A; 
FY2006 request (in millions): N/A; 
FY2007 request (in millions): N/A; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Enterprise Human Resources Integration; 
Investment type: Joint effort for more than one agency; 
FY2005 actuals (in millions): 0.0; 
FY2006 request (in millions): 0.0; 
FY2007 request (in millions): 0.0; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: E-Clearance; 
Investment type: Joint effort for more than one agency; 
FY2005 actuals (in millions): N/A; 
FY2006 request (in millions): N/A; 
FY2007 request (in millions): N/A; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: E-Travel; 
Investment type: Joint effort for more than one agency; 
FY2005 actuals (in millions): 0.0; 
FY2006 request (in millions): 0.3; 
FY2007 request (in millions): 0.0; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: E-Authentication; 
Investment type: Joint effort for more than one agency; 
FY2005 actuals (in millions): 0.4; 
FY2006 request (in millions): 0.5; 
FY2007 request (in millions): 0.1; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Financial Management Line of Business; 
Investment type: Joint effort for more than one agency; 
FY2005 actuals (in millions): 0.1; 
FY2006 request (in millions): 0.1; 
FY2007 request (in millions): 0.1; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Human Resources Management Line of Business; 
Investment type: Joint effort for more than one agency; 
FY2005 actuals (in millions): $0.0; 
FY2006 request (in millions): $0.1; 
FY2007 request (in millions): $0.7; 
Reasons for high risk designation[A]: D; 
Performance shortfall: Project manager is not yet qualified; 
Planned improvement efforts: Original project deliverable for fiscal 
year 2006 was deferred, with no project manager required. New project 
manager is receiving training as part of Office of CIO directed formal 
training activity. 

Investment name: WinZip SmartBUY; 
Investment type: Joint effort for more than one agency; 
FY2005 actuals (in millions): N/A; 
FY2006 request (in millions): N/A; 
FY2007 request (in millions): N/A; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Grants Management LOB; 
Investment type: Joint effort for more than one agency; 
FY2005 actuals (in millions): 0.0; 
FY2006 request (in millions): 0.0; 
FY2007 request (in millions): 0.0; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Integrated Acquisition Environment; 
Investment type: Joint effort for more than one agency; 
FY2005 actuals (in millions): 0.0; 
FY2006 request (in millions): 0.0; 
FY2007 request (in millions): 0.1; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Business Gateway (e-GOV); 
Investment type: Joint effort for more than one agency; 
FY2005 actuals (in millions): 0.1; 
FY2006 request (in millions): 0.1; 
FY2007 request (in millions): 0.1; 
Reasons for high risk designation[A]: D; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Business Gateway (Managing Partner)[B]; 
Investment type: major; 
FY2005 actuals (in millions): 8.9; 
FY2006 request (in millions): 10.3; 
FY2007 request (in millions): 7.9; 
Reasons for high risk designation[A]: B; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Disaster Credit Management System[B]; 
Investment type: major; 
FY2005 actuals (in millions): 5.0; 
FY2006 request (in millions): 5.6; 
FY2007 request (in millions): 5.8; 
Reasons for high risk designation[A]: B; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Source: OMB FY2007 Exhibit 53 and Small Business Administration 
documents. 

[A] Reasons for high risk designation include: 

A=The agency has not consistently demonstrated the ability to manage 
complex projects. 

B=The project has exceptionally high development, operating, or 
maintenance costs, either in absolute terms or as a percentage of the 
agency's total IT portfolio. 

C=The project is being undertaken to correct recognized deficiencies in 
the adequate performance of an essential mission program or function of 
the agency, a component of the agency, or another organization. 

D=The projects' delay or failure would introduce for the first time 
unacceptable or inadequate performance or failure of an essential 
mission function of the agency, a component of the agency, or another 
organization. (Note: According to OMB staff, projects identified as 
high risk per OMB's additional instructions on e-government or lines of 
business initiatives met this reason.) 

E=Other. 

[B] According to agency officials, the fiscal year 2006 request was 
enacted for these investments. 

[End of table] 

Table 27: Summary of High Risk Projects for the Social Security 
Administration: 

Investment name: E-Vital; 
Investment type: major; 
FY2005 actuals (in millions): $1.1; 
FY2006 enacted (in millions): $1.0; 
FY2007 request (in millions): $0.8; 
Reasons for high risk designation[A]: D; 
Performance shortfall: Cost variance not within 10 percent; 
Planned improvement efforts: None, as fixed price contract cost 
variances at successful project completion will be zero. 

Investment name: e-Dib; 
Investment type: major; 
FY2005 actuals (in millions): 79.3; 
FY2006 enacted (in millions): 22.7; 
FY2007 request (in millions): 8.4; 
Reasons for high risk designation[A]: B; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Disability Process Improvements; 
Investment type: major; 
FY2005 actuals (in millions): 6.2; 
FY2006 enacted (in millions): 35.0; 
FY2007 request (in millions): 28.5; 
Reasons for high risk designation[A]: E; 
Improve SSA's Disability Service; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: Medicare Modernization; 
Investment type: major; 
FY2005 actuals (in millions): 99.0; 
FY2006 enacted (in millions): 61.4; 
FY2007 request (in millions): 7.6; 
Reasons for high risk designation[A]: E; 
Legislation; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. 

Investment name: IT Operations Assurance; 
Investment type: major; 
FY2005 actuals (in millions): 0.4; 
FY2006 enacted (in millions): 22.6; 
FY2007 request (in millions): 28.0; 
Reasons for high risk designation[A]: B; 
Performance shortfall: Cost variance not within 10 percent; 
Planned improvement efforts: Contract to be awarded for the second data 
center facility; 
Action date: pending. 

Investment name: Voice over IP; 
Investment type: major; 
FY2005 actuals (in millions): 0.4; 
FY2006 enacted (in millions): 41.1; 
FY2007 request (in millions): 33.5; 
Reasons for high risk designation[A]: B; 
Performance shortfall: No performance shortfall; 
Planned improvement efforts: N/A. =

Source: OMB FY2007 Exhibit 53 and Social Security Administration 
documents. 

[A] Reasons for high risk designation include: 

A=The agency has not consistently demonstrated the ability to manage 
complex projects. 

B=The project has exceptionally high development, operating, or 
maintenance costs, either in absolute terms or as a percentage of the 
agency's total IT portfolio. 

C=The project is being undertaken to correct recognized deficiencies in 
the adequate performance of an essential mission program or function of 
the agency, a component of the agency, or another organization. 

D=The projects' delay or failure would introduce for the first time 
unacceptable or inadequate performance or failure of an essential 
mission function of the agency, a component of the agency, or another 
organization. (Note: According to OMB staff, projects identified as 
high risk per OMB's additional instructions on e-government or lines of 
business initiatives met this reason.) 

E=Other. 

[End of table] 

Table 28: Summary of High Risk Projects for the U.S. Agency for 
International Development: 

Investment name: Joint Acquisition and Assistance Management System/ 
Procurement System Improvement Project; 
Investment type: major & non- major; 
FY2005 actuals (in millions): $0.0 & 10.6; 
FY2006 enacted (in millions): $6.0 & 0.0; 
FY2007 request (in millions): $11.4 & 0.0; 
Reasons for high risk designation[A]: C; 
Performance shortfall: Baselines not yet established and cost and 
schedule variances not within 10 percent; 
Planned improvement efforts: To collect information from various 
sources at the agency and the Department of State in order to validate 
milestones; 
Action date: 6/1/ 06. 

Source: OMB FY2007 Exhibit 53 and U.S. Agency for International 
Development documents. 

[A] Reasons for high risk designation include: 

A=The agency has not consistently demonstrated the ability to manage 
complex projects. 

B=The project has exceptionally high development, operating, or 
maintenance costs, either in absolute terms or as a percentage of the 
agency's total IT portfolio. 

C=The project is being undertaken to correct recognized deficiencies in 
the adequate performance of an essential mission program or function of 
the agency, a component of the agency, or another organization. 

D=The projects' delay or failure would introduce for the first time 
unacceptable or inadequate performance or failure of an essential 
mission function of the agency, a component of the agency, or another 
organization. (Note: According to OMB staff, projects identified as 
high risk per OMB's additional instructions on e-government or lines of 
business initiatives met this reason.) 

E=Other. 

[End of table] 

[End of section] 

Appendix IV GAO Contact and Staff Acknowledgments: 

GAO Contact: 

David A. Powner, (202) 512-9286, pownerd@gao.gov: 

Acknowledgments: 

In addition to the contact named above, the following people made key 
contributions to this report: William G. Barrick, Nancy Glover, 
Nnaemeka Okonkwo, Sabine Paul, and Niti Tandon. 

FOOTNOTES 

[1] GAO, Information Technology: OMB Can Make More Effective Use of Its 
Investment Reviews, GAO-05-276 (Washington, D.C.: April 15, 2005). 

[2] The 24 CFO agencies are the Departments of Agriculture, Commerce, 
Defense, Education, Energy, Health and Human Services, Homeland 
Security, Housing and Urban Development, the Interior, Justice, Labor, 
State, Transportation, the Treasury, and Veterans Affairs; 
and the Environmental Protection Agency, General Services 
Administration, National Aeronautics and Space Administration, National 
Science Foundation, Nuclear Regulatory Commission, Office of Personnel 
Management, Small Business Administration, Social Security 
Administration, and U.S. Agency for International Development. 

[3] 44 U.S.C. § 3504(a)(1)(B)(vi)(OMB); 
44 U.S.C. § 3506(h)(5) (agencies). 

[4] These requirements are specifically described in the Clinger-Cohen 
Act, 40 U.S.C. § 11302 (c). 

[5] 44 U.S.C. § 3603. 

[6] GAO, Information Technology Management: Governmentwide Strategic 
Planning, Performance Measurement, and Investment Management Can Be 
Further Improved, GAO-04-49 (Washington, D.C.: Jan. 12, 2004). 

[7] These scoring criteria are presented in Office of Management and 
Budget Circular A-11, Part 7, Planning, Budgeting, Acquisition, and 
Management of Capital Assets (June 2005). The criteria consist of 10 
categories, including acquisition strategy, project management, 
enterprise architecture, alternative analysis, risk management, 
performance goals, security and privacy, performance-based management 
system (including the earned value management system), life-cycle costs 
formulation, and support for the President's Management Agenda. A total 
composite score of all the categories is also derived. 

[8] OMB Circular A-11 defines a major IT investment as an investment 
that requires special management attention because of its importance to 
an agency's mission or because it is an integral part of the agency's 
enterprise architecture, has significant program or policy 
implications, has high executive visibility, or is defined as major by 
the agency's capital planning and investment control process. 

[9] GAO-05-276. 

[10] According to OMB management, individual analysts were responsible 
for evaluating projects and determining which projects met the criteria 
to be on the Management Watch List for their assigned agencies. To 
derive the total number of projects on the list that were reported for 
fiscal year 2005, OMB polled the individual analysts and compiled the 
numbers. OMB staff said that they did not aggregate these projects into 
a single list describing projects and their weaknesses. According to 
these officials, they did not construct a single list of projects 
meeting their Watch List criteria because they did not see such an 
activity as necessary in performing OMB's predominant mission: to 
assist in overseeing the preparation of the federal budget and to 
supervise agency budget administration. 

[11] In 2001, under the leadership of OMB, a team known as the E- 
Government Task Force identified a set of high-profile initiatives to 
lead the federal government's drive toward e-government transformation. 
These initiatives--now numbering 25--cover a wide spectrum of 
government activities, ranging from centralizing various types of 
government information on the Web to eliminating redundant, 
nonintegrated business operations and systems. For additional details 
on these e-government initiatives see GAO, Electronic Government: 
Federal Agencies Have Made Progress Implementing the E-Government Act 
of 2002, GAO-05-12 (Washington, D.C: Dec. 10, 2004). 

[12] For each initiative, OMB designated a specific agency to be the 
initiative's "managing partner," responsible for leading the 
initiative, and assigned other federal agencies as "partners" in 
carrying out the initiative. 

[13] Among these five agencies, many of their projects were either e- 
government or line of business initiatives. 

[14] EVM is a project management tool that integrates the investment 
scope of work with schedule and cost elements for investment planning 
and control. This method compares the value of work accomplished during 
a given period with that of the work expected in the period. 
Differences in expectations are measured in both cost and schedule 
variances. OMB requires agencies to use EVM as part of their 
performance-based management system for any investment under 
development or with system improvements under way. 

[15] GAO, High-Risk Series: An Update, GAO-05-207 (Washington, D.C., 
Jan. 2005). 

[16] GAO-05-207. 

[17] GAO, Census Bureau: Important Activities for Improving Management 
of Key 2010 Decennial Acquisitions Remain to be Done, GAO-06-444T 
(Washington, D.C.: Mar. 1, 2006). 

[18] GAO, Polar-Orbiting Operational Environmental Satellites: 
Technical Problems, Cost Increases, and Schedule Delays Trigger Need 
for Difficult Trade-Off Decisions, GAO-06-249T (Washington, D.C.: Nov. 
16, 2005). 

[19] GAO, Polar-Orbiting Operational Environmental Satellites: Cost 
Increases Trigger Review and Place Program's Direction on Hold, GAO-06-
573T (Washington, D.C.: Mar. 30, 2006). 

[20] GAO, United States Coast Guard: Improvements Needed in Management 
and Oversight of Rescue System Acquisition, GAO-06-632 (Washington, 
D.C.: May 31, 2006). 

[21] GAO-04-49. 

[22] The quarterly e-Gov Scorecards are reports that use a red/yellow/ 
green scoring system to illustrate the results of OMB's evaluation of 
agencies' implementation of e-government criteria in the President's 
Management Agenda. The scores are determined in quarterly reviews, 
where OMB evaluates agency progress toward agreed-upon goals along 
several dimensions, and provides input to the quarterly reporting on 
the President's Management Agenda. 

[23] GAO-05-276. 

[24] As discussed earlier, these four areas are (1) baseline with clear 
goals, (2) cost and schedule variance within 10 percent, (3) qualified 
project manager, and (4) avoiding duplication. 

[25] Two of the 24 agencies did not identify how many of their high 
risk projects were also on the Management Watch List. 

[26] GAO-04-49. 

[27] GAO-05-276. 

GAO's Mission: 

The Government Accountability Office, the investigative arm of 
Congress, exists to support Congress in meeting its constitutional 
responsibilities and to help improve the performance and accountability 
of the federal government for the American people. GAO examines the use 
of public funds; 
evaluates federal programs and policies; 
and provides analyses, recommendations, and other assistance to help 
Congress make informed oversight, policy, and funding decisions. GAO's 
commitment to good government is reflected in its core values of 
accountability, integrity, and reliability. 

Obtaining Copies of GAO Reports and Testimony: 

The fastest and easiest way to obtain copies of GAO documents at no 
cost is through the Internet. GAO's Web site ( www.gao.gov ) contains 
abstracts and full-text files of current reports and testimony and an 
expanding archive of older products. The Web site features a search 
engine to help you locate documents using key words and phrases. You 
can print these documents in their entirety, including charts and other 
graphics. 

Each day, GAO issues a list of newly released reports, testimony, and 
correspondence. GAO posts this list, known as "Today's Reports," on its 
Web site daily. The list contains links to the full-text document 
files. To have GAO e-mail this list to you every afternoon, go to 
www.gao.gov and select "Subscribe to e-mail alerts" under the "Order 
GAO Products" heading. 

Order by Mail or Phone: 

The first copy of each printed report is free. Additional copies are $2 
each. A check or money order should be made out to the Superintendent 
of Documents. GAO also accepts VISA and Mastercard. Orders for 100 or 
more copies mailed to a single address are discounted 25 percent. 
Orders should be sent to: 

U.S. Government Accountability Office 

441 G Street NW, Room LM 

Washington, D.C. 20548: 

To order by Phone: 

Voice: (202) 512-6000: 

TDD: (202) 512-2537: 

Fax: (202) 512-6061: 

To Report Fraud, Waste, and Abuse in Federal Programs: 

Contact: 

Web site: www.gao.gov/fraudnet/fraudnet.htm 

E-mail: fraudnet@gao.gov 

Automated answering system: (800) 424-5454 or (202) 512-7470: 

Public Affairs: 

Jeff Nelligan, managing director, 

NelliganJ@gao.gov 

(202) 512-4800 

U.S. Government Accountability Office, 

441 G Street NW, Room 7149 

Washington, D.C. 20548: