Delivering modernized business systems is at the heart of the Department of Defense (DOD) efforts to transform its business operations. These systems include timeworn and duplicative systems that support DOD business operations such as civilian personnel, finance, health, logistics, military personnel, procurement, and transportation. Since 1995, GAO has designated the department's business systems modernization efforts as high risk. One key to effectively modernizing DOD's multibillion dollar systems environment is ensuring that business system investments comply with an enterprisewide strategic blueprint, commonly called an enterprise architecture. For DOD's business systems modernization, it is developing and using a federated business enterprise architecture (BEA), which is a coherent family of parent and subsidiary architectures, to help modernize its nonintegrated and duplicative business operations and the systems that support them.
DOD reports that its business systems environment includes about 2,300 investments, which are supported by billions of dollars in annual expenditures and are intended to support business functions and operations. As GAO has previously reported, DOD's business systems environment has been characterized by (1) little standardization, (2) multiple systems performing the same tasks, (3) the same data stored in multiple systems, and (4) manual data entry into multiple systems. According to DOD, one purpose of the federated BEA is to identify and provide for sharing common applications and systems across the department and the components and promote interoperability and data sharing among related programs. Because DOD spends over $10 billion each year on its business systems and related information technology infrastructure, the potential for identifying and avoiding the costs associated with duplicative functionality across its business system investments is significant.
To accomplish this, DOD has developed an automated tool to map each system's functionality to the BEA operational activities and business functions that the system supports. Using an enterprise architecture in this way offers significant dollar savings potential, as it provides an authoritative frame of reference against which to analyze proposed investments and collect the information needed to identify where a given investment may overlap with other investments and thus unnecessary duplication of effort can be avoided. However, GAO has previously found that much remains to be done in extending and developing DOD's BEA and ensuring that disciplined management controls are applied at the institutional and program-specific levels. Without sufficient rigor in its business systems modernization, GAO found that DOD programs were at increased risk of being defined and implemented in a way that does not sufficiently ensure interoperability and avoid duplication and overlap. To adequately ensure that DOD business system investments are defined and implemented within the context of the federated BEA, GAO recommended in August 2008 that DOD use the program-specific data in its architecture compliance tool to identify and analyze potential overlap and duplication and thus take advantage of opportunities for reuse and consolidation among programs. DOD agreed and stated that it plans to update its investment review board process guidance to require use of program-specific data for certification decisions on business systems compliance with the BEA. However, it has yet to establish a date for doing so.
More broadly, GAO has recommended steps DOD needs to take to further improve its business systems modernization efforts. At the institutional level
Furthermore, DOD needs to ensure that its business system programs and projects are managed with integrated institutional controls and that they consistently deliver benefits and capabilities on time and within budget.
Between 2005 and 2008, GAO reported that DOD made progress implementing key institutional modernization management controls in response to GAO recommendations as well as to statutory requirements. For example, the department had continued to develop updates to its BEA that addressed important elements related to statutory requirements and best practices that GAO previously identified as missing. In addition, DOD defined and began implementing investment controls, such as the Business Capability Lifecycle, which is intended to streamline business system capability definition, acquisition, and investment oversight processes, to guide and constrain its departmentwide systems modernizations. However, notwithstanding this progress, additional actions are still needed.
In May 2009, GAO reported that the pace of DOD's efforts in defining and consistently implementing fundamental business systems modernization management controls (both institutional and program specific) had slowed compared with progress made in previous years, leaving much to be accomplished. To this end, GAO's work has highlighted challenges that DOD still faces in aligning its corporate architecture and its component organization architectures, leveraging the federated architecture to avoid investments that provide similar but duplicative functionality in support of common DOD activities, and institutionalizing the business systems investment process at all levels of the organization. In addition, ensuring that effective system acquisition management controls are implemented on each business system investment also remains a formidable challenge, as GAO's recent reports on management weaknesses associated with individual programs have disclosed.
Because of these limitations, DOD programs continue to be at increased risk of being defined and implemented in a way that does not sufficiently ensure interoperability and avoid duplication and overlap, which are both goals of the BEA and the department's related investment management approach. If these limitations are addressed, DOD and its components could have a sufficient basis for knowing if its business system programs have been defined to effectively and efficiently support corporate business operations. Congress can play a critical role by continuing to provide focus and oversight.
At the request of the Senate Armed Services Committee, GAO is initiating two engagements focusing on (1) the status and progress of the military departments' enterprise architecture programs and (2) prior GAO recommendations pertaining to the department's and the military departments' investment management processes, and the effectiveness of the department's investment review boards in approving and certifying business system investments in accordance with applicable criteria.
The information contained in this analysis is based on the related GAO reports listed under the "Related GAO Products" tab.
For additional information about this area, contact Valerie C. Melvin at (202) 512-6304 or firstname.lastname@example.org.