Skip to main content

Veterans Benefits Computer Systems: Risks of VBA's Year-2000 Efforts

AIMD-97-79 Published: May 30, 1997. Publicly Released: Jun 26, 1997.
Jump To:
Skip to Highlights

Highlights

Pursuant to a congressional request, GAO reviewed the Veterans Benefits Administration's (VBA) actions to address management and technical weaknesses reported in a June 1996 hearing on VBA's modernization efforts, focusing on GAO's assessment of VBA's actions to ensure that the year-2000 computing problem will be adequately addressed.

Recommendations

Recommendations for Executive Action

Agency Affected Recommendation Status
Department of Veterans Affairs In light of the serious risks associated with VBA's year 2000 activities, the Secretary of Veterans Affairs should direct and ensure that VBA's acting under secretary for benefits, in conjunction with VBA's chief information officer, strengthen VBA's year-2000 program management office by assigning this office oversight and coordination responsibilities for all year-2000 activities, including both system conversion and replacement projects in the three systems development centers, the central office, and the regional offices.
Closed – Implemented
VBA has strengthened its year 2000 program management office by assigning it oversight and coordination responsibilities for all year 2000 activities, including both system conversion and replacement projects in the three systems development centers, the regional offices, and the central office.
Department of Veterans Affairs In light of the serious risks associated with VBA's year-2000 activities, the Secretary of Veterans Affairs should direct and ensure that VBA's acting under secretary for benefits, in conjunction with VBA's chief information officer, develop a complete, integrated systems architecture for its new systems development activities, including a security architecture, performance characteristics and standards, and change management policy.
Closed – Implemented
As a result of the concerns expressed in the report, VBA changed its year 2000 strategy from developing new applications to renovating its applications. This action partially responded to the recommendation because VBA did not develop an integrated architecture.
Department of Veterans Affairs In light of the serious risks associated with VBA's year-2000 activities, the Secretary of Veterans Affairs should direct and ensure that VBA's acting under secretary for benefits, in conjunction with VBA's chief information officer, assess how its major business areas would be affected if the year-2000 problem is not corrected in time and use the results of this assessment to help prioritize the agency's year-2000 activities, as well as a means of obtaining and publicizing management commitment and support for necessary year-2000 initiatives.
Closed – Implemented
VBA agreed with the recommendation and completed its Business Continuity and Contingency Planning document in January 1999. In this document, the business impact of Y2K problems--including loss of electric power, loss of data processing capability, and failure of internal infrastructure--is addressed.
Department of Veterans Affairs In light of the serious risks associated with VBA's year-2000 activities, the Secretary of Veterans Affairs should direct and ensure that VBA's acting under secretary for benefits, in conjunction with VBA's chief information officer, complete inventories of all information systems and their components, including data interfaces and third-party products by June 30, 1997.
Closed – Implemented
VBA has completed inventories for all information systems and their components. VBA's centralized information systems, interfaces and third-party products were inventoried in 1997 and regional office applications were inventoried in 1998.
Department of Veterans Affairs In light of the serious risks associated with VBA's year-2000 activities, the Secretary of Veterans Affairs should direct and ensure that VBA's acting under secretary for benefits, in conjunction with VBA's chief information officer, complete an analysis to determine whether VBA's internal applications, interfaces, and third-party products are compliant, and develop a plan for addressing them, by July 31, 1997.
Closed – Implemented
During the past year, VBA analyzed its internal applications, interfaces, and third-party products for compliance. VA agreed with the recommendations and made the necessary plans to address all internal applications, interfaces, and third-party products. In March 1999, VA reported to the Office of Management and Budget that all of VBA's internal applications were renovated and implemented. GAO observed a successful dry run demonstration of VBA benefits processing, using 2000 dates in a compliant environment, during the week of May 17, 1999.
Department of Veterans Affairs In light of the serious risks associated with VBA's year-2000 activities, the Secretary of Veterans Affairs should direct and ensure that VBA's acting under secretary for benefits, in conjunction with VBA's chief information officer, assess the cost, benefits, and risks of competing information technology projects and prioritize them to make effective use of limited staff and monetary resources, including deferring or cancelling new systems developments and reallocating the freed resources to achieving year-2000 compliance.
Closed – Implemented
As GAO reported in August 1998 (AIMD-98-237), VBA agreed with the recommendation and assessed the costs, benefits, and risks of competing information technology initiatives and prioritized them to ensure that critical Y2K efforts had sufficient resources. For example, VBA delayed the Education 1606 replatforming initiative and reallocated the staff to its Y2K renovation efforts.
Department of Veterans Affairs In light of the serious risks associated with VBA's year-2000 activities, the Secretary of Veterans Affairs should direct and ensure that VBA's acting under secretary for benefits, in conjunction with VBA's chief information officer, assess the agency's personnel resource needs for achieving year-2000 compliance, and then develop a plan for obtaining these resources.
Closed – Implemented
VBA agreed with the recommendation and assessed its resource needs. As a result of this assessment, VBA awarded a contract for year 2000 support to augment its in-house staff on its Compensation and Pension Y2K effort.
Department of Veterans Affairs In light of the serious risks associated with VBA's year-2000 activities, the Secretary of Veterans Affairs should direct and ensure that VBA's acting under secretary for benefits, in conjunction with VBA's chief information officer, develop a risk assessment, by June 30, 1997, that discusses the risks associated with each year-2000 project and its related costs.
Closed – Implemented
VBA completed its risk analysis in October 1997. However this risk analysis did not discuss costs or contingencies.
Department of Veterans Affairs In light of the serious risks associated with VBA's year-2000 activities, the Secretary of Veterans Affairs should direct and ensure that VBA's acting under secretary for benefits, in conjunction with VBA's chief information officer, develop a schedule for replacing and/or converting all year-2000 projects July 31, 1997.
Closed – Implemented
VBA has provided a schedule for all of its applications for year 2000 compliance.
Department of Veterans Affairs In light of the serious risks associated with VBA's year-2000 activities, the Secretary of Veterans Affairs should direct and ensure that VBA's acting under secretary for benefits, in conjunction with VBA's chief information officer, develop a year-2000 contingency plan for all critical information systems, including development and activation of manual or contract procedures.
Closed – Implemented
VBA agreed with the recommendations and completed a business continuity and contingency plan for its business lines and a related planning template for its 58 regional offices. This plan provides a high-level overview of the resources, staff roles, procedures, and timetables for its implementation. It also addresses risks, including mitigation actions to reduce the impact of Y2K-induced business failures.

Full Report

Office of Public Affairs

Topics

Computer securityComputer systemsContingency plansFederal agency reorganizationInformation resources managementInformation systemsRequirements definitionSoftwareStaff utilizationStrategic information systems planningSystems development life cycleVeterans benefitsY2KComputer resources management