Skip to main content

Business Systems Modernization: DOD Continues to Improve Institutional Approach, but Further Steps Needed

GAO-06-658 Published: May 15, 2006. Publicly Released: May 15, 2006.
Jump To:
Skip to Highlights

Highlights

For decades, the Department of Defense (DOD) has not been successful in repeated attempts to modernize its timeworn business systems and operations. In 1995, we first designated DOD's business systems modernization as "high risk," and we continue to designate it as such today. As our research on successful public and private sector organizations has shown, attempting a large-scale systems modernization program in a large organization such as DOD without, among other things, a well-defined enterprise architecture and the associated investment management controls for implementing it often results in systems that are duplicative, stovepiped, non-integrated, and unnecessarily costly to manage, maintain, and operate. In May 2001, we made recommendations to the Secretary of Defense that provided the means for effectively developing and implementing an enterprise architecture and limiting systems investments until the department had a well-defined architecture and a corporate approach to investment control and decision making. In July 2001, the department initiated a business management modernization program to, among other things, develop a business enterprise architecture and establish the investment controls needed to effectively implement it. This effort was begun as part of the Secretary of Defense's broad initiative to "transform the way the department works and what it works on." Between 2001 and 2005, we reported that the department's business management modernization program was not being effectively managed, concluding in 2005 that hundreds of millions of dollars had been spent on an architecture and investment management structures that had limited use. To assist DOD in addressing these modernization management challenges, Congress included provisions in the Ronald W. Reagan National Defense Authorization Act for Fiscal Year 2005 (the Act) that were consistent with our recommendations for developing a business enterprise architecture and associated enterprise transition plan, and establishing and implementing effective information technology (IT) business system investment management structures and processes. More specifically, the Act required the department to, among other things, (1) develop a business enterprise architecture, (2) develop a transition plan to implement the architecture, (3) include systems information in its annual budget submission, (4) establish a system investment approval and accountability structure, (5) establish an investment review process, and (6) approve and certify system modernizations costing in excess of $1 million. The Act further requires that the Secretary of Defense submit an annual report to congressional defense committees on its compliance with certain requirements of the Act not later than March 15 of each year from 2005 through 2009. Additionally, the Act directs us to submit to congressional defense committees--within 60 days of DOD's report submission--an assessment of DOD's actions taken to comply with these requirements. The objectives of our review were to (1) assess the actions by DOD to comply with the requirements of Section 2222 of Title 10, U.S. Code and (2) determine the extent to which DOD has addressed our prior recommendations. To accomplish this, we used our November 2005 report as a baseline of comparison, focusing on the steps the department has taken to address the areas of noncompliance that we cited in that report.

Recommendations

Recommendations for Executive Action

Agency Affected Recommendation Status
Department of Defense To further assist the department in institutionalizing well-defined business systems modernization management controls, to facilitate congressional oversight, and promote departmental accountability, the Secretary of Defense should direct the Deputy Secretary of Defense, as the chair of the Defense Business Systems Management Committee, to submit an enterprise architecture program management plan to defense congressional committees. At a minimum, the plan should define what the department's incremental improvements to the architecture and transition plan will be, and how and when they will be accomplished, including what (and when) architecture and transition plan scope and content and architecture compliance criteria will be added into which versions. In addition, the plan should include an explicit purpose and scope for each version of the architecture, along with milestones, resource needs, and performance measures for each planned version, with particular focus and clarity on the near-term versions.
Closed – Implemented
DOD has employed an incremental approach to add more scope and content to the Business Enterprise Architecture (BEA) on an annual basis. To accomplish this, the department has taken several actions that are consistent with the intent of our recommendation. For example, it has developed the Business Transformation Guidance, which describes the high-level process by which incremental improvements are identified and eventually incorporated into the BEA. Also, in March 2010, the department updated its BEA-related guidance to, among other things, provide criteria for determining systems' architectural compliance with the BEA. In addition, it issued a BEA development methodology, which provides for developing an integrated schedule with time frames and resource needs for each increment of the BEA. Furthermore, the department's annual report, which draws from and references the enterprise transition plan, is submitted annually to defense congressional committees and describes the business capability improvements that are planned for the development/modernization programs contained in the BEA. For example, the report addresses key program development milestones and performance metrics relative to each business enterprise priority segment of the architecture. As a result of these collective actions, we consider this recommendation to be largely implemented.

Full Report

Office of Public Affairs

Topics

Baseline architectureEnterprise architectureInformation resources managementInformation technologyIT standardsNoncompliancePerformance measuresStrategic information systems planningSystems conversionsSystems designSystems evaluationSystems managementTechnology modernization programsBusiness planning