Business Systems Modernization:
Strategy for Evolving DOD's Business Enterprise Architecture Offers a Conceptual Approach, but Execution Details Are Needed
GAO-07-451: Published: Apr 16, 2007. Publicly Released: Apr 16, 2007.
In 1995, we first designated the Department of Defense's (DOD) business systems modernization program as "high risk," and we continue to designate it as such today. To assist in addressing this high-risk area, Congress passed legislation consistent with prior GAO recommendations for Defense to develop a business enterprise architecture (BEA). In September 2006, DOD released version 4.0 of its BEA, which despite improvements over prior versions, was not aligned with component architectures. Subsequently, Defense issued a strategy for extending its BEA to the component military services and defense agencies. To support GAO's legislative mandate to review DOD's BEA, GAO assessed DOD's progress in defining this strategy by comparing it with prior findings and recommendations relevant to the strategy's content.
DOD's Business Mission Area federation strategy for extending its BEA to the military departments and defense agencies provides a foundation on which to build and align the department's parent business architecture (the BEA) with its subordinate architectures (i.e., component- and program-level architectures). In particular, the strategy, which was released in September 2006, states the department's federated architecture goals; describes federation concepts that are to be applied; and explains high-level activities, capabilities, products, and services that are intended to facilitate implementation of the concepts. However, the strategy does not adequately define the tasks needed to achieve the strategy's goals, including those associated with executing high-level activities and providing related capabilities, products, and services. Specifically, it does not adequately address how strategy execution will be governed, including assignment of roles and responsibilities, measurement of progress and results, and provision of resources. Also, the strategy does not address, among other things, how the component architectures will be aligned with the latest version of the BEA and how it will identify and provide for reuse of common applications and systems across the department. According to program officials, the department intends to develop more detailed plans to execute the strategy. This means that much remains to be decided and accomplished before DOD will have the means in place to create a federated BEA that satisfies GAO's prior recommendations and legislative requirements. Without one, the department will remain challenged in its ability to minimize duplication and maximize interoperability among its thousands of business systems.
Recommendation for Executive Action
Status: Closed - Not Implemented
Comments: The department has not taken sufficient actions to address the elements of this recommendation. To its credit, DOD has initiated actions that continue to evolve its business enterprise architecture (BEA) including issuing in 2008 an update to its business mission area (BMA) federation strategy and roadmap, along with the department's overall Global Information Grid Architecture Federation Strategy. The department more recently began to draft policies for establishing governance of the BMA architecture federation, assigning responsibilities and measures for the development and use of enterprise architectures at various levels (e.g., program, components, and mission area), and addressing in greater detail how business enterprise services will be identified, registered, and exposed, and shared. In addition, DOD's Business Transformation Agency released its service-oriented architecture (SOA) strategy in December 2009 that, among other things, describes the process for developing and exposing shared services. The department is also working on a BMA federation implementation plan, which is intended to provide definition for milestones related to capabilities, products, and services listed in its high-level road map. However, these policies and plans have yet to be released and the SOA strategy only outlines high-level, near-term milestones, such as implementing particular component SOA frameworks in a given year. Moreover, the department has also yet to address how component business architectures' alignment with incremental versions of the BEA will be achieved. According to DOD officials, more detailed guidance on its federation activities would be included in the next version of the BMA Federation Strategy and Roadmap, which they said that they were in the process of updating. We plan to continue to review progress made to formalize policies and ensure effective implementation of those policies that will help achieve architecture federation throughout all levels of the department.
Recommendation: To further assist the department in evolving its BEA, the Secretary of Defense should direct the Deputy Secretary of Defense, as the chair of the Defense Business Systems Management Committee, to task the appropriate DOD organizations, to ensure that this plan describes, at a minimum, how the Business Mission Area (BMA) architecture federation will be governed; how the BMA federation strategy alignment with the DOD Enterprise Architecture federation strategy will be achieved; how component business architectures' alignment with incremental versions of the BEA will be achieved; how shared services will be identified, exposed, and subscribed to; and what milestones will be used to measure progress and results.
Agency Affected: Department of Defense