Skip to main content

Business Systems Modernization: Department of the Navy Needs to Establish Management Structure and Fully Define Policies and Procedures for Institutionally Managing Investments

GAO-08-53 Published: Oct 31, 2007. Publicly Released: Oct 31, 2007.
Jump To:
Skip to Highlights

Highlights

In 1995, GAO first designated the Department of Defense's (DOD) business systems modernization program as "high-risk," and continues to do so today. In 2004, Congress passed legislation reflecting prior GAO recommendations that DOD adopt a corporate approach to information technology (IT) business systems investment management, including tiered accountability for business systems at the department and component levels. To support GAO's legislative mandate to review DOD's efforts, GAO assessed whether the investment management approach of one of DOD's components--the Department of the Navy--is consistent with leading investment management best practices. In doing so, GAO applied its IT Investment Management (ITIM) framework and associated methodology, focusing on the stages related to the investment management provisions of the Clinger-Cohen Act of 1996.

Recommendations

Recommendations for Executive Action

Agency Affected Recommendation Status
Department of Defense To strengthen the Department of the Navy's business system investment management capability and address the weaknesses discussed in this report, the Secretary of Defense should direct the Secretary of the Navy to ensure that well-defined and disciplined business system investment management policies and procedures are developed and issued. At a minimum, this should include instituting project-and portfolio-level policies and procedures that address establishing an enterprisewide IT Investment Review Board composed of senior executives from IT and business units, including assigning the investment board responsibility, authority, and accountability for programs throughout the investment life cycle.
Closed – Implemented
In March 2011, the Department of Navy established an investment board--the Information Enterprise Governance Board--composed of senior executives from IT and functional business units, including the Navy Chief Information Officer (CIO). The board is responsible for establishing and implementing policies governing the organization's investment process. Further, it has responsibility, authority, and accountability for programs throughout the investment life cycle, including those in operations and maintenance.
Department of Defense To strengthen the Department of the Navy's business system investment management capability and address the weaknesses discussed in this report, the Secretary of Defense should direct the Secretary of the Navy to ensure that well-defined and disciplined business system investment management policies and procedures are developed and issued. At a minimum, this should include instituting project-and portfolio-level policies and procedures that address documenting an investment management process that includes how it is coordinated with JCIDS, PPBE, DAS, and the precertification process.
Closed – Implemented
The department has taken steps that are consistent with our recommendation and with ITIM, which states that an organization's investment guidance should specify the manner in which investment-related processes will be coordinated with other organizational plans, processes, and documents. For example, Navy's 2009 Investment Review Process Guidance provides a description that explains how other DOD management systems, such as the requirements development process, the planning and budgeting process, and the acquisition system, are to be used to select, control, and evaluate IT investments.
Department of Defense To strengthen the Department of the Navy's business system investment management capability and address the weaknesses discussed in this report, the Secretary of Defense should direct the Secretary of the Navy to ensure that well-defined and disciplined business system investment management policies and procedures are developed and issued. At a minimum, this should include instituting project-and portfolio-level policies and procedures that address ensuring that systems in operations and maintenance are aligned with ongoing and future business needs.
Closed – Implemented
In October 2009, the Department of the Navy updated its investment review guidance to require the annual review of all business systems, including those in operations and maintenance, and to specify how these investments were to be prioritized using factors such as mission, strategic value, and risk. By taking this action, Navy has helped strengthen the investment management process by ensuring that programs throughout the investment life cycle, including those in operations and maintenance, will continue to support its ongoing and future business needs.
Department of Defense To strengthen the Department of the Navy's business system investment management capability and address the weaknesses discussed in this report, the Secretary of Defense should direct the Secretary of the Navy to ensure that well-defined and disciplined business system investment management policies and procedures are developed and issued. At a minimum, this should include instituting project-and portfolio-level policies and procedures that address selecting new investments, including specifying how cost, schedule, and benefit data are to be used in making decisions and specifying the criteria and steps for prioritizing and selecting these investments.
Closed – Implemented
The department has taken steps that meet the intent of the recommendation. For example, the Navy's Investment Review Guide specifies how criteria, such as cost data, are to be used in making selection decisions. Further, the department's IT Portfolio Management Implementation directive provides high-level descriptions of the factors to be used for portfolio selection, including cost, schedule, and benefit.
Department of Defense To strengthen the Department of the Navy's business system investment management capability and address the weaknesses discussed in this report, the Secretary of Defense should direct the Secretary of the Navy to ensure that well-defined and disciplined business system investment management policies and procedures are developed and issued. At a minimum, this should include instituting project-and portfolio-level policies and procedures that address documenting an annual review process that includes the reselection of ongoing IT investments.
Closed – Implemented
The department has taken steps to address the recommendation. For example, Navy's Investment Review Guide defines the department's approach for annually reselecting ongoing business system investments, including those in operations and maintenance.
Department of Defense To strengthen the Department of the Navy's business system investment management capability and address the weaknesses discussed in this report, the Secretary of Defense should direct the Secretary of the Navy to ensure that well-defined and disciplined business system investment management policies and procedures are developed and issued. At a minimum, this should include instituting project-and portfolio-level policies and procedures that address integrating funding with the process of selecting an investment, including specifying how department officials are using funding information in carrying out decisions.
Closed – Not Implemented
The department has yet to develop and institute policies and procedures for integrating funding with the process of selecting an investment. Specifically, the department does not specify how funding decisions are integrated with the process of selecting an investment and does not specify how officials use this information in carrying out decisions on system certification and approvals.
Department of Defense To strengthen the Department of the Navy's business system investment management capability and address the weaknesses discussed in this report, the Secretary of Defense should direct the Secretary of the Navy to ensure that well-defined and disciplined business system investment management policies and procedures are developed and issued. At a minimum, this should include instituting project-and portfolio-level policies and procedures that address overseeing IT projects and systems, including specifying the processes for the investment boards' operations and decision making during project oversight.
Closed – Implemented
The department has taken steps to meet the intent of the recommendation. Specifically, the Department of the Navy's 2011 instruction and guidance related to the implementation of the acquisition and capability development processes addresses overseeing IT projects and systems. For example, the guidance calls for the assessment of a program's cost, schedule, and performance during investment decision reviews and provides documented policies and procedures for management oversight of IT projects and systems. Having these oversight procedures in place helps the department reduce the risks of investing in systems that are duplicative, stovepiped, nonintegrated, and unnecessarily costly to manage, maintain, and operate.
Department of Defense The Secretary of Defense should ensure these well-defined and disciplined business system investment management policies and procedures should also include portfolio-level management policies and procedures that address creating and modifying IT portfolio selection criteria for business system investments.
Closed – Not Implemented
The Navy IT portfolio management guidance includes a policy that assigns responsibility for defining of IT portfolio criteria to the Functional Area Managers (FAM) and Mission Area Leads (MAL). This notwithstanding, the guidance does not contain procedures for creating and modifying the portfolio selection criteria.
Department of Defense The Secretary of Defense should ensure these well-defined and disciplined business system investment management policies and procedures should also include portfolio-level management policies and procedures that address defining the roles and responsibilities for managing the development and modification of the IT portfolio selection criteria.
Closed – Implemented
Navy has taken actions to develop and issue the policies and procedures that address defining the roles and responsibilities for the IT portfolio selection criteria. For example, in November 2009, Navy updated its investment portfolio management guidance to assign responsibility for the development and modification of the IT portfolio selection criteria to functional area managers and mission area leads. In taking this action, Navy has helped strengthen the investment management process by assuring accountability for managing its IT investment portfolios, which provide the basis for a rigorous, disciplined, and repeatable process regarding how investments are selected and controlled across the entire department.
Department of Defense The Secretary of Defense should ensure these well-defined and disciplined business system investment management policies and procedures should also include portfolio-level management policies and procedures that address analyzing, selecting, and maintaining business system investment portfolios.
Closed – Not Implemented
Although Navy guidance assigns the Functional Area Managers and Mission Area Leads with responsibilities for analyzing, selecting, and maintaining its IT portfolio, it has yet to develop policies and procedures for these processes.
Department of Defense The Secretary of Defense should ensure these well-defined and disciplined business system investment management policies and procedures should also include portfolio-level management policies and procedures that address reviewing, evaluating, and improving the performance of its portfolios by using project indicators, such as cost, schedule, and risk.
Closed – Not Implemented
Although Navy guidance assigns the Functional Area Managers and Mission Area Leads with responsibilities for reviewing, evaluating, and improving the performance of its IT portfolio, it has yet to develop policies and procedures for these processes.
Department of Defense The Secretary of Defense should ensure these well-defined and disciplined business system investment management policies and procedures should also include portfolio-level management policies and procedures that address conducting post-implementation reviews for all investment tiers and specifying how conclusions, lessons learned, and recommended management actions are to be shared with executives and others.
Closed – Implemented
The department has taken steps that meet the intent of the recommendation. For example, while the department has yet to require post-implementation reviews for all its systems, it does so for the larger business systems as part of its Defense Acquisition System. According to officials, the department plans to address these actions in guidance that is currently under departmental review .

Full Report

GAO Contacts

Office of Public Affairs

Topics

AccountabilityBest practicesData collectionInformation managementInformation systems investmentsInformation technologyInvestment planningInvestment Review BoardIT investment managementPolicies and procedures