Information Technology:

Federal Agencies Need to Strengthen Investment Board Oversight of Poorly Planned and Performing Projects

GAO-09-566: Published: Jun 30, 2009. Publicly Released: Jul 30, 2009.

Additional Materials:

Contact:

David Powner
(202) 512-6304
contact@gao.gov

 

Office of Public Affairs
(202) 512-4800
youngc1@gao.gov

The federal government expects to spend about $71 billion for information technology (IT) projects for fiscal year 2009. Given the amount of money at stake, it is critical that these projects be planned and managed effectively to ensure that the public's resources are being invested wisely. This includes ensuring that they receive appropriate selection and oversight reviews. Selection involves identifying and analyzing projects' risks and returns and selecting those that will best support the agency's mission needs; oversight includes reviewing the progress of projects against expectations and taking corrective action when these expectations are not being met. GAO was asked to determine whether (1) federal departments and agencies have guidance on the role of their department-level investment review boards in selecting and overseeing IT projects and (2) these boards are performing reviews of poorly planned and poorly performing projects. In preparing this report, GAO reviewed the guidance of 24 major agencies and requested evidence of department-level board reviews for a sample of 41 projects that were identified as being poorly planned or poorly performing.

The 24 major federal agencies have guidance calling for department-level investment review boards to select and oversee IT investments. However, while all of the agencies had department-level boards, the board membership for the Departments of Commerce and Labor did not include business unit (i.e., mission) representation as called for by IT investment management best practices. Without business unit representation on their department-level boards, these agencies will not have assurance that the boards include those executives who are in the best position to make the full range of investment decisions necessary for them to carry out their missions most effectively. About half of the projects GAO examined did not receive selection or oversight reviews. Specifically, 12 of the 24 projects GAO reviewed that were identified by OMB as being poorly planned (accounting for $4.9 billion in the President's fiscal year 2008 budget request or two-thirds of the funding represented by the 24 projects) did not receive a selection review, and 13 of 28 poorly performing projects GAO reviewed (amounting to about $4.4 billion or 93 percent of the funding represented by the 28 projects) did not receive an oversight review by a department-level board. Agencies provided several reasons for not performing department-level board reviews, including some which were not consistent with sound management practices. Furthermore, 6 of the 11 projects in the sample identified as being both poorly planned and poorly performing, with over $3.7 billion in funding in the President's fiscal year 2008 budget request, received neither a selection review nor an oversight review. Without consistent involvement of department-level review boards in selecting and overseeing projects that have been identified as poorly planned or poorly performing, agencies incur the risk that these projects will not improve, potentially leading to billions of federal taxpayer dollars being wasted.

Recommendations for Executive Action

  1. Status: Closed - Implemented

    Comments: Since our review, the department of Commerce established the Commerce Information Technology Review Board which is an executive-level board that provides advice to the Commerce Secretary and Deputy Secretary regarding IT investments. In April 2013, the department expanded the board's membership to include senior executives from its business units.

    Recommendation: To ensure that IT projects are effectively managed, the Secretaries of Commerce and Labor should ensure their department-level review boards include business unit (i.e., mission) representation.

    Agency Affected: Department of Commerce

  2. Status: Closed - Implemented

    Comments: According to the fiscal year 2010 exhibit 300 for the VistA Imaging project which we selected for our review, the Information Technology Leadership Board, VA's senior-level investment review board, reviewed the project for funding in fiscal year 2010 and approved a modification to its baseline to reflect changes due to the realignment of resources under the Office of Information and Technology.

    Recommendation: The Secretaries of the Departments of Defense, Education, Homeland Security, Transportation, Treasury, and Veterans Affairs, the Administrator for the National Aeronautics and Space Administration, the Chairman of the Nuclear Regulatory Commission, and the Administrator for the U.S. Agency for International Development should ensure that the projects that are identified in this report as not having received departmental-IRB selection or oversight reviews receive these reviews.

    Agency Affected: Department of Veterans Affairs

  3. Status: Closed - Implemented

    Comments: In September 2011, the department of Labor established the Enterprise Implementation Committee as part of a new governance structure. The Committee is a department-level investment review board whose mission is to ensure that all initiatives affecting information technology infrastructure, common services and customer service programs that have cross-agency impacts are implemented to provide effective support for the Department's business mission and operations. According to this committee's charter, it includes the Deputy Secretary (Chair) and Deputy Chief Information Officer and senior business managers from its agencies and offices, such as Bureau of Labor Statistics, Employee Benefits Security Administration and Employment and Training Administration.

    Recommendation: To ensure that IT projects are effectively managed, the Secretaries of Commerce and Labor should ensure their department-level review boards include business unit (i.e., mission) representation.

    Agency Affected: Department of Labor

  4. Status: Closed - Implemented

    Comments: Since our review, NRC defined conditions for elevating issues related to project selection and oversight to the Information Technology/Information Management Portfolio Executive Council (IPEC), its department-level investment review board. Specifically, according to its charter, the Information Technology/Information Management (IT/IM) Board, a lower-level review board, is responsible, among other things, for recommending IT/IM proposals IT investments that meet or exceed a 5-year life cycle cost threshold of $3,000,000 (Tier 1 and Tier 2 level) to the IPEC for investment planning or implementation. In addition, according to NRC's August 2012 capital planning and investment control procedures, investments exceeding certain performance thresholds (i.e., with cost, schedule, or system metric variances greater than 12 percent, a security plan of action and with red milestones, or an IT survey score of less than 2.5 , must make a presentation to the IPEC for a decision to continue, modify, or terminate the program.

    Recommendation: To ensure that IT projects are effectively managed, the Chairman of the Nuclear Regulatory Commission should direct the Executive Director for Operations to define conditions for elevating issues related to project selection and oversight to its department-level Investment Review Board (IRB).

    Agency Affected: Nuclear Regulatory Commission

  5. Status: Closed - Implemented

    Comments: According to VA's Fiscal Year 2015-2019 Multi-Year Programming Guide, the Information Technology Leadership Board, the department's senior-level investment review board, performs final approval of the department's multi-year program. The multi-year program is a five-year view of all of the Office of Information and Technology's investments (including projects in operations and maintenance) which are needed to support the Secretary's strategic priorities and meet the department's current and future challenges.

    Recommendation: To ensure that IT projects are effectively managed, the Secretary of Veterans Affairs should define and implement responsibilities for the department-level IRB to oversee projects in operations and maintenance.

    Agency Affected: Department of Veterans Affairs

  6. Status: Closed - Not Implemented

    Comments: Since we issued our report, the Department of Transportation changed the funding structure for the Combined IT infrastructure project (now known as Combined Operating Environment) which we selected for our review so that it is no longer reviewed by the department-level investment review board but by a working capital fund review group which performs annual reviews and includes the department's Associate Chief Information Officer for Policy and several operating administrations' chief information officers. According to officials, the Combined Operating Environment project was most recently reviewed by this group in April 2013.

    Recommendation: The Secretaries of the Departments of Defense, Education, Homeland Security, Transportation, Treasury, and Veterans Affairs, the Administrator for the National Aeronautics and Space Administration, the Chairman of the Nuclear Regulatory Commission, and the Administrator for the U.S. Agency for International Development should ensure that the projects that are identified in this report as not having received departmental-IRB selection or oversight reviews receive these reviews.

    Agency Affected: Department of Transportation

  7. Status: Closed - Implemented

    Comments: In May 2013, we learned that the department's Defense Information System for Security project was reviewed by the Department's Human Resources Management Investment Review Board and the Defense Business System Management Committee and certified by these bodies in September 2009. According to DOD, the project continues to undergo all required reviews. For the Integrated Acquisition Environment Shared Services Provider/ Past Performance Information Retrieval System, the second Defense project we reviewed, the department reported that the project received a department-level investment review board review as we recommended.

    Recommendation: The Secretaries of the Departments of Defense, Education, Homeland Security, Transportation, Treasury, and Veterans Affairs, the Administrator for the National Aeronautics and Space Administration, the Chairman of the Nuclear Regulatory Commission, and the Administrator for the U.S. Agency for International Development should ensure that the projects that are identified in this report as not having received departmental-IRB selection or oversight reviews receive these reviews.

    Agency Affected: Department of Defense

  8. Status: Closed - Implemented

    Comments: The Nuclear Regulatory Commission's (NRC) Information Technology/ Information Management Portfolio Executive Council, the agency's executive level investment review board, reviewed the Infrastructure Services and Support investment, one of the two investments selected for our review, in April 2012, as part of a broader review of NRC's major investments and planned development, modernization, and enhancement activities. The board also reviewed the National Source Tracking System, the second investment selected for our review, as part of a review the Integrated Source Management Program. According to the IPEC's charter, the board is expected to review NRC's portfolio on a quarterly basis.

    Recommendation: The Secretaries of the Departments of Defense, Education, Homeland Security, Transportation, Treasury, and Veterans Affairs, the Administrator for the National Aeronautics and Space Administration, the Chairman of the Nuclear Regulatory Commission, and the Administrator for the U.S. Agency for International Development should ensure that the projects that are identified in this report as not having received departmental-IRB selection or oversight reviews receive these reviews.

    Agency Affected: Nuclear Regulatory Commission

  9. Status: Closed - Implemented

    Comments: Shortly after our review, the department of Education brought the Common Services for Borrowers and the Advance Aid Delivery projects which we reviewed in our study under the oversight of the department's investment review board. The department provided evidence that these projects were reviewed by the board in July 2009, as part of a broader portfolio review.

    Recommendation: The Secretaries of the Departments of Defense, Education, Homeland Security, Transportation, Treasury, and Veterans Affairs, the Administrator for the National Aeronautics and Space Administration, the Chairman of the Nuclear Regulatory Commission, and the Administrator for the U.S. Agency for International Development should ensure that the projects that are identified in this report as not having received departmental-IRB selection or oversight reviews receive these reviews.

    Agency Affected: Department of Education

  10. Status: Closed - Implemented

    Comments: We reported that the Department of the Treasury's department-level investment review board had not performed reviews of the Enterprise IT Infrastructure Optimization Initiative (EITIO), Integrated Collection System (ICS, and Treasury Automated Auction Processing System (TAAPS) because the board was not active for the time frame we considered during our review. The department, however, subsequently re-established the Executive Investment Review Board (E-Board) in January 2008. The E-Board reviewed EITIO and ICS as part of a broader department IT portfolio review in July 2009. According to Treasury, the department's governance process was restructured after that time and a new departmental board was established in July 2013. In addition, according to Treasury, TAAPS, the third project we selected for our review--was incorporated into the Bureau of Fiscal Service's Wholesale Securities Services major investment.

    Recommendation: The Secretaries of the Departments of Defense, Education, Homeland Security, Transportation, Treasury, and Veterans Affairs, the Administrator for the National Aeronautics and Space Administration, the Chairman of the Nuclear Regulatory Commission, and the Administrator for the U.S. Agency for International Development should ensure that the projects that are identified in this report as not having received departmental-IRB selection or oversight reviews receive these reviews.

    Agency Affected: Department of the Treasury

  11. Status: Closed - Implemented

    Comments: In January 2012, USAID's investment review board reviewed the HSPD-12 project as we had recommended.

    Recommendation: The Secretaries of the Departments of Defense, Education, Homeland Security, Transportation, Treasury, and Veterans Affairs, the Administrator for the National Aeronautics and Space Administration, the Chairman of the Nuclear Regulatory Commission, and the Administrator for the U.S. Agency for International Development should ensure that the projects that are identified in this report as not having received departmental-IRB selection or oversight reviews receive these reviews.

    Agency Affected: United States Agency for International Development

  12. Status: Closed - Implemented

    Comments: In April 2013, we received evidence from NASA showing that the Office Automation, IT Infrastructure, Telecommunications project (now called, IT Infrastructure Integration Program) received a selection review from its IT Strategy Investment Board in June 2009.

    Recommendation: The Secretaries of the Departments of Defense, Education, Homeland Security, Transportation, Treasury, and Veterans Affairs, the Administrator for the National Aeronautics and Space Administration, the Chairman of the Nuclear Regulatory Commission, and the Administrator for the U.S. Agency for International Development should ensure that the projects that are identified in this report as not having received departmental-IRB selection or oversight reviews receive these reviews.

    Agency Affected: National Aeronautics and Space Administration

  13. Status: Closed - Implemented

    Comments: In November 2012, the department provided evidence that its Infrastructure Transformation Program had received a review by the Acquisition Review Board, the department's investment review board, in November 2011. The Secure Border Initiative project, the second project we had recommended DHS subject to a board review, was terminated after our audit and our recommendation for this project is therefore no longer valid.

    Recommendation: The Secretaries of the Departments of Defense, Education, Homeland Security, Transportation, Treasury, and Veterans Affairs, the Administrator for the National Aeronautics and Space Administration, the Chairman of the Nuclear Regulatory Commission, and the Administrator for the U.S. Agency for International Development should ensure that the projects that are identified in this report as not having received departmental-IRB selection or oversight reviews receive these reviews.

    Agency Affected: Department of Homeland Security

 

Explore the full database of GAO's Open Recommendations »

Dec 17, 2014

  • government icon, source: Eyewire

    State and Local Governments' Fiscal Outlook:

    2014 Update
    GAO-15-224SP: Published: Dec 17, 2014. Publicly Released: Dec 17, 2014.

Dec 3, 2014

Nov 14, 2014

Nov 13, 2014

Nov 12, 2014

Oct 31, 2014

Oct 30, 2014

Oct 27, 2014

Oct 24, 2014

Oct 20, 2014

Looking for more? Browse all our products here