Department of Labor:

Further Management Improvements Needed to Address Information Technology and Financial Controls

GAO-11-157: Published: Mar 16, 2011. Publicly Released: Mar 16, 2011.

Additional Materials:

Contact:

Andrew Sherrill
(202) 512-7252
contact@gao.gov

 

Office of Public Affairs
(202) 512-4800
youngc1@gao.gov

The Department of Labor (Labor) plays a vital role in promoting the welfare of American workers through administering and enforcing more than 180 federal laws that cover some 10 million employers and 125 million workers. Since the recent economic downturn, Labor's role has become even more critical as its programs provide additional employment and training supports. As such, GAO was asked to determine how well Labor is currently adhering to best management practices departmentwide to ensure that its programs are operating effectively. Specifically, this report assesses Labor's (1) strategic workforce management, (2) management controls to manage and modernize its information technology, and (3) accountability over its discretionary grants. To do this, GAO collected and reviewed Labor documents related to workforce and information technology planning, as well as grants management information, and conducted interviews with Labor's national and regional staff.

Labor strategically manages its current and future workforce needs by (1) collecting, analyzing, and disseminating workforce data to its program agencies; (2) leading the development of departmentwide human capital planning documents; (3) conducting workforce gap analyses departmentwide and working with its program agencies to remedy these gaps; and (4) monitoring its program agencies' human capital programs. Labor has taken steps to understand its employees' skills and develop competencies to inform its succession planning and, according to Labor's workforce data, has maintained sufficient leadership strength in recent years. Several program agencies were also developing future leaders in various ways, such as providing training or mentoring opportunities. To monitor agencies' activities, Labor employs an accountability review to determine their compliance with federal and department human capital activities and, more recently, expanded this review to include an evaluation of their strategic workforce planning. While Labor has established a process to oversee, manage, and modernize the department's IT investments, it has not fully developed certain management controls, which may hinder its systems' ability to maximize mission performance and expected IT benefits. Specifically, Labor has (1) established an IT governance structure and system development processes, but needs better representation from program managers with expertise of business operations; (2) provided guidance to its program agencies and offices on developing performance measurements, but system performance measures for selected investments did not comprehensively link to mission and expected outcomes; (3) established an investment management process that tracks cost and schedule variances for IT investments, but did not ensure that a major IT investment had sufficient business representation and adequate testing before departmentwide implementation; and (4) implemented a security program. However, Labor faces challenges in keeping current with certain security requirements and ensuring appropriate user access controls. Labor's Employment and Training Administration (ETA) has designed policies and procedures to ensure accountability over its discretionary grants management process. However, ETA has not developed supervisory review procedures nor enhanced its guidance to ensure that (1) competitive grant award documentation is properly maintained, (2) monitoring activities results are properly and consistently documented in its Grants Electronic Management System (GEMS), and (3) Single Audit results are fully integrated as part of discretionary grantee monitoring activities. Inadequate guidance and quality assurance procedures over discretionary grants may diminish ETA's ability to show that competitive grants were properly awarded and adequately assess the results of its key monitoring activities. ETA's discretionary budget accounted for $11.4 billion, approximately 80 percent of Labor's estimated discretionary budget in fiscal year 2010, which includes discretionary grants. GAO recommends that Labor strengthen its information technology planning and discretionary grant management by further developing guidance, procedures, and processes. Labor generally agreed with GAO's findings and six recommendations, providing additional perspective concerning the portrayal of its security controls and grant monitoring procedures. GAO clarified two recommendations in response, as discussed in the report.

Recommendations for Executive Action

  1. Status: Closed - Implemented

    Comments: The Department of Labor recently established the Enterprise Implementation Committee to assure that IT modernization initiatives are implemented to address agency impacts and support business mission and operations. In December 2013 the Department provided the charter for the Enterprise Implementation Committee, which states that the committee is to be composed of senior-level business executives from the Department's agencies and offices. This Committee is to "ensure that all initiatives affecting information technology infrastructure, common services and customer service programs that have cross-agency impacts are implemented to provide effective support for the Department's business mission and operations." The Department provided minutes from several meetings of the Committee that indicate the Committee is including business representation and input.

    Recommendation: To further strengthen Labor's IT planning and oversight process and financial management, the Secretary of Labor should direct the Chief Information Officer to ensure that the department-level investment review boards and governance structure incorporate business unit (i.e., mission) representation to effectively define business system requirements.

    Agency Affected: Department of Labor

  2. Status: Open

    Comments: The Department of Labor's Office of the Chief Information Officer will work with major IT investments' program and project managers to develop comprehensive performance measures that will be documented and tracked starting with federal fiscal year 2013's budget submission. While the Department provided measures related to its IT investments, the measures continue to be broadly related to program performance and are not focused on performance of systems, which is the thrust of our recommendation. As a result, this recommendation remains open.

    Recommendation: To further strengthen Labor's IT planning and oversight process and financial management, the Secretary of Labor should direct the Chief Information Officer to ensure that program agencies implement Labor's guidance to develop comprehensive performance measures for their respective systems in order to provide reasonable assurance that new systems will provide expected functionality and benefits.

    Agency Affected: Department of Labor

  3. Status: Open

    Comments: The Department of Labor is refining its IT investment management process during the Select and Control phases, incorporating lessons learned from the implementation of the New Core Financial Management Systems into an IT Baseline Management Guide, which will also be updated with additional baseline and rebaselining requirements. The Department of Labor also recently established the Enterprise Implementation Committee to assure that IT modernization initiatives are implemented to address agency impacts and support business mission and operations. As of December 2013 the Department described their efforts to respond to this recommendation as "in process." As a result, the recommendation remains open.

    Recommendation: To further strengthen Labor's IT planning and oversight process and financial management, the Secretary of Labor should direct the Chief Information Officer to further refine Labor's IT investment management oversight process in the select and control phases to apply lessons learned from its implementation of the New Core Financial Management System (NCFMS) to ensure adequate stakeholder involvement and comprehensive testing is performed throughout the systems development process.

    Agency Affected: Department of Labor

  4. Status: Open

    Comments: The Department of Labor's Office of the Chief Information Officer will continue to conduct Post Implementation Reviews one year after investment implementations are completed. These reviews will analyze returns on investment and examine the extent to which the investment is meeting stakeholder needs and realizing expected benefits. The Department will then identify and address any performance gaps. As of December 2013 the Department described its efforts to respond to this recommendation as "in process." As a result, this recommendation remains open.

    Recommendation: To further strengthen Labor's IT planning and oversight process and financial management, the Secretary of Labor should direct the Chief Information Officer to conduct post-implementation reviews, where appropriate, to determine if the investments are meeting stakeholder needs and realizing expected benefits.

    Agency Affected: Department of Labor

  5. Status: Closed - Implemented

    Comments: The Department of Labor developed a plan of action to ensure their component agencies' full compliance with the guidance and revised their Computer Security Handbook with implementation policy and procedures which it distributed to the agencies in May 2011. The Department is expecting to complete security controls testing by the third quarter of federal fiscal year 2012. In the 2012 Federal Information Security Management Act report, DOL's Inspector General stated that two of six systems it tested were not compliant with NIST 800-53 rev. 3. GAO will close this recommendation when they are in full compliance. In November 2013 the Department of Labor Inspector General's office stated that, for the first time in 6 years, there were no agencywide issues with systems security, including using NIST 800-53 rev. 3. The IG will provide its significant deficiencies report and report of findings of DOL systems to support that contention. As a result, this recommendation is closed.

    Recommendation: To further strengthen Labor's IT planning and oversight process and financial management, the Secretary of Labor should direct the Chief Information Officer to ensure systems fully comply with NIST 800-53 revision 3 guidance and, if not, take appropriate steps to meet these requirements.

    Agency Affected: Department of Labor

  6. Status: Open

    Comments: The Department of Labor's Employment and Training Administration (ETA) began the process of developing standard operating procedures (SOP) for grant applications and related documents. It posted the SOP for the retention of unsuccessful competitive grant (excluding National Emergency Grants) applications on its internal website. We will continue to monitor the extent to which ETA develops SOPs for retaining documentation, including location and retention periods, for all discretionary grant awards.

    Recommendation: The Secretary of Labor should direct the Assistant Secretary of the Employment and Training Administration to establish procedures for retaining grant award-related documentation, including location and retention period.

    Agency Affected: Department of Labor

  7. Status: Closed - Implemented

    Comments: The Department of Labor updated its administrative guidance to their Federal Project Offers (FPOs) in the national and Regional Offices regarding grant management responsibilities and requirements related to GEMS. The memo sets forth guidance addressing the issues discussed above, which included initial and annual risk assessments, quarterly desk reviews, monitoring and required entries into GEMS.

    Recommendation: The Secretary of Labor should direct the Assistant Secretary of the Employment and Training Administration to establish quality assurance procedures, such as supervisory reviews, to ensure that grant monitoring activities are performed and documented in GEMS. Procedures should identify how the review is to be conducted, the regional-level official responsible for reviewing grant documentation in GEMS, and the frequency of the reviews.

    Agency Affected: Department of Labor

  8. Status: Open

    Comments: The Department of Labor's Employment and Training Administration (ETA) has taken steps to incorporate Single Audit findings and related corrective actions as part of their grantee's monitoring activities. ETA plans to update the Core Monitoring Guide as well as its financial supplement to reflect these steps once OMB finalizes and publishes the Super Circular in the Federal Register. We will continue to monitor ETA's efforts to update the Core Monitoring Guide as well as its financial supplement to reflect the incorporation of Single Audit findings and related corrective actions into its GEMS documentation.

    Recommendation: The Secretary of Labor should direct the Assistant Secretary of the Employment and Training Administration to establish procedures addressing the communication and incorporation of Single Audit findings and related corrective actions as part of the ETA's grantee's monitoring activities to be documented in GEMS.

    Agency Affected: Department of Labor

 

Explore the full database of GAO's Open Recommendations »

Sep 25, 2014

Sep 23, 2014

Jun 10, 2014

May 22, 2014

May 12, 2014

May 8, 2014

May 7, 2014

Apr 2, 2014

Looking for more? Browse all our products here