Skip to main content

Information Technology: Library of Congress Needs to Implement Recommendations to Address Management Weaknesses

GAO-16-197T Published: Dec 02, 2015. Publicly Released: Dec 02, 2015.
Jump To:
Skip to Highlights

Highlights

What GAO Found

In a March 2015 report, GAO identified widespread weaknesses in the Library of Congress's management of its information technology (IT) resources. These weaknesses spanned six IT management–related areas:

Strategic planning: The Library had not developed an IT strategic plan that defined what it wants to accomplish with IT and strategies for achieving those results. Such a strategic approach is essential to the Library as information is increasingly created, shared, and preserved digitally.

Investment management: The Library had not effectively implemented processes for selecting or overseeing its investments in IT. In addition, it did not have an accurate inventory of its IT assets and did not know how much it was spending on IT.

Acquisition management: The Library had not fully implemented processes for ensuring that its IT acquisitions were guided by well-developed requirements, risk management practices, and reliable cost and schedule elements.

Information security: Weaknesses in its information security and privacy programs, as well as weaknesses in technical security controls, placed the Library's systems at risk of unauthorized access, modification, or loss.

Service management: The Library's central IT office did not provide services that satisfied the other units in the organization, leading to those units engaging in overlapping and duplicative activities and purchases.

Leadership: The Library's lack of a chief information officer with adequate authority and clear responsibility for managing the agency's IT was a key contributing factor to the weaknesses GAO identified.

Since GAO issued its report, the Library has taken actions toward addressing these weaknesses; however, much more remains to be done. For example, it appointed a new chief information officer, but it remains to be seen whether this official will have clear responsibility and adequate authority to drive needed improvements.

Regarding the Copyright Office, GAO reported in March 2015 that the office's IT environment was to support its duties of receiving and examining copyright registration applications, maintaining deposited copies of copyrighted works, producing certificates of registration, and maintaining records of the transfer of copyright ownership. However, the office faced a number of IT challenges, particularly with regard to its Electronic Copyright Office system, which supports the registration of copyrights. These challenges included user complaints about the performance and usability of the system, information security weaknesses, and data retention and integrity issues, among other things. The Copyright Office was also hindered by inadequate IT services and support from the Library.

While the office had proposed investments in several IT improvement projects, it had not developed an IT strategic plan to guide its efforts and monitor progress in meeting its goals. Since GAO's review, the Copyright Office has issued an overall draft strategic plan that, among other things, describes goals and strategies for improving its IT environment.

Why GAO Did This Study

The Library of Congress is the oldest federal cultural institution and the world's largest library. Its mission is to preserve and make available works of creativity and human knowledge, and to serve as the research arm of the U.S. Congress. In addition, the Library houses the U.S. Copyright Office, which is charged with administering the nation's copyright law. As information is increasingly created, shared, and preserved digitally, both the Library and Copyright Office rely on IT to support their missions.

GAO was asked to provide a statement summarizing its March 2015 reports on the Library's IT management and the Copyright Office's IT environment and plans for modernization. In preparing this statement, GAO relied on the work supporting these reports. GAO also interviewed Library and Copyright officials about more recent activities to implement GAO recommendations.

Recommendations

In its March 2015 reports, GAO recommended that the Library of Congress take 31 actions to address weaknesses in six IT management–related areas and that the Copyright Office, among other things, develop an IT strategic plan. The Library concurred with GAO's recommendations, but it has yet to fully implement any of the 31 actions. GAO continues to believe that actions should be taken to fully implement these recommendations. For its part, the Copyright Office has taken steps to address GAO's recommendations, such as drafting a new strategic plan.

Full Report

GAO Contacts

Office of Public Affairs

Topics

CopyrightIT investmentsStrategic planChief information officersPrivacyIT managementInformation technologyInformation securityInventoryDesktop computers