Defense Management:

Electronic Commerce Implementation Strategy Can Be Improved

NSIAD-00-108: Published: Jul 18, 2000. Publicly Released: Jul 18, 2000.

Additional Materials:

Contact:

Barry W. Holman
(202) 512-3000
contact@gao.gov

 

Office of Public Affairs
(202) 512-4800
youngc1@gao.gov

Pursuant to a congressional request, GAO reviewed the Department of Defense's (DOD) efforts to implement its Joint Electronic Commerce Program, focusing on: (1) issues DOD needs to resolve to successfully implement its vision for electronic commerce; and (2) the implementation status and performance measures associated with key electronic commerce initiatives.

GAO noted that: (1) DOD faces several implementation issues that, if not resolved, could adversely effect the success of its electronic commerce program; (2) DOD has not yet: (a) completed a detailed plan to implement its strategic vision; (b) developed an electronic commerce architecture; (c) determined how to best manage the electronic commerce program; and (d) fully implemented key security measures that are needed for electronic commerce; (3) the officials responsible for developing a Department-wide implementation plan have not been able to draft a plan that is acceptable to DOD's military services and agencies; (4) a Department-wide plan has thus been put on hold, and DOD's components are developing individual plans; (5) without an overarching, Department-wide plan to guide the military service and Defense agency efforts, the individual plans that result may not be consistent with program goals; (6) in addition, DOD has made little progress in developing a common electronic commerce architecture, which is needed to provide a framework to integrate the individual parts or systems; (7) Department components may develop separate architectures, which may lead to systems and capabilities that are redundant or unable to share information; (8) DOD established an electronic commerce program office, but its authority is unclear and its chain of command is cumbersome and, as a result, the office has been hampered in carrying out its program planning and implementation responsibilities; (9) DOD is taking steps to improve the program office's effectiveness, but these steps may not be sufficient; (10) DOD's ability to transact business electronically, particularly over the Internet, will not be as secure as desired until it completes ongoing work necessary to better protect and authenticate electronic transactions and data; (11) DOD is implementing a number of specific, electronic business-related initiatives that it believes will help modernize selected business processes; (12) these initiatives, which are at various stages of implementation, include: (a) expanding the use of purchase cards to streamline aspects of the procurement process; (b) establishing an electronic mall as a source of supplies for DOD customers, and (c) making aspects of the contracting process paper-free; and (13) many of these initiatives began several years ago, and they predate the Defense Reform Initiative and the electronic commerce program.

Recommendations for Executive Action

  1. Status: Closed - Implemented

    Comments: DOD concurred with this recommendation and stated that DOD Directive 8190.2, issued on June 23, 2000, incorporate the thrust of this recommendation.

    Recommendation: To strengthen the Department's electronic commerce program, the Secretary of Defense should direct that all new electronic commerce initiatives sponsored by the military services and Defense agencies support the Department's strategic goals and electronic commerce architecture.

    Agency Affected: Department of Defense

  2. Status: Closed - Implemented

    Comments: DOD concurred with this recommendation and noted that a number of technical issues still needed to be resolved before realistic timeframes and costs could be determined. In May 2001, the Assistant Secretary of Defense (C3I) reported that the Department had taken a number of actions that addressed this recommendation. On January 16, 2001, the Under Secretary of Defense (P&R) and the DOD CIO co-signed a memo establishing policies and timeliness for implementing aspects of the PKI. On April 1, 2004, DOD issued Instruction 8520.2, "Public Key Infrastructure (PKI) and Public Key (PK) Enabling." This instruction implemented policy, assigned responsibilities, and prescribed procedures for developing and implementing a Department-wide PKI and enhancing the security of DOD information systems by enabling these systems to use PKI for authentication, digital signatures, and encryption. The instruction aligned DOD PKI and PK (Public Key)-Enabling activities with DOD Directive 8500.1, as implemented by DOD Instruction 8500.2, and the DOD Common Access Card (CAC) program, as specified by DOD Directive 8190.3. The instruction was responsive to GAO's recommendation.

    Recommendation: To strengthen the Department's electronic commerce program, the Secretary of Defense should ensure that realistic timeframes and costs are established for carrying out the tasks necessary to transition the Department's personnel, processes, and systems to the planned public key infrastructure to enhance security.

    Agency Affected: Department of Defense

  3. Status: Closed - Implemented

    Comments: DOD agreed with this recommendation and created an office under the Deputy CIO that it believes has the authority and independence to program resources and act from a DOD-wide perspective. DOD incorporated this decision in DOD Directive 8190.2, which was issued in June 2000.

    Recommendation: To strengthen the Department's electronic commerce program, the Secretary of Defense should ensure that the electronic commerce program office has clear lines of authority and funding necessary to implement a Department-wide program.

    Agency Affected: Department of Defense

  4. Status: Closed - Implemented

    Comments: On July 7, 2000, the DOD Chief Information Officer created an Electronic Business Board of Directors and chartered it with the responsibility and authority to oversee electronic commerce policies, plans, and architecture development. Board membership is comprised of senior DOD managers at the general officer level. The Board began meeting in August 2000 and continues to oversee and address electronic commerce issues across DOD.

    Recommendation: To strengthen the Department's electronic commerce program, the Secretary of Defense should provide the members of the proposed electronic commerce board of directors with sufficient authority to see that electronic commerce policies, plans, and architecture development are supported and implemented across the Department as well as in their respective services and agencies.

    Agency Affected: Department of Defense

  5. Status: Closed - Implemented

    Comments: DOD established an Electronic Business Board of Directors to oversee its electronic commerce program. As part of its charter, the Board is expected to support and develop an approach for an electronic commerce architecture. It is expected to ensure that the architecture is developed in accordance with existing DOD guidance and is compatible with DOD's Global Information Grid. In May 2001, the Assistant Secretary of Defense (C3I) informed the DOD Inspector General that an electronic commerce common architecture was completed in July 2000 in the required format of the C4ISR framework. However, this version of the architecture included only the procurement process. Until DOD includes its many other functions into the common architecture framework, it will not have fully responded to this recommendation.

    Recommendation: To strengthen the Department's electronic commerce program, the Secretary of Defense should direct that the Chief Information Officer, in consultation with the principal staff assistants, military services, and Defense agencies, identify the approach and the schedule to be followed by all DOD business areas to develop a Department-wide electronic commerce architecture.

    Agency Affected: Department of Defense

  6. Status: Closed - Not Implemented

    Comments: DOD stated in its September 11, 2000, final response to the report that it will update its electronic business strategic plan and then develop an appropriate DOD implementation plan. In May 2001, the Assistant Secretary of Defense (C3I) reported to the DOD Inspector General that DOD's Electronic Commerce Board of Directors was still evaluating the direction DOD plans to take on developing an implementation plan. The Assistant Secretary further stated that the change in Administration increased the level of uncertainty about the process to develop a plan and resources to support the effort. Consequently, a plan is not likely to be completed until sometime in 2002.

    Recommendation: To strengthen the Department's electronic commerce program, the Secretary of Defense should direct that the Chief Information Officer develop an implementation plan that has a Department-wide focus, one that explicitly addresses the strategic plan's goals, objectives, and strategies.

    Agency Affected: Department of Defense

  7. Status: Closed - Implemented

    Comments: DOD concurred with this recommendation and stated that it had incorporated it into DOD Directive 8190.2 which was issued on June 23, 2000. In addition, DOD provided GAO with additional performance metrics which it had prepared in response to the recommendation.

    Recommendation: To strengthen the Department's electronic commerce program, the Secretary of Defense should direct that both output- and outcome-oriented performance measures are identified for all new and ongoing electronic commerce initiatives.

    Agency Affected: Department of Defense

 

Explore the full database of GAO's Open Recommendations »

Sep 22, 2016

Sep 21, 2016

Sep 19, 2016

Sep 12, 2016

Sep 8, 2016

Sep 7, 2016

Sep 6, 2016

Aug 25, 2016

Looking for more? Browse all our products here