This is the accessible text file for GAO report number GAO-08-79
entitled 'Information Technology: Census Bureau Needs to Improve Its
Risk Management of Decennial Systems' which was released on October 5,
2007.
This text file was formatted by the U.S. Government Accountability
Office (GAO) to be accessible to users with visual impairments, as part
of a longer term project to improve GAO products' accessibility. Every
attempt has been made to maintain the structural and data integrity of
the original printed product. Accessibility features, such as text
descriptions of tables, consecutively numbered footnotes placed at the
end of the file, and the text of agency comment letters, are provided
but may not exactly duplicate the presentation or format of the printed
version. The portable document format (PDF) file is an exact electronic
replica of the printed version. We welcome your feedback. Please E-mail
your comments regarding the contents or accessibility features of this
document to Webmaster@gao.gov.
This is a work of the U.S. government and is not subject to copyright
protection in the United States. It may be reproduced and distributed
in its entirety without further permission from GAO. Because this work
may contain copyrighted images or other material, permission from the
copyright holder may be necessary if you wish to reproduce this
material separately.
GAO Highlights:
Highlights of GAO-08-79, a report to the Subcommittee on Federal
Financial Management, Government Information, Federal Services, and
International Security, Committee on Homeland Security and Governmental
Affairs, U.S. Senate.
Why GAO Did This Study:
Automation and information technology (IT) are expected to play a
critical role in the 2010 decennial census. The Census Bureau plans to
spend about $3 billion on automation and technology that are to improve
the accuracy and efficiency of census collection, processing, and
dissemination. The Bureau is holding what it refers to as a Dress
Rehearsal, during which it plans to conduct operational testing that
includes the decennial systems. In view of the importance of IT
acquisitions to the upcoming census, GAO was asked to (1) determine the
status and plans for four key IT acquisitions, including schedule and
cost, and (2) assess whether the Bureau is adequately managing
associated risks. To achieve its objectives, GAO analyzed acquisition
documents and the projects’ risk management activities and compared
these activities to industry standards.
What GAO Found:
Three key systems acquisitions for the 2010 Census are in process, and
a fourth contract was recently awarded. The ongoing acquisitions show
mixed progress in meeting schedule and cost estimates. Currently, two
of the projects are not on schedule, and the Bureau plans to delay
certain functionality. The award of the fourth contract, originally
scheduled for 2005, was awarded in September 2007. In addition, one
project has incurred cost overruns and increases to its projected life-
cycle cost. As a result of the schedule changes, the full complement of
systems and functionality that were originally planned will not be
available for the Dress Rehearsal operational testing. This limitation
increases the importance of further system testing to ensure that the
decennial systems work as intended.
The Bureau’s project teams for each of the four IT acquisitions have
performed many practices associated with establishing sound and capable
risk management processes, but critical weaknesses remain. Three
project teams had developed a risk management strategy that identified
the scope of the risk management effort. However, not all project teams
had identified risks, established mitigation plans, or reported risks
to executive-level officials. For example, one project team did not
adequately identify risks associated with performance issues
experienced by mobile computing devices. In addition, three project
teams developed mitigation plans that were often untimely or included
incomplete activities and milestones for addressing the risks. Until
the project teams implement key risk management activities, they face
an increased probability that decennial systems will not be delivered
on schedule and within budget or perform as expected.
Table: Performance of Risk Management Activities by Key Census
Acquisition Projects:
Specific practices: Preparing for risk management: Determine risk
sources and categories;
Acquisition Project: 1: Practice Partially Implemented;
Acquisition Project: 2: Practice Fully Implemented;
Acquisition Project: 3: Practice Fully Implemented;
Acquisition Project: 4: Practice Fully Implemented.
Specific practices: Preparing for risk management: Define risk
parameters;
Acquisition Project: 1: Practice Fully Implemented;
Acquisition Project: 2: Practice Fully Implemented;
Acquisition Project: 3: Practice Fully Implemented;
Acquisition Project: 4: Practice Fully Implemented.
Specific practices: Preparing for risk management: Establish and
maintain a risk management strategy;
Acquisition Project: 1: Practice Partially Implemented;
Acquisition Project: 2: Practice Fully Implemented;
Acquisition Project: 3: Practice Fully Implemented;
Acquisition Project: 4: Practice Fully Implemented.
Specific practices: Preparing for risk management: Identify and involve
the relevant stakeholders;
Acquisition Project: 1: Practice Partially Implemented;
Acquisition Project: 2: Practice Partially Implemented;
Acquisition Project: 3: Practice Fully Implemented;
Acquisition Project: 4: Practice Partially Implemented.
Specific practices: Identify and analyze risks: Identify and document
the risks;
Acquisition Project: 1: Practice Fully Implemented;
Acquisition Project: 2: Practice Partially Implemented;
Acquisition Project: 3: Practice Fully Implemented;
Acquisition Project: 4: Practice Partially Implemented.
Specific practices: Identify and analyze risks: Evaluate, categorize,
and prioritize risks;
Acquisition Project: 1: Practice Partially Implemented;
Acquisition Project: 2: Practice Fully Implemented;
Acquisition Project: 3: Practice Fully Implemented;
Acquisition Project: 4: Practice Fully Implemented.
Specific practices: Mitigate risks: Develop risk mitigation plans;
Acquisition Project: 1: Practice Partially Implemented;
Acquisition Project: 2: Practice Partially Implemented;
Acquisition Project: 3: Practice Fully Implemented;
Acquisition Project: 4: Practice Not Implemented.
Specific practices: Mitigate risks: Monitor status and implement risk
mitigation plans;
Acquisition Project: 1: Practice Partially Implemented;
Acquisition Project: 2: Practice Partially Implemented;
Acquisition Project: 3: Practice Fully Implemented;
Acquisition Project: 4: Practice Partially Implemented.
Specific practices: Executive oversight: Review status with executive-
level management;
Acquisition Project: 1: Practice Not Implemented;
Acquisition Project: 2: Practice Not Implemented;
Acquisition Project: 3: Practice Fully Implemented;
Acquisition Project: 4: Practice Not Implemented.
Sources: GAO analysis of Census project data against industry
standards.
[End of table]
What GAO Recommends:
GAO is recommending that the Bureau strengthen its systems testing and
risk management activities, including risk identification and
oversight. The Bureau agreed to examine additional ways to manage
risks, but disagreed with the view that a full complement of systems
would not be tested in a census-like environment, stating it planned to
do so during the Dress Rehearsal or later; however, the test plans have
not been finalized and it remains unclear whether this testing will be
done.
To view the full product, including the scope and methodology, click on
GAO-08-79. For more information, contact David A. Powner at (202) 512-
9286 or pownerd@gao.gov.
[End of section]
Report to the Subcommittee on Federal Financial Management, Government
Information, Federal Services, and International Security, Committee on
Homeland Security and Governmental Affairs, U.S. Senate:
United States Government Accountability Office:
GAO:
October 2007:
Information Technology:
Census Bureau Needs to Improve Its Risk Management of Decennial
Systems:
Information Technology:
GAO-08-79:
Contents:
Letter1:
Results in Brief:
Background:
Decennial IT Acquisitions Are at Various Stages of Development and Show
Mixed Progress against Schedule and Cost Baselines:
The Bureau Is Making Progress in Risk Management Activities, but
Critical Weaknesses Remain:
Conclusions:
Recommendations for Executive Action:
Agency Comments and Our Evaluation:
Appendix I: Objectives, Scope, and Methodology:
Appendix II: Key 2010 Census Information Technology Acquisitions:
Appendix III: Comments from the Department of Commerce:
GAO Comments:
Appendix IV: GAO Contacts and Staff Acknowledgments:
Tables:
Table 1: Four Key IT Acquisitions Supporting Census 2010:
Table 2: Comparison of FDCA Original and Revised Schedules:
Table 3: FDCA Life-Cycle Cost Estimates:
Table 4: Comparison of DRIS Original and Current Schedules:
Table 5: DRIS Cost Estimates for Phase I (as of March 2006):
Table 6: Risk Management Preparation Activities Completed for the Key
2010 Census Systems:
Table 7: Risk Identification and Evaluation Activities Completed for
the Key 2010 Census Systems:
Table 8: Risk Mitigation Activities Completed for Key 2010 Census
Systems:
Table 9: Executive-Level Risk Oversight Activities Completed for the
Key 2010 Decennial Systems:
Figures:
Figure 1: Key 2010 Census Systems and Interfaces:
Figure 2: Description and Examples of Key Risk Practice Areas:
Abbreviations:
CMMI®: Capability Maturity Model® Integration:
DADSII: Data Access and Dissemination System II:
DRIS: Decennial Response Integration System:
FDCA: Field Data Collection Automation:
IT: information technology:
MAF: Master Address File:
MTAIP: MAF/TIGER Accuracy Improvement Project:
SEI: Software Engineering Institute:
TIGER: Topologically Integrated Geographic Encoding and Referencing:
United States Government Accountability Office:
Washington, DC 20548:
October 5, 2007:
The Honorable Thomas R. Carper:
Chairman:
The Honorable Tom Coburn:
Ranking Member:
Subcommittee on Federal Financial Management, Government Information,
Federal Services, and International Security:
Committee on Homeland Security and Governmental Affairs:
United States Senate:
As you know, the decennial census is mandated by the U.S. Constitution
and provides data that are vital to the nation. These data are used to
reapportion the seats of the U.S. House of Representatives; realign the
boundaries of the legislative districts of each state; allocate
billions of dollars in federal financial assistance; and provide a
social, demographic, and economic profile of the nation's people to
guide policy decisions at each level of government.
Carrying out the census is the responsibility of the department of
Commerce's Census Bureau, which is now preparing for the 2010 Census.
The Bureau is required to begin the population count on April 1, 2010,
and the Secretary of Commerce is required to report to the President on
the tabulation of total population by state within 9 months of that
date.[Footnote 1]
The Bureau plans to rely on automation and technology to improve the
coverage, accuracy, and efficiency of the 2010 Census. Specifically, it
has awarded four information technology (IT) contracts. It is also
holding what it refers to as a Dress Rehearsal, a period centering
around a mock Census Day on April 1, 2008. Planned Dress Rehearsal
activities include operational testing of the 2010 Census systems in a
census-like environment. The Bureau estimates that its IT acquisitions
will spend about $3 billion of the total $11.5 billion cost of the
entire census.
Given the importance of these IT acquisitions, you asked us to (1)
determine the status and plans, including schedule and costs, for four
key IT acquisitions, and (2) assess whether the Bureau is adequately
managing the risks facing these key system acquisitions.
To address the first objective, we analyzed system documentation,
including project plans, deliverables, cost estimates, earned value
management data,[Footnote 2] other acquisition-related documents, as
well as interviewed Bureau officials and contractors. To address the
second objective, we identified sound industry standards and compared
them to the Bureau's practices for the key acquisitions. We performed
our work from December 2006 through August 2007 in accordance with
generally accepted government auditing standards. Appendix I contains
details about our objectives, scope, and methodology.
Results in Brief:
Three key systems acquisitions for the 2010 Census are in process, and
a fourth contract was recently awarded. The status of each acquisition
and the Census Bureau's plans are as follows:
* In one project, the Bureau is modernizing the database that provides
address lists, maps, and other geographic support services for the
census. Currently, this project is on schedule to complete improvements
by the end of fiscal year 2008 and is meeting cost estimates.
* In a second project, the Bureau is acquiring systems, equipment, and
infrastructure for field staff to use in collecting census data.
Deliverables provided to date include mobile computing devices and
installation of key support infrastructure. However, the schedule for
this acquisition has been revised, resulting in delays in system
development and testing of interfaces. Also, the life-cycle cost
estimates for this program have increased, and we project an $18
million cost overrun by December 2008. According to the contractor, the
overrun is occurring primarily because of an increase in the number of
system requirements.
* In a third project, the Bureau is acquiring a system for integrating
paper, telephone responses, and field operations. The software
development and testing are currently on schedule to provide, by
December 2007, an initial system to process the major census forms
during the Dress Rehearsal activities. However, the schedule was
revised in October 2005, which is delaying some functionality. For
example, a telephone-assistance system that was originally intended to
be completed by fiscal year 2008 has been delayed. This acquisition is
meeting current cost estimates.
* Finally, a contract to replace the current systems used to tabulate
and disseminate census data was recently delayed by about a year from a
previously deferred date. The Bureau awarded this contract in September
2007. As a result, the Dress Rehearsal will use the current tabulation
and dissemination system rather than a modernized version.
Delays in functionality mean that the Dress Rehearsal operational
testing will take place without the full complement of systems and
functionality that was originally planned. As a result, further system
testing will be necessary to ensure that the decennial systems work as
intended. However, Bureau officials have not finalized their plans for
testing all the systems, and it is not clear whether these plans will
include testing to address all interrelated systems and functionality,
such as end-to-end testing.[Footnote 3] According to officials, these
plans will not be finalized until February 2008. Without sufficient
testing of all systems and their functionality, the Bureau increases
the risk that costs will increase further, that decennial systems will
not perform as expected, or both.
The Bureau has taken action to manage the risks facing the four
acquisitions; that is, the four project teams managing the acquisitions
have performed many practices associated with establishing sound and
capable risk management processes; however, critical weaknesses remain.
Specifically, three of the four project teams had developed risk
management strategies identifying the scope of their risk management
efforts; however, three project teams had weaknesses in identifying
risks, establishing mitigation plans that identified planned actions
and milestones, and reporting risk status to executive-level officials.
For example, one project team did not adequately identify risks
associated with performance issues experienced by mobile computing
devices. In addition, three project teams developed mitigation plans
that were often untimely or included incomplete activities and
milestones for addressing the risks. Also, two projects did not provide
evidence of reporting risk status to executive-level officials. As we
have previously reported, a root cause of weaknesses in completing key
risk management activities is the lack of policies for managing major
acquisitions at the Bureau.[Footnote 4] Until the project teams
implement key risk management activities, they face an increased
probability that decennial systems will not be delivered on schedule
and within budget or perform as expected.
Because the entire complement of systems will not be available for
Dress Rehearsal activities as originally planned, we are recommending
that the Census Bureau plan for and perform end-to-end testing so that
all systems are tested in a census-like environment. To help ensure
that the three key acquisitions for the 2010 Census operate as
intended, we are also recommending that the project teams strengthen
risk management activities, including those associated with risk
identification, mitigation, and oversight.
In response to a draft of this report, the Under Secretary for Economic
Affairs of Commerce provided written comments from the department.
These comments are reproduced in appendix III. Specifically, with
regard to risk management, the department said it plans to examine
additional ways to manage risks and will prepare a formal action plan
in response to our final report. However, the department said it had a
major disagreement with our findings with regard to operational
testing, stating it plans to test all critical systems and interfaces
during the Dress Rehearsal or later. Nonetheless, the Bureau's test
plans have not been finalized, and it remains unclear whether testing
will address all interrelated systems and functionality in a census-
like environment, as would be provided by end-to-end testing.
Consistent with our recommendation, following up with documented test
plans to do end-to-end testing will help ensure that decennial systems
will work as intended. The department also provided technical comments
that we incorporated where appropriate.
Background:
The Census Bureau's mission is to serve as the leading source of high-
quality data about the nation's people and economy. The Bureau's core
activities include conducting decennial, economic, and government
censuses, conducting demographic and economic surveys, managing
international demographic and socioeconomic databases, providing
technical advisory services to foreign governments, and performing such
other activities as producing official population estimates and
projections.
Conducting the decennial census is a major undertaking involving
considerable preparation, which is currently under way. A decennial
census involves:
* identifying and correcting addresses for all known living quarters in
the United States (known as "address canvassing");
* sending questionnaires to housing units;
* following up with nonrespondents through personal interviews;
* identifying people with nontraditional living arrangements;
* managing a voluminous workforce responsible for follow-up activities;
* collecting census data by means of questionnaires, calls, and
personal interviews;
* tabulating and summarizing census data; and:
* disseminating census analytical results to the public.
Role of IT in the Decennial Census:
The Bureau estimates that it will spend about $3 billion on automation
and IT for the 2010 Census, including four major systems acquisitions
that are expected to play a critical role in improving its coverage,
accuracy, and efficiency. Figure 1 shows the key systems and interfaces
supporting the 2010 Census; the four major IT systems involved in the
acquisitions are highlighted. As the figure shows, these four systems
are to play important roles with regard to different aspects of the
process.
Figure 1: Key 2010 Census Systems and Interfaces:
[See PDF for image]
Source: U.S. Census Bureau.
Note: Shaded boxes indicate systems discussed in the report.
[End of figure]
To establish where to count (as shown in the top row of fig. 1), the
Bureau will depend heavily on a database that provides address lists,
maps, and other geographic support services. The Bureau's address list,
known as the Master Address File (MAF), is associated with a geographic
information system containing street maps; this system is called the
Topologically Integrated Geographic Encoding and Referencing (TIGER®)
database.[Footnote 5] The MAF/TIGER database, highlighted in fig. 1, is
the object of the first major IT acquisition--the MAF/TIGER Accuracy
Improvement Project (MTAIP). The project is to provide corrected
coordinates on a county-by-county basis for all current features in the
TIGER database. The vital role of this database in the census
operations is the reason that MTAIP is a key acquisition, even though
it is relatively small in scale (compared with the other three key IT
acquisitions) and will not result in new systems.
To collect respondent information (see the middle row of fig. 1), the
Bureau is pursuing two initiatives. First, the Field Data Collection
Automation (FDCA) program is expected to provide automation support for
field data collection operations as well as reduce costs and improve
data quality and operational efficiency. This acquisition includes the
systems, equipment, and infrastructure that field staff will use to
collect census data, such as mobile computing devices.[Footnote 6]
Second, the Decennial Response Integration System (DRIS) is to provide
a system for collecting and integrating census responses from all
sources, including forms, telephone interviews, and mobile computing
devices in the field. DRIS is expected to improve accuracy and
timeliness by standardizing the response data and providing it to other
Bureau systems for analysis and processing.
To provide results, the Data Access and Dissemination System II (DADS
II) acquisition (see the bottom row of fig. 1) is to replace legacy
systems for tabulating and publicly disseminating data. The DADS II
program is expected to provide comprehensive support to DADS.
Replacement of the legacy systems is expected to:
* maximize the efficiency, timeliness, and accuracy of tabulation and
dissemination products and services;
* minimize the cost of tabulation and dissemination; and:
* increase user satisfaction with related services.
Table 1 provides a brief overview of the four acquisitions.
Table 1: Four Key IT Acquisitions Supporting Census 2010:
IT acquisition: MAF/TIGER Accuracy Improvement Project (MTAIP);
Purpose: Modernize the system that provides the address list, maps, and
other geographic support services for the Census and other Bureau
surveys.
IT acquisition: Field Data Collection Automation (FDCA);
Purpose: Provide automated resources for supporting field data
collection, including the provision of handheld mobile computing
devices to collect data in the field, including address and map data.
IT acquisition: Decennial Response Integration System (DRIS);
Purpose: Provide a solution for data capture and respondent assistance.
IT acquisition: Data Access and Dissemination System (DADS II);
Purpose: Develop a replacement for the DADS legacy tabulation and
dissemination systems.
Source: GAO analysis of Census Bureau data.
[End of table]
Responsibility for these acquisitions lies with the Bureau's Decennial
Management Division and the Geography Division. Each of the four
acquisitions is managed by an individual project team staffed by Bureau
personnel. Additional information on the contracts for these four
systems is provided in appendix II.
In preparation for the 2010 Census, the Bureau plans a series of tests
of its operations and systems (new and existing) in different
environments, as well as to conduct what it refers to as the Dress
Rehearsal. During the Dress Rehearsal period, which runs from February
2006 through June 2009, the Bureau plans to conduct development and
testing of systems, run a mock Census Day, and prepare for Census 2010,
which will include opening offices and hiring staff.
As part of the Dress Rehearsal activities, the Bureau began address
canvassing[Footnote 7] in April 2007 and plans to distribute
questionnaires in February 2008 in preparation for the mock Census Day
on April 1, 2008. It plans to begin performing nonresponse follow-up
activities immediately afterwards. These Dress Rehearsal activities are
to provide an operational test of the available system functionalities,
in a census-like environment, as well as other operational and
procedural activities.
Prior IT Management Reviews of Census Activities:
We have previously reported on weaknesses in the Bureau's IT
acquisition management. In June 2005, we reported on the Bureau's
progress in five IT areas--investment management, systems development
and management, enterprise architecture management, information
security, and human capital.[Footnote 8] These areas are important
because they have substantial influence on the effectiveness of
organizational operations and, if implemented effectively, can reduce
the risk of cost and schedule overruns and performance shortfalls. We
reported that while the Bureau had many practices in place, much
remained to be done to fully implement effective IT management
capabilities. To improve the Bureau's IT management, we made several
recommendations. The Bureau agreed with the recommendations but is
still in the process of implementing them.
In March 2006, we presented testimony on the Bureau's progress in
implementing acquisition and management capabilities for two key IT
system acquisitions for the 2010 Census--FDCA and DRIS.[Footnote 9] We
testified that although the project offices responsible for these two
contracts had carried out initial acquisition management activities,
neither office had the full set of capabilities needed to effectively
manage the acquisitions, including a full risk management process.
Effective management of major IT programs requires that organizations
use sound acquisition and management processes, including project and
acquisition planning, solicitation, requirements development and
management, and risk management. We recommended that the Bureau
implement key activities needed to effectively manage acquisitions. For
example, we recommended that the Bureau establish and enforce a system
acquisition management policy that incorporates best practices,
including those for risk management. The Bureau agreed with our
recommendations and is in the process of implementing them.
Decennial IT Acquisitions Are at Various Stages of Development and Show
Mixed Progress against Schedule and Cost Baselines:
Three key systems acquisitions for the 2010 Census are in process, and
a fourth contract was recently awarded. The ongoing acquisitions are
showing mixed progress in providing deliverables while adhering to
planned schedules and cost estimates. Currently, two of the three
projects have experienced schedule delays, and the date for awarding
the fourth contract was postponed several times. In addition, we
estimate that one of the three ongoing projects (FDCA) will incur about
$18 million in cost overruns. In response to schedule delays as well as
other factors, including cost, the Bureau has made schedule adjustments
and plans to delay certain system functionality. As a result, Dress
Rehearsal operational testing will not address the full complement of
systems and functionality that was originally planned, and the Bureau
has not yet finalized its plans for further system tests. Delaying
functionality increases the importance of system testing after the
Dress Rehearsal operational testing to ensure that the decennial
systems work as intended.
MTAIP Is Completing Improvements on Schedule and at Estimated Cost:
MTAIP is a project to improve the accuracy of the MAF/TIGER database,
which contains information on street locations, housing units, rivers,
railroads, and other geographic features. MTAIP is to provide corrected
coordinates on a county-by-county basis for all current features in the
TIGER database. Features not now in TIGER are to be added with accurate
coordinates and required attributes.
Currently, the acquisition is in the second and final phase of its life
cycle. During Phase I, from June 2002 through December 2002, the
contractor identified technical requirements and established the
production approach for Phase II activities. In Phase II, which began
in January 2003 and is ongoing, the contractor is developing improved
maps for all 3,037 counties in the United States; to date, it has
delivered more than 75 percent of these maps, which are due by
September 2008. Beginning in fiscal year 2008, maintenance for the
contract will begin. The contract closeout activities are scheduled for
fiscal year 2009.
MTAIP is on schedule to complete improvements by the end of fiscal year
2008 and is meeting cost estimates. The following is the status of
MTAIP's schedule and cost estimates:
* The MTAIP acquisition is on schedule for the deliverables for Phases
I and II. According to Bureau documents, as of September 2006, the
contractor (Harris Corporation) had delivered (as required) 2,000
improved county maps out of the 3,037. As of March 2007, Bureau
documents showed that the contractor had completed 338 of the 694
counties expected to be complete by the end of fiscal year 2007. The
contractor is scheduled to complete the remaining 356 counties by the
end of fiscal year 2007.
* Cost estimates for Phase I and Phase II are $4.8 million and $205.2
million, respectively, for a total contract value of $210 million. The
contract met cost estimates for Phase I, and based on cost performance
reports, we project no cost overruns by September 2008. As of June
2007, the Bureau had obligated $178 million through September 2010.
FDCA Has Provided Deliverables, but It Has Delayed Functionality and Is
Experiencing Cost Increases:
FDCA is to provide the systems, equipment, and infrastructure that
field staff will use to collect census data. It is to establish office
automation for the 12 regional census centers, the Puerto Rico area
office, and approximately 450 temporary local census offices. It is to
provide the telecommunications infrastructure for headquarters,
regional and local offices, and mobile computing devices for field
workers. FDCA also is to facilitate integration with other 2010 Census
systems and to provide development, deployment, technical support, de-
installation, and disposal services. At the peak of the 2010 Census,
about 4,000 field operations supervisors, 40,000 crew leaders, 500,000
enumerators and address listers, and several thousand office employees
are expected to use or access FDCA components.
The FDCA acquisition is currently in the first phase of execution,
since it has completed its baseline planning period in June 2006. The
contractor is currently in the process of developing and testing FDCA
software for the Dress Rehearsal Census Day. In future phases, the
project will continue development, deploy systems and hardware, support
census operations, and perform operational and contract closeout
activities.
However, as shown in table 2, according to the Bureau it revised its
original schedule and delayed or eliminated some key functionality that
was expected to be ready during Execution Period 1. The Bureau, said it
revised the schedule because it realized it had underestimated the
costs for the early stages of the contract, and that it could not meet
the level of first-year funding because the fiscal year 2006 budget was
already in place. According to the Bureau, this initial underestimation
led to schedule changes and overall cost increases.
Table 2: Comparison of FDCA Original and Revised Schedules:
Phase: Baseline Planning Period;
Dates: March 31-June 30, 2006;
Original schedule (March 2006):
* Develop project oversight documentation;
Revised schedule (July 2006): No change.
Phase: Execution Period 1;
Dates: July 1, 2006-December 31, 2008;
Original schedule (March 2006):
* Deliver consolidated approach to software development;
Revised schedule (July 2006): Deliver software development activities
into an incremental approach.
Phase: Execution Period 1;
Dates: July 1, 2006-December 31, 2008;
Original schedule (March 2006):
* Develop a space tracking system;
Revised schedule (July 2006): Eliminated.
Phase: Execution Period 1;
Dates: July 1, 2006-December 31, 2008;
Original schedule (March 2006):
* Develop an automated software distribution system;
Revised schedule (July 2006): Delayed to Execution Period 2.
Phase: Execution Period 1;
Dates: July 1, 2006-December 31, 2008;
Original schedule (March 2006):
* Provide mobile computing devices;
Revised schedule (July 2006): Delivered in March 2007 for Dress
Rehearsal address canvassing.
Phase: Execution Period 2;
Dates: January 1, 2009-September 30, 2011;
Original schedule (March 2006):
* Deploy the 2010 FDCA solution;
Revised schedule (July 2006): No change.
Phase: Execution Period 2;
Dates: January 1, 2009-September 30, 2011;
Original schedule (March 2006):
* Complete operational testing;
Revised schedule (July 2006): No change.
Phase: Execution Period 2;
Dates: January 1, 2009-September 30, 2011;
Original schedule (March 2006):
* Conduct 2010 Census operations;
Revised schedule (July 2006): No change.
Phase: Execution Period 2;
Dates: January 1, 2009-September 30, 2011;
Original schedule (March 2006): [Empty];
Revised schedule (July 2006): Added delayed activities.
Phase: Execution Period 3;
Dates: August 1, 2010-end of contract;
Original schedule (March 2006):
* Perform operational and contract closeout activities;
Revised schedule (July 2006): No change.
Source: GAO analysis of Census Bureau data.
[End of table]
In the revised schedule, the Bureau delayed or eliminated some key
functionality from the Dress Rehearsal, including the automated
software distribution system. Further, the revised software development
schedule stretches from two to seven increments over a longer period of
time. Delivery of these increments ranges from December 2006 through
December 2008. As of May 2007, the contractor reported that the
increment development schedule continues to be aggressive.
The project is meeting all planned milestones on the revised schedule.
The contractor has delivered 1,388 mobile computing devices to be used
in address canvassing for the Dress Rehearsal. Also, key FDCA support
infrastructure has been installed, including the Network Operations
Center, Security Operation Center, and the Data Processing Centers.
According to the department, all Regional Census Centers and Puerto
Rico area offices have been identified and are on schedule to open in
January 2008.
The project life-cycle costs have already increased. At contract award
in March 2006, the total cost of FDCA was estimated not to exceed $596
million. However, in September 2006, the project life-cycle cost was
increased to about $624 million. In May 2007, the life-cycle cost rose
by a further $23 million because of increasing system requirements,
which resulted in an estimated life-cycle cost of about $647 million.
Table 3 shows the current life-cycle cost estimates for FDCA.
Table 3: FDCA Life-Cycle Cost Estimates:
Dollars in millions.
Baseline planning period;
Start date: March 31, 2006;
End date: June 30, 2006;
Cost estimates: September 2006: $11;
Cost estimates: May 2007: $11.
Execution Period 1;
Start date: July 1, 2006;
End date: December 31, 2008;
Cost estimates: September 2006: 200;
Cost estimates: May 2007: 225.
Execution Period 2;
Start date: January 1, 2009;
End date: September 30, 2011;
Cost estimates: September 2006: 319;
Cost estimates: May 2007: 318.
Execution Period 3;
Start date: August 1, 2010;
End date: End of contract;
Cost estimates: September 2006: 10;
Cost estimates: May 2007: 10.
Leased equipment;
Start date: N/A;
End date: N/A;
Cost estimates: September 2006: 12;
Cost estimates: May 2007: 12.
Management reserve;
Start date: N/A;
End date: N/A;
Cost estimates: September 2006: 7;
Cost estimates: May 2007: 5.
Award fee;
Start date: N/A;
End date: N/A;
Cost estimates: September 2006: 65;
Cost estimates: May 2007: 65.
Total;
Start date: [Empty];
End date: [Empty];
Cost estimates: September 2006: $624;
Cost estimates: May 2007: $647.
Source: GAO analysis of Census Bureau data.
Note: Total may not add due to rounding.
[End of table]
In addition, the FDCA project has already experienced $6 million in
cost overruns, and more are expected. Both our analysis and the
contractor's analysis expect FDCA to experience additional cost
overruns. Based on our analysis of cost performance reports (from July
2006 to May 2007), we project that the FDCA project will experience
further cost overruns by December 2008. The FDCA cost overrun is
estimated between $15 million and $19 million, with the most likely
overrun to be about $18 million. Harris, in contrast, estimates about a
$6 million overrun by December 2008.
According to Harris, the major cause of projected cost overruns is the
system requirements definition process. For example, in December 2006,
Harris indicated that the requirements for the Dress Rehearsal Paper
Based Operations in Execution Period 1 had increased significantly.
According to the cost performance reports, this increase has meant that
more work must be conducted and more staffing assigned to meet the
Dress Rehearsal schedule.
The schedule changes to FDCA have increased the likelihood that the
systems testing at the Dress Rehearsal will not be as comprehensive as
planned. The inability to perform comprehensive operational testing of
all interrelated systems increases the risk that further cost overruns
will occur and that decennial systems will experience performance
shortfalls.
After a Schedule Revision, DRIS Is Delivering Reduced Functionality at
Projected Cost:
DRIS is to provide a system for collecting and integrating census
responses, standardizing the response data, and providing it to other
systems for analysis and processing. The DRIS functionality is critical
for providing assistance to the public via telephone and for monitoring
the quality and status of data capture operations.
The DRIS acquisition is currently in the first of three overlapping
project phases. In Phase I, which extends from March 2006 to September
2008, the project is performing software development and testing of
DRIS. By December 2007, it is to provide an initial system to be used
for the Dress Rehearsal Census Day, during which DRIS will process 14
census forms (out of 84 possible forms). In October 2007, the project
is to begin Phase II, in which it is to deploy the completed system and
perform other activities to support census operations. The final phase
is to be devoted to data archiving and equipment disposal.
Although DRIS is currently on schedule to meet its December 2007
milestone, the Bureau revised the original DRIS schedule after the
contract was awarded in October 2005. Under the revised schedule (see
table 4), the Bureau delayed or eliminated some functionality that was
expected to be ready for the Dress Rehearsal Census Day.
Table 4: Comparison of DRIS Original and Current Schedules:
Phase and dates: Phase 1: March 2006-September 2008;
Original schedule: Deliver solution design and documentation;
Revised schedule: Reduced scope.
Phase and dates: Phase 1: March 2006-September 2008;
Original schedule:
* Requirements definition;
Revised schedule: Eliminated.
Phase and dates: Phase 1: March 2006-September 2008;
Original schedule:
* Workflow segment cross-program testing;
Revised schedule: Eliminated.
Phase and dates: Phase 1: March 2006-September 2008;
Original schedule: Develop, test, and deploy the DRIS Dress Rehearsal
solution;
Revised schedule: Reduced scope.
Phase and dates: Phase 1: March 2006-September 2008;
Original schedule:
* Telephone Questionnaire Assistance System;
Revised schedule: Delayed to Phase 2.
Phase and dates: Phase 1: March 2006-September 2008;
Original schedule: Capture all questionnaire forms;
Revised schedule: Delayed to Phase 2.
Phase and dates: Phase 1: March 2006-September 2008;
Original schedule: Conduct Dress Rehearsal;
Revised schedule: Reduced scope.
Phase and dates: Phase 1: March 2006-September 2008;
Original schedule: Site selection, design, build-out,[A] and fit-up[B]
of data centers for the 2010 Census;
Revised schedule: Delayed to Phase 2.
Phase and dates: Phase 2: October 2007-January 2011;
Original schedule: Deploy the 2010 DRIS solution;
Revised schedule: No change.
Phase and dates: Phase 2: October 2007-January 2011;
Original schedule: Complete operational testing;
Revised schedule: No change.
Phase and dates: Phase 2: October 2007-January 2011;
Original schedule: Conduct 2010 Census operations;
Revised schedule: No change.
Phase and dates: Phase 2: October 2007-January 2011;
Original schedule: Shut down the data centers;
Revised schedule: No change.
Phase and dates: Phase 2: October 2007-January 2011;
Original schedule: [Empty];
Revised schedule: Added delayed activities.
Phase and dates: Phase 3: July 2010-end of contract:
Original schedule: Archive DRIS data and image per NARA guidelines;
Revised schedule: No change.
Phase and dates: Phase 3: July 2010-end of contract:
Original schedule: Dispose of all DRIS equipment;
Revised schedule: No change.
Source: GAO analysis of Census Bureau data.
[A] Build-out is the upgrading of facilities in order to prepare them
for the installation of equipment, telecommunications, etc.
[B] Fit-up is the process of setting up facilities with computer
equipment, furniture, water, power, heating, ventilation, air
conditioning, etc., for the 2010 Census operations.
[End of table]
According to Bureau officials, they delayed the schedule and eliminated
functionality for DRIS when they realized they had underestimated the
fiscal year 2006 through 2008 costs for development. As shown in table
5, the government's funding estimates for DRIS Phase I were
significantly lower than the contractor's.
Table 5: DRIS Cost Estimates for Phase 1 (as of March 2006):
Dollars in millions.
Fiscal year: 2006;
Cost estimates: Contractor: $18.6;
Cost estimates: Government: $11.2.
Fiscal year: 2007;
Cost estimates: Contractor: 53.3;
Cost estimates: Government: 23.8.
Fiscal year: 2008;
Cost estimates: Contractor: 48.7;
Cost estimates: Government: 31.5.
Total;
Cost estimates: Contractor: $120.6;
Cost estimates: Government: $66.5.
Source: GAO analysis of Census Bureau data.
[End of table]
Originally, the DRIS solution was to include paper, telephone,
Internet, and field data collection processing; selection of data
capture sites; and preparation and processing of 2010 Census forms.
However, the Bureau reduced the scope of the solution by eliminating
the Internet functionality. In addition, the Bureau has stated that it
will not have a robust telephone questionnaire assistance system in
place for the Dress Rehearsal. The Bureau is also delaying selecting
sites for data capture centers, preparing data capture facilities, and
recruiting and hiring data capture staff.
Although Bureau officials told us that the revisions to the schedule
should not affect meeting milestones for the 2010 Census, the delays
mean that more systems development and testing will need to be
accomplished later. Given the immovable deadline of the decennial
census, the Bureau is at risk of reducing functionality or increasing
costs to meet its schedule.
The government's estimate for the DRIS project was $553 million through
the end of fiscal year 2010. In October 2005, at contract award, the
Phase I and Phase II value was $484 million.
The DRIS project is not experiencing cost overruns, and our analysis of
cost performance reports from April 2006 to May 2007 projects no cost
overruns by December 2008. As of May 2007, the Bureau had obligated $37
million, and the project was 44 percent completed. As of May 2007, the
DRIS contract value had not increased.
DADS II Contract Was Recently Awarded after a Delay:
The DADS II acquisition is to replace the legacy DADS systems, which
tabulate and publicly disseminate data from the decennial census and
other Bureau surveys.[Footnote 10] The DADS II contractor is also
expected to provide comprehensive support to the Census 2000 legacy
DADS systems.
In January 2007, the Bureau released the DADS II request for proposal.
The contract was awarded in September 2007.
However, the Bureau had delayed the DADS II contract award date
multiple times. The award date was originally planned for the fourth
quarter of 2005, but the date was changed to August 2006. On March 8,
2006, the Bureau estimated it would delay the award of the DADS II
contract from August to October 2006 to gain a clearer sense of budget
priorities before initiating the request for proposal process. The
Bureau then delayed the contract award again by about another year.
Because of these delays, DADS II will not be developed in time for the
Dress Rehearsal. Instead, the Bureau will use the legacy DADS system
for tabulation during the Dress Rehearsal. However, the Bureau's plan
is to have the DADS II system available for the 2010 Census.
No cost information on the DADS II contract was available because it
was recently awarded.
Delayed Functionality Increases the Importance of Further Operational
Testing:
Operational testing helps verify that systems function as intended in
an operational environment. For system testing to be comprehensive,
system functionality must be completed. Further, for multiple
interrelated systems, end-to-end testing is performed to verify that
all interrelated systems, including any external systems with which
they interface, are tested in an operational environment.
However, as described above, two of the projects have delayed planned
functionality to later phases, and one project contract was recently
awarded (September 2007). As a result, the operational testing that is
to occur during the Dress Rehearsal period around April 1, 2008, will
not include tests of the full complement of decennial census systems
and their functionality. According to Bureau officials, they have not
yet finalized their plans for system tests. If further delays occur,
the importance of these system tests will increase. Delaying
functionality and not testing the full complement of systems increase
the risk that costs will rise further, that decennial systems will not
perform as expected, or both.
The Bureau Is Making Progress in Risk Management Activities, but
Critical Weaknesses Remain:
The project teams varied in the extent to which they followed
disciplined risk management practices. For example, three of the four
project teams had developed strategies to identify the scope of the
risk management effort. However, three project teams had weaknesses in
identifying risks, establishing adequate mitigation plans, and
reporting risk status to executive-level officials. These weaknesses in
completing key risk management activities can be attributed in part to
the absence of Bureau policies for managing major acquisitions, as we
described in our earlier report.[Footnote 11] Without effective risk
management practices, the likelihood of project success is decreased.
According to the Software Engineering Institute (SEI), the purpose of
risk management is to identify potential problems before they occur.
When problems are identified, risk-handling activities can be planned
and invoked as needed across the life of a project in order to mitigate
adverse impacts on objectives. Effective risk management involves early
and aggressive risk identification through the collaboration and
involvement of relevant stakeholders. Based on SEI's Capability
Maturity Model® Integration (CMMI®), risk management activities can be
divided into four key areas (see fig. 2):
* preparing for risk management,
* identifying and analyzing risks,
* mitigating risks, and:
* executive oversight.
Figure 2: Description and Examples of Key Risk Practice Areas:
[See PDF for image]
Source: GAO analysis of CMMI criteria.
[End of figure]
The discipline of risk management is important to help ensure that
projects are delivered on time, within budget, and with the promised
functionality. It is especially important for the 2010 Census, given
the immovable deadline.
Project Teams Usually Established Risk Preparation Activities, but
Improvements Are Possible:
Risk preparation involves establishing and maintaining a strategy for
identifying, analyzing, and mitigating risks. The risk management
strategy addresses the specific actions and management approach used to
perform and control the risk management program. It also includes
identifying and involving relevant stakeholders in the risk management
process. Table 6 shows the status of the four project teams'
implementation of key risk preparation activities.[Footnote 12]
Table 6: Risk Management Preparation Activities Completed for the Key
2010 Census Systems:
Specific practices: Determine risk sources and categories;
MTAIP: Practice Partially Implemented;
FDCA: Practice Fully Implemented;
DRIS: Practice Fully Implemented;
DADS: Practice Fully Implemented.
Specific practices: Define parameters used to analyze and categorize
risks and parameters used to control risk management efforts;
MTAIP: Practice Fully Implemented;
FDCA: Practice Fully Implemented;
DRIS: Practice Fully Implemented;
DADS: Practice Fully Implemented.
Specific practices: Establish and maintain the strategy to be used for
risk management;
MTAIP: Practice Partially Implemented;
FDCA: Practice Fully Implemented;
DRIS: Practice Fully Implemented;
DADS: Practice Fully Implemented.
Specific practices: Identify and involve the relevant stakeholders of
the risk management process as planned;
MTAIP: Practice Partially Implemented;
FDCA: Practice Partially Implemented;
DRIS: Practice Fully Implemented;
DADS: Practice Partially Implemented.
Source: GAO analysis of project data.
[End of table]
As the table shows, three project teams have established most of the
risk management preparation activities. However, the MTAIP project team
implemented the fewest practices. The team did not adequately determine
risk sources and categories, or adequately develop a strategy for risk
management. As a result, the project's risk management strategy is not
comprehensive and does not fully address the scope of the risk
management effort, including discussing techniques for risk mitigation
and defining adequate risk sources and categories.
In addition, three project teams (MTAIP, FDCA, and DADS II) had
weaknesses regarding stakeholder involvement. The three teams did not
provide sufficient evidence that the relevant stakeholders were
involved in risk identification, analysis, and mitigation activities;
reviewing the risk management strategy and risk mitigation plans; or
communicating and reporting risk management status. In addition, the
FDCA project team had not identified relevant stakeholders. These
weaknesses can be attributed in part to the absence of Bureau policies
for managing major acquisitions, as we described in our earlier
reports.[Footnote 13] Without adequate preparation for risk management,
including establishing an effective risk management strategy and
identifying and involving relevant stakeholders, project teams cannot
properly control the risk management process.
The Project Teams Identified and Analyzed Risks, but Not All Key Risks
Were Identified:
Risks must be identified and described in an understandable way before
they can be analyzed and managed properly. This includes identifying
risks from both internal and external sources and evaluating each risk
to determine its likelihood and consequences. Analyzing risks includes
risk evaluation, categorization, and prioritization; this analysis is
used to determine when appropriate management attention is required.
Table 7 shows the status of the four project teams' implementation of
key risk identification and evaluation activities.
Table 7: Risk Identification and Evaluation Activities Completed for
the Key 2010 Census Systems:
Specific practices: Identify and document the risks;
MTAIP: Practice Fully Implemented;
FDCA: Practice Partially Implemented;
DRIS: Practice Fully Implemented;
DADS: Practice Partially Implemented.
Specific practices: Evaluate and categorize each identified risk using
the defined risk categories and parameters, and determine its relative
priority;
MTAIP: Practice Partially Implemented;
FDCA: Practice Fully Implemented;
DRIS: Practice Fully Implemented;
DADS: Practice Fully Implemented.
Source: GAO analysis of project data.
[End of table]
As of July 2007, the MTAIP and DRIS project teams were adequately
identifying and documenting risks, including system interface risks.
For example, these teams were able to identify the following:
* The MTAIP project identified significant risks regarding potential
changes in funding and the turnover of contractor personnel as the
program nears maturity.
* The DRIS project identified significant risks regarding new system
security regulations, changes or increases to Phase II baseline
requirements, and new interfaces after Dress Rehearsal.
However, the FDCA and DADS II project teams did not identify all risks,
including specific system interface risks. For example:
* The FDCA project had not identified any significant risks related to
the handheld mobile computing devices, for the project office to
monitor and track, despite problems arising during the recent address
canvassing component of the Dress Rehearsal.[Footnote 14] However, it
did identify significant risks for the contractor to manage; these
risks were associated with using the handheld mobile computing devices
including usability and failure rates. Responsibility for mitigating
these risks was transferred to the contractor.
* The FDCA and DADS II projects did not provide evidence that specific
system interface risks are being adequately identified to ensure that
risk handling activities will be invoked should the systems fail during
2010 Census. For example, although the DADS II will not be available
for the Dress Rehearsal, the project team did not identify any
significant interface risks associated with this system.
One reason for these weaknesses, as mentioned earlier, is the absence
of Bureau policies for managing major acquisitions. Failure to
adequately identify and analyze risks could prevent management from
taking the appropriate actions to mitigate those risks; this increases
the probability that the risks will materialize and magnifies the
extent of damage incurred in such an event.
Three of Four Project Teams' Risk Mitigation Plans and Monitoring
Activities Were Incomplete:
Risk mitigation involves developing alternative courses of action,
workarounds, and fallback positions, with a recommended course of
action for the most important risks to the project. Mitigation includes
techniques and methods used to avoid, reduce, and control the
probability of occurrence of the risk; the extent of damage incurred
should the risk occur; or both. Examples of activities for mitigating
risks include documented handling options for each identified risk;
risk mitigation plans; contingency plans; a list of persons responsible
for tracking and addressing each risk; and updated assessments of risk
likelihood, consequence, and thresholds. Table 8 shows the status of
the four project teams' implementation of key risk mitigation
activities.
Table 8: Risk Mitigation Activities Completed for Key 2010 Census
Systems:
Specific practices:
Develop a risk mitigation plan for the most important risks to the
project, as defined by the risk management strategy.
MTAIP: Practice Partially Implemented;
FDCA: Practice Partially Implemented;
DRIS: Practice Fully Implemented;
DADS: Practice Not Implemented.
Specific practices:
Monitor the status of each risk periodically and implement the risk
mitigation plan as appropriate.
MTAIP: Practice Partially Implemented;
FDCA: Practice Partially Implemented;
DRIS: Practice Fully Implemented;
DADS: Practice Partially Implemented.
Source: GAO analysis of project data.
[End of table]
Three project teams (MTAIP, FDCA, and DADS II) developed mitigation
plans that were often untimely or included incomplete activities and
milestones for addressing the risks. Some of these untimely and
incomplete activities and milestones included the following:
* Although the MTAIP project team developed mitigation plans, the plans
were not comprehensive and did not include thresholds defining when
risk becomes unacceptable and should trigger the execution of the
mitigation plan.
* The FDCA project team had developed mitigation plans for the most
significant risks, but the plans did not always identify milestones for
implementing mitigation activities. Moreover, the plans did not
identify any commitment of resources, several did not establish a
period of performance, and the team did not always update the plans
with the latest information on the status of the risk. In addition, the
FDCA project team did not provide evidence of developing mitigation
plans to handle the other significant risks as described in their risk
mitigation strategy. (These risks included a lack of consistency in
requirements definition and insufficient FDCA project office staffing
levels.)
* The mitigation plans for DADS II were incomplete, with no associated
future milestones and no evidence of continual progress in working
towards mitigating a risk. In several instances, DADS II mitigation
plans were listed as "To Be Determined."
With regard to the second practice in the table (periodically
monitoring risk status and implementing mitigation plans), the MTAIP,
FDCA, and DADS II project teams were not always implementing the
mitigation plans as appropriate. For example, although the MTAIP
project team has periodically monitored the status of risks, its
mitigation plans do not include detailed action items with start dates
and anticipated completion dates; thus, the plans do not ensure that
mitigation activities are implemented appropriately and tracked to
closure. The FDCA and DADS II project teams did not identify system
interface risks nor prepare adequate mitigation plans to ensure that
systems will operate as intended. In addition, the DADS II risk reviews
showed no evidence of developing risk-handling action items, tracking
any existing open risk-handling action items, or regularly discussing
mitigation steps with other risk review team members.
Because they did not develop complete mitigation plans, the MTAIP,
FDCA, and DADS II project teams cannot ensure that for a given risk,
techniques and methods will be invoked to avoid, reduce, and control
the probability of occurrence.
Project Teams Are Inconsistent in Reporting Risk Status to Executive-
Level Management:
Reviews of the project teams' risk management activities, status, and
results should be held on a periodic and event-driven basis. The
reviews should include appropriate levels of management, such as key
Bureau executives, who can provide visibility into the potential for
project risk exposure and appropriate corrective actions. Table 9 shows
the status of the four project teams' implementation of activities for
senior-level risk oversight.
Table 9: Executive-Level Risk Oversight Activities Completed for the
Key 2010 Decennial Systems:
Specific practices:
Review the activities, status, and results of the risk management
process with executive-level management, and resolve issues;
MTAIP: Practice Not Implemented;
FDCA: Practice Not Implemented;
DRIS: Practice Fully Implemented;
DADS: Practice Fully Implemented.
Source: GAO analysis of project data.
[End of table]
The project teams were inconsistent in reporting the status of risks to
executive-level officials. DRIS and DADS II did regularly report risks;
however, the FDCA and MTAIP projects did not provide sufficient
evidence to document that these discussions occurred or what they
covered. Although presentations were made on the status of the FDCA and
MTAIP projects to executive-level officials, presentation documents did
not include evidence of discussions of risks and mitigation plans.
Failure to report a project's risks to executive-level officials
reduces the visibility of risks to executives who should be playing a
role in mitigating them.
Conclusions:
The IT acquisitions planned for 2010 Census will require continued
oversight to ensure that they are achieved on schedule and at planned
cost levels. Although the MTAIP and DRIS acquisitions are currently
meeting cost estimates, FDCA is not. In addition, while the Bureau is
making progress developing systems for the Dress Rehearsal, it is
deferring certain functionality, with the result that the Dress
Rehearsal operational testing will address less than a full complement
of systems. Delaying functionality increases the importance of later
development and testing activities, which will have to occur closer to
the census date. It also raises the risk of cost increases, given the
immovable deadline for conducting the 2010 Census.
The Bureau's project teams for each of the four acquisitions have
implemented many practices associated with establishing sound and
capable risk management processes, but they are not always consistent:
the teams have not always identified risks, developed complete risk
mitigation plans, or briefed senior-level officials on risks and
mitigation plans. Among risks that were not identified are those
associated with the FDCA mobile computing devices and systems testing.
Also, mitigation plans were often untimely or incomplete. Further, no
evidence was available of senior-level briefings to discuss risks and
mitigation plans. One reason for these weaknesses is the absence of
Bureau policies for managing major acquisitions, as we pointed out in
earlier work. Until the project teams and the Decennial Management
Division implement appropriate risk management activities, they face an
increased probability that decennial systems will not be delivered on
schedule and within budget or perform as expected.
Recommendations for Executive Action:
To ensure that the Bureau's four key acquisitions for the 2010 Census
operate as intended, we are making four recommendations. First, to
ensure that the Bureau's decennial systems are fully tested, we
recommend that the Secretary of Commerce require the Director of the
Census Bureau to direct the Decennial Management Division and Geography
Division to plan for and perform end-to-end testing so that the full
complement of systems is tested in a census-like environment.
To strengthen risk management activities for the decennial census
acquisitions, the Secretary should also direct the Director of the
Census Bureau to ensure that project teams:
* identify and develop a comprehensive list of risks for the
acquisitions, particularly those for system interfaces and mobile
computing devices, and analyze them to determine probability of
occurrence and appropriate mitigating actions;
* develop risk mitigation plans for the significant risks, including
defining the mitigating actions, milestones, thresholds, and resources;
and:
* provide regular briefings on significant risks to senior executives,
so that they can play a role in mitigating these risks.
We are not making recommendations at this time regarding the Bureau's
policies for managing major acquisitions, as we have already done so in
previous reports.[Footnote 15]
Agency Comments and Our Evaluation:
In response to a draft of this report, the Under Secretary for Economic
Affairs of Commerce provided written comments from the department.
These comments are reproduced in appendix III.
The department disagreed with our conclusion about operational testing
during the 2008 Dress Rehearsal. According to the department, although
some minimal functionalities are not a part of the Dress Rehearsal, all
critical systems and interfaces would be tested during the 2008 Dress
Rehearsal. It planned to conduct additional fully integrated testing of
all systems and interfaces after the Dress Rehearsal, including the
functionalities not included in the Dress Rehearsal itself. It also
planned to incorporate lessons learned from the Dress Rehearsal in this
later testing. Nonetheless, the Bureau's test plans have not been
finalized. Further, the Dress Rehearsal will not include two critical
systems (the DRIS telephone system and the DADS II tabulation system).
Thus, it remains unclear whether testing will in fact address all
interrelated systems and functionality in a census-like environment.
Consistent with our recommendation, following up with documented test
plans to do end-to-end testing would help ensure that decennial systems
will work as intended.
With regard to risk management, the department said it plans to examine
additional ways to manage risks and will prepare a formal action plan
in response to our final report. However, it disagreed with our
assessment with regard to risk identification, pointing out that one
project identified risks associated with handheld mobile computing
devices and assigned responsibility for these to the contractor. In
addition, the project identified systems interfaces as a risk. However,
the project did not identify significant risks for the project office
to monitor and track related to problems arising during the address
canvassing component of the Dress Rehearsal. Also, although this
project identified a general risk related to system interfaces, it did
not identify specific risks related to particular interfaces.
The department also provided technical comments that we incorporated
where appropriate.
We are sending copies of this report to the Chairman and Ranking Member
of the Committee on Homeland Security and Governmental Affairs. We are
also sending copies to the Secretary of Commerce, the Director of the
U.S. Census Bureau, and other appropriate congressional committees. We
will make copies available to others on request. In addition, this
report will be available at no charge on the GAO Web site at
[hyperlink, http://www.gao.gov].
If you have any questions about this report, please contact David A.
Powner at (202) 512-9286 or pownerd@gao.gov or Madhav S. Panwar at
(202) 512-6228 or panwarm@gao.gov. Contact points for our Offices of
Congressional Relations and Public Affairs may be found on the last
page of this report. GAO staff who made major contributions to this
report are listed in appendix IV.
Signed by:
David A. Powner:
Director, Information Technology Management Issues:
and:
Madhav S. Panwar:
Senior Level Technologist, Center for Technology and Engineering:
[End of section]
Appendix I: Objectives, Scope, and Methodology:
Our objectives were to (1) determine the status and plans, including
schedule and costs, for four key information technology (IT)
acquisitions, and (2) assess whether the Census Bureau is adequately
managing the risks facing these key system acquisitions.
To determine the status and plans, we reviewed documents related to the
major 2010 Census acquisitions, including requests for proposals,
acquisition contracts, project plans, schedules, cost estimates,
program review reports, earned value management data, test plans, and
other acquisition-related documents. We analyzed earned value
management data obtained from the contractors to assess the
contractor's cost and schedule performance. We also interviewed program
officials to determine the current status of the acquisitions'
schedules and cost estimates.
To assess the status of risk management, we evaluated the practices for
key areas (establishing a risk strategy, risk identification,
mitigation, and reporting) and compared these to industry standards--
specifically, the Capability Maturity Model® Integration (CMMI®). The
CMMI model was developed by Carnegie Mellon University's Software
Engineering Institute (SEI) and includes criteria to evaluate risk
management for development and maintenance activities. We adapted these
CMMI criteria and performed a Class B Standard CMMI Appraisal Method
for Process Improvement[Footnote 16] to evaluate the risk management of
program teams and contractors involved in the decennial system
acquisitions and development initiatives. In doing so, we selected
leading practices within the areas of preparing for risk management,
identifying and analyzing risks, mitigating risks, and executive
oversight. We evaluated the practices as fully implemented, partially
implemented, or not implemented. Specifically, a blank circle indicates
that practices are not performed at all or are performed on a
predominantly ad hoc basis; a half circle indicates that the while
selected key practices have been performed, others remain to be
implemented; and a solid circle indicates that practices adhere to
industry standards.
To evaluate the extent to which the Bureau and contractors followed
these leading practices, we reviewed relevant documents such as risk
management plans, risk reports, mitigation plans, meeting minutes from
risk review meetings; we also interviewed knowledgeable officials about
their risk management activities. Specifically, we met with project
team officials for the four key decennial system acquisitions and their
primary contractors (Harris Corporation and Lockheed Martin), as
applicable. We also reviewed the lists of risks identified by each of
the project teams and their primary contractors and assessed their
accuracy and completeness, including whether the risks were associated
with the acquisition's development plans.
We conducted our work from December 2006 through August 2007 in the
Washington, D.C., metropolitan area in accordance with generally
accepted government auditing standards.
[End of section]
Appendix II: Key 2010 Census Information Technology Acquisitions:
Table 10:
IT acquisition: MAF/TIGER Accuracy Improvement Project (MTAIP);
Contractor: Harris Corporation;
Purpose: Modernize the system that provides the address list, maps, and
other geographic support services for the Census and other Bureau
surveys;
Contract type: Cost plus award fee;
Contract award: June 2002.
IT acquisition: Field Data Collection Automation (FDCA);
Contractor: Harris Corporation;
Purpose: Provide automated resources for supporting field data
collection, including the provision of handheld mobile computing
devices to collect data in the field, including address and map data;
Contract type: Cost plus award fee with some firm fixed price elements;
Contract award: March 2006.
IT acquisition: Decennial Response Integration System (DRIS);
Contractor: Lockheed Martin Corporation;
Purpose: Provide a solution for data capture and respondent assistance;
Contract type: Cost plus award fee with some firm fixed price elements;
Contract award: October 2005.
IT acquisition: Data Access and Dissemination System (DADS II);
Contractor: IBM;
Purpose: Develop a replacement for the DADS legacy tabulation and
dissemination systems;
Contract type: To be determined;
Contract award: September 2007.
Source: GAO analysis of Census Bureau data.
[End of table]
[End of section]
Appendix III Comments from the Department of Commerce:
United States Department Of Commerce:
The Under Secretary for Economic Affairs:
Washington, D.C. 20230:
Mr. David Powner:
Director:
IT Management Issues:
United States Government Accountability Office:
Washington, DC 20548:
Dear Mr. Powner:
The U.S. Department of Commerce appreciates the opportunity to comment
on the United States Government Accountability Office's Draft Report
Entitled Information Technology: Census Bureau Needs to Improve Its
Risk Management of Decennial Systems — (GAO-08-79). The Department's
comments on this report are enclosed.
Sincerely,
Signed by:
Cynthia A. Glassman:
U.S. Department of Commerce:
Comments on the:
United States Government Accountability Office:
Draft Report Entitled Information Technology: Census Bureau Needs to
Improve Its:
Risk Management of Decennial Systems -- (GAO-08-79) September 2007:
The U.S. Census Bureau appreciates the United States Government
Accountability Office's (GAO) efforts to review our contract management
processes for key information technology systems planned for the 2010
Census and also appreciates this opportunity to review the draft
report.
We believe we have made significant efforts to date in successfully
managing these major Information Technology (IT) contracts. Certainly,
additional efforts to manage risks can improve the likelihood of
success, and we will examine ways to do that in preparing our formal
action plan in response to the final version of this report.
We do have one major disagreement with the GAO's various statements (on
pages 5 and 12, for example) and conclusion (on page 29) about limited
operational testing. Although some minimal functionalities are not part
of the 2008 Census Dress Rehearsal, all critical systems and interfaces
are part of the Dress Rehearsal—our best Census-like environment to
conduct such testing. In addition, after the Dress Rehearsal we will
conduct additional, fully integrated, testing of all systems and
interfaces, including the functionalities not included in the Dress
Rehearsal, and incorporate any lessons learned from the Dress
Rehearsal.
Specific Comments on the Draft Report:
Page 5: The draft report states that for the Field Data Collection
Automation (FDCA) Program, ".the life-cycle cost estimates for this
program have increased, and we project an $I8 million cost overrun by
December 2008. According to the contractor, the overrun is occurring
primarily because of an increase in the number of system requirements."
Census Bureau Comment: As written, this statement could be interpreted
as an indication that the Census Bureau has conveyed a number of
previously unstated requirements to the contractor, and that the
contractor is overrunning its estimated costs. That is not entirely
accurate. We have added some new requirements, mostly regarding IT
systems security. Some cost growth has resulted from the process of
decomposing high level functional requirements (those stated in Section
C of the contract) into more detailed and specific requirements (system
requirements and software requirements).
Pages 5-6: The draft report states: "Delays in functionality mean that
the Dress Rehearsal operational testing will take place without the
full complement of systems and functionality that was originally
planned. As a result, further system testing will be important to
ensure that the decennial systems work as intended. However, Bureau
officials have not finalized their plans for testing of all systems,
and it is not clear whether these plans will include testing to address
all interrelated systems and functionality, such as end-to-end
testing."
Census Bureau Comment: As stated in our major comment above, all
critical systems and interfaces are part of the Dress Rehearsal, and we
will conduct additional, fully integrated, testing of all systems and
interfaces, including the minor functionalities not part of the Dress
Rehearsal, and any lessons learned from the Dress Rehearsal.
Page 5: The draft report states: ".schedule for this acquisition has
been revised, resulting in delays.life-cycle cost estimates for this
program have increased."
Census Bureau Comment: None of the discussions on this page about
schedule revisions and cost changes provide any context about the cause
of the changes. For example, regarding the FDCA contract, after
contract award, detailed discussions with the contractor revealed that
our original life-cycle cost estimates for this effort had allocated
too much money to later years, and not enough to the earlier years of
the contract. Furthermore, because our FY 2006 budget was already in
place at that point, we could not meet the level of first-year funding
required under the solution the contractor had bid. Therefore, we had
to develop a re-plan with the contractor. This resulted in some
schedule changes and cost increase overall, because the contractor
would have less time to develop its solutions and still meet our
deadlines. This same comment applies to the statement in the third
paragraph on page 14, that the Census Bureau ".revised the schedule
because it had initially underestimated costs." Also, the draft
report's discussion on page 6 follows the description of schedule and
cost changes, and thus implies—incorrectly—that the changes to date
resulted from poor or insufficient risk management.
Page 9: The draft reports states: "...the Field Data Collection
Automation (FDCA) Program is to provide automation support for directly
capturing information collected during personal interviews, as well as
eliminating the need for paper maps and address lists for the major
file data collection operations. "
Census Bureau Comment: To clarify, the FDCA contract only provides for
automated data collection for three personal-visit operations (Address
Canvassing, Nonresponse Follow-up [including Vacant/Delete Follow-up],
and Coverage Measurement Personal Interviewing), and only eliminates
the need for paper maps for Address Canvassing and Nonresponse Follow-
up. Also, in this same quote, the word "file" should be corrected to
read 'field. "
Page 12: The draft report states: ".As a result, Dress Rehearsal
operational testing will not address the full complement of systems and
functionality that was originally planned."
Census Bureau Comments: As stated in our major comment above, all
critical systems and interfaces are part of the Dress Rehearsal, and we
will conduct additional, fully integrated, testing of all systems and
interfaces, including the minor functionalities not part of the Dress
Rehearsal, and any lessons learned from the Dress Rehearsal.
Page 14: For clarification, in the discussion at the top of the page
about the number of staff expected to use or access FDCA components, we
assume this refers to all FDCA equipment, infrastructure, and systems,
not just the hand-held computers (HHC). Also, the draft report's
reference to "National Operations Center" in the second paragraph,
should be corrected to read Network Operations Center.
Pages 14-15: In Table 2, for clarification, the transition of the
Decennial Applicant Personnel and Payroll System (DAPPS) to the FDCA
environment only was delayed until after the Dress Rehearsal, and we
developed and are testing the FDCA/DAPPS Interface in the Dress
Rehearsal. Also, the development of a space tracking system by the FDCA
contractor was eliminated, not delayed to Period 2, and the development
of an automated software distribution system was delayed to Period 2,
not eliminated. Under Execution Period 2, the reference to "Perform
delayed activities" is not clear, so perhaps that should be more
specific (or footnoted).
Page 15: The second paragraph of the draft report states: ".all sites
for Regional Census Centers were to have been identified by April 2007,
but this activity has not yet been fully completed. This delay may
result in further delays, as described in recent FDCA performance
reports. Because not all Regional Census Center sites have yet been
identified, the risk is increased that the project will not meet the
deployment date for these centers and the Puerto Rico Area Office by
January 31, 2008."
Census Bureau Comment: All sites for the Regional Census Centers and
Puerto Rico Area Office have been identified, leases have been signed,
and build-out is underway. We are on schedule to open all these offices
in January 2008. Also, the FDCA contractor had no responsibility for
identifying the sites nor in securing leases—those tasks were conducted
by the U.S. General Services Administration.
Page 15: The last paragraph of the draft report states: ". cost of the
[FDCA] contract rose by a further $23 million, because of increasing
system requirements."
Census Bureau Comment: As stated above in our comment regarding page 5,
we have added some new requirements, mostly regarding security of IT
systems. Some cost growth has resulted from the process of decomposing
high-level functional requirements (those stated in Section C of the
contract) into more detailed and specific requirements, (system
requirements and software requirements).
Page 16: In both paragraphs of the draft report, reference is made to
"cost overruns" of the FDCA contract.
Census Bureau Comment: We do not believe the term "cost overrun" is
accurate in the context of what the GAO had described in this draft
report. There has been some cost growth due to the new security
requirements, and to the decomposition of high-level functional
requirements, but "overrun" usually means a contractor originally
underestimated its cost to perform a specific set of tasks.
Page 19: The draft report states "At contract award in October 2005,
the total cost of the DRIS project was not to exceed $553 million. In
December 2005, the Bureau adjusted the life-cycle cost to $484
million."
Census Bureau Comment: The life-cycle cost of $484 million is
incorrect. The $553 figure represents the government estimate of the
DRIS contract costs through the end of FY 2010. This has always been
our estimate, and it was not reduced at contract award. The figure of
$484 million just represents the initial Phase I and Phase II value at
award. This $484 million figure was based on the contractor's original
proposal, which in turn, was based on simplified pricing instructions
contained in the original request for proposal issued in 2005.
Page 20: Although this information was not available when this draft
report was prepared, we note for the record that the DADS H contract
was awarded on schedule the week of September 10 to IBM.
Page 25: The draft report states "....the FDCA project office did not
identify any significant risks associated with using the handheld
mobile computing devices. In addition, neither FDCA nor the DADS II
project team provided evidence that system interface risks are being
adequately identified .
and:
Page 29 (Conclusions): The draft report states... "Among risks that
were not identified are those associated with the FDCA mobile computing
devices."
Census Bureau Comment: We disagree with GAO's assertions that we did
not identify risks associated with the HHCs or system interfaces.
The FDCA risk management process identified the following HHC-related
risks: HHC usability (risk ID #14), HHC failure rates (#18), HHC
bandwidth (#20), and HHC supply chain (#32). The FDCA RRB transferred
these technical (or solution) risks to the contractor as provided in
Section 3.4.2.1 of the FDCA Risk Management Plan (providing a
"Transfer" risk response strategy). "HHC Performance for Decennial
Operations" is currently the highest-scored contractor risk; mitigation
strategies have been identified and activated within the contractor's
risk management process.
The FDCA risk management process also identified Interface Management
(Risk ID #15) as a project risk, a risk still carried on the FDCA Risk
Register. The current response strategy for this risk is "Track," as
Dress Rehearsal Address Canvassing interfaces were identified within
the Decennial Census Architecture, documented in signed Interface
Control Documents, and implemented as planned.
Page 28: The draft report states "...FDCA and MTAIP did not provide
evidence of regular [risk] reporting to higher level officials.
Specifically...their reports did not include discussions of risks and
mitigation plans."
Census Bureau Comment: The FDCA and MTAIP project offices report
through the following supervisory chain: Chief, Decennial Automation
Contracts Management Office or Chief; Decennial Systems and Contracts
Management Office; Assistant; Director for ACS and Decennial Census;
Associate Director for Decennial Census; Deputy Director and Chief
Operating Officer; and Director. Each of these higher-level officials,
together with the Chiefs of Decennial Management, Field, and Geography
Divisions, and other stakeholder divisions and offices, regularly
receive information on FDCA and MTAIP project issues and risks, and
generally via more than one communication channel.
We have provided GAO with slide decks from presentations to the
Commerce IT Review Board, Decennial Leadership Group ("internal Program
Management Reviews"), and Census Integration Group. We have also
provided examples of biweekly "briefing sheets" provided to inform
upper management of issues relating to major decennial contracts.
Additional discussion of FDCA risks occurs at weekly FDCA strategy
sessions and at monthly contractor-conducted PMRs (we have also
provided copies of chart decks from the latter events). Each of these
regularly-scheduled vehicles includes at least two (and in most cases
several) higher-level officials beyond the FDCA project office. While
we understand from interactions with the GAO audit team that this
finding is intended to point out that our artifacts do not (in GAO's
view) clearly document "discussions" of risks and mitigation plans, we
disagree emphatically with their characterization of this array of
communication channels as "practice not implemented."
Page 29 (Conclusions): The draft report states ".the Dress Rehearsal
operational testing will address less than a full complement of
systems. "
Census Bureau Comment: As stated in our major comment above, although
some minimal functionalities are not part of the 2008 Census Dress
Rehearsal, all critical systems and interfaces are part of the Dress
Rehearsal, and we will conduct additional, fully integrated testing of
all systems and interfaces, including the minor functionalities not
part of the Dress Rehearsal, and any lessons learned from the Dress
Rehearsal.
Page 33 (Appendix II): The draft report states the MTAIP contract type
is "Cost plus award fee with some fixed priced elements."
Census Bureau Comment: The MTAIP contract type is simply "Cost plus
award fee" or CPAF. The original contract for Phase I was CPAF with the
government anticipating Phase II being a hybrid with some fixed-price
elements. However, fixed-price elements were never used, and the
contract was modified to exclude them. Therefore, the MTAIP contract
remained as it started—a CPAF. The report should be amended to reflect
this.
The following are GAO's comments on the department's letter dated
September 25, 2007.
GAO Comments:
1. Although the department states that it plans to test all critical
systems and interfaces either during or after the Dress Rehearsal, we
are aware of two critical systems (the DRIS telephone system and the
DADS II tabulation system) that are not to be included in the Dress
Rehearsal, and the Bureau's plans are not yet finalized. As a result,
we stand by our characterization that operational testing would take
place during the Dress Rehearsal without the full complement of systems
and functionality originally planned. Consistent with our
recommendation, following up with documented test plans to do end-to-
end testing would help ensure that systems work as intended.
2. The department said that our statement could be interpreted that
cost increases resulted from an increase in the number of system
requirements. It said this is not entirely accurate because although
some requirements were added (generally related to security), other
cost increases were due to the process of developing detailed
requirements from high-level functional requirements. However, it is
our view that the process of developing detailed requirements from high-
level functional requirement does not inevitably lead to cost increases
if the functional requirements were initially well-defined.
3. See comment 1.
4. We have modified our report to reflect this additional information.
However, although our discussion of schedule and cost changes preceded
our discussion of risk management, we did not intend to imply that risk
management weaknesses had contributed to these changes. We revised our
report to help clarify this.
5. We have revised our report to clarify the use of automation for data
collection for all FDCA components.
6. See comment 1.
7. We agree that this statement is referring to all FDCA equipment,
infrastructure, and systems.
8. We have revised our report to update the status of the systems.
9. We have revised our report to reflect the status of the office site
selections.
10. See comment 2.
11. We disagree with the department's comment that "cost overrun"
refers to a contractor originally underestimating costs. We use "cost
overrun" to refer to any increase in costs from original estimates.
12. We have revised our report to reflect this information.
13. We have revised our report to add this information.
14. We agree that the FDCA project identified certain risks, as the
department describes. However, although it identified risks associated
with handheld mobile computing devices and assigned responsibility for
these to the contractor, it did not identify significant risks for the
project office to monitor and track related to problems arising during
the address canvassing component of the Dress Rehearsal. In addition,
although this project identified interface management as a risk, it did
not identify specific risks related to other systems. Accordingly,
although we modified our report to reflect this information, we did not
change our overall evaluation.
15. The department stated that for the FDCA and MTAIP projects, risk
status is regularly discussed with executive-level officials at
Commerce and the Bureau, and that it provided us with briefing slides
to support this statement. It said that it also uses other
communication channels to report project issues and risks. However, the
evidence provided did not show that FDCA and MTAIP risks were regularly
discussed with executive-level officials. For example, while the FDCA
project provided two presentations in October 2006 and March 2007,
these presentations did not have discussions of risk and mitigation
plans. Similarly, our review of the MTAIP project teams' presentations
during quarterly reviews did not show that risk status was discussed.
Therefore, we still conclude that these projects, unlike the other two,
did not have sufficient evidence that executive-level officials were
being regularly briefed on risk status.
17. See comment 2.
17. We have revised our report to reflect this information.
[End of section]
Appendix IV: GAO Contacts and Staff Acknowledgments:
GAO Contacts:
David A. Powner, (202) 512-9286 or pownerd@gao.gov:
Madhav Panwar, (202) 512-6228 or panwarm@gao.gov:
Staff Acknowledgments:
In addition to the contacts named above, individuals making
contributions to this report included Cynthia Scott (Assistant
Director), Mathew Bader, Carol Cha, Barbara Collier, Neil Doherty, Karl
Seifert, Niti Tandon, Amos Tevelow, and Jonathan Ticehurst.
[End of section]
Footnotes:
[1] 13 U.S.C. 141 (a) and (b).
[2] Earned value management integrates the investment scope of work
with schedule and cost elements for investment planning and control.
The method compares the value of work accomplished during a given
period with that of work expected in the period. Differences in
expectations are measured in both cost and schedule variances. The
Office of Management and Budget requires agencies to use earned value
management as part of their performance-based management system for any
investment under development or with system improvements under way.
[3] End-to-end testing is a form of operational testing that is
performed to verify that a defined set of interrelated systems that
collectively support an organizational core business function
interoperate as intended in an operational environment. The
interrelated systems include not only those owned and managed by the
organization, but also the external systems with which they interface.
[4] GAO, Census Bureau: Important Activities for Improving Management
of Key 2010 Decennial Acquisitions Remain to be Done, GAO-06-444T
(Washington, D.C.: Mar. 1, 2006).
[5] TIGER is a registered trademark of the U.S. Census Bureau.
[6] Mobile computing devices will be used to update the Bureau's
address list, to perform follow-up at addresses for which no
questionnaire was returned, and to perform activities to measure census
coverage.
[7] Address canvassing is a field operation to build a complete and
accurate address list. In this operation, census field workers go door
to door verifying and correcting addresses for all households and
street features contained on decennial maps.
[8] GAO, Information Technology Management: Census Bureau Has
Implemented Many Key Practices, but Additional Actions Are Needed, GAO-
05-661 (Washington, D.C.: June 16, 2005).
[9] GAO-06-444T.
[10] The DADS II contract was originally planned to establish a new Web-
based system that would serve as a single point for public access to
all census data and integrate many dissemination functions currently
spread across multiple Bureau organizations.
[11] GAO-06-444T.
[12] This analysis primarily addresses project teams' implementation of
risk management processes. According to our analysis, the contractors
for the three contracts awarded (MTAIP, FDCA, and DRIS) had implemented
adequate risk management processes involving risk preparation, risk
identification and analysis, and risk mitigation.
[13] GAO-06-444T and GAO-05-661.
[14] GAO, 2010 Census: Preparations for the 2010 Census Underway, but
Continued Oversight and Risk Management Are Critical, GAO-07-1106T
(Washington, D.C.: July 17, 2007).
[15] GAO-06-444T and GAO-05-661.
[16] CMMI® is registered in the U.S. Patent and Trademark Office by
Carnegie Mellon University. Class B appraisals are recommended for
initial assessments in organizations that do not have mature process
improvement activities.
GAO's Mission:
The Government Accountability Office, the audit, evaluation, and
investigative arm of Congress, exists to support Congress in meeting
its constitutional responsibilities and to help improve the performance
and accountability of the federal government for the American people.
GAO examines the use of public funds; evaluates federal programs and
policies; and provides analyses, recommendations, and other assistance
to help Congress make informed oversight, policy, and funding
decisions. GAO's commitment to good government is reflected in its core
values of accountability, integrity, and reliability.
Obtaining Copies of GAO Reports and Testimony:
The fastest and easiest way to obtain copies of GAO documents at no
cost is through GAO's Web site [hyperlink, http://www.gao.gov]. Each
weekday, GAO posts newly released reports, testimony, and
correspondence on its Web site. To have GAO e-mail you a list of newly
posted products every afternoon, go to [hyperlink, http://www.gao.gov]
and select "E-mail Updates."
Order by Mail or Phone:
The first copy of each printed report is free. Additional copies are $2
each. A check or money order should be made out to the Superintendent
of Documents. GAO also accepts VISA and Mastercard. Orders for 100 or
more copies mailed to a single address are discounted 25 percent.
Orders should be sent to:
U.S. Government Accountability Office:
441 G Street NW, Room LM:
Washington, DC 20548:
To order by Phone:
Voice: (202) 512-6000:
TDD: (202) 512-2537:
Fax: (202) 512-6061:
To Report Fraud, Waste, and Abuse in Federal Programs:
Contact:
Web site: [hyperlink, http://www.gao.gov/fraudnet/fraudnet.htm]:
E-mail: fraudnet@gao.gov:
Automated answering system: (800) 424-5454 or (202) 512-7470:
Congressional Relations:
Gloria Jarmon, Managing Director, JarmonG@gao.gov:
(202) 512-4400:
U.S. Government Accountability Office:
441 G Street NW, Room 7125:
Washington, DC 20548:
Public Affairs:
Susan Becker, Acting Manager, BeckerS@gao.gov:
(202) 512-4800:
U.S. Government Accountability Office:
441 G Street NW, Room 7149:
Washington, DC 20548: