This is the accessible text file for GAO report number GAO-10-808 entitled 'Financial Management Systems: Experience with Prior Migration and Modernization Efforts Provides Lessons Learned for New Approach' which was released on September 15, 2010. This text file was formatted by the U.S. Government Accountability Office (GAO) to be accessible to users with visual impairments, as part of a longer term project to improve GAO products' accessibility. Every attempt has been made to maintain the structural and data integrity of the original printed product. Accessibility features, such as text descriptions of tables, consecutively numbered footnotes placed at the end of the file, and the text of agency comment letters, are provided but may not exactly duplicate the presentation or format of the printed version. The portable document format (PDF) file is an exact electronic replica of the printed version. We welcome your feedback. Please E-mail your comments regarding the contents or accessibility features of this document to Webmaster@gao.gov. This is a work of the U.S. government and is not subject to copyright protection in the United States. It may be reproduced and distributed in its entirety without further permission from GAO. Because this work may contain copyrighted images or other material, permission from the copyright holder may be necessary if you wish to reproduce this material separately. Report to the Chairman, Subcommittee on Federal Financial Management, Government Information, Federal Services, and International Security, Committee on Homeland Security and Governmental Affairs, U.S. Senate: United States Government Accountability Office: GAO: September 2010: Financial Management Systems: Experience with Prior Migration and Modernization Efforts Provides Lessons Learned for New Approach: GAO-10-808: GAO Highlights: Highlights of GAO-10-808, a report to the Chairman, Subcommittee on Federal Financial Management, Government Information, Federal Services, and International Security, Committee on Homeland Security and Governmental Affairs, U.S. Senate. Why GAO Did This Study: In 2004, the Office of Management and Budget (OMB) launched the financial management line of business (FMLOB) initiative, in part, to reduce the cost and improve the quality and performance of federal financial management systems by leveraging shared services available from external providers. In response to a request to study FMLOB- related issues, this report (1) identifies the steps agencies have taken, or planned to take, to modernizing their core financial systems and migrate to an external provider and (2) assesses the reported benefits and significant challenges associated with migrations, including any factors related to OMB’s new financial systems modernization approach. GAO’s methodology included surveying federal agencies to obtain the status of their financial management systems as of September 30, 2009 (prior to OMB’s March 2010 announcement of a new approach), and interviewing officials with selected agencies, external providers, and OMB. In oral comments on a draft of this report, OMB stated its position that it was too early for GAO to draw conclusions on its new approach because it is still a work in progress. For this reason, GAO is not making any new recommendations. However, GAO observes that the experience and challenges related to prior migration and modernization efforts offer important lessons learned as OMB continues to develop and implement its new approach. What GAO Found: In an effort to capitalize on new technologies to help address serious weaknesses in financial management and help meet their future financial management needs, federal agencies continued to modernize their core financial systems, which often has led to large-scale, multiyear financial system implementation efforts. For the last 6 years, OMB has promoted the use of shared services as a means to more efficiently and effectively meet agency core financial system needs. Overall, 14 of 23 civilian Chief Financial Officer (CFO) Act agencies are planning to complete their efforts to deploy 14 new core financial systems at various times through fiscal year 2018, and in connection with their modernization efforts, 10 of the 14 agencies are migrating, or planning to migrate, hosting and application management support services to external providers. GAO also found that the CFO Act agencies were not using a limited number of external providers, a critical element of OMB’s original approach. Five of the 10 agencies planned to rely on five different commercial providers, while 2 of the 10 planned to rely on the same federal provider and 3 had not determined the provider. In contrast, smaller agencies were more frequently relying on the four federal shared service providers to provide core financial system support services to leverage the benefits of using external providers. The most common benefits of migrating cited by CFO Act agencies were external providers’ expertise, the potential for cost savings, and the agencies’ ability to focus more on mission-related responsibilities. However, CFO Act agencies and external providers cited various challenges affecting modernization and migration efforts, such as reengineering business processes and the ability of external providers to provide specific solutions that meet complex agency needs. In March 2010, OMB announced a new financial systems modernization approach that focuses on the use of common automated solutions for transaction processing, such as invoicing and intergovernmental transactions. OMB issued a memorandum in June 2010 that included guidance for key elements of its new approach, such as agencies splitting financial system modernization projects into smaller segments. This new guidance also requires CFO Act agencies to halt certain modernization projects, pending OMB review and approval of revised project plans. Important aspects of the new approach have not yet been developed or articulated and OMB has stated that it plans to develop additional guidance. In GAO’s view, it is critical that OMB’s new guidance elaborate on the new approach and address key issues such as goals and performance plans clearly linked to strategies for achieving them, a governance structure, and specific criteria for evaluating projects. GAO believes these issues need to be addressed to reduce risks and help ensure successful outcomes as OMB moves forward with its new approach. GAO will continue to work with OMB to monitor the implementation of its new approach. View [hyperlink, http://www.gao.gov/products/GAO-10-808] or key components. For more information, contact Kay L. Daly at (202) 512- 9095 or Naba Barkakati at (202) 512-2700. [End of section] Contents: Letter: Background: Some Agencies Have Used Migration of Core Financial Systems as Part of Modernization Efforts, but Shared Services Use Is Limited: Benefits and Challenges of Agency Migrations Raise Important Issues for OMB's New Financial Systems Modernization Approach: Concluding Observations: Agency Comments and Our Evaluation: Appendix I: Scope and Methodology: Appendix II: Modernization and Migration of Core Financial Systems and Services to External Providers: Appendix III: Case Studies of Agency Migration and Modernization Efforts: Appendix IV: Key Characteristics of Selected External Providers: Appendix V: Reported Benefits and Challenges Related to Agency Migration and Modernization Efforts: Appendix VI: GAO Contacts and Staff Acknowledgments: Tables: Table 1: Summary of Core Financial Systems Reported by 23 CFO Act Agencies as of September 30, 2009: Table 2: Summary of Current, Planned, and Expected Systems Use of External Providers as Reported by 23 CFO Act Agencies as of September 30, 2009: Table 3: Summary of Major Advantages of Migrating to External Providers Reported by CFO Act Agencies: Table 4: Summary of Major Disadvantages of Migrating to External Providers Reported by CFO Act Agencies: Table 5: Current Core Financial Systems Fully Deployed at CFO Act Agencies as of September 30, 2009: Table 6: Core Financial Systems CFO Act Agencies Plan to Fully Deploy after September 30, 2009: Table 7: USDA's Key Migration and Modernization Activities: Table 8: FCC's Key Migration and Modernization Activities: Table 9: DOJ's Key Migration and Modernization Activities: Table 10: OPM's Key Migration and Modernization Activities: Table 11: Key Characteristics of OMB-Designated Federal Shared Service Providers: Table 12: CFO Act Agency Perspectives on Migrating and Modernizing Core Financial Systems: Table 13: Reported Key Challenges Affecting CFO Act Agency Migration and Modernization Efforts: Figures: Figure 1: Timeline of USDA's Key Migration and Modernization Activities: Figure 2: Timeline of FCC's Key Migration and Modernization Activities: Figure 3: Timeline of DOJ's Key Migration and Modernization Activities: Figure 4: Timeline of OPM's Key Migration and Modernization Activities: Abbreviations: BPD: Bureau of Public Debt: CBIS: Consolidated Business Information System: CFO: Chief Financial Officer: CGAC: Common Government-wide Accounting Classification: COTS: commercial off-the-shelf: DOD: Department of Defense: DOJ: Department of Justice: E-gov: electronic government: ERP: enterprise resource planning: FCC: Federal Communications Commission: FFIS: Foundation Financial Information System: FFMIA: Federal Financial Management Improvement Act of 1996: FFS: Federal Financial System: FIT: Office of Financial Innovation and Transformation: FMLOB: financial management line of business: FMMI: Financial Management Modernization Initiative: FSIO: Financial Systems Integration Office: GFIS: Government Financial Information System: GSA: General Services Administration: HRLOB: human resource line of business: IT: information technology: JFMIP: Joint Financial Management Improvement Program: LMP: Logistics Modernization Program: NBC: National Business Center: NFC: National Finance Center: NRC: Nuclear Regulatory Commission: OMB: Office of Management and Budget: OPM: Office of Personnel Management: SSP: shared service provider: UFMS: Unified Financial Management System: USDA: Department of Agriculture: [End of section] United States Government Accountability Office: Washington, DC 20548: September 8, 2010: The Honorable Thomas R. Carper: Chairman: Subcommittee on Federal Financial Management, Government Information, Federal Services, and International Security: Committee on Homeland Security and Governmental Affairs: United States Senate: Dear Mr. Chairman: Over the years, the federal government has spent billions of dollars annually on developing or acquiring, implementing, and maintaining financial management systems that often fail to meet cost, schedule, and performance goals. Recognizing the seriousness of this problem, in March 2004, the Office of Management and Budget (OMB) launched the financial management line of business (FMLOB) initiative, which, among other things, provided an approach to increase agencies' use of shared service solutions in connection with their modernization efforts. Specifically, this approach required agencies to migrate certain common services supporting their core financial systems,[Footnote 1] such as information technology (IT) hosting and application management,[Footnote 2] to a limited number of external providers. [Footnote 3] According to OMB, shared service solutions would enable economies of scale by centrally locating, or consolidating, solution assets and reusing federal and commercial subject matter expertise through common acquisitions, interface development, and application management. OMB also expected the reduction in the number of agencies implementing their own systems to reduce the risks, and associated costs, of systems implementations. As previously reported, we have supported and called for such initiatives to standardize and streamline common systems, which can reduce costs.[Footnote 4] The effectiveness of financial management systems is critical in facilitating agencies' ability to institute strong financial management and internal controls.[Footnote 5] In response to your request to study a range of FMLOB-related issues, in May 2009, we reported that although OMB had made some progress toward implementing the initiative, extensive work remained before its goals would be achieved.[Footnote 6] Specifically, OMB had not fully addressed our March 2006 recommendations to fully integrate four key building blocks into FMLOB implementation efforts, specifically, the need to (1) develop a concept of operations to help guide FMLOB- related activities, (2) define standard business processes to promote consistency within and across agencies, (3) develop a strategy and establish a timetable for ensuring that agencies' financial management systems are migrated to a limited number of service providers, and (4) define and effectively implement applicable disciplined processes necessary to properly manage financial management system implementation projects.[Footnote 7] This report addresses the remaining aspects of your request dealing with migration efforts at agencies and external providers, including (1) identifying the steps agencies have taken, or plan to take, toward modernizing their core financial systems and migrating to an external provider and (2) assessing the reported benefits associated with migrations and significant challenges, including any factors related to OMB's newly announced financial systems modernization approach (new approach), that may affect modernization and migration efforts at agencies and external providers. Specifically, in June 2010, during the performance of our work, OMB announced key elements of its new approach, which will focus, in part, on the development of common automated solutions for transaction processing, the requirement for agencies to split financial system modernization projects into smaller segments not to exceed 24 months, and increasing oversight and review of financial system projects.[Footnote 8] Further, under the new approach, OMB is no longer requiring the use of external providers in all cases for core financial systems, but supports such arrangements when they are cost effective. To identify the steps agencies have taken or plan to take in their financial systems migration and modernization efforts and assess related benefits and challenges, we conducted a survey of the 24 Chief Financial Officers (CFO) Act of 1990 agencies to obtain information regarding their current and planned core financial systems and migration activities as of September 30, 2009.[Footnote 9] To obtain additional information on modernization and migration efforts among selected agencies, we performed four agency case studies.[Footnote 10] To identify FMLOB efforts among smaller agencies, in addition to the Federal Communications Commission case study, we interviewed knowledgeable officials with the Small Agency Council[Footnote 11] and the four OMB-designated federal shared service providers (SSP). [Footnote 12] We also reviewed and analyzed policies and guidance related to migration and modernization activities obtained from OMB and the Financial Systems Integration Office (FSIO) and interviewed key officials of these organizations to obtain their perspectives on FMLOB-related benefits and challenges. In addition, we interviewed key officials of two commercial vendors supporting two of the case study agencies and the four federal SSPs concerning their FMLOB-related efforts at CFO Act and non-CFO Act agencies. We also reviewed guidance issued by OMB regarding its new approach for federal financial management systems. We conducted this performance audit from June 2009 through September 2010 in accordance with generally accepted government auditing standards. Those standards require that we plan and perform the audit to obtain sufficient, appropriate evidence to provide a reasonable basis for our findings and conclusions based on our audit objectives. We believe that the evidence obtained provides a reasonable basis for our findings and conclusions based on our audit objectives. Appendix I includes additional details on our scope and methodology. We requested comments on a draft of this report from the Acting Director of OMB or his designee. The OMB Controller provided oral comments on the draft report, including technical comments, which we incorporated as appropriate into the report. Background: Modernizing financial management systems so they can produce reliable, useful, and timely data needed to efficiently and effectively manage the day-to-day operations of the federal government has been a high priority for Congress for many years. In recognition of this need, and in an effort to improve overall financial management, Congress passed a series of financial and IT management reform legislation dating back to the early 1980s, including the CFO Act[Footnote 13] and the Federal Financial Management Improvement Act of 1996 (FFMIA).[Footnote 14] FFMIA, in particular, requires the 24 departments and agencies covered by the CFO Act to implement and maintain financial management systems that comply substantially with (1) federal financial management systems requirements, (2) applicable federal accounting standards, and (3) the U.S. Government Standard General Ledger at the transaction level. FFMIA also requires auditors, as part of the 24 CFO Act agencies' financial statement audits, to report whether those agencies' financial management systems substantially comply with these requirements. In addition, the Clinger-Cohen Act of 1996[Footnote 15] requires OMB to improve the acquisition, use, and disposal of IT by the federal government and continually assess the experiences of executive agencies in managing IT, among other responsibilities. Following enactment of this law, OMB revised Circular No. A-130, Management of Federal Information Resources, which established policy for the management of federal information resources and designated OMB as responsible for overall leadership and coordination, as well as the development and maintenance of a governmentwide strategic plan for federal information resources management within the executive branch. Despite these efforts, long-standing financial management systems weaknesses continue to present a formidable management challenge in providing accountability to the nation's taxpayers and agency financial statement auditors continue to report that many agencies' systems do not substantially comply with FFMIA requirements.[Footnote 16] FMLOB Migration and Other Financial Management System Guidance: In March 2004, OMB launched the FMLOB initiative, in part, to reduce the cost and improve the quality and performance of federal financial management systems by leveraging shared service solutions and implementing other reforms. The stated goals of the FMLOB initiative were to (1) provide timely and accurate data for decision making; (2) facilitate stronger internal controls that ensure integrity in accounting and other stewardship activities; (3) reduce costs by providing a competitive alternative for agencies to acquire or develop, implement, and operate financial management systems through shared service solutions; (4) standardize systems, business processes, and data elements; and (5) provide for seamless data exchange between and among federal agencies by implementing a common language and structure for financial information and system interfaces. According to a December 2005 OMB memorandum, to achieve the FMLOB vision--and enable efforts to achieve its goals--federal agencies must have competitive options available for financial systems.[Footnote 17] OMB described a shared service solution framework consisting of a limited number of providers that deliver competitive alternatives for agencies investing in financial system modernizations and provide financial management services for multiple organizations. OMB stated that the economies of scale and skill of a provider will allow it to provide federal agencies with a lower-risk, lower-cost, and increased service quality alternative for financial system modernization efforts. According to OMB, when the FMLOB is successful, federal agencies will have the ability to migrate from one solution to a more competitive or better performing alternative that is offered by a limited number of stable and high-performing providers. In May 2006, OMB established a migration policy and issued its Competition Framework for FMLOB Migrations to provide guidance to agencies planning to migrate their financial management systems and services.[Footnote 18] According to this migration policy, "with limited exception, an agency seeking to upgrade to the next major release of its current core financial management system or modernize to a different core financial management system must either migrate to a [SSP] or qualified private sector provider, or be designated as an [SSP]. At a minimum, agencies must consider pursuing hosting and application management shared services. However, agencies may also consider other shared services, such as accounting or transaction processing." This policy was subsequently incorporated into OMB Circular No. A-127 in January 2009; this circular provides guidance on the use and selection of external providers to ensure that agencies rely on such providers to help manage their systems and no longer develop their own unique systems.[Footnote 19] As program manager for the FMLOB initiative, FSIO had a significant role in achieving FMLOB goals, including the development of standard business processes, core financial system requirements, and testing and product certification.[Footnote 20] In March 2010, OMB announced that FSIO was ceasing operations effective March 31, 2010, stating that FSIO had achieved its objectives of developing governmentwide financial management business processes and data elements.[Footnote 21] As part of its new approach, OMB also announced in March 2010 the creation of the Office of Financial Innovation and Transformation (FIT) within the Department of the Treasury's Office of Fiscal Service. FIT's stated mission includes (1) helping set a new course for federal financial management using automated solutions to reduce duplicate work at individual agencies and (2) assisting in ensuring consistency with a long-term financial management systems strategy for the federal government. In June 2010, OMB announced key elements of its new approach, which will focus on (1) implementing smaller project segments that deliver critical functionality sooner, (2) increasing oversight and review of financial system projects, (3) promoting higher impact shared service efforts related to transaction processing, (4) assessing compliance with financial system requirements, and (5) revising the process for certifying financial management software.[Footnote 22] Some Agencies Have Used Migration of Core Financial Systems as Part of Modernization Efforts, but Shared Services Use Is Limited: In an effort to capitalize on new technologies to help address financial management weaknesses and help meet their financial management needs, about half of the CFO Act agencies are in the process of or have plans to modernize their core financial systems, which often involve large-scale, multiyear financial system implementation efforts. According to the results of our survey, 12 of 23 civilian CFO Act agencies have migrated, or plan to migrate, certain services supporting 16 current systems to 12 external providers in connection with their modernization efforts. Because of the number of separate external service providers involved, the progress toward a shared service framework among the CFO Act agencies has been limited. Agencies' Efforts to Modernize Core Financial Systems to Meet Financial Management Needs: Over the years, federal agencies have struggled to develop and implement numerous core financial systems to help meet their financial information needs for managing and overseeing their day-to-day operations and programs.[Footnote 23] As shown in table 1, the civilian agencies, representing 23 of the 24 CFO Act agencies, identified 45 fully deployed core financial systems in use as of September 30, 2009, in response to our survey of the 24 CFO Act agencies.[Footnote 24] While some of these agencies have recently completed efforts to deploy modernized systems, 17 agencies continue to use 25 aging legacy systems to help meet their needs, including 8 core financial systems placed into operation prior to 1990. Additional information on the 45 current civilian CFO Act agency core financial systems can be found in table 5 of appendix II. Recognizing the importance of effective core financial systems in meeting their financial information needs and efforts to address financial management weaknesses, many agencies are modernizing these current core financial systems. In this regard, 14 of the 23 civilian CFO Act agencies identified 14 systems they plan to fully deploy after fiscal year 2009, which will replace 27 of the current legacy systems. However, agencies provided this information prior to the issuance of OMB's June 2010 guidance concerning oversight and review of financial system projects, and some of these 14 planned systems may no longer be viable projects under that guidance. Additional information on the 14 planned civilian CFO Act agency core financial systems can be found in table 6 of appendix II. Table 1: Summary of Core Financial Systems Reported by 23 CFO Act Agencies as of September 30, 2009: Current systems; Legacy: Agencies: 17; Legacy: Systems: 25; Modern[A]: Agencies: 13; Modern[A]: Systems: 20; Total: Agencies: 23; Total: Systems: 45. Planned systems; Legacy: Agencies: [Empty]; Legacy: Systems: [Empty]; Modern[A]: Agencies: 14; Modern[A]: Systems: 14; Total: Agencies: 14; Total: Systems: 14. Current systems expected to be replaced by planned systems; Legacy: Agencies: 13; Legacy: Systems: 17; Modern[A]: Agencies: 5; Modern[A]: Systems: 10; Total: Agencies: 14; Total: Systems: 27. Total systems expected (end state)[B]; Legacy: Agencies: [Empty]; Legacy: Systems: 8; Modern[A]: Agencies: [Empty]; Modern[A]: Systems: 24; Total: Agencies: [Empty]; Total: Systems: 32. Source: GAO analysis of CFO Act agencies' survey responses. Note: This includes civilian agencies only. Department of Defense systems have not been included. For current systems, the number of agencies does not total to 23 because agencies may have both legacy and modern systems. In addition, systems listed reflect agency survey responses and are subject to change based on reviews being conducted under OMB Memorandum M-10-26, Immediate Review of Financial Systems IT Projects, issued in June 2010. [A] For purposes of this report, we defined modern systems as those that are based on core financial software products qualified and tested by FSIO under its 2003 full test, 2005 incremental test, or the latest version upgrade test. [B] This row includes total systems expected (end state) and remaining after planned systems fully deployed (expected by fiscal year 2018). [End of table] In addition to the 23 civilian CFO Act agencies that responded to the survey, the Department of Defense (DOD) identified one current system, even though it responded that it has more than 100 core financial systems.[Footnote 25] DOD also identified 6 enterprise resource planning (ERP) systems it plans to deploy from 2011 through 2017. [Footnote 26] For example, DOD's General Fund Enterprise Business System is an ERP system that is expected to eliminate 87 current systems and to be used by approximately 79,000 users once it is fully deployed in January 2012. Detailed information that DOD reported on its current and planned systems is included in tables 5 and 6 in appendix II. Because of the scope and complexity of agency modernization efforts, especially those involving highly integrated ERP systems, these large- scale projects often involve system implementations extending over several years before their intended benefits can be realized. For example, in 1999, the Army initiated its Logistics Modernization Program (LMP) in order to better manage its inventory and repair operations at various depots.[Footnote 27] Although the Army anticipates completing its 12-year multiphased deployment in fiscal year 2011, this project reflects the substantial challenges in large- scale deployments, such as a lack of a comprehensive set of metrics with which to measure the success of implementation.[Footnote 28] Similarly, the Department of Justice (DOJ) is involved in a multiyear modernization effort to replace six core financial systems and multiple procurement systems operating across the agency with a new integrated core financial system (referred to as the Unified Financial Management System, or UFMS). DOJ expects to complete its efforts to deploy UFMS in 2013, 10 years after the initial alternatives analysis related to this project was completed. Additional information concerning core financial system modernization efforts at DOJ and other selected case study agencies can be found in appendix III. Migration of Core Financial Systems to External Providers: Although OMB's previous FMLOB guidance focused on migrating support services in connection with new or upgraded agency systems rather than previously deployed systems, 12 of the 23 civilian CFO Act agencies reported that they had already migrated, or plan to migrate, IT hosting or application management services supporting 16 of the 45 current systems that had already been fully deployed as of September 30, 2009. Further, these agencies plan to rely on eight different commercial providers and four federal SSPs to provide services for current systems.[Footnote 29] Of the 32 expected systems noted in table 1, there are 14 agencies relying on or expecting to rely on 11 providers--4 federal SSPs and 7 commercial providers--to support 17 core financial systems. Table 2 summarizes civilian agencies' use of external providers--either federal SSPs or commercial providers--for hosting or application management of the 45 current, 14 planned, and 32 expected core financial systems. Table 2: Summary of Current, Planned, and Expected Systems Use of External Providers as Reported by 23 CFO Act Agencies as of September 30, 2009: Federal SSP; Current: Systems: 6; Current: Providers[A]: 4; Planned: Systems: 2; Planned: Providers[A]: 1; Expected (end state): Systems: 6; Expected (end state): Providers[A]: 4. Commercial provider; Current: Systems: 8; Current: Providers[A]: 8; Planned: Systems: 5; Planned: Providers[A]: 5; Expected (end state): Systems: 7; Expected (end state): Providers[A]: 7. Provider to be determined; Current: Systems: 2; Current: Providers[A]: [Empty]; Planned: Systems: 3; Planned: Providers[A]: [Empty]; Expected (end state): Systems: 4; Expected (end state): Providers[A]: [Empty]. Subtotal; Current: Systems: 16; Current: Providers[A]: 12; Planned: Systems: 10; Planned: Providers[A]: 6; Expected (end state): Systems: 17; Expected (end state): Providers[A]: 11. Not relying or expected to rely on external providers; Current: Systems: 29; Current: Providers[A]: [Empty]; Planned: Systems: 4; Planned: Providers[A]: [Empty]; Expected (end state): Systems: 15; Expected (end state): Providers[A]: [Empty]. Total; Current: Systems: 45; Current: Providers[A]: [Empty]; Planned: Systems: 14; Planned: Providers[A]: [Empty]; Expected (end state): Systems: 32; Expected (end state): Providers[A]: [Empty]. Source: GAO analysis of CFO Act agencies' survey responses. Note: This includes civilian agencies only. DOD systems have not been included. In addition, systems listed reflect agency responses to survey and are subject to change based on reviews being conducted under OMB Memorandum M-10-26, Immediate Review of Financial Systems IT Projects, issued in June 2010. [A] The number of providers listed includes each provider only once even though it may service multiple agency systems (e.g., federal SSPs). [End of table] Overall, 14 of the 23 civilian CFO Act agencies are planning to complete their efforts to deploy 14 planned systems at various times through fiscal year 2018. Ten of these 14 agencies reported that they migrated, or plan to migrate, IT hosting and application management services supporting 10 of the 14 core financial systems they plan to fully deploy after September 30, 2009. In connection with these migrations, 5 of the 10 agencies plan to rely on five different commercial providers, while 2 of the 10 rely, or plan to rely, on the same federal SSP to provide these services, and 3 of the 10 have not determined who the provider will be. In addition, DOD is planning to use two commercial providers for 2 of its 6 planned systems. Table 6 in appendix II includes additional information concerning the migration of selected support services for the 14 planned civilian agency core financial systems and 6 planned DOD systems. In addition to IT hosting and application management support services, eight CFO Act agencies reported that they have migrated, or plan to migrate, transaction processing services to external providers. Specifically, DOD, the Department of Homeland Security, the Department of Labor, and the Nuclear Regulatory Commission (NRC) (as shown in table 6 of app. II) reported that they plan to rely on external providers to provide transaction processing support services for their planned systems while the Department of Transportation, the Department of the Treasury, the General Services Administration, and NRC (as shown in table 5 of app. II), reported that they already rely on external providers for these services for their existing systems. Rather than migrating these services, some large agencies are consolidating their transaction processing activities in-house at the agency level or integrating internal accounting operations through their own internal agency shared solution (e.g., the Department of Agriculture and DOJ, as described in app. III). In June 2010, OMB stated that its attempts to mandate the use of shared services under its previous policy--for hosting and application management--yielded inconsistent results as medium and large agencies encountered the same types of costs and risks with an external provider as they did when modernizing in-house. In contrast, smaller agencies are more frequently relying on external providers to provide core financial system support services to leverage the benefits of using external providers, as discussed in more detail later in this report. Specifically, according to officials at the four federal SSPs, 90 non-CFO Act agencies rely on the support services these providers offer. Federal SSP officials also stated that smaller agencies more frequently rely on the transaction processing support services they provide. For example, according to an official from one federal SSP, it provides transaction processing services to all of its 45 non-CFO Act client agencies. See appendix IV for information on the number of clients serviced by federal SSPs. Benefits and Challenges of Agency Migrations Raise Important Issues for OMB's New Financial Systems Modernization Approach: Agencies and external providers reported that migrating support services to external providers offers advantages for helping smaller agencies, in particular, to capitalize on the benefits associated with sharing the services and solutions available through external providers. However, while federal agencies and external providers have made varied progress toward implementing the FMLOB initiative, they continue to face significant challenges affecting their efforts to modernize core financial systems and migrate selected services supporting them. OMB officials acknowledged that efforts to capitalize on shared services at large agencies have achieved limited success and, in a March 2010 memorandum, announced a need to develop a new approach for financial systems in the federal government.[Footnote 30] The benefits and challenges experienced through agency and provider efforts to implement the FMLOB initiative offer important lessons learned that if considered could assist OMB in developing its new approach. Potential Benefits and Challenges of Agency Migrations to External Providers: Modernization and migration efforts highlighted a number of lessons learned regarding potential benefits and challenges of agency migrations to external providers. The potential benefits and challenges summarized in this section were identified by the 24 CFO Act agencies, smaller, non-CFO Act agencies, and external providers through survey results, interviews, and agency case studies. We also identified challenges with agency migrations related to OMB's guidance on competition. See appendix V for more details on key benefits and challenges reported related to agency migration and modernization efforts. As shown in table 3, external providers' experienced staff, the potential for cost savings through shared services, increased economies of scale, and the ability to focus on mission-related responsibilities were cited in the survey responses of CFO Act agencies as some of the benefits and advantages of migrating core financial system support services to external providers. For example, Treasury cited potential cost savings and benefits associated with using an external provider such as resource sharing, provider expertise in solving application problems, and using cloud computing concepts.[Footnote 31] In May 2010, we also reported potential benefits associated with cloud computing, such as economies of scale and the faster deployment of patches to address security vulnerabilities.[Footnote 32] According to external provider officials, smaller agencies rely more frequently on external providers for transaction processing than CFO Act agencies and benefit from providers' use of shared instances of software applications and standard interfaces across multiple clients, and their ability to more efficiently process complex transactions. Table 3: Summary of Major Advantages of Migrating to External Providers Reported by CFO Act Agencies: Advantages to migrating services to external providers: Potential cost savings through shared resources; IT hosting: [Check]; Application management: [Check]; Transaction processing: [Check]. Advantages to migrating services to external providers: Economies of scale; IT hosting: [Check]; Application management: [Check]; Transaction processing: [Check]. Advantages to migrating services to external providers: Allow agency to focus on mission; IT hosting: [Check]; Application management: [Check]; Transaction processing: [Check]. Advantages to migrating services to external providers: Greater efficiency and reliability through experienced staff; IT hosting: [Check]; Application management: [Check]; Transaction processing: [Check]. Advantages to migrating services to external providers: Increased data capacity and scalability; IT hosting: [Check]; Application management: [Empty]; Transaction processing: [Empty]. Advantages to migrating services to external providers: Enhancement in infrastructure; IT hosting: [Check]; Application management: [Empty]; Transaction processing: [Empty]. Advantages to migrating services to external providers: Enforceable service-level agreements; IT hosting: [Check]; Application management: [Check]; Transaction processing: [Empty]. Advantages to migrating services to external providers: Shift of responsibility to service provider; IT hosting: [Empty]; Application management: [Check]; Transaction processing: [Empty]. Advantages to migrating services to external providers: Standardization; IT hosting: [Empty]; Application management: [Check]; Transaction processing: [Empty]. Advantages to migrating services to external providers: Tighter integration with IT hosting services; IT hosting: [Empty]; Application management: [Check]; Transaction processing: [Empty]. Advantages to migrating services to external providers: Disaster recovery site; IT hosting: [Check]; Application management: [Empty]; Transaction processing: [Empty]. Source: GAO analysis of CFO Act agencies' survey responses. [End of table] To help realize these benefits, CFO Act agencies also identified a variety of key factors that contribute to successful migrations. Many of the factors cited involve the effective use of disciplined processes, such as clearly defining requirements and performing gap analyses to ensure that agency needs will be met, performing appropriate testing and data conversion procedures, minimizing customizations of software, and reengineering business processes to facilitate greater standardization.[Footnote 33] In addition, agencies cited the need for (1) appropriate and adequate resources to lead, plan, manage, execute, and oversee modernization and migration activities; (2) clearly defined expected outcomes and responsibilities of key stakeholders; and (3) effective service-level agreements and other mechanisms that could help ensure that the intended benefits of migrating are achieved.[Footnote 34] CFO Act agencies also cited various concerns about migrating to external providers, such as the ability of external providers to provide solutions that meet the complex and unique needs associated with large agency migrations. As shown in table 4, CFO Act agencies expressed concerns about the general loss of control, flexibility, and subject matter expertise and various risks they will experience if IT hosting, application management, and transaction processing are migrated and whether providers had the capacity to meet the extensive needs associated with large CFO Act agencies. External providers acknowledged these concerns, but cited additional challenges affecting their migration-related efforts, such as agencies' resistance to adopting common processes used by providers and the lack of a clear mechanism for ensuring that agency migrations occur as intended. Table 4: Summary of Major Disadvantages of Migrating to External Providers Reported by CFO Act Agencies: Disadvantages to migrating services to external providers: Governance issues/loss of control; IT hosting: [Check]; Application management: [Check]; Transaction processing: [Check]. Disadvantages to migrating services to external providers: Loss of unique requirements/loss of flexibility; IT hosting: [Check]; Application management: [Check]; Transaction processing: [Empty]. Disadvantages to migrating services to external providers: Potential infrastructure risks; IT hosting: [Check]; Application management: [Check]; Transaction processing: [Empty]. Disadvantages to migrating services to external providers: Potential implementation cost/risk; IT hosting: [Check]; Application management: [Check]; Transaction processing: [Empty]. Disadvantages to migrating services to external providers: Loss of agency subject matter expertise; IT hosting: [Empty]; Application management: [Check]; Transaction processing: [Check]. Disadvantages to migrating services to external providers: Capacity; IT hosting: [Check]; Application management: [Empty]; Transaction processing: [Empty]. Disadvantages to migrating services to external providers: Security risks; IT hosting: [Check]; Application management: [Empty]; Transaction processing: [Empty]. Disadvantages to migrating services to external providers: Competing priorities of multiple customers; IT hosting: [Empty]; Application management: [Check]; Transaction processing: [Empty]. Disadvantages to migrating services to external providers: Limited cost savings; IT hosting: [Empty]; Application management: [Empty]; Transaction processing: [Check]. Disadvantages to migrating services to external providers: Increase in cost; IT hosting: [Empty]; Application management: [Empty]; Transaction processing: [Check]. Source: GAO analysis of CFO Act agencies' survey responses. [End of table] We found similar migration challenges related to OMB's guidance on competition affecting agency and external provider migration efforts, its implementation, and effective oversight. For example, we found that agencies were not always required to migrate to an external provider and did not always conduct a competition for IT hosting and application management because they had already decided to use existing in-house resources to meet their needs (e.g., DOJ, which is discussed in more detail in app. III). On the other hand, we found that those agencies migrating to external providers were not using a limited number of external providers, raising significant questions regarding the extent to which the services they are to provide will be shared with other agencies and any related potential cost savings will be realized. Specifically, as previously discussed, based on survey responses, 14 CFO Act agencies were relying, or planning to rely, on a total of 11 different external providers to support 17 expected systems and providers for 4 of the 17 systems were still to be determined. Unlike similar efforts to implement other OMB electronic government (E- gov) initiatives, the FMLOB guidance does not provide a mechanism for determining the appropriate number of providers needed or describe a governance structure to help ensure that agencies migrate to one of the specific providers identified.[Footnote 35] For example, prior policies for the human resource line of business (HRLOB) and E-Payroll initiatives[Footnote 36] both involved the migration of agency- performed functions common across federal agencies to specifically designated shared service centers.[Footnote 37] Further, in connection with the E-Payroll initiative, established in June 2002, four providers were selected to furnish payroll services for the executive branch. In its latest annual report to Congress on E-gov benefits, OMB reported that migrations of payroll functions performed by other agencies to these providers had been completed.[Footnote 38] Lessons Learned Raise Key Issues to Consider for Achieving Modernization Goals under OMB's New Approach: OMB officials acknowledged that efforts to modernize financial management systems under its FMLOB initiative have achieved limited success and that a new approach is needed. Detailed information on OMB's new approach is not yet available because of its early stage of implementation. However, we have summarized the key elements of its new approach and identified related issues, generally based on lessons learned from prior migration and modernization efforts, for OMB to consider as it moves forward with its implementation. Summary of OMB's New Approach: To address ongoing challenges with financial management practices, OMB announced a new financial systems modernization approach, which encompasses the following five key areas. * Shared services for transaction processing. In March 2010, OMB and Treasury announced the creation of FIT, within Treasury, effective on April 5, 2010.[Footnote 39] FIT is expected to coordinate with the CFO Council to identify and facilitate the acquisition or development of initial operating capabilities for automated solutions for transaction processing. Initially, FIT's efforts will focus on developing operating capabilities for vendor invoicing and intergovernmental transactions. According to OMB, based on the success of interested agencies' efforts to pilot initial capabilities of new solutions, they will be phased in across the federal government as other agencies request to adopt them. OMB stated that its previous policy captured under the FMLOB initiative--requiring agencies to either serve as SSPs or leverage their services--will no longer be mandated in all cases, but supports such arrangements when they are cost effective. * Segmented approach for deploying systems. OMB's new approach for agencies seeking to deploy a financial system includes limiting the overall length of development projects to 24 months and splitting them into segments of 120 days or less, in part to help simplify planning, development, project management, and other tasks and prioritize the most critical financial functions.[Footnote 40] * Oversight and review of financial system projects. According to the June 2010 memorandum, agencies should identify upfront a series of milestones, warning flags, and stop points over the course of the segment life cycle that if deemed necessary, could result in the project being suspended and returned to planning. In addition, mechanisms for review of project status by senior management should be incorporated into project plans. In this regard, the memorandum directed CFO Act agencies to immediately halt activities,[Footnote 41] as of the date of the memorandum, on financial system modernization projects over a specified dollar threshold pending OMB review and approval of revised agency project plans reflecting this guidance. The guidance also stated that OMB will review project status on a quarterly basis through fiscal year 2012 and that project segment milestones must be met in order to release funding for additional segments.[Footnote 42] In addition, OMB announced the establishment of the Financial Systems Advisory Board under the CFO Council, which will make recommendations to OMB on selected projects being reviewed in accordance with the memorandum. * Compliance with financial system requirements. OMB stated in its June 2010 memorandum that current core financial system requirements remain in effect and federal agencies have an ongoing responsibility to comply with them. OMB is also initiating a performance-based approach for compliance with financial system requirements that it believes will reduce the cost, risk, and complexity of financial system modernizations. OMB plans to issue a revision to OMB Circular No. A-127, Financial Management Systems, which will update existing requirements and include new guidance on how agencies and auditors will assess compliance with these requirements. * Process for certifying financial management software. In March 2010, OMB announced the discontinuation of FSIO's core financial system software testing and certification function and announced that FSIO operations would cease effective March 31, 2010.[Footnote 43] OMB's June 2010 memorandum states that OMB is reforming the software testing and certification program by shifting the accountability of software performance to vendors through self-certification. Under this approach, agencies will hold vendors accountable in the same manner in which other contractual obligations are enforced and will be able to hold contractors specifically accountable for false certifications. OMB also plans to provide additional details related to testing process changes in its revision to OMB Circular No. A-127 and revisit this policy on an annual basis. Key Issues Moving Forward: OMB's decision to embark on this new approach raises several key issues that have far-reaching implications for the government, software vendors, and external providers. Recognizing that the new approach is in an early stage of implementation, the steps taken so far do not fully describe a strategy that will address these issues moving forward, nor do they yet fully take into account lessons learned associated with previous governmentwide modernization efforts, including, in particular, the FMLOB migration activities discussed earlier in this report. Without sufficient detail on how these issues are to be addressed, uncertainties exist concerning the potential effectiveness of OMB's new approach. The following describes key issues related to each of the five areas of OMB's new approach. Shared Services for Transaction Processing: Key issues: * How will the new approach be implemented and what governance structure will be established to fully realize the benefits of common solutions and new technologies? * How will new governmentwide shared solutions that are intended to perform functions currently performed at agencies work with current core financial systems and solutions? * What guidance will be provided to agencies to encourage their participation in, and adoption of, the new solutions envisioned in the new approach? Previous efforts to realize the benefits associated with shared services have been challenging, in part because of the lack of a governance structure that ensures agency adoption of shared service solutions. Agency participation in the new solutions being developed by FIT is voluntary and OMB's previous policy regarding migrations to external providers is no longer mandated. Therefore, the potential benefits that will actually be realized through shared services are uncertain. According to the Institute of Electrical and Electronic Engineers, a concept of operations is normally one of the first documents produced during a disciplined development effort.[Footnote 44] OMB officials stated that they are developing an overall concept of operations but did not provide us an estimated timeframe for its completion. We previously reported on the need for this critical tool to provide an overall road map for describing the interrelationships among financial management systems and how information is to flow from and through them and within and across agencies, and ensuring the validity of each agency's implementation approach.[Footnote 45] In addition, a concept of operations can be used to communicate overall quantitative and qualitative system characteristics to users, developers, and other organizational elements and would allow stakeholders to understand the user organizations, missions, and organizational objectives from an integrated systems point of view. We recognize that OMB's new approach is in an early implementation stage and guidance is still being developed. However, implementing this approach without certain policy guidance carries risk. For instance, without a concept of operations that provides an overall road map to guide implementation efforts, it is unclear how the new governmentwide solutions envisioned under the new approach will integrate with current or planned core financial systems, as well as how they will impact numerous smaller agencies that have already migrated to federal SSPs. In addition, the governance structure for implementing OMB's new approach will involve efforts expected to be performed by FIT. OMB has described certain activities FIT is expected to perform, but additional information concerning its purpose, its authority, and the resources to be devoted to its efforts remain unclear. For example, although OMB stated that FIT will assist in ensuring consistency with a long-term financial management systems strategy for the federal government, the specific role that FIT will play in developing or implementing a strategy or overseeing efforts to achieve its goals has not yet been defined. Segmented Approach for Deploying Systems: Key issues: * What actions will be taken to help ensure that agencies' efforts to reduce the scope of modernization projects so that they can be completed within 24 months do not inappropriately emphasize schedule- driven priorities at the expense of achieving event-driven objectives? * What guidance will be provided to ensure that agencies have developed an overall, high-level system architecture that clearly defines specific development projects that provide interim functionality? Although efforts to reduce the scope of agency modernization projects so that they can be completed within 24 months may result in more manageable projects, we have previously reported on the importance of capturing metrics that identify events and trends to assess whether systems will provide needed functionality rather than schedule-driven approaches that may lead to rework instead of making real progress on a project.[Footnote 46] The process for ensuring that future modernization projects conducted under the new approach will align with governmentwide and agency goals, achieve measurable results, and minimize future work-arounds and rework has not yet been clearly described. The Clinger-Cohen Act highlights the need for sound, integrated agency IT architectures and lays out specific aspects of a process agency chief information officers are to implement in order to maximize the value of agencies' IT investments.[Footnote 47] For example, consistent with OMB's new approach, the act also advocates the use of a modular acquisition strategy for a major IT system. Under this type of strategy, an agency's need for a system is satisfied in successive acquisitions of interoperable increments. However, the act also states that each increment should comply with common or commercially accepted standards applicable to IT so that the increments are compatible with other increments of IT that make up the system. Some agency financial system modernization projects involve the implementation of large, integrated ERP systems--which may be designed to perform a variety of business-related tasks, such as accounts payable, general ledger accounting, and supply chain management across multiple organizational units--to help achieve agency strategic goals. Given the tightly integrated nature of these systems, the extent to which implementation projects can be modified and segmented to achieve OMB's objective for delivering interim functionality to help agencies address critical needs has not yet been determined. Oversight and Review of Financial System Projects: Key issues: * What specific criteria will be used to evaluate agency modernization project plans and task orders requiring OMB review and approval? * What steps will be taken to ensure that appropriate procedures and resources are in place at the agency level to avoid an improper impoundment of funds? * How will the roles and responsibilities of OMB, the Financial Systems Advisory Board, or others involved in conducting the reviews and their efforts be defined and measured? Our prior work has linked financial management system failures, in part, to agencies not effectively incorporating disciplined processes shown to reduce software development and acquisition risks into their implementation projects.[Footnote 48] We support the principle of increased oversight and review of projects as called for in our prior recommendations. However, the criteria for performing quarterly assessments of agency modernization projects do not clearly define how such assessments will evaluate the extent to which agencies are embracing disciplined processes. Further, OMB's template for capturing information on agency projects identifies numerous aspects to be reviewed; however, agencies are not required to provide information needed to assess the effectiveness of testing and data conversion efforts necessary to ensure that substantial defects are detected prior to implementation and that modifications of existing data enable them to operate in a different environment. These and other disciplined processes are critical for successfully implementing a new system. Effective oversight to ensure that they are incorporated into agency and governmentwide system implementation projects will also continue to be a critical factor in the success of future modernization efforts envisioned under OMB's new approach. In addition, OMB's direction and CFO Act agencies' implementation of the direction to immediately halt activities on financial system IT projects pending the outcome of OMB's review present additional risks concerning adherence to procedures to be followed for impoundments of budget authority, as prescribed in the Impoundment Control Act of 1974.[Footnote 49] Not all delays in obligating funds are impoundments, but where OMB has given direction to agencies to halt the issuance of new task orders or new procurements, we are concerned that agencies may misinterpret that as a direction to withhold budget authority from obligation either during the review process or upon the decision to terminate an investment. OMB issues general guidance in OMB Circular No. A-11 on the applicable procedures for compliance with the Impoundment Control Act. However, in 2006, we reported to Congress and OMB that executive agencies had improperly impounded budget authority following the President's submission of proposals to Congress to rescind certain budget authority because, in part, agencies were not fully aware of the nature of the proposals and their intended effect on currently available budget authority.[Footnote 50] OMB officials stated that none of the 24 CFO Act agencies identified an impoundment resulting from OMB's direction, but OMB had not evaluated the potential impact of the direction on the agencies' budget authority nor had it issued any clarifying guidance to the agencies to alert them to the potential for impoundments that might arise if agencies withheld budget authority by not awarding contracts as directed. Moreover, OMB's reliance on the Financial Systems Advisory Board to assist in the review of agency modernization projects will depend, in part, on the availability of sufficient resources to perform effective reviews and having clear criteria for selecting projects and performing the reviews. Having clear, measurable criteria for determining which projects are to be assessed and that provides for objective assessments would help ensure that they are performed completely and consistently for all projects and that oversight efforts help achieve intended results. The extent to which CFOs and chief information officers from major agencies or other experts will be available and used to perform such reviews, including whether such officials may be involved in reviewing projects related to their own agencies, has not been specified. While OMB officials told us that they plan to take steps to exclude officials from reviewing systems at their own agencies, the process for doing so has not been disclosed. Compliance with Financial System Requirements and Process for Certifying Financial Management Software: Key issues: * How will system requirements and standard business processes be updated and maintained? * What criteria will be used to determine whether a performance-based approach for compliance with financial system requirements reduces the cost, risk, and complexity of financial system modernizations? * What actions will be taken to help ensure that discontinuing FSIO's software testing and certification program does not result in lack of interoperability across agency systems? * What steps will be taken to ensure that vendor self-certifications comply with applicable provisions of the Federal Acquisition Regulation? * What guidance will be provided to agencies to clarify any changes in agency responsibilities for testing and validating software functionality? FSIO played a significant role in helping to identify and document federal financial management system requirements and the standard business processes on which they should be based. Such efforts were aimed at preventing duplicative research and compilation across government. Prior to ceasing operations effective March 31, 2010, FSIO was working to finalize an exposure draft and issue an updated version of core financial system requirements intended, in part, to reflect changes necessary to align them with current standard business processes. OMB's June 2010 memorandum states that it plans to issue a revision to OMB Circular No. A-127 to update existing requirements and to provide guidance for agencies and auditors on how to assess compliance. The extent to which these changes will affect modernization efforts as well as improve the ability of financial systems to help address long-standing weaknesses is undetermined. While OMB's plan to require vendors to self-certify software functionality is intended to shift accountability for software performance to vendors, it does not change vendor accountability for delivering products that meet specified standards. It also does not eliminate the need to develop and update those standards as new requirements are established to facilitate future improvements. Our work on financial management systems modernizations and industry standards has identified the importance of clearly defining systems requirements and managing those requirements throughout system implementations, and failure to do so can have a significant negative impact on their success.[Footnote 51] OMB plans to provide additional guidance related to the change in the testing process in an upcoming revision to OMB Circular No. A-127 and revisit the policy on an annual basis. However, it is not clear if OMB will be defining system standards and keeping those definitions up to date going forward or if these tasks will be delegated to another entity. The Government Performance and Results Act of 1993 (Results Act) highlights the importance of strategic plans and performance plans as a means for assisting agencies to achieve desired results.[Footnote 52] We previously reported that strategies should be specific enough to enable an assessment of whether they would help achieve the goals of the strategic plan.[Footnote 53] We also reported on how collaborative efforts involving multiple agencies to address crosscutting issues--such as federal financial management modernization efforts--could benefit from a governmentwide strategic plan that identifies long-term goals and the strategies needed to address them, aligned performance goals, and improved performance information that assists decision making to improve results.[Footnote 54] Recognizing OMB's critical role in governmentwide efforts, such as those envisioned under this new approach, the Clinger-Cohen Act, and OMB's implementing guidance, OMB Circular No. A-130, specifically require OMB to develop a strategic plan for managing information resources. Further, incorporating performance plans, goals, and other key elements that facilitate performance measurement and monitoring is essential for ensuring that efforts are appropriately aligned to achieve desired results. It will be essential that performance plans are expressed in an objective, quantifiable, and measurable form that clearly links strategic goals with the strategies to be used to achieve them. Concluding Observations: OMB's FMLOB initiative represented an important effort intended to reduce costs and improve the quality and performance of federal financial management systems that agencies depend on to generate reliable, useful, and timely information needed for decision-making purposes. In connection with their efforts to implement this initiative and modernize their systems, many agencies took steps to migrate selected core financial system support services to external providers. The use of external providers by smaller agencies in particular highlights potential benefits to be realized through these efforts, such as adopting common processes and sharing software. Other agencies continue to rely on aging legacy systems--even though they may have migrated to an external provider. Agencies continue to be challenged with reengineering business processes and effectively incorporating disciplined processes into their implementation efforts to help ensure their success. OMB announced a new strategy and plans for future financial management system modernization efforts, and began issuing a series of guidance on its new approach from March 2010 to June 2010. However, it is too early to determine the extent to which this new approach will address the cost, risk, and complexity of financial system modernizations. The experience and challenges related to efforts to implement the FMLOB initiative provide important lessons learned as OMB continues to develop and implement its new approach. OMB has stated that it plans to develop additional guidance, such as a governmentwide concept of operations, a long-term financial management systems strategy, and a revised OMB Circular No. A-127. Critical next steps will include OMB elaborating on its new approach to address key issues. The following includes our observations on these issues. * As we have previously reported in connection with the FMLOB initiative, a concept of operations is one of the first and foremost critical building blocks and is needed to provide an overall road map to guide implementation of OMB's new approach in accordance with best practices. Until a well-defined concept of operations is developed, questions remain on how the proposed governmentwide solutions can be integrated with current and planned agency financial management systems. * Articulating key aspects of a strategic plan, such as goals and performance plans clearly linked to strategies for achieving them and expressed in an objective, quantifiable, and measurable form, is also critical for the success of OMB's new approach. In addition, a governance structure that provides clear roles and responsibilities of key stakeholders, such as the Financial Systems Advisory Board and FIT, is necessary to help ensure that the stated goals are achieved. Further, detailed guidance and criteria will be important for understanding how ongoing and future modernization projects will be evaluated. * In developing its strategy, it is also important for OMB to clarify the need to mitigate the risks involved with the new requirements for agencies to revise project plans to shorter increments. These risks include agencies adopting a schedule-driven approach rather than focusing on achieving event-driven results consistent with agency needs. In addition, providing guidance to agencies on incorporating relevant OMB Circular No. A-11 procedures would help to ensure that OMB efforts to review financial system IT projects under its new approach do not result in improper impoundments. * As part of OMB's revisions to Circular No. A-127, several clarifications would help provide agencies with direction to implement OMB's new approach, including (1) the requirements for using an SSP, (2) the new process for developing and updating federal financial management system requirements and standard business processes, and (3) the performance-based approach for determining FFMIA compliance. We recognize that OMB is still in the process of fully implementing this new approach and completing related guidance. However, addressing these and other identified key issues and overcoming the historical tendency for agencies to view their needs as unique and resist standardization will depend on prompt and decisive action to develop an effective governmentwide modernization strategy and related guidance. We are not making any new recommendations in this report because of the early implementation stage of OMB's new approach; however, we will continue to work with OMB to help ensure that it provides agency management and other stakeholders with the guidance needed to bring about meaningful improvements in financial management systems. Finally, to ensure that taxpayers' dollars are used effectively and efficiently, continued congressional oversight will be crucial for transforming federal financial management systems to better meet federal government needs. Agency Comments and Our Evaluation: We requested comments on a draft of this report from the Acting Director of OMB or his designee. On August 31, 2010, the OMB Controller provided oral comments on the draft report, including technical comments, which we incorporated as appropriate. Overall, the Controller was concerned that it was too early for GAO to draw conclusions on the change in policy that was published in OMB Memorandum M-10-26 issued on June 28, 2010, and that the report needed to better reflect the new approach as being a work in progress in the beginning stages of implementation. To help address OMB's concern, we included additional references to the early implementation stage of OMB's new approach. The Controller also stated that the questions raised in the report were good for framing the issues, and that some of them were in the process of being addressed. For example, he stated that the planned revisions to OMB Circular No. A-127 will address issues raised on systems requirements and the process for certifying software. We have updated the report accordingly. The Controller also stated that the members of the new Financial Systems Advisory Board adopted a charter dated August 1, 2010, which provides additional detail and specificity on the role and responsibilities of the Board members. We were provided the charter on September 2, 2010, and will evaluate it as part of our future work. We continue to believe that the questions and issues raised in the report need to be addressed by OMB in order to reduce risks and help ensure successful outcomes as it moves forward with its new approach and develops additional guidance. As agreed with your office, unless you publicly announce the contents of this report earlier, we plan no further distribution until 30 days from the report date. At that time, we will send copies to the Ranking Member, Subcommittee on Federal Financial Management, Government Information, Federal Services, and International Security, Senate Committee on Homeland Security and Governmental Affairs; the Chairman and Ranking Member, Subcommittee on Government Management, Organization, and Procurement, House Committee on Oversight and Government Reform; and the Acting Director of OMB. The report also will be available at no charge on the GAO Web site at [hyperlink, http://www.gao.gov]. If you or your staff have any questions about this report, please contact Kay Daly, Director, Financial Management and Assurance, who may be reached at (202) 512-9095 or dalykl@gao.gov, or Naba Barkakati, Chief Technologist, Applied Research and Methods, who may be reached at (202) 512-2700 or barkakatin@gao.gov. Contact points for our Offices of Congressional Relations and Public Affairs may be found on the last page of this report. GAO staff who made major contributions to this report are listed in appendix VI. Sincerely yours, Signed by: Kay L. Daly: Director, Financial Management and Assurance: Signed by: Naba Barkakati: Chief Technologist: Applied Research and Methods: Center for Engineering and Technology: [End of section] Appendix I: Scope and Methodology: To address our objectives, we surveyed chief financial officers (CFO), or their designees, at the 24 CFO Act agencies. We asked each agency to identify the core financial systems that were fully deployed in the agency as of September 30, 2009, and any that the agency planned to fully deploy after that date.[Footnote 55] Through the use of e- mailed, self-administered questionnaires, we collected descriptive information on modernization and migration-related activities about each core financial system, as well as overall agency activities and perspectives regarding financial management line of business (FMLOB) migration efforts. We designed and tested these questionnaires in consultation with subject matter experts at GAO and the Financial Systems Integration Office (FSIO), GAO survey research methodologists, and selected agency officials. Data collection took place from November 2009 to April 2010. All 24 agencies responded to the survey request and returned questionnaires on 46 currently deployed systems and 20 planned systems that they had identified, as shown in appendix II, tables 5 and 6, respectively.[Footnote 56] While all agencies returned questionnaires, and therefore our data are not subject to sampling or overall questionnaire nonresponse error, the practical difficulties of conducting any survey may introduce other errors into our findings. In addition to questionnaire design activities discussed above, to minimize errors of measurement, question-specific nonresponses, and data processing errors, GAO analysts (1) pretested draft questionnaires with two agency officials prior to conducting the survey, (2) contacted respondents to follow up on answers that were missing or required clarification, and (3) answered respondent questions to resolve difficulties they had answering our questions during the survey. In addition, we tested the accuracy of selected responses provided by three agencies by comparing them to data we obtained from case studies. To obtain more detailed information on steps taken to modernize core financial systems and migrate related support services to external providers, we performed case studies at the Department of Justice (DOJ), Department of Agriculture (USDA), Federal Communications Commission (FCC), and Office of Personnel Management (OPM).[Footnote 57] These agencies were selected to provide a variety of perspectives from agencies actively involved in core financial system modernization efforts. Specifically, the criteria used to select agencies for the case studies included (1) different software solutions, (2) a mix of large and small agencies, and (3) differing experiences concerning the use of external providers to support their core financial systems. To identify the use of different software solutions and differing experiences concerning the use of external providers, we reviewed an inventory of CFO Act agency and non-CFO Act agency core financial systems published by FSIO as of December 2008 that identified agencies' software, versions, and providers, where applicable, that hosts the systems, as well as selected 2008 agency performance and accountability reports.[Footnote 58] To provide a mix of large and small agencies, we selected at least one agency from each of three strata defined by gross costs as reported in the 2008 Financial Report of the United States Government.[Footnote 59] To help ensure an efficient use of audit resources, we did not select agencies for which GAO had done work involving their financial management systems for our case study work performed in this review. We obtained and summarized information regarding these case study agencies from documentation provided by the agencies, such as capital asset plans and alternatives analyses. We also interviewed key agency officials involved with the implementations, including CFOs and project managers. We did not evaluate the effectiveness of the acquisition and implementation processes used by the case study agencies. In addition, we did not verify the accuracy of the data provided. To identify the benefits of, and key challenges that agency officials report as having an impact on, their efforts to modernize and migrate core financial systems to external providers, we reviewed and analyzed survey results from the 24 CFO Act agencies. In addition, we reviewed policies, guidance, reports, and memorandums obtained from the Office of Management and Budget (OMB), FSIO, the four selected case study agencies, the four OMB-designated federal shared service providers (SSP), two commercial vendors supporting migration activities at selected case study agencies, and prior GAO reports. The four OMB- designated federal SSPs were the Department of Transportation's Enterprise Services Center, the Department of the Interior's National Business Center, the Department of the Treasury's Bureau of Public Debt's Administrative Resource Center, and the General Services Administration's Federal Integrated Solutions Center. We interviewed knowledgeable officials of these organizations, as well as a co-chair of the Small Agency Council Finance Committee[Footnote 60] and chairman of its Financial Systems Subcommittee (the CFO of the Equal Employment Opportunity Commission and Deputy CFO of the Federal Energy Regulatory Commission, respectively) and the team leader of the CFO Council's[Footnote 61] FSIO Oversight Transformation Team concerning key factors that contribute to successful migrations and significant challenges that may affect migration efforts at agencies and external providers. We also interviewed key OMB officials, including the Controller and Deputy Controller of the Office of Federal Financial Management, to discuss these factors as well as governmentwide efforts toward migrating core financial systems to external providers and OMB's newly announced policy and financial systems modernization approach (new approach). We obtained and reviewed recent policies and guidance [Footnote 62] issued by OMB, such as OMB Memorandum M-10-26[Footnote 63] calling for an immediate review of financial systems projects. We analyzed OMB's new approach, in relation to relevant laws, regulations, and guidance, including the Clinger-Cohen Act,[Footnote 64] the CFO Act,[Footnote 65] the Federal Financial Management Improvement Act of 1996 (FFMIA),[Footnote 66] OMB Circular No. A-127, [Footnote 67] OMB Circular No. A-130,[Footnote 68] and standards set by the Institute of Electrical and Electronic Engineers. We conducted this performance audit from June 2009 through September 2010 in accordance with generally accepted government auditing standards. Those standards require that we plan and perform the audit to obtain sufficient, appropriate evidence to provide a reasonable basis for our findings and conclusions based on our audit objectives. We believe that the evidence obtained provides a reasonable basis for our findings and conclusions based on our audit objectives. We requested comments on a draft of this report from the Acting Director of OMB or his designee. We received oral and technical comments from the OMB Controller, which are discussed in the Agency Comments and Our Evaluation section and incorporated as appropriate. [End of section] Appendix II: Modernization and Migration of Core Financial Systems and Services to External Providers: Tables 5 and 6 summarize responses received from CFO Act agencies concerning their core financial systems[Footnote 69] and efforts to migrate selected core financial system support services to external providers.[Footnote 70] The agencies completed separate questionnaires on each identified core financial system and the status of activities related to migrating information technology (IT) hosting, application management, and transaction processing services supporting these systems to external providers as of September 30, 2009.[Footnote 71] The status of agency migration activities and use of external providers are categorized as follows: * Migrated - (provider). Agency has already migrated this service to a federal SSP or commercial provider as indicated. * Planned - (provider). Agency has decided and planned to migrate this service to a selected federal SSP or commercial provider as indicated. * Planned - (provider undetermined). Agency has decided to migrate this service but has not yet selected a provider. * Undecided. Agency has not decided to migrate this service. * Not planned. Agency does not plan to migrate this service to an external provider. Table 5 summarizes the results of the 24 CFO Act agency responses related to 46 current core financial systems, including 45 civilian systems and 1 defense system, that agency officials identified as being fully deployed as of September 30, 2009. Of these, 12 agencies reported that they have already migrated, or plan to migrate, IT hosting or application management core financial system support services to external providers for 16 systems. Further, 4 agencies reported that they rely on external providers for transaction processing services supporting 4 systems. Table 5: Current Core Financial Systems Fully Deployed at CFO Act Agencies as of September 30, 2009: Agency: Agency for International Development[C]; System name: Phoenix - Financial Systems Integration; Year deployed[A]: 1998; Vendor and software name[B]: AMS Momentum v.6.0; Use of external provider for: IT hosting: Not planned; Use of external provider for: Application management: Not planned; Use of external provider for: Transaction processing: Not planned. Agency: Department of Agriculture[D]; System name: Foundation Financial System; Year deployed[A]: 1998; Vendor and software name[B]: AMS Federal Financial System v5.5; Use of external provider for: IT hosting: Not planned; Use of external provider for: Application management: Not planned; Use of external provider for: Transaction processing: Not planned. Agency: Department of Commerce; System name: National Technical Information Service; Year deployed[A]: 1990; Vendor and software name[B]: Custom; Use of external provider for: IT hosting: Not planned; Use of external provider for: Application management: Not planned; Use of external provider for: Transaction processing: Not planned. Agency: Department of Commerce; System name: Commerce Business System; Year deployed[A]: 1999; Vendor and software name[B]: Oracle v.10g; Use of external provider for: IT hosting: Migrated - federal SSP; Use of external provider for: Application management: Not planned; Use of external provider for: Transaction processing: Not planned. Agency: Department of Commerce; System name: Momentum; Year deployed[A]: 2003; Vendor and software name[B]: CGI Momentum v.6.2; Use of external provider for: IT hosting: Undecided; Use of external provider for: Application management: Undecided; Use of external provider for: Transaction processing: Undecided. Agency: Department of Defense[E]; System name: DLA-Enterprise Business System; Year deployed[A]: 2005; Vendor and software name[B]: SAP v.6.0; Use of external provider for: IT hosting: Not planned; Use of external provider for: Application management: Not planned; Use of external provider for: Transaction processing: Not planned. Agency: Department of Education[D]; System name: Financial Management Support System; Year deployed[A]: 2002; Vendor and software name[B]: Oracle Federal Financials v.11.5.10; Use of external provider for: IT hosting: Undecided; Use of external provider for: Application management: Not planned; Use of external provider for: Transaction processing: Not planned. Agency: Department of Energy; System name: Standard Accounting and Reporting System; Year deployed[A]: 2005; Vendor and software name[B]: Oracle Federal Financials v.11.5.9; Use of external provider for: IT hosting: Not planned; Use of external provider for: Application management: Not planned; Use of external provider for: Transaction processing: Not planned. Agency: Department of Health and Human Services[F]; System name: Financial Accounting Control System; Year deployed[A]: 1992; Vendor and software name[B]: Federal Success; Use of external provider for: IT hosting: Not planned; Use of external provider for: Application management: Not planned; Use of external provider for: Transaction processing: Not planned. Agency: Department of Health and Human Services[F]; System name: National Institutes of Health Business System; Year deployed[A]: 2001; Vendor and software name[B]: Oracle E-Business Suite 11.5.10; Use of external provider for: IT hosting: Not planned; Use of external provider for: Application management: Not planned; Use of external provider for: Transaction processing: Not planned. Agency: Department of Health and Human Services[F]; System name: Unified Financial Management System; Year deployed[A]: 2005; Vendor and software name[B]: Oracle E-Business Suite, v.11.5.10; Use of external provider for: IT hosting: Not planned; Use of external provider for: Application management: Migrated - commercial provider; Use of external provider for: Transaction processing: Not planned. Agency: Department of Homeland Security[G]; System name: Integrated Financial Management Information System; Year deployed[A]: 1996; Vendor and software name[B]: Digital Systems Group IPL v.5.1.6; Use of external provider for: IT hosting: Not planned; Use of external provider for: Application management: Not planned; Use of external provider for: Transaction processing: Not planned. Agency: Department of Homeland Security[G]; System name: Federal Financial Management System; Year deployed[A]: 1998; Vendor and software name[B]: Savantage Federal Financial Management v.3.0 R.2.12; Use of external provider for: IT hosting: Planned - commercial provider; Use of external provider for: Application management: Undecided; Use of external provider for: Transaction processing: Undecided. Agency: Department of Homeland Security[G]; System name: Momentum Financials; Year deployed[A]: 2000; Vendor and software name[B]: CGI Momentum Financials v.6.1.6; Use of external provider for: IT hosting: Undecided; Use of external provider for: Application management: Undecided; Use of external provider for: Transaction processing: Undecided. Agency: Department of Homeland Security[G]; System name: Core Accounting System; Year deployed[A]: 2003; Vendor and software name[B]: Oracle Federal Financials v.11.5.10; Use of external provider for: IT hosting: Not planned; Use of external provider for: Application management: Not planned; Use of external provider for: Transaction processing: Not planned. Agency: Department of Homeland Security[G]; System name: Enterprise Financial Management System; Year deployed[A]: 2005; Vendor and software name[B]: Oracle Federal Financials v.11.5.9; Use of external provider for: IT hosting: Undecided; Use of external provider for: Application management: Undecided; Use of external provider for: Transaction processing: Undecided. Agency: Department of Homeland Security[G]; System name: SAP; Year deployed[A]: 2005; Vendor and software name[B]: SAP R/3, v.6.0; Use of external provider for: IT hosting: Planned - provider undetermined; Use of external provider for: Application management: Undecided; Use of external provider for: Transaction processing: Undecided. Agency: Department of Housing and Urban Development[H]; System name: HUDCAPS/FFS; Year deployed[A]: 1995; Vendor and software name[B]: AMS Federal Financial System v.5.6.1; Use of external provider for: IT hosting: Not planned; Use of external provider for: Application management: Not planned; Use of external provider for: Transaction processing: Not planned. Agency: Department of Housing and Urban Development[H]; System name: FHA Subsidiary Ledger; Year deployed[A]: 2003; Vendor and software name[B]: : PeopleSoft Federal Financials v.8.8; Use of external provider for: IT hosting: Not planned; Use of external provider for: Application management: Not planned; Use of external provider for: Transaction processing: Not planned. Agency: Department of Housing and Urban Development[H]; System name: Ginnie Mae Financial and Accounting System; Year deployed[A]: 2006; Vendor and software name[B]: PeopleSoft Financials v.8.9; Use of external provider for: IT hosting: Migrated - commercial provider; Use of external provider for: Application management: Migrated - commercial provider; Use of external provider for: Transaction processing: Not planned. Agency: Department of the Interior[D]; System name: Federal Financial System; Year deployed[A]: 1988; Vendor and software name[B]: AMS Federal Financial System v. 5.1.7; Use of external provider for: IT hosting: Migrated - federal SSP; Use of external provider for: Application management: Migrated - federal SSP; Use of external provider for: Transaction processing: Not planned. Agency: Department of Justice[I]; System name: Financial Management System; Year deployed[A]: 1985; Vendor and software name[B]: INFOR E Series 98.01; Use of external provider for: IT hosting: Not planned; Use of external provider for: Application management: Not planned; Use of external provider for: Transaction processing: Not planned. Agency: Department of Justice[I]; System name: Financial Management Information System; Year deployed[A]: 1974; Vendor and software name[B]: Information Builders FOCUS; Use of external provider for: IT hosting: : Not planned; Use of external provider for: Application management: Not planned; Use of external provider for: Transaction processing: Not planned. Agency: Department of Justice[I]; System name: STARS; Year deployed[A]: 1998; Vendor and software name[B]: : Computer Data Systems FARS; Use of external provider for: IT hosting: Not planned; Use of external provider for: Application management: Not planned; Use of external provider for: Transaction processing: Not planned. Agency: Department of Justice[I]; System name: Unified Financial Management System -ATF; Year deployed[A]: 2009; Vendor and software name[B]: CGI Momentum 6.1.5b; Use of external provider for: IT hosting: Not planned; Use of external provider for: Application management: Not planned; Use of external provider for: Transaction processing: Not planned. Agency: Department of Justice[I]; System name: SAP; Year deployed[A]: 2000; Vendor and software name[B]: SAP/Enterprise Core Component, v. 6.0; Use of external provider for: IT hosting: Not planned; Use of external provider for: Application management: Not planned; Use of external provider for: Transaction processing: Not planned. Agency: Department of Justice[I]; System name: Unified Financial Management System-DEA; Year deployed[A]: 2009; Vendor and software name[B]: CGI Momentum 6.1.5; Use of external provider for: IT hosting: Not planned; Use of external provider for: Application management: Not planned; Use of external provider for: Transaction processing: Not planned. Agency: Department of Labor[D]; System name: Department of Labor Accounting and Related Systems; Year deployed[A]: 1989; Vendor and software name[B]: Custom; Use of external provider for: IT hosting: Migrated - commercial provider; Use of external provider for: Application management: Not planned; Use of external provider for: Transaction processing: Not planned. Agency: Department of State; System name: Joint Financial Management System; Year deployed[A]: 2003; Vendor and software name[B]: CGI Momentum 6.0; Use of external provider for: IT hosting: Not planned; Use of external provider for: Application management: Not planned; Use of external provider for: Transaction processing: Not planned. Agency: Department of the Treasury; System name: BEP Management Information System; Year deployed[A]: 1985; Vendor and software name[B]: INFOR/SSA Global Technologies Consolidated Application System v.3.0; Use of external provider for: IT hosting: Planned - commercial provider; Use of external provider for: Application management: Planned - commercial provider; Use of external provider for: Transaction processing: Not planned. Agency: Department of the Treasury; System name: People Soft Financials; Year deployed[A]: 2001; Vendor and software name[B]: : PeopleSoft Financials v.8.4; Use of external provider for: IT hosting: Undecided; Use of external provider for: Application management: Undecided; Use of external provider for: Transaction processing: Undecided. Agency: Department of the Treasury; System name: Oracle E-Business Suite; Year deployed[A]: 2002; Vendor and software name[B]: Oracle Federal Financials v.11.5.10; Use of external provider for: IT hosting: Migrated - federal SSP; Use of external provider for: Application management: Migrated - federal SSP; Use of external provider for: Transaction processing: Migrated - federal SSP. Agency: Department of the Treasury; System name: Integrated Financial System; Year deployed[A]: 2005; Vendor and software name[B]: SAP v. 4.6c; Use of external provider for: IT hosting: Undecided; Use of external provider for: Application management: Undecided; Use of external provider for: Transaction processing: Not planned. Agency: Department of the Treasury; System name: Financial Accounting and Services Division; Year deployed[A]: 2006; Vendor and software name[B]: CGI Momentum Financials v.5.0.1; Use of external provider for: IT hosting: Planned - provider undetermined; Use of external provider for: Application management: Planned - provider undetermined; Use of external provider for: Transaction processing: Not planned. Agency: Department of Transportation; System name: DELPHI; Year deployed[A]: 2000; Vendor and software name[B]: Oracle E-Business Suite v.11.5.10; Use of external provider for: IT hosting: Migrated - federal SSP; Use of external provider for: Application management: Migrated - federal SSP; Use of external provider for: Transaction processing: Migrated - federal SSP. Agency: Department of Veterans Affairs[J]; System name: Financial Management System; Year deployed[A]: 1995; Vendor and software name[B]: CGI-AMS Federal Financial System v. 4.0.7G; Use of external provider for: IT hosting: Undecided; Use of external provider for: Application management: Undecided; Use of external provider for: Transaction processing: Not planned. Agency: Environmental Protection Agency[D]; System name: Integrated Financial Management System; Year deployed[A]: 1989; Vendor and software name[B]: CGI Federal Financial System v.5.1; Use of external provider for: IT hosting: Not planned; Use of external provider for: Application management: Not planned; Use of external provider for: Transaction processing: Not planned. Agency: General Services Administration; System name: Pegasys; Year deployed[A]: 2000; Vendor and software name[B]: CGI Momentum v.6.2.3; Use of external provider for: IT hosting: Migrated - federal SSP; Use of external provider for: Application management: Migrated - federal SSP; Use of external provider for: Transaction processing: Migrated - federal SSP. Agency: National Aeronautics and Space Administration; System name: SAP; Year deployed[A]: 2003; Vendor and software name[B]: SAP v.6.0; Use of external provider for: IT hosting: Undecided; Use of external provider for: Application management: Undecided; Use of external provider for: Transaction processing: Not planned. Agency: National Science Foundation[D]; System name: Financial Accounting System; Year deployed[A]: 1980's; Vendor and software name[B]: Custom; Use of external provider for: IT hosting: Undecided; Use of external provider for: Application management: Undecided; Use of external provider for: Transaction processing: Not planned. Agency: Nuclear Regulatory Commission[D]; System name: Federal Financial System; Year deployed[A]: 1992; Vendor and software name[B]: AMS Federal Financial System; Use of external provider for: IT hosting: Migrated - federal SSP; Use of external provider for: Application management: Migrated - federal SSP; Use of external provider for: Transaction processing: Migrated - federal SSP. Agency: Office of Personnel Management[D]; System name: Government Financial Information System; Year deployed[A]: 2001; Vendor and software name[B]: CGI Momentum and Procurement v.3.7.2/4.6; Use of external provider for: IT hosting: Migrated - commercial provider; Use of external provider for: Application management: Migrated - commercial provider; Use of external provider for: Transaction processing: Undecided. Agency: Small Business Administration[K]; System name: Loan Accounting System; Year deployed[A]: 1982; Vendor and software name[B]: Custom; Use of external provider for: IT hosting: Migrated - commercial provider; Use of external provider for: Application management: Migrated - commercial provider; Use of external provider for: Transaction processing: Not planned. Agency: Small Business Administration[K]; System name: Financial Reporting Information System/Consolidated General Ledger; Year deployed[A]: 2000; Vendor and software name[B]: Custom; Use of external provider for: IT hosting: Not planned; Use of external provider for: Application management: Not planned; Use of external provider for: Transaction processing: Not planned. Agency: Small Business Administration[K]; System name: OCFO Oracle Administrative Accounting System; Year deployed[A]: 2001; Vendor and software name[B]: Oracle Federal Financials v.11.5.10.2; Use of external provider for: IT hosting: Migrated - commercial provider; Use of external provider for: Application management: Migrated - commercial provider; Use of external provider for: Transaction processing: Undecided. Agency: Social Security Administration; System name: Social Security Online Accounting and Reporting Systems; Year deployed[A]: 2004; Vendor and software name[B]: Oracle Federal Financials v.12.0.6; Use of external provider for: IT hosting: Not planned; Use of external provider for: Application management: Not planned; Use of external provider for: Transaction processing: Not planned. Source: GAO survey of 24 CFO Act agencies. [A] Year deployed reflects agency responses on the fiscal year the system was first placed into operation. [B] Vendor and software name include the current software name and version reported by the agency. In addition, CGI now owns Momentum and Federal Financial System (FFS), which were purchased from American Management Systems (AMS), and Oracle now owns PeopleSoft. [C] According to its survey response, the Agency for International Development has partnered with the Department of State for the department to provide certain hosting, application management, and transaction processing services supporting Agency for International Development's core financial system. However, the Department of State is not a designated federal SSP as defined by OMB. Therefore, Agency for International Development is not shown as using an external provider. [D] This agency plans to replace its current core financial system. See table 6 for additional details regarding the core financial system the agency plans to fully deploy after September 30, 2009. [E] The Department of Defense (DOD) has over 100 core financial systems; however, officials only provided a response for one core financial system that was fully deployed as of September 30, 2009. Upon inquiry, DOD officials could not provide sufficient information concerning DOD's current core financial systems. [F] The Department of Health and Human Services plans to replace one of its three current core financial systems. See table 6 for additional details regarding the core financial system the agency plans to fully deploy after September 30, 2009. [G] The Department of Homeland Security plans to replace its current core financial systems with one planned system. See table 6 for additional details regarding the core financial system the agency plans to fully deploy after September 30, 2009. [H] The Department of Housing and Urban Development plans to replace all three of its current core financial systems with one planned system. See table 6 for additional details regarding the core financial system the agency plans to fully deploy after September 30, 2009. [I] The Department of Justice plans to replace five of its six current core financial systems with one planned system. See table 6 for additional details regarding the core financial system the agency plans to fully deploy after September 30, 2009. [J] At the time of our survey, the Department of Veterans Affairs planned to replace this system. Subsequent to conducting our survey, the project planned to replace this system was canceled, and according to department officials, they have not decided whether to replace this system. [K] The Small Business Administration plans to replace all three of its current core financial systems with one planned system. See table 6 for additional details regarding the core financial system the agency plans to fully deploy after September 30, 2009. [End of table] In addition to completing separate questionnaires concerning current core financial systems that were fully deployed as of September 30, 2009, agencies completed separate questionnaires for 20 core financial systems, including 14 civilian and 6 defense systems, that they planned to fully deploy after that date, as shown in table 6. The surveys were conducted prior to the issuance of OMB's new guidance. Accordingly, the impact, if any, of the new policy on agencies' plans to deploy new core financial systems is not reflected in table 6. Some of these systems have already been partially deployed at bureaus or other subagency components within the agencies, and therefore some services may have already been migrated to an external provider even though full deployment had not yet occurred as of September 30, 2009. Of these systems, 10 agencies reported that they have already migrated, or plan to migrate, IT hosting and application management services supporting 10 systems; 4 agencies reported that they either do not plan, or had not yet made a decision, to migrate both these services supporting 4 systems; and 1 agency, the Department of Defense, reported that it did not plan to migrate these services for 4 planned systems and had migrated both services for 1 system and application management services for 1 system. In addition, 4 agencies reported that they plan to rely on external providers to provide transaction processing services supporting 4 planned systems. Table 6: Core Financial Systems CFO Act Agencies Plan to Fully Deploy after September 30, 2009: Agency[A]: Department of Agriculture; System name: Financial Management Modernization Initiative; Year to be deployed[B]: 2012; Vendor and software name: SAP v. 6.0; Use of external provider for: IT hosting: Not planned; Use of external provider for: Application management: Not planned; Use of external provider for: Transaction processing: Not planned. Agency[A]: Department of Defense; System name: Logistics Modernization Program; Year to be deployed[B]: 2011; Vendor and software name: SAP ECC6.0; Use of external provider for: IT hosting: Migrated - commercial provider; Use of external provider for: Application management: Migrated - commercial provider; Use of external provider for: Transaction processing: Migrated - commercial provider. Agency[A]: Department of Defense; System name: General Fund Enterprise Business System; Year to be deployed[B]: 2012; Vendor and software name: SAP ERP v.6.0 and SAP v.7.0; Use of external provider for: IT hosting: Not planned; Use of external provider for: Application management: Migrated - commercial provider; Use of external provider for: Transaction processing: Not planned. Agency[A]: Department of Defense; System name: Defense Agencies Initiative; Year to be deployed[B]: 2013; Vendor and software name: Oracle-E Business Suite 11.5.10.2; Use of external provider for: IT hosting: Not planned; Use of external provider for: Application management: Not planned; Use of external provider for: Transaction processing: Undecided. Agency[A]: Department of Defense; System name: Defense Enterprise Accounting and Management System; Year to be deployed[B]: 2015; Vendor and software name: Oracle E-Business Suite v.11i; Use of external provider for: IT hosting: Not planned; Use of external provider for: Application management: Not planned; Use of external provider for: Transaction processing: Not planned. Agency[A]: Department of Defense; System name: Expeditionary Combat Support System; Year to be deployed[B]: 2017; Vendor and software name: Oracle E-Business Suite v.R12; Use of external provider for: IT hosting: Not planned; Use of external provider for: Application management: Not planned; Use of external provider for: Transaction processing: Not planned. Agency[A]: Department of Defense; System name: Navy-ERP; Year to be deployed[B]: 2013; Vendor and software name: SAP ERP v.5.0; Use of external provider for: IT hosting: Department of Education: Not planned; Use of external provider for: Application management: Department of Education: Not planned; Use of external provider for: Transaction processing: Department of Education: Not planned. Agency[A]: Department of Education; System name: Financial Management Support System Release 12; Year to be deployed[B]: 2014; Vendor and software name: Oracle Federal Financials v.12; Use of external provider for: IT hosting: Undecided; Use of external provider for: Application management: Not planned; Use of external provider for: Transaction processing: Not planned. Agency[A]: Department of Health and Human Services; System name: Healthcare Integrated General Ledger Accounting System; Year to be deployed[B]: 2012; Vendor and software name: Oracle E-Business Suite, v.11.5.10; Use of external provider for: IT hosting: Migrated - commercial provider; Use of external provider for: Application management: Migrated - commercial provider; Use of external provider for: Transaction processing: Not planned. Agency[A]: Department of Homeland Security; System name: Transformation and Systems Consolidation; Year to be deployed[B]: 2018; Vendor and software name: To be determined; Use of external provider for: IT hosting: Planned - provider undetermined; Use of external provider for: Application management: Planned - provider undetermined; Use of external provider for: Transaction processing: Planned - provider undetermined. Agency[A]: Department of Housing and Urban Development; System name: HUD Integrated Core Financial System; Year to be deployed[B]: Unknown; Vendor and software name: Oracle-PeopleSoft Federal Financials v9.x; Use of external provider for: IT hosting: Planned - provider undetermined; Use of external provider for: Application management: Planned - provider undetermined; Use of external provider for: Transaction processing: Not planned. Agency[A]: Department of the Interior; System name: Financial and Business Management System; Year to be deployed[B]: 2013; Vendor and software name: SAP v.6.0; Use of external provider for: IT hosting: Migrated - federal SSP; Use of external provider for: Application management: Migrated - federal SSP; Use of external provider for: Transaction processing: Not planned. Agency[A]: Department of Justice; System name: Unified Financial Management System; Year to be deployed[B]: 2013; Vendor and software name: CGI Momentum; Use of external provider for: IT hosting: Not planned; Use of external provider for: Application management: Not planned; Use of external provider for: Transaction processing: Not planned. Agency[A]: Department of Labor; System name: New Core Financial Management System; Year to be deployed[B]: 2010; Vendor and software name: Oracle Federal Financials R12; Use of external provider for: IT hosting: Planned - commercial provider; Use of external provider for: Application management: Planned - commercial provider; Use of external provider for: Transaction processing: Planned - commercial provider. Agency[A]: Department of Veterans Affairs; System name: Integrated Financial Accounting System[C]; Year to be deployed[B]: 2014; Vendor and software name: To be determined; Use of external provider for: IT hosting: Planned - provider undetermined; Use of external provider for: Application management: Planned - provider undetermined; Use of external provider for: Transaction processing: Not planned. Agency[A]: Environmental Protection Agency; System name: Financial System Modernization Project; Year to be deployed[B]: 2012; Vendor and software name: CGI Momentum v.6.4x; Use of external provider for: IT hosting: Planned - commercial provider; Use of external provider for: Application management: Planned - commercial provider; Use of external provider for: Transaction processing: Not planned. Agency[A]: National Science Foundation; System name: iTRAK; Year to be deployed[B]: 2016; Vendor and software name: To be determined; Use of external provider for: IT hosting: Undecided; Use of external provider for: Application management: Undecided; Use of external provider for: Transaction processing: Not planned. Agency[A]: Nuclear Regulatory Commission; System name: Financial Accounting and Integrated Management Information System; Year to be deployed[B]: 2011; Vendor and software name: CGI Momentum Financials; Use of external provider for: IT hosting: Planned - federal SSP; Use of external provider for: Application management: Planned - federal SSP; Use of external provider for: Transaction processing: Migrated - federal SSP. Agency[A]: Office of Personnel Management; System name: Consolidated Business Information System; Year to be deployed[B]: 2011; Vendor and software name: Oracle E-Business Suite/Hyperion R.12 and PRISM 6.1; Use of external provider for: IT hosting: Migrated - commercial provider; Use of external provider for: Application management: Migrated - commercial provider; Use of external provider for: Transaction processing: Undecided. Agency[A]: Small Business Administration; System name: Loan Management and Accounting System; Year to be deployed[B]: 2015; Vendor and software name: Oracle E-Business Suite R.12; Use of external provider for: IT hosting: Planned - commercial provider; Use of external provider for: Application management: Planned - commercial provider; Use of external provider for: Transaction processing: Undecided. Source: GAO survey of 24 CFO Act agencies. [A] Planned projects listed reflect agency responses to survey for planned systems as of September 30, 2009 and are subject to change based on reviews being conducted under OMB Memorandum M-10-26 issued in June 2010. Based on original survey responses, the following nine agencies do not have plans to deploy additional core financial systems after September 30, 2009: Agency for International Development, Department of Commerce, Department of Energy, Department of State, Department of the Treasury, Department of Transportation, General Services Administration, National Aeronautics and Space Administration, and Social Security Administration. [B] Year to be deployed reflects agency responses on the fiscal year the system is planned to be fully deployed. [C] Subsequent to conducting our survey, according to the Department of Veterans Affairs, this project was canceled. [End of table] [End of section] Appendix III: Case Studies of Agency Migration and Modernization Efforts: Additional information concerning selected federal agencies' migration and modernization efforts is presented in this appendix. The four case study agencies are USDA, FCC, DOJ, and OPM. All four of these agencies reported similar reasons for undertaking efforts to modernize their core financial systems, including reliance on out-dated software that adversely affected their ability to meet financial management challenges, and had a goal of implementing a solution that will provide agencywide, streamlined, real-time accounting and reporting capability. We did not evaluate the effectiveness of the acquisition and implementation processes used by the case study agencies or verify the data provided. Department of Agriculture: Project details: Financial Management Modernization Initiative; Planned software solution: SAP; IT Hosting: USDA National Finance Center (NFC); USDA’s total estimated life cycle cost from 2007 to 2014: $300.3 million; Users: Agencywide 14,000 users at full deployment; Source: USDA. USDA is taking steps to modernize its core financial systems using a solution based on SAP commercial off-the-shelf (COTS) software that is intended to provide agencywide online, real-time transaction capability and access. USDA's Financial Management Modernization Initiative (FMMI) is intended to replace the Foundation Financial Information System (FFIS) and consolidate and eliminate multiple systems currently used in various USDA component agencies and staff offices. USDA launched FMMI after identifying the need to upgrade department and agency financial and administrative payment and program general ledger systems. In 2005, USDA began efforts to identify its new core financial system needs and took steps to determine what software and services could be provided by federal SSPs, private software vendors, and other commercial providers. Figure 1 and table 7 summarize the key migration and modernization activities used by USDA to identify and deploy a core financial system solution. Figure 1: Timeline of USDA's Key Migration and Modernization Activities: [Refer to PDF for image: timeline] March 2004: FMLOB initiative launched. August 2005: Initial alternatives analysis. December 2005: Request for information. August 2006: Solicitation for integrator and software. December 2008: Software selected/integrator selected. February 2009: IT host (NFC) selected. October 2009: Phase 1 deployed. December 2011: Final agency deployment. Sources: USDA officials and documentation. [End of figure] Table 7: USDA's Key Migration and Modernization Activities: Key activities: Identify need for new system; Description: In 2003, the vendor announced plans to stop supporting its Federal Financial System (FFS), which was currently in place at USDA, requiring USDA to determine whether to maintain the system itself or replace it. USDA external auditors had also identified control deficiencies related to the current system. Two additional requirements USDA identified were to get real-time transaction updates as opposed to batch updates, and consolidate multiple legacy software systems with one core financial system. Based on these factors, USDA began efforts to determine the most effective way to move forward. Key activities: Perform alternatives analysis; Description: In the 2005 alternatives analysis, USDA considered four alternatives (with associated estimated costs for the 2006 to 2020 time frame): * OMB-designated federal SSP ($766 million); * Commercial vendor ($604 million); * In-house ($588 million); * In-house/SSP hybrid ($781 million); USDA also documented consideration of outsourcing integration, IT hosting, application management, and business processing functions. According to agency officials, the large volume of USDA transactions was a concern for the federal SSPs, particularly with respect to business processing functions. USDA chose the in-house solution based on a combination of lower cost, value, and risk factors. USDA determined that the in-house alternative would have less adverse impact on financial management operations at USDA. Currently, USDA hosts its existing system at the National Finance Center (NFC), and USDA officials stated most of the infrastructure is already in place to host the new system. Key activities: Solicitations and contract awards for software and determined services; Description: USDA performed a combined public-private competition for implementation and integration and software services. It received offers from three commercial vendors and no federal SSPs. USDA chose a FSIO/Joint Financial Management Improvement Program-certified COTS core financial software product with implementation and integration support from a private contractor. In addition, USDA conducted a public-private competition for IT hosting, and found that an in-house solution would be best. USDA received three offers from federal processing centers, and chose NFC for IT hosting. Key activities: Deployment status and reported challenges; Description: In October 2009, USDA deployed FMMI to headquarters and one agency and planned to continue deployment at its remaining agencies through the end of 2011. According to USDA officials, USDA made changes to the original schedule and delayed deployment to agencies because of funding constraints and management decisions. USDA performed a gap analysis and other reviews that identified a need for some system modifications, including interface with the Department of the Treasury Intra-Governmental Payment and Collection System and incorporation of the Common Government-wide Accounting Classification (CGAC) structure. USDA officials stated that a standard configuration had been developed and would be deployed at remaining bureaus within USDA. In addition to funding constraints and system modifications, USDA officials reported that reengineering its business processes and resistance to changes within the organization resulting from its FMMI efforts presented additional challenges. USDA officials also reported that because of USDA's unique needs and large transaction volume, migrating services supporting FMMI to an external provider would not be in its best interest at this time. Sources: USDA officials and documentation. [End of table] Federal Communications Commission: Project details: Core Financial Replacement System; Planned software solution: Momentum 6.3.4; IT hosting and application management: CGI; FCC’s total estimated life cycle cost from 2006 to 2018: $32.8 million; Users: Agencywide 250 users at full deployment. Source: FCC. FCC identified a need to modernize its core financial systems and selected a Web-based version of Momentum COTS software to provide agencywide online, real-time transaction capability and access. FCC's planned new core financial system is also intended to interface electronically with common governmentwide software applications and to replace a number of peripheral supporting software applications currently in use at FCC. FCC's Core Financial System Replacement Project is intended to replace the Federal Financial System (FFS), which is an older, nonintegrated system that relies on batch processing of transactions and is currently hosted by the Department of the Interior's National Business Center (NBC). The new core financial system is planned to be used as the system of record for all external reporting requirements, including financial statement preparation access and processing. In 2005, FCC began efforts to identify its core financial system needs and took steps to determine what software and services could be provided by federal SSPs, private software vendors, and other external providers. Figure 2 and table 8 summarize the key modernization and migration activities taken by FCC to identify and plan a core financial system solution. Figure 2: Timeline of FCC's Key Migration and Modernization Activities: [Refer to PDF for image: timeline] March 2004: FMLOB initiative launched. September 2005: Alternatives analysis. September 2006: Project Management Office contractor selected. May 2007: Request for information. September 2007: Solicitation for integrator and IT host. September 2008: Integrator and IT host selected. October 2010: Agency deployment. Sources: FCC officials and documentation. [End of figure] Table 8: FCC's Key Migration and Modernization Activities: Key activities: Identify need for new system; Description: FCC's previous host, NBC, notified the agency that it could no longer support FFS, which required FCC officials to assess whether they would maintain the system themselves or replace the system. FCC external auditors had also identified control deficiencies related to the current system. Two additional requirements FCC identified were to get real-time transaction updates as opposed to batch updates and comply with OMB initiatives related to standard business processes and external provider migration. Based on these factors, FCC began efforts to determine the most effective way to move forward with its financial management system. Key activities: Perform alternatives analysis; Description: In 2005, FCC officials performed a review to identify and assess possible alternatives for maintaining or replacing the core financial system. FCC determined qualitative considerations and estimated risk-adjusted life cycle costs for four alternatives: * Status quo ($16.2 million); * Modify existing core financial system ($19.8 million); * Develop a custom core financial system ($19.8 million); * Acquire a COTS product ($12.9 million); FCC determined that the fourth alternative, to acquire a certified COTS product, combined with IT hosting support, would meet FCC's goal of streamlining financial operations and incorporating FSIO requirements and standard business processes. The first two alternatives were not viable because the current FFS would not be supported after October 1, 2006. FCC noted that both the qualitative and quantitative information received for the alternatives analysis was highly preliminary and was not detailed. FCC planned to obtain more specific responses from the federal SSPs, major COTS product vendors, and system integrators in the federal marketplace during the contract competition process. FCC performed a separate review to determine what services should be outsourced and what functions should be performed in-house. Per agency officials, unique FCC accounting needs and the possible loss of flexibility and control contributed to officials' decision not to outsource business processing functions. Key activities: Solicitations and contract awards for software and determined services; Description: FCC performed a combined public-private competition for implementation, IT hosting, application management, and software services. Prior to the formal solicitation, FCC issued a market request questionnaire and received information about provider capabilities from nine commercial vendors and three federal SSPs. Of these, only four commercial vendors and one federal SSP submitted formal offers. FCC noted that the information provided by these external providers was useful, but evaluating available options was time consuming and challenging. Key activities: Deployment status and reported challenges; Description: Because FCC experienced some challenges with implementing the standard version of Momentum, it developed a modified version and plans to begin deployment on October 14, 2010. A project management office contractor assisted in developing and comparing specific FCC accounting requirements to Momentum standard processes. FCC asked CGI to incorporate some enhancements based on differences identified. Some of these enhancements related to newly developed FSIO standard business processes that though not yet required, FCC identified as needed. For example, FCC enhancements included specific details of interfaces with the FedDebt system, budgetary reporting functions, and incorporation of CGAC. FCC officials commented that their comprehensive review and inclusion of requirements in their solicitation package will be a critical factor in determining the success of their migration efforts. They also commented that they have developed an effective plan for monitoring contractor performance, and handling changing requirements and customer needs that will also be critical factors to the success of their migration efforts. Sources: FCC officials and documentation. [End of table] Department of Justice: Project details: Unified Financial Management System; Planned software solution: CGI Federal Momentum Financials; DOJ’s total estimated life cycle cost from 2003 to 2021: $1.1 billion; Users: Agencywide 35,000 users at full deployment. Source: DOJ. DOJ is configuring its Unified Financial Management System (UFMS) to improve financial management and procurement operations across DOJ. UFMS is planned to replace six core financial management systems and multiple procurement systems currently operating across DOJ with an integrated COTS solution. According to officials, UFMS should allow DOJ to streamline and standardize business processes and procedures across all of its components, providing secure, accurate, timely, and useful financial data to financial and program managers across the department, and produce component-and department-level financial statements. In addition, the system is intended to assist DOJ by improving financial management performance and to aid departmental components in addressing the material weaknesses and nonconformances in internal controls, accounting standards, and systems security identified by DOJ's Office of Inspector General. Finally, the system is intended to provide procurement functionality to streamline business processes, provide consolidated management information, and provide the capability to meet all mandatory requirements of the Federal Acquisition Regulation and the Justice Acquisition Regulations. In 2003, DOJ began efforts to identify its new core financial system needs and took steps to determine what software and services could be provided by private software vendors and other external providers. Figure 3 and table 9 summarize the key migration and modernization activities taken by DOJ to identify and deploy a core financial system solution. Figure 3: Timeline of DOJ's Key Migration and Modernization Activities: [Refer to PDF for image: timeline] February 2003: Solicitation for software. May 2003: Initial alternatives analysis. March 2004: Software contract award. March 2004: FMLOB initiative launched. May 2005: Solicitation for integrator. December 2005: Integrator selected. June 2006: Independent verification and validation contractor selected. January 2009: Drug Enforcement Administration deployment. September 2013: Final agency deployment. Sources: DOJ officials and documentation. [End of figure] Table 9: DOJ's Key Migration and Modernization Activities: Key activities: Identify need for new system; Description: In 2003, the vendor announced plans to stop supporting FFS, which required DOJ to determine if it would maintain the system itself or replace the system. In addition, DOJ determined that it wanted a single, unified financial management system across the department to streamline interagency business processes and reporting. By consolidating multiple legacy software systems into one core financial system, it hoped to reduce auditor-reported internal control weaknesses. Key activities: Perform alternatives analysis; Description: In the 2003 alternatives analysis, three alternatives were considered as follows (with estimated costs): * Status quo ($532.4 million); * Cross-servicing with another agency ($606.8 million); * COTS implementation ($609.7 million); The COTS implementation solution was chosen based on best overall value. The COTS option scored significantly higher on the qualitative analysis than the other two options. According to DOJ officials, this option was chosen to significantly improve financial management processes and procedures and reduce the cost of operations and maintenance for financial management across the department. Key activities: Solicitations and contract awards for software and determined services; Description: DOJ first held a competition for software in 2003; it received offers from four commercial vendors and selected Momentum. In 2005, DOJ held another public-private competition for integration and implementation services. It received offers from two commercial vendors. In a separate selection process, another contractor was chosen to perform independent verification and validation services. While moving through the modernization decision process, DOJ considered outsourcing services. However, DOJ decided it would be most advantageous to pursue standardizing and unifying its financial management system in-house prior to pursuing outsourcing options. DOJ cited concerns as to whether external providers could handle its transaction capacity and classified data needs, and decided to consider becoming an SSP after its implementation is completed. As a result, no competitions were conducted for IT hosting, application management, and transaction processing. Key activities: Deployment status and reported challenges; Description: DOJ's implementation approach is intended to ensure standardization and complement the Momentum base product, which allows for standard processes, data, and reporting capabilities. DOJ will utilize a shared configuration of Momentum throughout the department. This agency configuration has only been fully deployed at one component, the Drug Enforcement Administration, and was partially deployed at four additional components. The deployment timeline was adjusted because of funding challenges and refinement of the implementation strategy to include updated technology. Staged deployment is planned to continue at remaining bureaus through the end of 2013. DOJ officials cited challenges associated with storage of secure data, large capacity, and resistance to change in connection with their UFMS modernization efforts. Sources: DOJ officials and documentation. [End of table] Office of Personnel Management: Project details: Consolidated Business Information System; Planned software solution: Oracle v12; IT hosting and application management: Accenture; OPM’s total estimated life cycle cost from 2008 to 2018: $135.4 million; Users: Agencywide 1,500 users at full deployment. Source: OPM. OPM is taking steps to modernize its core financial systems using a solution based on Oracle COTS software that is intended to provide agencywide online, real-time transaction capability and access. The Consolidated Business Information System (CBIS) is intended to consolidate and eliminate multiple systems currently used by OPM with the initial deployment October 1, 2009, replacing the Government Financial Information System (GFIS). GFIS included CGI Momentum, which is used for salaries and expenses, and a revolving fund. OPM deployed phase I, release 1 of CBIS to replace Momentum and, according to officials, plans to launch phase II to incorporate trust fund accounting are currently under review by OPM leadership. Under CBIS, OPM also replaced its contract administration software, Procurement Desktop, with the Compusearch PRISM solution during phase I, release 1. In 2005, OPM began efforts to identify its core financial system needs and took steps to determine what software and services could be provided by federal SSPs, private software vendors, and other external providers. Figure 4 and table 10 summarizes the key actions taken and challenges encountered by OPM in identifying a core financial system solution. Figure 4: Timeline of OPM's Key Migration and Modernization Activities: [Refer to PDF for image: timeline] March 2004: FMLOB initiative launched. June 2005: First alternatives analysis. September 2005: IT host (BPD) selected. January 2007: Revised alternatives analysis. July 2007: Request for information. November 2007: Solicitation of integrator and host. August 2008: Integrator/host selected. October 2009: Phase I deployed. January 2011: Phase II deployment. Sources: OPM officials and documentation. [End of figure] Table 10: OPM's Key Migration and Modernization Activities: Key activities: Identified need for new system; Description: In 2003, the vendor announced plans to stop supporting FFS, OPM's system for its trust funds at the time, requiring OPM to determine if it would maintain the system itself or replace the system. OPM decided to use this as an opportunity to improve and update agency business processes to current standards. In addition, it decided to reduce cuff or feeder systems and move to real-time transaction updates as opposed to batch updates. Key activities: Performed first alternatives analysis; Description: In the 2005 alternatives analysis, OPM considered the following three alternatives (estimated costs for the 2005 to 2014 time frame): * In-house upgrade to CGI-AMS's Momentum 6.x ($73.93 million); * Cross-service upgrade to CGI-AMS's Momentum 6.x ($55.95 million); * Cross-service migration to Oracle Federal Financials ($52.90 million); OPM noted that costs did not include amounts for data cleanup or business process reengineering. OPM chose the cross-service migration to Oracle Federal Financials because of its strong financial benefits, integrated core accounting with internal and external feeder systems, and real-time ad hoc reporting features. OPM entered into an interagency agreement with the Department of the Treasury's Bureau of Public Debt (BPD) in 2005 for IT hosting and other services but, according to OPM officials, mutually agreed to discontinue the interagency agreement based on BPD's inability to meet OPM's reimbursable business needs. Key activities: Performed second alternatives analysis; Description: In 2007, OPM performed a second alternatives analysis with three other options considered (estimated risk-adjusted life cycle costs): * Cross-service integration/migration to IT hosting vendor ($69.4 million); * Cross-service for IT hosting service ($53.2 million); * Cross-service migration with federal SSP ($50.5 million); OPM chose cross-service integration/migration to IT hosting vendor because it enabled the agency to extricate itself from the business of implementing and managing financial systems, provided significantly improved processes, and reduced operations and maintenance costs. OPM decided to keep transaction processing in-house for control and staffing purposes. Key activities: Solicitations and contract awards for software and determined services; Description: In 2005, an interagency agreement provided that BPD would perform IT hosting and other services. Then in 2007, OPM conducted a combined public-private competition for software, integration, and hosting services. One federal and five commercial providers submitted offers. From these, three commercial providers were determined to be in the competitive range and provided demonstrations to OPM. During the modernization process, OPM considered outsourcing services and determined that it was only advantageous to outsource IT hosting and application management. Unique needs, loss of control, and staffing concerns were the main disadvantages cited to migrating transaction processing. Key activities: Deployment status and reported challenges; Description: Phase I deployment occurred in October 2009 for key accounting transactions including salary, expense, and revolving fund transactions. In addition, the results of mock conversions identified some enhancements needed to specific interfaces and customizations. The systems integrator/host demonstrated that CGAC elements are included in the Oracle instance used by OPM. OPM has unique trust fund requirements that may require review and approval from OMB to supplement the standard Oracle configuration upon initiation of phase II of CBIS. Phase II deployment planned for fiscal year 2011 was delayed 1 year because of problems with the RetireEZ system development. OPM originally considered a phase III of CBIS. However, an official assessment or approval for a phase III of CBIS has not yet occurred. According to OPM officials, leadership changes at pivotal points in the modernization process have been problematic for OPM. Sources: OPM officials and documentation. [End of table] [End of section] Appendix IV: Key Characteristics of Selected External Providers: OMB designated four federal entities--(1) the National Business Center of the Department of the Interior; (2) the Administrative Resource Center, Bureau of Public Debt, of the Department of the Treasury; (3) the Federal Integrated Solutions Center of the General Services Administration; and (4) the Enterprise Services Center of the Department of Transportation--as SSPs for federal financial management. All four SSPs offer IT hosting, application management, transaction processing, and system implementation services or have a structure for providing all four of these services. Although the SSPs offer the four basic services mentioned above, the specific services provided may vary based on the requirements, size, and complexity of the client agency. SSPs typically offer a range of the following four basic services: * IT hosting services may include systems management and monitoring, disaster recovery, help desk, network security compliance and controls, and continuity of operations plans and testing. * Application management services may include system/software administration, application configuration, application setup and security, user access and maintenance, configuration management, and coordination of application upgrades and fixes. * Transaction processing services may include account maintenance and reconciliation, financial reporting, regulatory and managerial reporting, standard general ledger reconciliation, payment processing, billings and collections, accounts payable, accounts receivable, travel payments, relocation payments, budgetary transactions, and fixed asset accounting. * System implementation services may include implementation and integration support services, requirements analysis, system conversions, project management, systems testing, change management, and training. To help monitor and measure the performance of selected external providers in connection with the financial management line of business (FMLOB) services they provide, SSPs and agencies rely on service-level agreements, which are binding agreements that define the specific level and quality of the operational and maintenance services that an external provider will provide to a customer agency and outline penalties and incentives that may arise from not performing or exceeding the expected service levels. The inclusion of appropriate and clearly defined performance measures and metrics in service-level agreements is important for ensuring the usefulness of this tool. OMB's FMLOB Migration Planning Guidance defines the four service categories and related performance metrics. Although specific metrics included in service-level agreements are negotiated and may vary, examples of performance metrics related to the services described above include the following: (1) For IT hosting, system availability; average total response time for system components; resolution time for critical, high, medium, and low incidents; number of security incidents in the past year; and file recovery time. (2) For application management, average time to restore mission- critical application functionality; unplanned downtime; percentage of on-time upgrades; and average retrieval time for archived data. (3) For transaction processing, invoice process cycle time; percentage of financial transactions with errors; average business days to close the books; and number of business days to report after closing books. (4) For system implementation services, percentage of standard financial management system requirements fulfilled; percentage of satisfactory postimplementation survey responses; and reduction in help desk volume. SSPs are also required to operate and maintain a COTS software package in compliance with FSIO core financial system requirements. As shown in table 11, three of the four SSPs use the Oracle software package, while two of the four use a Momentum software package. One SSP offers SAP software. In addition to the software offered by each SSP, table 11 also provides an overview of key characteristics of the four OMB- designated federal SSPs including detailed information regarding the number of full-time equivalent staff dedicated to providing financial management services and the clients they serve. The selected characteristics provide context for the financial management systems- related operations of the four federal SSPs. Table 11: Key Characteristics of OMB-Designated Federal Shared Service Providers: Parent organization; Enterprise Services Center: Department of Transportation; National Business Center: Department of the Interior; Administrative Resource Center: Bureau of the Public Debt, Department of the Treasury; Federal Integrated Solutions Center: General Services Administration. Total number of client agencies[A]; Enterprise Services Center: 7; National Business Center: 26; Administrative Resource Center: 18; Federal Integrated Solutions Center: 46. Number of CFO Act agency clients; Enterprise Services Center: 1; National Business Center: 3; Administrative Resource Center: 2; Federal Integrated Solutions Center: 1. Number of non-CFO Act agency clients; Enterprise Services Center: 6; National Business Center: 23; Administrative Resource Center: 16; Federal Integrated Solutions Center: 45. Funding structure[B]; Enterprise Services Center: Franchise fund; National Business Center: Working capital fund; Administrative Resource Center: Franchise fund; Federal Integrated Solutions Center: Working capital fund. Full-time equivalents dedicated to financial management system activities; Enterprise Services Center: 440; National Business Center: 267; Administrative Resource Center: 170; Federal Integrated Solutions Center: 22. Software offered[C]; Enterprise Services Center: Oracle; National Business Center: Momentum, SAP, Oracle; Administrative Resource Center: Oracle; Federal Integrated Solutions Center: Momentum. Instances[D]; Enterprise Services Center: One instance; National Business Center: For Momentum, four separate instances; for SAP, one instance; and for Oracle, two instances (13 of 14 clients are on one instance); Administrative Resource Center: Three instances (16 of 18 clients are on one instance); Federal Integrated Solutions Center: One instance. Source: GAO analysis of SSP data. [A] The total numbers of clients listed for each SSP were derived by counting each overall agency as one client (i.e., multiple agency components were counted as one agency). [B] Franchise funds and working capital funds are types of intragovernmental revolving funds that operate as government-run, self- supporting, businesslike enterprises to provide a variety of common administrative services (e.g., information technology support and transaction processing) to other federal agencies on a fee-for-service basis. These funds are required to recover the full costs of services provided from the agencies they serve and often operate on a break- even basis over time. [C] According to National Business Center (NBC) officials, NBC is retiring its legacy system--the Federal Financial System (FFS). NBC no longer offers FFS to new clients as a software solution, and existing clients using FFS will migrate to other solutions. [D] According to federal SSP officials, an instance is a uniquely configured and separate installation of a software application. [End of table] [End of section] Appendix V: Reported Benefits and Challenges Related to Agency Migration and Modernization Efforts: This appendix includes additional details on the key benefits and challenges of agencies migrating their core financial systems to external providers for IT hosting, application management, and transaction processing. The potential benefits and challenges include those reported by the CFO Act agencies in response to our survey. The surveys were conducted prior to the issuance of OMB's new guidance. Accordingly, the effect, if any, of the new policy is not reflected in agencies' responses. Non-CFO Act agencies' use of external providers also highlights potential benefits and challenges. While external providers cited efforts to address agency concerns, they also highlighted their own concerns and challenges with agency migrations. We also noted other migration challenges related to OMB's guidance on competitions. Potential Benefits of Agency Migrations Reported by CFO Act Agencies: Based on survey responses concerning the potential advantages and disadvantages of migrating core financial system support services, 16 of the 24 (67 percent) CFO Act agencies believe that the benefits of migrating IT hosting greatly or somewhat outweighed their concerns, while 14 of 24 (58 percent) reported similar perceptions concerning the benefits of migrating application management services to external providers. In comparison, as shown in table 12, the responses indicated the perception that potential disadvantages outweigh any potential advantages of migrating transaction processing services to an external provider for 10 of the 24 (42 percent) CFO Act agencies. Table 12: CFO Act Agency Perspectives on Migrating and Modernizing Core Financial Systems: Type of service: IT hosting; Advantages greatly outweigh disadvantages: 9; Advantages somewhat outweigh disadvantages: 7; Advantages equal to disadvantages: 2; Disadvantages somewhat outweigh advantages: 1; Disadvantages greatly outweigh advantages: 3; Don't know: 2. Type of service: Application management; Advantages greatly outweigh disadvantages: 8; Advantages somewhat outweigh disadvantages: 6; Advantages equal to disadvantages: 1; Disadvantages somewhat outweigh advantages: 3; Disadvantages greatly outweigh advantages: 5; Don't know: 1. Type of service: Transaction processing; Advantages greatly outweigh disadvantages: 1; Advantages somewhat outweigh disadvantages: 1; Advantages equal to disadvantages: 3; Disadvantages somewhat outweigh advantages: 5; Disadvantages greatly outweigh advantages: 10; Don't know: 4. Source: GAO analysis of CFO Act agencies' survey responses. [End of table] According to CFO Act agency responses to our survey, some of the potential benefits of migrating the IT hosting, application management, and transaction processing services for agencies' core financial systems to external providers include the following: * Potential cost savings through shared resources. For example, the Nuclear Regulatory Commission cited cost reductions in equipment purchase and maintenance costs, as well as the number of staff needed to maintain the application and process transactions. * Allowing agency to focus on mission. For example, OPM stated that migrating its financial management system to an IT hosting provider enables OPM to extricate itself from the business of managing financial systems, transfers some of the risk associated with implementing and maintaining the system, and allows the CFO organization to concentrate on its goal of providing strategic direction based on financial data. * Greater efficiency and reliability through experienced staff. For example, the Department of Transportation stated in its survey response that benefits include having a provider that has experience with the specific equipment, operations, and maintenance required by the hosted application. Reported Potential Benefits on the Use of Federal SSPs by Non-CFO Act Agencies: According to Small Agency Council officials, small agencies are more likely to migrate to external providers because they do not have sufficient resources to support infrastructures required to operate and maintain core financial systems. For example, according to one federal SSP, many of its clients consist of small commissions, such as the Election Assistance Commission, that rely on the "end-to-end" services the SSP provides. Further, according to officials at the four federal SSPs, their efforts toward acquiring additional clients are primarily focused on small to midsized agencies that may lack sufficient resources or expertise to meet their core financial system needs. The following summarizes the key reported benefits for non-CFO Act agencies. * Potential cost savings through shared resources. Based on information provided by SSP officials, their clients share the same instance of core financial software hosted and maintained by SSPs with eight or more other clients, on average.[Footnote 72] Federal SSP officials stated that the use of shared instances and other tools, such as standard interfaces that facilitate the exchange of data between core financial systems and other systems, enables agencies to realize significant cost savings by spreading IT hosting, maintenance, and other related costs among multiple clients. * Greater efficiency and reliability. According to FCC officials, FCC is currently modernizing its core financial system and is migrating to a commercial provider to take advantage of the provider's expertise in acquiring and maintaining the latest technology to meet FCC's needs. Further, since federal SSPs process transactions for multiple agencies, they are able to devote more resources toward processing complex transactions than smaller agencies that may not individually be required to handle such transactions on a regular basis. For example, according to one SSP, although many agencies do not process a large number of transactions involving employees' permanent changes in duty stations, the SSP maintains the expertise and capability to efficiently process these complex transactions on a regular basis because of the volume it is required to handle on behalf of all its clients. * Enhanced compliance with federal standards. External providers are working to incorporate changes in software to facilitate agencies' efforts to comply with new standards and requirements, such as the Common Governmentwide Accounting Classification (CGAC) and other recently issued standard business processes.[Footnote 73] According to a federal SSP official, having a limited number of providers incorporate these changes into a common solution shared by multiple agencies, rather than each agency spending valuable resources to accomplish the same objective on its own, represents a significant advantage for the agencies relying on the shared solutions the SSP provides. Reported Challenges Related to Agency Modernization and Migration Efforts: CFO Act agencies highlighted system implementation disciplined processes, along with reengineering their business processes, among the greatest modernization challenges they face. Additional information on these and other reported key challenges affecting CFO Act agency modernization and migration efforts can be found in table 13. Table 13: Reported Key Challenges Affecting CFO Act Agency Migration and Modernization Efforts: Type of challenge: Reengineering business processes to take most advantage of available resources and technologies; Number of responses[A]: 18. Type of challenge: Reengineering business processes to conform to newly issued Financial Management Systems Standard Business Processes for U.S. Government Agencies, issued by FSIO and the CGAC structure; Number of responses[A]: 17. Type of challenge: System implementation activities related to configuration and interfaces; Number of responses[A]: 16. Type of challenge: System implementation activities related to testing; Number of responses[A]: 16. Type of challenge: Obtaining/maintaining adequate project team resources with appropriate expertise and leadership; Number of responses[A]: 16. Type of challenge: Addressing existing financial management system and other related deficiencies; Number of responses[A]: 15. Type of challenge: System implementation activities related to data conversion; Number of responses[A]: 15. Type of challenge: System implementation activities related to requirements management; Number of responses[A]: 13. Type of challenge: System implementation activities related to risk management; Number of responses[A]: 12. Type of challenge: Obtaining adequate funding; Number of responses[A]: 12. Type of challenge: Identifying external providers with the ability to meet agency requirements; Number of responses[A]: 12. Type of challenge: Adhering to federal acquisition requirements and processes; Number of responses[A]: 11. Type of challenge: Managing, evaluating, and monitoring external provider performance throughout period of performance; Number of responses[A]: 10. Type of challenge: System implementation activities related to project management; Number of responses[A]: 10. Type of challenge: Justifying migration of core financial system to external providers as better value than existing in-house services or other alternatives; Number of responses[A]: 9. Type of challenge: Obtaining information on the performance of external providers (federal SSPs or other commercial vendors that provide FMLOB migration services) to select best provider; Number of responses[A]: 9. Type of challenge: Usefulness of FMLOB guidance and tools; Number of responses[A]: 8. Type of challenge: Obtaining commitment from top leadership; Number of responses[A]: 7. Source: GAO analysis of CFO Act agencies' survey responses. [A] Number of 24 CFO Act agency survey respondents indicating that the specified challenges were a great or moderate challenge to their agency's migration efforts excluding "Don't Know" and "N/A" responses. [End of table] The following summarizes key examples of CFO Act agency survey and case study results related to challenges associated with migrating IT hosting, application management, and transaction processing to external providers. * Department of Health and Human Services officials expressed concerns about the loss of control and risks associated with allowing another entity to manage or host the infrastructure on which an agency's critical data reside, which could become impaired or compromised. * Agencies cited concerns with the loss of flexibility associated with using the same setup and configurations across agencies in order to achieve efficiencies and cost savings governmentwide. In addition, agencies stated that they were reluctant to forgo their established business processes, noting that they would lose the benefits associated with their unique business processes and the technical expertise of internal staff who support and use them. For example, the Department of Energy cited concerns with losing agency capabilities and subject matter expertise and becoming totally reliant on the service provider. * Case study agency officials expressed concerns that although COTS products help enable agencies to use common platforms to modernize their core financial systems, the products need additional enhancements to help meet common agency needs. For example, these officials identified a need for (1) enhancements that effectively address new governmentwide CGAC and FSIO standard business processes[Footnote 74] and agency budgetary reporting needs and (2) common interfaces that facilitate the exchange of financial data between agency core financial systems and governmentwide systems, such as the FedDebt system. Further, recognizing that unreconciled intragovernmental information continues to impede the preparation of the federal government financial statements each year,[Footnote 75] they stated that intragovernmental transaction processing should be further clarified.[Footnote 76] * Case study agency officials stated that their agencies each worked individually with selected COTS vendors to produce enhanced solutions to meet their needs. For example, the case study agencies noted that they have had to develop interfaces to existing solutions such as payroll, travel, reporting, and FedDebt that should already be part of a standard configuration. Agency officials were unable to specify the portions of their modernization costs that are specifically attributable to meeting software and configuration needs they have in common with other agencies. Reported Challenges Related to OMB's Competition Framework: Although external providers acknowledged agency migration concerns and stated that they were taking steps to address them, they cited additional challenges affecting their migration-related efforts. For example, external provider officials stated that overcoming agencies' resistance to adapting their business processes to those used by external providers is a significant challenge. Further, according to one SSP official, although OMB had a goal of migrating agencies to a limited number of stable and high-performing providers, it lacked a clear mechanism for enforcing agencies, especially large agencies, migrate to an external provider in a manner consistent with the goals of the FMLOB initiative. Specifically, based on survey responses, CFO Act agencies reported that they were relying, or planning to rely, on a total of 6 different external providers for IT hosting and application management services supporting their planned systems and a total of 12 different providers to provide these services for their current systems. We also noted other challenges related to OMB's Competition Framework that affect agency and external provider migration efforts. OMB's Competition Framework, as well as revisions made to OMB Circular No. A- 127, require agencies to conduct competitions among external providers to help evaluate different options available for meeting their needs. The following is a summary of these reported challenges. * According to one federal SSP, some agency solicitations for shared services consist of lengthy, detailed requirements and other information that can sometimes result in unnecessarily expensive and time-consuming efforts to review and provide required responses. Federal SSP officials noted that the federal government may spend a significant amount of federal funds on demonstrations, especially in a situation where all four SSPs respond to a request for a demonstration from a single agency. Moreover, officials at SSPs also expressed concerns about the significant challenges they face in competing with commercial vendors and acquiring additional clients because of the limited resources they can devote to such activities. * Federal SSP officials stated that full cost recovery requirements associated with being a franchise fund or working capital fund place federal SSPs at an inherent disadvantage when competing against commercial vendors under OMB's Competition Framework.[Footnote 77] According to federal SSP officials, they may not bid on agency solicitations that would involve significant start-up costs to meet an agency's unique needs if doing so would not also benefit other clients they serve that would also bear a portion of these costs. These officials also stated that commercial vendors have more flexibility to price their bids aggressively in early years to acquire additional business and rely on efforts to recoup their costs in subsequent years. External providers also reported seeing an increase in agencies' desire to use firm-fixed price contracts and include performance incentives and disincentives in service-level agreements which, according to SSP officials, are difficult for them to accommodate because of full cost recovery requirements. * According to DOJ officials, DOJ did not conduct a competition because the department determined that federal SSPs could not accommodate its capacity, security requirements, and unique accounting needs based on limited information received about SSP capabilities and costs during preliminary planning discussions related to its financial management system modernization effort. However, DOJ officials acknowledged that they did not receive sufficient information to fully evaluate the capabilities of the federal SSPs and stated that they were not sure whether all aspects of their preliminary determination would hold true if more research were conducted and SSP capabilities had improved. [End of section] Appendix VI: GAO Contacts and Staff Acknowledgments: GAO Contacts: Kay L. Daly, (202) 512-9095 or dalykl@gao.gov: Naba Barkakati, (202) 512-2700 or barkakatin@gao.gov: Staff Acknowledgments: In addition to the contacts named above, individuals who made major contributions to this report were Chris Martin, Senior-Level Technologist; Michael LaForge, Assistant Director; Jehan Abdel-Gawad; Lauren Catchpole; Francine DelVecchio; F. Abe Dymond; Latasha Freeman; Wilfred Holloway; Jim Kernen; Theresa Patrizio; Carl Ramirez; Jerome Sandau; Pamela Valentine; and Carolyn Voltz. [End of section] Footnotes: [1] Under the Federal Financial Management Improvement Act of 1996, section 806(5), "financial system" includes an information system comprising one or more applications that is used to (1) collect, process, maintain, transmit, or report data about financial events; (2) support financial planning or budgeting activities; (3) accumulate and report cost information; or (4) support the preparation of financial statements. OMB Circular No. A-127, Financial Management Systems (Washington, D.C., Jan. 9, 2009) generally refers to financial systems as "core financial systems" and provides an additional description of their use and the functions they may perform, such as general ledger management, funds management, payment management, receivable management, and cost management. [2] According to OMB's FMLOB Migration Planning Guidance, hosting is defined as services that house, serve, and maintain files, software applications, and databases. Application management is defined as services to maintain, enhance, and manage all types of software applications, including maintenance, upgrades, and performance analysis. [3] OMB Circular No. A-127 states that if agencies cannot immediately migrate to an external provider (i.e., OMB-designated federal shared service providers and commercial vendors), they should take incremental steps by moving their hosting or application management support to a provider. Prior guidance contained in OMB's Competition Framework for FMLOB Migrations issued in May 2006 required agencies to consider, at a minimum, pursuing hosting and application management shared services. [4] GAO, Financial Management Systems: Additional Efforts Needed to Address Key Causes of Modernization Failures, [hyperlink, http://www.gao.gov/products/GAO-06-184] (Washington, D.C.: Mar. 15, 2006). [5] The term financial management systems includes the financial systems and the financial portions of mixed systems necessary to support financial management, including automated and manual processes, procedures, controls, data, hardware, software, and support personnel dedicated to the operation and maintenance of system functions. [6] GAO, Financial Management Systems: OMB's Financial Management Line of Business Initiative Continues but Future Success Remains Uncertain, [hyperlink, http://www.gao.gov/products/GAO-09-328] (Washington, D.C.: May 7, 2009). [7] [hyperlink, http://www.gao.gov/products/GAO-06-184]. [8] OMB Memorandum M-10-26, Immediate Review of Financial Systems IT Projects (Washington, D.C., June 28, 2010). [9] CFOs were established under 31 U.S.C. § 901(b) for 24 specific agencies that are subject to the CFO Act, as amended: the Departments of Agriculture (USDA), Commerce, Defense (DOD), Education, Energy, Health and Human Services, Homeland Security, Housing and Urban Development, the Interior, Justice (DOJ), Labor, State, Transportation, the Treasury, and Veterans Affairs; Environmental Protection Agency; National Aeronautics and Space Administration; Agency for International Development; General Services Administration (GSA); National Science Foundation; Nuclear Regulatory Commission; Office of Personnel Management (OPM); Small Business Administration; and Social Security Administration. [10] Case study agencies were selected to provide a mix of large and small agencies using different software solutions and having different past experiences concerning the use of external providers to support their core financial systems. Case studies were performed at three CFO Act agencies (DOJ, USDA, and OPM) and one non-CFO Act agency (the Federal Communications Commission). [11] The Small Agency Council is a voluntary management association representing about 80 small agencies with generally fewer than 500 employees. According to the council, its efforts are intended to help federal policy oversight agencies develop management policies affecting small agencies and exchange approaches for improving management and productivity in small agencies to strengthen their internal management practices. [12] The four OMB-designated federal SSPs are the Department of the Treasury's Bureau of Public Debt's Administrative Resource Center, the Department of the Interior's National Business Center, the Department of Transportation's Enterprise Services Center, and GSA's Federal Integrated Solutions Center. [13] Pub. L. No. 101-576, 104 Stat. 2838 (Nov. 15, 1990). [14] Pub. L. No. 104-208, div. A., § 101(f), title VIII, 110 Stat. 3009, 3009-389 (Sept. 30, 1996). [15] 40 U.S.C. §§ 11101-11704. [16] See our audit report on the federal government's 2009 and 2008 consolidated financial statements that was incorporated into the 2009 Financial Report of the United States Government published by the Department of the Treasury (Feb. 26, 2010). For fiscal years 2009 and 2008, auditors for 10 and 14 of the 24 CFO Act agencies, respectively, reported that the agencies' financial management systems did not substantially comply with one or more of the three FFMIA requirements. [17] OMB Memorandum, Update on the Financial Management Line of Business and the Financial Systems Integration Office (Washington, D.C., Dec. 16, 2005). [18] OMB Memorandum, Competition Framework for Financial Management Lines of Business Migrations (Washington, D.C., May 22, 2006). [19] OMB Circular No. A-127 prescribes policies and standards for executive departments and agencies to follow concerning their financial management systems. It also states that if agencies cannot migrate to a federal SSP or commercial provider immediately, then they should take incremental steps by moving their hosting or application management support to a provider. An agency is required to conduct public-private competitions (i.e., between federal SSPs and commercial vendors) in connection with its modernization efforts and may rely on its in-house operations if the agency demonstrates to OMB that its internal operations represent a best value and lower-risk alternative. [20] In December 2004, the Joint Financial Management Improvement Program (JFMIP) Principals voted to modify the roles and responsibilities of the JFMIP, resulting in the creation of FSIO. FSIO assumed responsibility for coordinating the work related to federal financial management systems requirements. [21] OMB Memorandum, Update on the Financial Systems Integration Office (Washington, D.C., Mar. 16, 2010). [22] OMB Memorandum M-10-26, Immediate Review of Financial Systems IT Projects. [23] [hyperlink, http://www.gao.gov/products/GAO-06-184]. [24] Table 1 includes the 23 civilian CFO Act agencies only. Because DOD officials did not provide comprehensive information concerning DOD's current core financial systems, we were unable to include DOD systems. [25] See appendix II for more information concerning DOD's survey responses. [26] An ERP system is an automated system using commercial off-the- shelf software and consisting of multiple, integrated functional modules that perform a variety of business-related tasks, such as accounts payable, general ledger accounting, and supply chain management. [27] LMP is an ERP system intended to transform the Army's logistics operations in six core processes: order fulfillment, demand and supply planning, procurement, asset management, materiel maintenance, and financial management. If effectively implemented, LMP is expected to provide the Army benefits associated with commercial best practices, such as inventory reduction, improved repair cycle time, and increased response time. Additionally, LMP is intended to improve supply and demand forecast planning and maintenance workload planning, and provide a single source of data for decision making. Through 2009, the Army has reportedly expended about $1.1 billion to implement LMP, and estimates a total life cycle cost in excess of $2.6 billion to procure and operate the system. When LMP is fully implemented, it is expected to include approximately 21,000 users at 104 locations worldwide, and it will be used to manage more than $40 billion worth of goods and services, such as inventory managed at the national level and repairs at depot facilities. [28] GAO, Defense Logistics: Actions Needed to Improve Implementation of the Army Logistics Modernization Program, [hyperlink, http://www.gao.gov/products/GAO-10-461] (Washington, D.C.: Apr. 30, 2010). [29] Two agencies reported plans to migrate their IT hosting or application management support services supporting two current core financial systems but had not yet identified a specific external provider, in part, because they were still evaluating their needs and the services that providers offer. [30] OMB Memorandum, The Office of Financial Innovation and Transformation (Washington, D.C., Mar. 30, 2010). [31] Although exact definitions vary, cloud computing can, at a high level, be described as a form of computing where users have access to scalable, on-demand IT capabilities that are provided through Internet- based technologies. [32] GAO, Information Security: Federal Guidance Needed to Address Control Issues with Implementing Cloud Computing, [hyperlink, http://www.gao.gov/products/GAO-10-513] (Washington, D.C.: May 27, 2010). [33] Disciplined processes represent best practices in systems development, acquisition, and implementation efforts that have been shown to reduce the risks associated with software development and acquisition efforts to acceptable levels and are fundamental to successful system implementations. [34] According to OMB's FMLOB Migration Planning Guidance, a service- level agreement is a mutually binding agreement negotiated between a service provider and a customer that defines the specific level and quality of the operational and maintenance services that an external provider will provide to a customer agency and outlines penalties and incentives that may arise from not performing or exceeding the expected service levels. The inclusion of appropriate and clearly defined performance measures and metrics in service-level agreements is important for ensuring the usefulness of this tool. See app. IV for additional information on selected metrics used to monitor and measure the performance of selected external providers in connection with the FMLOB services they provide. [35] In 2002, OMB identified 25 initiatives related, in part, to eliminating redundant, nonintegrated business operations and systems covering a wide spectrum of government, including the E-Payroll initiative, which involved the migration of payroll functions performed across 26 federal agencies to four payroll providers selected to furnish payroll services for the executive branch. [36] According to HRLOB migration guidance, the vision of the HRLOB initiative is to provide governmentwide, modern, cost-effective, standardized and interoperable human resource solutions providing common core functionality to support the strategic management of human capital and addressing duplicative and redundant human resources systems and processes across the federal government. The HRLOB governance structure establishes the oversight and development of common solution(s) for the transformation of the federal government to a standardized solution or set of solutions whereby customer agencies will have the option to choose from a public or private shared service center for their human resources functions and to facilitate a seamless integration of human resources solutions. According to OMB, the E-Payroll initiative benefits agencies by permitting them to focus on mission-related activities rather than on administrative payroll functions and helps to reduce payroll processing costs through economies of scale, avoiding the cost of duplicative capital system modernization activities, standardizing and consolidating governmentwide federal civilian payroll services and processes by simplifying and standardizing related policies and procedures and improving integration of payroll, human resources, and finance functions. [37] According to OMB Memorandum, Competition Framework for Human Resources Management Line of Business Migrations (Washington, D.C., May 18, 2007), agency HRLOB migrations shall result in the selection of an approved public or private sector shared service center with a demonstrated ability to leverage technology, expertise and other resources to achieve best value for the taxpayer. According to HRLOB Migration Planning Guidance, a panel composed of representatives from the HRLOB Multi-Agency Executive Strategy Committee reviewed and qualified the current shared service centers consisting of five public and four private sector shared service centers. In addition, OMB Memorandum, Consolidating and Standardizing Federal Civilian Payroll Processing (Washington, D.C., Jan. 10, 2003) provided E-Payroll migration guidance requiring executive branch agencies to migrate to two payroll processing partnerships (one partnership consisting of the Defense Finance and Accounting Service and GSA and the other consisting of USDA's National Finance Center and the Department of the Interior's National Business Center). [38] OMB, Fiscal Year 2010 Report to Congress on the Benefits of the E- Government Initiatives (Washington, D.C., January 2010). According to OPM, the final agency migration scheduled under the E-Payroll initiative was completed in September 2009. [39] OMB Memorandum, The Office of Financial Innovation and Transformation. [40] OMB Memorandum M-10-26, Immediate Review of Financial Systems IT Projects. [41] According to OMB, CFO Act agencies are required to halt (1) all financial system modernization projects with $20 million or more in planned spending on development or modernization expenses and (2) the issuance of new task orders for projects identified as high risk by OMB. According to OMB, such projects include those involving the deployment of core financial systems and noncore financial systems deployed in conjunction with other business systems. [42] OMB may employ flexibility regarding funds control for projects that have a proven track record of achieving specific milestones within well-defined segments. [43] OMB Memorandum, Update on the Financial Systems Integration Office. [44] See Institute of Electrical and Electronic Engineers Std. 1362- 1998. The institute is a nonprofit, technical professional association that develops standards for a broad range of global industries, including the IT and information assurance industries and is a leading source for defining best practices. [45] [hyperlink, http://www.gao.gov/products/GAO-06-184] and [hyperlink, http://www.gao.gov/products/GAO-09-328]. [46] GAO, Financial Management Systems: Lack of Disciplined Processes Puts Implementation of HHS' Financial System at Risk, [hyperlink, http://www.gao.gov/products/GAO-04-1008] (Washington, D.C.: Sept. 23, 2004). [47] According to 40 U.S.C. § 11315(a), an IT architecture is an integrated framework for evolving or maintaining existing, and acquiring new, IT to achieve the agency's strategic and information resources management goals. [48] [hyperlink, http://www.gao.gov/products/GAO-06-184]. [49] The Impoundment Control Act of 1974, 2 U.S.C. ch. 17B, prescribes the authorized purposes and procedures to be followed for impoundments of budget authority. An impoundment is any action or inaction by an officer or employee of the federal government that precludes obligation or expenditure of budget authority. [50] GAO, Impoundments Resulting from the President's Proposed Rescissions of October 28, 2005, B-307122 (Washington, D.C.: Mar. 2, 2006). [51] [hyperlink, http://www.gao.gov/products/GAO-06-184]. [52] According to the Results Act, performance goals associated with strategic plans should be expressed in an objective, quantifiable, and measurable form or, if not feasible, described with sufficient precision and in such terms that would allow for an accurate, independent determination of performance that meets the described criteria. [53] GAO, Managing for Results: Critical Issues for Improving Federal Agencies' Strategic Plans, [hyperlink, http://www.gao.gov/products/GAO/GGD-97-180] (Washington, D.C.: Sept. 16, 1997). [54] GAO, Government Performance: Strategies for Building a Results- Oriented and Collaborative Culture in the Federal Government, [hyperlink, http://www.gao.gov/products/GAO-09-1011T] (Washington, D.C.: Sept. 24, 2009). [55] Specifically, agencies were asked to complete separate questionnaires for each core financial system. However, agencies with more than 10 systems were asked to only complete questionnaires on the 10 systems they considered to be their most significant, along with the rationale they used to determine their relative significance. [56] This includes one agency, the Department of Defense (DOD), that returned questionnaires on one currently deployed system and 6 planned systems. Upon inquiry, DOD officials could not provide sufficient information concerning the number of DOD's current or planned core financial systems, but stated that DOD has over 100 current core financial systems. However, based on other recent work performed related to DOD enterprise resource planning systems, we determined that the inclusion of the 7 systems identified provides useful, relevant data concerning significant core financial system modernization projects. [57] Additional information concerning the results of work performed at case study agencies can be found in appendix III. [58] For the selected case study agencies, OPM was the only CFO Act agency that had attempted to migrate to an external provider. USDA and DOJ do not plan to migrate because they have decided to continue using existing in-house resources. FCC previously utilized a federal shared service provider and was in the process of migrating to a commercial provider. [59] Department of the Treasury, 2008 Financial Report of the United States Government (Washington, D.C., Dec. 15, 2008). Agencies selected for case studies were selected from among those with gross costs, as reported, in three strata: gross costs of $100 billion or more (USDA), less than $100 billion but more than $10 billion (DOJ and OPM), and $10 billion or less (FCC). [60] The Small Agency Council Finance Committee consists of financial management officials from small, independent federal agencies that meet to discuss and address specific items of interest to the community and coordinate the activities of the agencies of its members, including those related to consolidation and modernization of financial systems; improving quality of financial information, financial data and information standards; internal controls; legislation affecting financial operations and organizations; and other financial management matters. [61] The CFO Council was established by section 302 of the CFO Act to advise and coordinate the activities of the agencies of its members on such matters as consolidation and modernization of financial systems, improved quality of financial information, financial data and information standards, internal controls, legislation affecting financial operations and organizations, and any other financial management matters. See 31 U.S.C. § 901 note. [62] OMB Memorandum, Update on the Financial Systems Integration Office and OMB Memorandum, The Office of Financial Innovation and Transformation. [63] OMB Memorandum M-10-26, Immediate Review of Financial Systems IT Projects. [64] 40 U.S.C. §§ 11101-11704. [65] Pub. L. No. 101-576, 104 Stat. 2838 (Nov. 15, 1990). [66] Pub. L. No. 104-208, div. A., § 101(f), title VIII, 110 Stat. 3009, 3009-389 (Sept. 30, 1996). [67] OMB Circular No. A-127, Financial Management Systems (Washington, D.C., Jan. 9, 2009). [68] OMB Circular No. A-130, Management of Federal Information Resources (Washington, D.C., Nov. 28, 2000). [69] According to OMB Circular No. A-127, a core financial system is an information system that may perform all financial functions including general ledger management, funds management, payment management, receivable management, and cost management. The core financial system is the system of record that maintains all transactions resulting from financial events and is specifically used for collecting, processing, maintaining, transmitting, and reporting data regarding financial events. Other uses include supporting financial planning and budgeting activities, and preparing financial statements. [70] According to OMB Circular No. A-127, an external provider is an OMB-designated federal SSP or a commercial vendor. Currently, there are four federal SSPs: the Department of the Interior's National Business Center, the General Services Administration's Federal Integrated Solutions Center, the Department of the Treasury's Bureau of the Public Debt's Administrative Resource Center, and the Department of Transportation's Enterprise Services Center. [71] Although OMB Circular No. A-127 does not require agencies to migrate core financial system transaction processing activities, external providers offer this service to agencies, along with IT hosting and application management services. [72] According to federal SSP officials, an instance is a uniquely configured and separate installation of a software application. [73] Financial Systems Integration Office, Financial Management Systems Standard Business Processes for U.S. Government Agencies (Washington, D.C., July 18, 2008). This document presents governmentwide common processes and activities, standard business rules, and data exchanges for core financial business processes. [74] Financial Systems Integration Office, Financial Management Systems Standard Business Processes for U.S. Government Agencies. This document presents governmentwide common processes and activities, standard business rules, and data exchanges for core financial business processes. It contains detailed descriptions of the funds, payment, receivables, reimbursables, and reports management processes. [75] Specifically, auditors continue to report that the government is unable to reconcile differences between intragovernmental transactions reported by purchasing and selling agencies and cited different formatting of transaction data reported by the purchasing and selling agencies as a significant contributor to intragovernmental transaction differences. [76] In March 2010, the Department of the Treasury announced an initiative to create a central utility for intragovernmental transactions and implement business processes that would require authorization from both parties (receipt and acceptance) to the transaction prior to the settlement/payment transaction. [77] Franchise funds and working capital funds are types of intragovernmental revolving funds that operate as government-run, self- supporting businesslike enterprises to provide a variety of common administrative services (e.g., information technology support and transaction processing) to other federal agencies on a fee-for-service basis. These funds are required to recover the full costs of providing services from the agencies they serve and often operate on a break- even basis over time. [End of section] GAO's Mission: The Government Accountability Office, the audit, evaluation and investigative arm of Congress, exists to support Congress in meeting its constitutional responsibilities and to help improve the performance and accountability of the federal government for the American people. GAO examines the use of public funds; evaluates federal programs and policies; and provides analyses, recommendations, and other assistance to help Congress make informed oversight, policy, and funding decisions. GAO's commitment to good government is reflected in its core values of accountability, integrity, and reliability. Obtaining Copies of GAO Reports and Testimony: The fastest and easiest way to obtain copies of GAO documents at no cost is through GAO's Web site [hyperlink, http://www.gao.gov]. Each weekday, GAO posts newly released reports, testimony, and correspondence on its Web site. To have GAO e-mail you a list of newly posted products every afternoon, go to [hyperlink, http://www.gao.gov] and select "E-mail Updates." Order by Phone: The price of each GAO publication reflects GAO’s actual cost of production and distribution and depends on the number of pages in the publication and whether the publication is printed in color or black and white. Pricing and ordering information is posted on GAO’s Web site, [hyperlink, http://www.gao.gov/ordering.htm]. Place orders by calling (202) 512-6000, toll free (866) 801-7077, or TDD (202) 512-2537. Orders may be paid for using American Express, Discover Card, MasterCard, Visa, check, or money order. Call for additional information. To Report Fraud, Waste, and Abuse in Federal Programs: Contact: Web site: [hyperlink, http://www.gao.gov/fraudnet/fraudnet.htm]: E-mail: fraudnet@gao.gov: Automated answering system: (800) 424-5454 or (202) 512-7470: Congressional Relations: Ralph Dawn, Managing Director, dawnr@gao.gov: (202) 512-4400: U.S. Government Accountability Office: 441 G Street NW, Room 7125: Washington, D.C. 20548: Public Affairs: Chuck Young, Managing Director, youngc1@gao.gov: (202) 512-4800: U.S. Government Accountability Office: 441 G Street NW, Room 7149: Washington, D.C. 20548: