Information Technology:
Census Bureau Needs to Improve Its Risk Management of Decennial Systems
GAO-08-79: Published: Oct 5, 2007. Publicly Released: Oct 5, 2007.
Additional Materials:
- Highlights Page:
- Full Report:
- Accessible Text:
Contact:
(202) 512-3000
contact@gao.gov
Office of Public Affairs
(202) 512-4800
youngc1@gao.gov
Automation and information technology (IT) are expected to play a critical role in the 2010 decennial census. The Census Bureau plans to spend about $3 billion on automation and technology that are to improve the accuracy and efficiency of census collection, processing, and dissemination. The Bureau is holding what it refers to as a Dress Rehearsal, during which it plans to conduct operational testing that includes the decennial systems. In view of the importance of IT acquisitions to the upcoming census, GAO was asked to (1) determine the status and plans for four key IT acquisitions, including schedule and cost, and (2) assess whether the Bureau is adequately managing associated risks. To achieve its objectives, GAO analyzed acquisition documents and the projects' risk management activities and compared these activities to industry standards.
Three key systems acquisitions for the 2010 Census are in process, and a fourth contract was recently awarded. The ongoing acquisitions show mixed progress in meeting schedule and cost estimates. Currently, two of the projects are not on schedule, and the Bureau plans to delay certain functionality. The award of the fourth contract, originally scheduled for 2005, was awarded in September 2007. In addition, one project has incurred cost overruns and increases to its projected life-cycle cost. As a result of the schedule changes, the full complement of systems and functionality that were originally planned will not be available for the Dress Rehearsal operational testing. This limitation increases the importance of further system testing to ensure that the decennial systems work as intended. The Bureau's project teams for each of the four IT acquisitions have performed many practices associated with establishing sound and capable risk management processes, but critical weaknesses remain. Three project teams had developed a risk management strategy that identified the scope of the risk management effort. However, not all project teams had identified risks, established mitigation plans, or reported risks to executive-level officials. For example, one project team did not adequately identify risks associated with performance issues experienced by mobile computing devices. In addition, three project teams developed mitigation plans that were often untimely or included incomplete activities and milestones for addressing the risks. Until the project teams implement key risk management activities, they face an increased probability that decennial systems will not be delivered on schedule and within budget or perform as expected.
Recommendations for Executive Action
Status: Closed - Implemented
Comments: In response to our recommendation, the Bureau developed risk mitigation plans which include mitigation plan steps and a schedule for completing the necessary mitigation actions.
Recommendation: To strengthen risk management activities for the decennial census acquisitions, the Secretary should also direct the Director of the Census Bureau to ensure that project teams develop risk mitigation plans for the significant risks, including defining the mitigating actions, milestones, thresholds, and resources.
Agency Affected: Department of Commerce
Status: Closed - Implemented
Comments: In response to our recommendation, the Bureau established risk registers for the major IT systems, including risks related to mobile computing devices and system interfaces, which include mitigation plan steps and a schedule for completing the necessary mitigation actions.
Recommendation: To strengthen risk management activities for the decennial census acquisitions, the Secretary should also direct the Director of the Census Bureau to ensure that project teams identify and develop a comprehensive list of risks for the acquisitions, particularly those for system interfaces and mobile computing devices, and analyze them to determine probability of occurrence and appropriate mitigating actions.
Agency Affected: Department of Commerce
Status: Closed - Implemented
Comments: In July 2010, we verified, in response to our recommendation, the Census Bureau had planned for and performed end-to-end testing, involving multiple systems, for 35 of 40 key Census operations. More specifically, the Bureau completed testing of most of the key operations removed from the Dress Rehearsal, including Group Quarters Enumeration, Nonresponse Follow-up, Enumeration at Transitory Locations, and Census Coverage Measurement.
Recommendation: To ensure that the Bureau's four key acquisitions for the 2010 Census operate as intended, we are making four recommendations. First, to ensure that the Bureau's decennial systems are fully tested, the Secretary of Commerce should require the Director of the Census Bureau to direct the Decennial Management Division and Geography Division to plan for and perform end-to-end testing so that the full complement of systems is tested in a census-like environment.
Agency Affected: Department of Commerce
Status: Closed - Implemented
Comments: In response to our recommendation, the project teams provide monthly status reports to senior Bureau executives and quarterly briefings to the Department of Commerce IT Review Board that include significant project risks.
Recommendation: To strengthen risk management activities for the decennial census acquisitions, the Secretary should also direct the Director of the Census Bureau to ensure that project teams provide regular briefings on significant risks to senior executives, so that they can play a role in mitigating these risks.
Agency Affected: Department of Commerce
Explore the full database of GAO's Open Recommendations
»
Explore the full database of GAO's Open Recommendations
Jun 13, 2018
VA Health Care:
Independent Verification and Validation of Patient Self-Scheduling Systems Was Consistent with the Faster Care for Veterans Act of 2016GAO-18-442R: Published: Jun 13, 2018. Publicly Released: Jun 13, 2018.
May 24, 2018
-
DOD Major Automated Information Systems:
Adherence to Best Practices Is Needed to Better Manage and Oversee Business ProgramsGAO-18-326: Published: May 24, 2018. Publicly Released: May 24, 2018.
May 23, 2018
-
Data Center Optimization:
Continued Agency Actions Needed to Meet Goals and Address Prior RecommendationsGAO-18-264: Published: May 23, 2018. Publicly Released: May 23, 2018. -
Information Technology:
Continued Implementation of High-Risk Recommendations Is Needed to Better Manage Acquisitions Operations and CybersecurityGAO-18-566T: Published: May 23, 2018. Publicly Released: May 23, 2018.
May 22, 2018
-
NASA Information Technology:
Urgent Action Needed to Address Significant Management and Cybersecurity WeaknessesGAO-18-337: Published: May 22, 2018. Publicly Released: May 22, 2018.
Mar 14, 2018
-
Information Technology:
Further Implementation of Recommendations Is Needed to Better Manage Acquisitions and OperationsGAO-18-460T: Published: Mar 14, 2018. Publicly Released: Mar 14, 2018.
Jan 30, 2018
-
Coast Guard Health Records:
Timely Acquisition of New System Is Critical to Overcoming Challenges with Paper ProcessGAO-18-363T: Published: Jan 30, 2018. Publicly Released: Jan 30, 2018.
Jan 10, 2018
-
Information Technology:
Agencies Need to Involve Chief Information Officers in Reviewing Billions of Dollars in AcquisitionsGAO-18-42: Published: Jan 10, 2018. Publicly Released: Jan 10, 2018.
Nov 21, 2017
-
Information Technology:
OMB Needs to Report On and Improve Its Oversight of the Highest Priority ProgramsGAO-18-51: Published: Nov 21, 2017. Publicly Released: Nov 21, 2017.
Nov 15, 2017
-
Information Technology:
Further Implementation of FITARA Related Recommendations Is Needed to Better Manage Acquisitions and OperationsGAO-18-234T: Published: Nov 15, 2017. Publicly Released: Nov 15, 2017.
Looking for more? Browse all our products here
Explore our Key Issues on Information Technology
- Best Practices and Leading Practices in Information Technology Management
- 2020 Census - High Risk Issue
- DHS Management - High Risk Issue
- DOD Business Systems Modernization - High Risk Issue
- Ensuring the Security of Federal Information Systems and Cyber Critical Infrastructure and Protecting the Privacy of Personally Identifiable Information - High Risk Issue
- IT Acquisitions and Operations - High Risk Issue
- Managing Risks and Improving VA Health Care - High Risk Issue
- Modernization Blueprints
- OPM's Retirement Processing System Modernization
- Wireless Broadband Spectrum Management
Explore our other Key Issues here
