Skip to main content

Financial Management: DOD Needs to Implement Comprehensive Plans to Improve Its Systems Environment

GAO-20-252 Published: Sep 30, 2020. Publicly Released: Sep 30, 2020.
Jump To:

Fast Facts

Department of Defense financial management has been on our High Risk List since 1995 in part because of deficiencies found in its supporting information systems. DOD uses these systems to report its spending and assets.

DOD's Inspector General and other auditors found the data used for the military services' FY 2019 financial statements unreliable. They identified new and ongoing deficiencies in 2,100 audit findings.

DOD doesn't track how much it spends on the systems. But we calculated it could be at least $2.8 billion in FY 2020.

We made 6 recommendations, including that DOD develop a road map for implementing its improvement strategy.

A person reviews a financial spreadsheet while holding a magnifying glass in one hand and pen in the other.

Skip to Highlights

Highlights

What GAO Found

Data supporting the Department of Defense's (DOD) fiscal year 2019 financial statements are not reliable, according to the DOD Office of Inspector General (OIG) and independent auditors. In January 2020, the OIG reported that the department had wide-ranging weaknesses in its financial management systems that prevented it from collecting and reporting financial and performance information that was accurate, reliable, and timely. Specifically, the OIG reported 25 material weaknesses that impacted DOD's ability to achieve an unmodified audit opinion on its fiscal year 2019 department-wide financial statements. These material weaknesses are based, in large part, on identified deficiencies and corresponding recommendations, also known as notices of findings and recommendations (NFRs).

In fiscal year 2019, independent public accountants issued 2,100 new and reissued NFRs to the military services and DOD remediated 26 percent of the military services' NFRs from fiscal year 2018. Of the 2,100 fiscal year 2019 NFRs, 1,008 were related to information technology (IT) and cybersecurity issues. Of the 1,008 NFRs, 484 were new and 524 were reissued from previous years. (See figure.)

Figure: IT Notices of Findings and Recommendations Issued by Independent Public Accountants Based on Audits of Military Services' Fiscal Year 2019 Financial Statements

Figure: IT Notices of Findings and Recommendations Issued by Independent Public Accountants Based on Audits of Military Services' Fiscal Year 2019 Financial Statements

To address the NFRs and DOD's underlying financial management system weaknesses, the department has a strategy that fully addresses three requirements for a comprehensive and effective IT strategic plan; however, it does not include measures for tracking progress in achieving the strategy's goals. (See table on next page.)

Table: GAO Ratings of DOD's IT Financial Management Systems Strategy

IT Strategic Plan Requirementsa

GAO Ratings

Alignment with the agency's overall strategic plan

Results-oriented goals and performance measures

Strategies to achieve desired results, including a clear narrative of how IT is enabling agency goals

Descriptions of dependencies within and across projects

Legend:

● Fully addressed: DOD provided evidence that it fully addressed this requirement.

◑ Partially addressed: DOD provided evidence that it addressed some, but not all, of this requirement.

Source: GAO analysis of Department of Defense documentation. | GAO-20-252

aThe requirements for a comprehensive and effective IT strategic plan are based on Office of Management and Budget guidance and prior GAO research and reviews of federal agencies' IT strategic plans.

DOD has not developed an enterprise road map to implement its strategy, as called for by Office of Management and Budget guidance. Such a road map should document the current and future states of a systems environment that, among other things, describes business processes and rules, information needs and flows, and work locations and users; and a transition plan for moving from the current to the future. In response to recently enacted legislation requiring a comprehensive road map, DOD stated that it plans to develop one; however, it did not state by when.

DOD also does not have sufficiently detailed plans for migrating key military service legacy accounting systems to new systems. The Navy has developed a plan to migrate its system, but the plan is missing key elements consistent with Software Engineering Institute guidance. The Army and Air Force do not have detailed migration plans for their key accounting systems.

While DOD has developed a plan to address IT issues identified during annual audits, it has not established performance goals that include indicators, targets, and time frames. Officials said that it is challenging to develop such goals because issues identified by the IPAs vary widely. However, DOD has already grouped the issues by priority, facilitating the establishment of appropriate performance goals.

Moreover, DOD does not know how much it spends on the systems that support its financial statements because it does not have a way to reliably identify these systems in its systems inventory and budget data. GAO calculated that the department will spend at least $2.8 billion on those systems in fiscal year 2020. However, that amount is understated–GAO identified 45 systems that were missing from the list of significant systems that DOD provided to GAO.

As a result of these deficiencies, the department faces challenges in ensuring accountability over its extensive resources and in effectively managing its assets and budgets. DOD also risks wasting funds on short-term fixes that might not effectively and efficiently support longer-term department goals.

Why GAO Did This Study

DOD financial management has been on GAO's High Risk List since 1995 because of long-standing deficiencies found in, among other areas, its supporting information systems. DOD uses these systems to report its spending and assets.

GAO was requested to review DOD's financial management systems. The objectives of this review are to determine (1) to what extent the data produced by DOD financial management systems are reported to be reliable for presenting financial statements in accordance with generally accepted accounting principles, (2) to what extent DOD and the military departments have strategies and plans to address key information technology controls for their financial systems, and (3) how much money DOD reports spending on developing and maintaining its financial management systems.

To address these objectives, GAO analyzed (1) independent public auditors' findings resulting from the department's fiscal year 2019 audit; (2) DOD's financial management systems strategy and plans relative to OMB guidance and recent legislation; (3) data in DOD system and budget databases. GAO also interviewed relevant DOD and military service officials.

Recommendations

GAO made the following six recommendations to DOD:

  1. Establish performance measures for DOD's financial management systems strategy, including targets and time frames, and how it plans to measure values and verify and validate those values.
  2. Establish a specific time frame for developing an enterprise road map to implement DOD's financial management systems strategy and ensure that it is developed.
  3. Develop detailed migration plans for certain key accounting systems.
  4. Establish performance goals with performance indicators, targets and time frames, to monitor DOD's efforts to address IT-related audit findings.
  5. Implement a mechanism for identifying a complete list of financial management systems and related budget data.
  6. Limit investments in financial management systems to what is essential to maintain functional systems and help ensure system security until DOD implements the other recommendations.

DOD concurred with GAO's recommendations and described actions it plans to take to address them.

Recommendations for Executive Action

Agency Affected Recommendation Status
Department of Defense The Secretary of Defense should direct the Chief Management Officer and other entities, as appropriate, to establish measures to determine if the department is succeeding in achieving its goal to improve its financial management systems. Specifically, it should document targets and time frames to define the level of performance to be achieved. It should also document how DOD plans to measure expected outcomes by identifying data sources, how it plans to measure values, and how DOD plans to verify and validate measured values. (Recommendation 1)
Open
As of August 2023, the Department of Defense has not implemented this recommendation. Specifically, the department stated that the Office of the Under Secretary of Defense (Comptroller) was finalizing targets and timeframes, along with data sources and mechanisms to capture and monitor performance. Further, the department planned to complete and submit a closure request to GAO by August 2023. We will continue to monitor the department's efforts to fully implement this recommendation.
Department of Defense The Secretary of Defense should direct the Chief Management Officer and other entities, as appropriate, to establish a specific time frame for developing an enterprise road map to implement its financial management systems strategy, and ensure that it is developed. The road map should document the current and future states at a high level, from an architecture perspective, and present a transition plan for moving from the current to the future in an efficient, effective manner. The road map should discuss performance gaps, resource requirements, and planned solutions, and it should map DOD's financial management systems strategy to projects and budget. The plan should also document the tasks, time frames, and milestones for implementing new solutions, and include an inventory of systems. (Recommendation 2)
Open – Partially Addressed
As of August 2023, the Department of Defense (DOD) has partially addressed this recommendation. Specifically, in June 2022, the department developed an initial Enterprise Financial Management Systems Roadmap and updated it in March 2023. The road map documents the "to-be" systems vision and a plan to migrate from the current state to the "to-be" state. It also maps to the department's financial management systems strategy. However, the road map does not discuss performance gaps or resource requirements or map to a budget. DOD stated that it plans to make additional updates to the roadmap by October 2023. We will continue to monitor the department's efforts to fully implement the recommendation.
Department of Defense The Secretary of Defense should direct the Chief Management Officer and other entities, as appropriate, to develop detailed migration plans for the Air Force's General Accounting and Finance System-Reengineered, Navy's Standard Accounting and Reporting System, and Army's Standard Finance System and the Standard Operation and Maintenance Army Research and Development System. (Recommendation 3)
Open – Partially Addressed
As of November 2023, the Department of Defense (DOD) has not fully addressed this recommendation. In November 2023, the department submitted updated migration plans for the Army's Standard Finance System and the Standard Operation and Maintenance Army Research and Development System. While the department has made progress addressing our recommendation, more remains to be done. For example, the plans include information such as migration schedules and milestones. However, while the updated plans discuss training at a high-level, they do not provide sufficient details. Instead, they refer to a different entity that is responsible for identifying training and do not provide details about how that entity will identify needed training. In addition, the Army continued to state that an operational cutover to new systems is not needed. However, leading practices call for migration plans to include plans for operational cutover. We plan to follow-up with the Army to obtain additional information about plans for training and operational cutover. We are no longer tracking migration plans for the Navy's Standard Accounting and Reporting System because it was retired in December 2022. In addition, we are tracking the Air Force's efforts to develop a migration plan for the Air Force's General Accounting and Finance System-Reengineered under an open recommendation associated with GAO-22-103636. We will continue to monitor the department's efforts to fully implement the remaining elements of this recommendation.
Department of Defense The Secretary of Defense should direct the Chief Management Officer and other entities, as appropriate, to establish performance goals that include performance indicators, targets and time frames, to monitor the status of efforts to address IT-related audit findings. (Recommendation 4)
Closed – Implemented
DOD has established performance goals, including indicators, targets, and time frames to monitor the status of its efforts to address its high priority IT-related audit findings. Specifically, the department reported at its July 2021 and April 2022 Information Technology Functional Council meetings on the number of high priority IT-related notices of findings and recommendations that it expected to address in fiscal years 2021 through 2024. As a performance indicator, the department reported the percentage of corrective action plans intended to address the audit findings that would not be closed by their target completion dates (i.e. slippages).
Department of Defense The Secretary of Defense should direct the Chief Management Officer and other entities, as appropriate, to implement a mechanism for identifying financial management systems that support the preparation of the department's financial statements in the department's systems inventory and budget data, and identify a complete list of financial management systems. (Recommendation 5)
Open – Partially Addressed
In August 2023, DOD provided an inventory of systems relevant to the audit. In addition, the department stated that, among other things, it plans to issue updated guidance on identifying financial statement and audit relevant systems by December 2023. According to the department, this guidance will define and document the logic and mechanisms to be used to identity and capture financial and feeder systems in support of providing a complete inventory of systems. We will continue to monitor the department's efforts to implement this recommendation.
Department of Defense
Priority Rec.
The Secretary of Defense should direct the Chief Management Officer and other entities, as appropriate, to ensure that the department limits investments in financial management systems to only what is essential to maintain functioning systems and help ensure system security until it implements the other recommendations in this report. (Recommendation 6)
Open
As of August 2023, the Department of Defense (DOD) has not addressed this recommendation. Specifically, DOD stated that, in January 2022, the Chief Information Officer published the Capability Planning Guidance for Fiscal Year (FY) 2024-2028. DOD stated that this guidance included specific language on DOD's financial management goals that is intended to streamline the business systems environment, reduce interface complexity, and improve data integrity and the security of DOD's financial information. Among other things, DOD stated that the department also plans to issue FY 2024 financial management systems review instructions by October 2023. In addition, the department stated that it plans to complete and submit a closure package to GAO by October 2023. We will continue to follow up on the department's efforts to fully implement this recommendation.

Full Report

Office of Public Affairs

Topics

Accounting standardsAccounting systemsFinancial managementFinancial management systemsFinancial reportingFinancial statementsInformation systemsInformation technologyInternal controlsMilitary forces