Recommendation: The Secretary of Defense should ensure that the DOD Chief Information Officer (CIO) develops an IT enterprise architecture which includes a transition plan that provides a road map for improving the department's IT and computing infrastructure, including for each of its business processes. (Recommendation 5)

Agency: Department of Defense: Office of the Secretary of Defense
Status: Open

Comments: In October 2019, the DOD CIO developed a report on the first increment of version 3 of the department's information enterprise architecture (IEA). The report includes high-level descriptions of the current and target architectures, and high-level plans and schedules for transitioning from the current to the target architecture. The report states that because of the incremental approach to developing the architecture, the plans and schedules are notional and depend on several factors over which the DOD CIO has limited or no control, such as funding and changing world events, priorities, and technology. The report also describes plans to integrate the IEA with the department's business enterprise architecture. However, the report did not define a specific time frame for integrating the architectures. According to the report, for the next increment of the architecture, the department plans to develop compliance criteria and plans for developing an ontology, database, and tool suite. The department did not provide a time frame for completing the next increment. We will continue to monitor the department's efforts to implement the recommendation.

Recommendation: The Secretary of Defense should ensure that the DOD CIO and Chief Management Officer work together to define a specific time frame for when the department plans to integrate its business and IT architectures and ensure that the architectures are integrated. (Recommendation 6)

Agency: Department of Defense: Office of the Secretary of Defense
Status: Open

Comments: In October 2019, the DOD CIO developed a report on the first increment of version 3 of its information enterprise architecture (IEA). The report described planned efforts related to integrating the IEA and the business enterprise architecture. However, the report did not define a specific time frame for when the department plans to integrate the architectures.

Recommendation: To help ensure that the department can better achieve business process reengineering and enterprise architecture outcomes and benefits, the Secretary of Defense should utilize the results of our portfolio manager survey to determine additional actions that can improve the department's management of its business process reengineering and enterprise architecture activities.

Agency: Department of Defense
Status: Open

Comments: DOD has made progress implementing the recommendation. Specifically, in January 2017, the department issued a business enterprise architecture improvement plan. The plan was intended to address business enterprise architecture usability and deficiencies in information supporting the investment management process. As part of its planning efforts, the department identified opportunities to address the results of our survey. For example, according to the plan, our survey results were used to identify opportunities for improving management and integration of existing enterprise business processes and investments; assessing duplication early in the analysis phase and finding process and capability reuse across the department; and providing a federated business enterprise architecture information environment and capabilities to discover and exchange information from other sources. The plan included delivering three major capabilities. In October 2019, the office of the Chief Management Officer (CMO) demonstrated its new capabilities to GAO. Further, in October 2019, staff within the office of the CMO were working to move the capabilities to a government-approved host environment, although the office had not yet finalized its plan to do so. As of November 2019, the department had not yet deployed the capabilities.

Recommendation: To effectively plan and manage its acquisitions of IT systems and increase the likelihood of delivering promised system capabilities on time and within budget, the Librarian should establish and implement an organization-wide policy for developing cost estimates that includes key practices as discussed in this report.

Agency: Library of Congress
Status: Open

Comments: The Library of Congress generally agreed with, and has begun to take steps to implement, this recommendation. Specifically, in January 2017 the Library established a centralized Library-wide Project Management Office, located within the Office of the Chief Information Officer (OCIO). Additionally, in June 2017 the Library updated its regulations to give the Project Management Office the authority to establish organization-wide policy for developing cost estimates. Further, in August 2017 the Project Management Office finalized guidance for developing cost estimates that generally includes the key practices discussed in our report. However, none of the cost estimates for three key investments fully met the practices associated with a comprehensive estimate. In October 2019, the Library provided evidence of its Monte-Carlo risk assessment process. We are currently assessing whether this process is consistent with the practices found in our Cost Estimating and Assessment Guide. We will continue to evaluate the Library's progress in implementing this recommendation.

Recommendation: To effectively plan and manage its acquisitions of IT systems and increase the likelihood of delivering promised system capabilities on time and within budget, the Librarian should establish a time frame for finalizing and implementing an organization-wide policy for developing and maintaining project schedules that includes key practices as discussed in this report, and finalize and implement the policy within the established time frame.

Agency: Library of Congress
Status: Open

Comments: The Library of Congress generally agreed with, and has begun to take steps to implement, this recommendation. Specifically, in January 2017 the Library established a Project Management Office within the Office of the Chief Information Officer (OCIO) and tasked the office with communicating and enforcing Library requirements for project management and systems development. Additionally, in June 2017 the Library updated its regulations to give the Project Management Office the authority to establish organization-wide policy for developing and maintaining schedules. Further, in August 2017 the Project Management Offices finalized guidance for developing schedules that generally includes the key practices discussed in our report. However, none of the schedules for three key investments fully met the practices associated with a well-constructed schedule. In October 2019, the Library provided the schedules that it uses to manage select projects. We are currently reviewing this scheduling documentation to determine the extent to which the Library is implementing its scheduling guidance.

Recommendation: To ensure effective management and modernization of HUD's IT environment, the Secretary of Housing and Urban Development should direct the department's Chief Information Officer to define the scope, implementation strategy, and schedule of its overall modernization approach, with related goals and measures for effectively overseeing the effort.

Agency: Department of Housing and Urban Development
Status: Open
Priority recommendation

Comments: In July 2018, the Office of the Chief Information Officer (OCIO) reported that the goal of the Chief Technology Officer's technical assessment of HUD's IT environment was to identify gaps and develop an implementation strategy and approach to establish a modernization roadmap. As of March 2020, OCIO reported that it had completed the technical assessment to identify gaps in IT. The department has also taken action to define an overall modernization approach, including the scope, implementation strategy, and schedule for modernizing its IT environment and systems. However, as of March 2020, HUD had not yet established measures for overseeing its modernization efforts.

Recommendation: To help ensure the success of PortfolioStat, the Director of the Office of Management and Budget should direct the Federal Chief Information Officer to improve transparency of and accountability for PortfolioStat by publicly disclosing planned and actual data consolidation efforts and related cost savings by agency.

Agency: Executive Office of the President: Office of Management and Budget
Status: Open

Comments: As of April 2019, OMB had taken steps to improve transparency of and accountability for PortfolioStat, as GAO recommended in November 2013. In October 2015, the agency started displaying actual data consolidation savings data on the federal information technology (IT) dashboard. As of April 2018, however, OMB was not requiring that agencies report planned PortfolioStat cost savings stating this was as a result of agency feedback, and streamlining of data collection efforts based upon the decision that reporting on realized cost savings is more valuable than reporting on planned or projected cost savings.In March 2019, OMB stated that it was "exploring better approaches to cost savings as reported by agencies to the IT Dashboard." We are following up with OMB to determine whether these approaches include publicly disclosing planned and actual data consolidation efforts and related cost savings by agency.

Recommendation: To improve the department's implementation of PortfolioStat, the Secretary of Commerce should direct the CIO to reflect 100 percent of information technology investments in the department's enterprise architecture.

Agency: Department of Commerce
Status: Open

Comments: In October 2018, the Commerce described its process for updating its IT asset inventory as part of the budget formulation process and provided a mapping of investments to its enterprise architecture as evidence that it had implemented this recommendation. However, the department did not provide any policies and procedures supporting the process it described to us. In addition, it did not provide any evidence of controls to ensure that all investments had been captured in the enterprise architecture. In January 2020, the department told us that its Office of the Chief Information Officer had new leadership and as a result the department was expected to make significant progress in addressing the recommendation this year.

Recommendation: To improve the department's implementation of PortfolioStat, the Secretary of Commerce should direct the CIO to develop a complete commodity IT baseline.

Agency: Department of Commerce
Status: Open

Comments: In October 2018, Commerce officials told GAO about actions taken that they believed addressed the recommendation and provided supporting documentation. Specifically, they stated that they send out an annual data call for bureaus to provide their IT asset inventory as part of the budget submission process. They stated they also perform department-level validation of the bureaus' inventories and aggregate them into a single department inventory. As evidence, they provided a data call memo with supporting instructions and a template for bureaus to establish an IT asset inventory. They also provided examples of three bureau inventories received in response to data calls. In addition, they provided the final aggregated inventory (for fiscal year 2017) and department-level validation of bureau submissions. However, the department did not provide any policies or procedures documenting the process they described. In addition, we could not determine whether the creation of the department-wide inventory was a one-time effort or a recurring activity. In January 2020, the department told us that its Office of the Chief Information Officer had new leadership and as a result the department was expected to make significant progress in addressing the recommendation this year.

Recommendation: To improve the department's implementation of PortfolioStat, the Secretary of Defense should direct the CIO to develop a complete commodity IT baseline.

Agency: Department of Defense
Status: Open

Comments: The Department of Defense partially concurred with the recommendation and stated that it had efforts underway to further define the department's commodity IT baseline. In January 2019, our contact from the Office of the Chief Information Officer told us that the department had recently established an IT Purchase Request (ITPR) process for controlling spending that had a built-in IT asset inventory process that would address the recommendation. In August 2019, we received documentation on the ITPR process as part of an ongoing engagement. We are reviewing the documentation to determine whether it is sufficient to close the recommendation.

Recommendation: To improve the department's implementation of PortfolioStat, in the future reporting to OMB, the Secretary of Defense should direct the CIO to fully describe the following PortfolioStat action plan element: consolidate commodity IT spending under the agency CIO.

Agency: Department of Defense
Status: Open

Comments: The Department of Defense did not concur with the recommendation, stating that the commodity IT construct implemented by OMB with PortfolioStat did not work with the department's federated management process. However, the department agreed that a strategy, consistent with the intent of achieving better buying power and control of commodity IT items, should be developed and implemented within the department using existing authorities and stated that it was in the process of implementing this strategy. In January 2019, the Office of the Chief Information Officer's Director for Performance Management stated that while the CIO did not have the authority to consolidate commodity IT spending, the department had taken actions he believed addressed the intent of the recommendation to gain visibility into IT spending. Specifically, he stated that the department established a policy to leverage its buying power for commodity IT purchases (for example for software licenses). In addition, the department recently established an IT Purchase Request (ITPR) process for controlling IT spending. In August 2019, we received documentation related to those actions as part of an ongoing engagement. We are reviewing the documentation to determine whether it is sufficient to close the recommendation.

Recommendation: To improve the department's implementation of PortfolioStat, the Secretary of Defense should direct the CIO to obtain support from the relevant component agencies for the estimated savings for fiscal years 2013 to 2015 for the data center consolidation, enterprise software purchasing, and General Fund Enterprise Business System initiatives.

Agency: Department of Defense
Status: Open

Comments: The department of Defense concurred with the recommendation and stated that it already reported data center consolidation savings and would continue to realize savings from the Enterprise Software Initiative, other strategic sourcing efforts and the implementation of the General Fund Enterprise Business System initiatives. Through other engagements, in August 2016, we had collected support for data center consolidation and Enterprise Software Initiative savings for fiscal years 2013 to 2015. In January 2019, the Office of the Chief Information Officer's Director for Performance Management told us that the department had not been tracking savings generated by other commodity IT initiatives due to the difficulty in doing so, however, it was tracking an "other" category of savings through OMB's integrated data collection instrument (IDC) process which he believed the intent of our recommendation. He noted that the "other" category tracks savings from various OMB IT reform initiatives. Mr. Johnson said he had sent a recent IDC report along with supporting documentation to GAO to address a recommendation made in GAO-15-296. We are reviewing the documentation to determine whether it is sufficient to close the recommendation.

Recommendation: To improve the U.S. Army Corps of Engineers' implementation of PortfolioStat, in future reporting to OMB, the Secretary of Defense should direct the Secretary of the Army to fully describe the following PortfolioStat action plan elements: (1) consolidate commodity IT spending under the agency CIO; (2) target duplicative systems or contracts that support common business functions for consolidation; (3) establish criteria for identifying wasteful, low-value, or duplicative investments; and (4) establish a process to identify these potential investments and a schedule for eliminating them from the portfolio.

Agency: Department of Defense
Status: Open

Comments: The Department of Defense concurred with the recommendation and stated that, in the future, USACE would fully describe the four action plan elements when reporting to OMB. In August 2016, the department reported that it had addressed and closed the recommendation in February 2015 and cited policies, procedures, and other supporting documentation as evidence. However, the department did not provide the supporting documentation. In April 2018, the department provided several documents as evidence of its efforts to address this recommendation, including an order outlining the capital planning investment management process for the fiscal year 2017. We determined that the documents did not support the department's claims. In January 2019, the department told us it would provide an update on the status of actions to address the recommendation. As of August 2019, the department had not yet provided any update.

Recommendation: To improve the U.S. Army Corps of Engineers' implementation of PortfolioStat, the Secretary of Defense should direct the Secretary of the Army to report on the agency's progress in consolidating eCPIC to a shared service as part of the OMB integrated data collection quarterly reporting until completed.

Agency: Department of Defense
Status: Open

Comments: The Department of Defense partially concurred with the recommendation and stated that it had efforts underway to further define the department's commodity IT baseline. In August 2016, the department reported that it had addressed and closed the recommendation in October 2014 and described several actions that it believed contributed to addressing the recommendation, including, continued improvements to data center reporting, and greater understanding of IT infrastructure costs. However, the department did not provide any documentation to support its claims. In January 2019, the department told us it would provide an update on the status of actions to address the recommendation. As of August 2019, the department had not yet provided any update.

Recommendation: To improve the agency's implementation of PortfolioStat, the Administrator of the Environmental Protection Agency should direct the CIO to develop a complete commodity IT baseline.

Agency: Environmental Protection Agency
Status: Open

Comments: In September 2016, we reported that the Environmental Protection Agency's (EPA) Registry of Environmental Protection Agency Applications, Models and Databases (READ) system had a complete inventory of enterprise IT and business systems-two of three categories of IT assets that make up a commodity IT baseline-and that the agency had processes in place to regularly update this inventory to ensure its completeness (see GAO-16-511). We have been following up with EPA to obtain its inventory of IT infrastructure systems-the third commodity IT category--and determine the agency's process to ensure the completeness of this inventory. In a December 2019 update, EPA told us that it was working on a response to the recommendation.

Recommendation: To improve the agency's implementation of PortfolioStat, in future reporting to OMB, the Administrator of the Environmental Protection Agency should direct the CIO to fully describe the following PortfolioStat action plan elements: (1) consolidate commodity IT spending under the agency CIO; (2) establish targets for commodity IT spending reductions and deadlines for meeting those targets; and (3) establish criteria for identifying wasteful, low-value, or duplicative investments.

Agency: Environmental Protection Agency
Status: Open

Comments: In November 2016, the Environmental Protection Agency (EPA) reported making progress in addressing the three action plan elements through implementation of the Federal Information Technology Acquisition Reform Act (FITARA) and efforts to assess applications in its inventory. In June 2019, the agency provided supporting documentation. We are reviewing the documentation to determine whether it fully addresses the recommendation.

Recommendation: To improve the agency's implementation of PortfolioStat, the Administrator of the Environmental Protection Agency should direct the CIO to report on the agency's progress in consolidating the managed print services and strategic sourcing of end user computing to shared services as part of the OMB integrated data collection quarterly reporting until completed.

Agency: Environmental Protection Agency
Status: Open

Comments: Between July and December 2016, the Environmental Protection Agency (EPA) reported that it had implemented a managed print service contract for headquarters in 2014 and was preparing to award a new contract to also cover its regions. The agency also reported that it plans to use one of the government-wide contracts identified in OMB's policy on improving the acquisition and management of common IT for its end user computing needs. EPA, however, did not provide documentation supporting these efforts. In a December 2019 update, EPA told us that it was working on a response to the recommendation.

Recommendation: To improve the department's implementation of PortfolioStat, the Attorney General should direct the CIO to reflect 100 percent of information technology investments in the department's enterprise architecture.

Agency: Department of Justice
Status: Open

Comments: In October 2019, the department stated that its budget formulation process ensures that all investments are included in its enterprise architecture (EA). Specifically, the department stated that, as part of the budget formulation process, the EA group reviews investments and aligns them to the business areas within the EA framework by assigning them business reference model codes. To support its claims, in November 2019, the department provided a list of investments showing their alignment with the business reference model codes for the fiscal year 2021 budget formulation process. However, the department did not provide evidence of the EA group's review process. As of January 2020, we were following up with the department to obtain this evidence.

Recommendation: To improve the agency's implementation of PortfolioStat, the Administrator of the National Aeronautics and Space Administration should direct the CIO to reflect 100 percent of information technology investments in the agency's enterprise architecture.

Agency: National Aeronautics and Space Administration
Status: Open

Comments: In February 2018, NASA reported that it was making revisions to its enterprise architecture policy that would assist with ensuring that 100 percent of the agency's information technology investments are in the enterprise architecture. In July and December 2018, the agency provided updates on its efforts along with supporting documentation, though not enough to fully address the recommendation. In July 2019, the agency stated it also had efforts underway to centralize IT governance under the Chief Information Officer and this would contribute to reflect all investments in the enterprise architecture. The agency stated it would continue to update us on the status of its efforts to address the recommendation.

Recommendation: To improve the agency's implementation of PortfolioStat, the Director of the Office of Personnel Management should direct the CIO to develop a complete commodity IT baseline.

Agency: Office of Personnel Management
Status: Open

Comments: In February 2020, OPM stated that it was developing a service catalog with cost information and allocation components which together with the agency's software inventory would be used for cost avoidance moving forward. However, OPM did not provide supporting documentation. In addition, it was not clear whether the service catalog and software inventory would together include enterprise IT, IT infrastructure, and business systems, the three categories of IT assets that comprise a commodity IT baseline. We will continue to monitor OPM's efforts to address the recommendation.

Recommendation: To improve the agency's implementation of PortfolioStat, in future reporting to OMB, the Director of the Office of Personnel Management should direct the CIO to fully describe the following PortfolioStat action plan elements: (1) move at least two commodity IT areas to shared services and (2) target duplicative systems or contracts that support common business functions for consolidation.

Agency: Office of Personnel Management
Status: Open

Comments: In October 2018, OPM provided evidence that it had addressed the action plan element regarding the migration of two commodity IT areas to shared services. Specifically, OPM provided an August 2016 interagency agreement showing plans to migrate its financial management system to a shared service and a May 2018 interagency agreement showing plans to migrate its human resources and time and attendance system to a shared service. However, the interagency agreements were not signed. Regarding the action plan element to target duplicative systems or contracts that support common business functions for consolidation, OPM stated did that it had targeted laptops and mobile phones for consolidation. In addition, OPM did not provide any evidence of reporting to OMB for either action plan element. In February 2020, OPM stated that, in addition to entering into an interagency agreement for its financial management system and consolidating the procurement of agency-wide laptops and cellphones using an enterprise wide contract, it was also working to close two of its five major data centers to consolidate to three. OPM said that it was gathering the documentation to support its claims.

Recommendation: To improve the agency's implementation of PortfolioStat, the Director of the Office of Personnel Management should direct the CIO to report on the agency's progress in consolidating the help desk consolidation and IT asset inventory to shared services as part of the OMB integrated data collection quarterly reporting until completed.

Agency: Office of Personnel Management
Status: Open

Comments: In February 2020, OPM stated that its IT help desk function had become a shared service starting in October 2019. However, OPM did not provide supporting documentation. In addition, OPM stated it did not have any updates on the IT asset inventory. We will continue to monitor the agency's efforts to address this recommendation.

Recommendation: To improve the department's implementation of PortfolioStat, in future reporting to OMB, the Secretary of the Treasury should direct the CIO to fully describe the following PortfolioStat action plan elements: (1) consolidate commodity IT spending under the agency CIO and (2) establish criteria for identifying wasteful, low-value, or duplicative investments.

Agency: Department of the Treasury
Status: Open

Comments: In September 2014, the Department of the Treasury reported that it did not plan to consolidate commodity IT spending under the agency CIO. Specifically, the department stated that commodity IT investment decisions were consolidated under the Treasury Technology Investment Review Board which is co-chaired by the agency CIO and Assistant Secretary for Management; and that it did not see the benefit of combining the budget authorities of the various bureau infrastructure investments. In regards to establishing criteria to identify wasteful, low-value, and duplicative investments, in September 2014, the department stated that the Treasury Technology Investment Review Board and Technology Advisory Working Group had established an approach that considers risk, value and cost in reviewing investment requests to identify wasteful, low-value, and duplicative investments. As of May 2019, we were reviewing documentation we received from the department in September 2018 to determine whether the recommendation has been fully addressed.

Recommendation: To improve the department's implementation of PortfolioStat, as the department finalizes and matures its enterprise architecture and valuation methodology, the Secretary of the Treasury should direct the CIO to utilize these processes to identify whether there are additional opportunities to reduce duplicative, low-value, or wasteful investments.

Agency: Department of the Treasury
Status: Open

Comments: In September 2014, the Department of the Treasury described several examples of processes it had established to identify opportunities to reduce duplicative, low-value or wasteful investments, including annual reviews of each major IT investment and monthly portfolio reviews. As of May 2019, we were reviewing updated information we received in September 2018 to determine whether the recommendation has been fully addressed.

Recommendation: To effectively implement key components of DOD's business systems modernization program, the Secretary of Defense should direct the Deputy Chief Management Officer to define by when and how the department plans to develop an architecture that would extend to all defense components and include, among other things, (a) information about the specific business systems that support business enterprise architecture (BEA) business activities and related system functions; (b) business capabilities for the Hire-to-Retire and Procure-to-Pay business processes; and (c) sufficient information about business activities to allow for more effective identification of potential overlap and duplication.

Agency: Department of Defense
Status: Open

Comments: DOD has made significant progress addressing the recommendation; however, as of November 2019, more remained to be done. In particular, in 2015, we reported that the department had taken steps to improve the integration of business enterprise architecture information with other existing information, which allows DOD to identify information such as mapping of existing business systems to system functions. More recently, in 2017, the department awarded a contract to improve its business enterprise architecture. According to the department, the objective of the contract was to improve business and system optimization by providing mechanisms to ingest and discover enterprise architecture content from all department components and allow for cross-domain portfolio reviews to include duplication analysis. More specifically, the contract called for developing three major capabilities, including the ability to conduct process and system reviews within and across domains. In October 2019, the Office of the Chief Management Officer (CMO) demonstrated that it had completed development of the three planned capabilities and the office said it was working to host the capabilities in a government-approved cloud environment. With regard to including business capabilities for the Hire-to-Retire and Procure-to-Pay business processes in the business enterprise architecture, the department stated that the new architecture is to identify the business capabilities and processes associated with Lines of Business, which will be defined as a decomposition of the products and services that the business enterprise delivers to the department's components. In September 2019, officials from the Office of the CMO stated that the department plans to review end-to-end processes that comprise the current business enterprise architecture for currency and relevancy. However, the officials did not indicate when they expect to complete this review.

Recommendation: To effectively implement key components of DOD's business systems modernization program, the Secretary of Defense should direct the Deputy Chief Management Officer to ensure that the functional strategies include all of the critical elements identified in DOD investment management guidance, including performance measures to determine progress toward achieving the goals that incorporate all of the attributes called for in the department's guidance.

Agency: Department of Defense
Status: Open

Comments: As of November 2019, the Department of Defense (DOD) had not addressed the recommendation. In May 2013, we reported that, for the fiscal year 2013 certification of business systems, functional strategies included many, but not all, of the critical elements required by DOD's guidance. Specifically, not all functional strategies demonstrated linkages to business goals in DOD's strategic management plan, and not all included expected outcomes for all functional area goals. In addition, some, but not all, had performance measures in place for assessing progress toward achieving stated goals. However, none of the functional strategies included performance measures that reflected all of the key attributes identified in DOD's guidance. We also reported that for the 2014 certification cycle, the functional strategies had been improved. However, not all of them had performance measures that included all key attributes called for in the guidance. Specifically, all performance measures did not include baseline and target measures, and provide a rationale for the identified targets. In June 2018, DOD revised the required functional strategy elements in its defense business system investment management guidance. However, as of November 2019, the department had not ensured that its functional strategies include all of the elements identified in the guidance. The guidance still requires that functional strategies include business outcomes that link to goals in DOD's strategic management plan. In addition, while the guidance no longer calls for the key performance measure attributes that we assessed in our 2013 report (i.e., baseline and target measures and a rationale for identified targets), the new guidance requires that business outcomes include measurable targets. However, none of the fiscal year 2019 functional strategies fully addressed most of the required elements. For example, none of the functional strategies demonstrated that business outcomes were clearly linked to the department's strategic management plan goals, as required by the 2018 investment management guidance. In addition, none of the strategies included measurable targets, An official from the office of the Chief Management Officer (CMO) demonstrated that the department's Integrated Business Framework-Data Alignment Portal, which is used to record functional strategies, includes business outcomes that are aligned to goals and objectives in the National Defense Business Operations Plan (i.e., the agency strategic plan). The official also demonstrated that most functional strategies link to at least one performance measure from the National Defense Business Operations Plan. However, the official agreed that the published functional strategies did not clearly link outcomes to the department's strategic management plan. Further, officials from the office of the CMO stated in September 2019 that the functional strategies for fiscal year 2019 were not revised for fiscal year 2020.

Recommendation: To effectively implement key components of DOD's business systems modernization program, the Secretary of Defense should direct the Deputy Chief Management Officer to select and control its mix of investments in a manner that best supports mission needs by (a) documenting a process for evaluating portfolio performance that includes the use of actual versus expected performance data and predetermined thresholds; (b) ensuring that portfolio assessments are conducted in key areas identified in our IT investment management framework: benefits attained; current schedule; accuracy of project reporting; and risks that have been mitigated, eliminated, or accepted to date; and (c) ensuring that the documents provided to the Defense Business Council as part of the investment management process include critical information for conducting all assessments.

Agency: Department of Defense
Status: Open

Comments: As of November 2019, DOD had not addressed the recommendation. In 2013, we reported that the department's investment management guidance did not specify a process for conducting an assessment or call for the use of actual versus expected performance data and predetermined thresholds for evaluating portfolio performance. In addition, the department did not call for assessments to be conducted in four key areas-benefits attained, current schedule; accuracy of project reporting; and risks that have been mitigated, eliminated or accepted to date. We also reported in 2013, that the department's investment management guidance identified four criteria and specified the associated assessments that were to be conducted when reviewing and evaluating components' organization execution plans in order to make a portfolio-based investment decision. However, the guidance did not call for the department's organizational execution plans to include critical information for conducting assessments associated with three of the four criteria. Specifically, it did not include information for conducting assessments associated with strategic alignment (i.e., information on alignment with the capital planning and investment control practices and Better Buying Power guidance), utility (i.e., interoperability among systems and system scalability to support additional users) and total cost (i.e., cost in relationship to return on investment). In September 2019, the department stated that the Office of the Chief Management Officer's investment management guidance, investment management training materials, and organizational execution plan, addressed elements of the recommendation. However, the documents did not specify a process for evaluating portfolio performance that includes the use of actual versus expected performance data and predetermined thresholds. Regarding ensuring that portfolio assessments are conducted in key areas identified in our IT investment management framework: benefits attained; current schedule; accuracy of project reporting; and risks that have been mitigated, eliminated, or accepted to date, the June 2018 investment management guidance requires organization execution plans to include risks and risk mitigation strategies. In addition, the investment management guidance requires the plans to include information about benefits attained. Specifically, the plans are to include progress against targets for business goals documented in functional strategies. However, the guidance does not address the remaining key areas identified in our IT investment management framework: current schedule; accuracy of project reporting; and risks that have been eliminated or accepted to date. In addition, the guidance does not call for this information to be used as part of portfolio assessments. Regarding ensuring that the documents provided to the Defense Business Council as part of the investment management process include critical information for conducting assessments, in September 2019, the department stated in a written response that business system certification decisions are made in accordance with criteria established in 10 U.S. Code Section 2222. However, as of November 2109, the department had not demonstrated that it established guidance that calls for documents to include critical information on alignment with the capital planning and investment control practices and Better Buying Power guidance), utility (i.e., interoperability among systems and system scalability to support additional users) and total cost (i.e., cost in relationship to return on investment), which are criteria it established in its investment management guidance for making certification decisions.

Recommendation: To enhance federal agencies' ability to realize enterprise architecture benefits, the Secretaries of the Departments of Agriculture, the Air Force, the Army, Commerce, Defense, Education, Energy, Homeland Security, the Interior, Labor, the Navy, State, Transportation, the Treasury, and Veterans Affairs; the Attorney General; the Administrators of the Environmental Protection Agency, General Services Administration, National Aeronautics and Space Administration, and Small Business Administration; the Commissioners of the Nuclear Regulatory Commission and Social Security Administration; and the Directors of the National Science Foundation and the Office of Personnel Management should fully establish an approach for measuring enterprise architecture outcomes, including a documented method (i.e., steps to be followed) and metrics that are measurable, meaningful, repeatable, consistent, actionable, and aligned with the agency's enterprise architecture's strategic goals and intended purpose.

Agency: Department of Commerce
Status: Open

Comments: The Department of Commerce has not implemented this recommendation. Since we reported in 2012 that the department had established metrics for measuring enterprise architecture outcomes but not a method for measuring the metrics, the department issued an Enterprise Architecture Value Measurement Plan in April 2018. This plan included outcome metrics; however, the department had not documented a method for measuring the metrics. In January 2020, the department's Office of the Chief Information Officer (CIO) stated that the department recently appointed a new CIO (acting) and was in the process of revisiting strategic planning initiatives and implementation to ensure they are congruent with the IT strategic vision and objectives. The Office of the CIO also said it was hiring a new Chief Enterprise Architect, which would impact previous initiatives and strategies. We will continue to monitor the department's efforts to implement the recommendation.

Recommendation: To enhance federal agencies' ability to realize enterprise architecture benefits, the Secretaries of the Departments of Agriculture, the Air Force, the Army, Commerce, Defense, Education, Energy, Homeland Security, the Interior, Labor, the Navy, State, Transportation, the Treasury, and Veterans Affairs; the Attorney General; the Administrators of the Environmental Protection Agency, General Services Administration, National Aeronautics and Space Administration, and Small Business Administration; the Commissioners of the Nuclear Regulatory Commission and Social Security Administration; and the Directors of the National Science Foundation and the Office of Personnel Management should fully establish an approach for measuring enterprise architecture outcomes, including a documented method (i.e., steps to be followed) and metrics that are measurable, meaningful, repeatable, consistent, actionable, and aligned with the agency's enterprise architecture's strategic goals and intended purpose.

Agency: Department of Defense
Status: Open

Comments: In December 2019, the Department of Defense Office of the Chief Information Officer stated that it would establish an approach to measuring enterprise architecture outcomes defined in the DOD Digital Modernization Strategy, by September 2020.

Recommendation: To enhance federal agencies' ability to realize enterprise architecture benefits, the Secretaries of the Departments of Agriculture, the Air Force, the Army, Commerce, Defense, Education, Energy, Homeland Security, the Interior, Labor, the Navy, State, Transportation, the Treasury, and Veterans Affairs; the Attorney General; the Administrators of the Environmental Protection Agency, General Services Administration, National Aeronautics and Space Administration, and Small Business Administration; the Commissioners of the Nuclear Regulatory Commission and Social Security Administration; and the Directors of the National Science Foundation and the Office of Personnel Management should fully establish an approach for measuring enterprise architecture outcomes, including a documented method (i.e., steps to be followed) and metrics that are measurable, meaningful, repeatable, consistent, actionable, and aligned with the agency's enterprise architecture's strategic goals and intended purpose.

Agency: Department of Defense: Department of the Navy
Status: Open

Comments: The Department of the Navy has not demonstrated that it has implemented our recommendation. In November 2017, the department described steps it had taken to address the recommendation. However, as of January 2020, the department had not provided documentation demonstrating that it had established metrics and a method for measuring enterprise architecture outcomes. We will continue to monitor the department's efforts to address the recommendation.

Recommendation: To enhance federal agencies' ability to realize enterprise architecture benefits, the Secretaries of the Departments of Agriculture, the Air Force, the Army, Commerce, Defense, Education, Energy, Homeland Security, the Interior, Labor, the Navy, State, Transportation, the Treasury, and Veterans Affairs; the Attorney General; the Administrators of the Environmental Protection Agency, General Services Administration, National Aeronautics and Space Administration, and Small Business Administration; the Commissioners of the Nuclear Regulatory Commission and Social Security Administration; and the Directors of the National Science Foundation and the Office of Personnel Management should fully establish an approach for measuring enterprise architecture outcomes, including a documented method (i.e., steps to be followed) and metrics that are measurable, meaningful, repeatable, consistent, actionable, and aligned with the agency's enterprise architecture's strategic goals and intended purpose.

Agency: Department of Defense: Department of the Army
Status: Open

Comments: As of January 2020, the Department of the Army had taken steps to address this recommendation, but much more remains to be done. Specifically, in December 2013, the department developed its Army Business Management Strategy, which included metrics to measure the number of business systems retired over five years and cost savings and avoidance through use of the Army's business enterprise architecture. However, as of January 2020, the department had not demonstrated that it had documented the steps to measure the metrics. In January 2020, the department's chief architect stated that the department was in the process of establishing a baseline architecture. We will continue to monitor the Army's efforts to establish an architecture and an approach for measuring architecture outcomes in accordance with our recommendation.

Recommendation: To enhance federal agencies' ability to realize enterprise architecture benefits, the Secretaries of the Departments of Agriculture, the Air Force, the Army, Commerce, Defense, Education, Energy, Homeland Security, the Interior, Labor, the Navy, State, Transportation, the Treasury, and Veterans Affairs; the Attorney General; the Administrators of the Environmental Protection Agency, General Services Administration, National Aeronautics and Space Administration, and Small Business Administration; the Commissioners of the Nuclear Regulatory Commission and Social Security Administration; and the Directors of the National Science Foundation and the Office of Personnel Management should fully establish an approach for measuring enterprise architecture outcomes, including a documented method (i.e., steps to be followed) and metrics that are measurable, meaningful, repeatable, consistent, actionable, and aligned with the agency's enterprise architecture's strategic goals and intended purpose.

Agency: Department of Energy
Status: Open

Comments: In August 2020, the Department of Energy demonstrated that it had taken steps to implement the recommendation. Specifically, in March 2020, the department developed a draft plan to measure business architecture performance. We will monitor the department's efforts to finalize and implement its plan.

Recommendation: To enhance federal agencies' ability to realize enterprise architecture benefits, the Secretaries of the Departments of Agriculture, the Air Force, the Army, Commerce, Defense, Education, Energy, Homeland Security, the Interior, Labor, the Navy, State, Transportation, the Treasury, and Veterans Affairs; the Attorney General; the Administrators of the Environmental Protection Agency, General Services Administration, National Aeronautics and Space Administration, and Small Business Administration; the Commissioners of the Nuclear Regulatory Commission and Social Security Administration; and the Directors of the National Science Foundation and the Office of Personnel Management should fully establish an approach for measuring enterprise architecture outcomes, including a documented method (i.e., steps to be followed) and metrics that are measurable, meaningful, repeatable, consistent, actionable, and aligned with the agency's enterprise architecture's strategic goals and intended purpose.

Agency: Department of Labor
Status: Open

Comments: The Department of Labor has not addressed the recommendation. In August 2020, the department stated that it was continuing to evaluate processes for reviewing and assessing enterprise architecture value.

Recommendation: To enhance federal agencies' ability to realize enterprise architecture benefits, the Secretaries of the Departments of Agriculture, the Air Force, the Army, Commerce, Defense, Education, Energy, Homeland Security, the Interior, Labor, the Navy, State, Transportation, the Treasury, and Veterans Affairs; the Attorney General; the Administrators of the Environmental Protection Agency, General Services Administration, National Aeronautics and Space Administration, and Small Business Administration; the Commissioners of the Nuclear Regulatory Commission and Social Security Administration; and the Directors of the National Science Foundation and the Office of Personnel Management should fully establish an approach for measuring enterprise architecture outcomes, including a documented method (i.e., steps to be followed) and metrics that are measurable, meaningful, repeatable, consistent, actionable, and aligned with the agency's enterprise architecture's strategic goals and intended purpose.

Agency: Department of State
Status: Open

Comments: In February 2020, the Department of State developed an enterprise architecture plan, which identified several benefits that may be achieved by executing the plan. These benefits included, for example, lower support and acquisition costs and reuse of technology and investments. However, the department did not demonstrate that it had established an approach for measuring the potential benefits in the plan. We will continue to monitor the department's efforts to implement the recommendation.

Recommendation: To enhance federal agencies' ability to realize enterprise architecture benefits, the Secretaries of the Departments of Agriculture, the Air Force, the Army, Commerce, Defense, Education, Energy, Homeland Security, the Interior, Labor, the Navy, State, Transportation, the Treasury, and Veterans Affairs; the Attorney General; the Administrators of the Environmental Protection Agency, General Services Administration, National Aeronautics and Space Administration, and Small Business Administration; the Commissioners of the Nuclear Regulatory Commission and Social Security Administration; and the Directors of the National Science Foundation and the Office of Personnel Management should fully establish an approach for measuring enterprise architecture outcomes, including a documented method (i.e., steps to be followed) and metrics that are measurable, meaningful, repeatable, consistent, actionable, and aligned with the agency's enterprise architecture's strategic goals and intended purpose.

Agency: Environmental Protection Agency
Status: Open

Comments: The Environmental Protection Agency has not implemented this recommendation. In December 2019, the agency stated that its chief architect and technical architecture staff were working to reformulate the enterprise architecture program and described several goals and activities that were underway. The agency also stated that the program was examining industry best practices on architecture metrics to determine which would be best for EPA's enterprise architecture program. As metrics are adopted to assess the value of the architecture program, the program will work them into the agency-wide process for performance metrics. We will continue to monitor the agency's efforts to implement the recommendation.

Recommendation: To enhance federal agencies' ability to realize enterprise architecture benefits, the Secretaries of the Departments of Agriculture, the Air Force, the Army, Commerce, Defense, Education, Energy, Homeland Security, the Interior, Labor, the Navy, State, Transportation, the Treasury, and Veterans Affairs; the Attorney General; the Administrators of the Environmental Protection Agency, General Services Administration, National Aeronautics and Space Administration, and Small Business Administration; the Commissioners of the Nuclear Regulatory Commission and Social Security Administration; and the Directors of the National Science Foundation and the Office of Personnel Management should fully establish an approach for measuring enterprise architecture outcomes, including a documented method (i.e., steps to be followed) and metrics that are measurable, meaningful, repeatable, consistent, actionable, and aligned with the agency's enterprise architecture's strategic goals and intended purpose.

Agency: National Aeronautics and Space Administration
Status: Open

Comments: The National Aeronautics and Space Administration (NASA) has not yet implemented this recommendation. In July 2019, NASA's Associate Chief Information Officer for Enterprise Service and Integration said the agency was in the process of developing an enterprise architecture policy directive and procedural requirements. He anticipated that they would be completed in October 2020.

Recommendation: To enhance federal agencies' ability to realize enterprise architecture benefits, the Secretaries of the Departments of Agriculture, the Air Force, the Army, Commerce, Defense, Education, Energy, Homeland Security, the Interior, Labor, the Navy, State, Transportation, the Treasury, and Veterans Affairs; the Attorney General; the Administrators of the Environmental Protection Agency, General Services Administration, National Aeronautics and Space Administration, and Small Business Administration; the Commissioners of the Nuclear Regulatory Commission and Social Security Administration; and the Directors of the National Science Foundation and the Office of Personnel Management should fully establish an approach for measuring enterprise architecture outcomes, including a documented method (i.e., steps to be followed) and metrics that are measurable, meaningful, repeatable, consistent, actionable, and aligned with the agency's enterprise architecture's strategic goals and intended purpose.

Agency: Small Business Administration
Status: Open

Comments: As of June 2020, the Small Business Administration had not implemented this recommendation. In August 2019, SBA developed an enterprise architecture program performance guide and value measurement plan. According to the plan, the agency plans to measure cost savings/avoidance and reduction of duplication. However, the agency has not demonstrated that it has documented the steps to be followed to measure the outcomes. Specifically, it did not demonstrate that it had established a method to measure the cost savings/avoidance or the number of duplicate investments reduced.

Recommendation: To enhance federal agencies' ability to realize enterprise architecture benefits, the Secretaries of the Departments of Agriculture, the Air Force, the Army, Commerce, Defense, Education, Energy, Homeland Security, the Interior, Labor, the Navy, State, Transportation, the Treasury, and Veterans Affairs; the Attorney General; the Administrators of the Environmental Protection Agency, General Services Administration, National Aeronautics and Space Administration, and Small Business Administration; the Commissioners of the Nuclear Regulatory Commission and Social Security Administration; and the Directors of the National Science Foundation and the Office of Personnel Management should fully establish an approach for measuring enterprise architecture outcomes, including a documented method (i.e., steps to be followed) and metrics that are measurable, meaningful, repeatable, consistent, actionable, and aligned with the agency's enterprise architecture's strategic goals and intended purpose.

Agency: Office of Personnel Management
Status: Open

Comments: In February 2020, a Senior Analyst in the Office of Personnel Management's (OPM) Office of Internal Oversight and Compliance stated that, as of January 2020, OPM's Office of the Chief Information Officer (CIO) had established an approach for developing an enterprise architecture. The liaison also stated that, since May 2019, the office of the CIO had established bi-weekly checkpoints with leadership and stakeholders to monitor and report progress and to document established metrics. However, the agency has not demonstrated that it has established a documented method and metrics for measuring enterprise architecture outcomes.

Recommendation: To enhance federal agencies' ability to realize enterprise architecture benefits, the Secretaries of the Departments of Agriculture, the Air Force, the Army, Commerce, Defense, Education, Energy, Homeland Security, the Interior, Labor, the Navy, State, Transportation, the Treasury, and Veterans Affairs; the Attorney General; the Administrators of the Environmental Protection Agency, General Services Administration, National Aeronautics and Space Administration, and Small Business Administration; the Commissioners of the Nuclear Regulatory Commission and Social Security Administration; and the Directors of the National Science Foundation and the Office of Personnel Management should periodically measure and report enterprise architecture outcomes and benefits to top agency officials (i.e., executives with authority to commit resources or make changes to the program) and to OMB.

Agency: Department of Agriculture
Status: Open

Comments: In August 2020, the Department of Agriculture demonstrated that it had established an approach to measuring enterprise architecture outcomes; however, it had not yet measured and reported them. The department conducted a survey in February 2020 that collected information such as the number of legacy systems that were identified and subsequently decommissioned, and the number of applications that have been eliminated as a result of application rationalization through use of enterprise architecture. The department stated that it will release the second survey in the first quarter of fiscal year 2021, and the differences in the responses between the first and second surveys will be presented to the CIO Council to show the impact of enterprise architecture. The department did not state when it plans to report the results. We will continue to monitor the department's efforts to implement the recommendation.

Recommendation: To enhance federal agencies' ability to realize enterprise architecture benefits, the Secretaries of the Departments of Agriculture, the Air Force, the Army, Commerce, Defense, Education, Energy, Homeland Security, the Interior, Labor, the Navy, State, Transportation, the Treasury, and Veterans Affairs; the Attorney General; the Administrators of the Environmental Protection Agency, General Services Administration, National Aeronautics and Space Administration, and Small Business Administration; the Commissioners of the Nuclear Regulatory Commission and Social Security Administration; and the Directors of the National Science Foundation and the Office of Personnel Management should periodically measure and report enterprise architecture outcomes and benefits to top agency officials (i.e., executives with authority to commit resources or make changes to the program) and to OMB.

Agency: Department of Commerce
Status: Open

Comments: The Department of Commerce has not implemented this recommendation. In April 2018, the department issued an Enterprise Architecture Value Measurement Plan; however, the department has not demonstrated that it has measured and reported enterprise architecture outcomes. In January 2020, the department's Office of the Chief Information Officer (CIO) stated that the department recently appointed a new CIO (acting) and was in the process of revisiting all strategic planning initiatives and implementation to ensure they are congruent with the IT strategic vision and objectives. The Office of the CIO also said it was hiring a new Chief Enterprise Architect, which would impact previous initiatives and strategies. We will continue to monitor the department's efforts to implement the recommendation.

Recommendation: To enhance federal agencies' ability to realize enterprise architecture benefits, the Secretaries of the Departments of Agriculture, the Air Force, the Army, Commerce, Defense, Education, Energy, Homeland Security, the Interior, Labor, the Navy, State, Transportation, the Treasury, and Veterans Affairs; the Attorney General; the Administrators of the Environmental Protection Agency, General Services Administration, National Aeronautics and Space Administration, and Small Business Administration; the Commissioners of the Nuclear Regulatory Commission and Social Security Administration; and the Directors of the National Science Foundation and the Office of Personnel Management should periodically measure and report enterprise architecture outcomes and benefits to top agency officials (i.e., executives with authority to commit resources or make changes to the program) and to OMB.

Agency: Department of Defense
Status: Open

Comments: In December 2019, the Department of Defense Office of the Chief Information Officer stated that it would establish a documented approach to measuring enterprise architecture outcomes defined in the DOD Digital Modernization Strategy by September 2020, and report outcomes by December 2021.

Recommendation: To enhance federal agencies' ability to realize enterprise architecture benefits, the Secretaries of the Departments of Agriculture, the Air Force, the Army, Commerce, Defense, Education, Energy, Homeland Security, the Interior, Labor, the Navy, State, Transportation, the Treasury, and Veterans Affairs; the Attorney General; the Administrators of the Environmental Protection Agency, General Services Administration, National Aeronautics and Space Administration, and Small Business Administration; the Commissioners of the Nuclear Regulatory Commission and Social Security Administration; and the Directors of the National Science Foundation and the Office of Personnel Management should periodically measure and report enterprise architecture outcomes and benefits to top agency officials (i.e., executives with authority to commit resources or make changes to the program) and to OMB.

Agency: Department of Defense: Department of the Navy
Status: Open

Comments: The Department of the Navy has not demonstrated that it has implemented our recommendation. In November 2017, the department described steps it had taken to address the recommendation. However, as of January 2020, it had not provided documentation demonstrating that it has measured and reported enterprise architecture outcomes. We will continue to monitor the department's efforts to implement the recommendation.

Recommendation: To enhance federal agencies' ability to realize enterprise architecture benefits, the Secretaries of the Departments of Agriculture, the Air Force, the Army, Commerce, Defense, Education, Energy, Homeland Security, the Interior, Labor, the Navy, State, Transportation, the Treasury, and Veterans Affairs; the Attorney General; the Administrators of the Environmental Protection Agency, General Services Administration, National Aeronautics and Space Administration, and Small Business Administration; the Commissioners of the Nuclear Regulatory Commission and Social Security Administration; and the Directors of the National Science Foundation and the Office of Personnel Management should periodically measure and report enterprise architecture outcomes and benefits to top agency officials (i.e., executives with authority to commit resources or make changes to the program) and to OMB.

Agency: Department of Energy
Status: Open

Comments: As of August 2020, the Department of Energy had not implemented the recommendation. In May 2020, the department described steps it had taken to develop its enterprise architecture. For example, it said that the department had established a Technical Reference Model, which supports processes and criteria for selecting and reviewing software across the department's headquarters. The department said it used the reference model to identify software products that could be eliminated or consolidated to achieve cost savings. However, as of August 2020, the department had not provided documents demonstrating that it had measured and reported architecture outcomes. We will continue to monitor the status of the department's efforts to implement the recommendation.

Recommendation: To enhance federal agencies' ability to realize enterprise architecture benefits, the Secretaries of the Departments of Agriculture, the Air Force, the Army, Commerce, Defense, Education, Energy, Homeland Security, the Interior, Labor, the Navy, State, Transportation, the Treasury, and Veterans Affairs; the Attorney General; the Administrators of the Environmental Protection Agency, General Services Administration, National Aeronautics and Space Administration, and Small Business Administration; the Commissioners of the Nuclear Regulatory Commission and Social Security Administration; and the Directors of the National Science Foundation and the Office of Personnel Management should periodically measure and report enterprise architecture outcomes and benefits to top agency officials (i.e., executives with authority to commit resources or make changes to the program) and to OMB.

Agency: Department of Labor
Status: Open

Comments: The Department of Labor has not addressed the recommendation. In August 2020, the department stated that it was evaluating processes for reviewing and assessing enterprise architecture value.

Recommendation: To enhance federal agencies' ability to realize enterprise architecture benefits, the Secretaries of the Departments of Agriculture, the Air Force, the Army, Commerce, Defense, Education, Energy, Homeland Security, the Interior, Labor, the Navy, State, Transportation, the Treasury, and Veterans Affairs; the Attorney General; the Administrators of the Environmental Protection Agency, General Services Administration, National Aeronautics and Space Administration, and Small Business Administration; the Commissioners of the Nuclear Regulatory Commission and Social Security Administration; and the Directors of the National Science Foundation and the Office of Personnel Management should periodically measure and report enterprise architecture outcomes and benefits to top agency officials (i.e., executives with authority to commit resources or make changes to the program) and to OMB.

Agency: Department of Veterans Affairs
Status: Open

Comments: In January 2020, the Department of Veterans Affairs stated that it plans to measure enterprise architecture performance by the end of March 2020. We will continue to monitor the department's efforts to address the recommendation.

Recommendation: To enhance federal agencies' ability to realize enterprise architecture benefits, the Secretaries of the Departments of Agriculture, the Air Force, the Army, Commerce, Defense, Education, Energy, Homeland Security, the Interior, Labor, the Navy, State, Transportation, the Treasury, and Veterans Affairs; the Attorney General; the Administrators of the Environmental Protection Agency, General Services Administration, National Aeronautics and Space Administration, and Small Business Administration; the Commissioners of the Nuclear Regulatory Commission and Social Security Administration; and the Directors of the National Science Foundation and the Office of Personnel Management should periodically measure and report enterprise architecture outcomes and benefits to top agency officials (i.e., executives with authority to commit resources or make changes to the program) and to OMB.

Agency: Department of State
Status: Open

Comments: In February 2020, the Department of State developed an enterprise architecture plan, which identified several benefits that may be achieved by executing the plan. These benefits included, for example, lower support and acquisition costs and reuse of technology and investments. However, the department did not demonstrate that it had measured and reported outcomes attributed to its architecture. We will continue to monitor the department's efforts to implement the recommendation.

Recommendation: To enhance federal agencies' ability to realize enterprise architecture benefits, the Secretaries of the Departments of Agriculture, the Air Force, the Army, Commerce, Defense, Education, Energy, Homeland Security, the Interior, Labor, the Navy, State, Transportation, the Treasury, and Veterans Affairs; the Attorney General; the Administrators of the Environmental Protection Agency, General Services Administration, National Aeronautics and Space Administration, and Small Business Administration; the Commissioners of the Nuclear Regulatory Commission and Social Security Administration; and the Directors of the National Science Foundation and the Office of Personnel Management should periodically measure and report enterprise architecture outcomes and benefits to top agency officials (i.e., executives with authority to commit resources or make changes to the program) and to OMB.

Agency: Environmental Protection Agency
Status: Open

Comments: The Environmental Protection Agency has not implemented this recommendation. In December 2019, the agency stated that its chief architect and technical architecture staff were working to reformulate the enterprise architecture program and described several goals and activities that were underway. The agency also stated that the program was examining industry best practices on architecture metrics to determine which would be best for EPA's enterprise architecture program. As metrics are adopted to assess the value of the architecture program, the program will work them into the agency-wide process for performance metrics. We will continue to monitor the agency's efforts to implement the recommendation.

Recommendation: To enhance federal agencies' ability to realize enterprise architecture benefits, the Secretaries of the Departments of Agriculture, the Air Force, the Army, Commerce, Defense, Education, Energy, Homeland Security, the Interior, Labor, the Navy, State, Transportation, the Treasury, and Veterans Affairs; the Attorney General; the Administrators of the Environmental Protection Agency, General Services Administration, National Aeronautics and Space Administration, and Small Business Administration; the Commissioners of the Nuclear Regulatory Commission and Social Security Administration; and the Directors of the National Science Foundation and the Office of Personnel Management should periodically measure and report enterprise architecture outcomes and benefits to top agency officials (i.e., executives with authority to commit resources or make changes to the program) and to OMB.

Agency: National Aeronautics and Space Administration
Status: Open

Comments: The National Aeronautics and Space Administration (NASA) has not implemented this recommendation. In July 2019, NASA's Associate Chief Information Officer for Enterprise Service and Integration said the agency was in the process of developing an enterprise architecture policy directive and procedural requirements. He anticipated that they would be completed in October 2020.

Recommendation: To enhance federal agencies' ability to realize enterprise architecture benefits, the Secretaries of the Departments of Agriculture, the Air Force, the Army, Commerce, Defense, Education, Energy, Homeland Security, the Interior, Labor, the Navy, State, Transportation, the Treasury, and Veterans Affairs; the Attorney General; the Administrators of the Environmental Protection Agency, General Services Administration, National Aeronautics and Space Administration, and Small Business Administration; the Commissioners of the Nuclear Regulatory Commission and Social Security Administration; and the Directors of the National Science Foundation and the Office of Personnel Management should periodically measure and report enterprise architecture outcomes and benefits to top agency officials (i.e., executives with authority to commit resources or make changes to the program) and to OMB.

Agency: Small Business Administration
Status: Open

Comments: As of June 2020, the Small Business Administration (SBA) had not implemented this recommendation. SBA's Office of the CIO stated that it achieved IT cost savings and avoidance as a result of IT infrastructure service and support reduction and data center optimization in fiscal years 2014 through the third quarter of fiscal year 2019. In a March 2020 memo to GAO, the Chief Information Officer explained that the agency's enterprise architecture team reviewed IT acquisition requests, which led to reducing duplicative IT investments and resulted in the cost savings and avoidance. However, the agency did not demonstrate that it had reliably measured the cost savings and avoidance. Specifically, it did not provide documentation demonstrating how it calculated most of the savings it reported.

Recommendation: To enhance federal agencies' ability to realize enterprise architecture benefits, the Secretaries of the Departments of Agriculture, the Air Force, the Army, Commerce, Defense, Education, Energy, Homeland Security, the Interior, Labor, the Navy, State, Transportation, the Treasury, and Veterans Affairs; the Attorney General; the Administrators of the Environmental Protection Agency, General Services Administration, National Aeronautics and Space Administration, and Small Business Administration; the Commissioners of the Nuclear Regulatory Commission and Social Security Administration; and the Directors of the National Science Foundation and the Office of Personnel Management should periodically measure and report enterprise architecture outcomes and benefits to top agency officials (i.e., executives with authority to commit resources or make changes to the program) and to OMB.

Agency: Office of Personnel Management
Status: Open

Comments: In February 2020, a Senior Analyst in the Office of Personnel Management's (OPM) Office of Internal Oversight and Compliance stated that, as of January 2020, OPM's Office of the Chief Information Officer (CIO) had established an approach for developing an enterprise architecture. The liaison also stated that, since May 2019, the office of the CIO had established bi-weekly checkpoints with leadership and stakeholders to monitor and report progress and to document established metrics. However, the agency has not provided documentation demonstrating that it has measured and reported enterprise architecture outcomes.

Recommendation: To enhance federal agencies' ability to realize enterprise architecture benefits, the Secretaries of the Departments of Health and Human Services and Housing and Urban Development should ensure that enterprise architecture outcomes are periodically measured and reported to top agency officials.

Agency: Department of Health and Human Services
Status: Open

Comments: As of January 2020, the Department of Health and Human Services had not implemented this recommendation. Specifically, it had not demonstrated that it had measured architecture metrics that it had established in its April 2014 Enterprise Roadmap. We will continue to monitor the department's efforts to implement the recommendation.

Recommendation: To enhance federal agencies' ability to realize enterprise architecture benefits, and to assist agencies in measuring and reporting outcomes achieved through enterprise architecture, the Director of OMB should ensure that the planned December 2012 guidance for enterprise architecture value measurement and reporting includes (1) sufficient details on the method and metrics that agencies could use to measure their architecture program's value and (2) a requirement for agencies to include in their April 2013 enterprise roadmap submissions a measurement method (i.e., steps to be followed) and metrics, and report on the outcomes and benefits achieved through enterprise architecture.

Agency: Executive Office of the President: Office of Management and Budget
Status: Open

Comments: As of December 2019, the Office of Management and Budget (OMB) had not fully addressed our recommendation. In March 2013, the office required agencies to submit annually an Enterprise Roadmap, which was to include an appendix on enterprise architecture outcomes. To prepare the appendix, the office provided agencies with a template to document architecture metrics and measurement methods. The template included examples of outcome metrics and a field where agencies were to document measurement methods. However, OMB did not provide details on the methods that agencies could use to measure architecture outcomes or require that agencies include the steps to be followed for measuring outcomes. In March 2019, OMB said that it was working with agencies to determine approaches for measuring and reporting outcomes achieved through enterprise architecture. However, as of December 2019, OMB had not demonstrated that it had fully addressed the recommendation. We will continue to follow up with OMB on its efforts to implement the recommendation.

Recommendation: To ensure that DOD continues to implement the full range of institutional management controls needed to address its business systems modernization high-risk area, the Secretary of Defense should ensure that the Deputy Secretary of Defense, as the department's Chief Management Officer, establish a policy that clarifies the roles, responsibilities, and relationships among the Chief Management Officer, Deputy Chief Management Officer, DOD and military department Chief Information Officers, Principal Staff Assistants, military department Chief Management Officers, and the heads of the military departments and defense agencies, associated with the development of a federated business enterprise architecture (BEA). Among other things, the policy should address the development and implementation of an overarching taxonomy and associated ontologies to help ensure that each of the respective portions of the architecture will be properly linked and aligned. In addition, the policy should address alignment and coordination of business process areas, military department and defense agency activities associated with developing and implementing each of the various components of the BEA, and relationships among these entities.

Agency: Department of Defense
Status: Open

Comments: While the Department of Defense (DOD) had taken steps to improve its business enterprise architecture, it had not implemented the recommendation as of November 2019. In August 2013, the department established the Business Enterprise Architecture Configuration Control Board, which is chaired by the business enterprise architecture chief architect (Office of the DOD CMO) and includes representatives from the Defense Business Council member organizations. These organizations include, among others, DOD's CIO and the military department CMOs. According to its charter, the Business Enterprise Architecture Configuration Control Board is the principal body for managing the disposition of proposed architecture requirements and change requests. However, the charter does not discuss roles and responsibilities associated with the development of the business enterprise architecture. Specifically, it does not address alignment and coordination of business process areas or military department and defense agency activities associated with developing and implementing each of the various components of the business enterprise architecture, and the relationships among these entities. In addition, in September 2018, the department stated that it was drafting a business enterprise architecture concept of operations that was to outline roles and responsibilities associated with the development of the architecture. However, as of November 2019, the department had not completed the concept of operations or otherwise demonstrated that it had established roles and responsibilities for the development of the architecture. In October 2018, an official from the Office of the CMO described the department's new approach to developing its business enterprise architecture. In addition, the department demonstrated that it had developed a taxonomy for the architecture and was in the process of developing an ontology to help ensure that each of the respective portions of the architecture would be appropriately linked and aligned. In November 2019, the official stated that the ontology had been implemented in the department's new business enterprise architecture tool; however, the department did not demonstrate that it had finished developing the ontology. Specifically, the department's October 2019 ontology document identifies basic concepts, such as "Goal", "Objective", and "LOB" (i.e., line of business) as classes, and the properties and attributes of, and relationships among, classes. However, the document does not include annotations such as for the "description" attribute for an LOB, which would provide information needed to create a specific instance of a class applicability; and had not demonstrated that it had developed ontologies for its business domains, such as acquisition, human resource management, and financial management. Also, the document does not demonstrate if allowed values have been defined for some attributes, such as the options allowed in an "option list" for "status" attributes. Further, the department had not documented general information about the ontology, such as its scope and intended applicability; and had not demonstrated that it had developed ontologies for its business domains, such as acquisition, human resource management, and financial management.

Recommendation: To help ensure the success of FDA's modernization efforts, the Commissioner of FDA should direct the CIO to, in completing the assessment of Mission Accomplishments and Regulatory Compliance Services (MARCS), develop an integrated master schedule (IMS) that (1) identifies which legacy systems will be replaced and when; (2) identifies all current and future tasks to be performed by contractors and FDA; and (3) defines and incorporates information reflecting resources and critical dependencies.

Agency: Department of Health and Human Services: Food and Drug Administration
Status: Open

Comments: In 2018, we confirmed that FDA, in response to our recommendation, began efforts to identify which legacy systems will be replaced. FDA also developed an IMS for fiscal year (FY) 2017 and 2018 that identifies current and future tasks to be performed by contractors and FDA. However, FDA's IMS for FY 2017 and 2018 does not fully and clearly define resources. For example, although the FY 2017 IMS includes 265 names, roles, and teams, only 16 percent of activities have resource assignments. Further, FDA's fiscal year 2018 IMS does not fully define critical dependencies. For example, there are 14 activities and milestones with finish dates that are not properly tied to logic. Specifically, the finish dates of the 14 activities are not clearly tied to succeeding activities in the schedule. We contacted FDA in September and December 2019 and January 2020 for an update on the actions taken to implement the recommendation, but have not received a response. We will update the recommendation when additional information is obtained.