Information Technology
Census Bureau Needs to Improve Its Risk Management of Decennial Systems Gao ID: GAO-08-259T December 11, 2007For Census 2010, automation and information technology (IT) are expected to play a critical role. The Census Bureau plans to spend about $3 billion on automation and technology that are to improve the accuracy and efficiency of census collection, processing, and dissemination. From February 2006 through June 2009, the Bureau is holding a ''Dress Rehearsal'' during which it plans to conduct operational testing that includes decennial systems acquisitions. In October 2007, GAO reported on its review of four key 2010 Census IT acquisitions to (1) determine the status and plans, including schedule and cost, and (2) assess whether the Bureau is adequately managing associated risks. This testimony summarizes GAO's report on these key acquisitions and describes GAO's preliminary observations on the performance of handheld mobile computing devices used during the Dress Rehearsal.
As of October 2007, three key systems acquisitions for the 2010 Census were in process, and a fourth contract had recently been awarded. The ongoing acquisitions showed mixed progress in meeting schedule and cost estimates. Two of the projects were not on schedule. The award of the fourth contract, originally scheduled for 2005, was awarded in September 2007. In addition, one project had incurred cost overruns and increases to its projected life-cycle cost. As a result of the schedule changes, the full complement of systems and functionality that were originally planned will not be available for upcoming Dress Rehearsal operational testing. This limitation increases the importance of further system testing to ensure that the decennial systems work as intended. The Bureau's project teams for each of the four IT acquisitions had performed many practices associated with establishing sound and capable risk management processes, but critical weaknesses remained. Three project teams had developed a risk management strategy that identified the scope of the risk management effort. However, not all project teams had identified risks, established mitigation plans, or reported risks to executive-level officials. For example, one project team did not adequately identify risks associated with performance issues experienced by handheld mobile computing devices, even though Census field staff reported slow and inconsistent data transmissions with the device during the spring Dress Rehearsal operations. The magnitude of these difficulties is not clear, and the Bureau has not fully specified how it plans to measure the performance of the devices. Until the project teams implement key risk management activities, they face an increased probability that decennial systems will not be delivered on schedule and within budget or perform as expected.
GAO-08-259T, Information Technology: Census Bureau Needs to Improve Its Risk Management of Decennial Systems
This is the accessible text file for GAO report number GAO-08-259T
entitled 'Information Technology: Census Bureau Needs to Improve Its
Risk Management of Decennial Systems' which was released on December
11, 2007.
This text file was formatted by the U.S. Government Accountability
Office (GAO) to be accessible to users with visual impairments, as part
of a longer term project to improve GAO products' accessibility. Every
attempt has been made to maintain the structural and data integrity of
the original printed product. Accessibility features, such as text
descriptions of tables, consecutively numbered footnotes placed at the
end of the file, and the text of agency comment letters, are provided
but may not exactly duplicate the presentation or format of the printed
version. The portable document format (PDF) file is an exact electronic
replica of the printed version. We welcome your feedback. Please E-mail
your comments regarding the contents or accessibility features of this
document to Webmaster@gao.gov.
This is a work of the U.S. government and is not subject to copyright
protection in the United States. It may be reproduced and distributed
in its entirety without further permission from GAO. Because this work
may contain copyrighted images or other material, permission from the
copyright holder may be necessary if you wish to reproduce this
material separately.
Testimony:
Testimony Before the Subcommittee on Information Policy, Census, and
National Archives, Committee on Oversight and Government Reform, U.S.
House of Representatives:
United States Government Accountability Office:
GAO:
For Release on Delivery Expected at 2:00 p.m. EST:
Tuesday, December 11, 2007:
Information Technology:
Census Bureau Needs to Improve Its Risk Management of Decennial
Systems:
Statement of David A. Powner:
Director, Information Technology Management Issues:
Mathew J. Scirè:
Director, Strategic Issues:
GAO-08-259T:
GAO Highlights:
Highlights of GAO-08-259T, a testimony before the Subcommittee on
Information Policy, Census, and National Archives, Committee on
Oversight and Government Reform, U.S. House of Representatives.
Why GAO Did This Study:
For Census 2010, automation and information technology (IT) are
expected to play a critical role. The Census Bureau plans to spend
about $3 billion on automation and technology that are to improve the
accuracy and efficiency of census collection, processing, and
dissemination. From February 2006 through June 2009, the Bureau is
holding a ’Dress Rehearsal“ during which it plans to conduct
operational testing that includes decennial systems acquisitions.
In October 2007, GAO reported on its review of four key 2010 Census IT
acquisitions to (1) determine the status and plans, including schedule
and cost, and (2) assess whether the Bureau is adequately managing
associated risks. This testimony summarizes GAO‘s report on these key
acquisitions and describes GAO‘s preliminary observations on the
performance of handheld mobile computing devices used during the Dress
Rehearsal.
What GAO Found:
As of October 2007, three key systems acquisitions for the 2010 Census
were in process, and a fourth contract had recently been awarded. The
ongoing acquisitions showed mixed progress in meeting schedule and cost
estimates. Two of the projects were not on schedule. The award of the
fourth contract, originally scheduled for 2005, was awarded in
September 2007. In addition, one project had incurred cost overruns and
increases to its projected life-cycle cost. As a result of the schedule
changes, the full complement of systems and functionality that were
originally planned will not be available for upcoming Dress Rehearsal
operational testing. This limitation increases the importance of
further system testing to ensure that the decennial systems work as
intended.
The Bureau‘s project teams for each of the four IT acquisitions had
performed many practices associated with establishing sound and capable
risk management processes, but critical weaknesses remained. Three
project teams had developed a risk management strategy that identified
the scope of the risk management effort. However, not all project teams
had identified risks, established mitigation plans, or reported risks
to executive-level officials. For example, one project team did not
adequately identify risks associated with performance issues
experienced by handheld mobile computing devices, even though Census
field staff reported slow and inconsistent data transmissions with the
device during the spring Dress Rehearsal operations. The magnitude of
these difficulties is not clear, and the Bureau has not fully specified
how it plans to measure the performance of the devices. Until the
project teams implement key risk management activities, they face an
increased probability that decennial systems will not be delivered on
schedule and within budget or perform as expected.
Performance of Risk Management Activities by Key Census Acquisition
Projects:
Specific practices: Preparing for risk management: Determine risk
sources and categories;
Acquisition project 1: practice not implemented;
Acquisition project 2: practice fully implemented;
Acquisition project 3: practice fully implemented;
Acquisition project 4: practice fully implemented.
Specific practices: Preparing for risk management: Define risk
parameters;
Acquisition project 1: practice fully implemented;
Acquisition project 2: practice fully implemented;
Acquisition project 3: practice fully implemented;
Acquisition project 4: practice fully implemented.
Specific practices: Preparing for risk management: Establish and
maintain a risk management strategy;
Acquisition project 1: practice partially implemented;
Acquisition project 2: practice fully implemented;
Acquisition project 3: practice fully implemented;
Acquisition project 4: practice fully implemented.
Specific practices: Preparing for risk management: Identify and involve
the relevant stakeholders;
Acquisition project 1: practice partially implemented;
Acquisition project 2: practice partially implemented;
Acquisition project 3: practice fully implemented;
Acquisition project 4: practice partially implemented.
Specific practices: Identify and analyze risks: Identify and document
the risks;
Acquisition project 1: practice fully implemented;
Acquisition project 2: practice partially implemented;
Acquisition project 3: practice fully implemented;
Acquisition project 4: practice partially implemented.
Specific practices: Identify and analyze risks: Evaluate, categorize,
and prioritize risks;
Acquisition project 1: practice partially implemented;
Acquisition project 2: practice fully implemented;
Acquisition project 3: practice fully implemented;
Acquisition project 4: practice fully implemented.
Specific practices: Mitigate risks: Develop risk mitigation plans;
Acquisition project 1: practice partially implemented;
Acquisition project 2: practice partially implemented;
Acquisition project 3: practice fully implemented;
Acquisition project 4: practice not implemented.
Specific practices: Mitigate risks: Monitor status and implement risk
mitigation plans;
Acquisition project 1: practice partially implemented;
Acquisition project 2: practice partially implemented;
Acquisition project 3: practice fully implemented;
Acquisition project 4: practice partially implemented.
Specific practices: Executive oversight: Review status with executive-
level management;
Acquisition project 1: practice not implemented;
Acquisition project 2: practice not implemented;
Acquisition project 3: practice fully implemented;
Acquisition project 4: practice fully implemented.
Source: GAO analysis of Census project data against industry standards.
[End of table]
What GAO Recommends:
In its report, GAO made recommendations that the Bureau strengthen its
systems testing and risk management activities, including risk
identification and oversight. The Bureau agreed to examine additional
ways to manage risks, but disagreed with the view that a full
complement of systems would not be tested, stating it planned to do so
during the Dress Rehearsal or later; however, the test plans have not
been finalized and it remains unclear whether this testing will be
done.
To view the full product, including the scope and methodology, click on
[hyperlink, http://www.GAO-08-259T]. For more information, contact
David A. Powner at (202) 512-9286 or pownerd@gao.gov.
[End of section]
Mr. Chairman and Members of the Subcommittee:
Thank you for the opportunity to participate in today‘s hearing on the
2010 Decennial Census Information Technology (IT) acquisitions that are
an integral part of the reengineered census. As you know, the decennial
census is mandated by the U.S. Constitution and provides data that are
vital to the nation. These data are used to reapportion the seats of
the U.S. House of Representatives, realign the boundaries of the
legislative districts of each state, allocate billions of dollars in
federal financial assistance, and provide a social, demographic, and
economic profile of the nation‘s people to guide policy decisions at
each level of government.
Carrying out the census is the responsibility of the Department of
Commerce‘s Census Bureau, which is now preparing for the 2010 Census.
The Bureau is required to count the population on April 1, 2010, and
the Secretary of Commerce is required to report to the President on the
tabulation of total population by state within 9 months of that date.
[Footnote 1]
The Bureau plans to rely on automation and technology to improve the
coverage, accuracy, and efficiency of the 2010 Census, and has awarded
four key IT contracts to that end. It is also holding what it refers to
as a Dress Rehearsal, from February 2006 through June 2009, a period
centering around a mock Census Day on April 1, 2008. [Footnote 2]
Planned Dress Rehearsal activities include operational testing of the
2010 Census systems in a census-like environment. The Bureau estimates
that its IT acquisitions will absorb about $3 billion of the total
$11.5 billion cost of the entire census.
As requested, our testimony today will summarize our report on the four
key IT acquisitions. In the report, we (1) determined the status and
plans, including schedule and costs, for four key IT acquisitions; and
(2) assessed whether the Bureau is adequately managing the risks facing
these key system acquisitions. [Footnote 3] The report contains a
detailed overview of the scope and methodology we used. As you also
requested, our testimony today describes GAO‘s preliminary observations
on the performance of handheld mobile computing devices used during
address canvassing activities in the Dress Rehearsal. [Footnote 4] The
preliminary observations presented in this report are based on field
work we have conducted at the two Dress Rehearsal sites (Stockton, CA
and Fayetteville, NC), as well as a review of Bureau documentation of
its own observations of the Dress Rehearsal. The work on which this
testimony is based was performed in accordance with generally accepted
government auditing standards.
Results in Brief:
As of October 2007, three key systems acquisitions for the 2010 Census
were in process, and a fourth contract had recently been awarded:
* In one project, the Bureau is modernizing the database that provides
address lists, maps, and other geographic support services for the
census. This project is on schedule to complete improvements by the end
of fiscal year 2008 and is meeting cost estimates.
* In a second project, the Bureau is acquiring systems, equipment, and
infrastructure for field staff to use in collecting census data.
Deliverables provided to date include handheld mobile computing devices
and installation of key support infrastructure. However, the schedule
for this acquisition has been revised, resulting in delays in system
development and testing of interfaces. Also, the life-cycle cost
estimates for this program have increased, and we projected an $18
million cost overrun by December 2008. According to the contractor, the
overrun is due primarily to an increase in the number of system
requirements.
* In a third project, the Bureau is acquiring a system for integrating
paper, telephone responses, and field operations. The software
development and testing are on schedule to provide (by December 2007)
an initial system to process the major census forms during the Dress
Rehearsal activities. However, the system development schedule was
revised in October 2005, which is delaying some functionality. For
example, a telephone-assistance system that was originally intended to
be completed by fiscal year 2008 has been delayed. This acquisition is
meeting current cost estimates.
* Finally, a contract to replace the current system used to tabulate
and disseminate census data was recently delayed by about a year (it was
ultimately awarded in September 2007). As a result, of the 1-year
delay, the Dress Rehearsal activities will use the current tabulation
and dissemination system rather than a modernized version.
The delays mean that the Dress Rehearsal operational testing will take
place without the full complement of systems and functionality that was
originally planned. As a result, further system testing will be
necessary to ensure that the decennial systems work as intended.
However, as of October 2007, Bureau officials had not finalized their
plans for testing all the systems, and it is not clear whether these
plans would include testing to address all interrelated systems and
functionality, such as end-to-end testing. [Footnote 5] According to
officials, these plans will not be finalized until February 2008.
Without sufficient testing of all systems and their functionality, the
Bureau increases the risk that costs will increase further, that
decennial systems will not perform as expected, or both.
As of October 2007, the four project teams managing the acquisitions
had performed many practices associated with establishing sound and
capable risk management processes. However, critical weaknesses
remained. Specifically, three of the four project teams had developed
risk management strategies identifying the scope of their risk
management efforts; however, three project teams had weaknesses in
identifying risks, establishing mitigation plans that identified
planned actions and milestones, and reporting risk status to executive-
level officials. For example, one project team did not adequately
identify risks associated with performance issues experienced by
handheld mobile computing devices. Further, in May and June 2007, both
we and the Census Bureau observed the use of the handheld mobile
computing device in Census-like conditions and these observations
revealed a number of performance issues with the devices, such as slow
and inconsistent data processing. The magnitude of these performance
issues remains unclear. The Field Data Collection Automation (FDCA)
contract anticipates the Bureau‘s need for data on the performance of
the handheld mobile computing device; however, the Bureau has not fully
specified the performance data it will use for the devices. As we have
previously reported, a root cause of weaknesses in completing key risk
management activities is the lack of policies for managing major
acquisitions at the Bureau. [Footnote 6] Until the project teams
implement key risk management activities, they face an increased
probability that decennial systems will not be delivered on schedule
and within budget or perform as expected.
Because the entire complement of systems will not be available for
Dress Rehearsal activities as originally planned, we recommended that
the Census Bureau plan for and perform end-to-end testing so that all
systems are tested in a census-like environment. Further, to help
ensure that the three key acquisitions for the 2010 Census operate as
intended, we recommended that the project teams strengthen risk
management activities, including those associated with risk
identification, mitigation, and oversight.
In written comments on a draft of our report, the department agreed to
examine additional ways to manage risks and prepare a formal action
plan in response to our final report. However, the department said it
had a major disagreement with our findings with regard to not
conducting operational testing on a full complement of the key
decennial systems, stating it plans to test all critical systems and
interfaces during the Dress Rehearsal or later. Nonetheless, the
Bureau‘s test plans have not been finalized, and it remains unclear
whether testing will address all interrelated systems and functionality
in a census-like environment, as would be provided by end-to-end
testing. Consistent with our recommendation, following up with
documented test plans to do end-to-end testing will help ensure that
decennial systems will work as intended.
Background:
Conducting the decennial census is a major undertaking involving many
interrelated steps including:
* identifying and correcting addresses for all known living quarters in
the United States (known as ’address canvassing“);
* sending questionnaires to housing units;
* following up with nonrespondents through personal interviews;
* identifying people with nontraditional living arrangements;
* managing a voluminous workforce responsible for follow-up activities;
* collecting census data by means of questionnaires, calls, and
personal interviews;
* tabulating and summarizing census data; and:
* disseminating census analytical results to the public.
Role of IT in the Decennial Census:
The Bureau estimates that it will spend about $3 billion on automation
and IT for the 2010 Census, including four major systems acquisitions
that are expected to play a critical role in improving coverage,
accuracy, and efficiency. Figure 1 shows the key systems and interfaces
supporting the 2010 Census, and highlights the four major IT systems we
discuss today. As the figure shows, these four systems are to play
important roles with regard to different aspects of the process.
Figure 1: Key 2010 Census Systems and Interfaces:
[See PDF for image]
This figure is a schematic illustration of Key 2010 Census Systems and
Interfaces. Systems and interfaces are depicted in three areas, with
relationships indicated by connections through either one-way or two-
way arrows. Four systems are shaded to indicate that the system is
discussed in the report. The following data is depicted:
Establish where to count:
* Master Address File/Topologically Integrated Geographic Encoding and
Referencing [system discussed in this report];
* Universe Control and Management;
* Printing.
Collect respondent information:
* Decennial Response Integration System [system discussed in this
report];
* Field Data Collection Automation;
* Postal;
* Respondent;
* National Processing Center;
* Decennial Applicant Personnel and Payroll System;
* Census Evaluation and Experimentation (overlaps into Collect
respondent information section).
Provide results:
* Data Access and Dissemination System [system discussed in this
report];
* Response Processing System;
* Archive System;
* National Archives and Records Administration;
* Census Evaluation and Experimentation (overlaps into Provide Results
section).
Relationships as indicated by connecting arrows (input and output):
Master Address File/Topologically Integrated Geographic Encoding and
Referencing [system discussed in this report]:
* Output arrow to Archive System;
* Output arrow to Data Access and Dissemination System [system
discussed in this report];
* Output arrow to Decennial Response Integration System [system
discussed in this report];
* Output and Input arrow with Census Evaluation and Experimentation;
* Output and Input arrow with Response Processing System;
* Output and Input arrow with Universe Control and Management;
* Output and Input arrow with Field Data Collection Automation [system
discussed in this report];
* Input arrow from National Processing Center.
Universe Control and Management:
* Output and Input arrow with Master Address File/Topologically
Integrated Geographic Encoding and Referencing [system discussed in
this report];
* Output and Input arrow with Field Data Collection Automation [system
discussed in this report];
* Output and Input arrow with Response Processing System;
* Output arrow to Printing;
* Output and Input arrow to Decennial Response Integration System
[system discussed in this report];
* Output arrow to Census Evaluation and Experimentation;
Printing:
* Output arrow to Postal;
* Input arrow from Decennial Response Integration System [system
discussed in this report];
Decennial Response Integration System [system discussed in this
report]:
* Output arrow to Printing;
* Output and Input arrow with Universe Control and Management;
* Input arrow from Postal;
* Input arrow from Master Address File/Topologically Integrated
Geographic Encoding and Referencing [system discussed in this report];
* Output and Input arrow with Field Data Collection Automation [system
discussed in this report];
* Output arrow to Response Processing System;
* Output arrow to Archive System.
Field Data Collection Automation [system discussed in this report]:
* Output and Input arrow with Universe Control and Management;
* Output and Input arrow with Master Address File/Topologically
Integrated Geographic Encoding and Referencing [system discussed in
this report];
* Output and Input arrow with Decennial Response Integration System
[system discussed in this report];
* Input arrow from Respondent;
* Input arrow from Decennial Applicant Personnel and Payroll System;
* Output arrow to Census Evaluation and Experimentation (overlaps into
Provide Results section);
* Output arrow to National Processing Center.
Decennial Applicant Personnel and Payroll System:
* Output arrow to Field Data Collection Automation [system discussed in
this report].
Postal:
* Output arrow to Decennial Response Integration System [system
discussed in this report];
* Input arrow from Printing;
* Output and Input arrow with Respondent.
Respondent:
* Output and Input arrow with Postal;
* Output arrow to Field Data Collection Automation [system discussed in
this report].
National Processing Center:
* Output arrow to Master Address File/Topologically Integrated
Geographic Encoding and Referencing [system discussed in this report];
* Output arrow to Census Evaluation and Experimentation;
* Input arrow from Field Data Collection Automation [system discussed
in this report].
Census Evaluation and Experimentation:
* Output and Input arrow with Master Address File/Topologically
Integrated Geographic Encoding and Referencing [system discussed in
this report];
* Input arrow from Universe Control and Management;
* Input arrow from Field Data Collection Automation [system discussed
in this report];
* Input arrow from National Processing Center;
* Output and Input arrow with Response Processing System.
Data Access and Dissemination System [system discussed in this report]:
* Input arrow from Master Address File/Topologically Integrated
Geographic Encoding and Referencing [system discussed in this report];
* Input arrow from Response Processing System.
Archive System:
* Input arrow from Master Address File/Topologically Integrated
Geographic Encoding and Referencing [system discussed in this report];
* Input arrow from Decennial Response Integration System [system
discussed in this report];
* Input arrow from Response Processing System;
* Output arrow to National Archives and Records Administration.
Response Processing System:
* Output and Input arrow with Master Address File/Topologically
Integrated Geographic Encoding and Referencing [system discussed in
this report];
* Output and Input arrow with Universe Control and Management;
* Output and Input arrow with Census Evaluation and Experimentation;
* Input arrow from Decennial Response Integration System [system
discussed in this report];
* Output arrow to Archive System;
* Output arrow to Data Access and Dissemination System [system
discussed in this report].
National Archives and Records Administration:
* Input arrow from Archive System.
Source: U.S. Census Bureau.
[End of figure]
To establish where to count (as shown in the top section of fig. 1),
the Bureau will depend heavily on a database that provides address
lists, maps, and other geographic support services. The Bureau‘s
address list, known as the Master Address File (MAF), is associated
with a geographic information system containing street maps known as
the Topologically Integrated Geographic Encoding and Referencing
(TIGER®) database. [Footnote 7]
The MAF/TIGER database is the object of the first major IT
acquisition”the MAF/TIGER Accuracy Improvement Project (MTAIP).
To collect respondent information (a process depicted in the middle
section of fig. 1), the Bureau is pursuing two initiatives. First, the
Field Data Collection Automation (FDCA) program is expected to provide
automation support for field data collection operations as well as
reduce costs and improve data quality and operational efficiency. This
acquisition includes the systems, equipment, and infrastructure that
field staff will use to collect census data, such as handheld mobile
computing devices. [Footnote 8] Second, the Decennial Response
Integration System (DRIS) is to provide a system for collecting and
integrating census responses from all sources, including forms,
telephone interviews, and handheld mobile computing devices in the
field. DRIS is expected to improve accuracy and timeliness by
standardizing the response data and providing it to other Bureau
systems for analysis and processing.
To provide results (see the bottom section of fig. 1), the Data Access
and Dissemination System II (DADS II) acquisition is to replace legacy
systems for tabulating and publicly disseminating data. The DADS II
program is expected to provide comprehensive support to DADS.
Replacement of the legacy systems is expected to:
* maximize the efficiency, timeliness, and accuracy of tabulation and
dissemination products and services;
* minimize the cost of tabulation and dissemination; and:
* increase user satisfaction with related services.
Table 1 provides a brief overview of the four acquisitions.
Table 1: Four Key IT Acquisitions Supporting Census 2010:
IT acquisition: MAF/TIGER Accuracy Improvement Project (MTAIP);
Purpose: Modernize the system that provides the address list, maps, and
other geographic support services for the Census and other Bureau
surveys.
IT acquisition: Field Data Collection Automation (FDCA);
Purpose: Provide automated resources for supporting field data
collection, including the provision of handheld mobile computing
devices to collect data in the field, including address and map data.
IT acquisition: Decennial Response Integration System (DRIS);
Purpose: Provide a solution for data capture and respondent assistance.
IT acquisition: Data Access and Dissemination System (DADS II);
Purpose: Develop a replacement for the DADS legacy tabulation and
dissemination systems.
Source: GAO analysis of Census Bureau data.
[End of table]
Responsibility for these acquisitions lies with the Bureau‘s Decennial
Management Division and the Geography Division. Each of the four
acquisitions is managed by an individual project team staffed by Bureau
personnel. Additional information on the contracts for these four
systems is provided in appendix I of the report.
In preparation for the 2010 Census, the Bureau plans a series of tests
of its (new and existing) operations and systems in different
environments, as well as to conduct what it refers to as the Dress
Rehearsal. During the Dress Rehearsal period, which runs from February
2006 through June 2009, the Bureau plans to conduct development and
testing of systems, run a mock Census Day, and prepare for Census 2010,
which will include opening offices and hiring staff. These Dress
Rehearsal activities are to provide an operational test of the
available system functionalities in a census-like environment, as well
as other operational and procedural activities.
Decennial IT Acquisitions Were at Various Stages of Development and
Showed Mixed Progress against Schedule and Cost Baselines:
As of October 2007, three key decennial systems acquisitions were in
process and a fourth contract had recently been awarded. The ongoing
acquisitions (FDCA, DRIS) showed mixed progress in providing
deliverables while adhering to planned schedules and cost estimates.
The two ongoing projects had experienced schedule delays; the date for
awarding the fourth contract was postponed several times. In addition,
we estimated that one of the ongoing projects (FDCA) will incur about
$18 million in cost overruns. In response to schedule delays as well as
other factors, including cost, the Bureau made schedule adjustments and
planned to delay certain system functionality. As a result, Dress
Rehearsal operational testing will not address the full complement of
systems and functionality that was originally planned, and the Bureau
has not yet finalized its plans for further system tests. Delaying
functionality increases the importance of operational testing after the
Dress Rehearsal to ensure that the decennial systems work as intended.
MTAIP Was Completing Improvements on Schedule and at Estimated Cost:
MTAIP is a project to improve the accuracy of the MAF/TIGER database,
which contains information on street locations, housing units, rivers,
railroads, and other geographic features. We reported that MTAIP was on
schedule to complete improvements by the end of fiscal year 2008 and
was meeting cost estimates.
As of October 2007, the acquisition was in the second and final phase
of its life cycle. In Phase II, which began in January 2003 and is
ongoing, the contractor is developing improved maps for all 3,037
counties in the United States. We reported that the contractor had
delivered more than 75 percent of these maps, which are due by
September 2008. Beginning in fiscal year 2008, maintenance for the
contract will begin. The contract closeout activities are scheduled for
fiscal year 2009.
FDCA Had Provided Deliverables but Had Delayed Functionality and Was
Experiencing Cost Increases:
FDCA is to provide the systems, equipment, and infrastructure that
field staff will use to collect census data. At the peak of the 2010
Census, about 4,000 field operations supervisors, 40,000 crew leaders,
500,000 enumerators and address listers, and several thousand office
employees are expected to use or access FDCA.
As of October 2007, the contractor was in the process of developing and
testing FDCA software for the Dress Rehearsal Census Day, and had
delivered 1,388 handheld mobile computing devices to be used in address
canvassing for the Dress Rehearsal. Also, key FDCA support
infrastructure had been installed, including the Security Operation
Center. In future contract phases, the project will continue
development, deploy systems and hardware, support census operations,
and perform operational and contract closeout activities.
However, the Bureau revised FDCA‘s original schedule and delayed or
eliminated some of its key functionality from the Dress Rehearsal,
including the automated software distribution system. According to the
Bureau, it revised the schedule because it realized it had
underestimated the costs for the early stages of the contract, and that
it could not meet the contractor‘s estimated level of first-year
funding because the fiscal year 2006 budget was already in place.
According to the Bureau, this initial underestimate led to schedule
changes and overall cost increases. According to the Bureau, FDCA was
meeting all planned milestones on the revised schedule. For example,
all sites for Regional Census Centers and Puerto Rico Area Offices had
been identified. According to the Bureau, it is on schedule to open all
these offices in January 2008.
The project life-cycle costs had increased. At contract award in March
2006, the total cost of FDCA was estimated not to exceed $596 million.
In May 2007, the life-cycle cost rose by a further $23 million because
of increasing system requirements, which resulted in an estimated life-
cycle cost of about $647 million. Table 2 shows the life-cycle cost
estimates for FDCA as of October 2007.
Table 2: FDCA Life-Cycle Cost Estimates:
Execution period: Baseline planning period;
Start date: March 31, 2006;
End date: June 30, 2006;
Cost estimates (in millions) September 2006: $11;
Cost estimates (in millions) May 2007: $11.
Execution period: Execution Period 1;
Start date: July 1, 2006;
End date: December 31, 2008;
Cost estimates (in millions) September 2006: $200;
Cost estimates (in millions) May 2007: $225.
Execution period: Execution Period 2;
Start date: January 1, 2009;
End date: September 30, 2011;
Cost estimates (in millions) September 2006: $319;
Cost estimates (in millions) May 2007: $318.
Execution period: Execution Period 3;
Start date: August 1, 2010;
End date: End of contract;
Cost estimates (in millions) September 2006: $10;
Cost estimates (in millions) May 2007: $10.
Execution period: Leased equipment;
Start date: N/A;
End date: N/A;
Cost estimates (in millions) September 2006: $12;
Cost estimates (in millions) May 2007: $12.
Execution period: Management reserve;
Start date: N/A;
End date: N/A;
Cost estimates (in millions) September 2006: $7;
Cost estimates (in millions) May 2007: $5.
Execution period: Award fee;
Start date: N/A;
End date: N/A;
Cost estimates (in millions) September 2006: $65;
Cost estimates (in millions) May 2007: $65.
Execution period: Total;
Cost estimates (in millions) September 2006: $624;
Cost estimates (in millions) May 2007: $647.
Source: GAO analysis of Census Bureau data.
Note: Total may not add due to rounding.
[End of table]
In addition, FDCA had already experienced $6 million in cost overruns,
and both our analysis and the contractor‘s analysis expected FDCA to
experience additional cost overruns. Based on our analysis of cost
performance reports (from July 2006 to May 2007), we projected that the
FDCA project will experience further cost overruns by December 2008.
The FDCA cost overrun was estimated between $15 million and $19
million, with the most likely overrun to be about $18 million. The
contractor, in contrast, estimated about a $6 million overrun by
December 2008.
According to the contractor, the major cause of projected cost overruns
was the system requirements definition process. For example, in
December 2006, the contractor noted a significant increase in the
requirements for the Dress Rehearsal Paper Based Operations in
Execution Period 1. According to the cost performance reports, this
increase has meant that more work must be conducted and more staffing
assigned to meet the Dress Rehearsal schedule.
The Bureau agreed that cost increases occurred in some cases because of
the addition of new requirements, most of which related to the security
of IT systems, but added that in other cases, increases occurred from
the process of the contractor converting high-level functional
requirements into more detailed specific requirements. However, the
process of developing detailed requirements from high-level functional
requirements does not inevitably lead to cost increases if the
functional requirements were initially well-defined.
The FDCA schedule changes have increased the likelihood that the
systems testing at the Dress Rehearsal will not be as comprehensive as
planned. The inability to perform comprehensive operational testing of
all interrelated systems increases the risk that further cost overruns
will occur and that decennial systems will experience performance
shortfalls.
After a Schedule Revision, DRIS Was Delivering Reduced Functionality at
Projected Cost:
DRIS is to provide a system for collecting and integrating census
responses, standardizing the response data, and providing it to other
systems for analysis and processing. The DRIS functionality is critical
for providing assistance to the public via telephone and for monitoring
the quality and status of data capture operations.
Although DRIS was currently on schedule to meet its December 2007
milestone, the Bureau revised the original DRIS schedule after the
contract was awarded in October 2005. Under the revised schedule, the
Bureau delayed or eliminated some functionality that was expected to be
ready for the Dress Rehearsal mock Census Day.
According to Bureau officials, they delayed the schedule and eliminated
functionality for DRIS when they realized they had underestimated the
fiscal years 2006 through 2008 costs for development. As shown in table
3, the government‘s funding estimates for DRIS Phase I were
significantly lower than the contractor‘s.
Table 3: DRIS Cost Estimates for Phase I (as of March 2006):
Fiscal year: 2006;
Cost estimates (in millions) Contractor: $18.6;
Cost estimates (in millions) Government: $11.2.
Fiscal year: 2007;
Cost estimates (in millions) Contractor: $53.3;
Cost estimates (in millions) Government: $23.8.
Fiscal year: 2008;
Cost estimates (in millions) Contractor: $48.7;
Cost estimates (in millions) Government: $31.5.
Fiscal Year: Total;
Cost estimates (in millions) Contractor: $120.6;
Cost estimates (in millions) Government: $66.5.
Source: GAO analysis of Census Bureau data.
[End of table]
Originally, the DRIS solution was to include paper, telephone,
Internet, and field data collection processing; selection of data
capture sites; and preparation and processing of 2010 Census forms.
However, the Bureau reduced the scope of the solution by eliminating
the Internet functionality. In addition, the Bureau has stated that it
will not have a robust telephone questionnaire assistance system in
place for the Dress Rehearsal. As of October 2007, the Bureau was also
delaying selecting sites for data capture centers, preparing data
capture facilities, and recruiting and hiring data capture staff.
Although Bureau officials told us that the revisions to the schedule
should not affect meeting milestones for the 2010 Census, the delays
mean that more systems development and testing will need to be
accomplished later. Given the immovable deadline of the decennial
census, the Bureau is at risk of reducing functionality or increasing
costs to meet its schedule.
The DRIS project was not experiencing cost overruns, and our analysis
of cost performance reports from April 2006 to May 2007 projected no
cost overruns by December 2008. As of May 2007, the DRIS contract value
had not increased.
DADS II Contract Had Recently Been Awarded after a Delay:
The DADS II acquisition is to replace the legacy DADS systems, which
tabulate and publicly disseminate data from the decennial census and
other Bureau surveys. [Footnote 9] The DADS II contractor is also
expected to provide comprehensive support to the Census 2000 legacy
DADS systems.
The DADS II contract award date had been delayed multiple times. The
award date was originally planned for the fourth quarter of 2005, but
the date changed to August 2006. On March 8, 2006, the Bureau estimated
it would delay the award of the DADS II contract from August to October
2006 to gain a clearer sense of budget priorities before initiating the
request for proposal process. The Bureau then delayed the contract
award again by about another year. In January 2007, the Bureau released
the DADS II request for proposal, and the contract was finally awarded
in September 2007. Because of these delays, DADS II will not be
developed in time for the Dress Rehearsal. Instead, the Bureau will use
the legacy DADS system for tabulation during the Dress Rehearsal.
Nonetheless, the Bureau plans to have the DADS II system available for
the 2010 Census.
The Bureau Was Making Progress in Risk Management Activities but
Critical Weaknesses Remained:
The project teams varied in the extent to which they followed
disciplined risk management practices. For example, three of the four
project teams had developed strategies to identify the scope of the
risk management effort. However, three project teams had weaknesses in
identifying risks, establishing adequate mitigation plans, and
reporting risk status to executive-level officials. These weaknesses in
completing key risk management activities can be attributed in part to
the absence of Bureau policies for managing major acquisitions, as we
described in an earlier report. [Footnote 10] Without effective risk
management practices, the likelihood of project success is decreased.
According to the Software Engineering Institute (SEI), the purpose of
risk management is to identify potential problems before they occur.
When problems are identified, risk-handling activities can be planned
and invoked as needed across the life of a project in order to mitigate
adverse impacts on objectives. Effective risk management involves early
and aggressive risk identification through the collaboration and
involvement of relevant stakeholders. Based on SEI‘s Capability
Maturity Model® Integration (CMMI®), risk management activities can be
divided into four key areas:
* preparing for risk management;
* identifying and analyzing risks;
* mitigating risks, and:
* executive oversight.
The discipline of risk management is important to help ensure that
projects are delivered on time, within budget, and with the promised
functionality. It is especially important for the 2010 Census, given
the immovable deadline.
Project Teams Had Usually Established Risk Preparation Activities, but
Some Improvements in These Activities Were Needed:
Risk preparation involves establishing and maintaining a strategy for
identifying, analyzing, and mitigating risks. The risk management
strategy addresses the specific actions and management approach used to
perform and control the risk management program. It also includes
identifying and involving relevant stakeholders in the risk management
process. Table 4 shows the status of the four project teams‘
implementation of key risk preparation activities as of October 2007.
[Footnote 11]
Table 4: Risk Management Preparation Activities Completed for the Key
2010 Census Systems:
Specific practices: Determine risk sources and categories;
MTAIP: practice not implemented;
FDCA: practice fully implemented;
DRIS: practice fully implemented;
DADS: practice fully implemented.
Specific practices: Define parameters used to analyze and categorize
risks and parameters used to control risk management efforts;
MTAIP: practice fully implemented;
FDCA: practice fully implemented;
DRIS: practice fully implemented;
DADS: practice fully implemented.
Specific practices: Establish and maintain the strategy to be used for
risk management;
MTAIP: practice partially implemented;
FDCA: practice fully implemented;
DRIS: practice fully implemented;
DADS: practice fully implemented.
Specific practices: Identify and involve the relevant stakeholders of
the risk management process as planned;
MTAIP: practice partially implemented;
FDCA: practice partially implemented;
DRIS: practice fully implemented;
DADS: practice partially implemented.
Source: GAO analysis of project data.
[End of table]
As the table shows, three project teams had established most of the
risk management preparation activities. However, the MTAIP project team
had implemented the fewest practices. The team did not adequately
determine risk sources and categories or adequately develop a strategy
for risk management. As a result, the project‘s risk management
strategy was not comprehensive and did not fully address the scope of
the risk management effort, including discussing techniques for risk
mitigation and defining adequate risk sources and categories. In
addition, three project teams (MTAIP, FDCA, and DADS II) had weaknesses
regarding stakeholder involvement. The three teams did not provide
sufficient evidence that the relevant stakeholders were involved in
risk identification, analysis, and mitigation activities; reviewing the
risk management strategy and risk mitigation plans; or communicating
and reporting risk management status.
These weaknesses can be attributed in part to the absence of Bureau
policies for managing major acquisitions, as we described in our
earlier reports. [Footnote 12] Without adequate preparation for risk
management, including establishing an effective risk management
strategy and identifying and involving relevant stakeholders, project
teams cannot properly control the risk management process.
The Project Teams Had Identified and Analyzed Risks but Not All Key
Risks Were Identified:
Risks must be identified and described in an understandable way before
they can be analyzed and managed properly. This includes identifying
risks from both internal and external sources and evaluating each risk
to determine its likelihood and consequences. Table 5 shows the status
of the four project teams‘ implementation of key risk identification
and evaluation activities at the time of our October 2007 report.
Table 5: Risk Identification and Evaluation Activities Completed for
the Key 2010 Census Systems:
Specific practices: Identify and document the risks;
MTAIP: practice fully implemented;
FDCA: practice partially implemented;
DRIS: practice fully implemented;
DADS: practice partially implemented.
Specific practices: Evaluate and categorize each identified risk using
the defined risk categories and parameters, and determine its relative
priority;
MTAIP: practice partially implemented;
FDCA: practice fully implemented;
DRIS: practice fully implemented;
DADS: practice fully implemented.
Source: GAO analysis of project data.
[End of table]
As of July 2007, the MTAIP and DRIS project teams were adequately
identifying and documenting risks, including system interface risks.
For example, the MTAIP project team identified significant risks
regarding potential changes in funding and the turnover of contractor
personnel as the program nears maturity, and the DRIS project team
identified significant risks regarding new system security regulations,
changes or increases to Phase II baseline requirements, and new
interfaces after Dress Rehearsal.
In contrast, the FDCA project team had not identified or documented any
significant risks related to the handheld computers that will be used
in the 2010 Census, despite problems arising during the Dress
Rehearsal. The computers are designed to automate operations for field
staff and eliminate the need to print millions of paper questionnaires
and maps used by temporary field staff to conduct address canvassing
and nonresponse follow-up. Automating operations may allow the Bureau
to reduce the cost of operations; thus, it is critical that the risks
surrounding the use of the handheld computers be closely monitored and
effectively managed to ensure their success. However, the Bureau has
not identified or documented risks associated with a variety of
handheld computers performance problems that we identified through
field work conducted at your request. Specifically, we found that
during Dress Rehearsal activities between May 2007 and June 2007, as
the Bureau tested a prototype of the handheld computers, field staff
experienced multiple problems. For example, the field staff told us
that they experienced slow and inconsistent data transmissions from the
handheld computers to the central data processing center. The field
staff reported the device was slow to process addresses that were a
part of a large assignment area. Bureau staff reported similar problems
with the handheld computers in observation reports, help desk calls,
and debriefing reports. In addition, our own analysis of Bureau
documentation revealed problems with the handheld computers:
* Bureau observation reports revealed that the Bureau most frequently
observed problems with slow processing of addresses, large assignment
areas, and transmission.
* The help desk call log revealed that field staff most frequently
reported issues with transmission, the device freezing, map spotting
and assignment areas.
* Debriefing reports illustrated the impact of the handheld mobile
computing problems on address canvassing. For example, one participant
commented that the field staff struggled to find solutions to problems
and wasted precious time in replacing the devices.
* A time-and-motion study conducted by the Census Bureau indicated that
field staff reported significant downtime in two test locations”about
23 percent in one location and about 27 percent in another location.
The study, which is a draft that is subject to change, also described
occurrences of failed transmissions and field staff attempts to resolve
transmission problems.
Collectively, the observation reports, help desk calls, debriefing
reports, and time-and-motion study raised serious questions about the
performance of the handheld computers during the address canvassing
operation. According to the Bureau, the contractor has used these
indicators to identify and address underlying problems during the Dress
Rehearsal. Still, the magnitude of handheld computers performance
issues throughout the Dress Rehearsal remains unclear. For example, the
Bureau received analyses from the contractor on average transmission
times. However, the contractor has not provided analyses that show the
full range of transmission times, nor how this may have changed
throughout the entire operation.
In addition, the Bureau has not fully specified how it will measure
performance of the handheld computers, even though the FDCA contract
anticipates the Bureau‘s need for data on the performance of the
handheld computers. The FDCA contract outlines the type of data the
contractor will provide the Bureau on the performance of the handheld
computers. Specifically, sections of the FDCA contract require the
handheld computers to have a transmission log with what was
transmitted, the date, time, user, destination, content/data type, and
the outcome status. Another section of the Bureau‘s FDCA contract
states that the FDCA contractor shall provide near real time reporting
and monitoring of performance metrics and a ’control panel/dash board“
application to visually report those metrics from any Internet enabled
PC. However, the contractor and the Bureau are not using a dashboard
for Dress Rehearsal activities. Rather, during the Dress Rehearsal, the
Bureau plans to identify what data and performance they would need for
tracking the performance of the handheld computers in 2010 operations.
In order for the Bureau to ensure that the FDCA handheld computers are
ready for full scale operations, it will have to identify risks on a
tight time frame. We recommended in a report on the Bureau‘s earlier
version of the handheld computers that the Bureau define specific,
measurable performance requirements for the handheld computer and other
census-taking activities that address such important measures as
productivity, cost savings, reliability, durability, and that the
Bureau test the device‘s ability to meet those requirements in 2006.
[Footnote 13] We also recommended in a March 2006 testimony that the
Bureau validate and approve FDCA baseline requirements. [Footnote 14]
The Bureau is working within a compressed time frame. By law, the
decennial census must occur on April 1, 2010, and the results must be
submitted to the President in December 2010. These dates cannot be
altered, even if preparations are delayed. Access to real-time
performance metrics via a ’control panel/dash board“ would assist
Bureau management in assessing the handheld computer‘s performance and
maximize the amount of time the Bureau and the contractor would have to
remedy any problems identified during operations. Further, the Bureau‘s
tight 2010 Decennial Operations Schedule allows little time for fixing
problems with the device, raising the importance of the Bureau‘s access
to these performance indicators. Such data would help fully inform
stakeholders of the risks associated with the handheld computer, and
allow project teams to develop mitigation activities to help avoid,
reduce, and control the probability of these risks occurring.
Finally, the FDCA and DADSII project teams did not provide evidence
that specific system interface risks are being adequately identified to
ensure that risk handling activities will be invoked should the systems
fail during 2010 Census. For example, although the DADS II will not be
available for the Dress Rehearsal, the project team did not identify
any significant interface risks associated with this system.
One reason for these weaknesses, as mentioned earlier, is the lack of
Bureau policies for managing major acquisitions. If risks are not
adequately identified and analyzed, management may be prevented from
monitoring and tracking risks, and taking the appropriate mitigation
actions, increasing the probability that the risks will materialize and
magnifying the extent of damage incurred in such an event.
Three of Four Project Teams‘ Risk Mitigation Plans and Monitoring
Activities Were Incomplete:
Risk mitigation involves developing alternative courses of action,
workarounds, and fallback positions, with a recommended course of
action for the most important risks to the project. Mitigation includes
techniques and methods used to avoid, reduce, and control the
probability of occurrence of the risk; the extent of damage incurred
should the risk occur; or both. Table 6 shows the status of the four
project teams‘ implementation of key risk mitigation activities.
Table 6: Risk Mitigation Activities Completed for Key 2010 Census
Systems:
Specific practices: Develop a risk mitigation plan for the most
important risks to the project, as defined by the risk management
strategy;
MTAIP: practice partially implemented;
FDCA: practice partially implemented;
DRIS: practice fully implemented;
DADS: practice not implemented.
Specific practices: Monitor the status of each risk periodically and
implement the risk mitigation plan as appropriate;
MTAIP: practice partially implemented;
FDCA: practice partially implemented;
DRIS: practice fully implemented;
DADS: practice partially implemented.
Source: GAO analysis of project data.
[End of table]
Three project teams (MTAIP, FDCA, and DADS II) had developed mitigation
plans that were often untimely or included incomplete activities and
milestones for addressing the risks. Some of these untimely and
incomplete activities and milestones included the following:
* The FDCA project team had developed mitigation plans for the most
significant risks, but the plans did not always identify milestones for
implementing mitigation activities. Moreover, the plans did not
identify any commitment of resources, several did not establish a
period of performance, and the team did not always update the plans
with the latest information on the status of the risk. In addition, the
FDCA project team did not provide evidence of developing mitigation
plans to handle the other significant risks as described in their risk
mitigation strategy. (These risks included a lack of consistency in
requirements definition and insufficient FDCA project office staffing
levels).
* The mitigation plans for DADS II were incomplete, with no associated
future milestones and no evidence of continual progress in working
towards mitigating a risk. In several instances, DADS II mitigation
plans were listed as ’To Be Determined.“
With regard to the second practice in the table (periodically
monitoring risk status and implementing mitigation plans), the MTAIP,
FDCA, and DADS II project teams were not always implementing the
mitigation plans as appropriate. For example, although the MTAIP
project team has periodically monitored the status of risks, it
mitigation plans do not include detailed action items with start dates
and anticipated completion dates; thus, the plans do not ensure that
mitigation activities are implemented appropriately and tracked to
closure. The FDCA and DADS II project teams did not identify system
interface risks nor prepare adequate mitigation plans to ensure that
systems will operate as intended. Because they did not develop complete
mitigation plans, the MTAIP, FDCA, and DADS II project teams cannot
ensure that for a given risk, techniques and methods will be invoked to
avoid, reduce, and control the probability of occurrence.
Project Teams Were Inconsistent in Reporting Risk Status to Executive-
Level Management:
Reviews of the project teams‘ risk management activities, status, and
results should be held on a periodic and event-driven basis. The
reviews should include appropriate levels of management, such as key
Bureau executives, who can provide visibility into the potential for
project risk exposure and appropriate corrective actions. Table 7 shows
the status of the four project teams‘ implementation of activities for
senior-level risk oversight at the time of our prior report.
Table 7: Executive-Level Risk Oversight Activities Completed for the
Key 2010 Decennial Systems:
Specific practices: Review the activities, status, and results of the
risk management process with executive-level management, and resolve
issues;
MTAIP: practice not implemented;
FDCA: practice not implemented;
DRIS: practice fully implemented;
DADS: practice fully implemented.
Source: GAO analysis of project data.
[End of table]
The project teams were inconsistent in reporting the status of risks to
executive-level officials. DRIS and DADS II did regularly report risks;
however, the FDCA and MTAIP projects did not provide sufficient
evidence to document that these discussions occurred or what they
covered. Failure to report a project‘s risks to executive-level
officials reduces the visibility of risks to executives who should be
playing a role in mitigating them.
Implementation of GAO Recommendations Should Help Improve the Bureau‘s
Risk Management:
To help ensure that the Bureau‘s four key acquisitions for the 2010
Census operate as intended, we made several recommendations in our
report. First, to ensure that the Bureau‘s decennial systems are fully
tested, we recommended that the Secretary of Commerce require the
Director of the Census Bureau to direct the Decennial Management
Division and Geography Division to plan for and perform end-to-end
testing so that the full complement of systems are tested in a census-
like environment.
In written comments on a draft of our final report, the department
disagreed with our findings that a full complement of systems would not
be tested, stating it plans to do so during the Dress Rehearsal or
later. Nonetheless, the Bureau‘s test plans have not been finalized,
and it remains unclear whether testing will address all interrelated
systems and functionality in a census-like environment, as would be
provided by end-to-end testing. Consistent with our recommendation
following up with documented test plans to do end-to-end testing will
help ensure that decennial systems will work as intended.
Further, we recommended that the Secretary direct the Director of the
Census Bureau to ensure that project teams strengthen risk management
activities associated with risk identification, mitigation, and
oversight. The department agreed to examine additional ways to manage
risks and is working on an action plan to strengthen risk management
activities.
In summary, the IT acquisitions planned for 2010 Census will require
continued oversight to ensure that they are achieved on schedule and at
planned cost levels. Although, as of October 2007, the MTAIP and DRIS
acquisitions were currently meeting cost estimates, FDCA was not. In
addition, while the Bureau was making progress developing systems for
the Dress Rehearsal, it was deferring certain functionality, with the
result that the Dress Rehearsal operational testing would address less
than a full complement of systems. Delaying functionality increases the
importance of later development and testing activities, which will have
to occur closer to the census date. It also raises the risk of cost
increases, given the immovable deadline for conducting the 2010 Census.
Further, the Bureau‘s project teams for each of the four acquisitions
had implemented many practices associated with establishing sound and
capable risk management processes, but they were not always consistent:
the teams had not always identified risks, developed complete risk
mitigation plans, or briefed senior-level officials on risks and
mitigation plans. At this stage, we are particularly concerned about
managing the risks associated with the handheld mobile computing
devices, the numerous systems interfaces, and the remaining systems
testing. Regarding the handheld mobile computing devices, it is
critical that performance of these devices is clearly specified,
measured, and that deficiencies in performance is effectively
addressed. Until the project teams and the Decennial Management
Division implement appropriate risk management activities, they face an
increased probability that decennial systems will not be delivered on
schedule and within budget or perform as expected.
Mr. Chairman and members of the subcommittee, this concludes our
statement. We would be happy to respond to any questions that you or
members of the subcommittee may have at this time.
If you have any questions on matters discussed in this testimony,
please contact David A. Powner at (202) 512-9286 or Mathew Scirè at
(202) 512-6806 or by e-mail at pownerd@gao.gov or sciremj@gao.gov.
Other key contributors to this testimony include Mathew Bader, Thomas
Beall, Jeffrey DeMarco, Richard Hung, Barbara Lancaster, Andrea Levine,
Signora May, Cynthia Scott, Niti Tandon, Amos Tevelow, Jonathan
Ticehurst, and Timothy Wexler.
[End of section]
Appendix I: Key 2010 Census Information Technology Acquisitions:
IT acquisition: MAF/TIGER Accuracy Improvement Project (MTAIP);
Contractor: Harris Corporation;
Purpose: Modernize the system that provides the address list, maps, and
other geographic support services for the Census and other Bureau
surveys;
Contract type: Cost plus award fee;
Contract award: June 2002.
IT acquisition: Field Data Collection Automation (FDCA);
Contractor: Harris Corporation;
Purpose: Provide automated resources for supporting field data
collection, including the provision of handheld mobile computing
devices to collect data in the field, including address and map data;
Contract type: Cost plus award fee with some firm fixed price elements;
Contract award: March 2006.
IT acquisition: Decennial Response Integration System (DRIS);
Contractor: Lockheed Martin Corporation;
Purpose: Provide a solution for data capture and respondent assistance;
Contract type: Cost plus award fee with some firm fixed price elements;
Contract award: October 2005.
IT acquisition: Data Access and Dissemination System (DADS II);
Contractor: IBM;
Purpose: Develop a replacement for the DADS legacy tabulation and
dissemination systems;
Contract type: To be determined;
Contract award: September 2007.
Source: GAO analysis of Census Bureau data.
[End of table]
[End of section]
Footnotes:
[1] 13 U.S.C. 141 (a) and (b).
[2] Since issuance of our report in October 2007, the Bureau has
tentatively moved the mock Census Day from April 1, 2008 to May 1,
2008.
[3] GAO, Information Technology: Census Bureau Needs to Improve Its
Risk Management of Decennial Systems, GAO-08-79 (Washington, D.C.: Oct.
5, 2007).
[4] Address canvassing is a field operation to build a complete and
accurate address list. In this operation, census field workers go door
to door verifying and correcting addresses for all households and
street features contained on decennial maps.
[5] End-to-end testing is a form of operational testing that is
performed to verify that a defined set of interrelated systems that
collectively support an organizational core business function
interoperate as intended in an operational environment. The
interrelated systems include not only those owned and managed by the
organization, but also the external systems with which they interface.
[6] GAO, Census Bureau: Important Activities for Improving Management
of Key 2010 Decennial Acquisitions Remain to be Done, GAO-06-444T
(Washington, D.C.: Mar. 1, 2006).
[7] TIGER is a registered trademark of the U.S. Census Bureau.
[8] Handheld mobile computing devices will be used to update the
Bureau‘s address list, to perform follow-up at addresses for which no
questionnaire was returned, and to perform activities to measure census
coverage.
[9] The DADS II contract was originally planned to establish a new Web-
based system that would serve as a single point for public access to
all census data and integrate many dissemination functions currently
spread across multiple Bureau organizations.
[10] GAO-06-444T.
[11] This analysis primarily addresses project teams‘ implementation of
risk management processes. According to our analysis, the contractors
for the three contracts awarded (MTAIP, FDCA, and DRIS) had implemented
adequate risk management processes involving risk preparation, risk
identification and analysis, and risk mitigation.
[12] GAO, Information Technology Management: Census Bureau Has
Implemented Many Key Practices, but Additional Actions Are Needed, GAO-
05-661 (Washington, D.C.: June 16, 2005) and GAO, Census Bureau:
Important Activities for Improving Management of Key 2010 Decennial
Acquisitions Remain to be Done, GAO-06-444T (Washington, D.C.: Mar. 1,
2006).
[13] GAO, 2010 Census: Basic Design Has Potential, but Remaining
Challenges Need Prompt Resolution, GAO-05-9 (Washington, D.C.:
January12, 2005).
[14] GAO-06-444T.
[End of section]
GAO's Mission:
The Government Accountability Office, the audit, evaluation and
investigative arm of Congress, exists to support Congress in meeting
its constitutional responsibilities and to help improve the performance
and accountability of the federal government for the American people.
GAO examines the use of public funds; evaluates federal programs and
policies; and provides analyses, recommendations, and other assistance
to help Congress make informed oversight, policy, and funding
decisions. GAO's commitment to good government is reflected in its core
values of accountability, integrity, and reliability.
Obtaining Copies of GAO Reports and Testimony:
The fastest and easiest way to obtain copies of GAO documents at no
cost is through GAO's Web site [hyperlink, http://www.gao.gov]. Each
weekday,
GAO posts newly released reports, testimony, and correspondence on its
Web site.
To have GAO e-mail you a list of newly posted products every afternoon,
go to [hyperlink, http://www.gao.gov] and select "Subscribe to
Updates."
Order by Mail or Phone:
The first copy of each printed report is free. Additional copies are $2
each. A check or money order should be made out to the Superintendent
of Documents. GAO also accepts VISA and Mastercard. Orders for 100 or
more copies mailed to a single address are discounted 25 percent.
Orders should be sent to:
U.S. Government Accountability Office:
441 G Street NW, Room LM:
Washington, D.C. 20548:
To order by Phone:
Voice: (202) 512-6000:
TDD: (202) 512-2537:
Fax: (202) 512-6061:
To Report Fraud, Waste, and Abuse in Federal Programs:
Contact:
Web site: [hyperlink, http://www.gao.gov/fraudnet/fraudnet.htm]:
E-mail: fraudnet@gao.gov:
Automated answering system: (800) 424-5454 or (202) 512-7470:
Congressional Relations:
Gloria Jarmon, Managing Director, JarmonG@gao.gov:
(202) 512-4400:
U.S. Government Accountability Office:
441 G Street NW, Room 7125:
Washington, D.C. 20548:
Public Affairs:
Chuck Young, Managing Director, youngc1@gao.gov:
(202) 512-4800:
U.S. Government Accountability Office:
441 G Street NW, Room 7149:
Washington, D.C. 20548:
