Business Systems Modernization

DOD Needs to Fully Define Policies and Procedures for Institutionally Managing Investments Gao ID: GAO-07-538 May 11, 2007

In 1995, GAO first designated the Department of Defense's (DOD) business systems modernization program as "high-risk," and continues to do so today. In 2004, Congress passed legislation reflecting prior GAO recommendations for DOD to adopt a corporate approach to information technology (IT) business system investment management. To support GAO's legislative mandate to review DOD's efforts, GAO assessed whether the department's corporate investment management approach comports with relevant federal guidance. In doing so, GAO applied its IT Investment Management framework and associated methodology, focusing on the framework's stages related to the investment management provisions of the Clinger-Cohen Act of 1996.

DOD has established the management structures needed to effectively manage its business system investments, but it has not fully defined many of the related policies and procedures that GAO's IT Investment Management framework defines. Specifically, the department has defined four of nine practices that call for project-level policies and procedures, and one of the five practices that call for portfolio-level policies and procedures. For example, DOD has established an enterprisewide IT investment board responsible for defining and implementing its business system investment governance process, documented policies and procedures for ensuring that systems support ongoing and future business needs, developed procedures for identifying and collecting information about these systems to support investment selection and control, and assigned responsibility to an individual or a group for managing the development and modification of the business system portfolio selection criteria. However, DOD has not fully documented business system investment policies and procedures for directing investment board operations, selecting new investments, reselecting ongoing investments, integrating the investment funding and the investment selection processes, and developing and maintaining a complete business system investment portfolio(s). Regarding project-level investment management practices, DOD officials said that these are performed at the component level, and that departmental policies and procedures established for overseeing components' execution of these practices are sufficient. For portfolio-level practices, however, these officials stated that they intend to improve departmental policies and procedures for business system investments by, for example, establishing a single governance structure, but plans or time frames for doing so have not been established. Until DOD fully defines departmentwide policies and procedures for both individual projects and portfolios of projects, it risks selecting and controlling these business system investments in an inconsistent, incomplete, and ad hoc manner, which in turn reduces the chances that these investments will meet mission needs in the most cost-effective manner.

Recommendations

Our recommendations from this work are listed below with a Contact for more information. Status will change from "In process" to "Open," "Closed - implemented," or "Closed - not implemented" based on our follow up work.

Director: Team: Phone:


The Justia Government Accountability Office site republishes public reports retrieved from the U.S. GAO These reports should not be considered official, and do not necessarily reflect the views of Justia.