Skip to main content

Information Technology: Inconsistent Software Acquisition Processes at the Defense Logistics Agency Increase Project Risks

GAO-02-9 Published: Jan 10, 2002. Publicly Released: Jan 10, 2002.
Jump To:
Skip to Highlights

Highlights

The Defense Logistics Agency (DLA) plays a critical role in supporting America's military forces worldwide. DLA relies on software-intensive systems to support its work. An important determinant of the quality of software-intensive systems, and thus DLA's mission performance, is the quality of the processes used to acquire these systems. DLA lacks mature software acquisition processes across the agency, as seen in the wide disparity in the rigor and discipline of processes between the two systems GAO evaluated. DLA also lacks a software process improvement program to effectively strengthen its corporate software acquisition processes.

Recommendations

Recommendations for Executive Action

Agency Affected Recommendation Status
Defense Logistics Agency To reduce the software acquisition risks associated with its two ongoing acquisition projects, the Director of DLA should direct DLA's Chief Information Officer (CIO) to immediately correct each Business Systems Modernization and Fuels Automated System software-acquisition-practice weakness identified in this report.
Closed – Implemented
In commenting on this recommendation, the Deputy Under Secretary of Defense for Logistics and Materiel Readiness stated that his office would require the DLA Director to correct identified weaknesses. According to the DLA Program Executive Officer (PEO) for Information Operations, in August 2002, DLA took actions to implement this recommendation by, for example, updating its IT Acquisition Directive to include a requirement that new IT projects have a written policy for the software portion of solicitations and for requirements development and management plans. In the case of the BSM program, for example, this resulted in the development and implementation of a requirements management plan, which has been instrumental in effectively controlling requirements. Similar steps, according to the PEO, were taken to address the majority of the weaknesses covered in our report.
Defense Logistics Agency To ensure that DLA has in place the necessary process controls to acquire quality software consistently on future acquisition projects, the Director of DLA should issue a policy requiring that (1) DLA software-intensive acquisition projects satisfy all applicable Software Engineering Institute Software Acquisition Capability Maturity Model level-2 key process areas and the level-3 risk management key process area and (2) DLA software contractors have comparable software process maturity levels.
Closed – Implemented
In response to this recommendation, on August 20, 2002, DLA updated its policies, including its IT Acquisition Directive and the "DLA One Book", to require adherence to the Sofware Engineering Institute's Software Acquisition/Capability Maturity Model (SA/CMM) level-2 key process areas and SA/CMM level-3 risk management key process area, and require software contractors to have comparable software process maturity levels.
Defense Logistics Agency To ensure that DLA has in place the necessary process controls to acquire quality software consistently on future acquisition projects, the Director of DLA should direct the CIO to establish and sustain a software process improvement program, including (1) developing and implementing a software process improvement plan that specifies measurable goals and milestones, (2) providing adequate resources to the program, and (3) reporting to the Director every six months on progress against plans.
Closed – Implemented
In response to this recommendation, DLA established a software process improvement (SPI) program that includes a plan specifying measurable goals and milestones and requires the head of the SPI team to report through the DLA CIO to the DLA Director every month on progress against the plan. Additionally, DLA is using the Software Engineering Institute's Contact Information Initiating, Diagnosing, Establishing, Acting & Learning (IDEAL) method as a guide for organizing its SPI program. The SPI plan also requires employees involved in software-intensive acquisitions to be trained in and use Carnegie Mellon University Software Engineering Institute's Capability Maturity Model Integrated (CMMI) -- Continuous Representation.

Full Report

Office of Public Affairs

Topics

Agency missionsSoftwareInformation technologyMilitary forcesPerformance measuresStrategic planningIT acquisitionsAcquisition planningRisk managementProgram management