Skip to main content

DOD Business Systems Modernization: Important Progress Made to Develop Business Enterprise Architecture, but Much Work Remains

GAO-03-1018 Published: Sep 19, 2003. Publicly Released: Sep 19, 2003.
Jump To:
Skip to Highlights

Highlights

The National Defense Authorization Act for Fiscal Year 2003 directed the Department of Defense (DOD) to develop an enterprise architecture and a transition plan that meets certain requirements. The act also directed DOD to have a process for controlling its system investments. As required by the act, GAO assessed DOD's actions to comply with the act's requirements and recently issued a report to congressional defense committees. This report provides further details of GAO's assessment results regarding (1) the extent to which DOD's actions complied with the requirements of the act and (2) DOD's plans for further development and implementation of its architecture.

Recommendations

Recommendations for Executive Action

Agency Affected Recommendation Status
Department of Defense The Secretary of Defense or his appropriate designee should define and implement an effective investment management process to proactively identify, control, and obtain DOD Comptroller review and approval of expenditures for new and ongoing business system investments exceeding $1 million while the architecture is being developed and after it is completed, and which includes clearly defined domain owners' roles and responsibilities for selecting and controlling ongoing and planned system investments.
Closed – Implemented
In response to the fiscal year 2005 defense authorization act, on June 2, 2005, the Under Secretary of Defense for Acquisition, Technology, and Logistics set forth guidance that is to be used in reviewing all business system investments at least annually and for certifying business system modernizations over $1 million, as required by the Fiscal Year 2005 National Defense Authorization Act. In its March 15, 2006, report to congressional defense committees, the department reported that the DBSMC had certified a total of 226 systems, which represents about $3.6 billion in modernization funding.
Department of Defense The Secretary of Defense or his appropriate designee should implement the core elements in our EA Framework for Assessing and Improving Enterprise Architecture Management that we identify in this report as not satisfied, including ensuring that minutes of the executive body charged with directing, overseeing, and approving the architecture are prepared and maintained.
Closed – Implemented
The Business Transformation Agency (BTA) has laregely addressed the 31 core elements in our Enterprise Architecture Management Maturity Framework in its corporate business enterprise architecture (BEA), which is the intended focus of the recommendation. For example, the BTA has established a chief architect that is responsible for developing and maintaining the corporate BEA, and the version 4.1 of the BEA largely provides a depiction of both the "As is" and "To Be" environments in terms of business performance, information/data, application/service, technology, and security.
Department of Defense The Secretary of Defense or his appropriate designee should update version 1.0 of the architecture to include the 340 Joint Financial Management Improvement Program requirements that our report identified as omitted or not fully addressed.
Closed – Implemented
The Department of Defense (DOD) developed an initial business enterprise architecture in April 2003. This version of the architecture omitted many relevant requirements. Requirements are one of the key bases for determining the scope and content for enterprise architectures. Based on GAO's recommendation, DOD subsequently added or modified the 340 requirements in the updated architecture products. By updating the architecture to include these requirements, DOD has increased the opportunity to make better informed decisions in planning and implementing its business system improvement projects.
Department of Defense The Secretary of Defense or his appropriate designee should update version 1.0 of the architecture to include the 29 key elements governing the "As Is" architectural content that our report identified as not being fully satisfied.
Closed – Implemented
The Business Transformation Agency (BTA) has largely addressed these 29 key elements relative to its corporate BEA, which is the intended focus of the recommendation. For example, version 4.1 of the business enterprise architecture (BEA) contains enterprise-level "As Is" information to support business capability gap analyses. In addition, the architecture includes "As Is" information for five of the six business enterprise priorities and "As Is" information for enterprise systems, such as the Wide-area Workflow system.
Department of Defense The Secretary of Defense or his appropriate designee should update version 1.0 of the BEA to include the 30 key elements governing the "To Be" architectural content that our report identified as not being fully satisfied.
Closed – Implemented
The Business Transformation Agency (BTA) has largely addressed these 30 key elements relative to its corporate business enterprise architecture (BEA), which is the intended focus of the recommendation. For example, version 4.1 of the BEA identifies activities performed at each location/organization and indicates which organization(s) are or will be involved in each activity. Furthermore, it includes common business rules (e.g., "each request for commercial export of DOD technology must be processed with 30 days upon receipt of request from the Department of State or the Department of Commerce") to facilitate consistent implementation of the architecture.
Department of Defense The Secretary of Defense or his appropriate designee should update version 1.0 to ensure that "To Be" architecture artifacts are internally consistent, to include addressing the inconsistencies described in this report, as well as including user instructions or guidance for easier architecture navigation and use.
Closed – Implemented
Version 3.1 of the architecture provides significant improvements with regard to navigation and use and addresses the internal consistency of the architecture artifacts that we previously described.
Department of Defense The Secretary of Defense or his appropriate designee should update version 1.0 of the architecture to include (1) the three key elements governing the transition plan content that our report identified as not being fully satisfied and (2) those system investments that will not become part of the "To Be" architecture, including time frames for phasing out those systems.
Closed – Implemented
The Business Transformation Agency (BTA) has largely addressed this recommendation for its corporate or enterprise transition plan, which is the intended focus of the recommendation. For example, the latest version of the transition plan now documents how business enterprise architecture (BEA) elements (e.g., specific business capability improvements) provide solutions to significant DOD issues or business capability gaps (e.g., mission needs, material weaknesses). It also provides performance information of DOD transformation at both the enterprise level and component level, including performance metrics and milestones.
Department of Defense The Secretary of Defense or his appropriate designee should update version 1.0 of the architecture to address comments made by the verification and validation contractor.
Closed – Implemented
The verification and validation contractor reports that all of these comments on versions 3.0 and prior versions have been addressed.
Department of Defense The Secretary of Defense or his appropriate designee should develop a well-defined near-term plan for extending and evolving the architecture and ensure that this plan includes addressing our recommendations, defining roles and responsibilities of all stakeholders involved in extending and evolving the architecture, explaining dependencies among planned activities, and defining measures of activity progress.
Closed – Implemented
The Business Transformation Agency (BTA) has developed several documents that are intended to address this recommendation. For example, it has developed the Business Transformation Guidance, which describes the high-level process by which incremental improvements are identified and eventually incorporated into the business enterprise architecture (BEA). In addition, BTA officials told us that they are developing a BEA Concept of Operations, which is to describe high-level milestones required to address the BEA's use, such as investment management, strategic decision making, oversight, system implementation, software development, and business case development. However, the department has yet to develop an architecture program management plan that we have recommended. This recommendation was subsumed by a later GAO recommendation in GAO-06-658. A number of steps were taken to address the recommendtaion from GAO-06-658. For example, an architecture program management plan was developed and implemented. In addition, DOD has employed an incremental approach to add more scope and content to the Business Enterprise Architecture (BEA) on an annual basis. To accomplish this, the department has taken several actions that are consistent with the intent of our recommendation. For example, it has developed the Business Transformation Guidance, which describes the high-level process by which incremental improvements are identified and eventually incorporated into the BEA. Also, in March 2010, the department updated its BEA-related guidance to, among other things, provide criteria for determining systems' architectural compliance with the BEA. In addition, it issued a BEA development methodology, which provides for developing an integrated schedule with time frames and resource needs for each increment of the BEA. Furthermore, the department's annual report, which draws from and references the enterprise transition plan, is submitted annually to defense congressional committees and describes the business capability improvements that are planned for the development/modernization programs contained in the BEA. For example, the report addresses key program development milestones and performance metrics relative to each business enterprise priority segment of the architecture. As a result of these collective actions, we consider this recommendation to be largely implemented.
Department of Defense The Secretary of Defense or his appropriate designee should limit the pilot projects to small, low-cost, low-risk prototype investments that are intended to provide knowledge needed to extend and evolve the architecture, and are not to acquire and implement production version system solutions or to deploy an operational system capability.
Closed – Implemented
Since we made this recommendation in 2003, DOD's architecture approach has evolved and as a result the intent of our recommendation was resolved because it was overcome by events. However, we have ongoing work ad have issued more recent recommendations associated with their current approach. For example, in May 2014 (GAO-14-486) we issued three recommendations to the department to improve the deparment's business systems investment management process and business enterprise architecture. In May 2013 (GAO-13-557) we recommended that, to effectively implement key components of DOD's business systems modernization program, the Secretary of Defense should direct the Deputy Chief Management Officer to define by when and how the department plans to develop an architecture that would extend to all defense components and include, among other things, (a) information about the specific business systems that support business enterprise architecture (BEA) business activities and related system functions; (b) business capabilities for the Hire-to-Retire and Procure-to-Pay business processes; and (c) sufficient information about business activities to allow for more effective identification of potential overlap and duplication. In June 2012 (GAO-12-685) we recommended that the Secretary of Defense ensure that the Deputy Secretary of Defense, as the department's Chief Management Officer, establish a policy that clarifies the roles, responsibilities, and relationships among the Chief Management Officer, Deputy Chief Management Officer, DOD and military department Chief Information Officers, Principal Staff Assistants, military department Chief Management Officers, and the heads of the military departments and defense agencies, associated with the development of a federated BEA. In addition, we are required to report annually on DOD's efforts to address its Business Enterprise Architecture and Business Processing Reegineering as mandated by the FY 2015 NDAA. During this engagement we will follow-up on the status of these recommendations.

Full Report

Office of Public Affairs

Topics

Auditing standardsFinancial analysisFinancial managementFinancial management systemsInformation systemsInternal controlsInvestment planningInvestmentsEnterprise architectureAccounting standards