DOD Business Systems Modernization:

Important Progress Made to Develop Business Enterprise Architecture, but Much Work Remains

GAO-03-1018: Published: Sep 19, 2003. Publicly Released: Sep 19, 2003.

Additional Materials:

Contact:

McCoy Williams
(202) 512-9505
contact@gao.gov

 

Office of Public Affairs
(202) 512-4800
youngc1@gao.gov

The National Defense Authorization Act for Fiscal Year 2003 directed the Department of Defense (DOD) to develop an enterprise architecture and a transition plan that meets certain requirements. The act also directed DOD to have a process for controlling its system investments. As required by the act, GAO assessed DOD's actions to comply with the act's requirements and recently issued a report to congressional defense committees. This report provides further details of GAO's assessment results regarding (1) the extent to which DOD's actions complied with the requirements of the act and (2) DOD's plans for further development and implementation of its architecture.

DOD has expended tremendous effort and resources and made important progress in complying with the act's requirements aimed at developing and effectively implementing a well-defined business enterprise architecture. Further, DOD's initial version of its architecture provides a foundation from which to build and ultimately produce a well-defined architecture. For example, the "As Is" environment includes an inventory of about 2,300 existing systems and their characteristics that support DOD's current business operations; and the "To Be" environment addresses, to at least some degree, how DOD intends to operate in the future, what information will be needed to support these future operations, and what technology standards should govern the design of future systems. Further, DOD has established some of the architecture management capabilities advocated by best practices and federal guidance, such as having a program office, designating a chief architect, and using an architecture development methodology and automated tool. At the same time, DOD's initial architecture does not yet adequately address the act's requirements and other relevant architectural requirements governing the scope and content. For example, critical federal requirements governing the "To Be" architecture, such as federal accounting requirements for recording revenue, are not included in the initial architecture. Other items not included are descriptions of the current business operations in terms of entities and people who perform the functions, processes, and activities and the locations where these are performed; descriptions of the systems to be developed or acquired to support future business operations; and time frames for phasing out existing systems. Furthermore, DOD has not yet implemented an effective investment management process for selecting and controlling ongoing and planned business system investments. Until it does, DOD remains at risk of spending billions of dollars on duplicative, stove-piped, nonintegrated systems that do not optimize mission performance and accountability and, therefore, do not support the department's business transformation goals. Overall, our findings indicate that DOD has taken positive first steps, but much remains to be accomplished before DOD will have the kind of blueprint and associated investment controls to successfully modernize its business operations and supporting systems. According to program officials and the initial version of the transition plan, DOD intends to extend and evolve the architecture to include the missing scope and detail; however, it has not yet defined specific plans outlining how this will be accomplished.

Recommendations for Executive Action

  1. Status: Closed - Implemented

    Comments: In response to the fiscal year 2005 defense authorization act, on June 2, 2005, the Under Secretary of Defense for Acquisition, Technology, and Logistics set forth guidance that is to be used in reviewing all business system investments at least annually and for certifying business system modernizations over $1 million, as required by the Fiscal Year 2005 National Defense Authorization Act. In its March 15, 2006, report to congressional defense committees, the department reported that the DBSMC had certified a total of 226 systems, which represents about $3.6 billion in modernization funding.

    Recommendation: The Secretary of Defense or his appropriate designee should define and implement an effective investment management process to proactively identify, control, and obtain DOD Comptroller review and approval of expenditures for new and ongoing business system investments exceeding $1 million while the architecture is being developed and after it is completed, and which includes clearly defined domain owners' roles and responsibilities for selecting and controlling ongoing and planned system investments.

    Agency Affected: Department of Defense

  2. Status: Closed - Implemented

    Comments: The Business Transformation Agency (BTA) has laregely addressed the 31 core elements in our Enterprise Architecture Management Maturity Framework in its corporate business enterprise architecture (BEA), which is the intended focus of the recommendation. For example, the BTA has established a chief architect that is responsible for developing and maintaining the corporate BEA, and the version 4.1 of the BEA largely provides a depiction of both the "As is" and "To Be" environments in terms of business performance, information/data, application/service, technology, and security.

    Recommendation: The Secretary of Defense or his appropriate designee should implement the core elements in our EA Framework for Assessing and Improving Enterprise Architecture Management that we identify in this report as not satisfied, including ensuring that minutes of the executive body charged with directing, overseeing, and approving the architecture are prepared and maintained.

    Agency Affected: Department of Defense

  3. Status: Closed - Implemented

    Comments: The Department of Defense (DOD) developed an initial business enterprise architecture in April 2003. This version of the architecture omitted many relevant requirements. Requirements are one of the key bases for determining the scope and content for enterprise architectures. Based on GAO's recommendation, DOD subsequently added or modified the 340 requirements in the updated architecture products. By updating the architecture to include these requirements, DOD has increased the opportunity to make better informed decisions in planning and implementing its business system improvement projects.

    Recommendation: The Secretary of Defense or his appropriate designee should update version 1.0 of the architecture to include the 340 Joint Financial Management Improvement Program requirements that our report identified as omitted or not fully addressed.

    Agency Affected: Department of Defense

  4. Status: Closed - Implemented

    Comments: The Business Transformation Agency (BTA) has largely addressed these 29 key elements relative to its corporate BEA, which is the intended focus of the recommendation. For example, version 4.1 of the business enterprise architecture (BEA) contains enterprise-level "As Is" information to support business capability gap analyses. In addition, the architecture includes "As Is" information for five of the six business enterprise priorities and "As Is" information for enterprise systems, such as the Wide-area Workflow system.

    Recommendation: The Secretary of Defense or his appropriate designee should update version 1.0 of the architecture to include the 29 key elements governing the "As Is" architectural content that our report identified as not being fully satisfied.

    Agency Affected: Department of Defense

  5. Status: Closed - Implemented

    Comments: The Business Transformation Agency (BTA) has largely addressed these 30 key elements relative to its corporate business enterprise architecture (BEA), which is the intended focus of the recommendation. For example, version 4.1 of the BEA identifies activities performed at each location/organization and indicates which organization(s) are or will be involved in each activity. Furthermore, it includes common business rules (e.g., "each request for commercial export of DOD technology must be processed with 30 days upon receipt of request from the Department of State or the Department of Commerce") to facilitate consistent implementation of the architecture.

    Recommendation: The Secretary of Defense or his appropriate designee should update version 1.0 of the BEA to include the 30 key elements governing the "To Be" architectural content that our report identified as not being fully satisfied.

    Agency Affected: Department of Defense

  6. Status: Closed - Implemented

    Comments: Version 3.1 of the architecture provides significant improvements with regard to navigation and use and addresses the internal consistency of the architecture artifacts that we previously described.

    Recommendation: The Secretary of Defense or his appropriate designee should update version 1.0 to ensure that "To Be" architecture artifacts are internally consistent, to include addressing the inconsistencies described in this report, as well as including user instructions or guidance for easier architecture navigation and use.

    Agency Affected: Department of Defense

  7. Status: Closed - Implemented

    Comments: The Business Transformation Agency (BTA) has largely addressed this recommendation for its corporate or enterprise transition plan, which is the intended focus of the recommendation. For example, the latest version of the transition plan now documents how business enterprise architecture (BEA) elements (e.g., specific business capability improvements) provide solutions to significant DOD issues or business capability gaps (e.g., mission needs, material weaknesses). It also provides performance information of DOD transformation at both the enterprise level and component level, including performance metrics and milestones.

    Recommendation: The Secretary of Defense or his appropriate designee should update version 1.0 of the architecture to include (1) the three key elements governing the transition plan content that our report identified as not being fully satisfied and (2) those system investments that will not become part of the "To Be" architecture, including time frames for phasing out those systems.

    Agency Affected: Department of Defense

  8. Status: Closed - Implemented

    Comments: The verification and validation contractor reports that all of these comments on versions 3.0 and prior versions have been addressed.

    Recommendation: The Secretary of Defense or his appropriate designee should update version 1.0 of the architecture to address comments made by the verification and validation contractor.

    Agency Affected: Department of Defense

  9. Status: Closed - Implemented

    Comments: The Business Transformation Agency (BTA) has developed several documents that are intended to address this recommendation. For example, it has developed the Business Transformation Guidance, which describes the high-level process by which incremental improvements are identified and eventually incorporated into the business enterprise architecture (BEA). In addition, BTA officials told us that they are developing a BEA Concept of Operations, which is to describe high-level milestones required to address the BEA's use, such as investment management, strategic decision making, oversight, system implementation, software development, and business case development. However, the department has yet to develop an architecture program management plan that we have recommended. This recommendation was subsumed by a later GAO recommendation in GAO-06-658. A number of steps were taken to address the recommendtaion from GAO-06-658. For example, an architecture program management plan was developed and implemented. In addition, DOD has employed an incremental approach to add more scope and content to the Business Enterprise Architecture (BEA) on an annual basis. To accomplish this, the department has taken several actions that are consistent with the intent of our recommendation. For example, it has developed the Business Transformation Guidance, which describes the high-level process by which incremental improvements are identified and eventually incorporated into the BEA. Also, in March 2010, the department updated its BEA-related guidance to, among other things, provide criteria for determining systems' architectural compliance with the BEA. In addition, it issued a BEA development methodology, which provides for developing an integrated schedule with time frames and resource needs for each increment of the BEA. Furthermore, the department's annual report, which draws from and references the enterprise transition plan, is submitted annually to defense congressional committees and describes the business capability improvements that are planned for the development/modernization programs contained in the BEA. For example, the report addresses key program development milestones and performance metrics relative to each business enterprise priority segment of the architecture. As a result of these collective actions, we consider this recommendation to be largely implemented.

    Recommendation: The Secretary of Defense or his appropriate designee should develop a well-defined near-term plan for extending and evolving the architecture and ensure that this plan includes addressing our recommendations, defining roles and responsibilities of all stakeholders involved in extending and evolving the architecture, explaining dependencies among planned activities, and defining measures of activity progress.

    Agency Affected: Department of Defense

  10. Status: Closed - Implemented

    Comments: Since we made this recommendation in 2003, DOD's architecture approach has evolved and as a result the intent of our recommendation was resolved because it was overcome by events. However, we have ongoing work ad have issued more recent recommendations associated with their current approach. For example, in May 2014 (GAO-14-486) we issued three recommendations to the department to improve the deparment's business systems investment management process and business enterprise architecture. In May 2013 (GAO-13-557) we recommended that, to effectively implement key components of DOD's business systems modernization program, the Secretary of Defense should direct the Deputy Chief Management Officer to define by when and how the department plans to develop an architecture that would extend to all defense components and include, among other things, (a) information about the specific business systems that support business enterprise architecture (BEA) business activities and related system functions; (b) business capabilities for the Hire-to-Retire and Procure-to-Pay business processes; and (c) sufficient information about business activities to allow for more effective identification of potential overlap and duplication. In June 2012 (GAO-12-685) we recommended that the Secretary of Defense ensure that the Deputy Secretary of Defense, as the department's Chief Management Officer, establish a policy that clarifies the roles, responsibilities, and relationships among the Chief Management Officer, Deputy Chief Management Officer, DOD and military department Chief Information Officers, Principal Staff Assistants, military department Chief Management Officers, and the heads of the military departments and defense agencies, associated with the development of a federated BEA. In addition, we are required to report annually on DOD's efforts to address its Business Enterprise Architecture and Business Processing Reegineering as mandated by the FY 2015 NDAA. During this engagement we will follow-up on the status of these recommendations.

    Recommendation: The Secretary of Defense or his appropriate designee should limit the pilot projects to small, low-cost, low-risk prototype investments that are intended to provide knowledge needed to extend and evolve the architecture, and are not to acquire and implement production version system solutions or to deploy an operational system capability.

    Agency Affected: Department of Defense

 

Explore the full database of GAO's Open Recommendations »

Apr 16, 2015

Mar 31, 2015

Feb 26, 2015

Feb 25, 2015

Dec 10, 2014

Sep 25, 2014

Sep 23, 2014

Jun 10, 2014

Looking for more? Browse all our products here