Business Systems Modernization:

Department of the Navy Needs to Establish Management Structure and Fully Define Policies and Procedures for Institutionally Managing Investments

GAO-08-53: Published: Oct 31, 2007. Publicly Released: Oct 31, 2007.

Additional Materials:

Contact:

Valerie C. Melvin
(202) 512-6304
contact@gao.gov

 

Office of Public Affairs
(202) 512-4800
youngc1@gao.gov

In 1995, GAO first designated the Department of Defense's (DOD) business systems modernization program as "high-risk," and continues to do so today. In 2004, Congress passed legislation reflecting prior GAO recommendations that DOD adopt a corporate approach to information technology (IT) business systems investment management, including tiered accountability for business systems at the department and component levels. To support GAO's legislative mandate to review DOD's efforts, GAO assessed whether the investment management approach of one of DOD's components--the Department of the Navy--is consistent with leading investment management best practices. In doing so, GAO applied its IT Investment Management (ITIM) framework and associated methodology, focusing on the stages related to the investment management provisions of the Clinger-Cohen Act of 1996.

The Department of the Navy has yet to establish the management structures needed to effectively manage its business systems investments or to fully develop many of the related policies and procedures outlined in GAO's ITIM framework. The department has implemented two of the nine key practices that call for project-level management structures, policies, and procedures, and none of the five practices that call for portfolio-level policies and procedures. Specifically, it has developed procedures for identifying and collecting information about its business systems to support investment selection and control, and assigned responsibility for ensuring that the information collected during project identification meets the needs of the investment management process. However, the department has not established the management structures needed to support effective investment oversight. It also has not fully documented business system investment policies and procedures for directing Investment Review Board operations, selecting new investments, reselecting ongoing investments, integrating the investment funding and investment selection processes, and developing and maintaining complete business system investment portfolio(s). Department officials stated that they are aware of the lack of an Investment Review Board and the absence of documented policies and procedures in certain areas of project and portfolio-level management, and are currently working on new guidance to address these areas. According to these officials, the new policies and procedures are expected to be approved by March 2008. However, until the department assigns responsibility for overseeing project-level management and portfolio management to a departmentwide review board and fully defines policies and procedures for both individual projects and portfolios of projects, it risks selecting and controlling these business system investments in a way that is inconsistent, incomplete, and ad hoc, which in turn reduces the chances that these investments will meet mission needs in the most effective manner.

Recommendations for Executive Action

  1. Status: Closed - Implemented

    Comments: In March 2011, the Department of Navy established an investment board--the Information Enterprise Governance Board--composed of senior executives from IT and functional business units, including the Navy Chief Information Officer (CIO). The board is responsible for establishing and implementing policies governing the organization's investment process. Further, it has responsibility, authority, and accountability for programs throughout the investment life cycle, including those in operations and maintenance.

    Recommendation: To strengthen the Department of the Navy's business system investment management capability and address the weaknesses discussed in this report, the Secretary of Defense should direct the Secretary of the Navy to ensure that well-defined and disciplined business system investment management policies and procedures are developed and issued. At a minimum, this should include instituting project-and portfolio-level policies and procedures that address establishing an enterprisewide IT Investment Review Board composed of senior executives from IT and business units, including assigning the investment board responsibility, authority, and accountability for programs throughout the investment life cycle.

    Agency Affected: Department of Defense

  2. Status: Closed - Implemented

    Comments: The department has taken steps that are consistent with our recommendation and with ITIM, which states that an organization's investment guidance should specify the manner in which investment-related processes will be coordinated with other organizational plans, processes, and documents. For example, Navy's 2009 Investment Review Process Guidance provides a description that explains how other DOD management systems, such as the requirements development process, the planning and budgeting process, and the acquisition system, are to be used to select, control, and evaluate IT investments.

    Recommendation: To strengthen the Department of the Navy's business system investment management capability and address the weaknesses discussed in this report, the Secretary of Defense should direct the Secretary of the Navy to ensure that well-defined and disciplined business system investment management policies and procedures are developed and issued. At a minimum, this should include instituting project-and portfolio-level policies and procedures that address documenting an investment management process that includes how it is coordinated with JCIDS, PPBE, DAS, and the precertification process.

    Agency Affected: Department of Defense

  3. Status: Closed - Implemented

    Comments: In October 2009, the Department of the Navy updated its investment review guidance to require the annual review of all business systems, including those in operations and maintenance, and to specify how these investments were to be prioritized using factors such as mission, strategic value, and risk. By taking this action, Navy has helped strengthen the investment management process by ensuring that programs throughout the investment life cycle, including those in operations and maintenance, will continue to support its ongoing and future business needs.

    Recommendation: To strengthen the Department of the Navy's business system investment management capability and address the weaknesses discussed in this report, the Secretary of Defense should direct the Secretary of the Navy to ensure that well-defined and disciplined business system investment management policies and procedures are developed and issued. At a minimum, this should include instituting project-and portfolio-level policies and procedures that address ensuring that systems in operations and maintenance are aligned with ongoing and future business needs.

    Agency Affected: Department of Defense

  4. Status: Closed - Implemented

    Comments: The department has taken steps that meet the intent of the recommendation. For example, the Navy's Investment Review Guide specifies how criteria, such as cost data, are to be used in making selection decisions. Further, the department's IT Portfolio Management Implementation directive provides high-level descriptions of the factors to be used for portfolio selection, including cost, schedule, and benefit.

    Recommendation: To strengthen the Department of the Navy's business system investment management capability and address the weaknesses discussed in this report, the Secretary of Defense should direct the Secretary of the Navy to ensure that well-defined and disciplined business system investment management policies and procedures are developed and issued. At a minimum, this should include instituting project-and portfolio-level policies and procedures that address selecting new investments, including specifying how cost, schedule, and benefit data are to be used in making decisions and specifying the criteria and steps for prioritizing and selecting these investments.

    Agency Affected: Department of Defense

  5. Status: Closed - Implemented

    Comments: The department has taken steps to address the recommendation. For example, Navy's Investment Review Guide defines the department's approach for annually reselecting ongoing business system investments, including those in operations and maintenance.

    Recommendation: To strengthen the Department of the Navy's business system investment management capability and address the weaknesses discussed in this report, the Secretary of Defense should direct the Secretary of the Navy to ensure that well-defined and disciplined business system investment management policies and procedures are developed and issued. At a minimum, this should include instituting project-and portfolio-level policies and procedures that address documenting an annual review process that includes the reselection of ongoing IT investments.

    Agency Affected: Department of Defense

  6. Status: Closed - Not Implemented

    Comments: The department has yet to develop and institute policies and procedures for integrating funding with the process of selecting an investment. Specifically, the department does not specify how funding decisions are integrated with the process of selecting an investment and does not specify how officials use this information in carrying out decisions on system certification and approvals.

    Recommendation: To strengthen the Department of the Navy's business system investment management capability and address the weaknesses discussed in this report, the Secretary of Defense should direct the Secretary of the Navy to ensure that well-defined and disciplined business system investment management policies and procedures are developed and issued. At a minimum, this should include instituting project-and portfolio-level policies and procedures that address integrating funding with the process of selecting an investment, including specifying how department officials are using funding information in carrying out decisions.

    Agency Affected: Department of Defense

  7. Status: Closed - Implemented

    Comments: The department has taken steps to meet the intent of the recommendation. Specifically, the Department of the Navy's 2011 instruction and guidance related to the implementation of the acquisition and capability development processes addresses overseeing IT projects and systems. For example, the guidance calls for the assessment of a program's cost, schedule, and performance during investment decision reviews and provides documented policies and procedures for management oversight of IT projects and systems. Having these oversight procedures in place helps the department reduce the risks of investing in systems that are duplicative, stovepiped, nonintegrated, and unnecessarily costly to manage, maintain, and operate.

    Recommendation: To strengthen the Department of the Navy's business system investment management capability and address the weaknesses discussed in this report, the Secretary of Defense should direct the Secretary of the Navy to ensure that well-defined and disciplined business system investment management policies and procedures are developed and issued. At a minimum, this should include instituting project-and portfolio-level policies and procedures that address overseeing IT projects and systems, including specifying the processes for the investment boards' operations and decision making during project oversight.

    Agency Affected: Department of Defense

  8. Status: Closed - Not Implemented

    Comments: The Navy IT portfolio management guidance includes a policy that assigns responsibility for defining of IT portfolio criteria to the Functional Area Managers (FAM) and Mission Area Leads (MAL). This notwithstanding, the guidance does not contain procedures for creating and modifying the portfolio selection criteria.

    Recommendation: The Secretary of Defense should ensure these well-defined and disciplined business system investment management policies and procedures should also include portfolio-level management policies and procedures that address creating and modifying IT portfolio selection criteria for business system investments.

    Agency Affected: Department of Defense

  9. Status: Closed - Implemented

    Comments: Navy has taken actions to develop and issue the policies and procedures that address defining the roles and responsibilities for the IT portfolio selection criteria. For example, in November 2009, Navy updated its investment portfolio management guidance to assign responsibility for the development and modification of the IT portfolio selection criteria to functional area managers and mission area leads. In taking this action, Navy has helped strengthen the investment management process by assuring accountability for managing its IT investment portfolios, which provide the basis for a rigorous, disciplined, and repeatable process regarding how investments are selected and controlled across the entire department.

    Recommendation: The Secretary of Defense should ensure these well-defined and disciplined business system investment management policies and procedures should also include portfolio-level management policies and procedures that address defining the roles and responsibilities for managing the development and modification of the IT portfolio selection criteria.

    Agency Affected: Department of Defense

  10. Status: Closed - Not Implemented

    Comments: Although Navy guidance assigns the Functional Area Managers and Mission Area Leads with responsibilities for analyzing, selecting, and maintaining its IT portfolio, it has yet to develop policies and procedures for these processes.

    Recommendation: The Secretary of Defense should ensure these well-defined and disciplined business system investment management policies and procedures should also include portfolio-level management policies and procedures that address analyzing, selecting, and maintaining business system investment portfolios.

    Agency Affected: Department of Defense

  11. Status: Closed - Not Implemented

    Comments: Although Navy guidance assigns the Functional Area Managers and Mission Area Leads with responsibilities for reviewing, evaluating, and improving the performance of its IT portfolio, it has yet to develop policies and procedures for these processes.

    Recommendation: The Secretary of Defense should ensure these well-defined and disciplined business system investment management policies and procedures should also include portfolio-level management policies and procedures that address reviewing, evaluating, and improving the performance of its portfolios by using project indicators, such as cost, schedule, and risk.

    Agency Affected: Department of Defense

  12. Status: Closed - Implemented

    Comments: The department has taken steps that meet the intent of the recommendation. For example, while the department has yet to require post-implementation reviews for all its systems, it does so for the larger business systems as part of its Defense Acquisition System. According to officials, the department plans to address these actions in guidance that is currently under departmental review .

    Recommendation: The Secretary of Defense should ensure these well-defined and disciplined business system investment management policies and procedures should also include portfolio-level management policies and procedures that address conducting post-implementation reviews for all investment tiers and specifying how conclusions, lessons learned, and recommended management actions are to be shared with executives and others.

    Agency Affected: Department of Defense

 

Explore the full database of GAO's Open Recommendations »

Jun 10, 2014

May 22, 2014

May 12, 2014

May 8, 2014

May 7, 2014

Apr 2, 2014

Feb 26, 2014

Feb 12, 2014

Looking for more? Browse all our products here