[Senate Prints 106-64]
[From the U.S. Government Publishing Office]



106th Congress                                                  S. Prt.
 2d Session                 COMMITTEE PRINT                      106-64

_______________________________________________________________________






                          INVESTIGATIVE REPORT

                                   of

                         SENATOR FRED THOMPSON

                            Chairman of the

         COMMITTEE ON GOVERNMENTAL AFFAIRS UNITED STATES SENATE



                             regarding the

          FEDERAL AGENCY COMPLIANCE WITH THE CLINGER-COHEN ACT

                                     

[GRAPHIC] [TIFF OMITTED] TONGRESS.#13


                                     

                              OCTOBER 2000
                                     


                               __________

                    U.S. GOVERNMENT PRINTING OFFICE
68-009                     WASHINGTON : 2000



                            C O N T E N T S

                                                                   Page

Executive Summary................................................     1

Introduction and Scope of Investigation..........................     4

Findings.........................................................     5

Recommendations..................................................    11

Appendix A: Letter to departments and agencies from Senate 
  Governmental Affairs Committee Chairman Fred Thompson and 
  Ranking Minority Member Joseph Lieberman regarding compliance 
  with the Clinger-Cohen Act of 1996.............................    13

Appendix B: GAO Audits and Reports on Federal Agency Information 
  Technology Management Since Enactment of the CCA...............    19

Appendix C: Individual Agency Responses to the Thompson/Lieberman 
  letter:

  Department of Agriculture (USDA)...............................    21

  Department of Defense (DOD)....................................    24

  Department of Education........................................    27

  Department of Energy (DOE).....................................    31

  Department of Health and Human Services (HHS)..................    34

  Department of Housing and Urban Development (HUD)..............    39

  Department of the Interior.....................................    44

  Department of Justice (DOJ)....................................    49

  Department of Labor (DOL)......................................    54

  Department of State............................................    62

  Department of Transportation (DOT).............................    71

  Department of the Treasury.....................................    75

  Department of Veterans Affairs (VA)............................    78

  Agency for International Development (USAID)...................    81

  Environmental Protection Agency (EPA)..........................    83

  Federal Emergency Management Agency (FEMA).....................    87

  General Services Administration (GSA)..........................    90

  National Aeronautics and Space Administration (NASA)...........    95

  National Science Foundation (NSF)..............................    99

  Nuclear Regulatory Commission (NRC)............................   104

  Office of Personnel Management (OPM)...........................   109

  Small Business Administration (SBA)............................   111

  Social Security Administration (SSA)...........................   112

                                 (iii)

 
                        INVESTIGATIVE REPORT ON
                   FEDERAL AGENCY COMPLIANCE WITH THE
                           CLINGER-COHEN ACT

                              ----------                              


                           EXECUTIVE SUMMARY

    Senator Fred Thompson (R-TN), Chairman of the Senate 
Governmental Affairs Committee, recently completed a 
comprehensive investigation of agencies and departments subject 
to the Clinger-Cohen Act of 1996 (CCA).\1\ The review was 
initiated as part of the Committee's oversight agenda and is 
the result of a series of questions posed to agencies to 
ascertain the status of their efforts to comply with the 1996 
law.
---------------------------------------------------------------------------
    \1\ Public Law 104-106 (Division D & Division E).
---------------------------------------------------------------------------
    The rapid pace of technological change and innovation has 
offered unprecedented opportunities for the Federal Government 
to use information technology (IT) to improve operational 
performance, reduce costs, and enhance service responsiveness 
to the public. Because of the Federal Government's increased 
reliance on information technology, in 1994 Congress increased 
its attention and oversight on agencies' acquisition, 
management and use of information technology. Congress' 
investigation of agency information technology use raised a 
range of thorny issues surrounding managing and integrating 
complex information management processes; computer hardware and 
software; telecommunications networks; and, most importantly, 
aligning information technology with business needs. 
Consequently, Congress found that Federal agencies must have 
effective leadership and must enforce management controls over 
the government's $38 billion in annual spending on information 
management and technology.
    In response to concerns about how the Federal Government 
was managing and acquiring information technology, Congress 
passed the CCA in 1996. The CCA mandates, among other things, 
that executive agencies design and implement capital planning 
and investment controls, implement specified information 
technology-related actions to enhance performance and results-
based management, and establish Chief Information Officers 
(CIOs) with certain defined duties and responsibilities. In 
addition, the CCA requires agencies to identify information 
technology acquisition programs that have significantly 
deviated from cost, performance, or schedule goals.
    The Senate Committee on Governmental Affairs played a large 
role in the passage of the CCA and maintains a high level of 
interest in compliance with its provisions. As a part of the 
Committee's oversight agenda, Chairman Thompson, along with the 
Committee's Ranking Minority Member, Senator Joseph I. 
Lieberman (D-CT), developed a series of questions to better 
understand the status of CCA compliance in the agencies and 
departments subject to its mandates.

                             Major Findings

Information Technology Management: Chief Information Officer Turnover 
        High

    The CCA established CIOs in 24 agencies in order to ensure 
that sound IT investment decisions are made and that cost-
effective return-on-investment--focus on results and 
contributions to mission effectiveness--is achieved. The CCA 
vested the CIO with specific responsibilities to help him or 
her accomplish their goals.
    While all of the 24 agencies have CIOs, the Federal 
Government has been experiencing relatively high turnover. 
While this should be expected in CIO positions because similar 
turnover rates are not uncommon in the private sector, it 
presents a management challenge to agencies that are trying to 
maintain sustained focus in and momentum for ongoing IT 
projects. In addition, various levels of CIOs within an agency 
do not always coordinate with one central CIO thus causing 
reporting and policy inconsistencies within a single agency.

Agencies Aren't Complying with Capital Investment and Planning and 
        Performance Measures

    One of the most important aspects of the CCA is the 
requirement that agencies make sound information technology 
investment decisions based upon the business needs of an 
executive agency or department. Under the CCA, each agency is 
required to design and develop a process for assessing and 
managing the risk of its information technology purchases in 
order to ensure effective program performance results.
    However, the findings reveal that 17 of the 24 agencies 
covered by the CCA are not implementing fully the CCA's IT 
capital planning and investment control requirements. For 
example, the Small Business Administration responded that 
because of its work on the Year 2000 computer problem, it did 
not have time to develop formal information technology capital 
planning procedures.
    And while 21 agencies reported that their capital 
investment and planning work processes were being improved or 
reengineered, half of the agencies reported requiring process 
reengineering or mission-related processes before making 
significant investments in IT in support of those missions.
    In order to make sound business decisions, agencies need 
reliable information upon which to base those decisions. 
However, the quality of the data for the assessments of major 
IT investments needed for decisionmaking and for measuring 
progress is questionable at most agencies. For example, the 
Department of Agriculture noted that, while it has improved the 
quality of the data used for decisionmaking, it is unclear 
whether the data it uses to measure program performance is 
accurate, reliable, or even current.
    While it is important to have clear and accurate data 
before making investment decisions, it is equally important for 
agencies to link IT performance to agency program performance. 
In fact, agencies are required to incorporate these performance 
goals in annual agency reports required under the Government 
Performance and Results Act (GPRA).\2\ Unfortunately, the 
findings revealed that most agency links to these reports were 
often too broad to provide sufficiently robust measures of the 
impact information technology makes on an agency's overall 
performance. Additionally, Chairman Thompson found that 16 
agencies neither developed nor submitted IT management reports 
that included accomplishments, progress, and identification of 
areas requiring attention. And, finally, one fourth of agencies 
reported significant deviations of projects from cost or 
schedule goals. Because agencies are not using sound business 
procedures before investing in information technology, they are 
unable to improve program performance and meet their mission 
goals.
---------------------------------------------------------------------------
    \2\ Public Law 103-62.
---------------------------------------------------------------------------

Agencies Aren't Applying Modular Contracting For Major IT Investments

    In 1994, Congress found that Federal regulations governing 
information technology acquisitions were outdated, focused on 
paperwork and process rather than results, and prevented the 
government from taking timely advantage of rapid advances 
taking place in the competitive and fast changing global 
information technology marketplace. The CCA authorizes agencies 
to purchase IT on an incremental or modular basis to prevent 
the mismanagement of IT spending. This authority still hasn't 
been applied consistently in major IT investments 
governmentwide, In fact, the findings revealed that eight 
agencies reported still being in the process of implementing 
modular contracting.

                            Recommendations

    The report includes a dozen recommendations for executive 
departments and agencies to implement in order to fully comply 
with the CCA. The recommendations provide that departments and 
agencies should:

     review the mechanisms in place for assuring that 
they are fully implementing the CCA through their policies, 
procedures, and practices;

     articulate the roles, reporting relationships and 
boundaries of authority among all CIOs within an agency in ways 
that enhance the effective implementation of the CCA;

     provide the appropriate authority to the CIO to 
ensure the CIO's control over IT capital planning and 
investment processes;

     increase quality control of their capital 
planning and investment control practices, including ensuring 
that any cost/benefit data used in investment decisionmaking is 
accurate and complete;

     provide clear procedures on how CIOs and program 
managers communicate to senior management the status and 
progress of major IT projects;

     develop and incorporate the use of decision 
milestones in IT project management;

     develop an effective means of identifying IT 
projects that deviate significantly from cost, schedule and 
performance expectations;

     increase project management and capital planning 
skills within their IT workforce;

     provide better data on how IT investments will 
benefit Federal programs;

     develop IT management plans that include 
accomplishments, progress, and the identification of areas 
requiring attention;

     clarify the requirements for process 
reengineering in their overall capital planning and investment 
control procedures; and

     increase their use of modular contracting for 
building and acquiring information systems.

                INTRODUCTION AND SCOPE OF INVESTIGATION

    At the beginning of the second session of the 106th 
Congress, Senate Governmental Affairs Committee Chairman Fred 
Thompson began an investigation of how Federal agencies were 
complying with the requirements of the Clinger-Cohen Act. This 
review was undertaken as part of the Committee's oversight of 
Federal agency information technology procurement and 
management.
    As part of the investigation, Chairman Thompson reviewed 
responses to certain questions posed to the agencies \3\ as 
well as 31 reports on information technology management 
conducted by the General Accounting Office (GAO) since 
enactment of the CCA.\4\
---------------------------------------------------------------------------
    \3\ By letter dated April 6, 2000 from Chairman Thompson and 
Ranking Minority Member Lieberman (see Appendix A).
    \4\ See Appendix B.
---------------------------------------------------------------------------

                               Background

    During the 104th Congress, the Senate Governmental Affairs 
Committee reviewed the way information was being managed by 
Federal agencies. Realizing that information technology, 
particularly network computers, were changing the way Federal 
managers compiled, distributed, and maintained information, as 
well managed Federal programs, the Committee developed 
legislation (which became the CCA) to remedy some of the 
central problems underlying the way the government does 
business. For example, the Committee's Subcommittee on 
Oversight of Government Management and the District of Columbia 
found that the government was falling further behind the 
private sector in its ability to successfully use information 
technology. According to a 1995 statement by then Senator 
William Cohen:

          ``The Federal Government rarely if ever examines how 
        it does business before it automates. I recently held 
        hearings which examined how the Pentagon could save 
        more than $4 billion over 5 years simply by changing 
        the way it processed travel vouchers. Automating the 
        current voucher processing system will neither achieve 
        the projected savings nor the efficiencies that are 
        accomplished through reengineering. Second, the Federal 
        Government has wasted billions of dollars by 
        maintaining and updating so-called legacy or antiquated 
        computers from the 1960's and 1970's which are ill-
        suited for the government's needs and by today's 
        standards will never be efficient or reliable.''\5\
---------------------------------------------------------------------------
    \5\ Statement of Senator William Cohen, Vol. 141, No. 101 
Congressional Record, p. S8686, June 20, 1995.

    These findings and others led to the development of 
legislation intended to make it easier for the government to 
buy and manage information technology. Most importantly, the 
CCA was designed to make sure that, before the government 
invests in technology, agencies will have carefully planned and 
justified their expenditures.
    Since enactment of the CCA, GAO has conducted a number of 
audits at specific agencies to review the status of compliance 
with various provisions, including progress in implementing 
information technology investment controls, information 
security, and the status and role of the agency CIOs. 
Approximately 31 reports detailing agency strengths and 
weaknesses have been completed. However, this report details, 
for the first time, a governmentwide outline of agency 
compliance efforts with the CCA.

                                FINDINGS

 Strong Executive Leadership: How to Retain Federal Chief Information 
                              Officers \6\

    Background: Obtaining and retaining qualified personnel to 
manage Federal information technology systems is a challenge 
for the Federal Government. A number of senior government 
officials have recommended changing the current salary 
structure and providing agencies with the authority to provide 
greater flexibility to workers, especially information 
technology workers, in order to maintain highly skilled 
employees and to be able to lure workers from the private 
sector to serve in the public sector.
---------------------------------------------------------------------------
    \6\ Section 5125 of the CCA (40 U.S.C. 1425(b)).
---------------------------------------------------------------------------

Finding 1: CIO positions in the Federal Government have been 
        experiencing relatively high turnover.\7\
---------------------------------------------------------------------------
    \7\ Turnover should be expected in CIO positions, and these rates 
of turnover are not uncommon in the private sector. The challenge it 
presents is one of maintaining sustained focus and momentum to ongoing 
IT priority projects as well as to strategic IT direction.

     Ten of the 24 major agencies/departments have had 
three or four CIOs since enactment of the CCA in February 1996. 
---------------------------------------------------------------------------
One department, Department of Education, has had five.

     The remaining 13 agencies and departments have 
had one or two CIOs since February 1996.

     Since 1996, several departments and agencies have 
named ``acting'' CIOs, some for extended periods of time, due 
to lengthy recruitment searches.

Finding 2: Roles, reporting relationships, and boundaries of authority 
        among CIOs within large executive agencies and departments are 
        not clearly established.
     Decentralized executive agencies/departments have 
several component-level organizations that have designated 
CIOs. The staff of the component-level organizations report to 
the component-level head. A majority of agencies reported not 
having direct reporting relationships to the agency-wide 
CIO.\8\ This reporting arrangement may reduce the agency-wide 
CIO's ability to institutionalize department-wide IT management 
practices and technical standards.
---------------------------------------------------------------------------
    \8\ The Department of Commerce is planning to have component agency 
CIOs (NOAA, PTO, etc.) report to both their agency heads and to the 
department CIO.

       For example, the Department of Health and Human 
Services (HHS) has 13 operating divisions that have designated 
CIOs. According to HHS, four CIOs report to the head of the 
operating division (top level), four CIOs report to a top 
deputy (second level), and five report to lower levels of 
management. None of the CIOs have a direct reporting 
relationship to the department-level CIO.

  Achieving Benefits From Capital Planning and Investment Control \9\

    Background: A strong and comprehensive IT capital planning 
process is necessary to assure that agency IT expenditures 
receive the executive-level oversight required for confidence 
that the agency head is executing his or her responsibility in 
IT investment management as specified in the CCA. In addition, 
the IT capital planning process provides the mechanism for 
selecting IT investments as part of the overall IT portfolio 
that support the agency mission.
---------------------------------------------------------------------------
    \9\ Section 5122 of the CCA (40 U.S.C. 1422).
---------------------------------------------------------------------------

Finding 3: IT capital planning and investment control processes have 
        not been fully implemented governmentwide.

     Seventeen of the 24 agencies and departments have 
not established a complete and comprehensive IT capital 
planning and investment control process (CPIC). The agencies' 
and departments' efforts range from needing improvements in 
their established processes to developing a process as 
specified by the CCA.

     Seven agencies and departments--the Department of 
Defense, the Environmental Protection Agency, the General 
Services Administration, the National Aeronautics and Space 
Administration, the Nuclear Regulatory Commission, the National 
Science Foundation, and the Department of Veterans Affairs--
reported that they had implemented a complete and comprehensive 
IT CPIC process, with only one--GSA--saying its process needed 
to be refined and enhanced.

       For example, Agriculture reported that while it 
has established processes for three phases of capital 
planning--select, control, and evaluate--efforts are under way 
to improve inconsistent component-level capital planning. 
Additionally, Agriculture reported that its CIO office has 
engaged contract support to help review the major investments 
to determine where improvements need to be made.

       The Department of Interior reported that the 
Y2K problem became that agency's top priority and, as a result, 
the CCA took a back seat. According to Interior, its CIO Office 
was not organized until March 2000. However, Interior reported 
that it has made significant progress in implementing its IT 
CPIC process.

       SBA also reported Y2K as a problem which forced 
it to use all of its IT resources to sustain routine operations 
and maintenance. This effort, according to SBA, reduced its 
resources in other areas including the development of formal IT 
capital planning procedures.

Finding 4: CIO authority and control in IT investment and capital 
        planning is limited.

     Not all agencies require their IT initiatives to 
come under agency-wide CIO review or control unless the 
initiative fits specific threshold requirements which may be 
based on financial or functional criteria. In addition, agency-
wide CIOs often only have direct responsibility for systems 
that cut across department units. Moreover, those system 
projects that are under the CIO's control may not line up with 
those classified as ``major'' by OMB for those agencies that 
use this criteria.\10\
---------------------------------------------------------------------------
    \10\ Memo (M-97-02) sent on October 25, 1996, by then OMB Director 
Franklin D. Raines to heads of executive departments and agencies 
providing direction regarding investments in major information 
technology systems defines ``major information system'' as a system 
``that requires special management attention because of its importance 
to an agency mission; its high development operating, or maintenance 
costs; or its significant role in the administration of agency 
programs, finances, property, or other resources.''

     Not all department initiatives are reviewed 
within a department-wide portfolio. Moreover, not all 
initiatives come under CIO technical review at some level of 
the review process, although for most agencies, ``major'' IT 
initiatives do. This may impact the effectiveness of the 
capital planning and investment process as well as the impact 
of IT on the agency's ability to achieve its mission 
---------------------------------------------------------------------------
successfully and efficiently.

     Several agencies reported they are initiating 
efforts to coordinate component and agency-wide practices or to 
ensure the implementation of sound capital planning and 
investment processes within their component levels.

     In many cases, major department CIOs do not have 
control over IT expenditures which do not meet the department-
wide threshold requirements for capital planning.

     Some agencies reported inconsistencies in their 
capital planning and investing processes across their 
organizational components.

     For example, in the Department of 
Transportation, the two largest organizations--the Federal 
Aviation Administration and the U.S. Coast Guard--use their own 
agency capital planning and investment control processes which 
DOT asserts account for about 90 percent of DOT's total IT 
expenditures.

Finding 5: The quality of data for the assessments of major IT 
        investments and initiatives for decisionmaking and for 
        measuring progress is questionable.

     A majority of the agencies and departments 
reported that the quality of the data for making investment 
decisions and measuring progress needs improvement.

     Many of these agencies reported that they had 
begun using, or plan to use, the Information Technology 
Investment Portfolio System (ITIPS) to better manage their IT 
investments. Agencies reported that ITIPS helps them to collect 
and track investment data needed to effectively select and 
control IT investments.

       For example, Agriculture reported that it 
believes it has improved the quality of the data used for 
decisionmaking, but more improvement is needed before there 
will be consistency across the whole agency. As for the quality 
of the data for measuring progress, Agriculture also reported 
that it is unsure of its accuracy, reliability, or currency, 
but will use a contractor to aid in this evaluation effort.

       In another example, Interior reported that a 
major obstacle to instilling confidence in cost data is that 
its Federal budgeting and accounting systems do not adequately 
support cost accounting information related to IT costs.

          Managing IT for Overall Performance and Results \11\

    Background: Federal CIOs are responsible for managing IT 
investments to demonstrate cost effectiveness and efficiencies. 
In addition, IT investment strategies and spending should be 
tightly aligned with expected improvements in mission 
performance and results. The inability to track IT development 
and implementation effectively can result in a failure to 
identify cost and schedule overruns and the failure of IT 
initiatives to meet performance expectations. Management plans 
and reporting are critical to providing continuity in planning 
from year to year and in measuring the contribution of IT to 
mission performance across the agency.
---------------------------------------------------------------------------
    \11\ Section 5123 of the CCA (40 U.S.C. 1423).
---------------------------------------------------------------------------

Finding 6: Although most agencies reported the linking of IT system 
        performance to mission performance through annual GPIRA plans 
        and reports, these links were often too broad to provide 
        sufficiently robust measures of IT impact on overall strategic 
        performance.

     Processes necessary for effective tracking of IT 
development and implementation are weak.

       Five agencies reported needing great 
improvement in the quality of data necessary for tracking IT 
development and implementation.

       Fourteen agencies reported the use of 
milestones in monitoring the progress of IT projects and four 
agencies reported not using milestones.

Finding 7: Most agencies reported that they have not developed IT 
        management plans that include accomplishments, progress, and 
        identification of areas requiring attention.\12\

     Sixteen agencies and departments neither 
developed nor submitted IT management reports that included 
accomplishments, progress, and identification of areas 
requiring attention.
---------------------------------------------------------------------------
    \12\ Section 5127 of the CCA (40 U.S.C. 1427).

     One fourth of the agencies reported significant 
deviations of projects from cost or schedule goals laid out in 
---------------------------------------------------------------------------
agency strategic information resource management plans.

       For example, Agriculture reported that, while 
its CIO had not developed agency-wide IT management reports for 
its agency head, the CIO plans to submit a separate IT report.

       In another example, the Department of Justice 
has produced an Annual Accountability Report for the last 2 
years in which it describes the progress toward goals laid out 
in its Strategic Plan. However, Justice agrees that an annual 
assessment of progress will be useful and intends to modify its 
IT investment management program to conduct and document annual 
evaluations of agency progress.

                Using IT to Improve Work Processes \13\

    Background: The CCA requires reengineering analyses of 
administrative and business processes either prior to or as 
part of major systems investment decision-making. Investments 
made in updating systems without reconsidering the underlying 
processes risk producing less than optimal returns on 
investment.
---------------------------------------------------------------------------
    \13\ Section 5123 of the CCA (40 U.S.C. 1423).
---------------------------------------------------------------------------

Finding 8: Fewer than half of the agencies reported requiring process 
        reengineering of mission-related processes before making 
        significant IT investment in support of those missions.

     Twenty-one of the 24 agencies reported that work 
processes are being improved or reengineered.

     Eighteen of the agencies claimed that some or all 
of its top 10 IT investments included work process improvement 
or reengineering.

     A few agencies reported that they are in the 
process of analyzing their mission or are just starting to 
perform business process reengineering.

     Some departments and agencies have initiated 
major IT efforts to overhaul services and citizen access. 
Agencies reporting such efforts include Agriculture, Education, 
EPA, Federal Emergency Management Agency, NRC, and the 
Department of Treasury.

       For example, Agriculture reported that business 
process reengineering remains a cornerstone of its 
implementation of the CCA and its IT capital planning process. 
Prior to design and deployment of major IT investments 
throughout Agriculture in compliance with the CCA and with 
Raines Rules,\14\ its CIO conducts business reviews as a 
necessary management tool.
---------------------------------------------------------------------------
    \14\ Raines Rules refers to OMB Memo (M-97-02) sent on October 25, 
1996, by then OMB Director Franklin D. Raines.

     However, fewer than half of the agencies reported 
requiring process reengineering of mission-related processes 
before making significant IT investment in support of those 
---------------------------------------------------------------------------
missions.

       Although 21 agencies reported that work 
processes were being improved or reengineered, only about half 
of these noted that this was a required activity and few 
specifically noted that these activities occurred prior to 
funding IT investments as required by the CCA.

     Many agencies provided weak support for the 
premise that they are engaging in work process improvement or 
reengineering.

     Examples of IT investments often noted that work 
process improvements resulted from IT investments rather than 
as a precursor to funding the investment. For example, Justice, 
the Department of Labor, GSA, and NRC provided IT investment 
examples that appeared to show reengineered processes as a 
result of the IT investment.

     Other IT investment examples cited by some 
agencies included automation efforts with no mention of work 
process redesign.

     Several agencies pointed to their compliance with 
Raines Rules as evidence that they have performed mission 
analysis and work process redesign. However, compliance with 
Raines Rules only requires that the agency answer whether work 
redesign has begun--not whether the work redesign has been 
completed.

       For example, Education reported that it has 
analyzed some of its missions and has begun to revise its 
mission-related and administrative processes. Interior reported 
that business process reengineering efforts are in various 
stages of development in several of its bureaus.

  Building Large IT Systems Incrementally Through Modular Contracting 
                                  \15\

    Background: The CCA authorizes Federal agencies to adopt 
modular approaches to building and acquiring information 
systems. This is expected to produce smaller, more manageable 
projects that can be examined in shorter time frames for 
expected cost and benefit results. It also encourages the use 
of pilots and prototyping before full scale development and 
implementation.
---------------------------------------------------------------------------
    \15\ Section 5202 of the CCA (see section 38 of the Office of 
Federal Procurement Policy Act (41 U.S.C. 434)).
---------------------------------------------------------------------------

Finding 9: Modular contracting is still not applied consistently in 
        major IT investments government-wide.

     Eight agencies reported still being in the 
process of implementing modular contracting.

                            RECOMMENDATIONS

    In order for executive departments and agencies to fully 
comply with the CCA, the following recommendations should be 
implemented:

     1. Departments and agencies should review the mechanisms 
in place for assuring that they are fully implementing the CCA 
through their policies, procedures, and practices.

     2. Departments and agencies should articulate the roles, 
reporting relationships and boundaries of authority among all 
CIOs within an agency in ways that enhance the effective 
implementation of the CCA.

     3. Departments and agencies must provide the appropriate 
authority to the CIO to ensure the CIO's control over IT 
capital planning and investment processes.

     4. Departments and agencies need to increase quality 
control of their capital planning and investment control 
practices, including ensuring that any cost/benefit data used 
in investment decisionmaking is accurate and complete.

     5. Departments and agencies need to provide clear 
procedures on how CIOs and program managers communicate to 
senior management the status and progress of major IT projects.

     6. In order to avoid schedule slips and cost overruns on 
major IT investments, departments and agencies should develop 
and incorporate the use of decision milestones in IT project 
management.

     7. Departments and agencies must develop an effective 
means of identifying IT projects that deviate significantly 
from cost, schedule and performance expectations.

     8. Departments and agencies need to increase project 
management and capital planning skills within their IT 
workforce.

     9. Departments and agencies must provide better data on 
how IT investments will benefit Federal programs.

    10. Departments and agencies should develop IT management 
plans that include accomplishments, progress, and the 
identification of areas requiring attention.

    11. Departments and agencies should clarify the 
requirements for process reengineering in their overall capital 
planning and investment control procedures.

    12. Departments and agencies should increase their use of 
modular contracting for building and acquiring information 
systems.
                            A P P E N D I X

                              ----------                              

[GRAPHIC] [TIFF OMITTED] T8009.001

[GRAPHIC] [TIFF OMITTED] T8009.002

[GRAPHIC] [TIFF OMITTED] T8009.003

[GRAPHIC] [TIFF OMITTED] T8009.004

[GRAPHIC] [TIFF OMITTED] T8009.005

[GRAPHIC] [TIFF OMITTED] T8009.006

[GRAPHIC] [TIFF OMITTED] T8009.007

[GRAPHIC] [TIFF OMITTED] T8009.008

[GRAPHIC] [TIFF OMITTED] T8009.009

[GRAPHIC] [TIFF OMITTED] T8009.010

[GRAPHIC] [TIFF OMITTED] T8009.011

[GRAPHIC] [TIFF OMITTED] T8009.012

[GRAPHIC] [TIFF OMITTED] T8009.013

[GRAPHIC] [TIFF OMITTED] T8009.014

[GRAPHIC] [TIFF OMITTED] T8009.015

[GRAPHIC] [TIFF OMITTED] T8009.016

[GRAPHIC] [TIFF OMITTED] T8009.017

[GRAPHIC] [TIFF OMITTED] T8009.018

[GRAPHIC] [TIFF OMITTED] T8009.019

[GRAPHIC] [TIFF OMITTED] T8009.020

[GRAPHIC] [TIFF OMITTED] T8009.021

[GRAPHIC] [TIFF OMITTED] T8009.022

[GRAPHIC] [TIFF OMITTED] T8009.023

[GRAPHIC] [TIFF OMITTED] T8009.024

[GRAPHIC] [TIFF OMITTED] T8009.025

[GRAPHIC] [TIFF OMITTED] T8009.026

[GRAPHIC] [TIFF OMITTED] T8009.027

[GRAPHIC] [TIFF OMITTED] T8009.028

[GRAPHIC] [TIFF OMITTED] T8009.029

[GRAPHIC] [TIFF OMITTED] T8009.030

[GRAPHIC] [TIFF OMITTED] T8009.031

[GRAPHIC] [TIFF OMITTED] T8009.032

[GRAPHIC] [TIFF OMITTED] T8009.033

[GRAPHIC] [TIFF OMITTED] T8009.034

[GRAPHIC] [TIFF OMITTED] T8009.035

[GRAPHIC] [TIFF OMITTED] T8009.036

[GRAPHIC] [TIFF OMITTED] T8009.037

[GRAPHIC] [TIFF OMITTED] T8009.038

[GRAPHIC] [TIFF OMITTED] T8009.039

[GRAPHIC] [TIFF OMITTED] T8009.040

[GRAPHIC] [TIFF OMITTED] T8009.041

[GRAPHIC] [TIFF OMITTED] T8009.042

[GRAPHIC] [TIFF OMITTED] T8009.043

[GRAPHIC] [TIFF OMITTED] T8009.044

[GRAPHIC] [TIFF OMITTED] T8009.045

[GRAPHIC] [TIFF OMITTED] T8009.046

[GRAPHIC] [TIFF OMITTED] T8009.047

[GRAPHIC] [TIFF OMITTED] T8009.048

[GRAPHIC] [TIFF OMITTED] T8009.049

[GRAPHIC] [TIFF OMITTED] T8009.050

[GRAPHIC] [TIFF OMITTED] T8009.051

[GRAPHIC] [TIFF OMITTED] T8009.052

[GRAPHIC] [TIFF OMITTED] T8009.053

[GRAPHIC] [TIFF OMITTED] T8009.054

[GRAPHIC] [TIFF OMITTED] T8009.055

[GRAPHIC] [TIFF OMITTED] T8009.056

[GRAPHIC] [TIFF OMITTED] T8009.057

[GRAPHIC] [TIFF OMITTED] T8009.058

[GRAPHIC] [TIFF OMITTED] T8009.059

[GRAPHIC] [TIFF OMITTED] T8009.060

[GRAPHIC] [TIFF OMITTED] T8009.061

[GRAPHIC] [TIFF OMITTED] T8009.062

[GRAPHIC] [TIFF OMITTED] T8009.063

[GRAPHIC] [TIFF OMITTED] T8009.064

[GRAPHIC] [TIFF OMITTED] T8009.065

[GRAPHIC] [TIFF OMITTED] T8009.066

[GRAPHIC] [TIFF OMITTED] T8009.067

[GRAPHIC] [TIFF OMITTED] T8009.068

[GRAPHIC] [TIFF OMITTED] T8009.069

[GRAPHIC] [TIFF OMITTED] T8009.070

[GRAPHIC] [TIFF OMITTED] T8009.071

[GRAPHIC] [TIFF OMITTED] T8009.072

[GRAPHIC] [TIFF OMITTED] T8009.073

[GRAPHIC] [TIFF OMITTED] T8009.074

[GRAPHIC] [TIFF OMITTED] T8009.075

[GRAPHIC] [TIFF OMITTED] T8009.076

[GRAPHIC] [TIFF OMITTED] T8009.077

[GRAPHIC] [TIFF OMITTED] T8009.078

[GRAPHIC] [TIFF OMITTED] T8009.079

[GRAPHIC] [TIFF OMITTED] T8009.080

[GRAPHIC] [TIFF OMITTED] T8009.081

[GRAPHIC] [TIFF OMITTED] T8009.082

[GRAPHIC] [TIFF OMITTED] T8009.083

[GRAPHIC] [TIFF OMITTED] T8009.084

[GRAPHIC] [TIFF OMITTED] T8009.085

[GRAPHIC] [TIFF OMITTED] T8009.086

[GRAPHIC] [TIFF OMITTED] T8009.087

[GRAPHIC] [TIFF OMITTED] T8009.088

[GRAPHIC] [TIFF OMITTED] T8009.089

[GRAPHIC] [TIFF OMITTED] T8009.090

[GRAPHIC] [TIFF OMITTED] T8009.091

[GRAPHIC] [TIFF OMITTED] T8009.092

[GRAPHIC] [TIFF OMITTED] T8009.093

[GRAPHIC] [TIFF OMITTED] T8009.094

[GRAPHIC] [TIFF OMITTED] T8009.095

[GRAPHIC] [TIFF OMITTED] T8009.096

[GRAPHIC] [TIFF OMITTED] T8009.097

[GRAPHIC] [TIFF OMITTED] T8009.098

[GRAPHIC] [TIFF OMITTED] T8009.099

[GRAPHIC] [TIFF OMITTED] T8009.100

[GRAPHIC] [TIFF OMITTED] T8009.101


