[Congressional Record Volume 160, Number 104 (Monday, July 7, 2014)]
[Senate]
[Pages S4202-S4204]
From the Congressional Record Online through the Government Publishing Office [www.gpo.gov]
EXPEDITIONARY COMBAT SUPPORT SYSTEM
Mr. McCAIN. Mr. President, at a time when vital defense programs are
threatened due to a lack of funding, the Federal Government has wasted
billions of dollars attempting to procure new large information
technology systems, consistently disregarding lessons learned from past
failures and well-established acquisition best practices.
Even with a current annual budget of $80 billion for information
technology projects, the Federal Government struggles to make those
systems work. The American people can still remember the embarrassing
failure of healthcare.gov, the Obama administration's most recent
information technology fiasco. What they may not realize is the Health
and Human Services' healthcare.gov mess is not unique and is, in an
important sense, merely business as usual in how the government,
particularly the Department of Defense, acquires large information
technology systems.
The Pentagon is responsible for many of the most egregious cases of
wasted taxpayer dollars when it comes to government information
technology programs. Lack of planning for these acquisitions within the
Armed Forces has made the adoption of new information technology
systems an expensive and risky endeavor. The Air Force's Expeditionary
Combat Support System, or ECSS, is a prime example of how a system
designed to save money can actually waste billions of taxpayer dollars
without producing any usable capability.
Today the Permanent Subcommittee on Investigations issued a
bipartisan report on the failed acquisition of the ECSS, a program that
was supposed to decrease costs and increase efficiencies by
consolidating the Air Force's hundreds of legacy logistic systems into
a single new system.
It is important to recognize that what happened with ECSS is not an
isolated case of incompetence. Unfortunately, it is one of the many
examples that show how billions of dollars can be wasted if the
intended acquisition is not started off right with a detailed plan that
includes clear, stable requirements and achievable milestones supported
by realistic original cost estimates and reliable assessments of risk.
The subcommittee's report notes that the Air Force started the ECSS
acquisition in 2004 with the goal of obtaining a single
``transformational'' unified logistics and supply chain management
system that would allow the Air Force to track all of its physical
assets worldwide, from airplanes, to fuel, to spare parts. These types
of computer platforms; that is, large business systems that companies
use to make their businesses operate more efficiently, are known as
enterprise resource planning systems or ERPs. Basically, ECSS was
supposed to be an enterprise resource planning system that would have
combined all of the Air Force's global logistics and its associated
supply chain management activities under one streamlined management
information technology system.
As the Department of Defense's overall strategy to become fully
auditable hinges on how successfully it procures and integrates these
systems into its business enterprises, failures such as the ECSS are
not only costly to the taxpayer but also disastrous to the Department's
larger financial improvement efforts.
To keep costs down, the Air Force intended to build its new ERP
system using already available commercial software instead of a
software system designed from scratch. That type of commercial
software, however, works best when the organization using it follows
efficient business processes. In order to take advantage of the
commercial software that supported ECSS, the Air Force needed to
dramatically change longstanding internal business processes that
supported how it managed global logistics and its associated supply
chain.
That never happened. Unfortunately, the culture of resistance to
change in the Air Force made it difficult to make those changes. The
Air Force needed strong leaders who could communicate not only the
goals of ECSS to end users and get their buy-in but also develop sound
program management strategies to overcome resistance to change among
those lower level personnel. Ultimately, the leaders of the ECSS
Program did not effectively communicate with the end users. Without
their buy-in, ECSS was doomed to fail before it even started.
Because the Air Force had not adequately planned what needed to be
done to procure ECSS effectively, it was easier for program managers to
order changes in configuration that in effect customized the commercial
software on the fly rather than alter the Air Force's own culture. That
caused costs to skyrocket and delivery schedules to slip.
The Air Force's eagerness for expensive customization was especially
troubling given that as early as 2004, the Air Force identified the
need to avoid customizing the commercial software lest costs explode.
But in the end, it failed to heed its own advice. The subcommittee
report finds that the Air Force's customization of the commercial
software was a major root cause of ECSS's failure.
Such customization could have been avoided had the Air Force fully
and timely implemented a congressionally mandated procedure for
improving its operations called business process reengineering.
Business process reengineering, which is a proven private
[[Page S4203]]
sector management approach, offers a structured way to introduce major
new changes into an organization to help it run more efficiently and
ensures that careful planning goes into every stage. Not infrequently,
Fortune 500 companies use business process reengineering to, for
example, restructure existing business units to work more efficiently,
passing resulting savings on to consumers and to absorb effectively new
business units from companies they have acquired or merged with to
maintain overall competitiveness in the marketplace.
Had the Air Force actually used business process reengineering in
connection with the ECSS; that is, redesigned those business processes
that needed to be changed for the Air Force to absorb its commercial
off-the-shelf software effectively, the risk identified in 2004 would
have been consciously addressed at each stage of the procurement, not
essentially disregarded for 8 years.
In its 2004 risk assessment, the Air Force also identified a lack of
stable program requirements as a risk to the program. That risk, too,
was not accounted for. From the beginning of the ECSS procurement, the
Air Force failed to properly define and stabilize the program's
requirements, what the system would do, and how it would do it. Even
those who were going to use ECSS felt as though they were in the dark.
In 2008, 4 years later, a technician stated: ``My [number one]
complaint is that E.C.S.S. has yet to identify . . . any time line [for
when] we can expect to receive detailed information [or] requirements
about what E.C.S.S. will provide.'' This user's complaint reflects the
lack of planning that went into the Air Force's attempt to procure
ECSS.
To this day, the Air Force still does not know how many legacy
systems it actually has on hand, let alone the number that ECSS was to
replace. The Air Force's lack of knowledge about its current
information technology systems led to confusion when it tried to
construct a replacement. That is why I offered an amendment to the
NDAA--the National Defense Authorization Act--for fiscal year 2015 that
would require program personnel to have a proper understanding of
existing legacy systems and clear goals in connection with its efforts
to procure new information technology systems, but more has to be done.
The subcommittee's report recommends the Department of Defense should
also start assessing how much BPR would need to be done--and how
feasibly it can be done--earlier in the acquisition lifecycle of these
ERPs. Also, investment review boards, which are critically important
governance tools used in connection with the Department's efforts to
procure ERPs, should be integrated into the budgeting process when
these programs begin. That would help make sure that not only is BPR
being implemented early and effectively but also that the large
information technology system being procured lines up with the
Department of Defense's broader efforts to modernize its business
systems. Collectively, these initiatives would help these programs
start off right and allow both the Department of Defense and Congress
to conduct better oversight and hold leadership accountable for future
failures.
In this case no one within the Air Force and the Department of
Defense has been held accountable for ECSS's appalling mismanagement.
No one has been fired and not a single government employee has been
held responsible for wasting over $1 billion in taxpayer funds. With
six program managers and five program executive officers over 8 years
having transitioned in and out of the program, the Air Force has had
trouble determining who should be held responsible. On scores of other
failed programs, this of course is a study we are all familiar with.
Let me repeat: Not a single government employee has been held
responsible for wasting over $1 billion--six program managers and five
program executive officers over 8 years in and out of the program.
This is a chronic lack of accountability, and I think efforts in the
National Defense Authorization Act amendments to align the tenure of
program managers with key decision points in the acquisition process is
badly needed. That provision would allow us to not only hold
accountable those responsible for blunders such as ECSS but also to
reward those involved with successful acquisition strategies.
The subcommittee's report details many leadership failures within the
Air Force and the Department of Defense in the ECSS Program that should
serve as a warning for current and future information technology
acquisitions. Since 1995 the Government Accountability Office has
placed the Department of Defense business systems modernization
efforts; that is, its efforts to replace its existing information
technology systems to improve how the Department of Defense is managed,
on its high-risk list every year. It has been on that list for many of
the same reasons ECSS failed, including inadequate management controls
to oversee how it acquires these large systems.
According to the Government Accountability Office, the Department of
Defense ``has not fully defined and established business systems
modernization management controls.'' It further noted that these
management controls are ``vital to ensuring that [DOD] can effectively
and efficiently manage an undertaking with the size, complexity, and
significance of its business systems modernization and minimize the
associated risks.'' I challenge the new Deputy Secretary of Defense,
who acts as the Chief Management Officer, to work with the Government
Accountability Office to get the Department of Defense's business
systems modernization efforts off the high-risk list, and I look
forward to a plan from him on how he intends to do it.
Such a plan is clearly necessary, given the current difficulties the
Department of Defense is facing in procuring major information
technology programs. The Army has spent roughly $1.89 billion on its
logistics modernization programs. Yet just recently, in May of this
year, the Department of Defense inspector general reported that the
Army will most likely miss the congressionally mandated auditability
deadline in September of 2017 because it failed to properly implement
the BPR.
Additionally, the defense enterprise accounting and management
system, or DEAMS, is a current Air Force acquisition effort that has
received roughly $425 million in funding and is scheduled to receive
billions more. DEAMS has faced similar issues to those witnessed in the
failed ECSS procurement program. For instance, similar to ECSS, the Air
Force has been frustrated by its inability to get the buy-in it needs
from DEAMS' intended end users for them to change their business
processes and allow for DEAMS integration into the Air Force.
According to a December 2013 Department of Defense internal report,
end users at McConnell Air Force Base indicated that the training for
this program ``did not provide them with a real understanding of the
system and its application to their day-to-day work process.'' Sound
familiar? In this case, the Air Force and the Department of Defense are
again failing to properly procure and implement a program that is
crucial to its business operations and to the Air Force becoming fully
auditable by 2017.
The Navy has also struggled with the procurement of large information
technology as a program called Navy ERP illustrates. According to the
Department of Defense's Deputy Chief Management Officer, these
guidelines demand that program officers for information technology
acquisitions effectively map out current legacy systems and business
processes that need to be changed or retired and then lay out a new
plan that would improve and transform the shortcomings of the old
systems. These ``as is'' and ``to be'' process maps help guide the DOD
components and agencies in how they procure large information
technology systems.
But when the Department of Defense inspector general asked the
program office for Navy ERP's process maps, disturbingly, the Navy said
no such plan existed. This is particularly unsettling because the Under
Secretary of the Navy at the time, who is now the Deputy Secretary of
Defense, certified that those plans were actually completed.
In addition to the lack of process maps, the Department of Defense
inspector general found that Navy ERP could not be used to track and
account for the Navy's $416 billion in military equipment assets. That
means the Navy's program would not even allow
[[Page S4204]]
the Navy to become fully auditable, as required by Congress, raising
questions about why the Navy would spend $870 million on a program that
would not even fulfill congressional mandates.
This lapse in oversight is unacceptable, which is why the
subcommittee's bipartisan report recommends that the Department of
Defense review its internal policies to make sure information
technology systems that receive BPR certifications on paper are
actually implementing BPR in reality.
These certifications are required for a reason: They help
decisionmakers in the Department of Defense and Congress make informed
decisions on whether a given program is ready to go further in the
acquisition process and whether taxpayer funds should be authorized and
appropriated for that purpose.
As I mentioned earlier, information technology procurement is not
only a Department of Defense problem. In November of last year, in
response to the disastrous healthcare.gov rollout, President Obama
himself said:
One of the things [the Federal Government] does not do well
is information technology procurement. This is kind of a
systematic problem that we have across the board.
I agree with him that information technology procurement in the
Federal Government is in desperate need of reform. The White House's
Office of Management and Budget has expressed significant concerns
about 42 Federal information technology investments, totaling $2
billion. According to the Government Accountability Office: ``despite
spending hundreds of billions on I.T. since 2000, the federal
government has experienced failed I.T. projects and has achieved little
of the productivity improvements that private industry has realized
from I.T.''
The Department of Homeland Security's Secure Border Initiative
Program, or SBInet, was another notable major IT procurement failure.
My colleagues might remember SBInet as the high-tech surveillance
program that, when it began in 2006, promised a single
``transformational'' integrated security system for hundreds of miles
of border protection on our southern border. Well, I remember SBInet as
a system that, according to the Government Accountability Office, cost
$1.2 billion and was on a path to spend 564 percent more than its
initial cost estimates when it was canceled in 2010. Once again, ever-
changing requirements, a lack of internal management controls, and not
really understanding what we were trying to procure, how hard it would
actually be, and planning effectively for those difficulties, led to
the Federal Government squandering over $1 billion with nothing to show
for it.
The Federal Government's incessant inability to procure major
information technology systems is especially concerning since, in the
coming months, the Department of Defense will be selecting a contractor
to develop a centralized military health care information technology
system. That program is supposed to provide seamless sharing of health
data among the Department of Defense, Veterans Affairs, and private
sector providers. In light of the recent tragic consequences stemming
from mismanagement at the Phoenix VA Health Care System and VA
hospitals around the country, we cannot afford to further jeopardize
veterans' health care because of information technology failures. Yet
any serious effort to reform how care is delivered to our veterans will
largely turn on the effective delivery and integration of this system.
We need to put the Department of Defense and the Department of Veterans
Affairs on notice that we will monitor this program carefully
throughout its acquisition.
In closing, there is still much to be done at the Department of
Defense and throughout the Federal Government to ensure the acquisition
of large information technology programs is improved. If we do not want
to repeat past failures, the Department of Defense's attempts to
procure large business IT systems must be supported by the right
leadership, proper planning, and a workforce that is open to changing
``business as usual'' in order to help make sure the Department
operates more efficiently, effectively, and transparently.
I yield the floor.
I suggest the absence of a quorum.
The ACTING PRESIDENT pro tempore. The clerk will call the roll.
The bill clerk proceeded to call the roll.
Mr. CORNYN. I ask unanimous consent that the order for the quorum
call be rescinded.
The PRESIDING OFFICER (Ms. Hirono). Without objection, it is so
ordered.
____________________