Tax Systems Modernization: Cyberfile Project Was Poorly Planned and
Managed (Letter Report, 08/26/96, GAO/AIMD-96-140).

The Internal Revenue Service's (IRS) Cyberfile project was intended to
enable taxpayers to prepare and electronically send their tax returns
via their personal computers. IRS' selection of the Commerce
Department's National Technical Information Service (NTIS) to develop
Cyberfile was not based on sound analysis that considered various
alternatives and assessed NTIS' ability to develop and operate an
electronic filing system. NTIS had promised IRS that it could develop
Cyberfile in less than six months and have it up and running by February
1996. To meet these self-imposed deadlines, however, NTIS hastily
initiated the project. Development and acquisition were undisciplined,
and Cyberfile was poorly managed and overseen. The end result was that
Cyberfile was not delivered on time, and IRS, after advancing more than
$17 million to NTIS, has suspended Cyberfile's development and is
reevaluating the project. IRS and NTIS did not follow all applicable
procurement laws in developing Cyberfile, and NTIS actually circumvented
procurement laws in implementing Cyberfile. Moreover, Cyberfile
obligations and costs were not accounted for properly. Finally, adequate
financial program management controls were not implemented to ensure
that Cyberfile was acquired cost effectively. GAO summarized this report
and discussed other tax systems modernization issues in testimony before
Congress; see: Tax Systems Modernization: Actions Underway, But
Management and Technical Weaknesses Not Yet Corrected, by Dr. Rona B.
Stillman, Chief Scientist, Computers and Telecommunications Issues,
before the Senate Committee on Governmental Affairs. GAO/T-AIMD-96-165,
Sept. 10 (21 pages).

--------------------------- Indexing Terms -----------------------------

 REPORTNUM:  AIMD-96-140
     TITLE:  Tax Systems Modernization: Cyberfile Project Was Poorly 
             Planned and Managed
      DATE:  08/26/96
   SUBJECT:  Tax administration systems
             Electronic forms
             ADP procurement
             Requirements definition
             Irregular procurement practices
             Internal controls
             Accounting procedures
             Sole source procurement
             Computer services contracts
             Interagency relations
IDENTIFIER:  IRS Cyberfile
             SBA 8(a) Program
             IRS Tax System Modernization Program
             TSM
             Internet
             IRS Electronic Commerce Strategic Plan
             NTIS FedWorld Network
             
******************************************************************
** This file contains an ASCII representation of the text of a  **
** GAO report.  Delineations within the text indicating chapter **
** titles, headings, and bullets are preserved.  Major          **
** divisions and subdivisions of the text, such as Chapters,    **
** Sections, and Appendixes, are identified by double and       **
** single lines.  The numbers on the right end of these lines   **
** indicate the position of each of the subsections in the      **
** document outline.  These numbers do NOT correspond with the  **
** page numbers of the printed product.                         **
**                                                              **
** No attempt has been made to display graphic images, although **
** figure captions are reproduced.  Tables are included, but    **
** may not resemble those in the printed version.               **
**                                                              **
** Please see the PDF (Portable Document Format) file, when     **
** available, for a complete electronic file of the printed     **
** document's contents.                                         **
**                                                              **
** A printed copy of this report may be obtained from the GAO   **
** Document Distribution Center.  For further details, please   **
** send an e-mail message to:                                   **
**                                                              **
**                                            **
**                                                              **
** with the message 'info' in the body.                         **
******************************************************************


Cover
================================================================ COVER


Report to the Chairman, Committee on Governmental Affairs, U.S. 
Senate

August 1996

TAX SYSTEMS MODERNIZATION -
CYBERFILE PROJECT WAS POORLY
PLANNED AND MANAGED

GAO/AIMD-96-140

TSM Cyberfile

(511517)


Abbreviations
=============================================================== ABBREV

  ADP - automated data processing
  GSA - General Services Administration
  IRS - Internal Revenue Service
  NTIS - National Technical Information Service
  SBA - Small Business Administration
  TSM - Tax Systems Modernization

Letter
=============================================================== LETTER


B-271015

August 26, 1996

The Honorable Ted Stevens
Chairman, Committee on
 Governmental Affairs
United States Senate

Dear Mr.  Chairman: 

This report responds to your February 1996 request that we assess
whether applicable procurement laws and regulations were adhered to
in the acquisition of Cyberfile, an electronic filing system being
developed for the Internal Revenue Service (IRS) by the Department of
Commerce's National Technical Information Service (NTIS). 
Specifically, as agreed with your staff, we determined whether (1)
IRS' decision to use NTIS to develop Cyberfile was based on sound
analysis, (2) applicable procurement laws and regulations were
followed in acquiring Cyberfile equipment and services, (3) Cyberfile
obligations and costs\1 were accounted for properly, and (4)
equipment and services were acquired cost-effectively. 

This report contains recommendations to the Commissioner of the IRS
and the Secretary of the Department of Commerce.  Details of our
scope and methodology are in appendix I.  The Department of the
Treasury, IRS, and Commerce commented on a draft of this report. 
Their comments are discussed in the "Agency Comments" section and are
reprinted in appendixes II, III, and IV. 


--------------------
\1 The financial measure of resources consumed in accomplishing a
specified purpose, such as performing a service, carrying out an
activity, or completing a unit of work or a specified project. 


   RESULTS IN BRIEF
------------------------------------------------------------ Letter :1

IRS' selection of NTIS to develop Cyberfile was not based on sound
analysis.  IRS did not adequately analyze requirements, consider
alternatives, or assess NTIS' capabilities to develop and operate an
electronic filing system, even though the need for these critical
prerequisites was brought to management's attention as early as July
1995.  Instead, IRS selected NTIS because it was expedient and
because NTIS promised IRS, without any objective support, that it
could develop Cyberfile in less than 6 months and have it operating
by February 1996. 

In order to meet these self-imposed time constraints, the project was
hastily initiated.  Development and acquisition were undisciplined,
and Cyberfile was poorly managed and overseen.  As a result, it was
not delivered on time, and after advancing $17.1 million to NTIS, IRS
has suspended Cyberfile's development and is reevaluating the
project. 

IRS and NTIS did not follow all applicable procurement laws and
regulations in developing Cyberfile.  IRS cited the Brooks ADP Act
(40 U.S.C.  759) for its authority to procure Cyberfile.  However,
IRS did not perform requirements and alternatives analyses as
required by the Federal Information Resources Management Regulation
which implemented the Brooks ADP Act. 

NTIS also violated applicable procurement laws and regulations in
implementing Cyberfile.  To obtain contractor services quickly, NTIS
modified an existing sole source contract awarded through the Small
Business Administration's (SBA) small and disadvantaged businesses
program (referred to as the "Section 8(a)" program), providing $3.3
million for Cyberfile and increasing the total contract value to $4.3
million.  NTIS did not submit this modification to SBA for review as
required under the Section 8(a) program.  Further, this modification
circumvented SBA rules requiring that contracts over $3.0 million be
competed among eligible Section 8(a) firms rather than being issued
on a sole source basis.  In addition, at the time of modification,
the contractor was not an eligible 8(a) firm under SBA regulations,
and had NTIS submitted the modification to SBA as required,
responsible officials at SBA said they would have rejected it. 

Cyberfile obligations and costs were not accounted for properly.  IRS
(1) significantly understated the obligations related to the project
and (2) improperly accounted for the $17.1 million advanced to NTIS. 
In addition, NTIS did not promptly and accurately account for
Cyberfile obligations and costs.  Specifically, significant financial
transactions were not properly documented and obligations and costs
were not recorded promptly and accurately. 

Finally, adequate financial and program management controls were not
implemented to ensure that Cyberfile was acquired cost-effectively. 
As a result, excess costs were incurred.  For example, the
interagency agreement between IRS and NTIS was not structured to
minimize costs, and Cyberfile costs continued to be incurred after
the project was suspended.  Specifically, the agreement allowed NTIS
to assess a 10 percent management fee for (1) costs associated with
NTIS' failure to follow preferred management practices, such as late
payment penalties and (2) items which IRS could have readily obtained
directly and provided to NTIS, such as computer equipment acquired
under existing government contracts. 


   BACKGROUND
------------------------------------------------------------ Letter :2

In August 1995, IRS signed a $22 million interagency agreement with
NTIS.  To date, $17.1 million has been advanced to NTIS ($10 million
in August 1995 and $7.1 million in December 1995).  The agreement
stipulated that NTIS would develop and operate Cyberfile, a tax
systems modernization (TSM) project that would allow taxpayers to
prepare and electronically submit their tax returns using their
personal computers.  Electronic returns would be submitted via the
public switch telephone network or the Internet, accepted at a new
NTIS data center, and then forwarded to designated IRS Service
Centers.  Taxpayers would not be charged a fee to file their returns
using Cyberfile. 

To obtain contractor support to develop Cyberfile, NTIS modified an
existing technical services contract awarded on a sole source basis
through SBA's Section 8(a) program for small and disadvantaged
businesses.  This program permits the award of a contract to the SBA,
which then subcontracts with a firm owned by economically and
socially disadvantaged individuals.  After award, SBA requires the
agency to manage the contract and ensure goods and services are
received for dollars expended.  Further, SBA officials told us that
the procuring agency is supposed to obtain SBA approval before
modifying the contract. 

NTIS also acquired systems hardware and services via existing
Department of the Navy, Treasury, and General Services Administration
(GSA) contracts and other sources.  Because NTIS did not have a
contracting activity with the authority to make purchases over
$50,000, the agency used contracting officers from two other Commerce
Department activities to support the Cyberfile procurement. 
Initially, the Office of Acquisition Management provided a
contracting officer.  In late November 1995, the Cyberfile
procurement was transferred to a contracting officer at the National
Institute of Standards and Technology. 

In December 1995, we briefed the IRS Commissioner on the risks
associated with proceeding with Cyberfile as planned.  We explained
that Cyberfile was not being developed using disciplined systems
development processes and that adequate steps were not being taken to
protect taxpayer data on the Internet.  At that time, Cyberfile
development was scheduled for limited operational use by a selected
population of taxpayers in February 1996. 

In March 1996 testimony,\2 we noted that Cyberfile development
reflected many of the same management and technical weaknesses we
found in TSM systems and delineated in our July 1995 report.\3 We
also reported that Cyberfile contractual issues warranted further
review.  IRS' Chief Inspector reviewed the Cyberfile acquisition and
in an April 1996 briefing to management concluded that IRS did not
follow internal procurement procedures, failed to sufficiently
oversee the project, and was vulnerable to outside criticism.  The
Chief Inspector is also performing a physical inventory of equipment
purchased by NTIS, which is scheduled to be completed in late August
1996.  The Commerce Department's Inspector General is reviewing NTIS'
operations, including its contracting efforts.  Inspector General
officials told us they have serious concerns about how NTIS and the
department contracted for Cyberfile as well as other projects.  These
officials said they expect to issue a report in late August 1996. 

In March 1996, IRS decided to delay Cyberfile operations until after
April 15, 1996.  Because milestones for delivering Cyberfile kept
slipping, IRS contracted with its Federally Funded Research and
Development Center on April 16, 1996, to provide options available to
IRS for delivering the system for the 1997 or 1998 tax filing
seasons.  NTIS continued to work on Cyberfile until the $17.1 million
advanced from IRS had been obligated.  NTIS then requested an
additional advance from IRS to fund the $22 million obligation
incurred by IRS.  IRS did not provide the advance.  Instead, it
directed NTIS on May 10, 1996, to stop work on Cyberfile.  The
contractor reported to IRS in July 1996 with options for proceeding
with Cyberfile.  However, IRS is awaiting the completion of its
Electronic Commerce Strategic Plan before deciding on the future
course of Cyberfile.  IRS has not yet established a completion date
for the plan. 


--------------------
\2 Tax Systems Modernization:  Management and Technical Weaknesses
Must Be Overcome To Achieve Success (GAO/T- AIMD-95-75, March 26,
1996). 

\3 Tax Systems Modernization:  Management and Technical Weaknesses
Must Be Corrected If Modernization Is To Succeed (GAO/AIMD-95-156,
July 26, 1995). 


   IRS SELECTED NTIS WITHOUT
   ADEQUATE ANALYSIS
------------------------------------------------------------ Letter :3

IRS did not use disciplined processes to manage and control the
Cyberfile acquisition.  IRS did not perform the necessary
requirements analysis for Cyberfile or identify alternative ways to
satisfy these requirements.  Neither did it prepare an acquisition
strategy documenting how it would acquire the most cost-effective
alternative.  Further, IRS selected NTIS without evaluating its (1)
capabilities to build such a system, (2) experience in building
similar systems, or (3) ability to deliver cost-effectively as
compared with private-sector and other government sources. 

Federal information management and acquisition regulations and IRS'
own policies and procedures require the use of disciplined,
decision-making processes for planning, managing, and controlling the
acquisition of information systems and services.  These regulations
and policies direct that prior to initiating system procurements,
such as Cyberfile, IRS (1) identify its information needs, (2)
perform a requirements analysis to determine how to support agency
needs, (3) identify alternative ways to meet requirements, including
the costs and benefits of each alternative, and (4) prepare an
acquisition strategy that demonstrates how the agency plans to
acquire the most cost- beneficial alternative.  These processes would
have mitigated the risks of acquiring a system that has yet to be
delivered, is over budget, and failed to meet IRS' objectives. 

IRS dispensed with disciplined analyses because IRS officials
believed that NTIS had the capabilities to deliver Cyberfile by
February 1996.  They said this belief was based on (1) the fact that
NTIS had provided taxpayers access to tax forms via NTIS' FedWorld
Network and (2) briefings by NTIS officials in which they claimed
that NTIS could complete Cyberfile by February 1996, in time for the
1996 tax filing season.  However, the technical challenge of
providing tax forms is not comparable to the much more complex
Cyberfile system.  Further, NTIS offered no convincing analytical
support for its claim that it could deliver Cyberfile by February
1996.  For example, it provided no detailed task definitions, work
breakdown structures, or interim schedules. 

IRS top management did not heed warnings, dating back to July 1995,
from its acquisitions support staff that IRS' Cyberfile procurement
approach would lead to failure and jeopardize TSM.  Our December 1995
briefing to the IRS Commissioner and Deputy Secretary of Commerce, on
the risks of continuing with Cyberfile as planned, also did not
dissuade IRS from its goal to field Cyberfile for the 1996 tax filing
season.  Only after NTIS informed IRS in April 1996 that the $17.1
million had been obligated and that the system still was not
finished, did IRS stop to reconsider the project. 


   IRS DID NOT FULLY COMPLY WITH
   PROCUREMENT REGULATIONS FOR ITS
   CYBERFILE ACQUISITION
------------------------------------------------------------ Letter :4

In procuring Cyberfile, IRS did not fully comply with federal
acquisition regulations which are designed to help agencies develop
and acquire automated systems that meet agency needs and are
delivered on time and within budget.  IRS cited the Brooks ADP Act,
rather than the Economy Act,\4 for its authority to enter into its
interagency agreement with NTIS.  In this regard, IRS concluded that
the Economy Act was not applicable to its agreement with NTIS and,
therefore, IRS did not attempt to comply with the requirements of
that act.  IRS' position is supported by a recent amendment to the
Federal Information Resources Management Regulation, which formalizes
GSA's position that the Economy Act is not applicable to information
technology procurements subject to the Brooks ADP Act.  Congress may
not have contemplated the exemption of such a large portion of
federal procurements from the requirements of the Economy Act.\5
Nonetheless, the amendment was not unreasonable and was issued
pursuant to GSA's authority to implement the Brooks ADP Act. 
Accordingly, we have no basis to object to it.  Because section 5101
of the National Defense Authorization Act for Fiscal Year 1996,
Public Law No.  104-106, (1996), repealed the Brooks ADP Act,
effective August 8, 1996, any authority to initiate interagency
agreements under the Brooks ADP Act has expired.  However, the Brooks
ADP Act was in effect when IRS initiated the interagency agreement
with NTIS. 

Although it cited the Brooks ADP Act as its authority in acquiring
Cyberfile, IRS did not follow the Federal Information Resources
Management Regulation that implements this law.  Specifically, the
regulations require agencies to conduct requirements and alternatives
analyses prior to procuring information technology.  IRS did not
conduct either analysis.  Without these analyses, IRS could neither
define the software capabilities and features needed for Cyberfile
nor determine which acquisition and technical options were most
advantageous to the government. 

Further, the Federal Information Resources Management Regulation also
requires agencies acquiring information systems and services to
obtain a delegation of procurement authority from GSA.  Treasury had
a delegation from GSA, and in turn required IRS to obtain a
delegation of procurement authority from the department for
information system initiatives over $15 million.  When IRS signed the
$22 million interagency agreement with NTIS, it did not obtain the
required approval from Treasury. 


--------------------
\4 31 U.S.C.  1535. 

\5 See Off-Loading:  The Abuse of Inter-Agency Contracting to Avoid
Competition and Oversight Requirements, Senate Print No.  61, 103d
Cong., 2d Sess.  (1994). 


   NTIS DID NOT FULLY COMPLY WITH
   PROCUREMENT LAWS AND
   REGULATIONS FOR THE CYBERFILE
   ACQUISITION
------------------------------------------------------------ Letter :5

In procuring Cyberfile, NTIS did not fully comply with federal
acquisition laws and regulations, which are intended to encourage
full and open competition and help agencies develop and acquire
information systems that meet their needs and are delivered on time
and within budget.  Specifically, NTIS (1) awarded a Section 8(a)
contract on a sole source basis without making a reasonable
determination that the value of the contract was below SBA
competition thresholds, (2) improperly modified the contract to add a
requirement to develop Cyberfile, and (3) did not effectively hold
the contractor accountable for specific deliverable dates,
attributes, and quality. 


      NTIS AWARDED SOLE SOURCE
      CONTRACT WITHOUT REASONABLE
      ESTIMATE OF ITS VALUE
---------------------------------------------------------- Letter :5.1

According to SBA regulations, Section 8(a) procurements with an
estimated award value over certain dollar thresholds must be competed
among eligible 8(a) firms, while procurements under the threshold can
be awarded on a sole source basis.  For procurements such as NTIS'
technical services support contract, the threshold is $3 million.  In
determining whether this threshold is met, the agency is required to
make a reasonable estimate of the contract value. 

In September 1995, NTIS awarded a sole source contract for $2.3
million to an 8(a) firm to provide technical support services for its
FedWorld and other related tasks.  We found, however, that NTIS did
not have a reasonable basis for its cost estimate prior to awarding
this sole source contract.  NTIS officials said that at the time of
contract award, they estimated that the FedWorld work would cost $1.0
million, but had no idea what Cyberfile tasks would ultimately cost. 
Rather than developing a cost estimate analytically, NTIS officials
said they "plugged in a cost" of $1.3 million for Cyberfile, for a
total contract value of $2.3 million.  After contract award, the
contractor estimated the cost to develop Cyberfile at $3.3 million,
which resulted in a $2.0 million contract modification on November 7,
1995, a month and a half after contract award.  As of July 11, 1996,
the contractor had spent a total of about $3.6 million.  Accordingly,
NTIS did not have an adequate basis for determining that a sole
source award was proper in these circumstances. 


      NTIS IMPROPERLY MODIFIED
      8(A) CONTRACT
---------------------------------------------------------- Letter :5.2

SBA officials told us that under the Section 8(a) program, SBA
requires federal agencies to submit 8(a) contract modifications to
SBA for review and approval prior to making the change.  Responsible
SBA officials told us SBA reviews the modifications to ensure that
they do not constitute a circumvention of competition requirements,
to determine whether the work is within the scope of the original
contract, and to validate that the firm is still eligible for work
under the 8(a) program.  SBA will not approve modifications that are
beyond the scope of the contract if the firm is no longer eligible
for the work under the 8(a) program. 

We found NTIS' modification of the 8(a) contract improper for three
reasons.  First, NTIS did not submit the modification to SBA for
review and approval.  Instead, NTIS executed the modification on its
own.  Second, SBA officials told us that had they received the
modification, they would have disapproved it because such a
substantial increase, so soon after contract award, would have been a
circumvention of the $3 million threshold for competition.  Third,
the contractor was not eligible under the 8(a) program for this type
of work.  In this regard, SBA considered the Cyberfile work
envisioned in the modification to be beyond the scope of the work in
the original contract and determined that the contractor was no
longer eligible to perform this work because its income exceeded 8(a)
eligibility requirements.  Accordingly, SBA's Associate Administrator
for Minority Enterprise Development has taken the position that had
NTIS submitted the modification for its approval, SBA would have
rejected it. 


      NTIS DID NOT HOLD CONTRACTOR
      ACCOUNTABLE
---------------------------------------------------------- Letter :5.3

Federal acquisition regulations require that under cost reimbursement
contracts, like the one awarded to NTIS' contractor, only costs that
are properly allocable to the contract can be paid.  In order to make
these determinations, the contract's statement of work must be clear
enough to determine whether costs claimed by the contractor are
incurred for specified work.  The work statements should describe the
government's requirements, including definitions of all deliverables
and the condition of their acceptability. 

We found that the contract work statement for Cyberfile was too vague
to properly allocate costs.  Specifically, the contracting officer
from Commerce's National Institute of Standards and Technology told
us that the statement of work did not include all the deliverables
and milestones needed to verify payments due and was too vague to
determine whether to pay the contractor.  In this regard, when the
contractor requested an additional $4 million on April 30, 1996, to
finish the project, the contracting officer could not determine if
the request was for work that should have been completed under the
existing contract or for additional work not authorized by the
contract.  To make this determination, the contracting officer
directed NTIS to rewrite the statement of work with sufficient detail
and sent it to the contractor on May 14, 1996, requesting supporting
documentation for all costs incurred.  The contractor provided
documentation on July 11, 1996, and it is being reviewed by the
contracting officer. 


   IRS DID NOT ADEQUATELY OVERSEE
   NTIS' SYSTEMS DEVELOPMENT AND
   ACQUISITION EFFORTS
------------------------------------------------------------ Letter :6

IRS abdicated its responsibility to ensure that NTIS was managing the
Cyberfile effort efficiently and effectively.  Program oversight was
generally limited to (1) weekly progress meetings with NTIS
officials, who repeatedly assured IRS officials that Cyberfile would
be ready for the 1996 tax filing season without providing any
convincing basis for these assurances, (2) reviewing monthly budget
and schedule reports, which IRS project managers said were useless
because the information provided was inaccurate and not current, and
(3) participating in acceptance testing of portions of the system as
they were delivered. 

Under the interagency agreement and IRS' policy for implementing it,
IRS was required to review and approve invoices submitted by NTIS to
ensure that NTIS' performance was consistent with terms and
conditions of the interagency agreement.  However, IRS officials said
that they were unaware of this requirement and did not request the
invoices from NTIS. 


   NEITHER NTIS NOR IRS PROPERLY
   ACCOUNTED FOR CYBERFILE
   OBLIGATIONS AND COSTS
------------------------------------------------------------ Letter :7

Agencies are required to maintain adequate systems of internal
controls to ensure effective stewardship of public funds.  However,
our review of Cyberfile transactions recorded in NTIS' financial
management system disclosed significant internal control weaknesses
which resulted from not following generally accepted practices. 
Specifically, for the Cyberfile transactions reviewed, NTIS often
failed to record obligations and costs promptly and accurately and
properly document financial transactions. 

Because of these weaknesses, neither IRS nor NTIS management had the
reliable financial management information needed to effectively
oversee and monitor the progress of the Cyberfile project.  In this
regard, the total obligations and costs reported to IRS by NTIS on
June 28, 1996, were inaccurate. 

We also found that IRS did not properly account for Cyberfile
obligations and costs because it did not effectively discharge its
financial management responsibilities for the project. 


      AGENCIES ARE REQUIRED TO
      MAINTAIN ADEQUATE SYSTEMS OF
      INTERNAL CONTROLS
---------------------------------------------------------- Letter :7.1

The Federal Managers' Financial Integrity Act of 1982 (31 U.S.C. 
3512) requires that agency systems of internal and accounting and
administrative control must comply with internal control standards
prescribed by the Comptroller General and must provide reasonable
assurances that: 

  -- obligations and costs comply with applicable law;

  -- assets are safeguarded against waste, loss, unauthorized use,
     and misappropriation; and

  -- revenues and expenditures applicable to agency operations are
     recorded and accounted for properly so that accounts and
     reliable financial and statistical reports may be prepared and
     accountability of the assets may be maintained. 

Agency heads are required to prepare an annual report which is to be
transmitted to the President and the Congress on whether their
agency's internal control systems fully comply with the act's
requirements.  The act requires that the report identify any material
systems weaknesses together with plans for corrective actions. 

The internal control standards that agencies are to follow are
contained in the Standards for Internal Controls in the Federal
Government.  These were issued in 1983 by GAO as required by the
Federal Managers' Financial Integrity Act and provide 12 internal
control standards that agencies should follow. 

Further, the Chief Financial Officers Act of 1990 requires agencies
to develop and maintain financial management systems that comply with
internal control standards and provide complete, reliable,
consistent, and timely information.  In addition, the financial data
are to be prepared uniformly and be responsive to the financial
information needs of agency management. 

As envisioned by the Federal Managers' Financial Integrity Act and
the Chief Financial Officers Act, the ultimate responsibility for
good internal controls rests with management.  An internal control
system is not a specialized or separate system.  Rather, internal
controls are to be an integral part of each system that management
uses to regulate and guide its operations.  In this sense, they are
management's controls.  Good internal controls are essential to
achieving the proper conduct of government business with full
accountability for the resources made available.  They also
facilitate the achievement of management objectives by serving as
checks and balances against undesired actions and the resulting
negative consequences. 


      MANY CYBERFILE TRANSACTIONS
      WERE NOT RECORDED PROMPTLY
      OR ACCURATELY
---------------------------------------------------------- Letter :7.2

One of the 12 internal control standards requires that transactions
be promptly and properly classified.  This is essential to
maintaining good financial management information and effectively
tracking project obligations and costs.  Therefore, management needs
to ensure that adequate controls are implemented to ensure that
transactions are promptly and accurately recorded. 


         TRANSACTIONS OFTEN NOT
         RECORDED PROMPTLY
-------------------------------------------------------- Letter :7.2.1

Our review of Cyberfile transactions disclosed that it sometimes took
months before an obligation was recorded.  Specifically, we reviewed
about $16 million of obligations and found that about $10.8 million
(67 percent) of them were recorded more than 30 days after the
obligation date.  Such delays create an unnecessary risk of financial
commitments exceeding spending authority.  Some examples follow: 

  -- An $886,100 obligation for a computer system was made on
     November 28, 1995, but was not recorded in the accounting
     records until February 20, 1996. 

  -- A major Cyberfile contract was signed in September 1995 with an
     initial value of about $2.3 million.  However, this obligation
     was not recorded promptly.  Specifically, obligations totaling
     about $2 million were recorded in the accounting system between
     December 1995 and April 1996, as the invoices were received. 
     Similarly, the contract was modified in November 1995, and the
     total contract value was raised to about $4.3 million, but an
     obligation for about $2.1 million was not recorded until June
     17, 1996.  As of June 27, 1996, the remaining $200,000 had not
     been recorded.\6

In addition, we identified cases where NTIS did not record costs when
goods and services were received and accepted.  For example, invoices
totaling $3.4 million for goods and services provided for the project
were dated March 26, 1996, ($1.2 million) and June 13, 1996, ($2.2
million).  NTIS officials agreed that the goods and services
associated with the $1.2 million invoice had been received and
accepted by April 2, 1996, while the goods and services for the $2.2
million invoice had been received and accepted by NTIS by June 14,
1996.  However, as of June 27, 1996, only about $46,000 of these
costs were recorded. 


--------------------
\6 In a letter dated July 11, 1996, the vendor provided NTIS with
additional information about the costs incurred.  Based on this
information, NTIS officials believe that the obligation necessary for
this contract will be about $3.6 million. 


         OBLIGATION AND COST
         AMOUNTS RECORDED
         INACCURATELY
-------------------------------------------------------- Letter :7.2.2

Transactions must be recorded accurately to ensure that the financial
management system can be used to effectively oversee and monitor a
project's progress.  However, we identified the following examples
where obligations and/or costs were recorded inaccurately. 

  -- We identified two cases where items coded as belonging to other
     projects were improperly obligated for the Cyberfile project. 
     These obligations, which totalled about $256,000, were charged
     to the Cyberfile project until they were credited in late July
     1996. 

  -- NTIS personnel and IRS internal auditors reviewed the items
     charged to the project and have identified several items,
     totaling over $300,000, that should not have been charged to the
     project.  Although all but about $11,000 has now been credited
     to the project for these items, other related costs have not. 
     For example, the Cyberfile project was initially charged about
     $138,000 for computers that were used by NTIS' FedWorld project. 
     Cyberfile was subsequently credited for this amount.  However,
     this purchase also required the payment of about $5,500 in
     administrative fees to the agency administering the contract. 
     These fees were also charged to Cyberfile but the project was
     not credited for these fees until July 10, 1996.  According to
     NTIS officials, these fees were paid separately from the
     equipment and were overlooked when the credit for the equipment
     was recorded. 

  -- NTIS personnel also identified about $7,000 in equipment costs
     which should have been charged to the Cyberfile project, but
     were erroneously charged to NTIS' FedWorld project. 


      NTIS DID NOT MAINTAIN PROPER
      DOCUMENTATION TO SUPPORT
      CYBERFILE TRANSACTIONS
---------------------------------------------------------- Letter :7.3

Another of the 12 internal control standards requires that agencies
clearly document all transactions and other significant financial
events and that the documentation be readily available for
examination.  Our review found that NTIS did not maintain adequate
supporting documentation for many Cyberfile transactions.  For
example, between March 22, 1996, and April 17, 1996, NTIS recorded
obligations totaling $850,000 to another federal agency for
renovation costs of the space to be used for the Cyberfile project. 
However, at that time, NTIS did not have a signed interagency
agreement with this agency and thus did not have a valid basis for
obligating funds.  In cases such as this, 31 U.S.C.  1501 requires
that obligations only be recorded "when supported by documentary
evidence." NTIS eventually signed an interagency agreement with this
federal agency on May 22, 1996.  This agreement also covered rental
costs for the Cyberfile space. 

Agencies are also required to only make disbursements against valid
obligations.  However, we identified problems with some payments made
for the renovation.  NTIS disbursed $70,609\7 in September 1995 and
$28,860 in November 1995 for space renovations, 8 months and 6 months
respectively, before the interagency agreement was signed. 

We also noted documentation problems with other transactions.  For
example, NTIS made payments totaling $44,548 to a vendor.  However,
when the funds were disbursed, only $24,560 was supported by a valid
obligating document (a purchase order).  The remaining $19,988 was
obligated based on a purchase order dated 2 weeks after the last
payment was made. 


--------------------
\7 Documentation provided later by NTIS supported all but about $700
of this disbursement.  NTIS officials stated that this disbursement
amount was based on a telephone call with the performing agency. 
When NTIS received the supporting documentation, the difference was
noted and the agency agreed to give NTIS a credit for this
overpayment. 


      FINANCIAL INFORMATION
      REPORTED TO IRS BY NTIS WAS
      INACCURATE
---------------------------------------------------------- Letter :7.4

Because of the internal control weaknesses relating to Cyberfile
transactions, neither IRS nor NTIS management had the financial
management information needed to effectively oversee and monitor the
project.  In particular, although the interagency agreement required
NTIS to submit monthly billings to IRS for costs incurred, these
billings were not requested or provided.  Moreover, because of the
financial weaknesses identified above, NTIS did not have the reliable
financial management information needed to properly prepare such
billings.  In addition, the total obligations and costs reported to
IRS in a June 28, 1996, letter were incorrect. 

On June 28, 1996, NTIS sent a letter to IRS which summarized the
obligations and costs of the Cyberfile project.  An attachment to the
letter showed that NTIS had incurred Cyberfile obligations of $20.5
million, and about $13.6 million of costs had been incurred against
these obligations through June 27, 1996.  These amounts excluded June
1996 labor, benefits, and other related costs such as overhead. 
However, as discussed above, the reliability of the reported amounts
is questionable because of NTIS' failure to consistently record
Cyberfile obligations and costs promptly and accurately. 

We also noted that the June 28, 1996, letter did not identify the
amount of obligations that may be deobligated in the future. 
Specifically, because of changing IRS requirements, data storage
devices costing over $650,000 that were originally purchased for
Cyberfile were no longer needed for the Cyberfile project.  NTIS
officials stated that they are in the process of returning these
items.  However, they are unable to determine the amount of funds
that will be credited to the project since they have not yet obtained
the necessary information to determine the costs, such as restocking
fees, associated with returning the items.  They expect this
information to be provided shortly.  While it was correct to show the
$650,000 as a Cyberfile related obligation and cost until the credit
is received, the letter should have noted that a significant
deobligation will be recorded once the credit is received from the
vendor. 


      IRS DID NOT PROPERLY ACCOUNT
      FOR CYBERFILE
---------------------------------------------------------- Letter :7.5

Compounding the problems we noted at NTIS, IRS also did not
effectively discharge its financial management responsibilities for
the Cyberfile project.  Our review identified two problems related to
IRS' treatment of Cyberfile related transactions.  First, it
improperly treated the $17.1 million in advances as an expense. 
Therefore, the information contained in IRS' financial management
system did not accurately reflect the expenses incurred based on the
goods and services provided by NTIS and accepted by IRS.  Second, it
did not properly record the amount of obligations associated with
Cyberfile in its financial management records.  As a result, IRS'
financial management system significantly understates the obligations
available to pay for Cyberfile. 


         IRS IMPROPERLY ACCOUNTED
         FOR CYBERFILE ADVANCES
-------------------------------------------------------- Letter :7.5.1

NTIS received two advances totaling about $17.1 million from IRS. 
IRS erroneously recorded these payments as expenses instead of
advances.  IRS' procedures require it to obtain evidence that goods
and services called for under the terms of an interagency agreement
and related detailed statements of work are received and accepted
before recording an expense.  Accordingly, IRS should have recorded
the $17.1 million as an advance and then transferred amounts to
expense as the goods and services were received and accepted. 
However, as previously noted, NTIS did not submit and IRS did not
request the required monthly billings for costs incurred.  As a
result, IRS could not determine the amount of goods and services NTIS
provided. 

The problems we found in IRS' accounting for the Cyberfile project
with NTIS are consistent with the results of our financial audits. 
We reported in our audits of IRS' financial statements for fiscal
years 1992 through 1995,\8 that IRS often does not have adequate
support for amounts it reported as operating expenses.  Our reports
noted that IRS did not have documentation to support that the goods
or services had been received for expenses recorded and that this
problem was most evident in transactions for goods and services
provided by other government agencies. 


--------------------
\8 Financial Audit:  Examination of IRS' Fiscal Year 1995 Financial
Statements (GAO/AIMD-96-101, July 11, 1996), Financial Audit: 
Examination of IRS' Fiscal Year 1994 Financial Statements
(GAO/AIMD-95-141, August 4, 1995), Financial Audit:  Examination of
IRS' Fiscal Year 1993 Financial Statements (GAO/AIMD-94-120, June 15,
1994), and Financial Audit:  Examination of IRS' Fiscal Year 1992
Financial Statements (GAO/AIMD-93-2, June 30, 1993). 


         IRS DID NOT PROPERLY
         RECORD CYBERFILE
         OBLIGATIONS
-------------------------------------------------------- Letter :7.5.2

The August 21, 1995, interagency agreement between IRS and NTIS had
an expiration date of December 31, 1996, and provided for a maximum
cost of $22 million, which the parties estimated to be necessary for
the work.  The agreement required NTIS to notify IRS when costs
incurred and outstanding allowable commitments equalled 75 percent of
the estimated total cost, and provided that no further costs would be
incurred or further work performed when the maximum was reached.  In
accordance with 31 U.S.C.  1501, IRS should have recorded a $22
million obligation in its financial management system on August 21,
1996.\9 As of August 3, 1996, however, IRS has only recorded about
$17.1 million.  IRS was unable to provide information which would
support it recording an obligation of less than $22 million for
Cyberfile. 


--------------------
\9 Office of Management and Budget Circular A-34, Section 23.5,
November, 1994. 


   EXCESS COSTS WERE INCURRED FOR
   CYBERFILE
------------------------------------------------------------ Letter :8

Adequate financial and program management controls were not
implemented to ensure that Cyberfile was acquired cost- effectively. 
As a result, excess costs were incurred.  Specifically,

  -- the Cyberfile project was schedule driven rather than event
     driven which led to goods and services not always being acquired
     cost-effectively,

  -- neither NTIS nor IRS acted promptly to avoid incurring
     unnecessary costs once the project was suspended, and

  -- the agreement between IRS and NTIS was inadequately structured
     to minimize Cyberfile project costs. 


      SCHEDULE DRIVEN SYSTEM
      DEVELOPMENT APPROACH
      CONTRIBUTED TO EXCESSIVE
      COSTS
---------------------------------------------------------- Letter :8.1

We have previously reported that Cyberfile was schedule rather than
event driven and delineated the system development problems caused by
this approach.\10 This exaggerated focus on schedule, which was
self-imposed and lacked convincing justification, also led to goods
and services not always being acquired cost-effectively.  We found: 

  -- Premiums were paid to expedite equipment delivery.  We
     identified 19 cases of expedited, overnight, or Saturday
     delivery, totaling over $10,000.  In one case, almost $725 was
     paid for overnight delivery of a rack costing $1,670.  In two
     other cases, about $7,700 was paid in shipping charges to
     expedite delivery of computers. 

  -- Requirements were not accurately determined before goods and
     services were procured.  As a result, data storage devices
     costing about $600,000 were purchased, later determined to be
     unneeded, and are in the process of being returned.  NTIS told
     us that restocking fees are about $90,000, or 15 percent, of the
     equipment's cost. 


--------------------
\10 GAO/T-AIMD-96-75, March 26, 1996. 


      PROMPT ACTION NOT TAKEN TO
      AVOID INCURRING UNNECESSARY
      COSTS
---------------------------------------------------------- Letter :8.2

The necessary actions have not been undertaken to reduce the costs
associated with Cyberfile.  Specifically, since the suspension period
began, costs have continued to be incurred for goods and services
through ongoing rental agreements (e.g., equipment leases) that could
have been avoided if the underlying agreements were canceled. 

In a letter dated May 13, 1996, the Deputy Director of NTIS confirmed
a conversation held between NTIS and IRS concerning the "orderly
shutdown" of Cyberfile.\11 This letter stated that

     "NTIS understands that it is to stop all work on CyberFile, and
     furthermore, NTIS will suspend all contracts and/or agreements
     that would constitute a further obligation of IRS funds.  .  . 
     .  As a result of this action NTIS will shut down all equipment,
     suspend telecommunications services, and remove NTIS and
     contractor personnel from the project."

According to the IRS contracting officer, the NTIS letter accurately
portrayed the verbal order to NTIS.  The IRS contracting officer also
stated that she told NTIS in their May 10, 1996, conversation that
IRS had no more funding and all contracts were to stop.  The IRS
contracting officer further stated that she believed the letter meant
that NTIS would terminate any existing contracts where possible. 
However, IRS did not follow up with a letter ensuring that the
parties clearly understood the specific actions NTIS would take to
control obligations and costs.  NTIS officials stated that the May
13, 1996, letter to IRS did not require them to terminate existing
contracts where possible. 

Our review disclosed since the suspension period began, costs have
continued to be incurred for goods and services through ongoing
rental agreements (e.g., equipment leases).  Although these avoidable
costs were not detailed in NTIS' June 28, 1996, letter to IRS, on
July 17, 1996, NTIS provided IRS a list of these recurring costs that
could have been avoided if the underlying agreements were terminated. 
A review of this list shows that the monthly costs for these items
are about $30,000 and the underlying contracts can be terminated with
30 days notice.  Only one of these contracts required a cancellation
fee.  Examples of these recurring costs follow. 

  -- $10,404\12 per month for Internet service,

  -- $7,954 per month for a mail sorting machine, and

  -- $5,172 per month for rental and maintenance of a high speed
     printing machine. 

NTIS officials stated that they prepared this list to notify IRS that
costs were still being incurred and were awaiting direction from IRS
on whether the agreements should be terminated.  According to the IRS
contracting officer, when this letter was received, IRS called the
NTIS program manager and instructed him to cancel the contracts.  The
IRS contracting officer said that she did not believe IRS had to
formally document this decision.  However, in another case, IRS did
document its decision to cancel a contract relating to Cyberfile. 
Specifically, in a May 21, 1996, letter to NTIS from the Acting
Executive for Electronic Filing, IRS formally notified NTIS to cancel
a contract relating to support services.  This contract was canceled. 

As of August 2, 1996, NTIS officials stated they still had not
received formal notification to terminate the contracts identified in
the July 17, 1996, letter.  Since these contracts were not canceled
shortly after the May 13, 1996, letter from NTIS to IRS, unnecessary
rental costs for July and August of about $60,000 have been incurred. 
If it is determined that these costs are appropriate charges for the
Cyberfile project, then these costs would also appear subject to
NTIS' 10 percent management fee. 

Either IRS or NTIS could have prevented these costs.  For example,
IRS could have clearly documented its understanding of the actions
that NTIS would take to avoid additional costs.  As discussed above,
IRS clearly instructed NTIS to cancel a support services contract and
the contract was promptly terminated.  On the other hand, NTIS could
have clearly documented its understanding of IRS' desire to retain
these contracts much earlier than the July 17, 1996, letter. 


--------------------
\11 According to the June 28, 1996, letter to IRS, this discussion
was held on May 10, 1996. 

\12 According to NTIS, this item requires a $10,404 cancellation fee. 


      INTERAGENCY AGREEMENT DID
      NOT MINIMIZE IRS' COSTS
---------------------------------------------------------- Letter :8.3

IRS did not structure its agreement with NTIS to minimize its costs. 
Our review of the agreement disclosed that it allowed NTIS to assess
a management fee for

  -- items which IRS could have readily obtained directly and
     provided to NTIS, and

  -- costs associated with NTIS' mismanagement, such as interest
     costs associated with paying vendors late. 


         NTIS MANAGEMENT FEE
         ASSESSED FOR ITEMS
         PURCHASED ON EXISTING
         GOVERNMENT CONTRACTS
-------------------------------------------------------- Letter :8.3.1

NTIS procured over $5.5 million in equipment and services using
existing contracts held by other government agencies, which are then
subject to NTIS' 10 percent management fee.  IRS could have reduced
its costs by either (1) stating in the agreement that certain costs,
such as the costs of items procured under existing contracts, were
not subject to the NTIS management fee or (2) procuring the items
itself, based on NTIS requirements, and providing them to NTIS.  If
IRS had exercised either of these options, it could have
significantly reduced the costs subject to the management fee.  For
example,

  -- NTIS purchased computers costing almost $300,000 under a
     contract administered by another federal agency.  In this case,
     NTIS simply placed an order.  IRS could have avoided about
     $30,000 for NTIS management fees if it had placed the order
     itself. 

  -- NTIS purchased items costing over $886,000 under an existing
     Treasury contract which is administered by IRS.  If IRS had
     purchased these items directly and provided them to NTIS, it
     could have avoided NTIS management fees totaling about $89,000. 


         CYBERFILE PROJECT
         ASSESSED FOR COSTS
         ASSOCIATED WITH NTIS
         MISMANAGEMENT
-------------------------------------------------------- Letter :8.3.2

The Prompt Payment Act of 1982\13 requires agencies to pay interest
penalties to compensate vendors when agencies do not pay their bills
on time.  NTIS records show that it incurred about $2,100 in
penalties through June 27, 1996, because it did not pay Cyberfile
bills on time.  Even though the late payments were NTIS' fault, they
were included in Cyberfile's costs and subject to the 10 percent
management fee. 


--------------------
\13 31 U.S.C.  Chapter 39. 


   RECOMMENDATIONS
------------------------------------------------------------ Letter :9

In light of the severity of acquisition and financial problems
identified, we recommend that, before resuming the Cyberfile project,
the Commissioner of the Internal Revenue Service: 

  -- Provide to the Senate Committee on Governmental Affairs, the
     House Committee on Government Reform and Oversight, the Senate
     and House Appropriations Committees, the Senate Committee on
     Finance, and the House Committee on Ways and Means, a report
     detailing

the weaknesses in IRS' acquisition and financial management processes
and controls that permitted Cyberfile mismanagement (e.g., permitted
IRS to disregard system acquisition policies and procedures,
disregard federal acquisition regulations, and provide inadequate
oversight of NTIS system development and acquisition efforts);

actions that have been taken to ensure that these weaknesses in IRS'
processes and controls have been corrected and that resulting
mismanagement does not recur; and

IRS' plans for Cyberfile, including a business case analysis
addressing costs, mission-related benefits and technological risks,
schedule and milestones, and acquisition strategy. 

  -- Ensure that (a) IRS' Chief Financial Officer adjusts the
     obligations and costs recorded for Cyberfile to reflect the
     actual obligations and costs associated with the interagency
     agreement with NTIS and (b) NTIS identifies all obligations and
     costs that can be avoided while Cyberfile is suspended and takes
     needed contractual action to do so. 

  -- Report the acquisition weaknesses as material weaknesses in the
     agency's system of internal controls under the Federal Managers'
     Financial Integrity Act to the extent they remain uncorrected at
     the close of fiscal year 1996 and reassess these controls
     periodically to ensure they are adequate and are being adhered
     to as required by the act. 

We recommend that, before permitting NTIS to resume work on the
Cyberfile project or accept new systems development projects from
other federal agencies (e.g., work NTIS solicits, such as providing
information management solutions, performing program management and
software development, and building state-of-the-art customized
programs), the Secretary of Commerce: 

  -- Provide to the Senate Committee on Governmental Affairs, the
     House Committee on Government Reform and Oversight, the Senate
     and House Appropriations Committees, the Senate Committee on
     Commerce, Science, and Transportation, and the House Committee
     on Science, a report detailing

the weaknesses in NTIS' acquisition and financial management
processes and controls that permitted Cyberfile mismanagement (e.g.,
permitted NTIS to disregard procurement laws and regulations and
dispense with acceptable financial accounting practices); and

actions that have been taken to ensure that these weaknesses in NTIS'
processes and controls have been corrected and that resulting
mismanagement does not recur. 

  -- Ensure that NTIS' Director immediately identifies all costs that
     can be avoided while Cyberfile is suspended and takes needed
     contractual action to do so. 

  -- Rescind all charges made to IRS associated with NTIS
     mismanagement, such as costs and fees for prompt payment
     penalties. 

  -- Rescind management fees for all items purchased from existing
     government contracts. 

  -- Report the acquisition and financial management weaknesses as
     weaknesses in the agency's system of internal controls under the
     Federal Managers' Financial Integrity Act to the extent they
     remain uncorrected at the close of fiscal year 1996 and reassess
     these controls periodically to ensure they are adequate and are
     being adhered to as required by the act. 


   AGENCY COMMENTS AND OUR
   EVALUATION
----------------------------------------------------------- Letter :10

In commenting on our report, Treasury agreed with our findings and
recommendations.  It stated that it shared our concerns regarding
IRS' management of the Cyberfile project and that the experience with
the project underscores the importance of IRS implementing our
recommendations.  In its comments, IRS agreed that Cyberfile was not
successful and had encountered problems, even though IRS expected to
expand its technical capability by using NTIS.  IRS explained that it
is conducting an internal review of Cyberfile to identify a full
range of corrective actions. 

Commerce also supported many of our recommendations.\14

However, it disagreed that NTIS should (1) rescind management fees
associated with ordering equipment from existing government contracts
and (2) refrain from accepting new projects from other agencies until
the reported weaknesses are corrected. 

First, in refusing to rescind the management fees, Commerce stated
that IRS agreed to pay these fees on equipment ordered from existing
government contracts "for its own convenience," and that NTIS was
entitled by the interagency agreement to collect them.  This position
misses the point of the recommendation.  The issue is not whether
Commerce is entitled to assess these charges under the interagency
agreement (the report explicitly states that it is), but rather
whether these charges represent judicious management of federal
funds.  In executing an interagency agreement, all parties are
required to ensure that the best interests of the government are
served, and that federal funds are prudently expended.  Charging IRS
an $89,000 management fee for purchasing equipment from an existing
contract administered by the IRS itself, and, in addition, hundreds
of thousands of dollars in unnecessry fees for placing orders with
other federal agencies that IRS could have placed itself, is not
judicious management of federal funds and is not in the best interest
of the federal government. 

Second, Commerce said that it would not refrain from accepting new
projects from other agencies before the causes of Cyberfile
mismanagement had been identified, corrected, and reported to the
Congress, because most NTIS projects involve routine information
dissemination.  This recommendation was not intended to address NTIS
projects involving only routine information dissemination.  Our
intent was to ensure that NTIS accepted no new systems analysis,
development, or management projects, such as those solicited on NTIS'
Internet site (i.e., providing other agencies with information
management solutions, performing program management and software
development, and building state-of-the-art customized programs) while
weaknesses in NTIS acquisition and financial management processes
persist.  We have modified the recommendation to state our intention
more precisely. 

In its response, Commerce also took the position that (1) the project
took longer than the scheduled 6 months because IRS increased systems
requirements after major milestones were met and (2) when IRS
suspended the Cyberfile project in May 1996, the system was near
completion.  However, as we testified in March 1996,\15 there was no
formal process in place to define, manage, and control Cyberfile
systems requirements.  For example, there were no established
security requirements or requirements baseline.  Further, since
Cyberfile was developed using undisciplined and ad hoc software
development processes, NTIS has no analytical basis to determine
whether the system was "near completion," when it would be complete,
or how much it would cost. 

Finally, Commerce claimed that it did not have enough time to review
the facts in the draft report.  However, NTIS was well aware of all
the facts and had commented on them orally and in writing before the
draft report was sent.  Specifically, before sending the draft
report, we provided NTIS with written statements detailing the facts,
held meetings with NTIS to discuss the facts on July 26, August 2,
and August 6, 1996, and received and responded to NTIS' written
comments on the facts.  We then sent Commerce the draft report on
August 8, 1996, and allowed 8 days for the response.  Given that the
facts already had been thoroughly discussed, this should have been
adequate time for a complete review. 


--------------------
\14 NTIS' comments were incorporated into Commerce's response. 

\15 GAO/T-AIMD-96-75, March 26, 1996. 


--------------------------------------------------------- Letter :10.1

As agreed with your office, unless you publicly announce the contents
of this report earlier, we will not distribute it until 30 days from
its date.  At that time, we will send copies to the Ranking Minority
Member of the Senate Committee on Governmental Affairs as well as the
Chairmen and the Ranking Minority Members of the House Committee on
Government Reform and Oversight; the Senate Committee on Finance; the
House Committee on Ways and Means; the Senate and House Committees on
Appropriations; the Subcommittees on Treasury, Postal Service and
General Government of the Senate and House Appropriations Committees;
the Senate Committee on Commerce, Science, and Transportation; and
the House Committee on Science.  We are also sending copies to the
Secretary of the Treasury, the Secretary of Commerce, Commissioner of
the Internal Revenue Service, the Director of the National Technical
Information Service, the Director of the National Institute of
Standards and Technology, and the Director of the Office of
Management and Budget. 

Copies will also be made available to others upon request.  If you
have questions about this letter, please contact me at (202)
512-6412.  Major contributors are listed in appendix V. 

Sincerely yours,

Dr.  Rona B.  Stillman
Chief Scientist for Computers
 and Telecommunications


SCOPE AND METHODOLOGY
=========================================================== Appendix I

To determine IRS' rationale for selecting NTIS to develop and acquire
Cyberfile, we reviewed IRS policies and procedures for initiating and
justifying new information system projects and the documentation that
IRS prepared for the Cyberfile project in accordance with the
guidance.  We also reviewed NTIS' Cyberfile study and proposal as
well as the August 1995 interagency agreement between IRS and NTIS
and supporting documentation.  Finally, we reviewed IRS' and NTIS'
December 1994 interagency agreement to develop an electronic bulletin
board for tax forms.  We interviewed IRS and NTIS program and
information system officials to understand (1) why NTIS was
considered to develop Cyberfile, (2) how IRS evaluated NTIS, and (3)
how NTIS performed on other projects done for IRS.  We also
coordinated with IRS' internal auditors, reviewing their audit
memoranda and write-ups to ensure no duplication of effort. 

To determine whether IRS and NTIS followed applicable procurement
laws and regulations in acquiring Cyberfile equipment and services,
we reviewed the Competition in Contracting Act, the Economy Act, the
Brooks ADP Act, the Federal Acquisition Regulation, the Federal
Information Resources Management Regulation, and SBA's Section 8(a)
regulations.  We also examined procurement policies and procedures
for IRS and NTIS, including the IRS policy on interagency agreements. 
We reviewed pertinent Cyberfile contract files to document the
chronology of events and verified them through interviews with IRS,
NTIS, National Institute of Standards and Technology, and SBA
procurement officials.  We then compared the contracting actions with
the laws and regulations to assess their appropriateness.  We also
interviewed Department of Commerce Inspector General staff, who were
reviewing procurement and other management practices at NTIS, to
confirm our understanding of Commerce's procurement processes and
verify our findings. 

To determine if Cyberfile purchases were properly accounted for and
were cost-effective, we worked in conjunction with IRS' internal
auditors who were performing a full inventory of all purchases
related to Cyberfile.  For selected transactions, we compared
obligation and disbursement dates to dates recorded in the accounting
records and reviewed supporting documentation.  We also reviewed
procurement files to verify the validity of obligations and
disbursements and reviewed related interagency agreements and
contracts.  In addition, we contacted the federal agency personnel
working with NTIS to renovate space for the Cyberfile computer
center. 

Our work was performed at IRS headquarters in Washington, D.C.; the
IRS facilities in Bethesda and Oxon Hill, Maryland; the Department of
Commerce headquarters in Washington, D.C.; NTIS in Springfield,
Virginia; the National Institute of Standards and Technology in
Gaithersburg, Maryland, SBA headquarters and Washington District
Office in Washington, D.C.; and the technical services contractor's
location in Bethesda, Maryland.  Our work was conducted from April
1996 through early August 1996.  We performed our work in accordance
with generally accepted government auditing standards. 




(See figure in printed edition.)Appendix II
COMMENTS FROM THE DEPARTMENT OF
THE TREASURY
=========================================================== Appendix I




(See figure in printed edition.)Appendix III
COMMENTS FROM THE INTERNAL REVENUE
SERVICE
=========================================================== Appendix I



(See figure in printed edition.)




(See figure in printed edition.)Appendix IV
COMMENTS FROM THE DEPARTMENT OF
COMMERCE
=========================================================== Appendix I



(See figure in printed edition.)


MAJOR CONTRIBUTORS TO THIS REPORT
=========================================================== Appendix V

ACCOUNTING AND INFORMATION
MANAGEMENT DIVISION, WASHINGTON,
D.C. 

Leonard Baptiste, Jr., Senior Assistant Director
Gary N.  Mountjoy, Project Director
Gary T.  Engel, Assistant Director
Joan B.  Hawkins, Assistant Director
John C.  Martin, Technical Assistant Director
Robert L.  Crocker, Jr., Senior Information Systems Analyst
Tamara J.  Lilly, Senior ADP/Telecommunications Analyst
Peter C.  Wade, Senior Business Process Analyst
David R.  Fisher, Senior Auditor
Mickie E.  Gray, Senior Auditor
Laura C.  Filipescu Turner, Senior Auditor

OFFICE OF GENERAL COUNSEL

Frank Maguire, Senior Attorney

*** End of document. ***