Coast Guard: Vessel Identification System Development Needs to Be
Reassessed (24-MAY-02, GAO-02-477).				 
                                                                 
The September 11th attacks emphasized the need for sound	 
government information management of potential risks to U.S.	 
assets and citizens. One possible source of that risk is through 
the vessels that navigate our ports and waterways. Whereas most  
large commercial vessels and many large recreational vessels	 
obtain federal documentation, most smaller vessels are registered
only in the state where they are primarily used. In 1988,	 
Congress required the Secretary of Transportation to develop a	 
system to share individual states' vessel information as well as 
information on federally documented vessels. Fourteen years after
legislation required the Coast Guard to develop a vessel	 
identification system (VIS), no such system exists. In 1995, the 
agency contracted to develop the Marine Information for Safety	 
and Law Enforcement system, of which VIS was a subcomponent. The 
Coast Guard accepted the contractor-developed VIS in 1998 despite
system performance problems, intending to resolve these problems 
as the system evolved. However, the Coast Guard later found that 
there was no viable way to correct these problems, and that the  
cost to populate the system with states' data would be high. Even
though the Coast Guard spent $9 million to plan and develop VIS, 
it was never implemented. Recently, the Coast Guard initiated a  
new three-phase VIS development effort and developed a		 
rudimentary system called VIS 2.0. The new system contains	 
information on documented vessels and one state's data. However, 
the Coast Guard has yet to develop detailed plans for the full	 
system development and cannot o estimate when a system capable of
uploading, integrating, and updating states' data may be	 
developed. Even as the Coast Guard is initiating efforts to plan 
for the full system development, it does not intend to		 
incorporate a rigorous acquisition process--including		 
comprehensive analyses and management oversight.		 
-------------------------Indexing Terms------------------------- 
REPORTNUM:   GAO-02-477 					        
    ACCNO:   A03381						        
  TITLE:     Coast Guard: Vessel Identification System Development    
Needs to Be Reassessed						 
     DATE:   05/24/2002 
  SUBJECT:   Information systems				 
	     Law enforcement information systems		 
	     Marine safety					 
	     Ships						 
	     Strategic information systems planning		 
	     Systems design					 
	     Coast Guard Port State Information 		 
	     Exchange						 
                                                                 
	     Coast Guard Vessel Identification			 
	     Information System 				 
                                                                 
	     DOT Marine Information System for Safety		 
	     and Law Enforcement				 
                                                                 


******************************************************************
** This file contains an ASCII representation of the text of a  **
** GAO Product.                                                 **
**                                                              **
** No attempt has been made to display graphic images, although **
** figure captions are reproduced.  Tables are included, but    **
** may not resemble those in the printed version.               **
**                                                              **
** Please see the PDF (Portable Document Format) file, when     **
** available, for a complete electronic file of the printed     **
** document's contents.                                         **
**                                                              **
******************************************************************
GAO-02-477
     
Report to the Subcommittee on Coast Guard and Maritime Transportation,
Committee on Transportation and Infrastructure, House of Representatives

United States General Accounting Office

GAO

May 2002 COAST GUARD Vessel Identification System Development Needs to Be
Reassessed

GAO- 02- 477

Why GAO Did This Study

In 1988, the Congress passed legislation that required the Coast Guard to
develop a vessel identification system to share individual states? vessel
information as well as information on federally documented vessels. With
such a system, the Coast Guard and state law enforcement officials could
more effectively identify information on vessels in our nation?s ports and
waterways- the need for which has heightened since the September 11
terrorist attacks.

Thus, GAO was asked to determine the Coast Guard?s efforts to acquire the
system and whether its acquisition plans are adequate.

May 2002 COAST GUARD

This is a test for developing highlights for a GAO report. The full report,
including GAO?s objectives, scope, methodology, and analysis is available at
www. gao. gov/ cgi- bin/ getrpt? GAO- 02- 477. For additional information
about this report, contact Linda Koontz (202- 512- 6240). To provide
comments on this test highlights, contact Keith Fultz (202- 512- 3200) or e-
mail HighlightsTest@ gao. gov.

Highlights of GAO- 02- 477, a report to the Subcommittee on Coast Guard and
Maritime Transportation, Committee on Transportation and Infrastructure,
House of Representatives. Vessel Identification System Development

Needs to Be Reassessed

What GAO Recommends

GAO recommends that the Coast Guard

reassess VIS risks and options for addressing these risks;

if it decides to move forward with the project, do so in compliance with a
rigorous system acquisition process; and

evaluate interim solutions that could provide some vessel information until
a full system can be implemented.

Coast Guard officials agreed to consider our recommendations, but noted that
the rigorous process called for by Coast Guard policy does not apply to VIS
because it is not considered a major acquisition.

What GAO Found

The Coast Guard?s early efforts to acquire its Vessel Identification System
(VIS) were unsuccessful. The Coast Guard accepted a contractordeveloped VIS
in 1998 despite system performance problems, intending to resolve these
problems as the system evolved. However, the Coast Guard found no viable way
to correct these and other problems and found that the cost to populate the
system would be high. Coast Guard officials noted two factors that
complicated the VIS effort: (1) not all vessels had unique identification
numbers and (2) the system depended on the voluntary participation of the
states, with many states unwilling or unable to commit the funds needed to
participate. Although the Coast Guard spent over $9 million, VIS was never
implemented. Since then, the Coast Guard initiated a new three- phase effort
to develop VIS, but is unable to estimate when it will develop a system that
could upload, integrate, and update states? data.

Even as the Coast Guard is initiating efforts to plan for developing the
full system, it does not plan to incorporate a rigorous acquisition process,
including comprehensive analyses and oversight. Coast Guard officials plan
to assess VIS costs, benefits, and risks, but do not plan to undertake all
elements of a comprehensive approach, including mission needs assessment and
acquisition board oversight. According to Coast Guard officials, these
acquisition processes- as called for in the agency?s system acquisition
policy-- do not apply to future VIS efforts because the system will likely
fall below the policy?s cost threshold. However, we believe that a rigorous
acquisition process is especially essential to any new VIS effort because
the Coast Guard is still facing some of the risks that undermined the early
VIS, criticality and needs may be evolving as a result of the recent
terrorist attacks, and new alternatives are now available.

Vessel pulled over for negligent operation. VIS would provide Coast Guard
and state officials with information on the vessel and its owner before
boarding. Source: U. S. Coast Guard. United States General Accounting Office

G A O Accountability Integrity Reliability

Highlights

Page 1 GAO- 02- 477 Coast Guard?s Vessel Identification System

May 24, 2002 The Honorable Frank LoBiondo Chairman The Honorable Corrine
Brown Ranking Democratic Member Subcommittee on Coast Guard and Maritime
Transportation Committee on Transportation and Infrastructure House of
Representatives

The September 11, 2001, attacks on our nation emphasized the need for sound
government information management- especially as it pertains to potential
risks to U. S. assets and citizens. One possible source of that risk is
through the vessels that navigate our ports and waterways.

Whereas most large commercial vessels and many large recreational vessels
obtain federal documentation, most smaller vessels are registered only in
the state where they are primarily used. In 1988, the Congress required the
secretary of transportation to develop a system to share individual states?
vessel information as well as information on federally documented vessels. A
vessel identification system would allow the Department of Transportation?s
Coast Guard and local law enforcement officials to more effectively identify
critical information on vessels in our nation?s ports and waterways-
information including the owner?s name, vessel identification, and any prior
law enforcement activities associated with the vessel.

Concerned with the Coast Guard?s lack of progress in developing its Vessel
Identification System (VIS), you asked us to assess efforts to establish
this system. Specifically, our objectives were to determine (1) the Coast
Guard?s early efforts to acquire VIS, (2) the agency?s current plans for
developing the system, and (3) whether Coast Guard acquisition plans are
adequate.

To address these objectives, we reviewed past and current VIS acquisition
documents, evaluated Coast Guard plans to acquire VIS by comparing them to
sound acquisition principles, and interviewed Coast Guard officials,
contractor staff, and state boating representatives. We conducted our review
at the U. S. Coast Guard Headquarters in Washington, D. C., the Coast
Guard?s Operations Systems Center (OSC) in Martinsburg, West Virginia, and
the National Association of State Boating Law Administrators annual
conference in Anchorage, Alaska, from October 2001 through

United States General Accounting Office Washington, DC 20548

Page 2 GAO- 02- 477 Coast Guard?s Vessel Identification System

March 2002, in accordance with generally accepted government auditing
standards. Appendix I contains further details on our scope and methodology.

Fourteen years after legislation required the Coast Guard to develop a
vessel identification system, no such system exists, and future plans for
developing the system are uncertain. The Coast Guard?s early efforts to
acquire VIS were unsuccessful. In the late 1980?s and early 1990?s, the
Coast Guard undertook numerous activities to define requirements for such a
system. In 1995, the agency contracted to develop the Marine Information for
Safety and Law Enforcement (MISLE) system, of which VIS was a subcomponent.
The Coast Guard accepted the contractordeveloped VIS in 1998 despite system
performance problems, intending to resolve these problems as the system
evolved. However, the Coast Guard later found that there was no viable way
to correct these and other problems, and that the cost to populate the
system with states? data would be high. In retrospect, Coast Guard officials
noted two factors that complicated VIS implementation: (1) not all vessels
had unique identification numbers and (2) the system depended on the
voluntary participation of the states, and many states were unwilling or
unable to commit the funds needed to participate. Consequently, even though
the Coast Guard spent about $9 million in identified costs to plan and
develop VIS, it was never implemented.

Since that time, the Coast Guard has initiated a new three- phase VIS
development effort and, in fact, developed a rudimentary system- called VIS
2.0- which is populated with information on documented vessels and one
state?s data. However, the Coast Guard has not yet developed detailed plans
for the full system development and is unable to estimate when a system
capable of uploading, integrating, and updating states? data may be
developed.

Even as the Coast Guard is initiating efforts to plan for the full system
development, it does not intend to incorporate a rigorous acquisition
process- including comprehensive analyses and management oversight. Coast
Guard officials stated that they intend to analyze VIS costs, benefits, and
risks and to evaluate acquisition options, but they do not plan to follow
the Coast Guard?s acquisition policy-- which requires comprehensive
analyses, justification, and oversight. Officials noted that the acquisition
policy does not apply to the planned VIS development because it is not a
major system acquisition, a designation generally applied to projects over
$50 million. However, rigorous processes and Results in Brief

Page 3 GAO- 02- 477 Coast Guard?s Vessel Identification System

oversight, such as those in the acquisition policy, are especially critical
on the future VIS acquisition because the Coast Guard is still facing some
of the risks that undermined the early VIS acquisition, the system?s
criticality and requirements may be evolving as a result of the recent
terrorist attacks, and new alternatives are now available.

Therefore, we are recommending that the Coast Guard reassess its approach to
developing VIS and that the agency perform mission needs identification,
alternatives analyses, and oversight activities. We are also recommending
that the Coast Guard evaluate alternative interim solutions that could
provide some vessel information until a full system can be implemented.
Coast Guard officials agreed to consider our recommendations.

Vessel documentation-- a national form of vessel registration- is one of the
oldest functions of government, dating back to the 11th Act of the First
Congress. Documentation provides evidence of nationality for international
travel and trade, allows for commerce between the states, and admits vessels
to certain restricted trades, such as coastwise trade and the fisheries. 1
The Coast Guard documents most large commercial vessels and many large
recreational vessels. 2 This process involves obtaining key information
about the owner and vessel- including the owner?s name and address, the
manner in which the owner took title to a vessel, and, in most cases, when
and where a vessel was built. The Coast Guard assigns an official number to
all documented vessels in order to track them, and maintains key information
about the vessel, including

1 ?Coastwise trade? involves the transportation of merchandise or passengers
between points in the United States or in the exclusive economic zone- an
area extending 200 miles out from the U. S. shoreline. ?Fisheries? involves
the processing, storing, transporting (except in foreign commerce),
planting, cultivating, catching, taking, or harvesting of fish, shellfish,
marine animals, pearls, shells, or marine vegetation in the navigable waters
of the United States or in the exclusive economic zone.

2 Rules governing the documentation of vessels vary, depending on the
vessel?s volume and whether it is used for commercial or recreational
purposes. The Coast Guard only documents vessels with volumes of 5 net tons
or more- generally those measuring over 25 feet. Given vessels of these
volumes, federal law requires commercial vessels engaged in coastwise trade
and the fisheries to obtain federal documentation. In addition, the owners
of commercial vessels engaged in foreign trade often choose to obtain
federal documentation in order to obtain the protection of the U. S.
government. While not required, the Coast Guard also documents recreational
vessels of 5 net tons or more. Because only documented vessels are eligible
for preferred loans, most mortgage lenders require federal documentation in
order to protect themselves. Background

Page 4 GAO- 02- 477 Coast Guard?s Vessel Identification System

mortgages, bills of sale, and other instruments affecting the vessel title.
However, the Coast Guard does not maintain such information on smaller
commercial and recreational vessels or on large recreational vessels that
are undocumented. Instead, individual states register these vessels under a
variety of numbering programs. 3

Public Law 100- 710, as amended, commonly called the Ship Mortgage Act of
1988, requires the secretary of transportation to establish a vessel
identification system to make information on both federally documented
vessels and state numbered and titled 4 vessels available for law
enforcement and other purposes. The information was to include- among other
items- the owner?s name, a vessel identifier, the name of the state in which
the vessel is numbered or titled, information on any liens associated with
the vessel, and information to assist law enforcement officials, such as the
date a vessel was stolen or abandoned. The law permits voluntary state
participation in providing this information.

Originally, the vessel identification system was expected to assist state
boating officials in identifying vessels within their borders, aid law
enforcement officials in identifying stolen vessels, help mortgagers avoid
remortgaging stolen vessels, and help insurers avoid reinsuring stolen
vessels. More recently, given today?s heightened state of homeland security,
such a system has even more potential usefulness. Coast Guard officials
stated that the system could be used to help ensure port and national
security. For example, law enforcement officials could use a vessel
identification system to review all vessels that have been lost or stolen
and verify ownership and law enforcement history. Currently, Coast Guard and
local law enforcement officials would have to access multiple sources to
obtain this vessel information- an ineffective and timeconsuming process.

Within the Coast Guard, several organizations have had a role in past and
current efforts to develop a vessel identification system. Specifically, the
information and technology directorate- headed by the chief information
officer- is responsible for Coast Guard- wide information technology (IT)

3 Federal law requires any undocumented vessel equipped with propelling
machinery to be numbered in the state in which it is primarily operated. In
addition, some states require all undocumented vessels to be numbered, even
if they are not propelled by machinery.

4 In addition to numbering vessels, some states also issue titles, which are
records of ownership.

Page 5 GAO- 02- 477 Coast Guard?s Vessel Identification System

strategy and oversight, including IT investment management. This
organization also oversees the Operations Systems Center- a governmentowned,
contractor- operated facility- which develops, fields, and maintains
critical systems and data networks. The acquisition directorate was
responsible for the early VIS acquisition, whereas the marine safety and
environmental protection directorate is responsible for current system
efforts. Another office within the operations directorate, the office of
boating safety, represents the boating public and coordinates with states on
their needs for VIS.

There are clear guidelines and best practices for managing system
development efforts such as the vessel identification system. Federal
regulations and requirements, including the Clinger- Cohen Act of 1996 and
Office of Management and Budget guidance, establish a comprehensive approach
for executive agencies to acquire and manage their information resources. 5
This approach includes (1) focusing information resource planning on
supporting strategic missions; (2) economically justifying proposed projects
on the basis of reliable analysis of expected life- cycle costs, benefits,
and risks; and (3) using these measures throughout the life cycle as the
basis for decisions on selecting, controlling, and evaluating projects.
Additionally, our IT investment management framework, which is based on
industry best practices, establishes a systematic process for investment
planning management- including selection, control, and evaluation of
investment options to maximize the value of the investments and to minimize
their risks. 6

To implement federal requirements and guidance, the Coast Guard has
established an overarching investment management framework for selecting,
controlling, and evaluating its portfolio of IT investments. Within this
framework the Coast Guard established investment and acquisition review
boards to oversee investment management processes. Also, underlying agency
policies, including the Coast Guard systems acquisition policy, are intended
to support this investment framework.

5 Clinger- Cohen Act of 1996, Public Law 104- 106, and Office of Management
and Budget Circular A- 130 (November 30, 2000). 6 U. S. General Accounting
Office, Information Technology Investment Management: A Framework for
Assessing and Improving Process Maturity, Exposure Draft, GAO/ AIMD10. 1.23,
version 1 (Washington, D. C.: May 2000).

Page 6 GAO- 02- 477 Coast Guard?s Vessel Identification System

We recently evaluated Coast Guard information technology management, and
reported that while the agency had many important IT management policies in
place, it did not consistently implement these policies. 7 That is, Coast
Guard practices are not always in compliance with its policies. For example,
in the area of software acquisition, we found that the agency had policies
in place for planning and managing software acquisitions and that the agency
generally followed these policies on the projects we reviewed. However, in
the area of investment management, we found that although the Coast Guard
had an investment management framework and policies in place, and
implemented these policies for major acquisitions exceeding $50 million, it
did not adequately oversee the costs, schedules, and risks of nonmajor
acquisitions or operational system projects. We made 17 recommendations to
improve the Coast Guard?s IT management practices and the agency is working
to address these recommendations.

Soon after the Ship Mortgage Act was enacted, the Coast Guard initiated a
series of planning activities to prepare to fulfill the law. Early in 1989,
it established a task force to examine options for satisfying the law, and
subsequently decided to acquire VIS. The Coast Guard also contracted with
the General Services Administration?s Federal Systems Integration and
Management Center (FEDSIM) to assist in defining the functionality of the
system, developing requirements, analyzing alternatives, and acquiring the
system. As part of their work to define requirements, the Coast Guard and
FEDSIM visited 25 states and the District of Columbia and met with
developers and operators of nationwide networks, including the motor vehicle
administrator?s network. Later, in 1992, the Coast Guard and another
contractor surveyed states and developed marketing strategies to demonstrate
the benefits of VIS to states in order to attract their participation.

As the plans for a VIS acquisition evolved, the Coast Guard became concerned
that it had planned too many separate systems and that it needed to
undertake a more integrated approach to developing these systems. Thus, in
the early 1990s, the Coast Guard delayed plans to acquire VIS in order to
integrate the requirements for multiple systems into a single systems
development effort.

7 U. S. General Accounting Office, Information Technology Management: Coast
Guard Practices Can Be Improved, GAO- 01- 190 (Washington, D. C.: Dec. 12,
2000). Coast Guard?s Early

Efforts to Acquire VIS Were Unsuccessful

Page 7 GAO- 02- 477 Coast Guard?s Vessel Identification System

In 1995, the Coast Guard awarded a contract to Computer Sciences Corporation
(CSC) to develop systems software, which evolved into the MISLE system.
Under the original MISLE program baseline, VIS was expected to be the first
contract deliverable in December 1997. VIS was to be a centralized
information system capable of uploading state registered and federally
documented vessel information and any changes to this information. It was to
respond to queries for information on vessels and owners by the Coast Guard
and federal and state boating and law enforcement officials, and- with some
limitations- marine bankers and insurers. The Coast Guard was unable to
provide a cost estimate solely for the VIS development, but the cost of VIS
combined with another component that was to automate the Coast Guard?s
vessel documentation process, was estimated to be between $12 million and
$15 million.

CSC developed and tested VIS and then delivered it to the Coast Guard in
early 1998. The Coast Guard conducted two rounds of operational testing with
state and system users. At the conclusion of the second round of testing,
the Coast Guard reported that users highly rated both system functionality
and their overall satisfaction. In December 1998, the Coast Guard determined
that VIS was operationally effective and suitable and formally approved the
system for full production and deployment. However, there were still several
unresolved problems that had been encountered during operational testing.
Specifically, a high- priority problem involved the processing of duplicate
vessel entries, while other lower priority problems involved system
performance. Coast Guard officials determined that these items were either
the responsibility of the states or would be resolved through enhancements
to the system as it evolved. Over the next year, the agency and CSC worked
to address the unresolved testing problems and to input one state?s vessel
data into VIS.

As these VIS activities were proceeding, the MISLE contract was experiencing
escalating costs and schedule delays. Therefore, the Coast Guard decided to
partially terminate its contract with CSC in October 1999. 8 Shortly
thereafter, the Coast Guard had OSC 9 evaluate VIS.

8 We discuss the Coast Guard?s MISLE program in our report, U. S. General
Accounting Office, Coast Guard: Update on Marine Information for Safety and
Law Enforcement,

GAO- 02- 11 (Washington, D. C.: Oct. 17, 2001).

Page 8 GAO- 02- 477 Coast Guard?s Vessel Identification System

In January 2000, OSC recommended that VIS be shut down because of
performance problems and the high cost to populate and maintain the system.
Specifically, the evaluation cited the following issues:

 System performance problems: VIS was unable to effectively upload states?
data, deal with data reliability issues, and handle complicated requests for
information from states and other users. Specifically, OSC noted that it
took over 14 hours to load one state?s data into VIS and that this was
unacceptably slow. OSC also reported on VIS problems in handling different
vessels with duplicate identification numbers and single vessels that had
multiple identification numbers- a situation that could occur when a vessel
was relocated from one state to another. In addition, OSC noted that
complicated queries either took too long to process or were not processed at
all. The center reported that solving these issues would involve significant
changes to VIS software and hardware.

 Cost to populate VIS: The only method available to pull state data into
VIS was through customized load routines-- that is, through computer
programs for uploading data that were tailored to each state?s vessel
registration system. OSC noted that the cost of developing a custom routine
to load one state?s data into VIS was approximately $50,000, and estimated
that it would cost the Coast Guard an additional $2.45 million to develop
interfaces for all states to be able to use VIS as it was intended. In
addition, OSC reported that all the interfaces would have to be maintained
and updated when each state updated its system.

 Cost to maintain VIS: Although VIS application tools were state of the art
in 1995, they were outdated in 2000. OSC noted that finding staff
experienced with these tools would be difficult. Therefore, OSC reported
that operations and maintenance costs for VIS would be significant and
suggested replacing these tools with updated ones.

In addition, Coast Guard officials cited two key factors that hindered the
implementation of VIS:

 Lack of unique hull identification numbers: Coast Guard officials told us
that in developing VIS, the contractor had assumed that vessels would have
unique hull identification numbers (HINs), but in fact, many do not.

9 OSC?s primary contractor has changed over the years. From 1996 until
August 2001, OSC?s primary contractor was Fuentez Systems Concepts,
Incorporated. On July 6, 2001, OSC awarded its primary operations contract
to QSS Group, Inc.; major subcontractors include Fuentez Systems Concepts,
Incorporated and Litton TRC.

Page 9 GAO- 02- 477 Coast Guard?s Vessel Identification System

Because manufacturers were not required to provide unique HINs before 1972,
many vessels do not have these numbers, while others do not have unique
HINs- that is, multiple vessels share an identical HIN. Thus, the Coast
Guard encountered major data integrity problems when entering vessels into
VIS.

 Voluntary nature of state participation: The MISLE project manager stated
that the Coast Guard could not force the states to contribute their vessel
data, and that a lack of participation by states would undermine the
usefulness of the system. Other Coast Guard officials stated that many
states were unwilling or unable to commit the funds necessary to participate
in VIS.

Given these problems, key stakeholders agreed that there was no viable way
to correct VIS?s deficiencies, and the MISLE project manager decided not to
provide any additional MISLE project funds to the project. As a result, the
original VIS development effort was never implemented, even though the Coast
Guard reportedly spent about $9 million 10 to plan, acquire, and attempt to
implement the system.

After its initial unsuccessful effort, the Coast Guard initiated a new
attempt to develop a vessel identification system. In its January 2000
evaluation report, OSC recommended a three- phased approach to developing a
new vessel identification system. The three phases were having OSC (1) add
to the limited amount of information on federally documented vessels that
was available on- line and provide a password security feature, (2) develop
a generic state vessel registration system that could be integrated into a
proposed new VIS system and distribute it to states and territories, and (3)
develop the new VIS system that would integrate information from the states
and federally documented vessels. The Coast Guard agreed to these
recommendations and implemented phases 1 and 2 at a reported cost of about
$220,000. However, it has not yet committed to the full development effort
proposed in phase 3 because

10 This figure includes costs associated with early planning efforts from
1987 to 1990 and CSC contract costs attributed to VIS. It does not include
costs of planning efforts between 1991 and 1994 because the Coast Guard was
not able to identify these. Also, the costs for the years from 1995 to 1999
do not include any funds associated with Coast Guard personnel or management
because the agency was not required to track government costs associated
with a particular subcomponent. Coast Guard Initiated

a New VIS Development Effort, but Future Plans Are Uncertain

Page 10 GAO- 02- 477 Coast Guard?s Vessel Identification System

the agency is working to validate states? requirements for the system. The
Coast Guard?s plans for this development are uncertain.

In October 2000, OSC implemented phase 1 of a new VIS development effort in
a system called VIS 1.0, at a cost of $135,700. To develop VIS 1.0, OSC
modified a copy of the Coast Guard?s Port State Information Exchange- an
existing Web- based database that contains some on- line information on
federally documented vessels- to include seven additional data fields that
the states had requested, including information such as the vessel owner?s
name and address. It also added a password security feature to protect
privacy information.

In October 2001, to enhance the system, OSC issued a subsequent release, VIS
2.0, at a cost of $58,100. In VIS 2.0, OSC added a one- time load of boating
registration data from one state (Georgia), expanded the database to include
an additional 67 data fields, and enhanced the system?s reporting
capabilities. Officials noted that the primary reason for these additions
was to demonstrate to the states what VIS could do before building the
entire system in phase 3.

To address past problems in uploading and integrating states data, OSC
proposed developing phase 2, a generic boating- registration data- entry
system for states to use. The Coast Guard planned to distribute this system
to states and encourage them to use it. In developing a cost estimate for
this effort, OSC included an estimate for an export routine that would
enable states to export their data so that it could be loaded into a future
VIS system. However, the Coast Guard removed the envisioned export routine
from this development effort because it had not yet defined a format for the
future VIS system.

A contractor 11 developed a generic boating registration system, called the
National Boating Registration (NABR), at a cost of $25,000. Although the
Coast Guard distributed NABR to the states in July 2001, in the months since
its distribution, NABR has not been heavily used. In fact, the Coast Guard
is aware of only one state that is planning to use a modified version of
NABR. Instead, Coast Guard officials indicated that most states are

11 Coast Guard officials reported that Fuentez Systems Concepts,
Incorporated developed the NABR system independent of its OSC support
contract. Phase 1 Has Been

Completed and Enhanced Phase 2 Was Developed and Distributed Without a Key
Envisioned Capability

Page 11 GAO- 02- 477 Coast Guard?s Vessel Identification System

using their own registration systems. Coast Guard officials are hopeful that
territories that do not currently have a registration system will be able to
use NABR.

The Coast Guard?s current plans for the future of VIS are uncertain. The
Coast Guard halted further work on VIS after phase 2 was completed, stating
that it needed to review and update VIS requirements before deciding to fund
phase 3. Coast Guard officials told us that they recently met with states to
validate VIS requirements and plan to send these requirements to OSC by the
end of May 2002. OSC will then develop a cost estimate for the system
development effort. Coast Guard officials were unable to provide schedule
estimates for when they would make decisions regarding any future VIS
development.

To effectively develop systems, federal requirements, Coast Guard policies,
and sound system acquisition principles call for key assessments and
oversight at the inception of a system acquisition effort. Specifically, our
investment management framework calls for evaluating completed projects and
identifying lessons learned to incorporate in future development efforts.
Additionally, Coast Guard system acquisition policy- as well as sound system
life- cycle management principles- calls for identifying mission needs and
operational requirements; exploring suitable, feasible, and affordable
alternatives for meeting those needs through trade- off analyses and
feasibility studies; assessing the costs, benefits, and risks of the
proposed alternatives; and developing an acquisition plan. Coast Guard
policies also call for oversight and approval of these key assessments by an
acquisition board throughout this early planning process. After an
acquisition proposal has been justified and approved, program management
focuses on developing a detailed system design and project plans, including
cost estimates and schedule milestones.

In commenting on a draft of this report, Coast Guard officials noted that
the agency recently revised its systems acquisition policy so that it now
targets only major acquisitions- generally, those expected to cost over $50
million. An acquisition official stated that the agency is working to
develop policies to guide smaller acquisitions, including VIS, but does not
yet have these policies in place. Further, the Coast Guard could not
estimate a time frame for doing so. Coast Guard?s Plans for

Full VIS Development Are Not Yet Defined

Coast Guard Does Not Plan to Follow a Rigorous Acquisition Process on Future
VIS Effort

Page 12 GAO- 02- 477 Coast Guard?s Vessel Identification System

Although Coast Guard officials plan to perform important analyses to support
future VIS efforts, they do not plan to follow all elements of a rigorous
process- including comprehensive assessments, justification, and senior
management oversight. Coast Guard officials recently met with states?
representatives to validate VIS requirements and reported that they plan to
have OSC assess these requirements to identify cost, schedule, and technical
issues and risks. Further, Coast Guard officials stated that they plan to
review this analysis, along with lessons learned from prior VIS efforts, to
evaluate alternative strategies for developing VIS. However, the Coast Guard
has not formally assessed and developed plans to address lessons learned
from its prior VIS efforts or reassessed its mission needs. Also, without a
structured policy and oversight, it is not clear that the Coast Guard will
fully explore alternative concepts for satisfying system needs through
trade- off analyses and feasibility studies. Further, Coast Guard officials
stated that the acquisition board will not oversee planned VIS activities.

The reason that the Coast Guard does not plan to perform these system
acquisition activities or obtain acquisition oversight on its new VIS effort
is that it does not believe that these activities are required. Coast Guard
marine safety officials stated that because VIS will not meet the dollar
threshold for a major system acquisition, Coast Guard policies requiring
these analyses, justification, and oversight do not apply to planned VIS
efforts.

However, comprehensive analyses and oversight are especially critical for a
new VIS effort because of the difficulty the agency has had to date in
developing the system, and since so much has changed since the system was
first justified and approved in the mid- 1990s. The Coast Guard is still
facing some of the risks that undermined past efforts to acquire VIS, and
there is no evidence that these risks have been addressed. In addition, the
system?s criticality and mission needs may have evolved, and new
alternatives are now available.

Key risks that undermined past efforts to acquire the system are likely to
hinder any new efforts. Specifically, Coast Guard officials stated that
problems with duplicative or nonexistent HINs are still a concern and that
any new system development effort will need to be able to handle a variety
of situations involving vessel identifiers, including vessels (1) without
HINs, (2) with duplicative HINs, and (3) with invalid HINs.

Further, Coast Guard officials noted that a lack of state participation
would undermine any new effort. Because state participation is voluntary,

Page 13 GAO- 02- 477 Coast Guard?s Vessel Identification System

there is no guarantee that states will choose to provide their vessel data
and any updates to that data to a new VIS system. In fact, several states?
representatives have reported that they are unable to commit to future VIS
efforts because of the cost of converting their data to the Coast Guard?s
format and updating the data as they change. State boating representatives
we contacted acknowledged VIS benefits- including assisting in recovering
stolen vessels, decreasing fraud associated with stolen vessels, and
deterring vessel theft- but just as many expressed concerns with the
technical complexity and/ or the cost of converting their data to the Coast
Guard?s format. Unless these risks are assessed and managed, they may
undermine any future system development efforts.

While the Coast Guard is still facing these former risks, it is also
encountering evolving needs and new alternatives for VIS. Regarding mission
needs, recent national security issues and consumer safety hazards 12 have
reemphasized the need for states? vessel data within the Coast Guard.
According to a Coast Guard official, although the Coast Guard has not viewed
recreational vessels as a national security risk in the past, it is now
doing so in light of the recent terrorist attacks. Unless these potential
mission needs are identified and their requirements factored into VIS?s
design and development, the Coast Guard risks developing a system that does
not capture all the critical information or functions needed to support its
evolving missions.

In addition to evolving needs for information on state- registered vessels,
there are new and promising alternatives for meeting these needs.
Specifically, several private companies obtain and integrate information on
state- registered vessels for marketing purposes. Although it is not clear
whether these companies can meet all user needs for up- to- date vessel
data, their information is more integrated and up to date than the Coast
Guard?s. For example, one company maintains a database containing limited
vessel data from 46 states and updates some states? data every 6 weeks,
while another maintains limited vessel information from 44 states and has
suggested that it would update the data quarterly. Coast Guard officials are
aware of these options and have stated that they are too expensive and not
timely enough to meet law enforcement needs.

12 Recent carbon monoxide deaths associated with certain houseboats
highlighted the need for more effectively identifying vessel owners to alert
them to hazards and to issue recall notices.

Page 14 GAO- 02- 477 Coast Guard?s Vessel Identification System

However, the agency has not performed any analysis of the costs, benefits,
and risks of these alternatives.

Also, new technologies, such as the extensible markup language (XML), have
the potential to resolve some of the past problems the Coast Guard has had
in integrating state data. XML is a flexible, nonproprietary set of
standards designed to facilitate the exchange of information among disparate
computer systems using the Internet?s protocols. Although implementation
challenges still exist, this technology holds promise as a way to
effectively integrate data from diverse systems. 13 Unless these and other
potential alternatives are evaluated, the Coast Guard may miss key
opportunities to develop VIS more effectively.

By not incorporating a rigorous system acquisition process, the Coast Guard
risks developing a system that does not address past problems, fulfill its
mission needs, or effectively use new technologies and commercial products.
Without such processes and a commensurate level of management oversight, the
Coast Guard is unlikely to successfully develop and effectively implement a
vessel identification system.

The Coast Guard has little to show for the 14 years it has spent trying to
develop a vessel identification system to aid state and federal law
enforcement activities. Past efforts to develop the system were
unsuccessful. The agency is now considering another attempt at developing
VIS, but is not straying far from its past, unsuccessful efforts.

By planning to develop VIS as if it were a low- risk project, instead of a
system acquisition effort that warrants a thorough system acquisition
approach to analyses, justification, and oversight, the Coast Guard runs the
risk that VIS will continue as it has for the past 14 years. That is, funds
will be spent and products will be developed and delivered, yet users? needs
for this system will continue to be unfulfilled.

Given the continuing risks, changing needs, and new alternatives, it is
imperative that this system be approached anew with an understanding of

13 U. S. General Accounting Office, Electronic Government: Challenges to
Effective Adoption of the Extensible Markup Language, GAO- 02- 327
(Washington, D. C.: Apr. 5, 2002). Conclusions

Page 15 GAO- 02- 477 Coast Guard?s Vessel Identification System

what went wrong in prior efforts, with sound system acquisition processes in
place, and with adequate program management and oversight.

In order to mitigate the risk that the Coast Guard will continue to spend
funds on VIS but not fulfill the requirements of the 1988 law, we recommend
that the secretary of transportation direct the Coast Guard commandant to
ensure that the following actions occur to reassess VIS:

 determine if the problems with nonunique HINs and a lack of state
participation are still pertinent;

 if so, identify what can be done to mitigate these risks; and

 brief relevant congressional committees and subcommittees on critical VIS
risks and options for addressing these risks within 3 months of the date of
this report.

If the Coast Guard decides to move forward in developing a VIS, we recommend
that it do so in compliance with a rigorous system acquisition approach.
Specifically,

 reassess mission needs in light of evolving homeland security initiatives
and define and validate user requirements to support these mission needs;

 identify alternatives for fulfilling these needs, including the use of
commercial vendors and new technologies;

 perform feasibility studies as well as cost, benefit, and risk analyses of
these alternatives;

 select a system design;

 develop an acquisition plan that incorporates cost and schedule
milestones; and

 obtain oversight from the Coast Guard acquisition board throughout the VIS
acquisition process to help ensure that it is effectively managed.

Additionally, we recommend that the Coast Guard evaluate the use of
commercial products that could provide vessel information as an immediate,
interim solution until a system that fully meets the requirements of the
Ship Mortgage Act can be developed.

In providing oral comments on a draft of this report, representatives of the
Department of Transportation and the Coast Guard, including a representative
of the Office of the Secretary of Transportation and the chief of the Office
of Information Resources, agreed to consider our recommendations. Coast
Guard officials reported that the agency would Recommendations

Agency Comments and Our Evaluation

Page 16 GAO- 02- 477 Coast Guard?s Vessel Identification System

not expend any further funds on developing VIS until it develops a viable
plan to address the technical and financial barriers to a successful VIS
implementation. Further, officials stated that they intend to apply sound
acquisition principles in developing VIS, but do not need to follow all the
requirements for major acquisitions. Coast Guard officials also offered
specific technical corrections, which we have incorporated as appropriate.

We believe that rigorous processes and oversight, such as those in the Coast
Guard?s systems acquisition policy, are especially critical on the future
VIS acquisition because the Coast Guard is still facing some of the risks
that undermined the early VIS acquisition, the system?s criticality and
requirements may be evolving as a result of the recent terrorist attacks,
and new alternatives are now available.

We are sending copies of this report to the secretary of transportation, the
Coast Guard commandant, the director of the Office of Management and Budget,
and other interested parties. Copies will also be made available to others
upon request.

Should you or your staff have any questions concerning this report, please
contact me at (202) 512- 6240 or by e- mail at koontzl@ gao. gov. Sophia
Harrison, Franklin Jackson, Colleen Phillips, Cynthia Scott, and Glenda
Wright were major contributors to this report.

Linda D. Koontz Director, Information Management Issues

Appendix I: Scope and Methodology Page 17 GAO- 02- 477 Coast Guard?s Vessel
Identification System

To determine the Coast Guard?s early efforts to acquire VIS, we reviewed
Public Law 100- 710, which required the establishment of a vessel
identification system and identified the specific information that the
system was to include. We reviewed documents that outlined the Coast Guard?s
early efforts to define and develop functional requirements. We also
evaluated the Coast Guard?s Marine Information for Safety and Law
Enforcement (MISLE) system project plans, operational requirements document,
and acquisition project baselines to determine the Coast Guard?s plans for
developing a system that would meet the requirements of Public Law 100- 710.

In addition, we reviewed the specific contract task orders for VIS
development, data conversion, and operation and maintenance efforts.
Further, we reviewed and evaluated VIS formal qualification testing and
operational test and evaluation reports, including system problem reports
outstanding at the end of each of these phases of testing. Although we
reviewed the Operations Systems Center?s (OSC) assessment of the Coast
Guard?s first VIS effort, we were not able to validate this assessment
because OSC did not provide supporting documentation to the Coast Guard at
the time it completed its evaluation and did not maintain such documentation
after that time.

We also interviewed the MISLE project manager and representatives from the
offices of information resources and boating safety to determine their
assessment of VIS and to provide details on its acceptance.

To determine the Coast Guard?s current plans for developing VIS, we reviewed
the current VIS statements of work, project plans, testing efforts and
results, and implementation and usage statistics by state representatives.
We interviewed project sponsor representatives and contractor staff to
determine how these efforts had been planned, developed, and tested.
Regarding the Coast Guard?s future VIS plans, we interviewed the MISLE
project sponsor representatives as well as representatives from the office
of boating safety. In addition, we interviewed the MISLE project manager and
reviewed and evaluated future VIS planning documents. We also contacted
state boating law officials representing 20 states and territories to
identify their efforts to participate in prior VIS efforts and to determine
their perceptions of VIS?s benefits and challenges.

To assess whether the Coast Guard?s VIS acquisition practices are adequate,
we compared documentation supporting the current VIS development effort to
the analyses and justification required under sound Appendix I: Scope and
Methodology

Appendix I: Scope and Methodology Page 18 GAO- 02- 477 Coast Guard?s Vessel
Identification System

system acquisition processes, including federal regulations and the Coast
Guard?s own system acquisition policies. We also interviewed Coast Guard
officials to discuss their plans for analyzing and justifying new VIS
efforts.

(310332)

The General Accounting Office, the investigative arm of Congress, exists to
support Congress in meeting its constitutional responsibilities and to help
improve the performance and accountability of the federal government for the
American people. GAO examines the use of public funds; evaluates federal
programs and policies; and provides analyses, recommendations, and other
assistance to help Congress make informed oversight, policy, and funding
decisions. GAO?s commitment to good government is reflected in its core
values of accountability, integrity, and reliability.

The fastest and easiest way to obtain copies of GAO documents at no cost is
through the Internet. GAO?s Web site (www. gao. gov) contains abstracts and
fulltext files of current reports and testimony and an expanding archive of
older products. The Web site features a search engine to help you locate
documents using key words and phrases. You can print these documents in
their entirety, including charts and other graphics.

Each day, GAO issues a list of newly released reports, testimony, and
correspondence. GAO posts this list, known as ?Today?s Reports,? on its Web
site daily. The list contains links to the full- text document files. To
have GAO e- mail this list to you every afternoon, go to www. gao. gov and
select ?Subscribe to daily E- mail alert for newly released products? under
the GAO Reports heading.

The first copy of each printed report is free. Additional copies are $2
each. A check or money order should be made out to the Superintendent of
Documents. GAO also accepts VISA and Mastercard. Orders for 100 or more
copies mailed to a single address are discounted 25 percent. Orders should
be sent to:

U. S. General Accounting Office 441 G Street NW, Room LM Washington, D. C.
20548

To order by Phone: Voice: (202) 512- 6000 TDD: (202) 512- 2537 Fax: (202)
512- 6061

Contact: Web site: www. gao. gov/ fraudnet/ fraudnet. htm E- mail: fraudnet@
gao. gov Automated answering system: (800) 424- 5454 or (202) 512- 7470

Jeff Nelligan, managing director, NelliganJ@ gao. gov (202) 512- 4800 U. S.
General Accounting Office, 441 G Street NW, Room 7149 Washington, D. C.
20548 GAO?s Mission

Obtaining Copies of GAO Reports and Testimony

Order by Mail or Phone To Report Fraud, Waste, and Abuse in Federal Programs

Public Affairs
*** End of document. ***