High-Risk Areas: Actions Needed to Solve Pressing Management Problems
(Testimony, 03/05/97, GAO/T-AIMD/GGD-97-60).

GAO discussed actions needed to bring about lasting solutions to serious
and long-standing federal government management problems.

GAO noted that: (1) its mission is helping the Congress in its efforts
to improve management of our national government; (2) one approach has
entailed identifying critical management problems before they become
uncontrollable crises; (3) since 1990, GAO has produced a list for the
Congress of areas that GAO identified, based on its work, as highly
vulnerable to waste, fraud, abuse and mismanagement; (4) to help solve
high risk problems, GAO has made hundreds of recommendations to get at
the heart of these problems, which have at their core a fundamental lack
of accountability; (5) this list helps focus attention by the
administration and the Congress on critical management problems; (6) the
high risk designation has prompted agencies to take action in many
areas, and progress in addressing management problems has ensued; (7)
the need to address fundamental management problems also was a factor in
prompting the Congress to to enact important reforms such as the 1995
Paperwork Reduction Act and the 1996 Clinger-Cohen Act to better manage
investments in information technology (IT), the Government Management
and Reform Act of 1994, which expanded the 1990 Chief Financial Officers
(CFO) Act's requirement for financial statements and controls that can
pass the test of an independent audit, and the 1993 Government
Performance and Results Act (GPRA) to better measure performance and
focus on results; (8) this legislation forms an integrated framework
that will help agencies identify and monitor high risk areas and operate
programs more efficiently and will assist the Congress in overseeing
agencies' efforts to achieve these results; (9) through the set of
reforms embodied in the CFO Act, GRPA, and the IT initiatives, the
Congress has laid the groundwork for the federal government to use
proven best management practices that have been successfully applied in
the private sector and state and local governments; and (10) these
reforms will not produce lasting improvements, however, without
successful implementation by agencies and relentless Congressional
involvement.

--------------------------- Indexing Terms -----------------------------

 REPORTNUM:  T-AIMD/GGD-97-60
     TITLE:  High-Risk Areas: Actions Needed to Solve Pressing 
             Management Problems
      DATE:  03/05/97
   SUBJECT:  Risk management
             Financial management
             Accountability
             Strategic information systems planning
             Strategic planning
             Auditing standards
             Information technology
             Internal controls
             Congressional oversight
             Human resources utilization

             
******************************************************************
** This file contains an ASCII representation of the text of a  **
** GAO report.  Delineations within the text indicating chapter **
** titles, headings, and bullets are preserved.  Major          **
** divisions and subdivisions of the text, such as Chapters,    **
** Sections, and Appendixes, are identified by double and       **
** single lines.  The numbers on the right end of these lines   **
** indicate the position of each of the subsections in the      **
** document outline.  These numbers do NOT correspond with the  **
** page numbers of the printed product.                         **
**                                                              **
** No attempt has been made to display graphic images, although **
** figure captions are reproduced.  Tables are included, but    **
** may not resemble those in the printed version.               **
**                                                              **
** Please see the PDF (Portable Document Format) file, when     **
** available, for a complete electronic file of the printed     **
** document's contents.                                         **
**                                                              **
** A printed copy of this report may be obtained from the GAO   **
** Document Distribution Center.  For further details, please   **
** send an e-mail message to:                                   **
**                                                              **
**                                            **
**                                                              **
** with the message 'info' in the body.                         **
******************************************************************


Cover
================================================================ COVER


Before the Committee on Governmental Affairs,
U.S.  Senate

For Release on Delivery
Expected at
10 a.m.
Wednesday
March 5, 1997

HIGH-RISK AREAS - ACTIONS NEEDED
TO SOLVE PRESSING MANAGEMENT
PROBLEMS

Statement of Gene L.  Dodaro
Assistant Comptroller General
Accounting and Information Management Division

GAO/T-AIMD/GGD-97-60

GAO/AIMD-97-60t


(918900)


Abbreviations
=============================================================== ABBREV

  ATC - air traffic control
  CFO - Chief Financial Officer
  CIM - Corporate Information Management
  CIO - Chief Information Officer
  CSRA - Civil Service Reform Act of 1978
  DOD - Department of Defense
  FAA - Federal Aviation Administration
  GPRA - Government Performance and Results Act
  HUD - Department of Housing and Urban Development
  IRS - Internal Revenue Service
  NASA - National Aeronautics and Space Administration
  NWS - National Weather Service
  OMB - Office of Management and Budget
  PBGC - Pension Benefit Guaranty Corporation
  PRA - Paperwork Reduction Act of 1995
  RTC - Resolution Trust Corporation
  TSM - Tax Systems Modernization

============================================================ Chapter 0

Mr.  Chairman and Members of the Committee: 

We are pleased to be here to discuss solutions to serious management
problems that needlessly cost billions of dollars in taxpayers funds
and result in huge missed opportunities to improve service to the
American public and ensure adequate accountability for federal
operations. 

This Committee continues to be a vitally important driving force in
efforts to effectively implement much needed management reforms. 
Important recent legislative initiatives initiated in this Committee
and enacted by the Congress provide the framework for the actions
needed to bring about lasting solutions to serious and long-standing
federal government management problems.  Determined follow-through by
agency managers and sustained attention by the Congress, however, are
essential ingredients to translating these critical reforms into the
reality of reformed day-to-day management practices across the
spectrum of the federal government's operations. 

GAO's mission is helping the Congress in its efforts to improve
management of our national government.  One approach has entailed
identifying critical management problems before they become
uncontrollable crises.  Since 1990, we have produced a list for the
Congress of areas that were identified, based on GAO work, as highly
vulnerable to waste, fraud, abuse, and mismanagement.  To help solve
high-risk problems, we have made hundreds of recommendations to get
at the heart of these problems, which have at their core a
fundamental lack of accountability. 

This list helps focus attention of the administration and the
Congress on critical management problems.  The high-risk designation
has prompted agencies to take action in many areas, and progress in
addressing management problems has ensued.  The need to address
fundamental management problems also was a factor in prompting the
Congress to enact important reforms such as (1) the 1995 Paperwork
Reduction Act and the 1996 Clinger-Cohen Act to better manage
investments in information technology, (2) the Government Management
Reform Act of 1994, which expanded the 1990 Chief Financial Officers
(CFO) Act's requirement for financial statements and controls that
can pass the test of an independent audit, and (3) the 1993
Government Performance and Results Act (GPRA) to better measure
performance and focus on results.  This legislation forms an
integrated framework that will help agencies identify and monitor
high-risk areas and operate programs more efficiently and will assist
the Congress in overseeing agencies' efforts to achieve these
results. 

At the beginning of each new Congress, we update our high-risk list. 
Areas are removed from the list as improvements develop and progress
is made, and new areas are added to highlight burgeoning problems. 
Our latest update of high-risk areas was issued last month.  The 25
areas that are the current focus of our high-risk initiative are
listed in attachment I and the reports included in our 1997 set of
high-risk reports are listed in attachment II. 

In brief, we reported that agencies are taking high-risk problems
seriously, trying to correct them, and making progress in many areas. 
The Congress also has acted to address several problems affecting
these high-risk areas through oversight hearings and specific
legislative initiatives.  Full and effective implementation of
legislative mandates, our suggestions, and corrective measures by
agencies, however, has not yet been achieved because the high-risk
areas involve long-standing problems that are difficult to correct. 

Through the set of reforms embodied in the CFO Act, GPRA, and the
information technology initiatives, the Congress has laid the
groundwork for the federal government to use proven best management
practices that have been successfully applied in the private sector
and state and local governments.  These reforms will not produce
lasting improvements, however, without successful implementation by
agencies and relentless congressional involvement.  The next few
years are critical; agencies are in the formative years of
implementing the expanded, governmentwide mandates of the CFO Act and
GPRA and in the first full year of carrying out the new information
technology mandates.  Congressional attention, such as that shown by
this hearing, is pivotal to achieving meaningful improvements. 

The following sections outline actions needed to solve high-risk
management problems.  Fixing these problems can result in the
government (1) saving billions of dollars, (2) making better
investments in information technology, (3) managing the cost of
government more effectively, and (4) improving performance and
service to the public. 


   REAPING THE BENEFITS OF
   TECHNOLOGY IS CENTRAL TO
   CONTROLLING COSTS AND PROVIDING
   BETTER SERVICES
---------------------------------------------------------- Chapter 0:1

One of the six major categories in our high risk series is obtaining
an adequate return on multibillion dollar investments in information
technology.\1 We added this category in 1995 because we continued to
find major system development projects that greatly exceed estimated
costs, fall years behind schedule, and fail to achieve operational
goals.  These failures have left the Congress and executive branch
severely handicapped by the lack of reliable data.  Moveover, huge
opportunities have been lost to use technology to reduce federal
operating costs and improve program performance. 

The effective use of information technology is integral in some way
to solving problems in all the high-risk areas mentioned in our 1997
series.  The seriousness of these information management problems is
underscored by the fact that nearly every aspect of over $1.5
trillion in annual federal government operations depends on
information systems.  Additionally, the American public, enjoying the
everyday benefits of technology-driven service improvements in the
private sector, are becoming increasingly frustrated with poor
performance from federal agencies. 

In our 1997 high risk report on information management and
technology,\2 we focus on four major modernization efforts that
provide a vivid study in technology management problems that,
unfortunately, are all too typical across the federal government. 

  -- The Internal Revenue Service (IRS) has spent or obligated over
     $3 billion since 1986 on its Tax Systems Modernization (TSM),
     which is designed to overhaul the paper-intensive approach to
     tax return processing.  We reported in 1995 that the
     modernization lacked basic elements needed to bring it to a
     successful conclusion, such as a comprehensive business strategy
     for reducing paper filings and the requisite management,
     software development, and technical infrastructure.  We made
     over a dozen recommendations to address these weaknesses,
     including implementing (1) a sound process to manage technology
     investments, (2) disciplined procedures for software
     requirements management, and (3) an integrated systems
     architecture. 

We reported in June and September 1996 that IRS had initiated many
activities to improve its modernization efforts but had not fully
implemented any of our recommendations.  The Congress subsequently
directed IRS to establish a schedule for implementing GAO's
recommendations.  It also required regular status reports on
corrective actions and TSM spending.  IRS and the Department of the
Treasury have taken steps to address our recommendations and respond
to congressional direction, but further concerted, sustained
improvement efforts are needed.\3

  -- For over 15 years, the Federal Aviation Administration's (FAA)
     $34-billion air traffic control (ATC) modernization has
     experienced cost overruns, schedule delays, and performance
     shortfalls.  Though FAA has recently made important progress on
     aspects of the modernization, some serious problems remain. 
     Most notably, this large effort has long proceeded without the
     benefit of a complete systems architecture to guide the
     modernization's development and evolution.  Among other things,
     this lack of a technical blueprint has led to unnecessarily
     higher spending to buy, integrate, and maintain hardware and
     software.  We have recommended that FAA develop and enforce a
     complete systems architecture.  Exacerbating the modernization's
     problems is unreliable information on costs--both future
     estimates of costs and accumulations of actual costs.  We have
     recommended that FAA institutionalize a defined cost process and
     develop and implement a managerial cost accounting capability.\4

  -- The Department of Defense's (DOD) Corporate Information
     Management (CIM) effort was supposed to save billions of dollars
     by streamlining operations and implementing standard information
     systems in areas such as materiel management, personnel,
     finance, and transportation.  But after 8 years and $20 billion
     in spending on CIM, DOD has yet to meet its savings goals,
     largely because of its failure to implement sound management
     practices for CIM.  We have recommended that DOD (1) better link
     system modernization projects to business process improvement
     efforts, (2) establish plans and performance measures and
     clearly defined roles and responsibilities for implementing CIM,
     (3) improve controls over information technology investments,
     and (4) not initiate system improvement projects without sound
     economic and technical analyses.\5 DOD has yet to successfully
     implement these recommendations and continues to spend billions
     of dollars on system migration projects with little sound
     analytical justification.  Recently, however, DOD has begun an
     initiative to better manage its technology investments using its
     planning, programming, and budgeting system. 

  -- Similarly, the National Weather Service (NWS) has yet to resolve
     serious problems with its $4.5-billion modernization effort. 
     New radars are not always up and running when severe weather is
     threatening and ground-based sensors fall short of performance
     and user expectations.  We have recommended several actions for
     correcting these problems and have also recommended that NWS
     improve its technical capabilities to design and manage the
     modernization.  NWS has addressed some of our concerns in these
     areas, but others remain.  We also recommended that NWS
     establish a sound decision-making process for managing the
     modernization's massive investment and getting promised returns
     from technology.  Finally, the modernization effort has long
     gone without a systems architecture to guide it.  In response to
     our recommendations, NWS has begun to develop a technical
     blueprint for the modernization.  However, until a systems
     architecture is developed and enforced, the modernization will
     continue to incur higher system development and maintenance
     costs.\6

Correcting problems in these four major modernization efforts is
important.  But we also recognize the need to address and overcome
the root causes of the government's chronic information management
problems.  To do this, GAO has worked closely with the Congress and
the administration to fundamentally revamp and modernize federal
information management practices.  We studied information management
practices at leading public-sector and private-sector
organizations--ones that have dramatically improved their performance
and met mission goals through the use of technology.  In our
executive guide to improving information management, we identified
proven techniques used by these successful organizations and
developed an integrated set of information management practices for
federal agencies.\7

The 104th Congress used these best practices to craft the first major
information management reform legislation in over a decade:  the
Paperwork Reduction Act of 1995 (PRA) and the Clinger-Cohen Act of
1996.  These laws emphasize involving senior executives in
information management decisions, establishing senior-level Chief
Information Officers, tightening controls over technology spending,
redesigning inefficient work processes, and using performance
measures to assess technology's contribution to achieving mission
results.  These management practices provide agencies--such as IRS
for tax systems--a practical means of addressing their information
problems, maximizing benefits from technology spending, and
controlling the risks of system development efforts. 

Past experience has shown that the early days following the passage
of reform legislation are telling.  Let me quickly highlight areas
where this Committee can ensure that these reforms get off to a
strong start. 


--------------------
\1 Over the last 6 years, federal agencies have obligated about $145
billion to activities related to information technology.  This figure
does not include many additional billions of dollars that go to
software embedded in Defense weapons systems. 

\2 Information Management and Technology (GAO/HR-97-9). 

\3 Tax Systems Modernization:  Management and Technical Weaknesses
Must Be Corrected If Modernization Is to Succeed (GAO/AIMD-95-156,
July 26, 1995); Tax Systems Modernization:  Actions Underway But IRS
Has Not Yet Corrected Management and Technical Weaknesses
(GAO/AIMD-96-106, June 7, 1996); and Tax Systems Modernization: 
Actions Underway But Management and Technical Weaknesses Not Yet
Corrected (GAO/T-AIMD-96-165, September 10, 1996). 

\4 Advanced Automation System:  Implications of Problems and Recent
Changes (GAO/T-RCED-94-188, April 13, 1994); Air Traffic Control: 
Good Progress on Interim Replacement for Outage-Plagued System, but
Risks Can Be Further Reduced (GAO/AIMD-97-2, October 17, 1996); Air
Traffic Control:  Complete and Enforced Architecture Needed for FAA
Systems Modernization (GAO/AIMD-97-30, February 3, 1997); and Air
Traffic Control:  Improved Cost Information Needed to Make Billion
Dollar Modernization Investment Decisions (GAO/AIMD-97-20, January
22, 1997). 

\5 Defense Management:  Stronger Support Needed for Corporate
Information Management Initiative to Succeed (GAO/AIMD/NSIAD-94-101,
April 12, 1994); Defense Management:  Selection of Depot Maintenance
Standard System Not Based on Sufficient Analyses (GAO/AIMD-95-110,
July 13, 1995); Defense Transportation:  Migration Systems Selected
Without Adequate Analysis (GAO/AIMD-96-81, August 29, 1996); and
Defense IRM:  Critical Risks Facing New Material Management Strategy
(GAO/AIMD-96-109, September 6, 1996). 

\6 Weather Forecasting:  Radars Far Superior to Predecessors, but
Location and Availability Questions Remain (GAO/T-AIMD-96-2, October
17, 1995); Weather Forecasting:  Unmet Needs and Unknown Costs
Warrant Reassessment of Observing System Plans (GAO/AIMD-95-81, April
21, 1995); Weather Forecasting:  Improvements Needed in Laboratory
Software Development Processes (GAO/AIMD-95-24, December 14, 1994);
Weather Forecasting:  Recommendations to Address New Weather
Processing Systems Development Risks (GAO/AIMD-96-74, May 13, 1996);
Information Technology Investment:  Agencies Can Improve Performance,
Reduce Costs, and Minimize Risks (GAO/AIMD-96-64, September 30,
1996); and Weather Forecasting:  Systems Architecture Needed for
National Weather Service Modernization (GAO/AIMD-94-28, March 11,
1994). 

\7 Executive Guide:  Improving Mission Performance Through Strategic
Information Management and Technology--Learning from Leading
Organizations (GAO/AIMD-94-115, May 1994). 


      EXECUTIVE LEADERSHIP IS
      CRUCIAL
-------------------------------------------------------- Chapter 0:1.1

In the successful organizations we studied, senior executives were
personally committed to improving the management of technology.  They
recognized that information management needed to be incorporated into
an executive-level management framework that included mission
planning, goal setting, budgeting, and performance improvement.  Both
the PRA and the Clinger-Cohen Act incorporate this practice by making
agency heads directly responsible for

  -- establishing goals for using information technology to improve
     the effectiveness of agency operations and service to the
     public,

  -- measuring the actual performance and contribution of technology
     in supporting agency programs, and

  -- including with their agencies' budget submissions to the Office
     of Management and Budget (OMB) a report on their progress in
     meeting operational improvement goals through the use of
     technology. 


      QUALIFIED CHIEF INFORMATION
      OFFICERS ARE NEEDED
      THROUGHOUT GOVERNMENT
-------------------------------------------------------- Chapter 0:1.2

The PRA requires major agencies to appoint well-qualified Chief
Information Officers (CIO) who report directly to agency heads.  The
CIO is responsible for working with the agency head and other senior
managers to (1) promote improvements to work processes used to carry
out programs, (2) implement an adequate information technology
architecture, and (3) strengthen the agency's capabilities to deal
with emerging technology issues and develop effective information
systems. 

Getting the right people in place will make a real difference in
implementing lasting management reforms.  CIOs should have knowledge
of and practical experience in using technology to produce major
improvements in performance.  This year, the Congress should expect
to see well-qualified CIOs making clear progress in implementing the
reforms.  CIOs should also be active in identifying the technical
capabilities that their agencies need to acquire and manage
information resources in a disciplined manner to better control risks
and achieve desired outcomes. 


      IMPROVED INVESTMENT CONTROLS
      ARE VITAL
-------------------------------------------------------- Chapter 0:1.3

Leading organizations manage information technology projects as
important investments.  Top executives periodically assess all major
projects, prioritize them, and make funding decisions based on
factors such as cost, risk, return on investment, and support of
mission-related outcomes.  Once projects are selected for funding,
executives monitor them continually, taking quick action to resolve
development problems and mitigate risks.  After a project is
implemented, executives evaluate actual versus expected results and
revise their investment management process based on lessons learned. 

The PRA and the Clinger-Cohen Act incorporate these investment
practices.  Agency heads and CIOs should be designing and
implementing a structure for maximizing the value and managing the
risk of technology investments by

  -- selecting, controlling, and evaluating investments using sound
     criteria and good data;

  -- modernizing work processes before making significant technology
     investments; and

  -- building large, complex systems in a modular fashion. 

Last month, GAO issued a comprehensive guide for agencies to use in
assessing how well they are selecting and managing their information
technology resources.  The guide, which is based on best practices,
will be instrumental in helping agencies identify specific areas for
improving their investment process to maximize the returns on
technology spending and better control system development risks.\8

As part of its review of fiscal year 1998 budget proposals, the
Congress should look for clear evidence that agencies have
established sound investment processes and explore agencies' track
records in achieving performance improvements from technology. 
Congressional committees should expect agencies to provide hard data
on how technology spending is planned to be used to improve mission
performance and reduce operating costs. 


--------------------
\8 Assessing Risks and Returns:  A Guide for Evaluating Federal
Agencies' IT Investment Decision-making, Version 1 (GAO/AIMD-10.1.13,
February 1997). 


      OMB'S ROLE IS CRITICAL
-------------------------------------------------------- Chapter 0:1.4

Under the reform legislation, OMB has significant leadership
responsibilities to help agencies to improve their information
management practices.  This is especially important in

  -- establishing guidance and policies for agencies to follow in
     implementing the investment reforms and

  -- evaluating the results of agency technology investments and
     enforcing accountability for results through the executive
     branch budget process. 

OMB has been proactive in developing policies and procedures to help
agencies institute effective investment decision-making processes. 
For example, OMB and GAO worked together to produce a guide in 1995
for both OMB budget examiners and agency executives on how to
evaluate information technology investments using the concepts from
our best practices work.\9 OMB needs to continue to define
expectations for agencies and for itself in this key area.  Also, in
1996, we recommended that OMB

  -- develop recommendations for the President's budget on funding
     levels for technology projects that take account of an agency's
     track record in delivering performance improvements from
     technology investments and

  -- develop an approach for determining whether OMB itself is having
     an impact on reducing the risk or increasing the returns on
     agency information technology investments.\10

To its credit, at the beginning of this fiscal year, OMB issued a
memorandum to heads of executive departments and agencies laying out
decision criteria that OMB will use in evaluating and funding major
information system investments proposed for funding under the
President's fiscal year 1998 budget.  The criteria strongly reinforce
the provisions of the reform legislation. 

OMB also has a crucial role helping to resolve two governmentwide
information management issues added new to our 1997 high-risk list. 
The first is information security.  Malicious attacks on computer
systems are an increasing threat to our national welfare.  Despite
their sensitivity and criticality, federal systems and data across
government are not being adequately protected, thereby putting
billions of dollars worth of assets a risk of loss and vast amounts
of sensitive data at risk of unauthorized disclosure. 

Since June 1993, we have issued over 30 reports describing serious
information security weaknesses at major federal agencies.  For
example, in May 1996, we reported that tests at DOD showed that DOD
systems may have experienced as many as 250,000 attacks during 1995,
that over 60 percent of the attacks were successful at gaining
access, and that only a small percentage of these attacks were
detected.\11 And in September 1996, we reported that during the
previous 2 years, serious information security control weaknesses had
been reported for 10 of the 15 largest federal agencies.\12 We have
made dozens of recommendations to individual agencies for improvement
and they have acted on many of them. 

Also, in 1996, we recommended that OMB play a more proactive role in
promoting awareness in monitoring agency practices.  In particular,
we recommended that OMB work with the interagency CIO Council to
develop a strategic plan for (1) identifying information security
risks, (2) reviewing individual agency security programs, and (3)
developing or identifying security training programs. 

The second governmentwide high-risk issue concerns the need to modify
information systems to correctly process dates past the year 1999
(the "Year 2000 Problem").  As chair of the CIO Council, OMB has a
key role to play in solving this problem, which threatens widespread
disruption of federal computer systems.  It is important for OMB to
get agencies to rapidly review their information technology systems,
assess the scope of their Year 2000 problem, renovate the systems
that need to be changed, and test and implement them. 

For our part, GAO has developed a step-by-step framework to guide
agencies in planning and managing their Year 2000 programs.  Our
guide incorporates best practices identified by leading agencies for
dealing with this issue, and is coordinated with the work of the Best
Practices Subcommittee of the Interagency Year 2000 Committee.\13


--------------------
\9 Evaluating Information Technology Investments:  A Practical Guide,
version 1.0 (S/N 041-001-00460-2, November 1, 1995). 

\10 Information Technology Investment:  Agencies Can Improve
Performance, Reduce Costs, and Minimize Risks (GAO/AIMD-96-64,
September 30, 1996). 

\11 Information Security:  Computer Attacks at Department of Defense
Pose Increasing Risks (GAO/AIMD-96-84, May 22, 1996). 

\12 Information Security:  Opportunities for Improved OMB Oversight
of Agency Practices (GAO/AIMD-96-110, September 24, 1996). 

\13 Year 2000 Computing Crisis:  An Assessment Guide
(GAO/AIMD-10.1.14, February 1997, exposure draft). 


   MANAGING THE COST OF GOVERNMENT
   PROGRAMS MORE EFFECTIVELY
---------------------------------------------------------- Chapter 0:2

Better financial management is central to providing much needed
accountability and addressing high-risk problems.  The government's
financial systems are all too often unable to effectively perform the
most rudimentary bookkeeping for organizations, many of which are
oftentimes much larger than many of the nation's largest private
corporations.  Federal financial management suffers from decades of
neglect, inattention to good controls, and failed attempts to improve
financial management and modernize outdated financial systems. 

This situation is illustrated in a number of high-risk areas,
including

  -- the weaknesses that undermine DOD's ability to obtain a positive
     audit opinion showing that it can accurately account for a $250
     billion annual budget and over $1 trillion in government assets,

  -- the substantial improvements that are needed in IRS' accounting
     and financial reporting for federal tax revenue, and

  -- the fundamental control weaknesses that resulted in the
     Department of Housing and Urban Development's Inspector General
     being unable to give an opinion on the department's fiscal year
     1995 financial statements. 

The landmark CFO Act, as expanded in 1994 by the Government
Management Reform Act, provides a long overdue and ambitious agenda
to help resolve these types of financial management deficiencies. 
The act established a CFO structure in 24 major agencies to provide
the necessary leadership.  Moreover, the CFO Act set expectations for
(1) the deployment of modern systems to replace existing antiquated,
often manual, processes, (2) the development of better performance
and cost measures, and (3) the design of results-oriented reports on
the government's financial condition and operating performance. 

In the next few months, we will witness a monumental achievement:  24
CFO act agencies--covering virtually the entire federal budget--will
have prepared and have audited financial statements for their entire
operations for fiscal year 1996.  This major milestone represents the
first time that all major government agencies will have exercised the
type of financial reporting and control discipline that has been
required in the private sector for over 60 years and in state and
local governments since the early 1980s. 

As we have testified several times, important and steady progress is
being made under the act to bring about sweeping reforms and rectify
the devastating legacy from inattention to financial management.\14
For example, CFO Act financial audits have resulted in IRS top
management having a better understanding than ever before of the
agency's financial management problems.  Also, the act provided
impetus for IRS' progress in improving payroll processing and
accounting for administrative operations and is prompting the agency
to work on solutions to revenue and accounts receivable accounting
problems.  These efforts are in response to the nearly 60 improvement
recommendations we have made as a result of our audits of IRS'
financial statements under the CFO Act during the past several years. 

Also, implementing the CFO Act's blueprint for financial management
improvements is at the heart of resolving many of DOD's high-risk
problems.  Since 1990, auditors have made over 400 recommendations
aimed at helping to correct DOD's financial management problems. 
While no military service or other DOD component has been able to
withstand the scrutiny of an independent financial statement audit
and the department's financial management processes are among the
worst in government, DOD's financial management leaders have
recognized the importance of tackling these problems.  They have
expressed a commitment to financial management reform and have many
initiatives underway to address long-standing financial management
weaknesses. 

Much remains to be done at both IRS and DOD to realize necessary
improvements, and our reports have outlined the actions necessary to
improve their financial management.  An intensive effort by IRS and
DOD and support by the Congress will be required as well.  Also,
financial statements for many government programs and operations
involving billions of dollars, such as Medicare, are being prepared
and audited for the first time ever.  We have worked with agency CFOs
and Inspectors General, OMB, and the Department of the Treasury over
several years to be a catalyst for the preparation and audit of
agencywide financial statements across government.  We also have
worked with OMB and Treasury to create the Federal Accounting
Standards Advisory Board, which recently completed a complete set of
new accounting standards for the federal government. 

When financial statement audits under the CFO Act are completed, it
will be important for the Congress to ensure that agencies promptly
and thoroughly correct problems that these audits identify.  To
assist the Congress in this area, we plan to explore the concept of
agency audit committees, which are commonplace and effective for
private-sector corporations, as a means of maintaining high-level
vigilance and support for fixing problems. 

Other challenges include

  -- continuing to build stronger financial management organizations
     by upgrading skill levels, enhancing training, and ensuring that
     CFOs possess all the necessary authorities within their agencies
     to achieve change;

  -- devising and applying more effective solutions to address
     difficult problems plaguing agencies' underlying financial
     systems;

  -- designing comprehensive accountability reports to permit more
     thorough and objective assessments of agencies' performance and
     financial conditions, as well as to enhance the budget
     preparation and deliberation process; and

  -- implementing complementary legislative requirements, including
     (1) the Debt Collection Improvement Act of 1996 enacted to
     expand and strengthen federal agency debt collection practices
     and authorities and (2) the Federal Financial Management
     Improvement Act of 1996 requiring agencies to comply with new
     federal accounting standards, federal financial systems
     requirements, and the U.S.  government's standard general
     ledger. 


--------------------
\14 Financial Management:  Continued Momentum Essential to Achieve
CFO Act Goals (GAO/T-AIMD-96-10, December 14, 1995); Financial
Management:  Momentum Must Be Sustained to Achieve the Reform Goals
of the Chief Financial Officers Act (GAO/T-AIMD-95-204, July 25,
1995); and Financial Management:  CFO Act Is Achieving Meaningful
Progress (GAO/T-AIMD-94-149, June 21, 1994). 


   IMPROVING PERFORMANCE AND
   PROVIDING BETTER SERVICE
---------------------------------------------------------- Chapter 0:3

The Government Performance and Results Act seeks to shift the focus
of federal management and decision-making from a preoccupation with
the number of tasks completed or services provided to a more direct
consideration of the results of programs--that is, the real
differences the tasks or services make to the nation or individual
taxpayer.  GPRA originated in part from the Congress's frustration
that congressional policymaking, spending decisions, and oversight
and agencies' decision-making all had been seriously handicapped by
the lack of clear goals and sound performance information.  The
Congress viewed GPRA as a critical tool to address serious shortfalls
in the effectiveness of federal programs--many of which had been
extensively documented in our work. 

In crafting GPRA, the Congress built on the experiences of leading
states and local governments and other countries that were
successfully implementing management reform efforts and becoming more
results-oriented.  As a starting point, GPRA requires executive
agencies to complete--no later than September 30 of this
year--strategic plans in which they define their missions, establish
results-oriented goals, and identify the strategies they will use to
achieve those goals.  GPRA requires agencies to consult with the
Congress and solicit the input of other stakeholders as they develop
these plans. 

Next, beginning with fiscal year 1999, executive agencies are to use
their strategic plans to prepare annual performance plans.  These
performance plans are to include annual goals linked to the
activities displayed in budget presentations as well as the
indicators the agency will use to measure performance against the
results-oriented goals.  Agencies are subsequently to report each
year on the extent to which goals were met, provide an explanation if
these goals were not met, and present the actions needed to meet any
unmet goals. 

When it passed GPRA, the Congress clearly understood that most
agencies would need to make fundamental management changes to
properly implement this law and that these changes would not come
quickly or easily.  As a result, GPRA included a pilot phase where
about 70 federal organizations gained experience in implementing key
parts of GPRA and provided valuable lessons for the rest of the
government.  Our Executive Guide:  Effectively Implementing the
Government Performance and Results Act (GAO/GGD-96-118, June 1996)
was intended to help agencies implement GPRA by drawing on the
experiences of leading public-sector organizations here and abroad to
suggest a proven and practical path that agencies can take to
implement GPRA. 

Our work has found numerous examples of management-related problems
stemming from unclear agency missions; the lack of results-oriented
performance goals; the absence of well-conceived agency strategies to
meet those goals; and the failure to gather and use accurate,
reliable, and timely program performance and cost information to
measure progress in achieving results.  Addressing these problems is
both a challenge and an opportunity for effectively implementing
GPRA. 

The congressional consultations on agencies' strategic plans--which
in many cases are beginning now--provide an important opportunity for
the Congress and the executive branch to work together to ensure that
missions are focused, goals are results-oriented and clearly
established, and strategies and funding expectations are appropriate
and reasonable.  The experiences of leading organizations suggest
that planning efforts that have such characteristics can become
driving forces in improving the effectiveness and efficiency of
program operations.  The GPRA strategic planning process thus
provides the Congress with a potentially powerful vehicle for
clarifying its expectations for agencies and expanding the focus on
results expected from funding decisions. 

Moreover, as part of the Congress's integrated statutory framework,
the successful implementation of the CFO Act, the PRA, and the
Clinger-Cohen Act are absolutely critical if GPRA is to be successful
in improving program performance.  For example, with successful
implementation, the audited financial statements required by the CFO
Act will provide congressional and executive branch decisionmakers
with the reliable financial and program cost information that they
have not previously had.  This information is to be provided to
decisionmakers in results-oriented reports on the government's
program results and financial condition that, for the first time,
integrate budget, financial, and program information.  These reports
are also to include cost information that enables users to relate
costs to outputs and outcomes. 

Equally important, the sound application and management of
information technology to support strategic program goals must be an
important part of any serious attempt to improve agency mission
performance, cut costs, and enhance responsiveness to the public. 
The successful implementation of information technology reform
legislation--which, among other things, requires that agencies have a
strategy that links technology investments to achieving programmatic
results--is critical to ensuring the wise use of the billions of
dollars the government is investing in information systems. 

Thus, in concert with the CFO Act and information technology
legislation, improved goal-setting and performance measures developed
under GPRA are critical to addressing high-risk areas.  Clear goals
and sound performance data are key to strengthening decision-making
in agencies and in the Congress and pinpointing specific
opportunities for improved performance.  For example, performance
measures can be useful in

  -- guiding management of defense inventory levels to prevent the
     procurement of billions of dollars of centrally managed
     inventory items that may not be needed.  For example, as of 1995
     about half of the $69.6 billion defense inventory is beyond what
     is needed to support war reserve or current operating
     requirements. 

  -- reaching agreement with the Congress on and monitoring
     acceptable levels of errors in benefit programs, which may never
     be totally eliminated but can be much better controlled.  For
     instance, no one can determine with precision how much Medicare
     loses each year to fraudulent and abusive claims, but losses
     could be from $6 billion to as much as $20 billion based on 1996
     outlays. 

  -- monitoring loan loss levels and delinquency rates for the
     government's direct loan and loan guarantee
     programs--multibillion dollar operations in which losses for a
     variety of programs involving farmers, students, and home buyers
     are expected but can be minimized with greater oversight.  For
     example, in fiscal year 1995, the federal government paid out
     over $2.5 billion to make good its guarantee on defaulted
     student loans. 

  -- assessing the results of tax enforcement initiatives, delinquent
     tax collection activities, and filing fraud reduction efforts. 
     For instance, in fiscal year 1996, IRS reported it had collected
     almost $30 billion in delinquent taxes--more than in any
     previous year.  However, fundamental problems continue to hamper
     IRS' efforts to efficiently and effectively manage and collect
     its reported $216 billion inventory of tax debts. 

While the experiences of leading organizations and federal efforts
under GPRA thus far show that full GPRA implementation will take time
and much effort, our executive guide shows that improvements in
performance--sometimes substantial ones--are possible even in the
short term when an organization adopts a disciplined approach to
defining its mission and desired results, measuring its performance,
and using information to make decisions.  For example, our executive
guide provides examples from the Federal Emergency Management Agency,
the Veterans' Health Administration, the Coast Guard, and other
agencies that are well on the way to improving performance by better
focusing on results. 


   NO SUBSTITUTE FOR DILIGENT
   MANAGEMENT COMMITMENT AND
   FOLLOW-THROUGH
---------------------------------------------------------- Chapter 0:4

Management commitment is key to solving high-risk problems and
getting off the high-risk list.  There is no substitute for the basic
management practices of goal-setting and follow-through.  Agencies
have successfully used these common mechanics to make significant
progress and get at the root causes of high-risk problems.  In 1995,
progress in addressing five high-risk areas was sufficient to warrant
the high-risk designation being removed, including the following. 

The Pension Benefit Guaranty Corporation's (PGBC) high-risk
designation was removed due to substantially improved internal
controls and systems.  For example, PBGC's liability for future
benefits (amounts owed to employees of terminated pension plans
insured by PBGC) represents about 95 percent of PBGC's total
liability.  In fiscal year 1992, PBGC sufficiently addressed
long-standing deficiencies in (1) documentation and support for
various techniques and assumptions used for estimating PBGC's
liability for future benefits, (2) the ability to assure the
completeness and accuracy of data used in the estimating techniques,
and (3) estimating software.  These improvements enabled us to
certify PBGC's balance sheet for the first time. 

In fiscal year 1993, PBGC resolved serious system limitations that
had restricted its ability to fully process all premium information,
assess the accuracy of premium amounts, and collect amounts due. 
These improvements, coupled with the improved controls over the
process for estimating PBGC's liability for future benefits, enabled
us to certify PBGC's complete set of financial statements in fiscal
years 1993 and 1994.  PBGC has maintained its auditability since the
Corporation's Inspector General took over responsibility for auditing
its annual financial statements in fiscal year 1995. 

Also, the Congress enacted legislation in 1994 to strengthen minimum
funding standards for pension plans and to phase out the cap on
variable rate premiums paid by underfunded plans.  These provisions
were designed to lower the underfunding in pension plans, thus
reducing PBGC's exposure, and to reduce the Corporation's deficit
overtime. 

The Resolution Trust Corporation (RTC) was moved off the high-risk
list because the Congress enacted specific management reforms with
required progress reporting to achieve the needed improvements in
RTC's contracting, asset disposition, and supporting management
information systems.  Also, RTC

  -- improved its internal controls over receivership operations and
     methodology for estimating cash recoveries from the assets of
     failed thrifts;

  -- strengthened its financial systems and controls, which enabled
     us to fully certify RTC's financial statements for the fiscal
     year ended December 31, 1992, and subsequent fiscal years until
     RTC was terminated on December 31, 1995; and

  -- created an audit committee that included the Director of the
     Office of Thrift Supervision, a Federal Reserve Board member,
     and a representative from the private sector. 

In contrast, our experience is that programs are designated high risk
when agencies fail to quickly recognize growing problems,
underestimate what it will take to correct them, and do not take
prompt corrective measures.  This has occurred for the 16 new areas
that have been designated high risk since our high-risk initiative
began 7 years ago.  Of these, 5 were designated just last month. 
Overall, of the 25 areas that are the current focus of our high-risk
program, 12 areas, or about half, have been on the list for 2 years
or less. 


   SUSTAINED CONGRESSIONAL
   OVERSIGHT AND FOCUSED ATTENTION
   ARE ESSENTIAL
---------------------------------------------------------- Chapter 0:5

We have also long advocated sustained oversight and attention by the
Congress to agencies' efforts to fix high-risk problem areas and
implement broad management reforms.  The Congress must continue to
play a central role in ensuring that management problems in agencies'
operations are identified and weaknesses addressed. 


      PROVIDING ACCOUNTABILITY
      REPORTS
-------------------------------------------------------- Chapter 0:5.1

We have advocated that congressional committees of jurisdiction hold
annual or at least biennial comprehensive oversight on each
department and major independent agency.  The plans and reports that
agencies are to develop under GPRA and the audited financial
statements that are to be prepared under the expanded CFO Act should
serve as the basis for those hearings. 

Congressional oversight can be shaped by thorough accountability
reports that provide a comprehensive picture of agencies' performance
pursuant to its stated goals and objectives.  Under the Government
Management Reform Act, several agencies are preparing accountability
reports on a pilot basis.  These new reports will combine the
separate reports required under various laws, such as GPRA and the
CFO Act.  The accountability reports are intended to show the degree
to which an agency met its goals, at what cost, and whether the
agency was well run. 

The Congress must have a central role in defining the content and
format of these reports to ensure that the reports eventually provide
the Congress with comprehensive "report cards" on the degree to which
agencies are making wise and effective use of tax dollars and to
provide a better basis for identifying issues to focus on during the
oversight process.  This will also provide a full picture of an
agency's program performance and resource usage to accomplish its
mission. 


      MEETING THE HUMAN RESOURCE
      MANAGEMENT CHALLENGE
-------------------------------------------------------- Chapter 0:5.2

Another matter for congressional attention is improving the
management and effectiveness of federal programs by modernizing human
resource management systems.  Hiring the right people and managing
them effectively will be indispensable to improving the performance
of federal agencies.  In an era that demands improved performance at
reduced costs, agencies' success increasingly will depend upon their
abilities to assemble a staff with the right blend of talents and
skills. 

However, as our work on financial and information technology issues
has suggested, many agencies' staffs are not well prepared to meet
this challenge.  GPRA also recognizes the importance of human
resource management by requiring that agencies' strategic plans
include a description of how they intend to use their people to
achieve their strategic goals.  The question is:  does the existing
civil service system allow agencies the flexibility to respond to
these new demands?  On the one hand, the competitive service is
undoubtedly more flexible than it was 2 decades ago.\15 Efforts to
make it so go back at least as far as the Civil Service Reform Act of
1978 (CSRA).  Yet, despite CSRA and other measures taken since then,
the competitive service as a whole is still widely viewed as
burdensome to managers, unappealing to ambitious recruits, hidebound
and outdated, overregulated, and inflexible.  In short, there is
general recognition that in one way or another, the civil service
must be made more flexible in response to a changing environment. 

Leading private-sector employers--as well as some government entities
both here and abroad--are creating personnel systems that diverge
sharply from the federal government's traditional approach.  The new
model is more decentralized, focused more directly on mission
accomplishment, and set up more to establish guiding principles than
to prescribe detailed rules and procedures.  In our contacts with
experts from private-sector organizations and from other governments
both here and abroad and with labor representatives, academicians,
and experienced federal officials, we have identified several newly
emerging principles for managing people in high-performing
organizations. 

Our Transforming the Civil Service:  Building the Workforce of the
Future--Results of A GAO-Sponsored Symposium (GAO/GGD-96-35, December
20, 1995) distilled the key principles we learned.  Among these key
principles were:  First, in today's high-performing organizations,
people are valued as assets rather than as costs.  They are
recognized as crucial to organizational success--as partners rather
than as mere hired help--and organizations that recognize them as
partners invest in their professional development and empower them to
contribute ideas and make decisions.  Second, organizational mission,
vision, and culture are emphasized over rules and regulations.  In
place of highly detailed rules to manage their employees, leading
organizations are relying increasingly on a well-defined mission, a
clearly articulated vision, and a coherent organizational structure
to form the foundation for the key business systems and processes
they use to achieve desired results.  Third, managers are given the
authority to manage their people flexibly and creatively so they can
focus on achieving results rather than on doing things "by the
book."\16 They are held accountable for outcomes--for furthering the
mission and vision of the organization--rather than for adhering to a
set of minutely defined procedures. 

This, once again, is an approach that we have observed largely in the
private sector.  But the integration of human resource management
into the business of the organization coincides with a practice we
have identified as critical to the implementation of GPRA--the
alignment of activities, core processes, and resources to support
mission-related goals.  As the federal government fully implements
GPRA, agencies and the Congress will be able to gain further
experience with how best to provide flexibility in managing federal
employees to better achieve mission results while observing merit
systems principles. 


--------------------
\15 A note on the term "competitive service":  What is commonly
thought of as the "civil service"--the federal civilian workforce
subject to all the provisions of title 5 of the U.S.  Code--comprises
only about 54 percent of all federal civil servants.  This segment is
technically known as the "competitive service," and operates under
the federal merit system.  The other 46 percent of federal workers
are employed in agencies or other federal entities--such as
government corporations (like TVA) and quasi-governmental
organizations (like the U.S.  Postal Service)--that operate outside
title 5 or are statutorily exempted from parts of it.  These workers,
while all members of the civil service, are in the "excepted service"
and are covered by a variety of alternative merit systems. 

\16 In 1995, the Office of Personnel Management developed more
flexible rules for managing performance in the competitive service. 
We are currently examining performance management initiatives taken
by a number of GPRA pilots. 


      LINKING RESOURCE ALLOCATION
      DECISIONS TO RESULTS
-------------------------------------------------------- Chapter 0:5.3

Another future challenge is to better link resource allocation
decisions to results.  Ultimately, to improve the effectiveness and
efficiency of government, the statutory framework described
above--GPRA, the CFO Act, and information technology reforms--must be
better integrated with the federal government's resource estimation
and allocation processes.  Although vitally important as an agency
management improvement tool, this framework also will provide new
information and perspectives that can be particularly useful to the
process of allocating scarce resources among competing national
priorities.  Comparably, the budget process will need to continue to
adapt to take full use of the benefits flowing from these initiatives
and to support their further development. 

The statutory framework established by the Congress can significantly
improve the information presented to decisionmakers during the annual
budget process.  Financial systems improvements and audited financial
statements brought about by the CFO Act will enhance the accuracy and
reliability of financial information undergirding budgetary estimates
and provide a clearer appreciation of long-term unfunded commitments
and of the full costs of current government programs.  The
information technology reforms and the Federal Acquisition
Streamlining Act of 1994 are part of a broader agenda that recognizes
the need for better risk management and integrated life-cycle costing
of capital investments, which should ensure appropriate consideration
and full-funding of such proposals within annual budget
deliberations. 

Similarly, GPRA holds promise of restoring public confidence in
government at a time when we must make increasingly more painful
budgetary choices.  GPRA aims to provide systematic information on
the performance of government programs and to directly link such
information with the annual budget process.  Although many factors
appropriately influence budget decisions, effective implementation of
GPRA will add critical information about what citizens and the nation
are receiving for each dollar spent.  Ultimately, debate about
funding levels should begin to focus on the performance of individual
programs, the overall effectiveness of agency operations, and the
need for efforts to better coordinate and harmonize federal agency
missions and activities. 

History indicates, however, that careful attention will be needed to
ensure that the separate objectives and processes of these reform
initiatives are effectively melded with the budget process. 
Integrating strategic planning, financial accounting, and budget
formulation and execution processes will pose profound challenges;
attempts to connect performance goals and results to traditional
budget decision structures will inevitably encounter issues that the
Congress and the executive branch will need to jointly address. 


-------------------------------------------------------- Chapter 0:5.4

The challenges of solving pressing management problems are great, but
the rewards are high.  While the legislative framework is in place,
much work remains to be done to fully and effectively achieve its
goals.  Continued dialogue between legislative and executive branch
officials is key to strengthen management of the federal government's
enormous investment in information technology, improve data to help
make spending decisions, and enable better assessments of the
performance and cost of federal activities and operations. 

Mr.  Chairman, this concludes my statement.  I would be happy to now
respond to any questions. 


AREAS DESIGNATED HIGH RISK
=========================================================== Appendix I


   PROVIDING FOR ACCOUNTABILITY
   AND COST-EFFECTIVE MANAGEMENT
   OF DEFENSE PROGRAMS
--------------------------------------------------------- Appendix I:1

Financial management (1995)
Contract management (1992)
Inventory management (1990)
Weapon systems acquisition (1990)
Defense infrastructure (1997)


   ENSURING ALL REVENUES ARE
   COLLECTED AND ACCOUNTED FOR
--------------------------------------------------------- Appendix I:2

IRS financial management (1995)
IRS receivables (1990)
Filing fraud (1995)
Tax Systems Modernization (1995)
Customs Service financial management (1991)
Asset forfeiture programs (1990)


   OBTAINING AN ADEQUATE RETURN ON
   MULTIBILLION DOLLAR INVESTMENTS
   IN INFORMATION TECHNOLOGY
--------------------------------------------------------- Appendix I:3

Tax Systems Modernization (1995)
Air traffic control modernization (1995)
Defense's Corporate Information Management initiative (1995)
National Weather Service modernization (1995)
Information security (1997)
The Year 2000 Problem (1997)


   CONTROLLING FRAUD, WASTE, AND
   ABUSE IN BENEFIT PROGRAMS
--------------------------------------------------------- Appendix I:4

Medicare (1990)
Supplemental Security Income (1997)


   MINIMIZING LOAN PROGRAM LOSSES
--------------------------------------------------------- Appendix I:5

HUD (1994)
Farm loan programs (1990)
Student financial aid programs (1990)


   IMPROVING MANAGEMENT OF FEDERAL
   CONTRACTS AT CIVILIAN AGENCIES
--------------------------------------------------------- Appendix I:6

Department of Energy (1990)
NASA (1990)
Superfund (1990)

Also, planning for the 2000 Decennial Census was designated high risk
in 1997. 


1997 HIGH-RISK SERIES
========================================================== Appendix II

An Overview (GAO/HR-97-1)

Quick Reference Guide (GAO/HR-97-2)

Defense Financial Management (GAO/HR-97-3)

Defense Contract Management (GAO/HR-97-4)

Defense Inventory Management (GAO/HR-97-5)

Defense Weapon Systems Acquisition (GAO/HR-97-6)

Defense Infrastructure (GAO/HR-97-7)

IRS Management (GAO/HR-97-8)

Information Management and Technology (GAO/HR-97-9)

Medicare (GAO/HR-97-10)

Student Financial Aid (GAO/HR-97-11)

Department of Housing and Urban Development (GAO/HR-97-12)

Department of Energy Contract Management (GAO/HR-97-13)

Superfund Program Management (GAO/HR-97-14)

The entire series of 14 high-risk reports is numbered
GAO/HR-97-20SET. 


*** End of document. ***