Information Technology:

Agencies Need to Involve Chief Information Officers in Reviewing Billions of Dollars in Acquisitions

GAO-18-42: Published: Jan 10, 2018. Publicly Released: Jan 10, 2018.

Multimedia:

Additional Materials:

Contact:

David A. Powner
(202) 512-9286
pownerd@gao.gov

 

Office of Public Affairs
(202) 512-4800
youngc1@gao.gov

What GAO Found

Most of the 22 selected agencies did not identify all of their information technology (IT) contracts. The selected agencies identified 78,249 IT-related contracts, to which they obligated $14.7 billion in fiscal year 2016. However, GAO identified 31,493 additional contracts with $4.5 billion obligated, raising the total amount obligated to IT contracts in fiscal year 2016 to at least $19.2 billion (see figure).The percentage of additional IT contract obligations GAO identified varied among the selected agencies. For example, the Department of State did not identify 1 percent of its IT contract obligations. Conversely, 8 agencies did not identify over 40 percent of their IT-related contract obligations.

Figure: Agency- and GAO-Identified Approximate Dollars Obligated to Fiscal Year 2016 Information Technology (IT) Contracts at the 22 Selected Agencies

Figure: Agency- and GAO-Identified Approximate Dollars Obligated to Fiscal Year 2016 Information Technology (IT) Contracts at the 22 Selected Agencies

Note: Due to rounding, the totals may not equal the sum of component obligation amounts.

Many of the selected agencies that did not identify these IT acquisitions did not follow Office of Management and Budget's (OMB) guidance. Specifically, 14 of the 22 agencies did not involve the acquisition office in their process to identify IT acquisitions for Chief Information Officer (CIO) review, as required by OMB. In addition, 7 agencies did not establish guidance to aid officials in recognizing IT. Until agencies involve the acquisitions office in their IT identification processes and establish supporting guidance, they cannot ensure that they will identify all IT acquisitions. Without proper identification of IT acquisitions, agencies and CIOs cannot effectively provide oversight of these acquisitions.

In addition to not identifying all IT contracts, 14 of the 22 selected agencies did not fully satisfy OMB's requirement that the CIO review and approve IT acquisition plans or strategies. Further, only 11 of 96 randomly selected IT contracts at 10 agencies that GAO evaluated were CIO-reviewed and approved as required by OMB's guidance. The 85 IT contracts not reviewed had a total possible value of approximately $23.8 billion. Until agencies ensure that CIOs review and approve IT acquisitions, CIOs will continue to have limited visibility and input into their agencies' planned IT expenditures and will not be able to use the increased authority that FITARA's contract approval provision is intended to provide. Further, agencies will likely miss an opportunity to strengthen CIOs' authority and the oversight of IT acquisitions. As a result, agencies may award IT contracts that are duplicative, wasteful, or poorly conceived.

Why GAO Did This Study

The federal government invested more than $90 billion on IT in fiscal year 2016. However, prior IT expenditures have produced failed projects. Recognizing the severity of issues, in December 2014 Congress enacted IT acquisition reform legislation (referred to as the Federal Information Technology Acquisition Reform Act, or FITARA). Among other things, OMB's FITARA implementation guidance requires covered agencies' chief acquisition officers to identify IT contracts for the CIOs to review and approve.

GAO's objectives were to determine the extent to which (1) federal agencies identify IT contracts and how much is invested in them, and (2) federal agency CIOs are reviewing and approving IT acquisitions. To do so, GAO reviewed data on IT contracts from fiscal year 2016 at 22 agencies and compared agency actions to law and OMB guidance.

What GAO Recommends

GAO is making 39 recommendations, including that agencies ensure that acquisition offices are involved in identifying IT and issue related guidance; and to ensure IT acquisitions are reviewed according to OMB guidance. OMB and 20 agencies generally agreed with or did not comment on the recommendations. One agency agreed with one recommendation, but disagreed with another. GAO believes this recommendation is warranted. One agency disagreed with two recommendations. GAO subsequently removed one of these, but believes the other recommendation is warranted, as discussed in the report.

For more information, contact David A. Powner at (202) 512-9286 or pownerd@gao.gov.

Recommendations for Executive Action

  1. Status: Closed - Implemented

    Comments: The agency concurred with our recommendation and in a March 2018 update stated that the CAO is involved in the process to identify IT acquisitions through a new policy issued in November 2017. Specifically, USDA's Procurement Advisory 130 states that Contracting Officers (located within the acquisition office) shall not issue solicitations for IT acquisitions until the office of the CIO has reviewed, approved, and provided an Acquisition Approval Request number. Implementing this recommendation will help ensure that the agency adequately identifies its IT-related acquisitions and the CIO has the opportunity to provide needed oversight of these acquisitions.

    Recommendation: The Secretary of Agriculture should ensure that the office of the chief acquisition officer (CAO) is involved in the process to identify IT acquisitions. (Recommendation 1)

    Agency Affected: Department of Agriculture

  2. Status: Open

    Comments: The agency concurred with our recommendation, but as of May 1, 2018, the agency has not provided an update on the implementation of this recommendation.

    Recommendation: The Secretary of Agriculture should direct the CAO and CIO to issue specific guidance to ensure IT-related acquisitions are properly identified. (Recommendation 2)

    Agency Affected: Department of Agriculture

  3. Status: Open

    Comments: The agency concurred with our recommendation, and in May 2018, the agency provided an update that stated that its Capital Planning and Information Technology Governance Division (CPITGD) was completing acquisition plan and strategy reviews and approvals on behalf of the USDA CIO. However, as of July 2018, the agency had not provided evidence to demonstrate that these reviews and approvals are taking place, as required by OMB's guidance. We will continue to monitor the implementation of this recommendation.

    Recommendation: The Secretary of Agriculture should ensure that IT acquisition plans or strategies are reviewed and approved according to OMB's guidance. (Recommendation 3)

    Agency Affected: Department of Agriculture

  4. Status: Open

    Comments: In a March 2018 response to our report, the agency agreed with our recommendation and stated that the CIO and the Senior Procurement Executive will issue a memo to their acquisition and CIO member offices clarifying the offices joint responsibilities to ensure that all IT acquisitions are submitted to the CIO for review and approval. The memo is also to provide guidance on the process by which the CIO will review proposed contract actions. We will continue to monitor the implementation of this recommendation.

    Recommendation: The Secretary of Commerce should ensure that the office of the CAO is involved in the process to identify IT acquisitions. (Recommendation 4)

    Agency Affected: Department of Commerce

  5. Status: Open

    Comments: In a March 2018 response to our report, the agency agreed with our recommendation and stated that it intended to clarify its policies and procedures to comply with OMB rules, including the IT acquisition checklist, which must be completed for every proposed contract action. In addition, the CIO and Senior Procurement Executive will work together to review existing acquisition plan review and approval processes. We will continue to monitor the implementation of this recommendation.

    Recommendation: The Secretary of Commerce should ensure that IT acquisition plans or strategies are reviewed and approved according to OMB's guidance. (Recommendation 5)

    Agency Affected: Department of Commerce

  6. Status: Open

    Comments: The agency concurred with our recommendation, but as of May 1, 2018, the agency has not provided an update on the implementation of this recommendation.

    Recommendation: The Secretary of Education should ensure that the office of the CAO is involved in the process to identify IT acquisitions. (Recommendation 6)

    Agency Affected: Department of Education

  7. Status: Open

    Comments: The agency did not concur with this recommendation and stated that the CIO reviews and approves IT acquisition strategies and plans as part of his review and approval of IT investments. Our report noted that while two agency documents indicated that the agency's office of the CIO is to review IT acquisition plans, another document infers that this review and approval is optional. We will continue to monitor the implementation of this recommendation.

    Recommendation: The Secretary of Education should ensure that IT acquisition plans or strategies are reviewed and approved according to OMB's guidance. (Recommendation 7)

    Agency Affected: Department of Education

  8. Status: Closed - Implemented

    Comments: The agency concurred with our recommendation and in December 2017 updated its acquisition guide to include instructions on identifying IT-related acquisitions. Specifically, the agency's guide was updated to include a definition of IT to aid employees in the identification of IT acquisitions. Implementing this guidance will help ensure that the agency adequately identifies its IT-related acquisitions and the CIO has the opportunity to provide needed oversight of these acquisitions.

    Recommendation: The Secretary of Energy should direct the CAO and CIO to issue specific guidance to ensure IT-related acquisitions are properly identified. (Recommendation 8)

    Agency Affected: Department of Energy

  9. Status: Closed - Implemented

    Comments: The agency concurred with our recommendation and in December 2017 updated its acquisition guide to include a provision for the CIO review and approval of IT acquisition plans. Ensuring that the CIO has appropriate insight into IT acquisitions will allow Labor to fully realize the benefits FITARA intended, such as identifying IT acquisitions that are duplicative, wasteful, or poorly conceived.

    Recommendation: The Secretary of Energy should ensure that IT acquisition plans or strategies are reviewed and approved according to OMB's guidance. (Recommendation 9)

    Agency Affected: Department of Energy

  10. Status: Open

    Comments: The agency agreed with our recommendation and in an April 2018 update stated that HHS has policy for the HHS IT acquisition review process for acquisition strategies. However, as of May 1, 2018, the agency had not provided evidence that the CIO (or designee) was reviewing and approving randomly selected IT acquisition plans, as required. We will continue to monitor the implementation of this recommendation.

    Recommendation: The Secretary of HHS should ensure that IT acquisition plans or strategies are reviewed and approved according to OMB's guidance. (Recommendation 10)

    Agency Affected: Department of Health and Human Services

  11. Status: Open

    Comments: The agency concurred with our recommendation and in a March 2018 update stated that the department intends to leverage the use of the Annual Strategic Acquisition Plan process to have the Chief Acquisition Officer review, identify, and coordinate with the Chief Information Officer on any applicable IT-related acquisitions. The department intends to brief the CAO and the new CIO on the process and close the recommendation by July 31, 2018. We will continue to monitor the implementation of this recommendation.

    Recommendation: The Secretary of Housing and Urban Development should ensure that the office of the CAO is involved in the process to identify IT acquisitions. (Recommendation 11)

    Agency Affected: Department of Housing and Urban Development

  12. Status: Closed - Implemented

    Comments: The agency concurred with our recommendation, and in July 2018, HUD provided us evidence that the Office of Management and Budget approved its CIO Assignment Plan. This assignment plan, together with HUD's FITARA guidance, details that HUD's Office of the CIO is to review IT acquisition requests that include an acquisition plan or strategy for acquisitions at or above $500,000. IT acquisitions below this amount are reviewed by program leadership. Ensuring that the CIO has appropriate insight into IT acquisitions will allow Labor to fully realize the benefits FITARA intended, such as identifying IT acquisitions that are duplicative, wasteful, or poorly conceived.

    Recommendation: The Secretary of Housing and Urban Development should ensure that IT acquisition plans or strategies are reviewed and approved according to OMB's guidance. (Recommendation 12)

    Agency Affected: Department of Housing and Urban Development

  13. Status: Open

    Comments: The agency concurred with our recommendation and in a March 2018 update stated that it was drafting a directive that outlines its implementation strategy for FITARA requirements related to IT acquisition. The directive is to specifically address aspects related to the roles of the CAO and the CIO in managing and overseeing IT acquisitions. The agency stated that it planned to complete this directive by September 30, 2018. We will continue to monitor the implementation of this recommendation.

    Recommendation: The Secretary of the Interior should ensure that the office of the CAO is involved in the process to identify IT acquisitions. (Recommendation 13)

    Agency Affected: Department of the Interior

  14. Status: Closed - Implemented

    Comments: The agency concurred with our recommendation. In April 2018, Interior's CIO issued OCIO Directive 2018-003 on the requirements and process for the Annual Information Management and Technology Acquisition Strategic Plan. This directive outlines the procedures that bureaus and offices are to follow when submitting strategic plans to the CIOs office for approval. This directive includes a definition of IT that should aid in the identification of IT. Implementing this guidance will help ensure that the agency adequately identifies its IT-related acquisitions and the CIO has the opportunity to provide needed oversight of these acquisitions.

    Recommendation: The Secretary of Interior should direct the CAO and CIO to finalize and issue guidance on identifying IT acquisitions in order to ensure the CIO review and approval of those acquisitions. (Recommendation 14)

    Agency Affected: Department of the Interior

  15. Status: Open

    Comments: The agency concurred with our recommendation and in a March 2018 update stated that its future Information Management and Technology acquisition review program is to clearly establish the roles and responsibilities of the CIO and CAO in the administration of IT acquisitions. The agency stated that it plans to complete this action by March 31, 2019. We will continue to monitor the implementation of this recommendation.

    Recommendation: The Secretary of the Interior should ensure that IT acquisition plans or strategies are reviewed and approved according to OMB's guidance. (Recommendation 15)

    Agency Affected: Department of the Interior

  16. Status: Open

    Comments: The agency concurred with our recommendation and in a February 2018 update stated that the department was updating its Category Management Policy Instruction to reflect the new process for specifically identifying IT-related acquisitions. The department also stated that it was waiting for final OMB guidance before disseminating the instruction for review. The department plans to issue the instruction within 90 days after receiving OMB's guidance. We will continue to monitor the implementation of this recommendation.

    Recommendation: The Attorney General should direct the senior procurement executive and CIO to issue specific guidance to ensure IT-related acquisitions are properly identified. (Recommendation 16)

    Agency Affected: Department of Justice

  17. Status: Open

    Comments: The agency concurred with our recommendation and in a February 2018 update stated that the department was updating its policy and associated Standards and Procedures to incorporate the review of IT acquisition plans or strategies in accordance with OMB's guidance. The department plans to complete this by the end of the 2018 calendar year. We will continue to monitor the implementation of this recommendation.

    Recommendation: The Attorney General should ensure that IT acquisition plans or strategies are reviewed and approved according to OMB's guidance. (Recommendation 17)

    Agency Affected: Department of Justice

  18. Status: Closed - Implemented

    Comments: The agency concurred with our recommendation and in a written response to our report, submitted two notices (2012-13 and 2012-22) to show the acquisition office's involvement in the process to identification of IT. These notices, particularly 2012-13, show that contracting officers are responsible for ensuring that all applicable acquisitions go through the ITARB process. Involving the acquisition office in the identification of IT will better position Labor to ensure that IT acquisitions are appropriately identified, reviewed, and approved, as required by FITARA.

    Recommendation: The Secretary of Labor should ensure that the office of the CAO is involved in the process to identify IT acquisitions. (Recommendation 18)

    Agency Affected: Department of Labor

  19. Status: Closed - Implemented

    Comments: The agency concurred with our recommendation and in a written response to our report, submitted its Acquisition Plan Guide and Instructions which includes the OMB definition of IT and lists acquisition requirements related to FITARA such as the requirement to obtain CIO review and approval of acquisition plans and strategies. Providing this guidance will help ensure that the agency adequately identifies its IT-related acquisitions and the CIO has the opportunity to provide needed oversight of these acquisitions.

    Recommendation: The Secretary of Labor should direct the CAO and CIO to issue specific guidance to ensure IT-related acquisitions are properly identified. (Recommendation 19)

    Agency Affected: Department of Labor

  20. Status: Closed - Implemented

    Comments: The agency concurred with our recommendation and in a written response to our report provided evidence that its acquisition planning guide and related acquisition plan templates require all acquisitions over $150,000 to be reviewed and approved by the CIO. Ensuring that the CIO has appropriate insight into IT acquisitions will allow Labor to fully realize the benefits FITARA intended, such as identifying IT acquisitions that are duplicative, wasteful, or poorly conceived.

    Recommendation: The Secretary of Labor should ensure that IT acquisition plans or strategies are reviewed and approved according to OMB's guidance. (Recommendation 20)

    Agency Affected: Department of Labor

  21. Status: Open

    Comments: The agency agreed with our recommendation, and in April 2018, the CIO issued a memorandum stating that the Office of Acquisitions Management will not process IT acquisitions without the approval from the CIO. However, this memorandum does not detail the involvement of the Chief Acquisition Officer in the identification of IT acquisitions. We will continue to monitor the implementation of this recommendation.

    Recommendation: The Secretary of State should ensure that the office of the CAO is involved in the process to identify IT acquisitions. (Recommendation 21)

    Agency Affected: Department of State

  22. Status: Open

    Comments: The agency agreed with our recommendation, and in April 2018, the CIO issued a memorandum stating that the Office of Acquisitions Management will not process IT acquisitions without the approval from the CIO. However, this memorandum does not detail that the CIO (or designee) is reviewing and approving IT acquisition plans or strategies. We will continue to monitor the implementation of this recommendation.

    Recommendation: The Secretary of State should ensure that IT acquisition plans or strategies are reviewed and approved according to OMB's guidance. (Recommendation 22)

    Agency Affected: Department of State

  23. Status: Open

    Comments: The agency did not state whether it agreed or disagreed with the recommendation. As of May 1, 2018, the agency has not provided an update. We will continue to monitor the implementation of this recommendation.

    Recommendation: The Secretary of the Treasury should ensure that IT acquisition plans or strategies are reviewed and approved according to OMB's guidance. (Recommendation 23)

    Agency Affected: Department of the Treasury

  24. Status: Open

    Comments: The agency concurred with the recommendation, but as of May 1, 2018, had not provided an update. We will continue to monitor the implementation of this recommendation.

    Recommendation: The Secretary of Transportation should ensure that the office of the CAO is involved in the process to identify IT acquisitions. (Recommendation 24)

    Agency Affected: Department of Transportation

  25. Status: Open

    Comments: The agency concurred with the recommendation, but as of May 1, 2018, had not provided an update. We will continue to monitor the implementation of this recommendation.

    Recommendation: The Secretary of Transportation should direct the CAO and CIO to issue specific guidance to ensure IT-related acquisitions are properly identified. (Recommendation 25)

    Agency Affected: Department of Transportation

  26. Status: Open

    Comments: The agency concurred with the recommendation, but as of May 1, 2018, had not provided an update. We will continue to monitor the implementation of this recommendation.

    Recommendation: The Secretary of Transportation should ensure that IT acquisition plans or strategies are reviewed and approved according to OMB's guidance. (Recommendation 26)

    Agency Affected: Department of Transportation

  27. Status: Open

    Comments: The agency concurred with the recommendation, and in a May 2018 update provided a draft process map that depicts its forthcoming acquisition process that integrates CAO and CIO involvement in IT acquisitions. VA estimated that the process will be implemented in the 4th quarter of fiscal year 2018. We will continue to monitor the implementation of this recommendation.

    Recommendation: The Secretary of Veterans Affairs (VA) should ensure that the office of the CAO is involved in the process to identify IT acquisitions. (Recommendation 27)

    Agency Affected: Department of Veterans Affairs

  28. Status: Open

    Comments: The agency concurred with the recommendation, and in a May 2018 update provided a draft process map that depicts its forthcoming acquisition process that integrates CAO and CIO involvement in IT acquisitions. VA estimated that the process will be implemented in the 4th quarter of fiscal year 2018. We will continue to monitor the implementation of this recommendation.

    Recommendation: The Secretary of VA should ensure that IT acquisition plans or strategies are reviewed and approved according to OMB's guidance. (Recommendation 28)

    Agency Affected: Department of Veterans Affairs

  29. Status: Closed - Implemented

    Comments: The agency stated that it did not take exception to the recommendation, and in a May 2018 update, the agency stated that it had updated its policy which implements the agency CIO guidance to comply with the requirements of FITARA. Specifically, the agency now involves the Chief Acquisition Officer (CAO) or the CAO's designee in the process of identifying IT acquisitions. Involving the acquisition office in the identification of IT will better position Labor to ensure that IT acquisitions are appropriately identified, reviewed, and approved, as required by FITARA.

    Recommendation: The Administrator of the Environmental Protection Agency should ensure that the office of the CAO is involved in the process to identify IT acquisitions. (Recommendation 29)

    Agency Affected: Environmental Protection Agency

  30. Status: Open

    Comments: The agency concurred with the recommendation. In a February 2018 update, NASA stated that it believes that the chief acquisition officer (CAO) is adequately involved in the process to identify IT acquisitions. Specifically, NASA pointed at the Acquisition Strategy Meetings as a point at which the CAO is involved in the identification. However, not all acquisitions have acquisition strategy meetings. In addition, NASA stated that requisition initiators must complete NASA Form 1707 for all NASA procurements. However, as stated in our report Form 1707 is filled out by officials outside of the acquisition office. We will continue to monitor the implementation of this recommendation.

    Recommendation: The Administrator of the National Aeronautics and Space Administration (NASA) should ensure that the office of the CAO is involved in the process to identify IT acquisitions. (Recommendation 30)

    Agency Affected: National Aeronautics and Space Administration

  31. Status: Open

    Comments: The agency concurred with the recommendation and in a February 2018 update stated that it has several policies and rules that provide specific guidance to ensure IT-related acquisitions are properly identified. Specifically, NASA stated that the following policies provided this guidance: NASA Policy Directive 1000.5B, NASA Interim Directive 10000.110, NASA FAR Supplement 1804.7301, and NASA FAR Supplement 1807.71. However, as we stated in our report, these policies do not contain guidance on how the identifying officials should determine whether an acquisition is IT-related. In addition, the agency stated that it had established a Center Functional Review Team that includes a member from the Office of Procurement. However, they did not provide an official policy on the role of the Center Functional Review Team in the identification process. We will continue to monitor the implementation of this recommendation.

    Recommendation: The Administrator of NASA should direct the CAO and CIO to issue specific guidance to ensure IT-related acquisitions are properly identified. (Recommendation 31)

    Agency Affected: National Aeronautics and Space Administration

  32. Status: Open

    Comments: The agency concurred with the recommendation and in a February 2018 update stated that it has completed the implementation of this recommendation and plans no further action in response. Specifically, NASA stated that its CIO had issued a memo in September 2017 delegating the authority to review and approve all IT acquisitions to its Center CIOs. However, as we noted in our report, this delegation of authority has not been approved, as required, by OMB. In addition, NASA stated that the agency CIO attends meetings and review acquisition plans as part of participation in Acquisition Strategy Meetings. However, as we noted in our report, not all acquisitions are subject to an Acquisition Strategy. Further, NASA has not demonstrated that the CIO's review and approval is occurring, as none of the 9 acquisitions we randomly selected in our report were reviewed and approved by the CIO. We will continue to monitor the implementation of this recommendation.

    Recommendation: The Administrator of NASA should ensure that IT acquisition plans or strategies are reviewed and approved according to OMB's guidance. (Recommendation 32)

    Agency Affected: National Aeronautics and Space Administration

  33. Status: Open

    Comments: The agency did not concur with this recommendation and stated that acquisition office officials review acquisitions to ensure that IT is properly identified. However, the agency did not provide supporting documentary evidence to support this assertion. In addition, in a March 2018 update, NRC stated that it planned to issue an internal acquisition instruction by the end of June 2018. We will continue to monitor the implementation of this recommendation.

    Recommendation: The Chairman of the Nuclear Regulatory Commission should ensure that the office of the senior procurement executive is involved in the process to identify IT acquisitions. (Recommendation 33)

    Agency Affected: Nuclear Regulatory Commission

  34. Status: Open

    Comments: The agency concurred with the recommendation and in a March 2018 update stated that it intended to address the recommendation by reviewing and updating policies and processes so that they are aligned with OMB's guidance. We will continue to monitor the implementation of this recommendation.

    Recommendation: The Director of the Office of Personnel Management should ensure that IT acquisition plans or strategies are reviewed and approved according to OMB's guidance. (Recommendation 34)

    Agency Affected: Office of Personnel Management

  35. Status: Closed - Implemented

    Comments: The agency agreed with the recommendation and in December 2017, the Chief Financial Officer and the Chief Information Officer, issued a joint Procedural Notice to all employees requiring all technology-related purches of IT with a total cost of $50,000 or more receive Office of the Chief Information Officer approval. It further required that all procurement submissions to its Acquisition Division (which is the agency's office that includes the senior procurement executive) receive Office of the Chief Information Officer approval. If the Acquisition Division receives a package for an IT acquisition without Office of the CIO approval, the package will be considered incomplete. Involving the Acquisition Division in the identification of IT will better position SBA to ensure that IT acquisitions are appropriately identified, reviewed, and approved, as required by FITARA.

    Recommendation: The Administrator of the Small Business Administration should ensure that the office of the senior procurement executive is involved in the process to identify IT acquisitions. (Recommendation 35)

    Agency Affected: Small Business Administration

  36. Status: Closed - Implemented

    Comments: The agency agreed with the recommendation and in a March 2018 update provided the agency's Information Technology Acquisition Approval Policy. The policy states that it is the responsibility of the CFO and Chief Acquisition Officer/Senior Procurement Executive to notify the CIO when planned acquisition plans and strategies include IT. Further, according to the agency's updated CPIC Guide, SSA's Office of Acquisition and Grants (which is under the Chief Acquisition Officer/Senior Procurement Executive's responsibilities) submits completed IT acquisition plans to the OCIO for approval. Involving the acquisition office in the identification of IT will better position SSA to ensure that IT acquisitions are appropriately identified, reviewed, and approved, as required by FITARA.

    Recommendation: The Commissioner of the Social Security Administration (SSA) should ensure that the office of the senior procurement executive is involved in the process to identify IT acquisitions. (Recommendation 36)

    Agency Affected: Social Security Administration

  37. Status: Open

    Comments: The agency agreed with the recommendation and in a March 2018 update stated that its acquisition plan approval policy details the involvement of the Senior Procurement Executive in identifying IT acquisitions. However, the policy does not provide any guidance that would assist the agency's employees in identifying IT. We will continue to monitor the implementation of this recommendation.

    Recommendation: The Commissioner of SSA should direct the senior procurement executive and CIO to issue specific guidance to ensure IT-related acquisitions are properly identified. (Recommendation 37)

    Agency Affected: Social Security Administration

  38. Status: Closed - Implemented

    Comments: The agency agreed with the recommendation, and as of July 2018, SSA provided evidence that its CIO (or designee was reviewing and approving randomly selected IT acquisition plans, as required by OMB's FITARA guidance. Ensuring that the CIO has appropriate insight into IT acquisitions will allow Labor to fully realize the benefits FITARA intended, such as identifying IT acquisitions that are duplicative, wasteful, or poorly conceived.

    Recommendation: The Commissioner of SSA should ensure that IT acquisition plans or strategies are reviewed and approved according to OMB's guidance. (Recommendation 38)

    Agency Affected: Social Security Administration

  39. Status: Open

    Comments: The agency agreed with the recommendation and in an April 2018 update stated the agency was taking actions to implement the recommendation. The agency anticipated completing these actions by July 2018. We will continue to monitor the implementation of this recommendation.

    Recommendation: The Administrator of the United States Agency for International Development should ensure that IT acquisition plans or strategies are reviewed and approved according to OMB's guidance. (Recommendation 39)

    Agency Affected: United States Agency for International Development

 

Explore the full database of GAO's Open Recommendations »

Aug 2, 2018

Jun 13, 2018

May 24, 2018

May 23, 2018

May 22, 2018

Mar 14, 2018

Jan 30, 2018

Nov 21, 2017

Nov 15, 2017

Looking for more? Browse all our products here