IT Acquisition Added to GAO High Risk List

IT Acquisition Added to GAO High Risk List

The United States Government invests nearly $80 billion annually for IT functions. Despite initiatives to better administer these acquisitions, IT investments continue to experience program failures on a massive scale. Over a 5 year period, the Government Accountability Office (GAO) recommended over 700 improvements for IT acquisitions and operations, however, less than a quarter of the steps they recommended have been implemented.

Recently the GAO conducted the bi-annual update of the GAO High Risk List, which provides updates on high risk areas, as well as adding newly identified high risk programs. GAO added “Improving the Management of IT Acquisitions and Operations” as a new high risk area for 2015.

Programs and governmental functions are placed on the GAO’s High Risk List based upon a number of factors including consideration of:

  • Issues of national importance or critical functions of government performance and accountability
  • Qualitative factors such as risks related to public health or national security
  • Quantitative factors such as the value of assets affected or revenue impacts
  • Current corrective measures to mitigate risks

The GAO identified 9 elements that support successful IT acquisitions and overall management of IT functions. While some of these factors are communication related, such as stakeholder involvement and effective communication with contractors, others are management-oriented such as senior executive support for programs and proper workforce training. In many agencies, GAO found that best practices critical to successful IT acquisition management had not yet been applied.

As mentioned previously, GAO has issued hundreds of recommendations for improving IT acquisition and management. The current GAO report recommends that Office of Management and Budget (OMB) and other involved agencies exhibit significant transformation in 3 high-level areas:

  1. Implement previous recommendations – 80 percent of all IT acquisition and operations-related recommendations should be implemented over a four year period
  2. Ensure functionality – in a 12 month period, no less than 80 percent of IT acquisitions should deliver functionality
  3. Achieve planned savings – 80 percent of planned data consolidation savings and 80 percent of PortfolioStat savings should be achieved

For all GAO high risk programs and functions, 5 fundamental areas are required to be addressed in order for the program to be considered for removal from the High Risk List. These areas include:

  • Leadership commitment – the top tiers of leadership must be committed to the success of the program through communication and staff support
  • Capacity – each agency has the necessary resources, including staff members, to resolve the issue
  • Action plan – a plan exists for departments to take the steps necessary to carry out corrective actions
  • Monitoring – a system is in place to monitor corrective actions with validation conducted independently
  • Demonstrated progress – to ensure that the high-risk area is being addressed, clear progress must be shown

The critical national significance of Information Technology along with substantial failed investments, has contributed to the addition of the “Management of IT Acquisitions and Operations” to the High Risk List. Placing this governmental function on the High Risk List should create an environment of improved processes, accountability and focus, which will benefit the American public as a whole.