Report Contents
Report Terms
Report Recommendations
OIG recommends that the Bureau of Information Resource Management update the Capital Planning and Investment Control Program Guide to comply with Office of Management and Budget requirements. Specifically, the definition of an IT investment should be modified and a requirement to perform a review for duplicative investments across the agency, Federal Government, and private sector should be included.
OIG recommends that the Bureau of Information Resource Management develop and implement a formal process describing when and how Bureau management will review and approve changes to the Capital Planning and Investment Control Program Guide to ensure the guide is compliant with Office of Management and Budget requirements. At a minimum, the plan should include a description of the officials who will review and formally approve the changes to the Program Guide.
OIG recommends that the Bureau of Information Resource Management develop and implement a process to increase the transparency of IT spending related to existing investments, including operations and maintenance costs.
OIG recommends that the Bureau of Information Resource Management, in coordination with the Bureau of Budget and Planning, develop and implement a process for the Bureau of Budget and Planning to provide detailed information to the Bureau of Information Resource Management on bureaus’ IT budgeting and spending.
OIG recommends that the Bureau of Information Resource Management develop and implement a strategy to enforce the requirement that bureaus and offices must consult with and receive guidance from the Bureau of Information Resource Management prior to initiating an IT investment.
OIG recommends that the Bureau of Information Resource Management issue formal guidance stating that bureaus and offices must consult with and receive the approval of the Bureau of Information Resource Management prior to initiating a reorganization of IT investments.
OIG recommends that the Bureau of Information Resource Management develop guidelines on how and when a reorganization of IT investments is necessary and allowable and include those guidelines in the Capital Planning and Investment Control Program Guide.
OIG recommends that the Bureau of Information Resource Management establish and implement a plan to review IT investment reorganizations that occurred since FY 2010 to ensure that the investments resulting from the reorganizations comply with Office of Management and Budget requirements for information technology investments.
OIG recommends that the Bureau of Information Resource Management modify the Capital Planning and Investment Control Program Guide to state that the Bureau of Information Resource Management shall review and approve bureau-specific IT investment methodologies used to develop and invest in IT projects (also known as control gates).
OIG recommends that the Bureau of Information Resource Management develop and implement a process to (a) identify and review all bureau-specific IT investment methodologies (ones currently in place as well as ones that will be developed in the future); (b) determine whether the bureau-specific IT investment methodologies comply with Office of Management and Budget Circular A-130; and, if they do not comply, (c) provide bureaus with guidance regarding the modifications needed to fully comply and verify that the methodologies were modified as necessary. This effort should include reviewing the standard forms used by each bureau during the IT selection process to ensure consistency and compliance with Office of Management and Budget Circular A-130.
OIG recommends that the Bureau of Information Resource Management develop and implement policies and procedures to oversee and enforce requirements for bureaus and offices to avoid duplicative IT investments.
OIG recommends that the Bureau of Information Resource Management develop and implement a process to perform periodic, but no less than annual, reviews of the entire agency IT portfolio to enforce bureau accountability and identify potential duplicative systems.
For duplicative systems that are identified by the new process implemented to perform periodic reviews of the entire agency IT portfolio (Recommendation 12), OIG recommends that the Bureau of Information Resource Management develop and implement a strategy to combine, eliminate, or replace duplicative systems, as practicable.
OIG recommends that the Bureau of Information Resource Management develop and implement a strategy to perform semiannual or more frequent reviews of bureau-funded IT contracts to identify new IT investments developed as part of the contracts.
OIG recommends that the Bureau of Information Resource Management require all bureaus to use iMatrix as the only system to manage IT portfolios.
OIG recommends that the Bureau of Information Resource Management develop and implement a plan to provide access to information on all IT investments in iMatrix to bureaus and offices.
OIG recommends that the Bureau of Information Resource Management (a) develop and implement a policy requiring bureaus and offices to provide details of IT investments, programs, and projects in iMatrix and (b) develop and disseminate guidance specifying the level of detail necessary for each investment, including general descriptions and technical capabilities.
OIG recommends that the Bureau of Information Resource Management develop and implement controls in iMatrix to require that the investment manager and budget analyst revalidate data when financial information for an investment in iMatrix is modified.
OIG recommends that the Bureau of Information Resource Management modify the controls in iMatrix to notify an investment's budget analyst when changes are made to budget data or when there are differences between the amounts included for an investment in different iMatrix modules.
OIG recommends that the Bureau of Information Resource Management develop and issue a policy stating that bureaus must update the information on non-major investments in iMatrix quarterly, rather than only when the reports are due to be submitted to the Office of Management and Budget.
OIG recommends that the Bureau of Information Resource Management develop and implement a process to identify bureaus or offices that have not certified investment information in iMatrix and take action to ensure that the information is certified before the report is submitted to the Office of Management and Budget.
OIG recommends that the Bureau of Information Resource Management, in coordination with the Bureau of Budget and Planning, develop and implement a process to verify that all bureau and office IT investment managers and budget analysts complete the respective training courses related to IT capital planning and reporting that are provided annually.
OIG recommends that the Bureau of Information Resource Management, in coordination with the Bureau of Budget and Planning, include information on reporting reimbursable costs in the annual training provided to investment managers and budget analysts on how to report IT investment data in iMatrix.
OIG recommends that the Bureau of Information Resource Management develop guidance on reporting reimbursable costs in iMatrix and distribute that guidance to bureau investment managers and budget analysts.
OIG recommends that the Bureau of Information Resource Management, in coordination with the Bureau of Budget and Planning, develop and implement a process to validate the completeness of the data in iMatrix. At a minimum, this process should include an analysis of IT expenditures in the financial management system to ensure expenditures are reported in iMatrix, as needed.
OIG recommends that the Bureau of Information Resource Management, in coordination with the Bureau of Budget and Planning, develop and implement a process to validate the accuracy of data in iMatrix. This could include developing and implementing analytical procedures to identify anomalies in iMatrix data.
OIG recommends that the Bureau of Information Resource Management develop and implement a policy requiring bureaus and offices to submit source documents to support the information entered into iMatrix.
OIG recommends that the Bureau of Information Resource Management develop and implement a process to verify that bureaus and offices are submitting source documents to support the information entered into iMatrix in accordance with the policy developed that requires bureaus and offices to submit source documents that support the information entered into iMatrix.
OIG recommends that the Bureau of Information Resource Management determine the information for non-major investments that should be included in iMatrix and develop a policy to implement that determination.
OIG recommends that the Bureau of Information Resource Management develop and implement a process for the Chief Information Officer to approve the portfolio data for all IT investments prior to submission of the Exhibit 53 and Exhibit 300 reports as required by the Office of Management and Budget.