Pursuant to a congressional request, GAO reviewed the modernization
blueprint that the Internal Revenue Service (IRS) prepared pursuant to
the conference report accompanying the fiscal year 1997 Omnibus
Consolidated Appropriations Act.
GAO noted that: (1) IRS' May 15, 1997, modernization blueprint is a good
first step and provides a solid foundation from which to determine
precise business requirements, a complete target architecture, and a
discipline set of processes and detailed plans for validating,
implementing, and enforcing the architecture; (2) similarly, the
blueprint's business requirements specify needed improvements in such
areas as financial management, and the architecture and sequencing plan
include several positive attributes, including traceability between
business requirements and systems and high-level descriptions of data
and security subarchitectures; (3) however, the blueprint is not yet
complete and does not provide sufficient detail and precision for
building or acquiring new systems; (4) in particular, IRS' systems life
cycle (SLC) does not define in sufficient detail any of the SLC
processes needed to manage technology investments; (5) as a result, IRS
does not yet know how systems will actually be designed, developed,
tested, or acquired; how compliance with standards will be assessed and
ensured; how progress on projects will be determined; or how key SLC
products will be validated; (6) additionally, IRS plans for each of the
three remaining blueprint components--business requirements,
architecture, and sequencing plan--to include four levels of
progressively greater detail; (7) as of May 15, 1997, IRS had completed
the first two levels; (8) as a result, information that is critical to
effective and efficient systems modernization is not yet known,
essential decisions have not yet been made, and needed actions have not
yet been taken; (9) IRS' Chief Information Officer (CIO) has
acknowledged that essential elements are missing from the May 15, 1997,
blueprint, and stated that he has begun addressing these voids; (10)
however, even though IRS, has given the CIO increased responsibility and
accountability for managing and controlling systems development,
acquisition, and maintenance, neither the CIO nor any other IRS
organizational entity has budgetary and organizational authority over
all IRS systems activities; and (11) as a result, it is unlikely that
IRS will be able to institutionally implement and enforce its
modernization blueprint once it is completed.
Click here for the full GAO Report, PDF Version, 30pgs. 157K
