GAO assessing agency architectures

The Government Accountability Office is notifying major departments and agencies that its auditors will assess how well they’re doing at implementing enterprise architecture.

The new maturity assessment is being done at the request of Rep. Tom Davis (R-Va.), said Randy Hite, GAO director of information technology architecture and systems issues.

Unlike the last assessment of agency architectures, which examined 96 agencies, only the 15 Cabinet-level departments and major agencies such as NASA and the Environmental Protection Agency will be affected, Hite told Federal Computer Week.

“We’re just at the beginning of it, we’re just sending out the notification letters to the agencies,” he added.

Like all GAO investigations, this assessment will be done in two phases: design and execution. The design phase will go through August or September and will involve face-to-face meetings with agency officials to explain the GAO assessment framework, Hite added. After the meetings are concluded, then deadlines for the second phase can be set, he said.

Agencies should not have to expend more than a minimal amount of resources to meet the demands of GAO auditors, Hite said. “We don’t ask for anything that doesn’t already exist," he said. "Therefore the impact is minimal.”

GAO’s Framework for Assessing and Improving Enterprise Architecture Management evaluates agency compliance with 31 core elements of architecture implementation.

In the last assessment, released in November 2003, GAO found that most agencies were lacking in enterprise architecture implementation. Only 20 of the 96 examined agencies had established at least the foundation for effective architecture management. And although 22 agencies did better in their assessments compared with 2001, 24 agencies were found to have done worse.

This year's assessment will be conducted using the existing maturity framework, Hite said. GAO is in the preliminary stages of studying ways to improve its architecture assessments through more detailed definitions of management requirements.

“Our framework defines the aspect of managing enterprise architecture at a 60,000-foot elevation,” Hite said. “There’s ambiguous language in the framework.”

GAO would like to drill down and offer specific ways to measure things such as architecture content, architecture governance and investment alignment with architecture. But that project, a GAO initiative, is taking second place to fulfilling congressional requests, Hite said.

About the Author

David Perera is a special contributor to Defense Systems.


  • Defense
    Soldiers from the Old Guard test the second iteration of the Integrated Visual Augmentation System (IVAS) capability set during an exercise at Fort Belvoir, VA in Fall 2019. Photo by Courtney Bacon

    IVAS and the future of defense acquisition

    The Army’s Integrated Visual Augmentation System has been in the works for years, but the potentially multibillion deal could mark a paradigm shift in how the Defense Department buys and leverages technology.

  • Cybersecurity
    Deputy Secretary of Homeland Security Alejandro Mayorkas  (U.S. Coast Guard photo by Petty Officer 3rd Class Lora Ratliff)

    Mayorkas announces cyber 'sprints' on ransomware, ICS, workforce

    The Homeland Security secretary announced a series of focused efforts to address issues around ransomware, critical infrastructure and the agency's workforce that will all be launched in the coming weeks.

Stay Connected