GAO assessing agency architectures

The Government Accountability Office is notifying major departments and agencies that its auditors will assess how well they’re doing at implementing enterprise architecture.

The new maturity assessment is being done at the request of Rep. Tom Davis (R-Va.), said Randy Hite, GAO director of information technology architecture and systems issues.

Unlike the last assessment of agency architectures, which examined 96 agencies, only the 15 Cabinet-level departments and major agencies such as NASA and the Environmental Protection Agency will be affected, Hite told Federal Computer Week.

“We’re just at the beginning of it, we’re just sending out the notification letters to the agencies,” he added.

Like all GAO investigations, this assessment will be done in two phases: design and execution. The design phase will go through August or September and will involve face-to-face meetings with agency officials to explain the GAO assessment framework, Hite added. After the meetings are concluded, then deadlines for the second phase can be set, he said.

Agencies should not have to expend more than a minimal amount of resources to meet the demands of GAO auditors, Hite said. “We don’t ask for anything that doesn’t already exist," he said. "Therefore the impact is minimal.”

GAO’s Framework for Assessing and Improving Enterprise Architecture Management evaluates agency compliance with 31 core elements of architecture implementation.

In the last assessment, released in November 2003, GAO found that most agencies were lacking in enterprise architecture implementation. Only 20 of the 96 examined agencies had established at least the foundation for effective architecture management. And although 22 agencies did better in their assessments compared with 2001, 24 agencies were found to have done worse.

This year's assessment will be conducted using the existing maturity framework, Hite said. GAO is in the preliminary stages of studying ways to improve its architecture assessments through more detailed definitions of management requirements.

“Our framework defines the aspect of managing enterprise architecture at a 60,000-foot elevation,” Hite said. “There’s ambiguous language in the framework.”

GAO would like to drill down and offer specific ways to measure things such as architecture content, architecture governance and investment alignment with architecture. But that project, a GAO initiative, is taking second place to fulfilling congressional requests, Hite said.

About the Author

David Perera is a special contributor to Defense Systems.


  • Image: Shutterstock

    COVID, black swans and gray rhinos

    Steven Kelman suggests we should spend more time planning for the known risks on the horizon.

  • IT Modernization
    businessman dragging old computer monitor (Ollyy/

    Pro-bono technologists look to help cash-strapped states struggling with legacy systems

    As COVID-19 exposed vulnerabilities in state and local government IT systems, the newly formed U.S. Digital Response stepped in to help.

Stay Connected