10 legacy systems in need of modernization

The Government Accountability Office has issued a list of the 10 most critical legacy systems in need of modernization. After reviewing 65 legacy systems from the 24 Chief Financial Officers Act agencies, GAO selected 10 systems that have unsupported hardware and software, are using outdated languages or operating with known security vulnerabilities. The watchdog did not identify the specific systems, but in an appendix offered a generalized discussion of the applications along with the number of users and annual operating and labor costs. The systems range from a Department of Education system that supports processing of federal student aid applications to a system used by the Interior Department to support the operation of dams and power plants on a specific river.

The oldest systems belong to the Department of Treasury (51 years) Health and Human Services (50 years) and the Social Security Administration (45 years). Three of the systems were given a high security risk rating by their agencies, HHS, Education and the Department of Homeland Security. Of the 10 identified agencies with legacy systems needing modernization, seven had documented modernization plans, some more fully developed than others. Those without complete modernization plans, run the "risk of cost overruns, schedule delays, and project failure," GAO said.

The 24 CFO Act agencies reported 94 successful modernizations in the last five years, ranging from transforming COBOL code to Java, migrating email to the cloud, and redesigning a legacy mainframe application to run on the cloud. GAO highlighted five of those as examples of system modernization types and the range of benefits realized.