GAO to Census: Focus on management

The Government Accountability Office has recommended a fitness plan to help the Census Bureau get in shape for the 2010 decennial census. GAO’s auditors have advised Census officials to focus on management and to pay attention to workforce, information technology, information security and enterprise architecture issues.

In a report released yesterday, GAO’s auditors commented on the bureau’s decentralized approach to IT management. While Census officials have developed policies and procedures to successfully manage IT in several areas, they “are not fully and consistently performed,” according to the auditors’ report.

For example, the bureau has established executive-level investment boards but does not have written procedures for how those boards should operate and make decisions on IT spending.

The auditors warned that the bureau could run the risk of cost overruns and fall behind schedule on major IT investments.

The bureau’s 5-year strategic plan identifies 10 major investments estimated to cost $4 billion through 2009. Three of those, estimated to cost $2.7 billion, are expected to support the decennial census. “Because the bureau plans to spend billions of dollars on information technology to prepare for the 2010 decennial census, building in sound IT practices now is more critical than ever,” the report states.

GAO’s recommendations for improving IT management include:

* Developing well-defined and disciplined written procedures for selecting new IT proposals and reselecting ongoing investments.

* Developing and implementing criteria and documented policies and procedures for oversight of all IT projects and systems.

* Creating a comprehensive repository of up-to-date investment information that is accessible to decision-makers.

* Institutionalizing a process improvement initiative such as the Capability Maturity Model Integration, a framework that software organizations use to improve software quality.

* Establishing a written policy endorsing and enforcing enterprise architecture.

* Creating milestones to identify staff with special-security training needs and developing an effective training program for them.

* Annual assessment of the IT knowledge and skills of employees to determine whether they meet current requirements.

Responding to GAO’s report, the Commerce Department’s acting deputy secretary wrote that the agency agreed with the findings and recommendations but noted that the bureau has taken positive steps that were not acknowledged in the report.