oversight

Indian Trust Funds: Interior Lacks Assurance That Trust Improvement Plan Will Be Effective

Published by the Government Accountability Office on 1999-04-28.

Below is a raw (and likely hideous) rendition of the original report. (PDF)

                 United States General Accounting Office

GAO              Report to the Chairman, Committee on
                 Indian Affairs, U.S. Senate



April 1999
                 INDIAN TRUST
                 FUNDS

                 Interior Lacks
                 Assurance That Trust
                 Improvement Plan Will
                 Be Effective




GAO/AIMD-99-53
                   United States
GAO                General Accounting Office
                   Washington, D.C. 20548                                                        Leter




                   Accounting and Information
                   Management Division                                                           Leter




                   April 28, 1999

                   B-280590                                                                Letter

                   The Honorable Ben Nighthorse Campbell
                   Chairman, Committee on Indian Affairs
                   United States Senate

                   Dear Mr. Chairman:

                   This report responds to your request that we evaluate the Department of
                   Interior’s High-Level Implementation Plan (High Level Plan) for improving
                   its management of the Indian trust funds and resources under its control.
                   This plan focuses on correcting many of the long-standing problems with
                   Indian trust operations, which include inadequate accounting and
                   information management systems; backlogs in asset appraisals, ownership
                   determination, and record keeping; and poor internal controls. As
                   discussed with your office, we agreed to assess whether Interior has
                   reasonable assurance that (1) the High Level Plan provides an effective
                   solution for addressing these long-standing problems, and (2) its
                   acquisition of a new asset and land records management service will cost
                   effectively satisfy trust management needs.



Results in Brief   Interior does not have reasonable assurance that its High Level Plan for
                   improving Indian trust operations provides an effective solution for
                   addressing long-standing management weaknesses. The plan
                   (1) recognizes the severity of long-standing weaknesses in managing trust
                   fund assets, (2) identifies 13 projects intended to improve information
                   systems, enhance the accuracy and completeness of its data regarding the
                   ownership and lease of Indian lands, and address deficiencies with respect
                   to records management, training, policy and procedures, and internal
                   controls, and (3) assigns responsibility for oversight and management of
                   the 13 projects. However, Interior has not properly analyzed its
                   information technology needs which are essential to the overall success of
                   the plan. Until Interior develops an information systems architecture
                   addressing all of its trust management functions, it cannot ensure that its
                   information systems will not be duplicative or incompatible or will
                   optimally support its needs across all business areas.

                   Interior also does not know whether its acquisition of a new service for
                   managing Indian assets and land records will cost effectively meet trust
                   management needs. Before deciding to contract with a service vendor,
                   Interior did not adequately define important service requirements or



                   Page 1                                       GAO/AIMD-99-53 Indian Trust Funds
             B-280590




             sufficiently analyze technical alternatives. Nor did Interior take the steps
             needed to minimize acquisition risks. In particular, it did not develop a risk
             management plan, ensure that the vendor’s system could work with
             Interior’s data and systems, or establish realistic project time frames. Thus,
             Interior faces an unnecessarily high risk that the service will not meet its
             general business and specific performance needs, and it lacks the means
             for dealing with this risk.



Background   The Secretary of the Interior is responsible for administering the
             government's trust responsibilities to tribes and Indians, including
             managing about $3 billion in Indian trust funds and administering about
             54 million acres of Indian land. Management of the Indian trust funds and
             assets has long been characterized by inadequate accounting and
             information systems; untrained and inexperienced staff; backlogs in
             appraisals, ownership determinations, and recordkeeping; the lack of a
             master lease file and an accounts receivable system; inadequate written
             policies and procedures; and poor internal controls.

             To address these long-standing problems, the Congress created the Office
             of the Special Trustee for American Indians (OST) and required the Special
             Trustee to develop a comprehensive strategic plan for trust fund
             management. In April 1997, the Special Trustee submitted a strategic plan
             to the Congress, but Interior did not fully support the plan. At this
             Committee’s July 1997 hearing on the Special Trustee’s strategic plan, we
             testified on the results of our analysis of the strategic plan and provided our
             assessment of needed actions related to implementation issues that we had
             identified during that analysis.1

             On August 22, 1997, the Secretary of the Interior indicated that he and the
             Special Trustee for American Indians had agreed on the problems that
             needed to be solved immediately and called for the development of a high
             level implementation plan within 60 days. The High Level Plan was issued
             about 11 months later on July 31, 1998. In developing the High Level Plan,
             Interior did not prepare a documented analysis of its mission-related and
             administrative processes. Rather, it took the problems identified in the
             Secretary’s memorandum one by one and proposed separate projects to




             1
                 Financial Management: Indian Trust Fund Strategic Plan (GAO/T-AIMD-97-138, July 30, 1997).




             Page 2                                                        GAO/AIMD-99-53 Indian Trust Funds
                                                B-280590




                                                address each. Later, at the Secretary’s direction, an additional project was
                                                added. The 13 separate projects are shown in table 1.

                                                The projects are directed at improving systems, enhancing the accuracy
                                                and completeness of Interior’s data regarding the ownership and lease of
                                                Indian lands, and correcting deficiencies with respect to records
                                                management, training, policy and procedures, and internal controls within
                                                3 years. For each project, the plan assigns management responsibility and
                                                identifies some supporting tasks, critical milestones, and resource
                                                estimates.

                                                Some of the projects are already being implemented. For example, a new
                                                Trust Funds Accounting System has already been deployed at several
                                                Interior sites. We did not assess the status or effectiveness of this project or
                                                other individual projects. Instead, we focused on whether Interior has
                                                assurance that the information technology aspects of the plan, which are
                                                essential to the success of the majority of the projects and therefore the
                                                overall plan, were properly planned and executed.



Table 1: Thirteen Projects for Improving Indian Trust Management

         Project                                 Description
 1       OST Trust Financial Records             OST will standardize and verify Individual Indian Monies (IIM) system data for trust
         Clean Up                                resource records, and correct and establish an inventory of hard copy records for each
                                                 trust fund account.

 2       Bureau of Indian Affairs (BIA) Trust    BIA trust resource records will be cleaned up to ensure timely ownership and land
         Resource Records Cleanup                status data. Processing backlogs will be worked off to update existing and future trust
                                                 resource management systems data essential to ensure that income distribution and
                                                 resource management functions can operate from timely data.

 3       BIA Probate Backlog                     BIA will inventory, identify, and develop action plans and procedures to eliminate
                                                 probate backlog.

 4       Office of Hearings and Appeals          OHA will inventory, identify, and develop action plans and procedures to eliminate OHA
         (OHA) Probate Backlog                   probate backlog.

 5       BIA Appraisal Program                   This project includes an assessment of the present BIA appraisal program, policies and
                                                 procedures; reviews of staff qualifications; determination of the adherence to uniform
                                                 Standards of Professional Appraisal Practices; and development of corrective action
                                                 plans, as appropriate.

 6       Trust Funds Accounting System           A proven commercial off-the-shelf (COTS) trust accounting system will be acquired,
                                                 using a service bureau approach, to replace the present BIA IIM accounting module.




                                                Page 3                                                 GAO/AIMD-99-53 Indian Trust Funds
                                    B-280590




     Project                         Description
7    Trust Asset and Accounting      The Department will evaluate, acquire, and pilot, standardized, proven COTS general
     Management System (TAAMS)       trust management system technology (Master Lease, Billings and Accounts Receivable,
                                     and Collection subsystems) to the extent practicable. Following successful testing and
                                     piloting, the TAAMS system will proceed to full implementation across BIA, replacing the
                                     present BIA Integrated Records Management System.

8    BIA Land Records Information    This project contemplates the modernization of BIA’s official title system to provide on-
     System (LRIS) Enhancements      line and up-to-date legal and beneficial title ownership and encumbrance for all Indian
                                     lands and resources, including automated calculation of data storage of fractional
                                     interests and automated chain-of-title processes and information.

9    Minerals Management Service     MMS will design, develop, and implement new core business processes for MMS’
     (MMS) System Reengineering      royalty management functions, with supporting systems.

10   Records Management              A joint records management solution for Interior trust records will be developed and
                                     implemented, involving OST, BIA, MMS, Bureau of Land Management (BLM), OHA and
                                     other relevant Interior offices. The project scope includes Indian trust records
                                     management, storage, access, control and disposition and contemplates electronic
                                     recordkeeping, including imaging technology.

11   Policy and Procedures           Interior trust policies and procedures will be inventoried, reviewed, and, where
                                     appropriate, revised or established. This project specifically involves and includes
                                     representatives of OST, BIA, MMS, BLM, OHA, and other departmental offices involved
                                     in Indian trust management.

12   Training                        This project will plan and deliver both trust management and employee skills training
                                     relevant to delivery of Interior’s trust fiduciary responsibilities to American Indians.
                                     Training will be provided across the Interior trust workforce and include tribes and
                                     participating contractors.

13   Internal Controls               This project will systematically address documented internal control deficiencies in
                                     Indian trust management, item by item, that have been identified through internal and
                                     external audit, congressional oversight and outside reviews. Corrective actions will be
                                     validated and/or designed to assure resolution of all internal control weaknesses.

                                    Source: Department of the Interior July 1998 High Level Implementation Plan.


                                    Interior estimates that it will spend $147.4 million from fiscal years 1997
                                    through 2000 on this effort. About $60 million of this amount is to be spent
                                    on developing and improving information systems, $54 million on data
                                    cleanup, $17 million on records management, $8 million on training, and
                                    $8 million on all other activities.



Scope and                           The objectives of our review were to assess whether Interior has
                                    reasonable assurance that (1) the High Level Plan provides an effective
Methodology                         solution for addressing long-standing problems with Interior’s Indian trust




                                    Page 4                                                     GAO/AIMD-99-53 Indian Trust Funds
B-280590




responsibilities and (2) its acquisition of a new asset and land records
management service will cost effectively satisfy trust management needs.

To determine whether Interior has reasonable assurance that the High
Level Plan provides an effective solution for addressing Interior’s long-
standing problems with its Indian trust responsibilities, we

• reviewed the Clinger-Cohen Act of 19962 and current technical
  literature3 as a basis for assessing the information technology aspects of
  the High-Level Plan;
• reviewed the process that was used to develop the plan;
• reviewed the Strategic Plan that was produced by Interior’s Special
  Trustee for American Indians;
• met with senior Interior officials responsible for developing the plan,
  including Interior’s Chief Information Officer, Chief Financial Officer,
  Deputy Special Trustee, and the Interior contractor who assisted in the
  development of the plan; and
• analyzed the High Level Plan for internal consistency and compliance
  with generally accepted best practices.

We focused on the information technology aspects of the plan because they
are essential to its success.

To determine whether Interior has reasonable assurance that its acquisition
of a new asset and land records management service will cost effectively
satisfy trust management needs, we




2Public Law 104-106. The Clinger-Cohen Act requires agencies to analyze their missions and, based on
the analysis, revise mission-related and administrative processes, as appropriate, before making
significant investments in information technology used to support those missions.

3
  For example, we reviewed GAO’s framework for designing and developing system architectures; the
Project Management Institute’s Guide to the Project Management Body of Knowledge; and the Software
Engineering Institute’s guidance on software development and software acquisitions.




Page 5                                                      GAO/AIMD-99-53 Indian Trust Funds
B-280590




• reviewed the Clinger-Cohen Act of 1996; federal policy governing
  acquisition efforts including Office of Management and Budget guidance
  and Federal Information Processing Standards; and other current
  literature to determine the statutory and administrative requirements
  and best practices that should be used in acquiring software-intensive
  services such as the asset and land records service; 4
• reviewed Interior documents relating to this acquisition, including the
  Request for Information, vendor responses, and the Request for
  Proposals. We did not review the selection process or documents
  produced as part of this process subsequent to the issuance of the
  Request for Proposals; and
• met with senior Interior officials responsible for acquiring the service,
  including Interior’s Chief Information Officer, Chief Financial Officer,
  Special Trustee, and the Interior contractor who assisted in the
  acquisition of the new service.

We performed our work at the Department of the Interior, Office of the
Special Trustee, and Bureau of Indian Affairs in Washington, D.C., from
July 1998 through November 1998 in accordance with generally accepted
government auditing standards. We requested comments on a draft of this
report from the Secretary of the Interior. On March 19, 1999, the Assistant
Secretary for Policy, Management and Budget provided us with written
comments, which are discussed in the “Agency Comments and Our
Evaluation” section of this report and reprinted in appendix I.




4
 For example, we reviewed the Software Engineering Institute’s Software Acquisition Capability
Maturity Model SM (Capability Maturity ModelSM is a service mark of Carnegie Mellon University, and
CMM is a registered trademark) which provides a logical and widely accepted framework for
baselining an organization’s current process capabilities (i.e., strengths and weaknesses) and assessing
whether an organization has the necessary process discipline in place to repeat earlier successes on
similar projects.




Page 6                                                        GAO/AIMD-99-53 Indian Trust Funds
                         B-280590




Without Systems          Despite the fact that Interior plans for its components to independently
                         improve information systems or acquire information management services,
Architecture, Interior   at a cost of about $60 million, it has not yet defined an integrated
Lacks Assurance That     architecture for Indian trust operations. The Clinger-Cohen Act requires
                         the Chief Information Officer to develop and maintain an information
the Plan Provides an     systems architecture. Without a target architecture, agencies are at risk of
Effective Solution to    building and buying systems that are duplicative, incompatible, and
Long-Standing            unnecessarily costly to maintain and interface.
Problems                 In 1992, we issued a report5 defining a comprehensive framework for
                         designing and developing system architectures. This framework specifies
                         (1) the logical or business component of an architecture which serves as
                         the basis for (2) the technical or systems component.

                         The logical component ensures that the systems meet the business needs of
                         the organization. It provides a high-level description of the organization’s
                         mission and target concept of operations; the business functions being
                         performed and the relationships among functions; the information needed
                         to perform the functions; the users and locations of the functions and
                         information; and the information systems needed to support the agency’s
                         business needs.

                         The technical component ensures that the systems are interoperable,
                         function together efficiently and are cost-effective over their life cycles.
                         The technical component details specific standards and approaches that
                         will be used to build systems, including hardware, software,
                         communications, data management, security, and performance
                         characteristics.

                         Experience shows that without a target architecture, agencies risk building
                         and buying systems that are duplicative, incompatible, and unnecessarily
                         costly to maintain and interface. For example:

                         • In February 1997, we reported6 that the Federal Aviation
                           Administration’s (FAA) lack of a complete architecture resulted in


                         5Strategic
                                 Information Planning: Framework for Designing and Developing System Architectures
                         (GAO/IMTEC-92-51, June 1992).

                         6
                          Air Traffic Control: Complete and Enforced Architecture Needed for FAA Systems Modernization
                         (GAO/AIMD-97-30, February 3, 1997).




                         Page 7                                                    GAO/AIMD-99-53 Indian Trust Funds
B-280590




  incompatibilities among its air traffic control systems that (1) required
  higher-than-need-be system development, integration, and maintenance
  costs and (2) reduced overall system performance. Without having
  architecturally defined requirements and standards governing
  information and data structures and communications, FAA was forced
  to spend an additional $38 million to acquire a system dedicated to
  overcoming incompatibilities between systems.
• In May 1998, we reported7 that the Customs Service’s architecture was
  incomplete and ineffectively enforced, and that, according to a
  contractor, Customs components had developed and implemented
  incompatible systems, which increased modernization risks and
  implementation costs.
• In July 1997, we reported8 that because it lacked a system architecture,
  the Department of Education had made limited progress in integrating
  its National Student Loan Data System with other student financial aid
  databases. Moreover, without an architecture, the department could not
  correct long-standing problems resulting from a lack of integration
  across its student financial aid systems.
• In July 1995, we reported9 that because its architecture was incomplete
  and did not define the interfaces and standards needed to ensure the
  successful integration of its Tax System Modernization projects, IRS
  was at increased risk of developing unreliable systems that would not
  work together effectively and would require costly redesign.

Without an architecture for Indian trust operations, Interior has no
assurance that the 13 projects delineated in the High Level Plan and the
systems supporting them are cost-effective and are not duplicative,
inconsistent, and incompatible. In fact, in reviewing the High Level Plan,
we found indications that Interior was already encountering these
problems. For example:

• Three weeks after the plan was issued, Interior recognized that TAAMS
  and LRIS were so closely related that they should be merged into a
  single project. The BIA Probate Backlog project and the OHA Probate


7
 Customs Service Modernization: Architecture Must Be Complete and Enforced to Effectively Build
and Maintain Systems (GAO/AIMD-98-70, May 5, 1998).

8Student Financial Aid Information: Systems Architecture Needed to Improve Program’s Efficiency
(GAO/AIMD-97-122, July 29, 1997).

9
Tax Systems Modernization: Management and Technical Weaknesses Must Be Corrected If
Modernization Is To Succeed (GAO/AIMD-95-156, July 26, 1995).




Page 8                                                     GAO/AIMD-99-53 Indian Trust Funds
                           B-280590




                             Backlog project also appear to be closely related; however, Interior did
                             not thoroughly analyze the relationship between these two efforts in
                             formulating the High Level Plan and did not determine whether, like
                             TAAMS and LRIS, they should be combined.
                           • The High Level Plan shows that the BIA Probate Backlog and the OHA
                             projects depend on the TAAMS project to provide them with a case
                             tracking system by the end of 1998. This system is to manage the flow of
                             probate cases through BIA and OHA and enable management to identify
                             resources needed to eliminate the backlog. However, in describing
                             TAAMS, the High Level Plan does not mention the case management
                             system. Further, according to Interior officials, development of the case
                             tracking system under TAAMS is not scheduled to be funded until fiscal
                             year 2000, and delivery is not planned before September 2000.
                           • Although Interior has already initiated several projects to “clean” data
                             that will be used by TAAMS, it has not yet defined the data elements that
                             this project needs.

                           Until Interior defines the logical characteristics of its business environment
                           and uses them to establish technical standards and approaches, it will
                           remain at risk of investing in projects that are redundant and incompatible,
                           and do not satisfy Indian trust management requirements cost effectively.



Interior Does Not          In undertaking its effort to acquire a new asset and land record
                           management service, Interior failed to follow a sound process for ensuring
Know if New Asset and      that the most cost-effective technical alternative was selected and reducing
Record Management          acquisition risks. Specifically, Interior did not adequately define important
                           service requirements or sufficiently analyze technical alternatives. Further,
Service Will Cost          Interior did not develop an overall risk management plan, require the
Effectively Satisfy        contractor to demonstrate its system could work with Interior’s data and
Trust Management           systems, or establish realistic project time frames.
Needs

Interior’s Decision to     Interior intended to acquire TAAMS as a commercial-off-the-shelf (COTS)
Acquire a Service for      system. With this goal in mind, in May 1998, Interior issued a Request for
                           Information. The responses from vendors were evaluated using a 15-
Managing Assets and Land
                           category form. After this survey was completed, Interior decided to
Records                    combine the TAAMS project with the LRIS project and to obtain the needed
                           functionality of these combined projects by acquiring a trust asset
                           information management service using a COTS system. Under this



                           Page 9                                         GAO/AIMD-99-53 Indian Trust Funds
                            B-280590




                            approach, a contractor would manage Interior-provided land and trust
                            account data in a contractor-owned and maintained data center while
                            Interior would perform its trust management functions by remotely
                            accessing contractor-provided applications that run in the data center.


Service Requirements Were   To help ensure successful acquisition of a software-intensive service,
Not Adequately Defined      information technology experts recommend that organizations establish
                            and maintain a common and unambiguous definition of requirements (e.g.,
                            function, performance, help desk operations, data characteristics, security,
                            etc.) among the acquisition team, the service users, and the contractor.10
                            The requirements must be consistent with one another, verifiable, and
                            traceable to higher level business or functional requirements. Poorly
                            defined, vague or conflicting requirements can result in a service which
                            does not meet business needs or which cannot be delivered on schedule
                            and within budget.

                            Interior did not follow a sound process for defining requirements. First,
                            Interior did not define high-level functional requirements for projects
                            contained in the High Level Plan to help guide the requirements
                            development process for each of the individual projects. For this effort,
                            such high-level functional requirements might have included the following.

                            • The contractor’s system will contain the necessary data to support the
                              financial information needs of the probate function.
                            • Records management policies and procedures will be consistent with
                              departmental guidelines.
                            • Sensitive but unclassified data, such as data covered by the Privacy Act,
                              will be encrypted in accordance with Federal Information Processing
                              Standards whenever they are transmitted outside of the facility that
                              generated the data.
                            • Data elements must conform to applicable departmental naming
                              conventions and formats specified in the data dictionary.
                            • Automated records must be maintained in a form that ensures land
                              ownership records can be traced back to the original source of the
                              ownership.




                            10
                              For example, the Software Engineering Institute’s Software Acquisition Capability Maturity Model
                            includes requirements development as a key practice.




                            Page 10                                                     GAO/AIMD-99-53 Indian Trust Funds
                              B-280590




                              By not defining high-level functional requirements, Interior lacks assurance
                              that the projects it develops and acquires will meet its business needs.

                              Second, while Interior specified general service requirements in its request
                              for proposal such as the need for the contractor to (1) administer all
                              databases, (2) perform maintenance operations outside BIA’s normal
                              working hours, (3) provide configuration management of data center
                              hardware and software, and (4) perform daily, weekly, and monthly backup
                              of operational data and archiving, it did not clearly specify all of BIA’s
                              requirements, including its functional, security, and data management
                              requirements. For example:

                              • While Interior stated that the system “shall include safeguards against
                                conflicts of interest, abuse, or self-dealing,” it did not define these terms.
                                A definition of these terms in the context of Indian trust operations is
                                necessary to design and determine the adequacy of proposed system
                                safeguards and approaches.
                              • In discussing system security, Interior (1) specified an inappropriate
                                technology for encrypting data,11 (2) did not specify how long system
                                passwords should be, and (3) did not require password verification
                                features.12
                              • Interior did not define key data management requirements, including
                                what data elements were needed to meet Interior’s information
                                requirements and whether existing systems contained the necessary
                                data elements.


Technical Alternatives Were   The Clinger-Cohen Act requires agencies to establish a process to assess
Not Sufficiently Analyzed     the value and risks of information technology investments, including
                              consideration of quantitatively expressed projected net, risk-adjusted


                              11Encryption   involves the transformation of original text (known as plaintext or cleartext) into
                              unintelligible text (also known as ciphertext). The requirement in the Request for Proposal stated that
                              “[t]he Contractor shall provide a method of connectivity that allows secure transmission of data
                              utilizing 64-bit Public Key Encryption.” Public key encryption systems (also called asymmetric
                              cryptography) are designed so that the key used for encryption is different from the key used for
                              decryption. Public key systems are used to encrypt the keys that are used by systems using symmetric
                              key cryptography to encrypt data. (This is commonly referred to as key management.) They are not
                              used for encrypting large amounts of data such as that in TAAMS because public key algorithms are
                              (1) slow (symmetric key systems are generally at least 1,000 times faster) and (2) vulnerable to certain
                              types of computer attacks which depend upon analyzing extensive amounts of encrypted data.

                              12
                                When a user enters the desired password, a password checking program will compare the password
                              to a wordlist and a series of rules to ensure that it cannot be easily guessed.




                              Page 11                                                       GAO/AIMD-99-53 Indian Trust Funds
                           B-280590




                           return-on-investment, and specific quantitative and qualitative criteria for
                           comparing and prioritizing alternative information technology projects.
                           Only by comparing the costs, benefits, and risks of a full range of technical
                           options can agencies ensure that the best approaches are selected.

                           Interior did not thoroughly analyze technical alternatives before choosing a
                           vendor to provide the asset and land records management service. First,
                           Interior did not assess the desirability of satisfying its requirements by
                           (1) modifying existing legacy systems, (2) acquiring a COTS product and
                           using existing Interior infrastructure resources, (3) building a system that
                           would provide the necessary capability, or (4) acquiring a service.

                           Second, in surveying the availability of COTS products, Interior did not
                           perform a gap analysis which would systematically and quantitatively
                           compare and contrast these products against Interior’s requirements based
                           on functional, technical, and cost differences. Specifically, although
                           Interior concluded based on the results of its Request for Information that
                           none of the COTS products available from responding vendors would meet
                           all its requirements, Interior did not determine, for each COTS product,
                           which requirements could not be satisfied and how difficult and expensive
                           it would be to make the needed modifications. For example, Interior did
                           not determine whether all needed data elements could be represented
                           conveniently and manipulated effectively by each COTS product.

                           Third, in acquiring a service, Interior did not consider how its information,
                           once it had been loaded into a contractor’s system, would be retrieved by
                           Interior for subsequent use when the contract was terminated. Because
                           Interior did not compare the costs and benefits of a full range of technical
                           options, it has no assurance that it selected the most cost-effective
                           alternative.


Acquisition Risk Was Not   According to information technology experts, a key practice associated
Minimized                  with successful information technology service acquisitions is to formally
                           identify risks as early as possible and adjust the acquisition to mitigate
                           those risks.13 An effective risk management process, among other things,
                           includes (1) developing an acquisition risk management plan to document

                           13
                             For example, the Software Engineering Institute includes acquisition risk management as a key
                           practice in its Software Acquisition Capability Maturity Model because it is considered by software
                           experts to be an integral part of the solicitation, project performance management, and contract
                           performance management processes.




                           Page 12                                                       GAO/AIMD-99-53 Indian Trust Funds
B-280590




the procedures that will be used to manage risk throughout the project,
(2) conducting risk management activities in accordance with the plan
(e.g., identifying risks, taking mitigation actions, and tracking actions to
completion), and (3) preparing realistic cost and schedule estimates for the
services being acquired.

In acquiring its new TAAMS service, Interior did not carry out critical risk
management steps. First, Interior did not develop a risk management plan.
Without this plan, Interior has no disciplined means to predict and mitigate
risks, such as the risk that the service will not (1) meet performance and
business requirements, (2) work with Interior’s systems, and/or (3) be
delivered on schedule and within budget.

Second, in structuring a capabilities demonstration for the contractor’s
system, Interior did not require the contractor to use Interior-provided
data. Ensuring that the contractor’s system can work with data unique to
Interior is important since some data elements, such as fractionated
ownership interests, are not commonly used in the private sector.

Third, in structuring the capabilities demonstration, Interior did not require
the contractor to demonstrate that its system could interface with Interior’s
Trust Fund Accounting System and a Mineral Management Service system.
As a result, Interior will not know whether the contractor’s system can
interoperate with its legacy systems.

Fourth, Interior did not prepare a realistic project management schedule.
Organizations following sound software acquisition practices would
typically (1) identify the specific activities that must be performed to
produce the various project deliverables, (2) identify and document
dependencies, (3) estimate the amount of time needed to complete the
activities, and (4) analyze the activity sequences, durations, and resource
requirements. By contrast, Interior used the Secretary’s stated expectation
that all Indian trust fund-related improvements should occur within a 3-
year period beginning in 1998 as a starting point for developing the TAAMS
project schedule. 14




14
  Memorandum from the Secretary to the Special Trustee for American Indians, Assistant Secretary for
Indian Affairs, Deputy Commissioner for Indian Affairs, Director of the Minerals Management Service,
and Director of the Bureau of Land Management, dated August 22, 1997. This memorandum stated the
Secretary’s overall expectations for Interior’s improvement effort.




Page 13                                                     GAO/AIMD-99-53 Indian Trust Funds
                  B-280590




                  Because it did not establish clear requirements and did not take critical
                  steps to manage risk effectively, Interior has no assurance that the new
                  asset and land records management service will meet its specific
                  performance, security, and data management needs or that the service can
                  be delivered on schedule and within budget.



Conclusions       Interior cannot realistically expect to develop compatible and optimal
                  information systems without first developing an information systems
                  architecture for Indian trust operations. If it proceeds to implement the
                  projects outlined in the High Level Plan without taking these steps,
                  individual improvement efforts such as the initiative to acquire a service for
                  managing assets and land records may well incur cost and schedule
                  overruns and fail to satisfy Interior’s trust management needs.



Recommendations   To ensure that Interior’s information systems are compatible and
                  effectively satisfy Interior’s business needs, we recommend that, before
                  making major investments in information technology systems to support
                  trust operations, the Secretary direct the Chief Information Officer to
                  develop an information systems architecture for Indian trust operations
                  that (1) provides a high-level description of Interior’s mission and target
                  concept of operations, (2) defines the business functions to be performed
                  and the relationships among functions; the information needed to perform
                  the functions; the users and locations of the functions and information; and
                  the information systems needed to support the department’s business
                  needs, (3) identifies the improvement projects to be undertaken, specifying
                  what they will do, how they are interrelated, what data they will exchange,
                  and what their relative priorities are, and (4) details specific standards and
                  approaches that will be used to build or acquire systems, including
                  hardware, software, communications, data management, security, and
                  performance characteristics.

                  To reduce the risks we identified with the effort to acquire a service for
                  managing assets and land records, we recommend that the Secretary of the
                  Interior direct the Chief Information Officer to (1) clearly define and
                  validate functional requirements, security requirements, and data
                  management requirements, (2) develop and implement an effective risk
                  management plan, and (3) ensure that all project decisions are based on
                  objective data and demonstrated project accomplishments, and are not
                  schedule driven.



                  Page 14                                        GAO/AIMD-99-53 Indian Trust Funds
                      B-280590




Agency Comments and   In its written comments on a draft of this report, Interior states that our
                      oversight provides a valuable perspective and allows Interior to benefit
Our Evaluation        from our experience in dealing with similar issues at other agencies.
                      However, Interior disagrees with the report’s conclusions and does not
                      indicate whether it will implement the recommendations.

                      In disagreeing with the report’s first conclusion (that Interior does not have
                      reasonable assurance that its High Level Plan for improving Indian trust
                      operations provides an effective solution for addressing long-standing
                      management weaknesses), Interior states that although it recognizes the
                      importance of a formal architecture and does not yet have one, the “lack of
                      a formal architecture is not a significant impediment to success in this
                      case, given the use of proven COTS products.” Interior also expresses
                      confidence because this effort is smaller than the modernization efforts
                      that have failed at other agencies like FAA.

                      This position is not valid. The decision to use COTS products does not
                      compensate for the lack of an integrated information system architecture
                      for Indian trust operations. Such an architecture would have identified and
                      preferably reengineered the business functions of trust operations, and
                      then mapped these into information systems to support the business
                      functions. Just choosing COTS products from the marketplace does not
                      accomplish the same purpose. In fact, the close relationship between
                      business functions and IT is the reason we focus on all 13 projects in the
                      High Level Plan as a whole, even though, as Interior points out in its
                      comments, only 4 of the projects are information technology systems
                      projects. Further, small efforts, like IRS’ $17 million Cyberfile project, 15 as
                      well as large ones, like FAA’s modernization, have failed due to poor
                      program management, including lack of an architecture. With an estimated
                      cost of $60 million for IT systems and an additional $54 million for data
                      cleanup, the information systems supporting the 13 projects will have to be
                      effectively managed if they are to succeed.

                      Interior bases its decision to proceed with its IT acquisitions without a
                      formal architecture (and without an estimated date for completing one) on
                      the “pressing need for more responsive Indian trust systems.” However,
                      moving to implement complex systems before developing an architecture


                      15
                       Tax Systems Modernization: Management and Technical Weaknesses Must Be Overcome To Achieve
                      Success (GAO/T-AIMD-96-75, March 26, 1996) and Tax Systems Modernization: Cyberfile Project Was
                      Poorly Planned and Managed (GAO/AIMD-96-140, August 26, 1996).




                      Page 15                                                  GAO/AIMD-99-53 Indian Trust Funds
B-280590




does not expedite solutions. Instead, it greatly increases the chance of
building duplicative systems, introducing potential integration problems,
and perpetuating inefficient and overlapping business processes that
currently exist in Indian trust operations. This is especially true in the case
of TAAMS as Interior does not yet know whether the COTS product can
effectively work with other Interior systems or with Interior-provided data.
Also, as Interior notes in its comments, it consolidated TAAMS and LRIS
from two separate projects into one because the “consolidation eliminated
duplication within each system (80% of the data is shared), made better use
of limited resources, and eliminated potential integration issues.” Similarly,
Interior states that it is now considering streamlining the probate process
and consolidating the BIA and OHA probate projects. Had Interior
developed a sound architecture, it would have systematically identified the
shared data and overlapping business processes before proposing either
TAAMS and LRIS or BIA probate and OHA probate as separate projects in
the High Level Plan. Moreover, it would have done the analysis needed to
know whether other duplications and/or inconsistencies exist among its
projects.

Interior also disagrees with the report’s second conclusion that Interior
does not have reasonable assurance that its acquisition of the new asset
and land records management (TAAMS/LRIS) service will cost effectively
satisfy trust management needs. Our report bases this conclusion on
findings that Interior did not follow sound processes for defining TAAMS/
LRIS requirements, thoroughly analyzing technical alternatives before
selecting an approach, or managing technical risk.

Interior states that its requirements were adequately defined and that its
requirements definition process consisted of conducting several
requirements reviews with the end-user community and deciding “early on
to adopt the business processes afforded through implementation of the
COTS product.” Just as deciding to use COTS products does not
compensate for the lack of an integrated system architecture for Indian
trust operations, selecting a COTS product before thoroughly analyzing
requirements does not constitute an effective requirements definition
process. Further, while Interior says that it will adopt the business
processes afforded through implementation of the COTS product, it has at
the same time recognized that the COTS product does not meet all of its
requirements and will have to be modified. For example, Interior must
modify the COTS product to handle fractionated interests and title
requirements that are unique to Indian ownership.




Page 16                                        GAO/AIMD-99-53 Indian Trust Funds
B-280590




Interior does not directly address the finding that it did not thoroughly
analyze technical alternatives before choosing a vendor and a COTS
product to provide asset and land records management services. As
discussed in the report, these technical alternatives include (1) modifying
existing legacy systems, (2) acquiring a COTS product and using existing
Interior infrastructure resources, (3) building a system to provide the
necessary capability, or (4) acquiring a service. Instead, Interior dismisses
any use of the legacy systems, stating that the systems “. . . employ both
outdated software products and processing techniques . . . ,” and “. . . would
require a virtual rewrite;” does not address the second and third alternative
at all; and states once again, without having performed a gap analysis, that
“the use of COTS product, combined with a service bureau approach, does
provide the Department an economical and timely solution.” Because it
has not thoroughly analyzed all technical alternatives and does not have
convincing, objective evidence to support its decision, there is no
assurance that Interior has selected the most cost-effective alternative.

Interior then describes several actions which it feels minimizes acquisition
risk. Specifically, it “. . . established a risk management plan shortly after
awarding the TAAMS contract”; will have other contractors review the
work of the TAAMS contractor; and will evaluate the results of pilot testing.
Because all of these actions occur after the vendor was selected and the
contract awarded, they are not relevant to our finding that Interior did not
follow a sound process for selecting an approach and, therefore, does not
have reasonable assurance that its trust management needs will be met
cost effectively.

In its comments, Interior says “. . . a rigorous, standard approach was not
used in identifying the requirements for TAAMS . . .”; and “. . . we would
have preferred to use actual BIA data [in Operational Capabilities
Demonstrations], but given the time constraints, we decided to use scripts
. . .”. Further, Interior recognizes that it had to correct resulting errors
identified in our report. Specifically, the Request for Proposal and/or the
contract for TAAMS had to be changed to clarify terms such as “conflicts of
interest, abuse, and self-dealing”; to correct the mistaken reference to
Public Key encryption; and to require monthly delivery to the government
of all data to facilitate import into other applications. However, because
Interior does not explicitly recognize the flaws in its processes and does
not acknowledge the relationship between these weaknesses and the
errors that have already occurred, it has not committed to correcting these
weaknesses and it is likely to repeat similar errors in the future.




Page 17                                        GAO/AIMD-99-53 Indian Trust Funds
B-280590




Interior also raises several subsidiary issues. It asserts that our review was
incomplete because we did not assess the TAAMS vendor selection
process, which, in Interior’s opinion, was necessary to determine if the
TAAMS acquisition was cost effective. The objective of our audit was not to
determine how Interior selected its vendor; it was to determine whether
Interior had done the analysis needed to determine what was required and
to select an approach to the project that would be cost-beneficial. How
Interior selected its vendor is not relevant to that objective and was
therefore not within the scope of our audit.

Interior claims that we stopped the audit work “prematurely.” However,
Interior does not cite any significant events that occurred or critical
corrections made since the audit ended that would alter our conclusions.
In fact, during the review, we evaluated every document provided by
Interior. Moreover, this review was initiated, performed, and concluded
after its objectives were completed according to its established schedule.
The only deviation from schedule was made to accommodate Interior’s
request for an additional 6 business days to comment on this report.

Interior is concerned that we focused only on the TAAMS/LRIS project and
therefore, were not in a position to make broad statements about the High
Level Plan. In focusing on all IT aspects of the plan, we assessed the
interrelationships of the individual 13 projects as well as the overall
process for developing the plan. This enabled us to determine that Interior
did not have reasonable assurance that the High Level Plan provides an
effective solution for addressing its long-standing management
weaknesses. We assessed the TAAMS/LRIS project because it was ongoing
during our review, is one of the major IT projects in the High Level Plan,
and illustrates fundamental problems with Interior’s approach.

Finally, Interior states that once it deploys TAAMS, it will have the means to
reengineer its business processes to the “industry standard.” This runs
counter to the basic tenets of reengineering, that is, organizations should
first reengineer business processes and then assess and acquire or build
systems necessary to support those processes. This enables organizations
to ensure that they implement optimal technical solutions and that they do
not limit their business process alternatives or entrench themselves in
ineffective ways of doing business.

Interior needs to implement our recommendations to substantially reduce
the risk to key IT systems in trust management operations. Interior’s




Page 18                                        GAO/AIMD-99-53 Indian Trust Funds
B-280590




comments are provided in their entirety in appendix I along with our
detailed evaluation of them.


We are sending copies of this report to Senator Daniel K. Inouye, Vice
Chairman, Senate Committee on Indian Affairs and to Senator Robert C.
Byrd, Senator Joseph I. Lieberman, Senator Ted Stevens, and Senator Fred
Thompson, and to Representative Dan Burton, Representative George
Miller, Representative David Obey, Representative Henry A. Waxman,
Representative C.W. Bill Young, and Representative Don Young, in their
capacities as Chairmen and Ranking Minority Members of the Senate
Committee on Appropriations, Senate Committee on Governmental Affairs,
House Committee on Appropriations, House Committee on Resources, and
House Committee on Government Reform. We are also sending copies of
this report to the Honorable Jacob J. Lew, Director, Office of Management
and Budget, and to other interested congressional committees and
Members of Congress. Copies will also be made available to others upon
request.

If you have any questions about this report, please call me at (202) 512-
6415. Other major contributors to this report are listed in appendix II.

Sincerely yours,




Dr. Rona B. Stillman
Chief Scientist for Computers and
 Telecommunications




Page 19                                       GAO/AIMD-99-53 Indian Trust Funds
Appendix I

Comments From the Department of the
Interior                                                                  AppIexndi




Note: GAO comments
supplementing those in the
report text appear at the end
of this appendix.




                                Page 20   GAO/AIMD-99-53 Indian Trust Funds
Appendix I
Comments From the Department of the
Interior




Page 21                               GAO/AIMD-99-53 Indian Trust Funds
Appendix I
Comments From the Department of the
Interior




Page 22                               GAO/AIMD-99-53 Indian Trust Funds
                 Appendix I
                 Comments From the Department of the
                 Interior




See comment 1.




See comment 2.




See comment 3.




                 Page 23                               GAO/AIMD-99-53 Indian Trust Funds
                 Appendix I
                 Comments From the Department of the
                 Interior




See comment 4.




See comment 5.




See comment 6.




See comment 7.




                 Page 24                               GAO/AIMD-99-53 Indian Trust Funds
                 Appendix I
                 Comments From the Department of the
                 Interior




See comment 8.




                 Page 25                               GAO/AIMD-99-53 Indian Trust Funds
                 Appendix I
                 Comments From the Department of the
                 Interior




See comment 9.




                 Page 26                               GAO/AIMD-99-53 Indian Trust Funds
               Appendix I
               Comments From the Department of the
               Interior




               The following are GAO’s comments on Interior’s March 19, 1999, letter
               responding to a draft of this report.



GAO Comments   1. According to Interior’s High Level Plan (page 70), five projects are
               classified as data cleanup projects: OST data cleanup, BIA data cleanup,
               BIA probate backlog, OHA probate backlog, and BIA appraisal program.
               According to the schedules provided in the High Level Plan (pages 64
               through 67) OST data cleanup was initiated in January 1998 and BIA data
               cleanup project began in August 1998.

               2. Our intent was to present the sequence of events chronologically, not to
               imply that there was a change in direction in the middle of the TAAMS
               acquisition. We clarified the language in the report to reflect this more
               precisely.

               3. The report does not state that the High Level Plan should include all
               high-level requirements. Our report makes the point that the high-level
               requirements for all 13 projects were not defined anywhere.

               4. Although Interior’s letter indicates otherwise, neither the RFP nor the
               amendment included any definitions for the terms “conflicts of interest,
               abuse and self-dealing.” In subsequent correspondence to us, Interior
               officials told us that they believe these terms are commonly used and do
               not require additional definition. However, Interior requires that TAAMS
               implement safeguards to identify incidents of conflicts of interest, abuse,
               and self-dealing. Precise definition of requirements, not assumptions about
               “common usage” for terms that by their nature are subject to broad
               interpretation, is needed to implement systems features effectively.

               5. The TAAMS RFP states this requirement as follows: “Access to the
               system shall at a minimum require unique user IDs with passwords. The
               system shall record unsuccessful attempts . . .” The parenthetical phrase
               discussing password length does not appear. After receiving a draft of this
               report, Interior issued an amendment to the contract containing the phrase.
               This is another example of inadequate requirement definition that Interior
               is addressing piecemeal and ad hoc, without correcting the fundamental
               process weaknesses that caused the problem.

               6. Section J of the RFP contains a collection of data elements from
               different legacy systems, but it is not a data dictionary for TAAMS. Because
               the data elements required by TAAMS were not defined prior to asking



               Page 27                                      GAO/AIMD-99-53 Indian Trust Funds
Appendix I
Comments From the Department of the
Interior




vendors to respond to the TAAMS RFP, Interior has no assurance that the
vendor’s product can handle all data elements crucial to Indian trust
operations.

7. We are not suggesting a priori that the legacy system is a viable solution.
Neither we nor Interior can make informed decisions without analyzing
relevant data. We are pointing out that, consistent with the Clinger-Cohen
Act and good IT investment practices, Interior should have evaluated all
technical alternatives before selecting one.

8. Interior has quoted this statement out of context. The full sentence from
our draft report states: “Specifically, although Interior concluded based on
the results of its Request for Information that none of the COTS products
available from responding vendors would meet all its requirements,
Interior did not determine, for each COTS product, which requirements
could not be satisfied and how difficult and expensive it would be to make
the needed modifications." Our point is that Interior did not perform a gap
analysis on products available in the marketplace to determine whether the
COTS approach was optimum. According to a Mitretek official, the
Mitretek study was completed after the Request for Proposal was issued
and was intended to serve as the government’s independent cost estimate
for use in source selection.

9. Interior is in error. While all projects do, indeed, contain some elements
of risk, our point was that Interior was incurring and not mitigating
unnecessarily high levels of risk because it does not have an integrated
architecture for Indian trust operations and has not corrected fundamental
weaknesses in its IT management processes.




Page 28                                        GAO/AIMD-99-53 Indian Trust Funds
Appendix I

Major Contributors to This Report                                                                 AppIexndi




Accounting and         Mike Koury, Assistant Director
                       Naba Barkakati, Technical Assistant Director
Information            Chris Martin, Technical Assistant Director
Management Division,   Lou Schuster, Senior Auditor
                       Cristina Chaplain, Communications Analyst
Washington, D.C.

Office of General      Tom Armstrong, Assistant General Counsel
                       Franklin Jackson, Senior Attorney
Counsel




(913827)     eL
              rtet     Page 29                                    GAO/AIMD-99-53 Indian Trust Funds
Appendix I




             Page 30   GAO/AIMD-99-53 Indian Trust Funds
Ordering Information

The first copy of each GAO report and testimony is free.
Additional copies are $2 each. Orders should be sent to the
following address, accompanied by a check or money order made
out to the Superintendent of Documents, when necessary, VISA and
MasterCard credit cards are accepted, also.

Orders for 100 or more copies to be mailed to a single address are
discounted 25 percent.

Orders by mail:

U.S. General Accounting Office
P.O. Box 37050
Washington, DC 20013

or visit:

Room 1100
700 4th St. NW (corner of 4th and G Sts. NW)
U.S. General Accounting Office
Washington, DC

Orders may also be placed by calling (202) 512-6000
or by using fax number (202) 512-6061, or TDD (202) 512-2537.

Each day, GAO issues a list of newly available reports and
testimony. To receive facsimile copies of the daily list or any list
from the past 30 days, please call (202) 512-6000 using a touchtone
phone. A recorded menu will provide information on how to obtain
these lists.

For information on how to access GAO reports on the INTERNET,
send an e-mail message with “info” in the body to:

info@www.gao.gov

or visit GAO’s World Wide Web Home Page at:

http://www.gao.gov
United States                       Bulk Rate
General Accounting Office      Postage & Fees Paid
Washington, D.C. 20548-0001           GAO
                                 Permit No. GI00
Official Business
Penalty for Private Use $300

Address Correction Requested