United States General Accounting Office GAO Testimony Before the Subcommittee on Government Efficiency and Financial Management, Committee on Government Reform, House of Representatives For Release on Delivery Expected at 2:30 p.m. EST Wednesday, October 29, 2003 FINANCIAL MANAGEMENT Recurring Financial Systems Problems Hinder FFMIA Compliance Statement of Sally E. Thompson Director, Financial Management and Assurance GAO-04-209T A October 29, 2003 FINANCIAL MANAGEMENT Recurring Financial Systems Problems Highlights of GAO-04-209T, a testimony Hinder FFMIA Compliance before the Subcommittee on Government Efficiency and Financial Management, Committee on Government Reform, House of Representatives The Federal Financial Management The results of the fiscal year 2002 FFMIA assessments performed by agency Improvement Act of 1996 (FFMIA) inspectors general or their contract auditors again show that the same types requires Chief Financial Officers of problems continue to plague the financial management systems used by (CFO) Act agencies to implement the CFO Act agencies. While much more severe at some agencies than and maintain financial management others, the nature and severity of the problems indicate that overall, agency systems that comply substantially with (1) federal financial management lacks the full range of information needed for accountability, management systems performance reporting, and decision making. As shown in the figure below, requirements, (2) federal audit reports highlight six recurring problems that have been consistently accounting standards, and (3) the reported for those agencies whose auditors reported noncompliant systems. U.S. Government Standard General Ledger. Most federal agencies face Problems Reported by Auditors for Fiscal Years 2000 through 2002 long-standing challenges, which are discussed in greater detail in our mandated September 2003 report, Sustained Efforts Needed to Achieve FFMIA Accountability (GAO-03-1062). In light of these circumstances, the Subcommittee asked GAO to testify about recurring financial management systems problems and agencies’ efforts to upgrade their systems. GAO is not making new recommendations in this Agencies have recognized the seriousness of the financial systems testimony, but in a past report has weaknesses, and have many efforts underway to implement or upgrade made specific recommendations financial systems to alleviate long-standing problems. As of September 30, aimed at addressing the problems 2002, 17 CFO Act agencies advised us they were planning to or were in the hindering agencies’ compliance process of implementing a new core financial system. It is imperative that with FFMIA. agencies adopt leading practices, such as top management commitment and business process reengineering, to ensure successful systems implementation and to avoid complicating factors, such as poor communication and inadequate project planning, that have hampered some agencies’ efforts in the past. Congressional oversight, the Joint Financial Management Improvement Program Principals, and the President’s Management Agenda are driving forces behind several governmentwide efforts now underway to improve federal financial management. Continued attention by these key drivers is critical to sustaining agencies efforts to improve their financial management systems. www.gao.gov/cgi-bin/getrpt?GAO-04-209T. To view the full product, including the scope and methodology, click on the link above. For more information, contact Sally Thompson, (202)512-9450, email@example.com. Mr. Chairman and Members of the Subcommittee: I am pleased to be here to discuss the challenges most of the federal departments and agencies still face in meeting the primary goals of the Congress in enacting the Federal Financial Management Improvement Act of 1996 (FFMIA).1 As you requested, our testimony today addresses the recurring financial management systems problems that agencies are facing and the status of their efforts to implement systems that substantially comply with FFMIA. As you know, FFMIA builds on the foundation laid by the Chief Financial Officers (CFO) Act of 19902 by reflecting the need for agencies to have financial management systems that can generate timely, accurate, and useful information with which to make informed decisions and to ensure accountability on an ongoing basis. FFMIA requires the major departments and agencies covered by the CFO Act3 to implement and maintain financial management systems that comply substantially with the (1) federal financial management systems requirements, (2) applicable federal accounting standards, and (3) U.S. Government Standard General Ledger (SGL) at the transaction level. Further, FFMIA requires auditors to report in their CFO Act financial statement audit reports whether the agencies’ financial management systems comply with FFMIA’s requirements. We are also required to report annually on the implementation of the act. 1 Pub. L. No. 104-208, sec.101(f)(title VIII), 110 Stat. 3009-389. 2 Pub. L. No. 101-576, 104 Stat. 2838 (1990). 3 There were initially 24 CFO Act agencies (see footnote 2 above). The Federal Emergency Management Agency (FEMA), one of the 24 CFO Act agencies, was subsequently transferred to the new Department of Homeland Security (DHS) effective March 1, 2003. With this transfer, FEMA will no longer be statutorily required to prepare audited stand- alone financial statements. We included FEMA in our review because FEMA was a CFO Act agency as of September 30, 2002. DHS must prepare audited financial statements under the Accountability of Tax Dollars Act of 2002, because it is a “covered executive agency” for purposes of 31 U.S.C. 3515. However, DHS was not established as a CFO Act agency and therefore is not statutorily subject to FFMIA. Consideration is now being given to making DHS a CFO Act agency and therefore subject to FFMIA in the Department of Homeland Security Financial Accountability Act, H.R. 2886, 108th Congress. Page 1 GAO-04-209T As discussed in our recently issued annual report on FFMIA,4 the results of the fiscal year 2002 FFMIA assessments performed by agency inspectors general (IG) or their contract auditors again show that the same types of problems still plague the financial management systems used by the CFO Act agencies. While much more severe at some agencies than others, the nature and severity of the problems indicate that overall, agency management lacks the full range of information needed for accountability, performance reporting, and decision making. While the CFO Act agencies have obtained more clean or unqualified audit opinions on their financial statements, often through extraordinary, labor-intensive measures, there is little evidence of marked improvements in agencies’ capacities to create the full range of information needed to manage day-to-day operations. As we have previously testified5 before this Subcommittee, if agencies continue year after year to rely on significant costly and time-intensive manual efforts to achieve or maintain unqualified opinions without improving underlying financial management systems, it can mislead the public about the true status of the agencies’ financial management capabilities. 4 U.S. General Accounting Office, Financial Management: Sustained Efforts Needed to Achieve FFMIA Accountability, GAO-03-1062 (Washington, D.C.: Sept. 30, 2003). 5 U.S. General Accounting Office, Financial Management: Effective Implementation of FFMIA is Key to Providing Reliable, Useful, and Timely Data, GAO-02-791T (Washington, D.C.: June 6, 2002) and Financial Management: Agencies Face Many Challenges in Meeting the Goals of the Federal Financial Management Improvement Act, GAO/T-AIMD- 00-178 (Washington, D.C.: June 6, 2000). Page 2 GAO-04-209T Agencies have recognized the seriousness of the financial systems weaknesses, and have many efforts underway to implement or upgrade financial systems to alleviate long-standing problems. As of September 30, 2002, 17 CFO Act agencies advised us they were planning to or were in the process of implementing a new core financial system. Under the Office of Management and Budget’s (OMB) Circular A-127, Financial Management Systems, agencies are required to purchase commercial off-the-shelf (COTS) packages sold by vendors whose core financial systems software has been certified.6 Some of the key factors that affect FFMIA compliance of an implemented COTS package include how the software works in the agency’s environment, whether any customizations or modifications7 have been made to the software, and the success of converting data from legacy systems to new systems. Successful implementation efforts of financial management systems are supported by the presence of several key characteristics, which apply to both the public and private sectors. These characteristics include, among others, (1) involvement by the users, (2) support of executive management, (3) leadership provided by experienced project managers, (4) clear definition and management of project requirements, (5) proper planning, and (6) realistic expectations. Conversely, financial systems implementation projects are often hindered by the lack of executive support, poor communication between managers and stakeholders, poor estimations and planning, and poor documentation and updating of user requirements. To provide impetus for upgrading financial management systems that provide reliable, timely, and useful data, congressional oversight, the Joint Financial Management Improvement Program (JFMIP) Principals,8 and the President’s Management Agenda (PMA) are driving forces behind several 6 The Program Management Office, managed by the Executive Director of the Joint Financial Management Improvement Program (JFMIP), with funds provided by the CFO Council agencies, tests vendor COTS packages and certifies that they meet certain federal financial management systems requirements for core financial systems. 7 Customization is the process of setting parameters within an application to make it operate in accordance with the entity’s business rules. Customizations are normally supported by vendors in subsequent upgrades. Modification is the process of writing or changing code and modifications are not supported by vendors in subsequent upgrades. 8 The JFMIP Principals are the Secretary of the Treasury, the Directors of OMB and the Office of Personnel Management (OPM), and the Comptroller General of the United States. Page 3 GAO-04-209T governmentwide efforts now underway to improve federal financial management. The Congress has demonstrated leadership in improving federal financial management by enacting financial management reform laws and through oversight hearings, such as this one today. The JFMIP Principals have continued the series of regular deliberative meetings that focus on key financial management reform issues. The PMA, being implemented by the administration as an agenda for improving the management and performance of the federal government, includes five crosscutting initiatives, including improved financial performance. Continued attention by these key drivers is critical to sustaining agencies’ efforts to improve their financial management systems. My statement today will focus on these issues and discuss (1) auditors’ determinations of FFMIA compliance for fiscal year 2002, (2) problems that affect agency systems’ compliance with FFMIA, (3) agency efforts to implement new core financial systems, (4) key characteristics of successful systems implementation and the challenges federal agencies face, and (5) the status of governmentwide financial management improvement efforts. Auditors’ Assessments For fiscal year 2002, Inspectors General and their contract auditors reported that the systems for 19 of the 24 CFO Act agencies did not comply of FFMIA Compliance substantially with at least one of the FFMIA requirements—federal for Fiscal Year 2002 financial management systems requirements, applicable federal accounting standards, or the SGL. Auditors’ assessments of financial systems’ compliance with FFMIA for 3 agencies—the Department of Labor (DOL), Environmental Protection Agency (EPA), and the National Science Foundation (NSF)—changed from fiscal years 2001 to 2002. For fiscal year 2002, the auditors for DOL concluded that its systems were not in substantial compliance with the managerial cost standard and thus were not in compliance with FFMIA. Auditors for EPA and NSF found the agencies’ respective systems to be in substantial compliance, a change from the fiscal year 2001 assessments. Page 4 GAO-04-209T As we have testified previously,9 while the number of agencies receiving clean opinions increased over the past 6 years from 11 in fiscal year 1997 to 21 for fiscal year 2002, the number of agencies reported to have systems that lacked substantial compliance with FFMIA has remained steady. While the increase in unqualified opinions is noteworthy, a more important barometer of financial systems’ capability and reliability is that the number of agencies for which auditors provided negative assurance10 of FFMIA compliance has remained relatively constant throughout this same period. In our view, this has led to an expectation gap. When more agencies receive clean opinions, expectations are raised that the government has sound financial management and can produce reliable, useful, and timely information on demand throughout the year, whereas FFMIA assessments offer a different perspective. For agencies equipped with modern, fully integrated financial management systems, preparation of financial statements would be more routine and much less costly. Auditors for the remaining five agencies—the Department of Energy, EPA, the General Services Administration (GSA), NSF, and the Social Security Administration (SSA)—provided negative assurance in reporting on FFMIA compliance for fiscal year 2002. In their respective reports, they included language stating that while they did not opine as to FFMIA compliance, nothing came to their attention during the course of their planned procedures indicating that these agencies’ financial management systems did not meet FFMIA requirements. If readers do not understand the concept of negative assurance, they may have gained an incorrect impression that these systems have been fully tested by the auditors and found to be substantially compliant. Because the act requires auditors to “report whether” agency systems are substantially compliant, we believe the auditor needs to provide positive assurance, which would be a definitive statement as to whether agency financial management systems substantially comply with FFMIA, as required under the statute. This is what we will do for the financial statement audits we perform when reporting that an entity’s financial management systems were in substantial compliance. To provide positive assurance, auditors need to consider many other aspects of financial management systems than those applicable to the purposes of rendering an opinion on the financial statements. 9 GAO-02-791T. 10 In providing negative assurance, auditors are stating that nothing came to their attention indicating that an agency’s financial management systems do not meet FFMIA requirements. Page 5 GAO-04-209T Widespread Systems Based on our review of the fiscal year 2002 audit reports for the 19 agencies reported to have systems not in substantial compliance with one or more of Problems Affect FFMIA’s three requirements, we identified six primary problems11 affecting FFMIA Compliance FFMIA noncompliance: • nonintegrated financial management systems, • inadequate reconciliation procedures, • lack of accurate and timely recording of financial information, • noncompliance with the SGL, • lack of adherence to federal accounting standards, and • weak security controls over information systems. The relative frequency of these problems12 at the 19 agencies reported as having noncompliant systems is shown in figure 1. In addition, we caution that the occurrence of problems in a particular category may be even greater than auditors’ reports of FFMIA noncompliance would suggest because auditors may not have included all problems in their reports. FFMIA testing may not be comprehensive and other problems may exist that were not identified and reported. For example, at some agencies, the problems are so serious and well known that the auditor can readily determine that the systems are not substantially compliant without examining every facet of FFMIA compliance. 11 The same six types of problems were cited by auditors in their audit reports for fiscal years 2000 and 2001. 12 Auditors may not have reported these problems as specific reasons for lack of substantial compliance with FFMIA. Page 6 GAO-04-209T Figure 1: Problems Reported by Auditors for Fiscal Years 2000 through 2002 Nonintegrated Financial The CFO Act calls for agencies to develop and maintain an integrated Management Systems accounting and financial management system13 that complies with federal systems requirements and provides for (1) complete, reliable, consistent, and timely information that is responsive to the financial information needs of the agency and facilitates the systematic measurement of performance, (2) the development and reporting of cost management information, and (3) the integration of accounting and budgeting information. In this regard, OMB Circular A-127, Financial Management Systems, requires agencies to 13 Federal financial system requirements define an integrated financial system as one that coordinates a number of previously unconnected functions to improve overall efficiency and control. Characteristics of such a system include (1) standard data classifications for recording financial events, (2) common processes for processing similar transactions, (3) consistent control over data entry, transaction processing, and reporting, and (4) a system design that eliminates unnecessary duplication of transaction entry. Page 7 GAO-04-209T establish and maintain a single integrated financial management system that conforms with functional requirements published by JFMIP. An integrated financial system coordinates a number of functions to improve overall efficiency and control. For example, integrated financial management systems are designed to avoid unnecessary duplication of transaction entry and greatly lessen reconciliation issues. With integrated systems, transactions are entered only once and are available for multiple purposes or functions. Moreover, with an integrated financial management system, an agency is more likely to have reliable, useful, and timely financial information for day-to-day decision making as well as external reporting. Agencies that do not have integrated financial management systems typically must expend major effort and resources, including in some cases hiring external consultants, to develop information that their systems should be able to provide on a daily or recurring basis. In addition, opportunities for errors are increased when agencies’ systems are not integrated. Agencies with nonintegrated financial systems are more likely to be required to devote more resources to collecting information than those with integrated systems. Auditors frequently mentioned the lack of modern, integrated financial management systems in their fiscal year 2002 audit reports. As shown in figure 1, auditors for 12 of the 19 agencies with noncompliant systems reported this as a problem. For example, auditors for the Department of Transportation (DOT) reported that its major agencies still use the Departmental Accounting and Financial Information System (DAFIS), the existing departmentwide accounting system14 and cannot produce auditable financial statements based on the information in DAFIS. For example, DOT’s IG reported that DOT made about 860 adjustments outside of DAFIS totaling $51 billion in order to prepare the financial statements.15 DOT’s IG also reported that there were problems linking some information between DAFIS and the Federal Highway Administration’s Fiscal Management Information System (FMIS). DOT uses FMIS to record initial obligations for federal aid grants to states. However, due to problems 14 DOT is implementing a COTS-based core financial system called Delphi. DOT management projects that the implementation will be complete in fiscal year 2004. 15 Office of Inspector General, Department of Transportation, Consolidated Financial Statements for Fiscal Years 2002 and 2001, FI-2003-018 (Jan. 27, 2003). Page 8 GAO-04-209T resulting from upgrades and changes made to the FMIS system, all obligations are not electronically transferred from FMIS to DAFIS. As of September 30, 2002, valid obligations of about $388 million were understated. Moreover, problems linking information also existed between Delphi, DOT’s new financial management system, and the Federal Transit Administration’s (FTA) financial feeder systems that prevented FTA from electronically processing about $350 million in payments related to its Electronic Clearing House Operation. These transactions had to be manually processed into Delphi. What is important here is that the information developed to prepare auditable annual financial statements is not available on an ongoing basis for day-to-day management of DOT’s programs and operations. As we have reported,16 cultural resistance to change, military service parochialism, and stovepiped operations have played a significant role in impeding previous attempts to implement broad-based reforms at the Department of Defense (DOD). The department’s stovepiped approach is most evident in its current financial management systems environment, which DOD recently estimated to include approximately 2,300 systems and systems development projects—many of which were developed in piecemeal fashion and evolved to accommodate different organizations, each with its own policies and procedures. As DOD management has acknowledged,17 the department’s current financial environment is comprised of many discrete systems characterized by poor integration and minimal data standardization and prevents managers from making more timely and cost-effective decisions. Inadequate Reconciliation A reconciliation process, even if performed manually, is a valuable part of a Procedures sound financial management system. In fact, the less integrated the financial management system, the greater the need for adequate reconciliations because data are accumulated from various sources. For example, the Department of Health and Human Services (HHS) IG 16 U.S. General Accounting Office, Department of Defense: Status of Financial Management Weaknesses and Progress Toward Reform, GAO-03-931T (Washington, D.C.: June 25, 2003). 17 Department of Defense, Performance and Accountability Report, Fiscal Year 2002 (Jan. 31, 2003). Page 9 GAO-04-209T reported18 that the department’s lack of an integrated financial management system continues to impair the ability of certain operating divisions to prepare timely information. Moreover, certain reconciliation processes were not adequately performed to ensure that differences were properly identified, researched, and resolved in a timely manner and that account balances were complete and accurate. Reconciliations are needed to ensure that data have been recorded properly between the various systems and manual records. The Comptroller General’s Standards for Internal Control in the Federal Government highlights reconciliation as a key control activity. As shown in figure 1, auditors for 11 of the 19 agencies with noncompliant systems reported that the agencies had reconciliation problems, including difficulty reconciling their fund balance with Treasury accounts19 with Treasury’s records. Treasury policy requires agencies to reconcile their accounting records with Treasury records monthly, which is comparable to individuals reconciling their checkbooks to their monthly bank statements. As we recently testified,20 DOD had at least $7.5 billion in unexplained differences between Treasury and DOD fund activity records. Many of these differences represent disbursements made and reported to Treasury that had not yet been properly matched to obligations and recorded in DOD accounting records. In addition to these unreconciled amounts, DOD identified and reported an additional $3.6 billion in payment recording errors. These include disbursements that DOD has specifically identified as containing erroneous or missing information and that cannot be properly recorded and charged against the correct, valid fund account. DOD records many of these payment problems in suspense accounts. While DOD made $1.6 billion in unsupported adjustments to its fund balances at the end of fiscal year 2002 to account for a portion of these payment recording errors, these adjustments did not resolve the related errors. 18 Office of Inspector General, Independent Auditor’s Report on Financial Statements, A-17- 02-0001, Fiscal Year 2002 Performance and Accountability Report, U.S. Department of Health and Human Services. 19 Agencies record their budget spending authorizations in their fund balance with Treasury accounts. Agencies increase or decrease these accounts as they collect or disburse funds. 20 GAO-03-931T. Page 10 GAO-04-209T Inadequate reconciliation procedures also complicate the identification and elimination of intragovernmental activity and balances, which is one of the principal reasons we continue to disclaim on the government’s consolidated financial statements. As we testified in April 2003,21 agencies had not reconciled intragovernmental activity and balances with their trading partners22 and, as a result, information reported to Treasury is not reliable. For several years, OMB and Treasury have required CFO Act agencies to reconcile selected intragovernmental activity and balances with their trading partners. However, a substantial number of CFO Act agencies did not perform such reconciliations for fiscal years 2002 and 2001, citing such reasons as (1) trading partners not providing needed data, (2) limitations and incompatibility of agency and trading partner systems, and (3) human resource issues. For both of these years, amounts reported for federal trading partners for certain intragovernmental accounts were significantly out of balance. Actions are being taken governmentwide under OMB’s leadership to address problems associated with intragovernmental activity and balances. Lack of Accurate and Timely Auditors for 17 agencies reported the lack of accurate and timely recording Recording of Financial of financial information for fiscal year 2002 compared to the 14 agencies23 for which auditors noted similar problems in their 2001 reports. Accurate Information and timely recording of financial information is key to successful financial management. Timely recording of transactions can facilitate accurate reporting in agencies’ financial reports and other management reports that are used to guide managerial decision making. The Comptroller General’s Standards for Internal Control in the Federal Government states that transactions should be promptly recorded to maintain their relevance and value to management in controlling operations and making decisions. 21 U.S. General Accounting Office, Fiscal Year 2002 U.S. Government Financial Statements: Sustained Leadership and Oversight Needed for Effective Implementation of Financial Management Reform, GAO-03-572T (Washington, D.C.: Apr. 8, 2003). 22 Trading partners are U.S. government agencies, departments, or other components that do business with each other. 23 In our October 2002 FFMIA report, we stated that auditors had discussed the lack of accurate and timely recording of transactions at 12 agencies. As part of our analysis of most recent agency audit reports, it became apparent that these problems were reported in prior years for 2 additional agencies, but the earlier audit reports did not include sufficient detail to make these assessments. Page 11 GAO-04-209T Untimely recording of transactions during the fiscal year can result in agencies making substantial efforts at fiscal year-end to perform extensive manual financial statement preparation efforts that are susceptible to error and increase the risk of misstatements. Gathering financial data only at year-end does not provide adequate time to analyze transactions or account balances. Further, it impedes management’s ability throughout the year to have timely and useful information for decision making. For example, auditors reported24 that, for fiscal year 2002, Department of Justice (Justice) components did not adjust the status of obligations on a quarterly basis as required, and as a result, extensive manual efforts had to be performed at year-end to correct the status of obligation records. This process of reviewing the status of obligations only at the end of the year increases the risk that errors will go undetected, does not provide managers with accurate information during the year for decision making, and results in misstatements in the financial statements. Noncompliance with the Implementing the SGL at the transaction level is one of the specific SGL requirements of FFMIA. However, as shown in figure 1, auditors for 9 of the 19 noncompliant agencies reported that the agencies’ systems did not comply with SGL requirements. The SGL promotes consistency in financial transaction processing and reporting by providing a uniform chart of accounts and pro forma transactions. Use of the SGL also provides a basis for comparison at agency and governmentwide levels. These defined accounts and pro forma transactions are used to standardize the accumulation of agency financial information, as well as enhance financial control and support financial statement preparation and other external reporting. By not implementing the SGL, agencies are challenged to provide consistent financial information across their components and functions. 24 PricewaterhouseCoopers, Report of Independent Accountants, January 15, 2003, FY 2002 Performance & Accountability Report, U.S. Department of Justice. Page 12 GAO-04-209T As in previous years, the Department of Housing and Urban Development’s (HUD) auditors reported that the Federal Housing Administration’s (FHA) systems were noncompliant with the SGL for fiscal year 2002 because FHA must use several manual processing steps to convert its commercial accounts to SGL accounts.25 FHA’s 19 legacy insurance systems, which fed transactions to its commercial general ledger system, lacked the capabilities to process transactions in the SGL format. Therefore, FHA provided only consolidated summary-level data to HUD’s Central Accounting and Program System (HUDCAPS). As we reported,26 FHA used several manual processing steps to provide summary-level data, including the use of personal-computer-based software to convert the summary-level commercial accounts to government SGL, and transfer the balances to HUDCAPS. This process did not comply with JFMIP requirements that the core financial system provide for automated month- and year-end closing of SGL accounts and the roll-over of the SGL account balances. Lack of Adherence to One of FFMIA’s requirements is that agencies’ financial management Federal Accounting systems account for transactions in accordance with federal accounting standards. Agencies face significant challenges implementing these Standards standards. As shown in figure 1, auditors for 13 of the 19 agencies with noncompliant systems reported that these agencies had problems complying with one or more federal accounting standards. Auditors reported that agencies are having problems implementing standards that have been in effect for some time, as well as standards that have been promulgated in the last few years. For example, auditors for three agencies—DOD, Justice, and the Federal Emergency Management Agency (FEMA)—reported weaknesses in compliance with Statement of Federal Financial Accounting Standards (SFFAS) No. 6, Accounting for Property, Plant, and Equipment, which became effective for fiscal year 1998. Auditors for DOD reported that DOD did not capture the correct 25 To help address deficiencies with its legacy general ledger system, as a first step in upgrading its overall financial management system, FHA implemented the general ledger module of a COTS software package on October 1, 2002. This module automates the monthly interface of summary-level balances with HUD’s Central Accounting and Program System (HUDCAPS). 26 U.S. General Accounting Office, Department of Housing and Urban Development: Status of Efforts to Implement an Integrated Financial Management System, GAO-03-447R (Washington, D.C.: Apr. 9, 2003). Page 13 GAO-04-209T acquisition date and cost of its property, plant, and equipment, due to system limitations. Therefore, DOD could not provide reliable information for reporting account balances and computing depreciation. Auditors for two agencies—HUD and Justice—reported weaknesses in compliance with SFFAS No. 7, Revenue and Other Financing Sources, which also became effective for fiscal year 1998. For example, auditors reported a material weakness for FHA’s budget execution and fund control. According to the auditors, FHA’s financial systems and processes are not capable of fully monitoring and controlling budgetary resources. Finally, auditors for three agencies—the Agency for International Development (AID), the National Aeronautics and Space Administration (NASA), and the Nuclear Regulatory Commission (NRC)—reported trouble with implementing SFFAS No. 10, Accounting for Internal Use Software, which became effective at the beginning of fiscal year 2001. For example, auditors reported that NASA’s policies and procedures do not specifically address purchasing software as part of a package of products and services. In their testing, NASA’s auditors identified errors for costs that were originally recorded as expenses, but instead should have been capitalized as assets. Managerial cost information is required by the CFO Act of 1990, and since 1998 by a federal accounting standard. Auditors for five agencies reported problems implementing SFFAS No. 4, Managerial Cost Accounting Concepts and Standards. For example, auditors for DOL reported that the department has not developed the capability to routinely report the cost of outputs used to manage program operations at the operating program and activity levels. Moreover, DOL does not use managerial cost information for purposes of performance measurement, planning, budgeting, or forecasting. At DOT, auditors stated that its agencies, other than the Federal Aviation Administration (FAA) and the U.S. Coast Guard,27 have begun to identify requirements for implementing cost accounting systems. DOT’s existing accounting system, DAFIS, does not have the capability to capture full costs, including direct and indirect costs assigned to DOT programs. The Secretary recently advised OMB that as the remaining DOT 27 FAA has efforts underway to implement a cost accounting system as required by the Federal Aviation Reauthorization Act of 1996 (Pub. L. No. 104-264, 110 Stat. 3213, 3248 (1996)). The U.S. Coast Guard has a cost accounting system used for determining vessel documentation user fees. Page 14 GAO-04-209T agencies migrate to Delphi, DOT’s new core financial system, Delphi will provide them with enhanced cost accounting capabilities. Managerial cost information is critical for implementing the PMA. According to the PMA, the accomplishment of the other four crosscutting initiatives28 will matter little without the integration of agency budgets with performance. Although the lack of a consistent information and reporting framework for performance, budgeting, and accounting may obscure how well government programs are performing as well as inhibit comparisons, no one presentation can meet all users’ needs. Any framework should support an understanding of the links between performance, budgeting, and accounting information measured and reported for different purposes. However, even the most meaningful links between performance results and resources consumed are only as good as the underlying data. Moreover, this link between resources consumed and performance results is necessary to make public-private competition decisions as part of competitive sourcing. Therefore, agencies must address long-standing problems within their financial systems. As agencies implement and upgrade their financial management systems, opportunities exist for developing cost management information as an integral part of these systems to provide important information that is timely, reliable, and useful. As we recently reported,29 DOD’s continuing inability to capture and report the full cost of its programs represents one of the most significant impediments facing the department. DOD does not have the systems and processes in place to capture the required cost information from the hundreds of millions of transactions it processes each year. Lacking complete and accurate overall life-cycle cost information for weapons systems impairs DOD’s and congressional decisionmakers’ ability to make fully informed decisions about which weapons, or how many, to buy. DOD has acknowledged that the lack of a cost accounting system is its largest impediment to controlling and managing weapon systems costs. 28 The other four crosscutting initiatives are improved financial performance, strategic human capital management, competitive sourcing, and expanded electronic government. 29 GAO-03-931T. Page 15 GAO-04-209T Weak Security Controls over Information security weaknesses are one of the frequently cited reasons Information Systems for noncompliance with FFMIA and are a major concern for federal agencies and the general public. These weaknesses are placing enormous amounts of government assets at risk of inadvertent or deliberate misuse, financial information at risk of unauthorized modification or destruction, sensitive information at risk of inappropriate disclosure, and critical operations at risk of disruption. Auditors for all 19 of the agencies reported as noncompliant with FFMIA identified weaknesses in security controls over information systems. Unresolved information security weaknesses could adversely affect the ability of agencies to produce accurate data for decision making and financial reporting because such weaknesses could compromise the reliability and availability of data that are recorded in or transmitted by an agency’s financial management system. General controls are the policies, procedures, and technical controls that apply to all or a large segment of an entity’s information systems and help ensure their proper operation. The six major areas are (1) security program management, which provides the framework for ensuring that risks are understood and that effective controls are selected and properly implemented, (2) access controls, which ensure that only authorized individuals can read, alter, or delete data, (3) software development and change controls, which ensure that only authorized software programs are implemented, (4) segregation of duties, which reduces the risk that one individual can independently perform inappropriate actions without detection, (5) operating systems controls, which protect sensitive programs that support multiple applications from tampering and misuse, and (6) service continuity, which ensures that computer-dependent operations experience no significant disruption. As we discussed in our April 2003 testimony,30 our analyses of audit reports issued from October 2001 through October 2002 for 24 of the largest federal agencies31 30 U.S. General Accounting Office, Information Security: Progress Made, But Challenges Remain to Protect Federal Systems and the Nation’s Critical Infrastructures, GAO-03- 564T (Washington, D.C.: Apr. 8, 2003). 31 These are the Departments of Agriculture, Commerce, Defense, Education, Energy, Health and Human Services, Housing and Urban Development, Interior, Justice, Labor, State, Transportation, Treasury, and Veterans Affairs, the Environmental Protection Agency, Federal Emergency Management Agency, General Services Administration, Office of Personnel Management, National Aeronautics and Space Administration, National Science Foundation, Nuclear Regulatory Commission, Small Business Administration, Social Security Administration, and U.S. Agency for International Development. Page 16 GAO-04-209T continued to show significant weaknesses in federal computer systems that put critical operations and assets at risk. Weaknesses continued to be reported in each of the 24 agencies included in our review, and they covered all six major areas of general controls. Although our analyses showed that most agencies had significant weaknesses in these six control areas, weaknesses were most often cited for access controls and security program management. Since 1997, GAO has considered information security a governmentwide high-risk area.32 As shown by our work and work performed by the IGs, security program management continues to be a widespread problem. Concerned with reports of significant weaknesses in federal computer systems that make them vulnerable to attack, the Congress enacted Government Information Security Reform provisions33 (commonly known as GISRA) to reduce these risks and provide more effective oversight of federal information security. GISRA required agencies to implement an information security program that is founded on a continuing risk management cycle and largely incorporates existing security policies found in OMB Circular A-130, Management of Federal Information Resources. GISRA provided an overall framework for managing information security and established new annual review, independent evaluation, and reporting requirements to help ensure agency implementation and both OMB and congressional oversight. In its required fiscal year 2002 GISRA report to the Congress, OMB stated that the federal government had made significant strides in addressing serious and pervasive information technology security problems, but that more needed to be done, particularly to address both the governmentwide weaknesses identified in its fiscal year 2001 report to the Congress and new challenges.34 Also, OMB reported significant progress in agencies’ information technology security performance, primarily as indicated by quantitative governmentwide performance measures that OMB required agencies to disclose beginning with their fiscal year 2002 reports. These 32 U.S. General Accounting Office, High-Risk Series: An Update, GAO-01-263 (Washington, D.C.: January 2001). 33 These provisions are part of the Floyd D. Spence National Defense Authorization Act for Fiscal Year 2001, Pub. L. No. 106-398, 114 Stat. 1654, 1654A-266 (2000). 34 Office of Management and Budget, FY 2002 Report to Congress on Federal Government Information Security Reform (May 16, 2003). Page 17 GAO-04-209T include measures such as the number of systems that have been assessed for risk, have an up-to-date security plan, and for which security controls have been tested. As discussed in our June 2003 testimony,35 the governmentwide weaknesses identified by OMB, as well as the limited progress in implementing key information security requirements, continue to emphasize that, overall, agencies are not effectively implementing and managing their information security programs. For example, of the 24 large federal agencies we reviewed, 11 reported that they had assessed risk for 90 to 100 percent of their systems for fiscal year 2002, but 8 reported that they had assessed risk for less than half of their systems. The information security program, evaluation, and reporting requirements established by GISRA have been permanently authorized and strengthened through the recently enacted Federal Information Security Management Act of 2002 (FISMA).36 In addition, FISMA provisions establish additional requirements that can assist the agencies in implementing effective information security programs, help ensure that agency systems incorporate appropriate controls, and provide information for administration and congressional oversight. These requirements include the designation and establishment of specific responsibilities for an agency senior information security officer, implementation of minimum information security requirements for agency information and information systems, and required agency reporting to the Congress. Agencies’ fiscal year 2003 FISMA reports, due to OMB in September 2003, should provide additional information on the status of agencies’ efforts to implement federal information security requirements. In addition, FISMA requires each agency to report any significant deficiency in an information security policy, procedure, or practice relating to financial management systems as an instance of a lack of substantial compliance under FFMIA.37 35 U.S. General Accounting Office, Information Security: Continued Efforts Needed to Fully Implement Statutory Requirements, GAO-03-852T (Washington, D.C.: June 24, 2003). 36 Pub. L. No. 107-347, title III, 116 Stat. 2899, 2946 (2002). 37 44 U.S.C. 3544(c)(3). Page 18 GAO-04-209T Agency Efforts to The continuing trend of noncompliance with FFMIA indicates the overall long-standing poor condition of agency financial systems. Correcting the Implement New Core systems problems is a difficult challenge for agencies because of the age Financial Systems and poor condition of their critical financial systems. Some of the federal government’s computer systems were originally designed and developed years ago and do not meet current systems requirements. These legacy systems cannot provide reliable financial information for key governmentwide initiatives, such as integrating budget and performance information. Across government, agencies have many efforts underway to implement or upgrade financial systems to alleviate long-standing weaknesses in financial management. As we recently reported,38 as of September 30, 2002, 17 agencies advised us that they were planning to or were in the process of implementing a new core financial system.39 Of these 17 agencies, 11 had selected certified40 software. The other 6 agencies have not reached the software selection phase of their acquisition process. 38 U.S. General Accounting Office, Core Financial Systems at the 24 Chief Financial Officers Act Agencies, GAO-03-903R (Washington, D.C.: June 27, 2003). 39 Core financial systems, as defined by JFMIP, include managing general ledger, funding, payments, receivables, and certain basic cost functions. Core financial systems receive data from other financial and feeder systems—such as acquisition, grant, and human resource and payroll systems—as well as from direct user input, and provide data for financial performance measurement and analysis and for financial statement preparation. 40 The Program Management Office, which is managed by JFMIP’s Executive Director with funds provided by the CFO Council agencies, tests vendor COTS packages and certifies those that meet certain financial management system requirements for core financial systems. Page 19 GAO-04-209T Implementing a core financial system that has been certified does not guarantee that these agencies will have financial systems that are compliant with FFMIA. Certification of core financial systems and testing vendor COTS packages help ensure that financial management system requirements and the vendor software remain aligned. One critical factor affecting FFMIA compliance is the integration of the core financial system with the agency’s administrative41 and programmatic42 systems and the validity and completeness of data from these systems. Other factors affecting a COTS core financial system’s ability to comply with FFMIA include how the software package works in the agency’s environment, whether any modifications or customizations have been made to the software, and the success of converting data from legacy systems to new systems. As of September 30, 2002, target implementation dates for 16 of the 17 agencies planning to implement new core financial systems ranged from fiscal years 2003 to 2008. One agency—DOD—had not yet determined its target date for full implementation. As shown in figure 2, 3 of the 16 agencies—Agriculture, GSA, and NASA—planned to complete implementation in fiscal year 2003. Three other agencies—SSA, Commerce, and DOT—planned to complete their implementations in fiscal year 2004. The Department of Energy established fiscal year 2005 as its target implementation date and 3 agencies—the departments of State and Veterans Affairs and AID—have targeted fiscal year 2006 for completion. Moreover, as shown in figure 2, 4 agencies—DOL, HHS, EPA, and HUD— have set fiscal year 2007 as their implementation target date. Finally, 2 agencies—the Departments of the Interior and Justice43—projected fiscal year 2008 for completion of their core financial systems implementation. 41 Examples of administrative systems are those common to all agencies such as budget, acquisition, travel, property, and payroll. 42 Programmatic systems are those needed to carry out an agency’s mission. For example, HHS needs a grants management system to carry out its mission. 43 Justice plans a staggered implementation of its new core financial system in its component agencies with target completion dates ranging from October 2004 to October 2007. Page 20 GAO-04-209T Figure 2: Agency Target Dates for Implementation of Core Financial Systems as of September 30, 2002 HUD NASA Commerce VA EPA GSA SSA State HHS Interior GENERAL SERVICES ADMINISTRATION E NT O F J M T U R ST DEPA I CE Agriculture DOT Energy AID Labor Justice Defense 2003 2004 2005 2006 2007 2008 Not yet determined Source: GAO. The remaining 7 of the 24 CFO Act agencies that advised us that they had no plans to implement a new system had either recently implemented a new core financial system in the last several years or were not planning to implement an agencywide core financial system. Five of the 7 agencies had fully implemented new core financial systems since the beginning of fiscal year 2001—including the Department of Education, NSF,44 NRC, the Small Business Administration (SBA), and OPM. FEMA had implemented a new system prior to fiscal year 2001. The remaining agency, Treasury,45 is not planning to implement an agencywide core financial system, but several of its subcomponent agencies—including the Internal Revenue Service and the Office of the Comptroller of the Currency—are in the process of implementing core financial system software packages. In their performance and accountability reports, management for some agencies stated that full implementation of these new systems will address their systems’ substantial noncompliance with FFMIA. However, as previously mentioned, implementation of a new core financial system may not resolve all of an agency’s financial management weaknesses because of the myriad of problems affecting agencies beyond their core financial 44 NSF’s core financial system was implemented in 1992. The maintenance needed to migrate the system to a client-server platform was completed in April 2001. 45 Although Treasury does not have an agencywide core financial system, it does utilize automated tools and a central data warehouse for analysis and reporting. Page 21 GAO-04-209T systems. Nevertheless, it is imperative that agencies adopt leading practices to help ensure successful systems implementation. Successful Implementing new financial management systems provides a foundation for improved financial management, including enhanced financial Implementation of reporting capabilities that will help financial managers meet OMB’s Financial Management accelerated reporting deadlines46 and make better financial management decisions due to more timely information. Successful implementation of Systems Is Key for financial management systems has been a continuous challenge for both Improved Financial federal agencies and private sector entities. In the past, federal agencies Reporting have experienced setbacks and delays in their implementation processes. These delays were caused by various factors, including a lack of executive- level involvement, poor communication between managers and users, and inadequate project planning. For example, our work at NASA has shown the need for consistent executive support, communication with all stakeholders, full identification of user requirements, and adequate planning. Recent work at NASA illustrates some of the specific problems agencies are encountering in implementing JFMIP-certified financial systems. In April 2000, NASA began its Integrated Financial Management Program (IFMP), its third attempt in recent years at modernizing financial processes and systems. NASA’s previous two efforts were eventually abandoned after a total of 12 years and a reported $180 million in spending. As part of this third effort, NASA recently implemented a new core financial module that was expected to provide financial and program managers with timely, consistent, and reliable cost and performance information for management decisions. However, earlier this year we reported47 that NASA’s core financial module was not being implemented to accommodate the information needed by program managers, cost estimators, and the Congress. The need for ongoing communication between project 46 In order to have timely, reliable and useful information OMB has required agencies to prepare financial statements closer to the end of the reporting period. Under the accelerated reporting requirements, agency performance and accountability reports for fiscal year 2004 are due to OMB by November 15, 2004, just 45 days after the close of the fiscal year. 47 U.S. General Accounting Office, Business Modernization: Improvements Needed in Management of NASA’s Integrated Financial Management Program, GAO-03-507 (Washington, D.C.: Apr. 2003). Page 22 GAO-04-209T managers and systems users is crucial to any successful systems implementation project. Project managers need to understand the basic requirements of users, while users should be involved in the project’s planning process. NASA’s program officials chose to defer the development of some functions and related user requirements in order to expedite the systems implementation process. As a result, the new system will not meet the needs of some key users who will continue to rely on information from nonintegrated programs outside of the core financial module, or use other labor-intensive means, to capture the data they need to manage programs. NASA has also not followed certain other best practices for acquiring and implementing its new financial management system. NASA’s implementation plan calls for the system to be constructed using commercial components; however, NASA has not analyzed the interdependencies of the various subsystems. When constructing a system from commercial components, it is essential to understand the features and characteristics of each component in order to select compatible systems that can be integrated without having to build and maintain expensive interfaces. By acquiring components without first understanding their relationships, NASA has increased its risks of implementing a system that will not optimize mission performance, and that will cost more and take longer to implement than necessary. Private sector entities have also encountered a number of challenges and setbacks when implementing new systems. These challenges have included competition between internal organizational units, user resistance to the new systems, and frequent changes in management and to underlying corporate strategy. Entities are overcoming their challenges because better tools have been created to monitor and control progress and skilled project managers with better management processes are being used. Page 23 GAO-04-209T The Standish Group International, Inc.48 (Standish Group) has reported that the number of successful systems implementation projects in the private sector is increasing. From 1994 to 2000, successful projects increased from 28,000 to 78,000. The Standish Group, through its research,49 has identified 10 project success factors. These factors include user involvement, executive support, experienced project managers, firm basic requirements, clear business objectives, minimized scope, standard software infrastructure, formal methodology, reliable estimates, and other.50 Also, according to the Standish Group, although no project requires all 10 factors to be successful,51 the more factors that are present in the project strategy, the higher the chance of a successful implementation. As discussed above, many of these factors have been challenges for both private sector and federal entities. By its very nature, the implementation of a new financial management system is a risky proposition. Therefore, it is crucial that federal departments and agencies follow accepted best practices and embrace as many of the key characteristics for successful implementation projects as possible to help minimize the risk of failed projects and result in systems that provide the necessary data for management’s needs. Our executive guide52 on creating value through world-class financial management describes 11 practices critical for establishing and maintaining sound financial operations. These practices include reengineering processes in conjunction with new technology. As a result, using commercial components such as COTS packages may require significant changes in the way federal departments conduct their business. According to the leading finance organizations that formed the basis for our executive guide, a key to successful implementation of COTS systems is reengineering business processes to fit the new software applications 48 The Standish Group is a well-known research advisory firm that focuses on mission- critical software applications, management techniques, and technologies. 49 The Standish Group’s research is done through focus groups, in-depth surveys, and extensive interviews with Fortune 500 companies. 50 Other includes small milestones, proper planning, competent staff, and ownership. 51 Successful implementation is defined as a project that is completed on time, on budget, and with all the features and functions originally specified. 52 U.S. General Accounting Office, Executive Guide: Creating Value Through World-class Financial Management, GAO/AIMD-00-134 (Washington, D.C.: April 2000). Page 24 GAO-04-209T that are based on best practices. Moreover, OMB’s former Associate Director for Information Technology and e-Government has stated that “IT will not solve management problems—re-engineering processes will.” The conversion of data from an old system to a new system is also critical. In December 2002, JFMIP issued its White Paper: Financial Systems Data Conversion – Considerations. The purpose of this JFMIP document is to raise awareness of financial systems data conversion considerations to be addressed by financial management executives and project managers when planning or implementing a new financial management system. The JFMIP paper addresses (1) key considerations regarding data conversion and cutover to the new system, (2) best approaches for completing the data conversion and cutover, and (3) ways to reduce the risks associated with these approaches. Status of As we have discussed, the goal of FFMIA is for agencies to have timely, reliable, and accurate information with which to make informed decisions Governmentwide and to ensure accountability on an ongoing basis. Figure 3 shows the three Financial Management levels of the pyramid that result in the end goal, accountability and useful management information. The bottom level of the pyramid is the Improvement Efforts legislative framework that underpins the improvement of the general and financial management of the federal government. The second level shows the drivers that build on the legislative requirements and influence agency actions to meet these requirements. The three drivers are (1) congressional and other oversight, (2) the activities of the JFMIP Principals, and (3) the PMA. The third level of the pyramid represents the key success factors for accountability and meaningful management information—integrating core and feeder financial systems, producing reliable financial and performance data for reporting, and ensuring effective internal control. The result of these three levels, as shown at the top of the pyramid, is accountability and meaningful management information needed to assess and improve the government’s effectiveness, financial condition, and operating performance. Page 25 GAO-04-209T Figure 3: Pyramid to Accountability and Useful Management Information Congressional Oversight End goal Accountability and useful management information Key success factors Reliable financial and Effective Integrated performance data internal systems for reporting control Drivers Congressional and JFMIP PMA other oversight Principals Legislative framework Government Accountability Government CFO Management of Tax Dollars Performance Clinger-Cohen Act Reform Act Act of 2002 FFMIA and Results Act Act Source: GAO. Congressional Oversight The leadership demonstrated by the Congress has been an important catalyst to reforming financial management in the federal government. As previously discussed, the legislative framework provided by the CFO Act and FFMIA, among others, produced a solid foundation to stimulate needed change. For example, in November 2002, the Congress enacted the Accountability of Tax Dollars Act of 200253 to extend the financial statement audit requirements for CFO Act agencies to most executive branch agencies. In addition, there is value in sustained congressional interest in these issues, as demonstrated by hearings on federal financial management and reform held over the past several years. It will be key that the appropriations, budget, authorizing, and oversight committees hold agency top management accountable for resolving these problems and that they support improvement efforts. The continued attention by the 53 Pub. L. No. 107-289, 116 Stat. 2049 (2002). Page 26 GAO-04-209T Congress to these issues will be critical to sustaining momentum for financial management reform. JFMIP Principals Starting in August 2001, the JFMIP Principals have been meeting regularly to deliberate and reach agreements focused on financial management reform issues including (1) defining success measures for financial performance that go far beyond an unqualified audit opinion,54 (2) significantly accelerating financial statement reporting to improve timeliness for decision making, and (3) addressing difficult accounting and reporting issues, including impediments to an audit opinion on the federal government’s consolidated financial statements. This forum has provided an opportunity to reach decisions on key issues and undertake strategic activities that reinforce the effectiveness of groups such as the CFO Council in making progress toward federal financial management. In fiscal year 2002, the JFMIP Principals continued the series of these deliberative meetings. Continued personal involvement of the JFMIP Principals is critical to the full and successful implementation of federal financial management reform and to providing greater transparency and accountability in managing federal programs and resources. President’s Management The PMA, being implemented by the administration as an agenda for Agenda and the Executive improving the management and performance of the federal government, targets the most apparent deficiencies where the opportunity to improve Branch Management performance is the greatest. While FFMIA implementation relates directly Scorecard to the improved financial performance initiative, development and maintenance of FFMIA-compliant systems will also affect the implementation of the other four initiatives. Furthermore, the modernization of agency financial management systems, as envisioned by FFMIA, is critical to the success of all of these initiatives. Notably, OMB is developing a federal enterprise architecture that will affect the government’s ability to make significant progress across the PMA. For example, as part of the e-gov initiative, the number of federal payroll providers is being consolidated. Numerous agencies had targeted their payroll operations for costly modernization efforts. According to OMB, millions of dollars will be saved through shared resources and processes 54 These success measures include financial management systems that routinely provide timely, reliable, and useful financial information and no material control weaknesses or material noncompliance with laws and regulations as well as FFMIA. Page 27 GAO-04-209T and by modernizing on a cross-agency and governmentwide basis. The administration’s implementation of its Program Assessment Rating Tool (PART) relates specifically to the PMA initiative of integration of budget and performance information. Reliable cost data, so crucial to effective FFMIA implementation, is critical not only for the improved financial performance and budget and performance integration initiatives, but also for competitive sourcing. For effective management, this cost information must not only be timely and reliable, but also both useful and used. The administration is using the Executive Branch Management Scorecard, based on governmentwide standards for success, to highlight agencies’ progress in achieving the improvements embodied in the PMA. OMB uses a grading system of red, yellow, and green to indicate agencies’ status in achieving the standards for success for each of the five crosscutting initiatives. It also assesses and reports progress using a similar “stoplight” system. The focus that the administration’s scorecard approach brings to improving management and performance, including financial management performance, is certainly a step in the right direction. The value of the scorecard is not in the scoring per se, but the degree to which the scores lead to sustained focus and demonstrable improvements. This will depend on continued efforts to assess progress and maintain accountability to ensure that the agencies are able to, in fact, improve their performance. It will be important that there be continuous rigor in the scoring process for this approach to be credible and effective in providing incentives that produce lasting results. Also, it is important to recognize that many of the challenges the federal government faces, such as improving financial management, are long-standing and complex, and will require sustained attention. Closing Comments The primary purpose of FFMIA is to ensure that agency financial management systems routinely provide reliable, useful, and timely financial information so that government leaders will be better positioned to invest resources, reduce costs, oversee programs, and hold agency managers accountable for the way they run programs. While many agencies are receiving unqualified opinions on their financial statements, auditor determinations of FFMIA compliance are lagging behind. To achieve the financial management improvements envisioned by the CFO Act, FFMIA, and more recently, the President’s Management Agenda, agencies need to modernize their financial systems to generate reliable, useful, and timely Page 28 GAO-04-209T financial information throughout the year and at year-end. However, as we have discussed today, agencies are facing significant challenges in implementing new financial management systems. We are seeing a strong commitment from the President, the JFMIP Principals, and the Secretaries of major departments to ensure that these needed modernizations come to fruition. This commitment is critical to the success of the efforts under way as well as those still in a formative stage, and must be sustained. Finally, Mr. Chairman, the leadership demonstrated by you and the members of this Subcommittee is an important catalyst to reforming financial management in the federal government. Continued attention to these issues will be critical to sustaining momentum on financial management reforms. Mr. Chairman, this concludes my statement. I would be pleased to answer any questions you or other members of the Subcommittee may have at this time. Contacts and For further information about this statement, please contact Kay L. Daly at (202) 512-9312. Other key contributors to this testimony include Sandra S. Acknowledgments Silzer and Bridget A. Skjoldal. (193052) Page 29 GAO-04-209T GAO’s Mission The General Accounting Office, the audit, evaluation and investigative arm of Congress, exists to support Congress in meeting its constitutional responsibilities and to help improve the performance and accountability of the federal government for the American people. GAO examines the use of public funds; evaluates federal programs and policies; and provides analyses, recommendations, and other assistance to help Congress make informed oversight, policy, and funding decisions. GAO’s commitment to good government is reflected in its core values of accountability, integrity, and reliability. Obtaining Copies of The fastest and easiest way to obtain copies of GAO documents at no cost is through the Internet. GAO’s Web site (www.gao.gov) contains abstracts and full- GAO Reports and text files of current reports and testimony and an expanding archive of older products. The Web site features a search engine to help you locate documents Testimony using key words and phrases. You can print these documents in their entirety, including charts and other graphics. Each day, GAO issues a list of newly released reports, testimony, and correspondence. GAO posts this list, known as “Today’s Reports,” on its Web site daily. The list contains links to the full-text document files. To have GAO e-mail this list to you every afternoon, go to www.gao.gov and select “Subscribe to e-mail alerts” under the “Order GAO Products” heading. Order by Mail or Phone The first copy of each printed report is free. Additional copies are $2 each. A check or money order should be made out to the Superintendent of Documents. GAO also accepts VISA and Mastercard. Orders for 100 or more copies mailed to a single address are discounted 25 percent. Orders should be sent to: U.S. General Accounting Office 441 G Street NW, Room LM Washington, D.C. 20548 To order by Phone: Voice: (202) 512-6000 TDD: (202) 512-2537 Fax: (202) 512-6061 To Report Fraud, Contact: Web site: www.gao.gov/fraudnet/fraudnet.htm Waste, and Abuse in E-mail: firstname.lastname@example.org Federal Programs Automated answering system: (800) 424-5454 or (202) 512-7470 Public Affairs Jeff Nelligan, Managing Director, NelliganJ@gao.gov (202) 512-4800 U.S. General Accounting Office, 441 G Street NW, Room 7149 Washington, D.C. 20548
Financial Management: Recurring Financial Systems Problems Hinder FFMIA Compliance
Published by the Government Accountability Office on 2003-10-29.
Below is a raw (and likely hideous) rendition of the original report. (PDF)