recommended reading

Watchdog outlines IT best practices

A government watchdog on Monday identified nine best practices that help information technology projects stay on budget and on time, including sufficient upfront funding, strong communication between the contractors building the system and the federal employees who will operate it, and genuine involvement from senior agency leaders.

Keeping the same set of agency officials and contractors on a project throughout its lifecycle and involving agency end users in testing early on also are important factors according to Monday's report from the Government Accountability Office.

The best practices were developed from interviews with IT staff on seven major projects that agency officials identified as models of good management and delivery. The projects included three behemoths:

- A $2 billion Customs and Border Protection effort to ramp up technology at U.S. border crossings, including through radio technology that can read passport information from 15 feet away and cross reference it with criminal and terrorist databases

- A $1.3 billion endeavor to modernize the Internal Revenue Service's 40-year-old tax management system

- A $1.1 billion project to integrate information from paper Census Bureau questionnaires, reports from help desk phone calls with citizens filling out the questionnaires and follow-up telephone interviews to gauge the paper forms' accuracy

The projects also included some smaller-ticket items such as a $34 million initiative to update the Veterans Affairs Department's occupational health record-keeping system.

One major point the GAO report emphasized was the importance of maintaining communication, not only between contractors building an IT system and the agency IT and acquisitions staff, but also between both groups and agency end users, such as the Commerce officials putting together census reports and the CBP officers using advanced border technology.

Former federal Chief Information Officer Vivek Kundra instituted reforms during the first two years of the Obama administration aimed at making IT projects and acquisitions run more smoothly. The most notable of these was a process of TechStat review sessions, during which leaders of underperforming projects or those running over budget appeared before agency officials and Kundra, who decided over the course of about an hour whether their project should be maintained, reworked, scaled back or shelved entirely.

Kundra credited TechStat with saving the government about $3 billion and agencies have mimicked the process. Other reforms include buying more commercial technology rather than contracting for government-specific systems and breaking multiyear initiatives into smaller pieces with six-month or one-year deliverables.

A major problem with multiyear IT projects is technology develops so rapidly that by the time a contractor finishes, it's either out of date or the contractor's vision of how new technology should be incorporated into the system differs significantly from the agency's.

Long lead times and poor communication have led to major projects being canceled even after agencies have sunk $100 million or more into them. VA, for instance, scrapped a $127 million outpatient scheduling system in 2009 after determining it could not be deployed successfully. The Defense Department shelved its Defense Integrated Military Human Resources System on the recommendation of Kundra's office after 12 years of development and nearly $1 billion in funding.

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats


Close [ x ] More from Nextgov

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

  • Toward A More Innovative Government

    This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

  • From Volume to Value: UK’s NHS Digital Provides U.S. Healthcare Agencies A Roadmap For Value-Based Payment Models

    The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.

  • GBC Flash Poll: Is Your Agency Safe?

    Federal leaders weigh in on the state of information security

  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.


When you download a report, your information may be shared with the underwriters of that document.