Summary

The Office of Management and Budget (OMB) plays a key role in overseeing federal information technology (IT) investments. The Clinger-Cohen Act, among other things, requires OMB to establish processes to analyze, track, and evaluate the risks and results of major capital investments in information systems made by agencies and to report to Congress on the net program performance benefits achieved as a result of these investments. OMB has developed several processes to help carry out its role. For example, OMB began using a Management Watch List several years ago as a means of identifying poorly planned projects based on its evaluation of agencies' funding justifications for major projects, known as exhibit 300s. In addition, in August 2005, OMB established a process for agencies to identify high risk projects and to report on those that are performing poorly. GAO testified last year on the Management Watch List and high risk projects, and on GAO's recommendations to improve these processes. GAO was asked to (1) provide an update on the Management Watch List and high risk projects and (2) identify OMB's efforts to improve the identification and oversight of these projects. In preparing this testimony, GAO summarized its previous reports on initiatives for improving the management of federal IT investments. GAO also analyzed current Management Watch List and high risk project information.

OMB and federal agencies have identified approximately 227 IT projects--totaling at least $10.4 billion in expenditures for fiscal year 2008--as being poorly planned (on the Management Watch List), poorly performing (on the High Risk List with performance shortfalls), or both. OMB has taken steps to improve the identification and oversight of the Management Watch List and High Risk projects by addressing recommendations previously made by GAO, however, additional efforts are needed to more effectively perform these activities. Specifically, GAO previously recommended that OMB take action to improve the accuracy and reliability of exhibit 300s and consistent application of the high risk projects criteria, and perform governmentwide tracking and analysis of Management Watch List and high risk project information. In response to these recommendations, OMB, for example, started publicly releasing aggregate lists of Management Watch List and high risk projects by agency in September 2006 and has been updating them since then on a quarterly basis. However, OMB does not publish the reasons for placing projects on the Management Watch List, nor does it specifically identify why high risk projects are poorly performing. Providing this information would allow OMB and others to better analyze the reasons projects are poorly planned and performing, take corrective actions, and track these projects on a governmentwide basis. Such information would also help to highlight progress made by agencies or projects, identify management issues that transcend individual agencies, and highlight the root causes of governmentwide issues and trends. Until OMB makes further improvements in the identification and oversight of poorly planned and poorly performing IT projects, potentially billions in taxpayer dollars are at risk of being wasted.