GAO Slams IT Management At VAGAO Slams IT Management At VA

Government Innovators

A $127 million project to build a new outpatient appointment-schedule system failed because of IT management issues that historically have plagued the Department of Veterans Affairs (VA), according to a government watchdog agency.

In a recently released report, the Government Accountability Office (GAO) evaluated two key IT development projects to see if the VA is making progress on managing and delivering them on time, a problem that has persisted at the department for many years. Joel Willemssen, managing director of information technology at the GAO, described these issues Wednesday during testimony before a House oversight subcommittee concerned with the VA.

One project--a next-generation outpatient appointment-scheduling system to replace an outdated one--was an abject failure, according to the GAO. The VA started the project in 2000 and spent $127 million over nine years, but never delivered on any of the system's planned capabilities.

The GAO blamed several IT management weaknesses--including acquisition planning, requirements analysis, testing, progress reporting, risk management, and oversight--for the department's inability to complete the project successfully.

Another project fared a bit better. The VA aimed to create a post-9/11 GI Bill educational benefits system that would better address new benefits given veterans after 9/11 that were not covered by the existing system.

To implement the project, the department used a new, incremental software development approach and managed to deploy the first two of four releases on schedule, according to the GAO.

The project to date has provided regional offices with new automated capabilities to prepare original and amended benefits claims under the post-9/11 GI Bill, according to the report.

Despite this success, the GAO still found IT management areas of the project on which the VA can improve, including establishing business priorities, testing, and oversight, it said.

Establishing and managing information security controls required by the Federal Information Security Management Act of 2002 (FISMA) also remains a problem at the VA, which is notorious for lapses in security that have resulted in data breaches. The problem has been so pervasive that last August assistant secretary for information and technology Roger Baker began posting monthly information about data breaches at the department online.

Indeed, VA IT operations have certainly improved since Baker took his position about a year ago. He led the development of an IT accountability program that's saved millions in previously wasted IT costs and started reporting information about data breaches online to keep the department itself accountable for data security.

Baker said via email that the GAO report describes how systems development worked before the accountability system was in place, and is not reflective of how the VA operates now.