         
|
August 31, 1999
Thompson letter on GPRA - DoD Attachment 2
OPEN GAO RECOMMENDATIONS ON DOD MAJOR MANAGEMENT PROBLEMS INFORMATION MANAGEMENT AND TECHNOLOGY ISSUES POSE MAJOR CONCERNS - PROGRESS ON YEAR 2000 CONVERSION
Problem description - The Department of Defense (DOD) relies on computer systems for virtually all of its operations, including strategic and tactical operations; sophisticated weaponry; intelligence, surveillance, and security efforts; and more routine business functions such as payroll and logistics. For an organization as large as DOD—with over 1.5 million computers, 28,000 systems, and 10,000 networks—addressing the Year 2000 problem is a formidable task. While DOD has an enormous effort underway to remediate its mission-critical systems and ensure that its key operations will continue to function after the century date change, its effort is at risk. DOD’s early management of the effort was hampered by inconsistent guidance, lack of reliable and timely information on program status, inaccuracies concerning systems compliance in component-level reports, and poor contingency planning. Over the past year, DOD has improved its management of its Year 2000 program by establishing a strong department-level program office, with active participation by the Deputy Secretary of Defense, to oversee Year 2000 efforts. It has also improved its systems inventory and instituted a testing program aimed at ensuring continuity of key missions and operations. However, DOD remains behind schedule in completing its systems remediation and is still grappling with some of the program management issues previously described.
GAO’s audit efforts resulted in 38 recommendations, covering DOD and its components, related to this major management challenge, of which 14 remain open. Corrective actions on 8 of these 14 recommendations are in various stages of completion. Because DOD determined that it could no longer use its initial systems inventory for Year 2000 purposes, and due to the limited time remaining before January 1, 2000, the remaining six of the original recommendations are no longer applicable and will be closed.
| GAO Report No. and Date | Recommendation | | AIMD-97-117 Aug. 11, 1997 |
The Director of the Defense Finance and Accounting Service (DFAS) should direct the Deputy Director for Information Management to require the full implementation of the recently established Year 2000 certification process and ensure that Year 2000 compliance is predicated on testing all systems, including commercial-off-the-shelf (COTS) applications and personal computers and servers. | |
AIMD-97-117 Aug. 11, 1997 |
The Director of DFAS should direct the Deputy Director for Information Management to devise a testing schedule that identifies the test facilities and resources needed for performing proper testing of DFAS systems to ensure that all systems can operate in a Year 2000 environment. | |
AIMD-97-149 Sept. 26, 1997 |
The Director of the Logistics Systems Support Center (LSSC) should develop a contingency plan that includes specific actions for ensuring that the Army's logistic functions continue to operate at appropriate levels if all or part of the Commodity Command Standard System (CCSS) fails to work at the year 2000. | |
AIMD-98-150 June 30, 1998 |
The Secretary of the Navy should direct the Department of the Navy’s Chief Information Officer (CIO) to ensure that the Navy Year 2000 Coordination Office is provided with sufficient staff and authority to ensure that components have identified and corrected interfaces and developed written memorandums of agreement with interface partners. | |
AIMD-98-150 June 30, 1998 |
The Secretary of the Navy should direct the Department of the Navy’s CIO to ensure that the Navy Year 2000 Coordination Office is provided with sufficient staff and authority to ensure that Year 2000 contingency planning focuses on the continuity of all of the Navy's critical military operations and business processes rather than on only a small portion of mission-critical systems. | |
AIMD-98-35 Jan. 16, 1998 |
The Secretary of the Air Force should immediately require that the Air Force ensure its cost estimates factor in the actual resources it believes are needed to renovate and implement systems so that it can make informed resource trade-off decisions and ensure that this estimate is periodically refined throughout the Year 2000 program. | |
AIMD-98-35 Jan. 16, 1998 |
The Secretary of the Air Force should _ ensure that components are developing test plans and identifying the need for additional testing resources, and
_ design an approach to obtain any needed testing resources that are identified by Air Force components. | |
AIMD-98-35 Jan. 16, 1998 |
The Secretary of the Air Force should ensure that components have prepared contingency plans for their mission-critical systems. |
INFORMATION MANAGEMENT AND TECHNOLOGY ISSUES POSE MAJOR CONCERNS - INFORMATION SECURITY Problem Description - Securing Defense’s vast array of networked computers is a major challenge. Defense’s computer systems are particularly susceptible to attack through connections to the Internet, which Defense uses to enhance communications and information sharing. Audit reports have identified a broad array of problems. One of the most fundamental issues, which GAO reported on in August 1998, is that DOD has not completed development of an architecture, or blueprint, for its command, control, and communications systems. Without such an architecture, DOD will find it difficult to ensure that these systems, which are essential to DOD’s long-term plans for ensuring information superiority, are adequately protected. Other reports have identified specific control weaknesses in existing systems that increase the risks of damage from intrusions, as well as from malicious acts and inadvertent mistakes by authorized users.
Currently, there are 10 open recommendations related to this issue. All but one of these are restricted to limited official use and are not detailed here. The recommendation below pertains to Defense’s need to devote adequate human resources to its information security efforts.
| GAO Report No. and Date | Recommendation | | AIMD-96-84 May 22, 1996 |
The Secretary of Defense should strengthen the DOD computer security program by requiring information system security officers at all installations and setting specific standards for ensuring that these information system security officers as well as system and network managers are given sufficient time and training to perform their duties appropriately. |
MILITARY PERSONNEL ISSUES NEED ATTENTION
Problem Description - DOD faces a significant challenge in retaining the hundreds of thousands of new recruits that it enlists each year. Despite enlistees’ obligations to serve 2 to 6 years on initial contracts, GAO has found that between fiscal years 1982 and 1993, 31.7 percent of all enlistees did not complete these first terms of service. This first-term attrition is costly in that the services’ recruiting and training investment in each enlistee averages almost $38,000. Assuming that the attrition rate for the enlistees who entered the services in fiscal year 1998 is the same as the attrition rate for those who entered in fiscal year 1993 — 35.8 percent — GAO estimates that 64,400 of these nearly 180,000 persons will be separated early. At a recruiting and training cost of $37,884 per enlistee, the services’ total investment in these persons will be $2.4 billion.
In four reports and five testimonies, GAO made 21 recommendations for ways DOD could reduce the attrition of first-term enlistees, 16 of which are discussed in the following table and are in varying stages of implementation. DOD has asserted that each of the other five recommendations that remain open in GAO’s system have been fully implemented. GAO plans follow-on work to track DOD’s actions in response to all 21 recommendations, including determining whether the 5 have been fully implemented.
| GAO Report No. and Date |
Recommendation | |
NSIAD-97-39 Jan. 6, 1997 |
To provide a reliable database for DOD to manage attrition and for the services to set appropriate targets for reducing attrition, the Secretary of Defense should issue implementing guidance for DOD’s separation codes. | |
NSIAD-97-39 Jan. 6, 1997 |
The Secretary of Defense should direct the services to require all applicants for enlistment to (1) provide the names of their medical insurers and providers and (2) sign a release form allowing the services to obtain past medical information. | |
NSIAD-97-39 Jan. 6, 1997 |
The Secretary of Defense should direct the services to revise their "Applicant Medical Prescreening Form" and their "Report of Medical History" to ensure that medical questions are specific, unambiguous, and tied directly to the types of medical separations most common for recruits during basic and follow-on training. | |
NSIAD-97-39 Jan. 6, 1997 |
The Secretary of Defense should use DOD’s newly proposed database of medical diagnostic codes to determine whether adding medical screening tests to pre-entrance physical examinations and/or providing more thorough medical examinations to selected groups of applicants could cost effectively reduce attrition at basic training. | |
NSIAD-97-39 Jan. 6, 1997 |
The Secretary of Defense should place the responsibility for reviewing medical separation files with an organization completely outside the screening process. | |
NSIAD-98-213 Sept. 15, 1998 |
The Secretary of Defense should direct the service secretaries to include as a separate category the numbers of first-term personnel released more than 90 days before the end of their contract terms when they report first-term attrition rates. | |
NSIAD-98-213 Sept. 15, 1998 |
The Secretary of Defense should direct the service secretaries to use existing quality-of-life surveys or create new ones to (1) collect information on the factors contributing to first-term enlistees’ separation and (2) identify quality-of-life initiatives aimed at reducing the attrition of first-term personnel. | |
NSIAD-98-213 Sept. 15, 1998 |
The Secretary of Defense should direct the service secretaries to continually emphasize to all commissioned and noncommissioned officers the costs of first-term attrition, the difficulty of acquiring new enlistees to replace early losses, and the importance of providing positive leadership in targeting first-term enlistees who could be encouraged to complete their contractual obligations. | |
NSIAD-98-213 Sept. 15, 1998 |
The Secretary of Defense should direct the service secretaries to collect more complete data on specific groups of enlistees whom the services wish to target for remedial action and issue guidance and formal policy changes to local commanders indicating what specific actions—such as more counseling, optional testing, further job choices, or remedial training—can be taken to prevent the early discharge of these targeted groups. | |
NSIAD-98-213 Sept. 15, 1998 |
The Secretary of Defense should direct the service secretaries to reassess the appropriateness of providing favorable types of discharge to enlistees whose behavior or performance led to their early separation and ensure that proper incentives exist to encourage enlistees to complete their first terms. | |
NSIAD-98-58 Jan. 30, 1998 |
The Secretary of Defense should instruct the services to jointly explore the feasibility of developing or procuring assessment tests that can aid in the selection of recruiters. | |
NSIAD-98-58 Jan. 30, 1998 |
To maintain recruit quality and increase a recruit’s chances of graduating from basic training, the Secretary of Defense should instruct the Army, the Navy, and the Air Force to implement the Marine Corps’ practice of administering a physical fitness test to recruits before they report to basic training. | |
NSIAD-98-58 Jan. 30, 1998 |
To enhance recruiters’ working conditions and the services’ ability to attract qualified candidates for recruiting duty, the Secretary of Defense should encourage the use of quarterly floating goals as an alternative to the services’ current systems of monthly goals. | |
NSIAD-99-53 Feb. 23, 1999 |
The Secretary of Defense should develop and monitor a DOD-wide plan to use initiatives in background check processes. At a minimum, DOD should incorporate the benefits of using the Defense Security Service’s Electronic Personnel Security Questionnaire and the Federal Bureau of Investigation’s Integrated Automated Fingerprint Identification System. The plan should also address the integration of these two initiatives with the expanded security clearance background investigation requirements contained in Executive Order 12968. The plan should include specific time frames and budget requirements for implementation. | |
NSIAD-99-53 Feb. 23, 1999 |
The Secretary of Defense should require all national agency checks for enlistment into the military to be based on a full fingerprint search to (1) reduce the risks associated with enlisting individuals who have been convicted of the more serious misdemeanors and felonies and (2) identify individuals who have used aliases. | |
NSIAD-99-53 Feb. 23, 1999 |
The Secretary of Defense should direct the services, after the initiatives available in 1999 are in use, to end their practices of sending enlistees to training and to first-duty stations without having all available criminal history information. |
|
 |
|
|
