Report: FBI lacks blueprint for technology upgrade

Despite past warnings from congressional auditors, the FBI does not have an effective framework for modernizing its information technology systems, according to a new report.

The Government Accountability Office report (GAO-05-363) argued that the FBI needs to continue to move towards a fully enforced enterprise architecture, a blueprint used by organizations to guide IT system improvements.

The 47-page report also found that the bureau's heavy reliance on private contractors to develop the IT framework was hampered because the FBI does not use performance-based contracting techniques and has failed to effectively oversee the contractors' work.

The FBI's computer systems are based primarily on 1980s technology, and realigning the bureau's mission after the Sept. 11, 2001, terrorist attacks, have strained its IT systems, which are "deployed on an ad hoc basis," according to the report.

Currently, the FBI is undertaking a multimillion-dollar IT modernization effort. More than half of the bureau's IT budget - $390 million out of $737 million - is being spent on upgrading its 450 U.S.-based offices and 45 foreign bureaus.

The FBI has struggled to modernize its systems, a situation highlighted by the failed $170 million Virtual Case File System.

GAO investigators laid the framework for their criticism of the FBI's failure to establish an enterprise architecture in a September 2003 report (GAO-03-959).

Of the 31 elements GAO used at the time to evaluate the quality of an agency's enterprise architecture, the FBI satisfied only 15. While some best practices have been incorporated since that time, several have yet to be adopted.

"If the bureau does not begin employing the kind of effective contract management controls contained in federal regulations and related guidance, its architecture efforts will continue to be at risk," GAO auditors said.

The FBI's heavy reliance on private contractors for the development of its IT blueprint is partly to blame for the ineffective IT architecture, the report stated. GAO found that contracted work for the enterprise architecture was not defined in measurable, results-oriented terms, and specific standards and performance incentives were not tied to contracts' requirements.

FBI officials told GAO that the bureau's approach to IT contacting was based on the concept of working with the contractor until the product or service is satisfactory, a method GAO termed ineffective.

GAO recommended that the FBI's chief information officer and chief financial officer implement performance-based contracting wherever possible, along with stronger tracking and oversight practices.

In response, Zalmai Azmi, the FBI's chief information officer, wrote that the bureau has been successful in using fixed-price contracting, rather than the performance-based contracting, because the approach gives contractors an incentive to stay on schedule. But, he said, the FBI would take steps to encourage performance-based contracting.