The Latest Update to the Enterprise Architecture Improves on
Previous Versions, But Processes to Develop Future Updates Could Be Improved
July
2002
Reference
Number: 2002-20-124
This report has cleared the Treasury
Inspector General for Tax Administration disclosure review process and
information determined to be restricted from public release has been redacted
from this document.
July
9, 2002
MEMORANDUM FOR
DEPUTY COMMISSIONER FOR MODERNIZATION &
CHIEF INFORMATION OFFICER
FROM: (for) Pamela J. Gardiner /s/ Daniel R. Devlin
Deputy Inspector General for
Audit
SUBJECT: Final Audit Report - The Latest Update to
the Enterprise Architecture Improves on Previous Versions, But Processes to Develop
Future Updates Could Be Improved (Audit # 200120044)
This
report presents the results of our review of the updates to the Internal
Revenue Service’s (IRS) Enterprise Architecture (EA). The overall objective of this review was to determine whether an effective system of controls
and processes has been established to ensure the development and update of the
EA. To accomplish this objective, we
determined whether the artifacts and models necessary to update the EA were
being properly completed, and we evaluated conformance with and usage of the
EA.
Designing
and developing an architecture that will guide the modernization of the IRS’
information technology is an extremely complex project but one that is
essential if the modernization is to be successful. Without a detailed architecture to guide the development of the
new projects, it would be very difficult to ensure that all needed
functionality was developed and that individual projects were integrated and
worked with each other.
The
latest EA update, release 2.0, was completed in March 2002 and is the third
revision of the architectural blueprint originally developed in 1997. This update simplified the structure and
improved the usability of the EA by consolidating numerous individual work
products into several coordinated volumes.
Release 2.0 creates a more usable and complete enterprise requirements
section, updates a key data model, provides traceability from business
processes to systems, and defines system interfaces. Business Systems Modernization (BSM) Projects are also beginning
to be initiated based on business needs documented in the EA. The Business Systems Modernization Office
(BSMO) effectively communicated this release throughout the organization using
an internal web site.
In
summary, we found that while the completion of release 2.0 was a major milestone
and improved the EA, some of the development processes and procedures followed
to complete the update could be improved.
The IRS has recognized that establishing and adhering to effective
processes is key to its ability to succeed in modernizing its systems. The BSMO worked with the PRIME contractor to
develop the Enterprise Life Cycle (ELC) to help guide the BSM effort. Some of the EA development processes and
requirements described in the ELC were either not followed or not
completed. Users should have been more
involved in the initial development of the update, and although the EA review
process was thoroughly planned, some of the review teams did not follow the
guidance in the plan. Additionally, key
processes designed to ensure large-scale IRS modernization projects are
compliant with the EA were not consistently followed, and processes to ensure
the small-scale modernization projects funded from the IRS’ Information
Technology budget are compliant with the EA have not been established.
As
a result, certain key pieces of the EA, including those related to business
goals, strategies, and plans, were not updated in this release of the EA. Additionally, other models that establish
the technology and map business processes and requirements to that technology
were not thoroughly developed in the initial draft of the EA provided to the
IRS for review. Although some of these products may have been
completed before the IRS accepted the final version of the EA release 2.0, we
believe that had the PRIME contractor and BSMO followed ELC guidance, the
products would have been in the initial version submitted to the IRS for
review. In addition, if users had been
more involved in the development of this release, the BSMO would have greater
assurance that the users will understand and follow the EA in future
modernization efforts.
The
IRS is working towards establishing processes to ensure that small-scale
modernization projects adhere to portions of the EA, but these processes are
still in draft. Without processes to
ensure compliance with the EA, the IRS could spend significant amounts of money
on small-scale modernized systems that do not integrate well with the
large-scale modernized systems currently being developed by the IRS.
To address these issues, we
recommend the BSMO require users of the EA to certify that their conditions for
approval raised during reviews of previous releases, as well as those raised
during their current review, have been adequately addressed in the EA release
2.0. The BSMO should also document
and institute an EA management process that ensures development of future
updates to the EA meet the needs of the users, and should adhere to previously
described EA certification processes that require an EA certification before a
project is allowed to move into development.
In addition, we recommend that the Deputy Commissioner for Modernization
& Chief Information Officer require a comprehensive EA compliance review of
all strategic small-scale projects that communicate or interface with
large-scale modernized systems prior to funding the development activities of
the small-scale projects.
Management’s Response: The Deputy Commissioner
for Modernization & Chief Information Officer indicated that users of the
EA would be required to certify that their approval conditions for the EA
release 2.0 are adequately addressed.
In addition, users who raised EA release 1.0 issues regarding Data
Management, Disaster Recovery, Mapping of Business processes to technology, and
Security Architecture will be required to certify that these issues are
resolved.
To
ensure future updates to the EA meet the needs of the users, the PRIME
contractor’s Business Transformation Office is developing a management process
to engage the IRS Business Operating Divisions.
To
ensure modernization projects receive an EA certification before advancing into
their development phase, the BSMO will continue to follow the Technical
Directive issued to address the EA certification process.
Finally,
the Deputy Commissioner for Modernization & Chief Information Officer
agreed to document procedures to ensure all strategic small-scale projects that
communicate or interface with large-scale modernized systems are reviewed for
EA compliance. Management’s complete
response to our report is included as Appendix IV.
Copies of this
report are also being sent to the IRS managers who are affected by the report
recommendations. Please contact me at
(202) 622-6510 if you have questions or Scott Wilson, Assistant inspector
General for Audit (Information Systems Programs), at (202) 622-8510.
The Update to the Enterprise
Architecture Improves on Previous Releases
Closer Adherence to Guidance for Updating the Enterprise Architecture Could Improve Future Releases
Compliance With the Enterprise Architecture Certification Process Needs Improvement
Appendix I – Detailed Objective, Scope, and Methodology
Appendix II – Major Contributors to This Report
Appendix III – Report Distribution List
Appendix IV – Management’s Response to the Draft Report
The Internal Revenue Service (IRS) is in the process of modernizing its technology base. One of the problems with the IRS’ current information technology is that components were installed in a piecemeal fashion over a long period of time without consistent direction or focus. The IRS’ Enterprise Architecture (EA) is being developed to provide this direction and focus. The EA is intended to bridge the gap between the IRS’ vision for its future operations and the individual modernization projects that are currently designing and deploying the new computer systems. The EA is one of the foundations of the IRS’ systems modernization effort.
The EA defines high-level concepts such as the IRS’ mission, vision, and future business objectives. It also defines the IRS’ business processes, business requirements, anticipated processing volumes, products and services to be offered, and locations where they will be provided. Finally, it defines basic hardware and software technology components that will be used to provide these services.
Given the large and complex nature of IRS operations, if each modernization project were left to independently interpret the IRS vision and strategy, there would be a high probability that deployed solutions would be non-integrated, inconsistent, and have overlapping or conflicting functionality. These problems could lead to excessive costs for development and maintenance, unmet business expectations, frustrations among users and employees, the IRS’ inability to exploit new ways of doing business (such as e-business), unmet security and privacy requirements, and rigid computer systems that do not communicate well or are unresponsive to change.
When the current modernization effort began several years ago, the IRS and the PRIME contractor were using an early architectural blueprint developed in 1997. The first major revision of the architecture, called EA release 1.0, was completed in December 2000. In June 2001, EA release 1.1 was completed. The latest update to the EA, release 2.0, was completed in March 2002. Through November 2001, the IRS had paid approximately $27 million to the PRIME contractor for the development of the EA.
In 2000, we conducted an audit of the processes used to develop EA release 1.0. In response to recommendations presented in the audit report, the IRS indicated that an EA supplement to the Enterprise Life Cycle (ELC) would be developed to include the critical processes necessary to establish and update the EA and to provide needed guidance to modernization projects. This supplement was eventually developed and incorporated into the ELC. The supplement cites the following three critical success factors for the EA:
· Enroll the Business - Make sure the IRS executives understand the business value of having and complying with the EA.
· Avoid Creating Shelfware - Continually maintain and periodically refresh the EA.
· Think Holistically - Consider all the areas of change when addressing the EA.
More recently, in response to Congressional and General Accounting Office (GAO) concerns, the IRS’ Business Systems Modernization Office (BSMO) established a certification process that certain projects must follow to ensure they are compliant with the EA prior to moving into the development phase.
Our current audit followed up to determine whether processes were being followed for updating the EA. The audit was conducted in the BSMO facilities in New Carrollton, Maryland, between October 2001 and March 2002, in accordance with Government Auditing Standards. Detailed information on our audit objective, scope, and methodology is presented in Appendix I. Major contributors to the report are listed in Appendix II.
The IRS accepted the EA release 2.0 in March 2002. This update simplified the structure and improved the usability of the previous release by consolidating numerous individual work products into several coordinated volumes. In addition, BSMO management indicated that this release creates a more usable and complete enterprise requirements section, updates a key data model, provides traceability from business processes to systems, and defines system interfaces.
Most importantly, projects are starting to be initiated based on business needs documented in the EA. Two of the recently initiated projects, Filing and Payment Compliance and Customer Account Management, were started based on needs identified and documented in the EA.
The new release was effectively communicated throughout the IRS by the BSMO via an internal web site. This is a best practice according to the ELC and is important to enable the EA to accomplish its critical success factors. The IRS and PRIME contractor architecture groups held over 25 briefings and education sessions to educate IRS stakeholders on the content of the EA release 2.0.
While the BSMO and PRIME contractor successfully completed the EA release 2.0, some key processes outlined in the ELC guidance for updating the EA were not followed or completed. We believe following the ELC guidance would have improved the timeliness and effectiveness of the EA update process. The remainder of this report details the areas where the ELC guidance was not followed and identifies actions that could improve the process for the next EA update.
The IRS has recognized that establishing and adhering to processes is key to its ability to succeed in modernizing its systems. The BSMO and the PRIME contractor have established guidance and processes in the ELC and elsewhere to guide the modernization effort. These processes and guidance are meant to ensure that the modernization efforts meet the key objectives effectively and efficiently.
Some key processes identified in the ELC regarding EA development were not followed in the preparation of EA release 2.0. The PRIME contractor did not consistently follow the ELC guidance, the users were not adequately involved in the development of the release, and the review and acceptance process that was comprehensively laid out in the review plan was not consistently followed.
The PRIME
contractor did not consistently follow established guidance in updating the EA
When we conducted our previous audit on the EA in early 2000, we evaluated the processes in place to ensure updates to the EA were effectively developed. We found that the IRS had determined that the ELC did not provide the necessary guidance for developing and updating the EA. The response to our report indicated that a supplement to provide this guidance would be approved and included in the ELC in December 2000. The IRS did approve this supplement and included it as ELC guidance for future updates. In addition to providing missing EA guidance, this supplement mapped required activities and work products to the Treasury Enterprise Architecture Framework, the Federal Enterprise Architecture Framework, and the Zachman Framework for EA.
However, the PRIME contractor did not consistently follow the EA supplement to the ELC in preparing the EA release 2.0. A PRIME contractor official responsible for the EA release 2.0 indicated that parts of the supplement were too theoretical and that some of the products required by the supplement were not very useful or successful. He indicated that his team went back to the original Catalyst Architecture guidance that was the basis for the ELC, even though in our earlier review this guidance had been determined to be insufficient.
Although we agree the supplement did suggest a structure for EA work products that was difficult to use, other portions of the supplement, including the guidance on information required in the EA and the activities necessary to conduct a thorough update of the EA, were useful and important. We believe that the PRIME contractor should have followed the useful portions of this supplement and revised the portions related to the difficult structure. However, in January 2002, approximately 3 months after the PRIME contractor delivered the draft EA release 2.0 to the IRS for review, the PRIME contractor initiated a change request to completely remove the EA supplement from the ELC.
Certain key products required to be in the EA were not included in the initial EA release 2.0 provided for review. We believe that information required to be included in these products was missing from the draft EA release 2.0 in part because the PRIME contractor did not follow the ELC guidance in the EA supplement.
For example, one key architecture component, the Data Administration and Data Management Approach, was not completed for the draft EA release 2.0. Documentation of this approach is especially critical for the IRS because several ongoing modernization projects have been tasked to develop various segments of the IRS data model. Much of these data are shared between projects, so an overall data management approach is necessary to avoid gaps or duplication of efforts. PRIME contractor personnel indicated that this approach was documented in the supplementary materials section of the EA release 2.0, but this information was not apparent to us or to the IRS review teams that conducted in-depth reviews of the draft release.
When we discussed this with BSMO officials, they indicated that they were in the process of working with the PRIME contractor to develop the critical guidance needed by the projects for data management. However, they indicated that, when completed, this guidance would be included in the ELC rather than in the EA.
Another key product, the Process/Technology Capability Matrix, was required by the EA supplement to document the integration of the relationships between business processes, organizations, locations, and the enabling technology. This model would describe the technology side of the architecture and ensure that the business processes map to the technology. Although numerous improvements have been made in the mapping of business processes to requirements, comments from the reviewers describing the need for a model to map technology components to business processes and requirements indicates that this model was not completed in the draft EA release 2.0.
Another item that we believe to be important, but that was not completed, was the Architecture and Engineering Management (AEM) supplement to guide the future management of the EA. This AEM supplement would provide further guidance for the PRIME contractor and the IRS to use in their efforts to maintain, communicate, and enforce the EA.
Although some of these products may have been completed before the IRS accepted the final version of the EA release 2.0, we believe that had the PRIME contractor followed ELC guidance, the products would have been in the initial version submitted to the IRS for review. Information included in these products is important in assisting projects in their design and development activities and in ensuring that the EA is effectively managed.
Users of the
EA were not adequately involved in the development of the EA release 2.0
Although the IRS users were heavily involved in developing the vision and strategy upon which the EA update is based, these users were not adequately involved in converting that vision into the EA update.
The ELC lists user involvement as the first project success factor. One of the guiding principles in the ELC is titled “Foster Development Partnerships and Joint Ownership of Results.” The EA supplement to the ELC also lists “Enroll the Business” as one of the critical success factors for developing and updating the EA. In addition, it requires that business processes, organization, and locations be considered when developing the architecture along with the applications, data, and technology pieces of the architecture.
Users were not involved in the EA update process because when planning this EA release 2.0 update, the PRIME contractor determined that it would independently gather and review the documentation from the vision and strategy work and incorporate this information into the EA release 2.0, rather than work with the users of the EA. Once the EA update development was complete, the users would then review this update and provide comments. The IRS agreed to allow the contractor to use this approach, even though it is contrary to the ELC, primarily because of the scarcity of IRS personnel with the skills and abilities necessary to assist in this effort.
Because up-front user involvement was not present, key segments of the draft EA that document the business processes, organization, and location have not been fully updated. For example, the vision and strategy work for tax administration was completed in March 2001. Much of this work was conducted at the same time the business units within the IRS were just starting their new operations. As a result, there were various organization and operational items that were changed or clarified after that work was completed. These changes were not reflected in the corresponding sections of the EA, even though the initial draft of the EA was not provided to the IRS until October 2001.
Also, some of the users in the IRS’ business units have had a difficult time finding their operations and activities in the EA. We believe that if users had been more involved in the development of the EA release 2.0, the BSMO would have greater assurance that these users will understand and follow the EA in the future modernization efforts.
Management Actions: To address the business process areas in the EA that have changed since the tax administration vision and strategy work was completed, the IRS has begun a refresh process to identify and make necessary changes in the EA. In addition, the PRIME contractor is developing a Business Transformation office to work closely with the IRS’ transition manager to ensure that changes in IRS’ business operations are consistent with the EA.
The EA review plan
was not consistently followed
The IRS’ EA office created a comprehensive review and acceptance plan that included the processes and activities necessary to enable an effective review of the new release of the EA. The plan included a schedule of actions and time frames for accomplishing key objectives. It required various in-depth review teams to analyze the EA and develop comments, identify issues, and make recommendations. A standardized feedback form was provided to each review team to document and organize their review comments. Finally, signature memoranda were distributed to stakeholder organizations to ensure accountability and to obtain formal approval or disapproval of the EA.
The review and acceptance plan developed by the IRS EA office is consistent with the ELC review and acceptance process and enhances requirements for stakeholder review. Had this comprehensive plan been consistently followed, the process would have resulted in a very thorough review. However, there was inconsistency in the way the review was conducted.
For example, we found that 4 of the 15 review teams did not complete their review feedback forms, and only 7 of the 18 organizations required to formally document their approval or disapproval of the EA release 2.0 actually signed the approval forms. In addition, reviews were not completed until approximately 3 months after the planned initial deadline. Management of the BSMO indicated that the 6 most critical organizations, including the IRS’ 4 primary business units, provided formal approval of EA release 2.0, and thus they did not require the remaining 11 organizations to formally document their approval or disapproval.
A timely, consistent, and thorough review of the EA release 2.0 by all IRS stakeholder organizations was critical because the PRIME contractor did not involve these users in developing this update. It is important for users to understand the EA and how it applies to them, and a review process assists in achieving that goal. It is also important for the IRS to have assurance that the stakeholders responsible for following the EA have reviewed it and approve of its accuracy and completeness. Without review comments and approval documentation, the IRS cannot be certain that a thorough review was conducted.
In addition, some approval conditions and concerns documented by IRS stakeholders during their review of the first EA update (release 1.0) were not resolved in the draft version of the EA release 2.0. We evaluated 26 concerns raised in reviews of a previous release that should have been addressed in this release and found 12 that had not been addressed in the draft version of release 2.0. The critical concerns that we believe were not adequately addressed in this release were the lack of a data management strategy, the lack of a thorough security architecture, and the lack of detailed mapping between business processes and technology.
The IRS EA office believes all of the concerns but one from reviews of a prior EA release were eventually addressed in the version of EA release 2.0 that was accepted. Because the final version was still in process when we completed our work, we were not able to evaluate it to ensure these concerns were completely addressed. When we discussed these issues with management in the week prior to acceptance of the EA release 2.0, there were still some significant concerns that had not yet been addressed. In addition, because of delays in completion of the current review process, we are not certain whether the key concerns raised in this review of release 2.0 have been adequately addressed.
To ensure that all outstanding approval
conditions have been addressed and to improve compliance with EA development
and review processes, we recommend that BSMO management:
1. Establish a control to ensure that all key users and stakeholders of the EA certify that significant concerns raised during previous and current reviews of the EA have been adequately addressed. Future reviews should require this certification before IRS’ final approval and acceptance of a release is granted.
2. Document and institute an EA management process that ensures development of future updates to the EA meet the needs of the users. This process should be included as part of a more comprehensive AEM supplement to the ELC.
Management’s Response: Key users of the EA will be required to
certify that their approval conditions for EA release 2.0 are adequately
addressed. In addition, users who
raised EA release 1.0 issues regarding Data Management, Disaster Recovery,
Mapping of Business processes to technology, and Security Architecture will be
required to certify that their issues are resolved.
The PRIME contractor’s Business Transformation Office is currently developing the management process to engage the IRS Business Operating Divisions to ensure future updates to the EA meet the needs of the users.
One of the key processes established to ensure large-scale modernization projects currently in process were compliant with the EA was a certification process. This process was first described in a December 21, 2000, response from the IRS’ Commissioner to a GAO audit report. In his response, the Commissioner indicated that any modernization project requesting approval to move into the development phase must first receive a certification that the project complies with the EA.
This process was later required in letters issued in May 2001 from the two Congressional committees that oversee funding of the BSMO projects. The Congressional committees also required that no funding be allocated after July 15, 2001, for project development from the March 2001 spending plan unless the project’s EA certification had been completed.
The EA certification checklist and certification review procedures developed by the BSMO are comprehensive. We believe that this checklist and set of procedures, if followed consistently, would provide assurance that projects are compliant with the EA.
We evaluated the 19 projects that were in process at the time of our review and identified 6 that had progressed into development subsequent to December 21, 2000, when the EA certification requirement was initially documented. Three of these projects, Internet Refund Fact of Filing (IRFOF), Security and Technology Infrastructure Release (STIR), and Customer Relationship Management-Examination (CRM-Exam), did not obtain EA certification prior to moving into development. BSMO management explained that one reason certifications were not completed was because the certification process was not implemented until March 2001. Of these three projects that moved into development without a certification, only the IRFOF project moved into development after March 2001. In addition, delays occurred in completing the certification process because completion of the EA release 2.0 was a higher priority than completing the EA certifications.
At the time our audit testing was completed, all of the projects had eventually completed their EA certifications with the exception of the CRM-Exam project. Management indicated that the CRM-Exam project would not be certified because it was already being deployed and did not have a significant impact on any other modernization projects. We agree that it would not be cost-beneficial to go back and certify the CRM-Exam project.
Until the EA is firmly established within the IRS and projects are consistently initiated and guided by its principles, the certification process is key to reducing the risk of building systems that are not aligned with the IRS’ architectural vision of the future. Without an effective certification process that requires approval at the highest levels, systems could be developed that do not perform as intended and may require redesign efforts resulting in additional expenditures and time delays.
In addition, funding projects into development without EA certification is contrary to the Congressional intent in the guidance on how funding for modernization should be allocated. This type of activity adds risk to the continued funding of the IRS’ modernization.
To ensure that future projects are
in compliance with the EA, we recommend that the BSMO:
3. Follow the certification process described in the December 2000 response to the GAO and in the letters from the Congressional committees. This process requires that, before a project can move into development, it must receive a certification that it is compliant with the EA.
Management’s Response: The Deputy Commissioner for Modernization & Chief Information Officer agreed that projects must receive certification that they are compliant with the EA before moving into the development phase. The EA certification process established in an IRS Technical Directive is being followed.
A system of processes and controls has not been formally established to ensure strategic small-scale modernization projects funded by the IRS’ Information Technology budget comply with the standards and guidance in the EA. In a previous audit, we determined that criteria for classifying information technology projects were needed. We determined that lack of criteria could lead to questions on whether projects were classified properly. In our current audit, we identified at least one strategic small-scale project that does have a scope similar to and impact commensurate with the projects currently classified as large-scale by the IRS, and there may be others.
The Business Master File (BMF) e-File project is an IRS project and is funded for a total of $7.5 million for Fiscal Years 2001 and 2002. This project is being designed to create a new system to process electronic business tax returns received by the IRS from business taxpayers. This new system will interact with a number of existing and future computer systems within the IRS.
Currently, there are no controls in place to ensure this project is being designed in compliance with the evolving EA. For example, the BMF e-File project is not required to undergo a review for EA compliance prior to beginning its development phase. As discussed earlier in this report, this type of EA compliance review is a major control for large-scale modernization projects.
In addition, we found little involvement in small-scale projects by the IRS’ EA Office or by the PRIME contractor’s office responsible for EA development. The BMF e-File project leader we interviewed instead cited heavy involvement by the IRS’ Systems Engineering and Integration office. Although this office is beginning to develop some initial processes to evaluate EA compliance, it has not yet completed processes to ensure strategic small-scale projects adhere to the IRS’ EA. All modernization projects, regardless of how they are funded or classified, should be managed to ensure they follow the standards, approaches, and guidelines in the EA.
The lack of EA processes for strategic small-scale projects is due to several factors. The IRS and PRIME contractor EA groups have focused their efforts on developing the EA and reviewing large-scale projects for compliance with the EA. We were also informed that the Systems Engineering and Integration office does not have the staffing resources to review small-scale projects. There are currently 63 projects in that category, which are funded for approximately $85 million for Fiscal Years 2001 and 2002.
Another reason for the lack of EA processes for strategic small-scale projects is that the PRIME contractor had not completed a critical piece of the EA, the Enterprise Transition Strategy (ETS), by the time we completed our review. The ETS is needed to answer the questions of what new systems will be delivered and when. At its current level of detail, the EA does not specifically reference small-scale projects such as the BMF e-File project.
As more modernization work is accomplished with small-scale projects, the lack of controls and processes to ensure these projects align with and conform to the EA could result in deployed systems that have overlapping or conflicting functionality. This situation could create several additional problems such as:
· Excessive costs for development and maintenance.
· Unmet business expectations.
· User and employee frustration.
· Violations of security and privacy requirements.
Management Actions: The IRS currently has a draft process in development to evaluate whether strategic small-scale projects are in compliance with the Release Architecture. We obtained a copy of this draft process during our review but were told that it was still being revised.
To ensure strategic small-scale projects conform to the EA, we recommend that the Deputy Commissioner for Modernization & Chief Information Officer:
4.
Require a comprehensive EA compliance review process
for all strategic small-scale projects that communicate or interface with
large-scale modernized systems prior to allowing them to be funded for
development activities.
Management Response: The BSMO will
update the Technical Directive for EA certification to include criteria for a
certification and compliance review of strategic small-scale projects that
communicate or interface with large-scale modernized systems.
Appendix I
Our overall objective was to determine whether an effective system of controls and processes has been established to ensure the development and update of the Internal Revenue Service’s (IRS) Enterprise Architecture (EA). To accomplish this objective, we performed the following tests:
I.
Determined whether the
artifacts and models necessary to update the EA were properly completed.
A.
Compared the products in the
EA draft release 2.0 to the models required in the Zachman Framework for EA.
B.
Reviewed the EA release 2.0
to determine whether it addressed the six domains of change that comprise the
foundation of the Enterprise Life Cycle (ELC) methodology.
C.
Determined whether users were
adequately involved in the development of the EA.
D.
Evaluated the current review
and acceptance process to determine whether it ensures updates to the EA
accurately document the current state and future vision of the IRS.
E.
Reviewed a sample of concerns
documented by the IRS in its review of the early release of the EA and
determined whether they had been addressed in the EA release 2.0 update. There were 127 concerns or conditions
documented for the approval of EA release 1.0.
From this population, we judgmentally selected 26 of the concerns we
deemed most significant. We used a
judgmental sampling technique due to the small size of the population and
because we did not intend to project the test results across the entire
population.
F.
Determined whether the EA
supplement to the ELC is being followed by the IRS’ EA office and the PRIME
contractor’s office responsible for EA development.
II.
Evaluated conformance with
and usage of the EA.
A.
Interviewed project leaders
from new projects initiated during the first quarter of Fiscal Year 2002 to
determine whether the decision to initiate the project was driven by a business
need documented in the EA.
B.
Reviewed the Business Systems
Modernization Office EA certification process.
C.
Determined how the EA was
communicated to the IRS.
Appendix II
Major Contributors to This Report
Scott E. Wilson, Assistant Inspector General for Audit
(Information Systems Programs)
Scott Macfarlane, Director
Troy D. Paterson, Acting Director
Tammy L. Whitcomb, Audit Manager
W. Allen Gray, Senior Auditor
Charles Winn, Senior Auditor
George L. Franklin, Auditor
Perrin Gleaton, Auditor
Appendix III
Commissioner N:C
Deputy Commissioner
N:DC
Associate Commissioner, Business Systems Modernization M:B
Deputy Associate Commissioner, Systems Integration M:B:SI
Director, Enterprise Architecture M:B:SI:EA
Chief Counsel CC
National Taxpayer Advocate TA
Director, Legislative Affairs CL:LA
Director, Office of Program Evaluation and Risk Analysis N:ADC:R:O
Office of Management Controls N:CFO:F:M
Audit Liaison:
Associate
Commissioner, Business Systems Modernization
M:B
Appendix
IV
The response was removed due to its size. To see the complete response, please go to the Adobe PDF version of the report on the TIGTA Public Web Page.