The Implementation of Software Products to Manage and
Control Computer Resources Needs Improvement
July 2003
Reference Number: 2003-20-151
This report has cleared the Treasury
Inspector General for Tax Administration disclosure review process and
information determined to be restricted from public release has been redacted
from this document.
July
31, 2003
MEMORANDUM FOR
CHIEF INFORMATION OFFICER
FROM: Gordon C. Milbourn III /s/ Gordon C.
Milbourn III
Assistant Inspector General
for Audit (Small Business and
Corporate Programs)
SUBJECT: Final Audit Report - The Implementation of Software Products to
Manage and Control Computer Resources Needs Improvement (Audit #
200220001)
This report
presents the results of our review of the Internal Revenue Service’s (IRS)
implementation of Tivoli®, a suite of software products for improving the
management and control of its computer resources. The overall objective of this review was to determine whether the
IRS is effectively and efficiently managing and using Tivoli®.
In summary, the IRS has
developed and maintained high-level system life cycle documentation for the
Enterprise Systems Management (ESM) project, which includes Tivoli®. This
documentation generally follows the IRS’ Enterprise Life Cycle Lite methodology.
We
also identified several weaknesses in
the management control practices over Tivoli® that, if not
corrected, could reduce the overall effectiveness and actual benefits of the
Tivoli® implementation.
The IRS uses the term “endpoint health” to gauge whether Tivoli® can “successfully” communicate with computing
devices. On April 14, 2003, the IRS’ overall endpoint health percentage
was 60 percent (78,925 of 131,488 endpoints).
Also, in September 2002, only 38 of 4,497 computers at the New
Carrollton Federal Building successfully received a software update via Tivoli®. Endpoint health is
not effectively managed and maintained at a higher rate because no policies and
guidelines have been established to promote endpoint health, such as schedules
when individuals should leave their networked computers turned on or when to
have laptops connected to the IRS network. The low percentage of endpoint health, combined with
staff not being assigned the responsibility to resolve endpoint health and
software distribution problems, have resulted in unrealized efficiencies
ranging from approximately $5.5 million to $7.6 million.
We also identified the
following concerns:
·
The IRS has stated that
it has deployed more Tivoli® software licenses
than were purchased; therefore, the IRS may be exposed to legal remedies (e.g.,
fines and penalties).
·
The IRS obtained
software licenses that were not used, which could result in wasted funds.
·
A support services
contractor for Tivoli® was working onsite without a
current statement of work, which could result in the IRS being billed for
services it did not intend to receive.
·
Tivoli® was only partially compliant with the IRS’ security
requirements, thereby potentially increasing the IRS’ exposure to security
risks.
·
Tivoli’s® business
continuity capability was never tested; therefore, the IRS may not be able to
timely recover its enterprise-wide network management capability in the event
of a disaster.
We recommended that the
Chief Information Officer (CIO) ensure that appropriate policies, guidelines,
and performance standards are developed to establish and monitor network
connectivity to promote Tivoli® endpoint health;
and that staff is assigned the responsibility for resolving problems associated
with unhealthy endpoints and unsuccessful software distributions. The CIO should also ensure that a
Contracting Officer’s Technical Representative (COTR) is assigned to assist the
Contracting Officer in monitoring the Tivoli® contracts; contractual agreements for
the number of software licenses purchased and installed are monitored for
compliance and appropriate contract modifications are prepared and approved; and an Information Systems Security Officer is
assigned for the Tivoli® component of the
ESM project to ensure that adequate security and business continuity capability
for Tivoli® are provided and tested.
Management’s
Response: The CIO agreed with our evaluation of the
implementation of Tivoli® and the recommendations.
The End User Equipment and Services (EUES) organization has developed
the appropriate policies and guidelines for the establishment of network
connectivity to promote Tivoli® endpoint health, assigned the responsibility
for resolving problems associated with unhealthy endpoints and unsuccessful
software distributions for all IRS office locations, and assigned a COTR to
assist the contracting officer in monitoring the Tivoli® contracts. The
EUES organization monitors the contractual agreements for compliance with the
number of software licenses that have been purchased and installed. A “true up” of deployed software is done
quarterly. If the contractual agreement
changes, they modify the contract. In
addition, the EUES organization will work with the Contracting Officer to
include documentation of IRS’ enrollment in the IBM Software Passport Program
in contract documentation. Also, the
EUES organization will appoint an Information Systems Security Officer by
August 1, 2003. Management’s
complete response to the draft report is included as Appendix VII.
Copies
of this report are also being sent to the IRS managers who are affected by the
report recommendations. Please contact
me at (202) 622-6510 if you have questions or Margaret E. Begg, Acting
Assistant Inspector General for Audit (Information Systems Programs), at (202)
622-8510.
Life Cycle
Documentation Has Been Developed and Maintained
Tivoli® Program Administration Needs Improvement
Contract Administration Over Tivoli® Needs
Improvement
Security Responsibilities for Tivoli® Have Not Been Formally Assigned
Appendix I – Detailed Objective,
Scope, and Methodology
Appendix II – Major Contributors to
This Report
Appendix III – Report Distribution List
Appendix IV – Outcome Measures
Appendix V – Tivoli® Software Module Over-Deployments
Appendix VI – Tivoli® Module Deployment Status
Appendix
VII – Management’s Response to the Draft Report
The Internal Revenue Service (IRS) has over 100,000 computers and associated software items supporting its 100,000 plus employee workforce. Consistently managing such a large number of computing devices and their associated software is a challenge. The IRS is implementing Tivoli®, a suite of software products, to improve the management and control of its computer resources. The Tivoli® software suite is modular in design, whereby specific functions can be obtained by adding the desired software module to the Tivoli® Management Framework software package. For example, various modules can provide functions that include software distribution, inventory management, remote control over personal computers, security administration, user administration, and web services management, among other functions.
As of September 30, 2002, the IRS had deployed 13 different modules into production (see Appendix VI for a description and status of various Tivoli® modules). Expenditures for the Tivoli® software suite of products and associated costs for supporting hardware, software, and services totaled over $49 million.
Responsibility for managing the implementation and support of the Tivoli® suite of software products resides in the Office of Enterprise Systems Management (OESM) within the End User Equipment and Services (EUES) organization of the Modernization, Information Technology and Security (MITS) Services organization. Operational support is provided by OESM personnel located at the IRS Campus in Austin, Texas.
The audit was conducted in the EUES organization at the IRS National Headquarters in New Carrollton, Maryland, and the Information Technology Services’ (ITS) Systems Management Center at the IRS Campus in Austin, Texas, from November 2002 to April 2003. The audit was conducted in accordance with Government Auditing Standards. Detailed information on our audit objective, scope, and methodology is presented in Appendix I. Major contributors to the report are listed in Appendix II.
The IRS’ Enterprise Life Cycle Lite (ELC Lite) is the
framework for project management in the ITS function that provides a flexible
yet structured approach to the key planning and control elements needed for
effective project management in IRS’ environment and the tools to do the job. It combines policies, procedures, and guidelines with the plans
and project control mechanisms needed for effective project planning,
implementation, and management within ITS.
The IRS has developed and maintained high-level system life cycle documentation for the Enterprise Systems Management (ESM) project that includes the Tivoli® project. This documentation includes an ESM Baseline Business Case, Project Management Plan, Organization Transition Plan, Implementation/Deployment Plan, Systems Requirements Report, as well as the documentation necessary for Tivoli® system security certification and accreditation. This documentation generally follows the IRS’ ELC Lite methodology.
The
Clinger-Cohen Act (also called the Information Technology Management Reform
Act) requires Federal
agencies to have processes in place to help ensure that information technology
projects are being implemented at acceptable costs, within reasonable time
periods, and are contributing to tangible, observable improvements in mission
performance.
Tivoli’s® ability to communicate with the computing devices in the network is a critical functionality that must be successfully performed for Tivoli® to be an effective tool for managing an enterprise-wide system. The IRS uses the term “endpoint health” to gauge whether Tivoli® can “successfully” communicate with computing devices. An endpoint, loosely defined, is a computing device that operates in a network, such as a server, desktop, or laptop. IRS officials have stated that endpoint health is directly related to the success of Tivoli®.
The IRS uses a web site to track endpoint health. Endpoint health is reported as an overall percentage for the IRS organization, and a summary percentage for 10 geographic areas (e.g., east region, southeast region, mid-states region, west region), as defined by Tivoli®, is also reported. Each geographic area contains various IRS offices and their endpoints (i.e., computing devices). On April 14, 2003, the IRS’ overall endpoint health was 60 percent (78,925 of 131,488 endpoints), and endpoint health for each of the 10 geographic areas ranged from 32 percent to 97 percent. Based on the range of endpoint health percentages, some offices are clearly better at managing their systems for endpoint health than others. In addition, the IRS has not established an overall goal for the endpoint health percentage.
As a result of the low endpoint health percentage, the software distribution module is not realizing its full effectiveness. For example, the Tivoli® Software Distribution module provides an automated hands-off method of installing new software products, upgrades, or patches to the IRS’ standardized suite of software programs that reside on Windows-based workstations throughout the IRS. As of April 14, 2003, the overall software installation success rate for these workstations was approximately 44 percent (180,567 of 410,537 software patches). However, because the software distribution module is not able to communicate with all of the IRS workstations, the success rate for software installation for IRS workstations overall is actually less than the 44 percent.
Endpoint health is not effectively managed and maintained at a higher rate because no policies and guidelines have been established to promote endpoint health, such as schedules when individuals should leave their networked computers turned on or when to have laptops connected to the IRS network. IRS officials indicated that the current practice is to inform individuals prior to the distribution of software via e-mail notification.
Another issue with the
management of endpoint health is that personnel are not assigned the responsibility for
resolving endpoint health problems at specific IRS office locations. For example, when a Tivoli® endpoint health problem occurs, a trouble report is generated and
logged to the System Management Center (SMC). The SMC then reports the
problem to the respective IRS field office that is generally responsible for
addressing endpoint health problems. If the local field
office has not designated a Tivoli® System Administrator to address Tivoli® endpoint problems, the issue generally remains open until either
SMC personnel can address it or someone at the field office does not have other
competing priorities and, therefore, has the time to address it.
For example, at the New Carrollton Federal Building (NCFB),
no one has been formally assigned the Tivoli® System
Administrator responsibility to ensure endpoint health problems are
resolved. In September 2002, only 38
out of 4,497 computers at the NCFB were reported as successful in obtaining a
software update. We were
informed that a possible cause of this low software installation rate was that
many of the computers at the NCFB had unhealthy endpoints primarily due to
computer naming conventions that were not compatible with Tivoli® requirements. Some unsuccessful software updates were
caused by problems with the computer (e.g., not enough memory). Without the assignment of staff to resolve endpoint health and
software distribution problems, Tivoli’s® overall effectiveness and actual
benefits could be reduced.
As of April 14, 2003, the IRS reported that
approximately $2.7 million was saved in reduced time to distribute the 180,567 software copies out
of 410,537 attempts. With improved
policies and guidelines and assigning staff the responsibility for addressing
endpoint problems for IRS office locations, the IRS could reap additional
efficiencies in reduced software distribution time and costs. IRS officials indicated that an 80 percent
initial software distribution success rate at a specific time would be a
realistic target, with a goal of 100 percent success over time. While a 100 percent software distribution
success rate to all endpoints at any specific time is desirable, it is
unrealistic due in part to the large number of laptop computers in use.
For
example, had those software distribution attempts on April 14, 2003, been 80
percent successful, the IRS could have had additional efficiencies of
approximately $2.2 million. These
additional efficiencies could have reached approximately $3.5 million if those
software distribution attempts had been 100 percent successful.
In addition, since the IRS’ reported
efficiencies for software distribution represents only 60 percent of all
endpoints, an additional $3.3 million to $4.1 million (based on the success
range of 80 to 100 percent) of potential efficiencies could have been obtained
if the IRS had been able to distribute software to the 40 percent of the
endpoints it could not reach (see Appendix IV). Subsequent software distributions would provide additional
efficiencies in reduced time and costs.
The Chief Information Officer should ensure that:
1. Appropriate policies, guidelines, and performance standards are developed to establish and monitor network connectivity to promote Tivoli® endpoint health.
Management’s Response: The EUES organization has developed the appropriate policies and guidelines for the establishment of network connectivity to promote Tivoli® endpoint health.
2. Staff is assigned the responsibility for resolving problems associated with unhealthy endpoints and unsuccessful software distributions for all IRS office locations.
Management’s Response: The EUES organization has assigned staff responsibility for resolving problems associated with unhealthy endpoints and unsuccessful software distributions for all IRS office locations.
The Office of Management and Budget (OMB) Circular A-123, Management Accountability and Control, dated July 21, 1995, provides guidance to Federal managers on improving the accountability and effectiveness of Federal programs and operations by establishing, assessing, correcting, and reporting on management controls.
Treasury Directive 76-01, Treasury Acquisition/ Procurement Regulation, provides that Contracting Officer’s Technical Representatives (COTR) are responsible for providing technical direction, monitoring contract and contractor performance, maintaining an arm’s-length relationship with the contractor, and facilitating communications with the Contracting Officer.
However, a COTR has not been assigned to monitor the various Tivoli® contracts. OESM personnel indicated that the Contracting Officer located in Lanham, Maryland, would assume the duties of both the COTR and Contracting Officer. As a result of not assigning the duties of a COTR to a separate individual, the IRS has increased the risk of the Tivoli® contracts not being properly monitored, with consequences such as the following:
· Our review of an October 2002 modification to a Fiscal Year (FY) 2001 contract determined that the IRS purchased 61,250 licensed copies of the Tivoli® Software Distribution module and 61,250 licensed copies of the Tivoli® Inventory module. However, IRS project managers stated that they had implemented 106,054 copies of each of these software modules. Similarly, IRS project managers stated that they had implemented 106,054 copies of the Tivoli® Remote Control module but had purchased only 87,500 copies of the module (see Appendix V).
· The IRS implemented three Tivoli® modules (Tivoli® Enterprise Control, Tivoli® Decision Support, and Tivoli® Manager for Web Sphere Application Server) that were received from the vendor without contractual documentation supporting the purchase.
· The IRS obtained software licenses that were not used, which could result in wasted funds. For example, the IRS purchased 1,200 licenses for the Tivoli® Security module and 1,200 licenses for the Tivoli® User Administration module. However, while these modules were originally included for security purposes, they were not used in the final design.
· We identified a support services contractor for Tivoli® working at the IRS Campus in Austin, Texas, without a current Statement of Work. The IRS Contracting Officer indicated that a modification to the FY 2001 contract was being prepared to add this individual to the contract.
Approximately $45 million of the $57 million awarded for Tivoli® support services remains available for option in FYs 2004 through 2006. Without adequate contract monitoring, the IRS will continue to be exposed to potential legal remedies (e.g., fines and penalties) for software licenses and could be billed for services that it did not intend to receive.
The Chief Information Officer should ensure that:
3. A COTR is assigned to assist the Contracting Officer in monitoring the Tivoli® contracts.
Management’s Response: The EUES organization has assigned a COTR to assist the contracting officer in monitoring the Tivoli® contracts.
4. Contractual agreements for the number of software licenses purchased and installed are monitored for compliance. If the contractual agreement has changed, a contract modification should be prepared and approved.
Management’s Response: The EUES organization monitors the
contractual agreements for compliance with the number of software licenses that
have been purchased and installed. A
“true up” of deployed software is done
quarterly. If the contractual agreement
changes, the contract is modified. In
addition, IRS officials stated they will work with the Contracting Officer to
include documentation of IRS’ enrollment in the IBM Software Passport Program
in contract documentation.
The OMB Circular A-130, Management of Federal Information Resources, dated November 30, 2000, addresses the requirement for adequate computer security for information systems. The Internal Revenue Manual (IRM) states that the Information Systems Security Officer (ISSO) is responsible for ensuring the system is certified and accredited. The IRM also states that business resumption plans shall be developed, tested, implemented, and maintained for all essential systems. It states that performance measures should be followed for the planning, implementation, testing, review, and maintenance of business continuity plans for all critical business functions. However, an ISSO has not been assigned to ensure that the IRS’ security requirements were being complied with and that a business continuity capability for Tivoli® exists, thereby potentially increasing the IRS’ exposure to risks in the areas of security and business continuity (i.e., not being able to restore functions in a timely manner).
For example, the IRS granted the Tivoli® system an Interim Authority to Operate (IAO) in July 2002. The IAO included various security requirements, such as the use of a software module to promote security (i.e., Policy Director Operating System). However, the software module was not enabled, and the IRS’ networked devices are potentially exposed to increased security risks. IRS staff acknowledged that the Tivoli® system is only partially compliant with the security requirements.
The Tivoli® System Technical Contingency Planning Document states that the Tivoli® recovery strategy is limited to plans to acquire new hardware to replace systems lost in a disaster and that these plans are inherently untestable estimates of the resources and time required to achieve a recovery. Therefore, the business continuity capability has not been tested. By not having an effective business continuity capability, the IRS may not be able to recover timely from a disaster. OESM personnel indicated that an ISSO has not been assigned because of a hiring freeze and reorganization within the MITS Services organization.
By not having an ISSO to ensure adequate security and an effective business continuity capability, the IRS is potentially increasing its security risk and limiting its ability to timely recover its enterprise-wide network management capability from a disaster.
The Chief Information Officer should ensure that:
5. An ISSO is assigned for the Tivoli® component of the ESM project to ensure that adequate security and business continuity capability for Tivoli® is provided and tested.
Management’s Response: The EUES organization will appoint an ISSO by August 1, 2003.
Appendix I
Detailed Objective, Scope,
and Methodology
The overall
objective of this audit was to determine whether the Internal Revenue Service
(IRS) is effectively and efficiently managing and using Tivoli®, an enterprise system software
product. To accomplish the objective,
we:
|
I. |
Evaluated the effectiveness of selected system life cycle management controls over the Tivoli® project. A. Determined and identified the appropriate system life cycle methodology. B. Determined and documented the implementation status of the Tivoli® software product. |
|
II. |
Evaluated the effectiveness and efficiency of selected operational controls over the Tivoli® implementation for software distribution to personal computer (Tier III) systems. The IRS is in the process of refreshing and updating its 100,000 plus personal computer workstations with this software. A. Documented at a high level Tivoli’s® technical architecture (diagram) and the technical processes used to distribute software on computers located in remote locations. B. Determined the method used to establish and document whether intended software could be distributed to the intended workstations. C. Documented the administrative processes and controls used to distribute software. D. Validated the method identified in step II.B by judgmentally selecting 10 workstations located at the IRS Campus in Austin, Texas, and determined whether the software distribution being reported to Tivoli® as successful was actually installed on the workstations. Judgmental sampling was used because there was no intent of projecting across the population of approximately 5,000 endpoints at the campus. |
Appendix II
Major Contributors to This Report
Margaret E. Begg, Acting
Assistant Inspector General for Audit (Information Systems Programs)
Gary V. Hinkle, Director
Danny Verneuille, Acting Director
Theodore Grolimund, Audit Manager
Kevin Burke, Senior Auditor
Myron Gulley, Senior Auditor
Olivia Jasper,
Auditor
Appendix III
Commissioner N:C
Deputy Commissioner for Operations Support N:OS
Chief, Information Technology Services OS:CIO:I
Acting Chief,
Security Services OS:MA
Director, End User Equipment and
Services OS:CIO:I:EU
Acting
Director, Portfolio Management
OS:CIO:R:PM
Manager, Enterprise Systems Management OS:CIO:I:EU:ESM
Director,
Legislative Affairs CL:LA
Chief Counsel CC
National Taxpayer Advocate
TA
Director, Legislative Affairs CL:LA
Director, Office of
Program Evaluation and Risk Analysis
N:ADC:R:O
Office of Management Controls N:CFO:AR:M
Audit
Liaisons:
Chief, Information
Technology Services OS:CIO:I
Chief, Security
Services OS:MA
Director, End User Equipment and Services OS:CIO:I:EU
Manager, Program Oversight and Coordination OS:CIO:R:PM:PO
Appendix IV
This appendix presents detailed information on the measurable impact that our recommended corrective actions will have on tax administration. These benefits will be incorporated into our Semiannual Report to the Congress.
Type and Value of Outcome Measure:
· Inefficient Use of Resources – Potential; $2,217,945 to $3,449,550 (see page 3).
Methodology Used to Measure the Reported Benefit:
Assuming an 80 percent software distribution success rate:
On April 14, 2003, the Internal Revenue Service (IRS) reported on its web site that there were 180,567 successful software distributions, out of a total of 410,537 attempts, and an overall endpoint health of 60 percent. The IRS estimates that each software distribution, when performed manually, takes 20 minutes per computer at a labor rate of $45 per hour. This equates to $15 per software distribution. Using the IRS’ manual labor rates, the total number of software distributions, and an initial software distribution effectiveness rating of 80 percent, we derived an inefficiency measure totaling $2,217,945.
410,537 software distribution attempts * 80 percent = 328,430 Total inefficiency measure: (328,430 potential – 180,567 actual software distributions) * $15 per software distribution = $2,217,945.
Assuming a 100
percent software distribution success rate:
On April 14, 2003, the IRS reported on its web site that there were 229,970 unsuccessful software distributions, out of a total of 410,537 attempts, and an overall endpoint health of 60 percent. The IRS estimates that each software distribution, when performed manually, takes 20 minutes per computer at a labor rate of $45 per hour. This equates to $15 per software distribution. Using the IRS’ manual labor rates and the number of unsuccessful software distributions, we derived an inefficiency measure totaling $3,449,550.
229,970 unsuccessful software distributions * $15 per software distribution = $3,449,550.
Type and Value of Outcome Measure:
·
Inefficient Use of Resources – Potential;
$3,284,295 to $4,105,365 (see page 3).
Methodology Used to Measure the Reported Benefit:
Assuming an 80 percent software distribution success rate:
On April 14, 2003, the IRS reported on its web site an overall endpoint health rate of 60 percent and a summary total of software distributions to date of 410,537. Based on this relationship, the total estimated amount of software distributions that the IRS could have had with an 80 percent software distribution rate is 547,382. Forty percent of this amount (representing software distribution endpoints that Tivoli® could not reach) equates to 218,952 unrealized software distributions. The IRS estimates that each software distribution, when performed manually, takes 20 minutes per computer at a labor rate of $45 per hour. This equates to $15 per software distribution. Using the IRS’ manual labor rates, the number of unrealized software distributions, and an initial effectiveness rating of 80 percent, we derived an inefficiency measure totaling $3,284,295.
Total amount of software distributions: 410,537 software distributions / 60 percent = 684,228.
Total amount of software distributions with an 80 percent effectiveness rating: 684,228 * 80 percent = 547,382.
Unrealized software distributions: 547,382 software distributions * 40 percent of endpoints not reached = 218,953.
Potential software distribution inefficiency: 218,953 software distributions * $15 per software distribution = $3,284,295.
Assuming a 100 percent software distribution success rate:
On April 14, 2003, the IRS reported on its web site an overall endpoint health rate of 60 percent and a summary total of software distributions to date of 410,537. Based on this relationship, the total estimated amount of software distributions that the IRS could have had with 100 percent software distribution and 100 percent healthy endpoints is 684,228. Forty percent of this amount (representing software distribution endpoints that Tivoli® could not reach) equates to 273,691 unrealized software distributions. The IRS estimates that each software distribution, when performed manually, takes 20 minutes per computer at a labor rate of $45 per hour. This equates to $15 per software distribution. Using the IRS’ manual labor rates and the number of unrealized software distributions, we derived an inefficiency measure totaling $4,105,365.
Total amount of software
distributions: 410,537 software distributions / 60 percent = 684,228.
Unrealized software distributions: 684,228 * 40 percent = 273,691.
Potential software distribution efficiency savings: 273,691 software
distributions * $15 per software distribution = $4,105,365.
Appendix V
|
Product ID |
Tivoli® Module |
Number
Purchased |
Number
Deployed |
Number
Over-deployed |
|
5698-SWD |
Tivoli® Software Distribution |
61,250 |
106,054 |
44,804 |
|
5698-INV |
Tivoli® Inventory |
61,250 |
106,054 |
44,804 |
|
5698-RCL |
Tivoli® Remote Control |
87,500 |
106,054 |
18,554 |
|
5698-EMN |
Tivoli® Distributed Monitoring |
2,250 |
2,506 |
256 |
|
5698-EAS |
Tivoli® Enterprise Control |
0 |
17 |
17 |
|
5698-TDS |
Tivoli® Decision Support |
0 |
14 |
14 |
|
5698-WAS |
Tivoli® Manager for Web Sphere Application Server |
0 |
6 |
6 |
|
Total Number of Over-Deployed Software Modules |
|
108,455 |
||
Sources: Internal Revenue Service (IRS) Contract No.
0-1-TR-DO-CA-A01 and IRS correspondence.
Appendix VI
|
Tivoli® Module/ - SubModule |
Functional
Description of Module |
Deployment
Status |
|
NetView |
Provides a suite of network
management tools for displaying
network topologies, correlating and managing events, monitoring network
availability, and gathering performance information. |
Deployed |
|
Management Framework |
Provides the architectural foundation that other selected Tivoli® products use. |
Deployed |
|
- Application Performance Manager |
· Helps achieve higher availability and optimized performance of specific applications. |
Planned |
|
- Business System Manager - Distributed Edition |
· Enables customers to graphically monitor and control interconnected business components and operating system resources from one single console. |
Not Deployed |
|
- Data Protection for Oracle |
· Is an add-in component to the Tivoli® Storage Manager (TSM); it applies the centralized, on-line, and back-up capabilities, as well as the automated storage management function of the TSM to Oracle databases using the Oracle Recovery Manager. |
Planned |
|
- Decision Support |
· Consolidates and presents enterprise management data in an easy-to-use view, which reveals patterns and relationships among the data. |
Deployed |
- Disaster Recovery Manager |
· Provides a flexible backup method for systems to help protect data and provide restore capabilities. |
Not Deployed |
|
- Distributed Monitoring |
|
In Development |
|
Tivoli® Module/ - SubModule |
Functional Description
of Module |
Deployment
Status |
|
- Enterprise Console |
· Serves as a source of rules that elevate system or network problems to help desk personnel. |
In Development |
|
- Inventory
|
· Serves to automatically view and record hardware and software installed on networked systems. This information is then used to update the Information Technology Asset Management System on a weekly basis. |
Deployed |
|
- Manager for Databases |
· Works with the TSM to protect a wide range of application data via the protection of the underlying database management systems holding that data. |
Deployed |
|
- Manager for MQSeries |
· Provides an enterprise management solution for IBM’s MQSeries commercial messaging software. |
Deployed |
|
- Manager for Network Hardware |
· Helps the TSM and its other data protection modules to perform high-efficiency data backups and archives of applications while minimizing performance impact on database servers. |
Not Deployed |
|
- Manager for Oracle |
· Incorporates Oracle management into the Tivoli® Framework and provides management, monitoring, and automated task execution. |
Deployed |
|
- Manager for Web Sphere Application Server |
· Provides a single point of control to understand the health of the key elements of the Web Sphere Application Server environment. |
Deployed |
|
- Policy Director |
· Provides a security auditing subsystem and a device-allocation mechanism that provides the required object-reuse characteristics for removable or assignable devices. |
In Development |
|
- Remote Control |
· Allows an administrator to control the keyboard and mouse input and monitor the display output of a remote personal computer (PC). In addition, the administrator can use Remote Control to reboot a remote PC. |
Deployed |
|
Tivoli® Module/ - SubModule |
Functional
Description of Module |
Deployment
Status |
|
- Server Performance Prediction Guide |
· Gathers server performance statistics including percentage of Central Processing Unit usage and percentage of disk usage. |
Deployed |
|
- Software Distribution |
· Automates software distribution and installation from a central point. |
Deployed |
|
- Space Manager |
· Automatically moves inactive data to less-expensive offline storage, freeing online disk space for more important active data. |
Not Deployed |
|
- Storage Manager |
· Protects data from hardware failures and other errors by storing backup and archive copies of data on offline storage. |
Not Deployed |
|
- Tivoli® Management Environment 10 (TME10) - Global Enterprise Manager |
· Unifies network computing management processes across mainframe data centers and distributed environments. This is no longer an active Tivoli® product and has been replaced by Tivoli® Business Systems Manager. |
Not Deployed |
|
- TME10 - Security for Server |
· Provides centralized security management and the ability to define security policies and functions. Originally included for security purposes, this application was not used in the final design. |
Not Deployed |
|
- TME10 - User Administra- tion for Server |
· Provides system administrators with a single point of control and performs user, group, and host account management. Originally included for security purposes, this application was not used in the final design. |
Not Deployed |
|
Tivoli® Module/ - SubModule |
Functional
Description of Module |
Deployment
Status |
|
- Web Services Analyzer |
· Consolidates globally distributed Web server log files into a single data warehouse and creates reports on Web server activity and visitor statistics. |
Deployed |
|
- Web Services Manager |
· Ensures the availability and performance of the Web infrastructure. |
Deployed |
Sources: Interviews with Internal Revenue Service
management and Enterprise Systems Management project documentation.
Appendix
VII
Management’s Response to the Draft Report
The response was removed due to
its size. To see the complete response,
please go to the Adobe PDF version of the report on the TIGTA Public Web Page.