TREASURY INSPECTOR GENERAL FOR TAX ADMINISTRATION

 

 

Contracting for Information Technology Goods and Services Generally Provided Intended Benefits; However, Maintenance Contracts Were Not Always Supported

 

 

 

September 2005

 

Reference Number:  2005-20-187

 

 

This report has cleared the Treasury Inspector General for Tax Administration disclosure review process and information determined to be restricted from public release has been redacted from this document.

 

 

Web Site           |  http://www.tigta.gov

 

 

September 30, 2005

 

 

MEMORANDUM FOR CHIEF INFORMATION OFFICER

 

FROM:                            Pamela J. Gardiner /s/ Pamela J. Gardiner

                                         Deputy Inspector General for Audit

 

SUBJECT:                    Final Audit Report – Contracting for Information Technology Goods and Services Generally Provided Intended Benefits; However, Maintenance Contracts Were Not Always Supported (Audit # 200520027)

 

This report presents the results of our review to determine whether the Internal Revenue Service (IRS) is receiving, benefiting from, and using information technology services contracted through the Modernization and Information Technology Services (MITS) organization.

Synopsis

In Fiscal Year (FY) 2004, the IRS issued 2,080 requisitions[1] totaling approximately $362 million for computer hardware, computer maintenance service contracts, and consulting services to support IRS systems.  Considering the costs and the types of procurements made, the IRS must be vigilant to prevent waste, fraud, and abuse.

We judgmentally sampled 143 FY 2004 requisitions representing 100 contracts valued at approximately $46 million.  Our sample included 74 requisitions for goods and services and 69 requisitions for computer maintenance service contracts.

Of the 74 requisitions for goods and services we reviewed, 73 (99 percent) generally provided the necessary benefits and services as intended.  The Contracting Officer’s Technical Representatives (COTR) and other employees we interviewed were knowledgeable about the technical aspects of the services being obtained and the benefits generated from the contracts.

However, actions are needed to improve receiving controls over one large contract and to reassess the cost effectiveness of the related service contract.  These two contracts stem from one requisition.  While these contracts are not indicative of the IRS’ overall acquisition process for information technology goods and services, due to the dollar amount of the contracts, we believe actions are needed to reduce the opportunities for waste and abuse.  The vendor’s receiving controls over laptop computers were inadequate and increased the opportunities for misuse and potential abuse of the IRS computers.  Also, the related service contract to store, prepare, and ship the computers to IRS offices was not cost effective.  This contract requires the IRS to pay $175,000 per month in FY 2005 (increasing to $185,000 per month in FY 2006) regardless of the number of computers received.  Since the contract was issued, IRS budget cuts have reduced the number of computers expected to be purchased.

In addition, the need for maintenance contracts was not always supported.  During FY 2004, the IRS managed 978 information technology maintenance contracts and related modifications costing approximately $121 million.  Due to the lack of documentation available, we could not evaluate whether the 69 maintenance requisitions we reviewed provided the intended benefits or were cost effective.

The IRS routinely renews maintenance contracts without comparing the costs of the contracts to the costs of paying for individual service calls or having IRS employees perform the maintenance.  Further, the past performance of vendors regarding the quality of work and response times was not assessed before the maintenance contracts were renewed.  Thus, information was not readily available to assess the need for the contracts and the past performance of vendors.  In some instances, the IRS may have been able to save funds by having IRS employees perform the maintenance or by paying for individual service calls rather than renewing the maintenance contracts.

Recommendations

To verify and control computers purchased through the IRS’ computer replacement contract, the Chief Information Officer (CIO) should require serial numbers to be added to invoices when the computers are first received at the vendor’s warehouse.  Additionally, the CIO should revise the service contract for the computer replacement project so costs are based on the actual number of computers serviced by the vendor and the actual amount of time spent to prepare and ship computers to IRS offices.

To ensure information technology maintenance contracts are cost effective, the CIO should require COTRs to compare the costs associated with annual maintenance contracts, individual maintenance service calls, and IRS employees performing the maintenance.  The history of maintenance use and vendors’ past performance regarding the quality of work and response times should also be evaluated.  Periodic follow-up should be conducted to ensure COTRs are complying with the IRS policy requiring contracts to be cost effective.

Response

The CIO agreed with all of the recommendations in this report.  The vendor will be required to maintain a spreadsheet containing the serial numbers of all IRS-owned equipment it receives, stores, or deploys from its commercial warehouse facility.  In addition, the CIO plans to negotiate a new service contract that will either reduce costs or provide better warranty support.

The CIO will develop guidelines that will stress the need for both management and the COTRs to work together to assess contractor performance and determine cost effectiveness of maintenance contracts.  After a maintenance contract award has been made, management will conduct periodic reviews to ensure compliance with the new guidelines and to validate that the contracts are cost effective.  Management’s complete response to the draft report is included as Appendix IV.

Copies of this report are also being sent to the IRS managers affected by the report recommendations.  Please contact me at (202) 622-6510 if you have questions or Margaret E. Begg, Assistant Inspector General for Audit (Information Systems Programs), at (202) 622-8510.

 

 

Table of Contents

 

Background

Results of Review

Information Technology Contracts Generally Provided Intended Benefits and Services

Recommendations 1 and 2:

The Need for Maintenance Contracts Was Not Always Supported

Recommendation 3:

Appendices

Appendix I – Detailed Objective, Scope, and Methodology

Appendix II – Major Contributors to This Report

Appendix III – Report Distribution List

Appendix IV – Management’s Response to the Draft Report

 

 

Background

 

In Fiscal Year (FY) 2004, the Internal Revenue Service (IRS) issued 2,080 requisitions[2] totaling approximately $362 million for computer hardware, computer maintenance service contracts, and consulting services to support IRS systems.  Considering the costs and the types of procurements made, the IRS must be vigilant to prevent waste, fraud, and abuse.  The Inspector General Act of 1978[3] requires Inspectors General to perform audits and investigations relating to fraud, waste, and abuse and to evaluate program effectiveness.

In the IRS, the Chief Information Officer (CIO) is the official responsible for ownership, management, and control of all information technology property.  The CIO has the responsibility for strategic information technology planning, data administration, information technology standards and privacy assurance, and telecommunications.  The CIO’s office is the IRS’ principal point of reference, authority, and responsibility for information technology modernization activities, information systems resources, and tax systems reengineering efforts.

The IRS uses the Office of Procurement, within the Agency-Wide Shared Services organization, to ensure all Federal Government procurement regulations and IRS policies and procedures are followed.  The Office of Procurement ensures the uniform interpretation and implementation of the Federal Government procurement regulations, statutes, and directives.  In addition, the Office of Procurement establishes uniform policies and procedures, conducts quality reviews of contractual instruments and procurement operations, and provides cost and price analysis on major acquisitions.

Recently, as a best practice, the Government Accountability Office has stressed the importance of a strategic acquisition process to obtain knowledge and improve spending practices.  The General Services Administration continues to emphasize that significant Federal Government expenditures require the need to constantly improve the Federal Government acquisition process.

This review was performed at the Modernization and Information Technology Services (MITS) offices in New Carrollton, Maryland; Austin and Dallas, Texas; Fresno, Oakland, and San Francisco, California; Martinsburg, West Virginia; and Memphis, Tennessee, during the period January through May 2005.  The audit was conducted in accordance with Government Auditing Standards.  Detailed information on our audit objective, scope, and methodology is presented in Appendix I.  Major contributors to the report are listed in Appendix II.

 

 

Results of Review

 

From the 2,080 information technology requisitions issued in FY 2004, we judgmentally sampled 143 requisitions representing 100 contracts valued at approximately $46 million.  Our sample included 74 requisitions for goods and services and 69 requisitions for computer maintenance service contracts.  Generally, the IRS received, benefited from, and used the goods and services procured.  However, actions are needed to improve receiving controls over one large contract and to reassess the cost effectiveness of the associated service contract.  In addition, maintenance contracts need to be more closely evaluated.

 

Information Technology Contracts Generally Provided Intended Benefits and Services

 

Of the 74 requisitions for goods and services we reviewed, 73 (99 percent) generally provided the necessary benefits and services as intended.  The Contracting Officer’s Technical Representatives (COTR) and other employees we interviewed were knowledgeable about the technical aspects of the services being obtained and the benefits generated from the contracts.

In addition, end users were able to demonstrate that the goods and services were received, used, and provided the necessary benefits.  A common attitude among the MITS staff responsible for the contracts in our sample was to emphasize the importance of minimizing costs and ensuring funds were spent wisely to maximize the value the IRS receives from these goods and services.

However, actions are needed to improve receiving controls over one large contract and to reassess the cost effectiveness of the related service contract.  These two contracts stem from one requisition.  While these contracts are not indicative of the IRS’ overall acquisition process for information technology goods and services, due to the dollar amount of the contracts, we believe actions are needed to reduce the opportunities for waste and abuse.  The vendor’s receiving controls over laptop computers were inadequate and increased the opportunities for misuse and abuse.  Also, the related service contract to store, prepare, and ship the computers to IRS offices was not cost effective.  This contract requires the IRS to pay $175,000 per month in FY 2005 (increasing to $185,000 per month in FY 2006) regardless of the number of computers received.  Since the contract was issued, IRS budget cuts have reduced the number of computers expected to be purchased.

 

Equipment received and accepted by the IRS was not controlled properly, and the service contract was not cost effective

 

We reviewed two contracts:  one that involved the purchase of laptop computers to replace the IRS’ field office workstations and one that provided the service to store, install software on, and deliver the computers to the IRS field offices.  The IRS did not properly control receipt of the computers, and the related service contract was not cost effective.

The purchase contract, for $919,000, involved a partial order for the replacement of IRS computers and monitors at local field offices.  The amount of the award for FY 2004 totaled over $26 million.  The computer manufacturer shipped the equipment to the vendor’s warehouse where it was stored until the IRS requested delivery.  The only verification for receipt and acceptance of the new inventory was a total count of items by model number per delivery order, which the IRS verified when the equipment was delivered to the vendor’s warehouse.  Serial numbers were not included on the invoices until the equipment was shipped to the IRS.

While we did not identify any improprieties by the vendor, delaying the recording of serial numbers on the invoice until the equipment was shipped to the IRS increased the opportunities for misuse and potential abuse of the IRS computers.  The vendor commingled IRS computers with similar computer equipment for other clients in the same warehouse.  As a result, the IRS could not be assured it was receiving new equipment or the specific equipment shipped by the computer manufacturer.

Additionally, the service contract related to the equipment was not cost effective.  The IRS contracted with the vendor to store, install software on, barcode, and ship computers to IRS offices throughout the country.  The contract for FY 2005 is for $175,000 per month and will increase to $185,000 in FY 2006.  In negotiating this contract, the IRS planned to replace one-third of its computer inventory per year for the next 3 years.  Assuming the IRS could carry out its plans with a stable flow of computers being delivered each month, the overall cost of the contract appears to be reasonable.  However, since the contract was issued, IRS budget cuts have reduced the number of computers being replaced.

Although the IRS is purchasing fewer computers than expected, the vendor is still being paid the same amount.  As a result, the per unit cost of contracting with this vendor increased due to the reduced number of computers purchased.  Even if the IRS purchased no computers during the time period covered by the contract, it would still be required to pay the monthly storage and installation costs to the vendor.  Revising this contract in FY 2006 to be based on the number of computers actually purchased could prevent the IRS from paying the contractor for services that are not provided.  The IRS indicated it was reviewing this situation to consider alternatives.

 

Recommendations

 

To reduce the opportunities for waste and abuse, the CIO should:

Recommendation 1:  Require that serial numbers be added to invoices for the computer replacement contract to verify and control inventory when computer equipment is first received by the IRS at the vendor’s warehouse.

Management’s Response:  The Associate CIO, End User Equipment and Services, will require the vendor to maintain a spreadsheet and provide the IRS with the serial numbers of all IRS equipment it receives, stores, or deploys from its commercial warehouse facility.  This information will be used to verify, track, and control the equipment inventory.

Recommendation 2:  Revise the service contract for the computer replacement project so costs are based on the actual number of computers serviced by the vendor and the actual amount of time spent to store, install software on, and ship computers to IRS offices.

Management’s Response:  The End User Equipment and Services organization is currently negotiating with the vendor to address costs.  In addition, the new contract should provide better warranty support, which may include onsite contractor support at the IRS depot.

 

The Need for Maintenance Contracts Was Not Always Supported

 

During FY 2004, the IRS managed 978 information technology maintenance contracts and related modifications costing approximately $121 million.  Maintenance contracts can provide a fast and efficient method for repairing computer hardware.  As such, vendors offer different levels of maintenance based on the level of service needed to maintain operations.  Response times range from 2 hours for onsite repair service, which may be needed for mission critical systems, to 2 days for less critical systems.

Our sample of 143 information technology requisitions included 69 maintenance requisitions representing 54 contracts.  Due to the lack of documentation available, we could not evaluate whether these 69 maintenance requisitions were prudent.  We were unable to locate detailed usage logs to support the need for maintenance contracts.  In addition, data were not maintained on the quality or timeliness of the vendors’ performances.  Without the necessary information, the IRS has no way to monitor and evaluate the costs and/or benefits of these contracts.

 

The IRS did not evaluate the need for information technology maintenance service contracts before renewal

 

In a previous review,[4] we determined the IRS was unnecessarily paying for maintenance on some computer assets.  We recommended the IRS issue an overall maintenance policy requiring managers to ensure maintenance contracts are cost effective.

Our review of the 69 maintenance requisitions (54 contracts) determined the IRS routinely renews maintenance contracts without comparing the costs of the contracts to the costs of paying for individual service calls or having IRS employees perform the maintenance.  In addition, the past performance of vendors regarding the quality of work and response times was not assessed before the maintenance contracts were renewed.  Without having sufficient documentation of past performance and an evaluation of maintenance contracts with other alternatives, we could not assess the need for the contracts.  In some instances, the IRS may have been able to save funds by having its employees perform the maintenance or by paying for individual service calls rather than renewing the maintenance contracts.

We identified 1 instance in which a system administrator in the MITS organization had been performing maintenance on a computer for several years, unaware that an ongoing maintenance agreement existed on the equipment at a cost of $6,317 annually.  The contract was not used because spare parts were available and repairs were performed by the system administrator when a particular server needed repair.

The system administrator was not aware of the existence of the maintenance agreement until we reviewed the contract and asked if the benefits were realized.  As a result, funds spent on the maintenance contract were wasted.  The IRS could have used these funds elsewhere or better used the maintenance contract to receive the benefits it provided if the COTR had evaluated past usage of the contract and communicated it to the end user.

 

Recommendation

 

Recommendation 3:  To ensure information technology maintenance contracts are cost effective, the CIO should require COTRs to compare the costs associated with annual maintenance contracts, individual maintenance service calls, and IRS employees performing the maintenance.  The history of maintenance use and past performance regarding the quality of work and response times should also be evaluated.  Periodic follow-up should be conducted to ensure COTRs are complying with the IRS policy requiring contracts to be cost effective.

Management’s Response:  COTRs and project management will work together to review past performance and the quality of the service provided.  After contract award, management will conduct periodic reviews to ensure the COTRs are complying with the guidelines for maintaining cost-effective contracts.  These guidelines will be issued by the Associate CIO, End User Equipment and Services.

 

Appendix I

 

Detailed Objective, Scope, and Methodology

 

The overall objective of this review was to determine whether the Internal Revenue Service (IRS) is receiving, benefiting from, and using information technology services contracted through the Modernization and Information Technology Services (MITS) organization.  To accomplish this objective, we:

I.                   Determined whether procurements for information technology goods and services were received in compliance with contracts.  We downloaded from the web-based Request Tracking System Fiscal Year 2004 requisitions and contracts submitted by the MITS organization for information technology goods and services.

A.    Reviewed the 2,080 requisitions for information technology goods and services and selected a judgmental sample of 143 requisitions (representing 100 contracts valued at approximately $46 million).  A judgmental sample was taken because we had no need to project our results to the total population of information technology contracts. 

B.    Compared receiving documents with payment documents for each requisition in our sample to determine whether the MITS organization received the goods and services paid for.  We interviewed appropriate IRS personnel to verify whether they had received the goods and services provided under the terms of the contract.  In addition, we determined whether the labor costs, labor categories, and indirect costs were reasonable, allocable to the contract, and not prohibited by the contract or Federal Government statute or regulation.

C.    If the goods and services were not received, evaluated the effectiveness of management controls to determine the cause.

II.                Determined whether procurements for information technology services within the MITS organization provided benefits and were actually used.  Using the same judgmental sample of requisitions, we:

A.    Interviewed the responsible business unit employees and determined whether the goods and services were used and the benefits were realized by the IRS. 

B.    Reviewed the contract/requisition to determine whether the terms and conditions of the deliverable met the needs of the organization and the results were realized.

C.    If the contract did not deliver the benefits and the goods and services were not used, evaluated the management controls to determine the cause.

 

Appendix II

 

Major Contributors to This Report

 

Margaret E. Begg, Assistant Inspector General for Audit (Information Systems Programs)

Stephen R. Mullins, Director

Thomas Polsfoot, Audit Manager

Dan Ardeleano, Senior Auditor

Alan Beber, Senior Auditor

Cari Fogle, Senior Auditor

George Franklin, Senior Auditor

Jimmie Johnson, Senior Auditor

 

Appendix III

 

Report Distribution List

 

Commissioner  C

Office of the Commissioner – Attn:  Chief of Staff  C

Deputy Commissioner for Operations Support  OS

Chief, Agency-Wide Shared Services  OS:A

Associate Chief Information Officer, Information Technology Services  OS:CIO:I

Director, Procurement  OS:A:P

Director, End User Equipment and Services  OS:CIO:I:EU

Director, Office of Procurement Policy  OS:A:P:P

Manager, Program Oversight Office  OS:CIO:SM:PO

Chief Counsel  CC

National Taxpayer Advocate  TA

Director, Office of Legislative Affairs  CL:LA

Director, Office of Program Evaluation and Risk Analysis  RAS:O

Office of Management Controls  OS:CFO:AR:M

Audit Liaisons:

            Chief Information Officer  OS:CIO

            Director, Procurement  OS:A:P

 

Appendix IV

 

Management’s Response to the Draft Report

 

The response was removed due to its size.  To see the response, please go to the Adobe PDF version of the report on the TIGTA Public Web Page.