TREASURY INSPECTOR GENERAL FOR TAX ADMINISTRATION

 

 

The Internal Revenue Service Is Improving Management Controls for Information Technology Strategic Planning and Capital Investments

 

 

 

July 9, 2010

 

Reference Number:  2010-20-064

 

 

This report has cleared the Treasury Inspector General for Tax Administration disclosure review process and information determined to be restricted from public release has been redacted from this document.

 

Phone Number   |  202-622-6500

Email Address   |  inquiries@tigta.treas.gov

Web Site           |  http://www.tigta.gov

 

HIGHLIGHTS

THE INTERNAL REVENUE SERVICE IS IMPROVING MANAGEMENT CONTROLS FOR INFORMATION TECHNOLOGY STRATEGIC PLANNING AND CAPITAL INVESTMENTS

Highlights

Final Report issued on July 9, 2010

Highlights of Reference Number:  2010-20-064 to the Internal Revenue Service Chief Technology Officer.

IMPACT ON TAXPAYERS

The Internal Revenue Service’s (IRS) Strategy and Capital Planning office focuses on IRS-wide information technology strategy and capital planning and investment controls.  This office is improving its management controls for managing information technology investments at the IRS.  Effective management of information technology products promotes efficient use of funds and helps to provide taxpayers the customer service they need from the IRS.

WHY TIGTA DID THE AUDIT

This audit was initiated as part of our Fiscal Year 2010 Annual Audit Plan and addresses the major management challenge of Modernization of the IRS.  Our overall objective was to determine the effectiveness of the controls for the IRS’ Capital Planning and Investment Control (CPIC) process to manage and control information technology investments. 

WHAT TIGTA FOUND

The IRS recently merged its investment management activities into the Strategy and Capital Planning office.  The Director, Strategy and Capital Planning, is completing the office charter, updating the CPIC Process Guide, developing desk guides for business cases and data calls, and identifying the steps for implementing a systematic investment selection, monitoring, and review process.

The IRS also provides appropriate information about its information technology investment status for the Office of Management and Budget’s Information Technology Dashboard.

The Information Technology Investment Management Framework identifies and establishes critical information technology investment processes.  It also assesses an organization’s information technology investment management capability and maturity based on five stages and offers recommendations for improvement.  TIGTA reviewed the Strategy and Capital Planning office’s self-assessment and concurred that the IRS was at Maturity Stage 2, which is building an investment foundation.  The IRS is currently moving toward Maturity Stage 3, which is developing a complete investment portfolio.

The Clinger-Cohen Act requires each executive agency to design and implement a process for maximizing the value and assessing and managing the risk of the information technology acquisitions.  Although the Strategy and Capital Planning office has implemented a CPIC process that generally meets the requirements of the Clinger-Cohen Act, its process does not address the requirement for identifying investments that would result in shared benefits or costs for other Federal agencies or State or local governments.

WHAT TIGTA RECOMMENDED

To ensure compliance with the Clinger-Cohen Act, TIGTA recommended that the Chief Technology Officer 1) identify applications in the information technology inventory that share benefits and costs with other Federal agencies or State or local governments, and 2) establish a CPIC process for maximizing the value and assessing and managing the risk of these information technology acquisitions.

In its response to the report, the IRS agreed with our recommendations.  The IRS plans to develop an information technology inventory of applications that share benefits and costs with other Federal agencies or State or local governments, and to amend the CPIC process and guide documents to include the information relative to investments providing shared benefits. 

 

 

July 9, 2010

 

 

MEMORANDUM FOR CHIEF TECHNOLOGY OFFICER

 

FROM:                            Michael R. Phillips /s/ Michael R. Phillips

                                         Deputy Inspector General for Audit

 

SUBJECT:                    Final Audit Report – The Internal Revenue Service Is Improving Management Controls for Information Technology Strategic Planning and Capital Investments (Audit # 200920033)

 

This report presents the results of our review of the management controls for information technology strategic planning and capital investments.  The overall objective of this review was to determine the effectiveness of the controls for the Modernization and Information Technology Services organization’s Capital Planning and Investment Control process to manage and control the Internal Revenue Service (IRS) information technology investments.  This review is part of our Fiscal Year 2010 Annual Audit Plan and addresses the major management challenge of Modernization of the IRS.

Management’s complete response to the draft report is included as Appendix V.

Copies of this report are also being sent to the IRS managers affected by the report recommendations.  Please contact me at (202) 622-6510 if you have questions or Alan Duncan, Assistant Inspector General for Audit (Security and Information Technology Services), at (202) 622-5894.

 

 

Table of Contents

 

Background

Results of Review

The Strategy and Capital Planning Office Is Improving Processes for Information Technology Investment Selection and Management

To Comply With All Aspects of the Clinger-Cohen Act, the Strategy and Capital Planning Office Should Implement Additional Processes

Recommendations 1 and 2:

The Strategy and Capital Planning Office Is Effectively Using the Information Technology Investment Management Framework

Appropriate Information About Information Technology Investment Status Is Provided to the Office of Management and Budget

Appendices

Appendix I – Detailed Objective, Scope, and Methodology

Appendix II – Major Contributors to This Report

Appendix III – Report Distribution List

Appendix IV – Glossary of Terms

Appendix V – Management’s Response to the Draft Report

 

 

Abbreviations

 

CPIC

Capital Planning and Investment Control

IRS

Internal Revenue Service

IT

Information Technology

ITIM

Information Technology Investment Management

MITS

Modernization and Information Technology Services

 

 Background

 

The CPIC process integrates IRS best practices and processes to establish an enterprise-wide information technology investment management approach.

The Clinger-Cohen Act of 1996[1] makes the Office of Management and Budget responsible for improving the acquisition, use, and disposal of information technology (IT) to improve Federal programs.  Capital Planning and Investment Control (CPIC) is a key requirement of the Clinger-Cohen Act and represents a fundamentally sound strategic and financial management practice for IT investments. 

The Internal Revenue Service (IRS) uses the CPIC process to identify, prioritize, and manage IT investments that support the fulfillment of its vision and mission.  The CPIC process is built on business practices that promote the realization of mission and strategic objectives while ensuring compliance with Federal laws.  The process works in concert with the Department of the Treasury CPIC process by providing Department executives with the necessary information for Treasury-wide IT portfolio decision making.

The IRS established its CPIC office in Calendar Year 2002 under the Assistant Chief Information Officer, Management.  In July 2009, the Modernization and Information Technology Services (MITS) organization reorganized the CPIC office into the Strategy and Capital Planning office under the Associate Chief Information Officer, Strategy and Planning.  This new office incorporated the existing CPIC office and the Portfolio Planning, Estimation, and Delivery Services organization.  Additionally, the restructuring of this office included placing the Modernization Vision and Strategy[2] office under the Strategy and Capital Planning office. 

The mission of the Strategy and Capital Planning office is to provide investment management services to help ensure value-added IT products and services, ensure fidelity to investment principles, and fulfill legislative and oversight requirements.  The Strategy and Capital Planning office focuses on IRS-wide IT strategy and capital planning and investment controls.  The CPIC process is the framework for selecting, managing, and evaluating IRS IT investments in compliance with applicable laws and guidance.  This process also helps to ensure alignment with Department of the Treasury and IRS strategy and conformance with best practices for IT investment management.

The following Strategy and Capital Planning office goals are designed to support the mission of the IRS:

  • Ensure strategic alignment and governance.
  • Facilitate process innovation.
  • Deploy enabling technology and tools.
  • Provide guidance in implementing key processes.
  • Mobilize human resources.

This review was performed at the MITS organization facilities in New Carrollton, Maryland, during the period December 2009 through April 2010.  We conducted this performance audit in accordance with generally accepted government auditing standards.  Those standards require that we plan and perform the audit to obtain sufficient, appropriate evidence to provide a reasonable basis for our findings and conclusions based on our audit objectives.  We believe the evidence obtained provides a reasonable basis for our findings and conclusions based on our audit objectives.  Detailed information on our audit objectives, scope, and methodology is presented in Appendix I.  Major contributors to the report are listed in Appendix II.

 

 

Results of Review

 

The Strategy and Capital Planning Office Is Improving Processes for Information Technology Investment Selection and Management

The Chief Technology Officer expressed a strong desire to reduce redundancy and find efficiencies within the MITS organization.  As part of a strategy to make the MITS organization more efficient, the CPIC and Portfolio Planning, Estimation, and Delivery Services offices were merged to resolve the functional overlap and reduce burden to the stakeholders.  This merger formed the Strategy and Capital Planning office.  To achieve the efficiencies from the organizational restructuring, plans are in process to centralize within the Strategy and Capital Planning office responsibilities for:

  • Solution Concept Development.
  • Investment Planning.
  • Investment Management.
  • Estimation Programming.
  • Transition Management.

To gain further efficiencies, the Director of the Strategy and Capital Planning office established a Process Improvement Team.  The Director, working with this team, has identified action items that include:

·        Completing the Strategy and Capital Planning office charter and communication plan.

·        Assigning Strategy and Capital Planning office work areas.

·        Updating the IRS CPIC Process Guide.

·        Creating desk guides to develop business cases, data calls, Office of Management and Budget Capital Asset Plan and Business Case Exhibit 300, and Agency Information Technology Investment Portfolio Exhibit 53.

·        Creating desk guides to close out investments, convert major investments to nonmajor investments, and merge investments.

·        Identifying the steps to implement a systematic investment selection, monitoring, and review process that include four continual, seamless phases:  1) pre-select, 2) select, 3) control, and 4) evaluate.

A Pre-Select phase has been developed to establish alignment between strategic priorities of the IRS and the IT investments approach.

To improve investment decisions and achieve efficiencies in the investment selection process, the Strategy and Capital Planning office developed the Pre-Select phase.  The Case for Action document initiates the business investment proposal through the Pre-Select phase.  Previously, executive consideration and approval of IT investments was based on very detailed solution concept descriptions and cost estimations.  To alleviate some of the effort relating to IT investment planning and decision making and to ensure strategic alignment of the investments, the Strategy and Capital Planning office added the Pre-Select phase that was based upon the use of a business case.

The Pre-Select phase provides a means to assess the need for a proposed investment.  It is during this phase that the business need is identified and alignment to IRS strategic planning and priorities are established.  Those investments that best support the strategic planning and priorities are chosen to proceed.  The Pre-Select phase provides business owners an opportunity to develop the concept of the investment while defining the business needs, performance measures, benefits, risk, and costs which will be included in the investment’s business case and, if approved, in the IRS’ investment portfolio.  The IRS’ CPIC Process Guide was updated to include the Pre-Select phase.

Our followup review on findings from the Treasury Inspector General for Tax Administration report entitled Business Cases for Information Technology Projects Remain Inaccurate[3] found that adequate corrective actions and revised and updated criteria have helped ensure accurate:

  • Recording of IRS project costs.
  • Earned Value Management calculations.
  • Reporting of the IRS application inventory.

To Comply With All Aspects of the Clinger-Cohen Act, the Strategy and Capital Planning Office Should Implement Additional Processes

The CPIC process in the IRS generally complies with Clinger-Cohen Act requirements.  The Clinger-Cohen Act requirements include use of a CPIC process by senior managers to systematically maximize the benefits of IT investments.  At the highest level, IRS senior managers participate in the MITS Enterprise Governance Committee to ensure strategic modernization and IT program investments, goals, and activities are aligned with and support: 1) the business needs across the enterprise and 2) the modernized vision of the IRS.  We also identified Strategy and Capital Planning office involvement in governance meetings at the next lowest level—Executive Steering Committees—to provide direction and oversight on various IT topics such as customer service applications and infrastructure requirements.

Our review found the IRS reports, business cases, and systems used to convey the status of the IT investment portfolio are generally effective and meet the requirements of the Clinger-Cohen Act.  Overall, the Treasury Exhibit 300 guide, used to prepare the projects’ Capital Asset Plan and Business Case – Exhibit 300, adequately addresses the requirements of the Clinger-Cohen Act.  Further, our review of four major projects’ Capital Asset Plan and Business Case – Exhibit 300 (Account Management Services, Customer Account Data Engine, Integrated Data Retrieval System, and Modernized e-File) found the business cases adequately addressed the requirements of the Clinger-Cohen Act.

The Strategy and Capital Planning office has updated the CPIC process to comply with the Clinger-Cohen Act

The Clinger-Cohen Act’s critical CPIC elements require each executive agency to design and implement a process for maximizing the value and assessing and managing the risk of the IT acquisitions.  The CPIC process needs to:

  • Provide for the selection of information technology investments to be made by the executive agency, the management of such investments, and the evaluation of the results of such investments.
  • Be integrated with the processes for making budget, financial, and program management decisions within the executive agency.
  • Include minimum criteria to be applied in considering whether to undertake a particular investment in information systems, criteria related to the quantitatively expressed projected net risk adjusted return on investment, and specific quantitative and qualitative criteria for comparing and prioritizing alternative information systems investment projects.
  • Provide for identifying information systems investments that would result in shared benefits or costs for other Federal agencies or State or local governments.
  • Require identification of quantifiable measurements for determining the net benefits and risks of a proposed investment.
  • Provide the means for senior management to obtain timely information regarding the progress of an investment, including a system of milestones for measuring progress, on an independently verifiable basis, in terms of cost, capability of the system to meet specified requirements, timeliness, and quality.

The Strategy and Capital Planning office has implemented a CPIC process to identify, prioritize, and manage IT investments that support the IRS’ fulfillment of its vision and mission.  A CPIC Process Guide was developed in August 2005.  This guide is based on the IT aspects of Federal laws and statutes and focuses specifically on the Clinger-Cohen Act requirements, which mandate a structured CPIC process to systemically maximize the benefits of IT investments.  

This guide was updated in February 2010.  The updated guide includes direction for the Pre-Select phase of the investment selection process and also updates the Select, Control, and Evaluate phases.  Some of the key improvements reflected in this updated guide include use of the IRS Business Case in Pre-Select and Select phases, monthly reporting requirements described in the Control phase, and an Evaluate phase that emphasizes performance outcome.  Further, the Strategy and Capital Planning office staff is developing guidance to help ensure effective performance of the CPIC process.  This guidance is referred to as “Process Views” which will provide updated and detailed roles and responsibilities for the Strategy and Capital Planning office staff to execute the CPIC process.

The requirement to identify information systems investments resulting in shared benefits or costs with other agencies or governments is not included in the CPIC guidance

Overall, the Strategy and Capital Planning office has implemented a CPIC process that meets five of the requirements of the Clinger-Cohen Act to design and implement a CPIC process for maximizing the value and assessing and managing the risk of the IT acquisitions.  However, the Strategy and Capital Planning office’s CPIC process does not address the Clinger-Cohen Act requirement for identifying IT investments that would result in shared benefits or costs for other Federal agencies or State or local governments.

The IRS operates various systems that receive or provide information to other Federal agencies and State and local governments.  For example, the IRS shares information with the Social Security Administration and provides tax return filing information with State tax agencies through the Modernized e-File system’s single point of filing capability.  Additionally, new legislation has emerged requiring additional IT investments.  Examples include the Health Coverage Tax Credit and the Department of Education’s Federal Student Aid/Datashare applications.  Having CPIC process direction would help to efficiently and effectively manage activities to anticipate and develop necessary IT investments resulting in shared benefits or costs with other Federal agencies or State or local governments.

Without addressing the requirement in the CPIC process to identify IT investments resulting in a shared benefit or cost with other government organizations, the IRS is not meeting the intent of the Clinger-Cohen Act.  Addressing a process to identify these shared benefits and costs helps the organization to maximize the value and assess and manage the risk of its IT acquisitions.

Further, the Capital Asset Plan and Business Case – Exhibit 300 guide for IT investments requires an explanation about how it will support the President’s Management Agenda initiatives on Expanded E-Government.  The initiative provides that IT investments, whenever applicable, address support for each of the three elements of electronic government:  increased access and reduced burden through use of the Internet and e-Business technology; selection and evaluation of IT investments based on citizen needs; and collaboration with Federal, State, local, and tribal governments.  Collaboration includes joint development or implementation of technology or applications, acquisition of systems that complement and are interoperable with existing systems in the Federal Government, and data-sharing across governmental boundaries.

While the IRS utilizes the Capital Asset Plan and Business Case – Exhibit 300 guide, there is no procedure in place to ensure all IT investment benefits and costs shared with other Federal agencies or State or local governments are captured as part of the CPIC process.  Additionally, the CPIC process does not include guidance about the need for IT investment decisions that require input from the other agencies.  Further, the available inventory records of IRS major and nonmajor IT applications do not readily identify shared benefits or costs with other Federal agencies or State or local governments.

Recommendations

To ensure full compliance with the Clinger-Cohen Act, the Chief Technology Officer should require the MITS organization to:

Recommendation 1:  Identify applications in the IT inventory that share benefits and costs with other Federal agencies or State or local governments.

Management’s Response:  The IRS agreed with our recommendation and will work with other appropriate offices to develop an IT inventory of MITS applications that share benefits and costs with other Federal agencies or State or local governments.

Recommendation 2:  Establish a CPIC process that identifies IT investments that share a benefit or cost with other Federal agencies or State or local governments.  This process should include the costs to provide the benefit, the costs to be reimbursed by other agencies or State or local governments, the role and responsibilities these agencies have in making decisions regarding the investment, how these agencies will be notified and impacted by changes to the investment, and whether the agencies have a point of contact to notify the IRS when the benefit being provided is no longer required.

Management’s Response:  The IRS agreed with our recommendation and will amend the CPIC process and guidance documents to include the collection of all appropriate information relative to investments providing shared benefits.

The Strategy and Capital Planning Office Is Effectively Using the Information Technology Investment Management Framework

The Information Technology Investment Management Framework (ITIM) identifies critical IT investment processes, establishes the presence or absence of these critical processes in an organization, assesses an organization’s IT investment management capability and maturity, and offers recommendations for improvement.  Used in this way, the ITIM can be a valuable tool that supports organizational self-assessment and improvement and provides a standard against which an evaluation of an organization can be conducted.

The ITIM identifies and organizes 13 processes into a framework of increasingly mature stages that are critical for successful investment.  Such a framework can be used either to analyze an organization’s investment management process or to determine the maturity of its investment process.  The framework provides three key capabilities:

1)      A rigorous, standardized tool for internal and external evaluations of the IT investment management process.

2)      A consistent and comprehensible mechanism for reporting the results of these assessments to agency executives, Congress, and other interested parties.

3)      A road map for improving investment management processes.

The ITIM is comprised of five stages of maturity.  Each stage builds upon the lower stages and enhances the organization’s ability to manage its IT investments.  Figure 1 shows the five ITIM stages and gives a brief description of each stage.

Figure 1:  The Five Stages of Maturity Within the ITIM Framework

Figure 1 was removed due to its size.  To see Figure 1, please go to the Adobe PDF version of the report on the TIGTA Public Web Page.

The IRS has adopted the ITIM.  To determine its investment management capabilities, the Strategy and Capital Planning office performed assessments of its critical processes to meet ITIM Maturity Stage 2, one in December 2007 and another in November 2008.  The Strategy and Capital Planning office used the results of the December 2007 assessment to help improve its portfolio management maturity rating.  The MITS organization addressed critical process recommendations to meet Maturity Stage 2 requirements for instituting the investment board, meeting business needs, selecting an investment, and providing investment oversight.  Our review of the subsequent November 2008 Strategy and Capital Planning office self-assessment determined that the evidence gathered was sufficient to support an ITIM Maturity Stage 2 rating.

The MITS organization is currently moving the IRS toward ITIM Maturity Stage 3.  Information provided by the Strategy and Capital Planning office shows it has executed 15 of 27 ITIM Maturity Stage 3 key practices.  The IRS anticipates performing an ITIM Maturity Stage 3 self-assessment later in Calendar Year 2010.

Appropriate Information About Information Technology Investment Status Is Provided to the Office of Management and Budget

To accomplish the goal of transparency and accountability set by the President and the Office of Management and Budget, Federal agencies are required to report on the progress of their existing IT investments at least monthly.  These updates apply to all investments in the agency’s portfolio and include changes to cost and schedule, updates to contract information, performance metrics, and Chief Information Officer (or, in the IRS, Chief Technology Officer) Evaluation.  In addition to the monthly updates, agencies also submit a full refresh of the investment data once a year (Capital Asset Plan and Business Case Exhibit 300) after the publication of the President’s Budget.  This update of all investment data includes the addition of any new investments and comprehensive updates to existing investments.  The repository for this information is referred to as the Office of Management and Budget IT Dashboard.  Figure 2 presents an example of the IRS’ data input to the Office of Management and Budget IT Dashboard.

Figure 2:  IT Dashboard - Milestone Earned Value Management Metrics

Figure 2 was removed due to its size.  To see Figure 2, please go to the Adobe PDF version of the report on the TIGTA Public Web Page.

Through the IT Dashboard, Federal agencies and the public have unprecedented visibility into Federal IT investments.

To comply with the IT Dashboard reporting requirements, the IRS follows the Department of the Treasury Exhibit 300 Guidebook.  The Guidebook provides instruction to timely and accurately report required information to the Department of the Treasury for input to the IT Dashboard.  The Guidebook also requires data sources and validation of the information.

We reviewed the reporting of required information to the IT Dashboard for four major IRS projectsAccount Management Services, Customer Account Data Engine, Integrated Data Retrieval System, and Modernized e-File.  We found that the project staffs adequately compiled the necessary information for effective reporting of project status for monthly input to the IT Dashboard. 

 

Appendix I

 

Detailed Objective, Scope, and Methodology

 

The overall objective of this review was to determine the effectiveness of the MITS organization’s CPIC process to manage the IRS IT investments.

We assessed the adequacy of program documentation and data provided by the IRS, the Strategy and Capital Planning office, and selected Capital Asset Plan and Business Cases Exhibit 300.  We supported this work by interviewing Strategy and Capital Planning organization personnel.  Specifically, we:

I.                    Determined whether the restructured IRS Strategy and Capital Planning office has adequate plans to be able to effectively manage and control the IRS IT portfolio.

II.                 Determined whether the IRS and the Strategy and Capital Planning office have effectively implemented procedures to manage the IRS IT portfolio in conjunction with the Clinger-Cohen Act.

III.               Determined whether the MITS organization is effectively using the Government Accountability Office’s ITIM to help ensure proper control over the IRS IT portfolio.

IV.              Determined whether the IRS is meeting the Office of Management and Budget IT Dashboard reporting requirements.

Internal controls methodology

Internal controls relate to management’s plans, methods, and procedures used to meet its mission, goals, and objectives.  Internal controls include the processes and procedures for planning, organizing, directing, and controlling program operations.  These controls include the systems for measuring, reporting, and monitoring program performance. 

We determined the Strategy and Capital Planning office adapted appropriate guidance to provide the internal controls relevant to our audit objective.  Specifically, the major guidance used in this office to manage the IRS IT investments includes the:

  • Clinger-Cohen Act of 1996.[4]
  • Internal Revenue Manual.
  • IRS CPIC Process Guide.
  • Government Accountability Office Information Technology Investment Management, A Framework for Assessing and Improving Process Maturity (GAO-04-394G Version 1.1, dated November 2004).

 

Appendix II

 

Major Contributors to This Report

 

Alan R. Duncan, Assistant Inspector General for Audit (Security and Information Technology Services)

Scott A. Macfarlane, Director

Edward A. Neuwirth, Audit Manager

Michael A. Garcia, Senior Auditor

Glen J. Rhoades, Senior Auditor

Louis V. Zullo, Senior Auditor

Frank J. O’Connor, Program Analyst

 

Appendix III

 

Report Distribution List

 

Commissioner  C

Office of the Commissioner – Attn:  Chief of Staff  C

Deputy Commissioner for Operations Support  OS

Chief, Agency-Wide Shared Services  OS:A

Chief Information Officer  OS:CTO:CIO

Associate Chief Information Officer, Applications Development  OS:CTO:AD

Associate Chief Information Officer, Enterprise Services  OS:CTO:ES

Associate Chief Information Officer, Strategy and Planning  OS:CTO:SP

Deputy Associate Chief Information Officer, Applications Development  OS:CTO:AD

Director, Procurement  OS:A:P

Director, Risk Management  OS:CTO:SP:RM

Director, Strategy and Capital Planning  OS:CTO:SP:CP

Chief Counsel  CC

National Taxpayer Advocate  TA

Director, Office of Legislative Affairs  CL:LA

Director, Office of Program Evaluation and Risk Analysis  RAS:O

Office of Internal Control  OS:CFO:CPIC:IC

Audit Liaisons:

Associate Chief Information Officer, Applications Development  OS:CTO:AD

Associate Chief Information Officer, Enterprise Services  OS:CTO:ES

Director, Procurement  OS:A:P

Director, Program Oversight  OS:CTO:SM:PO

 

Appendix IV

 

Glossary of Terms

 

Term

Definition

Account Management Services

A project that will modernize the capability to collect, view, retrieve, and manage taxpayer information.

Agency Information Technology Investment Portfolio (Exhibit 53)

A document covering information technology investments for the agency as a whole that is to be submitted to the Office of Management and Budget if the agency 1) is subject to executive branch review and is requesting information technology funding via a Capital Asset Plan and Business Case (Exhibit 300) or 2) has budget authority of $500,000 or more for financial management systems.

Best Practice

A technique or methodology that, through experience and research, has proven to reliably lead to a desired result.

Capital Asset Plan and Business Case (Exhibit 300)

Required by Office of Management and Budget Circular A-11 (Preparation, Execution, and Submission of the Budget; dated June 2005) and commonly called Exhibit 300, Capital Asset Plan and Business Case.  Each agency must submit a Business Case twice a year for each major information technology investment.

Customer Account Data Engine

The foundation for managing taxpayer accounts in the IRS modernization plan.  It will consist of databases and related applications that will replace the existing IRS Master File processing systems and will include applications for daily posting, settlement, maintenance, refund processing, and issue detection for taxpayer tax account and return data.

Earned Value Management

A project management technique for measuring actual cost and work accomplished against the budgeted cost and planned work scheduled.  Variances are analyzed for decision making.

Executive Steering Committee

Oversees investments, including validating major investment business requirements and ensuring that enabling technologies are defined, developed, and implemented.

IT Modernization Vision and Strategy

A 5-year plan that drives investment decisions, addresses the priorities around modernizing front-line tax administration and supporting technical capabilities, and leverages existing systems (where possible) and new development (where necessary) to optimize capacity, manage program costs, and deliver business value on a more incremental and frequent basis.

Infrastructure

The fundamental structure of a system or organization.  The basic, fundamental architecture of any system (electronic, mechanical, social, political, etc.) determines how it functions and how flexible it is to meet future requirements.

Integrated Data Retrieval System

The IRS computer system capable of retrieving or updating stored information; it works in conjunction with a taxpayer’s account records.

Master File

The IRS database that stores various types of taxpayer account information.  This database includes individual, business, and employee plans and exempt organizations data.

Milestone

The “go/no-go” decision point in a project; it is sometimes associated with funding approval to proceed.

MITS Enterprise Governance Committee

Highest level recommending and decision-making body to oversee and enhance enterprise management of information systems and technology.  It ensures strategic modernization and IT program investments, goals, and activities are aligned with and support 1) the business needs across the enterprise and 2) the modernized vision of the IRS.

Modernized e-File

The modernized, web-based platform for filing approximately 330 IRS forms electronically, beginning with the U.S. Corporation Income Tax Return (Form 1120), U.S. Income Tax Return for an S Corporation (Form 1120S), and Return of Organization Exempt From Income Tax (Form 990).

 

Appendix V

 

Management’s Response to the Draft Report

 

DEPARTMENT OF' THE TREASURY

INTERNAL REVENUE SERVICE

WASHINGTON, DC 20224

 

 

CHIEF TECHNOLOGY OFFICER

 

JUN 14 2010

 

MEMORANDUM FOR DEPUTY INSPECTOR ~GENERAL FOR AU0J.T

 

FROM:                            Terence V. Milholland /s/ Terence V. Milholland

    Chief Technology Officer

 

SUBJECT:                        Draft Audit Report - The Internal Revenue Service Is Improving Management Controls for Information Technology Strategic Planning and Capital Investments (Audit #200920033) (i-trak #1(2010-10442)

 

Thank you for the opportunity to review the audit report and meet with the audit team to discuss earlier draft report observations. I appreciate your efforts to incorporate the IRS’s Information Technology Investment Management (ITIM) self-assessments in your review of our processes and your acknowledgement of the improvements we have recently made in our capital planning environment with the addition of a Pre-Select phase.

 

I was pleased to read your comments and observations acknowledging the corrective actions the IRS has taken in response to prior audit findings. In particular your report recognized the IRS' concentration on complying with the Clinger-Cohen Act.

 

I agree with your observations and recommendations that enhanced identification and tracking of unique information about these investments would be an improvement. The attachment to this memo details our planned actions to implement your suggestions.

 

We are committed to continuously improving our information technology systems and processes. We value your continued support and the assistance and guidance your team provides. If you have any questions, please contact me at (202) 622-6800 or Frank DeMarino at (202) 283-5761.

 

Attachment

 

RECOMMENDATION #1:  Identify applications in the IT inventory that share benefits and costs with other Federal agencies or State or local governments.

 

CORRECTIVE ACTION #1:  The Strategy and Capital Planning Office will work with other appropriate offices to develop an IT inventory of MITS applications that share benefits and costs with other Federal agencies or State or local governments.

 

IMPLEMENTATON DATE:  December l, 2010

 

RESPONSIBLE OFFICIAL:  ACIO, .Strategy and Planning

 

CORRECTIVE ACTION MONITORING PLAN:  We enter accepted Corrective Actions into the Joint Audit Management Enterprise System (JAMES) and monitor them on a monthly basis until completion.

 

RECOMMENDATION #2:  Establish a CPIC process that identifies IT investments that share a benefit or cost with other Federal agencies or State or local governments. This process should include the costs to provide the benefit, the costs to be reimbursed by other agencies or State or local governments, the role and responsibilities these agencies have in making decisions regarding the investment, how these agencies will be notified and impacted by changes to the investment, and whether the agencies have a point of contact to notify the IRS when the benefit being provided is no longer required.

 

CORRECTIVE ACTION #2:  The Strategy and Capital Planning office will amend-the CPIC process and guide documents to include the col1ection of all appropriate information relative to investments providing shared benefits.

 

IMPLEMENTATION DATE:  April 1, 2011

 

RESPONSIBLE OFFICIAL:   ACIO; Strategy and Planning

 

CORRECTIVE ACTION MONITORING PLAN:   We enter accepted Corrective Actions into the Joint Audit Management Enterprise System (JAMES) and monitor them on a monthly basis until completion.



[1] Pub. L. No. 104-106, February 10, 1996 [formerly called the Information Technology Management Reform Act

(ITMRA)].

[2] See the Glossary of Terms in Appendix IV for definitions of terms used throughout this report.

[3] Reference Number 2007-20-024, dated January 25, 2007.

[4] Pub. L. No. 104-106, February 10, 1996 [formerly called Information Technology Management Reform Act

(ITMRA)].