TREASURY INSPECTOR GENERAL FOR TAX ADMINISTRATION

 

 

The Modernization and Information Technology Services Organization Is Effectively Planning for the Implementation of the Affordable Care Act

 

 

 

September 19, 2011

 

Reference Number:  2011-20-105

 

 

This report has cleared the Treasury Inspector General for Tax Administration disclosure review process and information determined to be restricted from public release has been redacted from this document.

 

Phone Number   |  202-622-6500

Email Address   |  TIGTACommunications@tigta.treas.gov

Web Site           |  http://www.tigta.gov

 

HIGHLIGHTS

 

THE MODERNIZATION AND INFORMATION TECHNOLOGY SERVICES ORGANIZATION IS EFFECTIVELY PLANNING FOR THE IMPLEMENTATION OF THE AFFORDABLE CARE ACT

 

Highlights

Final Report issued on September 19, 2011

Highlights of Reference Number:  2011-20-105 to the Internal Revenue Service Chief Technology Officer.

IMPACT ON TAXPAYERS

On March 23, 2010, the Patient Protection and Affordable Care Act was signed into law and later amended on March 30, 2010, by the Health Care and Education Reconciliation Act (hereafter referred to together as the Affordable Care Act).  The Internal Revenue Service’s Modernization and Information Technology Services organization is effectively planning the information technology work needed to implement the Affordable Care Act.  The information technology work needed to implement the Affordable Care Act provisions will assist in providing taxpayers with the subsidies and tax credits needed to cover the cost of their health care coverage as well as provide the capability to administer multiple tax provisions designed to raise revenue to offset the cost of health care reform.

WHY TIGTA DID THE AUDIT

This audit was initiated to evaluate the Modernization and Information Technology Services organization’s planning efforts to implement the Affordable Care Act.  

WHAT TIGTA FOUND

The Modernization and Information Technology Services organization planned an effective approach to address the information technology work needed to implement the Affordable Care Act provisions.  For example, it determined the Affordable Care Act’s impact on its organization, created a new organization called the Associate Chief Information Officer Affordable Care Act – Program Management Office, and obtained staffing and funding.  A Program Governance Board Charter was approved and a governance plan was prepared.  However, the governance plan did not include escalation procedures for unresolved issues or critical decisions. 

WHAT TIGTA RECOMMENDED

TIGTA recommended that the Chief Technology Officer ensure that the Modernization and Information Technology Services organization’s Affordable Care Act Program Management Office governance plan is updated to include escalation procedures to timely address unresolved issues and critical decisions.

In their response to the report, IRS management agreed with the recommendation.  The IRS plans to include the escalation procedures in the Affordable Care Act – Program Management Office governance plan.

 

September 19, 2011

 

 

MEMORANDUM FOR CHIEF TECHNOLOGY OFFICER

 

FROM:                            Michael R. Phillips /s/ Michael R. Phillips

                                         Deputy Inspector General for Audit

 

SUBJECT:                    Final Audit Report – The Modernization and Information Technology Services Organization Is Effectively Planning for the Implementation of the Affordable Care Act (Audit # 201120020)

 

This report presents the results of our review to evaluate the Modernization and Information Technology Services organization’s planning efforts to implement the Patient Protection and Affordable Care Act[1] and the Health Care and Education Reconciliation Act.[2]  This audit is included in our Fiscal Year 2011 Annual Audit Plan and addresses the major management challenge of Implementing Health Care and Other Tax Law Changes.

Management’s complete response to the draft report is included as Appendix IV.

Copies of this report are also being sent to the IRS managers affected by the report recommendation.  Please contact me at (202) 622-6510 if you have questions or Alan Duncan, Assistant Inspector General for Audit (Security and Information Technology Services), at (202) 622-5894.

 

 

Table of Contents

 

Background

Results of Review

The Modernization and Information Technology Services Organization Planned an Effective Approach to Address the Information Technology Work Needed to Implement the Affordable Care Act Provisions

Recommendation 1:

Appendices

Appendix I – Detailed Objective, Scope, and Methodology

Appendix II – Major Contributors to This Report

Appendix III – Report Distribution List

Appendix IV – Management’s Response to the Draft Report

 

 

Abbreviations

 

ACA

Affordable Care Act

HIRIF

Health Insurance Reform Implementation Fund

IRS

Internal Revenue Service

IT

Information Technology

MITS

Modernization and Information Technology Services

TIGTA

Treasury Inspector General for Tax Administration

 

 

Background

 

On March 23, 2010, the Patient Protection and Affordable Care Act[3] was signed into law and later amended on March 30, 2010, by the Health Care and Education Reconciliation Act[4] (hereafter referred to together as the ACA).  At least 42 provisions add to or amend the Internal Revenue Code, and at least 8 require the Internal Revenue Service (IRS) to build new processes that do not exist in current tax administration.  These provisions provide incentives and tax breaks to individuals and small businesses to offset health care expenses.  They also impose penalties, administered through the tax code, for individuals and businesses that do not obtain health coverage for themselves or their employees.  Other provisions raise revenue to help pay for the overall cost of health insurance reform. 

The IRS is responsible for administering the various tax provisions included in the ACA, the largest set of tax law changes in 20 years.

The Department of Health and Human Services has the lead role in all health insurance and health care policy provisions of the ACA.  Several other agencies are involved in the implementation of the legislation:  the Department of Defense, the Department of Veterans Affairs, the Social Security Administration, and the Department of the Treasury/IRS.  The IRS is responsible for administering the various tax provisions included in the new lawthe largest set of tax law changes in 20 years.  The ACA contains $438 billion worth of revenue provisions in the form of new taxes and fees.  It also contains credits that provide incentives for medical research and for businesses to offer employees health care insurance.  In addition, new reporting requirements have been established for certain business transactions.  The ACA is in effect from March 2010 through January 2018.

The Modernization and Information Technology Services’ (MITS) Applications Development organization builds, tests, delivers, and maintains integrated software solutions to achieve the vision and objectives of the IRS.  However, the IRS realized the vastness of the work required by the ACA and, in June 2010, created a new organization called the Associate Chief Information Officer Affordable Care Act Program Management Office (hereafter called the Program Management Office) to mitigate any impact to its ongoing development efforts and to ensure successful delivery of the required new systems.  The Program Management Office has responsibility for developing the system solutions to support and execute the IRS’s portion of the ACA.  The Program Management Office will be accountable for achieving the defined goals and for managing and integrating the required components, including building new services and applications, enhancing and extending existing applications, and ensuring that the appropriate governance and control processes are followed throughout implementation.  The information technology (IT) work needed to implement the ACA provisions will assist in providing taxpayers with the insurance premium subsidies and tax credits needed to cover the cost of their health care coverage as well as providing the capability to administer multiple tax provisions designed to raise revenue to offset the cost of health care reform.

This review is one in a series of audits included in the Treasury Inspector General for Tax Administration’s (TIGTA) oversight of the ACA implementation.  ACA audits currently in progress include:

This review was performed at the Program Management Office in Memphis, Tennessee, during the period October 2010 through July 2011.  We conducted this performance audit in accordance with generally accepted government auditing standards.  Those standards require that we plan and perform the audit to obtain sufficient, appropriate evidence to provide a reasonable basis for our findings and conclusions based on our audit objective.  We believe that the evidence obtained provides a reasonable basis for our findings and conclusions based on our audit objective.  Detailed information on our audit objective, scope, and methodology is presented in Appendix I.  Major contributors to the report are listed in Appendix II.

 

 

Results of Review

 

The Modernization and Information Technology Services Organization Planned an Effective Approach to Address the Information Technology Work Needed to Implement the Affordable Care Act Provisions

The Internal Revenue Manual establishes policy, procedures, and responsibility for organizing the mission, functions, and structure of the IRS.  The following definitions, principles, and procedures apply to all IRS organizational elements and activities.  In addition, IRS organizational structures shall be established according to existing organization and staffing guidelines.  Regardless of scope, all reorganizations begin with defining the need, planning changes to meet the need, and preparing the proposal to fully inform the approving official.  Requirements of a proposal include addressing the following items.

Although a proposal as described in the Internal Revenue Manual was not prepared, the MITS organization addressed the items listed above and received IRS Executive Resources Board[5] approval in August 2010 to fill four key executive positions within the Program Management Office.  The Program Management Office Charter states that the organization was created in order to ensure a dedicated focus on fulfilling ACA requirements.  The Program Management Office had several concurrent tasks to complete as part of planning and implementing the ACA.  These tasks included establishing the general framework for how the Program Management Office will operate; determining preliminary staffing and budget requirements; partnering with business owners, external stakeholders, and service delivery organizations; developing a timeline for anticipated project delivery; defining the governance board and its members; and identifying how projects will be delivered. 

The Program Management Office contracted with several vendors to provide consulting and advisory services to assist with the office’s overall design and implementation, as well as its resource planning.  For example, one vendor assisted with refining the resource model to identify skill and knowledge requirements and the Federal employee/contractor mix, and with assessing the effectiveness of risk mitigation plans developed for each project.  Another vendor was tasked with creating and maintaining an integrated, networked, and multilayered Integrated Master Schedule containing all of the detailed work and planning packages (and lower level tasks or activities) necessary to support the events, accomplishments, and criteria of the Program Management Office.

Both the Program Management Office and the ACA business executive stated that the ACA legislation should not have a significant impact on other MITS organization work because the MITS organization received separate funding from the Department of Health and Human Services to hire staff and contractors for the ACA work.  Although the methodology for evaluating the impact was not documented, the results were captured in several documents.  The impact analysis of the ACA provisions on the legacy IT systems was shared with applicable stakeholders.  We reviewed impact, staffing, and funding information.  The results of our review are below.

The MITS organization determined the ACA’s impact on its organization

MITS organization management stated that they took a multifaceted approach to assessing the impact of the ACA legislation.  First, to understand the legislation itself, they worked closely and very early on with the business teams (e.g., the IRS ACA business executive and representative from the Office of Chief Counsel) as they reviewed and analyzed the legislation from a business perspective.  Some ACA provisions were effective upon enactment [e.g., the credit for employee health insurance expenses of small businesses (Provision 1421) and the Qualifying Therapeutic Discovery Project Credit (Provision 9023) were effective March 23, 2010].  Other provisions become effective starting each year from 2010 to 2015, with the final provision for the excise tax on high-cost, employer-sponsored health coverage becoming effective on January 1, 2018.  While completing this legislative review, IRS management realized several challenges the ACA would present to the organization.  For example:

·         Implementation of the provisions requires delivery of a large number of interdependent projects in a short span of time. 

·         Collaboration will become critical as a significant number of stakeholders, both internal and external to the IRS, are affected by the legislation. 

·         Requirements to exchange information means the Program Management Office will need to develop methods for cross-agency systems integration and data sharing.

MITS organization management further explained that they used information about the legislative requirements and compared it with information about the existing architecture to determine the level of impact and timing of that impact on its legacy IT environment.  Management stated they provided the results of this analysis to business and internal IT stakeholders.  Substantial changes to the IT systems would be required to receive new types of data and accurately calculate the advanced premium assistance credit for individuals and the new penalty provisions affecting individuals and employers, as well as detecting fraudulent claims.  For example: 

·         The Subsidy Payment and Reconciliation project[6] will have a minor to significant impact across the different tax return and compliance processing functions in January 2014. 

Another challenge area identified by the Program Management Office included the need to staff projects with the required knowledge and skills.  With the assistance of a vendor, it began by defining the work needed to meet the IT responsibilities of the provisions.  It then reviewed similar projects (in terms of complexity and type) and the vendor used its knowledge of private sector projects as input to determine the number and types of employees needed and the skills they should possess.  Computer engineers, computer scientists, and IT specialists with skills in specific programming languages and development processes are examples of the types of employees that were identified as being needed.  Program Management Office management stated that the initial staffing model was refined as they learned more about the business needs.  We determined that the process used to identify the staffing needs was adequate.  To address future needs, the Program Management Office participated in a MITS-wide effort to identify resource requirements across essential projects, including the ACA, and potential areas of resource contention.  On April 20, 2011, MITS organization management stated that the results of this effort were still being developed, and by May 16, 2011, we had not received the results. 

The Program Management Office obtains staffing and funding

As part of its resource planning, the Program Management Office entered into staffing negotiations with the Department of the Treasury and the Office of Personnel Management.  In July 2010, the Office of Personnel Management approved the IRS’s use of direct hire authority to support the ACA implementation.  This authority provided for the hiring of up to 355 positions by December 31, 2010.[7]  The majority of these positions would support the Program Management Office; however, some positions would also be provided to the other MITS organization delivery partners.  The first wave of direct hires entered on duty in September 2010.

As of April 2011, 368 employees were assigned to ACA-related work within the MITS organization:  255 in the Program Management Office and 113 in the MITS organization delivery partner organizations.  The Program Management Office stated that the current staffing is adequate for the current workload.  The Program Management Office plans to hire additional people as more projects are initiated and will reevaluate its staffing needs as it works with the IRS operating divisions to refine the business requirements.

The ACA legislation established a $1 billion fund, called the Health Insurance Reform Implementation Fund (HIRIF), to pay for Federal administrative expenses to carry out the ACA.  The HIRIF is administered by the Department of Health and Human Services, which makes disbursements to requesting agencies based on supporting documentation submitted to justify expenditures.  The MITS organization prepared a budget for each of the years the ACA has been in effect.  As shown in Figure 1, funding for Fiscal Years 2010 – 2011 is from the HIRIF and the IRS Operations Support Fund.  In Fiscal Year 2012, the IRS plans to fund ACA work through the normal budget process.

Figure 1:  MITS ACA Budget and Funding

Fiscal Year

Budget

HIRIF Allocation

Actual HIRIF Funds Spent

Actual IRS Operations Support Funds Spent

Total Spent

2010

$15,000,000

$14,555,389

$13,396,098

$4,573,991

$17,970,089

2011

$144,763,709

$37,307,985*

$28,886,385*

$393,980*

$29,280,365*

2012

$188,800,000**

Not applicable

Not applicable

Not applicable

Not applicable

Source:  IRS Chief Financial Officer and the TIGTA’s Office of Mission Support, Finance and Accountability. 
* = As of April 30, 2011.  ** = Pending congressional approval.

To help ensure appropriate use of the HIRIF, the MITS organization issued a memorandum outlining how to apply time charges for personnel costs.  Further, the Chief Financial Officer organization established accounting and timekeeping codes to track the use of the funds and the time spent on ACA work, respectively.

The Program Management Office established its mission and functions

With its efforts to hire staff underway, the Program Management Office needed to establish a framework for how it would ensure success and mitigate risk.  The MITS ACA Charter states that its mission is to develop the IT systems to support and execute the IRS’s portion of the ACA.  This includes ensuring that the appropriate governance and control processes are followed throughout implementation.  Part of that process included identifying the organizational structure of the Program Management Office.  Figure 2 depicts the functional view of the Program Management Office.  Although the Chief Architect and Chief Engineer functionally support the Program Management Office, organizationally they reside in the Enterprise Services organization.

Figure 2:  Program Management Office Functions

Figure 2 was removed due to its size.  To see Figure 2, please go to the Adobe PDF version of the report on the TIGTA Public Web Page.

The Program Management Office established the following functions to implement the ACA. 

·         The Program Strategy and Integration function will maintain and provide innovative and professional-level strategic planning, analysis, assessment, and monitoring to assist in the development, implementation, and management of systems and applications.

·         The Management Services function is responsible for contract management and administrative services (e.g., human resources and financial) for the organization.

·         The Implementation and Testing function will collaborate with the business and IT partners to validate the design, development, integration, and implementation of applications. 

·         The Core Health Systems function will design, develop, implement, and support all applications necessary to collect, store, manage, and share ACA data. 

·         A dedicated ACA Architect and Engineer will ensure that the technical solutions adhere to the overarching business and technology architecture and engineering principles, standards, and practices.

·         The Legislative Implementation function works with the IRS operating divisions to ensure that work requests submitted to implement ACA provisions have sufficient information and to monitor the work requests to completion.

The Clinger-Cohen Act of 1996[8] requires agencies to use a disciplined capital planning and investment control process to maximize the value of IT investments and manage the acquisition risk.  The Enterprise Governance Authority and Operations Directive, dated November 25, 2008, establishes mandates for governance within the IRS and states that a governance process shall be integrated with the IRS capital planning and investment control process.  Governance boards make various decisions such as determining whether projects will proceed to the next development phase, be suspended, or be terminated and approving cost, schedule, and scope changes within their chartered authority.  The IRS Capital Planning and Investment Control Guide dated January 2010 states that IRS senior managers should regularly monitor and track the progress/performance of ongoing IT investments against projected cost, schedule, performance measures, and delivered quantitative and qualitative benefits throughout the development or acquisition lifecycle.

A Program Management Office Charter and a Program Governance Board Charter were approved January 2011 and March 2011, respectively.  The Program Management Office referred to the governance plans of prior major IT modernization efforts to help shape the governing roles and responsibilities.  The Program Management Office Charter presents the proposed startup governance model and the roles and responsibilities of each governance entity.  The Program Governance Board Charter outlines the objective of the Program Governance Board as follows:  “to ensure project and program objectives are met, risks are managed appropriately, and the expenditure of enterprise resources is fiscally sound.”  Figure 3 provides an illustration of the governance entities and defines the members involved.  Although Figure 3 indicates the information is proposed/preliminary, Program Management Office management confirmed that this was the final version of the governance entities, and it is the version from which they are operating.

Figure 3:  ACA Governance Entities

Figure 3 was removed due to its size.  To see Figure 3, please go to the Adobe PDF version of the report on the TIGTA Public Web Page.

According to the Program Management Office Charter, a governance plan establishes the governance framework, defines the decision rights across various entities, and describes an escalation path for unresolved issues or critical decisions.  The Program Management Office provided a finalized governance plan titled MITS Support for Implementing Healthcare Reform:  Program Governance, dated September 28, 2010.  Although the plan did not include the escalation path for unresolved issues or critical decisions, it did include a chart illustrating the decision rights of the various governance entities.  See Figure 4 for examples of some of the decision rights for the ACA governance entities. 

Figure 4:  Decision Rights for the ACA Governance Entities

Figure 4 was removed due to its size.  To see Figure 4, please go to the Adobe PDF version of the report on the TIGTA Public Web Page.

Based on our review of the Program Governance Board meeting minutes, we determined that the Program Governance Board is meeting as intended.  For example, topics of discussion include project changes, upcoming milestone exits, and outstanding work requests.  Examples of decisions include approvals to launch a database repository and the household income and family size verification project.  Examples of action items include working with the Enterprise Operations organization to resolve the ACA environment issue and working with the Applications Development organization to minimize the impact on filing season projects.  The final governance plan provided to us indicated a need to complete the establishment of the governance process.  It identified documentation of “rules for the road” for how governance will operate to foster efficiency and decision making (i.e., decisions on escalations must occur within a certain time period) as a next step in the process.  Based on the level of executive oversight and involvement overseeing the implementation of the ACA, the undocumented escalation procedures currently do not present a high risk to the Program Management Office.  However, documenting the escalation procedures will ensure that all involved in the governance process have access to the procedures.  This is especially important when there is turnover in governance board members.  Program Management Office management agreed that the escalation procedures were not documented, but should be, and stated that the omission was due to an oversight.

The Program Management Office also established guidelines to determine who would primarily be responsible for completing the various types of ACA work.  See Figure 5 for the description and examples of the four ACA project types. 

Figure 5:  Description and Examples of ACA Project Types

Project Type

Description of Project Type

Example

Type 1 – “Brand new business service”

The Program Management Office is responsible for completing Type 1 projects.  These projects are new builds that represent “uncharted territory.”  Dedicated teams with specialized skills will be deployed to deliver the solution.  This work may be outsourced to contractors.

Build a large data repository to consolidate healthcare data from numerous sources.

Type 2 – “New version of existing service”

The Program Management Office is responsible for completing Type 2 projects.  These projects are new builds that can leverage existing IT capabilities.  Dedicated teams will be deployed to drive development.  The Program Management Office will be responsible for new capability building, but will also leverage established processes.

Levy new fees on insurance companies.

 Type 3 – “Enhancements to existing services”

The Program Management Office is responsible for completing Type 3 projects.  These represent extensions of existing services that can leverage existing processes and capabilities.  The Program Management Office will oversee project execution and deploy a “light touch” team to drive project execution.  Team members will include those from the MITS organization delivery partners.

Add information on health plan costs to the Wage and Tax Statement
(Form W-2).

Type 4 – “Tax law changes or enhancements to existing systems” 

The MITS organization delivery partners are accountable and responsible for completing and delivering Type 4 projects.  The Program Management Office role will be oversight.

Change tax rate for high-income taxpayers.

Source:  IRS Program Management Office Charter (Information Technology), Version 1.0, dated January 3, 2011, and MITS ACA training, Session 3 revised January 2011.

The Program Management Office is identifying and scheduling required IT work

Although the process used to identify and schedule the IT work for the ACA was not documented, the results from the process were documented.  Program Management Office management explained that MITS organization senior executives met with representatives from the IRS operating divisions and the Office of Chief Counsel to assess the ACA legislation and identify the critical business needs and key dates.  Based on that information, the Program Management Office organization prepared a preliminary, high-level schedule listing 7 categories and 17 related projects.  Program Management Office management stated that 14 of these projects will require building new systems or building a new system and leveraging existing systems to implement the ACA provisions.  The remaining three projects may require new systems but this will not be confirmed until the business requirements are finalized.  Figure 6 shows the seven categories and the related projects.  

Figure 6:  ACA Categories and Projects

Figure 6 was removed due to its size.  To see Figure 6, please go to the Adobe PDF version of the report on the TIGTA Public Web Page.

Another challenge identified by the Program Management Office during the early deliberations included that system requirements would evolve and might be discovered during development.  To address and mitigate the impact of this challenge, the Program Management Office implemented processes to ensure that the projects meet business needs and are timely completed.  For example, some of the projects will use a development approach that involves business unit representatives in many of the development and decision-making phases. 

The Program Management Office Charter states that the Program Management Office will develop a communications strategy to ensure members and stakeholders are able to exchange the right information in a timely manner.  Although the communications strategy has yet to be formalized, we found that the Program Management Office maintains documentation showing that they are collaborating with their internal and external stakeholders.  For example, the Program Management Office staff conducts periodic joint meetings with internal stakeholders, such as the following IRS operating divisions:  the Large Business and International Division, Small Business/Self-Employed Division, and Tax Exempt and Government Entities Division.  The operating divisions attend joint meetings as needed based on their areas of responsibilities.  Topics of discussions include requests for approval to use a particular development process and approval to begin projects and action items such as working to minimize the impact on filing season projects.

The Program Management Office staff identified its external stakeholders; among them are the Department of Health and Human Services and the Social Security Administration.  Program Management Office staff has been meeting with Department of Health and Human Services staff to discuss the ACA provision to establish the Insurance Exchanges.  On January 12, 2011, the parties completed a Concept of Operations for Insurance Exchanges that will be used as a baseline for further planning and development of this project. 

Recommendation

Recommendation 1:  The Chief Technology Officer should ensure that the Program Management Office governance plan is updated to include the escalation procedures to timely address unresolved issues and critical decisions.

Management’s Response:  IRS management agreed with the recommendation.  The Chief Technology Officer will ensure that the ACA Program Management Office governance plan is updated to fully describe the escalation procedures to timely address any unresolved issues and critical decisions.

 

Appendix I

 

Detailed Objective, Scope, and Methodology

 

Our overall objective was to evaluate the MITS organization’s planning efforts to implement the Patient Protection and Affordable Care Act[9] and the Health Care and Education Reconciliation Act[10] (hereafter referred to together as the ACA).  To accomplish our objective, we:

I.                   Determined how MITS organization management evaluated and assessed the impact of the ACA legislation on MITS organization operations and support for other MITS organization priorities.

A.    Interviewed MITS organization management to determine the process used to assess the impact of the ACA legislation.

B.     Reviewed documentation of the assessment methodology and results, including any reports from contractor assistance.

II.                Evaluated the effectiveness of the MITS organization’s approach and/or plan to implement the IT changes needed to support the ACA provisions.

A.    Interviewed MITS organization management and reviewed documentation to determine how the MITS organization planned to timely implement ACA-related IT changes, including developing IT systems and processes and obtaining the staff and funds needed to support the implementation of the ACA provisions.

B.     Determined how the Program Management Office plans to coordinate with internal stakeholders, for example, IRS business units and other MITS organization areas, to ensure ACA IT changes and new system developments or processes will timely and effectively support implementation of the ACA provisions without negatively affecting existing IT systems and processes.

C.     Determined how and when the Program Management Office plans to coordinate with external stakeholders (the States and Federal agencies such as the Department of Health and Human Services, the Social Security Administration, the Department of Veterans Affairs, and the Department of Defense) to ensure the Program Management Office provides the IT capabilities needed by these external stakeholders to implement the ACA provisions.  We reviewed supporting documentation.

III.             Determined the effectiveness of the governance structure/process over MITS organization ACA activities.

A.    Interviewed Program Management Office personnel to determine the governance process overseeing ACA activities performed by the MITS organization.

B.     Reviewed documentation describing the finalized/approved governance structures and decision-making process (i.e., project identification, prioritization, approval, and monitoring) identified in Step III.A.

C.     Reviewed the meeting minutes/notes of the governance bodies (i.e., executive steering committees and investment review boards) overseeing the implementation of the ACA provisions.  

IV.       Determined whether the structure of the Program Management Office supports the goals and mission of the IRS and the ACA.

A.    Obtained the Program Management Office Reorganization Proposal and Charter to identify the mission of the Program Management Office and determine whether it supports the IRS’s mission to implement the ACA tax provisions.

B.     Interviewed various Program Management Office personnel to discuss the staffing needed to implement the ACA provisions.

Internal controls methodology

Internal controls relate to management’s plans, methods, and procedures used to meet their mission, goals, and objectives.  Internal controls include the processes and procedures for planning, organizing, directing, and controlling program operations.  They include the systems for measuring, reporting, and monitoring program performance.  We determined the following internal controls were relevant to our audit objective:  IRS policies and procedures for establishing an organization.  We evaluated these controls by interviewing management and by reviewing policies and procedures such as the Internal Revenue Manual, the IRS Capital Planning and Investment Control Guide, Federal guidance such as the Clinger-Cohen Act of 1996,[11] and relevant supporting documentation.

 

Appendix II

 

Major Contributors to This Report

 

Alan Duncan, Assistant Inspector General for Audit (Security and Information Technology Services)

Danny Verneuille, Director

Diana Tengesdal, Audit Manager

Tina Wong, Lead Auditor

Joan Bonomi, Senior Auditor

Sarah White, Program Analyst

 

Appendix III

 

Report Distribution List

 

Commissioner  C

Office of the Commissioner – Attn:  Chief of Staff  C

Deputy Commissioner for Operations Support  OS

Deputy Chief Information Officer, Operations  OS:CTO

Associate Chief Information Officer, Affordable Care Act – Program Management Office  OS:CTO:ACA

Chief Counsel  CC

National Taxpayer Advocate  TA

Director, Office of Legislative Affairs  CL:LA

Director, Office of Program Evaluation and Risk Analysis  RAS:O

Office of Internal Control  OS:CFO:CPIC:IC

Audit Liaison:  Director, Risk Management Division  OS:CTO:SP:RM

 

Appendix IV

 

Management’s Response to the Draft Report

 

DEPARTMENT OF THE TREASURY

INTERNAL REVENUE SERVICE

WASHINGTON, D.C.  20224

 

CHIEF TECHNOLOGY OFFICER

 

AUG 25, 2011

 

MEMORANDUM FOR DEPUTY INSPECTOR GENERAL FOR AUDIT

 

FROM:                             Terence V. Milholland /s/ Terence V. Milholland

     Chief Technology Officer

 

SUBJECT:                       Draft Audit Report - The Modernization and Information Technology Services Organization is Effectively Planning for the Implementation of the Affordable Care Act - Audit # 201120020 (e-trak #2011-24152)

 

Thank you for the opportunity to review and respond to the subject draft audit report.

 

I am pleased that the report accurately reflects and acknowledges our efforts to assess the impact of the Affordable Care Act (ACA) legislation on IRS IT operations and to plan an effective approach to deliver the IT capabilities needed to implement those provisions. The IT organization put a Program Management Office (ACA PMO) in place and identified the appropriate complement of skilled resources to begin staffing that organization. The ACA PMO, as noted, also effectively identified and scheduled the required IT activities.

 

The report accurately documents that a governance plan was developed that established roles and responsibilities of each governance entity and that we are following the plan. I acknowledge your finding that the plan did not fully describe the escalation path for unresolved issues or critical decisions. Accordingly, I agree with the recommendation noted in the report and will implement an appropriate corrective action.

 

We value your continued support and the assistance and guidance your team provides. We look forward to working with you on other ACA-related audits. If you have any questions, please contact me at (202) 622-6800 or Andrea Greene-Horace, Senior Manager of Program Oversight, at (202) 283-3427.

 

Attachment

Attachment

 

RECOMMENDATION #1: The Chief Technology Officer should ensure that the Program Management Office governance plan is updated to include the escalation procedures to timely address unresolved issues and critical decisions.

 

CORRECTIVE ACTION #1: We concur with this recommendation. The Chief Technology Officer will ensure that the ACA Program Management Office governance plan is updated to fully describe the escalation procedures to address timely, any unresolved issues and critical decisions.

 

IMPLEMENTATION DATE: March 1, 2012

 

RESPONSIBLE OFFICIAL: The Associate Chief Information Officer, Affordable Care Act Program Management Office (ACA PMO)

 

CORRECTIVE ACTION MONITORING PLAN: We enter accepted corrective actions into the Joint Audit Management Enterprise System (JAMES) and monitor them on a monthly basis until completion.



[1] Pub. L. No. 111-148, 124 Stat. 119 (2010).

[2] Pub. L. No. 111-152, 124 Stat. 1029.

[3] Pub. L. No. 111-148, 124 Stat. 119 (2010).

[4] Pub. L. No. 111-152, 124 Stat. 1029.

[5] Core members are the Deputy Commissioner for Services and Enforcement; Deputy Commissioner for Operations Support; Chief of Staff; Chief, Equal Employment Opportunity and Diversity; and IRS Human Capital Officer.

[6] See Figure 6 for the current list of ACA projects.

[7] The direct hire authority was subsequently extended until January 31, 2011.

[8] Federal Acquisition Reform Act of 1996 (Information Technology Management Reform Act of 1996), Pub. L. No. 104-106, 110 Stat. 642 (codified in scattered sections of 5 U.S.C., 5 U.S.C. app., 10 U.S.C., 15 U.S.C., 16 U.S.C., 18 U.S.C., 22 U.S.C., 28 U.S.C., 29 U.S.C., 31 U.S.C., 38 U.S.C., 40 U.S.C., 41 U.S.C., 42 U.S.C., 44 U.S.C., 49 U.S.C., 50 U.S.C.).

[9] Pub. L. No. 111-148, 124 Stat. 119 (2010).

[10] Pub. L. No. 111-152, 124 Stat. 1029.

[11] Federal Acquisition Reform Act of 1996 (Information Technology Management Reform Act of 1996), Pub. L. No. 104-106, 110 Stat. 642 (codified in scattered sections of 5 U.S.C., 5 U.S.C. app., 10 U.S.C., 15 U.S.C., 16 U.S.C., 18 U.S.C., 22 U.S.C., 28 U.S.C., 29 U.S.C., 31 U.S.C., 38 U.S.C., 40 U.S.C., 41 U.S.C., 42 U.S.C., 44 U.S.C., 49 U.S.C., 50 U.S.C.).