Identification and Review of the Department’s Major Information Technology Systems Inventory

Audit Report 07-37
June 2007
Office of the Inspector General


Appendix I
Objectives, Scope, and Methodology

Objectives

The conference report for the FY 2006 Science, State, Justice, Commerce, and Related Agencies Appropriations Act (P.L. 109-108) directs the OIG to: (1) produce an inventory of DOJ’s major IT systems and planned initiatives, and (2) report on the effectiveness of DOJ’s IT planning efforts. This audit report responds to the congressional request to compile an inventory of DOJ’s major IT systems.

The objective of this audit was to produce an inventory of DOJ’s major IT systems and planned initiatives, and provide the system name, system description, DOJ component owner, cost, and implementation status.

Scope and Methodology

The audit was performed in accordance with the Government Auditing Standards, and included tests and procedures necessary to accomplish the audit objectives. We conducted field work at JMD OCIO facilities and FBI headquarters in Washington, D.C., as well as the DEA headquarters in Arlington, VA. In addition, we conducted work at the FBI Criminal Justice Information Services Division in Clarksburg, West Virginia.

We interviewed officials from DOJ, the FBI, DEA, ATF, and BOP. At the component level we interviewed officials in their OCIOs and finance departments. We also interviewed the program managers for the FBI’s Law Enforcement Online, DEA’s Concorde, and JMD’s Justice Consolidated Network.

We reviewed documents related to DOJ and components’ IT oversight, ITIM and CPIC policies, financial systems, financial statements, budget processes, and IT system cost data. In addition, we reviewed relevant laws, congressional testimony, and prior OIG and GAO reports.

To identify major DOJ IT systems, we reviewed congressional, OMB, and DOJ documents listing DOJ IT systems as major or high-risk. We included those IT systems that Congress identified in the Science, State, Justice, Commerce, and Related Agencies Appropriations Act of 2006. Likewise, we included in the inventory the IT systems with Exhibits 300. We also included the DOJ IT systems on OMB’s High Risk Project list, all the IT systems reviewed by the DIRB, several IT systems shown on the OCIO Dashboard, and systems requiring Earned Value Management.

We used OMB Exhibits 53 and Exhibits 300 along with DOJ documents to provide descriptions of the IT systems.

To obtain the cost of the IT systems, we first asked component finance staffs to provide us IT system costs from their financial systems. The components explained that their financial systems do not report by individual IT system. We also requested CIO staffs to provide us with independent cost information, but they too do not have the ability to provide individual IT system cost data.

We therefore distributed a questionnaire to all 38 major IT system managers requesting total system costs from inception to September 30, 2005. We also requested in the questionnaire funding projections through FY 2012 for the IT systems. We then selected three systems to test the reliability and completeness of the costs provided to us.

DOJ officials provided us with the implementation status for each IT system. Using Federal Information Security Management Act information, the FBI provided us with implementation status of its IT systems.



« Previous Table of Contents Next »