By David Bicknell
Sometimes you have to applaud how seriously the US government takes accountability in its departments over their approach to IT projects.
One of the latest by the Government Accountability Office (GAO) is on the IT management at the Food and Drug Administration (FDA).
In a title, ‘Why the GAO did this study’, it points out that the FDA, an agency within the Department of Health and Human Services (HHS), relies heavily on IT to carry out its mission of ensuring the safety and effectiveness of regulated consumer products. Specifically, it says, IT systems are critical to the FDA’s product review, adverse event reporting, and compliance activities.
Recognising the limitations in its IT capabilities, the FDA has undertaken several initiatives to modernise its systems, with the GAO now being asked to assess the FDA’s current portfolio of IT systems, including the number of systems in use and under development, and their purpose and costs; assess the status and effectiveness of the FDA’s efforts to modernise the mission-critical systems that support its regulatory programs; and examine the agency’s progress in effectively integrating and sharing data among key systems.
In its report, the GAO argues that while the FDA has taken several important steps toward modernising its IT environment, much remains to be done.
According to the GAO, the FDA reported spending about $400 million for IT investments in the last financial year (2011). But, it says, the agency currently lacks a comprehensive IT inventory that identifies and provides key information about the systems it uses and is developing.
It points that both Office of Management and Budget (OMB) and the GAO’s own guidance calls for federal agencies to maintain such an inventory in order to monitor and manage their IT investments. The inventory should include information on each system, such as costs, functionality or purpose, and status. However, the GAO says, the FDA does not have such a comprehensive list of its systems, although budget documents included information on 44 IT investments for fiscal year 2011.
Until the agency has a complete and comprehensive inventory, the GAO says, it will lack critical information needed to effectively assess its IT portfolio.
GAO goes on to point out that “much work remains on the FDA’s largest and costliest system modernisation effort, the Mission Accomplishments and Regulatory Compliance Services program.” The program is estimated to cost about $280 million and is intended to enhance existing applications and develop new systems that provide information for inspections, compliance activities, and laboratory operations.
However, the GAO argues, much of the planned functionality has not been delivered and its completion is uncertain. Moreover, the program lacks an integrated master schedule identifying all the work activities that need to be performed and their interdependencies.
The FDA’s CIO stated that the agency is now reevaluating the scope of the initiative. As a result, it is uncertain when or if FDA will meet its goals of replacing key legacy systems and providing modernised functionality to support its mission.
In addition, FDA has not yet fully implemented key IT management capabilities essential for successful modernisation, previously recommended by GAO. These include developing an actionable IT strategic plan, developing an enterprise architecture to guide its modernisation effort, and assessing its IT staffing needs.
One of the problems for the FDA has been changes in its management structure, which has meant that since 2008, the agency has had five different CIOs, hampering its ability to plan and effectively implement a long-range IT strategy.
The GAO recommended that the FDA should develop both a comprehensive inventory of its IT systems and an integrated master schedule for a major modernisation effort, and assess its information needs to identify opportunities for greater sharing.