[House Hearing, 106 Congress] [From the U.S. Government Publishing Office] COMPLIANCE WITH THE FEDERAL FINANCIAL MANAGEMENT IMPROVEMENT ACT OF 1996: AGENCIES CONTINUE TO STRUGGLE ======================================================================= HEARING before the SUBCOMMITTEE ON GOVERNMENT MANAGEMENT, INFORMATION, AND TECHNOLOGY of the COMMITTEE ON GOVERNMENT REFORM HOUSE OF REPRESENTATIVES ONE HUNDRED SIXTH CONGRESS SECOND SESSION __________ JUNE 6, 2000 __________ Serial No. 106-215 __________ Printed for the use of the Committee on Government Reform Available via the World Wide Web: http://www.gpo.gov/congress/house http://www.house.gov/reform ______ U.S. GOVERNMENT PRINTING OFFICE 71-731 DTP WASHINGTON : 2001 _______________________________________________________________________ For sale by the Superintendent of Documents, U.S. Government Printing Office Internet: bookstore.gpo.gov Phone: (202) 512-1800 Fax: (202) 512-2250 Mail: Stop SSOP, Washington, DC 20402-0001 COMMITTEE ON GOVERNMENT REFORM DAN BURTON, Indiana, Chairman BENJAMIN A. GILMAN, New York HENRY A. WAXMAN, California CONSTANCE A. MORELLA, Maryland TOM LANTOS, California CHRISTOPHER SHAYS, Connecticut ROBERT E. WISE, Jr., West Virginia ILEANA ROS-LEHTINEN, Florida MAJOR R. OWENS, New York JOHN M. McHUGH, New York EDOLPHUS TOWNS, New York STEPHEN HORN, California PAUL E. KANJORSKI, Pennsylvania JOHN L. MICA, Florida PATSY T. MINK, Hawaii THOMAS M. DAVIS, Virginia CAROLYN B. MALONEY, New York DAVID M. McINTOSH, Indiana ELEANOR HOLMES NORTON, Washington, MARK E. SOUDER, Indiana DC JOE SCARBOROUGH, Florida CHAKA FATTAH, Pennsylvania STEVEN C. LaTOURETTE, Ohio ELIJAH E. CUMMINGS, Maryland MARSHALL ``MARK'' SANFORD, South DENNIS J. KUCINICH, Ohio Carolina ROD R. BLAGOJEVICH, Illinois BOB BARR, Georgia DANNY K. DAVIS, Illinois DAN MILLER, Florida JOHN F. TIERNEY, Massachusetts ASA HUTCHINSON, Arkansas JIM TURNER, Texas LEE TERRY, Nebraska THOMAS H. ALLEN, Maine JUDY BIGGERT, Illinois HAROLD E. FORD, Jr., Tennessee GREG WALDEN, Oregon JANICE D. SCHAKOWSKY, Illinois DOUG OSE, California ------ PAUL RYAN, Wisconsin BERNARD SANDERS, Vermont HELEN CHENOWETH-HAGE, Idaho (Independent) DAVID VITTER, Louisiana Kevin Binger, Staff Director Daniel R. Moll, Deputy Staff Director David A. Kass, Deputy Counsel and Parliamentarian Lisa Smith Arafune, Chief Clerk Phil Schiliro, Minority Staff Director ------ Subcommittee on Government Management, Information, and Technology STEPHEN HORN, California, Chairman JUDY BIGGERT, Illinois JIM TURNER, Texas THOMAS M. DAVIS, Virginia PAUL E. KANJORSKI, Pennsylvania GREG WALDEN, Oregon MAJOR R. OWENS, New York DOUG OSE, California PATSY T. MINK, Hawaii PAUL RYAN, Wisconsin CAROLYN B. MALONEY, New York Ex Officio DAN BURTON, Indiana HENRY A. WAXMAN, California J. Russell George, Staff Director and Chief Counsel Bonnie Heald, Director of Communications Bryan Sisk, Clerk Trey Henderson, Minority Counsel C O N T E N T S ---------- Page Hearing held on June 6, 2000..................................... 1 Statement of: Alderman, Karen C., Executive Director, Joint Financial Management Improvement Program............................. 39 Gotbaum, Joshua, Executive Associate Director and Controller, Office of Management and Budget............................ 3 Holz, Arnold G., Chief Financial Officer, National Aeronautics and Space Administration, accompanied by Kenneth J. Winter, Deputy Chief Financial Officer.......... 57 Skelly, Thomas P., Director, Budget Service and Acting Chief Financial Officer, Department of Education................. 49 Steinhoff, Jeffrey C., Assistant Comptroller General, Accounting and Information Management Programs, U.S. General Accounting Office, accompanied by Gloria L. Jarmon, Director of Health, Education and Human Services, Accounting and Financial Management Issues................. 11 Letters, statements, etc., submitted for the record by: Alderman, Karen C., Executive Director, Joint Financial Management Improvement Program, prepared statement of...... 42 Gotbaum, Joshua, Executive Associate Director and Controller, Office of Management and Budget: Followup questions and responses......................... 91 Information concerning FFMIA remediation plan status..... 69 Prepared statement of.................................... 6 Holz, Arnold G., Chief Financial Officer, National Aeronautics and Space Administration, accompanied by Kenneth J. Winter, Deputy Chief Financial Officer, prepared statement of............................................... 59 Ose, Hon. Doug, a Representative in Congress from the State of California, followup questions and responses............ 83 Skelly, Thomas P., Director, Budget Service and Acting Chief Financial Officer, Department of Education, prepared statement of............................................... 51 Steinhoff, Jeffrey C., Assistant Comptroller General, Accounting and Information Management Programs, U.S. General Accounting Office, prepared statement of........... 14 COMPLIANCE WITH THE FEDERAL FINANCIAL MANAGEMENT IMPROVEMENT ACT OF 1996: AGENCIES CONTINUE TO STRUGGLE ---------- TUESDAY, JUNE 6, 2000 House of Representatives, Subcommittee on Government Management, Information, and Technology, Committee on Government Reform, Washington, DC. The subcommittee met, pursuant to notice, at 10 a.m., in room 2247, Rayburn House Office Building, Hon. Stephen Horn (chairman of the subcommittee) presiding. Present: Representatives Horn and Ose. Staff present: J. Russell George, staff director and chief counsel; Louise DiBenedetto, professional staff member; Bonnie Heald, director of communications; Bryan Sisk, clerk; Elizabeth Seong and Michael Soon, interns; Trey Henderson, minority counsel; and Jean Gosa, minority clerk. Mr. Horn. A quorum about to be present, the Subcommittee on Government Management, Information, and Technology will come to order. In 1990, Congress passed the Chief Financial Officers Act. This act established the foundation for a financial management structure in which Federal departments and agencies would be held accountable for providing reliable financial information to Congress and the American taxpayers. The act emphasized the need to improve financial management systems and controls to deter fraud, waste, and the misuse of government resources. Congress continued to buildupon this foundation with additional financial management legislation, including the Federal Financial Management Improvement Act of 1996. It has been nearly 4 years since this legislation became law. Today, we will discuss the progress Federal agencies have made in complying with the law. We will also discuss the significant challenges that are preventing many agencies from having management systems that provide reliable financial information on a day-to-day basis. As of today, we know that 20 of the 24 agencies and departments included in the Chief Financial Officers Act do not have financial management systems that comply with the Federal Financial Management Improvement Act. That number might rise to 21 agencies when the Department of State finally issues its 1999 financial audit report, which was due on March 31. That missed deadline is a separate problem, which we will also discuss today. Given the State Department's failure to issue a timely audit report and its failure to comply with the Financial Management Improvement Act in 1997 and 1998, it would be surprising to find that much had changed in 1999. During the subcommittee's hearing on the 1999 government- wide audits on March 31, the Comptroller General of the United States, Mr. David Walker, reported that ``agency financial systems overall are in poor condition and cannot provide reliable financial information for managing day-to-day government operations and holding managers accountable.'' From the Comptroller General of the United States, Mr. Joshua Gotbaum, who is with us today from--he will be with us-- from the Office of Management and Budget, reported that the same financial management system challenges that confronted Federal departments and agencies 10 years ago still exist today. The Federal Financial Management Improvement Act of 1996 required that noncompliant agencies prepare remediation plans to bring their financial management systems into substantial compliance with the act within 3 years. Yet last October, the General Accounting Office reported that agencies had not submitted timely remediation plans and that most of the plans submitted did not comprehensively address financial management issues. That is simply unacceptable to Congress. We recognize that Federal departments and agencies face enormous challenges in correcting long-standing financial management systems problems. We also recognize that these challenges could take significant time and resources. However, we want to ensure that the intent of this act is taken seriously and that necessary changes are being made. I welcome all of you who are our panel today. It is one panel so we can have the discussion among ourselves in all directions. As you know--most of you have been here before--when we call on you in the order in which you are on the agenda, your full statement is put in the record, and we don't want you to read it to us. We have read it. What we want you to do is look us in the eye and summarize it for us in about 5, 6, 7 minutes. We are going to--as you know, we give the oath to all of you and the assistants who might advise you during the hearing. So if you will stand and raise your right hand and get your assistants also, the clerk will take their names to see that they have affirmed the oath. [Witnesses sworn.] Mr. Horn. We will note the seven witnesses and one helping behind the scenes. So please be seated. We will now start with Mr. Gotbaum--always good to see you, Josh. You are right on time--the Executive Associate Director with his limousine slowing down there at OMB, Executive Associate Director and Controller, Office of Management and Budget. That must take letterhead going this way to do all that. OK. You are going to give us a good summary and will tell us why the State Department takes so long to get things done. Mr. Gotbaum. And others. Mr. Horn. And others, that is right. STATEMENT OF JOSHUA GOTBAUM, EXECUTIVE ASSOCIATE DIRECTOR AND CONTROLLER, OFFICE OF MANAGEMENT AND BUDGET Mr. Gotbaum. Mr. Chairman, thank you. Since I have submitted a statement for the record, I would like to make four points about the state of Federal financial systems and why I am grateful that this committee has undertaken this hearing. First, this matters intensely. Financial systems are at the heart of the reason why we are trying to reform financial management in the first place. Second, this is extremely difficult for the government to do. Third, we are working on it very seriously. I will talk about how and where we have made progress and how and where we have not. Fourth, we need and appreciate both the patience and the pressure from Congress. I think it is important, Mr. Chairman, to put FFMIA and financial systems in the context of Federal management reforms generally. For 10 years Congress has, on a bipartisan basis with the administration, across administrations, been working to improve the way the Federal Government manages itself. This effort started with the CFO Act in 1990; and continued with the Government Performance and Results Act, which I consider to be one of the major government reform actions of the decade; GRMA in 1994 requiring financial statements; Clinger-Cohen, an essential improvement in the way we think about IT systems; and, finally, FFMIA. They have laid down a series of mandates. In response, we have, I want to be very clear, and I think it is important to say, we have come a very long way. It is also important to recognize we have even further to go. But to tick off briefly where we have come: we now have CFOs, we now have their staffs. We now have financial statements from agencies that we did not have before. We now have financial standards that we didn't have before. Ten years ago, the government couldn't have turned out an audit according to GAAP because there was no GAAP for it to have. We now have governmentwide financials, a long way from clean, but we have them. Agencies financials are improving. This is most important and this is why this hearing is so important to us: financial management systems such as they were 10 years ago did not keep standard accounts, they couldn't communicate with each other, and they couldn't provide accurate, timely and reliable information. We now have done part of the job. We have GAAP-recognized standards, thanks to a lot of the folks to my left and the AICPA. We have established requirements for systems. We have revitalized JFMIP. I am very pleased Karen Alderman is here to testify, because JFMIP has been around a long time, Mr. Chairman, but what has happened in the last 2 or 3 years since Karen has taken over has been enormously helpful and important. So OMB has set up a system of testing of commercial systems and laid down a requirement that says that unless a system passes muster, agencies cannot buy it. So we have come a long way. We have an even longer way to go. If I may, Mr. Chairman, I want to talk about what I think the real challenge is. We had systems. The Federal Government had dozens of systems, actually hundreds of financial systems. They were systems designed with old technology, they were designed for old purposes, and they were not designed to talk to each other and not designed to work with each other. They were designed for keeping track of cash or keeping track of budget requirements. They had no notions of accrual accounting in them. So the challenge here is that we need to upgrade, modify or scrap literally hundreds of systems while continuing to do the job of the government; and this is a very difficult, very long- term challenge. FFMIAs requirements by themselves are really quite simple. They say you have to meet financial management systems requirements, you have got to meet accounting standards, now that we have them, and you have to use the Standard General Ledger. This is something which the agency had determined working with the auditor. Most agencies do not yet meet these tests. They don't meet the tests for reasons that I have discussed in the testimony, but I think two more are worth mentioning. One is the stove-piping nature of government. These were systems not designed to talk with each other; and the business of getting them to work with each other, is, frankly, difficult. Second, because we have been following the congressional mandate to improve management of Federal systems, we have been raising the bar, over the course of the past decade. We have been setting new, higher standards, and that is what we should do. But we ought to also recognize that has consequences. I also think it is important to state for the record, Mr. Chairman, that although we are a long way from the promised land, agencies really are working at this and really are making progress. Agencies like VA, Interior, Education, and the Small Business Administration are in the process of figuring out what new systems they will need. GSA, Transportation, AID, HUD and Customs are in the process of installing new systems. And even by the tests of FFMIA, agencies like Justice, Labor and NASA meet the Standard General Ledger requirement. They don't meet the other two requirements. Commerce meets the standards requirements, and OPM and SSA report they meet the systems requirements. So agencies are making progress. We think this is a very hard job, but it is one that is ultimately implementable. Since there has been an ongoing dialog between OMB and this committee over what is OMB doing in this process, I would like to talk about what we do. As you know, OMB is always, on the management side, doing a combination of threatening, cajoling, advising and laying down the law. In this area, we issued guidance shortly after FFMIA was passed in 1996 to help agencies and auditors. One of the things we learned over the last several years is that agencies and their auditors implement FFMIA in a variety of ways, so we are now in the process of revising our guidance to try to achieve greater consistency and try to focus on the real nub of FFMIA, which is to provide timely and reliable financial information. We are also working with JFMIP to issue a guide to help folks do this. Second, and I am going to defer to Karen Alderman, whose folks have done a really terrific job in this area, we have put in place a set of systems standards, standards on core financial systems and on other systems. These standards are not yet complete. We are now expanding this to property, grants and benefits. Third, and this is the informal part of OMB, there is a process of consultation and support. We meet with agencies, we talk about their remediation plans, we talk about what they need. We work with the CFO Council and essentially try to do that special combination of pushing, cajoling and private criticism and public praise that OMB does. The last point, which I think is really quite important, is we work to bring this into the budget process, because one of the issues that comes to us when we talk to agencies about systems modernization is money. So what we have said formally and officially is we will support systems improvements in the budget process if they comply with Clinger-Cohen, they have the support of the agency head, there is a plan and an architecture, and it fits into FFMIA. When we do that, we do that both on the budget side and on the management side. Mr. Horn. Thank you. That has been very helpful. [The prepared statement of Mr. Gotbaum follows:] [GRAPHIC] [TIFF OMITTED] T1731.001 [GRAPHIC] [TIFF OMITTED] T1731.002 [GRAPHIC] [TIFF OMITTED] T1731.003 [GRAPHIC] [TIFF OMITTED] T1731.004 [GRAPHIC] [TIFF OMITTED] T1731.005 Mr. Horn. Let us move now to the General Accounting Office, Jeffrey Steinhoff, the Assistant Comptroller General for Accounting and Information Management Programs, U.S. General Accounting Office. STATEMENT OF JEFFREY C. STEINHOFF, ASSISTANT COMPTROLLER GENERAL, ACCOUNTING AND INFORMATION MANAGEMENT PROGRAMS, U.S. GENERAL ACCOUNTING OFFICE, ACCOMPANIED BY GLORIA L. JARMON, DIRECTOR OF HEALTH, EDUCATION AND HUMAN SERVICES, ACCOUNTING AND FINANCIAL MANAGEMENT ISSUES Mr. Steinhoff. Mr. Chairman, Mr. Ose, it is a pleasure to be here today to discuss the state of financial management systems. The bottom line, across the Federal Government efforts are under way to overhaul financial systems; and good progress is being made. At the same time, there is a long way to go, as major challenges remain. From the outset today, I want to dispel any notion that this is merely a compliance issue. The expectations of the CFO Act and FFMIA are integral to producing the relevant reliable and timely information needed to efficiently and effectively manage government operations day-to-day and to provide accountability. When Federal agencies can meet these expectations, they will have achieved what the Comptroller General has referred to as the end game. FFMIA bolstered the mandate of the CFO Act by focusing on the systems themselves, which is at the heart of what is wrong today. While clean audit opinions are an important measure of accountability, the end game is having systems in place that routinely provide needed financial information. Our study of world-class finance organizations--Boeing, Chase Manhattan, G.E., Hewlett Packard, Owens-Corning and Pfizer, and the States of Texas, Massachusetts and Virginia--found that they redefined the role of finance with a goal of adding value and providing meaningful information to decisionmakers while reducing routine backroom accounting costs. I want to read to you a message from the CFO at the Department of Energy. This is an agency that got a clean opinion, and this is an agency that also passed the FFMIA test. So energy is at that leading edge of doing well. This really captures the nexus of the challenge. This is from Michael Telson, the Energy CFO, ``the Department's financial management system needs to be upgraded to produce financial information faster and in an easily accessible manner to meet the changing needs of our program managers.'' That is what agencies really face today. Similar to results for fiscal year 1998, for fiscal year 1999, only three agencies were found to be compliant with FFMIA. I applaud them. My colleagues from NASA here today have worked real hard, as have the National Science Foundation and Energy. A number of agencies that attained clean audit opinions for fiscal year 1999 did so through heroic efforts that were outside the financial system, such as using statistical sampling to derive year-end balances. For example, the DOT IG reported, that manual and labor intensive efforts that DOT employed to attain its first clean audit opinion are expensive, prone to errors, and cannot be sustained. DOT worked very hard at this, I commend them for their result, but they had to hire additional contractors, they detailed employees, they paid overtime and compensatory time, and they had adjusting entries of $36 billion to get there. It is an important achievement, I applaud them, but, long- term, they do not want to be spending their time and money on what I call cleaning up a backroom operation. They want to have this information readily come from their systems. As shown on the chart I brought today, over at your right, the IGs cited five basic reasons for noncompliance. First, non-integrated systems. I think this is the most problematic to achieving the end game. It was cited by 14 IGs; and for agencies such as DOD and IRS, it will take years and years of hard work to overcome this problem alone. It is a very complex issue. Second, inadequate reconciliation procedures were cited by 14. In part, that is caused by having non-integrated systems; and, therefore, you have got to reconcile data. Third, systems that do not implement the Standard General Ledger, meaning it is very difficult to pull the consolidated statements together, and we don't have the kind of consistency envisioned. Mr. Horn. Excuse me, just for the record, because nobody will know what SGL is---- Mr. Steinhoff. Standard General Ledger. Mr. Horn. Those in education, which your colleague is, you would think of student government loans. Mr. Steinhoff. I am sorry. Mr. Horn. That is why I am a nut on not having SGLs. Mr. Steinhoff. I have been an accountant too long. Fourth, a lack of adherence to accounting standards, including cost accounting. That was cited 15 times. Cost accounting is really at the heart of being able to implement GPRA in an effective manner. Finally, weak computer security, the reason cited most often, with 19 IGs reporting this issue. There are lots of efforts under way to upgrade financial systems, from reengineering basic processes to major redesigns of systems to the work of the JFMIP, which you will hear about today. These efforts must be sustained and will have to transcend this administration to remedy the underlying issues. We may be back in a few years to report that substantially more, perhaps all, of the 24 CFO Act agencies, have received a clean audit opinion. However, I feel much less confident in the short term that their systems will be in compliance with FFMIA and will meet the intended results of the CFO Act. Overhauling financial systems, as Mr. Gotbaum said, is much more difficult than devising and mastering a repeatable process for deriving year end numbers. This is heavy lifting, a tough job. Similar to my recent testimony before this subcommittee on DOD financial management, the successful Y2K experience shows that difficult challenges can be overcome. Government can get the job done through a disciplined process, in this case strict adherence to the Clinger-Cohen Act. There are no shortcuts, no free lunch. The past is littered with system failures, and Clinger-Cohen must be followed. Next, there must be top-level leadership, the tone and level of engagement at the top is critical to success. I think any agency that has had success will say that. In our work, looking at world-class finance organizations, that is what we found. Finally, through a continuing strong congressional leadership and oversight, such as the work of this subcommittee. Only in this way will the Federal Government achieve the end game of the CFO Act. Mr. Chairman, this concludes my summary remarks. I would be pleased to answer any questions later that you or Mr. Ose might have. Mr. Horn. And I am assuming Ms. Jarmon will be backup for you, because she is a very good witness. We have had her here before. We are glad to see you again. [The prepared statement of Mr. Steinhoff follows:] [GRAPHIC] [TIFF OMITTED] T1731.006 [GRAPHIC] [TIFF OMITTED] T1731.007 [GRAPHIC] [TIFF OMITTED] T1731.008 [GRAPHIC] [TIFF OMITTED] T1731.009 [GRAPHIC] [TIFF OMITTED] T1731.010 [GRAPHIC] [TIFF OMITTED] T1731.011 [GRAPHIC] [TIFF OMITTED] T1731.012 [GRAPHIC] [TIFF OMITTED] T1731.013 [GRAPHIC] [TIFF OMITTED] T1731.014 [GRAPHIC] [TIFF OMITTED] T1731.015 [GRAPHIC] [TIFF OMITTED] T1731.016 [GRAPHIC] [TIFF OMITTED] T1731.017 [GRAPHIC] [TIFF OMITTED] T1731.018 [GRAPHIC] [TIFF OMITTED] T1731.019 [GRAPHIC] [TIFF OMITTED] T1731.020 [GRAPHIC] [TIFF OMITTED] T1731.021 [GRAPHIC] [TIFF OMITTED] T1731.022 [GRAPHIC] [TIFF OMITTED] T1731.023 [GRAPHIC] [TIFF OMITTED] T1731.024 [GRAPHIC] [TIFF OMITTED] T1731.025 [GRAPHIC] [TIFF OMITTED] T1731.026 [GRAPHIC] [TIFF OMITTED] T1731.027 [GRAPHIC] [TIFF OMITTED] T1731.028 [GRAPHIC] [TIFF OMITTED] T1731.029 [GRAPHIC] [TIFF OMITTED] T1731.030 Mr. Horn. We now go to Karen Alderman, Executive Director of the Joint Financial Management Improvement Program. STATEMENT OF KAREN C. ALDERMAN, EXECUTIVE DIRECTOR, JOINT FINANCIAL MANAGEMENT IMPROVEMENT PROGRAM Mrs. Alderman. Mr. Chairman, Mr. Ose, thank you for the opportunity to discuss the role of the Joint Financial Management Improvement Program in supporting the goals of the FFMIA. The mission of JFMIP is to improve financial management practices in the government through a joint and cooperative effort. I am supported by the U.S. Department of Treasury, the General Accounting Office, the Office of Management and Budget, the Office of Personnel Management and all Federal agencies. The major JFMIP responsibilities with respect to Federal financial management systems includes issuing financial system requirements, testing and qualifying core financial software for agency use, and facilitating information exchange among all stakeholders, both public and private sectors. Regarding financial system requirements, JFMIP has been in the business of issuing financial management systems requirements documents since the 1980's. The framework for Federal financial management systems describes the Federal agency system architecture as including core financial system, managerial cost accounting, and 13 feeder systems. System requirement documents serve many roles. They facilitate the exchange of software for common administrative functions within the Federal Government; they help organize the private sector market by communicating mandatory functionality that commercial software must be able to provide to the Federal Government, as well as identifying value-added features desired by Federal agencies; they provide benchmarks for agency compliances under FFMIA and have served as a tool for oversight agencies to evaluate systems; and they also help agencies justify system improvements or replacements. Upon the passage of FFMIA in 1996, requirements documents existed only for the core financial system, and 6 of the 13 subsidiary systems. Several of those documents needed to be updated for recent laws and regulatory revisions. Since 1998, JFMIP undertook efforts to bring all existing documents up to date and to develop documents for those functions where none had existed before. I brought a little color coded slide here for you that shows the progress in 2\1/ 2\ years. The green are those documents that have been updated and reissued since 1998. The orange are those that are under way, including benefits, grants and property management systems; inventory system was issued in 1995; and those in blue, which includes acquisition, revenue, budget formulation and insurance claim systems, are yet to be worked on. But we have plans to address them starting by 2001. The second area I would like to highlight is the core financial system testing and qualification process. In 1998, the CFO Council and the JFMIP partnered to reengineer the core financial systems testing and qualification and procurement processes to improve the availability of commercial software and to improve the chances that agencies can successfully implement new systems. Prior to 1999, the testing of core financial systems software was accomplished in connection with the mandatory General Services Administration schedule for Federal financial management systems software. Information regarding the testing process was limited. The test addressed less than one-third of the existing requirements, and arrangements for software testing relied upon agency volunteers and other ad hoc arrangements. The CFO Council recommended, one, the establishment of a program management office under JFMIP with responsibility for developing tools and capabilities necessary to improve financial systems across the Federal Government; two, the separation of the test and qualification process from the procurement process to allow visibility of the testing; and, three, the establishment of an electronic knowledgebase to share information widely. October 1, 1999, marked the transition to the new process. The components of that new process included up-to-date core financial system requirements, complemented by the identification and prioritization of value-added features desired by Federal agencies; an open and comprehensive testing and qualification process that tests, in whole or in part, all testable mandatory requirements; the modification of OMB Circular A-127 ``Financial Management Systems'' to eliminate the mandatory FMSs schedule and to allow agencies to procure under any procurement vehicle, as long as agencies procure software for core financial systems that have been qualified by JFMIP. The purpose of the testing was to reduce risk to the government, produce useful information, reduce agency test effort, and provide critical information to commercial business partners to allow them to be successful in providing core accounting software that meets Federal requirements. The JFMIP test is efficient. It is 166 test steps that test 91 percent of the mandatory requirements fully or partially, and GAO helped us validate this test. As of May 2000, nine software products offered by seven vendors have received certificates of compliance. JFMIP maintains the current list of qualified software on the knowledgebase along with information about value-added features and our test methodologies. In addition, our testing process is designed to ensure that our commercial business partners update their products to meet new Federal requirements. When a software package passes, JFMIP issues that certificate for 3 years. If Federal requirements change during that 3-year period, we institute and implement an incremental test the vendor must pass in order to retain that certificate of compliance. In 2000, JFMIP will be administering the first incremental test to ensure that software can support the Federal Agencies' Centralized Trial-Balance System, FACTS II. Those in the business know that acronym. That is the reporting process for budget formulation data and budget execution data to the Office of Management and Budget and the Treasury. Other JFMIP efforts to improve financial management systems include improving the financial systems compliance review process, which Mr. Gotbaum mentioned; developing a road map that provides accessible information to help agencies manage full life cycle of financial management system planning, implementation and management; and, finally, building capacity within the Federal financial management work force to manage transition to the next generation of financial management systems. In summary, JFMIP is leveraging resources to provide system requirements, testing and tools, and, in doing so, demonstrates commitment among Federal stakeholders to address common system challenges in a cost-effective manner. In the short term, the payoff has been to reduce agencies' costs and risks in replacing systems. The longer term payoff will help in achieving the goals of the FFMIA. Thank you very much. Mr. Horn. Thank you. [The prepared statement of Mrs. Alderman follows:] [GRAPHIC] [TIFF OMITTED] T1731.031 [GRAPHIC] [TIFF OMITTED] T1731.032 [GRAPHIC] [TIFF OMITTED] T1731.033 [GRAPHIC] [TIFF OMITTED] T1731.034 [GRAPHIC] [TIFF OMITTED] T1731.035 [GRAPHIC] [TIFF OMITTED] T1731.036 [GRAPHIC] [TIFF OMITTED] T1731.037 Mr. Horn. We now move the to the departments. We start with Mr. Thomas P. Skelly, the Director of Budget Service and Acting Chief Financial Officer for the Department of Education. STATEMENT OF THOMAS P. SKELLY, DIRECTOR, BUDGET SERVICE AND ACTING CHIEF FINANCIAL OFFICER, DEPARTMENT OF EDUCATION Mr. Skelly. Thank you, Mr. Chairman and Mr. Ose. In sum, the Department of Education has not complied with the FFMIA. We have made significant progress, we believe, in addressing some of the requirements, but we are not in full compliance today. I would like to discuss several areas in which we have made progresses and a few challenges we have. One significant area of progress is that we have developed the remediation plan requirement by the act. We believe it is a good plan. GAO did a report and indicated that it thought if we implemented that plan fully, if we had good success, we would have a fairly good chance of complying with the act. We are about halfway through implementation of that plan, and we think we are on schedule. A second area of progress, critical part of the plan, was replacing our general ledger system. We had acquired a general ledger system back in 1995. It didn't work. We had implemented in 1998. It didn't do the things we thought it would do, it didn't produce integrated financial statements, it did not generate our statements at the end of the year. What we did in March following selection of a product that was on the JFMIP schedule was to go out and buy Oracle financial software. We think the Oracle package will do the job for us. We are in the design stage now. We think it will be late 2001 before we have implemented it fully. We are phasing it overtime, not trying to do it all at once, but we think we will meet that schedule. We did do extensive testing of the product beyond what JFMIP had done to make sure that it could do the end-of-year closeout for us and cover both our proprietary accounts and our budgetary accounts simultaneously. The third area of progress we have made is to do more timely reconciliations of our data. We are now doing interim statements, and we are also doing monthly reconciliations. Reconciliations and lack of those and the quality of data is the weakness that has been cited by our independent end auditors, Ernst & Young, by the GAO and the Inspector General. To help us expedite our reconciliation process, we acquired some software from a company called CheckFree. It is a software tool that banks use to help them do their reconciliation balances at the end of the day. It has greatly automated our process, and we are doing it much faster than we did before. Those are three areas of progress, the planned Oracle software acquisition and the more prompt reconciliations, but we do see challenges. Those challenges would include the time that we need to implement this new system, given the complexity of our appropriations. Our Department of Education has over 200 appropriations, it has 175 programs, we give out $75 billion per year in loans, grants, formula grants, discretionary grants. We have contracts. We have administrative funds. We have a lot of activity going on. We have several, 14 in fact, feeder systems. Those feeder systems, which took a while to get compliant with Y2K last year, are supposed to send in information to our accounting system so we can produce one set of accounting statements. We do think that is a challenge. A second challenge is that the standards keep changing. They should evolve over time. The world changes, people expect additional data. In 1997, the Department of Education did get a clean opinion. Only three statements were required in 1997. In 1998 and 1999, five were required. We didn't get a clean opinion in 1999 and 1999. We did have to make some additional changes to create those new statements. Another example of standards changing is direct loans. The accounting standards we got on those run 57 pages. A third challenge that we have is just the competing times for our demand and attention. We have not just FFMIA, we have the Integrity Act passed earlier, the CFO Act, the GMRA, the Clinger-Cohen Act, and other acts and requirements, things we need to fulfill. We have to make choices about what we do. We have to require resources and apply those. At the Department of Education we are committed to our remediation plan that involves our successful implementation of Oracle financial software. We think that should lead to integrated financial statements, timely production of data. The new integrated systems plus our increased attention to reconciliation data quality should get us into compliance with FFMIA and address many of our other competing priorities at the same time. Mr. Chairman, I would be glad to answer your or Mr. Ose's questions. Mr. Horn. Well, appreciate that. [The prepared statement of Mr. Skelly follows:] [GRAPHIC] [TIFF OMITTED] T1731.038 [GRAPHIC] [TIFF OMITTED] T1731.039 [GRAPHIC] [TIFF OMITTED] T1731.040 [GRAPHIC] [TIFF OMITTED] T1731.041 [GRAPHIC] [TIFF OMITTED] T1731.042 [GRAPHIC] [TIFF OMITTED] T1731.043 Mr. Horn. Next is the National Aeronautics and Space Administration, Arnold Holz, the Chief Financial Officer. We are glad to have you here again. STATEMENT OF ARNOLD G. HOLZ, CHIEF FINANCIAL OFFICER, NATIONAL AERONAUTICS AND SPACE ADMINISTRATION; ACCOMPANIED BY KENNETH J. WINTER, DEPUTY CHIEF FINANCIAL OFFICER Mr. Holz. Thank you, Mr. Chairman. Good morning, Mr. Chairman. Mr. Horn. I might say you are accompanied by Mr. Winter, the Deputy Chief Financial Officer. Mr. Holz. And very fortunate I am indeed. I am Arnold Holz, Chief Financial Officer at the National Aeronautics and Space Administration. I am here today to highlight the progress and challenges that NASA addressed in implementing the Federal Financial Management Improvement Act. I am pleased to report we are in compliance with the act. Achieving and maintaining compliance has been extremely challenging. In that regard, we continue to face major challenges. These include the need for strengthened systems and staff capabilities to efficiently sustain compliance and to provide required agency financial management information. NASA's efforts to achieve compliance with the Federal Management Improvement Act predate the act's enactment. For example, NASA began preparing agency-wide financial statements for fiscal year 1992, several years before required. We obtained our first of six consistent unqualified clean opinions for fiscal year 1994. NASA, like other agencies, encountered and addressed a variety of challenges in obtaining clean opinions and in achieving compliance with the act. The challenges included key cost accounting and property, plant and equipment complications. Our basic approach follows. We anticipated the challenges, and we started early. We evaluated and tested analytical and process alternatives. We implemented workable improvements. We coordinated improvements with our independent auditor, first the IG, and then later Arthur Anderson, and we disclosed related information in annual reports. We anticipate several ongoing challenges, two major future challenges focus on systems and staff. NASA's existing systems are decentralized and inefficient. They are not fully automated, they are not fully integrated, and they are not fully standardized. Recognizing these inefficiencies, NASA has initiated a new effort to implement a standard, efficient, integrated, agency-wide financial management system. Based on prior experience, the new system initiative is expected to be extremely challenging. NASA's staff is the critical element of our success. In that regard we have initiated a comprehensive staff development program to ensure that staff capabilities remain commensurate with the future challenges. Individuals are strongly encouraged to develop individual development plans, and resources have been made available for professional development activities such as classroom training, rotational assignments and other career-enhancing activities. NASA can point to success in achieving quality reporting, clean opinions and compliance with the Federal Financial Management Improvement Act. Such success was achieved by anticipating the challenges and assessing remedies and actively implementing required supplemental improvements. We plan to continue to pursue and achieve similar future financial management excellence. Mr. Chairman, that completes a summary of my more detailed statement. I would be pleased to respond to any questions of you or Mr. Ose. Mr. Horn. Thank you very much. [The prepared statement of Mr. Holz follows:] [GRAPHIC] [TIFF OMITTED] T1731.044 [GRAPHIC] [TIFF OMITTED] T1731.045 [GRAPHIC] [TIFF OMITTED] T1731.046 [GRAPHIC] [TIFF OMITTED] T1731.047 [GRAPHIC] [TIFF OMITTED] T1731.048 [GRAPHIC] [TIFF OMITTED] T1731.049 [GRAPHIC] [TIFF OMITTED] T1731.050 Mr. Horn. I now yield to my colleague from California, Mr. Ose, for such time as he may consume to question the witnesses. Mr. Ose. Thank you, Mr. Chairman. I have a number of questions, and I am going to move through them as methodically as I can. Mr. Holz, you have achieved compliance with the FFMIA, and you have a clean opinion. What I am trying to understand clearly from an in-the-field perspective is how does compliance with FFMIA work hand in hand with achieving or receiving a clean audit opinion? Just give me some sense of that, if you would, please. Mr. Holz. Yes. I would like to use the word framework sometimes. Achieving a clean opinion requires that financial data must be presented fairly in accordance with generally accepted accounting principles. The act requires, among other things, adequate financial systems that produce timely, accurate, reliable financial data and adoption of Federal accounting standards. Compliance with these FFMIA requirements fully supports the preparation of financial statements that are accurate and reliable and consistent with Federal accounting standards, thereby facilitating the receipt of a clean opinion. Mr. Ose. I know that Mr. Skelly referenced this not only in his statement but also his written statement. NASA's books, if you will, you check them against the Treasury frequently, infrequently? On a periodic basis, how often do you reconcile? Mr. Winter. Monthly. Mr. Ose. How long did it take you to get to that? In other words, have you been doing that forever? Mr. Winter. Yes, we have been doing that for years. But the initial reconciliations were not as clean as the ones we are in now. Mr. Ose. So it is an incremental process? Mr. Winter. Yes. Mr. Ose. Mr. Skelly, at the Department of Education in particular, the greatest challenges that you face are what? I read the part about the Treasury number and all that, but what is your biggest challenge there? Mr. Skelly. The biggest one is probably just the time, the time it will take us to try to get this new system, Oracle, up, while we are trying to do other things at the same time. We have, again, a very complex set of accounts. We have over 200 individual appropriations that we have to track, a number of different programs. We have feeder systems, for example, that provide us data from the guaranteed student loan program or the direct student loan program, from our impact aid program. The data in all those systems is not necessarily good when we get it, so it requires going back to the folks who work with those systems and making sure we have the best data possible. It is not easy to just push one button and get all the data from the 14 feeder systems and have it feed into the general ledger systems so we can produce our automated systems. Mr. Ose. We are going to have to break this down a little bit, because you are going to have to speak--you are going to have to lower your intellectual level when you speak to me. Break it down into smaller words, if you would. What I understand you to be saying is that DOE has a system, Oracle, that it has purchased to replace a similar system that it purchased in 1995 and that the pieces of your books that feed into that don't necessarily have the same architecture in their systems. Mr. Skelly. That is true. Mr. Ose. OK. Now, what is it that DOE is doing to reconcile that specific issue? In other words, are you going backward down the chain to standardize the systems, or are attempts being made in a different manner to make sure that the things recognize them? Mr. Skelly. We are trying to do some of both--from the bottom up and from the top down. It is a coincidence, almost, that the Oracle software is the same computer platform that is used already for our student financial aid programs. Mr. Ose. That is good planning. That is not a coincidence. Mr. Skelly. That is a very long story. But it is also the software that was used for some of our financial data that is in our grants payments system. So you have two of these feeder systems using the same software, so it will make it relatively easy, we hope, to have standardized accounting coding when we do tie all of the systems together. Mr. Ose. In terms of--if full compliance has a value of one, how far along are you--0.5, 0.7? Mr. Skelly. There are three key elements that the act requires. One is that we comply with Federal financial management systems requirements, a second is we have to meet all the Federal accounting standards, and a third is that the U.S. general ledger at the transaction level is something we comply with. I think we are halfway there. Mr. Ose. On an overall basis? Mr. Skelly. On an overall basis. Mr. Ose. Let me shift, if I may, to Mr. Gotbaum. I want to talk for a minute about the remediation plans. The act itself is very specific about when a remediation plan is supposed to be delivered and the like, and we do have some apparent problems by virtue of the reports we have received on the opinions in different agencies. In terms of the remediation plans, it is my understanding that only 3 of the 21 agencies met the deadline in September for submitting their plans. What I am curious about is what is OMB's approach to addressing that problem so that such remediation plans are submitted timely? Mr. Gotbaum. Mr. Ose, if I communicated that in my statement, that is not true, and it is a disservice to the agency. Mr. Ose. Go ahead. Mr. Gotbaum. Most agencies do not comply with FFMIA. If they don't, as the law says, the agency head is required to develop a remediation plan and submit it to us. All of the agencies that do not comply with FFMIA have submitted to OMB remediation plans. Some of those remediation plans are documents that I would be comfortable showing before this committee; and some of those remediation plans, frankly, need a little remediation. But just to be clear, every agency is complying with the procedural requirement of the law that if they are out of compliance, they submit to us a plan. Just to finish the point, some of those plans talk about compliance within 3 years, and some of those plans are honest and say this is going to take longer than that. For example, the Department of Defense, which we all recognize is our largest management challenge, it makes no bones about it. They say we are working to integrate our systems and we are working to get rid of legacy systems and both modernize and consolidate at the same time; and they, to my view commendably and honestly, say we are working on this as fast as we can; it is going to take longer than 3 years. So we have in-house at OMB remediation plans from all but five agencies. Those are five agencies that say that they are in compliance with FFMIA. Mr. Ose. Let me rephrase my question. You have got remediation plans submitted from all the agencies. The act talks about a specific time line during which those plans should be submitted. If I could be more specific, how many of the agencies have submitted their remediation plans on time? Mr. Gotbaum. My understanding, Mr. Ose, is that for those agencies that are required to have submitted their plans by now have done so. Because the law, as you know, has this architecture where the agencies develop a remediation plan and submit it after they receive their audits. For example, for fiscal year 1999 there are agencies for which the deadline has not yet come; and we have not yet received plans for those agencies. Based on fiscal year 1998, everybody who owed one sent us one. Mr. Ose. I am trying to get to the September deadline. If I understand correctly, and then I appreciate the clarification, for the deadline that passed September 30, 1999, of the 21 agencies that were supposed to submit remediation plans, only 3 did on time. You may have received them since. I am trying to make sure I understand that. Mr. Gotbaum. Mr. Ose, I don't want to mislead you. Maybe the best thing, if I may, is to task us to list agency by agency when a report is due, and whether we have received it. Because since the act talks about submitting a remediation plan after you receive your audit and the audit is due March 1, we are right now in the 4-month window between March 1 and the time when we expect to receive fiscal year 1999 remediation plans. Mr. Horn will be amused to note, for example, that the Department of State, which has yet to produce an audit, has produced a remediation plan. So in general we have received them. If I may, with the forbearance of the committee, let me submit for the record a list agency by agency of when the effective deadline is and whether we have received it. Would that be helpful? Mr. Ose. If you could do that, for instance, by year, like 1998, 1999, that way we could get some sense of progression, if you will. Mr. Horn. Without objection, that presentation will be put in the record at this point. [The information referred to follows:] [GRAPHIC] [TIFF OMITTED] T1731.051 [GRAPHIC] [TIFF OMITTED] T1731.052 Mr. Ose. Mr. Steinhoff, let me try it with you here on this. In terms of this process on the remediation plans that have been submitted, are we complying in a timely fashion? And if we are not, what additional efforts do you believe OMB could be doing to ensure that such plans are adequately designed and timely submitted? Mr. Steinhoff. With respect to whether they are on time or not, we did look at the fiscal year 1997 submissions. We are now looking at the fiscal year 1998 submissions and will be reporting according to the act by October 1 of this year. There were several that did not in the past submit remediation plans on time, State being one, I believe it is now in, but State did not file a remediation plan until recently. Three others for which management did not agree with the auditor FEMA, SSA and OPM--did not in fact file remediation plans, to my knowledge. These plans are important. I worked very closely with Senator Brown and his staff when he was fashioning this bill. He was a CPA as well as a lawyer, and he knew the importance of the underlying systems. And he knew, getting back to one of your previous questions, that you could attain a clean audit opinion by going through heroic efforts, such as ad hoc procedures, to compile numbers, but not have good underlying systems, which is the end game, which is what business expects and what world-class organizations want to have on a day-to-day basis. So he put in place this mechanism to report back on the underlying systems. It was expected that the remediation plans be very important, and it is key that people get behind those plans and do a couple of things: One, make a determination whether or not the agency involved really has the capacity to carry out the plan. Do they have the qualified people? Do they have a disciplined process in place? Are they making sure they go from A to B before they go to C? Are they following Clinger-Cohen? Two, it is very important that milestone dates be provided. And perhaps rather than once-a-year reporting, in this case about 1-year lag time, you would have periodic reporting, perhaps once a quarter, where agencies are showing how they are meeting certain milestones. Developing systems is difficult work, as I mentioned before, heavy lifting. The experiences of the past have not always been good. People do go in optimistic. I am wishing Mr. Skelly well, but the previous team at Education also thought they were going to get to the end game back in 1995, and they didn't. It is a tough job; and it is very, very key that these issues be really kept at the forefront, that people focused on progress on a regular basis, and that there be clear accountability for results. Mr. Ose. I want to diverge a little bit from my questions here, Mr. Chairman, if I may. I think the point Mr. Steinhoff is making is particularly apt as you look at his first point in terms of an agency's ability to comply, without being judgmental about their intention but the ability. If I could read between the lines, one of the difficulties we have, it seems, is that we have people who while seeking the objective may not have, for instance, the training they may need in this particular area and then we get caught in this little box. If I could, I would like to suggest perhaps some future point maybe we want to look at the training that we provide within our auditor corps as just a standard operating question. Mr. Horn. I think that's an excellent idea. Mr. Ose. Let me go on, if I can. Mr. Gotbaum, going back to the 3-year time line, the act requires the substantial--the act requires that if an agency cannot be in substantial compliance within 3 years from the date of a determination, then that agency must specify its most feasible date by which compliance can be met. My question is: What agency currently is identified as having the latest compliance date and what is that date? Mr. Gotbaum. I think, Mr. Ose, the agency that all folks agree is the furthest from this goal, including that agency itself, is the Department of Defense. And as I mentioned in my oral testimony, they honestly cannot give us a date that passes muster with them, much less with me or Jeff Steinhoff, as to when they can do this. What they have done is they have said, ``Here is our plan for consolidation of systems and for modernization of systems for the next 3 to 5 years,'' and they have laid that out before us. That's a case where we actually meet with them, how often, once a quarter at this point? Mr. Steinhoff. Probably every 2 months. Mr. Gotbaum. OK. We and GAO meet with them, in effect, to say how is it going? But they make no bones about the fact that they have so many systems, such a large consolidation job, that they can't do this within the 3-year timeframe. There is always a judgment, sir, you make about how you use a deadline. Our view, and it is controvertible, is that we use a deadline to encourage, to nudge, to make sure that people, in fact, are doing what they need to do. So what we have said to the Department of Defense and to other agencies on their remediation plans is tell us what you think is realistic and work at it. We have discovered, even with agencies that are really good that it takes time. For example, Arnie Holz and the folks at NASA, who are very good, and who have done a terrific job, in the process of their systems modernization had to start over again once, at least once. So what we find is that it is important, that there be continuing pressure and oversight from you as well as from us. That's the reason why we think this hearing is so important. It is very hard to get a time line on a plan that you can absolutely rely on when you are talking about installing a system. So what we do is we say: give us the plan and report to us periodically about it. We think that's the most effective way to get progress. Mr. Ose. If I could just offer one observation. NASA has a system that--excuse me, their system reports really are a function of, by the testimony, a nonintegrated financial system, much as you have just described. Yet, they are in compliance. Now, the question I have is, are the programs so big at some of these other agencies that we can't get there or do we want to take Mr. Holz' team and bring them over here and set them to work on that? Mr. Gotbaum. Actually, you should know, Mr. Ose, what the folks at the Department of Agriculture did on this. It is very commendable, because as I am sure you know there is a history in the Federal Government of ``not invented here'' so that each agency thinks their problem is unique. But very commendably the CFO of the Department of Agriculture, Sally Thompson, saw a team in the Internal Revenue Service that had just implemented a new system. Obviously, the IRS has its own problems and its own challenges, but they had implemented one system that works over there and she moved them lock, stock and barrel over to the Department of Agriculture to install their system. Mr. Ose. Did it work? Mr. Gotbaum. It is being implemented. So it is too soon to say. It is too soon to say. They are working on it. I think the fairest thing to say, Mr. Ose, is that since organizations outside government have, in fact, implemented financial systems. This was Jeff Steinhoff's point about world class finance. Organizations outside government have implemented financial systems that are integrated and do provide data reliably. It can be done. In the Federal Government, because of our tradition of stove-piping and decentralization, it is harder. In the same way that over the past 10 years we got financial systems where they didn't exist before and now we have clean audits in half the agencies, we can do this; we can get there. That's why, as I said in my testimony, what this requires from you all is a combination of both patience and pressure. This is not a case in which an agency is going to be able to, in most cases, check the box and convince either us or you that they are doing the right job or they are not doing the right job. This is a case where time after time, periodically, you need to call folks forward as we do, and say what have you done? Because some of those times it will be like NASA where they comply with FFMIA but still have a ways to go. Other times they will be like Education, where they do not comply with FFMIA but, again, they are trying to install a new system. We have no guarantees and there are no guarantees that the system that NASA is putting in now or the system that Education is putting in now will at the end of the day work the way we want it. This is not like Windows 95 where you just put it in the machine and boot it up. So what we think is important is that they work at it seriously, and in most cases they are. It is important that they know that we are watching and that you are watching and that, as Jeff Steinhoff suggested, that they report on it periodically so that the pressure stays on. Mr. Ose. Let me, if I could then, hijack your point then and go to Mr. Holz and make the point that while NASA doesn't have a single integrated financial management system, you are in compliance with the act and, as I understand it, you have a clean opinion. Now, I am tempted to ask, how could this happen? Mr. Holz. That's a good question. Each year, as part of its process, as part of its ongoing process, NASA has to match up its systems and processes and its policies against criteria that are established. I guess pursuant to the act and with OMB the auditing standards, we have to apply against those criterion to determine whether we are substantially in compliance or not. The mechanism provides for substantially in compliance. We are substantially in compliance so we meet that test. About you are--and we do have good policies and procedures and we have put in compensating controls and processes to make sure that our nonintegrated systems can provide the information necessary. NASA has all kinds of systems providing all kinds of data at many different levels and details to support management but it is not integrated and it is not standard across the agency. Again, the point is that we meet the test against criteria for substantial compliance. Do we want a fully integrated financial management system that applies standard processes in software and transactions across the agency in an efficient, timely fashion? You bet we do. Now, to get that is, in itself, a very significant challenge from several perspectives. One, it is a very difficult management challenge because it requires change. You are talking about changed management. It is not, as my colleague here mentioned, it is not just a matter of pushing a button. You cannot understand--no, you can understand, you need to understand the difficulty that changed management requires as you move from typical legacy systems, which were entrenched in everybody's mind, and move to a more state-of-the-art with all of its complexity in order to get the benefits that you choose. So let's see, where was I going? One was the management challenge and the other--I think the other, frankly, has to do with the Federal Government is evolving rather rapidly in the ability to acquire appropriate, adequate systems that work. You couple together the currentness of the emerging technology that's coming available through new software products, along with the changed management, to fit yourself back into that software in your business processes, you couple that together and that is an extremely serious, difficult challenge to overcome. As good as we are at NASA, as good as we are at NASA, I don't want to underestimate the complexity of that challenge. Now we are going to work that management challenge because we want an integrated system that provides more timely data. But in terms of your question about compliance, that's how we got there. It is a question of matching up against criteria provided in the act and in the auditing standards that allow for substantial requirements--substantial compliance. If that language was not there, we would have difficulty with it. But we are able to achieve the annual audited financial requirements. We are able to track our transactions back through a standard general ledger process. Our systems are nonintegrated but we have compensating controls in place. We have good, strong, financial management policies which we follow and enforce, and if you will let me have one more minute here, I want to go back to a word that I think Jeff Gotbaum used in the beginning when he enumerated about four things. Jeff, was the first word ``intensity?'' I wrote it down, and I think it was intensity. If not, intensity is important because you need an intense and concentrated, clear focus on what you are trying to accomplish. The other thing is, that Jeff mentioned, was difficult. It is difficult. It can't be business as usual. To get clean opinions takes a lot of hard work by a lot of smart people, and you have to work at it every day. You have to work at it every day, whether you have good modern systems or whether you don't. So, geez, I have given you a long answer to your question. Well, I am fired up. I love this work. I have been doing it all my life. Mr. Ose. Your answer actually begs a question that we all have, is that when do you expect NASA to have a single integrated financial management system? Mr. Holz. Well, Jeff mentioned we started down this road before and frankly we were unsuccessful because the software that we had acquired couldn't measure up and do the job. So we are in the process of getting out of that and we are revectoring into a new initiative where we are going to use the JFMIP schedules and processes. I made a mistake once before about saying when we were going to do it and I am not going to do that again. The lessons learned, we are going to crawl before we walk. We are going to test and proof before we buy. We are going to run prototypes. We are going to get down to a software that's going to work for this agency. Core financial is the primary No. 1 thing we are going to do. The other functions are going to be discrete activities that will tag along. We are going to take this overly complicated process and make it as clear, focused and simple as possible and we are going to push until we get it, but basically we are going to buy software that works. And if it doesn't, we are going to mitigate our risk by keeping it incrementally small until we prove it and then we are going to roll it out across the agency. We have 10 centers, 10 different cultures at work here, and the challenge will be to hold all that together. But we are going to do it based on proven software and techniques, not unproven. A little different than what we did before. Mr. Ose. I can understand your reluctance about the date. Let's explore this a little bit further. Of the 10 centers that you have, how many centers per year are you bringing into the fold, so to speak, for standardizing the approaches? Mr. Holz. The first thing we want to understand, simply, and understand I am going with you here because I believe in what we are doing and yet I am very concerned about the challenge and I want this to be a success story in the end. My good colleague here, he talked a little bit about he was getting into things like conversion issues, cleaning up data, turning on new systems. When you do that, experience would tell me you have a good year or two of shake-out. Mr. Ose. Per center or overall? Mr. Holz. Per implementation. Mr. Ose. All right. Mr. Holz. A lot of that depends on--I mean, if you have a very small organization, one location, you are in control of everything and it is very neatly packaged, I would say a year to 18 months before you are done, before you get through a complete cycle, shake out all the difficulties and then have a good closing procedures. You multiply that times 10 complex arrangements, you better know the results of the first 1 before you start down the other 9 because you could create utter chaos and loss of control. One thing we are not going to do is lose control. So we are going to do it in a pilot center. We are going to make sure that we know we have this thing adequately under control, and then based on what we learned from that first conversion and implementation at that pilot we will then build that experience into our scheduling and process. Mr. Ose. Is the pilot conversion underway? Mr. Holz. No, because we are in acquisition right now. We are beginning to go down the acquisition process. Mr. Ose. Have you started the testing of the acquired model yet? Mr. Holz. Our process will be to down select from a number of--I don't know if my terminology is right here. I am not a procurement person so I will do the best I can, but we are in the process of going from the several that are on the schedule down to three, and then we will dig further into those three and go to two and then we will configure, test and prove the two and then we will get to one. When we get to the one, that's the one we will pilot. So the process is---- Mr. Ose. When do you think you will get to the one? Mr. Holz. October. We will probably have a contract by November, right around the end of October. Mr. Ose. Of this calendar year? Mr. Holz. Yes, sir. Once we know that one, that's the one that's going to be standard throughout the agency. Mr. Ose. Then from there you roll it out to one of the centers to test? Mr. Holz. We will start at one center and then we will get into implementation at that center and then, based on what we learn from that, we will establish a roll-out schedule for the rest of the agency. It is not going to take forever but I am not going to tell you it is 2 years either because I just don't know yet. This is not to be fooled with. You are talking about the fundamental internal accounting controls that affect disbursements and moneys pursuant to appropriations. You have to be very careful that you don't lose the integrity of your system. You can easily do that if you make it too big too fast. Mr. Ose. If I understand---- Mr. Holz. That's just my perspective here based on some years of having done this effort. Mr. Ose. I am trying to synthesize your comments into one timeframe, if I can, and that is that commencing in October or November the selected system will be rolled out to a center, 1 of your 10 centers; that it will take somewhere between 12 and 18 months to fully implement that and take it through a cycle and test it; and that subsequent to that opinion on the results of that pilot, it would then be spread to the other 9 sites? Mr. Holz. I don't think it will be as serial as you described it, but you have the general--you have the drift of it but I don't think it is going to be as serial. In other words, we are not going to wait until the end to make the decision about No. 2 but we will be enough into it that we will have the comfort level that yes, A, this is the package; B, it is implemented within a reasonable timeframe; and, C, that we will not put the agency at total risk by doing it. We will have a sensible plan organized to a rollout that makes sense as fast as we possibly can achieve but with good information to back that up. In the meantime, we will continue to press forward with unending intensity to maintain our clean opinions and keep our compensating processes in place as we migrate from an older, inefficient way to a much newer and better way. Mr. Ose. I want to compliment NASA on the approach. I mean, I just--I would tell you that if I couldn't close my books on a monthly basis, I went back to a weekly basis and I will guarantee you every business has that. There were times when I couldn't close them on a weekly basis and I had to go to a daily basis just to correct the thing. So I appreciate the--and mine was a very small business, so I appreciate the difficulty that you are facing and the serious effort that you are putting into it. I want to go back for a minute, Mr. Gotbaum. The comment was made that, my recollection, it is just tickling my brain, is that in most cases agencies are working seriously to meet FFMIA requirements, which says that there are some that are not. My question is: Which agencies are not--were you referring to by exclusion as having not being--how do you even say this? Which agencies were you referring to as working--or not working seriously to meet the FFMIA requirements? It is the ``in most cases'' thing. Mr. Gotbaum. Mr. Ose, the last time I testified before Mr. Horn I mentioned that one of the things that we at OMB tried not to do was to hold examples of public criticism out. What we find is that for our function, which we know is different from your function, the process of public criticism by OMB is, less effective than the process of private criticism. So if I could---- Mr. Ose. Let me rephrase the question. Which agencies would you suggest that Mr. Horn and myself and other members of this committee particularly focus our interest on? Mr. Gotbaum. I am not sure, Mr. Ose, I can answer the question in that way. What I would like to do, if I could, is when we come back to you on who has provided what remediation plans on a timely basis, I think you can get a sense then of who is paying attention to this and who is paying less attention. Mr. Ose. Before you leave that point, I want to make sure I understand. When are we going to have that report or that information back? Mr. Gotbaum. I am going to try to do that one quickly. Mr. Ose. Does that mean next week, a month? Mr. Gotbaum. Yes. Mr. Ose. OK. Mr. Gotbaum. But I want to make the basic point, which is that we don't find that most agencies don't care about this, and I don't want to leave the committee with that impression. Most agencies are working very, very hard to do this. Now, part of the reason they are working very, very hard to do this, interestingly enough, is because of the pressure provided by you for clean opinions. Mr. Ose. My question is, when you said most agencies are working very, very hard, it means that some aren't. So you are going to report that back to us some time in the next---- Mr. Gotbaum. We will report back to you which agencies have turned in remediation plans on a timely basis and which ones haven't. But the point, Mr. Ose, that I want to make is that we find that most agencies really are devoting very substantial resources to modernizing their financial systems right now. There are some, and we should be honest, you are our committee, that during the Y2K effort put a lot of other IT work aside, because if they blew Y2K they were going to shut their agencies down. So there are agencies which are now moving from the efforts on Y2K to upgrading and improving financial systems. There are a fair number of them in that situation. The point that I want to make is that there is no neat touchstone. There is no neat box that you can check or not check that says whether an agency does or does not have priorities. Just to give you some for instances: the Department of Labor, which is not FFMIA compliant, is working hard now on installing and improving a new H.R. and personnel system. That is the Department of Labor. It cares for them intensely, etc. This is something which matters to us and which Arnie would tell you as a member of the CFO Council that the CFOs say. I don't think I could say publicly or privately, and I don't believe that that is a statement that modernizing their core system is less important. I don't think that. I think what that statement is that working on their core system and installing a new personnel system is the right balance of priorities for them. So, Mr. Ose, I want to be quite clear that what we get from agency after agency after agency--and we meet with all of them that are not compliant--is that they are, in fact, working on this. I think if you asked GAO this question they would confirm that we get modernization or improvement efforts in every agency we talk about. Whether those efforts are going to fill the bill in the timeframe is unclear. That's a different story. That's the reason why I think it is important that we recognize the need for pressure on your part and the need for the fact that this is going to take years. Mr. Ose. I appreciate the clarity with which you are covering the subject. I can assure you that there are at least two members of this committee who wish to be very clear that we are going to get these books in order so that they can get clean opinions. If that's the pressure you wish to have us bring to bear, I can guarantee you it is going to be there. Mr. Gotbaum. That's just fine. Mr. Ose. Now, if I may, I just want to come back that I look forward to your report in terms of that information that we just talked about. Now, Ms. Alderman, I want to ask you a couple of questions having to do with JFMIP. Can you elaborate on what the role of the program is in terms of improving the Federal financial management systems? What is the objective here? Ms. Alderman. There are two principal roles with respect to financial systems today. The first is, in statute and OMB policy, we are responsible for issuing the system requirements documents. These documents, once issued, represent the baseline requirements for a function that all Federal agencies must meet and they capture laws, governmentwide regulations and so forth. That is the one and the longer standing responsibility of JFMIP. Commercial providers of services look at these documents to understand what the Federal agencies need as a baseline. Getting these documents up to snuff, getting them modernized to reflect current requirements, has been a very strong push in the last 2 years because there are so many agencies that now have to replace their systems. Getting requirements out in front of this wave has been a major undertaking and one that has been participated in by the Federal agencies in leadership positions who need to benefit by these documents. That's item No. 1. The second area has been the requirements testing and qualification process for core financial systems. Federal agencies that bought systems from the mandatory schedule prior to 1999 did not really know, in any depth, how those softwares were tested. They held assumptions that those products that were on the GSA schedule met the JFMIP requirements. We did update those core financial system requirements in 1999 ahead of the new testing process. Of the 251 mandatory requirements about 20 percent of the baseline changed to either new or changed requirements. That is indicative of the amount of legislative changes, changes in reporting requirements, and changes due to new accounting standards since 1995. So the testing process now is totally in the open domain. It was developed through a consultative process. We put the test out there with the expected results and all the test setup data. It is an open book test for vendors. Agencies know how the test is conducted. They can see the results of the test for vendors who pass the test. I will tell you that all the vendors whose products have received certificates of compliance were on the old schedule; but not the same versions of the software. I will tell you that every vendor had to make significant improvements in their software to pass the test. So this is an example of really quality assuring at a baseline level the products that Federal agencies use. So that is item No. 2. Those two items for core financial systems are not sufficient. They are necessary for success but they are certainly not sufficient. All those products that have passed the test, that means they have baseline functionality. They can do Federal reporting. They can do the proprietary and budgetary accounting correctly. They can compute prompt pay correctly; these types of things are federally unique requirements. That doesn't mean that the architectures are all the same, the IT architectures. It doesn't mean that the value added features are all the same. It doesn't mean that the user interfaces, or how difficult they are to use, are all the same. It just gives a list that Federal agencies can use to do gap analysis and make the best choice. It is a prequalified set of products to meet their agency needs. It is the beginning of a process, not the end, for agencies. Mr. Ose. You have just touched on something that I have actually been reading quite a bit about and that's the IT architectures of the different systems. I am diverging a little bit from my questions here so we are going to make this up as we go, but you brought it up, not me. Ms. Alderman. I probably got myself in trouble, too. Mr. Ose. How large of an issue does the IT architecture question pose for the different agencies? That is, when we go to the approved systems and this agency goes with this system and that agency goes with that system, in terms of the overall level of communication, how large of an issue is this? Ms. Alderman. OK. I would first make a disclaimer that I am not a computer scientist. Mr. Ose. Ms. Alderman, you brought this issue up. Ms. Alderman. But I will tell you that these products that we have evaluated have--for one thing, the old installed base that Federal agencies have are mainframe. Every single product that we have qualified to date has either been a client server or a Web-enabled product. So the skill sets from the old systems to the new systems are different. No. 2, some of these systems are more scalable than others. Some of the products are well designed for a small agency with few simultaneous users. Others, if you try to do that, the system does not have adequate processing time. They are too slow. So those are different types of issues. So we know that agencies have to do a careful review of whether product X fits on their platform, their data bases, and are scalable to their needs. Now, JFMIP can't do that for them. We cannot prequalify that for them, but we tell them they really have to focus there because if they don't they will have something that doesn't respond timely; doesn't meet their operational requirements for information. Mr. Ose. You talked about a Web-enabled system. I want to make sure I understand what that is. I have some sense, but give us some sense of what you mean when you say a Web-enabled system. Ms. Alderman. What that means is the system may be designed to be centrally managed and accessed through browsers as opposed to hosted on a desktop. The client server sends and is operated from there. Mr. Ose. You would have an intranet, if you will? Ms. Alderman. It relies on a certain type of communications infrastructure and it does pose other issues in agencies who implement them, such as security. Mr. Ose. Security. I have that question down here. So we will get to that one. Mr. Horn. Could I interject a question at this point? Mr. Ose. Certainly. Mr. Horn. I ask the question to what degree are people getting things off the shelf and making them work? Did you learn anything from that that you might want to use at NASA, Mr. Holz? I am just curious. Mr. Holz. Well---- Mr. Horn. Like the checkoff? Mr. Holz. The real benefit to the software vendors because they are making a significant--is that better? Sorry. Thank you. The real benefit to these software vendors is, and to the government, is to not only have standard practices in the agencies but to use software consistently--you want to go out and buy a license. You don't want to be changing code. If you get down into software and start customizing it to meet fairly unique requirements you are going to run into trouble because you will be into a development process pretty quick, faster than you can probably know it, and you want to avoid that if you can. So under the initiative that we are doing we are looking at best practices, best business practices, and then we are going to retrofit ourselves into those best practices and we will only look for the software to solve those kind of problems for us. If there is some kind of a unique thing to NASA that we have to do, we will do it outside the realm of that. We are not going to go in and change software. Is that partially responsive, or no? Mr. Horn. Does the CFO Council get into this when you have monthly meetings? Mr. Holz. I would like to defer more to Josh on that subject. I know we have committees that are looking at software. Mr. Gotbaum. Yes, the CFO Council has a couple of committees. The systems committee is the one which deals with this most frequently. As you know, Mr. Chairman, the way the CFO Council works generically is when there are issues that CFOs recognize are common issues, we spin off some project or effort, etc., to do so. This may be doing a disservice or paying a compliment to JFMIP, but I view the project management office at JFMIP and their work over the last 3 years as a collaborative effort with the systems committee of the CFO Council: to elevate, first of all, by putting up a set of standards, which they are doing. Second, by setting up common testing procedures of commercial systems, which they are doing; and then the third part, which they don't advertise quite as broadly but which in my view is at least as important, is they provide an informal ``nerve net'' among agencies about experience across agencies. And so when an agency is saying I am thinking about doing something, the JFMIP staff knows, ``Yes, I had tried that and it didn't work;'' or, ``Yes, the following two agencies have had experience with that vendor and you have to watch out for X, Y, and Z.'' So there is information sharing and a collaborative process and it works throughout the JFMIP. Since we want to give some credit where I think it is appropriate to note that the systems committee of the CFO Council, which has been very active in JFMIP's actions for all of the last 3 years. Mr. Horn. I thank the gentleman. Mr. Ose. I want to thank Chairman Horn. Mr. Horn. Keep going. Mr. Ose. All right. Ms. Alderman, Mr. Gotbaum just referenced the communication between the CFOs about the systems being tried in their respective agencies under the JFMIP. In your opinion, has a sufficient sustained commitment been made at the agency level to implement these initiatives? I mean, are we actually making progress here? Ms. Alderman. The agencies have, part of what they do in terms of disclosing to the commercial sector their plans, they tell us what their plans are for replacements are and we post that up on the knowledgebase. In the next 5 years, 13 out of the 24 CFO agencies plan to replace their core financial systems. Seventeen agencies indicate they plan to replace feeder systems; very significant. We meet---- Mr. Gotbaum. And some of those that are, ``not planning to'' are already in the process of doing so. Ms. Alderman. Some of them are in the implementation--yes. Some of the additional ones have already made procurements in the last year. These are ones who have not yet made them. We meet with what we call a ``super user group.'' We invite all the agencies in who are replacing their systems. We go through all the information so that there is full understanding of how we test; plus a discussion of the other needs that they have. We are developing a road map, what we call an implementation road map, and that is collecting the information and making it easily available to CFO agencies on all the processes and considerations that they need to understand to be successful. So we are trying, through a supportive effort. By the way, the Federal agencies pay for our existence, for the most part, through a portion of their charge card refunds. So we are a joint investment, if you will, on behalf of the Federal agencies to collect this information and make it readily available to them. So there is a lot of interest and a lot of demand; probably more demand than we can supply given our current resources. But they are truly interested and they want to succeed. But they have terrific challenges: new technology base, new products, new requirements and a staff that probably hasn't been trained up on all these combination of techniques. Thirteen percent of the current installed base is commercial- off-the-shelf. That's not what they have to choose from in the future. Mr. Ose. In terms of our effort to, frankly, make this a success, are there suggestions you would make about--specific suggestions you would make about improvements we could make? I would be happy to let you think about that and get back to us. Mr. Chairman, at this point if you would entertain a question to be responded to later. Mr. Horn. Without objection, it will be inserted at this point in the record. [The information referred to follows:] [GRAPHIC] [TIFF OMITTED] T1731.053 Ms. Alderman. Will do. Mr. Ose. Thank you. I want to go back to something that Ms. Alderman hinted at in terms of the security of the systems, in particular as it relates to, for instance, the Web-based systems. Mr. Steinhoff, on your poster here you have 19 of 20 agencies--excuse me, auditors finding in 19 of 20 agencies some degree of weaknesses in computer security. Is this particular--I am forgetting why I wrote this question down. Just a minute here. Is this the most significant problem you have identified--I mean, you talk about five primary reasons agencies are not in compliance. Is this the most significant? Mr. Steinhoff. This is the most prevalent problem. It is very important. Beginning in 1997, again in 1999, GAO designated computer security as a high risk area--the recent Melissa and ``I love you'' viruses, the threat of cyber warfare, the ability to literally go into any system unimpeded; we have been able to actually penetrate major systems in which we could have destroyed all of the data or taken all the data or changed all the data. This is a serious issue. It is going to continue to be serious for a long time. As we move to an ever more interconnected society and a global society, it is a world-class challenge. In terms of FFMIA and getting to the end game I spoke of earlier, this is a critical issue. The other critical issue is having integrated systems that are actually at the fiber of the management process of an agency. When agencies will actually be at the end state, actually be there, is when the systems are viewed as being seamless, When they have knowledge management whereby information is provided to the manager on a day-to-day basis and used to manage, and when financial data isn't viewed as something special or outside the purview of the general manager but is viewed as something on your desktop every day. For example, the government is the lender of last resort in a number of cases. We are filling in holes. In theory, our managers should have better information, and we have to really assure that all the information is protected, and that's where computer security comes in. Mr. Ose. Is it your suggestion that the challenge lies perhaps not in the integration but the interconnectivity? Mr. Steinhoff. That's part of it. It is both integration and interconnectivity. Both of those are very important challenges, and I think that in some cases--I know I am going a little off of your computer security question but it gets to some of your earlier issues. In looking at what we are doing today, there is another very fundamental part of it, and that is reengineering the basic processes. Mr. Holz spoke about trying to take an off-the-shelf package and use it. In the past, what government has oftentimes done is taken an off-the-shelf package and redesigned it, which hasn't proved to be very effective. These normally die their own deaths over lingering periods of time. What we have to do is, in many cases, reengineer basic processes. Your question before about systems architectures, it is very important that the financial system be developed within the confines of that architecture and that agencies, in fact, have one in place. Many agencies don't, and you end up with stovepipes at the end. So this is really what Clinger-Cohen was getting to, and why it is just very critical that people follow Clinger-Cohen and actually take the extremely cautious, judicious way that Mr. Holz says he is going now, based on experience of going another way before, and assuring that you have gone from A to B before you attempt to go to C. It is not that the government hasn't spent a lot of money over many years on systems. They have. We should, in theory, be there many times over but we are not, and we have to learn from that experience. In designing systems, computer security must be built in. Oftentimes a vendor won't sell you computer security, and it is an issue not just in government but in the private sector. Mr. Ose. Mr. Gotbaum, this kind of begs a question from OMB's standpoint. What is OMB or the administration suggesting to the agencies regarding addressing the security issue? Mr. Gotbaum. Actually, Mr. Ose, a string of measures. In the same way that we put out guidance for financial systems that is part of FFMIA, we publish general guidance on computer security. There are a couple of steps. This guidance comes out periodically. We are in the process of revising it again, not surprisingly, in light of what we have learned over the last several months. But what we say to agencies is, you need to, address computer security at the start when you develop systems. This is consistent with Clinger-Cohen. Second, when you come forward and ask for money for IT systems, you need to show us how your IT system complies with all of the various requirements: Clinger-Cohen, your security requirements, etc. So what we have done is said to the agencies, in effect, you need to meet the following general test, which is you need to plan your IT systems in advance. You need to use commercial systems as much as possible. You need to make them as modular as possible. Arnie Holz' point about crawling before you can run is something that---- Mr. Ose. Walk. Mr. Gotbaum [continuing]. We are strongly in favor of. Mr. Ose. Walk. Mr. Gotbaum. Yes, walk before you run. And sometimes in the Federal Government we have tried to fly before we could crawl. Mr. Ose. That's NASA. Mr. Holz. We do good at that, though. Mr. Gotbaum. So what we have said in guidance is these are the general rules. You need to, as part of your IT planning, which is part of your budgeting, come forward and tell us that you have done this and tell us how you have done it. So that's the process we followed both for FFMIA compliance and for computer security. Mr. Ose. So it is an integral part of what the system architecture ends up having? Mr. Gotbaum. Yes, right, and our review is part of our general review of their systems proposals and their budget proposals. Mr. Ose. All right. I have two more questions and then, Mr. Skelly, I want to come back to your challenge with the various programs that you have. Mr. Gotbaum, the March 1st audit report deadline of this year was not met by a couple agencies and, frankly, it seems to be a rather blatant noncompliance. What are we doing--excuse me. What is OMB doing to ensure that agencies comply with the March 1st reporting deadline for fiscal year 2000? Mr. Gotbaum. This year we are doing more of what we have done over the past year. Any agency that was late or had less than a clean opinion, we sat down with them months in advance of the deadline and said what are you doing? We sat down with the agency. We sat down with their auditor, and for those meetings we brought in GAO and Treasury. So for agencies which were characterized as agencies with challenges, we sit down with them and say, ``Walk us through what your plans are, walk us through how you intend to deal with them, etc.'' So beginning last fall, we had a series of meetings with all of the agencies that had had difficulties in the year before. We are doing that again except we are starting it earlier. In addition, as we get closer to the deadline when we hear from agencies that they are either slipping or having difficulties or both. The audit process is not automated. That's part of the reason why we think FFMIA is so important, because most agency audits now are not automated. They are done by a combination of automated systems and a lot of hand labor. This is what Jeff Steinhoff was talking about. As a result, because this is something that agencies have only been doing for a couple of years, this is something which the agencies and their auditors are still learning. Therefore, in more than a few cases, in fact in at least half a dozen cases, some time in the month of February or March, we would get a phone call from an agency saying ``We just discovered a problem,'' and they were not dissembling. They were not hiding something that they had known about for months. As they had gone through reconciliations, they discovered their accounts couldn't reconcile. So what we do at that point is we sit down, we work with them, we work with GAO, we work with their auditors and we try to resolve each of those issues. I think it is important, as we recognize what we haven't done, to also recognize what we have. For fiscal year 1998, we had, I think, 15 timely audits. This year, for fiscal year 1999, we had 19. We would have had 20 except DOT was so interested in making sure that GAO agreed with it that they held off a couple of days to convince GAO. So I would say this year we had 20. And I am hopeful that next year we can, in fact, get everyone. Mr. Ose. The other question I have, Mr. Chairman, if I could take a little liberty here, is I want to come back to the Department of Education and the reason I want to come back to the Department of Education is that it handles so many critically important aspects of, frankly, training the next generation, if you will. I want to visit with Mr. Skelly about the specific challenges. I know you have a huge number of programs. You have the student loans, the guarantees. You have this, that and the other thing. Are there specific things you can share with us as to how we can help DOE, frankly, deal with this problem? I mean, we have to have a clean opinion. We have to close these books and they have to reconcile. How do we help--I mean, what can we provide DOE to get to that end game? Mr. Skelly. It is a difficult task to manage all of these activities and to do it well. It is important that we get our administrative funds that we need to implement some of these changes so that we can devote resources to our systems enhancements, but--and training of staff, recruitment of staff, retention of staff, who can do a good job on them, who can learn about the programs, learn about the systems requirements, the changing audit standards, keep up-to-date on all of those things and do a good job. I think that's the most important thing that Congress can do in supporting us, as OMB has, in requesting sufficient funds to administer the activities. I don't think you can just eliminate some of the requirements for separate programs. I think the education programs we have for the most part address clear national priorities. They are important investments in school children and in college students and in people with disabilities and others who benefit from the programs. I wouldn't want to suggest that the easiest way to comply with all the accounting rules and standards is to eliminate those programs. They each--each of the 175 programs serves a different purpose. Mr. Ose. Before we leave that, are any of the 175, in terms of their specific function, able to close their books? Mr. Skelly. We could probably do that. We have the greatest difficulty. At least in the 1999 audit, Ernst & Young, our independent auditors, had the most problem, and I think GAO would echo this, with what we call our guaranteed student loan program, our Federal family education loan program. It is the program that has the most significant accounting issues because under another piece of legislation called the Credit Reform Act we have to account for that program based on each year's cohort of loans, each year's loans that we set up. The act only passed in 1990 and it was in effect for fiscal year 1992. So we have two separate sets of rules for how we account for guaranteed student loans, for those loans made prior to 1992 and for those loans made after 1992. We have to account for each year after 1992 separately. We get to lump all the pre-1992 money together. But one of our most significant issues in the audit this year was how we dealt with the pre-1992 student loans in our 1999 audit, a full 7 years later; but loans were made prior to 1992. Students are still repaying those loans, in most cases, because if they go to school for 3 to 5 years and then they are earning payment for even 10 to 25 years, we are tracking these loans for a long time. There are problems. There have been problems in the past with defaults on those loans and we have to account for that separately. We have greatly reduced the default rate from over 22 percent down to 8 percent in the first 2 years' repayment. That has significantly eased the problems in how we do accounting. We still have to track the inflow of funds from default repayments and make sure we put them into the right account. Are these repayments part of the pre-1992 loans or are these repayments part of the post-1992 loans? If they are post-1992 are they 1992, 1993, 1994, 1995? Which year do we put them? What we call splitting that data up is what has been one of our difficult issues. It is one of our most difficult audit challenges for fiscal year 2000 also. Mr. Ose. So on the student loan program--I have to question the uniqueness of the challenge that you are defining because I frankly happen to think there is a substantial body of expertise that has faced up to this issue of loans issued at varying dates and their degree to which they repay. Now the thing that has ensued since 1992 may be a little different but the fact of the challenge in repayment or the default rate or what have you, I don't think that's particularly unique. That's the student loan program. Are there other programs within DOE that you are able to frankly close? Not close in the sense of eliminate but close the books in terms of a given year. Mr. Skelly. We have two student loan programs. The guaranteed student loan program makes approximately $20 billion in loans each year. We have another program called the direct student loan program that makes only $10 billion in loans each year. It is still a very large program. In the direct student loan program, we have had a clean audit opinion. It is a program again run by the Federal Government. We make the loans. We use private sector contractors to make and service all of those loans, but we are more in control of the data because we are the big, large bank. In the guaranteed student loan program, we use intermediaries or third parties to help us. Guarantee agencies and lenders send us information, and some of our most significant problems have been in the data that we get from guarantee agencies, the information we get from lenders. Because it is a more complicated program, with more actors involved, it is more difficult to get all the data that we need and, thus, more difficult to do the accounting. But the direct student loan program, we do a good job. Again, we have more control over it but we have done very well there. Mr. Ose. Mr. Chairman, you have been very, very generous with time this morning. I do have one question. I want to ask Mr. Gotbaum and the others whether there is any legislative action that we can take to further refine or modify the requirements at FFMIA, but knowing you as I do I am confident you have questions. I apologize for monopolizing the time. Mr. Horn. I just have one or two. You are doing great. I am training him. Since the Republican Party, and I was part of it, said chairs can only serve 6 years, I want you next. OK. Let me ask you on this, Mr. Skelly, has the Secretary ever asked the authorizing committees or the Appropriations Committees or has this come under the Banking Committee, and is there a way simply to work it out and simplify it? Have you ever asked OMB for the language? Mr. Skelly. There is a long history where the administration requested in 1993 to go to a direct student loan program for all the loans that we make. That was rejected by Congress. Mr. Horn. Well, I remember voting for the direct student loan. I was for that as a university president and I was also for it as a Member of Congress. Mr. Skelly. Many university presidents and many Members of Congress do support the direct student loan program. It has been a very, we think, big success. It has saved a lot of money over time. More importantly, it has improved services to schools and to students, both the ones who get the direct student loans but also the ones who have received guaranteed student loans because the competition of the direct student loan program has spurred the guaranteed student loan program into all kinds of innovations; things we did where we made our services Web enabled so that students could get access to their records. They could file their application form over the Web. We have greatly simplified a lot of the loan requirements. So it is--and speeded up the process of their getting a loan. So, again, there was a proposal not based on accounting concerns but just based on the idea of what was the best way to serve the public and provide loans to students who need them back in 1993, but there has been no real proposal since then to do that. We think both programs work well simultaneously. There is room for both. Again, it is a huge, huge industry. A lot of college students and their families need help in attending college and helping to pay for it. So we wouldn't try to get rid of the other program. It is complicated. There are always people suggesting ways to make it simpler, and that the banks and guarantee agencies that participate in the program have also helped do that. It is not all the government doing it. Both sides have helped to make the programs better. Mr. Horn. My point was, if it is a real burden to the Department of Education, you ought to just get some things amended up here. If it isn't, why struggle with it? Mr. Skelly. I think we are going to struggle with it, but it is kind of the thing where the driver here of how we do things is not just the accounting. We are not doing accounting for accounting's sake. We are delivering these services. We are performing functions that are necessary in the national interest. We want to do those the best we can and we hope to get all of the accounting requirements fulfilled at the same time. Mr. Horn. I have one last question that will involve OMB, GAO and anyone else who wants to get into it. I remember very well when Commissioner Rossotti came by and said, ``I have this great training program and people are stealing my people.'' So I was curious on the incentives to get the team to move from IRS where they have had great improvement on fiscal matters over to Agriculture, I am curious can they negotiate the schedule for, say, senior civil servants or just the regular civil servant grade? How does one swipe a lot of people from others that are good? Mr. Gotbaum. I am not sure that I should answer this question on the record in any case, but---- Mr. Horn. I am looking at you. Mr. Gotbaum. I am not sure how Sally did it. I am happy to ask Agriculture to do a write-up on it, because this is something of which they are very proud and which is important, because it is a case in which a Federal agency recognized that there was expertise outside the Federal agency. They needed to get this experience and went out and got it. With your permission, Mr. Chairman, let me put that in the list of things that I need to respond in writing to. [The information referred to follows:] [GRAPHIC] [TIFF OMITTED] T1731.054 Mr. Horn. It is an interesting route to go. I think of it in the hospital analogy, where the heart specialist at one of the very distinguished hospitals in America, that happens to be in Long Beach, arrived in town and just took the whole group. I asked the other night, when I was sitting with a lot of doctors, I said, ``is that group still at this other hospital?'' And they said ``yup, they still are.'' If you offer people a chance to do good things, maybe that is all it takes. So I was curious about that, because I remembered that. Mr. Rossetti, as you know, has done rather well in getting the books balanced over there. Mr. Gotbaum. Although he has a few more things to do. Mr. Horn. That is true. I said it would take him 10 years, and I would hope he would be here under five Presidents to get the job done. Well, any other comments? Mr. Ose. I do have one other, Mr. Chairman, if I may. This legislation, FFMIA was passed 4 years ago, and I want to ask Mr. Gotbaum, and then have the others, to the extent they have any comments, chime in whether there is any legislative action that this subcommittee or the Congress could take to either further refine or modify the requirements of the act, the purpose being to improve it further? Mr. Gotbaum. Mr. Ose, I am stating a view that I have not vetted through the CFO council. Mr. Ose. You are way out there, man. Mr. Gotbaum. This is, in our view, very good, quite general legislation. What FFMIA says is, basically you need to get your systems, so they meet systems standards, they meet accounting standards and they use the standard general ledger. It is not, in my view, an overly prescriptive piece of legislation. So I, frankly, think the major task is for us to implement it. I would say, and as I mentioned in my testimony, that the 3-year time horizon is one, in most instances, that we think is optimistic. But the law then provides, that if you are going to go beyond 3 years, you need to talk with the Director of OMB, and you need to explain why it is OK to go beyond 3 years, and you need to have your auditor comment on the remediation report. To be quite honest, I think this is a case of a law which is a very sensible law, which is hard to implement, and we need to go about the task of implementing it. As I mentioned, and I believe this very sincerely, I think the attention of the Congress on how agencies improve their financial management matters a great deal. In the same way that you keep track of GPRA implementation and the way you keep track of whether we do or do not have clean opinions, I would argue it would be useful to keep on keeping track of this. It might also be useful to, at some point, for some agencies, hold some kind of joint hearing and review with the authorizers and the appropriators how individual agencies are doing. One of the issues the agencies raise to us that we work on actually quite hard is making choices among priorities. Because we are in a balanced budget world, we have to make choices, and you have to make choices. So it is helpful to agencies if appropriators and their authorizers know that it is not just the agency that cares about modernizing its financial system, but that you and your committee do as well. Mr. Horn. That is well said. Does the gentleman from California have any other questions? Mr. Ose. I suspect others might have some perspective here. Mr. Steinhoff. I agree there is no need to change the law now, but we have to take the law that is there and really take it to the next level. If you look at the successes in Y2K, there were several very important components to that. One was the tone at the top. It would be very important that you would have not just chief financial officers, as Mr. Holz has come today and Mr. Skelly, to talk about the importance of this, because they are convinced this is important. But it is important that the department head be asked these questions. We saw in Y2K that entities like DOD turned around when the responsibility got to the higher levels. When the Deputy Secretary, John Hamre took control, it went from a program in peril to one that was completely changed and reformed and got them to the end zone. So you have to have that proper tone at the top. Our work with world-class corporate and finance State organizations, found that that tone at the top was there. The chief executive officer was engaged in these issues and looked at it as providing value to the business, looked at it as being an investment. It has to be viewed that way. FFMIA has an annual reporting mechanism. Administratively, that reporting mechanism can be expanded upon to have, let's say, quarterly reporting, back to milestones. I would not want this to turn into a process-driven endeavor. I want to make that real clear. It should not be viewed as process-driven or ``gotcha,'' but there should be basic accountability. Many people go in very optimistically when they are designing systems, but it doesn't always quite work out the same way. The chairman mentioned IRS. I am not saying that you would have to do something of this grand scale every time, but IRS had a very major and very expensive systems disaster, $3.4 to $4 billion, and reforming its system is really at the lifeblood of carrying out its mission. Basically, today, every time the IRS asks for money out of its special fund for tax systems modernization, it must present a plan. GAO must look at that plan and say whether IRS is in a position to effectively spend that money. If we find a systems architecture is not there, or the proper planning has not yet been completed, we will say funding should be conditional on X, Y and Z. The Congress has limited funding in some cases. This has all been done very collaboratively with the IRS in a constructive way. They don't want to move ahead when they are not in a position to move ahead. So I think there can be a lot more rigor placed on systems development. I think it would be very much worthwhile for the Congress to know whether or not agencies are in a position to properly carry out Clinger-Cohen. There are measures of this. The Software Engineering Institute has a variety of tools that can be used to determine whether an agency is in a position to design software or to manage a contractor that is designing software. All too often agencies get into these major projects that go on for years and years and years, and then finally someone plugs in the cord of the system in and it explodes. Agencies have to make sure this money is well spent. Following the disciplined rigors of Clinger-Cohen is very important here. Finally, a very important component of the success we saw in Y2K was the independent validation and verification and the fact that things were tested on an end-to-end basis to see did they really work end to end and to break down some of the stove pipes. The IGs played a very important role in Y2K, I can see them playing a very important role in addressing the financial systems issue, which really gets to the heart of the challenge and the CFO Act and FFMIA. Without this, the government is not going to move toward a performance-based government because it will not have the data. It is that important. Those are my pearls of wisdom for today. It has been a pleasure to be here. Mr. Horn. Anybody else have a word on this? Mr. Skelly. You asked would we like any changes. I have not vetted this one through Josh or the CFO council either, but one additional month, instead of having to do these things by March 1, would really help us. We, in the Department of Education, did meet the March 1 deadline this year. We are glad we did, but we paid a pretty big price for it. The reason we have a difficulty is the loan programs we have to work with require us to go back and use economic assumptions that are part of the President's budget to discount those loans. The same people who are doing the work on the budget, which has to come out the first week in February, also have to do a lot of work to help produce the statements and work with the auditors. Another month would certainly have helped us a lot, and it sounds like it would have helped a couple of the other agencies. Mr. Ose. Mr. Skelly, I don't want to deflate your balloon, but I would suggest that we go a different direction. We are not going to relax the standards. You will have to vet that there, but that is not going to be very receptive. It is not going to be received well on this side, to relax the standards. Mr. Skelly. It is worth a shot. Mr. Horn. That is right. We opened it up. You are right to move in. Any comments, Mr. Holz? Mr. Holz. I would like to add to the comments that came from the other end of the table about the support of the heads of the agencies. I can assure you, I have never run into a guy that is more aggressive about excellence in financial management than one Daniel S. Golden, and his support made him an absolute champion of this process. He wants audited financial statements, he wants clean opinions, he has some corporate experience, so he knows about that. The whole accountability reporting process that we do, he owns it. There is no doubt about it. It just makes my job that much easier, because my chores and challenges and direction are very, very clear. When you have that kind of support and understanding of the products from the top down, it is an extremely beneficial tool to have and it works very well for us in the area of statements and systems and standards. Mr. Horn. Well, I agree with you. He has the highest regard up here on the Hill, more probably than any other Cabinet officer. Mr. Holz. I appreciate that. Mr. Horn. He is not only a visionary, but he is a practical visionary, and we see it almost every day. He has had to suffer more cuts than anybody else, and he took it smiling and did something about it. Mr. Holz. I was a little interested in Mr. Ose's comments when he was talking about closing the books and being in business, how to do that. Having been in business for many years as an auditor, I have provided those kinds of services to people, and it is very difficult sometimes. I think we have all talked about that here today. We just need to keep pressing forward and get it down. Mr. Ose. I would say I pulled my hair out doing it, but I don't want to---- Mr. Holz. I won't take it personally. Mr. Horn. We thank you all for coming. I now want to thank the staff. Russell George is right behind me, the staff director and chief counsel for the subcommittee, and then Louise DiBenedetto is right to my left and your right, and sadly for us, this is her last hearing. She is on the nice detailee program of the General Accounting Office as a professional staff member, and she will be going back there, but only after we unlock the door and get all these documents that we have suggested some of you file today and do a report. Then we will release her for GAO. But she has a superb operation and is excellent. So we thank you, Louise, for all you have done to be helpful here. So we think that is good for people, even in our legislative branch, which GAO is, and we certainly would welcome people from the executive branch to spend some time on the Hill. You think they would go back with a different perspective. I can think of a lot of cases where people went from here to there and there to here, and it worked out, and some it never worked out. I will never forget one, he is inscribed in my brain forever. He was up here as a very fine legislative assistant on the Senate side, went down to your shop, my friend, and known as then BOB, and he started saying, you know, what are those idiots on the Hill doing? That was not exactly the right way to move in to the executive branch. I thought, boy, good-bye. Mr. Gotbaum. Thank God that was a previous administration. Mr. Horn. You are right, it was. We also want to thank Bonnie Heald, our director of communications. I saw her here. There she is. Bryan Sisk is our clerk on the administrative matters, and then Elizabeth Seong is an intern. Where is she? She is probably waiting for me to take her to lunch. Michael Soon, the same condition, an intern, and Will Ackerly, intern. Will, where are you? Put your hand up. Thank you. And then the minority staff, Trey Henderson, counsel, and Jean Gosa, the minority clerk here. And then, of course, our faithful reporters, Bob Cochran and Mindi Colchico. So, with that, we thank you all, and we are adjourned. [Whereupon, at 12:12 p.m., the subcommittee was adjourned.] [Additional information submitted for the hearing record follows:] [GRAPHIC] [TIFF OMITTED] T1731.055 -