[House Hearing, 106 Congress]
[From the U.S. Government Publishing Office]
COMPLIANCE WITH THE FEDERAL FINANCIAL MANAGEMENT IMPROVEMENT ACT OF
1996: AGENCIES CONTINUE TO STRUGGLE
=======================================================================
HEARING
before the
SUBCOMMITTEE ON GOVERNMENT MANAGEMENT,
INFORMATION, AND TECHNOLOGY
of the
COMMITTEE ON
GOVERNMENT REFORM
HOUSE OF REPRESENTATIVES
ONE HUNDRED SIXTH CONGRESS
SECOND SESSION
__________
JUNE 6, 2000
__________
Serial No. 106-215
__________
Printed for the use of the Committee on Government Reform
Available via the World Wide Web: http://www.gpo.gov/congress/house
http://www.house.gov/reform
______
U.S. GOVERNMENT PRINTING OFFICE
71-731 DTP WASHINGTON : 2001
_______________________________________________________________________
For sale by the Superintendent of Documents, U.S. Government Printing
Office
Internet: bookstore.gpo.gov Phone: (202) 512-1800 Fax: (202) 512-2250
Mail: Stop SSOP, Washington, DC 20402-0001
COMMITTEE ON GOVERNMENT REFORM
DAN BURTON, Indiana, Chairman
BENJAMIN A. GILMAN, New York HENRY A. WAXMAN, California
CONSTANCE A. MORELLA, Maryland TOM LANTOS, California
CHRISTOPHER SHAYS, Connecticut ROBERT E. WISE, Jr., West Virginia
ILEANA ROS-LEHTINEN, Florida MAJOR R. OWENS, New York
JOHN M. McHUGH, New York EDOLPHUS TOWNS, New York
STEPHEN HORN, California PAUL E. KANJORSKI, Pennsylvania
JOHN L. MICA, Florida PATSY T. MINK, Hawaii
THOMAS M. DAVIS, Virginia CAROLYN B. MALONEY, New York
DAVID M. McINTOSH, Indiana ELEANOR HOLMES NORTON, Washington,
MARK E. SOUDER, Indiana DC
JOE SCARBOROUGH, Florida CHAKA FATTAH, Pennsylvania
STEVEN C. LaTOURETTE, Ohio ELIJAH E. CUMMINGS, Maryland
MARSHALL ``MARK'' SANFORD, South DENNIS J. KUCINICH, Ohio
Carolina ROD R. BLAGOJEVICH, Illinois
BOB BARR, Georgia DANNY K. DAVIS, Illinois
DAN MILLER, Florida JOHN F. TIERNEY, Massachusetts
ASA HUTCHINSON, Arkansas JIM TURNER, Texas
LEE TERRY, Nebraska THOMAS H. ALLEN, Maine
JUDY BIGGERT, Illinois HAROLD E. FORD, Jr., Tennessee
GREG WALDEN, Oregon JANICE D. SCHAKOWSKY, Illinois
DOUG OSE, California ------
PAUL RYAN, Wisconsin BERNARD SANDERS, Vermont
HELEN CHENOWETH-HAGE, Idaho (Independent)
DAVID VITTER, Louisiana
Kevin Binger, Staff Director
Daniel R. Moll, Deputy Staff Director
David A. Kass, Deputy Counsel and Parliamentarian
Lisa Smith Arafune, Chief Clerk
Phil Schiliro, Minority Staff Director
------
Subcommittee on Government Management, Information, and Technology
STEPHEN HORN, California, Chairman
JUDY BIGGERT, Illinois JIM TURNER, Texas
THOMAS M. DAVIS, Virginia PAUL E. KANJORSKI, Pennsylvania
GREG WALDEN, Oregon MAJOR R. OWENS, New York
DOUG OSE, California PATSY T. MINK, Hawaii
PAUL RYAN, Wisconsin CAROLYN B. MALONEY, New York
Ex Officio
DAN BURTON, Indiana HENRY A. WAXMAN, California
J. Russell George, Staff Director and Chief Counsel
Bonnie Heald, Director of Communications
Bryan Sisk, Clerk
Trey Henderson, Minority Counsel
C O N T E N T S
----------
Page
Hearing held on June 6, 2000..................................... 1
Statement of:
Alderman, Karen C., Executive Director, Joint Financial
Management Improvement Program............................. 39
Gotbaum, Joshua, Executive Associate Director and Controller,
Office of Management and Budget............................ 3
Holz, Arnold G., Chief Financial Officer, National
Aeronautics and Space Administration, accompanied by
Kenneth J. Winter, Deputy Chief Financial Officer.......... 57
Skelly, Thomas P., Director, Budget Service and Acting Chief
Financial Officer, Department of Education................. 49
Steinhoff, Jeffrey C., Assistant Comptroller General,
Accounting and Information Management Programs, U.S.
General Accounting Office, accompanied by Gloria L. Jarmon,
Director of Health, Education and Human Services,
Accounting and Financial Management Issues................. 11
Letters, statements, etc., submitted for the record by:
Alderman, Karen C., Executive Director, Joint Financial
Management Improvement Program, prepared statement of...... 42
Gotbaum, Joshua, Executive Associate Director and Controller,
Office of Management and Budget:
Followup questions and responses......................... 91
Information concerning FFMIA remediation plan status..... 69
Prepared statement of.................................... 6
Holz, Arnold G., Chief Financial Officer, National
Aeronautics and Space Administration, accompanied by
Kenneth J. Winter, Deputy Chief Financial Officer, prepared
statement of............................................... 59
Ose, Hon. Doug, a Representative in Congress from the State
of California, followup questions and responses............ 83
Skelly, Thomas P., Director, Budget Service and Acting Chief
Financial Officer, Department of Education, prepared
statement of............................................... 51
Steinhoff, Jeffrey C., Assistant Comptroller General,
Accounting and Information Management Programs, U.S.
General Accounting Office, prepared statement of........... 14
COMPLIANCE WITH THE FEDERAL FINANCIAL MANAGEMENT IMPROVEMENT ACT OF
1996: AGENCIES CONTINUE TO STRUGGLE
----------
TUESDAY, JUNE 6, 2000
House of Representatives,
Subcommittee on Government Management, Information,
and Technology,
Committee on Government Reform,
Washington, DC.
The subcommittee met, pursuant to notice, at 10 a.m., in
room 2247, Rayburn House Office Building, Hon. Stephen Horn
(chairman of the subcommittee) presiding.
Present: Representatives Horn and Ose.
Staff present: J. Russell George, staff director and chief
counsel; Louise DiBenedetto, professional staff member; Bonnie
Heald, director of communications; Bryan Sisk, clerk; Elizabeth
Seong and Michael Soon, interns; Trey Henderson, minority
counsel; and Jean Gosa, minority clerk.
Mr. Horn. A quorum about to be present, the Subcommittee on
Government Management, Information, and Technology will come to
order.
In 1990, Congress passed the Chief Financial Officers Act.
This act established the foundation for a financial management
structure in which Federal departments and agencies would be
held accountable for providing reliable financial information
to Congress and the American taxpayers. The act emphasized the
need to improve financial management systems and controls to
deter fraud, waste, and the misuse of government resources.
Congress continued to buildupon this foundation with
additional financial management legislation, including the
Federal Financial Management Improvement Act of 1996. It has
been nearly 4 years since this legislation became law. Today,
we will discuss the progress Federal agencies have made in
complying with the law. We will also discuss the significant
challenges that are preventing many agencies from having
management systems that provide reliable financial information
on a day-to-day basis.
As of today, we know that 20 of the 24 agencies and
departments included in the Chief Financial Officers Act do not
have financial management systems that comply with the Federal
Financial Management Improvement Act. That number might rise to
21 agencies when the Department of State finally issues its
1999 financial audit report, which was due on March 31. That
missed deadline is a separate problem, which we will also
discuss today. Given the State Department's failure to issue a
timely audit report and its failure to comply with the
Financial Management Improvement Act in 1997 and 1998, it would
be surprising to find that much had changed in 1999.
During the subcommittee's hearing on the 1999 government-
wide audits on March 31, the Comptroller General of the United
States, Mr. David Walker, reported that ``agency financial
systems overall are in poor condition and cannot provide
reliable financial information for managing day-to-day
government operations and holding managers accountable.''
From the Comptroller General of the United States, Mr.
Joshua Gotbaum, who is with us today from--he will be with us--
from the Office of Management and Budget, reported that the
same financial management system challenges that confronted
Federal departments and agencies 10 years ago still exist
today.
The Federal Financial Management Improvement Act of 1996
required that noncompliant agencies prepare remediation plans
to bring their financial management systems into substantial
compliance with the act within 3 years.
Yet last October, the General Accounting Office reported
that agencies had not submitted timely remediation plans and
that most of the plans submitted did not comprehensively
address financial management issues. That is simply
unacceptable to Congress.
We recognize that Federal departments and agencies face
enormous challenges in correcting long-standing financial
management systems problems. We also recognize that these
challenges could take significant time and resources. However,
we want to ensure that the intent of this act is taken
seriously and that necessary changes are being made.
I welcome all of you who are our panel today. It is one
panel so we can have the discussion among ourselves in all
directions.
As you know--most of you have been here before--when we
call on you in the order in which you are on the agenda, your
full statement is put in the record, and we don't want you to
read it to us. We have read it. What we want you to do is look
us in the eye and summarize it for us in about 5, 6, 7 minutes.
We are going to--as you know, we give the oath to all of
you and the assistants who might advise you during the hearing.
So if you will stand and raise your right hand and get your
assistants also, the clerk will take their names to see that
they have affirmed the oath.
[Witnesses sworn.]
Mr. Horn. We will note the seven witnesses and one helping
behind the scenes. So please be seated.
We will now start with Mr. Gotbaum--always good to see you,
Josh. You are right on time--the Executive Associate Director
with his limousine slowing down there at OMB, Executive
Associate Director and Controller, Office of Management and
Budget. That must take letterhead going this way to do all
that. OK. You are going to give us a good summary and will tell
us why the State Department takes so long to get things done.
Mr. Gotbaum. And others.
Mr. Horn. And others, that is right.
STATEMENT OF JOSHUA GOTBAUM, EXECUTIVE ASSOCIATE DIRECTOR AND
CONTROLLER, OFFICE OF MANAGEMENT AND BUDGET
Mr. Gotbaum. Mr. Chairman, thank you. Since I have
submitted a statement for the record, I would like to make four
points about the state of Federal financial systems and why I
am grateful that this committee has undertaken this hearing.
First, this matters intensely. Financial systems are at the
heart of the reason why we are trying to reform financial
management in the first place.
Second, this is extremely difficult for the government to
do.
Third, we are working on it very seriously. I will talk
about how and where we have made progress and how and where we
have not.
Fourth, we need and appreciate both the patience and the
pressure from Congress.
I think it is important, Mr. Chairman, to put FFMIA and
financial systems in the context of Federal management reforms
generally. For 10 years Congress has, on a bipartisan basis
with the administration, across administrations, been working
to improve the way the Federal Government manages itself. This
effort started with the CFO Act in 1990; and continued with the
Government Performance and Results Act, which I consider to be
one of the major government reform actions of the decade; GRMA
in 1994 requiring financial statements; Clinger-Cohen, an
essential improvement in the way we think about IT systems;
and, finally, FFMIA. They have laid down a series of mandates.
In response, we have, I want to be very clear, and I think
it is important to say, we have come a very long way. It is
also important to recognize we have even further to go. But to
tick off briefly where we have come: we now have CFOs, we now
have their staffs. We now have financial statements from
agencies that we did not have before. We now have financial
standards that we didn't have before.
Ten years ago, the government couldn't have turned out an
audit according to GAAP because there was no GAAP for it to
have. We now have governmentwide financials, a long way from
clean, but we have them. Agencies financials are improving.
This is most important and this is why this hearing is so
important to us: financial management systems such as they were
10 years ago did not keep standard accounts, they couldn't
communicate with each other, and they couldn't provide
accurate, timely and reliable information.
We now have done part of the job. We have GAAP-recognized
standards, thanks to a lot of the folks to my left and the
AICPA. We have established requirements for systems. We have
revitalized JFMIP. I am very pleased Karen Alderman is here to
testify, because JFMIP has been around a long time, Mr.
Chairman, but what has happened in the last 2 or 3 years since
Karen has taken over has been enormously helpful and important.
So OMB has set up a system of testing of commercial systems and
laid down a requirement that says that unless a system passes
muster, agencies cannot buy it.
So we have come a long way. We have an even longer way to
go.
If I may, Mr. Chairman, I want to talk about what I think
the real challenge is. We had systems. The Federal Government
had dozens of systems, actually hundreds of financial systems.
They were systems designed with old technology, they were
designed for old purposes, and they were not designed to talk
to each other and not designed to work with each other. They
were designed for keeping track of cash or keeping track of
budget requirements. They had no notions of accrual accounting
in them.
So the challenge here is that we need to upgrade, modify or
scrap literally hundreds of systems while continuing to do the
job of the government; and this is a very difficult, very long-
term challenge.
FFMIAs requirements by themselves are really quite simple.
They say you have to meet financial management systems
requirements, you have got to meet accounting standards, now
that we have them, and you have to use the Standard General
Ledger. This is something which the agency had determined
working with the auditor. Most agencies do not yet meet these
tests. They don't meet the tests for reasons that I have
discussed in the testimony, but I think two more are worth
mentioning.
One is the stove-piping nature of government. These were
systems not designed to talk with each other; and the business
of getting them to work with each other, is, frankly,
difficult. Second, because we have been following the
congressional mandate to improve management of Federal systems,
we have been raising the bar, over the course of the past
decade. We have been setting new, higher standards, and that is
what we should do. But we ought to also recognize that has
consequences.
I also think it is important to state for the record, Mr.
Chairman, that although we are a long way from the promised
land, agencies really are working at this and really are making
progress. Agencies like VA, Interior, Education, and the Small
Business Administration are in the process of figuring out what
new systems they will need. GSA, Transportation, AID, HUD and
Customs are in the process of installing new systems. And even
by the tests of FFMIA, agencies like Justice, Labor and NASA
meet the Standard General Ledger requirement. They don't meet
the other two requirements. Commerce meets the standards
requirements, and OPM and SSA report they meet the systems
requirements. So agencies are making progress. We think this is
a very hard job, but it is one that is ultimately
implementable.
Since there has been an ongoing dialog between OMB and this
committee over what is OMB doing in this process, I would like
to talk about what we do.
As you know, OMB is always, on the management side, doing a
combination of threatening, cajoling, advising and laying down
the law. In this area, we issued guidance shortly after FFMIA
was passed in 1996 to help agencies and auditors.
One of the things we learned over the last several years is
that agencies and their auditors implement FFMIA in a variety
of ways, so we are now in the process of revising our guidance
to try to achieve greater consistency and try to focus on the
real nub of FFMIA, which is to provide timely and reliable
financial information. We are also working with JFMIP to issue
a guide to help folks do this.
Second, and I am going to defer to Karen Alderman, whose
folks have done a really terrific job in this area, we have put
in place a set of systems standards, standards on core
financial systems and on other systems. These standards are not
yet complete. We are now expanding this to property, grants and
benefits.
Third, and this is the informal part of OMB, there is a
process of consultation and support. We meet with agencies, we
talk about their remediation plans, we talk about what they
need. We work with the CFO Council and essentially try to do
that special combination of pushing, cajoling and private
criticism and public praise that OMB does.
The last point, which I think is really quite important, is
we work to bring this into the budget process, because one of
the issues that comes to us when we talk to agencies about
systems modernization is money. So what we have said formally
and officially is we will support systems improvements in the
budget process if they comply with Clinger-Cohen, they have the
support of the agency head, there is a plan and an
architecture, and it fits into FFMIA.
When we do that, we do that both on the budget side and on
the management side.
Mr. Horn. Thank you. That has been very helpful.
[The prepared statement of Mr. Gotbaum follows:]
[GRAPHIC] [TIFF OMITTED] T1731.001
[GRAPHIC] [TIFF OMITTED] T1731.002
[GRAPHIC] [TIFF OMITTED] T1731.003
[GRAPHIC] [TIFF OMITTED] T1731.004
[GRAPHIC] [TIFF OMITTED] T1731.005
Mr. Horn. Let us move now to the General Accounting Office,
Jeffrey Steinhoff, the Assistant Comptroller General for
Accounting and Information Management Programs, U.S. General
Accounting Office.
STATEMENT OF JEFFREY C. STEINHOFF, ASSISTANT COMPTROLLER
GENERAL, ACCOUNTING AND INFORMATION MANAGEMENT PROGRAMS, U.S.
GENERAL ACCOUNTING OFFICE, ACCOMPANIED BY GLORIA L. JARMON,
DIRECTOR OF HEALTH, EDUCATION AND HUMAN SERVICES, ACCOUNTING
AND FINANCIAL MANAGEMENT ISSUES
Mr. Steinhoff. Mr. Chairman, Mr. Ose, it is a pleasure to
be here today to discuss the state of financial management
systems. The bottom line, across the Federal Government efforts
are under way to overhaul financial systems; and good progress
is being made. At the same time, there is a long way to go, as
major challenges remain.
From the outset today, I want to dispel any notion that
this is merely a compliance issue. The expectations of the CFO
Act and FFMIA are integral to producing the relevant reliable
and timely information needed to efficiently and effectively
manage government operations day-to-day and to provide
accountability. When Federal agencies can meet these
expectations, they will have achieved what the Comptroller
General has referred to as the end game.
FFMIA bolstered the mandate of the CFO Act by focusing on
the systems themselves, which is at the heart of what is wrong
today. While clean audit opinions are an important measure of
accountability, the end game is having systems in place that
routinely provide needed financial information. Our study of
world-class finance organizations--Boeing, Chase Manhattan,
G.E., Hewlett Packard, Owens-Corning and Pfizer, and the States
of Texas, Massachusetts and Virginia--found that they redefined
the role of finance with a goal of adding value and providing
meaningful information to decisionmakers while reducing routine
backroom accounting costs.
I want to read to you a message from the CFO at the
Department of Energy. This is an agency that got a clean
opinion, and this is an agency that also passed the FFMIA test.
So energy is at that leading edge of doing well. This really
captures the nexus of the challenge.
This is from Michael Telson, the Energy CFO, ``the
Department's financial management system needs to be upgraded
to produce financial information faster and in an easily
accessible manner to meet the changing needs of our program
managers.''
That is what agencies really face today. Similar to results
for fiscal year 1998, for fiscal year 1999, only three agencies
were found to be compliant with FFMIA. I applaud them. My
colleagues from NASA here today have worked real hard, as have
the National Science Foundation and Energy.
A number of agencies that attained clean audit opinions for
fiscal year 1999 did so through heroic efforts that were
outside the financial system, such as using statistical
sampling to derive year-end balances. For example, the DOT IG
reported, that manual and labor intensive efforts that DOT
employed to attain its first clean audit opinion are expensive,
prone to errors, and cannot be sustained. DOT worked very hard
at this, I commend them for their result, but they had to hire
additional contractors, they detailed employees, they paid
overtime and compensatory time, and they had adjusting entries
of $36 billion to get there.
It is an important achievement, I applaud them, but, long-
term, they do not want to be spending their time and money on
what I call cleaning up a backroom operation. They want to have
this information readily come from their systems.
As shown on the chart I brought today, over at your right,
the IGs cited five basic reasons for noncompliance.
First, non-integrated systems. I think this is the most
problematic to achieving the end game. It was cited by 14 IGs;
and for agencies such as DOD and IRS, it will take years and
years of hard work to overcome this problem alone. It is a very
complex issue.
Second, inadequate reconciliation procedures were cited by
14. In part, that is caused by having non-integrated systems;
and, therefore, you have got to reconcile data.
Third, systems that do not implement the Standard General
Ledger, meaning it is very difficult to pull the consolidated
statements together, and we don't have the kind of consistency
envisioned.
Mr. Horn. Excuse me, just for the record, because nobody
will know what SGL is----
Mr. Steinhoff. Standard General Ledger.
Mr. Horn. Those in education, which your colleague is, you
would think of student government loans.
Mr. Steinhoff. I am sorry.
Mr. Horn. That is why I am a nut on not having SGLs.
Mr. Steinhoff. I have been an accountant too long.
Fourth, a lack of adherence to accounting standards,
including cost accounting. That was cited 15 times. Cost
accounting is really at the heart of being able to implement
GPRA in an effective manner.
Finally, weak computer security, the reason cited most
often, with 19 IGs reporting this issue.
There are lots of efforts under way to upgrade financial
systems, from reengineering basic processes to major redesigns
of systems to the work of the JFMIP, which you will hear about
today. These efforts must be sustained and will have to
transcend this administration to remedy the underlying issues.
We may be back in a few years to report that substantially
more, perhaps all, of the 24 CFO Act agencies, have received a
clean audit opinion. However, I feel much less confident in the
short term that their systems will be in compliance with FFMIA
and will meet the intended results of the CFO Act.
Overhauling financial systems, as Mr. Gotbaum said, is much
more difficult than devising and mastering a repeatable process
for deriving year end numbers. This is heavy lifting, a tough
job. Similar to my recent testimony before this subcommittee on
DOD financial management, the successful Y2K experience shows
that difficult challenges can be overcome. Government can get
the job done through a disciplined process, in this case strict
adherence to the Clinger-Cohen Act. There are no shortcuts, no
free lunch. The past is littered with system failures, and
Clinger-Cohen must be followed.
Next, there must be top-level leadership, the tone and
level of engagement at the top is critical to success. I think
any agency that has had success will say that. In our work,
looking at world-class finance organizations, that is what we
found.
Finally, through a continuing strong congressional
leadership and oversight, such as the work of this
subcommittee. Only in this way will the Federal Government
achieve the end game of the CFO Act.
Mr. Chairman, this concludes my summary remarks. I would be
pleased to answer any questions later that you or Mr. Ose might
have.
Mr. Horn. And I am assuming Ms. Jarmon will be backup for
you, because she is a very good witness. We have had her here
before. We are glad to see you again.
[The prepared statement of Mr. Steinhoff follows:]
[GRAPHIC] [TIFF OMITTED] T1731.006
[GRAPHIC] [TIFF OMITTED] T1731.007
[GRAPHIC] [TIFF OMITTED] T1731.008
[GRAPHIC] [TIFF OMITTED] T1731.009
[GRAPHIC] [TIFF OMITTED] T1731.010
[GRAPHIC] [TIFF OMITTED] T1731.011
[GRAPHIC] [TIFF OMITTED] T1731.012
[GRAPHIC] [TIFF OMITTED] T1731.013
[GRAPHIC] [TIFF OMITTED] T1731.014
[GRAPHIC] [TIFF OMITTED] T1731.015
[GRAPHIC] [TIFF OMITTED] T1731.016
[GRAPHIC] [TIFF OMITTED] T1731.017
[GRAPHIC] [TIFF OMITTED] T1731.018
[GRAPHIC] [TIFF OMITTED] T1731.019
[GRAPHIC] [TIFF OMITTED] T1731.020
[GRAPHIC] [TIFF OMITTED] T1731.021
[GRAPHIC] [TIFF OMITTED] T1731.022
[GRAPHIC] [TIFF OMITTED] T1731.023
[GRAPHIC] [TIFF OMITTED] T1731.024
[GRAPHIC] [TIFF OMITTED] T1731.025
[GRAPHIC] [TIFF OMITTED] T1731.026
[GRAPHIC] [TIFF OMITTED] T1731.027
[GRAPHIC] [TIFF OMITTED] T1731.028
[GRAPHIC] [TIFF OMITTED] T1731.029
[GRAPHIC] [TIFF OMITTED] T1731.030
Mr. Horn. We now go to Karen Alderman, Executive Director
of the Joint Financial Management Improvement Program.
STATEMENT OF KAREN C. ALDERMAN, EXECUTIVE DIRECTOR, JOINT
FINANCIAL MANAGEMENT IMPROVEMENT PROGRAM
Mrs. Alderman. Mr. Chairman, Mr. Ose, thank you for the
opportunity to discuss the role of the Joint Financial
Management Improvement Program in supporting the goals of the
FFMIA.
The mission of JFMIP is to improve financial management
practices in the government through a joint and cooperative
effort. I am supported by the U.S. Department of Treasury, the
General Accounting Office, the Office of Management and Budget,
the Office of Personnel Management and all Federal agencies.
The major JFMIP responsibilities with respect to Federal
financial management systems includes issuing financial system
requirements, testing and qualifying core financial software
for agency use, and facilitating information exchange among all
stakeholders, both public and private sectors.
Regarding financial system requirements, JFMIP has been in
the business of issuing financial management systems
requirements documents since the 1980's. The framework for
Federal financial management systems describes the Federal
agency system architecture as including core financial system,
managerial cost accounting, and 13 feeder systems.
System requirement documents serve many roles. They
facilitate the exchange of software for common administrative
functions within the Federal Government; they help organize the
private sector market by communicating mandatory functionality
that commercial software must be able to provide to the Federal
Government, as well as identifying value-added features desired
by Federal agencies; they provide benchmarks for agency
compliances under FFMIA and have served as a tool for oversight
agencies to evaluate systems; and they also help agencies
justify system improvements or replacements.
Upon the passage of FFMIA in 1996, requirements documents
existed only for the core financial system, and 6 of the 13
subsidiary systems. Several of those documents needed to be
updated for recent laws and regulatory revisions.
Since 1998, JFMIP undertook efforts to bring all existing
documents up to date and to develop documents for those
functions where none had existed before. I brought a little
color coded slide here for you that shows the progress in 2\1/
2\ years. The green are those documents that have been updated
and reissued since 1998. The orange are those that are under
way, including benefits, grants and property management
systems; inventory system was issued in 1995; and those in
blue, which includes acquisition, revenue, budget formulation
and insurance claim systems, are yet to be worked on. But we
have plans to address them starting by 2001.
The second area I would like to highlight is the core
financial system testing and qualification process. In 1998,
the CFO Council and the JFMIP partnered to reengineer the core
financial systems testing and qualification and procurement
processes to improve the availability of commercial software
and to improve the chances that agencies can successfully
implement new systems.
Prior to 1999, the testing of core financial systems
software was accomplished in connection with the mandatory
General Services Administration schedule for Federal financial
management systems software. Information regarding the testing
process was limited. The test addressed less than one-third of
the existing requirements, and arrangements for software
testing relied upon agency volunteers and other ad hoc
arrangements.
The CFO Council recommended, one, the establishment of a
program management office under JFMIP with responsibility for
developing tools and capabilities necessary to improve
financial systems across the Federal Government; two, the
separation of the test and qualification process from the
procurement process to allow visibility of the testing; and,
three, the establishment of an electronic knowledgebase to
share information widely.
October 1, 1999, marked the transition to the new process.
The components of that new process included up-to-date core
financial system requirements, complemented by the
identification and prioritization of value-added features
desired by Federal agencies; an open and comprehensive testing
and qualification process that tests, in whole or in part, all
testable mandatory requirements; the modification of OMB
Circular A-127 ``Financial Management Systems'' to eliminate
the mandatory FMSs schedule and to allow agencies to procure
under any procurement vehicle, as long as agencies procure
software for core financial systems that have been qualified by
JFMIP.
The purpose of the testing was to reduce risk to the
government, produce useful information, reduce agency test
effort, and provide critical information to commercial business
partners to allow them to be successful in providing core
accounting software that meets Federal requirements.
The JFMIP test is efficient. It is 166 test steps that test
91 percent of the mandatory requirements fully or partially,
and GAO helped us validate this test.
As of May 2000, nine software products offered by seven
vendors have received certificates of compliance.
JFMIP maintains the current list of qualified software on
the knowledgebase along with information about value-added
features and our test methodologies.
In addition, our testing process is designed to ensure that
our commercial business partners update their products to meet
new Federal requirements. When a software package passes, JFMIP
issues that certificate for 3 years. If Federal requirements
change during that 3-year period, we institute and implement an
incremental test the vendor must pass in order to retain that
certificate of compliance. In 2000, JFMIP will be administering
the first incremental test to ensure that software can support
the Federal Agencies' Centralized Trial-Balance System, FACTS
II. Those in the business know that acronym. That is the
reporting process for budget formulation data and budget
execution data to the Office of Management and Budget and the
Treasury.
Other JFMIP efforts to improve financial management systems
include improving the financial systems compliance review
process, which Mr. Gotbaum mentioned; developing a road map
that provides accessible information to help agencies manage
full life cycle of financial management system planning,
implementation and management; and, finally, building capacity
within the Federal financial management work force to manage
transition to the next generation of financial management
systems.
In summary, JFMIP is leveraging resources to provide system
requirements, testing and tools, and, in doing so, demonstrates
commitment among Federal stakeholders to address common system
challenges in a cost-effective manner. In the short term, the
payoff has been to reduce agencies' costs and risks in
replacing systems. The longer term payoff will help in
achieving the goals of the FFMIA.
Thank you very much.
Mr. Horn. Thank you.
[The prepared statement of Mrs. Alderman follows:]
[GRAPHIC] [TIFF OMITTED] T1731.031
[GRAPHIC] [TIFF OMITTED] T1731.032
[GRAPHIC] [TIFF OMITTED] T1731.033
[GRAPHIC] [TIFF OMITTED] T1731.034
[GRAPHIC] [TIFF OMITTED] T1731.035
[GRAPHIC] [TIFF OMITTED] T1731.036
[GRAPHIC] [TIFF OMITTED] T1731.037
Mr. Horn. We now move the to the departments. We start with
Mr. Thomas P. Skelly, the Director of Budget Service and Acting
Chief Financial Officer for the Department of Education.
STATEMENT OF THOMAS P. SKELLY, DIRECTOR, BUDGET SERVICE AND
ACTING CHIEF FINANCIAL OFFICER, DEPARTMENT OF EDUCATION
Mr. Skelly. Thank you, Mr. Chairman and Mr. Ose.
In sum, the Department of Education has not complied with
the FFMIA. We have made significant progress, we believe, in
addressing some of the requirements, but we are not in full
compliance today. I would like to discuss several areas in
which we have made progresses and a few challenges we have.
One significant area of progress is that we have developed
the remediation plan requirement by the act. We believe it is a
good plan. GAO did a report and indicated that it thought if we
implemented that plan fully, if we had good success, we would
have a fairly good chance of complying with the act. We are
about halfway through implementation of that plan, and we think
we are on schedule.
A second area of progress, critical part of the plan, was
replacing our general ledger system. We had acquired a general
ledger system back in 1995. It didn't work. We had implemented
in 1998. It didn't do the things we thought it would do, it
didn't produce integrated financial statements, it did not
generate our statements at the end of the year.
What we did in March following selection of a product that
was on the JFMIP schedule was to go out and buy Oracle
financial software. We think the Oracle package will do the job
for us. We are in the design stage now. We think it will be
late 2001 before we have implemented it fully. We are phasing
it overtime, not trying to do it all at once, but we think we
will meet that schedule.
We did do extensive testing of the product beyond what
JFMIP had done to make sure that it could do the end-of-year
closeout for us and cover both our proprietary accounts and our
budgetary accounts simultaneously.
The third area of progress we have made is to do more
timely reconciliations of our data. We are now doing interim
statements, and we are also doing monthly reconciliations.
Reconciliations and lack of those and the quality of data is
the weakness that has been cited by our independent end
auditors, Ernst & Young, by the GAO and the Inspector General.
To help us expedite our reconciliation process, we acquired
some software from a company called CheckFree. It is a software
tool that banks use to help them do their reconciliation
balances at the end of the day. It has greatly automated our
process, and we are doing it much faster than we did before.
Those are three areas of progress, the planned Oracle
software acquisition and the more prompt reconciliations, but
we do see challenges. Those challenges would include the time
that we need to implement this new system, given the complexity
of our appropriations.
Our Department of Education has over 200 appropriations, it
has 175 programs, we give out $75 billion per year in loans,
grants, formula grants, discretionary grants. We have
contracts. We have administrative funds. We have a lot of
activity going on. We have several, 14 in fact, feeder systems.
Those feeder systems, which took a while to get compliant with
Y2K last year, are supposed to send in information to our
accounting system so we can produce one set of accounting
statements. We do think that is a challenge.
A second challenge is that the standards keep changing.
They should evolve over time. The world changes, people expect
additional data. In 1997, the Department of Education did get a
clean opinion. Only three statements were required in 1997. In
1998 and 1999, five were required. We didn't get a clean
opinion in 1999 and 1999. We did have to make some additional
changes to create those new statements.
Another example of standards changing is direct loans. The
accounting standards we got on those run 57 pages.
A third challenge that we have is just the competing times
for our demand and attention. We have not just FFMIA, we have
the Integrity Act passed earlier, the CFO Act, the GMRA, the
Clinger-Cohen Act, and other acts and requirements, things we
need to fulfill. We have to make choices about what we do. We
have to require resources and apply those.
At the Department of Education we are committed to our
remediation plan that involves our successful implementation of
Oracle financial software. We think that should lead to
integrated financial statements, timely production of data. The
new integrated systems plus our increased attention to
reconciliation data quality should get us into compliance with
FFMIA and address many of our other competing priorities at the
same time.
Mr. Chairman, I would be glad to answer your or Mr. Ose's
questions.
Mr. Horn. Well, appreciate that.
[The prepared statement of Mr. Skelly follows:]
[GRAPHIC] [TIFF OMITTED] T1731.038
[GRAPHIC] [TIFF OMITTED] T1731.039
[GRAPHIC] [TIFF OMITTED] T1731.040
[GRAPHIC] [TIFF OMITTED] T1731.041
[GRAPHIC] [TIFF OMITTED] T1731.042
[GRAPHIC] [TIFF OMITTED] T1731.043
Mr. Horn. Next is the National Aeronautics and Space
Administration, Arnold Holz, the Chief Financial Officer. We
are glad to have you here again.
STATEMENT OF ARNOLD G. HOLZ, CHIEF FINANCIAL OFFICER, NATIONAL
AERONAUTICS AND SPACE ADMINISTRATION; ACCOMPANIED BY KENNETH J.
WINTER, DEPUTY CHIEF FINANCIAL OFFICER
Mr. Holz. Thank you, Mr. Chairman. Good morning, Mr.
Chairman.
Mr. Horn. I might say you are accompanied by Mr. Winter,
the Deputy Chief Financial Officer.
Mr. Holz. And very fortunate I am indeed.
I am Arnold Holz, Chief Financial Officer at the National
Aeronautics and Space Administration. I am here today to
highlight the progress and challenges that NASA addressed in
implementing the Federal Financial Management Improvement Act.
I am pleased to report we are in compliance with the act.
Achieving and maintaining compliance has been extremely
challenging. In that regard, we continue to face major
challenges. These include the need for strengthened systems and
staff capabilities to efficiently sustain compliance and to
provide required agency financial management information.
NASA's efforts to achieve compliance with the Federal
Management Improvement Act predate the act's enactment. For
example, NASA began preparing agency-wide financial statements
for fiscal year 1992, several years before required. We
obtained our first of six consistent unqualified clean opinions
for fiscal year 1994. NASA, like other agencies, encountered
and addressed a variety of challenges in obtaining clean
opinions and in achieving compliance with the act. The
challenges included key cost accounting and property, plant and
equipment complications.
Our basic approach follows. We anticipated the challenges,
and we started early. We evaluated and tested analytical and
process alternatives. We implemented workable improvements. We
coordinated improvements with our independent auditor, first
the IG, and then later Arthur Anderson, and we disclosed
related information in annual reports.
We anticipate several ongoing challenges, two major future
challenges focus on systems and staff. NASA's existing systems
are decentralized and inefficient. They are not fully
automated, they are not fully integrated, and they are not
fully standardized. Recognizing these inefficiencies, NASA has
initiated a new effort to implement a standard, efficient,
integrated, agency-wide financial management system. Based on
prior experience, the new system initiative is expected to be
extremely challenging.
NASA's staff is the critical element of our success. In
that regard we have initiated a comprehensive staff development
program to ensure that staff capabilities remain commensurate
with the future challenges. Individuals are strongly encouraged
to develop individual development plans, and resources have
been made available for professional development activities
such as classroom training, rotational assignments and other
career-enhancing activities.
NASA can point to success in achieving quality reporting,
clean opinions and compliance with the Federal Financial
Management Improvement Act. Such success was achieved by
anticipating the challenges and assessing remedies and actively
implementing required supplemental improvements. We plan to
continue to pursue and achieve similar future financial
management excellence.
Mr. Chairman, that completes a summary of my more detailed
statement. I would be pleased to respond to any questions of
you or Mr. Ose.
Mr. Horn. Thank you very much.
[The prepared statement of Mr. Holz follows:]
[GRAPHIC] [TIFF OMITTED] T1731.044
[GRAPHIC] [TIFF OMITTED] T1731.045
[GRAPHIC] [TIFF OMITTED] T1731.046
[GRAPHIC] [TIFF OMITTED] T1731.047
[GRAPHIC] [TIFF OMITTED] T1731.048
[GRAPHIC] [TIFF OMITTED] T1731.049
[GRAPHIC] [TIFF OMITTED] T1731.050
Mr. Horn. I now yield to my colleague from California, Mr.
Ose, for such time as he may consume to question the witnesses.
Mr. Ose. Thank you, Mr. Chairman. I have a number of
questions, and I am going to move through them as methodically
as I can.
Mr. Holz, you have achieved compliance with the FFMIA, and
you have a clean opinion. What I am trying to understand
clearly from an in-the-field perspective is how does compliance
with FFMIA work hand in hand with achieving or receiving a
clean audit opinion? Just give me some sense of that, if you
would, please.
Mr. Holz. Yes. I would like to use the word framework
sometimes. Achieving a clean opinion requires that financial
data must be presented fairly in accordance with generally
accepted accounting principles. The act requires, among other
things, adequate financial systems that produce timely,
accurate, reliable financial data and adoption of Federal
accounting standards. Compliance with these FFMIA requirements
fully supports the preparation of financial statements that are
accurate and reliable and consistent with Federal accounting
standards, thereby facilitating the receipt of a clean opinion.
Mr. Ose. I know that Mr. Skelly referenced this not only in
his statement but also his written statement. NASA's books, if
you will, you check them against the Treasury frequently,
infrequently? On a periodic basis, how often do you reconcile?
Mr. Winter. Monthly.
Mr. Ose. How long did it take you to get to that? In other
words, have you been doing that forever?
Mr. Winter. Yes, we have been doing that for years. But the
initial reconciliations were not as clean as the ones we are in
now.
Mr. Ose. So it is an incremental process?
Mr. Winter. Yes.
Mr. Ose. Mr. Skelly, at the Department of Education in
particular, the greatest challenges that you face are what? I
read the part about the Treasury number and all that, but what
is your biggest challenge there?
Mr. Skelly. The biggest one is probably just the time, the
time it will take us to try to get this new system, Oracle, up,
while we are trying to do other things at the same time. We
have, again, a very complex set of accounts. We have over 200
individual appropriations that we have to track, a number of
different programs. We have feeder systems, for example, that
provide us data from the guaranteed student loan program or the
direct student loan program, from our impact aid program. The
data in all those systems is not necessarily good when we get
it, so it requires going back to the folks who work with those
systems and making sure we have the best data possible. It is
not easy to just push one button and get all the data from the
14 feeder systems and have it feed into the general ledger
systems so we can produce our automated systems.
Mr. Ose. We are going to have to break this down a little
bit, because you are going to have to speak--you are going to
have to lower your intellectual level when you speak to me.
Break it down into smaller words, if you would.
What I understand you to be saying is that DOE has a
system, Oracle, that it has purchased to replace a similar
system that it purchased in 1995 and that the pieces of your
books that feed into that don't necessarily have the same
architecture in their systems.
Mr. Skelly. That is true.
Mr. Ose. OK. Now, what is it that DOE is doing to reconcile
that specific issue? In other words, are you going backward
down the chain to standardize the systems, or are attempts
being made in a different manner to make sure that the things
recognize them?
Mr. Skelly. We are trying to do some of both--from the
bottom up and from the top down. It is a coincidence, almost,
that the Oracle software is the same computer platform that is
used already for our student financial aid programs.
Mr. Ose. That is good planning. That is not a coincidence.
Mr. Skelly. That is a very long story. But it is also the
software that was used for some of our financial data that is
in our grants payments system. So you have two of these feeder
systems using the same software, so it will make it relatively
easy, we hope, to have standardized accounting coding when we
do tie all of the systems together.
Mr. Ose. In terms of--if full compliance has a value of
one, how far along are you--0.5, 0.7?
Mr. Skelly. There are three key elements that the act
requires. One is that we comply with Federal financial
management systems requirements, a second is we have to meet
all the Federal accounting standards, and a third is that the
U.S. general ledger at the transaction level is something we
comply with. I think we are halfway there.
Mr. Ose. On an overall basis?
Mr. Skelly. On an overall basis.
Mr. Ose. Let me shift, if I may, to Mr. Gotbaum. I want to
talk for a minute about the remediation plans. The act itself
is very specific about when a remediation plan is supposed to
be delivered and the like, and we do have some apparent
problems by virtue of the reports we have received on the
opinions in different agencies.
In terms of the remediation plans, it is my understanding
that only 3 of the 21 agencies met the deadline in September
for submitting their plans. What I am curious about is what is
OMB's approach to addressing that problem so that such
remediation plans are submitted timely?
Mr. Gotbaum. Mr. Ose, if I communicated that in my
statement, that is not true, and it is a disservice to the
agency.
Mr. Ose. Go ahead.
Mr. Gotbaum. Most agencies do not comply with FFMIA. If
they don't, as the law says, the agency head is required to
develop a remediation plan and submit it to us. All of the
agencies that do not comply with FFMIA have submitted to OMB
remediation plans. Some of those remediation plans are
documents that I would be comfortable showing before this
committee; and some of those remediation plans, frankly, need a
little remediation. But just to be clear, every agency is
complying with the procedural requirement of the law that if
they are out of compliance, they submit to us a plan.
Just to finish the point, some of those plans talk about
compliance within 3 years, and some of those plans are honest
and say this is going to take longer than that. For example,
the Department of Defense, which we all recognize is our
largest management challenge, it makes no bones about it. They
say we are working to integrate our systems and we are working
to get rid of legacy systems and both modernize and consolidate
at the same time; and they, to my view commendably and
honestly, say we are working on this as fast as we can; it is
going to take longer than 3 years.
So we have in-house at OMB remediation plans from all but
five agencies. Those are five agencies that say that they are
in compliance with FFMIA.
Mr. Ose. Let me rephrase my question. You have got
remediation plans submitted from all the agencies. The act
talks about a specific time line during which those plans
should be submitted. If I could be more specific, how many of
the agencies have submitted their remediation plans on time?
Mr. Gotbaum. My understanding, Mr. Ose, is that for those
agencies that are required to have submitted their plans by now
have done so. Because the law, as you know, has this
architecture where the agencies develop a remediation plan and
submit it after they receive their audits. For example, for
fiscal year 1999 there are agencies for which the deadline has
not yet come; and we have not yet received plans for those
agencies. Based on fiscal year 1998, everybody who owed one
sent us one.
Mr. Ose. I am trying to get to the September deadline. If I
understand correctly, and then I appreciate the clarification,
for the deadline that passed September 30, 1999, of the 21
agencies that were supposed to submit remediation plans, only 3
did on time. You may have received them since. I am trying to
make sure I understand that.
Mr. Gotbaum. Mr. Ose, I don't want to mislead you. Maybe
the best thing, if I may, is to task us to list agency by
agency when a report is due, and whether we have received it.
Because since the act talks about submitting a remediation plan
after you receive your audit and the audit is due March 1, we
are right now in the 4-month window between March 1 and the
time when we expect to receive fiscal year 1999 remediation
plans. Mr. Horn will be amused to note, for example, that the
Department of State, which has yet to produce an audit, has
produced a remediation plan. So in general we have received
them.
If I may, with the forbearance of the committee, let me
submit for the record a list agency by agency of when the
effective deadline is and whether we have received it. Would
that be helpful?
Mr. Ose. If you could do that, for instance, by year, like
1998, 1999, that way we could get some sense of progression, if
you will.
Mr. Horn. Without objection, that presentation will be put
in the record at this point.
[The information referred to follows:]
[GRAPHIC] [TIFF OMITTED] T1731.051
[GRAPHIC] [TIFF OMITTED] T1731.052
Mr. Ose. Mr. Steinhoff, let me try it with you here on
this. In terms of this process on the remediation plans that
have been submitted, are we complying in a timely fashion? And
if we are not, what additional efforts do you believe OMB could
be doing to ensure that such plans are adequately designed and
timely submitted?
Mr. Steinhoff. With respect to whether they are on time or
not, we did look at the fiscal year 1997 submissions. We are
now looking at the fiscal year 1998 submissions and will be
reporting according to the act by October 1 of this year.
There were several that did not in the past submit
remediation plans on time, State being one, I believe it is now
in, but State did not file a remediation plan until recently.
Three others for which management did not agree with the
auditor FEMA, SSA and OPM--did not in fact file remediation
plans, to my knowledge.
These plans are important. I worked very closely with
Senator Brown and his staff when he was fashioning this bill.
He was a CPA as well as a lawyer, and he knew the importance of
the underlying systems. And he knew, getting back to one of
your previous questions, that you could attain a clean audit
opinion by going through heroic efforts, such as ad hoc
procedures, to compile numbers, but not have good underlying
systems, which is the end game, which is what business expects
and what world-class organizations want to have on a day-to-day
basis. So he put in place this mechanism to report back on the
underlying systems.
It was expected that the remediation plans be very
important, and it is key that people get behind those plans and
do a couple of things: One, make a determination whether or not
the agency involved really has the capacity to carry out the
plan. Do they have the qualified people? Do they have a
disciplined process in place? Are they making sure they go from
A to B before they go to C? Are they following Clinger-Cohen?
Two, it is very important that milestone dates be provided. And
perhaps rather than once-a-year reporting, in this case about
1-year lag time, you would have periodic reporting, perhaps
once a quarter, where agencies are showing how they are meeting
certain milestones.
Developing systems is difficult work, as I mentioned
before, heavy lifting. The experiences of the past have not
always been good.
People do go in optimistic. I am wishing Mr. Skelly well,
but the previous team at Education also thought they were going
to get to the end game back in 1995, and they didn't. It is a
tough job; and it is very, very key that these issues be really
kept at the forefront, that people focused on progress on a
regular basis, and that there be clear accountability for
results.
Mr. Ose. I want to diverge a little bit from my questions
here, Mr. Chairman, if I may.
I think the point Mr. Steinhoff is making is particularly
apt as you look at his first point in terms of an agency's
ability to comply, without being judgmental about their
intention but the ability. If I could read between the lines,
one of the difficulties we have, it seems, is that we have
people who while seeking the objective may not have, for
instance, the training they may need in this particular area
and then we get caught in this little box.
If I could, I would like to suggest perhaps some future
point maybe we want to look at the training that we provide
within our auditor corps as just a standard operating question.
Mr. Horn. I think that's an excellent idea.
Mr. Ose. Let me go on, if I can.
Mr. Gotbaum, going back to the 3-year time line, the act
requires the substantial--the act requires that if an agency
cannot be in substantial compliance within 3 years from the
date of a determination, then that agency must specify its most
feasible date by which compliance can be met.
My question is: What agency currently is identified as
having the latest compliance date and what is that date?
Mr. Gotbaum. I think, Mr. Ose, the agency that all folks
agree is the furthest from this goal, including that agency
itself, is the Department of Defense. And as I mentioned in my
oral testimony, they honestly cannot give us a date that passes
muster with them, much less with me or Jeff Steinhoff, as to
when they can do this. What they have done is they have said,
``Here is our plan for consolidation of systems and for
modernization of systems for the next 3 to 5 years,'' and they
have laid that out before us.
That's a case where we actually meet with them, how often,
once a quarter at this point?
Mr. Steinhoff. Probably every 2 months.
Mr. Gotbaum. OK. We and GAO meet with them, in effect, to
say how is it going? But they make no bones about the fact that
they have so many systems, such a large consolidation job, that
they can't do this within the 3-year timeframe. There is always
a judgment, sir, you make about how you use a deadline.
Our view, and it is controvertible, is that we use a
deadline to encourage, to nudge, to make sure that people, in
fact, are doing what they need to do. So what we have said to
the Department of Defense and to other agencies on their
remediation plans is tell us what you think is realistic and
work at it.
We have discovered, even with agencies that are really good
that it takes time. For example, Arnie Holz and the folks at
NASA, who are very good, and who have done a terrific job, in
the process of their systems modernization had to start over
again once, at least once.
So what we find is that it is important, that there be
continuing pressure and oversight from you as well as from us.
That's the reason why we think this hearing is so important. It
is very hard to get a time line on a plan that you can
absolutely rely on when you are talking about installing a
system.
So what we do is we say: give us the plan and report to us
periodically about it.
We think that's the most effective way to get progress.
Mr. Ose. If I could just offer one observation. NASA has a
system that--excuse me, their system reports really are a
function of, by the testimony, a nonintegrated financial
system, much as you have just described. Yet, they are in
compliance.
Now, the question I have is, are the programs so big at
some of these other agencies that we can't get there or do we
want to take Mr. Holz' team and bring them over here and set
them to work on that?
Mr. Gotbaum. Actually, you should know, Mr. Ose, what the
folks at the Department of Agriculture did on this. It is very
commendable, because as I am sure you know there is a history
in the Federal Government of ``not invented here'' so that each
agency thinks their problem is unique. But very commendably the
CFO of the Department of Agriculture, Sally Thompson, saw a
team in the Internal Revenue Service that had just implemented
a new system. Obviously, the IRS has its own problems and its
own challenges, but they had implemented one system that works
over there and she moved them lock, stock and barrel over to
the Department of Agriculture to install their system.
Mr. Ose. Did it work?
Mr. Gotbaum. It is being implemented. So it is too soon to
say. It is too soon to say. They are working on it.
I think the fairest thing to say, Mr. Ose, is that since
organizations outside government have, in fact, implemented
financial systems. This was Jeff Steinhoff's point about world
class finance. Organizations outside government have
implemented financial systems that are integrated and do
provide data reliably. It can be done.
In the Federal Government, because of our tradition of
stove-piping and decentralization, it is harder. In the same
way that over the past 10 years we got financial systems where
they didn't exist before and now we have clean audits in half
the agencies, we can do this; we can get there.
That's why, as I said in my testimony, what this requires
from you all is a combination of both patience and pressure.
This is not a case in which an agency is going to be able to,
in most cases, check the box and convince either us or you that
they are doing the right job or they are not doing the right
job. This is a case where time after time, periodically, you
need to call folks forward as we do, and say what have you
done? Because some of those times it will be like NASA where
they comply with FFMIA but still have a ways to go. Other times
they will be like Education, where they do not comply with
FFMIA but, again, they are trying to install a new system.
We have no guarantees and there are no guarantees that the
system that NASA is putting in now or the system that Education
is putting in now will at the end of the day work the way we
want it. This is not like Windows 95 where you just put it in
the machine and boot it up.
So what we think is important is that they work at it
seriously, and in most cases they are. It is important that
they know that we are watching and that you are watching and
that, as Jeff Steinhoff suggested, that they report on it
periodically so that the pressure stays on.
Mr. Ose. Let me, if I could then, hijack your point then
and go to Mr. Holz and make the point that while NASA doesn't
have a single integrated financial management system, you are
in compliance with the act and, as I understand it, you have a
clean opinion.
Now, I am tempted to ask, how could this happen?
Mr. Holz. That's a good question. Each year, as part of its
process, as part of its ongoing process, NASA has to match up
its systems and processes and its policies against criteria
that are established. I guess pursuant to the act and with OMB
the auditing standards, we have to apply against those
criterion to determine whether we are substantially in
compliance or not. The mechanism provides for substantially in
compliance.
We are substantially in compliance so we meet that test.
About you are--and we do have good policies and procedures and
we have put in compensating controls and processes to make sure
that our nonintegrated systems can provide the information
necessary.
NASA has all kinds of systems providing all kinds of data
at many different levels and details to support management but
it is not integrated and it is not standard across the agency.
Again, the point is that we meet the test against criteria
for substantial compliance. Do we want a fully integrated
financial management system that applies standard processes in
software and transactions across the agency in an efficient,
timely fashion? You bet we do.
Now, to get that is, in itself, a very significant
challenge from several perspectives. One, it is a very
difficult management challenge because it requires change. You
are talking about changed management. It is not, as my
colleague here mentioned, it is not just a matter of pushing a
button. You cannot understand--no, you can understand, you need
to understand the difficulty that changed management requires
as you move from typical legacy systems, which were entrenched
in everybody's mind, and move to a more state-of-the-art with
all of its complexity in order to get the benefits that you
choose.
So let's see, where was I going? One was the management
challenge and the other--I think the other, frankly, has to do
with the Federal Government is evolving rather rapidly in the
ability to acquire appropriate, adequate systems that work. You
couple together the currentness of the emerging technology
that's coming available through new software products, along
with the changed management, to fit yourself back into that
software in your business processes, you couple that together
and that is an extremely serious, difficult challenge to
overcome. As good as we are at NASA, as good as we are at NASA,
I don't want to underestimate the complexity of that challenge.
Now we are going to work that management challenge because
we want an integrated system that provides more timely data.
But in terms of your question about compliance, that's how we
got there. It is a question of matching up against criteria
provided in the act and in the auditing standards that allow
for substantial requirements--substantial compliance.
If that language was not there, we would have difficulty
with it. But we are able to achieve the annual audited
financial requirements. We are able to track our transactions
back through a standard general ledger process. Our systems are
nonintegrated but we have compensating controls in place.
We have good, strong, financial management policies which
we follow and enforce, and if you will let me have one more
minute here, I want to go back to a word that I think Jeff
Gotbaum used in the beginning when he enumerated about four
things.
Jeff, was the first word ``intensity?'' I wrote it down,
and I think it was intensity. If not, intensity is important
because you need an intense and concentrated, clear focus on
what you are trying to accomplish.
The other thing is, that Jeff mentioned, was difficult. It
is difficult. It can't be business as usual. To get clean
opinions takes a lot of hard work by a lot of smart people, and
you have to work at it every day. You have to work at it every
day, whether you have good modern systems or whether you don't.
So, geez, I have given you a long answer to your question.
Well, I am fired up. I love this work. I have been doing it all
my life.
Mr. Ose. Your answer actually begs a question that we all
have, is that when do you expect NASA to have a single
integrated financial management system?
Mr. Holz. Well, Jeff mentioned we started down this road
before and frankly we were unsuccessful because the software
that we had acquired couldn't measure up and do the job. So we
are in the process of getting out of that and we are
revectoring into a new initiative where we are going to use the
JFMIP schedules and processes.
I made a mistake once before about saying when we were
going to do it and I am not going to do that again. The lessons
learned, we are going to crawl before we walk. We are going to
test and proof before we buy. We are going to run prototypes.
We are going to get down to a software that's going to work for
this agency. Core financial is the primary No. 1 thing we are
going to do. The other functions are going to be discrete
activities that will tag along. We are going to take this
overly complicated process and make it as clear, focused and
simple as possible and we are going to push until we get it,
but basically we are going to buy software that works. And if
it doesn't, we are going to mitigate our risk by keeping it
incrementally small until we prove it and then we are going to
roll it out across the agency.
We have 10 centers, 10 different cultures at work here, and
the challenge will be to hold all that together. But we are
going to do it based on proven software and techniques, not
unproven. A little different than what we did before.
Mr. Ose. I can understand your reluctance about the date.
Let's explore this a little bit further.
Of the 10 centers that you have, how many centers per year
are you bringing into the fold, so to speak, for standardizing
the approaches?
Mr. Holz. The first thing we want to understand, simply,
and understand I am going with you here because I believe in
what we are doing and yet I am very concerned about the
challenge and I want this to be a success story in the end. My
good colleague here, he talked a little bit about he was
getting into things like conversion issues, cleaning up data,
turning on new systems. When you do that, experience would tell
me you have a good year or two of shake-out.
Mr. Ose. Per center or overall?
Mr. Holz. Per implementation.
Mr. Ose. All right.
Mr. Holz. A lot of that depends on--I mean, if you have a
very small organization, one location, you are in control of
everything and it is very neatly packaged, I would say a year
to 18 months before you are done, before you get through a
complete cycle, shake out all the difficulties and then have a
good closing procedures.
You multiply that times 10 complex arrangements, you better
know the results of the first 1 before you start down the other
9 because you could create utter chaos and loss of control. One
thing we are not going to do is lose control.
So we are going to do it in a pilot center. We are going to
make sure that we know we have this thing adequately under
control, and then based on what we learned from that first
conversion and implementation at that pilot we will then build
that experience into our scheduling and process.
Mr. Ose. Is the pilot conversion underway?
Mr. Holz. No, because we are in acquisition right now. We
are beginning to go down the acquisition process.
Mr. Ose. Have you started the testing of the acquired model
yet?
Mr. Holz. Our process will be to down select from a number
of--I don't know if my terminology is right here. I am not a
procurement person so I will do the best I can, but we are in
the process of going from the several that are on the schedule
down to three, and then we will dig further into those three
and go to two and then we will configure, test and prove the
two and then we will get to one. When we get to the one, that's
the one we will pilot.
So the process is----
Mr. Ose. When do you think you will get to the one?
Mr. Holz. October. We will probably have a contract by
November, right around the end of October.
Mr. Ose. Of this calendar year?
Mr. Holz. Yes, sir. Once we know that one, that's the one
that's going to be standard throughout the agency.
Mr. Ose. Then from there you roll it out to one of the
centers to test?
Mr. Holz. We will start at one center and then we will get
into implementation at that center and then, based on what we
learn from that, we will establish a roll-out schedule for the
rest of the agency. It is not going to take forever but I am
not going to tell you it is 2 years either because I just don't
know yet.
This is not to be fooled with. You are talking about the
fundamental internal accounting controls that affect
disbursements and moneys pursuant to appropriations. You have
to be very careful that you don't lose the integrity of your
system. You can easily do that if you make it too big too fast.
Mr. Ose. If I understand----
Mr. Holz. That's just my perspective here based on some
years of having done this effort.
Mr. Ose. I am trying to synthesize your comments into one
timeframe, if I can, and that is that commencing in October or
November the selected system will be rolled out to a center, 1
of your 10 centers; that it will take somewhere between 12 and
18 months to fully implement that and take it through a cycle
and test it; and that subsequent to that opinion on the results
of that pilot, it would then be spread to the other 9 sites?
Mr. Holz. I don't think it will be as serial as you
described it, but you have the general--you have the drift of
it but I don't think it is going to be as serial. In other
words, we are not going to wait until the end to make the
decision about No. 2 but we will be enough into it that we will
have the comfort level that yes, A, this is the package; B, it
is implemented within a reasonable timeframe; and, C, that we
will not put the agency at total risk by doing it. We will have
a sensible plan organized to a rollout that makes sense as fast
as we possibly can achieve but with good information to back
that up.
In the meantime, we will continue to press forward with
unending intensity to maintain our clean opinions and keep our
compensating processes in place as we migrate from an older,
inefficient way to a much newer and better way.
Mr. Ose. I want to compliment NASA on the approach. I mean,
I just--I would tell you that if I couldn't close my books on a
monthly basis, I went back to a weekly basis and I will
guarantee you every business has that. There were times when I
couldn't close them on a weekly basis and I had to go to a
daily basis just to correct the thing. So I appreciate the--and
mine was a very small business, so I appreciate the difficulty
that you are facing and the serious effort that you are putting
into it.
I want to go back for a minute, Mr. Gotbaum. The comment
was made that, my recollection, it is just tickling my brain,
is that in most cases agencies are working seriously to meet
FFMIA requirements, which says that there are some that are
not.
My question is: Which agencies are not--were you referring
to by exclusion as having not being--how do you even say this?
Which agencies were you referring to as working--or not working
seriously to meet the FFMIA requirements? It is the ``in most
cases'' thing.
Mr. Gotbaum. Mr. Ose, the last time I testified before Mr.
Horn I mentioned that one of the things that we at OMB tried
not to do was to hold examples of public criticism out. What we
find is that for our function, which we know is different from
your function, the process of public criticism by OMB is, less
effective than the process of private criticism.
So if I could----
Mr. Ose. Let me rephrase the question. Which agencies would
you suggest that Mr. Horn and myself and other members of this
committee particularly focus our interest on?
Mr. Gotbaum. I am not sure, Mr. Ose, I can answer the
question in that way. What I would like to do, if I could, is
when we come back to you on who has provided what remediation
plans on a timely basis, I think you can get a sense then of
who is paying attention to this and who is paying less
attention.
Mr. Ose. Before you leave that point, I want to make sure I
understand. When are we going to have that report or that
information back?
Mr. Gotbaum. I am going to try to do that one quickly.
Mr. Ose. Does that mean next week, a month?
Mr. Gotbaum. Yes.
Mr. Ose. OK.
Mr. Gotbaum. But I want to make the basic point, which is
that we don't find that most agencies don't care about this,
and I don't want to leave the committee with that impression.
Most agencies are working very, very hard to do this.
Now, part of the reason they are working very, very hard to
do this, interestingly enough, is because of the pressure
provided by you for clean opinions.
Mr. Ose. My question is, when you said most agencies are
working very, very hard, it means that some aren't. So you are
going to report that back to us some time in the next----
Mr. Gotbaum. We will report back to you which agencies have
turned in remediation plans on a timely basis and which ones
haven't.
But the point, Mr. Ose, that I want to make is that we find
that most agencies really are devoting very substantial
resources to modernizing their financial systems right now.
There are some, and we should be honest, you are our committee,
that during the Y2K effort put a lot of other IT work aside,
because if they blew Y2K they were going to shut their agencies
down. So there are agencies which are now moving from the
efforts on Y2K to upgrading and improving financial systems.
There are a fair number of them in that situation.
The point that I want to make is that there is no neat
touchstone. There is no neat box that you can check or not
check that says whether an agency does or does not have
priorities.
Just to give you some for instances: the Department of
Labor, which is not FFMIA compliant, is working hard now on
installing and improving a new H.R. and personnel system. That
is the Department of Labor. It cares for them intensely, etc.
This is something which matters to us and which Arnie would
tell you as a member of the CFO Council that the CFOs say. I
don't think I could say publicly or privately, and I don't
believe that that is a statement that modernizing their core
system is less important. I don't think that. I think what that
statement is that working on their core system and installing a
new personnel system is the right balance of priorities for
them.
So, Mr. Ose, I want to be quite clear that what we get from
agency after agency after agency--and we meet with all of them
that are not compliant--is that they are, in fact, working on
this. I think if you asked GAO this question they would confirm
that we get modernization or improvement efforts in every
agency we talk about. Whether those efforts are going to fill
the bill in the timeframe is unclear. That's a different story.
That's the reason why I think it is important that we recognize
the need for pressure on your part and the need for the fact
that this is going to take years.
Mr. Ose. I appreciate the clarity with which you are
covering the subject. I can assure you that there are at least
two members of this committee who wish to be very clear that we
are going to get these books in order so that they can get
clean opinions. If that's the pressure you wish to have us
bring to bear, I can guarantee you it is going to be there.
Mr. Gotbaum. That's just fine.
Mr. Ose. Now, if I may, I just want to come back that I
look forward to your report in terms of that information that
we just talked about.
Now, Ms. Alderman, I want to ask you a couple of questions
having to do with JFMIP. Can you elaborate on what the role of
the program is in terms of improving the Federal financial
management systems? What is the objective here?
Ms. Alderman. There are two principal roles with respect to
financial systems today. The first is, in statute and OMB
policy, we are responsible for issuing the system requirements
documents. These documents, once issued, represent the baseline
requirements for a function that all Federal agencies must meet
and they capture laws, governmentwide regulations and so forth.
That is the one and the longer standing responsibility of
JFMIP.
Commercial providers of services look at these documents to
understand what the Federal agencies need as a baseline.
Getting these documents up to snuff, getting them modernized to
reflect current requirements, has been a very strong push in
the last 2 years because there are so many agencies that now
have to replace their systems. Getting requirements out in
front of this wave has been a major undertaking and one that
has been participated in by the Federal agencies in leadership
positions who need to benefit by these documents. That's item
No. 1.
The second area has been the requirements testing and
qualification process for core financial systems. Federal
agencies that bought systems from the mandatory schedule prior
to 1999 did not really know, in any depth, how those softwares
were tested. They held assumptions that those products that
were on the GSA schedule met the JFMIP requirements. We did
update those core financial system requirements in 1999 ahead
of the new testing process. Of the 251 mandatory requirements
about 20 percent of the baseline changed to either new or
changed requirements. That is indicative of the amount of
legislative changes, changes in reporting requirements, and
changes due to new accounting standards since 1995.
So the testing process now is totally in the open domain.
It was developed through a consultative process. We put the
test out there with the expected results and all the test setup
data. It is an open book test for vendors. Agencies know how
the test is conducted. They can see the results of the test for
vendors who pass the test.
I will tell you that all the vendors whose products have
received certificates of compliance were on the old schedule;
but not the same versions of the software. I will tell you that
every vendor had to make significant improvements in their
software to pass the test.
So this is an example of really quality assuring at a
baseline level the products that Federal agencies use. So that
is item No. 2.
Those two items for core financial systems are not
sufficient. They are necessary for success but they are
certainly not sufficient. All those products that have passed
the test, that means they have baseline functionality. They can
do Federal reporting. They can do the proprietary and budgetary
accounting correctly. They can compute prompt pay correctly;
these types of things are federally unique requirements.
That doesn't mean that the architectures are all the same,
the IT architectures. It doesn't mean that the value added
features are all the same. It doesn't mean that the user
interfaces, or how difficult they are to use, are all the same.
It just gives a list that Federal agencies can use to do gap
analysis and make the best choice. It is a prequalified set of
products to meet their agency needs.
It is the beginning of a process, not the end, for
agencies.
Mr. Ose. You have just touched on something that I have
actually been reading quite a bit about and that's the IT
architectures of the different systems. I am diverging a little
bit from my questions here so we are going to make this up as
we go, but you brought it up, not me.
Ms. Alderman. I probably got myself in trouble, too.
Mr. Ose. How large of an issue does the IT architecture
question pose for the different agencies? That is, when we go
to the approved systems and this agency goes with this system
and that agency goes with that system, in terms of the overall
level of communication, how large of an issue is this?
Ms. Alderman. OK. I would first make a disclaimer that I am
not a computer scientist.
Mr. Ose. Ms. Alderman, you brought this issue up.
Ms. Alderman. But I will tell you that these products that
we have evaluated have--for one thing, the old installed base
that Federal agencies have are mainframe. Every single product
that we have qualified to date has either been a client server
or a Web-enabled product. So the skill sets from the old
systems to the new systems are different.
No. 2, some of these systems are more scalable than others.
Some of the products are well designed for a small agency with
few simultaneous users. Others, if you try to do that, the
system does not have adequate processing time. They are too
slow. So those are different types of issues.
So we know that agencies have to do a careful review of
whether product X fits on their platform, their data bases, and
are scalable to their needs.
Now, JFMIP can't do that for them. We cannot prequalify
that for them, but we tell them they really have to focus there
because if they don't they will have something that doesn't
respond timely; doesn't meet their operational requirements for
information.
Mr. Ose. You talked about a Web-enabled system. I want to
make sure I understand what that is. I have some sense, but
give us some sense of what you mean when you say a Web-enabled
system.
Ms. Alderman. What that means is the system may be designed
to be centrally managed and accessed through browsers as
opposed to hosted on a desktop. The client server sends and is
operated from there.
Mr. Ose. You would have an intranet, if you will?
Ms. Alderman. It relies on a certain type of communications
infrastructure and it does pose other issues in agencies who
implement them, such as security.
Mr. Ose. Security. I have that question down here. So we
will get to that one.
Mr. Horn. Could I interject a question at this point?
Mr. Ose. Certainly.
Mr. Horn. I ask the question to what degree are people
getting things off the shelf and making them work?
Did you learn anything from that that you might want to use
at NASA, Mr. Holz? I am just curious.
Mr. Holz. Well----
Mr. Horn. Like the checkoff?
Mr. Holz. The real benefit to the software vendors because
they are making a significant--is that better? Sorry. Thank
you.
The real benefit to these software vendors is, and to the
government, is to not only have standard practices in the
agencies but to use software consistently--you want to go out
and buy a license. You don't want to be changing code. If you
get down into software and start customizing it to meet fairly
unique requirements you are going to run into trouble because
you will be into a development process pretty quick, faster
than you can probably know it, and you want to avoid that if
you can.
So under the initiative that we are doing we are looking at
best practices, best business practices, and then we are going
to retrofit ourselves into those best practices and we will
only look for the software to solve those kind of problems for
us.
If there is some kind of a unique thing to NASA that we
have to do, we will do it outside the realm of that. We are not
going to go in and change software.
Is that partially responsive, or no?
Mr. Horn. Does the CFO Council get into this when you have
monthly meetings?
Mr. Holz. I would like to defer more to Josh on that
subject. I know we have committees that are looking at
software.
Mr. Gotbaum. Yes, the CFO Council has a couple of
committees. The systems committee is the one which deals with
this most frequently. As you know, Mr. Chairman, the way the
CFO Council works generically is when there are issues that
CFOs recognize are common issues, we spin off some project or
effort, etc., to do so.
This may be doing a disservice or paying a compliment to
JFMIP, but I view the project management office at JFMIP and
their work over the last 3 years as a collaborative effort with
the systems committee of the CFO Council: to elevate, first of
all, by putting up a set of standards, which they are doing.
Second, by setting up common testing procedures of commercial
systems, which they are doing; and then the third part, which
they don't advertise quite as broadly but which in my view is
at least as important, is they provide an informal ``nerve
net'' among agencies about experience across agencies. And so
when an agency is saying I am thinking about doing something,
the JFMIP staff knows, ``Yes, I had tried that and it didn't
work;'' or, ``Yes, the following two agencies have had
experience with that vendor and you have to watch out for X, Y,
and Z.'' So there is information sharing and a collaborative
process and it works throughout the JFMIP. Since we want to
give some credit where I think it is appropriate to note that
the systems committee of the CFO Council, which has been very
active in JFMIP's actions for all of the last 3 years.
Mr. Horn. I thank the gentleman.
Mr. Ose. I want to thank Chairman Horn.
Mr. Horn. Keep going.
Mr. Ose. All right.
Ms. Alderman, Mr. Gotbaum just referenced the communication
between the CFOs about the systems being tried in their
respective agencies under the JFMIP. In your opinion, has a
sufficient sustained commitment been made at the agency level
to implement these initiatives? I mean, are we actually making
progress here?
Ms. Alderman. The agencies have, part of what they do in
terms of disclosing to the commercial sector their plans, they
tell us what their plans are for replacements are and we post
that up on the knowledgebase. In the next 5 years, 13 out of
the 24 CFO agencies plan to replace their core financial
systems. Seventeen agencies indicate they plan to replace
feeder systems; very significant. We meet----
Mr. Gotbaum. And some of those that are, ``not planning
to'' are already in the process of doing so.
Ms. Alderman. Some of them are in the implementation--yes.
Some of the additional ones have already made procurements in
the last year.
These are ones who have not yet made them.
We meet with what we call a ``super user group.'' We invite
all the agencies in who are replacing their systems. We go
through all the information so that there is full understanding
of how we test; plus a discussion of the other needs that they
have.
We are developing a road map, what we call an
implementation road map, and that is collecting the information
and making it easily available to CFO agencies on all the
processes and considerations that they need to understand to be
successful.
So we are trying, through a supportive effort. By the way,
the Federal agencies pay for our existence, for the most part,
through a portion of their charge card refunds. So we are a
joint investment, if you will, on behalf of the Federal
agencies to collect this information and make it readily
available to them. So there is a lot of interest and a lot of
demand; probably more demand than we can supply given our
current resources. But they are truly interested and they want
to succeed. But they have terrific challenges: new technology
base, new products, new requirements and a staff that probably
hasn't been trained up on all these combination of techniques.
Thirteen percent of the current installed base is commercial-
off-the-shelf. That's not what they have to choose from in the
future.
Mr. Ose. In terms of our effort to, frankly, make this a
success, are there suggestions you would make about--specific
suggestions you would make about improvements we could make?
I would be happy to let you think about that and get back
to us.
Mr. Chairman, at this point if you would entertain a
question to be responded to later.
Mr. Horn. Without objection, it will be inserted at this
point in the record.
[The information referred to follows:]
[GRAPHIC] [TIFF OMITTED] T1731.053
Ms. Alderman. Will do.
Mr. Ose. Thank you. I want to go back to something that Ms.
Alderman hinted at in terms of the security of the systems, in
particular as it relates to, for instance, the Web-based
systems.
Mr. Steinhoff, on your poster here you have 19 of 20
agencies--excuse me, auditors finding in 19 of 20 agencies some
degree of weaknesses in computer security.
Is this particular--I am forgetting why I wrote this
question down. Just a minute here.
Is this the most significant problem you have identified--I
mean, you talk about five primary reasons agencies are not in
compliance. Is this the most significant?
Mr. Steinhoff. This is the most prevalent problem. It is
very important. Beginning in 1997, again in 1999, GAO
designated computer security as a high risk area--the recent
Melissa and ``I love you'' viruses, the threat of cyber
warfare, the ability to literally go into any system unimpeded;
we have been able to actually penetrate major systems in which
we could have destroyed all of the data or taken all the data
or changed all the data. This is a serious issue. It is going
to continue to be serious for a long time. As we move to an
ever more interconnected society and a global society, it is a
world-class challenge.
In terms of FFMIA and getting to the end game I spoke of
earlier, this is a critical issue. The other critical issue is
having integrated systems that are actually at the fiber of the
management process of an agency.
When agencies will actually be at the end state, actually
be there, is when the systems are viewed as being seamless,
When they have knowledge management whereby information is
provided to the manager on a day-to-day basis and used to
manage, and when financial data isn't viewed as something
special or outside the purview of the general manager but is
viewed as something on your desktop every day.
For example, the government is the lender of last resort in
a number of cases. We are filling in holes. In theory, our
managers should have better information, and we have to really
assure that all the information is protected, and that's where
computer security comes in.
Mr. Ose. Is it your suggestion that the challenge lies
perhaps not in the integration but the interconnectivity?
Mr. Steinhoff. That's part of it. It is both integration
and interconnectivity. Both of those are very important
challenges, and I think that in some cases--I know I am going a
little off of your computer security question but it gets to
some of your earlier issues. In looking at what we are doing
today, there is another very fundamental part of it, and that
is reengineering the basic processes.
Mr. Holz spoke about trying to take an off-the-shelf
package and use it. In the past, what government has oftentimes
done is taken an off-the-shelf package and redesigned it, which
hasn't proved to be very effective. These normally die their
own deaths over lingering periods of time.
What we have to do is, in many cases, reengineer basic
processes.
Your question before about systems architectures, it is
very important that the financial system be developed within
the confines of that architecture and that agencies, in fact,
have one in place. Many agencies don't, and you end up with
stovepipes at the end.
So this is really what Clinger-Cohen was getting to, and
why it is just very critical that people follow Clinger-Cohen
and actually take the extremely cautious, judicious way that
Mr. Holz says he is going now, based on experience of going
another way before, and assuring that you have gone from A to B
before you attempt to go to C.
It is not that the government hasn't spent a lot of money
over many years on systems. They have. We should, in theory, be
there many times over but we are not, and we have to learn from
that experience.
In designing systems, computer security must be built in.
Oftentimes a vendor won't sell you computer security, and it is
an issue not just in government but in the private sector.
Mr. Ose. Mr. Gotbaum, this kind of begs a question from
OMB's standpoint. What is OMB or the administration suggesting
to the agencies regarding addressing the security issue?
Mr. Gotbaum. Actually, Mr. Ose, a string of measures. In
the same way that we put out guidance for financial systems
that is part of FFMIA, we publish general guidance on computer
security. There are a couple of steps. This guidance comes out
periodically.
We are in the process of revising it again, not
surprisingly, in light of what we have learned over the last
several months. But what we say to agencies is, you need to,
address computer security at the start when you develop
systems. This is consistent with Clinger-Cohen.
Second, when you come forward and ask for money for IT
systems, you need to show us how your IT system complies with
all of the various requirements: Clinger-Cohen, your security
requirements, etc. So what we have done is said to the
agencies, in effect, you need to meet the following general
test, which is you need to plan your IT systems in advance. You
need to use commercial systems as much as possible. You need to
make them as modular as possible.
Arnie Holz' point about crawling before you can run is
something that----
Mr. Ose. Walk.
Mr. Gotbaum [continuing]. We are strongly in favor of.
Mr. Ose. Walk.
Mr. Gotbaum. Yes, walk before you run. And sometimes in the
Federal Government we have tried to fly before we could crawl.
Mr. Ose. That's NASA.
Mr. Holz. We do good at that, though.
Mr. Gotbaum. So what we have said in guidance is these are
the general rules. You need to, as part of your IT planning,
which is part of your budgeting, come forward and tell us that
you have done this and tell us how you have done it. So that's
the process we followed both for FFMIA compliance and for
computer security.
Mr. Ose. So it is an integral part of what the system
architecture ends up having?
Mr. Gotbaum. Yes, right, and our review is part of our
general review of their systems proposals and their budget
proposals.
Mr. Ose. All right. I have two more questions and then, Mr.
Skelly, I want to come back to your challenge with the various
programs that you have.
Mr. Gotbaum, the March 1st audit report deadline of this
year was not met by a couple agencies and, frankly, it seems to
be a rather blatant noncompliance. What are we doing--excuse
me. What is OMB doing to ensure that agencies comply with the
March 1st reporting deadline for fiscal year 2000?
Mr. Gotbaum. This year we are doing more of what we have
done over the past year. Any agency that was late or had less
than a clean opinion, we sat down with them months in advance
of the deadline and said what are you doing? We sat down with
the agency. We sat down with their auditor, and for those
meetings we brought in GAO and Treasury.
So for agencies which were characterized as agencies with
challenges, we sit down with them and say, ``Walk us through
what your plans are, walk us through how you intend to deal
with them, etc.'' So beginning last fall, we had a series of
meetings with all of the agencies that had had difficulties in
the year before.
We are doing that again except we are starting it earlier.
In addition, as we get closer to the deadline when we hear
from agencies that they are either slipping or having
difficulties or both. The audit process is not automated.
That's part of the reason why we think FFMIA is so important,
because most agency audits now are not automated. They are done
by a combination of automated systems and a lot of hand labor.
This is what Jeff Steinhoff was talking about.
As a result, because this is something that agencies have
only been doing for a couple of years, this is something which
the agencies and their auditors are still learning. Therefore,
in more than a few cases, in fact in at least half a dozen
cases, some time in the month of February or March, we would
get a phone call from an agency saying ``We just discovered a
problem,'' and they were not dissembling. They were not hiding
something that they had known about for months. As they had
gone through reconciliations, they discovered their accounts
couldn't reconcile. So what we do at that point is we sit down,
we work with them, we work with GAO, we work with their
auditors and we try to resolve each of those issues.
I think it is important, as we recognize what we haven't
done, to also recognize what we have. For fiscal year 1998, we
had, I think, 15 timely audits. This year, for fiscal year
1999, we had 19. We would have had 20 except DOT was so
interested in making sure that GAO agreed with it that they
held off a couple of days to convince GAO. So I would say this
year we had 20. And I am hopeful that next year we can, in
fact, get everyone.
Mr. Ose. The other question I have, Mr. Chairman, if I
could take a little liberty here, is I want to come back to the
Department of Education and the reason I want to come back to
the Department of Education is that it handles so many
critically important aspects of, frankly, training the next
generation, if you will.
I want to visit with Mr. Skelly about the specific
challenges. I know you have a huge number of programs. You have
the student loans, the guarantees. You have this, that and the
other thing.
Are there specific things you can share with us as to how
we can help DOE, frankly, deal with this problem?
I mean, we have to have a clean opinion. We have to close
these books and they have to reconcile. How do we help--I mean,
what can we provide DOE to get to that end game?
Mr. Skelly. It is a difficult task to manage all of these
activities and to do it well. It is important that we get our
administrative funds that we need to implement some of these
changes so that we can devote resources to our systems
enhancements, but--and training of staff, recruitment of staff,
retention of staff, who can do a good job on them, who can
learn about the programs, learn about the systems requirements,
the changing audit standards, keep up-to-date on all of those
things and do a good job.
I think that's the most important thing that Congress can
do in supporting us, as OMB has, in requesting sufficient funds
to administer the activities.
I don't think you can just eliminate some of the
requirements for separate programs. I think the education
programs we have for the most part address clear national
priorities. They are important investments in school children
and in college students and in people with disabilities and
others who benefit from the programs.
I wouldn't want to suggest that the easiest way to comply
with all the accounting rules and standards is to eliminate
those programs.
They each--each of the 175 programs serves a different
purpose.
Mr. Ose. Before we leave that, are any of the 175, in terms
of their specific function, able to close their books?
Mr. Skelly. We could probably do that. We have the greatest
difficulty. At least in the 1999 audit, Ernst & Young, our
independent auditors, had the most problem, and I think GAO
would echo this, with what we call our guaranteed student loan
program, our Federal family education loan program. It is the
program that has the most significant accounting issues because
under another piece of legislation called the Credit Reform Act
we have to account for that program based on each year's cohort
of loans, each year's loans that we set up.
The act only passed in 1990 and it was in effect for fiscal
year 1992. So we have two separate sets of rules for how we
account for guaranteed student loans, for those loans made
prior to 1992 and for those loans made after 1992. We have to
account for each year after 1992 separately.
We get to lump all the pre-1992 money together. But one of
our most significant issues in the audit this year was how we
dealt with the pre-1992 student loans in our 1999 audit, a full
7 years later; but loans were made prior to 1992. Students are
still repaying those loans, in most cases, because if they go
to school for 3 to 5 years and then they are earning payment
for even 10 to 25 years, we are tracking these loans for a long
time.
There are problems. There have been problems in the past
with defaults on those loans and we have to account for that
separately. We have greatly reduced the default rate from over
22 percent down to 8 percent in the first 2 years' repayment.
That has significantly eased the problems in how we do
accounting.
We still have to track the inflow of funds from default
repayments and make sure we put them into the right account.
Are these repayments part of the pre-1992 loans or are these
repayments part of the post-1992 loans? If they are post-1992
are they 1992, 1993, 1994, 1995? Which year do we put them?
What we call splitting that data up is what has been one of
our difficult issues. It is one of our most difficult audit
challenges for fiscal year 2000 also.
Mr. Ose. So on the student loan program--I have to question
the uniqueness of the challenge that you are defining because I
frankly happen to think there is a substantial body of
expertise that has faced up to this issue of loans issued at
varying dates and their degree to which they repay.
Now the thing that has ensued since 1992 may be a little
different but the fact of the challenge in repayment or the
default rate or what have you, I don't think that's
particularly unique.
That's the student loan program. Are there other programs
within DOE that you are able to frankly close? Not close in the
sense of eliminate but close the books in terms of a given
year.
Mr. Skelly. We have two student loan programs. The
guaranteed student loan program makes approximately $20 billion
in loans each year. We have another program called the direct
student loan program that makes only $10 billion in loans each
year. It is still a very large program.
In the direct student loan program, we have had a clean
audit opinion. It is a program again run by the Federal
Government. We make the loans. We use private sector
contractors to make and service all of those loans, but we are
more in control of the data because we are the big, large bank.
In the guaranteed student loan program, we use
intermediaries or third parties to help us. Guarantee agencies
and lenders send us information, and some of our most
significant problems have been in the data that we get from
guarantee agencies, the information we get from lenders.
Because it is a more complicated program, with more actors
involved, it is more difficult to get all the data that we need
and, thus, more difficult to do the accounting.
But the direct student loan program, we do a good job.
Again, we have more control over it but we have done very well
there.
Mr. Ose. Mr. Chairman, you have been very, very generous
with time this morning. I do have one question. I want to ask
Mr. Gotbaum and the others whether there is any legislative
action that we can take to further refine or modify the
requirements at FFMIA, but knowing you as I do I am confident
you have questions. I apologize for monopolizing the time.
Mr. Horn. I just have one or two. You are doing great. I am
training him. Since the Republican Party, and I was part of it,
said chairs can only serve 6 years, I want you next.
OK. Let me ask you on this, Mr. Skelly, has the Secretary
ever asked the authorizing committees or the Appropriations
Committees or has this come under the Banking Committee, and is
there a way simply to work it out and simplify it?
Have you ever asked OMB for the language?
Mr. Skelly. There is a long history where the
administration requested in 1993 to go to a direct student loan
program for all the loans that we make. That was rejected by
Congress.
Mr. Horn. Well, I remember voting for the direct student
loan. I was for that as a university president and I was also
for it as a Member of Congress.
Mr. Skelly. Many university presidents and many Members of
Congress do support the direct student loan program. It has
been a very, we think, big success. It has saved a lot of money
over time. More importantly, it has improved services to
schools and to students, both the ones who get the direct
student loans but also the ones who have received guaranteed
student loans because the competition of the direct student
loan program has spurred the guaranteed student loan program
into all kinds of innovations; things we did where we made our
services Web enabled so that students could get access to their
records. They could file their application form over the Web.
We have greatly simplified a lot of the loan requirements. So
it is--and speeded up the process of their getting a loan.
So, again, there was a proposal not based on accounting
concerns but just based on the idea of what was the best way to
serve the public and provide loans to students who need them
back in 1993, but there has been no real proposal since then to
do that. We think both programs work well simultaneously. There
is room for both.
Again, it is a huge, huge industry. A lot of college
students and their families need help in attending college and
helping to pay for it. So we wouldn't try to get rid of the
other program. It is complicated. There are always people
suggesting ways to make it simpler, and that the banks and
guarantee agencies that participate in the program have also
helped do that. It is not all the government doing it. Both
sides have helped to make the programs better.
Mr. Horn. My point was, if it is a real burden to the
Department of Education, you ought to just get some things
amended up here. If it isn't, why struggle with it?
Mr. Skelly. I think we are going to struggle with it, but
it is kind of the thing where the driver here of how we do
things is not just the accounting. We are not doing accounting
for accounting's sake. We are delivering these services. We are
performing functions that are necessary in the national
interest. We want to do those the best we can and we hope to
get all of the accounting requirements fulfilled at the same
time.
Mr. Horn. I have one last question that will involve OMB,
GAO and anyone else who wants to get into it. I remember very
well when Commissioner Rossotti came by and said, ``I have this
great training program and people are stealing my people.'' So
I was curious on the incentives to get the team to move from
IRS where they have had great improvement on fiscal matters
over to Agriculture, I am curious can they negotiate the
schedule for, say, senior civil servants or just the regular
civil servant grade? How does one swipe a lot of people from
others that are good?
Mr. Gotbaum. I am not sure that I should answer this
question on the record in any case, but----
Mr. Horn. I am looking at you.
Mr. Gotbaum. I am not sure how Sally did it. I am happy to
ask Agriculture to do a write-up on it, because this is
something of which they are very proud and which is important,
because it is a case in which a Federal agency recognized that
there was expertise outside the Federal agency. They needed to
get this experience and went out and got it. With your
permission, Mr. Chairman, let me put that in the list of things
that I need to respond in writing to.
[The information referred to follows:]
[GRAPHIC] [TIFF OMITTED] T1731.054
Mr. Horn. It is an interesting route to go. I think of it
in the hospital analogy, where the heart specialist at one of
the very distinguished hospitals in America, that happens to be
in Long Beach, arrived in town and just took the whole group. I
asked the other night, when I was sitting with a lot of
doctors, I said, ``is that group still at this other
hospital?'' And they said ``yup, they still are.'' If you offer
people a chance to do good things, maybe that is all it takes.
So I was curious about that, because I remembered that.
Mr. Rossetti, as you know, has done rather well in getting
the books balanced over there.
Mr. Gotbaum. Although he has a few more things to do.
Mr. Horn. That is true. I said it would take him 10 years,
and I would hope he would be here under five Presidents to get
the job done.
Well, any other comments?
Mr. Ose. I do have one other, Mr. Chairman, if I may. This
legislation, FFMIA was passed 4 years ago, and I want to ask
Mr. Gotbaum, and then have the others, to the extent they have
any comments, chime in whether there is any legislative action
that this subcommittee or the Congress could take to either
further refine or modify the requirements of the act, the
purpose being to improve it further?
Mr. Gotbaum. Mr. Ose, I am stating a view that I have not
vetted through the CFO council.
Mr. Ose. You are way out there, man.
Mr. Gotbaum. This is, in our view, very good, quite general
legislation. What FFMIA says is, basically you need to get your
systems, so they meet systems standards, they meet accounting
standards and they use the standard general ledger. It is not,
in my view, an overly prescriptive piece of legislation.
So I, frankly, think the major task is for us to implement
it. I would say, and as I mentioned in my testimony, that the
3-year time horizon is one, in most instances, that we think is
optimistic. But the law then provides, that if you are going to
go beyond 3 years, you need to talk with the Director of OMB,
and you need to explain why it is OK to go beyond 3 years, and
you need to have your auditor comment on the remediation
report.
To be quite honest, I think this is a case of a law which
is a very sensible law, which is hard to implement, and we need
to go about the task of implementing it. As I mentioned, and I
believe this very sincerely, I think the attention of the
Congress on how agencies improve their financial management
matters a great deal. In the same way that you keep track of
GPRA implementation and the way you keep track of whether we do
or do not have clean opinions, I would argue it would be useful
to keep on keeping track of this.
It might also be useful to, at some point, for some
agencies, hold some kind of joint hearing and review with the
authorizers and the appropriators how individual agencies are
doing. One of the issues the agencies raise to us that we work
on actually quite hard is making choices among priorities.
Because we are in a balanced budget world, we have to make
choices, and you have to make choices.
So it is helpful to agencies if appropriators and their
authorizers know that it is not just the agency that cares
about modernizing its financial system, but that you and your
committee do as well.
Mr. Horn. That is well said. Does the gentleman from
California have any other questions?
Mr. Ose. I suspect others might have some perspective here.
Mr. Steinhoff. I agree there is no need to change the law
now, but we have to take the law that is there and really take
it to the next level. If you look at the successes in Y2K,
there were several very important components to that. One was
the tone at the top. It would be very important that you would
have not just chief financial officers, as Mr. Holz has come
today and Mr. Skelly, to talk about the importance of this,
because they are convinced this is important. But it is
important that the department head be asked these questions.
We saw in Y2K that entities like DOD turned around when the
responsibility got to the higher levels. When the Deputy
Secretary, John Hamre took control, it went from a program in
peril to one that was completely changed and reformed and got
them to the end zone. So you have to have that proper tone at
the top. Our work with world-class corporate and finance State
organizations, found that that tone at the top was there. The
chief executive officer was engaged in these issues and looked
at it as providing value to the business, looked at it as being
an investment. It has to be viewed that way.
FFMIA has an annual reporting mechanism. Administratively,
that reporting mechanism can be expanded upon to have, let's
say, quarterly reporting, back to milestones. I would not want
this to turn into a process-driven endeavor. I want to make
that real clear. It should not be viewed as process-driven or
``gotcha,'' but there should be basic accountability. Many
people go in very optimistically when they are designing
systems, but it doesn't always quite work out the same way.
The chairman mentioned IRS. I am not saying that you would
have to do something of this grand scale every time, but IRS
had a very major and very expensive systems disaster, $3.4 to
$4 billion, and reforming its system is really at the lifeblood
of carrying out its mission.
Basically, today, every time the IRS asks for money out of
its special fund for tax systems modernization, it must present
a plan. GAO must look at that plan and say whether IRS is in a
position to effectively spend that money. If we find a systems
architecture is not there, or the proper planning has not yet
been completed, we will say funding should be conditional on X,
Y and Z. The Congress has limited funding in some cases. This
has all been done very collaboratively with the IRS in a
constructive way. They don't want to move ahead when they are
not in a position to move ahead.
So I think there can be a lot more rigor placed on systems
development. I think it would be very much worthwhile for the
Congress to know whether or not agencies are in a position to
properly carry out Clinger-Cohen. There are measures of this.
The Software Engineering Institute has a variety of tools that
can be used to determine whether an agency is in a position to
design software or to manage a contractor that is designing
software. All too often agencies get into these major projects
that go on for years and years and years, and then finally
someone plugs in the cord of the system in and it explodes.
Agencies have to make sure this money is well spent. Following
the disciplined rigors of Clinger-Cohen is very important here.
Finally, a very important component of the success we saw
in Y2K was the independent validation and verification and the
fact that things were tested on an end-to-end basis to see did
they really work end to end and to break down some of the stove
pipes. The IGs played a very important role in Y2K, I can see
them playing a very important role in addressing the financial
systems issue, which really gets to the heart of the challenge
and the CFO Act and FFMIA. Without this, the government is not
going to move toward a performance-based government because it
will not have the data. It is that important.
Those are my pearls of wisdom for today. It has been a
pleasure to be here.
Mr. Horn. Anybody else have a word on this?
Mr. Skelly. You asked would we like any changes. I have not
vetted this one through Josh or the CFO council either, but one
additional month, instead of having to do these things by March
1, would really help us. We, in the Department of Education,
did meet the March 1 deadline this year. We are glad we did,
but we paid a pretty big price for it. The reason we have a
difficulty is the loan programs we have to work with require us
to go back and use economic assumptions that are part of the
President's budget to discount those loans. The same people who
are doing the work on the budget, which has to come out the
first week in February, also have to do a lot of work to help
produce the statements and work with the auditors. Another
month would certainly have helped us a lot, and it sounds like
it would have helped a couple of the other agencies.
Mr. Ose. Mr. Skelly, I don't want to deflate your balloon,
but I would suggest that we go a different direction. We are
not going to relax the standards. You will have to vet that
there, but that is not going to be very receptive. It is not
going to be received well on this side, to relax the standards.
Mr. Skelly. It is worth a shot.
Mr. Horn. That is right. We opened it up. You are right to
move in.
Any comments, Mr. Holz?
Mr. Holz. I would like to add to the comments that came
from the other end of the table about the support of the heads
of the agencies. I can assure you, I have never run into a guy
that is more aggressive about excellence in financial
management than one Daniel S. Golden, and his support made him
an absolute champion of this process. He wants audited
financial statements, he wants clean opinions, he has some
corporate experience, so he knows about that.
The whole accountability reporting process that we do, he
owns it. There is no doubt about it. It just makes my job that
much easier, because my chores and challenges and direction are
very, very clear. When you have that kind of support and
understanding of the products from the top down, it is an
extremely beneficial tool to have and it works very well for us
in the area of statements and systems and standards.
Mr. Horn. Well, I agree with you. He has the highest regard
up here on the Hill, more probably than any other Cabinet
officer.
Mr. Holz. I appreciate that.
Mr. Horn. He is not only a visionary, but he is a practical
visionary, and we see it almost every day. He has had to suffer
more cuts than anybody else, and he took it smiling and did
something about it.
Mr. Holz. I was a little interested in Mr. Ose's comments
when he was talking about closing the books and being in
business, how to do that. Having been in business for many
years as an auditor, I have provided those kinds of services to
people, and it is very difficult sometimes. I think we have all
talked about that here today. We just need to keep pressing
forward and get it down.
Mr. Ose. I would say I pulled my hair out doing it, but I
don't want to----
Mr. Holz. I won't take it personally.
Mr. Horn. We thank you all for coming. I now want to thank
the staff. Russell George is right behind me, the staff
director and chief counsel for the subcommittee, and then
Louise DiBenedetto is right to my left and your right, and
sadly for us, this is her last hearing. She is on the nice
detailee program of the General Accounting Office as a
professional staff member, and she will be going back there,
but only after we unlock the door and get all these documents
that we have suggested some of you file today and do a report.
Then we will release her for GAO. But she has a superb
operation and is excellent. So we thank you, Louise, for all
you have done to be helpful here.
So we think that is good for people, even in our
legislative branch, which GAO is, and we certainly would
welcome people from the executive branch to spend some time on
the Hill. You think they would go back with a different
perspective. I can think of a lot of cases where people went
from here to there and there to here, and it worked out, and
some it never worked out.
I will never forget one, he is inscribed in my brain
forever. He was up here as a very fine legislative assistant on
the Senate side, went down to your shop, my friend, and known
as then BOB, and he started saying, you know, what are those
idiots on the Hill doing? That was not exactly the right way to
move in to the executive branch. I thought, boy, good-bye.
Mr. Gotbaum. Thank God that was a previous administration.
Mr. Horn. You are right, it was. We also want to thank
Bonnie Heald, our director of communications. I saw her here.
There she is. Bryan Sisk is our clerk on the administrative
matters, and then Elizabeth Seong is an intern. Where is she?
She is probably waiting for me to take her to lunch. Michael
Soon, the same condition, an intern, and Will Ackerly, intern.
Will, where are you? Put your hand up. Thank you. And then the
minority staff, Trey Henderson, counsel, and Jean Gosa, the
minority clerk here. And then, of course, our faithful
reporters, Bob Cochran and Mindi Colchico.
So, with that, we thank you all, and we are adjourned.
[Whereupon, at 12:12 p.m., the subcommittee was adjourned.]
[Additional information submitted for the hearing record
follows:]
[GRAPHIC] [TIFF OMITTED] T1731.055
-