Century Date Change
The century date change is a high risk area for the IRS. The IRS estimates it has 19,000 Tier I applications that comprise approximately 62 million lines of code, as well as other Tier I, Tier II, and Tier III applications that may well comprise another 30,000 applications and 40 million lines of code. All Information Systems (IS) controlled applications were certified in inventory by April 21, 1997. All non-IS controlled applications, except Tier III, were certified in inventory by May 30, 1997. This comprises 98% of all applications. The remaining 2% are Tier III applications housed in the field. These applications are being reviewed by an executive-led task force that will decide which applications will be scheduled for conversion and which will be retired. Those selected for conversion will be certified in inventory by October 15, 1997. The Commission cannot determine if the IRS will be successful, but the enormity of the risk dictates that all possible caution be exercised now to avoid problems in the future.
GAO has developed readiness guidelines for use by any federal agency in establishing its century date change conversion programs. GAO has identified a structured five phase approach for effective conversion programs: awareness, assessment, renovation, validation, and implementation. The IRS program follows the GAO guidelines and is in the assessment phase. However, several risks were identified during testimony received by the Commission on February 27, 1997:
· The first risk is that the $129M budgeted in fiscal year
1997 and fiscal year 1998 will not be sufficient. IRS must evaluate
the results of the May 31, 1997 inventory to determine if additional
funding is needed.
· The magnitude of many of the Tier II and III programs is unknown, and many of these programs are not currently scheduled for conversion.
· Data IRS receives from a number of outside sources may not be compliant with the century date change standard, and may have to be filtered to avoid impact to IRS systems. IRS receives data from the tax industry, 47 federal agencies, and 50 states, and 10 municipalities.
In addition to computer program modifications, additional computing and storage resources may be required, and lead times for acquisition of additional hardware must be taken into account. Another risk is the need to make other changes, such as tax law modifications, simultaneously with century date change corrections. Changes of this type could add additional complexity to programming and testing efforts, and have the potential to delay the implementation of century date change corrections.
Given the structural deficiencies the Commission found at the IRS, the technological deficiencies are not surprising. Past problems are well documented in numerous reports from oversight organizations, and the Commission is more concerned in planning for the future than criticizing IRS for past problems. However, understanding the reasons for IRS problems in managing technology is necessary if future information technology modernization projects are to be accomplished efficiently and effectively.
The IRS inability to manage technology adequately is an outgrowth of issues discussed in the management and governance findings. Senior management has not be able to purposefully establish a long-term vision for its business operations, which, in turn, has affected managementís ability to manage technology programs.
The belief of the Commission with respect to the use of information technology (IT) is clear: the purpose of IT is to enable IRS to achieve its strategic objectives; IT should not drive IRS objectives. This premise necessitates a clear strategic vision to identify business requirements that provide IRS Information Systems organization the guidance it needs to develop and implement IT systems that support the business vision. While the findings discussed below indicate fundamental flaws in IRS ability to manage technology, the lack of overall strategic objectives results in a shaky foundation from which to develop modern IT systems.
The Commission did not have the time or the resources to conduct a complete technical evaluation of IRS ability to manage technology. Moreover, a number of oversight organizations have already conducted such reviews in great depth. The most comprehensive reviews of the Tax System Modernization program were conducted by the General Accounting Office (GAO) and the National Research Council (NRC). The NRC Final Report, Continued Review of the Tax Systems Modernization of the Internal Revenue Service, 1996, and GAO/AIMD-95-156, July 1995 both cited a number of important deficiencies that need correction.
Subsequent reports indicated that problems continued without appreciable corrections. The Commission has found these problems have, in the past, affected the ability of the IRS to produce successful IT systems. Examples of IT projects that did not meet expectations, as documented in GAO and IRS reports, include the following:
· The IRS contracted with a private sector contractor to
develop the Document Processing System (DPS), which would have been
used to image paper returns, and was intended to be its cornerstone
for improving returns processing. In 1996, an IRS task force
concluded that, even though image and data capture technology was
mature and reliable, the DPS implementation, specifically in terms of
the contract structure, overall cost, and division of labor, costs
too much and takes too long when compared to other organizationsí
implementations. The task force recommended that the IRS stop
investing in DPS as it was configured under the current contract
vehicle. This recommendation came after awarding a $1.3B contract in
February 1994 and spending $284M through June 1996.
· The Cyberfile program was to allow taxpayers who prepared their own tax returns to file electronically from personal computers. GAO found that IRS did not adequately analyze requirements, consider alternatives, or assess the developerís capabilities to develop and operate an electronic filing system, even though the need for these critical prerequisites was brought to managementís attention. The project was hastily initiated, development and acquisition were undisciplined, and Cyberfile was poorly managed and overseen. As a result, it was not delivered on time, and after advancing $17.1 million to the developer, IRS suspended development.
· The Service Center Recognition/Image Processing System (SCRIPS), a document imaging system installed in five Service Centers, experienced hardware and software problems during the 1995 filing season, including hardware problems that kept documents from feeding properly into the scanner and software problems that affected SCRIPSí ability to accurately capture name and address information. In total, IRS was able to process only about 56 percent of the expected 8.6 million 1040EZ forms it had planned to process. During the 1996 filing season, SCRIPS performed better than it did in 1995, but still was not meeting performance expectations, and may eventually cost much more than originally estimated.
· The Integrated Case Processing (ICP) program was to provide IRS Customer Service Representatives with the capabilities to quickly obtain the data needed to answer taxpayer questions and resolve a variety of taxpayer problems. GAO reported that the IRS has invested millions of dollars in ICP, but unresolved issues with the costs and benefits of ICP the testing of ICP, the redesign of work process, and software development weaknesses raise serious concerns about IRS capability to successful develop and deploy ICP.
The problems described above were caused by serious deficiencies that must be corrected before major new investments in technology can be justified. The intent of the Commission is not to criticize the IRS for past problems, but to ensure that the mechanisms exist to correct these problems, so that additional funds appropriated for technology development may be spent effectively and efficiently.
Best practices for developing IT systems
The Commission, during its investigations, emphasized identifying best practices by both industry and government in developing IT systems. Industry, academic, and government experts who provided testimony on IT best practices are listed in Appendix C. An analysis of best practices abstracted from these sources reveals that the following best practices are widely used by multiple organizations:
· Measurable, strategic objectives for IT to support is
· Business and IT owners must act in partnership;
· Business processes should be reengineered prior to modernization;
· Core capabilities must exist in customer IS organizations, even when IT is outsourced;
· An overall design and architecture is needed prior to implementation of IT systems; and
· Phased, evolutionary modular approaches to modernization work best.
The need for appropriate technical disciplines and processes, particularly for an overall system design and architecture prior to implementation of individual projects was universally emphasized, and the need for a security architecture was particularly emphasized by security experts.
USAA, Citibank, and ATO emphasized the need for evolutionary approach to modernization. Citibank uses a concept known as Building Permits. New development projects must obtain a Building Permit before being approved and funded. To obtain a Building Permit, a project must be cost-justified and conform to Citibank architecture and standards framework, and use selected vendors.
Another source for best practice information is the Software Capability Maturity Model (SW-CMM) and Software Acquisition Capability Maturity Model (SA-CMM). The former describes best practices for in-house development of software, and the latter applies to managing software acquisitions from contractors. The SA-CMM will grow in importance as IRS outsources most of its software development.
A number of organizations have turned to outsourcing IT development. Research by Feeney and Willcocks of Oxford University, Configuring the Information Systems Function: A Core Capabilities Approach, indicates that organizations that outsource IT development must possess nine core capabilities to be successful:
· IS/IT governance - Integrating IT effort with business
purpose and activity
· Business systems thinking - Envisioning the business process technology makes possible
· Relationship building - Getting the business constructively engaged in IT issues
· Designing technical architecture - Creating the coherent blueprint for a technical platform that responds to present and future business needs
· Making technology work - Rapidly achieving technical progress- by one means or another
· Informed buying - Managing IT sourcing strategy that meets the interests of the business
· Contract facilitation - Ensuring the success of existing contracts for IT success
· Contract monitoring - Protecting the businessís contractual position, current and future
· Vendor development - Identifying the potential added value of IT service suppliers
The Commission believes these core capabilities are applicable to the IRS situation as it changes its IS organization from one that develops information systems in house to a manager of private sector development contractors. The Commission recommends that the core capabilities be used as guidelines in the organizational development of IRS Information System organization.
Information technology industry recommendations
The Information Technology Association of America (ITAA), an industry association whose member companies are marketplace leaders in systems integration, outsourcing, software, and telecommunications, conducted a study for the Commission describing its recommendations for improving IRS ability to manage technology. The ITAA report, Realizing Strategic Business Goals Through Process Reengineering and Systems Integration, contained the following recommendations for IRS:
· Clarify and communicate the vision of a modernized IRS;
· Ensure that business goals drive the tax system modernization; and
· Improve strategic information systems management.
To aid in the implementation of these recommendations, the ITAA further recommended that the IRS:
· Must be given the flexibility to hire, provide incentives,
manage, contract out, and hold its personnel accountable;
· Make better use of the private sector skills, i.e., do not attempt to duplicate within the IRS capabilities that are better performed by the private sector; and
· Integrate program management to enhance effectiveness of implementation.
Details of these recommendations can be found in Realizing Strategic Business Goals Through Process Reengineering and Systems Integration.
Recent IRS progress
During the past 12 months, IRS has succeeded in creating high-level technology management mechanisms that work. GAO endorsed the operations of the Modernization Management and Investment Review Boards. Both put Strategic Information Management practices in place at the highest levels of Treasury and IRS. These boards should be integrated into overall strategic planning efforts at IRS.
Another IRS achievement was to hire a Chief Information Officer (CIO) from outside the organization. The new CIO has inherited major problems: century date change corrections that threaten the ability of IRS to function; stovepipe legacy systems that create operational and maintenance problems; a history of failed projects; lack of a business strategic plan; insufficient experienced personnel, and a decentralized IS organization with a proliferation of non-standard IS systems in the field.
The CIO has instituted positive change by establishing a project team to correct century date change problems, stopped a number of questionable projects, is developing architecture, program, and acquisition plans to modernize; and began to recruit outside personnel. The CIO testified that he has implemented a rigorous systems development methodology and is creating a systems architecture, business requirements, and sequencing plan, all of which are needed prior to implementation of IT systems. These documents were delivered to Congress and released to the public on May 15, 1997. Development of these documents is consistent with best practice guidance the Commission has received from industry. In addition, IRS is progressing toward outsourcing of submissions processing, but cannot evaluate a pilot program before 2001. While these time tables seem long, the Commission recognizes significant analysis of returns processing efficiency must be conducted prior to outsourcing.
The Commission believes that IRS efforts to improve customer service and streamline compliance can never be realized fully until its employees have the tools needed to easily access taxpayer data. The capability for IRS employees to respond quickly and correctly to taxpayer inquiries is of major concern to the Commission. Providing correct information to taxpayers requires that Customer Service Representatives (CSRs) have easy access to accurate, timely taxpayer account data. Presently, taxpayer account and related data is stored in a number of large data bases frequently referred to as stovepipe systems since they are not integrated. This structure hinders Customer Service Representatives from easy access to data needed to satisfy taxpayer requests in a single call. Data bases that Customer Service Representatives must frequently access include the Integrated Data Retrieval System (IDRS), Automated Collection System (ACS), Corporate Files On-Line (CFOL), Service-wide Electronic Research Project (SERP), and Centralized Inventory Distribution System (CIDS).
Legacy system problems
IRS provided information to the Commission staff describing 59 separate data bases that support various tax processing functions. The size of many of the data bases was in the gigabyte range. For many of these data bases, there is no central data dictionary. Neither is there a central data management plan that addresses data management issues across the organization.
These data bases are hosted on a variety of hardware systems. IRS reported that it currently has 49 operational mainframe systems in the two Computing Centers and ten Service Centers, with a total processor power of 1,542 millions of instructions/second (MIPS) for IBM/IBM-plug compatible machine (PCM) systems and 495 MIPS for UNISYS, as well as a total storage capacity of 10,790 gigabytes deployed. For non-mainframe systems, known as Tier II and III systems, IRS currently has 349 mini-computer based and 536 micro-based servers. IRS also has an estimated total of 6,998 gigabytes of on-line data and 180,000 gigabytes of near-line and off-line data stored on magnetic tapes.
IRS Master Files were designed in the 1960s, and are based on a one-week posting cycle. Data are accumulated during the five business days of each week and posted to the Master File data bases through a series of computer operations, commencing on Saturday and extending over several days. Thus, data captured at the Service Centers may not be available on the Master Files for as long as 10 days from the date the information is transmitted to the Martinsburg Computing Center. Computer on-line access to these data and the ability to update the information are further delayed by the need to transmit the updated master file date to each Service Center. In turn, the Service Center updates the on-line IDRS, the primary system used to resolve taxpayer account issues.
The IRS has been characterized as a stovepipe organization in which functional units such as exam, collection, and appeals set and implement their own priorities and objectives. Each functional unit is often disconnected from the other units and the organization as a whole. The design of IRS data bases reflects this type of organization. The consequences of such a design can hinder customer service. For example, IRS testified that separate tax assessments for the same taxpayer could be found on systems such as ACS, AUR, Automated Substitute for Return System (ASFR), the Audit Information Management System (AIMS), the Integrated Collection System (ICS), and the Totally Integrated Examination System (TIES). Thus, a CSR may need to research a variety of systems to obtain a comprehensive view of all data required to resolve a taxpayerís account issues.
IRS testified that it has experienced increasing difficulties synchronizing disparate standalone data bases and expended significant funds to develop and operate standalone systems with duplicative functionality, infrastructures, and telecommunications. Minimal progress has been made in replacing the core Master File systems, thereby requiring even greater expenditures for the interfaces between the standalone systems and the Master File systems. The stovepipe systems, with standalone databases that provide fragments of customer service functionality, are unable to directly update the Master files. Further, the IDRS, designed as an end user system, is employed inappropriately as a "hub" system, between the Master Files and the stovepipe systems, and many of the stovepipe systems were developed due to a lack of success in replacing the Master Files and the need to work around the limited capabilities of IDRS.
The IRS capability to access taxpayer account data in an integrated manner is an issue that is at the core of the its ability to provide good customer service, as well as achieve high levels of compliance. GAO addressed this issue in report GAO/AIMD/GGD-96-152, September 1996:
Making it easier for taxpayers to reach IRS by telephone is of limited value if IRS employees on the other end of the line do not have access to the data needed to help the taxpayers, which has been a long-standing problem in IRS. IRS eventually intends to provide its employees with access to greater amounts of on-line taxpayer data in shorter time frames than current systems can provide.
Another major goal of IRSí vision is to increase compliance. Achieving this goal hinges on the ability of enforcement staff to readily access good data. For example, as we discussed in recent testimony on IRSí debt collection practices, existing IRS computer systems do not provide ready access to needed information and, consequently, do not adequately support modern work processes. Access to current and accurate information on tax debts is essential if IRS is to enhance the effectiveness of its collection tools and programs to prevent taxpayers from becoming delinquent in the first place.
GAO report GAO/GGD/AIMD-97-37, January 1997, describes the problems encountered by Customer Service Representatives in servicing customer inquiries. Generally, the Customer Service Representative must access each of the different systems independently. For example, an IRS employee using IDRS will know that a taxpayer was sent a notice of underreported income but would not have access to the actual notice, which is contained it the Automated Underreporter (AUR) System. AUR would provide additional information, such as the amount of unreported income and information from the tax return that may indicate, for example, the amount of dividend or interest reported by financial institutions but not by the taxpayer.
The public has grown to expect that banks, insurance, and mail order companies will manage individual account information in a way that will enable good customer service. The Commission heard testimony from two outstanding customer-service oriented organizations during public hearings: USAA and Citibank. Both of these organizations learned to manage customersí account data using integrated data bases that are easily accessed by employees responding to customer inquiries.
Information technology industry recommendations
The ITAA report, Realizing Strategic Business Goals Through Process Reengineering and Systems Integration, contained the following observations on IRS improve its ability to access data:
By coupling the latest technology with a new way of looking at how government relates to its citizens, government organizations can embark on the journey of creating a truly customer-driven government through improved access to information. For the Internal Revenue Service, this transformation means becoming as responsive to the needs and desires of its customers as any private sector. Using technology as an enabler, CSRs can view all transactions on one computer platform, on a single computer screen. Information access can be immediate and delivered to the customer through such traditional methods as telephone, mail and in person, or through alternative customer access methods such as personal computer, over the internet, or even kiosks, at any time or place. The key is to offer multiple access channels from the traditional to state-of-the-art, from personal to electronic. Many efficiencies and improvements in service will be readily apparent to include:
· Reduced repetition of information
· Reduced call handling time
· Streamlined information access
· Increased consistency and accuracy of information provided
· More personalized customer service
· More efficient problem resolution
Further, when these efficiencies are combined with transformation of business processes, Customer Service Representatives will be able to focus the majority of their time on client relations rather than seeking information and processing paperwork. The end result will be a more effective method of collecting the proper amount of tax revenue, quite possibly, increased taxpayer compliance.
But the transformation goes beyond the Customer Service Representative. Ultimately, the transformation will also help the government save money and manage its resources more efficiently. Better service often costs less money. A new infrastructure, in fact, often costs less than the old infrastructure. Key benefits to the Internal Revenue Service would include:
· Reduced operation costs of staffing, network and
· Increased representative productivity
· Streamlined work flows.
ITAA recommended that IRS work in partnership, sharing risks and rewards, with a skilled business partner. It made three recommendations that would help IRS improve its ability to access data:
· establish a Data Officer;.
· reorganize infrastructure for customer service; and
· implement the vision for customer service.
Details of these recommendations can be found in Realizing Strategic Business Goals Through Process Reengineering and Systems Integration.