Summary: Pursuant to a legislative requirement, GAO summarized its January 21, 1997, briefing on the status of: (1) U.S. Customs Service efforts to implement recommendations GAO made in May 1996 on its information technology (IT) modernization effort; and (2) Customs' Automated Commercial Environment (ACE) initiative. GAO did not independently verify ACE-related costs as reported by Customs.
GAO noted that: (1) Customs has assigned overall, policy-level responsibility for implementing the National Customs Automation Program (NCAP) to the Trade Compliance Board of Directors, which is headed by the Assistant Commissioner, Office of Strategic Trade; (2) day to day responsibility for implementing NCAP is assigned to the Assistant Commissioner, Office of Information Technology, who is also the Chief Information Officer; (3) however, GAO reported that Customs' approach to acquiring hardware, software, and telecommunications as part of Customs' Distributed Computing (CDC) 2000 project was not adequately supported by an analysis of Customs' business requirements; (4) in October 1996, Customs reconsidered its approach and refocused CDC 2000 on conducting the analyses needed to select the enterprisewide architecture on which ACE will run; (5) as part of the new CDC 2000 project, Customs hired a contractor in January 1997 that is expected to conduct these analyses and recommend an architecture by June 1997; (6) an investment review board was designated in February 1996, and in November 1996, Customs hired a contractor to develop a plan to help bring the agency into compliance with the Clinger-Cohen Act, which includes a requirement to establish an investment review process; (7) as of January 1997, Customs officials told GAO that they were in discussions with their contractor to plan the specific work needed to develop and implement an investment review process; (8) in October 1996, Customs updated its systems development life cycle (SDLC) policies to include new policies on software project planning and project management: (9) the SDLC policy specifies that extensive project planning, including estimating the size of software products and estimating resource needs, should occur in initiating a project of the magnitude of ACE; (10) also, the SDLC policy requires that project plans include to-level management reviews and decisions at various stages and between various phases of development; (11) in mid-January 1997, the Assistant commissioner, Office of Information Technology, assigned responsibility for SDLC enforcement to his information resources management division; (12) in addition, Customs prepared a security plan for ACE in July 1996; (13) Customs estimates that the development costs of ACE will be $150 million over a 10-year life cycle; and (14) although Customs has articulated broad goals for the trade compliance redesign initiative, to date Customs has not documented specific goals and objectives for ACE or expressed how success will be measured.