In accordance with 31 U.S.C. section 720, I am writing you concerning actions by the Internal Revenue Service (IRS) in response to the recommendations contained in a report by the General Accounting Office (GAO) entitled Tax Systems Modernization: Cyberfile Project Was Poorly Planned and Managed (AIMD-96-140; August 26, 1996). The GAO report identified problems with the planning and management of the Cyberfile project which would have allowed taxpayers to file tax returns using their personal computers. The IRS agrees with GAO's overall assessment that the Cyberfile project, which was officially suspended in May 1996, was not administered properly. Before the end of the year, in response to GAO's recommendations in the Cyberfile report, Commissioner Richardson will be issuing a report to Congress which will document the agency's involvement in Cyberfile and the strategy that has been adopted to strengthen IRS' technical management capabilities. If you have any questions, please do not hesitate to contact me at 622-3720. Sincerely, Enclosure شعار با Floyd L. Williams National Director for Legislative Affairs GAO Results in Brief United States General Accounting Office Accounting and Information B-271015 August 26, 1996 The Honorable Ted Stevens Governmental Affairs Dear Mr. Chairman: This report responds to your February 1996 request that we assess This report contains recommendations to the Commissioner of the IRS and the Secretary of the Department of Commerce. Details of our scope and methodology are in appendix I. The Department of the Treasury, IRS, and Commerce commented on a draft of this report. Their comments are discussed in the "Agency Comments" section and are reprinted in appendixes II, III, and IV. IRS' selection of NTIS to develop Cyberfile was not based on sound analysis. IRS did not adequately analyze requirements, consider alternatives, or assess NTIS' capabilities to develop and operate an electronic filing system, even though the need for these critical prerequisites was brought to management's attention as early as July 1995. Instead, IRS selected NTIS because it was expedient and because NTIS promised IRS, without any objective support, that it could develop Cyberfile in less than 6 months and have it operating by February 1996. In order to meet these self-imposed time constraints, the project was hastily initiated. Development and acquisition were undisciplined, and Cyberfile was poorly managed and overseen. As a result, it was not 'The financial measure of resources consumed in accomplishing a specified purpose, such as performing a service, carrying out an activity, or completing a unit of work or a specified project. B-271015 delivered on time, and after advancing $17.1 million to NTIS, IRS has suspended Cyberfile's development and is reevaluating the project. IRS and NTIS did not follow all applicable procurement laws and regulations in developing Cyberfile. IRS cited the Brooks ADP Act (40 U.S.C. 759) for its authority to procure Cyberfile. However, IRS did not perform requirements and alternatives analyses as required by the Federal Information Resources Management Regulation which implemented the Brooks ADP Act. NTIS also violated applicable procurement laws and regulations in implementing Cyberfile. To obtain contractor services quickly, NTIS modified an existing sole source contract awarded through the Small Business Administration's (SBA) small and disadvantaged businesses program (referred to as the "Section 8(a)" program), providing $3.3 million for Cyberfile and increasing the total contract value to $4.3 million. NTIS did not submit this modification to SBA for review as required under the Section 8(a) program. Further, this modification circumvented SBA rules requiring that contracts over $3.0 million be competed among eligible Section 8(a) firms rather than being issued on a sole source basis. In addition, at the time of modification, the contractor was not an eligible 8(a) firm under SBA regulations, and had NTS Submitted the modification to SBA as required, responsible officials at SBA said they would have rejected it. Cyberfile obligations and costs were not accounted for properly. IRS (1) significantly understated the obligations related to the project and (2) improperly accounted for the $17.1 million advanced to NTIS. In addition, NTIS did not promptly and accurately account for Cyberfile obligations and costs. Specifically, significant financial transactions were not properly documented and obligations and costs were not recorded promptly and accurately. Finally, adequate financial and program management controls were not implemented to ensure that Cyberfile was acquired cost-effectively. As a result, excess costs were incurred. For example, the interagency agreement between IRS and NTIS was not structured to minimize costs, and Cyberfile costs continued to be incurred after the project was suspended. Specifically, the agreement allowed NTIS to assess a 10 percent management fee for (1) costs associated with NTIS' failure to follow preferred management practices, such as late payment penalties and (2) items which IRS could have readily obtained directly and provided to B-271015 NTIS, such as computer equipment acquired under existing government contracts. Background In August 1995, IRS signed a $22 million interagency agreement with NTIS. To obtain contractor support to develop Cyberfile, NTIS modified an NTIS also acquired systems hardware and services via existing Department of the Navy, Treasury, and General Services Administration (GSA) contracts and other sources. Because NTIS did not have a contracting activity with the authority to make purchases over $50,000, the agency used contracting officers from two other Commerce Department activities to support the Cyberfile procurement. Initially, the Office of Acquisition Management provided a contracting officer. In late November 1995, the Cyberfile procurement was transferred to a contracting officer at the National Institute of Standards and Technology. In December 1995, we briefed the IRS Commissioner on the risks associated with proceeding with Cyberfile as planned. We explained that Cyberfile was not being developed using disciplined systems development processes and that adequate steps were not being taken to protect taxpayer data on the Internet. At that time, Cyberfile development was scheduled for limited operational use by a selected population of taxpayers in February 1996. |