GAO gives NARA high marks for e-records project
The National Archives and Records Administration has successfully achieved all major targets thus far for its Electronic Records Archives project to manage petabytes of information.
But the project still could be at risk of failure from a lack of specifications about its future size, access needs and preservation requirements, according to a new audit
from the Government Accountability Office.
Since 2001, the agency has been working on the electronic archives, which will permanently store historically significant electronic records produced by the federal government. NARA awarded two contracts for the design phase, valued at about $10 million each, in August 2004 to Lockheed Martin Corp. of Bethesda, Md., and Harris Corp. of Melbourne, Fla.
Both prototypes were completed in June, and selection of the winning design is expected in August. NARA stands to lose $20 million immediately if it does not award the development contract by Sept. 30, the GAO said.
As of May 2005, when the GAO completed the audit, the electronic archives project was up to date in achieving its goals.
"ERA is meeting its cost, schedule and performance objectives and has identified risks to the program's objectives," the GAO report said. "The program has also achieved all major milestones on or ahead of schedule."
However, the electronic archives project faces several additional risks. For one, "The level of preservation and access required for current and future electronic records has not yet been determined," the GAO said. Secondly, "NARA may build to the wrong specifications in terms of size and scalability if the agency is unable to forecast the expected volume of records to be processed by the system with any reliability."
The agency also lacks an "integrated schedule that encompasses agency projects related to the electronic records archive."
As of May, NARA had fully implemented four, and partially implemented an additional four, of the nine management recommendations for the project made by the GAO in previous audits. The GAO's recommendations included filling vacant positions, developing an enterprise architecture, improving information security and developing a plan for verification and validation review implementation.
In response, NARA officials said the agency intends to complete strengthening its enterprise architecture and its information security systems, including incorporation of a disaster recovery plan and security for password and systems configuration management by September, the GAO said.
Nonetheless, information security "remains a material weakness despite five years of effort by NARA to strengthen it," the GAO added.
"Because the agency recognizes these weaknesses and has plans in place to address them, we are not making further recommendations at this time," the GAO said. "However, it will be important for NARA to continue its efforts to resolve these weaknesses in a timely manner."
Alice Lipowicz is a staff writer covering government 2.0, homeland security and other IT policies for Federal Computer Week.