February 18, 1998

Information Technology Issues

Analysis of the 1998-99 Budget Bill

The Year 2000 ("Y2K") Computer Problem


Most governmental agencies will need to make changes to their computer systems to accommodate the year 2000 change. California has embarked on a major effort to fix its computers, headed by the Department of Information Technology (DOIT). The DOIT estimates that it will cost the state at least $240 million over several years to fix the problem, but we believe that this estimate is understated. We have identified a number of problems with the state's effort, including optimistic time lines, lack of contingency planning, and insufficient oversight.

We recommend that the Legislature (1) require departments to provide, during budget hearings, a status of their efforts to modify computers to accommodate the year 2000, (2) delay funding for new projects in those departments which have not modified their computers for year 2000, (3) approve DOIT's budget to provide additional oversight and assistance to departments, and (4) establish a reserve fund from which departments can request monies for yet-to-be identified efforts to address the problems related to the year 2000 conversion.

The budget proposes augmentations totaling $19.6 million by state agencies to fund efforts to modify computers to accommodate the year 2000 (Y2K). This does not include hundreds of millions of dollars in re-directions within departments' budgets to address these efforts. In this analysis, we outline the nature of the problem, what the state is doing about it, the potential costs and risks, and how the Legislature can ensure that the problem is addressed adequately.

What Is the Y2K Problem?

In the 1960s and 1970s when mainframe computer capacity was expensive, programmers established a standard for identification of dates in order to reduce the amount of space needed. By using the last two digits to represent the year (for example, 1973 was designated as 73), computing costs were reduced. With the new millennium approaching, these computer systems must now distinguish between dates in the 1900s and the 2000s. Computers, both in the public and private sectors, are unable to distinguish between these dates and must be modified to accommodate the change to the year 2000.

Failure to make the Y2K change will for some systems simply produce undetectable erroneous calculations, but some systems will completely fail. The "failure date," as it is known, is not necessarily January 1, 2000. For some systems in California, it has been as early as 1995, because these systems were required to provide dates into the future (for example, licenses that were granted in the mid- to late 1990s that will expire after the year 2000).

The potential risk for the state if computer systems are not converted is significant. For example, the Department of Motor Vehicles reports that the failure to convert its computer systems could result in $3 billion in lost revenue annually. The Department of Consumer Affairs reports a potential annual revenue loss of $241 million.

The DOIT identified almost 3,000 state computer systems; of these 1,100 are either fixed already or do not need to be fixed. Of the remaining 1,900 systems, 650 are mission critical, meaning that they enable the department to carry out its primary responsibilities such as issuing drivers' licenses, collecting taxes, et cetera. The remaining 1,250 systems were identified as essential but not mission critical and will also need to be fixed.

How Can the Problem Be Fixed?

In an effort to correct the problem, hundreds of millions of dollars are being spent on replacing, retiring, or modifying computer systems in state government. Each department must decide whether it is going to eliminate the system if it is no longer necessary to meet the department's business needs, replace a system which is essential but not currently meeting the business needs, or modify an existing system to become Y2K compliant. These efforts are collectively known as "remediation."

Several Methods of Y2K Remediation Available

In addition to simply replacing an existing system, a department can fix an existing system through several different methods. First, the department must determine how to identify within all of its lines of codes the dates that need to be changed. In some cases, an automated tool can read the lines of code and determine where the dates are and change them with the department's chosen new date standard. Other cases will require all the work to be done manually, taking much longer. Many systems will require a combination of the two approaches.

Once identified, there are several ways to fix the code. The code can be changed to accept dates with the entire year included (1973 rather than 73, 1910 or 2010 rather than 10). An alternative method is referred to as "windowing" in which the system is told that any date between 00-10 should be considered in the 2000s and any date from 11 through 99 should be considered in the 1900s. A department can choose one of these or many other solutions, depending upon what type of code it has and how much the existing code has been customized over the years. The more customized the code, the more manual intervention will be necessary.

Some of the methods of remediation, such as windowing, should be considered short-term fixes because dates will once again become a problem as the calendar nears the end of the window. Those departments that use a short-term fix may find that they still have to replace an entire system in the near future.

The State's Y2K Program

Shortly after DOIT was established in 1995, it began to make other departments and agencies aware of the impact the year 2000 would have on computer systems. Departments received a "white paper" on the issue in October 1996. One month later, DOIT distributed to departments its official Y2K Program Guide.

The DOIT's Y2K Program Guide lists the steps a department should go through to establish a plan for modifying the affected systems. It requires departments to create an inventory of existing systems; identify those systems that are critical to the overall mission of the department (referred to as "mission critical systems"); assess the impact the century change will have on these systems; and develop a plan to fix the systems. Departments had to identify the impact its computer systems have on the department, outside entities with whom it exchanges information, and the public. In addition, DOIT required departments to report this information as well as budget and Y2K conversion schedule in June 1997 with quarterly updates thereafter. Executive Order W-163-97, issued in October 1997, requires all state departments to complete their Y2K remediation efforts by December 31, 1998.

What Will it Cost?

In January 1998, DOIT estimated that remediation of the mission critical computer systems in state government will cost at least $240 million over several years. As we discuss below, we believe this estimate understates the total costs to the state because it does not include a number of project components and costs.

Current-Year Funding. The 1997-98 Budget Act (Item 9899) appropriated $55 million for Y2K conversion costs. This included $25 million from the General Fund, $25 million from special funds, and $5 million from non-governmental cost funds. As of early January 1998, 14 departments have requested and received about $44 million.

Budget-Year Funding. The Governor's budget does not propose to include funding for Y2K efforts in Item 9899 for 1998-99, but rather includes funding for Y2K projects in individual departmental budgets. The budget proposes total augmentations of $19.6 million in 12 departments for 1998-99. This amount does not include funds in the baseline budgets. The Department of Finance has not been able to provide information on how much departments have in their baseline budgets for Y2K efforts.

Analyst's Assessment of the Administration's Program

As we have indicated previously, DOIT has made the Y2K Program a top priority and has taken a number of positive steps to address the issue. It started work on the problem early, developed the Y2K Program Guide, conducted education and training seminars, and provided information and assistance to state departments. However, we have identified a number of shortfalls and missing elements in the program.

Essential, But Nonmission Critical, Systems Need to Be Fixed, Too

In addition to performing tasks on mission critical computer systems, each department will need to review its essential, but nonmission critical computer systems. To date, the focus has been on the mission critical systems so that departments can continue to provide programmatic services such as issuing business licenses, registering vehicles, and collecting taxes. Such a focus on mission critical systems is appropriate, however, there are many essential computer systems which the departments will need to fix in order to administer the department. Systems such as human resources, accounting, inventory, and others are not currently included in many department's plans to become Y2K compliant, yet will need to be fixed. Such efforts will add to the state's current cost estimate for remediation.

Embedded-Chip Technology. Nontraditional information technology, known as "embedded chip" technology, also needs to be fixed to accommodate Y2K. This includes elevators, voice mail systems, security systems, heating and air conditioning systems, as well as many other aspects of state government's daily functions. At this time, few vendors have indicated an ability or willingness to perform remediation efforts on the nontraditional systems. Although DOIT's program requires departments to indicate whether they have created plans and embarked on these efforts, the program does not require this to be included in the department's cost estimate, and DOIT does not review these plans. Thus, the state's planning and budgeting for these efforts is in the preliminary stages.

Costs Are Underestimated

As we indicated earlier, the DOIT estimates that the total costs of Y2K remediation will be $240 million over several years. However, this estimate does not include a number of direct and indirect costs to the state, including:

Who Pays?--Contracts Need to Be Reviewed

State departments have entered into thousands of contracts over the years to purchase hardware, software, and services. It was not until recently that these contracts contained language that required the vendor to provide hardware and software that was year 2000 compliant. Thus, in addition to fixing mission critical systems, departments must review existing contracts to determine whether the vendor or the state is responsible for paying for these remediation efforts. In most cases, this review is not currently being done. Some contracts require the vendor to ensure the system is maintained and "bug" free. Other contracts may require the state to accept this fiscal responsibility.

Additionally, each contract needs to be reviewed to determine responsibility for liability for noncompliance. If a major system is not remediated in time, the state runs the risk of being sued by someone who alleges harm as a result of the system's failure. As we indicated above, industry experts predict that legal expenses could add 40 percent to projects costs. Forty percent of the existing $240 million estimate is approximately $100 million for state government. Determining which failures pose the greatest risk to the state should help to prioritize remediation efforts throughout the state and thus reduce potential liability. Review of existing contracts by qualified legal counsel is an important component to the total effort. The DOIT proposes in its 1998-99 budget to provide these services for all state departments that request it.

Contingency Plans Lacking

Although DOIT required departments to provide contingency plans in their initial reports, our review indicates that few departments have such plans. For departments whose systems have already failed (because they did not meet their conversion date), it is unclear what has been done to enable the department to continue to provide its core business services.

Time Lines Are Too Optimistic

As we indicated above, the executive order provides that all departments complete remediation efforts by December 31, 1998. This is probably an optimistic time line for three reasons.

Testing. The time lines outlined by the departments and reported by DOIT do not provide sufficient time for testing. After the computer code is fixed, the system must be tested. It is generally accepted in the information technology industry that 40 percent of total project time and cost should be devoted to testing. Testing is a critical component of a project because it is at this phase that problems are identified. If adequate time is not set aside for testing, and significant problems are identified when the system is tested, the project may not be completed on time. Once testing has proven successful, the system is put into "production." This is the process in which the system is actually implemented and workers are trained to use it.

Contingency Planning. The time lines do not incorporate time to activate or invoke contingency plans in the event a remediation effort fails to meet project milestones.

Entities With Whom the State Exchanges Data. The state exchanges data with many entities including the federal government, welfare offices, car dealerships, hospitals, schools, and emergency response services. The time lines do not always include enough time for the state department to develop a "bridge" with these partners in the event the partner is unable to modify its systems in time. Without a bridge, even if the state modifies its system on time, it will be unable to exchange data with the confidence that the data are accurate.

What Should the Legislature Do?

The Need for Oversight

The consequences can be significant if a state department does not make the Y2K conversion on time. Departments which rely on computer systems to carry out their business, whether it be to collect revenues, ensure public safety, or regulate an industry, need close legislative and executive branch scrutiny. We are concerned that DOIT is currently unable to provide the necessary level of oversight with its limited staff (we discuss this issue below and in our analysis of DOIT contained in this chapter).

As a result of the lack of adequate oversight, the Legislature will not be apprised of the full extent of the problem, efforts being undertaken to fix it, the budget required to complete these efforts, and the fiscal effects if systems are not fixed on time. Since this is the largest information technology project the state has ever undertaken and it has significant ramifications to all citizens, closer monitoring by both the administration and Legislature is warranted.

Require Departments to Report on Progress During Budget Hearings

We recommend that the budget subcommittees require departments to provide a status report on efforts to become Year 2000 compliant during hearings on the 1998-99 budget.

During budget hearings, the budget subcommittees should require each department to provide a status report on its progress in making its systems Y2K compliant. Some departments which submitted plans to DOIT did not indicate how they were going to fix embedded chip problems; what the impact to the General Fund and special funds would be if its systems failed; potential legal exposure; or what they intended to do should their plans fail. The DOIT does not know whether these departments have a backup plan if initial efforts to fix the computer systems are unsuccessful. If a large computer system which issues billings or tracks collections is not remediated before its failure date, the state could stand to lose hundreds of millions of dollars. Likewise, should a computer system which keeps records for law enforcement not be expected to be remediated on time, the Legislature should know of the potential problems beforehand.

According to DOIT's Y2K project time line, all departments should now be done with developing Y2K solutions and should be in the testing phase. If departments are not in the testing phase, it may be a sign that the state will be at risk of not meeting the deadline. Many department's plans contain a minimum number of days between the time at which the first failure date occurs and the time at which the system will be fixed, known as the "cushion" time. This is a key factor in determining risk. A cushion is needed to allow for resolving unanticipated problems due to the complexity of the Y2K modifications. The less cushion time, the higher the risk to achieving success.

Here are some of the questions that the budget subcommittees should ask of departments during budget hearings:

We recommend that the Legislature require every department, during budget hearings, to provide an update on the status of its efforts to complete remediation efforts. This would allow the Legislature to direct the departments to improve their efforts, develop contingency plans, or take other steps to ensure that the negative impacts of failure to remediate systems are minimized.

Deny Funding for New Information Technology Projects Until a Department Has Completed Y2K Projects

We recommend that the Legislature deny the budget request for a new information technology project in any department that has not completed its year 2000 projects.

In order to encourage departments to focus their resources on Y2K remediation efforts, the Governor issued an executive order (W-163-97), which requires the deferral of new computer systems unless the proposed new system is legislatively mandated or is necessary to help the department become Y2K compliant. A preliminary review of approval letters indicates 28 new projects (totaling over $200 million) were approved in the three months since issuance of the executive order. Of those, only 11 could be identified as being mandated to meet a department's business needs or necessary for a department to become Y2K compliant.

Some of these nonmandated projects are being requested by departments which will not have their systems compliant before they fail or before the Governor's deadline of December 31, 1998.

Due to the nature of the impact of the century change on nearly every aspect of an organization's mission and the immovable deadline, any new project will likely deflect resources from Y2K efforts. For this reason, we recommend that the Legislature deny funding new projects until the department has its mission critical systems working correctly or the system is mandated by law. In addition to mission critical systems, departments still need to make their essential but nonmission critical systems Y2K compliant. The Legislature may consider requiring a department to have all of its systems substantially compliant before approving funding requests for new systems. Failure of the systems that are essential, but not mission critical, may nonetheless significantly affect the ability of an entity to do business effectively.

Approve the DOIT's Y2K Program Funding Request for 1998-99

We recommend that the Legislature approve the Department of Information Technology's request for additional resources for its Year 2000 office.

In our analysis of the DOIT budget (later in this chapter), we recommend approval of the department's request for additional resources for its Y2K office. Currently, DOIT is unable to review many department's plans for, and monitor progress toward, remediation. We believe that close monitoring of departmental Y2K efforts by the state's information technology office is necessary, and recommend that they be provided with the tools to do so. We believe that the funding request is the minimum necessary to accomplish the task.

Establish a Reserve Fund

We recommend that the Legislature consider setting aside a reserve fund in the 1998-99 Budget Bill for additional Year 2000 projects.

The state is involved in a multiyear effort to be Y2K compliant. As we indicated earlier, the state's estimate of Y2K remediation costs is probably understated. This is because not all of the plans filed with DOIT include remediation of all systems (especially essential, but not mission critical systems, and embedded chip), implementation of contingency plans, and legal expenses. We believe that the Legislature is likely to receive additional funding requests for these efforts in addition to what is in the Governor's proposed budget.

Departments are refining their cost estimates as they further define the scope of their Y2K remediation efforts. Departments will need to perform the same remediation efforts for nonmission critical systems, potentially invoke contingency plans, review existing contract terms, and defend themselves in court. Many of these expenses have not been identified yet and are not accounted for in the proposed budget.

The Department of Finance is only tracking the augmentation requests made by departments. It is not tracking how much departments are actually spending on Y2K efforts. Nor does it plan to track the Y2K efforts in a way to be able to plan for revenue shortfalls in the General Fund or special funds should these systems not be fixed on time. This will be problematic if a computer system at a department that is charged with collecting revenue does not function properly.

Since departments will not be able to wait until the 1999-00 Budget Actfor appropriations to resolve these yet-to-be identified efforts, and shortfalls in revenue collected poses a potential problem to the General Fund, the Legislature should consider setting aside funds to resolve these problems. Although some level of redirection of resources by departments is appropriate, we believe that additional resources will be necessary. In the 1997-98 Budget Act, the Legislature appropriated $55 million (all funds) for Y2K remediation efforts. We believe that a reserve fund of at least that magnitude is warranted for 1998-99 above the amounts proposed for the individual departmental budgets.




Transportation


Financial Responsibility Requirement Implemented at High Costs

It will cost the Department of Motor Vehicles about $15.9 million in 1998-99 to continue to implement the financial responsibility legislation which will sunset January 2000. Initial data show a drop in the rate of vehicle registration renewal.

We recommend the adoption of supplemental report language directing the DMV to report by April 1999 on a pilot project to test electronic transfer of insurance data in order to assist the Legislature in determining how the department can most cost-effectively implement the financial responsibility requirement if it is extended.

Chapter 1126, Statutes of 1996 (AB 650, Speier) requires that beginning in 1997, vehicle owners provide proof of financial responsibility (liability insurance) as a condition for renewing a vehicle registration. The requirement sunsets on January 1, 2000.

To implement Chapter 1126, the DMV requires that vehicle owners submit insurance information with their vehicle registration renewal application. The department rejects applications that lack complete insurance information; however, it does not verify the authenticity of the information in most cases. Instead, in order to prevent fraudulent reporting, it verifies information on a sampling basis. For the current year, the department estimates costs to implement the requirement at about $17.8 million. It is requesting $15.9 million for the program in the budget year.

Vehicle Registration Renewal Rate Has Dropped. Data collected by the department show that compared to 1996, the rate of registration renewal (the number of registered vehicles that renew their registration) has declined since the implementation of Chapter 1126. Figure 14 shows that renewal rates in the first half of 1997 declined by about 6 percent. Similarly, it was about 4 percent lower in the third quarter of 1997 compared to the same period in 1996.

Because vehicle registration fee revenues make up about 75 percent of MVA revenues, a drop in vehicle registration renewal would negatively impact the account's condition. In fact, departmental data show that despite an increase in first-time registration, total registration revenues (including first-time and renewal registration) dropped by $25 million, or about 4 percent, in the first 11 months of 1997 compared to the same period in 1996.

Figure 14
Department of Motor Vehicles
Vehicle Registration Renewal Rates
1997 Versus 1996
First
Quarter
Second
Quarter
Third
Quarter
Fourth
Quarter
1996 92.2% 91.4% 92.7% 94.2%
1997 86.5 85.5 88.9 --a
Percent Decline 6.2% 6.4% 4.1% --a
aData not yet available.


Current Method of Showing Proof of Financial Responsibility Is Inefficient and Ineffective. As we pointed out in last year's Analysis (page A-62), DMV's current method of requiring proof of financial responsibility is inefficient. Specifically, relying on paper evidence of insurance (a copy of an insurance policy or coverage card) provided through the mail results in delays in processing vehicle registration and fee remittance. For instance, the department has experienced a significant drop in the rate that fee remittances are deposited on the same day they are received. Because of the longer processing time, the department also has to increase staff to handle the same volume of registrations.

The method is also not effective because the department has no means of verifying all documents sent in by vehicle owners. Currently, it verifies documents only on a limited sample basis. Additionally, the department has no way of ascertaining that insurance coverage on vehicles remains in effect and is not terminated after a vehicle is reregistered.

Department Plans to Pilot Test Electronic Data Transfer. Electronic data transfer of insurance information would greatly enhance DMV's efficiency and effectiveness in implementing Chapter 1126 as it would virtually eliminate fraudulent insurance information. The department indicates that several insurance companies have volunteered to pilot test electronic transfer of insurance information. The department anticipates the pilot to last six to eight months, beginning in July 1998.

Chapter 1126 Will Sunset in 2000. Whether Chapter 1126 ought to be extended would in part depend on its effectiveness in reducing the number of uninsured motorists. That in turn depends on how effectively DMV can implement the financial responsibility requirement. Results of the pilot project will be useful to the Legislature in determining how the program should be improved if Chapter 1126 is to be extended. To assist the Legislature in doing so, we recommend that supplemental report language be adopted that requires the department to provide the pilot results in a timely manner.

By April 1, 1999, the Department of Motor Vehicles shall report on the impacts of the implementation of Chapter 1126, Statutes of 1996 (AB 650, Speier). The report shall include, among other things, an assessment of the impact of the program on vehicle registration renewal and revenues to the Motor Vehicle Account. In addition, the report shall provide an evaluation of the electronic data transfer pilot project in order to determine the department's cost and effectiveness in implementing the legislation.

Database Redevelopment Shows No Progress;
Department of Motor Vehicles Proposes New Project

Five years after a database redevelopment project failed, the department is still no further along in improving or redesigning its information technology system. The department now intends to pursue a new strategy to improve the system. We recommend that the department and the Department of Information Technology (DOIT) provide an update to the Legislature at budget hearings on the overall plan, time schedule, cost, and technological soundness of the new project.

We further recommend that any funding provided for information technology system improvement in 1998-99 be made contingent upon DOIT providing a full evaluation of the department's project proposal to the Legislature, including an assessment of the Department of Motor Vehicles' staff capability to manage the project.

In 1994, DMV abandoned an ambitious but flawed project to redesign its computer database. The purpose of the project was to redesign an obsolete information technology system in order that it could be easily updated and maintained to meet the department's expanding workload. Since then, the department has been pursuing a new project to improve its information technology system. The process began in 1994-95 with an independent consultant evaluation and in 1996-97 the Legislature provided $5.8 million for three projects to begin to implement the consultant's recommendations.

For the current year, the department's budget includes $5.1 million to continue these three projects for a second year.

Two of Three Projects Will Not Proceed. One of the three projects--business process reengineering, an effort to streamline departmental functions for higher efficiency, is ongoing and is estimated to cost about $2 million in the current year. The department, however, has suspended the other two projects--rewriting outdated computer programs and replacing custom database software with industry standard software--due to unanticipated high costs to complete the projects.

Department Intends New Project. Instead, the department is pursuing a new project to improve its information technology system. Specifically, it plans to develop a new database using, where feasible, "off-the-shelf" software systems that can be procured commercially. According to DMV, a project report had been submitted for review by DOIT at the time this analysis was prepared.

The budget requests no funds for the new database redevelopment project. Depending on DOIT and the Department of Finance's Technology Investment Review Unit's (TIRU) review of the project proposal, the department may submit a budget amendment for 1998-99.

Five Years After Project Failure, Department No Closer to Solution.Because DMV's existing information technology system is outdated, it is costly and difficult to maintain. Consequently, the system must be improved in order that the department can effectively carry out its statutory responsibilities. However, the department has shown no progress in improving the system in the last five years. Before more funds are expended and time spent on any improvement efforts, we think that the Legislature should have some assurance that further efforts or projects (including the new project) are technologically sound, the cost estimate and time schedule for the projects are realistic, and the department has the necessary staff expertise to manage the projects to completion.

Accordingly, we recommend that the department, together with the DOIT, report at budget hearings on DMV's project proposal, DOIT's assessment of the project's technological soundness, and potential alternatives to improve the current system. We further recommend that any funding provided in 1998-99 for the improvement of DMV's information technology system be made contingent upon DOIT providing a full assessment of the feasibility of any proposed project no later than September 1, 1998. The assessment should comment on the department's ability to manage the project to completion.



Resources


Casmalia: The Next Stringfellow?

The state is appealing the federal court's decision in the Stringfellow litigation, where the state was found liable for cleanup costs that could reach $500 million over many years. A recent lawsuit now alleges that the state is liable for all cleanup costs at the Casmalia Hazardous Waste Management Facility which could reach $250 million.

The state is potentially liable for cleanup costs at two hazardous waste sites that could reach $750 million over many years. The litigation in these two cases will likely take many years to resolve.

The Stringfellow Liability. A 1995 federal court decision found the state liable for all of the cleanup costs at the Stringfellow Superfund Site (in Riverside County) on the basis that state agencies were negligent in issuing permits for the location of the hazardous waste disposal facility. The costs could reach $500 million over many years. The state is appealing this decision, and it is unlikely that a decision will be rendered before 1999-00. According to the Attorney General's Office, it is unlikely that the state would be absolved of all liability at Stringfellow. The state is also pursuing litigation against its insurers, and it is highly uncertain how this litigation will be resolved.

Since 1983, the department has spent about $50 million in investigations and cleanup costs at the site (some of which is potentially recoverable if the state is successful in litigation). In addition, the Attorney General has spent over $6 million to defend the state in the Stringfellow litigation. The budget requests about $11 million from the General Fund in 1998-99 to continue cleaning up the Stringfellow site and to operate a water pretreatment plant at the site.

The Casmalia Liability. Casmalia operated as a hazardous waste treatment, storage, and disposal facility in Santa Barbara County until 1989. The United States Environmental Protection Agency (US-EPA) has taken the lead to clean up this site. The US-EPA has identified parties, including a number of state agencies, that contributed to the contamination by sending large amounts of waste to Casmalia.

The 1996 budget provided $18.1 million from the General Fund to settle with US-EPA for the state's liability at Casmalia. This settlement amount was based on the assumption that the state would be responsible for only 5 percent of the cleanup costs at this site since it contributed a like portion of the total waste disposed at the site. Because a settlement was not reached in 1996-97, the 1997 budget reappropriated these funds for 1997-98. According to the department, it is unlikely that there will be a settlement on the liability issue in either 1997-98 or 1998-99. Therefore, the budget does not request funds for a settlement payment in 1998-99.

State Potentially Liable for Significant Cleanup Costs. Although the budget contains no funds to settle the state's liability for Casmalia with US-EPA, it does provide funds to defend the state against related litigation. In November 1997, a lawsuit was filed against the state by other parties that contributed to the contamination at Casmalia. The lawsuit alleges that the state is responsible for 100 percent of the cleanup costs at Casmalia because the state was negligent in enforcing both clean water laws and hazardous waste laws at this site. The US-EPA estimates that these cleanup costs could reach $250 million.

In the current year, expenditures are estimated at $657,000 to establish a litigation support team (consisting of the department, the Attorney General, and the Central Coast Regional Water Quality Control Board) to defend the state against this litigation. The budget proposes $596,000 for the Attorney General to defend the Casmalia litigation in 1998-99. In addition, the budget requests $1.4 million from the General Fund for the department to (1) provide in-house technical and legal support to develop the state's defense and (2) design and maintain an automated document storage, retrieval, and indexing system for the estimated 750,000 pages of documents in this case. A feasibility study report for this automated system has been approved by the Department of Information Technology and the Technology Investment Review Unit in the Department of Finance. We find that the expenditures proposed for 1998-99 are warranted.



Judiciary and Criminal Justice


Trial Court Grant and Management System Requests Are Not Appropriate

We recommend a General Fund reduction of $430,000 and two positions for the proposed Trial Court Coordination Assistance Grant Program and for the development of a Trial Court Case Management System because these programs should be funded through the allocation of funds from the Trial Court Funding budget item. (Reduce Item 0250-001-0001 by $430,000.)

The budget proposes $430,000 and two positions within the budget of the Judicial Council for the proposed Trial Court Coordination Assistance Grant Program and for the development and implementation of a Trial Court Case Management System. Neither of these requests is appropriate because they propose General Fund money in the Judicial budget to support programs that should be funded through the Trial Court Funding Program. The specific proposals are discussed below.

Trial Court Coordination Assistance. The budget requests $125,000 on a permanent basis to provide "mini-grants" of up to $25,000 per court to assist trial courts in their efforts to implement trial court coordination. We recommend denial of this request because it is more appropriate to fund this program through the Trial Court Funding budget item. The Judicial Council has provided assistance to the courts in this area for a number of years with regional workshops, technical assistance, and some grant funds. This program should be funded through either (1) the proposed Judicial Administration Efficiency and Modernization Fund (budgeted at $50 million in 1998-99), (2) the Trial Court Improvement Fund (budgeted at $40 million), or (3) funds available in the Trial Court Trust Fund, all of which the Judicial Council has authority to allocate to local courts.

Trial Court Case Management System. The budget proposes $305,000 and two positions to begin initial development of a state-sponsored automated trial court case management system in approximately ten small- to medium-sized counties. We recommend denial of this request because it is also more appropriately funded from the Trial Court Funding Program. Within the Trial Court Funding Program, the Legislature has created the Trial Court Improvement Fund, from which monies are allocated by the Judicial Council for, among other things, automated record keeping system improvements. The Judicial Council indicates that previously these ten counties received $671,000 from the Trial Court Funding Program to begin defining system requirements or to procure a new system. We believe that the proposal should continue to be funded from the Trial Court Funding budget item. If the trial courts want to contract with Judicial Council to provide this service, the Judicial Council should be reimbursed by these courts from their Trial Court Funding allocation, rather than granting new funds from the General Fund.

Division of Criminal Justice Information Services

Live Scan Fingerprinting for School Employees Still Being Implemented

We withhold recommendation on $4 million from the Fingerprint Fees Account for placement of 100 live scan electronic fingerprint terminals statewide, pending finalization of the Division of Criminal Justice Information Services' plan for placing the new machines.

The Division of Criminal Justice Information Services (CJIS) is implementing new legislation (Chapter 588, Statutes of 1997 [AB 1610, Ortiz] and Chapter 589, Statutes of 1997 [AB 1612, Alby]) that requires that all school employees and applicants must undergo criminal background checks. The DOJ estimates that the new legislation will add over 239,000 new fingerprints which must be checked. While the persons being fingerprinted would pay for the costs through fees, the increased demand on the system could slow down DOJ responses. Recognizing this potential, the Legislature also appropriated funds to purchase and place live scan electronic fingerprint terminals at 100 locations throughout the state to facilitate all of the new requests for fingerprints.

The budget requests $4 million from the Fingerprint Fees Account to pay for the processing of the new volume of fingerprints. The request appears justified, however, the DOJ is still in the process of identifying where the new live scan devices will be located. The DOJ informed us that these locations will be identified shortly and installation will begin in March 1998. The DOJ estimates that installation will not be complete for four to six months. Consequently, we have not been able to review the DOJ's plans for implementation or its plans for where the terminals will be located.

Analyst's Recommendation. We withhold recommendation on this request, pending receipt and review of DOJ's plan for installation of the new live scan terminals.

Criminal History Backlogs Reduced

The Department of Justice has virtually eliminated its backlogs of criminal history disposition files for felonies and convictions, and inmate fingerprints. The only remaining backlog remains for misdemeanor dispositions and records of no conviction.

Under current law, the DOJ is required to maintain a number of criminal justice information systems for law enforcement agencies. The DOJ's CJIS processes a variety of documents from local law enforcement agencies, the courts, and the CDC. The CJIS receives, examines, and stores fingerprints in one of the largest automated fingerprint systems in the world, larger than that of the Federal Bureau of Investigation. The CJIS fingerprint system (CAL-ID) stores fingerprint data on all those convicted of a crime in California. The system is used for criminal investigations and for establishing whether arrestees, CDC inmates, or applicants for jobs (such as teachers and child care workers) have criminal records.

In addition, CJIS maintains the state's criminal history systems, including the automated files that record arrests and dispositions. The arrest file lists the specific offenses for which an individual has been arrested; the disposition file lists all offenses for which an individual has been convicted (or any other court disposition).

In our Analysis of the 1995-96 Budget Bill, we reported that the DOJ had backlogs of up to one year in recording disposition data. In last year's Analysis, we pointed out that the backlog had been reduced.

Conviction File Backlogs for Felonies and Firearms Crimes Eliminated. As we reported last year, the DOJ had taken a series of steps to reduce the inventory of backlogged documents. The DOJ indicated that its goal was to ensure that the backlog of criminal conviction histories for individuals convicted of felonies or crimes where a firearm was used be reduced to 30 days. As of January 1998, there is no backlog for these records.

The CJIS reports that the total number of other types of documents awaiting processing, such as misdemeanor convictions and records of no conviction, was about 152,000 documents in January 1998. In contrast, at this time last year, there were almost 825,000 documents awaiting processing.

Backlog of CDC Fingerprints Eliminated. The CJIS reports that it has eliminated its backlog of CDC inmate fingerprints, but notes that over 20,000 records need to be returned to CDC as a consequence of problems with the records. Last year, the backlog for inmate fingerprint record checks was 18 months. There were 200,000 CDC inmate fingerprint documents awaiting processing as of December 1996.



K-12 Education


Commission on Teacher Credentialing

We recommend the Legislature adopt budget bill language requiring the Commission on Teacher Credentialing to complete its Year 2000 computer upgrades and an information technology strategic plan before it receives funds for other computer projects.

The budget proposes $198,000 from the General Fund to upgrade the CTC computer systems. The proposed project would cost $1 million over five years ($0.3 million in one-time costs and $0.7 million in on-going costs). The CTC is requesting these funds because many of its computers are old and have insufficient memory to work effectively. The request appears reasonable. We have the following concerns with the proposal, however:

For these reasons, we recommend the Legislature delay funding for this project until CTC has complied with the Governor's executive order on Y2K compliance and developed a five-year technology plan that is consistent with the commission's strategic business plan. The following budget bill language is consistent with this recommendation.

Of the funds appropriated in this item, $198,000 for the upgrading of Commission on Teacher Credentialing (CTC) computer systems shall be made available only after the Department of Information Technology certifies that CTC has completed (1) all year 2000 computer upgrades and (2) an information technology strategic plan.



Higher Education


Telecommunications/Technology Augmentation

We recommend the Legislature delete the $10 million augmentation request for telecommunications/technology because the California Community Colleges has not demonstrated the need for an augmentation.

The budget proposes a $10 million augmentation to the CCC's telecommunications/technology program. This program was initially funded in the 1996-97 Budget Act with $9.3 million, then augmented to an $18 million spending level in the 1997-98 Budget Act. We believe the Legislature needs a clear understanding of what has been accomplished in the program's first two years before it commits to another significant expansion. The Legislature anticipated this need by requiring in the 1997-98 Budget Act that the CCC report to it on those accomplishments by April 1, 1998. Moreover, the documentation provided by the administration does not make clear why $10 million is needed nor does it make clear what this additional investment would "buy" in terms of better educational services.

In view of the above, we recommend the Legislature delete the $10 million augmentation request for telecommunications/technology.





General Government


Department of Information Technology (0505)

The Department of Information Technology (DOIT) is responsible for planning and overseeing the state's use of information technology by ensuring that appropriate plans, policies, and procedures are in place to assure successful implementation of projects. The DOIT was created by Chapter 508, Statutes of 1995 (SB 1, Alquist), in response to the difficulties the state experienced in attempting to successfully deploy information technology projects.

The budget proposes $8.5 million ($7.7 million from the General Fund) for support of the department's operations in 1998-99, an increase of $1.5 million, or 21 percent, over estimated current-year expenditures. Current-year expenditures include $2 million transferred from Item 9899 of the 1997-98 Budget Act for DOIT's work on the year 2000 computer conversion projects. The increase in the budget year is proposed to support 19 new positions, as well as additional external consulting services.

Department Still Needs to Develop Information Technology Policies

We recommend the adoption of budget bill language appropriating $437,000 for initiation and implementation of information technology projects once the Department of Information Technology develops a number of specific information technology policies.

Budget Proposal. The proposed budget includes establishment of two positions and $437,000 for consulting services to carry out information technology planning and project initiation. This request was initially approved by the Legislature in 1997-98, but was eliminated at the end of last year's budget process as part of the Public Employees' Retirement System loan repayment decision.

Background. Last year, we reported that the department indicated it was on the verge of completing a number of tasks which must be accomplished in order for it to fulfill its statutory oversight responsibilities. Among these tasks were development of policies regarding initiation and oversight of information technology projects, disaster recovery, information security, and improved reporting to the Legislature regarding information technology projects. Since last year, DOIT has not established formal policies for most of these issues, although the department has taken informal positions on some of these matters.

Specific Project Development Policies and Procedures Needed. Currently, departments submit project proposals to DOIT for review. After reviewing and approving a project, DOIT sends a letter of approval to the department indicating the conditions under which the project has been approved. Although DOIT supports the use of project initiation and deployment standards used in the private sector, it has yet to establish formal policies on:

As a result of not having policies, the conditions required in the letters of approval come unexpectedly. Departments must then implement DOIT's recommendations after they have already begun planning for the project. Establishing these policies in advance of departments beginning their project planning could further improve the planning phase. Although DOIT generally supports these concepts (which are often referred to in the information technology industry as "best practices"), it has not developed and distributed a statewide policy on these and many other important issues as we discuss below.

Policy on Minimal Qualifications for Project Managers Still Critical.The Supplemental Report of the 1997-98 Budget Act required DOIT to report to the Legislature quarterly, beginning in September 1997, on its progress in providing training and certification of project managers. In response, the DOIT has entered into a partnership with the University of California, Davis to develop a project management training program which has since enrolled its first class of students. Because it is a two-year effort, projects are currently underway which are being managed by personnel not necessarily experienced or knowledgeable in project management skill sets. Additionally, since the training program is completely voluntary, it is unclear how many existing state project managers plan to complete it. Consequently, the impact of this training program is likely to be limited without a policy requiring such training.

It is also important that DOIT establish a policy that identifies minimum qualifications to be a project manager. Additionally, DOIT should review the qualifications of the project managers on all major information technology projects and decide whether their skills need to be augmented with public sector managers or private sector consultants who have the necessary project management experience.

Progress Still Needed on Procurement Policy Reform. In 1994, the Governor's Task Force on Government Technology Policy and Procurement identified the procurement process as one of the major obstacles to successful deployment of major information technology projects in California. Three years have elapsed since the report was issued and California uses the same policy to procure major projects today as it did then.

In the 1997-98 Budget Act, the Legislature required DOIT, in cooperation with the Department of General Services (DGS), to develop recommendations for improving the current state contracting practices so that contract awards are needs-based, not cost-based. In vetoing the language, the Governor indicated that it was not necessary because DGS had already developed such recommendations in pending procurement reform legislation. However, DGS' reform efforts have yet to be adopted by the Legislature. More importantly though, Chapter 508, the measure that created DOIT, clearly requires DOIT to develop procurement policies for information technology. Therefore, DOIT should develop and implement procurement policies for information technology goods and services, while DGS develops procurement policy for commodities.

Department Should Adopt Policy to Make Funding Requests Understandable. The 1997-98 Budget Act directed DOIT to develop a process to better coordinate between DOIT and the Department of Finance (DOF) the approval of departmental requests for information technology project funding. In response to the legislative directive, DOIT has adopted a new process that should result in more timely approval of proposed projects.

Although the process has been improved, the quality of the information contained in the documents has not. In general, state departments advise the Legislature about information technology projects through feasibility study reports (FSRs) for proposed new projects and special project reports (SPRs) when significant changes occur to existing projects.

In many cases, the documents provided to the Legislature are difficult to understand because they are poorly prepared and do not contain important summary information. To correct at least part of this problem, Chapter 508 required that these documents contain specific summary information at the front of the document. The DOIT has yet to require this summary information from departments. In the absence of this information, it is extremely difficult and sometimes impossible to evaluate the proposal. Consistent with its enabling statute, DOIT should create a form requesting summary information for departments to transmit to DOF, DOIT, and the Legislature with each FSR and SPR.

Policy to Advise Legislature of All Major Information Technology Projects Needed. Under current state policy, departments are required to notify the Legislature whenever they transmit an FSR or SPR to DOIT for review. Although this policy results in the Legislature being notified of some major information technology projects, many are not reported because state policy allows DOIT to delegate to departments the authority to approve their own projects. As a result, these departments are not required to report projects or funding amounts to the Legislature on these projects.

Given the unresolved problems with the state's information technology infrastructure, including telecommunications and networks, we believe that the Legislature should be notified of projects that would have to be reported had the department not received delegated authority. We recommend DOIT establish a policy on notifying the Legislature when funding is requested for these information technology projects. This would provide the Legislature with more complete information on projects and funding.

Analyst's Recommendation. In summary, we recommend that the Legislature adopt budget bill language directing DOIT to develop and distribute policies, per its enabling legislation, on the following:

In order to ensure the enactment of the policies, we recommend that the budget request for planning and project initiation be tied to completion of the policies. Specifically, we recommend the following budget bill language:

In addition to the funds otherwise appropriated by this item, the sum of $437,000 is hereby appropriated from the General Fund for the support of the Department of Information Technology for the 1998-99 fiscal year. The appropriation made by this provision is not available unless and until the Department of Information Technology drafts or produces final policies establishing (1) when a department should hire an independent oversight vendor, (2) the level of experience project managers should have, (3) how to determine whether a procurement should be cost- or needs-based, (4) when a department should require a letter of credit or performance bond from the vendor, (5) what an appropriate size of a project is, (6) when acquiring intellectual property rights is appropriate, (7) when a risk assessment model should be conducted on a project, (8) when a risk mitigation plan needs to be developed, (9) summary information that should be contained in the front of funding documents, and (10) notification to the Legislature of information technology projects which are being conducted under delegated authority. Final policies shall be distributed to state departments prior to June 30, 1999.

Project Cost and Schedule Estimates Are Rarely Accurate

We recommend that the Legislature adopt supplemental report language directing the Department of Information Technology to require that feasibility study report transmittal letters and special project reports contain the administration's assessment of the sensitivity to change of the costs, benefits, and schedules contained in these documents.

Over the past several years, we have identified several major information technology projects where costs have increased significantly above the original or updated estimates. The problem of inaccurate project estimates is not new and is not unique to public sector projects. Nevertheless, the Legislature continues to be asked to approve budgets for information technology projects which are based on cost estimates which are likely to change, most often in an upward direction. Project implementation schedules are often optimistic as well.

Given this situation, we believe that FSR and SPR transmittal letters for information technology projects should address the probability that cost, benefit, and schedule estimates are likely to be accurate, including any qualifications regarding those estimates. To help improve the meaningfulness of budget requests based on estimates contained in information technology project-related documents, we recommend that the Legislature adopt the following supplemental report language:

The Department of Information Technology shall require that feasibility study report transmittal letters and special project reports address the sensitivity to change of the cost, benefit, and schedule estimates contained in these reports.

The DOIT's Advocacy Role Conflicts With Oversight Responsibilities

We recommend that the Legislature approve the Department of Information Technology's funding request for additional resources to institute the new funding approval process, but require the resources requested for advocacy be redirected to responsibilities the department is required by statute to fulfill.

Budget Proposal. The 1997-98 Budget Act required DOIT, in collaboration with DOF, to develop a new process for the initiation and approval of information technology projects. The DOIT published a report in December 1997 outlining the new process. The budget proposes six additional personnel-years and $288,000 in consulting services to implement the new process. As a component of the new process, DOIT indicates its intention to become an advocate for departments before the legislative budget hearings once an information technology project is approved.

Analyst's Recommendation. The enabling legislation which created DOIT required the department to establish policy in a number of significant areas. Since DOIT has yet to establish these policies as discussed above, it would appear as though the proposed resources devoted to advocacy in the funding request could be better used to meet the department's statutory requirements. Alternatively, as we indicate later in this analysis, DOIT has limited resources for year 2000 remediation activities and these resources could be used for such efforts.

Additionally, it would appear as though a department which is supposed to critically assess a project from initiation through its life cycle would have a conflict of interest as an advocate for the project. In fact, DOIT itself has stated that it believes an oversight body should be severed from the unit it is overseeing. In its 1996 Annual Report, the department wrote: "The most effective project oversight is applied in a condition of independence, i.e., the individuals performing project oversight must be detached from the organizational chain of command."

In view of the above, we recommend that the Legislature approve DOIT's augmentation, but require the resources proposed for advocacy be redirected to responsibilities DOIT is required by statute to perform.

State Civil Service Classifications Still Need Reforming

We recommend that the Department of Information Technology report to the Legislature, prior to budget hearings, on its progress and plans to change the civil service classification system to improve the state's access to information technology expertise.

In 1994, the Governor's Task Force on Government Technology Policy and Procurement identified the state's civil service classifications as too rigid and a barrier to hiring information technology expertise at higher than entry-level positions. The state's hiring policies require departments, as a general rule, to hire at the entry level. In some cases, this limits a department's ability to hire personnel with extensive experience. Additionally, the task force noted that the state is unable to match private sector salaries in this employment field.

To resolve this problem, DOIT indicated in its 1996 Annual Report that it is involved in reforming information technology civil service classifications. However, we are unaware of any steps taken in this regard. Consequently, we recommend that DOIT report to the Legislature, prior to budget hearings, on the progress that has been made in addressing the civil service classification issues identified in the Governor's task force report.

Department Continues to Be Leader On Year 2000 Conversion

In the last year, the Department of Information Technology has continued to provide leadership to state agencies in planning the conversion of their computer programs to accommodate the millennium change. We recommend that the Legislature approve the department's request for additional resources in 1998-99 for oversight of the year 2000 conversion efforts. We also recommend that the Legislature direct the department to take a number of additional steps with regard to the conversion.

In the 1960s and 1970s when mainframe computer capacity was expensive, programmers established a standard for identification of dates in order to reduce the amount of space needed. By using the last two digits to represent the year (for example, 1973 was designated as 73), computing costs were reduced. With the new millennium approaching, these computer systems must now distinguish between dates in the 1900s and the 2000s. Computers, both in the public and private sectors, are unable to distinguish between these dates and must be modified to accommodate the change to the year 2000 (Y2K).

Failure to make the Y2K change will for some systems simply produce undetectable erroneous calculations, but some systems will completely fail. The "failure date," as it is known, is not necessarily January 1, 2000. For some systems in California, it has been as early as 1995, because these systems were required to provide dates into the future (for example, licenses that were granted in the mid- to late 1990s that will expire after the year 2000).

The Y2K conversion poses a significant problem because (1) California has never undertaken such a large statewide information technology project; (2) in most cases, it is probably too late to begin to deploy a replacement system, as opposed to modifying a system, thus limiting choices in how to respond to Y2K; and (3) as we approach the year 2000, resources are likely to become more scarce and prices will increase.

Budget Proposal. The budget proposes an augmentation of four limited-term positions and $302,000 for consulting services for DOIT's Y2K program. This would increase to seven the number of positions which currently staff the program. With this augmentation, DOIT proposes to use its Risk Assessment Model (RAM) on each project to determine risk and prioritize high risk projects for additional oversight.

The DOIT Started Early and Continues to Plan For Compliance. The administration initially focused attention on this problem when the Governor's Office of Information Technology (now DOIT) was established in late 1995. Significant effort to develop a strong program was made in 1996. In October 1996, DOIT published a "white paper" describing the Y2K problem. In November 1996, the DOIT issued the "California 2000 Program Guide" which identified the DOIT's approach to fixing the Y2K problem. Additionally, DOIT established a Y2K site on its home page which facilitates the exchange of information on policies and process.

The DOIT identified almost 3,000 state computer systems, of these 1,100 are either fixed already or do not need to be fixed. Of the remaining 1,900 systems, 650 are mission critical, meaning that they enable the department to carry out its primary responsibilities such as issuing drivers' licenses, collecting taxes, et cetera. The remaining 1,250 systems were identified as essential but not mission critical and will also need to be fixed. The DOIT's approach to addressing Y2K issues is contained in its program guide.

The California 2000 Program Guide. The program developed by DOIT requires departments to: (1) create an inventory of existing systems, (2) identify those that are critical to the overall mission of the department or program, (3) assess the impact the century change will have on these mission critical systems, and (4) develop a plan to fix them and submit this plan to DOIT along with its budget and schedule for Y2K conversion activities. Departments were required to identify the impact mission critical computer systems have on the department, outside entities with whom it exchanges information, and the public.

The DOIT Continues to Be Proactive. In addition to creating the program guide, DOIT has proactively:

Although DOIT has taken a proactive role on Y2K issues, we have the following concerns with some of its efforts.

Value of Validation Statements, as Implemented, Appears Questionable. Last year, the Legislature required DOIT to review the plans for departments requesting an augmentation in funding for Y2K efforts and issue a Statement of Validation for each project. Once the statement was issued by DOIT, the DOF was to release the funds for the project. The required components of the Statement of Validation are shown in Figure 5.

Figure 5
Year 2000 Program (Y2K)
Statements of Validation
Required Components
Reasonableness of the state agency's strategy for addressing its Y2K problems.
Comprehensive systems inventory, an assessment of year 2000-impacted systems and the scope of work to address Y2K problems.
Extent to which the department's plan is aligned with the Department of Information Technology's (DOIT) Y2K methodology.
Consistency of the department's proposal with information available to DOIT, including plans, schedules, and costs.
Extent to which the department's systems are critical to its business with a prioritization of these systems and a consequence of failure.
Identification of high risk activities.
Assumptions and methods used to estimate the resources required.
Redirection of resources within the department.
Coordination of statewide and interdepartmental implementations of interdependent year 2000 affected systems.


Our review of the Statements of Validation has found that they are merely restatements of a department's plan. Although all of the information included is helpful, the statements do not (1) evaluate plans on the degree of reasonableness, (2) determine the accuracy of the estimation of resources, or (3) coordinate the projects with the statewide Y2K efforts. In fact, some Statements of Validation were issued for departments whose plans indicated the department would be a year behind schedule and contained no contingency plan.

The analysis on the degree of reasonableness of the plans is important because if realistic plans are not established then the chances for modifying the computer system on time decrease. Due to the large number of Y2K projects, we believe that it will be difficult for DOIT to complete such a thorough analysis even with the department's proposed budget augmentation.

Quarterly Reports Provide Few Details. The Supplemental Report of 1997-98 Budget Actrequired DOIT to report on October 15, 1997 and quarterly thereafter, on the status of the state's Year 2000 conversion efforts. In addition to other issues, DOIT was to identify any program which it believes is at risk of not completing necessary conversion in a timely manner. For those programs at risk, DOIT was to identify the factors which create the risk and what steps are being taken to mitigate the risk. Lastly, DOIT was to update the estimate of the costs to accomplish Y2K compliance.

The DOIT has submitted two quarterly reports thus far. Each report indicated DOIT's concern with the state's ability to fix all of its mission critical systems in a timely manner. However, the reports did not identify any projects at risk of failing, steps being taken to mitigate risk, or provide a revised total project cost estimate. The DOIT did decide to meet individually with each of the departments with high risk projects to review their plans. For high risk projects, DOIT will require monthly updates and take appropriate action including escalation and intervention.

Shortfalls in Oversight of Departmental Plans. Although the Y2K plans DOIT requires departments to complete contain important information, DOIT has limited staff resources to follow up on those that are deficient. This is a significant shortcoming because some departmental plans filed with DOIT indicate the department's efforts will not be completed until a year after the computer's failure date; that the department has no contingency plan; and that potentially hundreds of millions of dollars are at risk of not being collected as a result. The DOIT has not required departments in such situations to submit detailed contingency plans or to explain how they would continue to function without an operational system.

Some Y2K plans submitted by departments include timelines which are too optimistic, with many not allocating enough time to test the finished products. In fact, if departments followed DOIT's suggested time line, all departments should be concluding development and moving into the testing phase now. However, as of January 1998, few departments had reached the testing stage. Additionally, even for those departments whose plans project completion before the computer's failure date, there is not enough time to invoke a contingency plan, should one be needed. Thus, although DOIT required departments to submit Y2K plans, the plans do not necessarily protect the state's assets and DOIT does not appear to have the resources to review each plan in detail and require specific remediation steps.

Costs Continue to Rise. In our Analysis of the 1996-97 Budget Bill, we estimated that efforts to fix the state's systems could exceed $50 million. In April 1997, DOIT projected costs at $83 million. After departments had submitted the first planning report, DOIT revised the cost estimate to $187 million in July 1997. In January 1998, DOIT calculated that project costs will exceed $240 million, based on an ex-trapolation of costs presented in the last quarterly reports submitted by departments.

We believe the costs for Y2K conversion will be substantially higher than DOIT's most recent estimates. The $240 million estimate DOIT provided in January 1998 does not include (1) conversion of essential, but nonmission critical systems such as payroll and accounting; (2) efforts to remediate embedded chip technologies; (3) legal review of existing contracts to determine liability for expenses and failure to perform, currently projected to cost 40 percent of total remediation expenses (on that basis, approximately $100 million for California); (4) complete replacement of computer systems where necessary; (5) departments which do not report to DOIT (Judiciary, Legislature, University of California, California State University, Community Colleges, and others); and (6) the redirection of personnel-years which DOIT currently estimated are valued at over $500 million. If all of these costs were to be included, we estimate that efforts to fix the state's systems could easily cost $1 billion.

What Else Should DOIT Do? Figure 6 (see next page) outlines DOIT's current Y2K program, and what we believe should be added. As we outline in the Crosscutting Issues section of this chapter, although DOIT developed a program early that contains important components, we believe that there are several steps the state--through DOIT--can take to strengthen its Y2K Program.

Analyst's Recommendation. We recommend that the Legislature approve DOIT's proposed budget request in order to ensure DOIT can increase its oversight of Y2K activities. Additionally, we recommend that the Legislature direct DOIT to prioritize its statewide efforts based on the most critical Y2K conversions; require departments to create detailed contingency plans for each mission critical project; enhance project management on high risk projects; and plan to fix systems that are essential, but may not be mission critical.

Figure 6
Department of Information Technology's (DOIT)
Year 2000 (Y2K) Program
DOIT Y2K Program required:
  • Inventory of all computer systems.
  • Prioritization of mission critical systems within the department.
  • Development of a plan to remediate mission critical systems.
  • Estimate of cost to remediate.
  • Filing of quarterly progress reports.
To complement the Y2K Program, DOIT has also:
  • Conducted a seminar to review legal issues related to system failure.
  • Begun creation of a plan to fix all noninformation technology embedded chips (security badges, facsimile machines, building environment, elevators, et cetera.)
  • Established Master Services Agreements to facilitate departments in hiring vendors to assist in remediation efforts.
  • Crafted contract language to require all new information technology purchases to be Y2K compliant.
  • Created a web site to serve as a clearinghouse for Y2K information.
What DOIT should also do:
  • Require establishment of detailed contingency plans which include a date in which the plan is invoked if the proposed project has not met its goal.
  • Prioritize projects statewide by revenue generated, public safety impact, impact on other departments' systems, impact to citizens, or other criteria it determines are most important.
  • Concentrate resources on projects in these categories which are having difficulty meeting deadlines.
  • Continue to deny requests for specified new information technology projects thereby concentrating resources on Y2K efforts.
  • Take a more proactive role to keep projects on schedule, including intervening when necessary.


The DOIT Needs to Develop Data Center Configuration Policy

We recommend that the Legislature require the Department of Information Technology to develop a five-year strategic plan for configuration of the state's data centers.

In 1996, DOIT contracted for a study of feasibility of consolidating the state's data centers. In July 1997, DOIT released the report, which recommended consolidation and identified savings if the major data centers were consolidated.

In the budget year, the Health and Welfare Agency Data Center (HWDC) proposes to purchase one of the two buildings it occupies. The Stephen P. Teale Data Center is proposing a long-term lease purchase of a new facility.

Should the state decide to consolidate the two data centers, such a consolidation could affect the facility needs of each. Accordingly, we recommend that the DOIT provide the Legislature with a five-year strategic plan for configuration of the state's data centers before the state purchases or leases any new data center facilities. We note that the DOF plans to release a report later this year on the fiscal impacts of consolidation.

(For a more thorough discussion of the issue, please see our write up in the Capital Outlay chapter, as well as the analysis on the HWDC in the General Government chapter.)




Health and Welfare Agency Data Center (4130)

The Health and Welfare Agency Data Center (HWDC) provides information technology services, including computer and communications network services, to the various departments and other organizational components of the Health and Welfare Agency. The center also provides services to other state entities and various local jurisdictions. The cost of the center's operations is reimbursed fully by its clients.

The budget proposes $199 million for support of the data center's operations in 1998-99, which is a decrease of $43.5 million, or 18 percent, from estimated current-year expenditures. The decrease is a result primarily of the cancellation of the Statewide Automated Child Support System (SACSS) and a decrease in the Interim Statewide Automated Welfare System (ISAWS) budget. In addition to these decreases, the budget includes increases in requested appropriations for the Child Welfare Services/Case Management System (CWS/CMS), the Statewide Fingerprint Imaging System (SFIS), additional computer capacity, and year 2000 conversion activities.

Data Center Operations

State Should Increase Expertise of State Staff

We recommend that the Health and Welfare Agency Data Center (HWDC) provide the Legislature, prior to budget hearings, with an estimate on how much it would cost to train state staff to perform services to support the HWDC Router Network that the budget proposes be supported by private consultants.

The data center budget requests $653,000 to hire four private sector consultants at $152 per hour, or $260,000 per consultant per year, to provide support for the HWDC Router Network. The network allows for electronic communication between computers. The data center indicates that these consultants will have special expertise, which they will pass on to data center staff over several years. (The budget documentation supporting the request, however, indicates that the consultants are needed due to workload, not expertise.)

If the need is for specialized expertise, it may be more advantageous to provide additional training to existing staff, who are more likely to remain at HWDC, rather than hire consultants to perform the services and transfer knowledge over several years. By doing so, the data center reaps the long-term benefit of having experts on staff.

Analyst's Recommendation. We recommend HWDC provide the Legislature, prior to budget hearings, with an estimate on how much it would cost to train existing state staff to perform the network-related services.

Acquisition of Data Center Building Premature

We recommend that the Legislature deny the data center's request to purchase a building it currently occupies and delete $445,000 in related maintenance and operating expenses. Instead, we recommend that the Legislature appropriate $455,000 to continue the existing lease of the facility.

The HWDC currently leases two buildings in Sacramento. The HWDC proposes to purchase one of the two buildings in the budget year. Chapter 1032, Statutes of 1996 (AB 3280, Cunneen) authorized the issuance of revenue bonds to purchase these facilities. However, the state is not using this bonding authority and instead the data center is requesting a General Fund loan.

The budget includes a capital outlay request for the state to purchase one of the buildings using a $5.2 million loan from the General Fund. The loan would be repaid from the data center's revolving fund. The HWDC's support budget proposes $445,000 for maintenance and operating costs for the building after it is purchased. (Currently, these services are provided by the landlord within the lease amount.) If the loan is not granted, HWDC will need $455,000 in the budget year to continue the existing lease.

Purchase Is Premature. In our analysis of the request to purchase the building (please see the Capital Outlay chapter in this Analysis), we conclude that the proposed purchase is premature and recommend that it be denied. We believe that the proposal is premature given that the administration has endorsed a 1997 report calling for consolidation of HWDC with the Teale Data Center. Such a consolidation could affect the facility needs of HWDC. Accordingly, we recommend that the Department of Information Technology (DOIT) provide the Legislature with a five-year strategic plan for configuration of the state's data centers before the state purchases or leases any new data center facilities.

Thus, we recommend that the proposal for $445,000 for maintenance and operating costs of the data center be denied, and that the Legislature instead appropriate $455,000 to continue to lease the facility in 1998-99.

Data Center Should Seek Review

We recommend that the Health and Welfare Agency Data Center, in cooperation with the Department of Information Technology, report to the Legislature during budget hearings on what additional tools and resources are needed to review project management methodologies and legal contracts.

In 1995, the Department of Social Services (DSS) transferred to HWDC responsibility for three of the largest information technology projects any state in the nation had undertaken. The projects, which were to automate welfare, child support, and child welfare services, were transferred due to the difficulties the DSS was experiencing in developing the projects.

Accepting responsibility for these projects posed a significant challenge to HWDC for several reasons:

Taking over these projects, even for a well-run organization such as HWDC, posed a potentially overwhelming task for the data center. Not only were the projects in trouble, but the skills necessary to administer a data center are quite different from those necessary to conduct project management oversight, especially for major projects. In addition, while the data center was attempting to salvage these three major projects, it still had to administer its operations and meet the needs of its state department customers.

In 1997, the HWDC had to cancel one of the projects after spending $100 million because it would not work as planned. The other two projects, compared to recently revised estimates, continue to experience very significant cost increases (more than 70 percent) and delays (schedule slippages of up to two years). Although cost increases and delays are not uncommon on large projects, there are methods by which they can be minimized. For example, the Governor's Task Force on Government Technology Policy and Procurement recommended that a project not take more than two years to finish; that it be deployed in small, discrete components; and that project managers have experience commensurate with the size of the project.

In addition to the three major projects transferred in 1995, the center has since been given responsibility for seven more projects, bringing the total to ten. The cumulative cost of the ten projects exceeds $1.2 billion. Figure 7 shows the projects currently being managed by the center. As the figure shows, half of the projects are estimated to cost at least $100 million each and require a number of years to implement.

Outside Review Could Be Helpful. The data center was initially created to provide computer and communication services to its constituent departments. Only recently has the data center had thrust upon it the responsibility for developing and deploying major automation systems.

When the three projects were transferred from DSS, HWDC was given significant responsibility without any review of whether it had the appropriate tools for developing and deploying projects of this magnitude. We believe that a review of the center's major projects by an experienced consultant is warranted and will identify areas in which the data center can modify its resources and approach to increase the chances for successful deployment of the projects. With more than $1 billion of projects at stake, it is in the interest of the state to ensure that the data center has all the resources necessary to increase the opportunity for success.

Figure 7
Heath and Welfare Agency Data Center
Projects Being Developed and Deployed
(Dollars in Millions)
Project Purpose of System Estimated
Budget
Estimated
Duration
Statewide Automated Welfare System (SAWS) Planning Planning efforts to automate welfare benefit calculation and determination. $18 4 years
SAWS Technical Architecture (SAWS-TA) Enable multiple welfare systems to exchange data. $45.3 10 years
Interim SAWS (ISAWS) Automate 14 percent of statewide welfare

caseload.

$285 10 years
Welfare Case Data System (WCDS) Automate 41 percent of statewide welfare

caseload.

$288 11 years
Los Angeles Eligibility, Automated Determination, Evaluation and Reporting System (LEADER) Automate 33 percent of statewide welfare caseload. $243 8 years
SAWS Consortium IV (C-IV) Automate 12 percent of statewide welfare caseload. To be determined To be determined
Statewide Automated Child Support System (SACSS) Automate collection and enforcement of child support. $100 expended; future costs to be determined Unknown
Child Welfare Services Case Management System (CWS/CMS) Automate cases of children in child welfare services. $206 9 years
Electronic Benefits Transfer (EBT) Enable the electronic exchange of funds for food stamp recipients. $1.5 (planning only) --
Statewide Fingerprint Identification System (SFIS) Fingerprint welfare recipients to identify duplicate aid cases. $38 5 years
Total $1,224.8


Such a review would make recommendations on how the data center can mitigate risk on these issues:

Analyst's Recommendation. We believe that the tasks and responsibilities given to the data center would be daunting for any private or public sector entity, and that some additional assistance could be helpful to the center, the users of its systems, and the state as a whole. For this reason, we recommend that the center and DOIT report to the Legislature during budget hearings on their suggested strategy for addressing the issues raised above. Specifically, the center and DOIT should consider the need for additional tools and resources for the center, an outside review by an experienced consultant with expertise in project management to review the center's project management methodologies, and a review of legal contracts for major projects to ensure that the contract terms protect the state.

Statewide Automated Welfare System (SAWS)

Background

The data center's budget includes $88 million to continue support for the Statewide Automated Welfare Systems (SAWS). The purpose of SAWS is to provide improved and uniform information technology capability to county welfare operations, through a state partnership with the counties, which have chosen to be in one of four consortia. The four consortia were authorized by the Legislature in the 1995-96 Budget Act and are comprised of:

We describe the progress of the consortia in more detail below.

The budget proposes an increase of $4 million in the current-year and a decrease of $3 million in the budget year for SAWS planning efforts. The multiyear total estimated cost for SAWS planning is $18 million.

Impact of Welfare Reform on System Requirements. Of the four consortia authorized by the Legislature, two (ISAWS and LEADER) were close to finishing the development of systems based on requirements which were established prior to welfare reform legislation being enacted in 1997. These consortia will need to be modified to reflect the new policies resulting from welfare reform. The other two systems (WCDS and C-IV) are in the planning stages and will need to incorporate the new welfare policies into procurement documents.

The DOIT required HWDC to hire a consultant to conduct an assessment of the impact of welfare reform on each of the four projects and departments (all departments under the Health and Welfare Agency, as well as the Department of the Youth Authority, Office of Child Development and Education and the Department of Education). The assessment, due in March 1998, will include: (1) an assessment of how welfare reform policies will affect existing computer systems; (2) an analysis of the gaps between what the existing computer systems can do and what welfare reform policies need them to do; and (3) recommendations on how to close the gaps.

SAWS Technical Architecture Facilitates Exchange of Data. In addition to the four consortia, the HWDC is responsible for deployment of the SAWS Technical Architecture (SAWS-TA) which will enable the four consortia to exchange data. The SAWS-TA is also supposed to be able to identify recipients in order to reduce duplicate aid payments. The SAWS-TA will be run at the data center and serve as an information broker among each of the systems for all of the counties. The SAWS-TA was originally due to be deployed by October 1997, but has been delayed. The latest plan was to have it support LEADER by February 1998; however LEADER is now delayed due to the effort to incorporate welfare reform. It is unclear when the SAWS-TA will be complete. Total estimated project cost is $45 million over the ten year life of the project.

The budget requests an increase in spending authority of $3.5 million for the current year and a decrease of $1.6 million in the budget year.

Requested Reports Not Received

We recommend that the Legislature withhold action on $88 million of Health and Welfare Agency Data Center's budget until the center submits a series of reports requested by the Legislature in the 1997-98 Budget Actand statute.

The 1997-98 Budget Act, the Supplemental Report of the 1997-98 Budget Act and the Welfare and Institutions Code required the HWDC to provide a series of reports related to the SAWS project during the year. The purpose of the reports is to apprise the Legislature of progress in implementing SAWS, of potential problems with the projects and the fiscal impact of any such problems. None of the reports has been submitted. The reports include:

Since the Legislature needs to be aware of the progress of the projects before appropriating funds for them, we recommend that the Legislature take no action on the $88 million proposed for SAWS until it receives the required reports.

Implementation Status of the SAWS Consortia

Interim Statewide Automated Welfare System (ISAWS) Is Almost Finished. The ISAWS project, being managed by HWDC, is currently operational in 20 counties. When fully deployed in July 1998, 35 primarily small counties representing 14 percent of the statewide caseload, will be using ISAWS. Since ISAWS is almost completely deployed, HWDC will need to retrofit the system with welfare reform policies in the future. A new budget and schedule to do so have not been released.

The HWDC budget for development of ISAWS proposes a decrease of $221,000 in the current year and $14 million in the budget year as the data center will no longer need these baseline expenses with the project coming to completion. Funding for maintenance and operation for this project will be approximately $21 million annually thereafter.

Los Angeles Eligibility Automated Determination, Evaluation and Reporting System Delayed to Incorporate Welfare Changes. The LEADER is being implemented by Los Angeles County and is currently under development. Although testing was to begin late last year, further deployment has been suspended while policies reflecting welfare reform are incorporated into the system. A revised schedule and budget have not yet been released. This project will serve 33 percent of the statewide caseload, all in Los Angeles County, when complete.

The HWDC is requesting an increase of $2.7 million in the current year and $4.2 million in the budget year is DSS' local assistance budget to fund development and operational activities.

Welfare Case Data System in Procurement Phase. The WCDS will serve 18 counties representing 41 percent of the statewide caseload when completed. The consortium released its procurement document, the Invitation to Partner (ITP), in December 1997. The WCDS intends to conduct an alternative procurement, which is an iterative process allowing refinement of the conceived system as the vendors and consortium discuss the business problem that needs to be solved. Ultimately, it is up to the vendor to propose the solution. The information technology industry generally considers this a "best practice," thereby increasing the chances for success.

The estimate of total project costs is $288 million. The 1998-99 Governor's Budget requests an augmentation of $6.2 million, bringing the baseline expenditures to $18 million for the project. We discuss the proposed ITP in more detail below.

Consortium IV in Planning Stage. The C-IV, which will serve four counties and 12 percent of the statewide caseload when finished, is in the beginning stages of planning its strategy and procurement. The HWDC's proposed budget does not include monies for C-IV as it is still in the planning stages, for which it received an augmentation of $2 million in current-year expenditures.

Welfare Case Data System Lacks Welfare Reform Policies and Oversight

We recommend that the Legislature appropriate the $18 million proposed for the Welfare Case Data System through budget bill language, making it available if (1) the Department of Information Technology certifies that the procurement document allows for expansion of the system and (2) the state's oversight role is increased.

As indicated above, WCDS is one of the four consortia that comprise SAWS. When completed, it will serve 18 counties and 41 percent of the state caseload. The 1998-99 Governor's Budgetrequests $18 million to enter into a contract and begin development of the system. As currently envisioned, the state has a minor role in the deployment of the WCDS. Rather, the 18 counties which comprise the consortium are primarily responsible for development and deployment of this system.

The WCDS consortium finished developing its procurement document--now called the Invitation to Partner (ITP)--while the Legislature and Governor were enacting a new welfare program in response to federal welfare reform. We have two primary concerns regarding the ITP, which was developed by counties within the consortium.

Welfare Reform Changes Not Included. First, the ITP was developed before welfare reform legislation was enacted. Our review of the ITP indicates that the system is focused on determining welfare eligibility. Under welfare reform, however, county welfare departments are required to undertake tasks that go beyond eligibility determination. The changes require departments to exchange information electronically with many partners, including local school districts, the Immigration and Naturalization Service, substance abuse programs, child welfare services programs, and work programs, among others. More importantly, the changes suggest the need for comprehensive case management capability. These components do not appear to be included in the ITP and will likely add substantially to the cost and the effort to deploy the system.

To the extent that the vendor who is awarded the contract develops a flexible system (known as "open architecture"), the consortium could add welfare reform in modules in the future. However, it is not clear from the ITP whether the proposal will have this flexibility, or whether it will have a "closed architecture." If the latter is the case, then the consortium would need to revise the ITP to include welfare reform policies. Alternatively, the consortium could develop a plan in which the vendor goes back and incorporates welfare reform policies into the system after it is deployed. Trying to incorporate the policies into a system that does not allow for the degree of expansion that will be necessary significantly increases the risk of failure.

For this reason, we believe that it is critical to require that the system be created with an open architecture, which would allow "adding on" of welfare policy components, or that the procurement document be revised to include welfare reform policies.

Insufficient State Oversight. Our second concern with the proposal is that it envisions very little state oversight. This is because the administration proposes to have the counties sign the contracts with the vendors and, although the state and federal government will be responsible for 95 percent of the costs, the state will not be able to amend, suspend, or terminate the contract.

Although the counties and state will be working in cooperation, there will be times when the counties and state disagree on a direction, as was evidenced in 1995 on CWS/CMS and more recently on SACSS. The HWDC's willingness to allow the counties to have such an exclusive role raises a larger concern of what responsibility and authority HWDC is going to have over the deployment of the project. Although HWDC indicates it will have oversight responsibility, the 1995-96 Budget Act which authorized the four consortia, required HWDC to be ultimately responsiblefor each of the four projects--a much more significant role than simply providing oversight. If HWDC does not have the authority to require specific changes to the contract, then no state agency can be held accountable, despite the large investment of state money.

Approval of the $18 million being requested will essentially demonstrate the Legislature's approval of the project as conceived, which is preliminarily estimated to cost $288 million.

Analyst's Recommendation. We recommend that the Legislature appropriate the $18 million proposed for the Welfare Case Data System through Budget Bill language, making it available if (1) DOIT certifies that the procurement document allows for expansion in order to more easily accommodate welfare reform policies and (2) the contract with vendors is signed by DOIT and HWDC so that state oversight can be preserved. We recommend the adoption of the following budget bill language:

In augmentation of the funds appropriated by this item, an additional sum up to $18 million is hereby appropriated for development and implementation of the Welfare Case Data System (WCDS), subject to the review and approval of the Department of Information Technology (DOIT) of the Invitation to Partner (ITP) proposed by the WCDS Consortium. The DOIT shall certify that the ITP requires the vendor to provide an open architecture to allow the system to expand as needed. Additionally, both DOIT and the Health and Welfare Agency Data Center shall sign contracts with vendors which obligate state funds to create and deploy this project. The Department of Finance shall notify the Joint Legislative Budget Committee and the Legislature's fiscal committees at least 30 days before authorization of expenditure of any funds.

Statewide Automated Child Support System (SACSS)

Child Support Project Canceled; New Project Offers Opportunities, Challenges

After spending $100 million on the Statewide Automated Child Support System project, the state canceled the contract in November 1997. An audit of the project from the Bureau of State Audits should be available for the Legislature to review during budget hearings.

The budget indicates that the administration plans to come forward in the spring with a plan for automation of child support. We recommend that the Legislature require that the new automation system be purchased using a method in which the state outlines for vendors its desired outcomes, rather than specifying a particular technology. In addition, we recommend that Health and Welfare Agency Data Center report at budget hearings on the status of the level of federal funding for the new project.

The SACSS is a federal and state-mandated computer-based system to provide an automated statewide child support enforcement tracking and monitoring capability through the offices of county district attorneys. In 1995, the administration transferred the responsibility to manage this project from the DSS to HWDC in order to resolve serious implementation problems. In November 1997, after two years of difficulty implementing the project, HWDC canceled the contract and project. The state had spent $100 million on the project.

The Governor's budget has set aside $20 million from the General Fund (in a non-Budget Act item in the Health and Welfare Agency) in anticipation of a Finance letter for planning and development of a new project. The HWDC indicates it anticipates having a plan for future automation efforts completed by March 1998.

There are some counties currently using the working components of SACSS. The vendor was retained to maintain and operate the system for these counties for six months, beginning in November 1997, and will transfer knowledge of the system to state staff so that they can maintain the system. The vendor will be paid $11 million for these services.

Audit of Project Due. Last year, the Legislature directed the Bureau of State Audits (BSA) to conduct an audit of the management of the SACSS contract and project. This audit is due to be released in late February and, thus, should be available for the Legislature to review during hearings on HWDC's budget. The 1997-98 Budget Act requires HWDC to respond with a plan for implementing the audit's recommendations or take other actions that will improve performance in order to better protect the state's interests and ensure success of the SACSS project.

New Project Offers Opportunity to Follow "Best Practices." Although it is important to deploy a statewide system for child support enforcement as soon as possible, the cancellation of the SACSS project gives the state an opportunity to "start from scratch" to procure a system in such a way as to increase the chance of successful deployment.

In 1994, the Governor's Task Force on Government Technology Policy and Procurement recommended that the state revise its procurement process such that it lays out the business problem that needs solving, rather than specifying the technology it wants to purchase. This process, known in state government as an alternative procurement, is considered a "best practice" by the information technology industry. This new procurement process was successfully employed for a major project at the Franchise Tax Board.

Although it may seem as though starting over on SACSS will take longer than transferring an existing technology to California, such a conclusion is not necessarily accurate. Even though the state started with an existing technology on the SACSS project (it was transferred from another state), it could not be made to work in California, even after years of significant effort, a substantial investment of state monies, and a major change in project management. Procuring a new child support system using a process in which the state outlines its business needs should increase the state's chances of deploying a successful project.

In addition to the procurement method, there are other industry best practices that should be considered for this and future automation projects to better protect the state and increase the chances for success. For example, vendors should be willing to share in any potential financial loss to a greater degree than they have in the past. Vendors can share in the risk by providing a letter of credit, receiving payment only upon acceptance of deliverables, and including liquidated and consequential damages in the contract. In order to protect the taxpayers' investment, the state needs to procure major information technology systems using industry best practices such as these.

We recommend that the Legislature require that the new project be based on this alternative procurement process model which details the outcome desired, rather than specifying a technical solution in the procurement documents. Additionally, we recommend that DOIT require other appropriate best practices be incorporated into the contract and project management methodology.

Future Federal Financial Participation Unclear. When California began deploying SACSS, the federal government agreed to pay 90 percent of development costs. It is unclear whether the federal government intends to share in any of the cost of creating another system in California. If not, then HWDC may need to ask the Legislature for several hundred million dollars from the General Fund to support future child support automation efforts.

In addition, when first planning automation for child support, the DSS believed the federal regulations required that each state deploy a single system statewide in order to receive 90 percent enhanced federal funding. A letter from the federal agency responsible for this program indicates that it has the authority to grant a waiver to allow states to deploy multiple systems, as long as counties can exchange information amongst themselves. Due to California's size, it may have more success by deploying multiple systems that can exchange data, rather than one system, statewide. It remains unclear, however, whether the federal government will share in the expense of deploying multiple systems if they agree to fund any future automation efforts in California. If the state decides to deploy multiple systems which can exchange information for child support automation, it needs to understand the level of federal financial participation.

We recommend that the HWDC report at budget hearings on the status of federal financial participation for the new child support automation efforts in California.

County Child Support Systems Need Upgrading for Year 2000

We recommend that Health and Welfare Agency Data Center and Department of Social Services report during budget hearings on the progress of the counties in modifying existing child support systems to accommodate the year 2000.

The counties have been planning to use SACSS since 1995. As a consequence, many counties did not devote resources to modify county-based child support enforcement computers to be able to accommodate the year 2000 change. (For a full discussion of the impact of the year 2000 on computers, see the Crosscutting issues section earlier in this chapter.)

With the cancellation of SACSS in late 1997, counties are now faced with having to modify their computers to accommodate the year 2000. This effort will be expensive and time consuming. Failure to modify existing systems can lead to serious problems ranging from miscalculations of child support orders to complete failure of systems. It is unclear whether counties are receiving any assistance from the state to complete these modifications and whether they will all be able to complete them in time. The state should help ensure that these systems will be able to function without failing until a statewide system is deployed.

Analyst's Recommendation. We recommend that the HWDC and DSS report during budget hearings on the progress of the counties in modifying existing child support systems to accommodate the year 2000.

Child Welfare Services Case Management System (CWS/CMS)

Contract Increases Not Justified

We recommend the Legislature delete the proposed $15.1 million augmentation for the Child Welfare Services Case Management System because the costs should be incurred by the vendor, not the state. (Reduce Item 4130-001-0632 by $15.1 million.)

The budget proposes $48 million to continue support for the CWS/CMS in 1998-99. This includes an augmentation of $15.1 million to increase the vendor's contract. This is the first installment of a total contract increase over several years of $58 million.

Background. Chapter 1294, Statutes of 1989 (SB 370, Presley), required the implementation of the CWS/CMS. The primary goal of this system is to provide a statewide database, case management tools, and reporting system for the Child Welfare Services program. The DSS began the project in 1990.

In April 1995, the administration transferred responsibility for project management from the DSS to HWDC in an effort to improve the project's prospects for success. When HWDC was given responsibility for this project, the project was at a critical stage, with the counties no longer supporting the project and the state close to canceling the contract. The HWDC spent several months renegotiating the contract with the vendor. When the negotiations were completed, HWDC advised the Legislature that the vendor guaranteed that the project would be fully deployed by fall 1997, for $119 million, and that if there were delays the vendor would pay penalties up to $5,000 per day depending on the missed milestone; share in the loss of federal funding; and guarantee maintenance for 15 months after every county received the system.

The project is now estimated to cost approximately $206 million and is not projected to be fully deployed until June 1998. If the proposed increase of $58 million spread over several years is approved, the vendor's contract will be increased 60 percent above the amount negotiated in 1995. We have the following concerns with the proposed increase in funding for the vendor.

State Paying Twice. The proposed increase in funding is to pay the vendor for a variety of activities. These include additional help troubleshooting problems at the county level, changing the fundamental operating system, resolving problems experienced in Los Angeles and Fresno Counties, completing additional testing of data, extending the vendor's contract to maintain the system, and continuing independent validation and verification (IV&V) services. Each of the services proposed for funding is necessary due to project delays and the system not working as planned. In our view, the contract requires the vendor to deploy a working system, therefore the state should not pay for fixing what is not working. Of the proposed increases noted above, two in particular are worrisome.

Software and Hardware Upgrades Should Not Be Necessary at This Time. A portion of the increase is being requested to upgrade the system infrastructure--both software and hardware--which HWDC advises is necessary for the continued performance and viability of CWS/CMS. However, HWDC's quality assurance vendor estimates that major software and hardware changes such as those being proposed should occur only every two to two-and-a-half years. Yet, the system has been operating for only a year in most counties. Accordingly, we do not believe that there is operational need to make the changes now.

Maintenance Costs Agreed to in 1995 Negotiated Away. The budget includes $8 million for the contractor to maintain and operate the system through June 1999. The HWDC informed the Legislature when it renegotiated the contract in 1995 that it secured a firm 15 months of maintenance and operation from the time the system worked in all counties. Now the center indicates that due to the delay in completion, the contract was amended to allow maintenance to end earlier in exchange for other services. It appears, however, that these are services the vendor should perform without additional charge to make the system work.

Analyst's Recommendation. We believe that the contract requires the vendor to deploy a working system. Since these appear to be expenses the vendor is already under contract to produce, we recommend denying the requested $15.1 million augmentation and prohibit HWDC from amending the vendor's contract for these expenses.

Other Issues

Statewide Fingerprint Imaging System (SFIS) Expansion Not Justified

We withhold recommendation on $8.9 million requested for Statewide Fingerprint Imaging System, pending receipt and review of the justification for the request.

The 1995-96 Budget Act assigned responsibility for implementing the Statewide Fingerprint Imaging System (SFIS) to the HWDC. The system, modeled after one implemented in Los Angeles County in 1994, is intended to reduce the cost of fraud associated with state welfare programs. The contract for this project was to be awarded in June 1997 with full system operation in July 1998. However, award of the contract has been delayed.

The proposed budget includes an augmentation of $8.9 million in 1998-99 to implement the SFIS. The total amount proposed for the budget year is $10 million.

At the time this analysis was prepared, we had not received budget documentation to justify this request. Thus, we withhold recommendation, pending receipt and review of the documentation.

Electronic Benefits Transfer (EBT) System Delayed

We recommend that Health and Welfare Agency Data Center report during budget hearings on its progress in implementing this project.

Electronic Benefits Transfer (EBT) allows for the electronic transmission of funds to a food stamp recipient. The system uses debit card technology and retailer terminals to automate benefit authorization, delivery, redemption and financial settlement thereby eliminating the need for food stamp coupons. Federal Food Stamp regulations, implemented as a result of the federal Personal Responsibility and Work Opportunity Reconciliation Act of 1996, require that all states implement an EBT system by October 2002. Chapter 270, Statutes of 1997 (AB 1542, Ducheny) authorized EBT and established an EBT committee, which will advise HWDC on the planning, development and implementation of the statewide EBT.

The HWDC is required to certify one or more EBT processors as eligible to contract with counties to implement EBT systems. A county or group of counties will contract with the certified processors directly and will have principal responsibility to manage operation of the EBT system implemented by the county or group of counties. At the time this analysis was prepared, HWDC indicates that the project has been delayed.

The proposed budget requests $194,000 and two positions to complete planning efforts to implement an EBT program.

We recommend that HWDC report to the Legislature during budget hearings on the progress of certifying processors.

Automated Tape Library Not Yet Justified

We withhold recommendation on $671,000 requested for the Automated Tape Library, pending receipt and review of the justification for the request.

The budget proposes an augmentation of $671,000 for an Automated Tape Library (ATL). The ATL will enable an automated system to access data on computer cartridge tapes, thereby increasing accuracy and productivity. Total project costs are estimated to be $7.2 million over the life of the five year project.

At the time this analysis was prepared, we had not received documentation to justify this request. Thus, we withhold recommendation, pending receipt and review of the documentation.

Year 2000 Funding Request Not Yet Justified

We withhold recommendation on $3.6 million requested for Health and Welfare Agency Data Center's Year 2000 project pending receipt and review of the justification for the request.

The budget proposes an augmentation of $3.6 million to continue the data center's activities to enable all computer systems to accommodate the year 2000. The data center's proposal is to purchase hardware for increased capacity, consulting services for testing, and general overhead expenses.

At the time this analysis was prepared, we had not received documentation to justify this request. Thus, we withhold recommendation, pending receipt and review of the documentation.




Statewide Travel Reimbursement Project Not Mission Critical

We recommend a reduction of $689,000 in reimbursements requested for the development of an automated statewide travel reimbursement project because the proposed system is not mission critical and is premature until the Controller's Office converts its computers to accommodate the year 2000 changes. (Reduce Item 0840-001-0001 by $689,000.)

The proposed budget requests $689,000 in reimbursements to begin a new information technology project, known as the Automated Statewide Travel Expense Reimbursement Process Project. The total cost of the project, which would be completed over several years, is estimated to be $7.7 million. The State Controller's Office (SCO) indicates that development and maintenance costs for the proposed system will be funded on a reimbursable basis by departments that intend to use the system.

Many state agencies, including the SCO, are working to make their computer systems accommodate the year 2000 change. In order to focus the state's information technology resources on this problem, we have recommended that the Legislature deny funding requests for new nonyear 2000 information technology projects unless the request is for a project that is mission critical to the state, or is specifically mandated by state or federal law. Because this proposed project is neither mission critical nor mandated, we recommend, without prejudice to the merits of the project, that the Legislature deny funding for this request. (For more information on the year 2000 problem, please see our analysis in the Crosscutting Issues section earlier in this chapter.)

Additional Information Needed for Local Government Reporting System

We withhold recommendation on $724,000 requested to replace the current Local Government Reporting Systems pending receipt of additional information from the State Controller's Office on the critical failure dates for their current systems and a plan to include users of the proposed system in the development process.

The budget requests $724,000 from the General Fund in one-time costs to replace the current Local Government Reporting Systems (LGRS) with a new, single automated system. Using this system, the SCO currently collects data from local governments and produces nine mandated publications, including the annual reports of financial transactions for counties and cities. The financial information published in these reports includes revenue and expenditure statements and long-term debt schedules.

Budget Proposes System Replacement. The SCO reports that the current LGRS has not been converted to handle the year 2000 change at the end of the century. The cost for system improvements to accommodate the century change is estimated to be $332,000. The SCO indicates that investing in a new, single automated system would streamline the reporting and data collection process. Therefore, the SCO is requesting funds to replace rather than modify the current systems. The SCO expects that software needed for the new system already exists and can be purchased and modified to meet the reporting requirements. The SCO intends to develop a request for proposals in the current year by redirecting funds.

Critical Failure Dates Not Identified. The SCO's most recent quarterly update to the Department of Information Technology for the year 2000 project plan identifies the various systems of the LGRS. However, the SCO has not identified the dates by when these systems must be modified (known as the "critical failure dates"). In order to consider the priority and the merit of this request, it will be important to obtain the critical failure dates for these systems, including information on the impact that the year 2000 will have on the operations of the current systems.

Users Not Consulted. The users of the information from the LGRS systems include, the Legislature, local governments and associations, municipal finance analysts, and academics. Over the years, concerns have been raised by many of the users of the LGRS information. The concerns involved (1) the timeliness of the information, (2) the availability of data over the Internet, (3) the appropriateness of the categories of information currently available, and (4) the compatibility of data within each local government category. The current plans of the SCO do not include obtaining input from these groups in the development of the new system prior to the request for proposals. In order to ensure that the new system addresses the concerns of its "customers," we believe that the users should be included in the process that determines how the new system is designed.

Analyst's Recommendation. Based on the above findings, we withhold recommendation on the $724,000 requested to replace the current LGRS, pending receipt of additional information from the SCO regarding the critical failure dates for the current systems and a plan to include users of the information in the development of the new system.

Slowdown in Computer Project May Delay Repayment of State Loan

A new statewide computer information system to track voter registration will not be deployed in all California counties, as originally scheduled, in time for the 1998 primary and general elections. As a result, we recommend the adoption of legislation that would delay for 18 months the date upon which the Secretary of State must repay $3.5 million borrowed to build the system.

Chapter 913, Statutes of 1995 (AB 1701, McPherson) directed the Secretary of State to establish a statewide computer system comprised of voter registration data that would facilitate the removal of duplicate or prior registration of voters. The computer system is to be designed to result in the removal of large numbers of out-of-date registrations from the county voter rolls. Purging the rolls, for example, could eventually save the state and the counties millions of dollars annually because election officials would no longer print and mail election materials to persons who are listed on obsolete county voter registration lists but who have actually moved and possibly re-registered to vote in another county.

Chapter 913 provided a $3.5 million loan from the General Fund to the Secretary of State to develop the voter registration tracking system and specified that the loan be repaid out of the savings in printing and mailing costs made possible through the new system. The loan is repayable with interest by June 30, 1999.

Projected Completion Date Not Met. The Feasibility Study Report outlining the project specified that the new computer system was to have been deployed in all California counties as of November 1997, in time to achieve the maximum possible savings in printing and mailing costs for both the June and November 1998 elections. However, a Special Project Report issued recently by the Secretary of State indicates that deployment of the system will commence in 14 counties this spring but will not be completed in all counties until July 1998 at the earliest. The Secretary of State has indicated that the delay is necessary in order to accommodate county election officials, who must play a significant role in implementing the new computer system while simultaneously making preparations for the 1998 elections.

The delay in the full deployment of the voter registration computer system means it is unlikely that the Secretary of State will achieve the full $3.5 million in savings needed to repay the loan as required by the end of the budget year. However, our review of the status of the project indicates that the project is likely to generate the additional state savings needed to repay the loan during the June and November 2000 elections. We would note that the 1998-99 expenditure plan does not assume the $3.5 million repayment.

Analyst's Recommendation. Although we believe the voter registration project remains a worthwhile state investment that will ultimately prove to be successful, the delay in its implementation means it is unlikely that $3.5 million in total state savings will be achieved in time to meet the present loan repayment deadline. Therefore, we recommend the adoption of legislation that would postpone the due date for the loan until December 31, 2000. We believe this time extension is reasonable given the progress made to date on the project and the likelihood that it will result in major additional state savings during the year 2000 election cycle.

Update on CALNET Procurement

We recommend that the Department of General Services report during budget hearings on the status of the procurement of telecommunications services for state departments.

In 1996, the DGS began the divestiture of the state's telecommunications operations, known as CALNET, and the procurement of telecommunications services from another firm. CALNET, which was developed in the early 1990s, was never fully accepted by state departments as DGS had planned. As a result, it never generated the revenues anticipated and has lost, and is projected to lose, approximately $2 million in each of the last four years since 1994-95. The DGS attributes the annual financial losses to the fact that departments used other telephone services. If they had been required to use CALNET, DGS maintains that the service would have been profitable. Departments cite better service and lower rates as the reason for not using CALNET. As it is, the state still owes approximately $20 million on equipment it purchased.

Because CALNET has been losing money, the state decided to sell off its hardware (switches, routers, etc.) and procure these services from a vendor without owning any equipment. In January 1997, the department released its strategic plan for providing statewide telecommunications services, known as the California Integrated Information Network. The plan included moving to a privately owned and operated network, which would involve a contract with a vendor which could be valued at $500 million over five years.

Last year, we expressed concern that DGS would not be able to complete its procurement for the telecommunications services by January 1, 1998, as planned. As a result, the Legislature adopted budget bill language requiring DGS to provide the Legislature with a copy of the Feasibility Study Report and Request for Proposals and to report to the Legislature by February 1, 1998 on its progress. Because the procurement process was still underway at the time this analysis was prepared, these documents had not yet been provided to the Legislature.

Because of the impact of this procurement on state government, we recommend that DGS report to the Legislature during budget hearings on its progress in awarding this contract.




Highlighting Information Technology Expenditures in the Budget

We recommend that the Legislature adopt supplemental report language directing the Department of Finance to identify in the 1999-00 Governor's Budget each department's total information technology expenditures and all information technology project expenditures of $1 million or more, by project title.

Lack of Expenditure Information. Currently, no standard for reporting information technology expenditures throughout state government exists. Financial data on major information technology projects often provide no clear understanding of important facts about the projects. As a consequence, it is often difficult for the Legislature to ascertain how much money is or has been allocated for a particular project. With over $2 billion appropriated for information technology each year, we believe that it is important that the Legislature have information that clearly shows how much money is being appropriated for the many information technology projects underway.

Ideally, the state should have an automated accounting and budgeting system that makes information technology projects and expenditures easily discernable when queried. Such a change would probably take substantial time and effort, however.

Last year, the Legislature adopted supplemental report language directing the DOF to identify in the Governor's budget the total proposed expenditures for information technology, as well as project expenditures of $1 million or more, by project title. The DOF did not include this information in the 1998-99 Governor's Budget, but indicates that it will present a separate report to the Legislature with the information.

Analyst's Recommendation. We recommend that the Legislature direct the DOF to identify for 1999-00 each department's total information technology expenditures and all information technology project expenditures of $1 million or more, by project title.

Specifically, we recommend the following supplemental report language:

The Department of Finance shall display for each organizational budget contained in the 1999-00 Governor's Budget, the total proposed expenditures for information technology, as well as any information technology project expenditure of $1 million or more, by project title, in any of the three fiscal years covered in the budget.

Yountville Budget Includes Funds For Computers, More Hospital Beds

We recommend that the 1998-99 budget request for the Yountville veterans' home be reduced by about $2.4 million and 57 positions because of spending proposals that lack justification. We also recommend approval of $5.7 million in budget augmentations sought for the home, contingent upon the adoption of Budget Bill and supplemental report language and the receipt of additional information by the Legislature. We further recommend a study of the mix of nursing beds provided at the home. (Reduce Item 8960-011-0001 by $1,882,000, reduce federal funds by $255,000, and reduce reimbursements by $273,000.)

Augmentations Sought for Home. The 1998-99 budget proposal for the home includes the following augmentations requesting an additional $7.4 million and 41 positions:

Analyst's Recommendations. We recommend that the 1998-99 budget request for the Yountville home be reduced by $2.4 million and 57 positions. We also recommend approval of $5.7 million in budget augmentations for the home with the Budget Bill and supplemental report language and other changes proposed below:

Of the funds appropriated in this item, the sum of $4,898,000 shall be available for the installation of the Veterans Home Information System at the Veterans' Home of California at Yountville. These funds shall be expended subject to a determination by the Department of Veterans Affairs oversight contractor, the Department of Finance, and the Department of Information Technology that all modules installed at the Barstow veterans' home have been successfully implemented, except for the cost accounting module that is not scheduled to be installed until during 1998-99. Notification of that determination shall be transmitted to the Joint Legislative Budget Committee and the fiscal and relevant policy committees of the Assembly and Senate.

 


Return to 1998-99 Budget Analysis Table of Contents
Return to LAO Home Page