Texas State Auditor
SAO: Reports:
An Audit Report on the Department of Information Resources and State Data Center Consolidation
|
John Keel, CPA Texas State Auditor SAO: Reports: An Audit Report on the Department of Information Resources and State Data Center Consolidation |
August 2009
Report Number 09-051
To ensure the success of the state data center consolidation project, the Department of Information Resources (Department) should improve its oversight of the processes IBM (the Department's contractor) uses to transfer agency systems and data into state data centers. Auditors identified the following issues:
- The Department has not provided sufficient guidance to agencies in upgrading their applications and systems (a process referred to as application remediation) to prepare for transfer to the state data centers. Application remediation is an important part of the state data center consolidation process, and its success or failure will significantly affect the Department's and IBM's ability to consolidate state data centers.
- The Department has not ensured that all of the agency systems and applications that are within the state data center consolidation project have been completely identified and documented, including the applications that need to be remediated. This has hindered the Department's and IBM's ability to adhere to the state data center consolidation time line, ensure the accuracy of IBM's reported service levels (also referred to as performance metrics), and renew agency software licenses in a timely manner.
- The Department should improve its monitoring of the processes IBM uses to calculate and report its service levels. Auditors identified deficiencies in the processes that IBM uses to collect service level data and calculate its reported service levels. Auditors also identified weaknesses in the Department's processes for verifying the accuracy and completeness of the service levels that IBM reports.
The implementation of recommendations made by another contractor the Department hired may help resolve the difficulties IBM has experienced in procuring hardware and software for state agencies. However, the Department should ensure that IBM implements additional controls to ensure that IBM procures equipment and software for agencies within the timeframes defined in the contract.
Suspension of the Contract and Agency Certification Requirements
In November 2006, the Department and IBM signed a contract for a seven-year period with three optional one-year extensions. The State had paid IBM $276 million for services under the contract as of May 2009. According to the contract, IBM was required to consolidate state data center services for 27 agencies within two state data centers in Austin and San Angelo by April 1, 2009. Based on documentation obtained from IBM, as of June 2009, most of the 27 agencies had moved some of their equipment and data into the state data centers, but none had completely consolidated systems and data within the two primary state data centers.
On October 28, 2008, Governor Perry suspended consolidation of agency equipment and data within the two state data centers due to IBM's failure to back up data for some state agencies. The Department then required IBM to implement a plan and demonstrate that it could comply with the backup requirements in its contract. The Department also required each agency to certify that IBM had identified and documented the agency's critical data and prepared an appropriate schedule for routine backups. Each certification must be approved by the affected agency and the Department before an agency's equipment and data can be consolidated into the state data centers. As of August 2009, 23 (85 percent) of the 27 agencies in the state data center consolidation project had signed certification letters.
Download the Acrobat version of this report. (.pdf)
If you prefer an HTML version, follow this link to an Adobe site which converts PDF files to HTML.