This is the accessible text file for an audit report on the eDeposit and eCollections Strategy, issued by Office of the Inspector General in April 2015 FOR PUBLIC RELEASE, Report No. 2014-PA-101. This text file was formatted by the LOC-OIG to be accessible to users with visual impairments. Every attempt has been made to maintain the structural and data integrity of the original printed product. Accessibility features, such as text descriptions of tables, photos & consecutively numbered footnotes placed at the end of the file, and the text of agency comment letters, are provided but may not exactly duplicate the presentation or format of the printed version. The portable document format (PDF) file is an exact electronic replica of the printed version. Report Title - The Library Needs to Determine an eDeposit and eCollections Strategy Library of Congress, Office of the Inspector General, 2014-PA-101 FOR PUBLIC RELEASE April 2015 Office of the inspector general Library of Congress 101 Independence ave. Washington, D.C. 20540 MEMORANDUM FOR: James H. Billington Librarian of Congress FROM: Kurt W. Hyde Inspector General April 24, 2015 SUBJECT: Audit Report No. 2014-PA-101 The Library Needs to Determine an eDeposit and eCollections Strategy This transmits the audit report summarizing the results of the Office of the Inspector General’s review of the eDeposit Program, which according to its charter was created to “increase the acquisition, through registration and mandatory deposit, of works created and disseminated digitally or online in a variety of formats.” We also reviewed the eSerials Project, which was the first phase of implementation of the eDeposit Program and was established to facilitate “the acquisition of electronic works through mandatory deposit.” The executive summary begins on page i, and the results of our audit appear on pages 1 to 34. Management’s response to our recommendations appears in Appendix D. Based on management’s written response to the draft report, we consider all of the recommendations resolved. Please provide, within 30 calendar days, an action plan addressing implementation of the recommendations, including an implementation date, in accordance with LCR 2023-9, Rights and Responsibilities of Library Employees to the Inspector General, §6.A. We appreciate the cooperation and courtesies extended by the U.S. Copyright Office, Library Services, the Office of Strategic Initiatives, and other units within the Library during this audit. cc: Deputy Librarian Chief of Staff Administrative/Correspondence Coordinator, LIBN/O Summary In July 1998, the Librarian commissioned the National Academy of Sciences to examine the Library’s information technology (IT) planning and implementation, and a committee was convened to conduct the examination. In 2000, the committee completed LC21: A Digital Strategy for the Library of Congress (LC21). LC21 stated that the “mandatory deposit law…creates a unique opportunity for [the Library] to collect digital information that might otherwise vanish from the historical record.” It also stated that “voluntary deposit is only one of several methods that the Library must use more aggressively to build its digital collections.” footnote 1 In March 2010, the Library established the eDeposit Program. It was one activity among several since 2000 related to collecting born- digital material. The program’s goal was to “increase the acquisition, through registration, footnote 2 and mandatory deposit, footnote 3 of works created and disseminated digitally or online in a variety of formats.” footnote 4 In April 2011, as part of the eDeposit Program, the Library formally established the eSerials Project. The project was established to ensure that electronic serials published in the United States and available online only would become part of the Library’s permanent collections through mandatory deposit. The Office of the Inspector General (OIG) conducted a performance audit of the eDeposit Program and the eSerials Project. Our overall objective was to evaluate the Library’s efforts to ingest and make available for use electronic works (born-digital content). As part of OIG’s examination of eDeposit and eSerials, OIG reviewed the Library’s oversight and governance practices, the resources and funding allocated to these efforts, the extent to which the Library followed project management best practices, the cost efficiency of the Library’s efforts, and whether the Library took advantage of partnerships with private and public sectors. OIG could not determine whether the Library’s progress to-date on the eDeposit Program had met Library management’s expectations. The eSerials Project was the only project initiated under the eDeposit Program since the program was created in 2010. Because the Library’s senior leadership did not establish quantifiable expectations related to cost, performance, and project completion, OIG could not determine whether progress made to-date had met the Library’s expectations; the Library has described its progress as “incremental.” By one measure, as of December 31, 2014, the Copyright Office was ingesting 835 electronic serial titles on an on-going basis as part of the eSerials Project. This represents approximately 34% of all the active eSerial scholarly titles published in the United States and available online. Other categories of born-digital works that could be collected through the eDeposit Program include software, video games, digital music, digital still and moving images, and electronic books and magazines; however, these categories are not currently being collected. Going forward, the Library needs to determine how best to approach obtaining electronic works—through eDeposit, through some other means, such as coordination with industry, or both depending on a refined eCollections Strategy. footnote 5. Mandatory deposit rule-makings may yield workable arrangements in some instances; it is equally possible that negotiated arrangements with private and public entities may be the only way forward. There are a number of causes for the Library’s lack of clarity around the success of eDeposit. Specifically, the Library has challenges pertaining to strategic planning, leadership, and governance, as well as organizational and financial management issues. The following represents Library management’s fundamental challenges in moving forward, as revealed by this audit. Strategic Planning, Leadership, and Governance Issues. The Library Needs an Overarching eCollections Strategy and Enterprise Architecture. The Library needs an overarching eCollections Strategy that meets common requirements for ingesting and protecting electronic works. Grouping eCollection activities together and evaluating them within an overall portfolio could help the Library identify and remove duplicative activities, which would make the Library more cost efficient. The electronic serials currently being collected under the eDeposit Program through the eSerials Project represent just one element of the Library’s larger eCollections Strategy. Once the Library has developed an integrated, and costly. As part of this audit, OIG found that the Library has not utilized EA during the implementation of the eDeposit Program and the eSerials Project. The eCollections Strategy Must Take into Account the Unique Requirements and Business Needs of the Copyright Office. The Copyright Office’s requirements and business needs must play a role in the overarching eCollections Strategy. For example, the Library needs to ensure that electronic works transferred by the Copyright Office from copyright registration or mandatory deposit for the Library’s collections are protected from unauthorized copying and sharing. Executive Staff Turnover, Turnover in the CIO Position, and the CIO Position’s Placement within the Organization Have Undermined the Direction and Implementation of eCollection Activities. Turnover has posed a significant challenge to the Library’s management of the eDeposit Program and eSerials Project. Most of the individuals assigned to these efforts have left the Library for positions elsewhere, retired, or transferred to new positions at the Library.This turnover has undermined the Library’s ability to achieve success and enforce accountability, according to OIG’s analysis. The lack of a permanent chief information officer (CIO) and its placement within the organization has undermined the effectiveness of the eDeposit Program and whether progress made to-date had met expectations. Further, we found that the Information Technology Steering Committee (ITSC) cannot ensure that IT investments pertaining to the acquisition of electronic works address strategic needs if ITSC’s criteria for approving and monitoring IT investments do not align with the Library’s organizational priorities as stated, for example, in an eCollections Strategy and associated EA. In addition, we found that the ITSC lacked a rigorous approach to overseeing projects because it did not receive sufficient performance and financial information. The ITSC also needs to better inform the Library’s senior leadership serving on the Executive Committee about project and program deficiencies. Otherwise, the Library runs the risk of problems going undetected and/or unresolved, such as the schedule, cost, and performance issues identified by OIG in relation to the eDeposit Program and eSerials Project. Organizational and Financial Management Issues The Library Does Not Have Adequate Program and Project Management Practices, Which Prevents Accountability for Its eCollection Activities The Library needs to adopt and implement best practices for standardizing project management to increase the likelihood of completing eCollection activities on time and on budget. OIG found that the eDeposit Program lacked a description of the program’s individual components and the effort overall, cost estimates for individual components or for the effort overall, and a process for reporting on eDeposit’s performance as it progressed. Without standardized project management practices, the eCollections Strategy and any related projects will be at an increased risk of failure. Greater Financial Management Controls Are Needed In our review of the eDeposit Program, we found that cost estimates were not completed. We also found that the Library’s Budget Office and Financial Reporting Office do not have a mechanism to properly project and allocate IT-related expenses, such as payroll costs incurred on IT projects. As a result, if a service unit does not alert the Budget Office and the Financial Reporting Office of such expenses, the full costs of an IT project could elude senior leadership’s scrutiny. To Strengthen the Library’s Oversight, the Monitoring of eCollection Activities Should Be Integrated into the Library’s Overall Planning and Performance Management Process OIG found that the Librarian and his immediate management team lacked the capability to monitor significant IT investments, such as the eSerials Project, across its planning, budgeting, program/project management, and financial accounting systems. The Government Accountability Office (GAO) has noted the importance of having IT investment process guidance that specifies, among other things, the manner in which IT investment-related processes will be coordinated—including, at a minimum, coordination across the strategic plan, budget, and enterprise architecture. footnote 6. Management’s Response In response to our draft report (see Appendix D), the Library’s senior leadership agreed with all of our recommendations and stated that it would: • Create an overarching eCollections Strategy. • Finalize and validate the existing EA by September 2015. • Hire a CIO in FY 2015 and establish an Office of the CIO separate from any programmatic service unit. • Update its regulations and directives to clarify the Library’s IT governance structure, reporting responsibilities, and roles of the Executive Committee. • Develop policies and implement the management disciplines of costing, scheduling, and risk management for IT activities. • Establish a Project Management Office. • Update its IT governance process to require business case documentation. • Develop the capability to project, capture, and track the actual costs of IT-related activities, including payroll costs to better inform the ITSC and Library management. During the course of our audit, OIG issued a memorandum to the Librarian and the then- Deputy Librarian with preliminary recommendations to enable leadership to take immediate action before this final report was issued. We commend the Library’s new senior leadership team for taking critical action in response. In addition, on March 13, 2015, OIG issued a report and made recommendations for improving the Library’s internal controls surrounding IT investments. footnote 7. Those recommendations were for the Library to implement Library-wide, and the Library generally agreed to implement them. The recommendations in this report are specific to its eCollections Strategy and related activities. According to the Interim Associate Librarian for Strategic Initiatives/CIO, the Library has already: • Appointed an Interim CIO and Deputy CIO. • Begun the recruitment of a permanent CIO. According to the Library, salary restrictions may make it difficult to recruit a qualified candidate. • Initiated a step-by-step analysis of all LOC information technology governance programs. Management’s goal is to create an integrated information technology governance program that incorporates the 1996 Clinger Cohen Act as appropriate, where all information technology proposals are evaluated for consistency with strategic direction, reviewed by the appropriate governance structures, and tracked through to completion. • Initiated the development of an IT capital plan covering both developmental projects and infrastructure. The capital plan will become a multi-year planning tool, similar to the requirements of the Office of Management and Budget for Executive Branch agencies. • Identified legal requirements that obligate LOC service units to operate independently to meet their mandates, while seeking integration at key governance points and following specific standards to assure sufficient oversight. • Agreed to monitor IT costs and IT cost variances. Table of Contents Background 1 Findings. 9 Progress of the eDeposit Program Is Unclear 9 The Library Needs an Overarching eCollections Strategy – Without Such a Strategy, the Library Risks Making Inefficient Use of Its Limited Resources 12 In Executing Its eCollections Strategy, the Library Needs to Appropriately Utilize Its Enterprise Architecture Program to Reduce the Risk of Implementing Duplicative, Poorly Integrated, and Costly eCollection Activities 16 The eCollections Strategy Must Take into Account the Business Needs of the Copyright Office ..18 Executive and Staff Turnover Has Undermined the eDeposit Program and eSerials Project 19 Turnover in the CIO Position and Its Placement within the Organization Have Undermined the Direction and Implementation of eCollection Activities 20 To Achieve His Vision, the Librarian Should Take Steps to Implement Better Governance and Accountability 22 The Information Technology Steering Committee Does Not Have the Necessary Information and, as Currently Structured, Lacks the Authority to Exercise Program and/or Project Oversight 25 The Library Does Not Have Adequate Program and Project Management Practices, Which Prevents Accountability for Its eCollection Activities 28 Greater Financial Management Controls Are Needed 29 To Strengthen the Library’s Oversight, the Monitoring of eCollection Activities Should Be Integrated into the Library’s Overall Planning and Performance Management Process 31 Recommendations 34 Appendix A: Objectives, Scope, and Methodology. 38 Appendix B: Copyright Basics 40 Appendix C: Timeline of Key eDeposit Related Milestones. 43 Appendix D: Management Response 44 Background Copyright Basics The following discussion provides a summary overview of copyright. Appendix B provides a more detailed overview. Copyright is a form of protection provided by the laws of the United States (title 17, U. S. Code) to the authors of “original works of authorship,” including literary, dramatic, musical, artistic, and certain other intellectual works. This protection is available to authors of both published and unpublished works. In general, copyright registration, footnote 8, (section 408) is a legal formality intended to make a public record of the basic facts of a particular copyright. Registration is not a condition of copyright protection, but has been a part of copyright law since the colonial era and a distinguishing feature of federal law since the first Copyright Act of 1790. Congress enacted several incentives for registration in the 1976 Copyright Act which are still controlling; it is a requirement for enforcement of a copyright owner’s exclusive rights in federal court for example. The authority to register copyrights is vested in the Register of Copyrights (Register). By statute, the Register works “under the Librarian’s general direction and supervision.” footnote 9 “Mandatory deposit” (section 407) was enacted by Congress in 1976 to provide the Library with a mechanism that is common to national libraries around the world. Under this provision, the owners of copyright or of the exclusive right of publication in a work published in the United States shall deposit, within three months after the date of publication, two complete copies with the Copyright Office. footnote 10. Subject to some important exceptions, the statute requires the “best edition” footnote 11, of the work. The Copyright Office transfers the two complete copies to the Library for its use and disposition. Upon their deposit in the Copyright Office under copyright registration or mandatory deposit, all copies, phonorecords, and identifying material are the property of the United States Government. footnote 12. In the case of published works, all copies, phonorecords, and identifying material deposited are available to the Library for its collections, or for exchange or transfer to any other library. footnote 13. If a work is submitted for copyright registration, the Library may select that work for its collections. If it is not submitted for registration, the Register may alternatively demand copies of that published work through the mandatory deposit provision. Library of Congress Activities Related to Collecting Born‐Digital Works As summarized in the following sections, the Library has affirmed the importance of digital materials for the national collection many times: • LC21: A Digital Strategy for the Library of Congress – In 2000, the National Academy of Sciences completed a report under this title that identified the Library’s opportunity to collect born‐digital works. • The National Online Library – A Five‐Year Plan for the Digital Future at the Library of Congress – The Library completed a five‐year plan for fiscal years 2001‐2005 that acknowledged the importance of acquiring born‐ digital works and proposed a plan for collecting them for the national library. • Electronic Journals Project – In July 2005, the Library initiated an effort to collect electronic journals. • Librarian’s Management Agenda – In July 2009, the Librarian identified the need to collect electronic works for the national library in his management agenda. • The eDeposit Program – In March 2010, the Library completed the eDeposit Program’s charter as part its effort to collect electronic works. • The eSerials Project – In April 2011, the Library completed the eSerials Project’s charter to collect electronic serials as part of the eDeposit Program. The following sections are not a comprehensive description of all of the Library’s digital collection efforts. A timeline of key events is provided in Appendix C. LC21: A Digital Strategy for the Library of Congress In July 1998, the Librarian commissioned the National Academy of Sciences to examine the Library’s information technology (IT) planning and implementation, and a committee was convened to conduct the examination. In 2000, the committee completed LC21: A Digital Strategy for the Library of Congress (LC21). LC21 stated that the “mandatory deposit law…creates a unique opportunity for [the Library] to collect digital information that might otherwise vanish from the historical record.” It also stated that “voluntary deposit is only one of several methods that the Library must use more aggressively to build its digital collections.” LC21 also noted that “whatever stability and predictability libraries once had as ordered storehouses of the treasures of the printed word were shattered by the digital revolution.” footnote 14 In other words, the function of libraries — to acquire and make accessible the creative work of humankind — has been transformed by the exponential growth of digital information. LC21 made numerous recommendations to help the Library prepare for the digital revolution because of the “committee’s strong awareness of the role of digital information at the center of contemporary discourse.” footnote 15. LC21 noted the following steps as essential to acquiring digital works: But the committee is convinced that the heart of what it has learned and the heart of the Library’s future are in the areas touched on above: (1) inventing a new form for acquiring and preserving materials that include digital information in all its forms, in particular information that is born‐digital; footnote 16 (2) opening itself to broader and deeper dialogue with the work of information professionals beyond its walls; (3) finding the management vision and will to make paradigmatic change happen in the organization; and (4) investing in the technology infrastructure required to support such change. footnote 17 At the same time, LC21 noted that the Library was at risk of “not thinking far enough ahead to enable it to act strategically and coherently.” footnote 18 It also foresaw that “the problems of taking in and making available heterogeneous materials from a wide variety of sources of varying technical sophistication will be challenging.” footnote 19 The National Online Library – A Five‐Year Plan for the Digital Future at the Library of Congress As part of taking action on the LC21 report, the Library developed The National Online Library – A Five Year Plan for the Digital Future at the Library of Congress (FY01‐05 Plan), a five‐year plan for fiscal years 2001‐2005 that acknowledged the importance of acquiring born‐digital works and the need to transform how the Library delivers services for the new “digital realm.” The FY01‐05 Plan stated that the Copyright Office and Library “must begin to acquire and make permanently accessible ‘born‐digital’ footnote 20, works that are playing an increasingly important role in the intellectual, commercial and creative life of the United States.” footnote 21 The FY01‐05 Plan’s five‐year goal was “to integrate born‐digital copyright deposits, footnote 22, into the Library’s regular workflow…” footnote 23, as illustrated by the following quote: One of the major challenges facing the Library’s traditional mission over the next five years is collecting digital works published only in digital form. Decisions about what and how to collect digital materials, and how this mission responsibility is to be accomplished cost effectively in collaboration with partners are central to defining the Library’s future. footnote 24 & 25. The FY01‐05 Plan also outlined what infrastructure would be necessary for acquiring digital works in a systematic way: The heart of our digital future is the creation of an institution‐wide digital repository (hardware and software) and repository architecture for managing large bodies of both original and converted historical digital content in multiple media and formats. The technical requirements of the digital repository are new state‐of‐the‐ art software as well as systems architecture that is not readily available in the market place. We will need one central architecture to take in electronic copyright deposits, to manage the NDL, footnote 26, historical (converted) digital files, to acquire electronic materials online and make them available in our reading rooms, and to serve various parts of the institution that need to acquire, manage and make available digital content to their customers. footnote 27. Electronic Journals Project In July 2005, the Library initiated an effort to acquire electronic journals. According to our audit work, the Electronic Journals (eJournals) Project was the Library’s first effort to ingest electronic works through copyright deposit. The project’s charter did not differentiate between mandatory deposit and registration; instead, it used the generic term “copyright deposit.” The eJournals Project was divided into two phases; phase 1 was the development of a proof of concept prototype and phase 2 was the development of a robust repository. By January 2007, phase 1 of building a proof of concept prototype was completed and included ingest services for eJournal content from three sources. Work on phase 2 subsequently began to refine electronic deposit workflows and business processes including the demand, transfer, storage, and preservation of electronic content and related metadata. In April 2009, the Content Transfer Services (CTS) system went into production; CTS keeps an inventory of the content it ingests and makes a record of events. Phase 2 also included the facilitation of policy discussions and the effort to promulgate Copyright Regulations. In July 2009, a proposed rulemaking for mandatory deposit of published electronic works available only online was released, footnote 28 which led to the January 2010 interim rule on that topic. Before work on phase 2 was completed, the eJournals Project was superseded in 2010 by the eSerials Project, described in a later section below. Effective February 24, 2010, the Copyright Office promulgated an interim regulation governing mandatory deposit of electronic serials (i.e., eSerials)published in the United States and available only online. footnote 29 It made eSerials subject to mandatory deposit if the Copyright Office issues a demand for deposit of particular titles of such works. The rulemaking was necessary to ameliorate rules that otherwise exempted copyright owners of works published electronically, and that have no physical counterparts, from the reach of mandatory deposit. The Register, by statute, operates under the standards of the Administrative Procedure Act. As such, the rulemaking process involves public notice and comment from affected copyright owners. As the Library expands its collection of online‐only works to other categories, the Copyright Office will seek public comment before making any new category subject to mandatory deposit or issuing the conditions and specifications for the demand. No other categories of born‐digital works have been made subject to mandatory demand since the January 2010 interim rule for eSerials. Other potential eDeposit categories of born‐digital works include software, video games, digital music, digital still and moving images, electronic books, and magazines. According to the Copyright Office, addressing preservation, security, and access issues could make completing the rulemaking process for these other categories of works more challenging than was the case for eSerials. Librarian’s Management Agenda In July 2009, the Librarian issued a memorandum that outlined his management agenda. One of the Librarian’s primary “tasks” was to “advance efforts to acquire electronic works through mandatory deposit.” footnote 30 The eDeposit Program (eDeposit) In March 2010, the Library completed an eDeposit charter in support of the Library’s “long‐term goal to acquire electronic works published in the United States” footnote 31 and in response to the Librarian’s July 2009 management agenda. As stated in its charter, the goal and objective of the eDeposit Program was to “increase the acquisition, through registration and mandatory deposit, of works created and disseminated digitally or online in a variety of formats.” footnote 32, Program activities, footnote 33, were to include the development of policies, plans, processes, tools, and infrastructure to facilitate the “transfer, ingestion, preservation and access of electronic works that the Library selects and acquires through Copyright deposit.” footnote 34 The program charter created a program manager position and a new steering committee of senior managers from five of the Library’s six service units. The steering committee was “in charge of planning and management of the Program.” footnote 35 In addition, the charter created an advisory committee of cross‐ service‐unit subject‐matter experts in charge of addressing technical and policy issues that arise during the course of the program. Additional program support came from “The Librarian’s Management Agenda 2009‐2010 Task 4 Implementation Group,” footnote 36 a cross‐service‐unit team led by the Copyright Office. footnote 37 The program charter described eDeposit’s scope as follows: The Program will coordinate activities of projects across the Library that are similar in scope (i.e. transferring and ingesting electronic resources through Copyright), in order to ensure proper alignment and prioritization with Library goals, coordination among format‐ specific projects, greater efficiencies of scale in regards to funding and resource allocation, and optimal benefits to eDeposit stakeholders,… The Program will also coordinate its activities with other efforts around the Library, such as the Enterprise Architecture Program,…” footnote 38 The program charter further said eDeposit would undertake “work with Library service units to define internal procedures and implement information technology infrastructure needed to acquire, provide access to, and preserve electronic works beginning with electronic serials content in Fiscal Year 2010.” footnote 39 The program charter included “critical success factors,” such as to “expand and sustain the acquisition of Library content in new formats” and “support the Library’s services to Congress by increasing the acquisition of and providing access to copyrighted works created and disseminated digitally or online in a variety of formats.” footnote 40 The eSerials Project (eSerials) In April 2011, the eSerials project charter was completed. The eSerials Project was the first phase of implementation of the eDeposit Program and was established to ensure that electronic serials content would become part of the Library’s permanent collections through mandatory deposit. footnote 41 The project encompassed “all workflow (whether manual or automated), business processes, technical infrastructure and capabilities and accompanying policy, legislation and regulations to demand, process and internally access eSerials.” footnote 42 Project activities were divided into twelve individual modules. Ten of the project modules were assigned completion dates, but two were not. These two modules include collection preservation and researcher access. The project charter created a project manager position to oversee eSerials, as part of a “program” management office. footnote 43 The charter also created a program sponsor and project director as part of the program management office. The charter noted that the program management office was formed “to ensure that appropriate project management oversight is established and industry standard project management best practices are followed throughout the duration of the eDeposit for eSerials project.” footnote 44 A cross‐service‐unit project team was also created in the charter. Although not created in the project charter, a separate eSerials operations group was formed in October 2011 to discuss strategies for working with publishers and possible solutions to identified problems. The operations group was active and continued to meet regularly. The project charter stated that eSerials would be governed by the Library’s Information Technology Steering Committee (ITSC). ITSC’s charter was established in March 2010. ITSC evaluates IT investments, makes recommendations to the Executive Committee, footnote 45, for prioritizing them, and monitors their execution, among other responsibilities. ITSC did not oversee the eDeposit Program; the new steering committee created as part of the eDeposit program charter was responsible for this function. The project charter included “critical success factors,” such as the “acquisition of digital (eSerials) materials needed by the Library through Copyright mandatory deposit” and “integration with existing business systems.” Findings The Office of the Inspector General (OIG) conducted a performance audit of the eDeposit Program and eSerials Project. According to its charter, the eDeposit Program was created to “increase the acquisition, through registration and mandatory deposit, of works created and disseminated digitally or online in a variety of formats.” footnote 46 The eSerials Project was the first phase of implementation of the 2010 eDeposit Program and was established to facilitate “the acquisition of electronic works through mandatory deposit.” footnote 47 Our overall objective was to evaluate the Library’s efforts to ingest and make available for use electronic works (born‐digital content). As part of OIG’s examination of eDeposit and eSerials, OIG reviewed the Library’s oversight and governance practices, the resources and funding allocated to these efforts, the extent to which the Library followed project management best practices, the cost efficiency of the Library’s efforts, and whether the Library took advantage of partnerships with private and public sectors. The following represents OIG’s findings and recommendations in this area of significant importance to the Library. Progress of the eDeposit Program Is Unclear OIG could not determine whether the Library’s progress to‐date on the eDeposit Program had met Library management’s expectations. The eSerials Project was the only project initiated under the eDeposit Program since the program was created in 2010. By one measure, as of December 31, 2014, the Copyright Office was ingesting 835 eSerial titles on an on‐going basis. This represents approximately 34% of all the active eSerial scholarly titles published in the United States and available online. In addition to eSerials, other potential eDeposit categories of born‐digital works include software, video games, digital music, digital still and moving images, and electronic books and magazines; however, these categories are not currently being ingested under the eDeposit Program. Because the Library’s senior leadership did not establish quantifiable expectations related to cost, performance, and project completion, OIG could not determine whether progress made to‐date had met the Library’s expectations; the Library has described its progress as “incremental.” OIG identified select Library activities related to collecting born‐digital works initiated over the last 14 years, as discussed in the background section. Examples include the FY01‐05 Plan, the Librarian’s management agenda, and the eDeposit Program. There have also been at least two projects to develop the mechanisms needed to acquire electronic works, the Electronic Journals Project and the eSerials Project. Before it was completed, the Electronic Journals Project was superseded in 2010 by eDeposit Program activities, as described below. In March 2010, the Library established the eDeposit Program and stated its goal was to “increase the acquisition, through registration and mandatory deposit, of works created and disseminated digitally or online in a variety of formats.” footnote 48 It also stated that the Library would utilize its mandatory deposit authority through the Copyright Office to “acquire, provide access to, and preserve electronic works beginning with electronic serials content in Fiscal Year 2010.” footnote 49 Program activities were to include the development of policies, plans, processes, tools, and infrastructure to facilitate the “transfer, ingestion, preservation and access of electronic works that the Library selects and acquires through Copyright deposit.” footnote 50 However, OIG could not find a description of the program’s individual components, a schedule for completing the components and the effort overall, cost estimates for the individual components or for the effort overall, and a process for reporting on eDeposit’s performance as it progressed. Subsequently, in April 2011, the Library formally established the eSerials Project by completing the project’s charter. The charter noted that eSerials was “the first phase of implementation of the Library of Congress’ eDeposit Program.” footnote 51 To the Library’s credit, the program sponsor had various project artifacts prepared, including an eSerials project charter and schedule focused on completing a soft launch of the eSerials Project by September 2011. The eSerials project charter defined various modules grouped in “Releases” to be completed by future target dates. The program sponsor also provided six eSerials project status updates to the ITSC from August 2010 to April 2011, and in February 2011 discussed the project with the Executive Committee. In addition, an estimated budget of $11.83 million was prepared to complete the eSerials Project. The budget included an estimate for contractors to assist with the development of needed IT infrastructure and the configuration of hardware/software from FY 2010 to 2015. However, OIG was not able to assess whether progress made to‐date on the eSerials Project had met the Library’s expectations with regard to cost, schedule, and performance. OIG conducted a review of approximately three years’ worth of Executive Committee agendas and minutes up through August 2014 and found that the Library’s senior leadership discussed eSerials only once. At that meeting, senior leadership agreed upon a general direction for eSerials, but did not establish expectations for cost, performance, and project completion. Also, OIG could not determine Library management’s expectations for eSerials on a day‐to‐day basis because every staff position in the project’s program management office was vacant at the time of this audit, including the program sponsor’s position. The program sponsor left her role in July 2011 to work for another service unit and was not replaced. Additionally, OIG could not determine whether the eSerials Project’s costs were in‐line with the Library’s expectations because the ITSC did not review any budget‐to‐actual cost comparisons for the project. The ITSC, which is responsible for overseeing the Library’s information technology investment management process, approved $1.5 million of the eSerials Project’s initial estimated budget of $11.83 million to cover costs incurred from August 2010 through February 2013. Accordingly, because the Library’s senior leadership did not establish quantifiable expectations related to cost, performance, and project completion, the Library would be unable to determine whether progress made to‐date was meeting such expectations. For the same reason, OIG could also not determine whether progress made to‐date, as documented in the Library’s performance management system (eLCplans), had met the Library’s expectations. It is not clear whether the Library met the goals and time period that LC21 envisioned 14 years ago. The critical question for the Library is whether it should strive for significantly more progress given the importance of electronic works. Certainly, the landscape has changed in the intervening years and complexity has increased. The Library needs to determine how best to approach obtaining electronic works—through eDeposit, through some other means, such as coordination with industry, or both. Mandatory deposit rulemakings may yield workable arrangements in some instances; it is equally possible that negotiated arrangements with private and public entities may be the only way forward. There are a number of causes for the Library’s lack of clarity around the success of eDeposit. Specifically, the Library has challenges pertaining to strategic planning, leadership, and governance, as well as organizational and financial management issues. We discuss these challenges in more detail below, and make recommendations that are based on common, successful practices identified by the GAO, academia, and the private sector. Strategic Planning, Leadership, and Governance Issues The Library Needs an Overarching eCollections Strategy – Without Such a Strategy, the Library Risks Making Inefficient Use of Its Limited Resources OIG’s audit of the eDeposit Program revealed that the Library needs an overarching eCollections Strategy, footnote 52 for creating a digital platform, footnote 53 that meets common requirements for ingesting and protecting electronic works. Grouping eCollection activities together and evaluating them within an overall portfolio could help the Library identify and remove duplicative activities, which would make the Library more cost efficient. Completing an eCollections Strategy could also help ensure that eCollection activities are meeting the Library’s strategic business objectives. The electronic serials currently being collected under the eDeposit Program through the eSerials Project represent just one element of the Library’s larger eCollections Strategy. Library management may want its relatively newly reinstated Collection Development Office (CDO) to play a leading role in articulating its eCollections Strategy; Library Services reinstated the CDO in 2012. The FY01‐05 Plan stated that determining how to collect digital works was “central to defining the Library’s future” footnote 54 and that the Library needed to transform its traditional services to create a “central architecture to take in electronic copyright deposits.” footnote 55 The FY01‐05 Plan described the central architecture as follows: We will need one central architecture to take in electronic copyright deposits, to manage the NDL historical (converted) digital files, to acquire electronic materials online and make them available in our reading rooms, and to serve various parts of the institution that need to acquire, manage and make available digital content to their customers. footnote 56 The Library referenced this effort as part of its budget justifications in FY 2001 to FY 2003, but OIG was unable to identify any other information in the budget or elsewhere that directly related to managing and executing the plan. The eDeposit Program represents just one part of the Library’s overall eCollections Strategy. In early 2010, records show that in response to the Librarian’s July 2009 management agenda, the Library contemplated categories of electronic works to collect for the national library through mandatory deposit in addition to electronic serials. The categories under consideration were electronic books, sound recordings, and video games, among others. Further, as shown in Figure 1 below, records demonstrate that sometime in 2012 the Library recognized the need to conceptualize a portfolio‐based strategy. The eDeposit Program, including mandatory deposit (section 407) and copyright registration (section 408), was grouped together with other methods of collecting electronic works for the national library, such as through purchase, exchange, and transfer. According to Library officials, the Library did not act upon this action plan and this effort appeared to stop. Figure 1. Building Digital Collections More recently, the Library’s Digital Collections Coordinating Committee (DC3) conducted a survey of Library employees and in October 2014 reported on employees’ opinion‐based survey responses. DC3 was given its charge by the then‐Associate Librarian for Library Services, who instructed the committee to “enhance and further develop digital collection management practices in Library Services.” footnote 57. The purpose of the survey was “to gather information on born‐ digital content acquisition practices, interests, success, challenges and suggestions for improvement…” footnote 58. DC3 received and analyzed 31 division‐level responses from Library Services, the Law Library, the Copyright Office, and the Congressional Research Service. The results suggest that Library employees have identified the need for an overarching eCollections Strategy. One of DC3’s primary conclusions was that “the lack of a sufficient infrastructure, the lack of collection policy regarding when it is appropriate to collect digital material, and the limited ability to provide access to born‐digital content has dampened acquisitions efforts.” footnote 59. The surveyed employees believed that limitations in the Library’s acquisition of born‐digital works have “prevented the Library from fulfilling its core mission in regard to digital collection material.” footnote 60 All of the Library’s eCollection‐related activities, including eDeposit and eSerials, should be grouped together and evaluated within an overall portfolio. By grouping individual eCollection activities together, the Library would have the opportunity to identify and remove duplicative activities. This approach could help the Library be more cost efficient and leverage economies of scale to develop systems that meet common requirements spanning across the Library’s service units. It could also help the Library make investment decisions and allocate resources based on meeting the Library’s strategic business objectives as articulated within the eCollections Strategy. The need for greater guidance related to allocating resources for eCollection activities was a topic of particular concern for the respondents to DC3’s survey. DC3 paraphrased respondents as saying “without explicit guidelines from management, how can they commit resources to digital collection material if that would result in greater backlogs in analog material?” footnote 61 With the continued expansion and recent acceleration of the digital revolution since LC21 was issued in 2000, the gap in the Library’s collection of born‐digital works will only grow over time. As noted approximately 14 years ago in the FY01‐05 Plan, “The amount of born‐digital works that have already been lost is unknown, but is substantial.” footnote 62 And, without action, “the risk grows that an increasingly [sic] amount of knowledge will be lost forever.” footnote 63 Based on OIG’s interpretation, the results of the DC3 survey suggest that current Library employees believe this risk now poses a threat to the Library’s reputation. The DC3 report stated the following: “Many respondents believe that the Library is years behind other national libraries and research institutions in collecting digital material and fear the Library’s importance as a premier research institution is declining.” footnote 64 As part of creating an overarching eCollections Strategy and collecting other categories of born‐digital works in addition to eSerials, the Library may need to revisit the eDeposit Program with respect to copyright registration and mandatory deposit. According to the Copyright Office, the Library may need to assess whether it can count upon electronic works submitted by copyright owners for registration and protection as a source for building the national library, and the Library’s rights under mandatory deposit have also become more complicated. Accordingly, the Library may need to consider such issues in order to develop the best approach for collecting other categories of born‐digital works. In designing its eCollections Strategy, the Library may also want to consider expanding its use of partnerships with private and public sector third parties, which could offer an alternative to collecting electronic works through copyright registration and/or mandatory deposit. LC21 noted that the Library “is in a unique position to demand the deposit of some digital materials and to require agreements for shared custody or failsafe preservation should the materials become unavailable.” footnote 65 Further, LC21 stated the following: “Copyright deposit is not the only means by which the Library can acquire digital materials for its collections. However, publishers may be reluctant to provide the Library with digital content without a specific agreement on how that content may be accessed.” footnote 66 OIG identified progress with regard to these two types of agreements for eSerials; one with third‐party aggregators and the other with publishers. The Library and the Copyright Office established a cooperative agreement with one third‐party aggregator so far, Data Conversion Laboratory (DCL), which allows DCL to deposit eSerials in response to mandatory deposit demands on behalf of their publishers at no cost to the Library. The Library and the Copyright Office have also signed Special Relief Agreements with three publishers so far (Walter De Gruyter, Emerald Publishing, and Hindawi). footnote 67 OIG views these as positive developments that are worthy of consideration for other categories of electronic works as part of an overarching eCollections Strategy. In Executing Its eCollections Strategy, the Library Needs to Appropriately Utilize Its Enterprise Architecture Program to Reduce the Risk of Implementing Duplicative, Poorly Integrated, and Costly eCollection Activities Once the Library has developed an eCollections Strategy, it needs to carry out its plan using enterprise architecture (EA), a program that reduces the risk of funding IT investments that are duplicative, poorly integrated, and costly. Using EA has been encouraged by GAO, OIG, private sector experts on digital technology, and by the Library in its Information Resource Management (IRM) Plan, IRM Reference Report, footnote 68 and strategic plans. Additionally, the eDeposit program charter stated that the eDeposit Program would “coordinate its activities with other efforts around the Library, such as the Enterprise Architecture Program…” footnote 69 However, according to our audit work, EA has not been used for the eDeposit Program and eSerials Project. GAO has described the benefits of using EA: The EA provides a clear and comprehensive picture of the structure of an entity, whether it is an organization or a functional or mission area. It defines an organization’s operations in logical (i.e., information flows) as well as technical terms (i.e., hardware and software). The EA also describes these perspectives both for the organization’s current or “as‐is” environment and for its target or “to‐be” environment as well as for a transition or sequencing plan for moving from the “as‐is” to the “to‐be” environment. footnote 70 GAO has also described the risks of not using EA: Not using an EA can result in organizational operations and supporting technology infrastructures and systems that are duplicative, poorly integrated, unnecessarily costly to maintain and interface, and unable to respond quickly to shifting environmental factors. footnote 71 OIG recommended that the Library utilize EA in our March 2009 IT report. We noted that EA gives a “high‐level snapshot of IT systems and business processes and provides a framework for making IT investment decisions.” footnote 72 We further noted that the Library needed to “implement an Enterprise Architecture that could be coupled with a strategy and provide a roadmap for implementing technology in the future.” footnote 73 In Leading Digital, Dr. George Westerman et al. recommended using EA to build a new digital platform because it offers “a roadmap explaining the desired organizing logic of your business processes and underlying technology.” footnote 74 Further, the authors explained that to transform operations “you need a technical architecture comprising existing applications and new ones” footnote 75 and that through the use of EA “you should be able to map your current state to your future state with the technical and organizational changes that will be required to get there.” footnote 76 Similarly, Peter Weill, Chairman of the MIT Sloan School of Management’s Center for Information Systems Research, and his co‐author of IT Savvy stated that “IT‐savvy firms decide how they want to operate and proceed to build a digitized platform of business processes, IT systems, and data to execute on their operating strategy.” footnote 77 As part of the audit, OIG found that the Library has not utilized EA during the implementation of eDeposit and eSerials; the Library lacked descriptions of the current or “as‐is” environment, the target or “to‐be” environment, and a roadmap leading from the “as‐is” to the “to‐be.” Library of Congress Regulation (LCR) 1600 established the Library’s EA program in October 2012. LCR 1600 also identified the Architecture Review Board (ARB) as responsible for “overseeing the implementation of the EA and progress towards the future EA,” footnote 78 “monitoring and ensuring adherence to the EA by providing guidance to project implementation teams,” footnote 79 and “providing IT investment advice to the ITSC,” footnote 80 among other responsibilities. Accordingly, the Librarian should require the ARB, as part of the implementation of the eCollections Strategy, to define the current or “as‐is” environment, the target or “to‐be” environment, and a roadmap leading from the “as‐is” to the “to‐be.” The eCollections Strategy Must Take into Account the Business Needs of the Copyright Office The Copyright Office’s business needs must play a role in the overarching eCollections Strategy. For example, the Library needs to ensure that electronic works transferred by the Copyright Office from copyright registration or mandatory deposit for its collections are protected from unauthorized copying and sharing. Similarly, the current Register has emphasized the importance of securing electronic works in the custody of the Copyright Office. Addressing security issues should be done as part of implementing an overarching eCollections Strategy and associated EA that defines the Library’s strategic direction and its target or “to‐be” EA state for ingesting electronic deposits collected for the national library through copyright registration and/or mandatory deposit. LC21 highlighted the importance of securing electronic works obtained through either copyright registration or mandatory deposit. According to LC21, the production system for both copyright registration and mandatory deposit “must fit into an infrastructure that would help the Library augment its comprehensive physical collections with digital works.” footnote 81 Further, the repositories that store the Library’s digital materials will need “robust security” to prevent “loss, alteration, and unauthorized access.” footnote 82 The current Register was appointed in June 2011. footnote 83 She has noted the importance of securing electronic works in the context of copyright registration. The current Register stated in a lecture that as “digital works become more and more prevalent, copyright owners deserve clarity as to the security of their digital files. Particularly in the context of registration, where copyright owners submit their works for the purpose of obtaining legal protections, both the Copyright Office (for its registration needs) and the Library (for its collection needs) will have to offer and maintain secure repositories and other safeguards that inspire confidence and participation in the copyright system.” footnote 84 Further, during a recent congressional testimony, footnote 85 the Register noted the security risk associated with the copyright registration of digital works. She explained that the Copyright Office shares computer servers with the Library. When asked by Representative Jerrold Nadler whether that was a “danger to security” for copyright holders, she said “I think so. Nothing insidious and terrible has happened, but it is certainly a risk.” footnote 86 Executive and Staff Turnover Has Undermined the eDeposit Program and eSerials Project Turnover has posed a significant challenge to the Library’s management of the eDeposit Program and eSerials Project. Most of the individuals assigned to these efforts have left the Library for positions elsewhere, retired, or transferred to new positions at the Library. This turnover has undermined the Library’s ability to achieve success and enforce accountability, according to OIG’s analysis. The Librarian’s July 2009 management agenda assigned responsibility for advancing efforts to acquire electronic works to the following executives: Marybeth Peters, Register; with support from Deanna Marcum, Associate Librarian for Library Services; Laura Campbell, Associate Librarian for Strategic Initiatives; and Roberta Shaffer, Law Librarian. All of these individuals have since retired from the Library. Furthermore, the eDeposit program charter established in March 2010 was approved by these executives and Daniel Mulhollan, Director of the Congressional Research Service, who has since retired. The eDeposit program manager and every member of the program’s steering committee composed of senior managers from five service units, who were in charge of the program’s “planning and management,” footnote 87 have also either left the Library or transferred to new positions and stopped working on the eDeposit Program. Similarly, the eSerials project manager and every member of the program management office has either left the Library for positions elsewhere or transferred to new Library positions. At the end of 2011, the head of the Copyright Acquisition Division, which administers the mandatory deposit provision of the Copyright Law, also retired. As a result of the multiple vacancies, OIG could not determine who was accountable for managing the day‐to‐day activities of the eDeposit Program and the eSerials Project. The Librarian cannot enforce accountability for eDeposit and eSerials without having assigned responsibility for them. GAO identified having reliable government and contractor staff as a common factor that is critical to the success of major federal government IT investments. Specifically, GAO noted that “having consistent and stable staff can allow teams to keep pace with their workload, make decisions, and have the necessary accountability.” footnote 88 The OIG believes that the Library needs a mechanism to ensure continuous centralized monitoring of critical eCollection activities and regularly scheduled executive‐level project management reporting that would enable the Librarian to mitigate some of the void created by departures. The creation of such a mechanism is discussed in more detail later in this report. Turnover in the CIO Position and Its Placement within the Organization Have Undermined the Direction and Implementation of eCollection Activities The lack of a permanent chief information officer (CIO) and the suboptimal placement of the CIO position within the Library’s organizational structure have undermined the effectiveness of its eDeposit Program and eSerials Project activities. The Librarian needs a CIO, whose position is described in LCR 1600, to oversee such IT investments that span across the Library’s service units. The IRM Plan stated that the CIO “will act as the business owner for Library‐wide information technology infrastructure…” footnote 89, but the Library has not had a permanent CIO for over two years. The Associate Librarian for Strategic Initiatives, who served in this role from October 2000 until her retirement in June 2012, also served as the Library’s CIO. Since then, four senior staff in the Office of Strategic Initiatives (OSI) have served as Acting CIO. In March 2015, the Library started recruiting for a permanent CIO. To improve the results of its eCollection activities and accomplish its eDeposit‐ related activities, the Library needs a strategic‐thinking CIO with experience creating digital platforms and duties, responsibilities, and authority consistent with best practices. Dr. Westerman et al. underscored in Leading Digital the importance of IT leaders who offer strong, top‐down leadership: “IT leaders can help shape the platform. They can translate the digital vision into a vision of the technology platforms that will make it a reality… They can adjust technology funding methods to support the right kind of growth.” footnote 90. Accordingly, a CIO is critical to facilitating the enterprise‐wide portfolio management of activities related to collecting electronic works for the national library. Additionally, the CIO position must be situated properly within the Library’s organizational structure to help facilitate the development of the eCollections Strategy. OIG has identified concerns about the placement of the CIO position in the past. OIG noted the following in our March 2009 IT report: Our research of CIO functions across several legislative and executive agencies revealed that the Library’s programmatic function under the CIO is unique among federal agencies. We also found in federal agencies and major universities with similar missions to the Library, the CIO of the IT organization generally reports directly to the head of the organization. footnote 91 The Library’s CIO position resides within OSI, as it did at the time of our March 2009 IT report. This places the CIO in a second‐tier position that lacks “the mandate or authority to enforce proper Library‐wide IT governance.” footnote 92 OIG made the following recommendation in our 2009 report: Separate the IT support functions from OSI and establish the Office of Chief Information Officer (OCIO) from the ITS Directorate and other IT support functions of OSI. The CIO will report directly to the Librarian or Chief Operation Officer with duties, responsibilities, and authority consistent with best practices. footnote 93 The recommendation remains open. To its credit, while this report was issued in draft, the Library announced the recruitment of the CIO position with the intent of placing a permanent CIO by September 2015. The Library stated that it was advised it may have difficulty recruiting the right caliber of person because the Library’s pay levels are significantly below those of industry and the executive branch. Before September 2015, the imperative will be for the Library to separate the OSI function from the OCIO. To Achieve His Vision, the Librarian Should Take Steps to Implement Better Governance and Accountability GAO identified support from agency executives as a common factor that was critical to the success of major federal government IT investments. Specifically, GAO noted that “strong leadership support can result in benefits to a program, including providing the program manager the resources necessary to make knowledge‐based, disciplined decisions that increase the likelihood of their program’s success.” footnote 94 Completing digital transformations requires leaders to stay committed and involved, and for them to focus on accountability. This has not occurred at the Library for the eDeposit Program and the eSerials Project. The Librarian needs to implement better governance to ensure accountability for the timely implementation of the Librarian’s vision for collecting born‐digital works. The Library’s Executive Committee (EC) is one of its key governing bodies for overseeing IT investments. The EC is composed of the heads of each of the Library’s service units and is chaired by the Librarian. The IRM Plan and IRM Reference Report laid the groundwork for the Library’s IT governance structure and the EC; LCR 1600 established the EC’s responsibilities for IT Investment Management. The IRM Plan stated that the EC should stay informed of key efforts and receive executive‐level reports and recommendations for IT investment management (ITIM) processes. footnote 95, Similar to the IRM Plan, LCR 1600 stated that the EC was responsible for “monitoring and directing appropriate actions on results of key efforts and executive‐level reports and recommendations for ITIM processes.” footnote 96. According to OIG’s interpretation, performing these “monitoring and directing” activities is necessary for accountability purposes and to enforce the Library’s policy that Library personnel “take responsibility for managing and monitoring” information systems “to ensure they are appropriately implemented, upgraded, enhanced, maintained, or retired,” footnote 97 as stated by LCR 1600. OIG found that the EC had performed minimal “monitoring and directing” of the eDeposit Program and eSerials Project, and therefore was not enforcing accountability. OIG reviewed more than nine years of the EC’s meeting agendas and minutes regarding eDeposit, eSerials, and other related projects and concluded that it had performed “monitoring and directing” activities on only one occasion. footnote 98 Specifically, OIG found that the EC had met just four times in calendar year 2013 and three times in calendar year 2014 up through early August 2014. OIG also found that from February 2005 through early August 2014, the EC did not directly discuss eDeposit at any meeting and directly discussed the eSerials Project only once. OIG did not find any reference to when the eSerials Project would be completed, costs over time, performance, or vacancies. Accordingly, based on our audit work, the Library lacks a mechanism for reporting such information to the EC, or a mechanism for setting appropriate agenda items that relate to eCollection strategic issues, progress, and accountability. Dr. Westerman et al. emphasized in Leading Digital that successful digital transformation requires strong top‐down leadership. Successful leaders “stayed involved throughout the transformation to make the case for change, to drive the change forward, and to redirect activities and behaviors that went against the vision.” footnote 99 In other words, successful leaders are willing to lead and drive change. The authors elaborated: Our research shows that successful digital transformation starts at the top of the company. Only the senior‐most executives can create a compelling vision of the future and communicate it throughout the organization. Then people in the middle and lower levels can make vision a reality. Managers can redesign processes, workers can start to work differently, and everyone can identify new ways to meet the vision. This kind of change doesn’t happen through simple mandate. It must be led. Among companies we studied, none have created true digital transformation through a bottom‐up approach… Only senior executives are positioned to drive this kind of boundary‐spanning change… But having a shared vision is not quite enough. Many organizations fail to capture the full potential of digital technologies because their leaders lack a truly transformative vision of the digital future. footnote 100 The authors of IT Savvy also emphasized the importance of leadership and noted that leaders must “assess progress” and set “performance metrics” to ensure success. They stated: You and your senior [executives] are a critical success factor in your firm’s IT savvy journey. It is up to you and your colleagues to build an IT‐savvy culture and define the operating model. Then allocate the resources to implement the model, determine the level of commitment, communicate and encourage desirable behavior, and assess progress. No one else in the firm has the clout to do this… Once you make the commitment to build a digitized platform, you will find that, to get on board, the rest of your people need clear performance metrics and transparency regarding decision processes. footnote 101 The Librarian should take steps to ensure timely implementation of his vision to collect electronic works. To do so, the Librarian and his immediate leadership team should create a mechanism to receive regularly scheduled program and project management reports on critical eCollection activities and milestones. The Librarian should mandate a review of such reports and take timely action as necessary to ensure that eCollection activities stay in‐line with the Librarian’s vision and with Library management’s cost, schedule, and performance expectations. Further, the Librarian needs to provide greater clarity on the role of the Executive Committee in monitoring and overseeing cross‐cutting IT programs, such as eDeposit and eSerials, and then ensure that the Executive Committee is consistently involved and overseeing implementation as appropriate. The Information Technology Steering Committee Does Not Have the Necessary Information and, as Currently Structured, Lacks the Authority to Exercise Program and/or Project Oversight The ITSC ensures transparent decision‐making by serving as the sole IT governing body, other than the position of the Librarian, responsible for overseeing the Library’s information technology investment management process, as stated in LCR 1600. “The purpose of the ITSC is to provide structure and formalize processes for selection and management of IT investments,” according to LCR 1600. footnote 102 OIG found that ITSC’s transparent decision‐making cannot function effectively though because ITSC lacks comprehensive information about IT projects at the Library. The ITSC has recently taken steps to obtain better information, but until ITSC has comprehensive information, the Library cannot be assured that IT projects are being reviewed and managed as required under LCR 1600. ITSC’s decision‐making criteria have also not been aligned with the Library’s organizational priorities. Consequently, the Library is at risk of major IT investments occurring outside of the Library’s IT decision‐ making process, and of ITSC making investment decisions that may not be in‐ line with the Library’s strategic objectives. As currently functioning, the ITSC operates in an information vacuum. LCR 1600 requires IT investments that meet any one of certain threshold criteria to undergo a review by the ITSC. The criteria include the following: The estimated three‐year cost for acquisition, development, operation, and maintenance is $1,000,000 or more; b. The software enhancements or expansions in functionality are significant and require complex implementation; c. The investment impacts another service unit, either in the initial investment year or in subsequent years… footnote 103 Members of the ITSC told OIG that ITSC relied on service units to notify ITSC of IT investments that meet the criteria, although the members noted that ITSC was working to develop other mechanisms to identify IT investments. In the meantime, without having an independent source of information on IT projects, the Library operates at the risk of major IT investments occurring outside of its designated IT decision‐making process. To address this issue, the ITSC needs to begin to acquire information on IT investments from an independent source, such as from the Office of the Chief Financial Officer, to ensure that IT investments are being overseen by ITSC as appropriate. The Office of the Chief Financial Officer can continuously provide the full universe of IT investments budgeted each fiscal year, as well as actual year‐to‐year costs for budget versus actual comparisons, to strengthen ITSC’s monitoring activities. ITSC’s decision‐making criteria were also not formulated to align with organizational priorities as required by LCR 1600. LCR 1600 stated the following: It is the policy of the Library not only to align IT investments with the Library’s strategic goals, but also to connect strategic planning, enterprise architecture, and IT investment management, in order to design and leverage Library information resources to meet future congressional and public expectations as well as current operational needs and requests. footnote 104 The ITSC cannot ensure that IT investments related to the collection of electronic works address strategic needs if its criteria for approving and monitoring IT investments do not align with the Library’s organizational priorities as stated, for example, in an eCollections Strategy and associated EA, as well as with common requirements spanning across the Library’s service units for ingesting and protecting electronic works. OIG also found that ITSC lacked a rigorous approach to overseeing projects. For example, OIG could not determine whether costs related to the eSerials Project were in‐line with the amount ITSC had approved. According to the ITSC’s meeting minutes, ITSC approved a total of approximately $1.5 million in funding for eSerials. OIG, however, could not determine whether spending was in‐line with this amount because ITSC has not conducted budget‐to‐actual cost comparisons. footnote 105 Additionally, ITSC’s monitoring of eSerials has lacked a mechanism for monitoring the project’s costs in relation to cost estimates, a process for reporting on the project’s performance, and a complete schedule for the project. footnote 106 To compound the issue, if ITSC identified any managerial or operational issues of concern, it would lack the authority to address them, which means such issues would continue unabated without the involvement of Library leadership. According to LCR 1600, ITSC is responsible for the ʺselection and management of IT investments.” footnote 107 ITSC is also responsible for “overseeing major IT investments by obtaining progress updates and reviewing the ITIM Control and Evaluate reports, footnote 108 issued by the ITIMPO.” footnote 109 However, ITSC was not granted the authority to direct the activities being performed; that authority was assigned to the EC. LCR 1600 made the EC responsible for “monitoring and directing appropriate actions on results of key efforts and executive‐level reports and recommendations for ITIM processes.” footnote 110 As a result, ITSC’s role in “overseeing major IT investments” is unclear. One member of the ITSC explained to OIG that given the current arrangement he did not consider managerial and operational issues to be relevant to the ITSC. He explained that, for example, if work on an IT investment stopped or stalled, it was a management issue and not of concern to the ITSC. The OIG believes that ITSC should start communicating project and program deficiencies to the EC. LCR 1600 stated that ITSC “reports to and advises the EC.” footnote 111. This makes the ITSC a critical feedback control point to the Librarian and the EC on issues related to schedule, cost, and performance. If the ITSC does not serve this role, the Library runs the risk of problems going undetected and/or unresolved. For example, based on a review of the EC’s minutes and agendas, OIG found that the EC has neither been informed nor inquired about the eSerials Project via the ITSC. footnote 112. As a result, problems have not been addressed, such as the fact that every staff position in the eSerials Project’s program management office was vacant at the time of this audit. Organizational and Financial Management Issues The Library Does Not Have Adequate Program and Project Management Practices, Which Prevents Accountability for Its eCollection Activities The Library needs to adopt and implement best practices for standardizing project management to increase the likelihood of completing eCollection activities on time and on budget. Otherwise, the eCollections Strategy and any related projects will be at an increased risk of failure. Specifically, the absence of complete information in foundational documentation—such as project charters that define project success, deliverable‐oriented work breakdown structures that detail the work needed to be accomplished, project management plans that include cost and schedule baselines, management plans that provide methods for prioritizing requirements, and a technical architecture that maps to the Library’s “target state”—will prevent the Library from fully defining its eCollection activities in terms of what they will accomplish, what steps are necessary to complete them, what they will cost, when they will be completed, what functionality is needed, and who will be held accountable for performance. The Library did not “manage proactively for demonstrable results” footnote 113, with regard to the eDeposit Program and eSerials Project. As stated in the Library’s strategic plan for fiscal years 2011‐2016, one of the Library’s strategic goals has been to “manage proactively by setting clear priorities, by establishing measurable goals, and by providing clear assessments of progress in a transparent governance process.” footnote 114, OIG found that some progress has been made, such as the Copyright Office promulgating an interim regulation, the eDeposit Program being created, and the eSerials Project being started.However, OIG could not determine whether “demonstrable results” were achieved. Because the Library’s senior leadership did not establish quantifiable expectations related to cost, performance, and project completion, OIG could not determine whether progress made to‐date had met the Library’s expectations. To address these issues, Library management should adopt and implement best practices for standardizing project management, as defined by the Project Management Institute. footnote 115. The Project Management Institute reported that organizations that use best practices for standardizing project management practices are much more likely to generate better project outcomes. This should also help to minimize the effect of executive and staff turnover. OIG found that the eDeposit Program lacked a description of the program’s individual components, a schedule for completing the components and the effort overall, cost estimates for the individual components or for the effort overall, and a process for reporting on eDeposit’s performance as it progressed. The eSerials Project lacked a process for monitoring costs in relation to cost estimates. OIG also noted that “critical success factors” were established in the eSerials project charter, but could not find records to indicate that progress was evaluated in reference to these factors. One specific practice worthy of consideration is progressive elaboration, which was also missing in the Library’s management of the eSerials Project. To address new developments, project management plans should be iterative and go through progressive elaboration, which involves continuously improving and detailing plans as more information and more accurate estimates become available. Progressive elaboration would allow Library management to oversee eSerials and other eCollection activities at a greater level of detail on an on‐going basis. Greater Financial Management Controls Are Needed In our review of the eDeposit Program, we found that cost estimates were not completed. We also found that the Library’s Budget Office and Financial Reporting Office do not have a mechanism to properly project and allocate IT‐ related expenses, such as payroll costs incurred on IT projects. As a result, if a service unit does not alert the Budget Office and the Financial Reporting Office of such expenses, the full costs of an IT project could elude senior leadership scrutiny. According to GAO, IT investments, such as the eDeposit Program and eSerials Project, should have a business case that provides the sponsor’s justification for the project. The business case should identify the organizational needs to be met; outline benefits, estimated costs, and risks, including the results of a cost‐benefit analysis; and establish proposed time frames and delivery schedules. Specifically, a complete cost‐benefit analysis should identify and quantify benefits and costs; identify assumptions and constraints that were used when developing figures; evaluate alternatives using net present value; and perform risk and sensitivity analyses. footnote 116 OIG found only certain elements of a business case as described above in the eDeposit Program’s records. As a result, the Library is at risk of funding eCollection activities that do not offer the best and most cost‐effective approach for meeting organizational needs. To address this issue, the Librarian should require service units and sponsors of significant IT investments to submit complete business case documents to the ITSC for review during an early phase of product development. Further, as noted by GAO, the business case should periodically be reviewed and verified with respect to the business need(s) being supported. footnote 117 According to GAO, if an IT project is out of alignment with the Library’s strategic business objectives, then it needs to be resynchronized with the strategic plan. The most promising IT projects should be identified for continued investment. As part of this review, the ITSC should determine whether needs continue to be met in a cost‐effective and risk‐insured manner. Although the Library is not required to follow OMB Circulars, they do represent sound business practices that the Library may want to consider to help mitigate financial risks. Appendix J of OMB Circular A‐11, footnote 118 may be of particular interest to the Library with regard to IT investments. According to Appendix J, budgeting for capital asset acquisitions should demonstrate “a projected return on the investment that is clearly equal to or better than alternative uses of available public resources. Return may include: improved mission performance in accordance with measures developed pursuant to the Government Performance and Results (GPRA) Modernization Act of 2010; reduced cost; increased quality, speed, or flexibility; and increased customer and employee satisfaction. Return should be adjusted for… the likelihood of cost overruns, and the consequences of under‐or non‐performance.” footnote 119 Appendix J also states that budget justifications for capital asset acquisitions should include cost, schedule, and performance goals that can be measured using a performance based management system. A performance based management system may include an earned value management approach such as percentage of completion. footnote 120 OIG recommended in 2009 that “All IT costs including computer security should be accounted for as part of the IT budgetary process.” footnote 121 The Library also does not track its IT costs. The OIG’s March 2009 IT report recommended that “The Library should develop a methodology to maintain and track all Library IT expenses.”122 Service units may request new funding through the budget formulation process by submitting a New or Expanded Program Request (NEPR) to the Budget Offi footnote ce. Service units can also use base funding, which is available to cover general operating costs, and fees collected, subject to Congressional authority to spend those receipts. Consequently, when eDeposit was initiated, a service unit could have initiated and managed an IT project outside of the Librarian’s scrutiny. As the result of improvements made in fiscal year 2013, the Budget Office now has the capacity to examine funding more closely and perform periodic reviews of service units’ IT spending. However, the Budget Office and the Financial Reporting Office continue to lack the capacity to reliably determine the payroll costs incurred by service units on IT projects; these costs can be a large portion of the development costs. This represents a remaining impediment to full transparency. As a result, if a service unit had not alerted the Budget Office through a NEPR or otherwise, the full costs of an IT project would not be known. The Library cannot manage effectively without such information. Accordingly, the Librarian should direct the CFO to develop the capability to fully project, capture, and track the actual cost of IT‐related activities, such as the eDeposit and eSerials eCollection activities. Developing this capacity would help the Library strengthen its budgeting, financial reporting, and program and project management practices and to conduct more meaningful comparisons of IT projects’ actual and estimated costs. To Strengthen the Library’s Oversight, the Monitoring of eCollection Activities Should Be Integrated into the Library’s Overall Planning and Performance Management Process As part of the audit, OIG found that the Librarian and his immediate management team lacked the capability to monitor significant IT investments, such as the eSerials Project, across its planning, budgeting, program/project management, and financial accounting systems. GAO has noted the importance of having IT investment process guidance that specifies, among other things, the manner in which IT investment‐related processes will be coordinated— including, at a minimum, coordination across the strategic plan, budget, and enterprise architecture. footnote 123 This would help the Librarian and his immediate management team address problems in a timely manner, and prevent eCollection activities generally from eluding senior leadership scrutiny. In our March 2013 audit report entitled Working Towards the Spirit of the Government Performance and Results Modernization Act, No. 2013‐PA‐101, OIG recommended that the Library implement significant elements of the GPRA Modernization Act of 2010 (Modernization Act). The Modernization Act prescribes among other things that an agency’s annual performance plan must do the following: • Establish performance goals to define the level of achievement expected during the year in which the plan is submitted; • express goals in an objective, quantifiable, and measurable form; • describe how the performance goals and objectives contribute to the strategic plan; • establish performance indicators to measure and assess outputs, service levels, and program activity outcomes; • provide a basis for comparing actual program results to goals; and • describe how the agency will ensure the accuracy and reliability of the data used to measure progress towards its program goals. Also, where an annual goal was not met, explain why the goal was not achieved, the plans and schedules for achieving the goal, and recommendations if the goal is found to be impractical or infeasible. In our report, we recommended that the Library improve its performance management process by enhancing its data verification and validation processes. Library management agreed with our recommendations and the Strategic Planning Office has implemented them. However, given the current budgeting and financial system challenges cited above for planning, tracking, capturing, and monitoring IT projects, more work is required by Library executives to obtain the performance data the Modernization Act requires. As stated earlier, the Library should implement standard business practices for the management of eDeposit, eSerials, and all other eCollection activities. Significant elements of organization‐wide project management are the artifacts and related quantitative data demonstrating variances in project delivery and investment targets. This information should be collected, tracked, and used to inform management oversight and reporting, including budget, planning, and investment decision‐making going forward. This information should also be used as part of the Library’s performance management process. The Library‐wide execution of a strategic plan and related annual performance plans requires a highly coordinated effort on the part of senior leadership. In today’s federal environment, senior leadership cannot ignore activities that inefficiently consume or waste resources. To assure success, management must quickly recognize variances from the plan and nimbly redirect resources in response to changing conditions. Senior leadership must improve its ability to oversee its investments in eCollection activities. Using the standard best practices of performance management will facilitate effective program implementation of the Library’s ongoing and growing acquisition of electronic works. Organizational oversight and controls established through the Library’s strategic and annual planning format, the Library’s budgeting process, the ITSC, and the Library‐wide project management office would provide a comprehensive oversight framework that would prevent ineffective and inefficient project development efforts from falling through the cracks and wasting efforts and dollars. Oversight effectiveness also depends on uniform and reliable information. This must be derived through the central financial management system to assure that all budget funds, development costs, and related variances are consistently reported to each point of management control. Inaccurate, unreliable, and inconsistent investment data will disrupt the Library’s oversight effort. Recommendations Strategic Planning, Leadership, and Governance 1. To become more cost efficient and to ensure that eCollection activities are meeting the Library’s strategic business objectives, the Library needs an overarching, transformative eCollections Strategy for collecting electronic works that does the following: • Groups programs, projects, and other IT work together to facilitate effective portfolio management of activities related to collecting electronic works, including born‐digital works; • identifies the Library’s organizational priorities related to these programs and projects and other IT work, makes investment decisions, and allocates resources accordingly; and • focuses on meeting common requirements that span across the Library’s service units. 2. The Librarian should require the Architecture Review Board to: • Ensure that the eCollections Strategy and related activities are sufficiently addressed in the enterprise architecture’s current or “as‐ is” environment, the target or “to‐be” environment, and the roadmap leading from the “as‐is” to the “to‐be” environment; • sufficiently address and reduce the risk of implementing duplicative, poorly integrated, and unnecessarily costly eCollection activities; and • sufficiently address the need for “robust security” to prevent “loss, alteration, and unauthorized access” footnote 124, of eCollection items. The Office of the Inspector General (OIG) recommended in our 2009 IT report that the Library “implement an enterprise architecture that could be coupled with a strategy and provide a roadmap for implementing technology in the future.” footnote 125. 124 LC21: A Digital Strategy for the Library of Congress, 2000, page 103. 125 Office of the Inspector General, Information Technology Strategic Planning: A Well‐Developed Framework is Essential to Support the Library’s Current and Future IT Needs, Report No. 2008‐PA‐105, March 2009, page 28. 3. To address the void created by turnover in the Chief Information Officer (CIO) position, the lack of an eCollections Strategy, and the current second‐ tier placement of the CIO position within the organization, the Librarian should: • Hire a strategic‐thinking CIO with experience creating digital platforms and duties, responsibilities, and authority consistent with best practices; and • separate the Information Technology Services Directorate and other IT support functions from the Office of Strategic Initiatives to create an Office of Chief Information Officer (OCIO) that reports directly to the Librarian or his immediate leadership team. The OIG recommended in our 2009 IT report that the Library create an OCIO with duties, responsibilities, and authority consistent with best practices that reports directly to the Librarian and his then‐deputy. footnote 126 The recommendation remains open. During the draft of this report, the Librarian advertised the CIO position; the OIG will leave this recommendation open until the CIO is selected. 4. The Librarian should take the following steps to implement better governance and accountability in order to ensure timely implementation of the Librarian’s vision to acquire digital works: • Create a mechanism for the Librarian and his immediate leadership team to receive executive‐level reports on a regular basis on eCollection activities, mandate their review, and take timely action as necessary to ensure that such activities stay in‐line with the Librarian’s vision and with senior leadership’s cost, schedule, and performance expectations; • provide greater clarity on the role of the Executive Committee in monitoring and overseeing cross‐cutting IT programs; and • ensure the Executive Committee’s consistent involvement, support, and oversight of the eDeposit Program and the eSerials Project. OIG is making this recommendation specifically with regard to eCollection activities. In our recent report on ITSC internal controls, management generally agreed to improve IT investment tracking, financial reporting, and senior leadership oversight. footnote 127 5. The Information Technology Steering Committee (ITSC) does not have the necessary data to align information technology goals, objectives, and priorities with the strategic needs and plans of the Library. The Librarian should do the following to correct this: • Direct the Chief Financial Officer (CFO) to provide information on the full universe of IT investments budgeted in each fiscal year for eCollection activities to the ITSC on an on‐going basis, as well as provide actual year‐to‐year costs for budget versus actual comparisons; • require ITSC to formulate approval and monitoring criteria that align with the Library’s organizational priorities as stated in an eCollections Strategy and associated enterprise architecture, as well as with common requirements spanning the Library’s service units for ingesting and protecting electronic works; and • require the chair of the ITSC to report regularly to the Librarian, his designee, and/or the EC about ITSC decisions and oversight issues related to the schedule, cost, and performance of eCollection activities. OIG is making this recommendation specifically with regard to the eCollection activities. In our recent report on ITSC internal controls, management generally agreed to improve the linkage between strategic planning and IT investments and to improve performance management data and reporting. footnote 128 Organizational and Financial Management 6. To improve the organizational and financial management of its eCollection activities, the Librarian needs to require that Service Units: • Adopt and implement library‐wide best practices for standardizing program and project management to increase the likelihood of delivering effective digital transformations on time and on budget; and • collect, track, and use quantitative data demonstrating variances in project delivery and investment targets to inform management oversight and reporting, including budget, planning, and investement decision‐making going forward. This information should be used as part of the the Library’s performance management process. 7. For all technology investments, the Librarian should: • Require service units and sponsors of significant IT investments (regardless of funding source) to complete a business case document that demonstrates how each IT project would meet organizational needs; outlines benefits, estimated costs, and risks, including the results of a cost‐benefit analysis; and establishes a preliminary schedule for implementation; • require the business case document to be submitted to the ITSC for review during an early phase of product development and require the business case to be periodically reviewed and verified by ITSC with respect to the business need(s) being supported; • direct the CFO to develop the capability to fully project, capture, and track the actual costs of IT‐related activities, including payroll costs; and • require the Strategic Planning Office or another unit to develop the capability for the Librarian and his immediate leadership team to monitor significant IT investments across the Library’s various planning, budgeting, program/project management, and financial accounting systems to reveal inefficiencies and ineffectiveness in order to address problems in a timely manner. Appendix A: Objectives, Scope, and Methodology The overall objective of this audit was to evaluate the Library’s efforts to ingest and make available for use born‐digital content. Our specific objectives were to determine whether the eDeposit Program (1) received proper oversight and governance from the Information Technology Steering Committee; (2) had adequate resources and funding to ingest and make available for use born‐digital content; (3) followed project management best practices established by Information Technology Services and industry standards including adequate planning and documenting of milestones, challenges, and lessons learned; and (4) was cost efficient and has taken advantage of partnerships with the private and public sectors to maximize project deliverables. As a project under eDeposit, eSerials fell within the scope of this audit. In conducting the audit, we gave due consideration to the role of the Copyright Office generally within the Library and its specific duties to administer both copyright registration and mandatory deposit. The relationship between copyright registration and mandatory deposit is complex, and was not examined as part of this audit. Our audit fieldwork was conducted from November 2013 to December 2014. During the course of our audit, we interviewed various Library management officials mainly from the Copyright Office, Library Services, the Office of Strategic Initiatives, and select members of the Information Technology Steering Committee. We also interviewed the former Register of Copyrights, who retired from the Library. Subsequent to issuing our draft report , GAO released two audits reports on the Library’s and the Copyright Office’s IT management. footnote 129 During the course of those audits, we collaborated with GAO on the status of our audit findings. GAO’s audits had similar findings relating to IT governance, strategic planning, project management, and leadership. As part of our audit methodology, we reviewed laws and regulations, policies, strategic plans, and other documentation relating to our audit objectives such as project and program management artifacts, committee oversight minutes, and performance management data. Additionally, we reviewed best practices for project and program management from the GAO, academia, and the private sector. We conducted this performance audit in accordance with generally accepted government auditing standards and LCR 211‐6, Functions, Authority, and Responsibility of the Inspector General. These standards require that we plan and perform the audit to obtain sufficient, appropriate evidence to provide a reasonable basis for our findings and conclusions based on our audit objectives. We believe that the evidence obtained provides a reasonable basis for our conclusions based on our audit objectives. Appendix B: Copyright Basics The following offers a more detailed overview of copyright basics. Copyright is a form of protection provided by the laws of the United States (title 17, U. S. Code) to the authors of “original works of authorship,” including literary, dramatic, musical, artistic, and certain other intellectual works. This protection is available to both published and unpublished works. In general, copyright registration, footnote 130 is a legal formality intended to provide a filter for the courts by requiring the Copyright Office to examine whether claims meet the legal and formal requirements for registration, make a public record of basic facts of registrable claims in copyright, and refuse claims which fail to meet the statutory and regulatory requirements. Registration is not a condition of copyright protection, but it has been a part of copyright law since the colonial era and a distinguishing feature of federal law since the first Copyright Act of 1790. Congress enacted several incentives for registration in the 1976 Copyright Act which are still controlling; for example, it is a requirement for enforcement of a copyright owner’s exclusive rights in federal court and for eligibility for statutory damages and attorney’s fees, which as a practical matter may be the only means by which authors can bring an infringement suit. Copyright owners pay fees to the Register for the service of registration, which covers examination of the work for copyrightability, review and documentation of the owner or owners as well as disclaimers as to third party material, and an official certificate issued under the seal of the Copyright Office that may be used in court and transactions to show prima facie evidence of one’s claim and the effective date of registration. Copyright removed registration from the courts in 1870 and centralized it in the Library of Congress, which used the deposits submitted for examination (namely books, maps, charts, and some musical works) to supplement its collection. In 1897, Congress removed registration from the general operations of the Library and placed it in a specialized Copyright Office under the statutorily created position of Register of Copyrights (Register), who to this day works “under the Librarian’s general direction and supervision.” footnote 131 Under this structure, the Librarian Constitutionally sits atop of two separate functions that impact programs like eDeposit: the Library as the agency of the national copyright system and the Library as a library and national collection arm. Accordingly, there are both synergies and separations that must be managed. For example, how best to migrate registration for the 21st century, including the degree to which registration should require a high quality “best edition” deposit, is an evolving focus of the Register, the copyright community, and the Congress. On the other hand, in instances where such deposits are or will be required for registration, the conditions by which the Library may select them for its collection arm will require ongoing attention. As noted below, the Copyright Act has an overarching “best edition” requirement that, absent an exemption, applies generally to registration and mandatory deposit in the case of published works. The “mandatory deposit” provisions were enacted by Congress in 1976 to provide the Library of Congress with a mechanism that is common to national libraries around the world (known globally as “legal deposit”). Under this provision, the owners of copyright or of the exclusive right of publication in a work published in the United States shall deposit, within three months after the date of publication, two complete copies with the Copyright Office. footnote 132 Subject to some important exceptions, the statute requires the “best edition” footnote 133 of the work. The Copyright Office transfers these works to the Library of Congress for its use and disposition. The failure to deposit copies under this provision has no effect on federal copyright protection, and if a publisher fails to comply with a demand from the Register, the only recourse is to request the Department of Justice to bring an action for a fine and the retail or reasonable cost of purchase of the work by the Library of Congress. Moreover, the Register has the statutory authority to exempt categories of material from the mandatory deposit requirement by regulation. Upon their deposit in the Copyright Office under sections 407 and 408, all copies, phonorecords, and identifying material, including those deposited in connection with claims that have been refused registration, are the property of the United States government. footnote 134 In the case of published works, all copies, phonorecords, and identifying material deposited are available to the Library of Congress for its collections, or for exchange or transfer to any other library. footnote 135 Many of the Library’s works by American authors and creators are collected under provisions of the copyright law. If a work is submitted for copyright registration, the Library may select that work for its collections. If it is not submitted for registration, the Register may alternatively demand copies of that published work through the mandatory deposit provision. footnote 136 The Library wants, and the Register demands, a small subset of all published works. The Copyright Office encourages copyright owners to register when their works are subject to demand. The degree to which the provisions should continue to work together or require best edition copies is the focus of ongoing policy discussions. Effective February 24, 2010, the Copyright Office promulgated an interim regulation governing mandatory deposit of online serials published in the United States and available only online. Online‐only works had previously been exempted from mandatory deposit, largely because of a decades‐long accommodation relating to so‐called “machine‐readable” formats under the 1976 Act. The interim rule makes online‐only eSerials subject to mandatory deposit if the Copyright Office issues a demand for deposit of particular titles of such works. Appendix C: Timeline of Key eDeposit Related Milestones Appendix D: Management Response LI B RA RY O F CONG RES S DATE A pril 14, 2015 TO Kurt W. Hyde, Inspector General FROM David S. Mao, Deputy Librarian of Congress SUBJECT Audit No. 2014-PA-101- eDeposit and eCollections Strategy - Management Comments on Draft Report Thank you for the opportu n i ty to com ment on the d raft report for Audit No . 2014-PA-101, The Library Needs to Determine an eDeposit and eCollections Strategy. Below please find management commentson the recommendations in the report. Strategic Planning, Leadership, and Governance Issues Recommendations 1. To become more cost eff icie n t a nd to ensure tha t eCollecti on activities are m eet i n g the Li b ra ry's strategic bu si ness objecti ves, the Library needs an overarchi ng, transforma ti ve eCollections Strategy for collecting electron ic works tha t does the followi ng: • G rou ps progra ms, projects and ot her IT [informa t ion technology ] work together to faci li tate effecti ve portfo li o ma na gement of act ivities rela ted to collecti ng electronic works, incl udi ng born-d igi tal works. • Iden ti fies the Li bra ry's organiza ti ona l priorit i es rel a ted to these programs and projects and other IT work, makes investment decisions, and allocates resources accordingly. • Focu ses on meeti ng corn mon req u i rem en ts t ha t spa n across the Library's service unit s. Manage m en t Commen t: The Libra ry Clgrees with th ese recom menda t i on s. A n overn rchi ng eCol lections Strategy wi l l be grou nded i n and deve l oped i n conj u nct ion wi th the Libra ry's broader collection pol i cy. The eCollections Strategy will be reflected in the Libra ry Strategic Plan which, in tum, will drive the Library IT Strategic Plan. 2. The Librarian should require the Architecture Review Board to: • Ensu re that the eCollections Strategy and related activities are sufficiently addressed in the enterprise architecture' s current or "as-is" environment, the target or "to-be" environment, and the roadmap leading from the "as-is" to the "to-be" environment. • Sufficiently add ress and reduce the risk of implementing duplicative, poorly integrated, and unnecessarily costly eCollection activities. • Sufficiently add ress the needs for "robust secu rity" to prevent "loss, alteration, and unauthorized access" of eCollection items. Management Comment: The Library agrees with these recommendations. The Libra ry will finalize and validate the existing d raf t enterprise architectu re (EA) by September 2015. Beginning in FY2016, the Libra ry will implement an EA improvement plan -describing the target state of our EA and identifying steps to transition to the ta rget. A senior IT manager has been assigned to coordinate the EA effort. During FY2016, the Library will identify potentially duplicative eCollections activities for future review. Both through the EA work and by updating IT security Library-wide (as required in the Libra ry IT Strategic Plan) the Library will add ress the need to secure eCollection materials 3. To address the void created by turnover in the Chief Information Officer (CIO) position, the lack of an eCollections Strategy, and the current second-tier placement of the CIO position within the organization, the Librarian should: • Hire a strategic-thinking CIO with experience creating digital platforms and duties, responsibilities, and authority consistent with best practices. • Separate the Information Technology Services Di rectorate and other IT support functions from the Office of Strategic Initiatives to create an Office of the Chief Information Officer (OCIO) that reports directly to the Librarian or his immediate executive. Management Comment: The Library agrees with these recommendations. The Library is currently conducting a national search for a permanent CIO, who is expected to be in place by the end of FY2015 (if not sooner). The CIO will be a member of the Library's Executive Committee. The Libra ry plans to establish an OCIO separate from any programmatic service unit. 4. The Librarian should take steps to implement better governance and accountability in order to ensure timely implementation of the Librarian's vision to acquire digital works: • Crea te a mechanism for the Librarian and his immediate leadership team to receive executive-level reports on a regula r basis on eCollection activities, mandate their review, and take timely action as necessary to ensure that such activities stay in-line with the Librarian's vision and with senior leadership's cost, schedule, and performance expectations. • Provide greater clarity on the role of the Executive Committee in monitoring and overseeing cross-cutting IT progra ms. • Ensu re the Executive Committee's consistent involvement, support, and oversight of the eDeposit Program and the eSerials Project. Management Comment: The Library agrees with these recommendations. By September 2015, the Library will update its regulations and directives to clarify the Libra ry's IT governance structure, reporting responsibilities, and the roles of the Executive Committee. 5. The Information Technology Steering Committee (ITSC) does not have the necessary data to align information technology goals, objectives, and priorities with the strategic needs and plans of the Library. The Librarian should do the following to correct this: • Direct the Chief Financial Officer (CFO) to provide information on the full universe of IT investments budgeted in each fiscal year for eCollections activities to the ITSC on an on-going basis, as well as provide actual year-to-yea r costs for budget versus actual compa risons. • Require ITSC to formulate approval and monitoring criteria that align with the Libra ry's organizational priorities as stated in an eCollections Strategy and associated enterprise architecture, as well as with common requirements spanning the Library's service uni ts for ingesting and protecting electronic works. • Require the chair of the ITSC to report regularly to the Libra rian, his designee, and/or the EC about ITSC decisions and oversight issues related to the schedule, cost, and performance of eCollection activities. Management Comment: The Library agrees with these recommendations. During FY2016, the Library will develop policies and implement the management disciplines of costing, scheduling and risk management for our IT activities, including eCollections. Organizational and Financial Management Issues Recommendations 6. To improve the organizational and financial management of its eCollection activities, the Librarian needs to require that Service Units: • Adopt and implement Library-wide best practices for standardizing program and project management to increase the likelihood of delivering effective digital transformations on time and on budget. • Collect, track, and use quantitative data demonstrating va riances in project delivery and investment targets to inform management oversight and reporting, including budget, planning, and investment decision-making going forward. This information should be used as part of the Library's performance management process. Management Comment: The Library agrees with these recommendations. The Library IT Strategic Plan calls for the establishment of a Project Management Office. During FY2016, the Library will develop policies and implement the management disciplines of costing, scheduling and risk management for our IT activities, including eCollections. 7. For all technology investments, the Librarian should: • Require service W1its and sponsors of significant IT investments (rega rdless of funding source) to complete a business case document that demonstrates how each IT project would meet organizational needs;outlines benefits, estimated costs, and risks, including the results of a cost-benefit analysis; and establishes a preliminary schedule for implementa tion. • Require the business case document to be submitted to the ITSC for review during an early phase of product development and require the business case to be periodically reviewed and verified by ITSC with respect to the business need(s) being supported. • Direct the CFO to develop the capability to fully project, capture, and track the actual costs of IT-related activities, including payroll costs. • Require the Strategic Planning Office or another unit to develop the capability for the Librarian and his immediate leadership team to monitor significant IT investments across the Libra ry's va rious planning, budgeting, program/project management, and financial accounting systems to reveal inefficiencies and ineffectiveness in order to add ress problems in a timely manner. Management Comment: The Library agrees with these recommendations. In accordance with the Library IT Strategic Plan, the Library will update its IT governance process to be clear about requirements for business case documentation that add resses goals, benefits, risks, costs, and scheduling. OCFO is currently developing a system (with input from the ITSC and the Office of the Inspector General) that will be able to provide appropriate cost and variance reporting for the ITSC and Library management. In conjunction with this effort, the CFO and Director of HRS will jointly develop the capability to project, capture, and track the actual costs of IT­ related activities, including payroll costs. For FY2016, the Libra ry will implement a uniform method for service units to classify IT expenditures in the central financial system. This data will inform the Libra ry's IT strategic planning and eCollections planning and the links between planning, budgeting for FY2017, and risk management. Please let me know if you have any questions or would like to discuss this report. cc: Robert R. Newlen, Chief of Staff Maria Pallante, Register of Copyrights Ma rk Sweeney, Associate Librarian for Library Services Elizabeth Scheffler, Interim Chief Information Officer Mary Klutts, Chief Financial Officer Elizabeth Pugh, General Counsel Nicole L. Marcou, Administrative Coordinator; OIG Audit Liaison Footnotes in OIG Executive Summary 1. LC21: A Digital Strategy for the Library of Congress, 2000, page 97. 2. Copyright registration is a legal formality intended to make a public record of the basic facts of a particular copyright. See 17 U.S.C. 408-Copyright registration in general. 3. Under the mandatory deposit provision, the owners of copyright or of the exclusive right of publication in a work published in the United States shall deposit, within three months after the date of publication, two complete copies with the Copyright Office. See 17 U.S.C. 407- Deposit of copies of phonorecords for Library of Congress. 4. eDeposit Program Charter, Version 1.1, March 30, 2010, page 3. 5. The term eCollection as used in this report refers to a collection of digital material available online only, such as the Library’s collection of electronic serials. In response to this report, the Library agreed with OIG’s recommendation to develop an overarching, transformative eCollections Strategy. This would represent the Library’s strategy for building its eCollections of electronic serials, digital software, video games, digital music, etc. as appropriate. 6. GAO, Information Technology Investment Management – A Framework for Assessing and Improving Process Maturing, GAO-04-394G, page 37. 7. Report no. 2014-IT-101, Report for Design of Library-wide Internal Controls for Tracking Information Technology Investments (March 2015). Footnotes in HP Report 8. 17 U.S.C. 408‐Copyright registration in general. 9. 17 U.S.C. 701(a)‐The Copyright Office: General responsibilities and organization. 10. 17 U.S.C. 407‐Deposit of copies or phonorecords for Library of Congress. 11. The best edition of a work is the edition, published in the U.S. at any time before the date of deposit, that the Library of Congress determines to be the most suitable for its purposes. A “published” edition is an edition that has been distributed to the public. 12. 17 U.S.C. 704(a). 13. 17 U.S.C. 704(b). According to the Copyright Office, the application of this provision to digital deposits presents important policy questions that were not contemplated when the law was enacted 40 years ago. After the Copyright Act of 1976 became law, a regulation was crafted that exempted online‐only works from mandatory deposit, largely because of a decades‐long accommodation relating to so‐called “machine‐ readable” formats under the 1976 Act. This was long before the Library had the capacity to ingest or maintain digital collections and before electronic works were as ubiquitous as they are today. Effective February 24, 2010, as discussed in more detail later in this report, the Copyright Office promulgated an interim regulation making electronic serials that have no physical counterparts subject to mandatory deposit, which made such works available for addition to the Library’s collection. See 75 Federal Register 3863 – Mandatory Deposit of Published Electronic Works Available Only Online. 14. LC21: A Digital Strategy for the Library of Congress, 2000, page 1. 15. Ibid., pages 2‐3. 16. LC21 defines born‐digital works as materials created in electronic form that have no corresponding print form or, if they have a print form, they possess significant individuality in electronic form. 17. LC21: A Digital Strategy for the Library of Congress, 2000, page 4. 18. Ibid., page 2. 19. Ibid., page 103. 20. The FY01‐05 Plan defines born‐digital works as materials available only in digital form. 21. The National Online Library – A Five‐Year Plan for the Digital Future at the Library of Congress, pages 3‐4. 22. Based on the Office of the Inspector General’s analysis, the term “copyright deposit” could refer to either copyright registration (section 408) or mandatory deposit (section 407). 23. The National Online Library – A Five‐Year Plan for the Digital Future at the Library of Congress, page 6. 24. Ibid., page 11. 25. The purpose of the FY01‐05 Plan was to define activities related to expanding the collection of the national library. Based on the Office of the Inspector General’s analysis, these activities did not relate to performing responsibilities as overseer of the Copyright Office. 26 The National Digital Library (NDL) Program was a public‐private partnership created to digitize American history and cultural materials and make them accessible. 27 The National Online Library – A Five‐Year Plan for the Digital Future at the Library of Congress, page 12. 28 74 Federal Register 34286 — Manadatory Deposit of Published Electronic Works Available Only Online. 29 75 Federal Register 3863 — Mandatory Deposit of Published Electronic Works Available Only Online. 30 Librarian’s Management Agenda Memorandum, July 10, 2009, page 7. 31 eDeposit Program Charter, Version 1.1, March 30, 2010, page 3. 32 Ibid. 33 A program is a group of related projects that support a common goal. In this case, the eDeposit Program would involve a group of related projects designed to acquire different kinds of born‐digital copyright deposits, both through mandatory deposits and registration deposits. 34 eDeposit Program Charter, Version 1.1, March 30, 2010, page 4. 35 Ibid., page 3. 36 In 2009, four cross‐service‐unit groups were formed to analyze the regulatory and technological requirements needed to implement Task 4 of the Librarian’s Management Agenda. 37 eDeposit Program Charter, Version 1.1, March 30, 2010, page 4. 38 Ibid. 39 Ibid., page 3. 40 Ibid., page 5. 41 eDeposit for eSerials Project Charter, Version 3.0, April 15, 2011, page 3. 42 Ibid., page 8. 43 The charter specifically refers to a program management office and not a project management office. 44 eDeposit for eSerials Project Charter, Version 3.0, April 15, 2011, page 5. 45 The Executive Committee is one of the Library’s governing bodies. It is composed of the heads of each of the Library’s service units and is chaired by the Librarian. 46 eDeposit Program Charter, Version 1.1, March 30, 2010, page 3. 47 eDeposit for eSerials Project Charter, Version 3.0, April 15, 2011, page 4. 48 Ibid. 49 Ibid. 50 Ibid., page 4. 51 eDeposit for eSerials Project Charter, Version 3.0, April 15, 2011, page 3. 52 The term eCollection as used in this report refers to a collection of digital material available online only, such as the Library’s collection of electronic serials. The eCollections Strategy would be the Library’s strategy for building its collections of electronic serials, digital software, video games, digital music, etc. as appropriate. 53 Leading Digital by George Westerman, Didier Bonnet, and Andrew McAfee (Boston: Harvard Business Review Press, 2014), page 232, defines a digital platform as a coherent set of business processes—including supporting infrastructure, applications, and data—intended to ensure the quality and predictability of core transactions. 54 The National Online Library – A Five‐Year Plan for the Digital Future at the Library of Congress, page 11. 55 Ibid., page 12. 56 Ibid. 57 Library Services: DC3 Digital Acquisitions and Content Management Survey Report, October 28, 2014, pages 3‐4. 58 Ibid., page 3. 59 Ibid., page 16. 60 Ibid. 61 Ibid., page 17. 62 The National Online Library – A Five‐Year Plan for the Digital Future at the Library of Congress, page 4. 63 Ibid., page 3. 64 Library Services: DC3 Digital Acquisitions and Content Management Survey Report, October 28, 2014, page 16. 65 LC21: A Digital Strategy for the Library of Congress, 2000, page 7. 66 Ibid. 67 The agreements allow the Library to gain access to all the eSerials titles (and in the case of De Gruyter, the eBook titles as well) that are available via the publishers’ websites in exchange for the publishers being allowed to deposit (in response to mandatory demands) electronic files in lieu of paper copies of serials and books available in print and electronically. 68 Gartner Consulting assisted the Library with performing an analysis of the Library’s IRM. The IRM Plan Version 1.0 was issued on February 19, 2010. Soon thereafter the Library issued a reference to the IRM Plan, entitled the Information Resource Management Reference Report Version 1.1 dated February 24, 2010. 69 eDeposit Program Charter, Version 1.1, March 30, 2010, page 4. 70 GAO, Information Technology Investment Management – A Framework for Assessing and Improving Process Maturity, GAO‐04‐394G, March 2004, Version 1.1, page 6. 71 GAO, Organizational Transformation – A Framework for Assessing and Improving Enterprise Architecture Management, GAO‐10‐846G, August 2010, Version 2.0, highlights page. 72 Office of the Inspector General, Information Technology Strategic Planning: A Well‐Developed Framework is Essential to Support the Library’s Current and Future IT Needs, Report No. 2008‐PA‐105, March 2009, page 25. 73 Ibid., page 28. 74 George Westerman, Didier Bonnet, and Andrew McAfee, Leading Digital (Boston: Harvard Business Review Press, 2014), page 232. 75 Ibid. 76 Ibid. 77 Peter Weill and Jeanne W. Ross, IT Savvy – What Top Executives Must Know to Go from Pain to Gain (Boston: Harvard Business Press, 2009), page ix. 78 LCR 1600, Section 8.A.2.a. 79 Ibid., Section 8.A.2.b. 80 Ibid., Section 8.A.2.e. 81 LC21: A Digital Strategy for the Library of Congress, 2000, page 94. 82 Ibid., page 103. 83 The current Register was Acting from January 1, 2011 until May 31, 2011. 84 “The New Generation Copyright Office: What It Means and Why It Matters,” by Maria Pallante, November 20, 2013, at the George Washington University Law School, page 227. 85 House Judiciary Committee, Subcommittee on Courts, Intellectual Property, and the Internet on September 18, 2014. 86 Ibid., Hearing PDF (Serial No. 113‐116), page 44. 87 eDeposit Program Charter, Version 1.1, March 30, 2010, page 3. 88 GAO, Information Technology: Critical Factors Underlying Successful Major Acquisitions, GAO‐12‐7, October 2011, page 25. 89 IRM Plan Version 1.0, February 19, 2010, page 7. 90 George Westerman, Didier Bonnet, and Andrew McAfee, Leading Digital (Boston: Harvard Business Review Press, 2014), page 169. 91 Office of the Inspector General, Information Technology Strategic Planning: A Well‐Developed Framework is Essential to Support the Library’s Current and Future IT Needs, Report No. 2008‐PA‐105, March 2009, page 23. 92 Ibid. 93 Ibid., page 24. 94 GAO, Information Technology: Critical Factors Underlying Successful Major Acquisitions, GAO‐12‐7, October 2011, page 23. 95 IRM Plan Version 1.0, February 19, 2010, page 14. 96 LCR 1600, Section 5.B.3. 97 Ibid., Section 4.B. 98 OIG reviewed records dated early February 2005 through early August 2014. The records were obtained from the then‐Deputy Librarian’s Office. OIG started with February 2005 to capture the EC’s “monitoring and directing” activities that occurred early on. The eDeposit program charter was approved in March 2010 and the eSerials project charter was approved in April 2011. 99 George Westerman, Didier Bonnet, and Andrew McAfee, Leading Digital (Boston: Harvard Business Review Press, 2014), page 14. 100 Ibid., page 232. 101 Peter Weill and Jeanne W. Ross, IT Savvy – What Top Executives Must Know to Go from Pain to Gain (Boston: Harvard Business Press, 2009), page 141. 102 LCR 1600, Section 6.B. 103 Ibid., Section 7.A.1. 104 Ibid., Section 4.C. 105 OSI reported to OIG that it had spent approximately $3.3 million on eDeposit since March 2006. 106 Ten of the project components were assigned completion dates, but two were not. 107 LCR 1600, Section 6.B. 108 LCR 1600, Section 3 defines an “ITIM Control Reportʺ as an oral or written report provided to the ITSC as part of the ITIM process for the purpose of ensuring that a project is on course for appropriate execution of the IT investment. An ʺITIM Evaluate Reportʺ is an oral or written report provided to the ITSC as part of the ITIM process for the purpose of evaluating whether a project achieved the intended benefits. 109 LCR 1600, Section 6.B.3.e. ITIMPO refers to ITSC’s Information Technology Investment Management Portfolio Officer. 110 Ibid., Section 5.B.3. 111 Ibid., Section 6.B.1. 112 OIG reviewed records dated early February 2005 through early August 2014. OIG started with February 2005 to capture the EC’s “monitoring and directing” activities that occurred early on. The eDeposit program charter was approved in March 2010 and the eSerials project charter was approved in April 2011. 113 Library of Congress Strategic Plan, Fiscal Years 2011‐2016, page 24. 114 Ibid., page 25. 115 The Project Management Institute is a leading not‐for‐profit professional membership association for the project, program, and portfolio management profession. It publishes A Guide to the Project Management Body of Knowledge (PMBOK® Guide), a recognized standard for project management as well as program and portfolio standards. 116 GAO, Assessing Risks and Returns: A Guide for Evaluating Federal Agencies’ IT Investment Decision‐making, GAO/AIMD‐10.1.13, February 1997, pages 26 and 41. 117 GAO, Information Technology Investment Management – A Framework for Assessing and Improving Process Maturing, GAO‐04‐394G, March 2004, page 40. 118 Office of Management and Budget, OMB Circular A‐11, Preparation, Submission and Execution of the Budget, Appendix J, Principles of Budgeting for Capital Asset Acquisitions, July 2014. 119 Ibid. 120 Appendix J of OMB Circular A‐11 defines earned value management as a management tool used to mitigate risks in developing capital assets. 121 Office of the Inspector General, Information Technology Strategic Planning: A Well‐Developed Framework is Essential to Support the Library’s Current and Future IT Needs, Report No. 2008‐PA‐105, March 2009, Recommendation 2.C, page 21. 122 Ibid., Recommendation 2.E, page 21. 123 GAO, Information Technology Investment Management – A Framework for Assessing and Improving Process Maturing, GAO‐04‐394G, page 37. 124 LC21: A Digital Strategy for the Library of Congress, 2000, page 103. 125 Office of the Inspector General, Information Technology Strategic Planning: A Well‐Developed Framework is Essential to Support the Library’s Current and Future IT Needs, Report No. 2008‐PA‐105, March 2009, page 28. 126 Ibid, page 24. 127 Office of the Inspector General, Design of Library‐wide Internal Controls for Tracking Information Technology Investments, Report No. 2014‐IT‐101, March 2015. 128 Ibid. 129 GAO, Library of Comgress: Strong Leadership Needed to Address Serious Information Technology Management Weaknesses, GAO‐15‐315 (March 31, 2015) and Information Technology: Copyright Office Needs to Develop Plans that Address Technical and Organizational Challenges, GAO‐15‐338 (March 31, 2015). 130 17 U.S.C. 408‐Copyright registration in general. 131 17 U.S.C. 701(a)‐The Copyright Office: General responsibilities and organization. 132 17 U.S.C. 407‐Deposit of copies or phonorecords for Library of Congress. 133 The best edition of a work is the edition, published in the U.S. at any time before the date of deposit, that the Library of Congress determines to be the most suitable for its purposes. A “published” edition is an edition that has been distributed to the public. This latter point becomes significant in the digital environment with respect to precisely what may be demanded. 134 17 U.S.C. 704(a) (meaning that such physical copies are non‐returnable). 135 17 U.S.C. 704(b) According to the Copyright Office, the application of this provision to digital deposits presents important policy questions that were not contemplated when the law was enacted 40 years ago. 136 Library of Congress Strategic Plan Fiscal Years 2011‐2016. However the primary sources of the Library’s collections come from gifts and acquisitions.