Skip to main content

Semi Annual Report September 2016 - Annual Reports

This is the accessible text file for the semiannual report issued by the Library of Congress Office of the Inspector General (OIG) in September 2016.

This semiannual period was momentous in that Dr. Carla Hayden was sworn in as the 14th Librarian of Congress. The Office of the Inspector General (OIG) welcomes her and is eager to help the Library achieve its objectives by promoting efficiency and effectiveness and rooting out fraud, waste, abuse, and mismanagement. To this end, we continue to identify "top management challenges" that are outlined starting on page five. The challenge areas include strategic planning and performance management, digital services and collections, information technology infrastructure, collections storage, and contracting.

During this semiannual period, we issued several reports. We reported that the Prints and Photographs (P&P) Division effectively tracks its materials but needs to assess the risks associated with its growing quantity of material not fully processed. OIG determined that at the time of our fieldwork the P&P Division needed approximately 40-60 years to eliminate its backlog of materials that are not fully processed, which has grown over time. Such materials pose a greater risk of theft, damage, and loss because unprocessed materials lack adequate bibliographic, inventory, and security controls. OIG also issued a report on an assessment of the Library's Tier 1 Systems, which are information technology systems needing recovery within a 24-hour period. The review included 27 recommendations that were all agreed upon by Library management. The report was not issued publicly because of its sensitive content. Other reports made recommendations to improve operations in the Library's field offices in Cairo, Egypt and New Delhi, India.

The Library implemented eight of our recommendations from prior semiannual periods. Six of the recommendations are not identified here because they were in reports that were not released publicly. Our publicly released reports are available online at www.loc.gov/about/oig.

Kurt W. Hyde
Inspector General

Table of Contents

  • Profiles
  • Top Management Challenges
  • Strategic Planning and Performance Management
  • Digital Services and Collections
  • Information Technology Infrastructure
  • Collections Storage
  • Contracting
  • Audits, Surveys, and Reviews
  • Other OIG Audit Activities
  • Review of Legislation and Regulations
  • Investigations
  • Unimplemented Recommendations
  • Implemented and Closed Recommendations
  • Funds Questioned or Put to Better Use
  • Instances Where Information or Assistance Requests Were Refused
  • Status of Recommendations without Management Decisions
  • Significant Revised Management Decisions
  • Significant Management Decisions with Which OIG Disagrees
  • Follow-Up on Prior Period Recommendations
  • Hotline Information

Profiles

Library of Congress

The Library is the research and information arm of the United States' national legislature and the world's largest storehouse of knowledge. The Library's mission is to provide Congress, the federal government, and the American people with a rich, diverse, and enduring source of knowledge that can be relied upon to inform, inspire, and engage them, and support their intellectual and creative endeavors. This mission is accomplished through the work of approximately 3,100 permanent employees.

On September 14, 2016, Dr. Carla Hayden, longtime chief executive of the Enoch Pratt Free Library system in Baltimore and a former president of the American Library Association, was sworn in as the 14th Librarian of Congress by Chief Justice of the United States John Roberts, Jr. She took the oath on a Bible, held by her mother, Colleen Hayden, which had been used by Presidents Abraham Lincoln and Barack Obama to take their oaths of office.

Profiles

The Library has six primary components:

  • The Office of the Librarian
  • Library Services
  • The U.S. Copyright Office
  • The Congressional Research Service
  • The Law Library
  • National & International Outreach

The Office of the Librarian provides leadership and executive management to the Library, overseeing the implementation of the Library's mission. It includes the Office of the Chief of Staff and the Office of the Chief Operating Officer.

Library Services performs the traditional functions of a national library: acquisitions, cataloging, preservation, and reference services for both digital and conventional collections. It operates the National Audio-Visual Conservation Center and the American Folklife Center, among other programs.

The U.S. Copyright Office administers the nation's copyright laws for the advancement of the public good; offers services and support to authors and users of creative works; and provides expert impartial assistance to Congress, the courts, and executive branch agencies on questions of copyright law and policy.

The Congressional Research Service supports the legislative process by providing, exclusively to Congress, objective, confidential, and nonpartisan assessments of public policy issues and legislative options for addressing those issues.

The Law Library assists Congress and the legislative process by providing comprehensive research on foreign, comparative, international, and U.S. law, and other legal reference services.

National & International Outreach manages and develops programs that have a national scope, such as the National Library Service for the Blind and Physically Handicapped; those that operate as cost recovery services; and those that foster access to the Library's collections for research, teaching, and visitor education.

In fiscal year (FY) 2015, the Library

  • responded to more than 1 million reference requests from Congress, the public, and other federal agencies;
  • circulated approximately 22 million copies of Braille and recorded books and magazines to more than 862,000 blind and physically handicapped reader accounts;
  • registered over 443,000 copyright claims; and
  • preserved more than 9 million items from the Library's collection.

Office of the Inspector General

The Library's Office of the Inspector General (OIG) was established in 1988 as a non-statutory office deriving its authority from the Librarian of Congress. OIG became statutory with the passage of The Library of Congress Inspector General Act of 2005 (2 U.S.C. � 185), with a mandate to

  • independently conduct and supervise audits and investigations of fraud, waste, and abuse relating to the Library;
  • lead, coordinate, and recommend policies to promote economy, efficiency, and effectiveness; and
  • keep the Librarian of Congress and the Congress fully and currently informed about problems and deficiencies relating to the administration and operations of the Library.

The Inspector General is a member of the Council of the Inspectors General on Integrity and Efficiency, a unified council of all federal statutory Inspectors General. This Semiannual Report to the Congress is part of OIG's statutory reporting requirements and is organized to address the major functions of the office, including

  • significant audits, investigations, and other activities of the OIG;
  • review of legislation and regulations affecting the Library; and
  • Library decisions on OIG recommendations and the status of implementation, along with any resulting monetary benefits. The Audits Division conducts in-depth reviews that address the efficiency, effectiveness, and economy of the Library's programs, activities, and functions; provides information to responsible parties to improve public accountability; facilitates oversight and decision-making; and initiates corrective action as needed.

The Audits Division also contracts with an independent accounting firm that examines whether financial statements fairly present financial positions, results of operations, and budgetary resources. The firm also assesses whether the Library and other entities have adequate financial reporting internal control systems that comply with applicable laws and regulations.

The Investigations Division addresses alleged or suspected wrongdoing by agency employees, contractors, or others responsible for handling federal resources. Violations of Library regulations or fraud committed against the Library can result in administrative sanctions and criminal or civil prosecution.

Contact information for the OIG Hotline is located on the inside back cover of this report.

OIG reports are available at www.loc.gov/about/oig.

Top Management Challenges

This section provides a summary of issues OIG has identified as posing significant challenges for the Library.

STRATEGIC PLANNING AND PERFORMANCE MANAGEMENT

This area has been an on-going top management challenge and many of the Library's current management challenges flow from the lack of proper strategic planning and performance management. Over the years, the Library has struggled to develop and implement a robust strategic plan. The current Library-wide strategic plan for FYs 2016-2020 was created to be a "living" plan, intended to guide the Library during a time of leadership transition while setting the expectation for review and revision of the plan once a new Librarian arrived.

OIG reported in our previous semiannual report on the progress made with regard to the strategic plan. The Library has conducted follow-up sessions with managers and staff about the Library-wide strategic plan for FYs 2016-2020 and launched a new electronic system for tracking and reporting on annual performance goals and metrics. The Library has also embarked on initiatives to analyze and redesign its planning framework and to design an integrated enterprise-wide risk management framework, in keeping with the recently updated Office of Management and Budget Circular A-123. Both of these new frameworks will be piloted and improved upon in FY 2017 for Library-wide launch in FY 2018.

With Dr. Hayden's arrival, the Library now has the opportunity to take a stronger governance approach. It needs a new, more robust strategic plan, a more disciplined focus on measuring progress, and a cohesive leadership team driving the plan's execution. The Library must also ensure that the integrated enterprise-wide risk management framework currently under development and the Library's eff orts to strengthen performance management result in an improved institutional capacity to plan more strategically, identify and react more expediently to risks, and maintain greater focus on achieving desired results.

Finally, the Library's strategic planning and performance management efforts should do more to address its customer experience. There is no comprehensive data on customers' needs, feedback, and experience nor any effort to collect such data on an on-going basis. The revised strategic plan should more deeply identify and address the Library's current and desired customers. The Library must define the intended customer experience and develop strategies to better understand its customers by obtaining Top Management Challenges comprehensive and reliable customer satisfaction data. Having identified the intended customer experience, the Library must then create a customer measurement framework to measure performance and to identify the required adjustments needed to improve customer services and related service unit performance.

DIGITAL SERVICES AND COLLECTIONS

The Library has taken steps in the digital area but more needs to be done to ensure that the Library meets its business objectives and customer needs. Because of the pace of digital innovation, senior management must act on many fronts in order to execute a timely digital transformation that will enable the Library to play a leadership role in this area.

The Library must change its paradigm with regard to the Chief Information Officer (CIO). It is not sufficient for the CIO to be simply an information technology (IT) service provider—receiving requirements and delivering IT support. This operational role is, of course, critical and presents the management challenges described in the next section. However, to transform the agency for the digital age, the CIO must become a strategic partner with Library service units, working together to collect and manage digital content, automate internal processes, and deliver service electronically to the public, researchers, the copyright community, and Congress.

To realize this e-government goal, the Library needs an organization-wide, interdependent strategy for digital-related activities. The goal of creating this digital strategy is missing from the current Library-wide strategic plan and the IT strategic plan, both of which are for FYs 2016-2020.footnote #1 Several units are creating digital strategies and requesting resources, but these strategies are not part of an organization-wide plan and do not address the technical capacity of the Office of the Chief Information Officer (OCIO) to collect, store, and provide access to the material. Considering that to perform these functions would require extensive knowledge of technology planning and significant information technology investment, the CIO must play a central role in creating an organization-wide digital strategy for the Library to realize success of any digital collections strategy.

While collection development policy—deciding which content should be added to the Library collection for use now and in the future—is the professional responsibility of the service units, it cannot be successful without the CIO. By way of analogy, the Library partners with the Architect of the Capitol in planning, designing, constructing, maintaining, and upgrading storage facilities. Th e Library units responsible for collections must develop a similar partnership with the CIO that involves the CIO at all stages of the collection life cycle.

The Administration recognizes the need for a cohesive, organization-wide approach to addressing digital-related activities as outlined in its Digital Government: Building a 21st Century Platform to Better Serve the American People.footnote #2 Digital Government states that agencies should operationalize an information-centric model using systems architected for interoperability that deliver device-agnostic digital services. Traditionally, the government has architected systems for specific uses, such as websites that are built with webpages sized specifically for computer screens and, to serve mobile audiences, agencies would then build an entirely new mobile site. In contrast, an information-centric model would decouple information from its presentation. This fundamental shift would involve transitioning to managing pieces of data that can be tagged, secured, and presented in a way that consumers would find useful. If done right, this approach would add value to an agency's services by helping to make digital information widely available through a variety of formats.

To make the most of limited resources, Digital Government also advocates for a "shared platform" approach that involves looking first to using a shared platform and existing infrastructure when developing new projects, rather than procuring new infrastructure and systems for each new project. This should accelerate the adoption of new technologies, lower costs, and reduce duplication. Throughout the process of creating and managing digital information and organizing how to present it, Digital Government underscores the need to focus eff orts on meeting customers' needs. This would require developing an understanding of customer needs and coordinating across the agency to ensure that digital information is broadly made available and accessible. The building effort must also be done in a safe and secure, yet transparent and accountable manner.

Without change, the Library's approach, with different areas of the Library acting in divergent ways and involving the CIO after decisions have been made, will likely result in limited and inconsistent progress and put the Library's relevance in the digital world at risk. At its simplest, having an organization-wide plan and a partnership approach reduces the likelihood of inefficient redundancies and wasted resources. At best, a shared vision can facilitate projects to serve as incubators for general solutions, enable learning from shared experience, and create synergies working toward a shared goal.

INFORMATION TECHNOLOGY INFRASTRUCTURE

During FY 2016, Library management embarked on a new era in its approach to IT management and governance. With Dr. Hayden at the helm, Library management has the opportunity to solidify its IT strategic direction and accelerate the pace of improvements initiated during FY 2016 under the direction of the Library's Acting Librarian and new CIO.

Over the past decade and a half, multiple audits by the Government Accountability Office and OIG revealed strategic and operational weaknesses that have negatively affected the delivery of Library services.footnote #3 The absence of a strategic IT vision resulted in substandard accountability for IT investments, poor IT governance, and an absence of IT best practices. The consequences of those systemic weaknesses left the Library's programs inadequately supported in accomplishing their missions. In an effort to compensate, service units disengaged and attempted to develop their own solutions. In doing so, the Library experienced inefficiencies in its IT operations and investments along with an erosion of its IT organizational authority.

Going forward, the Library must integrate into its Library-wide strategic plan the framework of a fully developed IT strategic plan. This will provide the essential building blocks necessary to achieve the desired state-of-the-art technology infrastructure and best practices. Otherwise, the Library risks not meeting its strategic goals. Those building blocks include

  • refocusing the OCIO towards a customer-driven unit with performance goals and measurements that provide OCIO leadership with flexibility and data for performance remediation;
  • installing OCIO monitoring systems that provide early warning data to OCIO leadership;
  • developing improved investment planning and decision-making that interfaces with the Library's planning and budgeting life cycle;
  • instilling a commitment to employ information technology best practices and establish accountability for best practices shortfalls;
  • developing an effective enterprise architecture process that guides the Library to a desired target state of a more robust infrastructure and efficient shared services;
  • supporting the Library in its digital collections strategy with technology solutions that ensure the preservation, security, and accessibility of its digital material;
  • coordinating a risk-based approach for IT security complemented by robust asset protection and disaster recovery programs; and
  • investing in human capital through hiring and maintaining highly qualified technology staff and managers and providing ongoing professional training.

OIG continues to maintain that the organizational positioning of the CIO is an essential element for the Library to accomplish its IT strategic goals. Federal agency best practices (statutorily mandated in executive branch agencies) call for the CIO to report to the agency head or their deputy. This practice recognizes the importance of positioning the CIO at the highest level of agency management and provides the CIO with the authority to direct the agency's technology vision for the future. Positioning the CIO otherwise contradicts best practices.

During this semiannual period, under the direction of the new CIO, OCIO

  • established metrics for the new IT strategic plan's annual goals to measure improvements, evaluate performance, and derive corrective actions;
  • created a new business continuity and disaster recovery program for its technical infrastructure and operations and hired a new senior IT specialist to direct this effort;
  • procured and implemented new security tools and security appliances at the Alternate Computing Facility (ACF) to move the facility towards improved compliance with federal IT standards;
  • successfully powered down and powered up the Primary Computing Facility in a July 2016 exercise, the largest disaster recovery exercise ever conducted at the Library;
  • successfully transferred to the ACF several business-critical IT systems during the July 2016 exercise;
  • hired key management officials including an enterprise system engineer, IT investment manager, and a new governance and risk management official; and
  • implemented, in coordination with the Office of the Chief Financial Officer, accounting procedures to identify, record, and classify IT expenses and investments.

We commend the CIO for the accomplishments made during this semiannual period. Long-term improvements in the Library's IT operations and culture will require a commitment to both a strategic operating approach and the repositioning of the CIO to the highest tier of Library management.

COLLECTIONS STORAGE

The Library's collections storage spaces are neither sufficient for current materials nor able to accommodate the Library's expected collections growth. The Library's internal control system may also not adequately respond to the risks posed by items being stored that are not fully processed.

Our September 2013 report showed that since FY 2003, the Library's collection of material has grown by almost 22 percent from 127 million to more than 155 million by FY 2012 and we project that the collection will grow to an estimated 178 million items by FY 2020.footnote #4

Additionally, our August 2016 report showed that the Prints and Photographs (P&P) Division has a growing amount of items in storage that are not fully processed. According to OIG's analysis of the division's data, the quantity of such material increased by over 1 million items, or by 39 percent, from approximately 3 million items at the close of FY 2005 to about 4 million items at the close of FY 2014. At the time of our fieldwork, OIG determined that the P&P Division would need approximately 40-60 years to eliminate its backlog of materials that are not fully processed, which has grown over time. These items are at a greater risk of theft, damage, and loss because unprocessed materials lack adequate bibliographic, inventory, and security controls.

OIG does not have a position on how much unprocessed material the Library can or should maintain but does recommend that the Library examine its internal control system to determine whether it responds appropriately to the risks posed by such a backlog. As part of the audit, OIG was unable to identify any Library-wide policies, procedures, or other guidance that outlined management's directives related to responding to the risks posed by items that are not fully processed, including the risks associated with storing such items.footnote #5 In response, Library Services plans to conduct an assessment of the risks.

As summarized in the following bullets, the Library has taken several meaningful steps to alleviate some of its collections storage issues:

  • Construction of additional Fort Meade collections storage and preservation modules has expanded the Library's storage spaces. Construction on Module 5 began in October 2015; occupancy is anticipated in late 2017.footnote #6 The Architect of the Capitol (AOC) received FY 2016 funds to cover the costs of designing Module 6 that will be twice the size of Module 5; design submission and cost estimate documents are scheduled for delivery in early 2017.
  • To maximize storage capacity on Capitol Hill, the Library implemented a program to shelve selected categories of newer books by fixed location order rather than by subject classification.footnote #7 In FY 2016, the Library shelved an additional 419,526 items using this arrangement.
  • In areas that are structurally suitable, the Library is replacing fixed shelving with movable or compact shelving, which increases the amount of space available for shelves. There are also multiple compact shelving installation and replacement projects in process in the Madison Building.
  • The Library has worked with AOC to procure interim leased storage space. In late FY 2015, AOC obtained on behalf of the Library a lease for five years with options to extend a 50,030 square-foot space in the Cabin Branch Distribution Center.footnote #8,footnote#9

OIG plans to review collection storage issues for digital materials in future audit work. Although the majority of the Library's collections are in an analog format, the Library is increasing its digital collections. For example, at the end of FY 2014, a total of 143,000 volumes containing 30 million images had been digitally scanned.

CONTRACTING

As Library management continues to focus on the long-term systemic weaknesses in its contracting function, it must reshape the function with a vision that provides agency customers with the same operating advantages found in well-performing organizations. To accomplish this, Library management should identify the key strategic and operating attributes of well-performing contracting operations and develop a strategy to implement them at the Library.footnote #10

The contracting function continues to experience long-term weaknesses in the areas of acquiring and retaining knowledgeable staff, reducing the time between acquisition planning and contract award, and producing management data for evaluating and improving performance. To address the root causes of these diverse issues, management should seek resources and solutions outside of the Library. Additionally, management should build upon work previously conducted with the agency's enterprise architect (EA) function to develop a comprehensive strategy to transform contract operations using state of the art technologies and business processes. Implementing forward-looking solutions instead of static fixes will depend on a robust EA effort.

The Director of Contracts and Grants Management noted that improving the fidelity of procurement data is a goal for the coming FY to ensure that the gains he believes have been made over the past several years are maintained and continue to deliver improved results over time. The gains include improvements in delivery of contract services while improving contract quality and staff expertise, a year-over-year increase in the number of actions completed and dollars obligated, and deployment of tools to improve performance and communications. The Director cites the award of agency and Legislative-branch wide contracts, streamlined ordering procedures to include use of purchase cards and direct ordering under Library contracts, improved controls through deployment of standard clauses and contract templates, and monitoring of key performance indicators for feedback, lead time, risk, and client service. The Director maintains that one indication of success was the completion of the majority of contract actions early in the fourth quarter of FY 2016, thereby reducing the risks associated with a high volume of fiscal year-end contract activity.

We commend Library management for the improvements noted above. However, our concern is that these improvements are both incremental and serve only to improve a static vision of the contracting process. In contrast, we believe Library management must refresh its approach and produce a new template for improving its procurement activities. Prior to the conclusion of this semiannual period, we initiated a comprehensive performance audit of the Library's contracting function to update the Congress on the Library's efforts to improve this area and to more fully assess the status of this top management challenge.

Audits, Surveys, and Reviews

The Prints and Photographs Division Effectively Tracks Its Materials, But Needs to Assess the Risks Associated With Its Growing Quantity of Materials Not Fully Processed

Audit Report No. 2014-PA-106 August 2016

OIG conducted a performance audit of the P&P Division's administrative and accounting controls over its collection. P&P accounted for all of the prints and photographs selected as part of OIG's tests, but OIG concluded that the division should strengthen its call slip practices and that the Library can gain efficiencies by restructuring the division's processes and technology used for ingesting material. The Library should also consider P&P's information-related requirements when evaluating possible replacements to the Integrated Library System.

Additionally, OIG analyzed P&P's acquisition data over FYs 2005-2014 and determined that the division had not kept pace with processing new acquisitions. This poses a risk for theft, damage, and loss because unprocessed materials lack adequate bibliographic, inventory, and security controls. At the time of our fieldwork, OIG determined that P&P would need approximately 40-60 years to eliminate its backlog of materials that are not fully processed, which has grown over time. OIG does not have a position on how much unprocessed material the Library can or should maintain, but does recommend that the Library examine its internal control system to determine whether it responds appropriately to the risks posed by such a backlog.

Fiscal Year 2015 Review of Server Configurations of Tier 1 Systems: Summary Report

Report No. 2015-IT-103 August 2016

OIG contracted with HMS Technologies, Inc. (HMS) to assess the Library's Tier 1 Systems. Tier 1 Systems are any IT system defined by the Library as needing recovery within a 24-hour time period. The review was done with the awareness that the new CIO is actively pursuing eff orts to bolster information technology capabilities and to bring the Library's systems into compliance with federal standards and best practices.

Library management agreed with all 27 recommendations made by HMS. We are not including details about the recommendations because of the sensitive nature of the information contained in the report. The report was not issued for public release. OIG will monitor the Library's progress in addressing the recommendations as part of our semiannual report process.

<

Open World Leadership Center

Fiscal Year 2015 Financial Statements

The Open World Leadership Center (Open World) hosts emerging political and civic leaders from post-Soviet countries through its congressionally sponsored exchange program. Librarian Dr. Carla Hayden joined Open World's Board of Trustees in September 2016.

Under contract with OIG, the accounting firm CliftonLarsonAllen audited Open World's FY 2015 financial statements and issued its Independent Auditor's Report. The audit included Open World's balance sheets and the related statements of net costs, changes in net position, and combined statement of budgetary resources. The auditors concluded that the financial statements presented fairly, in all material respects, the financial position of Open World.

In FY 2014, CliftonLarsonAllen's examination of Open World's internal controls for financial reporting identified a material weakness. Open World did not have the proper controls in place to prevent obligations from being recorded when no documentary evidence existed to support such action. Open World responded by implementing a process to ensure full compliance and CliftonLarsonAllen, in its FY 2015 audit, closed the recommendations it had made previously in relation to this issue.

Audit of Overseas Field Office - Cairo

Audit Report No. 2015-PA-103 September 2016

OIG contracted with CliftonLarsonAllen to review the compliance of the Library's field office in Cairo, Egypt with the Library's procedures and internal controls for fi eld offices and to review selected financial transactions for propriety.

Library management agreed with all six recommendations made by CliftonLarsonAllen. We are not including details about the recommendations because of the sensitive nature of the information contained in the report. The report was not issued for public release. OIG will monitor the Library's progress in addressing the recommendations as part of our semiannual report process.

Audit of Overseas Field Office - New Delhi

Audit Report No. 2015-PA-104 September 2016

OIG contracted with CliftonLarsonAllen to review the compliance of the Library's field office in New Delhi, India with the Library's procedures and internal controls for field offices and to review selected financial transactions for propriety.

Library management agreed with all ten recommendations made by CliftonLarsonAllen. We are not including details about the recommendations because of the sensitive nature of the information contained in the report. The report was not issued for public release. OIG will monitor the Library's progress in addressing the recommendations as part of our semiannual report process.

Other OIG Audit Activities

Congressional Briefing on the Library's Deacidification Program OIG reviewed the Library's Mass Deacidification Program. Mass Deacidification is a process to extend the life and utility of paper-based materials that are at-risk of severe aging and decomposition due to the materials' acidic content. OIG's activities involved conducting interviews, completing a documents and contracts analysis, performing a site visit that included direct inspection of the mass deacidification process, and the development of a workflow of the process.

Office of Inspector General Audit Peer Review

OIG recently went through a peer review related to our work from April 1, 2013 to March 31, 2016 and received a rating of pass. No recommendations were made. Government Auditing Standards require that audit organizations be reviewed by a peer organization. The objectives of the review are to determine whether an effective quality control system has been established and policies, procedures, and applicable government auditing standards are followed. Peer reviews must be performed at least once every three years by reviewers independent of the audit organization being reviewed. OIG's peer review was conducted by the Peace Corps OIG in September 2016.

Review of Legislation and Regulations

Table 1 : Review of Library of Congress Regulations (LCRs) and Directives Reviewed -- Inspector General LCR 1510 Financial Management and Standards

Comments by the Office of the Inspector General -- We suggested wording changes for clarification purposes.

Investigations

During this reporting period, OIG opened two investigations and closed eleven. We forwarded two investigations to Library management for administrative action. No investigations were presented to the Department of Justice for criminal prosecution. One complaint was closed. With regard to our hotline program, we received forty-four hotline communications. Six were referred to Library and United States Capitol Police management, none were opened as an investigation, and twenty-six were closed with no action. Nineteen hotline communications and two complaints remained open at the end of the reporting period.

Significant Investigations

Employee Misconduct, Misuse of a Library Computer

OIG conducted an investigation and determined that an employee used their work computer to visit Internet sites and download sexually explicit material. We issued a Report of Investigation to Library management, which used the information as part of an existing disciplinary proposal for the employee. The employee entered into a Positive Action Contract and was reassigned to a temporary Not to Exceed appointment. The employee is no longer employed at the Library.

Employee Misconduct, Time and Attendance Irregularities

The OIG Hotline received notification that a senior level employee was leaving work to engage in personal activities without taking adequate leave. OIG reviewed leave and other records and, when interviewed with the evidence, the employee admitted to leaving work for personal activities numerous times over the past six years without taking appropriate leave. The employee retired and voluntarily agreed to have three hundred sixty hours of annual leave deducted from the employee's leave balance prior to retirement.

Employee Misconduct, Time and Attendance Irregularities

OIG received a referral from Library management that a library technician was operating a business during office hours and while on the Library's premises. OIG reviewed telephone logs and other records, which appeared to substantiate management's concerns. However, while under investigation by OIG, the employee resigned and consequently our case was closed without action.

Unimplemented Recommendations footnote#11

Table 2A: Significant Recommendations from Previous Semiannual Reports for Which Corrective Action Has Not Been Completed

Subject / Report No. Issue Date / Office / Rec. No. / Summary and Status of Recommendation

Office of the Librarian / Office of the Chief of Staff

Raiser's Edge Software Program 2006-IT-302 December 2007 Development Office

III

System managers for Raiser's Edge should regularly review the system's transaction logs for suspect data events—A contract was awarded in September 2016 and a project has been initiated to implement the product. The estimated completion date is the second quarter of FY 2017.

Weaknesses in the Acquisition Function 2011-SP-106 March 2012 Office of the General Counsel II.G.1

Develop directives that clearly set forth the policy and constraints for using Library of Congress Regulation 2111—The Office of the General Counsel (OGC) has filmed and will make available a training webinar. OGC has also drafted a directive that will be circulated to relevant stakeholders in first quarter of FY 2017.

Office of the Librarian / Office of the Chief Operating Officer

Information Technology Strategic Planning Follow-Up 2011-IT-103 December 2011 Office of the Chief Information Officer I.2.C

Account for all information technology (IT) costs, including computer security, as part of the IT budgetary process—The Office of the Chief Financial Officer (OCFO) and the Office of the Chief Information Officer (OCIO) created a process to identify IT expenditures during the procurement process which would provide for accounting of IT-related expenditures. FY 2016 was a transition year to the new process; full implementation will be done in FY 2017. To capture more granular expenditure data, OCIO has also established three new expenditure categories in Momentum (i.e., Mission Specific and Enterprise Shared, IT Management, and Program/Project Management). Momentum users have been instructed to begin transitioning to these new categories during FY 2017 and the existing "Other IT" category will be removed from the system for the FY 2018 cycle. The estimated completion date is the second quarter of FY 2018.

Maturity of System Development Life Cycle Processes and Procedures 2013-IT-105 February 2015 Office of the Chief Information Officer 1
Issue a Library-wide policy that communicates the mandatory requirements of the System

Development Life Cycle (SDLC) process outlined in the existing Information Technology Services Project Management Guide to ensure consistent management of the Library's IT projects—As noted in the March 2016 status update, Library of Congress Regulation (LCR) 1600 has been split into several new regulations to better address the roles and responsibilities of the OCIO, the Information Technology Steering Committee, the Architecture Review Board, the Web Governance Board, Information Resource Management, IT Strategic Planning, Information Technology Investment Management (ITIM), Enterprise Architecture, Project Management, and Records Management. These draft regulations were submitted for promulgation to OGC on September 9, 2016. OCIO will also issue a Library-wide policy that communicates the mandatory requirements of the SDLC process by the second quarter of FY 2017.

Maturity of System Development Life Cycle Processes and Procedures 2013-IT-105 February 2015 Office of the Chief Information Officer 2

Establish a centralized Library-wide Project Management Office (PMO) to communicate and enforce the Library's Project Management Life Cycle (PMLC)/SDLC methodology and to ensure the Library's major IT projects are effectively managed in a consistent manner across all service units. The central PMO should continuously monitor all SDLC projects and update all SDLC plans and instructions for Library-wide distribution—See the status update provided for recommendation 1 for 2013-IT-105. The draft LCR regarding the PMO establishes its responsibility for enforcing the Library's PMLC/SDLC methodologies, as recommended. The estimated completion date is first quarter of FY 2017.

Maturity of System Development Life Cycle Processes and Procedures 2013-IT-105 February 2015 Office of the Chief Information Officer 3

Perform disciplined uniform performance and quality reviews (preferably by the PMO) on all major SDLC projects in the Library—See the status update provided for recommendation 1 for 2013-IT-105. Additionally, a contract was awarded in September 2016 to perform disciplined uniform performance and quality reviews on all major SDLC projects. The estimated completion date is the third quarter of FY 2017.

Maturity of System Development Life Cycle Processes and Procedures 2013-IT-105 February 2015 Office of the Chief Information Officer 4

Establish budget methodology to track project development costs and measure variances against approved costs—Tracking of IT investments through Unique Investment Identifier (UII) coding in the Library of Congress Budget System (LCBS) is on schedule for implementation in FY 2017. IT investments approved in FY 2017 with related approved projects will be chartered and tracked by the PMO and tracked back to the investment via the UII code. The estimated completion date is the second quarter of FY 2018.

Maturity of System Development Life Cycle Processes and Procedures 2013-IT-105 February 2015 Office of the Chief Information Officer 5

Establish a central data repository with the Enterprise Architect and/or PMO to store all project artifacts, including cumulative cost and schedule data. In addition, periodically perform an internal and/or external inspection of the Library's IT projects and update the EA repository with the results of the inspection if necessary—See the status update provided for recommendation 1 for 2013-IT-105. The draft LCR regarding the PMO specifies the central data repository for project artifacts. The estimated completion date is the second quarter of FY 2017.

Maturity of System Development Life Cycle Processes and Procedures 2013-IT-105 February 2015 Office of the Chief Information Officer 6

Centralize the assessment of the Library's IT portfolio with the PMO and prohibit the existing practice of service unit IT investment self-assessments—See the status update provided for recommendation 1 for 2013-IT-105. Assessment of the Library's IT portfolio is described in the draft LCR regarding ITIM. A portfolio process is being implemented and refined as part of the IT investment management process. At the conclusion of the pilot year, OCIO anticipates having baseline information sufficient to formalize and publish this process. The estimated completion date is the second quarter of FY 2017.

Maturity of System Development Life Cycle Processes and Procedures 2013-IT-105 February 2015 Office of the Chief Information Officer 7

Revise LCR 1600 to clearly delineate ownership and stewardship of IT assets—See the status update provided for recommendation 1 for 2013-IT-105. The draft LCR regarding the OCIO establishes the Chief Information Officer (CIO) as the owner and steward of the Library's commodity IT. The estimated completion date is the first quarter of FY 2017.

Design of Library-Wide Internal Controls for Tracking IT Investments 2014-IT-101 March 2015 Office of the Chief Information Officer I.1.A

Library policy documents (LCR 1600 and the Information Technology Steering Committee Charter) need to be updated with clear direction on members, roles, and responsibilities—See the status update provided for recommendation 1 for 2013-IT-105. The relevant draft LCR describes the PMO's role and responsibilities. The estimated completion date is the first quarter of FY 2017.

Design of Library-Wide Internal Controls for Tracking IT Investments 2014-IT-101 March 2015 Office of the Chief Information Officer I.1.B

Assign financial responsibility to the Chief Financial Officer (CFO) to strengthen accountability for enforcement of internal controls and linkage to the Library IT budget. Articulate the level and responsibilities of voting members from each service unit in the ITSC Charter. The Director of Strategic Planning should also be consulted to ensure that all IT capital investments have goals and appropriate metrics have been defined—See the status update provided for recommendation 1 for 2013-IT-105. The relevant draft LCR describes the roles and responsibilities of the CFO and the Director of Strategic Planning and Performance Management (SPPM) with regard to the ITIM process. The estimated completion date is the first quarter of FY 2017.

Design of Library-Wide Internal Controls for Tracking IT Investments 2014-IT-101 March 2015 Office of the Chief Information Officer I.2

The ITSC should report directly to the Chief of Staff or higher position. Clarify the roles and responsibilities of the Deputy Librarian/Chief of Staff in the ITSC policy/charter to strengthen ITSC oversight of IT investments—See the status update provided for recommendation 1 for 2013-IT-105. The relevant draft LCR describes the roles and responsibilities of the CIO with regard to ITSC activities, including chain of command. The estimated completion date is the first quarter of FY 2017.

Design of Library-Wide Internal Controls for Tracking IT Investments 2014-IT-101 March 2015 Office of the Chief Information Officer I.3

Document the role and responsibilities of the CIO in the ITSC Charter. Restrict or eliminate the delegation of CIO responsibilities with respect to ITSC activities—See the status update and estimated completion date provided for recommendation I.2 for 2014-IT-101. The relevant draft LCR describes the roles and responsibilities of the CIO with regard to ITSC activities, including chain of command. The estimated completion date is the first quarter of FY 2017.

Design of Library-Wide Internal Controls for Tracking IT Investments 2014-IT-101 March 2015 Office of the Chief Information Officer II.1.A

Implement a Capital Planning and Investment Control (CPIC) process, to include Office of Management and Budget (OMB) Exhibit 300 data and information to enable IT investment alignment with the Library mission and support business needs while minimizing risks and maximizing returns throughout the investment's life cycle—OCIO has completed the first FY of its new IT investment process, which includes clear linkage to the Library's strategic plan. Feedback regarding process improvements is being incorporated on a continuous basis to ensure that the IT investment process fully aligns with the Library mission and supports business needs. The estimated completion date is the second quarter of FY 2017.

Design of Library-Wide Internal Controls for Tracking IT Investments 2014-IT-101 March 2015 Office of the Chief Information Officer II.1.B

Research cost effectiveness of using the General Services Administration-managed eCPIC tools as a method for institutionalizing capital planning activities—OCIO is currently conducting an analysis of alternatives (build vs. buy) for a tool to support the IT investment management process. eCPIC and similar tools are being considered as part of that analysis. OCIO anticipates that this analysis will be completed by the second quarter of FY 2017, after which time a plan for acquisition or build would be developed.

Design of Library-Wide Internal Controls for Tracking IT Investments 2014-IT-101 March 2015 Office of the Chief Information Officer II.3.A

Document roles for the CFO, Budget Officer, and Director of Grants and Contracts Management in the development of the ITSC Charter and LCR 1600 (guidance documentation) in the Library's technology investment process—See the status update provided for recommendation 1 for 2013-IT-105. The relevant draft LCR describes the roles and responsibilities of the CFO and Director of Contracts and Grants Management with regard to the ITIM process. The estimated completion date is the fi rst quarter of FY 2017.

Design of Library-Wide Internal Controls for Tracking IT Investments 2014-IT-101 March 2015 Office of the Chief Information Officer II.3.B

Improve internal budget/project communications and training on how to develop, capture, and report project costs uniformly across the service units—See the status update provided for recommendation 1 for 2013-IT-105. The relevant draft LCR describes the PMO's roles and responsibilities. Procedures and guidance supporting the LCR, including how to develop, capture, and report project costs uniformly across the service units, are now being drafted. Once promulgated, the PMO will provide training on these procedures. The estimated completion date is the second quarter of FY 2017.

Design of Library-Wide Internal Controls for Tracking IT Investments 2014-IT-101 March 2015 Office of the Chief Information Officer III.2.A

Appoint a permanent CIO responsible for IT investments, along with ensuring that OMB Exhibit 300-type information is included in budget requests for IT investments—See the status update provided for recommendation 1 for 2013-IT-105. The relevant draft LCR describes the CIO's role and responsibilities on the ITSC, and the information required for IT investment budget requests. The estimated completion date is the first quarter of FY 2017.

Design of Library-Wide Internal Controls for Tracking IT Investments 2014-IT-101 March 2015 Office of the Chief Information Officer III.2.B

Adopt aspects of H.R. 1232 "Federal Information Technology Acquisition Reform Act" (FITARA) -- a bill passed by the House of Representatives -- that would have increased the power of existing Chief Information Officers within federal agencies so that they could be more effective. Each agency would also be reduced to having only one CIO in the agency, who is then responsible for the success and failure of all IT projects in that agency—See the status update provided for recommendation 1 for 2013-IT-105. A permanent CIO was appointed FY15 Q4 and reported for duty on September 8, 2015. The relevant draft LCR describes the CIO's role and responsibilities, and also adopts aspects of FITARA. The estimated completion date is the first quarter of FY 2017.

Design of Library-Wide Internal Controls for Tracking IT Investments 2014-IT-101 March 2015 Office of the Chief Information Officer IV.1.A

The CFO (or higher) should ensure that the ITIM process is followed by all service units—See the status update provided for recommendation 1 for 2013-IT-105. The relevant draft LCR describes the ITIM process, including service unit responsibilities and requirements for participation. The estimated completion date is the first quarter of FY 2017.

Design of Library-Wide Internal Controls for Tracking IT Investments 2014-IT-101 March 2015 Office of the Chief Information Officer IV.1.B

Provide training and awareness of the ITSC oversight process for mid- and senior-level managers across the Library (all services units)—See the status update provided for recommendation 1 for 2013-IT-105. The Information Technology Investment Manager Project Officer (ITIMPO) continues to provide ongoing informal process-related training to a variety of audiences including mid- and senior-level managers across the Library. Once the relevant LCR is promulgated, a presentation of the ITSC oversight process to the IT Collaborative is planned. The estimated completion date is the second quarter of FY 2017.

Design of Library-Wide Internal Controls for Tracking IT Investments 2014-IT-101 March 2015 Office of the Chief Information Officer V.1.A

Align current cost development processes for IT investments to coincide with requirements for OMB reporting, such as the use of an earned value management system to track costs on high-risk projects, as discussed in Capital Programming Guide, V.3.0, Supplement To OMB Circular A-11: Planning, Budgeting, and Acquisition of Capital Assets—See the status update provided for recommendation 1 for 2013-IT-105. The relevant draft LCR describes the PMO's roles and responsibilities. Procedures and guidance supporting the LCR, including how to develop, capture, and report project costs uniformly across the service units, are now being drafted. Once promulgated, the PMO will provide training on these procedures. The estimated completion date is the fourth quarter of FY 2017.

Design of Library-Wide Internal Controls for Tracking IT Investments 2014-IT-101 March 2015 Office of the Chief Information Officer V.1.B

Implementation of these practices may require procedural changes used by the service units for reporting expenditures and systemic modifications to Momentum and the budget system (Clarity) that are used for tracking costs—OCFO and OCIO created a process to identify IT expenditures during the procurement process which provides for accounting of IT-related expenditures. FY 2016 was a transition year to the new process; full implementation will occur by the fourth quarter of FY 2017. To capture more granular expenditure data, OCIO has also established three new expenditure categories in Momentum—Mission Specific and Enterprise Shared, IT Management, and Program/Project Management. Momentum users have been instructed to begin transitioning to these new categories during FY 2017 as the existing "Other IT" category will be removed from the system for the FY 2018 cycle.

Design of Library-Wide Internal Controls for Tracking IT Investments 2014-IT-101 March 2015 Office of the Chief Information Officer V.1.C

Establish a formal process to reconcile cost variance reported by service units to the ITIM Portfolio Officer—The IT investment reporting process began using third quarter FY 2016 data. The ITIMPO has solicited feedback from investment managers to identify process and data improvements for upcoming quarters. OCIO will implement a process to reconcile cost variance reported by service units following Library-wide implementation of this reporting process. The estimated completion date is the third quarter of FY 2017.

Design of Library-Wide Internal Controls for Tracking IT Investments 2014-IT-101 March 2015 Office of the Chief Information Officer V.2.A

Use primary source documentation throughout the ITSC process. Part of the ITSC package should include financial system information, budgetary information, acquisition system information, as well as performance monitoring information—The IT investment reporting process began using third quarter FY 2016 data. The process may include usage of primary source documentation, such as financial reports to track execution of non-personnel costs. The ITIMPO has solicited feedback from investment managers to identify process and data improvements for upcoming quarters. The estimated completion date is the second quarter of FY 2018.

Design of Library-Wide Internal Controls for Tracking IT Investments 2014-IT-101 March 2015 Office of the Chief Information Officer V.2.B

Include the OCFO review of costs (in summary form) before approval of a new project, and at major checkpoints (milestones) throughout the project life cycle—See the status update provided for recommendation 1 for 2013-IT-105. OCIO began requiring service units to identify an IT expenditure category for all Momentum transactions in 2016. OIG's recommendation, however, referred mainly to OCFO's role in the ITIM process. This is addressed in the draft LCRs regarding the ITIM framework and the roles and responsibilities of the ITSC. Th e estimated completion date is the first quarter of FY 2017.

Design of Library-Wide Internal Controls for Tracking IT Investments 2014-IT-101 March 2015 Office of the Chief Information Officer V.2.C

Institute better tracking of IT investments through changes in the Momentum and Clarity financial systems—OCFO and OCIO created a process to identify IT expenditures during the procurement process which provides for accounting of IT-related expenditures. Tracking of IT investments through UII coding in the LCBS is on schedule for implementation in FY 2017. The estimated completion date is the second quarter of FY 2018.

Design of Library-Wide Internal Controls for Tracking IT Investments 2014-IT-101 March 2015 Office of the Chief Information Officer VI.2

Document the role of the Strategic Planning Officer (SPO) in the ITSC process to ensure a synchronized planning cycle. Develop a process for proper timing of strategic planning for investments (early) and a direct tie-in between strategic plans and the ITSC process—See the status update provided for recommendation 1 for 2013-IT-105. The role of SPPM (formerly known as the Strategic Planning Office (SPO)) has been defined in a draft LCR. In the interim, a representative of SPPM has been added to the ITSC as a non-voting member and regularly participates in ITSC meetings. The estimated completion date is the first quarter of FY 2017.

Design of Library-Wide Internal Controls for Tracking IT Investments 2014-IT-101 March 2015 Office of the Chief Information Officer VI.3.A

Document a needed linkage between ITSC and the SPO; including roles and responsibilities throughout the ITSC life cycle—See the status update and estimated completion date provided for recommendation VI.2 for 2014-IT-101. The role of SPPM (formerly known as the Strategic Planning Office (SPO)) has been defined in a draft LCR. In the interim, a representative of SPPM has been added to the ITSC as a non-voting member and regularly participates in ITSC meetings. The estimated completion date is the first quarter of FY 2017.

Design of Library-Wide Internal Controls for Tracking IT Investments 2014-IT-101 March 2015 Office of the Chief Information Officer VI.3.B

Implement a portfolio process, similar to OMB Exhibit 53—See the status update provided for recommendation 1 for 2013-IT-105. Assessment of the Library's IT portfolio is described in the draft LCR regarding the ITIM process. A portfolio process is being implemented and refined as part of the IT investment management process. At the conclusion of the pilot year, OCIO anticipates having baseline information sufficient to formalize and publish this process. The estimated completion date is the second quarter of FY 2017.

Design of Library-Wide Internal Controls for Tracking IT Investments 2014-IT-101 March 2015 Office of the Chief Information Officer VII.1.A

The Chief of Staff should implement a continuous improvement program within the Executive Committee and ITSC to identify opportunities for process improvement in the areas of cost accounting, performance management, and all areas of the ITSC—See the status update provided for recommendation 1 for 2013-IT-105. The relevant draft LCR describes the ITIM process, including areas of cost accounting, performance management, and other workfl ows. The estimated target completion date for this recommendation has been extended to the third quarter of FY 2018 to enable ITSC to obtain feedback and identify opportunities for process improvement in the areas of cost accounting, performance management, and other workflows. Until appropriate policies and procedures have been promulgated, then tested through practice, a baseline for measuring continuous improvement will not have been established.

Design of Library-Wide Internal Controls for Tracking IT Investments 2014-IT-101 March 2015 Office of the Chief Information Officer VII.1.B

The Chief of Staff should take steps to update the Library's existing information resource management, ITIM, and EA policies and practices. These existing standards need to be updated with lessons learned or improvements that are aligned with the Library's evolving strategic plan and leading or best practices—See the status update provided for recommendation 1 for 2013-IT-105. Assessment of the Library's IT portfolio is described in the LCR regarding ITIM. The estimated completion date is the fi rst quarter of FY 2017.

Design of Library-Wide Internal Controls for Tracking IT Investments 2014-IT-101 March 2015 Office of the Chief Information Officer VII.2.A

The CIO should champion a best practice governance methodology to build awareness and understanding of best practices in the areas of IT management and program governance—See the status update provided for recommendation 1 for 2013-IT-105. The relevant draft LCR regarding the OCIO establishes the CIO's role as a champion of best practice governance methodology. The estimated completion date is the first quarter of FY 2017.

Design of Library-Wide Internal Controls for Tracking IT Investments 2014-IT-101 March 2015 Office of the Chief Information Officer VII.2.B

Define benchmarks for ITSC management processes against appropriate public and private sector standards, organizations, and/or processes in terms of costs, speed, productivity, and quality of outputs and outcomes to measure steering committee effectiveness—See the status update provided for recommendation 1 for 2013-IT-105. Once the new LCRs have been promulgated, OCIO will begin to identify appropriate benchmarks for ITSC management processes. The estimated completion date is the fourth quarter of FY 2017.

eDeposit and eCollections Strategy 2014-PA-101 April 2015 Librarywide 2

The Librarian should require the Architecture Review Board to: ensure that the eCollections Strategy and related activities are sufficiently addressed in the EA's current or "as-is" environment, the target or "to-be" environment, and the roadmap leading from the "as-is" to the "to-be" environment; sufficiently address and reduce the risk of implementing duplicative, poorly integrated, and unnecessarily costly eCollection activities; and sufficiently address the need for "robust security" to prevent "loss, alteration, and unauthorized access" of eCollections items—The contract to fulfill this recommendation was awarded in September 2016. The current or "as-is" environment, the target or "to-be" environment, and the roadmap leading from the "as-is" to the "to-be" environment will be documented for eCollections as part of this contract work. Since this task order was awarded in late September 2016, the estimated completion date is now the third quarter of FY 2017.

eDeposit and eCollections Strategy 2014-PA-101 April 2015 Librarywide 4

The Librarian should take the following steps to implement better governance and accountability in order to ensure timely implementation of the Librarian's vision to acquire digital works: create a mechanism for the Librarian and his immediate leadership team to receive executive-level reports on a regular basis on eCollection activities, mandate their review, and take timely action as necessary to ensure that such activities stay inline with the Librarian's vision and with senior leadership's cost, schedule, and performance expectations; provide greater clarity on the role of the Executive Committee (EC) in monitoring and overseeing cross-cutting IT programs; and ensure the EC's consistent involvement, support, and oversight of the eDeposit Program and the eSerials Project—In the fourth quarter of FY 2016, OCIO and Library Services senior management met to initiate an eCollections Steering Group, which will be responsible for developing and implementing the eCollections Strategy. A draft charter will be created in the first quarter of FY 2017 with the goal of receiving Librarian of Congress and EC approval by the second quarter of FY 2017. The charter will include executive level reporting, roles, and responsibilities. The estimated completion date is the fourth quarter of 2017.

eDeposit and eCollections Strategy 2014-PA-101 April 2015 Librarywide 5

ITSC does not have the necessary data to align information technology goals, objectives, and priorities with the strategic needs and plans of the Library. The Librarian should do the following to correct this: direct the CFO to provide information on the full universe of IT investments budgeted in each fiscal year for eCollection activities to the ITSC on an ongoing basis, as well as provide actual year-to-year costs for budget versus actual comparisons; require ITSC to formulate approval and monitoring criteria that align with the Library's organizational priorities as stated in an eCollections Strategy and associated enterprise architecture, as well as with common requirements spanning the Library's service units for ingesting and protecting electronic works; and require the chair of the ITSC to report regularly to the Librarian, his designee, and/or the EC about ITSC decisions and oversight issues related to the schedule, cost, and performance of eCollection activities—See the status update provided for recommendation 1 for 2013-IT-105. The draft ITIM policy addresses budget and actual costs for all IT investments including eCollections activities. The estimated completion date is the fourth quarter of 2017.

eDeposit and eCollections Strategy 2014-PA-101 April 2015 Librarywide 6

To improve the organizational and financial management of its eCollection activities, the Librarian needs to require that service units: adopt and implement Library-wide best practices for standardizing program and project management to increase the likelihood of delivering effective digital transformations on time and on budget; and collect, track, and use quantitative data demonstrating variances in project delivery and investment targets to inform management oversight and reporting, including budget, planning, and investment decision-making going forward. This information should be used as part of the Library's performance management process—See the status update provided for recommendation 1 for 2013-IT-105. The relevant draft LCR describes the PMO's role and responsibilities for IT projects. In this LCR, the PMO is responsible for enforcing the Library's PMLC/SDLC methodologies. As noted in the March 2016 status update, a contract to perform IT project reviews was awarded in September 2016. The scope of this contract includes a review of quantitative project data to track cost variances. The estimated completion date is the third quarter of FY 2017.

eDeposit and eCollections Strategy 2014-PA-101 April 2015 Librarywide 7

For all technology investments, the Librarian should: (1) require service units and sponsors of significant IT investments (regardless of funding source) to complete a business case document that demonstrates how each IT project would meet organizational needs; outlines benefits, estimated costs, and risks, including the results of a cost-benefit analysis; and establishes a preliminary schedule for implementation; (2) require the business case document to be submitted to the ITSC for review during an early phase of product development and require the business case to be periodically reviewed and verified by ITSC with respect to the business need(s) being supported; (3) direct the CFO to develop the capability to fully project, capture, and track the actual costs of IT-related activities, including payroll costs; and (4) require the SPO or another unit to develop the capability for the Librarian and his immediate leadership team to monitor significant IT investments across the Library's various planning, budgeting, program/project management, and financial accounting systems to reveal inefficiencies and ineffectiveness in order to address problems in a timely manner—See the status update provided for recommendation 1 for 2013-IT-105. The relevant draft LCR regarding the ITIM process requires service units to submit a business case document (IT Investment Proposal) which will be reviewed by the ITSC. Tracking of IT investments through UII coding in the LCBS is on schedule for implementation in FY 2017. In FY 2016, the ITSC monitored all IT investments to reveal inefficiencies and duplication and then provided recommendations to the EC; this process will continue in FY 2017. The estimated completion date is the first quarter of FY 2017.

Library Services eDeposit and eCollections Strategy 2014-PA-101 April 2015 Library Services 1

To become more cost efficient and to ensure that eCollection activities are meeting the Library's strategic business objectives, the Library needs an overarching, transformative eCollections Strategy for collecting electronic works that does the following: groups programs, projects, and other IT work together to facilitate effective portfolio management of activities related to collecting electronic works, including born-digital works; identifies the Library's organizational priorities related to these programs and projects and other IT work, makes investment decisions, and allocates resources accordingly; and focuses on meeting common requirements that span across the Library's service units—The Digital Collecting Strategy Framework was approved by the Acting Librarian in June. A draft digital collecting plan based upon the Framework is being developed for submission to the Librarian in the first quarter of FY 2017. The estimated completion date is the third quarter of FY 2017.

Implemented and Closed Recommendations footnote#12

Table 2B: Significant Recommendations from Previous Semiannual Reports

Which Were Implemented or Closed During This Period

Subject Report No. / Issue Date / Office / Rec. No. / Summary of Recommendation and Action

Surplus Books Program 2010-PA-106 September 2011 Integrated Support Services I.c.1

Update LCR 1816. Revisions should include designing a serialized General Property Pass document that is counterfeit resistant; reassigning the responsible office to ensure oversight; documenting accountability; and implementing procedures to more appropriately account for and retire used passes. The revised LCR should also implement a pass designed for specific Surplus Books Program use—Based on progress made, the recommendation has been closed.

Surplus Books Program 2010-PA-106 September 2011 Library Services II.a.1

The Surplus Books Program should implement a software application to collect and analyze program operating data—A database has been established.

Funds Questioned or Put to Better Use

Table 3: FY 2002-Present Funds Questioned or Put to Better Use

Funds Questioned and Put to Better Use $63,149,355

Ratio: Funds Questioned and Put to Better Use to OIG Discretionary Budget footnote#13 2.10:1

Table 4: FY 2016 Audits with Recommendations for Better Use of Funds None

Table 5: FY 2016 Audits with Questioned Costs

In need of management decision during the period (total questioned costs): $243,395 More than six months old: $243,395

Instances Where Information or Assistance Requests Were Refused

No information or assistance requests were refused during this period.

Status of Recommendations without Management Decisions

During the reporting period, there were no recommendations more than six months old without management decisions.

Significant Revised Management Decisions

During the reporting period, there were no significant revised management decisions.

Significant Management Decisions with Which OIG Disagrees

During the reporting period, there were no significant management decisions with which we disagreed.

Follow-Up on Prior Period Recommendations

For this semiannual report, we followed-up with Library management on all open recommendations and received comments on the status of all of them. The OIG summarized the comments and placed them in tables 2A and 2B. The assertions made in tables 2A and 2B are the representations of Library management and not of the OIG. The OIG periodically performs follow-up audits to verify implementation.

INSPECTOR GENERAL HOTLINE
HELP PROMOTE INTEGRITY, ECONOMY, AND EFFICIENCY
REPORT SUSPECTED FRAUD, WASTE, ABUSE, OR MISMANAGEMENT
COMPLAINTS MAY BE MADE ANONYMOUSLY
INSPECTOR GENERAL
LIBRARY OF CONGRESS
101 INDEPENDENCE AVENUE S.E.
LM-630
WASHINGTON, DC 20540 -1060
MAIN TELEPHONE NUMBER: (202) 707-6314
FAX NUMBER: (202) 707-6032
HOTLINE TELEPHONE NUMBER: (202) 707-6306
HOTLINE ONLINE FORM: https://www.loc.gov/about/office-ofthe-inspector-general/contact-us/
P.O. BOX: 15051 SE Station
Washington, DC 20003-9997

Any information you provide will be held in confidence. However, providing your name and a means of communicating with you may enhance our ability to investigate.

Office of the Inspector General
101 Independence Avenue SE
Washington, DC 20540-1060
Tel 202.707.6314 Hotline 202.707.6306
www.loc.gov/about/oig/

Footnotes

  1. The need for an organization-wide approach to building digital collections was demonstrated by OIG's audit of the eDeposit Program. The audit revealed that only incremental progress was made after five years in part because the Library lacked an overarching eCollections Strategy or plans for creating a digital platform that met common requirements for ingesting and protecting electronic works. See The Library Needs to Determine an eDeposit and eCollections Strategy, 2014-PA-101, April 2015.
  2. Digital Government: Building a 21st Century Platform to Better Serve the American People, May 2012, https://www.whitehouse.gov/sites/default/files/omb/egov/digital-government/digital-governmentstrategy.pdf.
  3. Strong Leadership Needed to Address Serious Information Technology Management Weaknesses, GAO-15-315, March 2015 and Information Technology: Copyright Office Needs to Develop Plans that Address Technical and Organizational Challenges, GAO-15-338, March 2015. The OIG's most recent report was The Library Needs to Determine an eDeposit and eCollections Strategy, 2014-PA-101, April 2015.
  4. The Library Collects Extensively but Faces Increasing Challenges in Processing, Controlling, Storing, and Making Accessible All It Collects, 2013-SP-102, September 2013.
  5. The Prints and Photographs Division Effectively Tracks Its Materials, But Needs to Assess the Risks Associated With Its Growing Quantity of Materials Not Fully Processed, 2014-PA-106, August 2016.
  6. The Library has approximately 1.2 million processed books at the Landover Annex waiting to go into the new module.
  7. In a classified collection area, empty spaces are left throughout the shelves to allow for newly published books to be inserted. A fixed location area is the opposite in that each book is added "at the end." As a result, there are no empty spaces and shelves can reach maximum capacity.
  8. OIG plans to inquire about the Library's plans to vacate Landover altogether because preliminary cost estimates show that the Landover leased space is significantly more expensive than that at Cabin Branch.
  9. In addition to the initiatives bulleted above, the Library now retains only one copy of most new U.S. monographs received for the general collections and existing additional copies already in the general collections are selectively considered for withdrawal. In FY 2016, 100,369 volumes were withdrawn from the general collections as part of the program.
  10. OIG's most recently issued report was Improvements Needed to Prevent Wasteful Procurement and Inefficient Disposal of IT Workstations, 2012-PA-101, September 2012.
  11. These status updates are management assertions and have not been audited.
  12. These status updates are management assertions and have not been audited.
  13. Total budget minus (1) unreimbursed cost of mandatory financial statement audits, including the cost of OIG staff to oversee financial statement activity, and (2) any unobligated funds returned to the Library for resource reallocation
 Back to top