December 20, 2017
Quality Control Review for DOT’s Implementation of Enterprise Architecture
What We Looked At
This report summarizes the results of an audit of DOT’s implementation of enterprise architecture (EA) practices. DOT relies on over 450 information technology systems to conduct business and meet its mission. In 2012, OIG conducted an enterprise architecture-related audit. The Clinger-Cohen Act of 1996 requires each Federal department to develop and maintain an EA to integrate, plan changes, and avoid duplication of information systems. An effective EA can improve information security practices and help optimize the use of limited information technology resources.
We contracted with KPMG LLP, an independent public accounting firm, to conduct this audit subject to our oversight. The audit objectives were to (1) determine whether DOT has an effective enterprise architecture program and (2) to assess its progress in developing its department-wide EA and an EA performance measurement system. KPMG found that DOT’s EA program is not fully matured, integrated, and consistently implemented across the Department’s Operating Administrations.
What We Found
We performed a QCR of KPMG’s report and related documentation. Our QCR disclosed no instances in which KPMG did not comply, in all material respects, with generally accepted Government auditing standards.
DOT concurs with KPMG’s 11 recommendations.