A federal watchdog’s review of 15 major information technology investments at the Department of Defense found that many programs were below cost estimates, though several had delays in their original timelines, shortfalls in cybersecurity testing and software development workforce challenges.

The Government Accountability Office’s 18th annual “Defense Acquisitions Annual Report," released June 3, evaluated 15 major business and non-business information technology programs, the first time the GAO evaluated IT programs as part of the review. The IT projects the GAO examined totaled $15.1 billion in spending.

The report found that 11 of the 15 systems saw decreases in their in their life-cycle cost estimates.

The biggest cost saver was the Army Contract Writing System, which decreased its cost estimate by $229 million. That system will replace several legacy platforms and serve as the Army’s enterprise-wide contract management platform. Officials working on the systems with lower price tags said that the drops were due to contract cost revisions, program management efficiencies and lower costs than expected.

Two of the remaining four programs that had higher costs experienced increases of over 20 percent, though the report doesn’t note which programs. One program, not named in the report, experienced an increase of $315 million, or 151 percent. Officials from the unexpectedly expensive projects cited developmental challenges as a reason for the increases.

Two-thirds of the projects experienced schedule delays, ranging from one month for the Marine Corps’ Air Command and Control System Increment One, to five years for the Air Force’s Defense Enterprise Accounting and Management System-Increment One. Officials for delayed programs told the GAO that slowdowns occurred because of cybersecurity gaps, performance issues and longer-than expected maintenance periods.

The GAO also evaluated the use of software development by the systems, finding that 14 of the 15 programs were using various types of iterative software development, such as agile, incremental and waterfall, among others.

Among the other findings:

- All eight major business IT systems it evaluated were using commercial-off-the-shelf software, consistent with DoD guidance from 2017. COTS software is supposed to reduce cost, development time and increase delivery.

- Six of the 15 systems were conducting cybersecurity testing during the developmental stages of the program, which allows the services to fix vulnerabilities early in the software life cycle before the program is used, saving money and reduce delays before systems are fully implemented.

- Eleven of the 15 programs conducted operational cybersecurity testing, during which vulnerabilities and their effects are identified in a mission context, the GAO said.

While Pentagon leaders push faster delivery times on software, many programs reported workforce challenges associated with rapid development. According to the GAO, nine of the 15 programs said it was “difficult to find staff with the requisite expertise.” Seven struggled to hire staff fast enough to complete development, while six reported not meeting software engineering staff plans to be a challenge.

The watchdog evaluated five programs from the Air Force, four Navy projects, two Army investments and four programs from the office of the secretary of defense. The GAO report said that a companion report on other major Pentagon IT systems would be released later this year.

Andrew Eversden covers all things defense technology for C4ISRNET. He previously reported on federal IT and cybersecurity for Federal Times and Fifth Domain, and worked as a congressional reporting fellow for the Texas Tribune. He was also a Washington intern for the Durango Herald. Andrew is a graduate of American University.

More In IT and Networks