Information Technology: Uncertainty Remains about the Bureau's Readiness for a Key Decennial Census Test

What GAO Found

The U.S. Census Bureau's (Bureau) 2020 Decennial Census program is heavily dependent upon the Census Enterprise Data Collection and Processing (CEDCAP) program to deliver the key systems needed to support the 2020 redesign. CEDCAP is a complex modernization program intended to deliver a system-of-systems for the Bureau's survey data collection and processing functions. In August 2016, GAO reported that while the two programs had taken steps to coordinate their schedules, risks, and requirements, they lacked effective processes for managing interdependencies. Officials acknowledged weaknesses in managing interdependencies and reported that they were taking steps to address them. Until these interdependencies are managed more effectively, the Bureau will be limited in its ability to meet milestones, mitigate major risks, and ensure that requirements are appropriately identified.

While the large-scale technological changes for the 2020 Decennial Census introduce great potential for efficiency and effectiveness gains, they also introduce many information security challenges. For example, the introduction of an option for households to respond using the Internet puts respondents more at risk for phishing attacks (requests for information from authentic-looking, but fake, e-mails and websites). The Bureau had begun efforts to address a number of these challenges; as it begins implementing this decennial census' design, continued focus on these considerable security challenges will be critical.

Looking forward, there is uncertainty as to whether the Census Bureau will be ready for the 2018 end-to-end test, set to begin in August 2017. GAO has ongoing work for this committee that is evaluating the significant challenges the Bureau faces in developing, testing, integrating, and securing systems prior to the 2018 test. For example, of the 50 systems to be included in the end-to-end test, half of them are to be delivered after the start of the test or lack a firm delivery date (see figure). In addition, key dates for the integration of the systems have not yet been defined. Given the short window of time before the test is to begin, it is important that the Bureau continue to focus its attention on implementing and securing the data collection systems that are to collect and store the personal information of millions of American people.

Figure: Status of Systems to be used for the 2018 End-to-End Test

Why GAO Did This Study

The U.S. Census Bureau (a component of the Department of Commerce) plans to significantly change the methods and technology it uses to count the population with the 2020 Decennial Census, such as by offering an option for households to respond to the survey via the Internet. The Bureau's redesign of the Census program relies on the acquisition and development of many new and modified systems. Several of the key systems are to be provided by an enterprise-wide initiative called CEDCAP.

This statement summarizes the report GAO issued in August 2016 on the challenges the Bureau faces in managing the interdependencies between the 2020 Census and CEDCAP programs, as well as challenges it faces in ensuring the security and integrity of Bureau systems and data. GAO also updated key information based on its ongoing work for this committee by, among other things, reviewing the updated 2020 Operational Plan and systems lists provided by the Bureau, and by interviewing agency officials.