ISA-2014-4660

This audit was initiated to inform the General Assembly about the return on investment of major information technology projects compared to their expected monetary benefits. This audit also analyzed whether State agencies follow a common standard or industry recognized framework to manage their IT resources. This audit covered nine major IT projects at five State agencies with expected benefits of $1.2 billion. Our audit revealed State agencies do not track the achieved benefits of major IT projects and cannot determine if the State achieved $1.2 billion in expected benefits. Furthermore, State agencies do not follow a common standard or industry recognized business framework to manage the State's IT enterprise, which increases the risk of inconsistent management across government. Our audit also found three matters for further consideration. First, the State has a gap in internal controls over any IT systems that do not relate to financial reporting. Second, the State Board of Elections paid a vendor nearly $1 million to replace the State's Campaign Finance System and received nothing in return. Third, the State Chief Information Officer did not submit to the General Assembly a Biennial State IT Plan for 2013-2015 as mandated by state law. The State CIO and the five audited agencies generally agreed with our findings and recommendations. Details about each item are provided in the Findings and Recommendations section of the report.