An audit of Minnesota’s technology office released Wednesday reveals that while its ongoing information-technology consolidation has improved bulk procurement and cybersecurity, the agencies it services are sometimes left confused, unsatisfied with the support they receive and unclear how they’re being billed.
The report from the Minnesota legislative auditor’s office shows that Minnesota IT Services has improved many of the state’s technology functions but has also fallen short on project management, evidenced by the troubled Minnesota Licensing and Registration System, a platform for issuing driver’s licenses and vehicle registrations that has cost the state more than $100 million.
The auditor offers a series of recommendations, including working with the legislature to clarify the division of responsibilities between MNIT and its customer agencies, improving oversight of software development projects, and providing customer agencies with information on services earlier in the budgeting process.
Bill Poirier, the state’s acting chief information officer, writes in a letter to the auditor’s office that while he agrees with its recommendations, the effort to consolidate the state’s IT — which has been underway for more than two decades — did not receive financial support when the effort was mandated by the legislature in 2011.
“Because no upfront investment was made to support that centralization effort, centralization work has been done incrementally,” Poirier writes. “The lack of investment funding forced MNIT to build the IT enterprise service functions on the backs of our customers funding and goodwill.”
A survey of top agency officials reveals that satisfaction with MNIT, which employs about 2,000 workers and spent roughly $600 million last year, is mixed. Sixty-four percent said they were satisfied by MNIT’s enterprise services, while 83 percent said the same about the technical quality of software services provided by MNIT and its contractors. A greater proportion of agencies tended to be dissatisfied when it came to MNIT’s response time in dealing with customer service issues.
The report finds that MNIT’s difficulty including all agencies — particularly smaller ones — in project planning is exacerbated by its legislative mandate’s failure to delineate which agencies are supposed to be involved in the consolidation. MNIT subsequently formulated a policy clarifying which agencies would be included and which would be exempted, but this policy has not been made law. Among the report’s conclusions is that MNIT’s enabling statutes are outdated or overly broad in many places, resulting in the legislature’s “fragmented” oversight of the state’s IT investments.
The report levels several other charges against MNIT, such a failure to provide “sufficiently timely” information to agencies developing their budgets, insufficient oversight of software development projects — sometimes in violation of legal requirements — and failure to provide the legislature and agencies with sufficient performance updates. The report also shows that many agencies said they didn’t understand their invoices from MNIT, but an analysis of Minnesota’s enterprise service rates themselves fared favorably when compared with national averages.
Poirier admits in his letter that billing and rate-setting are the “two single biggest irritants” to customers as part of the state’s consolidated IT structure, as they suck up time, money and energy.
“Commodity-type enterprise IT services are a basic business need, just like the buildings we work in and the electricity we consume,” Poirier writes. “Our current funding construct requires every agency, commission, board and council to separately fight for this basic business need alongside the mission-driven investments that directly support and serve Minnesotans.” The CIO recommended the state explore “alternative funding strategies” that would enable optimal customer service from MNIT.
Poirier also suggests a “legislative venue” that would allow stakeholders to diagram the future of the state’s enterprise IT governance and give lawmakers a comprehensive view of IT spending and risk. He also emphasizes the importance of the state CIO’s and MNIT’s independence, which “enables us to ensure individual agency projects are interoperable with the state enterprise” and enforce cybersecurity standards.
With regard to the failure of MNLARS, Poirier writes MNIT’s project oversight capabilities have been “significantly underfunded.”
Some conservative lawmakers have called for dissolving MNIT in the wake of MNLARS’ botched launch, but Poirier says a stable structure is needed to guide the state’s IT modernization over the next 10 to 20 years.
“Now is the time when strong leadership is required from the State Chief Information Officer to provide policy, governance, and a collaborative structure statewide as we tackle these big challenges in the future,” he writes.