Key Facts and Findings:
The legislatively mandated consolidation of state government IT services remains a work in progress, and state agency satisfaction with MNIT is mixed.Key Recommendations:
Information technology (IT) includes computer hardware and software, plus related support services. For more than two decades, Minnesota state government has moved toward more consolidated IT services. In 2011, the Legislature mandated the consolidation of IT employees, finances, and services under one agency.
The agency that administers state government executive branch IT services is the Office of Minnesota IT Services, or MNIT. MNIT has more than 2,000 employees, oversees many contractors, and spent about $600 million in Fiscal Year 2018.
MNIT has more than 2,000 employees and spent about $600 million in Fiscal Year 2018.
MNIT provides services that are common to all agencies (“enterprise services”) and unique to individual agencies (“agency-specific services”). About three-fourths of MNIT’s employees are based in state agencies, providing agency-specific services; the rest work for MNIT’s central office. In Fiscal Year 2018, 99 percent of MNIT’s revenues came from state agencies—through charges or transfers to pay for services to those agencies.
Some parts of the legislatively mandated consolidation have been completed, while others have not.
Prior to the 2011 consolidation legislation, most state government IT employees worked for individual state agencies. Since that time, nearly all of these staff have become MNIT employees—paid and supervised by MNIT, and with standardized job classifications.
Following the consolidation, MNIT began a gradual transfer of responsibility for IT payroll and non-payroll expenses from agencies to MNIT. This has been completed in most agencies. However, the Department of Human Services’ (DHS) non-payroll IT spending—which accounts for about 19 percent of total state IT spending—has not been transferred and is still under DHS’s authority.
MNIT administers various enterprise services for all agencies, such as e-mail and network services. Agencies pay MNIT-determined rates for those services. However, some agencies still use certain IT services (such as data storage) provided by agency-based MNIT offices, rather than MNIT’s centralized enterprise services.
The consolidation has resulted in some positive outcomes—for example, better positioning state government to combat cybersecurity risks and make bulk purchases of IT equipment or software. However, it is unclear whether the consolidation has improved the overall efficiency of state government IT spending. Also, state agencies expressed divided opinions about whether the consolidation has been, on balance, positive or negative.
There is some confusion about which agencies should be subject to the IT consolidation.
When the 2011 Legislature mandated the IT consolidation, it identified in statute some state agencies—such as the state retirement systems—that were not subject to consolidation. However, because the law did not specifically identify which state entities would be subject to consolidation, MNIT subsequently adopted a policy to clarify this. MNIT’s policy exempted additional agencies from consolidation, such as constitutional offices, the Minnesota Housing Finance Agency, and the Metropolitan Council. We recommend that the Legislature clarify in law which agencies should be subject to MNIT’s authority.
State agencies have mixed opinions about MNIT’s services.
In our survey of top agency officials, 64 percent of agencies expressed satisfaction with the quality of MNIT’s enterprise services and 83 percent expressed satisfaction with the technical quality of software application services provided by MNIT or its contractors. Nearly 90 percent of agencies were satisfied with MNIT’s efforts to protect state information from security threats.
However, there were areas in which state agencies expressed considerable concern. For example, about half of agencies expressed dissatisfaction with the timeliness of MNIT’s customer support for enterprise services. Also, many agencies are frustrated by what they perceive to be inaccurate IT invoices and time-consuming, redundant IT procurement processes.
A majority of agencies expressed dissatisfaction with the cost of MNIT’s enterprise services. However, many agencies also told us they did not understand their IT invoices or the basis for MNIT’s service rates. Studies by a private firm have shown that most of MNIT’s enterprise service rates compare favorably with those of other states or private organizations.
MNIT should take additional steps to help ensure that software development projects succeed.
MNIT has established some advisory bodies—such as a Financial Steering Team—that include representatives of state agencies. But agencies expressed mixed views about the adequacy of their opportunities to provide feedback to MNIT on its performance, and about MNIT’s willingness to consider this input.
In general, smaller agencies that are not part of the governor’s cabinet expressed greater dissatisfaction with MNIT than cabinet agencies. We recommend that MNIT ensure that all agencies have adequate opportunities to provide it with input about services or plans.
MNIT has not provided adequate oversight of state agency software development.
Studies have shown that software development projects in public and private organizations often do not succeed. An example in Minnesota state government was the unsatisfying release in 2017 of the system for processing vehicle license plates, registrations, and titles (MNLARS).
Various MNIT leaders—past and present—told us that MNIT’s oversight of software projects has not been as rigorous or well developed as necessary. Project oversight has been inconsistent, occurring largely through agency-based MNIT offices. MNIT took some steps in 2018 to help MNIT leaders give attention to potentially risky projects.
MNIT has not fully complied with laws regarding project oversight. State law requires the MNIT commissioner to approve projects before they are undertaken, but such sign-offs have not occurred. MNIT has not developed standards for the architecture of state IT systems, nor for the independent audits required for large IT projects. In addition, MNIT has not always evaluated the performance of its professional/technical contractors, contrary to state requirements.
Also, the division of responsibilities between MNIT and state agencies is unclear for various IT services, including software development tasks. For example, there should be a clearer assignment of responsibility for decisions about whether to build or buy software, what testing (and how much testing) of the software to undertake, and how to determine whether the software is ready for release.
MNIT has not provided budget-related information to state agencies in a timely manner.
When state agencies prepare their biennial budget proposals, one component is the cost of enterprise IT services. MNIT did not submit its final proposal for its most recent enterprise service rates (for the Fiscal Year 2020-2021 biennium) to the Department of Management and Budget (MMB) for approval until October 31, 2018. However, individual state agencies were required by law to submit their agency budgets to MMB by October 15, 2018.
MNIT has tried to provide agencies with more timely information about enterprise rates, but agencies expressed frustration about preparing budget proposals without fully understanding these rates. We recommend that MNIT try further to provide rate information earlier in the budget process.
Also, about half of state agencies told us they do not know who (MNIT or the agency) is responsible for determining their agency’s overall IT budget. MNIT has not developed formal policies related to IT budgeting, and the budgeting practices vary among agencies. There is a need for a clearer division of responsibilities.
Due to overly broad statutes and inadequate performance measures, it has been difficult to hold MNIT accountable for results.
MNIT should provide better information on its own performance to state agencies and the Legislature.
When the 2011 Legislature mandated state IT consolidation, it did not adopt explicit goals for the consolidation. In fact, most of the statutes that today govern MNIT remain from the pre-consolidation era. Some of these statutes are outdated, or they outline a scope of responsibilities that is overly broad. We recommend that the Legislature—with MNIT’s input—revise MNIT’s enabling statute.
MNIT also should improve the way it tracks its own performance. The performance information MNIT has provided to the Legislature in its biennial budgets has been inconsistent and, in some cases, not outcome-based. MNIT’s “service-level agreements” with individual agencies have identified measures for holding MNIT accountable, but MNIT has made limited information on these measures available to agencies.
The Legislature should improve its IT oversight and consider the merits of changes to MNIT’s scope and structure.
To improve legislative oversight of state IT investment, the House and Senate should consider establishing IT committees (or a joint IT committee). This could help the Legislature set broad priorities for IT spending, rather than relying solely on the decisions of more narrowly focused budget committees. Also, this would provide a venue for discussion of cybersecurity risks and other IT policy matters.
Some legislators have proposed major structural changes—for example, to move the consolidated functions of MNIT to a different agency, or to return responsibility for some consolidated functions back to individual agencies. Such options deserve consideration and we discuss their merits, but we offer no recommendations.
In our view, the Legislature undertook IT consolidation with the best intentions. Yet it is difficult to judge the success of the consolidation at this time—due to the absence of clear goals, the continuing implementation of the consolidation, and MNIT’s limited performance information. Furthermore, until MNIT more fully wins the confidence of its primary customers—state agencies—it will be hard to declare IT consolidation a success.
Summary of Agency Response
In a letter dated February 22, 2019, Acting Commissioner of MNIT and State Chief Information Officer William Poirier said, “We agree with the OLA’s recommendations,” and the report “revealed key areas in which we believe action is required to enable MNIT and the executive branch to work better, smarter, and more cost-effectively.” He said the state should explore alternative funding strategies for MNIT. In addition, he said the MNIT commissioner should “provide policy, governance, and a collaborative structure statewide” to help address challenges that will face state government in coming years as it modernizes its information technology.
The Program Evaluation Division was directed to conduct this study by the Legislative Audit Commission in March 2018. For a copy of the full report, entitled “Office of Minnesota Information Technology Services (MNIT),” 134 pp., published in February 2019, please call 651/296-4708, e-mail Legislative.Auditor@state.mn.us, write to Office of the Legislative Auditor, Room 140, 658 Cedar St., St. Paul, MN 55155, or go to the web page featuring the report. Staff who worked on this project were Joel Alter (project manager), Caitlin Badger, and Caitlin Zanoni.