Category	Description
Input	· Ability to minimize the amount of manual data entry during forms processing and database compilation.
Processing	· Ability to allow for the automation of processing tasks (i.e., reporting non-responses and image destruction).
Output	· Ability to provide flexible printing capabilities.
Query	· Ability to provide for flexible record query and reporting capabilities for both public and administrative use.
Storage	· Ability to store images in commonly used and available media.
Technology	· Ability to allow for document imaging, electronic filing and/or signature capabilities via the Internet, as well as provide a network centric platform (client-server) that can be maintained within the confines of the Clerk.
Application Controls and Security	· Ability to authenticate users of the system, to protect data during electronic filing, to provide restricted access to data within the system, and provide for system availability on a timely and consistent basis.
Data Integrity Control	· Ability to provide integrity and control, as noted in the risk assessment.

Threat	Vulnerabilities	Recommended Safeguards
Acts of nature	· No business continuity plan (BCP) within the Clerk.	· Develop, test, and implement a BCP and document image backup procedures. · Use an off-site storage facility consistent with the practices of HIR, to store and maintain tape and/or image backups.
Acts of terrorism	· No BCP within the Clerk. · Weak physical access controls for Legislative Computer Systems (LCS) data center.	· Develop, test, and implement a BCP and document image backup procedures. · Use an off-site storage facility consistent with the practices of HIR, to store and maintain tape and/or image backups. · Strengthen physical access controls (e.g., implement card key, guest sign-in and double-door access).
Data center environmental compromise (facilities)	· No BCP within the Clerk.	· Develop, test, and implement a BCP and document image backup procedures. · Use an off-site storage facility consistent with the practices of HIR, to store and maintain tape and/or image backups.
Hardware failure	· No BCP within the Clerk.	· Develop, test, and implement a BCP and document image backup procedures. · Use an off-site storage facility consistent with the practices of HIR, to store and maintain tape and/or image backups.
Intentional acts by House staff	· Lack of application and system software change control. · Lack of integrated security administration. · No quality controls present.	· Grant access to users based upon job duties. · Provide for segregation of duties through workflow functionality. · Improve application change control procedures using change control tools. · Appoint a security officer to monitor and manage security.
Fraudulent filings	· No validation procedures in effect.	· No improvements recommended. Inherent safeguard is present. The filer who has been impersonated would likely detect fraud.
Misrepresentation of identity of public users	· No manual or automated authentication of application users.	· Implement manual or automated authentication procedures that are consistent with the spirit of the EIGA and LDA laws. Example includes increased staff intervention with users that reduce the chance of misrepresentation of the identity of public users.
Human error by staff	· Lack of application and system software change controls. · No segregation of incompatible duties. · Application edits and validations need improvement. · The FD and LDA applications do not have strong query capabilities.	· Grant access to users based upon job duties. · Provide for segregation of duties through workflow functionality. · Improve application change control procedures using change control tools. · Reduce redundant data entry. · Provide for strong application edits and validations. · Implement stronger and more precise query capabilities.
Logical/physical penetration to data center by unauthorized public users	· Lack of integrated security administration; weak physical access security to data center.	· Appoint a security officer to monitor and manage security.

Feasibility Study

The purpose of the feasibility study was to identify viable alternatives to the existing system. The feasibility study was intended to provide management with adequate information to make decisions to analyze and evaluate alternative systems to satisfy mission needs.

The results of the feasibility study indicated that four specific alternatives would serve as implementation scenarios for further evaluation. The rationale used to group the viable alternatives was to provide the Clerk with a range of viable alternatives to consider,

and analysis of viable technologies. The four alternatives selected for further evaluation in Exhibit 4, Feasibility Study include the following:

Alternative 1: Imaging/Workflow System. Implement a new, client-server based imaging system that includes advanced forms processing functionality with optical character recognition (OCR)/intelligent character recognition (ICR), and workflow capabilities[2]. This alternative meets most of the evaluation criteria, with the exception of electronic filing. This alternative could be implemented so that it is scalable for future implementation of electronic filing. Primary implementation issues include increased responsibility for the Clerk to manage and maintain a new system, and changes to business processes as a result of the implementation of OCR/ICR and workflow technologies.

Alternative 2: Imaging/Workflow System and Electronic Filing with Basic Encryption. Implement a new imaging/workflow system, and add functionality that would allow browser-based submission of FD and LDA forms via the Internet. The system would incorporate Secure Socket Layer (SSL) and Challenge Response security/authentication measures. This alternative meets the evaluation criteria. Primary implementation issues include: (1) increased responsibility for the Clerk to manage and maintain a new system; (2) changes to business process as a result of the implementation of OCR/ICR and workflow technologies; and (3) the use of electronic filing without the ability to guarantee non-repudiation[3].

Alternative 3: Imaging/Workflow System and Electronic Filing with an Outsourced[4] Public Key Infrastructure. Implement a new imaging system, with added functionality that allows for browser based submission of LDA and FD forms via the Internet. The system would incorporate the use of Public Key Infrastructure (PKI)[5] administered by an outsourcing provider. This alternative meets the evaluation criteria and provides additional assurances for non-repudiation. Primary implementation issues include: (1) limited management control over the issuance of digital certificates; (2) changes to business processes as a result of the implementation of OCR/ICR and workflow technologies; and (3) the appropriateness of implementing a PKI infrastructure specifically for the FD and LDA applications while a need for a House-wide PKI infrastructure may exist in the future.

Alternative 4: Imaging/Workflow System and Electronic Filing with an In-house Public Key Infrastructure. Implement a new imaging system, with added functionality that allows for browser based submission of FD and LDA forms via the Internet. The system would incorporate the use of PKI administered by the Clerk. This alternative meets the evaluation criteria and provides additional assurances for non-repudiation. Primary implementation issues include: (1) increased responsibility for the Clerk to manage and maintain a new system/technology; (2) changes to business process as a result of the implementation of OCR/ICR and workflow technologies; and (3) the appropriateness of implementing a PKI infrastructure specifically for the FD and LDA applications while a need for a House-wide PKI infrastructure may exist in the future.

The detailed methodology and results of this task can be found in Exhibit 4, Feasibility Study.

Cost-Benefit Analysis

The purpose of the cost-benefit analysis was to analyze the viable system alternatives detailed in the feasibility study and examine the costs and benefits for implementing each alternative. The cost-benefit analysis included: (1) a cost analysis of the existing system and each alternative; (2) a cost sensitivity analysis to analyze the impact of changes in assumptions on the cost differences of the alternatives; and (3) an analysis of qualitative (or non-quantitative) factors.

Cost Analysis

Figure 3: Existing System and Alternative Cost Analysis on the following page presents a summary of the non-recurring and recurring cost estimates for the existing system and the four viable system alternatives. The figure presents five-year total cost estimates discounted using a present value calculation to provide overall five-year lifecycle cost estimates of the existing system and each alternative.

As described in Exhibit 4, Feasibility Study, the alternatives build upon each other in terms of functionality and cost. For example, the estimated costs and functionality of the Imaging/Workflow alternative are included in all four alternatives. Additionally, the estimated costs and functionality for electronic filing in the Imaging/Workflow with Electronic Filing with Basic Encryption alternative are included in all remaining alternatives. The alternatives with PKI functionality differ only in terms of the estimated costs of outsourcing the PKI function versus maintaining the function in-house (by the Clerk).

Figure 3: Existing System and Alternative Cost Analysis. Figure 3: Existing System[6] and Alternative Cost Analysis

The results of the cost analysis indicate that the estimated costs to implement each of the alternative systems are more expensive than maintaining the existing system over the next five year period. However, the alternatives do provide additional functionality over the existing system and better meet the criteria defined in this evaluation, as presented in Exhibit 4, Feasibility Study.

The total estimated costs for Alternative 1: Imaging/Workflow System are slightly higher than the existing system over the five-year period, primarily because of the non-recurring implementation costs. The recurring costs of the Imaging/Workflow System are less than the existing system recurring costs. For this alternative, we estimated that benefits would be achieved through lower recurring hardware and software maintenance costs.

The estimated costs for Alternative 2: Imaging/Workflow System with Electronic Filing with Basic Encryption are higher than the existing system, primarily because of the non-recurring implementation costs and the slightly higher recurring costs. For this alternative, we estimated that benefits would be achieved through lower labor costs (in terms of salaries and fringe benefits) for forms processing. However, we estimated that additional labor costs would be incurred for computer support due to the additional electronic filing functionality.

The estimated costs for both Alternative 3: Imaging/Workflow System with Electronic Filing and an Outsourced PKI and Alternative 4: Imaging/Workflow System with Electronic Filing and an In-House PKI are significantly higher than the existing system. Both alternatives require significant non-recurring implementation costs and the recurring costs are higher than the existing system. The cost estimates for the in-house PKI alternative are significantly higher than the outsourced PKI alternative due to the additional staff resources, and software license and maintenance costs required.

Cost Sensitivity Analysis

We conducted a sensitivity analysis on the estimated costs (non-recurring and recurring) for the four viable alternatives analyzed in this evaluation. The objective of the sensitivity analysis was to analyze changes to assumptions to determine the impact on the overall cost of the alternatives. We developed the following two scenarios:

Electronic Filing Efficiency Gains. With the introduction of electronic filing capabilities, efficiencies may be realized with regards to the processing of the FD and LDA submissions. These efficiencies would occur primarily because of a reduction in hard copy form submissions. The extent of the efficiencies would primarily depend on the number of filers that choose to file electronically. To analyze the potential impact of efficiencies from electronic filing on the cost of the alternatives, we decreased the personnel salaries and fringe benefits cost factor associated with forms processing (LRC) for the electronic filing alternatives. The LRC salaries and fringe benefits cost factor was reduced by a range of percentages based on the corresponding percentage of filers who submit FD and LDA forms electronically. For the purposes of this analysis, we assumed a straight-line decrease in LRC forms processing staff costs, proportional to the percentage of respondents who submit electronically. Figure 4: Cost Sensitivity Analysis - Range of Electronic Filing Efficiency Gains below depicts the impact of the range of electronic filing percentages on the LRC forms processing staff costs of $2,078,000 if electronic filing was not an alternative.

Percent of Electronic Filers	100%	75%	50%	25%	0%
Estimated Reduction in LRC Personnel Costs	50%	37.5%	25%	12.5%	0%
Total LRC Personnel Costs	$1,039,000	$1,319,530	$1,558,500	$1,818,250	$2,078,000
(Cost Savings) Based on Electronic Filing	$1,039,000	$758,470	$519,500	$259,750	$0

Figure 4: Cost Sensitivity Analysis - Range of Electronic Filing Efficiency Gains

· Increased Transition Costs. We gathered costs information from vendors based on the high-level business needs associated with the four viable alternatives noted in this evaluation. However, these costs may differ from actual implementation costs due to the specific vendor chosen and the detailed requirements of the alternative. Therefore, we developed a scenario to examine the impacts of significantly higher implementation costs on each alternative. We increased the total transition costs associated with the four alternatives by 50 percent to represent a scenario in which the up-front costs to implement the alternatives are significantly more expensive. Figure 5: Cost Sensitivity Analysis - Transition Cost Increases details the impact of the cost increases on the alternatives.

Total Non-Recurring Cost Factor	Existing System	Alternative 1 Imaging/ Workflow System	Alternative 2 Imaging/ Workflow System w/ Electronic Filing with Basic Encryption	Alternative 3 Imaging/ Workflow System w/ Electronic Filing with Outsourced PKI	Alternative 4 Imaging/ Workflow System w/ Electronic Filing with In-house PKI
Baseline Study Results*	$0	$388,000	$582,000	$725,000	$1,549,000
Transition Cost Increase Scenario	$0	$582,000	$873,000	$1,087,500	$2,323,500
*Difference*	$0	$194,000	$291,000	$362,000	$774,500

Figure 5: Cost Sensitivity Analysis - Transition Cost Increases

* From Figure 3: Existing System and Alternative Cost Analysis

Qualitative Factor Analysis

In addition to the cost analysis and sensitivity analysis, we performed an assessment of qualitative, or non-quantifiable, factors for the system alternatives. The qualitative analysis was intended to provide additional evaluation criteria to analyze the alternatives. The qualitative factors analyzed were: (1) stakeholder needs and constraints, (2) management control, (3) security risk, (4) commercial acceptance, (5) organizational impact, and (6) filing community impact. The primary results of the qualitative analysis are:

· Stakeholder Needs and Constraints. The Imaging/Workflow alternative achieves all of the identified stakeholder needs and constraints, with the exception of electronic filing. The remaining three alternatives satisfy all user needs and constraints.

· Management Control. The outsourcing of PKI would result in the Clerk relinquishing some control over the issuance of digital certificate to respondents. However, the in-house PKI alternative keeps management control over the issuance of certificates within the ultimate control of the Clerk.

· Security Risk. The use of electronic filing introduces new needs to protect the confidentiality, integrity, availability, and authentication of the data for filers.

· Commercial Acceptance. The use of electronic filing and PKI technology has limited commercial acceptance because the technology is still relatively immature.

· Organizational Impact. All of the alternatives would require significant changes to the Clerk’s business processes with regard to the processing of FD and LDA forms.

· Filer Community Impact. The use of electronic filing would allow filers to avoid the completion of hard copy forms. However, the use of PKI would require additional steps on the part of filers to apply and use certificates and keys.

The detailed methodology and results of this task can be found in Exhibit 5, Cost-Benefit Analysis.

III. RECOMMENDED ACTIONS

The results of this study indicate that each of the alternatives examined in the evaluation are functionally and technically viable and justify the Clerk initiating a project to replace the existing systems. Because each alternative is viable and the cost differentiation across the alternatives are minor in comparison to improved efficiencies and services to stakeholders, a recommendation to implement a specific alternative is not provided. However, recommended steps for utilizing the results of the evaluation are provided. The recommended steps are categorized as:

· Immediate. Recommended actions that should be implemented or commenced as soon as possible, prior to initiating actions to replace the existing system.

· System Planning, Development, and Implementation. Recommended actions that should be taken or considered during the system planning, development, and implementation process.

The following discussion presents the specific recommendations for each of the above categories:

Immediate

The following recommendations should be implemented immediately.

· Implement Recommended Safeguards. As indicated in Exhibit 3, Risk Assessment, there are potential threats to the FD and LDA applications that could be resolved with the implementation of security safeguards. The Clerk should examine the recommended safeguards presented in the risk assessment to identify ones that can be implemented immediately to mitigate potential threats to the data and related assets of the FD and LDA applications.

· Organize a FD/LDA Project Team. The success of implementing a new system would greatly depend on the individuals identified and dedicated to this project. A project manager should be assigned who would be directly responsible and accountable for the success of the project.

· Develop a Work Plan. The success of managing and executing large-scale projects greatly relies on a sound work plan. To assist the project manager in managing and executing the migration of the mainframe applications, we suggest that a comprehensive work plan be developed. The work plan should serve as a master plan that allows the project manager to monitor progress and facilitate the reporting to the Clerk and Committee on House Administration (CHA). The work plan should identify planning, implementation, and post-implementation tasks, including the phases of the SDLC policy. The time frames for the completion of the tasks should be based on the level of effort required to complete the tasks and the available resources.

· Establish a Project Budget. In order to ensure the system solution and implementation resources can be procured in a timely manner, the Clerk’s Office should develop a project budget. The cost estimates in this evaluation can be used as a basis for budget planning for assessing the potential costs of the implementation of the system solution. However, the Clerk should be prepared to include additional costs once the system application and components have been chosen subsequent to developing the detailed requirements for the system. In addition, the Clerk may need to factor additional costs due any requirements for contractor support in implementing the solution in the event Clerk resources are not available to support the project.

System Planning, Development, and Implementation

The following recommendations should be considered during planning, development, and implementation of the replacement system for the FD and LDA applications:

· Conduct a Business Process Analysis to Determine Benefits of OCR/ICR Technologies. Although the use of OCR/ICR technologies is feasible, the Clerk should analyze the specific uses of the technologies, and the impact on the business processes. It is critical to determine how these technologies would be specifically used prior to investment.

· Assess Legal Implications and Acceptability of Electronic Filing. The legal issues surrounding the use of electronic filing of FD and LDA submissions involve non-repudiation and the acceptability of digital information in a court of law. Research should be undertaken to derive conclusions of the appropriateness of using electronic filing prior to investment in this technology.

· Determine Use and Acceptance of Electronic Filing by FD and LDA Filers. The use and acceptance of electronic filing by FD and LDA filers is currently unclear. In Canada, approximately 90 percent of lobbyists submit information electronically. However, the Canadian Government assesses significant user fees to lobbyists who submit paper forms. Although Internet technologies have gained wide acceptance within the U.S., it is unclear to what extent FD and LDA filers would file using electronic methods. The Clerk should, at a minimum, survey FD and LDA filers to gauge acceptance and usage prior to investing in electronic filing technologies.

· Determine House-Wide Requirements for Public Key Infrastructure. This evaluation includes an alternative for implementing PKI within the Clerk specifically for the FD and LDA applications. However, the House should consider its requirements for PKI for other uses within the House prior to implementing this technology solely within the Clerk. The PKI model presented in this evaluation could be used House-wide, with appropriate changes. For example, if a House-wide PKI is implemented, the Clerk may not be the appropriate office to manage the public and private key distribution. However, the implementation of a system solution that utilizes electronic filing with PKI could serve as a pilot for a House-wide assessment of the use of such technologies in other areas of the House.

· Make Decisions Regarding Implementation of Alternatives. Although the alternatives presented in this evaluation could be implemented in phases, the Clerk should make decisions regarding which alternatives to implement prior to beginning systems development.

· Use the House’s Systems Development Lifecycle Methodology. The Clerk should follow the House’s SDLC policy during systems planning, development, and implementation. This step is critical to ensuring a successful implementation.

Management Response

On March 1, 1999, the Clerk agreed that the Legislative Systems Evaluation establishes reasonable parameters for determining information technology solutions for the high-level business needs associated with the FD and LDA applications (see Appendix). The Clerk agreed that the current application systems should be replaced as recommended and stated that the Office of the Clerk would follow the House SDLC Methodology. The response also included comments regarding: (1) implementing the recommended safeguards to mitigate the potential threats to FD and LDA applications, (2) the development of a FD/LDA project team, (3) the need to review the legal implications and acceptability of electronic filing, and (4) the need to select the most cost-effective and practical alternative at the earliest possible time.

Office of Inspector General Comments

The Clerk’s commitment to follow the SDLC policies adopted by the House is responsive to the issues discussed in this evaluation. Following the SDLC policy will minimize the developmental risk and provide the basis for an efficient and effective replacement for the FD and LDA applications. Furthermore, the Clerk’s planned and completed actions, which address the potential threats identified during the risk assessment of the current FD and LDA operating environments will also mitigate the risks identified in this report.

Application Overviews

This exhibit presents an overview of the Financial Disclosure (FD) and Lobby Disclosure Act (LDA) applications. The overview provides a brief description of the application’s background and functionality. Specifically, the overview includes:

· A description of the legislation that the applications support.

· A description of the applications which identify the developer, the U.S. House of Representatives (House) office responsible for operating and maintaining the application, and the primary users of the applications.

· A description of the functionality of the applications which presents information on inputs, processes, and outputs.

· A table listing details for each application including the:

- Application metrics.

- Users/Customers.

- Key inputs.

- Key interfaces.

- Key outputs.

In compiling the application overviews, a two step approach was followed to collect information. The two steps involved include:

· Interviewing House staff to collect information on the applications.

· Reviewing House documentation.

1.1. Financial Disclosure (FD)

Title I of the Ethics in Government Act requires candidates for the House to file a personal financial disclosure statement with the Office of the Clerk (Clerk). In accordance with the Act, a House candidate that has raised or spent more than $5,000 for his or her campaign is required to file a financial disclosure statement. In general, the statement must be filed within 30 days after the individual raises or spends the $5,000, or on or before May 15 of the calendar year, in which he or she raises or spends $5,000, whichever is later. There are various other individuals who must also file financial disclosure statements with the Clerk. House employees who, for at least sixty days, occupy a position for which the basic pay is equal to or greater than 120 percent of the minimum rate of basic pay for the GS-15 salary grade and covered employees of the Architect of the Capitol, U.S. Botanic Gardens, Congressional Budget Office, Government Printing Office, and Library of Congress are also required to file.

The Clerk manages the flow of FD submissions, using the FD application to manage the documents and relevant filer correspondence. The application consists of two components ¾ FileNet, a commercially available software application operated and maintained by the Clerk, and a mainframe-based application developed, operated, and maintained by the House Information Resource (HIR) office. The FileNet software is used to scan hard-copy reports, accept querying criteria for viewing by the general public, and display the report images. The mainframe-based application is used to generate queries and record dates for image indexing and processing. The primary user of the application is the Clerk’s Legislative Resource Center (LRC).

Figure 1.1: FD Application Overview below presents an overview of the inputs, business processes, and outputs associated with the FD application. This figure depicts the flow of information from the input of data on the left, to application processing in the center, to outputs on the far right. A brief description of the inputs, processes, and outputs are presented following the figure.

Figure 1.1: FD Application Overview

Input

The inputs to the FD application include the following:

· Financial Disclosure Form (Form A and Form B). Form A, used for submissions by Members of the House and House Officers, and Form B, submitted by House staff and potential candidates for the House, are mailed or delivered in person to the LRC by filers and subsequently scanned into the FD application. Forms A and B are mailed to filers upon request or are available to filers in downloadable format on the Clerk’s website.

· Candidacy Data. The Federal Election Commission (FEC) reports to the Clerk, a list of all candidates who have reached the $5,000 income and spending threshold. This information is manually keyed into the FD application from the hardcopy reports received from the FEC. The entry of this information into the FD application facilitates the tracking of all individuals subject to filings under the Ethics in Government Act.

· Payroll Data. The House Office of Human Resources (OHR) reports to the Clerk, a list of all House employees who met or exceeded the specified salary requirements as noted by the Ethics in Government Act. This information is manually keyed into the FD application from the hardcopy reports received from the OHR. The entry of this information into the FD application facilitates the tracking and compliance of all individuals subject to the Ethics in Government Act.

· Correspondence. Various letters of correspondence are received by the LRC from filers. The correspondence is scanned into the FD application.

· Filer Account Updates. Filer account updates (e.g., change of address or name) are received from filers. The updates are manually entered into FD to update master records requested by filers.

Process

Listed below are the processes of the FD application.

· Scanning. Incoming FD forms and miscellaneous filer correspondence is scanned by the Clerk’s FileNet application. Once the document is scanned, FileNet displays the document to the operator for quality control inspection. If the document is scanned properly, the document image is committed to permanent storage.

· Indexing. The operator who reads the information from the scanned image manually inputs information from the FD forms into the mainframe database index. Specific index information entered into FileNet during the scanning phase is automatically passed to the mainframe database.

· Compliance Processing. Compliance processing is not automated in the FD application. The LRC’s role in compliance processing is to determine the response/non-response status of those required to file FD submissions. This is done by querying the FD application database on-line to review FEC and OHR data to determine filing compliance. All other compliance processing with regards to the information contained in the FD submissions is performed by the Committee on Standards of Official Conduct.

· Master Data Maintenance. Master data maintenance involves the management of all data associated with the FD application. Data includes FD form images, form index information and information provided from external sources (i.e., FEC and OHR).

· On-line Public Query. The general public and other application stakeholders may query FD documents and associated information on-line in the LRC public area. A number of workstations with large screen monitors and printing capability are available during LRC business hours for public on-line querying.

Output

The outputs of the FD application include the following:

· Committee on Standards of Official Conduct Reports. Various ad-hoc reports are generated for use by the Committee on Standards of Official Conduct when reviewing FD submissions.

· Compliance Reports. Response/non-response reports are generated using the data contained in the FD database. The reports assist LRC administrators in their efforts in identifying those filers not meeting the requirements of the Act.

· Audit Log Reports. Audit log reports are generated that detail relevant FD system usage.

· Letters and other correspondence. Form letters are generated via a word processing mail merge file. They are subsequently mailed to those filers not in compliance.

Technical Information

Figure 1.2: FD Application Technical Information on the following page presents additional technical and application metric information for the FD application.

Application Metrics
Element	Description
Technology Platform	IBM CMOS mainframe; FileNet Imaging system maintained on (2)RS-6000s; and OSAR Optical Disk storage system
Processing Mode	On-line transaction processing
Number of Lines of Code	FileNet – 22 files comprised of 28,688 lines Mainframe – 225 modules comprised of 22,500 lines
Data Storage	Mainframe – Approximately 151 MB; OSAR – Approximately 15 GB in use (2.3 and 7 GB disks available)
Number of records in database	Approximately 53,000
Documents scanned per year	Approximately 3,000
Handwritten documents received (66.5% of total)	9%	Members of Congress
	23%	Congressional Candidates
	17%	Principal Assistants
	24%	House Employees
	27%	Library of Congress
Typewritten documents received (33.5% of total)	45%	Members of Congress
	15%	Congressional Candidates
	17%	Principal Assistants
	15%	House Employees
	8%	Library of Congress
Users/Customers
Element	Description
Number of Filers	2,990
Key application users	House Members, House Employees, Candidates, Library of Congress Employees, Botanical Gardens Employees, Government Printing Office Employees, Congressional Budget Office, Architect of the Capitol Employees, General Public, Public Interest Groups, Press Corp.
Key Inputs
Input	Source
FileNet Images	Financial Disclosure-Form A and Form B.
Document index data	Via manual key entry from information contained in the hardcopy document.
Key Interfaces
System	Description
FileNet	FileNet sends query criteria to the mainframe and the mainframe application sends back the query results.
Key Outputs
Output	Description
Letters	Letters sent to non-filers.

Figure 1.2: FD Application Technical Information

1.2. Lobby Disclosure Act (LDA)

The LDA of 1995 requires lobbying firms and organizations to register and file reports of their lobbying activities with the Secretary of the Senate and the Clerk of the House. A registrant must file a report semi-annually no later than 45 days after the end of the first day of January and the first day of July. Registrants call the LRC to request the LD-1 form if they are new registrants or the LD-2 form if they are submitting their semi-annual report. The forms are also available for download from the Clerk’s web site.

The Clerk is responsible for managing the flow of paperwork generated by LDA registrants for the House and enforcing registrant compliance with the Act. The Clerk uses the LDA application to manage the Lobby Act documents and track compliance. The application consists of two components: FileNet, a commercially available software application operated and maintained by the Clerk; and the mainframe-based application developed, operated, and maintained by HIR. FileNet software is used to scan hard-copy reports, accept querying criteria for viewing by the general public, and display the report images. The mainframe-based application is used to generate queries and record dates for image indexing and processing. The primary user of the application is the Clerk’s LRC.

Figure 1.3: Lobby Disclosure Act Application Overview on the following page presents an overview of the inputs, processes, and outputs associated with the LDA application. This figure depicts the flow of information from the input of data on the left, to application processing in the center, to outputs on the far right. A brief description of the inputs, processes, and outputs are presented following the figure.

Exhibit 1: Figure 1.3: Lobby Disclosure Act Application Overview.

Figure 1.3: Lobby Disclosure Act Application Overview

1.2.1 Input

The inputs to the LDA application include the following:

· Lobbying Registration and Report Forms (Form LD-1 and LD-2). Form LD-1 (for initial registration) and LD-2 (for semi-annual reporting) are sent to filers upon request or are available to filers in downloadable format on the Clerk’s website. Registrants send their completed forms to the Clerk via mail on a semi-annual basis. Form LD-1 and LD-2 are subsequently scanned into the LDA application.

· Correspondence. Various letters of correspondence are received by the LRC from registrants. The correspondence is scanned into the LDA application.

· Filer Account Updates. Filer account updates (e.g., change of address or name) are received from registrants. The updates are manually entered into the LDA application to update master records requested by registrants.

1.2.2 Process

Listed below are the processes of the Lobby Act application.

· Scanning. Incoming LDA forms and miscellaneous registrant correspondence are scanned into the Clerk’s FileNet application. Once the document is scanned, FileNet displays the document to the operator for quality control inspection. If the document is scanned properly, the document image is committed to permanent storage.

· Indexing. The operator who reads the information from the scanned image manually inputs information from the LDA forms into the mainframe database index. Specific index information entered into FileNet during the scanning phase is automatically passed to the mainframe database.

· Compliance Processing. Compliance processing is not automated in the LDA application. However, LRC administrators use the LDA query function to evaluate registrant information. If there are errors or omissions such as missing figures for lobbying expenses or erroneous lobbying topic codes, a letter is generated and mailed to the registrant.

· Master Data Maintenance. Master data maintenance involves the management of all data associated with the LDA application. Data includes LDA form images and form index information.

· On-line Public Query. The general public and other application stakeholders may query LDA documents and associated information on-line in the public area of the LRC. A number of workstations with large screen monitors and printing capability are available during LRC business hours for public on-line querying.

1.2.3 Output

The outputs to the LDA application include the following:

· Compliance Reports. Various compliance reports are generated using the data contained in the LDA database. The reports assist LRC administrators in their efforts in identifying those registrants not meeting the requirements of the Act.

· Audit Log Reports. Audit log reports are generated that detail relevant LDA system usage.

· Letters and other correspondence. Form letters are generated via a word processing mail merge file. They are subsequently mailed to those registrants not in compliance or filers who submitted forms with errors or omissions.

1.2.4 Technical Information

Figure 1.4: LDA Application Technical Information on the following page presents additional technical and application metric information for the LDA application.

Application Metrics
Element	Description
Technology Platform	IBM CMOS mainframe; FileNet Imaging system maintained on (2)RS-6000s; OSAR Optical Disk storage system
Processing Mode	On-line transaction processing
Number of Lines of Code	FileNet – 22 files comprised of 28,688 lines of code Mainframe – 300 modules comprised of 65,000 lines
Data Storage	Mainframe – Approximately 147.5 MB; OSAR – Approximately 82.5 GB in use (2.3 and 7 GB disks available)
Number of records in each database	Registrants – 24, 655 Lobby Table – 3,924 Employees – 52,458 Directory – 5,616	Clients – 68,284 Reports- 451,924 Letters – 75,015
Documents scanned per year	Approximately 35,000 pages
Percentage of handwritten documents received	12%
Percentage of typewritten documents received	88%
Users/Customers
Element	Description
Number of Filers	Active Registrants – 3,727; Active Clients – 11,616
Key application users	Lobbyists, LRC, General Public, Public Interest Groups, Press Corp.
Key Inputs
Input	Source
FileNet Images	Submitted registration documents and reports.
Document index data	Via manual key entry from information contained in the hardcopy document.
Key Interfaces
Interface	Description
FileNet/LDA link	Data is scraped after FileNet document scanning and loaded into the LDA database residing on the mainframe.
Key Outputs
Output	Description
Letters	Letters of errors or omissions sent to registrants.
Reports	List all lobbyists and their clients.

Figure 1.4: LDA Application Technical Information

Threat	Data and Assets Affected	Vulnerabilities	Risk Impact	Recommended Safeguards
Acts of nature	Data: · Form images · Index · FD Query Activity Log · User Account Information[11] Equipment: · LCS · LRC · HIR	No business continuity plan (BCP) within the Clerk. *Observations:* · There is no comprehensive HIR/LCS BCP plan for the FD and LDA applications that has been circulated to staff in LCS or LRC. The LCS is currently drafting a BCP document. Testing of the BCP plan however, has never been performed. Additionally, there are no backups made of the FileNet document images.	Disruption - Images and indices not available for period of time. The permanent destruction of the FileNet images is possible.	· Develop, test, and implement a BCP. · Develop, test, and implement document image backup procedures. · Use an off-site storage facility consistent with the practices of HIR, to store and maintain tape and/or image platter backups.
Acts of terrorism	Data: · Form images · Index · FD Query Activity Log · User Account Info. Equipment: · LCS · LRC · HIR	No BCP within the Clerk. *Observations:* · There is no comprehensive HIR/LCS BCP plan for the FD and LDA applications that has been circulated to staff in LCS or LRC. The LCS is currently drafting a BCP document. Testing of the BCP plan however, has never been performed. · Weak physical access controls for LCS data center.	Disruption - Images and indices not available for period of time. The permanent destruction of the FileNet images is possible.	· Develop, test, and implement a BCP. · Develop, test, and implement document image backup procedures.

Threat

Data and Assets Affected

Vulnerabilities

Risk Impact

Recommended Safeguards

Acts of nature

Data:

· Form images

· Index

· FD Query Activity Log

· User Account Information[11]

Equipment:

· LCS

· LRC

· HIR

No business continuity plan (BCP) within the Clerk.

Observations:

· There is no comprehensive HIR/LCS BCP plan for the FD and LDA applications that has been circulated to staff in LCS or LRC. The LCS is currently drafting a BCP document. Testing of the BCP plan however, has never been performed. Additionally, there are no backups made of the FileNet document images.

Disruption -

Images and indices not available for period of time. The permanent destruction of the FileNet images is possible.

· Develop, test, and implement a BCP.

· Develop, test, and implement document image backup procedures.

· Use an off-site storage facility consistent with the practices of HIR, to store and maintain tape and/or image platter backups.

Acts of terrorism

Data:

· Form images

· Index

· FD Query Activity Log

· User Account Info.

Equipment:

· LCS

· LRC

· HIR

No BCP within the Clerk.

Observations:

· Weak physical access controls for LCS data center.

Disruption -

Images and indices not available for period of time. The permanent destruction of the FileNet images is possible.

· Develop, test, and implement a BCP.

· Develop, test, and implement document image backup procedures.

Figure 3.1: Summary of Risk Assessment Results

Threat	Data and Assets Affected	Vulnerabilities	Risk Impact	Recommended Safeguards
Acts of terrorism (continued)				· Use an off-site storage facility consistent with the practices of HIR, to store and maintain tape and/or image platter backups. · Strengthen physical access controls (e.g., implement card key, guest sign-in and double-door access).
Data center compromise-facilities	Data: · Form images · Index · FD Query Activity Log · User Account Info. Equipment: · LCS · LRC · HIR	No BCP within the Clerk. *Observations:* · There is no comprehensive HIR/LCS BCP plan for the FD and LDA applications that has been circulated to staff in LCS or LRC. The LCS is currently drafting a BCP document. Testing of the BCP plan however, has never been performed.	Disruption - Images and indices not available for period of time.	· Develop, test, and implement a BCP. · Develop, test, and implement document image backup procedures. · Use an off-site storage facility consistent with the practices of HIR, to store and maintain tape and/or image platter backups.

Threat

Data and Assets Affected

Vulnerabilities

Risk Impact

Recommended Safeguards

Acts of terrorism (continued)

· Use an off-site storage facility consistent with the practices of HIR, to store and maintain tape and/or image platter backups.

· Strengthen physical access controls (e.g., implement card key, guest sign-in and double-door access).

Data center compromise-facilities

Data:

· Form images

· Index

· FD Query Activity Log

· User Account Info.

Equipment:

· LCS

· LRC

· HIR

No BCP within the Clerk.

Observations:

Disruption -

Images and indices not available for period of time.

· Develop, test, and implement a BCP.

· Develop, test, and implement document image backup procedures.

· Use an off-site storage facility consistent with the practices of HIR, to store and maintain tape and/or image platter backups.

Figure 3.1: Summary of Risk Assessment Results

Threat	Data and Assets Affected	Vulnerabilities	Risk Impact	Recommended Safeguards
Software/Hardware failure	Data: · Form images · Index	No BCP within the Clerk. *Observations:* · There is no comprehensive HIR/LCS BCP plan for the FD and LDA applications that has been circulated to staff in LCS or LRC. The LCS is currently drafting a BCP document. Testing of the BCP plan however, has never been performed.	Disruption - Images and indices not available for period of time.	· Develop, test, and implement a BCP. · Develop, test, and implement document image backup procedures. · Use an off-site storage facility consistent with the practices of HIR, to store and maintain tape and/or image platter backups.
Intentional acts by House staff	Data: · Form images · Index · FD Query Activity Log · User Account Info.	Lack of application and system software change control. *Observations:* · FileNet application administrators have direct access to the production environment. Changes to FileNet run-scripts or changes to source code are not formally documented or approved.	Modification- Unauthorized add, change, or delete of list data may have adverse ramifications that affect data integrity. Disruption – Staff my disable system if the BCP plan is not effective.	· Grant access to users based upon job duties, where applicable. · Provide for segregation of duties through workflow functionality.

Threat

Data and Assets Affected

Vulnerabilities

Risk Impact

Recommended Safeguards

Software/Hardware failure

Data:

· Form images

· Index

No BCP within the Clerk.

Observations:

Disruption -

Images and indices not available for period of time.

· Develop, test, and implement a BCP.

· Develop, test, and implement document image backup procedures.

· Use an off-site storage facility consistent with the practices of HIR, to store and maintain tape and/or image platter backups.

Intentional acts by House staff

Data:

· Form images

· Index

· FD Query Activity Log

· User Account Info.

Lack of application and system software change control.

Observations:

· FileNet application administrators have direct access to the production environment. Changes to FileNet run-scripts or changes to source code are not formally documented or approved.

Modification-

Unauthorized add, change, or delete of list data may have adverse ramifications that affect data integrity.

Disruption –

Staff my disable system if the BCP plan is not effective.

· Grant access to users based upon job duties, where applicable.

· Provide for segregation of duties through workflow functionality.

Figure 3.1: Summary of Risk Assessment Results

Threat	Data and Assets Affected	Vulnerabilities	Risk Impact	Recommended Safeguards
Intentional acts by House staff (continued)		Lack of integrated security administration. *Observations:* · A coordinated approach to application access security has not been implemented. Currently, HIR and LCS have overlapping security responsibilities. Also, there is no security officer to monitor and manage security. No quality controls present. Observations: · An individual who scans and indexes a document may also verify its correctness.	Impersonation – Staff may impersonate system administrator.	· Improve application change control procedures using change control tools. · Appoint a security officer to monitor and manage security.
Fraudulent filings	Data: · Form images · Index · FD Query Activity Log	No validation procedures in effect. *Observations:* · Hand written signature is the only validation performed for FD and LDA forms. Verification of the signature is only performed when a complaint is filed by the public or filer.	Impersonation – Incorrect or fraudulent information may embarrass the Clerk or original filer.	· No improvements recommended. Inherent safeguard is present. The filer who has been impersonated would likely detect fraud.
Misrepresentation of identity of public users	Data: · FD Query Activity Log	No manual or automated authentication of application users. *Observations:* · There are no manual procedures to check the identification of FD or LDA users. Neither application has the functionality to authenticate end users.	Impersonation – The identity of the user may be fraudulent.	· Implement manual or automated authentication procedures that are consistent with the spirit of the EIGA and LDA. Example includes increased staff intervention with users that reduce the users ability to falsify their identity.
Human error by staff	Data: · Form images · Index · FD Query Activity Log · User Account Info.	Lack of application and system software change control. Observations: · FileNet application administrators have direct access to the production environment. Changes to FileNet run-scripts or changes to source code are not formally documented or approved. No segregation of incompatible duties. *Observations:* · An individual who scans a document may also verify its correctness. Application edits and validations need improvement. Observations: · The FD application requires excessive manual data entry. · The application edits and validations need improvement to reduce inadvertent errors and to improve data integrity (e.g., pull down menus, strong error detection controls). . The FD and LDA applications do not have strong query capabilities. Observations: · The ability to detect data redundancy through precise database query functions is not present.	Modification – Unintentional changes to data are possible. Disruption – Denial of service possible by unintentional act.	· Grant access to users based upon job duties. · Provide for segregation of duties through workflow functionality. · Improve application change control procedures using change control tools. · Reduce redundant data entry. · Provide for strong application edits and validations. · Implement stronger and more precise query capabilities.

Threat

Data and Assets Affected

Vulnerabilities

Risk Impact

Recommended Safeguards

Intentional acts by House staff (continued)

Lack of integrated security administration.

Observations:

· A coordinated approach to application access security has not been implemented. Currently, HIR and LCS have overlapping security responsibilities. Also, there is no security officer to monitor and manage security.

No quality controls present. Observations:

· An individual who scans and indexes a document may also verify its correctness.

Impersonation –

Staff may impersonate system administrator.

· Improve application change control procedures using change control tools.

· Appoint a security officer to monitor and manage security.

Fraudulent filings

Data:

· Form images

· Index

· FD Query Activity Log

No validation procedures in effect.

Observations:

· Hand written signature is the only validation performed for FD and LDA forms. Verification of the signature is only performed when a complaint is filed by the public or filer.

Impersonation –

Incorrect or fraudulent information may embarrass the Clerk or original filer.

· No improvements recommended. Inherent safeguard is present. The filer who has been impersonated would likely detect fraud.

Misrepresentation of identity of public users

Data:

· FD Query Activity Log

No manual or automated authentication of application users.

Observations:

· There are no manual procedures to check the identification of FD or LDA users. Neither application has the functionality to authenticate end users.

Impersonation –

The identity of the user may be fraudulent.

· Implement manual or automated authentication procedures that are consistent with the spirit of the EIGA and LDA. Example includes increased staff intervention with users that reduce the users ability to falsify their identity.

Human error by staff

Data:

· Form images

· Index

· FD Query Activity Log

· User Account Info.

Lack of application and system software change control. Observations:

· FileNet application administrators have direct access to the production environment. Changes to FileNet run-scripts or changes to source code are not formally documented or approved.

No segregation of incompatible duties.

Observations:

· An individual who scans a document may also verify its correctness.

Application edits and validations need improvement. Observations:

· The FD application requires excessive manual data entry.

· The application edits and validations need improvement to reduce inadvertent errors and to improve data integrity (e.g., pull down menus, strong error detection controls).

The FD and LDA applications do not have strong query capabilities. Observations:

· The ability to detect data redundancy through precise database query functions is not present.

Modification – Unintentional changes to data are possible.

Disruption –

Denial of service possible by unintentional act.

· Grant access to users based upon job duties.

· Provide for segregation of duties through workflow functionality.

· Improve application change control procedures using change control tools.

· Reduce redundant data entry.

· Provide for strong application edits and validations.

· Implement stronger and more precise query capabilities.

Figure 3.1: Summary of Risk Assessment Results

Threat	Data and Assets Affected	Vulnerabilities	Risk Impact	Recommended Safeguards
Logical/physical penetration to data center by unauthorized public users	Data: · Form images · Index · FD Query Activity Log · User Account Info. Equipment · LCS · LRC · HIR	Lack of integrated security administration; weak physical access security to data center. *Observations:* · A coordinated approach to application access security has not been implemented. Currently, HIR and LCS have overlapping security responsibilities. Also, there is no security officer to monitor and manage security. · Observed no card key access control or locks to LCS data center. Direct access door to hallway is alarmed but not activated (observed staff exiting door to hallway). · No physical access controls to registration and filings processing areas. These areas provide access to forms in both physical and electronic formats.	Disclosure - Viewing of document images prior to release. Modification - Unauthorized add, change, or delete of list data may have adverse ramifications that affect data integrity. Disruption - Images and indices not available for period of time.	· Appoint a security officer to monitor and manage security.

Threat

Data and Assets Affected

Vulnerabilities

Risk Impact

Recommended Safeguards

Logical/physical penetration to data center by unauthorized public users

Data:

· Form images

· Index

· FD Query Activity Log

· User Account Info.

Equipment

· LCS

· LRC

· HIR

Lack of integrated security administration; weak physical access security to data center.

Observations:

· Observed no card key access control or locks to LCS data center. Direct access door to hallway is alarmed but not activated (observed staff exiting door to hallway).

· No physical access controls to registration and filings processing areas. These areas provide access to forms in both physical and electronic formats.

Disclosure -

Viewing of document images prior to release.

Modification -

Unauthorized add, change, or delete of list data may have adverse ramifications that affect data integrity.

Disruption -

Images and indices not available for period of time.

· Appoint a security officer to monitor and manage security.

Figure 3.1: Summary of Risk Assessment Results

Feasibility Study

This exhibit presents the feasibility study of the Financial Disclosure (FD) and Lobby Disclosure

Act (LDA) applications is presented. The purpose of the feasibility study is to identify and analyze alternative system approaches to meet the needs identified in Exhibit 2, Needs Statement and Exhibit 3, Risk Assessment. This exhibit, in conjunction with the cost-benefit analysis document, will provide the Office of the Clerk (Clerk) adequate information to make decisions to analyze and evaluate alternative systems to satisfy mission needs.

4.1. Methodology

The feasibility study was developed using the following steps:

· Analyze Needs and Define Evaluation Criteria.

· Identify Range of Potential Alternatives.

· Select and Develop System Alternatives.

Listed below is a description of processes followed in completing each step.

Analyze Needs and Define Evaluation Criteria

The needs and risks of both applications were analyzed using the findings detailed in Exhibit 2, Needs Statement and Exhibit 3, Risk Assessment. The needs and risks formed the basis of the evaluation criteria that viable application alternatives should meet in order to be considered for implementation. The evaluation criteria is composed of: needs-based criteria, and assumptions and constraints identified in our analysis.

4.1.1.1 Needs-Based Criteria

The eight areas of functionality listed in Figure 4.1: Needs-Based Criteria Summary denote the needs-based criteria that were used to evaluate the system alternatives.

Criterion Capability	Description
Input	Ability to minimize the amount of manual data entry during forms processing and database compilation.
Processing	Allow for the automation of processing tasks (i.e., reporting non-responses and image destruction).
Output	Allow for flexible printing capabilities.
Query	Provide for flexible record query and reporting capabilities for both public and administrative use.
Storage	Ability to store images in commonly used and available media.
Technology	Allow document imaging and/or electronic filing with signature capabilities via the Internet. The alternatives should also provide a network centric platform (client-server) that can be maintained within the confines of the Clerk’s office.
Application Controls and Security	Ability to authenticate users of the system, to protect data during electronic filing, to provide restricted access to data within the system, and provide for system availability on a timely and consistent basis.
Data Integrity Control	Ability to provide integrity and control, as noted in the risk assessment.

Figure 4.1: Needs-Based Criteria Summary (Note: Refer to Exhibit 2, Needs Statement for detailed information.)

4.1.1.2 Assumptions and Constraints

In addition to the needs-based criteria used for evaluation, assumptions and constraints were identified that should be considered when evaluating the system alternatives. The assumptions and constraints are:

· Scalability. Any potential alternative must be scalable to meet all needs. For the purposes of this evaluation, the FD and LDA applications were examined, but any potential system alternative must be scalable to meet the other business needs within the Clerk’s domain or other areas of the U.S. House of Representatives (House).

· Use of Commercial-off-the-Shelf Applications. The House’s Information Systems Program Plan, Management Policy for Systems Development Life Cycle (SDLC), dated June 28, 1996, states the desire to move towards Commercial-Off-The-Shelf (COTS) applications. For this analysis, COTS applications include solutions that may require significant customization to the needs of the House using commercially available software and development tools.

· Implementation Time Frame. Plans are currently underway to allow for a migration of all mission critical applications from the House’s mainframe operated by the House Information Resources’ (HIR) by the third quarter of Calendar Year (CY) 1999. Any potential alternative to replace the current FD and LDA applications should consider that migration plan when planning for the procurement or the implementation process.

· Economies of Scale. The alternatives should allow for economies of scale, such as implementing technology that supports both the FD and LDA applications.

· No Significant Changes to Existing Laws. The alternatives should not require significant changes to the Ethics in Government Act or LDA.

4.1.2 Identify and Assess Range of Potential Alternatives

To determine the various system alternatives for replacing the current FD and LDA applications, numerous sources were contacted to aid in the selection and evaluation. The approach used to research, identify, and analyze potential system alternatives is also included.

4.1.2.1 Identification of Alternatives

Our approach to researching alternatives included:

· Interviewed Subject Matter Experts. Several subject matter experts familiar with imaging systems and electronic filing technologies were interviewed. Areas of emphasis included imaging system technologies (e.g., Optical Character Recognition (OCR), Intelligent Character Recognition (ICR), workflow) and relevant cryptographic technologies (i.e., digital signature, Secure Socket Layer (SSL), Public Key Infrastructure (PKI), electronic filing functionality).

· Reviewed Technology Literature. A variety of sources were used to research potential COTS software, such as industry trade journals, the Internet, and vendor and product databases. Faulkner, Gartner Group, and Forrester proprietary information databases were used for information pertinent to imaging and electronic filing technologies, and various Internet searches were also performed to gather vendor information.

· Interviewed Stakeholders and Other Government/Legislative Bodies. Stakeholder opinions and preferences were gathered through interviews with key stakeholders of the FD and LDA applications. Key stakeholders (i.e., Legislative Computer Services (LCS), Legislative Resource Center (LRC)) were interviewed for technology and functionality preferences, limitations of current technical environment, and information pertaining to the current FileNet imaging system. Interviews with other government/legislative bodies (i.e., U.S. Senate, Canadian Lobby Registration Branch) were performed to gather information about electronic filing methods and efficiencies associated with the implementation of similar systems.

· Contacted Vendors to Identify Feasible Technologies. Interviews with potential vendors that develop and distribute software and technologies that could potentially address the high-level business needs of the FD and LDA applications were performed. Information collected included data associated with product performance and functionality metrics. The identity of the House or Clerk was not disclosed, nor were vendors provided with Clerk-specific information. This was done to preserve vendor independence for any potential procurement in the future.

4.1.2.2 Analysis of Potential Alternatives

Using the criteria, assumptions, and constraints identified, an analysis of the system alternatives for replacing the current FD and LDA applications was performed. The selection of system alternatives included the identification of potential alternatives for the FD and LDA applications and the assessment of the feasibility of the alternatives. As a result of the feasibility assessment, some alternatives were found to be not viable because their functionality is inconsistent with the identified FD and LDA needs and constraints.

Figure 4.2: Summary Assessment of Potential Alternatives presents a description of the system alternatives that were identified and the assessment of the viability of each alternative highlighting the primary ways the alternative meets or does not meet the criteria.

Alternative	Description	Assessment
Retain Existing FileNet/Mainframe Applications	Keep the applications on the current HIR mainframe and RS-6000 platform.	Not Viable primarily because the alternative does not meet the needs criteria as noted in Figure 4.1 Needs-Based Criteria Summary in the following areas: (1) does not utilize client-server COTS technology, (2) is functionally not scalable, and (3) does not maintain hardware, software, and data within the Clerk’s office.
Re-Platform Mainframe Index Applications to RS-6000 OS/390	The FD and LDA mainframe index applications could be re-platformed to an RS/6000 environment within the confines of the Clerk.	Not Viable primarily because the alternative does not meet the needs criteria in Figure 4.1 Needs-Based Criteria Summary in the following areas: (1) does not utilize client-server COTS technology, (2) is not functionally scalable. Also, the Clerk does not intend to build the skill base to operate a mainframe operating system.

Alternative

Description

Assessment

Retain Existing FileNet/Mainframe Applications

Keep the applications on the current HIR mainframe and RS-6000 platform.

Not Viable primarily because the alternative does not meet the needs criteria as noted in Figure 4.1 Needs-Based Criteria Summary in the following areas: (1) does not utilize client-server COTS technology, (2) is functionally not scalable, and (3) does not maintain hardware, software, and data within the Clerk’s office.

Re-Platform Mainframe Index Applications to

RS-6000 OS/390

The FD and LDA mainframe index applications could be re-platformed to an RS/6000 environment within the confines of the Clerk.

Not Viable primarily because the alternative does not meet the needs criteria in Figure 4.1 Needs-Based Criteria Summary in the following areas: (1) does not utilize client-server COTS technology, (2) is not functionally scalable. Also, the Clerk does not intend to build the skill base to operate a mainframe operating system.

Figure 4.2: Summary Assessment of Potential Alternatives

Alternative	Description	Assessment
Replace mainframe index application with client-server application	Replace the current mainframe index application with a new client-server index application that would reside within the confines of the Clerk’s office.	Not Viable primarily because the alternative does not meet the needs criteria in Figure 4.1 Needs-Based Criteria Summary in the following areas: (1) does not utilize client-server COTS technology and (2) is functionally not scalable.
Client-Server imaging/workflow system, with advanced forms processing functionality	Implementation of a new client-server, COTS imaging system with advanced functionality that provides improved controls and processing techniques. This system would reside within the confines of the Clerk’s office.	Viable because it partially meets the high-level business needs and utilizes client-server technology. Although this alternative does not have electronic filing capabilities, the system could be developed to allow for future use of electronic filing and therefore is considered viable because it could be implemented to be scalable to incorporate electronic filing.
Electronic filing functionality with basic encryption techniques	Electronically file FD and LDA forms through a browser-based Internet application with SSL encryption techniques and challenge/response functionality.	Viable because the alternative: (1) meets the high-level business needs, (2) utilizes client-server COTS technology, and (3) is functionally scalable.
Electronic filing functionality with an outsourced[12] PKI	Electronically file FD and LDA forms through a browser-based Internet application using an external vendor to administer a PKI environment to provide enhanced encryption and digital signature measures.	Viable because the alternative: (1) meets the high-level business needs, (2) utilizes client-server COTS technology, and (3) is functionally scalable.
Electronic filing functionality with an in-house PKI implementation	Electronically file FD and LDA forms through a browser-based Internet application and the implementation of PKI to provide enhanced encryption and digital signature measures.	Viable because the alternative: (1) meets the high-level business needs, (2) utilizes client-server COTS technology, and (3) is functionally scalable.
Outsource all aspects of FD and LDA applications	Outsource the FD and LDA applications to a vendor outside of the Clerk’s domain.	Not Viable because the alternative does not meet the needs criteria as noted in Figure 4.1 Needs-Based Criteria Summary associated with maintaining hardware, software, and data within the Clerk’s office. The Ethics in Government Act and the Lobby Disclosure Act mandates that the Clerk process FD and LDA submissions.

Figure 4.2: Summary Assessment of Potential Alternatives (continued)

4.1.3 Select and Develop Feasible Alternatives

The viable alternatives were grouped into four specific alternatives that would serve as implementation scenarios for further evaluation. The rationale used to group the viable alternatives was to provide the Clerk with a range of viable alternatives to consider and an analysis of viable technologies. The four alternatives selected for further evaluation in this exhibit include:

· Imaging/Workflow System represents the implementation of a new, client-server based imaging system that includes advanced forms processing functionality (i.e., OCR/ICR, workflow technologies).

· Imaging/Workflow System and Electronic Filing with Basic Encryption represents the implementation of a new imaging system, and adds functionality that would allow browser-based submission of FD and LDA forms via the Internet. The alternative includes the use of SSL and challenge/response authentication measures.

· Imaging/Workflow System and Electronic Filing with an Outsourced Public Key Infrastructure represents the implementation of a new imaging system, and adds functionality that allows for browser-based submission of FD and LDA forms via the Internet. The alternative includes the use of PKI encryption technology administered by an external service provider.

· Imaging/Workflow System and Electronic Filing with an In-house Public Key Infrastructure represents the implementation of a new imaging system, and adds functionality that allows for browser-based submission of FD and LDA forms via the Internet. The alternative includes the use of PKI encryption technology administered in-house by the Clerk.

In this exhibit, high-level implementation scenarios were developed for the alternatives identified above to represent the potential changes to the Clerk’s organization and technology infrastructure.

4.2. Overview of Existing System

In this section, an overview of the existing system for the FD and LDA applications used by the Clerk is provided. An overview of the primary stakeholders and a description of the technology infrastructure is also included. As discussed in Figure 4.2: Summary Assessment of Potential Alternatives, the existing system was not considered a viable alternative because it does not meet the identified needs of the Clerk.

4.2.1 Stakeholder Analysis

Figure 4.3: Overview of Stakeholders for Existing System presents an overview of the stakeholders of the FD and LDA applications. In the following discussion, each of the stakeholders and their primary relationship to the FD and LDA applications is described.

Figure 4.3: Overview of Stakeholders for Existing System

Filing Community

· Financial Disclosure Filers: Members, Officers, certain employees, and candidates of the House manually submit FD Statements. The FD Statements are submitted on an annual basis. To date there are approximately 5,500 filers. Filers may download FD forms from the House Internet web site or may call the LRC directly to obtain the forms by mail. For the most recent processing year, the LRC received approximately 3,000 documents from the entire FD filing community.

· Lobby Act Filers: Individual lobbyists and lobbying firms manually register and file reports of their lobbying activities. The lobbying activity reports are manually submitted semi-annually no later than 45 days after the end of the first day of January and the first day of July. Filers call the LRC to request the LD-1 Form if they are new registrants or the LD-2 form if they are submitting their semi-annual report. These forms are also

conveniently available on the Clerk’s Internet web site in a downloadable format. There are currently a total of 3,727 active registrants who submit a total of 35,000 document pages per year.

Legislative Resource Center

The LRC is the primary contact point for the House and handles incoming documents and fields telephone calls from the general public, public interest groups, the press corps, and FD and LDA filers. The LRC staff is comprised of a total of eight personnel who use the FD and LDA applications. Their primary functions are document scanning, indexing and quality control inspection and compliance processing.

Upon receipt of the registrant’s documents via mail or dialup, LRC administrators scan and index the filings into the FileNet document management system. The scanning and processing of incoming documents involves extensive manual data input to enter index information and to properly track filing compliance.

Legislative Computer Systems

The LCS has the responsibility for managing the information systems of the Clerk. The LCS maintains a data center in the Rayburn Building that houses the file servers and storage media for the FD and LDA applications. The LCS has one person assigned to provide overall technical support to the FD and LDA applications.[13]

House Information Resources

The existing FD and LDA applications use the mainframe to store index information in an ADABAS database located on the HIR mainframe in the Ford Building. HIR personnel are responsible for maintenance for the image index application and are responsible for security administration for areas other than the FileNet system and the Clerk’s local area network (LAN).

General Public

Under the existing system, the LRC is the primary point of contact within the House. The general public, which includes public interest groups and the press corp, typically use workstations in the LRC facilities located in the Cannon Building to electronically view filer information.

Federal Election Commission and Office of Human Resources

The Federal Election Commission (FEC) and the House’s Office of Human Resources (OHR) submit information to the Clerk periodically, which is used by the LRC in processing the FD submissions. Information from the FEC and House OHR is provided in hard-copy report format, and the LRC uses this information to determine the expected filing community for the FD submissions.

Committee on Standards of Official Conduct

After scanning the FD submissions into the FileNet system, the LRC forwards all FD forms to the Committee on Standards of Official Conduct for review. The LRC also forwards various adhoc reports (i.e., non-respondent reports) regarding FD submissions to the Committee.

4.2.2 Technology Description

Figure 4.4: Overview of Existing System Technology Infrastructure presents an overview of the technology infrastructure associated with the existing system. The following discussion provides a high-level overview of the information technology components of the existing FD and LDA system.

Figure 4.4: Overview of Existing System Technology Infrastructure

The primary components of the existing systems technology infrastructure are:

· Application File Server. The FileNet application resides on two RS/6000 file servers using a UNIX operating system. The application is located in the LCS data center in the Rayburn Building. Print servers using OS/2 are housed in the LRC document process area.

· Optical Image Storage. Documents scanned and processed by FileNet are stored directly to a Write-One-Read-Many (WORM) optical platter. Images are stored in a standard TIFF format and may not be altered once they are written to disk. Currently, there is no mechanism for backing up the optical images.

· Workstations. There are two categories of workstations related to the FD and LDA applications. Workstations used by staff in the LCS for document scanning, indexing and routine data entry are appropriately equipped to handle the FileNet and mainframe terminal emulation clients. In addition, workstations are located in the public area of the LCS and are freely accessible for on-line document query.

· Mainframe Images Index. The FD and LDA indexes are maintained on an IBM Multiprise CMOS mainframe. LRC staff who process FD and LDA documents access the images index on the mainframe through a 3270 emulation client installed on their workstations. The mainframe is managed by HIR and is located in the Ford Building.

4.3. Alternative Systems

In this section, the viable alternatives to the existing system are presented, as noted in Figure 4.2: Summary Assessment of Potential Alternatives. The discussion of each alternative presents the following information:

· Stakeholder Analysis shows how the alternative would affect the primary FD and LDA stakeholders.

· Technology Description presents a high-level overview of the technology components, and relevant vendors, associated with the alternative.

· High-Level Business Needs Evaluation presents a summary of the evaluation of the alternative’s ability to meet the high-level business needs as identified in Section D.1.1.1.

· Implementation Issues details any issues that need to be considered when evaluating the alternative.

4.3.1 Alternative 1: Imaging/Workflow System

In this section, the stakeholder analysis, technology description, high-level business needs evaluation, and implementation issues of the Imaging/Workflow System alternative are presented. The functionality of the Imaging/Workflow System alternative includes:

· Imaging Application that provides the functionality to maintain hard-copy submissions of FD and LDA forms in an optical format. The images maintained by the application are available for public view in the LCS.

· Workflow Capabilities that provide functionality for managing the processing of FD and LDA submissions in an automated fashion.

· Optical Character Recognition/Intelligent Character Recognition that provides the functionality to greatly reduce manual data entry of indexing information by providing the ability to optically recognize FD and LDA submission data as a form is being scanned into the imaging application.

As presented in Figure 4.2: Summary Assessment of Potential Alternatives, this alternative is viable because it partially meets the high-level business needs and utilizes client-server technology. Although this alternative does not have electronic filing capabilities, the system could be developed to allow for future use of electronic filing and therefore is considered viable because it could be implemented to be scalable to incorporate electronic filing.

4.3.1.1 Stakeholder Analysis

Figure 4.5: Alternative 1: Stakeholder Overview presents an overview of the stakeholders of the FD and LDA applications. In the discussion, each of the stakeholders and their primary relationship to the FD and LDA applications is described.

Exhibit 4: Figure 4.5: Alternative 1: Stakeholder Overview. Figure 4.5: Alternative 1: Stakeholder Overview

Filing Community

For this alternative, the filing community for the FD and LDA applications is largely unaffected in the manner in which they interact with the Clerk. Under this scenario, hard-copy forms continue to be submitted by mail and in-person and are subsequently processed by the LRC.

Legislative Computer Systems

The migration of the FD and LDA indexes off of the HIR mainframe shifts the custody and management of all remaining hardware and software components to the LCS. Under this scenario, the LCS would need to assume greater responsibilities in the areas of security and data center management. The LCS would also be required to support the new imaging/workflow application and coordinate application maintenance with the chosen software vendor.

Legislative Resource Center

Under this alternative, the relationship the LRC has with other stakeholders would remain essentially the same. However, it is likely the LRC would experience changes to their business processes as a result of using a new imaging application with workflow and OCR/ICR capabilities. These changes to business processes would likely result in efficiencies in the processing function of the FD and LDA applications.[14]

House Information Resources

All information systems processing and custody responsibilities for the index databases currently under the management of HIR would be eliminated.

General Public

The general public is unaffected by this alternative in that they would continue to obtain FD and LDA information in person at the LRC or in printed format from GPO.

Federal Election Commission and Office of Human Resources

This alternative would require cooperation from the FEC and the House’s OHR in the development of an automated interface with the FD application to replace the existing manual interfaces. Automated interfaces would help improve the data integrity and the accuracy of incoming candidate and payroll information. Currently, the LRC staff receives hard-copy reports from the FEC and OHR that denote the expected filing community for the FD submissions. This automated interface would alleviate the need for manual data entry by providing a technical mechanism where the data from the FEC or OHR could be uploaded to the FD database with little or no manual intervention.

Committee on Standards of Official Conduct

After scanning the FD submissions into the new system, the LRC would continue to forward all FD forms to the Committee on Standards of Official Conduct for review. The LRC would also continue to forward various adhoc reports (i.e., non-respondent reports) regarding FD submissions to the Committee.

4.3.1.2 Technology Description

Figure 4.6: Alternative 1: Technology Overview presents an overview of the technology infrastructure associated with this alternative. The discussion following provides a high-level overview of the information technology components.

Figure 4.6: Alternative 1: Technology Overview

The primary components of this alternative’s technology infrastructure are:

· Imaging/Workflow Application. The imaging application is the engine that drives the scanning, indexing and report writing process. It executes the core functions of any document management system in an integrated manner. Most significant of the possible improvements to the core document imaging functionality is the workflow management and OCR/ICR features. Workflow functions manage the flow of documents among administrators to ensure both accountability and quality assurance in the processing of information. Ideally, the application and the associated database engine should reside on separate servers for performance considerations. Modules added to the core application could provide a standardized (open) interface to minimize the amount of customized Application Program Interface (API) development necessary.

· Storage Media and Backup. Given the age and reliability of the Clerk’s existing WORM drive, an upgrade to newer WORM technology should occur. A typical WORM 5.25-inch optical disk[15] holds up to 4.6G bytes of information, the equivalent of about one million

pages or over 1800 standard 3.5-inch diskettes. The use of a digital-linear tape system used for backing up images from the WORM storage system should also be considered, at a minimum.

· Scanning and Printing Peripherals. To plan for future processing workloads, it may be necessary to upgrade the scanner and printing peripherals. The Clerk has made progress in this area by procuring high speed Xerox Docutech printers capable of on-demand printing. This should reduce the Clerk’s reliance on the GPO for specific publicly disseminated reports.

· Federal Election Commission and Office of Human Resources Interfaces. The automation of data that has been previously entered by hand is critical to improving data integrity and accuracy. Telecommunication links could be established with the FEC and the OHR to allow for the timely upload of candidate and payroll data into the FD application. Although a high-speed telecommunication link is preferable, loading the information via tape could also be a viable alternative.

This alternative eliminates the need for the mainframe platform by shifting the image index database to a client-server architecture. The client-server model allows for specialized servers to distribute processing workloads. For example, separate file servers could handle such tasks as image processing, indexing, and printing. To maintain the functionality now processed on the mainframe component of the FD and LDA applications, it is likely that significant application customization to a COTS product would be needed to tailor the functionality to the specific needs of the FD and LDA system.

4.3.1.3 High-Level Business Needs Evaluation

This alternative was evaluated based on its ability to meet the high-level business needs as presented in Section 1.1.1 Needs Based Criteria. Figure 4.7: Alternative 1: Evaluation of High-Level Business Needs presents a summary of the evaluation of the high-level business needs.

Criteria	Criteria Rating	Assessment
Input Capabilities	Fully	· This alternative reduces the inefficiencies and errors associated with data input. Automated interfaces for files received from the FEC and the OHR would eliminate the need for manual keying of hard copy reports. · OCR/ICR functionality speeds the input and creation of document index information.
Processing Capabilities	Partially	· Workflow functionality would improve quality assurance by proving the mechanism to administer controls associated with the FD and LDA processing cycle. · The core imaging system would incorporate logic to automate filer compliance.
Output Capabilities	Fully	· Standard report writing would be a component of the core imaging system. · The Xerox Docutech printer would be supported and allow for on-demand printing.
Query Capabilities	Fully	· Core system would include flexible, easy to use record query capabilities.
Storage Capabilities	Fully	· Image storage would be in a non-proprietary format.
Technology Capabilities	Partially	· The alternative does not include web-based file submission. · The alternative does not provide for potential public disclosure via the Internet. · Platform is network-centric in keeping with the House’s desire to migrate from HIR’s mainframe.
Application Controls and Security Capabilities	Partially	· The alternative does not provide web-based file submission, and thus the ability to protect data during electronic filing is not available. · Issues of authentication, confidentiality and data integrity are addressed in the core system functionality.
Data Integrity Control Capabilities	Fully	· Data integrity controls are improved through the use of workflow functionality and automated interfaces. · Field edits and error checking logic would be enhanced for all alternatives under consideration.
Key: Partially-Partially meets criteria Fully-Fully meets criteria

Figure 4.7: Alternative 1: Evaluation of High-Level Business Needs

4.3.1.4 Implementation Issues

The following implementation issues should be considered for this alternative:

· Increased Information System Management Responsibility. As a consequence of shifting portions of the FD and LDA process from HIR, the LCS would need to increase the scale of their security operations and data center management. Access to the imaging and database servers would need to be controlled both physically and logically. Additionally, administration workload would increase with the demands of supporting a larger production environment.

· Impact of Workflow and OCR/ICR technology on LRC Business Processes. Careful consideration would need to be given to the reengineering of the LRC’s processes to accommodate workflow and OCR/ICR features of the new system.

· Coordination Needed for Interface Development. To develop automated interfaces with FEC and OHR systems, coordination with these organizations would be needed.

4.3.2 Alternative 2: Imaging/Workflow System, with Electronic Filing and Basic Encryption

In this section, the stakeholder analysis, technology description, high-level business needs evaluation, and implementation issues of the Imaging/Workflow System, with Electronic Filing and Basic Encryption alternative are presented. The functionality of the Imaging/Workflow System with Electronic Filing and Basic Encryption alternative includes:

· Imaging/Workflow System that was described in the Imaging/Workflow alternative presented in Section 4.3.1, Alternative 1: Imaging/Workflow System.

· Electronic Filing with Basic Encryption that provides the functionality for electronic filing using basic encryption techniques and challenge/response security mechanisms. Electronic filing provides the FD and LDA user community the ability to file via the Internet using a user ID and password.

As presented in Figure 4.2: Summary Assessment of Potential Alternatives, this alternative meets the high-level business needs, constraints, and assumptions, including the criteria for electronic filing. However, it does not resolve the issue of non-repudiation. The alternative was still considered viable because the system could be developed so that it is scalable for future implementation of technology that addresses non-repudiation.[16]

4.3.2.1 Stakeholder Analysis

Figure 4.8: Alternative 2: Stakeholder Overview presents an overview of the primary stakeholders of the FD and LDA applications and their relationships. In the following discussion, each of the stakeholders and their primary relationship to the FD and LDA applications under this alternative are described.

Figure 4.8: Alternative 2: Stakeholder Overview

Legislative Computer Service

LCS would be responsible for managing and maintaining all of the technology components associated with the data center and Clerk information system components. Specifically, the LCS would now maintain the Internet technology components associated with the electronic filing functionality.

Legislative Resource Center

The advent of electronic filing functionality would not preclude filers from submitting FD and LDA forms in hard copy format. The LRC would now be responsible for processing both hard copy and electronic submissions of FD and LDA information. FD and LDA data received via the Internet would be routed to the LRC for processing. The LRC processing staff would use the character-based data instead of the image of the hardcopy form to perform various edit checks and indexing processes. This change would presumably lead to processing efficiencies, but the extent of these efficiencies is unclear.[17] The potential efficiencies that could be achieved with electronic filing are presented in Exhibit 5, Cost-Benefit Analysis, Section 5.3 Cost Sensitivity Analysis. The LRC would continue to ensure legislative compliance and administer policies associated with the FD and LDA laws.

FD and LDA Filing Community

Filers of the FD and LDA forms would now have the ability to submit FD and LDA forms electronically via the Internet. The filer could connect to the Clerk’s web site through a local Internet service provider and standard web browser or through the House intranet (for Members and House employees only) to submit their FD and LDA information for processing.

General Public

The general public would still have access to all FD and LDA information submitted to the Clerk through the LRC. Hardcopy filings would be viewed as an image of the actual form (with signature) and electronic submissions would be viewed as the submitted data superimposed on an image of a blank form.

Federal Election Commission and Office of Human Resources

This alternative would require cooperation from the FEC and the House’s OHR in the development of automated interfaces with the FD application to replace the existing manual interface. Automated interfaces would help improve the data integrity and the accuracy of incoming candidate and payroll information.

Committee on Standards of Official Conduct

After receiving the FD submissions, the LRC would continue to forward all FD forms to the Committee on Standards of Official Conduct for review. The LRC would also continue to forward various adhoc reports (i.e., non-respondent reports) regarding FD submissions to the Committee.

4.3.2.2 Technology Description

Figure 4.9: Alternative 2: Technology Description presents an overview of the technology infrastructure associated with this alternative. The following discussion provides a high-level overview of the information technology components.

Figure 4.9: Alternative 2: Technology Description

Imaging/Workflow System Components

This alternative includes the technology components indicated in the previous alternative described in Section 3.1, Alternative 1: Imaging/Workflow System. Those technology components are summarized as followed:

· Imaging/Workflow Application. The imaging application is the engine that drives the scanning, indexing and report writing process. Most significant of the possible improvements to the core document imaging functionality is the workflow management and OCR/ICR features. Workflow functions manage the flow of documents among administrators to ensure both accountability and quality assurance in the processing of information.

· Storage Media and Backup. Given the age and unreliable state of the existing WORM drive, upgrading to newer WORM technology and implementing a digital-linear tape backup system should be considered, at a minimum.

· Scanning and Printing Peripherals. To plan for future processing loads, it may be necessary to upgrade the scanner and printing peripherals. The Clerk has made progress in this area by procuring high speed Xerox Docutech printers capable of on-demand printing. This should reduce the Clerk’s reliance on the GPO for specific publicly disseminated reports.

Electronic Filing Components

Providing an environment for electronic filing requires that various technology components be employed. The use of secure Internet web servers for this purpose is a widely used and accepted practice. A web-based forms application that uses SSL encryption and challenge/response (user ID and password) measures to provide basic levels of confidentiality, data integrity, and authentication is also a widely used method for capturing information via the Internet. Although there are many benefits that can be achieved by allowing electronic submission of the FD and LDA forms, electronic submission of information introduces many vulnerabilities and security risks such as public viewing of FD or LDA information before the LRC staff processing cycle is completed.

Technology components that address this security are:

· Web-based Forms Application. A web-based forms application would be developed that would allow filers to dynamically fill out their FD and LDA forms. The web pages would resemble the actual paper forms, and would capture all the information normally submitted on the hardcopy documents. These web-based forms could employ inherent intelligence that performs routine edit checks while the respondent inputs data. If the respondent somehow fills out a cell with incorrect information (i.e., enters a wrong date or invalid state code) the web application could be enabled to reject the submission and guide the respondent to a correct/acceptable response. After submitting the forms, the data could be automatically indexed and stored based on the information provided by the respondent.

· Web Server Hardware/Software (SSL). The web-based forms application detailed above would physically reside on a Internet web server within the confines of the LCS. This web server would have the capability to support encrypted connections initiated by the web clients (i.e., FD and LDA submission population) and through use of a SSL connection. SSL functions in a paired environment, where a secure client (e.g., FD or LDA submitter) connects with a secure server. SSL uses public encryption technology that would render the FD and LDA submissions routable but unreadable by intermediate hosts. The SSL technology authenticates servers, preventing an intermediate interception of data on the network from others posing as the destination server (in this case, the House). This method of encryption protects Internet communications and ensures data integrity associated with electronic submissions. SSL is used by developers to add security within TCP/IP applications and has become a de facto standard for encryption between browsers and servers.

· Challenge/Response Mechanism. Access to the FD and LDA web-based applications would be granted through a password and account ID mechanism. This challenge/response mechanism would authenticate users who choose to submit FD and LDA forms via the Internet. Included with this alternative is the necessity to issue user IDs/passwords to filers in some way, prior to being granted access to the system (i.e., mail, email, in person). SSL combined with account ID and passwords would provide the basic levels of confidentiality, integrity, and authentication needed to support FD and LDA electronic submission.

· Proxy Server and Firewall. A proxy server and firewall are required to protect the web server and web-based forms application from unauthorized uses such as those wishing to infiltrate and disrupt the system.

4.3.2.3 High-Level Business Needs Evaluation

This alternative was evaluated based on the evaluation criteria derived from the high-level business needs, constraints, and assumptions. Figure 4.10: Alternative 2: Evaluation of High-Level Business Needs presents a summary assessment of the how this alternative satisfies the business needs.

Criteria	Criteria Rating	Assessment
Input Capabilities	Fully	· This alternative reduces the inefficiencies and errors associated with data input. Automated interfaces for files received from the FEC and OHR would eliminate the need for manual keying of hard copy reports. · OCR/ICR functionality speeds the input of document index information.
Processing Capabilities	Fully	· Workflow functionality would improve quality assurance by providing the mechanism to administer controls associated with the FD and LDA processing cycle. · The core imaging system would incorporate logic to automate filer compliance.
Output Capabilities	Fully	· Standard report writing would be a component of the core imaging system. · The Xerox Docutech printer would be supported and allow for on-demand printing.
Query Capabilities	Fully	· Core system would include flexible, easy to use record query capabilities.
Storage Capabilities	Fully	· Image storage would be in a non-proprietary format.
Technology Capabilities	Partially	· This alternative does provide functionality that allows for electronic filing of FD and LDA submissions, but does not provide the non-repudiation of submissions.
Application Controls and Security Capabilities	Partially	· This alternative does provide basic protection of data during electronic submission by use of SSL encryption, but does not provide for non-repudiation.
Data Integrity Control Capabilities	Fully	· Data integrity controls are improved through the use of workflow functionality and automated interfaces. · Field edits and error checking logic would be enhanced for all alternatives under consideration.
Key: Partially-Partially meets criteria Fully-Fully meets criteria

Figure 4.10: Alternative 2: Evaluation of High-Level Business Needs

4.3.2.4 Implementation Issues

There are a number of implementation issues that need to be considered when evaluating whether to use electronic filing of FD and LDA submissions with the use of basic encryption and challenge/response security techniques. The primary implementation issues are:

· Non-Repudiation.[18] The legal issues surrounding the use of electronic filing of FD and LDA submissions involve non-repudiation and the acceptability of digital information in a court of law. Research should be undertaken to derive conclusions of the appropriateness of using electronic filing prior to investment in this technology.

· Acceptance of Electronic Filing by the User Community. The use and acceptance of electronic filing by FD and LDA filers is currently unclear. In Canada, approximately 95 percent of lobbyists submit information electronically. However, the Canadian Government assesses significant user fees to lobbyists who submit paper forms. Although Internet technologies have gained wide acceptance within the U.S., it is unclear to what extent FD and LDA filers would file using electronic methods. The Clerk should, at a minimum, survey FD and LDA filers to gauge acceptance and usage prior to investing in electronic filing technologies.

4.3.3 Alternative 3: Imaging/Workflow System with Electronic Filing and an Outsourced PKI

In this section, the stakeholder analysis, technology description, high-level business needs evaluation, and implementation issues of the Imaging/Workflow System, with Electronic Filing and an outsourced PKI alternative are presented. The functionality of the Imaging/Workflow System with Electronic Filing and an Outsourced PKI system alternative includes:

· Imaging/Workflow System that was described in the Imaging/Workflow alternative presented in Section 4.3.1, Alternative 1: Imaging/Workflow System.

· Electronic Filing that provides the functionality for electronic filing. Electronic filing provides the FD and LDA user community the ability to file via the Internet using a user ID and password that was described in the alternative described in Section 4.3.2, Alternative 2: Imaging/Workflow System with Electronic Filing with Basic Encryption.

· Public Key Infrastructure that provides the functionality for electronic filing with the use of a PKI. The implementation of PKI could provide increased levels of confidentiality, integrity, and authentication of electronic submissions of FD and LDA forms and could address the non-repudiation evaluation criterion. For this alternative, the PKI system would be administered by a PKI outsourcing agent.

This alternative meets the evaluation criteria, including the electronic filing functionality. The alternative provides added features in the areas of security and non-repudiation through the use of a PKI. However, it does present issues with regard to management control of the entire PKI process.

4.3.3.1 Stakeholder Analysis

Figure 4.11: Alternative 3: Stakeholder Overview presents an overview of the primary stakeholders of the FD and LDA applications and their relationships. In the following discussion, each of the stakeholders and their primary relationship to the FD and LDA applications under this alternative are described.

Figure 4.11: Alternative 3: Stakeholder Overview

PKI Outsourcing Vendor

The PKI outsourcing vendor would serve as the management (i.e., storing, revoking, updating) of the electronic signatures that filers would use to authenticate submissions of the FD and LDA forms. The outsourcing agent would also be responsible for the distribution of these electronic signatures. The electronic submission would be done through the use of a House branded web site maintained and operated by the outsourcing agent.

Filing Community

To sustain the integrity of the PKI environment, the FD and LDA filing community would face additional scrutiny with regards to proof of identification. Verifying the identity of users of a PKI is paramount to the security that the PKI provides. Filers would need to provide proof of identification before they would be allowed to submit electronically. Filers could provide proof of identity and sign an agreement for authorized use in person at the LRC. Another method could involve submitting a request through the mail by providing a notarized letter using official letterhead.

Legislative Computer Services

The implementation of a PKI would require the LCS to develop an understanding and a competency of a number of additional technical areas. In addition to the basic Internet components associated with electronic filing detailed in Section 4.3.2, Imaging/Workflow System with Electronic Filing with Basic Encryption, the LCS would need to have an interface with the PKI outsourcing agent. This interface would serve as the means by which the Clerk notifies the outsourcing agent of new users of the system. The LCS would also be responsible for developing and deploying new policies and procedures that address sustaining a PKI environment.

Legislative Resource Center

In addition to the duties of processing the hardcopy and electronic submissions of the FD and LDA forms, the LRC would also be involved in the development of policies and procedures associated with the management of the PKI environment. The LRC would also be involved with administering those policies and procedures within the FD and LDA user community.

General Public

The general public would still have access to all FD and LDA information submitted to the Clerk through the LRC public access terminals. Hardcopy filings would be viewed as an image of the actual form (with signature) and electronic submissions would be viewed as the submitted data superimposed on an image of a blank form.

Federal Election Commission and Office of Human Resources

This alternative would require cooperation from the FEC and the House’s OHR in the development of automated interfaces with the FD application to replace the existing manual interfaces. Automated interfaces would help improve the data integrity and the accuracy of incoming candidate and payroll information.

Committee on Standards of Official Conduct

4.3.3.2 Technology Description

Figure 4.12: Alternative 3: Technology Overview presents an overview of the technology infrastructure associated with this alternative. The following discussion provides a high-level overview of the information technology components.

Figure 4.12: Alternative 3: Technology Overview

Imaging/Workflow System Components

· Storage Media and Backup. Given the age and unreliable state of the existing WORM drive, upgrading to newer WORM technology implementing a digital-linear tape backup system should be considered, at a minimum.

· Federal Election Commission and Office of Human Resources Interfaces. The automation of data that has been previously entered by hand is critical to improving data integrity and accuracy. Telecommunication links could be established with the FEC and OHR to allow for the timely upload of candidate and payroll data into the FD application. Although a high-speed telecommunication link is preferable, loading the information via tape could also be a viable alternative.

Electronic Filing Components

This alternative includes the technology components indicated in the previous alternative described in Section 3.2, Alternative 2: Imaging/Workflow System with Electronic Filing and Basic Encryption. Those technology components are summarized as followed:

· Web-based Forms Application. A web-based forms application would be developed that would allow filers to dynamically fill out their FD and LDA forms.

· Proxy Server and Firewall. A proxy server and firewall are required to protect the web server and web-based forms application from unauthorized uses by those wishing to infiltrate and disrupt the system.

Public Key Infrastructure Components

A PKI environment is implemented using a mix of hardware and software components, combined with related policies and procedures, to provide a set of security services that enable secure electronic computing in a distributed environment. The outsourcing agent would be responsible for the technology components of the PKI, and the Clerk would be responsible for developing and implementing the policies and procedures that govern the PKI.

To provide an electronic filing functionality with a PKI environment, the following technology components would need to be employed:

· Certificates. After providing proof of identification, a filer wishing to submit FD or LDA forms electronically in a PKI environment would receive an unique digital certificate (from the outsourcing agent, after receiving notification from the Clerk) that would be used to authenticate their submission. Certificates are the mechanism by which a person’s identity associated with an electronic submission can be authenticated. These unique certificates serve as electronic signatures, thereby authenticating the identity of an electronic filer. The digital certificate could be physically stored as a plug-in to the senders web browser that resides on their PC. This unique certificate, when provided with an electronic submission of the FD or LDA forms, would provide non-repudiation of identity of the filer.

· Certificate Authority (CA). The primary function of the CA is to generate and manage the public key certificates that bind the user’s identity with the user’s public key. In order to perform this function, a CA must provide various services[19] to the users of the certificates. Major services performed by a CA are detailed as followed:

- Certificate Generation: One of the most important services provided by a CA is the generation of certificates. It is through certificate generation that the binding of a user’s identity and a user’s public key is made which, in turn, is based on the appropriate user identification methods.

- Certificate Authorization: When a certificate is presented, the CA verifies that the certificate is valid and is authorized for the given use.

- Certificate Maintenance: The CA must perform a number of maintenance activities associated with certificates. Common maintenance activities include certificate back-up and revocation.

The functions listed above are generally performed using a combination of CA software and accompanying CA policy and procedures. Some popular PKI vendors that perform this function include products such as Spryus/Signet CA, Entrust WebCA, and IBM Registry.

· Directory Servers. The directory server is responsible for maintaining the actual certificates and user identification pairs for future authentication purposes.

· Root Authority (RA). The RA is the single point of trust at the top of a certification hierarchy of a PKI.[20] What separates this CA from other CAs is that it signs its own certificate. Because of this, its private key must be highly protected. The RA usually issues certificates for subordinate CAs. A number of RAs are currently in use in the Internet. For example, Netscape offers RA certificates from 16 organizations including, but not limited to Verisign, GTE, and AT&T.

4.3.3.3 High-Level Business Needs Evaluation

This alternative was evaluated based on its ability to meet the high-level business needs as presented in Section 1.1.1 Needs Based Criteria. Figure 4.13: Alternative 3: Evaluation of High-Level Business Needs presents a summary of the evaluation of the high-level business needs.

Criteria	Criteria Rating	Comment
Input Capabilities	Fully	· This alternative reduces the inefficiencies and errors associated with data input. Automated interfaces for files received from the FEC and the OHR would eliminate the need for manual keying of hard copy reports. · OCR/ICR functionality speeds the input of document index information.
Processing Capabilities	Fully	· Workflow functionality would improve quality assurance by proving the mechanism to administer controls associated with the FD and LDA processing cycle. · The core imaging system would incorporate logic to automate filer compliance.
Output Capabilities	Fully	· Standard report writing would be a component of the core imaging system. · The Xerox Docutech printer would be supported and allow for on-demand printing.
Query Capabilities	Fully	· Core system would include flexible, easy to use record query capabilities.
Storage Capabilities	Fully	· Image storage would be in a non-proprietary format.
Technology Capabilities	Fully	· This alternative provides enhanced capabilities for electronic filing and signature verification. Implementation of PKI provides non-repudiation of electronic FD and LDA submissions. This functionality is not included in the Imaging/Workflow System, with Electronic Filing and Basic Encryption alternative.
Application Controls and Security Capabilities	Fully	· This alternative provides increased protection of data submitted electronically, along with non-repudiation assurances.
Data Integrity Control Capabilities	Fully	· Data integrity controls are improved through the use of workflow functionality and automated interfaces. · Field edits and error checking logic would be enhanced for all alternatives under consideration.
Key: Partially-Partially meets criteria Fully-Fully meets criteria

Figure 4.13: Alternative 3: Evaluation of High-Level Business Needs

4.3.3.4 Implementation Issues

There are number of implementation issues that need to be considered when evaluating whether to implement an outsourced PKI. The primary implementation issues are:

· Clerk-Wide vs. House-Wide Implementation of PKI. The model detailed above shows the PKI residing within the LRC, under the direction of the Clerk. This PKI model could serve as a pilot to assess its viability to other scenarios that fit within the mission of the entire House. For example, one use of the PKI technology’s digital certificates involves the use of physical “smart cards”. These cards can be designed to carry a physically embedded digital certificates that, when swiped through a card reader, provide a unique digital signature. Applications that would fit this model could include House Member vote casting, House employee parking validation or substantiation of a FD and LDA hardcopy submission.

· Outsource Agent Issues. The Clerk must be cognizant that the overall security of the environment would depend somewhat on the security practices of the outsourcing agent. The Clerk would have less control of the security aspect of this application.

4.3.4 Alternative 4: Imaging/Workflow System with Electronic Filing and an In-house PKI

In this section, the stakeholder analysis, technology description, high-level business needs evaluation, and implementation issues of the Imaging/Workflow System, with Electronic Filing and an In-house PKI alternative are presented. The functionality of the Imaging/Workflow System with Electronic Filing and In-house PKI system alternative includes:

· Imaging/Workflow System that was described in the Imaging/Workflow alternative presented in Section 4.3.1, Alternative 1: Imaging/Workflow System.

This alternative meets the evaluation criteria, including electronic filing. The alternative provides added features in the area of security and non-repudiation through the use of a PKI.

D.3.4.1 Stakeholder Analysis

Figure 4.14: Alternative 4: Stakeholder Overview presents an overview of the primary stakeholders of the FD and LDA applications and their relationships. In the following discussion, each of the stakeholders and their primary relationship to the FD and LDA applications under this alternative are described.

Exhibit 4: Figure 4.14: Alternative 4: Stakeholder Overview.

Figure 4.14: Alternative 4: Stakeholder Overview

Filing Community

To sustain the integrity of the PKI environment, the FD and LDA filing community would face additional scrutiny with regards to proof of identification. Verifying the identity of users of a PKI is paramount to the health of the security that the PKI provides. Filers would need to provide proof of identification before they would be allowed to submit electronically. Filers could provide proof of identity and sign an agreement for authorized use in person at the LRC. Another method could involve submitting a request through the mail by providing a notarized letter using official letterhead.

Legislative Computer Services

The implementation of a PKI would require the LCS to develop an understanding and a competency of a number of additional technical areas. In addition to the basic Internet components associated with electronic filing detailed in Section 4.3.2, Alternative 2: Imaging/Workflow System with Electronic Filing with Basic Encryption, the LCS would be responsible for the operation of the PKI and the technology components if operated in-house. The technology components include new software and hardware, as well as new policies and procedures that address sustaining a PKI environment.

Legislative Resource Center

General Public

Federal Election Commission and Office of Human Resources

Committee on Standards of Official Conduct

4.3.4.2 Technology Description

Figure 4.15: Alternative 4: Technology Overview presents an overview of the technology infrastructure associated with this alternative. The following discussion provides a high-level overview of the information technology components.

Exhibit 4: Figure 4.15: Alternative 4: Technology Overview.

Figure 4.15: Alternative 4: Technology Overview

Imaging/Workflow System Components

· FEC and OHR Interfaces. The automation of data that has been previously entered by hand is critical to improving data integrity and accuracy. Telecommunication links could be established with the FEC to allow for the timely upload of candidate data into the FD application. Although a high-speed telecommunication link is preferable, the alternative of loading the information via tape is a viable alternative. Automated interfaces could also be developed to accept payroll data from OHR for subsequent input into the FD application.

Electronic Filing Components

· Web-based Forms Application. A web-based forms application would be developed that would allow filers to dynamically fill out their FD and LDA forms.

Public Key Infrastructure Components

If the Clerk develops and operates an in-house PKI, the PKI technology components described in Section 3.3, Alternative 3: Imaging/Workflow System with Electronic Filing and Outsourced PKI, would still be needed. Those technology components are summarized as the following:

· Certificates. This unique certificate, when provided with an electronic submission of the FD or LDA forms, would provide non-repudiation of identity of the filer.

· Certificate Authority. The primary function of the CA is to generate and manage the public key certificates that bind the user’s identity with the user’s public key. In order to perform this function, a CA must provide various services to the users of the certificates. Major services performed by a CA include certificate generation, authorization, and maintenance. CA products include GTE Cybertrust, Spyrus/Signet CA, Entrust WebCA, IBM Registry, and VeriSign On-Site.

· Directory Servers. The directory server is responsible for maintaining the actual certificates and user identification pairs for future authentication purposes.

· Root Authority. A Root Authority is the single point of trust at the top of a certification hierarchy of a PKI.

4.3.4.3 High-Level Business Needs Evaluation

This alternative was evaluated based on its ability to meet the high-level business needs as presented in Section 1.1.1 Needs Based Criteria. Figure 4.16: Alternative 4: Evaluation of High-Level Business Needs presents a summary of the evaluation of the high-level business needs.

Criteria	Criteria Rating	Comment
Input Capabilities	Fully	· This alternative reduces the inefficiencies and errors associated with data input. Automated interfaces for files received from the FEC and the OHR would eliminate the need for manual keying of hard copy reports. · OCR/ICR functionality speeds the input of document index information. ·
Processing Capabilities	Fully	· Workflow functionality would improve quality assurance by proving the mechanism to administer controls associated with the FD and LDA processing cycle. · The core imaging system would incorporate logic to automate filer compliance.
Output Capabilities	Fully	· Standard report writing would be a component of the core imaging system. · The Xerox Docutech printer would be supported and allow for on-demand printing.
Query Capabilities	Fully	· Core system would include flexible, easy to use record query capabilities.
Storage Capabilities	Fully	· Image storage would be in a non-proprietary format.
Technology Capabilities	Fully	· This alternative provides enhanced capabilities for electronic filing and signature verification. Implementation of PKI provides non-repudiation of electronic LDA and FD submissions. This functionality is not in the Imaging/Workflow System, with Electronic Filing and Basic Encryption alternative.
Application Controls and Security Capabilities	Fully	· This alternative provides increased protection of data submitted electronically, along with non-repudiation assurances.
Data Integrity Control Capabilities	Fully	· Data integrity controls are improved through the use of workflow functionality and automated interfaces. · Field edits and error checking logic would be enhanced for all alternatives under consideration.
Key: Partially-Partially meets criteria Fully-Fully meets criteria

Figure 4.16: Alternative 4: Evaluation of High-Level Business Needs

4.3.4.4 Implementation Issues

There are number of implementation issues that need to be considered when evaluating whether to implement an in-house PKI. The primary implementation issues are:

· In-House PKI Implementation Issues. The Clerk has the option of operating its own CA in-house or outsourcing some or most of the CA functions to a service provider, as described in the previous alternative. To operate the CA in-house, certificate management software is purchased from a vendor and used within the Clerk. The Clerk would operate the Registration Authority function, CA function, and all repository functions as well. A vendor could potentially provide training, installation and software support. Maintaining the PKI

in-house would introduce many new areas of responsibility for the Clerk.

· Clerk-Wide vs. House-Wide Implementation of PKI. As described in the previous alternative, the Clerk should assess the investment costs associated with implementing a PKI infrastructure specific to the Clerk if House-wide

Cost-Benefit Analysis of Viable System Alternatives

This exhibit presents the cost-benefit analysis for the four system alternatives that were identified as viable solutions for replacing the current Financial Disclosure (FD) and Lobby Disclosure

Act (LDA) applications. This cost-benefit analysis includes a methodology section that identifies the resources used to collect information to identify cost factors, as well as the steps followed to analyze the costs and benefits of the viable system alternatives. The results presented include a cost comparison of the existing system and the four system alternatives. A cost sensitivity analysis and a qualitative analysis are also included.

5.1 Methodology

The objective of the cost-benefit analysis was to analyze the viable system alternatives detailed in the Exhibit 4, Feasibility Study and to examine the costs and benefits for implementing each alternative. The cost-benefit analysis presents cost estimates for the existing system and the four viable system alternatives.

The cost-benefit analysis was based on a multi-step process that began with the development of assumptions and identification of cost factors, and resulted in a cost summary for the existing system and the four viable system alternatives. The multi-step process was composed of three steps listed below, followed by a description of each step:

· System Alternative Cost-Benefit Analysis.

· Cost Sensitivity Analysis.

· Qualitative Analysis.

5.1.1 System Alternative Cost Analysis

In Exhibit 4, Feasibility Study, information was presented on the viable system options for replacing the current FD and LDA system. For the cost-benefit analysis presented in this exhibit, estimated or preliminary cost data was collected and cost estimates were developed for inclusion in a cost model.

The cost model was used to analyze the costs of the existing system and the viable system alternatives. The cost data was collected from a variety of sources, including interviews with House personnel, software and hardware vendors, subject matter experts, and other legislative bodies. The cost analysis for the existing system and the four system alternatives comprised the following steps:

· Development of Assumptions.

· Identification of Cost Factors.

· Cost Comparison Analysis of Alternatives.

Each of the cost analysis steps is included below.

5.1.1.1 Development of Assumptions

The system alternatives cost analysis used the following general assumptions:

· Salary and Fringe Benefits. Actual salaries and an average fringe benefit rate of 29.55 percent for the personnel costs were used for salary and fringe benefit calculations for the existing system.[21] For personnel changes (additions or reductions), a salary of $62,000 based on a Grade 10, Step 6 position as of January 1, 1998 was used.

· Cost Factor Escalation. Personnel costs (salary and fringe benefits) were escalated by 4 percent per year to represent cost-of-living increases.

· Time Period of Analysis. A five-year time period was used in this evaluation.[22]

· Net Present Value and Discount Factor. The net present value calculation was used to discount future costs using a discount rate of 7 percent.[23]

5.1.1.2 Identification of Cost Factors

The applicable cost factors listed below were identified by using the House’s System Development Life Cycle (SDLC) procedures for performing a cost-benefit analysis and by using guidelines from the General Services Administration (GSA) Information Technology Planning and Investment Guide.

· Non-recurring costs are costs that occur in the first year of the analysis and are primarily costs for installation of software, software purchases and customization, hardware purchases, conversion/testing charges, training, and certificate management related charges.

Non-recurring costs are assumed to be incurred during the first year of the analysis time period and are not discounted.

· Recurring costs are costs that are incurred on an annual basis throughout the time period of the analysis, including the first year. The recurring costs include personnel salaries and fringe benefits, computer hardware (lease and maintenance), computer software (licenses and maintenance), and external vendor services. The recurring costs for each year are discounted using net present value.

5.1.1.3 Cost-Benefit Estimation of Alternatives

The cost estimates presented in this analysis are based on the following:

· Vendor Quotes. Vendors were contacted and the high-level requirements of the alternative systems were discussed to obtain software, hardware, and implementation costs. At least two vendor quotes were obtained for all estimates.

· Independent Research Organizations. Cost and product data from organizations such as Gartner Group, Faulkner, and Forrestor were also collected.

· Technology Specialists. Specialists in imaging, electronic filing, and Public Key Infrastructure (PKI) technology were interviewed to develop and refine costs estimates for the alternatives.

The cost factors included in this evaluation represent the high-level “primary” costs to support the system alternatives. Cost factors not included in the evaluation include facilities and utility cost, personnel overhead, and supplies. The actual costs to implement the alternatives could vary significantly from these cost estimates during implementation due to the specific applications and requirements chosen by the Clerk. All cost estimates presented in this evaluation are rounded to the nearest thousand.

For this evaluation, benefits are defined as cost savings resulting from implementing the alternatives instead of continuing operation of the existing system. These benefits occur due to cost savings primarily from labor costs savings and reduced hardware and software maintenance costs. Benefits are included, where applicable, in the cost analysis of the alternatives and are represented as costs that are lower than the existing system.

5.1.2 Cost Sensitivity Analysis

The next step after performing the cost analysis was to perform a sensitivity analysis. This sensitivity analysis was performed to determine the impact of changes to the cost factors and assumptions used in this evaluation. The cost sensitivity analysis will provide management with additional information when analyzing the alternatives discussed in this evaluation.

5.1.3 Qualitative Analysis

A qualitative, or non-quantifiable, factor analysis was performed for each alternative. Qualitative factors were identified and assessed for each system alternative. The purpose of this analysis was to identify additional criteria factors to analyze the alternatives. The qualitative analysis methodology was composed of the following steps:

· Identification of Qualitative Factors. Six qualitative categories to assess the system alternatives were identified and defined: stakeholder needs and constraints, management control, security risk, commercial acceptance, Office of the Clerk (Clerk) organizational impact, and filing community impact. These categories represent qualitative, or non-quantifiable, attributes of the system alternatives.

· Analysis of Qualitative Factors. The six qualitative factors were analyzed for each alternative, and an assessment was developed that presented the issues associated with each factor.

5.2 System Alternative Cost Analysis

The system alternative cost analysis section presents the results of the cost analysis for the existing system and each system alternative. The cost analysis presentation is organized as follows:

· Cost Analysis Summary.

· Existing System.

· Imaging/Workflow System.

· Imaging/Workflow, with Electronic Filing and Basic Encryption.

· Imaging/Workflow, with Electronic Filing and an Outsourced[24] PKI.

· Imaging/Workflow, with Electronic Filing and an In-house PKI.

In each section, the non-recurring and recurring cost factors are discussed.

5.2.1 Cost Analysis Summary

Figure 5.1: Existing System and Alternative Costs Analysis on the following page presents a summary of the non-recurring and recurring cost estimates for the existing system and the four viable system alternatives. The figure presents five-year total cost estimates discounted using a present value calculation. This was done to provide an overall five-year lifecycle cost estimate of the existing system and each alternative.

As described in Exhibit 4, Feasibility Study, the alternatives build upon each other in terms of functionality and cost. For example, the estimated costs and functionality of the Imaging/Workflow alternative are included in all four alternatives. Additionally, the estimated costs and functionality for electronic filing in the Imaging/Workflow with Electronic Filing and Basic Encryption alternative are included in the remaining alternatives. The alternatives with PKI functionality differ only in terms of the estimated costs of outsourcing the PKI function versus maintaining the function in-house (by the Clerk).

Figure 5.1: Existing System[25] and Alternative Cost Analysis

The results of the cost analysis indicate that the estimated costs to implement each of the alternative systems are more expensive than the existing system over the five-year period. However, the alternatives do provide additional functionality over the existing system and better meet the evaluation criteria defined in this evaluation, as presented in Exhibit 4, Feasibility Study.

The total estimated costs for the Imaging/Workflow System are slightly higher than the existing system over the five-year period, primarily because of the non-recurring implementation costs. The recurring costs of the Imaging/Workflow System are less than the existing system recurring costs. For this alternative, we estimated that benefits would be achieved through lower recurring hardware and software maintenance costs.

The estimated costs for the Imaging/Workflow System with Electronic Filing and Basic Encryption are higher than the existing system, primarily because of the

non-recurring implementation costs and the slightly higher recurring costs. For this alternative, it was estimated that benefits would be achieved through lower labor costs (in terms of salaries and fringe benefits) for forms processing. However, it was estimated that additional labor costs would be incurred for computer support due to the additional electronic filing functionality.

The estimated costs for both the Imaging/Workflow System with Electronic Filing and an Outsourced PKI and Imaging/Workflow System with Electronic Filing and an In-House PKI are significantly higher than the existing system. Both alternatives require significant non-recurring implementation costs and the recurring costs are higher than the existing system. The cost estimates for the In-House PKI alternative are significantly higher than the Outsourced PKI alternative due to the additional staff resources and software license and maintenance costs required.

The following discussion presents the cost analysis for the existing system and each of the four viable alternatives. The cost estimates presented are preliminary cost estimates and can be considered minimum costs that would be incurred in implementing the alternatives. Additionally, actual implementation of the alternatives may result in varied functionality and different technical components than those presented in this evaluation and would therefore differ in costs.

5.2.2 Existing System

In the discussion below, the non-recurring and recurring cost estimates for this existing system are presented. Figure 5.2: Summary of Imaging/Workflow System Costs below summarizes the non-recurring and recurring cost estimates.

Category	Estimated Costs
Non-Recurring Costs	$0
Recurring Costs	$2,978,000
Total Estimated Costs	$2,978,000

Figure 5.2: Summary of Imaging/Workflow System Costs

5.2.2.1 Non-Recurring Costs

There are no non-recurring costs for the existing system. Costs associated with conversion/testing, software customization, hardware and software purchase, and training had been previously incurred when the existing system was originally developed. Thus, the non-recurring costs to develop the existing system are considered sunk costs and not included in the analysis of this existing system.

5.2.2.2 Recurring Costs

Figure 5.3: Existing System - Recurring Cost Estimates on the following page presents the recurring cost estimates for the existing system. The recurring costs for the existing system were determined by reviewing current vendor invoices and by interviews with Legislative Resource Center (LRC) and Legislative Computer Systems (LCS) staff. The figure presents: the annual recurring cost estimates, and a five-year total of recurring costs discounted using the net present value calculation. These recurring costs are incurred on an annual basis throughout the five-year period of the analysis.

Exhibit 5: Figure 5.3: Existing System - Recurring Cost Estimates. Figure 5.3: Existing System - Recurring Cost Estimates

Personnel Salaries and Fringe Benefits

The recurring personnel salaries and fringe benefits for the existing system include the staff to support the current FD and LDA applications. Personnel from the LRC, LCS, and House Information Resources (HIR) currently support the existing system. Listed below is a description of the staff resources dedicated to supporting the FD and LDA applications from the associated House office.

· Legislative Resource Center staff dedicated to processing the FD and LDA submissions include seven full-time staff and approximately 50 percent of the efforts of another four full-time staff.

· Legislative Computer Systems staff dedicated to maintaining the computer systems associated with the FD and LDA applications include 40 percent of the efforts of one full-time staff member.

· House Information Resources staff dedicated to maintaining the mainframe component of the FD and LDA system includes approximately 20 percent of the efforts of one full-time staff member.

Hardware (Lease and Maintenance)

The recurring hardware lease and maintenance costs for the existing system include the costs associated with operating the mainframe system, maintaining the OSAR optical disc storage system, and licensing and maintaining two scanners used for forms processing. The specific cost factors for the existing system and the four alternatives include:

· Mainframe Costs includes the lease and maintenance costs associated with the mainframe hardware.

· OSAR Optical Disk Storage Maintenance includes the maintenance costs for the optical disk storage system.

· Other Hardware Maintenance includes any other related peripheral hardware.

· Scanner License and Maintenance includes the license and maintenance fees associated with the current scanners.

· New Scanner License and Maintenance includes the license and maintenance costs for the new scanners, where pertinent.

· New Optical Disk Storage Maintenance includes the license and maintenance costs for the new optical storage system, where pertinent.

Software (License and Maintenance)

The recurring software license and maintenance costs for the existing system include the costs associated with the current image system software and RS-6000 license and maintenance fees. This cost category also includes maintenance and license fees for other software associated with the existing system (i.e., database management software and printer servers). The specific cost factors for the existing system and the four alternatives include:

· Image System Software License and Maintenance includes the license and maintenance costs associated with the current imaging system.

· RS-6000 Server License and Operating System includes the license and maintenance fees associated with the current RS-6000 servers and operating system.

· Other Software License and Maintenance includes the license and maintenance fees for other system software components.

· PKI Annual License and Maintenance includes the annual license and maintenance fees associated with a PKI. The existing system does not include these functions.

· New Imaging System Maintenance includes the maintenance fees associated with the new imaging system software.

External Vendor Services

External vendor services are not used in the existing system.[26]

5.2.3 Alternative 1: Imaging/Workflow System

In the discussion below, the non-recurring and recurring cost estimates for this alternative are presented. Figure 5.4: Summary of Imaging/Workflow Costs below summarizes the non-recurring and recurring cost estimates.

Category	Estimated Costs
Non-Recurring Costs	$388,000
Recurring Costs	$2,663,000
Total Estimated Costs	$3,051,000

Figure 5.4: Summary of Imaging/Workflow System Costs

5.2.3.1 Non-Recurring Costs

Figure 5.5: Imaging/Workflow System - Non-Recurring Cost Estimates below presents the non-recurring cost estimates for the Imaging/Workflow System alternative. The figure presents cost estimates that would be incurred to support a new imaging/workflow system for the FD and LDA applications. These non-recurring costs are incurred during the first year of the alternative. Each of the cost factors is discussed below.

Exhibit 5: Figure 5.5: Imaging/Workflow System - Non-Recurring Cost Estimates.

Figure 5.5: Imaging/Workflow System - Non-Recurring Cost Estimates

Conversion/Testing

This cost category includes the estimated costs to convert the approximately 157 gigabytes of image data stored on 12’’ Write-One-Read-Many (WORM) optical storage platters to the 5.2GB WORM optical storage disks. This cost factor was estimated based on a vendor quote for data conversion services.

Software Integration/Customization

This cost category includes the estimated costs to customize the workflow scripts and document capture processes associated with the application workflow module, to develop programs for supporting the OCR/ICR processing module, and also to develop the automated interfaces with the Federal Election Commission (FEC) and the Office of Human Resources (OHR). Costs for software integration/customization for this alternative was based on estimates derived from knowledge obtained from similarly scoped projects.[27]

Hardware Purchase

This cost category includes the estimated costs associated with purchasing the magneto-optical disc storage unit and one additional external magneto-optical disk drive. Also included are 5.2GB optical storage disks, two peripheral scanners and two workstations for the imaging system. This cost category also includes the estimated costs for the purchase of a digital-linear tape backup system. The estimated costs for the hardware components for this alternative were obtained from vendor quotes.

Software Purchases

This cost category includes the estimated cost to purchase the software utilities required for the imaging/workflow system. This includes software used for the optical disk storage unit, the imaging system, the scanners, and the OCR/ICR processing engine. The cost estimates were based on vendor quotes.

Training

This cost category includes the estimated cost for a vendor administered imaging system and OCR/ICR forms processing training course for two staff members. The estimated costs for the hardware components for this alternative were obtained from vendor quotes.

Certificate Authority (CA) Set-Up/Initialization

This cost category refers to establishing an external certificate authority and is applicable only in Alternative 3.

5.2.3.2 Recurring Costs

Figure 5.6: Imaging/Workflow System - Recurring Cost Estimates below presents the recurring cost estimates for this alternative. The figure presents the annual recurring cost estimates, and a five-year total of recurring costs discounted using the net present value calculation. These recurring costs are incurred on an annual basis throughout the five-year period of the analysis.

Exhibit 5: Figure 5.6: Imaging/Workflow System - Recurring Cost Estimates.

Figure 5.6: Imaging/Workflow System - Recurring Cost Estimates

Personnel Salaries and Fringe

The recurring personnel salaries and fringe benefits for this alternative include the staff to support the new FD and LDA applications from the LRC and LCS. Listed below is a description of the staff resources dedicated to supporting this alternative.

· Legislative Resource Center staff dedicated to processing the FD and LDA submissions for this alternative include a reduction of 20 percent in forms processing labor resources from the existing system due to the estimated efficiencies gained by this technology.[28]

· Legislative Computer Systems staff dedicated to maintaining the computer systems associated with the FD and LDA applications include the addition of one full-time System Administrator position to the LCS staff. The additional System Administration position is being created to assist with maintaining the additional system complexities associated with this alternative.

· House Information Resources staff resources are eliminated because the mainframe component of the existing system is no longer necessary.

Hardware (Lease and Maintenance)

The primary difference in the recurring hardware costs from the existing system is the elimination of the lease and maintenance costs for the current FileNet optical storage system and the costs associated with the Bell & Howell and the Kodak scanners[29] currently used in the LRC. These three components would be replaced with a new optical storage system and two new scanners that have less recurring costs for license and maintenance. Lease and maintenance costs for other hardware components, such as servers and a tape backup system, are also included in this cost category.

Software (License and Maintenance)

The recurring software costs for this alternative would include the elimination of the costs associated with the FileNet imaging system and the RS-6000 server and operating system license/maintenance. Software lease and maintenance fees for a new imaging system and for other related software programs are included in this cost category.

External Vendor Services

External vendor services are not pertinent since the use of external vendors is not part of this alternative.

5.2.4 Alternative 2: Imaging/Workflow System, with Electronic Filing and Basic Encryption

In the discussion below, non-recurring and recurring cost estimates for this alternative are presented. These estimates include both the cost and functionality as described in Section E.2.3, Imaging/Workflow System of this evaluation. Figure 5.7: Summary of Imaging/Workflow System, with Electronic Filing and Basic Encryption Costs below summarizes these estimated costs.

Category	Estimated Costs
Non-Recurring Costs	$582,000
Recurring Costs	$3,073,000
Total Estimated Costs	$3,655,000

Figure 5.7: Summary of Imaging/Workflow System, with Electronic Filing and Basic Encryption Costs

5.2.4.1 Non-Recurring Costs

Figure 5.8: Imaging/Workflow System, with Electronic Filing and Basic Encryption–

Non-Recurring Costs Estimates below presents the non-recurring cost estimates for this alternative. The figure presents cost estimates that would be incurred to support a new imaging/workflow system and electronic filing with basic encryption for the FD and LDA applications. These non-recurring costs are incurred during the first year of the alternative.

Exhibit 5: Figure 5.8: Imaging/Workflow System With Electronic Filing and Basic Encryption - Non-Recurring Cost Estimates.

Figure 5.8: Imaging/Workflow System, with Electronic Filing and Basic Encryption–Non-Recurring Cost Estimates

Conversion/Testing

This cost category does not introduce any new conversion/testing costs, but does include those noted in the previous alternative: conversion of image data from optical storage platters to optical storage disks.

Software Integration/Customization

This cost category includes the estimated costs to customize the web-based forms application used for electronic submission of FD and LDA forms. The customization costs were determined by a vendor estimate based on projects of similar scope. The software integration/customization cost category also contains the following costs as noted in the previous alternative: customization of the workflow scripts and document capture processes associated with the workflow application, programs for OCR/ICR processing, and the development of an automated interface with FEC and OHR.

Hardware Purchase

This cost category includes the estimated costs associated with the purchase of a web and firewall server, and an index database management server. The estimated costs for the hardware components for this alternative were obtained from vendor quotes. The hardware purchase category for this alternative also contains the following costs as noted in the previous

alternative: magneto-optical disc storage unit, one additional external magneto-optical disk drive, optical storage disks, two peripheral scanners and two workstations for the imaging system, and a digital-linear tape backup system.

Software Purchases

This cost category includes the estimated costs for the index database management system, the Internet firewall, and the web-based forms authoring software. The estimated costs for the software components for this alternative were obtained from vendor quotes. The software purchase category for this alternative also contains the following costs as noted in the previous alternative: software utilities for the imaging/workflow, the optical disk storage unit, the scanners, and the OCR/ICR processing engine.

Training

This cost category includes the estimated cost for three staff members to attend a

vendor-administered course for web-based forms authoring. The estimated costs for the training associated with this alternative were obtained from vendor quotes. This cost category also contains the cost for an OCR/ICR forms processing training course for two staff members as noted in the previous alternative.

CA Set-Up/Initialization

This cost category refers to establishing an external certificate authority and is applicable only in Alternative 3.

5.2.4.2 Recurring Costs

Figure 5.9: Imaging/Workflow System, with Electronic Filing and Basic Encryption - Recurring Costs Estimates below presents the recurring cost estimates for this alternative. The figure presents the annual recurring cost estimates, and a five-year total of recurring costs discounted using the net present value calculation. These recurring costs are incurred on an annual basis throughout the five-year period of the analysis. Discussion of the recurring cost components associated with this alternative is included on the following page.

Exhibit 5: Figure 5.9: Imaging/Workflow System With Electronic Filing and Basic Encryption - Recurring Cost Estimates.

Figure 5.9: Imaging/Workflow System, with Electronic Filing and Basic Encryption-

Recurring Cost Estimates

Personnel Salaries and Fringe Benefits

The recurring personnel salaries and fringe benefits for this alternative include the staff to support the current FD and LDA applications from the LRC and LCS. Listed below is a description of the staff resources dedicated to supporting this alternative.

· Legislative Computer Systems staff dedicated to maintaining the computer systems associated with the FD and LDA applications include 40 percent of the efforts of one full-time staff member and the addition of two System Administrator positions to the LCS staff. The additional System Administration positions are being created to assist with maintaining the additional system complexities associated with this alternative.

· House Information Resources staff resources are eliminated because the mainframe component of the existing system is no longer necessary.

Hardware (Lease and Maintenance)

Estimated lease and maintenance costs for other hardware components, such as servers, are included in this cost category. Also included in this cost category are costs noted in the previous alternative for the following: hardware license/maintenance costs for the new optical storage system, two new scanners, and a tape backup system.

Software (License and Maintenance)

Estimated license and maintenance costs for the software components associated with the web-based forms application are included in this cost category. Also included in this category are costs noted in the previous alternative for the following: software maintenance fees for a new imaging system and other related software.

External Vendor Services

External vendor services are not pertinent since the use of external vendors is not part of this alternative.

5.2.5 Alternative 3: Imaging/Workflow, with Electronic Filing and an Outsourced PKI

The non-recurring and recurring cost estimates for this alternative are presented in the discussion below. Figure 5.10: Summary of Imaging/Workflow with Electronic Filing and an Outsourced PKI Costs below summarizes these estimated costs for this alternative. These estimated costs also include both the cost and functionality as described in Section 5.2.4, Imaging/Workflow System, with Electronic Filing and Basic Encryption, of this evaluation.

Category	Estimated Costs
Non-Recurring Costs	$725,000
Recurring Costs	$3,385,000
Total Estimated Costs	$4,110,000

Figure 5.10: Summary of Imaging/Workflow with Electronic Filing and an Outsourced

PKI Costs

5.2.5.1 Non-Recurring Costs

Figure 5.11: Imaging/Workflow System with Electronic Filing and an Outsourced PKI –

Non-Recurring Cost Estimates below presents the non-recurring cost estimates for this alternative. The figure below presents cost estimates that would be incurred to support a new imaging/workflow with electronic filing and an outsourced PKI for the LDA and FD applications. These non-recurring costs are incurred during the first year of the alternative.

Exhibit 5: Figure 5.11: Imaging/Workflow System With Electronic Filing and an Outsourced PKI - Non-Recurring Cost Estimates.

Figure 5.11: Imaging/Workflow System with Electronic Filing and an Outsourced PKI –

Non-Recurring Cost Estimates

Conversion/Testing

This cost category includes the estimated costs associated with systems testing.[31] The conversion/testing costs factor for this alternative also contains the following cost as noted in the previous alternative: the conversion of image data from optical storage platters to optical storage disks.

Software Integration/Customization

This cost category does not introduce any new software/customization costs, but does include costs that were presented in the previous alternative for the following: customization of the workflow scripts, integration of the document capture processes associated with the workflow application, and customization of web-based forms application.

Hardware Purchase

This cost category includes costs for the purchase of two servers to house the PKI related certificate management and directory functions. The hardware purchase costs category factor for this alternative also contains the following costs as noted in the previous alternative: a magneto-optical disc storage unit, one additional external magneto-optical disk drive, optical storage disks, two peripheral scanners, two workstations for the imaging system, a digital-linear tape backup system, web and firewall servers, and an index database management server.

Software Purchase

There are no new software purchase costs associated with an outsourced PKI. The software purchase cost category for this alternative contains the following costs as noted in the previous alternative: software utilities for the imaging/workflow, the optical disk storage unit, the scanners, OCR/ICR processing engine, an index database management system, the Internet firewall, and the web-based forms authoring software.

Training

This cost category includes the estimated costs for a two-day PKI orientation class for two staff members. The estimated training costs for this alternative were obtained from vendor quotes. This cost category for this alternative also contains the following costs as noted in the previous alternative: OCR/ICR forms processing training course for two staff members, and web-based forms authoring training course for three staff members.

CA Set-Up/Initialization

This costs category includes the estimated costs associated with establishing the PKI service with an outsourcing vendor.

5.2.5.2 Recurring Costs

Figure 5.12: Imaging/Workflow System with Electronic Filing and an Outsourced PKI - Recurring Cost Estimates below presents the recurring cost estimates for this alternative. The figure presents the annual recurring cost estimates, and a five-year total of recurring costs discounted using the net present value calculation. These recurring costs are incurred on an annual basis throughout the five-year period of the analysis.

Exhibit 5: Figure 5.12: Imaging/Workflow System With Electronic Filing and an Outsourced PKI - Recurring Cost Estimates.

Figure 5.12: Imaging/Workflow System with Electronic Filing and an Outsourced PKI - Recurring Cost Estimates

Personnel Salaries and Fringe Benefits

· Legislative Resource Center staff dedicated to processing the FD and LDA submissions for this alternative include a reduction of resources by 20 percent due to the efficiencies gained by the imaging technology. The functionality introduced by this alternative may also present other efficiencies associated with electronic filing.

· Legislative Computer Systems staff dedicated to maintaining the FD and LDA computer systems includes 40 percent of the efforts of one full-time staff member, and the addition of one System Administrator position and one staff member dedicated to certificate management functions. The additional positions for this alternative are being created to assist with maintaining the additional system complexities associated with this alternative.

· House Information Resources staff resources are eliminated because the mainframe component of the existing system is no longer necessary.

Hardware (Lease and Maintenance)

Estimated lease and maintenance costs for other hardware components, such as servers, are included in this cost category. Also included in this cost category are costs noted in the previous alternative for the following: the hardware license/maintenance costs for the new optical storage system and the two new scanners.

Software (License and Maintenance)

This cost category does not introduce any new costs, but does include the software maintenance fees for a new imaging system cost as noted in the previous alternative.

External Vendor Services

Estimated costs for PKI vendor hosting services under this alternative is included in this cost category.

5.2.6 Alternative 4: Imaging/Workflow, with Electronic Filing and an In-house PKI

In the discussion below, the non-recurring and recurring cost estimates for this alternative are presented. Figure 5.13: Summary of the Imaging/Workflow with Electronic Filing and an In-house PKI Costs below summarizes these estimated costs for this alternative. These estimated costs also include both the cost and functionality as described in Section 5.2.4, Imaging/Workflow System, with Electronic Filing and Basic Encryption, of this evaluation.

Category	Estimated Costs
Non-Recurring Costs	$1,549,000
Recurring Costs	$4,326,000
Total Estimated Costs	$5,875,000

Figure 5.13: Summary of the Imaging/Workflow with Electronic Filing and an In-house PKI Costs

5.2.6.1 Non-Recurring Costs

Figure 5.14: Imaging/Workflow System with Electronic Filing and an In-house PKI –

Non-Recurring Cost Estimates below presents the non-recurring cost estimates for this alternative. The figure below presents cost estimates that would be incurred to support a new imaging/workflow with electronic filing and an in-house PKI environment for the LDA and FD applications. These non-recurring costs are incurred during the first year of the alternative.

Exhibit 5: Figure 5.14: Imaging/Workflow System With Electronic Filing and an In-house PKI - Non-Recurring Cost Estimates.

Figure 5.14: Imaging/Workflow System with Electronic Filing and an In-house PKI –

Non-Recurring Cost Estimates

Conversion/Testing

This cost category includes the estimated costs for systems testing for the PKI environment. These estimated costs for conversion/testing were obtained from vendor quotes. The conversion/testing cost category also includes the following costs as presented in the previous alternative: conversion of image data from optical storage platters to optical storage disks.

Software Integration/Customization

This cost category includes the estimated costs to install and integrate the software modules for the PKI environment.[32] The software integration/customization cost category also includes the following costs as presented in the previous alternative: customization of the workflow scripts, integration of the document capture processes associated with the workflow application, and customization of web-based forms application.

Hardware Purchase

This cost category includes the estimated costs to purchase two servers dedicated to the in-house PKI environment. The estimated costs for the hardware purchase for this alternative was obtained from vendor quotes. The hardware purchase cost category also includes the following costs as presented in the previous alternative: a magneto-optical disc storage unit, one additional external magneto-optical disk drive, optical storage disks, two peripheral scanners, two workstations for the imaging system, a digital-linear tape backup system, web and firewall servers, and an index database management server.

Software Purchase

This cost category includes the estimated costs to purchase the software components to perform the PKI certificate management and directory functions. The estimated costs for the software purchase for this alternative were obtained from vendor quotes. The software purchase costs category also includes the following costs as presented in the previous alternative: purchase of software utilities for the imaging/workflow, the optical disk storage unit, the scanners, and the OCR/ICR processing engine, an index database management system, the Internet firewall, and the web-based forms authoring software.

Training

This cost category includes the estimated costs for a five-day PKI orientation course for six staff members. The estimated training costs for this alternative were obtained from vendor quotes.

This cost category also includes the following costs as presented in the previous alternative: OCR/ICR forms processing training course for two staff members, and web-based forms authoring training course for three staff members.

CA Set-Up/Initialization

This cost category refers to establishing an external certificate authority and is applicable only in Alternative 3.

5.2.6.2 Recurring Costs

Figure 5.15: Imaging/Workflow System with Electronic Filing and an In-house PKI –Recurring Cost Estimates on the following page presents the recurring cost estimates for this alternative. The figure presents the annual recurring cost estimates, and a five-year total of recurring costs discounted using the net present value calculation. These recurring costs are incurred on an annual basis throughout the five-year period of the analysis.

Exhibit 5: Figure 5.15: Imaging/Workflow System With Electronic Filing and an In-house PKI - Recurring Cost Estimates.

Figure 5.15: Imaging/Workflow System with Electronic Filing and an In-house PKI –

Recurring Cost Estimates

Personnel Salaries and Fringe Benefits

· Legislative Resource Center staff dedicated to processing the FD and LDA submissions for this alternative include a reduction of resources by 20 percent due to the efficiencies gained by the imaging/workflow technology. The functionality introduced by this alternative may also present other efficiencies associated with electronic filing.

· Legislative Computer Systems staff dedicated to maintaining the FD and LDA computer system includes 40 percent of the efforts of one full-time staff member, and the addition of two System Administrator positions and one staff member dedicated to certificate management functions for the in-house PKI scenario.

· House Information Resources staff resources are eliminated because the mainframe component of the existing system is no longer necessary.

Hardware (Lease and Maintenance)

This cost category includes estimated costs associated with hardware lease and maintenance costs for the servers associated with this alternative. The hardware lease and maintenance costs category also includes costs noted in the previous alternative for the following: the hardware license/maintenance costs for the new optical storage system, and the two new scanners.

Software (License and Maintenance)

The software license and maintenance costs for this alternative includes estimated annual charges for the in-house PKI related software. This estimated cost includes charges for the certificate management software and digital certificate license fees. This alternative also includes the software lease and maintenance costs noted in the previous alternative for the software maintenance fees for a new imaging system.

External Vendor Services

External vendor services are not pertinent since the use of external vendors is not part of this alternative.

5.3 Cost Sensitivity Analysis

A sensitivity analysis was conducted on the estimated costs (non-recurring and recurring) for the four viable alternatives analyzed in this exhibit. The objective of the sensitivity analysis was to analyze changes to assumptions to determine the impact on the overall cost of the alternatives. Two scenarios for the sensitivity analysis were developed: Electronic Filing Efficiency Gains, and Increased Transition Costs which are presented below.

5.3.1 Electronic Filing Efficiency Gains

With the introduction of electronic filing capabilities, efficiencies may be realized with regards to the processing of the FD and LDA submissions. These efficiencies would occur primarily because of a reduction in hard copy form submissions. Areas where the greatest efficiencies could occur include the elimination of the scan and index functions associated with the current

forms processing. However, the exact extent of the efficiencies would depend on the number of filers that choose to file electronically.

In order to analyze the potential impact of efficiencies from electronic filing on the cost of the alternatives, the personnel salaries and fringe benefits cost factor associated with forms processing (LRC) for the three electronic filing alternatives were decreased by 25 percent.[33]

Figure 5.16: Sensitivity Analysis - Electronic vs. Hardcopy Submission Efficiency Gains on the following page presents the results of the sensitivity analysis for this scenario. The results indicate that the total estimated costs for two alternatives ¾ Imaging/Workflow with Electronic Filing and Basic Encryption and Imaging/Workflow with Electronic Filing and an Outsourced PKI ¾ are now only slightly higher than the existing system and the Image/Workflow System.

Exhibit 5: Figure 5.16: Sensitivity Analysis - Electronic vs Hardcopy Submission Efficiency Gains. Figure 5.16: Sensitivity Analysis - Electronic vs. Hardcopy Submission Efficiency Gains

A range of estimated reductions in LRC personnel salary and fringe benefit costs were also considered based on the corresponding percent of filers who submit FD and LDA forms electronically. For the purposes of this analysis, a straight-line decrease in LRC forms processing staff costs was assumed, proportional to the percentage of respondents who submit electronically. For example, 75 percent of filers submitting electronically would equate to a reduction of 37.5 percent decrease in LRC personnel costs. Figure 5.17: Sensitivity Analysis - Range of Electronic Filing Efficiency Gains on the following page represents the potential impact electronic filing submissions could have on the LRC forms processing staff costs.

Percent of Electronic Filers	100%	75%	50%	25%	0%
Estimated Reduction in LRC Personnel Costs[34]	50%	37.5%	25%	12.5%	0%
Total LRC Personnel Costs	$1,039,000	$1,319,530	$1,558,500	$1,818,250	$2,078,000
Difference from Alternatives (Cost Savings)	$1,039,000	$758,470	$519,500	$259,750	$0

Figure 5.17: Sensitivity Analysis - Range of Electronic Filing Efficiency Gains

5.3.2 Transition Cost Increases

Cost information was gathered from vendors based on the high-level business needs associated with the four viable alternatives noted in this evaluation. However, these estimated costs may differ from actual implementation costs due to the specific vendor chosen and the detailed requirements of the alternative. Therefore, a scenario was developed to examine the impacts of significantly higher implementation costs on each alternative.

The total transition costs associated with the four alternatives were increased by 50 percent to represent a scenario in which the up-front costs to implement the alternatives are significantly more expensive. Although software integration/testing, hardware purchase and software purchase have the greatest likelihood for increase, to reflect the possible increases in all categories, the 50 percent factor was applied to the overall non-recurring charge for each alternative. Figure 5.18: Sensitivity Analysis - Transition Cost Increases on the following page demonstrates the impact of the cost increases on the alternatives.

Exhibit 5: Figure 5.16: Sensitivity Analysis - Transaction Cost Increases. Figure 5.18: Sensitivity Analysis - Transition Cost Increases

5.4 Qualitative Analysis

In addition to the cost analysis and sensitivity analysis, an assessment of qualitative, or non-quantifiable, factors for the system alternatives was performed. The qualitative analysis was intended to provide additional evaluation criteria to analyze the alternatives.

Six qualitative factors were identified for use in analyzing the alternatives. A description of each of these factors is listed below.

· Stakeholder Needs and Constraints represent the extent to which each alternative satisfies the stakeholder needs and other constraints of the evaluation.

· Management Control represents the level of control that Clerk management has upon the outcomes, processes, schedules, and costs associated with an alternative.

· Security Risk represents the risks associated with application, network, and physical security for the implementation of an alternative.

· Commercial Acceptance represents the availability of knowledgeable customer support, upgrades, documentation, and proven success in the marketplace of an alternative.

· Clerk Organizational Impact represents the extent to which each alternative would impact the Clerk’s business processes associated with the FD and LDA applications.

· Filer Community Impact represents the extent to which the FD/LDA respondent community is impacted by the alternative.

Figure 5.19: Overall Results of Qualitative Analysis on the following page presents an assessment of the qualitative factors for each alternative.

Qualitative Factor	Image/ Workflow System	Image/Workflow System, w/ Electronic Filing and Basic Encryption	Image/Workflow System, w/ Electronic Filing and an Outsourced PKI	Image/Workflow System, w/ Electronic Filing and an In-house PKI
Stakeholder Needs and Constraints	This alternative addresses some of the needs and constraints used for the evaluation. Specifically, the entire system is within the confines of the Clerk. However, this alternative does not address the need for electronic filing capabilities.	This alternative addresses all of the high-level business needs and constraints, but does not address the issue of non-repudiation associated with electronic filing.	This alternative addresses all the high-level business needs and constraints identified for the evaluation.	This alternative addresses all the high-level business needs and constraints identified for the evaluation.
Management Control	Due to the mature nature of the vendor markets associated with this alternative, the Clerk should have extensive management control over the outcomes, processes, schedule and costs.	Due to the mature nature of the vendor markets associated with this alternative, the Clerk should have extensive management control over the outcomes, processes, schedule and costs.	Although there are many different PKI outsource models available, all of them present the possibility that the Clerk would need to relinquish some control over the issuance of digital certificates to respondents. The impact on the Clerk’s organization needs to be determined.	Over the next two years, the PKI market would experience enhanced pricing competition due to market entrants. This pricing competition would enhance the Clerk’s ability for management control.[35]
Security Risk	This alternative should not introduce any new security risks.	With the introduction of electronic filing capabilities and technology components, some additional risks are introduced. New risks include risk of non-repudiation associated with filings and the protection of new technology components.	Using an outsourced PKI provider introduces the risk of security that would be present in an external vendor’s environment. Although all PKI providers provide some level of security, assessing this risk component is sometimes difficult.	The technology components associated with this alternative allow for increased levels of confidentiality, data integrity and authentication. However, these technology components introduce additional risks associated with the protection of the technology components.

Qualitative Factor	Image/ Workflow System	Image/Workflow System, w/ Electronic Filing and Basic Encryption	Image/Workflow System, w/ Electronic Filing and an Outsourced PKI	Image/Workflow System, w/ Electronic Filing and an In-house PKI
Commercial Acceptance	The functionality and technology components associated with this alternative have a wide commercial acceptance.	The functionality and technology components associated with this alternative have a wide commercial acceptance.	As additional vendors enter the PKI market over the next two years, the market would experience greater maturity and the technology would become more widely accepted and supported.	As additional vendors enter the PKI market over the next two years, the market would experience greater maturity and the technology would become more widely accepted and supported.
Clerk Organizational Impact	The current processing method used for the FD and LDA applications would be impacted by this alternative due to changes to a portion of the current business processes (i.e., scanning, indexing methods).	The functionality introduced by this alternative would have a far reaching impact on the Clerk’s organization due to the introduction of a new method for filers to submit FD and LDA forms.	The functionality introduced by this alternative would present new responsibilities for the Clerk’s Office. Other offices within the House could potentially utilize the technology associated with this alternative.	The functionality introduced by this alternative would present new responsibilities for the Clerk’s Office. Other offices within the House could potentially utilize the technology associated with this alternative.
Filing Community Impact	The LDA and FD respondent community would experience little impact as a result of this alternative.	The introduction of electronic filing functionality would present new filing capabilities for the FD and LDA respondent community.	The introduction of electronic filing functionality would present new filing capabilities for the FD and LDA respondent community. This alternative also introduces additional user identification procedures that may impact filers.	The introduction of electronic filing functionality would present new filing capabilities for the FD and LDA respondent community. This alternative also introduces additional user identification procedures that may impact filers.

[1] UNIX is a common operating system used in computing and RS-6000 is a common mid-range server hardware component.

[2] OCR/ICR and workflow capabilities allow for improvements to the core document imaging functionality through optical character features and controlled flow of documents through the system.

[3] Non-repudiation refers to the ability to validate whether a filer actually signed or sent a document to the Clerk.

[4] For purposes of this study, outsourcing refers to administration of a system outside the confines of the Office of the Clerk. This could include outsourcing services provided by an external vendor or another House office (i.e., HIR).

[5] Public Key Infrastructure provides increased levels of confidentiality, integrity, and authentication of electronic submissions.

[6] The total estimated costs for the existing system in this evaluation includes the costs associated with maintaining the FD and LDA applications as they are structured today. Because of the eventual migration off of the mainframe, the Clerk has investigated pursuing a solution that will serve during the interim between the time the applications are migrated off the mainframe and the time that the replacement solution for the FD and LDA applications are implemented. The potential interim solution involves porting the mainframe component of the FD and LDA application to a RS-6000 environment. The up-front costs (non-recurring) associated with this include approximately $360,000 for hardware and software components. In addition, the potential recurring costs for the interim solution can be approximated as those attributed to the current mainframe component of the FD and LDA application (approximately $126,000).

[7] For the purposes of this evaluation, a high-level business need is an identified requirement asserted by application users and administrators, which addresses the mission of the Clerk. The high-level business needs presented in this evaluation are not intended to serve as functional requirements. The functional requirements are addressed in the analysis phase of the U.S. House of Representatives System Development Life Cycle Policy.

[8] The functionality of the FD and LDA applications is very similar. Therefore, this needs statement comprises the high-level needs for both applications.

[9] Qualitative values are best used when attempting to identify where major problems exist. Since this risk assessment is being conducted as a first step towards justifying replacement alternatives, an in-depth detailed review is not necessary.

[10] ACF2 is an access control software program that maintains and manages user ID and password combinations.

[11] Refers to Mainframe ACF2 User ID, FileNet signon, and Windows NT account.

[12] For purposes of this study, outsourcing refers to administration of a system outside the confines of the Office of the Clerk. This could include outsourcing services provided by an external vendor or another House office (i.e., HIR).

[13] The Clerk indicated that this person spends approximately 40 percent of his time on supporting the FD and LDA applications.

[14] Based on industry estimates for efficiencies achieved due to implementation of OCR/ICR and workflow technologies, we used the assumption that the current processing of hard copy FD and LDA submission could be performed using 20 percent less staff resources.

[15] Optical disk is the preferred media based on the issue of authenticating documents stored with digital media.

[16] The alternative presented in Section 4.3.3, Imaging/Workflow System with Electronic Filing and an Outsourced PKI and Section 4.3.4, Imaging/Workflow System with Electronic Filing and an In-house PKI both address the non-repudiation issue. Non-repudiation refers to the ability of a filer to deny that he or she actually signed or sent a document to the Clerk.

[17] Although the implementation of electronic filing technology would be expected to generate efficiencies from reduced data entry of hard copy forms, the specific amount of labor cost savings is unclear. Therefore, we have not made any assumptions with regard to labor cost efficiencies from electronic filing.

[18] Non-repudiation refers to the ability to validate whether a filer actually signed or sent a document to the Clerk.

[19] Depending upon the nature of the vendor service agreement, various functions can be shared by both the outsourcing provider and the Clerk.

[20] The RA is also referred to as a Top-Level Certification Authority (TLCA).

[21] The fringe benefit rate was obtained from OMB Circular A-76 for Executive Branch cost-benefit calculations.

[22] OMB Circular A-11 entitled Preparation and Submission of Budget Estimates and The GSA Information Technology Planning and Investment Guide prescribe a six-year planning horizon for IT investments. We reduced this time period to five years to be more conservative in our analysis with regard to the lifecycle of technology components.

[23] OMB Circular A-94 entitled Guidelines and Discount Rates for Benefit-Cost Analysis of Federal Programs indicates that a 7 percent discount factor should be used and that net present value is the standard criterion for deciding whether a Government program can be justified on economic principles.

[24] For purposes of this study, outsourcing refers to administration of a system outside the confines of the Office of the Clerk. This could include outsourcing services provided by an external vendor or another House office (i.e., HIR).

[25] The total estimated costs for the existing system in this evaluation includes the costs associated with maintaining the FD and LDA applications as they are structured today. Because of the eventual migration off of the mainframe, HIR has investigated pursuing a solution that will serve during the interim between the time the applications are migrated off the mainframe and the time that the replacement solution for the FD and LDA applications are implemented. The potential interim solution involves porting the mainframe component of the FD and LDA application to a RS-6000 R/390 platform. The up-front costs (non-recurring) associated with this include approximately $360,000 for hardware and software components. In addition, the potential recurring costs for the interim solution can be approximated as those attributed to the current mainframe component of the FD and LDA application (approximately $126,000).

[26] For the purposes of this study, the External Vendor Services costs category only includes costs associated with PKI Vendor Hosting.

[27] A total of 2,000 hours was estimated for completing the software integration/customization for this alternative.

[28] The efficiencies associated with the new imaging system have been estimated to provide a reduction in staff resources by approximately 20 percent. Processing staff were reduced from seven to six to reflect this 20 percent increase in efficiency.

[29] It is assumed for the evaluation that all new hardware components would be purchased to replace existing components. After a more detailed requirements analysis, the extent to which components can be re-used would be determined.

[30] Although the implementation of electronic filing technology would be expected to generate efficiencies from reduced data entry of hard copy forms, the specific amount of labor cost savings is unclear. Therefore, we have not made any assumptions with regard to labor cost efficiencies from electronic filing. However, we do provide an analysis on potential efficiencies in Section 5.3, Cost Sensitivity Analysis.

[31] When determining the conversion/testing costs for the outsourced PKI, it was assumed that some system functions would remain with the Clerk. Thus, system testing would need to be performed.

[32] “Pricing Public Key Infrastructure”, September 8, 1998, Gartner Group, provides recommendations for integration costs for PKI projects ranging from 20 to 50 percent of project costs. For the purposes of this evaluation, 50 percent was used.

[33] Based on interviews with the Government of Canada, Lobby Registration Branch, efficiencies associated with the introduction of electronic filing capabilities amounted to approximately 50 percent reduction in staff processing resources. However, The Canadian Lobby Registration Branch received approximately 95 percent of submissions via electronic filing, primarily because a $150 fee is charged to hard copy filers. To conservatively represent a scenario that the Clerk may experience, we assumed that a 25 percent reduction in forms processing staff would be appropriate.

[34] The Canadian Lobby Registration Branch experienced a 50 percent reduction in staff processing resources as a result of receiving 95 percent of submissions electronically. For the purposes of our analysis, we assumed 100 percent of submissions received electronically would equate to a 50 percent reduction in staff processing resources.

[35] Based on “Pricing Public Key Infrastructure”, September 8, 1998, Gartner Group.

III. RECOMMENDED ACTIONS

Office of Inspector General Comments

1.1. Financial Disclosure (FD)

Technical Information

Application Metrics

Users/Customers

Key Inputs

Key Interfaces

Key Outputs

1.2. Lobby Disclosure Act (LDA)

1.2.1 Input

Application Metrics

Users/Customers

Key Inputs

Key Interfaces

Key Outputs

Both Systems

2.3. New or Changed Program Needs

2.4. High-Level Business Needs

Input

Processing

Output

Query and Reports

Storage

Technology

Application Controls and Security

Data

Equipment

People

3.3.2 Electronic Filing and Digital Signature

4.1.3 Select and Develop Feasible Alternatives

Filing Community

Committee on Standards of Official Conduct

Committee on Standards of Official Conduct

Committee on Standards of Official Conduct

4.3.3 Alternative 3: Imaging/Workflow System with Electronic Filing and an Outsourced PKI

Committee on Standards of Official Conduct

Legislative Resource Center

Committee on Standards of Official Conduct

5.1.3 Qualitative Analysis

5.2.1 Cost Analysis Summary

5.2.2 Existing System

5.2.2.1 Non-Recurring Costs

External Vendor Services

5.2.3.1 Non-Recurring Costs

Figure 5.6: Imaging/Workflow System - Recurring Cost Estimates

Estimated Costs

Conversion/Testing

5.2.5 Alternative 3: Imaging/Workflow, with Electronic Filing and an Outsourced PKI