The GAO's report assessed processes put in place in response to an August 2005 directive in which the White House Office of Management and Budget ordered agencies to identify high-risk projects and provide quarterly reports on those failing to meet certain performance criteria.

The report summarized the progress that agencies have made in adhering to the directive but said they haven't always consistently identified high-risk projects. The GAO found several projects that appeared to meet the OMB's definition of "high risk," but the agencies didn't classify them as such.

The GAO also chastised the OMB for failing to fully assist the agencies in complying. For example, its report cited a lack of clarity in the directive and said that the OMB could have done much more to ensure its success. The budget office needs to streamline the procedures that agencies use to submit their quarterly reports, the GAO said, noting that inconsistencies could exist between OMB and agency records.

According to the report, the OMB also hasn't compiled a single, aggregated list of the high-risk projects, which limits its ability to track the full set of IT investments requiring special oversight.

And, as the report noted, big money is at stake. Within the 24 agencies that fall under the August 2005 directive, the GAO tallied 226 IT projects that were classified by their respective agencies as high risk. The report said the total funding requested for the projects in fiscal 2007, which starts Oct. 1, is US$6.4 billion -- about 10 percent of the Bush administration's overall IT budget request.