Risk management (11 - 20 of 137 items)
Small Business Administration: Leadership Attention Needed to Overcome Management Challenges
GAO-15-347: Published: Sep 22, 2015. Publicly Released: Oct 28, 2015.
GAO has a related report that discusses SBA’s organizational structure with a focus on its regional offices. See Small Business Administration: Views on the Operational Effects of Closing Regional Offices, GAO-15-369 (Washington, D.C.: Sept. 22, 2015).What GAO FoundThe Small Business Administration (SBA) has not resolved many of its long-standing management challenges due to a lack of sustained...
A Framework for Managing Fraud Risks in Federal Programs
GAO-15-593SP: Published: Jul 28, 2015. Publicly Released: Jul 28, 2015.
To help managers combat fraud and preserve integrity in government agencies and programs, GAO identified leading practices for managing fraud risks and organized them into a conceptual framework called the Fraud Risk Management Framework (the Framework). The Framework encompasses control activities to prevent, detect, and respond to fraud, with an emphasis on prevention, as well as structures and...
Homeland Security: Actions Needed to Better Manage Security Screening at Federal Buildings and Courthouses
GAO-15-445: Published: Mar 31, 2015. Publicly Released: Apr 30, 2015.
The Department of Homeland Security's (DHS) Federal Protective Service (FPS) and the Department of Justice's (DOJ) United States Marshals Service (USMS) experience a range of challenges in their efforts to provide effective security screening, including:Building characteristics and location may limit security options: many General Services Administration (GSA) buildings were designed and construct...
Homeland Security Acquisitions: DHS Should Better Define Oversight Roles and Improve Program Reporting to Congress
GAO-15-292: Published: Mar 12, 2015. Publicly Released: Mar 16, 2015.
The Department of Homeland Security (DHS) has taken steps to improve oversight of major acquisition programs, but it lacks written guidance for a consistent approach to day-to-day oversight. Federal Standards for Internal Control call for organizations to define and document key areas of responsibility in order to effectively plan, direct, and control operations to achieve agency objectives. DHS h...
Whistleblower Protection: Additional Actions Needed to Improve DOJ's Handling of FBI Retaliation Complaints
GAO-15-112: Published: Jan 23, 2015. Publicly Released: Feb 23, 2015.
The Department of Justice (DOJ) closed 44 of the 62 (71 percent) Federal Bureau of Investigation (FBI) whistleblower retaliation complaints we reviewed within 1 year, took up to 4 years to close 15 complaints, and took up to 10.6 years to close the remaining 3. DOJ terminated 55 of the 62 complaints (89 percent) and awarded corrective action for 3. (Complainants withdrew 4.) We found that DOJ term...
Federal Facility Cybersecurity: DHS and GSA Should Address Cyber Risk to Building and Access Control Systems
GAO-15-6: Published: Dec 12, 2014. Publicly Released: Jan 12, 2015.
The Department of Homeland Security (DHS) has taken preliminary steps to begin to understand the cyber risk to building and access controls systems in federal facilities. For example, in 2013, components of DHS's National Protection and Programs Directorate (NPPD) conducted a joint assessment of the physical security and cybersecurity of a federal facility. However, significant work remains.Lack o...
Federal Protective Service: Protecting Federal Facilities Remains A Challenge
GAO-14-623T: Published: May 21, 2014. Publicly Released: May 21, 2014.
The Federal Protective Service continues to face challenges ensuring that contract guards have been properly trained and certified before being deployed to federal facilities around the country. In September 2013, for example, GAO reported that providing training for active shooter scenarios and screening access to federal facilities poses a challenge for FPS. According to officials at five guard...
Export Controls: NASA Management Action and Improved Oversight Needed to Reduce the Risk of Unauthorized Access to Its Technologies
GAO-14-315: Published: Apr 15, 2014. Publicly Released: May 15, 2014.
Weaknesses in the National Aeronautics and Space Administration (NASA) export control policy and implementation of foreign national access procedures at some centers increase the risk of unauthorized access to export-controlled technologies. NASA policies provide Center Directors wide latitude in implementing export controls at their centers. Federal internal control standards call for clearly def...
Federal Facility Security: Additional Actions Needed to Help Agencies Comply with Risk Assessment Methodology Standards
GAO-14-86: Published: Mar 5, 2014. Publicly Released: Apr 7, 2014.
Three of the nine selected agencies' risk assessment methodologies that GAO reviewed—the Department of Energy (DOE), the Department of Justice (DOJ), and the Department of State (State)—fully align with the Interagency Security Committee's (ISC) risk assessment standards, but six do not—the Department of the Interior (DOI), the Department of Veterans Affairs (VA), the Federal Protective Serv...
U.S. Postal Service: Actions Needed to Strengthen the Capital Investment Process
GAO-14-155: Published: Jan 7, 2014. Publicly Released: Feb 6, 2014.
For each of the four phases of capital investments, USPS's conformance with leading practices varied. There are several practices within each of the phases. GAO assessed conformance as "substantial" if USPS's policy conformed to all or almost all elements of the practice, and as "partial" if USPS's policy conformed to some elements, or GAO identified cases in the five projects reviewed where the p...