Reports & Testimonies

  • GAO’s recommendations database contains report recommendations that still need to be addressed.

    GAO’s recommendations help congressional and agency leaders prepare for appropriations and oversight activities, as well as help improve government operations. Recommendations remain open until they are designated as Closed-implemented or Closed-not implemented. You can explore open recommendations by searching or browsing.

    GAO's priority recommendations are those that we believe warrant priority attention. We sent letters to the heads of key departments and agencies, urging them to continue focusing on these issues. These recommendations are labeled as such. You can find priority recommendations by searching or browsing our open recommendations below, or through our mobile app.

  • Browse Open Recommendations

    Explore priority recommendations by subject terms or browse by federal agency

    Search Open Recommendations

    Search for a specific priority recommendation by word or phrase



  • Governing on the go?

    Our Priorities for Policy Makers app makes it easier for leaders to search our recommendations on the go.

    See the November 10th Press Release


  • Have a Question about a Recommendation?

    • For questions about a specific recommendation, contact the person or office listed with the recommendation.
    • For general information about recommendations, contact GAO's Audit Policy and Quality Assurance office at (202) 512-6100 or apqa@gao.gov.
  • « Back to Results List Sort by   

    Results:

    Subject Term: "Agency evaluation"

    28 publications with a total of 97 open recommendations including 7 priority recommendations
    Director: Heather Krause
    Phone: (202) 512-6806

    3 open recommendations
    Recommendation: To help ensure that FLETC builds and maintains capacity to achieve its mission with existing levels of resources over the longer-term, the Secretary of Homeland Security should direct the Director of FLETC to complete a revised strategic plan that encompasses the agency's long-term goals and objectives to address emerging challenges.

    Agency: Department of Homeland Security
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To help ensure that FLETC builds and maintains capacity to achieve its mission with existing levels of resources over the longer-term, as part of its strategic planning process, the Secretary of Homeland Security should direct the Director of FLETC to finalize the plan, including the steps and time frames, needed to further implement its Online Campus initiative.

    Agency: Department of Homeland Security
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To help ensure that ETA continues to have the capacity to achieve its mission and manage changes in demand for services resulting from changes in the broader economy, the Secretary of Labor should direct the Administrator of ETA to systematically gather and evaluate information on the challenges that states faced administering the unemployment insurance program during the recession that began in 2007--such as rapidly ramping up staffing at the start of the recession and ramping down as the economy recovered--and identify and build upon any lessons learned from this experience that could be broadly shared to help the program respond to any changes in workload during a future economic downturn.

    Agency: Department of Labor
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Director: Debra Draper
    Phone: (202) 512-7114

    2 open recommendations
    Recommendation: The Secretary of Veterans Affairs should direct the Under Secretary for Health to conduct an evaluation of the implementation of the VISN realignment to determine whether deficiencies exist that need corrective actions, and apply lessons learned from the evaluation to future organizational structure changes, such as possible changes to VISN staffing models or actions to implement Commission on Care recommendations.

    Agency: Department of Veterans Affairs
    Status: Open

    Comments: VHA concurred with this recommendation, stating that VHA's Office of Workforce Management and Consulting (WMC) would evaluate the implementation of the VISN realignment to include the identification of deficiencies for correction, lessons learned, and potential changes to the VISN staffing models. VHA stated that as the implementation activities near completion in fiscal year 2017, WMC would evaluate the effectiveness and efficiency of the VISN realignment processes. In December 2016, VHA reported that WMC had begun consultations with the Office of Strategic Integration on a strategic assessment of the VHA organizational structure in the field to 1) identify and recommend to leadership optimal proposals for organization design efficiencies and 2) define and recommend analytical and implementation procedures that will avoid the challenges from previous field reorganizations. As of April 2017, VHA reported that the Principal Deputy Under Secretary for Health found that lessons learned from the VISN Realignment Workgroup needed to be incorporated into the VA Modernization initiative, and directed the VHA's Office of Strategic Integration to coordinate with WMC and former members of the VISN Realignment Workgroup to determine how best to document lessons learned and apply them to future organizational structure changes. In July 2017, VHA told us that a Rapid Design and Implementation functional assessment of VHA Central Office and VISN organizations had been completed, which included a survey, interviews with central office and VISN officials, and other meetings. VHA stated its target completion date of September 2017 was unchanged, but did not provide additional detail on how the functional assessment is related to the evaluation of the VISN realignment that we recommended VHA conduct, or how lessons learned from the realignment are being incorporated into organizational structure changes such as the new functional chart VHA reported developing.
    Recommendation: The Secretary of Veterans Affairs should direct the Under Secretary for Health to develop a process to ensure that organizational structure recommendations resulting from internal and external reviews of VHA are evaluated for implementation. This process should include the documentation of decisions and assigning officials or offices responsibility for ensuring that approved recommendations are implemented.

    Agency: Department of Veterans Affairs
    Status: Open

    Comments: VHA concurred with this recommendation. In December 2016, VHA stated that its Office of Workforce Management and Consulting (WMC) had begun to develop a consistent process to ensure that organizational structure changes are evaluated and implemented appropriately. In addition, a first draft of a permanent organization approval procedure had been completed and was undergoing review for the Under Secretary for Health. In May 2017, VHA officials told us their initial work on this recommendation was paused to allow the Agency to respond to President Trump's Executive Order dated March 13, 2017, on "Comprehensive Plan for Reorganizing the Executive Branch." VHA reported that WMC's proposed process will be assessed in the context of the Executive Order. In July 2017, VHA reported that the VA Modernization Team evaluated the results from a VHA Rapid Design and Implementation functional review, which was conducted to determine where shared areas of responsibilities and redundancies exist across VHA, and developed a draft functional chart that was under review. WMC anticipated continuing work on this recommendation after the functional chart's approval, with an anticipated completion date of September 2017. We will follow-up with VHA to obtain updates on both the organizational structure changes process as well as the new functional chart for VHA.
    Director: James Cosgrove
    Phone: (202) 512-7114

    2 open recommendations
    Recommendation: To improve the accessibility and reliability of SNF expenditure data, the Acting Administrator of CMS should take steps to improve the accessibility of SNF expenditure data, making it easier for public stakeholders to locate and use the data.

    Agency: Department of Health and Human Services: Centers for Medicare and Medicaid Services
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To improve the accessibility and reliability of SNF expenditure data, the Acting Administrator of CMS should take steps to ensure the accuracy and completeness of SNF expenditure data.

    Agency: Department of Health and Human Services: Centers for Medicare and Medicaid Services
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Director: Anne-Marie Fennell
    Phone: (202) 512-3841

    2 open recommendations
    Recommendation: To help improve the efficiency of Corps operations at reservoir projects and to assist the Corps in meeting the requirement of the Water Resources Reform and Development Act of 2014 to update the Corps' 1992 reservoir report, the Secretary of Defense should direct the Secretary of the Army to direct the Chief of Engineers and Commanding General of the U.S. Army Corps of Engineers to develop guidance on what activities constitute a review of a water control manual and how to document that review.

    Agency: Department of Defense
    Status: Open

    Comments: The agency agreed with our recommendation. We will provide updates when the agency takes action.
    Recommendation: To help improve the efficiency of Corps operations at reservoir projects and to assist the Corps in meeting the requirement of the Water Resources Reform and Development Act of 2014 to update the Corps' 1992 reservoir report, the Secretary of Defense should direct the Secretary of the Army to direct the Chief of Engineers and Commanding General of the U.S. Army Corps of Engineers to track consistent information on the status of water control manuals, including whether they need revisions, and prioritize revisions as needed.

    Agency: Department of Defense
    Status: Open

    Comments: The agency agreed with our recommendation. We will provide updates when the agency takes action.
    Director: Alfredo Gómez
    Phone: (202) 512-3841

    4 open recommendations
    Recommendation: To help ensure protection of underground drinking water from the injection of wastewater associated with domestic oil and gas production, the Administrator of the Environmental Protection Agency should require and collect well-specific data on inspections from state and EPA-managed programs, including when the wells were inspected, the types of inspections conducted, and the results of the inspections in order to track progress toward state and EPA-managed annual inspection goals.

    Agency: Environmental Protection Agency
    Status: Open

    Comments: In November 2016, EPA said that it is working toward establishing a complete, regularly updated data set. It will work toward expanding the agency's access to well-specific data and will expand the data it has in its national UIC database. And, the agency said that it will continue to work with DOE and the Groundwater Protection Council to develop a national oil and gas gateway for well-specific data. Until such data are made available, we will leave this recommendation as open.
    Recommendation: To help ensure protection of underground drinking water from the injection of wastewater associated with domestic oil and gas production, the Administrator of the Environmental Protection Agency should complete the aquifer exemption database and establish a way to update it to provide EPA headquarters and regions with sufficient information on aquifer exemptions to oversee state and EPA-managed programs.

    Agency: Environmental Protection Agency
    Status: Open

    Comments: In December 2016, EPA published a map of aquifer exemptions online, with the exception of region 9 data. The public dataset shows the data in two dimensions and includes information such as depth of injection, surrounding geology and injectate characteristics. EPA plans to update the database annually. We will keep this recommendation open until EPA completes work on region 9.
    Recommendation: To help ensure protection of underground drinking water from the injection of wastewater associated with domestic oil and gas production, the Administrator of the Environmental Protection Agency should clarify guidance on what data should be reported on the 7520-4 form to help ensure that the data collected are complete and consistent across state and EPA-managed programs and to provide the information EPA needs to assess whether it must take enforcement actions.

    Agency: Environmental Protection Agency
    Status: Open

    Comments: In November 2016, EPA said that it is working toward establishing a complete, regularly updated data set. It will work toward expanding the agency's access to well-specific data and will expand the data it has in its national UIC database. And, the agency said that it will continue to work with DOE and the Groundwater Protection Council to develop a national oil and gas gateway for well-specific data. Until such data are made available, we will leave this recommendation open.
    Recommendation: To help ensure protection of underground drinking water from the injection of wastewater associated with domestic oil and gas production, the Administrator of the Environmental Protection Agency should conduct a workforce analysis to identify the human capital and other resources EPA needs to carry out its oversight of state and EPA-managed programs.

    Agency: Environmental Protection Agency
    Status: Open

    Comments: In November 2016, EPA disagreed and said that the best approach is to expand its evaluation of agency oversight to include elements of inspection and enforcement. Once the evaluation is complete, EPA will consider its oversight of state programs. We will keep this recommendation open until EPA completes its review and determines what it will do with its oversight.
    Director: Brenda S. Farrell
    Phone: (202) 512-3604

    4 open recommendations
    Recommendation: To improve DOD's management of initiatives directed at increasing the recruitment and accessions of women into the officer corps, the Secretary of Defense should direct the Under Secretary of Defense, Personnel and Readiness, in collaboration with the service Secretaries, to develop an oversight framework that includes or incorporates (consistent with applicable law): (1) Service-wide program goals for initiatives directed at female officers' recruitment, such as goals related to the composition of the applicant pool; (2) Performance measures linked to program goals; and (3) Resource allocations linked to program goals.

    Agency: Department of Defense
    Status: Open

    Comments: In providing comments on this report, the agency concurred with this recommendation but has not yet taken any actions necessary to implement it.
    Recommendation: To improve DOD's management of initiatives directed at increasing the recruitment and accessions of women into the officer corps, the Secretary of Defense should direct the Under Secretary of Defense, Personnel and Readiness, in collaboration with the service Secretaries, to conduct evaluations for key recruitment initiatives to help ensure these initiatives are achieving their intended purpose.

    Agency: Department of Defense
    Status: Open

    Comments: In providing comments on this report, the agency concurred with this recommendation but has not yet taken any actions necessary to implement it.
    Recommendation: To improve the Coast Guard's management of initiatives to increase the recruitment and accessions of women into the officer corps, the Commandant of the Coast Guard should develop an oversight framework that includes or incorporates (consistent with applicable law): (1) Service-wide program goals for initiatives directed at female officers' recruitment, such as goals related to the composition of the applicant pool; (2) Performance measures linked to program goals; and (3) Resource allocations linked to program goals.

    Agency: Department of Homeland Security: United States Coast Guard
    Status: Open

    Comments: In providing comments on this report, the agency concurred with this recommendation but has not yet taken any actions necessary to implement it.
    Recommendation: To improve the Coast Guard's management of initiatives to increase the recruitment and accessions of women into the officer corps, the Commandant of the Coast Guard should conduct evaluations for key recruitment initiatives to help ensure these initiatives are achieving their intended purpose.

    Agency: Department of Homeland Security: United States Coast Guard
    Status: Open

    Comments: In providing comments on this report, the agency concurred with this recommendation but has not yet taken any actions necessary to implement it.
    Director: J. Lawrence Malenich
    Phone: (202) 512-9399

    1 open recommendations
    Recommendation: The Foundation's Executive Director should update the Foundation's draft written policies and procedures over its contracting practices to include all key internal control activities, issue them in final form, and establish a date by which these actions will be completed.

    Agency: Morris K. Udall and Stewart L. Udall Foundation
    Status: Open

    Comments: The Foundation concurred with our recommendation and stated that it will implement the recommended actions. In addition, the Foundation stated that our recommendations will be incorporated in the Foundation's risk assessment documentation, established as a priority, and included in the Foundation's fiscal year 2016 Corrective Action Plan. As of July 2017, the Foundation has not implemented corrective actions to address this recommendation.
    Director: William Shear
    Phone: (202) 512-8678

    6 open recommendations
    including 1 priority recommendation
    Recommendation: To improve management of the Small Business Administration and to ensure that SBA assesses the effectiveness of its programs, the SBA Administrator should prioritize resources to conduct additional program evaluations.

    Agency: Small Business Administration
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To improve management of the Small Business Administration and to ensure that SBA fully meets GPRAMA requirements, the SBA Administrator should use the results of additional evaluations it conducts in its strategic planning process and ensure the agency's next strategic plan includes required information on program evaluations, including a schedule of future evaluations.

    Agency: Small Business Administration
    Status: Open
    Priority recommendation

    Comments: SBA officials stated that, as of October 2016, the agency had taken several steps to prioritize resources and establish an implementation plan for future evaluations, including hiring its first lead program evaluator to develop a long-term evaluation agenda and initiating four program evaluations. They stated that once completed, the evaluations would be incorporated into the agency's fiscal year 2018-2022 strategic plan. As of May 2017, SBA had started reviewing guidance on drafting this plan, which is due in February 2018.
    Recommendation: To improve management of the Small Business Administration and to improve SBA's human capital management, the SBA Administrator should incorporate into its next training plan key principles such as goals and measures for its training programs and input on employee development goals.

    Agency: Small Business Administration
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To improve management of the Small Business Administration and to ensure that SBA's organizational structure helps the agency meet its mission, the SBA Administrator should document the assessment of the agency's organizational structure, including any necessary changes to, for example, better ensure areas of authority, responsibility, and lines of reporting are clear and defined.

    Agency: Small Business Administration
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To improve management of the Small Business Administration and to improve SBA's program and management guidance, the SBA Administrator should set time frames for periodically reviewing and updating its SOPs as appropriate.

    Agency: Small Business Administration
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To improve management of the Small Business Administration and to help ensure that SBA's IT operations and maintenance investments are continuing to meet business and customer needs and the agency's strategic goals, the SBA Administrator should direct the appropriate officials to perform an annual operational analysis on all SBA investments in accordance with OMB guidance.

    Agency: Small Business Administration
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Director: Charles Michael Johnson, Jr.,
    Phone: (202) 512-7331

    2 open recommendations
    Recommendation: Given that countering violent extremism is a priority for the U.S. government in general and State's Bureau of Counterterrorism (CT Bureau), the Secretary of State should take steps to ensure that CVE program efforts abroad are evaluated.

    Agency: Department of State
    Status: Open

    Comments: In June 2017, the CT Bureau indicated that a third-party evaluation of the CVE program has been completed. The evaluation focused on process and programming, including all CVE projects funded between fiscal years 2012 and 2016 and resulted in two related but disparate sets of recommendations and findings. The CT Bureau indicated that it has begun incorporating the recommendations made in the evaluation into its overall CVE efforts.
    Recommendation: To improve State's CT Bureau's program management efforts, the Secretary of State should take steps to ensure the Bureau of Counterterrorism establishes specific time frames for addressing recommendations from program evaluations.

    Agency: Department of State
    Status: Open

    Comments: In June 2017, the CT Bureau indicated it is in the process of reviewing recommendations from the CVE evaluation, and will soon be assigning timelines to those recommendations that the bureau deems relevant and achievable. For other evaluations, the CT Bureau indicated that it has already acknowledged the need to assign specific timelines to evaluation recommendations and has adjusted accordingly.
    Director: Beryl H. Davis
    Phone: (202) 512-2623

    2 open recommendations
    Recommendation: To provide increased performance audit coverage of Commerce's bureaus and offices, the Commerce IG should augment the OIG's risk-based audit planning process to consider (1) a rotation of performance audit coverage among the smaller bureaus and offices to help ensure that the economy, efficiency, and effectiveness of their programs are periodically reviewed and (2) all applicable high-risk areas identified by GAO.

    Agency: Department of Commerce: Office of the Inspector General
    Status: Open

    Comments: The Department of Commerce's Office of Inspector General (OIG) has taken actions to augment its annual risk assessment to consider (I) a rotation of performance audit coverage among the smaller bureaus and offices and (2) all applicable high-risk areas identified by GAO. For example, OIG's fiscal year (FY) 2016 audit plan included performance audits of Bureau of Industry and Security, Economic Development Administration, and Economic Development Administration, which are three of Commerce's smaller bureaus. It also included a performance audit of federal real property, a high-risk area identified by GAO. Further, OIG indicated completion of its FY 2017 risk assessment in June, and will be completing its FY 2017 audit plan in September - which will include performance audits of several of the Commerce's smaller bureaus, as well as consider the following high-risk areas identified by GAO in its 2015 report that could be applicable to Commerce. We believe OIG met the intent of GAO recommendation with regards to augmenting its annual risk assessment to consider (1) a rotation of performance audit coverage among the smaller bureaus and offices and (2) all applicable high-risk areas identified by GAO. We base our conclusion given that OIG has either conducted or scheduled to conduct performance audits to cover smaller bureaus and high-risk areas identified by GAO, which we verified on the OIG's website. However, we believe the intent of GAO's recommendation is for these audits to be performed in subsequent years going forward and not just in FY 2017. OIG was not able to provide us support to show it has formal procedures or policies in place to ensure these performance audits will be performed in future years on a rotational and periodic basis. As a result, we don't believe DOC OIG has fully met the intent of the recommendation. We will continue to monitor the agency's actions to address this recommendation.
    Recommendation: To provide reasonable assurance that written hotline policies and procedures are consistently followed and complaints are handled effectively, the Commerce IG should enhance the existing internal control activities for the OIG's hotline operations through monitoring, including self-assessment evaluations conducted by the hotline unit of itself, periodic reviews of control design, and direct testing of internal controls.

    Agency: Department of Commerce: Office of the Inspector General
    Status: Open

    Comments: The Department of Commerce's Office of Inspector General (OIG) stated that it conducted a self-assessment of its hotline operations in fiscal year 2016, updated its complaint management policy, and is securing independent quality control reviews. We have reviewed OIG quality assessment memorandum dated 11/3/15 and verified it shows that OIG performed a self-assessment of its hotline operations, which included (1) evaluating proper handling of complaints; (2) assignment of disposition codes; and (3) time frames for processing complaints. In addition, we have reviewed OIG's updated complaint management policy and verified it contains detailed policies and procedures over its hotline operations. Therefore, we believe OIG met the intent of the recommendation with regards to conducting a self-assessment evaluation. However, we did not see where OIG met the intent of GAO recommendation with regards to having in place control activities for conducting periodic reviews of control design and direct testing of internal controls. We will continue to monitor the agency's actions to address this recommendation.
    Director: Andrew Sherrill
    Phone: (202) 512-7215

    5 open recommendations
    Recommendation: To better report the occupations filled by H-2B workers who have been approved by DHS, the Director of U.S. Citizenship and Immigration Services should implement during its transformation process to an electronic petition form, an occupation classification system that conforms to a national standard.

    Agency: Department of Homeland Security: United States Citizenship and Immigration Services
    Status: Open

    Comments: In September 2016, USCIS indicated that it was revising its Transformation Roadmap (schedule). The conversion to electronic nonimmigrant petitions is expected to be completed during the second quarter of fiscal year 2018. USCIS also noted that it is exploring the adoption of a single set of occupation codes across multiple form types, but has not yet made a final decision whether to implement this. USCIS estimates this recommendation will be completed by March 31, 2018.
    Recommendation: To help potential H-2A and H-2B workers and their advocates better assess employment offers and reduce their vulnerability to abuse, the Director of U.S. Citizenship and Immigration Services should, during its transformation to an electronic petition form, ensure that petition job information is collected in an electronic manner and made available to the public as soon as possible following a final adjudication decision. Such job information should include number of positions, wage, and any staffing, placement or recruitment agency the employer plans to use.

    Agency: Department of Homeland Security: United States Citizenship and Immigration Services
    Status: Open

    Comments: In September 2016, USCIS indicated that it was revising its Transformation Roadmap (schedule). The conversion to electronic nonimmigrant petitions is expected to be completed during the second quarter of fiscal year 2018. Therefore, USCIS estimates this recommendation will be completed by March 31, 2018.
    Recommendation: To help protect workers from being hired by employers who have been debarred from program participation, the Secretary of Labor should direct the Assistant Secretary, Employment and Training Administration, to use all employer-related information it collects on debarred employers to screen new applications.

    Agency: Department of Labor
    Status: Open

    Comments: In June 2016, the agency noted that it continues to screen for debarred employers in two ways: 1) by adding debarred employers to its iCERT System, which matches incoming employer applications using the federal Employer Identification Number; and 2) by conducting additional reviews during analyst case adjudications using a more expansive set of employer-related information. While the Employment and Training Administration explored enhancing its iCERT system in 2015 to flag more information on debarred employers, the agency said this enhancement was not pursued due to technical difficulties in matching open text fields (e.g., physical employer addresses).
    Recommendation: To ensure that H-2B workers are adequately protected and that DOL's investigative resources are appropriately focused, the Secretary of Labor should direct the Administrator, Wage and Hour Division, to review its enforcement efforts and conduct a national investigations-based evaluation of H-2B employers.

    Agency: Department of Labor
    Status: Open

    Comments: In June 2016, DOL's Wage and Hour Division (WHD) indicated that it is coordinating closely with the department's Chief Evaluation Office on evaluations and special projects involving data analytics. As a result of that coordination, it is shifting away from large-scale compliance surveys and toward leveraging internal enforcement data and external survey data to assess compliance levels in priority industries. Therefore, WHD is not currently considering a national level survey of the H-2B program. However, WHD indicated that its focus of enforcement resources on industries that employ workers vulnerable to violations of labor laws will include H-2B workers and employers.
    Recommendation: To determine to what extent, if any, the 2-year statute of limitations on debarment limits its use as a remedy for employers who violate program requirements: (1) the Secretary of Labor should direct the Assistant Secretary, Employment and Training Administration, and the Administrator, Wage and Hour Division, to collect data on the nature of the cases where debarment would have been recommended but was not because the 2-year statute of limitations had expired, and based on that data determine whether to pursue a legislative proposal to extend the statute of limitations; and (2) the Department of Labor Inspector General should direct the Assistant Inspector General, Office of Labor Racketeering and Fraud Investigations to provide the Assistant Secretary, Employment and Training Administration, and the Administrator, Wage and Hour Division, data on the number of referrals for debarment that the Inspector General's Office sent to the department after the 2-year statute of limitations had expired.

    Agency: Department of Labor
    Status: Open

    Comments: In June 2016, DOL indicated that it was considering the utility of collecting these data in light of the fact that the new H-2B regulations that were issued in April 2015 eliminated the 2-year statute of limitations for the H-2B program. We continue to believe, however, that this data collection would be valuable given that the H-2A program is still subject to the 2-year statute of limitations. The department indicated it is undertaking a modernization of its data systems--by implementing a data governance structure that will manage its data as a business asset--and our recommendation for the collection of these data will be vetted through this process.
    Director: Marie A. Mak
    Phone: (202) 512-4841

    6 open recommendations
    Recommendation: To ensure a consistent and more collaborative approach to the protection of critical technologies, the Secretaries of Commerce, Defense, Homeland Security, State, and the Treasury; as well as the Attorney General of the United States, who have lead and stakeholder responsibilities for the eight programs within the critical technologies portfolio, should take steps to promote and strengthen collaboration mechanisms among their respective programs while ongoing initiatives are implemented and assessed. These steps need not be onerous; for example, they could include conducting an annual meeting to discuss their programs, including the technologies they are protecting, their programs' intent, any new developments or changes planned for their programs, as well as defining consistent critical technologies terminology and sharing important updates.

    Agency: Department of Homeland Security
    Status: Open

    Comments: In providing comments on this report, the agency concurred with this recommendation. Relevant efforts by DHS to finalize memoranda of understanding with other agencies and by the Export Enforcement Coordination Center to share information and data across the export control enforcement community are ongoing. As of Sept 2017, DHS did not identify relevant actions to coordinate on critical technologies among other agencies.
    Recommendation: To ensure a consistent and more collaborative approach to the protection of critical technologies, the Secretaries of Commerce, Defense, Homeland Security, State, and the Treasury; as well as the Attorney General of the United States, who have lead and stakeholder responsibilities for the eight programs within the critical technologies portfolio, should take steps to promote and strengthen collaboration mechanisms among their respective programs while ongoing initiatives are implemented and assessed. These steps need not be onerous; for example, they could include conducting an annual meeting to discuss their programs, including the technologies they are protecting, their programs' intent, any new developments or changes planned for their programs, as well as defining consistent critical technologies terminology and sharing important updates.

    Agency: Department of Commerce
    Status: Open

    Comments: Commerce has identified various efforts to collaborate across multiple agencies within individual critical technologies programs, but has not taken steps to promote collaboration on critical technologies through a larger group discussion.
    Recommendation: To ensure a consistent and more collaborative approach to the protection of critical technologies, the Secretaries of Commerce, Defense, Homeland Security, State, and the Treasury; as well as the Attorney General of the United States, who have lead and stakeholder responsibilities for the eight programs within the critical technologies portfolio, should take steps to promote and strengthen collaboration mechanisms among their respective programs while ongoing initiatives are implemented and assessed. These steps need not be onerous; for example, they could include conducting an annual meeting to discuss their programs, including the technologies they are protecting, their programs' intent, any new developments or changes planned for their programs, as well as defining consistent critical technologies terminology and sharing important updates.

    Agency: Department of Defense
    Status: Open

    Comments: DOD has identified numerous activities within DOD to coordinate across the critical technologies portfolio, in particular the Arms Transfer and Technology Release Senior Steering Group. In some cases, these activities include other departments, most commonly State. However, officials have stated that they are not aware of any high-level coordination on critical technologies among the larger group of agencies. On Sept. 5, 2017, DOD provided an update on multiple DOD efforts, including CFIUS, but none are collaborating among all of the agencies cited in the recommendation.
    Recommendation: To ensure a consistent and more collaborative approach to the protection of critical technologies, the Secretaries of Commerce, Defense, Homeland Security, State, and the Treasury; as well as the Attorney General of the United States, who have lead and stakeholder responsibilities for the eight programs within the critical technologies portfolio, should take steps to promote and strengthen collaboration mechanisms among their respective programs while ongoing initiatives are implemented and assessed. These steps need not be onerous; for example, they could include conducting an annual meeting to discuss their programs, including the technologies they are protecting, their programs' intent, any new developments or changes planned for their programs, as well as defining consistent critical technologies terminology and sharing important updates.

    Agency: Department of Justice: Office of the Attorney General
    Status: Open

    Comments: In August 2016, the agency identified coordination actions being taken across the agencies with export control responsibilities--including through the Export Control Enforcement Center--and through the Committee on Foreign Investment in the United States. However, it is not clear how, or if, these coordination efforts are tied to the larger, government-wide portfolio of critical technologies programs. As of Sept. 2017, Justice has no additional updates.
    Recommendation: To ensure a consistent and more collaborative approach to the protection of critical technologies, the Secretaries of Commerce, Defense, Homeland Security, State, and the Treasury; as well as the Attorney General of the United States, who have lead and stakeholder responsibilities for the eight programs within the critical technologies portfolio, should take steps to promote and strengthen collaboration mechanisms among their respective programs while ongoing initiatives are implemented and assessed. These steps need not be onerous; for example, they could include conducting an annual meeting to discuss their programs, including the technologies they are protecting, their programs' intent, any new developments or changes planned for their programs, as well as defining consistent critical technologies terminology and sharing important updates.

    Agency: Department of the Treasury
    Status: Open

    Comments: In September 2016, a Treasury official identified coordination actions being taken across the agencies with export control responsibilities and through the Committee on Foreign Investment in the United States. However, coordination efforts are not tied to larger, government-wide collaboration on critical technologies. In March 2017, Treasury provided an update on actions taken, but did not address the recommendation for coordination among the critical technologies programs.
    Recommendation: To ensure a consistent and more collaborative approach to the protection of critical technologies, the Secretaries of Commerce, Defense, Homeland Security, State, and the Treasury; as well as the Attorney General of the United States, who have lead and stakeholder responsibilities for the eight programs within the critical technologies portfolio, should take steps to promote and strengthen collaboration mechanisms among their respective programs while ongoing initiatives are implemented and assessed. These steps need not be onerous; for example, they could include conducting an annual meeting to discuss their programs, including the technologies they are protecting, their programs' intent, any new developments or changes planned for their programs, as well as defining consistent critical technologies terminology and sharing important updates.

    Agency: Department of State
    Status: Open

    Comments: In providing comments on this report, the agency concurred with this recommendation but has not yet taken any actions necessary to implement it. In Sept. 2017, State provided updates on actions taken within the department, but none across affected agencies.
    Director: Maurer, Diana C
    Phone: (202) 512-9627

    2 open recommendations
    Recommendation: To ensure that DHS components have sustained effective and appropriate use of AUO in accordance with law and regulation, Congress should consider requiring DHS to report annually to Congress on the use of AUO within the department, including the extent to which DHS components have made progress remediating AUO implementation deficiencies and information from annual third-party AUO audits or other department AUO oversight efforts.

    Agency: Congress
    Status: Open

    Comments: As of May 2017, three DHS components continue to use administratively uncontrollable overtime (AUO) to compensate employees for time worked beyond the standard 8-hour workday. The Border Patrol Agent Pay Reform Act of 2014 (BPAPRA), passed in December 2014, established a new overtime compensation system for Border Patrol agents (the majority of former AUO-users). Further, an amendment to Title V, enacted in December 2016, expanded law enforcement availability pay to U.S. Customs and Border Protection's (CBP) Air and Marine Operations. However, CBP continues to use AUO to compensate other employees, such as those within in the Office of Field Operations. Also, both U.S. Immigration and Customs Enforcement (ICE) and U.S. Secret Service (USSS) continue to use AUO to compensate employees with AUO. Though the negative effects of implementing AUO incorrectly have been mitigated to some extent through the deauthorization of over 20,000 Border Patrol agents, in addition to other deauthorizations and alternative compensation mechanisms, three DHS components continue to utilize AUO. Therefore, DHS still needs to consider a holistic approach to ensuring those components use AUO correctly and our matter for congressional consideration will remain open.
    Recommendation: To better position DHS to monitor components' progress remediating AUO deficiencies, the Secretary of DHS should develop and execute a department-wide oversight mechanism to ensure components implement AUO appropriately on a sustained basis, and in accordance with law and regulation.

    Agency: Department of Homeland Security
    Status: Open

    Comments: In June 2015, the Department of Homeland Security (DHS) took actions toward addressing our recommendation by developing a department-wide oversight mechanism described in a directive and instruction on administratively uncontrollable overtime (AUO). DHS's AUO directive defines responsibility for Office of the Chief Human Capital Officer (OCHCO) that includes establishing AUO policy and guidance, providing program oversight and evaluating component AUO compliance, and administering an AUO training program, among other things. The directive also requires component heads to develop component-specific AUO policies that must be reviewed by DHS OCHCO for concurrence and also submit to OCHCO the results of an independent, third-party audit of compliance with applicable AUO law and policy no later than 18 months after the date of the directive (i.e., by December 2016) and annually thereafter . In March 2016, Immigration and Customs Enforcement (ICE) completed its annual financial audit, conducted by a separate office within DHS, which now incorporates audit of ICE's use of AUO. As of May 2017, the other DHS components that continue to use AUO--U.S. Secret Service and U.S. Customs and Border Protection--have not yet submitted results of third-party audits of AUO to OCHCO. To ensure that the AUO directive has been fully and appropriately executed across the department, the recommendation will remain open until USSS and CBP have submitted their first independent, third-party audit to OCHCO. At that point we will we review the remaining audits to determine if the recommendation has been addressed, and can therefore be closed.
    Director: David Powner
    Phone: (202) 512-9286

    8 open recommendations
    Recommendation: To help ensure continued progress in the implementation of cloud computing services, the Secretaries of Agriculture, Health and Human Services, Homeland Security, State, and the Treasury; and the Administrators of the General Services Administration and Small Business Administration should direct their respective Chief Information Officers to ensure that all IT investments are assessed for suitability for migration to a cloud computing service.

    Agency: Department of Agriculture
    Status: Open

    Comments: We are in the process of reviewing agency documentation and waiting for additional supporting documentation.
    Recommendation: To help ensure continued progress in the implementation of cloud computing services, the Secretaries of Agriculture, Health and Human Services, Homeland Security, State, and the Treasury; and the Administrators of the General Services Administration and Small Business Administration should direct their respective Chief Information Officers to ensure that all IT investments are assessed for suitability for migration to a cloud computing service.

    Agency: Department of the Treasury
    Status: Open

    Comments: We contacted the agency and are awaiting its response on the status of efforts to implement this recommendation.
    Recommendation: To help ensure continued progress in the implementation of cloud computing services, the Secretaries of Agriculture, Health and Human Services, Homeland Security, State, and the Treasury; and the Administrators of the General Services Administration and Small Business Administration should direct their respective Chief Information Officers to ensure that all IT investments are assessed for suitability for migration to a cloud computing service.

    Agency: Department of State
    Status: Open

    Comments: The Department of State established a requirement for completing a cloud computing service alternatives analysis for all new projects, and that existing IT projects be evaluated for the viability to migrate to a cloud computing environment. Further, the department established key factors for consideration when selecting applications for migration to a cloud environment. However, State has not yet evaluated a majority of its IT investments for cloud alternatives. The department said it plans to complete evaluations for some of these investments by the end of FY2017, but has not yet established plans to evaluate over a third of its investments.
    Recommendation: To help ensure continued progress in the implementation of cloud computing services, the Secretaries of Agriculture, Health and Human Services, Homeland Security, State, and the Treasury; and the Administrators of the General Services Administration and Small Business Administration should direct their respective Chief Information Officers to ensure that all IT investments are assessed for suitability for migration to a cloud computing service.

    Agency: Small Business Administration
    Status: Open

    Comments: We are waiting for a response from SBA on the status of efforts to implement this recommendation.
    Recommendation: To help ensure continued progress in the implementation of cloud computing services, the Secretaries of Agriculture, Health and Human Services, Homeland Security, State, and the Treasury; and the Administrators of the General Services Administration and Small Business Administration should direct their respective Chief Information Officers to establish evaluation dates for those investments identified in this report that have not been assessed for migration to the cloud.

    Agency: Department of Agriculture
    Status: Open

    Comments: We are in the process of waiting for additional department documentation.
    Recommendation: To help ensure continued progress in the implementation of cloud computing services, the Secretaries of Agriculture, Health and Human Services, Homeland Security, State, and the Treasury; and the Administrators of the General Services Administration and Small Business Administration should direct their respective Chief Information Officers to establish evaluation dates for those investments identified in this report that have not been assessed for migration to the cloud.

    Agency: Department of the Treasury
    Status: Open

    Comments: We are waiting for a response from the department on the status of efforts to implement this recommendation.
    Recommendation: To help ensure continued progress in the implementation of cloud computing services, the Secretaries of Agriculture, Health and Human Services, Homeland Security, State, and the Treasury; and the Administrators of the General Services Administration and Small Business Administration should direct their respective Chief Information Officers to establish evaluation dates for those investments identified in this report that have not been assessed for migration to the cloud.

    Agency: Department of State
    Status: Open

    Comments: The Department of State established a requirement for completing a cloud computing service alternatives analysis for all new projects, and that existing IT projects be evaluated for viability to migrate to a cloud computing environment. Further, the department established key factors for consideration when selecting applications for migration to a cloud environment. However, the department has not yet established evaluation dates for the vast majority of the investments that have not been assessed for migration to the cloud. Specifically, the department plans to complete evaluations for some of these investments by the end of fiscal year 2017, but does not plan to do so for most of them.
    Recommendation: To help ensure continued progress in the implementation of cloud computing services, the Secretaries of Agriculture, Health and Human Services, Homeland Security, State, and the Treasury; and the Administrators of the General Services Administration and Small Business Administration should direct their respective Chief Information Officers to establish evaluation dates for those investments identified in this report that have not been assessed for migration to the cloud.

    Agency: Small Business Administration
    Status: Open

    Comments: We are waiting for a response from the department on the status of efforts to implement this recommendation.
    Director: Gregory C. Wilshusen
    Phone: (202) 512-6244

    16 open recommendations
    including 1 priority recommendation
    Recommendation: To ensure that the privacy and security controls of contractor-operated systems are being properly overseen, the Secretary of Energy should develop, document, and implement oversight procedures for ensuring that, for each contractor-operated system, a system test plan is developed.

    Agency: Department of Energy
    Status: Open

    Comments: DOE concurred with the recommendation. However, DOE has not yet provided sufficient evidence that it has implemented the recommendation. We plan to validate the department's actions when DOE informs us that it has satisfactorily implemented the recommendation.
    Recommendation: To ensure that the privacy and security controls of contractor-operated systems are being properly overseen, the Secretary of Energy should develop, document, and implement oversight procedures for ensuring that, for each contractor-operated system, a system test is fully executed.

    Agency: Department of Energy
    Status: Open

    Comments: DOE concurred with the recommendation. However, DOE has not yet provided sufficient evidence that it has implemented the recommendation. We plan to validate the department's actions when DOE informs us that it has implemented the recommendation.
    Recommendation: To ensure that the privacy and security controls of contractor-operated systems are being properly overseen, the Secretary of Energy should develop, document, and implement oversight procedures for ensuring that, for each contractor-operated system, test results are reviewed by agency officials.

    Agency: Department of Energy
    Status: Open

    Comments: DOE concurred with the recommendation. However, DOE has not yet provided sufficient evidence that it has implemented the recommendation. We plan to validate the department's actions when DOE informs us that it has implemented the recommendation.
    Recommendation: To ensure that the privacy and security controls of contractor-operated systems are being properly overseen, the Secretary of State should develop, document, and implement oversight procedures for ensuring that, for each contractor-operated system, security and privacy requirements are communicated to contractors.

    Agency: Department of State
    Status: Open

    Comments: The Department of State concurred with our recommendation and is planning to develop, document, and implement oversight procedures for each contractor-operated, contractor-owned system. However, STATE has not yet provided sufficient evidence that it has implemented the recommendation. We plan to validate the department's actions when STATE informs us that it has satisfactorily implemented the recommendation.
    Recommendation: To ensure that the privacy and security controls of contractor-operated systems are being properly overseen, the Secretary of State should develop, document, and implement oversight procedures for ensuring that, for each contractor-operated system, an independent assessor is selected to assess the system.

    Agency: Department of State
    Status: Open

    Comments: The Department of State concurred with our recommendation and is planning to develop, document, and implement oversight procedures for each contractor-operated, contractor-owned system. However, STATE has not yet provided sufficient evidence that it has implemented the recommendation. We plan to validate the department's actions when STATE informs us that it has implemented the recommendation.
    Recommendation: To ensure that the privacy and security controls of contractor-operated systems are being properly overseen, the Secretary of State should develop, document, and implement oversight procedures for ensuring that, for each contractor-operated system, a system test is fully executed.

    Agency: Department of State
    Status: Open

    Comments: The Department of State concurred with our recommendation and is planning to develop, document, and implement oversight procedures for each contractor-operated, contractor-owned system. However, STATE has not yet provided sufficient evidence that it has implemented the recommendation. We plan to validate the department's actions when STATE informs us that it has implemented the recommendation.
    Recommendation: To ensure that the privacy and security controls of contractor-operated systems are being properly overseen, the Secretary of State should develop, document, and implement oversight procedures for ensuring that, for each contractor-operated system, test results are reviewed by agency officials.

    Agency: Department of State
    Status: Open

    Comments: The Department of State concurred with our recommendation and is planning to develop, document, and implement oversight procedures for each contractor-operated, contractor-owned system. However, STATE has not yet provided sufficient evidence that it has implemented the recommendation. We plan to validate the department's actions when STATE informs us that it has implemented the recommendation.
    Recommendation: To ensure that the privacy and security controls of contractor-operated systems are being properly overseen, the Secretary of State should develop, document, and implement oversight procedures for ensuring that, for each contractor-operated system, plans of action and milestones with estimated completion dates and resources assigned for resolution are maintained.

    Agency: Department of State
    Status: Open

    Comments: The Department of State concurred with our recommendation and is planning to develop, document, and implement oversight procedures for each contractor-operated, contractor-owned system. However, STATE has not yet provided sufficient evidence that it has implemented the recommendation. We plan to validate the department's actions when STATE informs us that it has implemented the recommendation.
    Recommendation: To ensure that the privacy and security controls of contractor-operated systems are being properly overseen, the Secretary of Transportation should develop, document, and implement oversight procedures for ensuring that, for each contractor-operated system, security and privacy requirements are communicated to contractors.

    Agency: Department of Transportation
    Status: Open

    Comments: In written comments on a draft of this report, the department agreed to consider our recommendations. We continue to believe that the department needs to develop, document, and implement oversight procedures for each contractor-operated system. DOT has not yet provided sufficient evidence that it has taken these actions. We plan to validate the department's actions when DOT informs us that it has satisfactorily implemented the recommendation.
    Recommendation: To ensure that the privacy and security controls of contractor-operated systems are being properly overseen, the Secretary of Transportation should develop, document, and implement oversight procedures for ensuring that, for each contractor-operated system, a system test is fully executed.

    Agency: Department of Transportation
    Status: Open

    Comments: In written comments on a draft of this report, the department agreed to consider our recommendations. We continue to believe that the department needs to develop, document, and implement oversight procedures for each contractor-operated system. DOT has not yet provided sufficient evidence that it has taken these actions. We plan to validate the department's actions when DOT informs us that it has implemented the recommendation.
    Recommendation: To ensure that the privacy and security controls of contractor-operated systems are being properly overseen, the Secretary of Transportation should develop, document, and implement oversight procedures for ensuring that, for each contractor-operated system, test results are reviewed by agency officials.

    Agency: Department of Transportation
    Status: Open

    Comments: In written comments on a draft of this report, the department agreed to consider our recommendations. We continue to believe that the department needs to develop, document, and implement oversight procedures for each contractor-operated system. DOT has not yet provided sufficient evidence that it has taken these actions. We plan to validate the department's actions when DOT informs us that it has implemented the recommendation.
    Recommendation: To ensure that the privacy and security controls of contractor-operated systems are being properly overseen, the Secretary of Transportation should develop, document, and implement oversight procedures for ensuring that, for each contractor-operated system, plans of action and milestones with estimated completion dates and resources assigned to resolution are maintained.

    Agency: Department of Transportation
    Status: Open

    Comments: In written comments on a draft of this report, the department agreed to consider our recommendations. We continue to believe that the department needs to develop, document, and implement oversight procedures for each contractor-operated system. DOT has not yet provided sufficient evidence that it has taken these actions. We plan to validate the department's actions when DOT informs us that it has implemented the recommendation.
    Recommendation: To ensure that the privacy and security controls of contractor-operated systems are being properly overseen, the Administrator of the Environmental Protection Agency should develop, document, and implement oversight procedures for ensuring that, for each contractor-operated system, a system test is fully executed.

    Agency: Environmental Protection Agency
    Status: Open

    Comments: EPA concurred with our recommendation. However, EPA has not yet provided evidence that it has implemented the recommendation. We plan to validate the department's actions when EPA informs us that it has implemented the recommendation.
    Recommendation: To ensure that the privacy and security controls of contractor-operated systems are being properly overseen, the Administrator of the Environmental Protection Agency should develop, document, and implement oversight procedures for ensuring that, for each contractor-operated system, plans of action and milestones with estimated completion dates and resources assigned for resolution are maintained.

    Agency: Environmental Protection Agency
    Status: Open

    Comments: EPA concurred with our recommendation. However, EPA has not yet provided evidence that it has implemented the recommendation. We plan to validate the department's actions when EPA informs us that it has implemented the recommendation.
    Recommendation: To ensure that the privacy and security controls of contractor-operated systems are being properly overseen, the Director of the Office of Personnel Management should develop, document, and implement oversight procedures for ensuring that a system test is fully executed for each contractor-operated system.

    Agency: Office of Personnel Management
    Status: Open
    Priority recommendation

    Comments: OPM concurred with our recommendation. However, as of April 2017, OPM had not implemented the recommendation to develop, document and implement oversight procedures to ensure that a system test is fully executed for each contractor-operated system. We will monitor OPM's efforts and validate OPM actions when evidence discloses that the recommendation has been implemented.
    Recommendation: To be able to effectively assist agencies with their contractor oversight programs, the Director of the Office of Management and Budget, in collaboration with the Secretary of Homeland Security, should develop and clarify reporting guidance to agencies for annually reporting the number of contractor-operated systems.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: We requested comments on a draft of this report from the Office of Management and Budget, but none were provided. In June 2017, OMB stated that its and DHS's annual reporting requirements now contain an expanded list of criteria for contractor-operated systems, including definitions in related guidance from the National Institute of Standards and Technology. However, although the reporting requirements call for agencies to report on their total number of contractor-operated systems, neither the requirements or related guidance clarify which agency systems that have contractor relationships should be categorized as contractor-operated. The lack of clear instructions may continue to result in incomplete information regarding the number of contractor-operated systems within the government.
    Director: Mihm, J Christopher
    Phone: (202) 512-3236

    2 open recommendations
    Recommendation: To improve agencies' retrospective regulatory review processes and reporting, and strengthen linkages between retrospective reviews and agency performance management, the Director of the Office of Management and Budget should direct the Administrator of the Office of Information and Regulatory Affairs to work with regulatory agencies to implement existing guidance, and update guidance where needed, to improve the reporting of outcomes in their retrospective regulatory review plans by taking actions such as: (1) publishing a link to updated plans, which list recent results and anticipated outcomes, on the White House website; (2) submitting evidence that agencies listed updates of their plans on their "Open Government" web pages; (3) providing more comprehensive information on completed reviews in agencies' most recent plans and progress reports by (a) ensuring the most recent published plan contains a complete accounting of all completed reviews rather than expecting readers to review multiple plans, and (b) including the supporting analysis and data for results by listing a link or citation to the related documentation.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: In comments on the draft report, OMB staff generally agreed with the recommendation. In responses to questions for the record following a July 2015 Senate hearing on OMB's Office of Information and Regulatory Affairs (OIRA), the OIRA Administrator noted that OIRA has adopted several of the recommendations in GAO-14-268. Regarding this recommendation, the Administrator stated that OIRA posted agencies' retrospective review plans on a central OMB site. As of August 2017, these plans and progress updates are now publicly available, by agency, on the archived OMB website for President Obama's administration (see https://obamawhitehouse.archives.gov/omb/oira/regulation-reform).
    Recommendation: To improve agencies' retrospective regulatory review processes and reporting, and strengthen linkages between retrospective reviews and agency performance management, the Director of the Office of Management and Budget should direct the Administrator of the Office of Information and Regulatory Affairs to ensure that the Office of Information and Regulatory Affairs, as part of its oversight role, monitor the extent to which agencies have implemented the guidance on retrospective regulatory review requirements outlined in the related executive orders and confirm that agencies have identified how they will assess the performance of regulations in the future.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: In comments on the draft report, OMB staff generally agreed with the recommendation. In responses to questions for the record following a July 2015 Senate hearing on the Office of Information and Regulatory Affairs' (OIRA) role in the regulatory process, the OIRA Administrator noted that OIRA has adopted several of the recommendations in GAO-14-268. Specifically regarding this recommendation, the Administrator stated that OIRA regularly asks agencies to consider the incorporation of a retrospective review planning component in forward-looking regulations, but as of August 2017 OMB has not responded to GAO's requests to provide additional details.
    Director: Charles Michael Johnson, Jr.
    Phone: (202) 512-7331

    4 open recommendations
    including 4 priority recommendations
    Recommendation: To strengthen State's ability to ensure that U.S. civilian personnel are in compliance with the FACT training requirement, the Secretary of State should identify a mechanism to readily determine the universe of assigned U.S. civilian personnel under chief-of-mission authority who are required to complete FACT training.

    Agency: Department of State
    Status: Open
    Priority recommendation

    Comments: State concurred with this recommendation, but has not yet identified a mechanism to readily determine the universe of assigned U.S. civilian personnel under chief-of-mission authority who are required to complete FACT training. As of March 2017, GAO continues to monitor State's efforts to implement this recommendation.
    Recommendation: To strengthen State's ability to ensure that U.S. civilian personnel are in compliance with the FACT training requirement, the Secretary of State should take steps to ensure that management personnel responsible for assigning personnel to designated high-threat countries consistently verify that all assigned U.S. civilian personnel under chief-of-mission authority who are required to complete FACT training have completed it before arrival in the designated high-threat countries.

    Agency: Department of State
    Status: Open
    Priority recommendation

    Comments: State agreed with the recommendation, and on July 7, 2014--subsequent to our report issuance and addressing this finding--State issued a memo to all agencies that states that it is the responsibility of each agency to ensure its employees are in compliance with FACT training requirements prior to travel to the relevant posts. The memo also requires employees to provide a FACT completion certificate to posts upon request. In October 2016, State officials reported that State had rolled out a ClassNet SharePoint site, and that they expected that the site would include Bureau of Near Eastern Affairs and Bureau of South and Central Asian Affairs posts by January 1, 2017. The SharePoint site allows designated users in Washington, D.C. and at posts to access the Foreign Service Institute's training records database. As of March 2017, GAO continues to monitor State's efforts to fully address the recommendation.
    Recommendation: To strengthen State's ability to ensure that U.S. civilian personnel are in compliance with the FACT training requirement, the Secretary of State should take steps to ensure that management personnel responsible for granting country clearance consistently verify that all short-term TDY U.S. civilian personnel under chief-of-mission authority who are required to complete FACT training have completed it before arrival in the designated high-threat countries.

    Agency: Department of State
    Status: Open
    Priority recommendation

    Comments: In response to GAO's recommendation, as of March 2017, State had taken several steps to ensure that the electronic Country Clearance (eCC) is easier for personnel to use, but these steps do not ensure that the personnel responsible for verifying FACT training before deployment are doing so. For instance, State updated the current eCC to require personnel traveling to High Threat, High Risk Posts to certify FACT training, with radio buttons for the following: (1) whether the stay is greater than 45 days; (2) whether the traveler has spent more than 45 total days at a High Threat, High Risk Post within the last 365-days; and (3) whether the traveler has completed FACT. If the eCC user responds that the traveler has not taken FACT, he or she must provide a justification. In addition, the eCC system requires personnel traveling to High Threat, High Risk Posts to certify whether they have completed FACT and to provide the completion date. When the eCC user enters this information, he or she is prompted with a box that instructs him or her to "provide documentation of FACT Training (e.g. Certificate) upon arrival at Post" and to click OK to continue. Since May 2016, the agency had been developing a new eCC application that will include automated checks of training records. Agency officials expect to produce this new application in the summer of 2017. GAO continues to monitor State's efforts to fully address the recommendation.
    Recommendation: To strengthen State's ability to ensure that U.S. civilian personnel are in compliance with the FACT training requirement, the Secretary of State should monitor or evaluate overall levels of compliance with the FACT training requirement among U.S. civilian personnel under chief-of-mission authority who are subject to the requirement.

    Agency: Department of State
    Status: Open
    Priority recommendation

    Comments: As of May 2015, State officials said that they are developing a plan to utilize various electronic systems to monitor overall levels of compliance for assigned and short-term TDY personnel. The plan is being developed iteratively and is subject to change based on findings and lessons learned from each stage as well as constraints based on cyber security compliance. As of March 2017, State did not report further progress on this recommendation.
    Director: St James, Lorelei
    Phone: (202) 512-2834

    3 open recommendations
    Recommendation: To strengthen USPS's capital investment process related to USPS policy and consistent application of leading practices, the Postmaster General and executive leaders should establish a time frame for developing a clear, detailed, single-source, standard set of policies and procedures that reflect the capital investment selection phase.

    Agency: United States Postal Service: Office of the Postmaster General
    Status: Open

    Comments: In June 2017, the U.S. Postal Service (USPS) informed GAO that its Handbook F-66 General Investment Policies and Procedures is undergoing revisions that will make the capital investment selection process more clear, detailed, and standardized. The revised draft of the F-66 handbook is currently in the review and clearance process and may be finalized in 2017. USPS added that it will inform GAO of further updates as they develop.
    Recommendation: To strengthen USPS's capital investment process related to USPS policy and consistent application of leading practices, the Postmaster General and executive leaders should modify capital investment policies to more closely align with the following leading practices, including: (1) for planning capital investments, consider whether an external entity could better support all or part of a desired function when evaluating alternative capital investment options; (2) for selecting capital investments, use a portfolio approach for developing business cases and finalizing and allocating resources; and (3) for evaluating capital investments, seek and leverage external oversight and review, from a consultant or peer reviewer, and require that best practices and lessons learned be incorporated into the review process.

    Agency: United States Postal Service: Office of the Postmaster General
    Status: Open

    Comments: In June 2017, USPS informed GAO and provided documentation that its Handbook F-66 General Investment Policies and Procedures is to incorporate all leading practices. The F-66, however, is not yet finalized. In particular, the draft F-66 states that for planning investments, USPS is to conduct an analysis to identify the most economically beneficial resolution to a problem--the alternative that will result in the highest net present value, lowest costs, or greatest savings. For selecting investments, USPS is to use a portfolio approach organized by agency goals, sub-goals, indicators, and targets. For evaluating investments, USPS is to evaluate the need to hire consultants when applicable to assess the investment. The revised F-66 indicates that USPS will also is require project managers to submit an analysis of investment performance and lessons learned as part of its post-deployment steps.
    Recommendation: To strengthen USPS's capital investment process related to USPS policy and consistent application of leading practices, the Postmaster General and executive leaders should regularly examine the extent to which executives and program managers consistently follow all leading practices, particularly for: (1) identifying problems and reassessing risk while managing a project; and (2) evaluating the cost, schedule, and performance results of completed projects.

    Agency: United States Postal Service: Office of the Postmaster General
    Status: Open

    Comments: In June 2017, USPS informed GAO and provided documentation that its revised Handbook F-66 General Investment Policies and Procedures is to include a management step to regularly review the progress and benefits of its capital investments, as well as its affordability and achievability, and make adjustments as necessary to meet the investment's goals. In addition, once a project is completed, USPS will require capital investment managers to present on the investment's performance, return-on-investment, and lessons learned.
    Director: Gomez, Jose A
    Phone: (202) 512-3841

    1 open recommendations
    Recommendation: To improve EPA's management of the conditional registration process, the Administrator of EPA should direct the Director of the Office of Pesticide Programs to complete plans to automate data related to conditional registrations to more readily track the status of these registrations and related registrant and agency actions and identify potential problems requiring management attention.

    Agency: Environmental Protection Agency
    Status: Open

    Comments: As of May 2017, EPA reported that until upgrades to OPP's database architecture are complete in the FY 18 timeframe, the agency cannot complete plans to automate data related to conditional registrations. The agency informed us that plans are currently underway to improve the functionality and accuracy of OPP databases, including the tracking of information on conditional registration. However, until this work is complete, the recommendation will remain open.
    Director: Pendleton, John H
    Phone: (404)679-1816

    2 open recommendations
    including 1 priority recommendation
    Recommendation: To ensure that the geographic combatant commands are properly sized to meet their assigned missions and to improve the transparency of the commands' authorized manpower, assigned personnel, and mission and headquarters-support costs, the Secretary of Defense should direct the Chairman of the Joint Chiefs of Staff to revise Chairman of the Joint Chiefs of Staff Instruction 1001.01A to require a comprehensive, periodic evaluation of whether the size and structure of the combatant commands meet assigned missions.

    Agency: Department of Defense
    Status: Open
    Priority recommendation

    Comments: Our review found that DOD has a process for evaluating requests for additional authorized positions, but that it does not periodically evaluate the commands' authorized positions to ensure they are needed to meet the commands' assigned missions. The department did not concur with our recommendation, stating that the combatant commands had already been reduced during previous budget and efficiency reviews. The department also noted that any periodic review of the combatant commands' size and structure must include a review of assigned missions, and that a requirement for a mission review was not appropriate for inclusion in the commands' guiding instruction on personnel requirements. Our report acknowledged and described several actions taken by DOD to manage growth in positions and costs at the combatant commands, including establishing personnel baselines and identifying personnel reductions. We continue to maintain that the actions taken by DOD do not constitute a comprehensive, periodic review because they have not included all authorized positions at the combatant commands. In addition, the department's response does not fully explain why there should not be a requirement for periodic reviews to ensure that the resources meet constantly evolving missions. We continue to believe that institutionalizing a periodic evaluation of all authorized positions would help to systematically align manpower with missions and add rigor to the requirements process. Currently, the Department does not plan to take action to implement this recommendation. We will continue to monitor actions DOD takes in response to this recommendation and will provide updated information as appropriate.
    Recommendation: To ensure that the geographic combatant commands are properly sized to meet their assigned missions and to improve the transparency of the commands' authorized manpower, assigned personnel, and mission and headquarters-support costs, the Secretary of Defense should direct the Chairman of the Joint Chiefs of Staff, in coordination with the combatant commanders and the secretaries of the military departments, to develop and implement a formal process to gather information on authorized manpower and assigned personnel at the service component commands.

    Agency: Department of Defense
    Status: Open

    Comments: Our review found that the Joint Staff and combatant commands lacked visibility and oversight over the authorized manpower and personnel at the service component commands. Specifically, we found that the combatant commands and Joint Staff did not have visibility over personnel at the service component commands or access to the service-specific personnel management systems that the service component commands use, and if they need information to determine whether personnel at the service component commands could support the combatant commands' mission requirements they had to request it from the service component commands. The Director, Joint Staff concurred with the recommendation, but did not provide comments on the corrective action to be taken. In a June 2015 update on this recommendation, Joint Staff officials acknowledged they continue to have no insight into the authorized positions of the service component commands which are managed and tracked by the military services. The Joint Staff and combatant commands continue to request information from the service component commands when needed to track authorized positions and actual personnel, the same process we reported on in 2013. Currently, DOD does not plan to take action to implement this recommendation. We will continue to monitor actions DOD takes in response to this recommendation and will provide updated information as appropriate.
    Director: Hutton, John P
    Phone: (202) 512-4841

    2 open recommendations
    Recommendation: To better focus agencies' efforts to manage the risks related to professional and management support service contracts, the Director of OMB, through the Office of Federal Procurement Policy (OFPP), should establish a near-term deadline for agencies to develop internal procedures required by OFPP Policy Letter 11-01, including for services that closely support inherently governmental functions.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: In providing comments on our report, OFPP generally agreed with this recommendation. During follow-up discussions, OFPP agreed to provide additional information to confirm the actions they have taken to address the recommendation. However, we have yet to receive this information. We will continue to follow this recommendation and provide updated information when available.
    Recommendation: To ensure that the risks of professional and management support service contracts are more fully considered and addressed, the Director of OMB, through the Office of Federal Procurement Policy, should include contracts coded in the Federal Procurement Data System - Next Generation (FPDS-NG) as Other Professional Services and Other Management Support Services in the cost savings initiative for management support services and planned service contract inventory guidance to agencies for conducting analysis of special interest functions.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: In providing comments on our report, OFPP generally agreed with this recommendation. We have had discussions with OFPP and they agreed to provide additional information on the actions taken to address the recommendation. However, we have yet to receive this information. We will continue to follow this recommendation and provide updated information when available.
    Director: Trimble, David C
    Phone: (202)512-9338

    1 open recommendations
    Recommendation: To improve cohesion in the management and operation of EPA's laboratories, the Administrator of EPA should establish a top-level science official with the authority and responsibility to coordinate, oversee, and make management decisions regarding major scientific activities throughout the agency, including the work of all program, regional, and ORD laboratories.

    Agency: Environmental Protection Agency
    Status: Open

    Comments: EPA took some steps toward establishing a top-level science official with responsibilities to coordinate and oversee the laboratories, but the agency did not expand this official's authority to make management decisions regarding scientific activities for the laboratories.
    Director: Clowers, Angela N
    Phone: (202)512-4010

    3 open recommendations
    Recommendation: To help resolve identified borrower noncompliance in a timely manner, the Secretary of Agriculture should direct the Administrator of RHS to implement enforcement mechanisms that can be tailored to the severity of the borrower noncompliance, such as the civil money penalty enforcement provision in its program regulations.

    Agency: Department of Agriculture
    Status: Open

    Comments: The agency continues to take actions to address this recommendation, but has not yet fully implemented it.
    Recommendation: To better ensure that requirements for tenant eligibility are met across the FLH portfolio, the Secretary of Agriculture should direct the Administrator of RHS to require its loan servicers to use the Systematic Alien Verification and Entitlements (SAVE) program administered by the Department of Homeland Security to verify tenant's residency status during supervisory reviews.

    Agency: Department of Agriculture
    Status: Open

    Comments: The agency has not implemented this recommendation.
    Recommendation: The Secretary of Agriculture should direct the Administrator of RHS to better utilize available data on demand for the FLH program--such as systematically reviewing local market analyses, further analyzing occupancy data on a statewide, regional, or national level, and retaining and analyzing application information--to help target available funding to areas of greatest need.

    Agency: Department of Agriculture
    Status: Open

    Comments: The agency continues to take actions to address this recommendation, but has not yet fully implemented it.
    Director: Williamson, Randall B
    Phone: (206)287-4860

    5 open recommendations
    Recommendation: To address weaknesses in DCOE's strategic plan, the Secretary of Defense, through the Director of TMA, should direct the DCOE director to revisit and revise as necessary the organization's goals for completing statutorily required responsibilities.

    Agency: Department of Defense
    Status: Open

    Comments: As of July 2017, DOD officials have not implemented this recommendation. GAO considers it to be open. We will update the status of this recommendation when we receive additional information.
    Recommendation: To address weaknesses in DCOE's strategic plan, the Secretary of Defense, through the Director of TMA, should direct the DCOE director to require the directorates to align their day-to-day activities to support DCOE's mission and goals.

    Agency: Department of Defense
    Status: Open

    Comments: As of July 2017, DOD officials have not implemented this recommendation. GAO considers it to be open. We will update the status of this recommendation when we receive additional information.
    Recommendation: To address weaknesses in DCOE's strategic plan, the Secretary of Defense, through the Director of TMA, should direct the DCOE director to improve the performance measures in the plan to enable DCOE to determine if achievement of each measure fully supports attainment of its associated goal.

    Agency: Department of Defense
    Status: Open

    Comments: As of July 2017, DOD officials have not implemented this recommendation. GAO considers it to be open. We will update the status of this recommendation when we receive additional information.
    Recommendation: To ensure that DCOE obligations are properly classified and recorded in accordance with OMB guidance, the Secretary of Defense, through the Office of the Assistant Secretary of Defense (Health Affairs) (ASD(HA)), should direct TMA to develop written procedures with detailed steps to be performed for ensuring proper classification and recording of obligations in TMA's financial management systems.

    Agency: Department of Defense
    Status: Open

    Comments: As of July 2017, DOD officials have not implemented this recommendation. GAO considers it to be open. We will update the status of this recommendation when we receive additional information.
    Recommendation: To ensure that DCOE obligations are properly classified and recorded in accordance with OMB guidance, the Secretary of Defense, through the ASD(HA), should direct TMA to assign responsibility for updating and maintaining procedural guidance and systems codes to assure consistency with annual OMB guidance.

    Agency: Department of Defense
    Status: Open

    Comments: As of July 2017, DOD officials have not implemented this recommendation. GAO considers it to be open. We will update the status of this recommendation when we receive additional information.
    Director: Jones, Yvonne D
    Phone: (202)512-3000

    4 open recommendations
    Recommendation: To help ensure that Congress is fully apprised of efforts to resolve a case, Congress may wish to consider amending USERRA to require DOJ and OSC to report on additional time taken to resolve a matter after they decline representation.

    Agency: Congress
    Status: Open

    Comments: As of February 28, 2017, this matter has not yet been considered by Congress.
    Recommendation: To help ensure that that servicemembers who file complaints are adequately being informed of their USERRA complaint process rights in accordance with VBIA 2008, Congress may wish to consider amending USERRA to require DOL to report on the extent to which it is notifying complainants of their USERRA complaint process rights within 5 days of filing a complaint.

    Agency: Congress
    Status: Open

    Comments: As of February 28, 2017, this matter has not yet been considered by Congress.
    Recommendation: To help ensure that DOJ handles state cases as expediently as private employer cases, Congress may wish to consider amending USERRA to specifically require DOJ to adhere to the same 60-day deadline for state employer matters that they must adhere to for matters against private employers.

    Agency: Congress
    Status: Open

    Comments: As of February 28, 2017, this matter has not yet been considered by Congress.
    Recommendation: To help ensure that servicemembers in state employer cases are kept apprised of the status of DOJ's decision making without potentially compromising DOJ's ability to successfully bring suit against state employers, Congress may wish to consider amending USERRA to require DOJ to notify these servicemembers of the status of DOJ's efforts.

    Agency: Congress
    Status: Open

    Comments: As of February 28, 2017, this matter has not yet been considered by Congress.
    Director: Stephenson, John B
    Phone: (202)512-6225

    2 open recommendations
    Recommendation: To ensure that EPA's library network continues to meet its users' needs, the Administrator of EPA should, in future assistance agreements, make explicit that EPA can include in the agency's public online database, without obtaining prior permission from the copyright holder, any documents produced under the agreements.

    Agency: Environmental Protection Agency
    Status: Open

    Comments: EPA developed a draft agencywide implementation plan to make research publications and data resulting from contracts and assistance agreements freely available to the public. EPA is currently in the process of revising the draft plan in response to comment from the Office of Science and Technology Policy (OSTP). As of September 2016, EPA plans to submit the final document to OSTP soon. In the meantime, EPA?s Office of Research and Development (ORD) began implementing increased public access to intramural research publications and associated data in January 2016. ORD has also established a Memorandum of Understanding with the National Institutes of Health to use PubMed Central as the public-use repository for intramural research publications.
    Recommendation: To ensure that EPA's library network continues to meet its users' needs, and for future assistance agreements where EPA cannot make such an arrangement, EPA should digitize documents produced under the agreements and make them available to federal employees and other authorized users for federal government purposes.

    Agency: Environmental Protection Agency
    Status: Open

    Comments: EPA has developed a draft agencywide implementation plan to make research publications and data resulting from contracts and assistance agreements freely available to the public. EPA is currently in the process of revising the draft plan in response to comment from the Office of Science and Technology Policy (OSTP). As of September 2016, EPA plans to submit the final document to OSTP soon.
    Director: Clark, Cheryl E
    Phone: (202)512-9521

    1 open recommendations
    Recommendation: The Commissioner of IRS should direct the appropriate IRS officials to, once IRS identifies the control weaknesses that result in inaccuracies or errors that affect the financial reporting of unpaid tax assessments, implement control procedures to routinely prevent, or to detect and correct, such errors.

    Agency: Department of the Treasury: Internal Revenue Service
    Status: Open

    Comments: IRS created a long-term corrective action plan that contains specific actions to improve control procedures to prevent or detect errors. While IRS completed some actions during fiscal year 2016, it has not completed most of the actions in the plan or documented milestones or target completion dates for these remaining actions. In addition, during fiscal year 2016, GAO and IRS continued to identify misclassified unpaid assessments that resulted from inaccuracies or errors in taxpayer accounts. Thus, IRS's actions to date have not been effective at fully addressing the issues that continue to cause a lack of transaction traceability and material inaccuracies produced by the subsidiary ledger. We will continue to evaluate IRS's actions to address this recommendation during our fiscal year 2017 audit.
    Director: Dinapoli, Timothy J
    Phone: (202)512-3000

    2 open recommendations
    Recommendation: To better inform acquisition decisions, assist DOD personnel in performing their management oversight responsibilities, and improve DOD's surveillance of services contracts, the Secretary of Defense should require before the award of any contract or issuance of task order for services closely supporting inherently governmental functions that program and contracting officials consider and document their assessment of the unique risks of these services and the steps that have been taken to mitigate such risks.

    Agency: Department of Defense
    Status: Open

    Comments: In providing comments on this report, DOD concurred with this recommendation and had initiated actions to provide additional guidance. As of September 2017, however, DOD has not provided additional guidance to its contracting officers on considering, documenting, and mitigating the risks associated when obtaining services closely associated with inherently governmental functions.
    Recommendation: To better inform acquisition decisions, assist DOD personnel in performing their management oversight responsibilities, and improve DOD's surveillance of services contracts, the Secretary of Defense should develop guidance to identify approaches that DOD should take to enhance management oversight when contractors provide services that closely support inherently governmental functions.

    Agency: Department of Defense
    Status: Open

    Comments: In providing comments on this report, DOD concurred with this recommendation and had initiated actions to provide additional guidance. As of September 2017, however, DOD has not provided additional guidance to its contracting officers on the steps they should take to enhance oversight of contractors providing services closely associated with inherently governmental functions.