Reports & Testimonies

  • GAO’s recommendations database contains report recommendations that still need to be addressed.

    GAO’s recommendations help congressional and agency leaders prepare for appropriations and oversight activities, as well as help improve government operations. Recommendations remain open until they are designated as Closed-implemented or Closed-not implemented. You can explore open recommendations by searching or browsing.

    GAO's priority recommendations are those that we believe warrant priority attention. We sent letters to the heads of key departments and agencies, urging them to continue focusing on these issues. These recommendations are labeled as such. You can find priority recommendations by searching or browsing our open recommendations below, or through our mobile app.

  • Browse Open Recommendations

    Explore priority recommendations by subject terms or browse by federal agency

    Search Open Recommendations

    Search for a specific priority recommendation by word or phrase



  • Governing on the go?

    Our Priorities for Policy Makers app makes it easier for leaders to search our recommendations on the go.

    See the November 10th Press Release


  • Have a Question about a Recommendation?

    • For questions about a specific recommendation, contact the person or office listed with the recommendation.
    • For general information about recommendations, contact GAO's Audit Policy and Quality Assurance office at (202) 512-6100 or apqa@gao.gov.
  • « Back to Results List Sort by   

    Results:

    Subject Term: "Federal agencies"

    255 publications with a total of 1063 open recommendations including 85 priority recommendations
    Director: Nancy Kingsbury
    Phone: (202) 512-2700

    1 open recommendations
    Recommendation: To help ensure that federal agencies obtain the evidence needed to address the most important questions to improve program implementation and performance, the Director of the Office of Management and Budget should direct each of the 24 Chief Financial Officer Act agencies to prepare an annual agency-wide evaluation plan that describes the (1) key questions for each significant evaluation study that the agency plans to begin in the next fiscal year, and (2) congressional committees; federal, state and local program partners; researchers; and other stakeholders that were consulted in preparing their plan. (Recommendation 1)

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Director: J. Christopher Mihm
    Phone: (202) 512-6806

    4 open recommendations
    Recommendation: The Director of OMB should revise and publicly issue OMB guidance--through an update to its Circular No. A-11, a memorandum, or other means--to provide time frames and associated milestones for implementing the federal program inventory. (Recommendation 2)

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: The Director of OMB should consider--as OMB determines its strategy for resumed implementation of the federal program inventory--using a systematic approach, such as the information architecture framework, to help ensure that GPRAMA requirements and our past recommendations for the inventory are addressed. (Recommendation 3)

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: The Director of OMB should work with the Performance Improvement Council to identify and share among agencies practices for expanding the use of data-driven performance reviews beyond agency priority goals, such as for other performance goals and at lower levels within agencies, that have led to performance improvements. (Recommendation 4)

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: The Director of OMB should update Performance.gov to explain that quarterly reporting on the fiscal year 2014 through 2017 cross-agency priority goals and fiscal year 2016 and 2017 agency priority goals (APGs) was suspended, and provide the location of final progress updates for these goals. (Recommendation 1)

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Director: Timothy J. DiNapoli
    Phone: (202) 512-4841

    7 open recommendations
    Recommendation: To enhance management attention to closing out contracts, the Secretary of Defense should develop a means for department-wide oversight into components' progress in meeting their goals on closing contracts and the status of contracts eligible for closeout. (Recommendation 1)

    Agency: Department of Defense
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To enhance management attention to closing out contracts, the Secretary of Health and Human Services should develop a means for department-wide oversight into components' progress in meeting their goals on closing contracts and the status of contracts eligible for closeout. (Recommendation 2)

    Agency: Department of Health and Human Services
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To enhance management attention to closing out contracts, the Secretary of Homeland Security should develop a means, either at the agency or the component level, to track where the contracts are in the closeout process, and establish goals and performance measures for closing contracts. (Recommendation 3)

    Agency: Department of Homeland Security
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To enhance management attention to closing out contracts, the Attorney General should direct the Senior Procurement Executive to ensure the development of a means to track data on the number and type of contracts eligible for closeout and where the contracts are in the closeout process, as well as a means to assess--at the agency or component level--progress by establishing goals and performance measures for closing contracts. (Recommendation 4)

    Agency: Department of Justice
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To enhance management attention to closing out contracts, the Secretary of State should develop a means at the agency level to track data on the entirety of the number and type of contracts eligible for closeout, where the contracts are in the closeout process, and establish goals and performance measures for closing contracts. (Recommendation 5)

    Agency: Department of State
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To manage its incurred cost inventory, the Director, DCAA should assess and implement options for reducing the length of time to begin incurred cost audit work and establish related performance measures. (Recommendation 6)

    Agency: Department of Defense: Defense Contract Audit Agency
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To manage its incurred cost inventory, the Director, DCAA should comprehensively assess the use and effect of multi-year audits on both DCAA and contractors and establish related performance measures. (Recommendation 7)

    Agency: Department of Defense: Defense Contract Audit Agency
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Director: John Neumann
    Phone: (202) 512-3841

    3 open recommendations
    Recommendation: The Director of NSF should require staff to follow written internal guidance for (1) using tools and templates NSF has developed for the process for setting indirect cost rates and (2) updating the agency's database to reflect the status of awardees for which NSF has cognizance and of indirect cost rate proposals. (Recommendation 1)

    Agency: National Science Foundation
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: The Director of NSF should add details to NSF's internal guidance for setting indirect cost rates specifying (1) the criteria to be used by the supervisor for assessing the level of risk and steps for mitigating the risks at each level and (2) the steps for supervisory review of the process for setting indirect cost rates and documentation of the results of the review. (Recommendation 2)

    Agency: National Science Foundation
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: The Director of NSF should add procedures to NSF's internal guidance for (1) implementing the applicable new provisions of the Uniform Guidance, including updating links to Office of Management and Budget guidance, and (2) monitoring the indirect cost rates that the Department of Interior sets on NSF's behalf. (Recommendation 3)

    Agency: National Science Foundation
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Director: Carol C. Harris
    Phone: (202) 512-4456

    25 open recommendations
    Recommendation: The Administrator of General Services should disseminate the 16 agency-focused lessons learned that have not been fully incorporated in GSA guidance to the agencies involved in the current transition. (Recommendation 1)

    Agency: General Services Administration
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: The Secretary of Agriculture should ensure that the Department's Chief Information Officer verifies the completeness of its inventory of current telecommunications assets and services and establishes a process for ongoing maintenance of the inventory. (Recommendation 2)

    Agency: Department of Agriculture
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: The Secretary of Agriculture should ensure that the Department's Chief Information Officer completes efforts to identify future telecommunications needs and areas for optimization, identifies the costs and benefits of new technology, and aligns USDA's approach with its long-term plans. (Recommendation 3)

    Agency: Department of Agriculture
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: The Secretary of Agriculture should ensure that the Department's Chief Information Officer identifies transition-related roles and responsibilities related to the management of assets, human capital, and information security, and legal expertise; develops a transition communications plan; and uses configuration and change-management processes in USDA's transition. (Recommendation 4)

    Agency: Department of Agriculture
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: The Secretary of Agriculture should ensure that the Department's Chief Information Officer documents the costs and benefits of transition investments, identifies staff resources needed for the remainder of the transition, and analyzes training needs for staff assisting with the transition. (Recommendation 5)

    Agency: Department of Agriculture
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: The Secretary of Agriculture should ensure that the Department's Chief Information Officer demonstrates that the Department's transition goals and measures align with its mission, identifies transition risks related to critical systems and continuity of operations, and identifies mission-critical priorities in USDA's transition timeline. (Recommendation 6)

    Agency: Department of Agriculture
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: The Secretary of Labor should ensure that the Department's Chief Information Officer verifies the completeness of DOL's inventory of current telecommunications assets and services and establishes a process for ongoing maintenance of the inventory. (Recommendation 7)

    Agency: Department of Labor
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: The Secretary of Labor should ensure that the Department's Chief Information Officer identifies the agency's future telecommunications needs, completes a strategic analysis of the agency's telecommunications requirements, and incorporates the requirements into transition planning. (Recommendation 8)

    Agency: Department of Labor
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: The Secretary of Labor should ensure that the Department's Chief Information Officer identifies transition-related roles and responsibilities related to the management of assets, human capital, and information security, and legal expertise; develops a transition communications plan; and uses project, configuration, and change-management processes in DOL's transition (Recommendation 9)

    Agency: Department of Labor
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: The Secretary of Labor should ensure that the Department's Chief Information Officer identifies the resources needed for the full transition, develops justifications for the costs of changes to hardware and software, identifies staff resources needed for the remainder of the transition, and analyzes training needs for staff assisting with the transition. (Recommendation 10)

    Agency: Department of Labor
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: The Secretary of Labor should ensure that the Department's Chief Information Officer identifies transition risks related to information security, critical systems, and continuity of operations, and identifies mission-critical priorities in DOL's transition timeline. (Recommendation 11)

    Agency: Department of Labor
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: The Chairman of the Securities and Exchange Commission should ensure that the Commission's Chief Information Officer identifies the agency's future telecommunications needs, areas for optimization, and the costs and benefits of new technology; completes a strategic analysis of the commission's telecommunications requirements; and incorporates the identified requirements into transition planning. (Recommendation 12)

    Agency: United States Securities and Exchange Commission
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: The Chairman of the Securities and Exchange Commission should ensure that the Commission's Chief Information Officer identifies roles and responsibilities related to the management of assets and human capital and legal expertise for the transition; includes key local and regional officials in SEC's transition communications plan; and completes efforts to use configuration and change management processes in the transition. (Recommendation 13)

    Agency: United States Securities and Exchange Commission
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: The Chairman of the Securities and Exchange Commission should ensure that the Commission's Chief Information Officer identifies the resources needed for the full transition, justifies requests for transition resources, identifies staff resources needed for the full transition, and completes efforts to analyze training needs for staff assisting with the transition. (Recommendation 14)

    Agency: United States Securities and Exchange Commission
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: The Chairman of the Securities and Exchange Commission should ensure that the Commission's Chief Information Officer completes efforts to demonstrate that the commission's transition goals and measures align with its mission, identifies transition risks related to critical systems and continuity of operations, and identifies mission-critical priorities in SEC's transition timeline. (Recommendation 15)

    Agency: United States Securities and Exchange Commission
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: The Commissioner of the Social Security Administration should ensure that the Administration's Chief Information Officer verifies the completeness of SSA's inventory of current telecommunications assets and services and establishes a process for ongoing maintenance of the inventory regarding services other than local and long-distance telecommunications. (Recommendation 16)

    Agency: Social Security Administration
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: The Commissioner of the Social Security Administration should ensure that the Administration's Chief Information Officer completes identification of the agency's future telecommunications needs and aligns its approach with the agency's enterprise architecture. (Recommendation 17)

    Agency: Social Security Administration
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: The Commissioner of the Social Security Administration should ensure that the Administration's Chief Information Officer uses configuration and change-management processes in its transition. (Recommendation 18)

    Agency: Social Security Administration
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: The Commissioner of the Social Security Administration should ensure that the Administration's Chief Information Officer identifies the resources needed for the full transition, documents the costs and benefits of transition investments, identifies staff resources needed for the remainder of the transition, and analyzes training needs for all staff working on the transition. (Recommendation 19)

    Agency: Social Security Administration
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: The Commissioner of the Social Security Administration should ensure that the Administration's Chief Information Officer completes efforts to identify measures of success for the transition, identifies transition risks related to critical systems and continuity of operations, and identifies mission-critical priorities in SSA's transition timeline. (Recommendation 20)

    Agency: Social Security Administration
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: The Secretary of Transportation should ensure that the Department's Chief Information Officer verifies the completeness of DOT's inventory of current telecommunications assets and services and establishes a process for ongoing maintenance of the inventory. (Recommendation 21)

    Agency: Department of Transportation
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: The Secretary of Transportation should ensure that the Department's Chief Information Officer identifies the agency's future telecommunications needs, areas for optimization, and costs and benefits of new technology; and completes efforts to align DOT's approach with its long-term plans and enterprise architecture. (Recommendation 22)

    Agency: Department of Transportation
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: The Secretary of Transportation should ensure that the Department's Chief Information Officer identifies roles and responsibilities related to the management of assets and human capital and legal expertise for the transition; develops a transition communications plan; and fully uses configuration and change-management processes in DOT's transition. (Recommendation 23)

    Agency: Department of Transportation
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: The Secretary of Transportation should ensure that the Department's Chief Information Officer fully identifies the resources needed for the full transition, justifies requests for transition resources, identifies staff resources needed for the full transition, and fully analyzes training needs for staff assisting with the transition. (Recommendation 24)

    Agency: Department of Transportation
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: The Secretary of Transportation should ensure that the Department's Chief Information Officer fully demonstrates that DOT's transition goals and measures align with its mission; completely identifies transition risks related to information security, critical systems, and continuity of operations; and fully identifies mission-critical priorities in the transition timeline. (Recommendation 25)

    Agency: Department of Transportation
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Director: Jessica Lucas-Judy
    Phone: (202) 512-9110

    1 open recommendations
    Recommendation: The Secretary of Veterans Affairs should track data that can help VA determine whether AVO improves recruitment and retention.

    Agency: Department of Veterans Affairs
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Director: Michael Clements
    Phone: (202) 512-8678

    4 open recommendations
    Recommendation: The Chief Investment Officer of the Army and Air Force Exchange Service should fully implement key practices to increase opportunities for MWO asset managers as part of its selection processes. Specifically, the Chief Investment Officer should complete actions related to top leadership commitment and removing potential barriers. (Recommendation 1)

    Agency: Department of Defense: Army and Air Force Exchange Service
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: The Chief Investment Officer of the Federal Retirement Thrift Investment Board should use key practices as appropriate to increase opportunities for MWO asset managers if and when implementing its mutual fund window platform. Specifically, the Chief Investment Officer should take actions to demonstrate top leadership commitment, remove potential barriers, conduct outreach to MWO firms, and communicate its priorities and expectations for an inclusive selection process to its staff and consultants if and when it begins to search for a mutual fund window platform. (Recommendation 2)

    Agency: Federal Retirement Thrift Investment Board
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: The Chief Investment Officer of the Navy Exchange Service Command should fully implement key practices to increase opportunities for MWO asset managers as part of its selection processes. Specifically, the Chief Investment Officer should take actions to demonstrate top leadership commitment, and to the extent that staff and resources are a constraint, should direct its consultant to conduct outreach to MWO firms and communicate its priorities and expectations for an inclusive selection process by requesting its consultant conduct more inclusive asset manager searches specifically for the Navy Exchange Service Command. (Recommendation 3)

    Agency: Department of Defense: Department of the Navy: Navy Exchange Service Command
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: The Chief Investment Officer of the Tennessee Valley Authority Retirement System should fully implement key practices to increase opportunities for MWO asset managers as part of its selection processes. Specifically, the Chief Investment Officer should take actions to demonstrate top leadership commitment, and to the extent that staff and resources are a constraint, should direct its consultant to conduct outreach to MWO firms and communicate its priorities and expectations for an inclusive selection process by requesting its consultant conduct more inclusive asset manager searches specifically for the Tennessee Valley Authority Retirement System. (Recommendation 4)

    Agency: Tennessee Valley Authority: Retirement System
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Director: J. Lawrence Malenich
    Phone: (202) 512-9399

    7 open recommendations
    Recommendation: To help ensure that agencies' civil monetary penalties are adjusted timely and keep pace with inflation, the Acting Administrator of the General Services Administration (GSA) should publish the initial catch-up inflation adjustment in the Federal Register.

    Agency: General Services Administration
    Status: Open

    Comments: GSA agreed with our recommendation and stated that it is developing a comprehensive plan to address the recommendation. GSA also stated that its projected time frame for publishing the catch-up inflation adjustment ruling is the end of October 2017, after completing the review and concurrence process.
    Recommendation: To help ensure that agencies' civil monetary penalties are adjusted timely and keep pace with inflation, the Acting Chairman of the National Transportation Safety Board (NTSB) should publish the initial catch-up inflation adjustment in the Federal Register.

    Agency: National Transportation Safety Board
    Status: Open

    Comments: In an e-mail commenting on our draft report, the Governmental Affairs Liaison at NTSB stated that NTSB plans to publish the initial catch-up inflation adjustment in October 2017.
    Recommendation: To help ensure that agencies' civil monetary penalties are adjusted timely and keep pace with inflation, the Secretary of Agriculture (USDA) should publish the initial catch-up inflation adjustment in the Federal Register.

    Agency: Department of Agriculture
    Status: Open

    Comments: In response to our request for comments on our draft report and recommendation to USDA, the Attorney-Advisor in the Office of General Counsel at USDA stated in an e-mail that USDA did not have any comments.
    Recommendation: To help ensure timely and complete reporting of agencies' civil monetary penalty information in agency financial reports (AFR) and to provide the Office of Management and Budget (OMB) and other decision makers with the information needed to help ensure the effectiveness of civil monetary penalties in enforcing statutes and preventing violations, the Chairman of the Federal Election Commission (FEC) should publish civil monetary penalties within its jurisdiction, including any penalty adjustments, in FEC's 2017 AFR.

    Agency: Federal Election Commission
    Status: Open

    Comments: In response to our request for comments on our draft report and recommendation to FEB, the Director of Congressional, Legislative and Intergovernmental Affairs at FEC stated in an e-mail that FEC had no comments.
    Recommendation: To help ensure timely and complete reporting of agencies' civil monetary penalty information in agency financial reports (AFR) and to provide the Office of Management and Budget (OMB) and other decision makers with the information needed to help ensure the effectiveness of civil monetary penalties in enforcing statutes and preventing violations, the Acting Chairman of the Federal Maritime Commission (FMC) should publish civil monetary penalties within its jurisdiction, including any penalty adjustments, in FMC's 2017 AFR.

    Agency: Federal Maritime Commission
    Status: Open

    Comments: In responding to our draft report, FMC stated that it plans to publish updates to its civil monetary penalty information in its 2017 performance and accountability report.
    Recommendation: To help ensure timely and complete reporting of agencies' civil monetary penalty information in agency financial reports (AFR) and to provide the Office of Management and Budget (OMB) and other decision makers with the information needed to help ensure the effectiveness of civil monetary penalties in enforcing statutes and preventing violations, the Chairman of the National Indian Gaming Commission (NIGC) should publish civil monetary penalties within its jurisdiction, including any penalty adjustments, in the Department of the Interior's 2017 AFR.

    Agency: National Indian Gaming Commission
    Status: Open

    Comments: In response to our request for comments on our draft report, NIGC stated that it generally agreed with our recommendation. In addition, NIGC stated that as an independent federal regulatory agency within the Department of the Interior (DOI), NIGC and DOI have developed procedures to ensure that the required civil monetary penalty information will be reported to DOI for its annual agency financial report starting with fiscal year 2017.
    Recommendation: To help ensure timely and complete reporting of agencies' civil monetary penalty information in agency financial reports (AFR) and to provide the Office of Management and Budget (OMB) and other decision makers with the information needed to help ensure the effectiveness of civil monetary penalties in enforcing statutes and preventing violations, the Director of OMB should clarify its guidance related to civil monetary penalty inflation adjustment information that agencies are required to report in the AFRs.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: In response to our request for comment, OMB staff stated that they generally agreed with our recommendation.
    Director: Yvonne D. Jones
    Phone: (202) 512-2717

    2 open recommendations
    Recommendation: The Associate Director of Merit System Accountability and Compliance should ensure that OPM's finalized records schedule on retaining conversion case files specifically lists all documentation that must be saved in its case files. (Recommendation 1)

    Agency: Office of Personnel Management
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: The Associate Director of Merit System Accountability and Compliance should establish a policy requiring that its staff verify they have reviewed all documentation required by OPM checklists before recommending approval or denial of a conversion request. OPM may incorporate such a verification requirement as part of checklists completed by its staff when reviewing conversion requests. (Recommendation 2)

    Agency: Office of Personnel Management
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Director: William B. Shear
    Phone: (202) 512-8678

    20 open recommendations
    Recommendation: To address demonstrated noncompliance with section 15(k) of the Small Business Act, as amended, the Director of the Defense Logistics Agency should comply with sections 15(k)(2), (k)(7), (k)(11), and (k)(17) or report to Congress on why the agency has not complied, including seeking any statutory flexibilities or exceptions believed appropriate.

    Agency: Department of Defense: Defense Logistics Agency
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To address demonstrated noncompliance with section 15(k) of the Small Business Act, as amended, the Secretary of Agriculture should comply with sections 15(k)(2), (k)(15), and (k)(17) or report to Congress on why the agency has not complied, including seeking any statutory flexibilities or exceptions believed appropriate.

    Agency: Department of Agriculture
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To address demonstrated noncompliance with section 15(k) of the Small Business Act, as amended, the Secretary of the Army should comply with section 15(k)(8) or report to Congress on why the agency has not complied, including seeking any statutory flexibilities or exceptions believed appropriate.

    Agency: Department of Defense: Department of the Army
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To address demonstrated noncompliance with section 15(k) of the Small Business Act, as amended, the Secretary of Commerce should comply with sections 15(k)(2), (k)(8), (k)(11), and (k)(17) or report to Congress on why the agency has not complied, including seeking any statutory flexibilities or exceptions believed appropriate.

    Agency: Department of Commerce
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To address demonstrated noncompliance with section 15(k) of the Small Business Act, as amended, the Secretary of Defense should comply with sections 15(k)(5) and (k)(8) or report to Congress on why the agency has not complied, including seeking any statutory flexibilities or exceptions believed appropriate.

    Agency: Department of Defense
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To address demonstrated noncompliance with section 15(k) of the Small Business Act, as amended, the Secretary of Education should comply with sections 15(k)(3) and (k)(11) or report to Congress on why the agency has not complied, including seeking any statutory flexibilities or exceptions believed appropriate.

    Agency: Department of Education
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To address demonstrated noncompliance with section 15(k) of the Small Business Act, as amended, the Secretary of Energy should comply with sections 15(k)(3), (k)(8), and (k)(17) or report to Congress on why the agency has not complied, including seeking any statutory flexibilities or exceptions believed appropriate.

    Agency: Department of Energy
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To address demonstrated noncompliance with section 15(k) of the Small Business Act, as amended, the Secretary of Housing and Urban Development should comply with sections 15(k) and (k)(11) or report to Congress on why the agency has not complied, including seeking any statutory flexibilities or exceptions believed appropriate.

    Agency: Department of Housing and Urban Development
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To address demonstrated noncompliance with section 15(k) of the Small Business Act, as amended, the Secretary of the Interior should comply with sections 15(k)(11) and (k)(17) or report to Congress on why the agency has not complied, including seeking any statutory flexibilities or exceptions believed appropriate.

    Agency: Department of the Interior
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To address demonstrated noncompliance with section 15(k) of the Small Business Act, as amended, the Secretary of Labor should comply with sections 15(k)(2) and (k)(15) or report to Congress on why the agency has not complied, including seeking any statutory flexibilities or exceptions believed appropriate.

    Agency: Department of Labor
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To address demonstrated noncompliance with section 15(k) of the Small Business Act, as amended, the Secretary of the Navy should comply with section 15(k)(8) or report to Congress on why the agency has not complied, including seeking any statutory flexibilities or exceptions believed appropriate.

    Agency: Department of Defense: Department of the Navy
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To address demonstrated noncompliance with section 15(k) of the Small Business Act, as amended, the Secretary of State should comply with sections 15(k)(8) and (k)(17) or report to Congress on why the agency has not complied, including seeking any statutory flexibilities or exceptions believed appropriate.

    Agency: Department of State
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To address demonstrated noncompliance with section 15(k) of the Small Business Act, as amended, the Secretary of the Treasury should comply with sections 15(k)(8) and (k)(11) or report to Congress on why the agency has not complied, including seeking any statutory flexibilities or exceptions believed appropriate.

    Agency: Department of the Treasury
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To address demonstrated noncompliance with section 15(k) of the Small Business Act, as amended, the Secretary of Veterans Affairs should comply with sections 15(k)(3), (k)(8), and (k)(11) or report to Congress on why the agency has not complied, including seeking any statutory flexibilities or exceptions believed appropriate.

    Agency: Department of Veterans Affairs
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To address demonstrated noncompliance with section 15(k) of the Small Business Act, as amended, the Administrator of Environmental Protection Agency should comply with section 15(k)(15) or report to Congress on why the agency has not complied, including seeking any statutory flexibilities or exceptions believed appropriate.

    Agency: Environmental Protection Agency
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To address demonstrated noncompliance with section 15(k) of the Small Business Act, as amended, the Administrator of the National Aeronautics and Space Administration should comply with section 15(k)(17) or report to Congress on why the agency has not complied, including seeking any statutory flexibilities or exceptions believed appropriate.

    Agency: National Aeronautics and Space Administration
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To address demonstrated noncompliance with section 15(k) of the Small Business Act, as amended, the Director of the Office of Personnel Management should comply with sections 15(k)(2), (k)(8), and (k)(17) or report to Congress on why the agency has not complied, including seeking any statutory flexibilities or exceptions believed appropriate.

    Agency: Office of Personnel Management
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To address demonstrated noncompliance with section 15(k) of the Small Business Act, as amended, the Commissioner of the Social Security Administration should comply with sections 15(k)(2), (k)(3), (k)(6), (k)(8), (k)(11), and (k)(15) or report to Congress on why the agency has not complied, including seeking any statutory flexibilities or exceptions believed appropriate.

    Agency: Social Security Administration
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To address demonstrated noncompliance with section 15(k) of the Small Business Act, as amended, the Administrator of the U.S. Agency for International Development should comply with sections 15(k)(15) and (k)(17) or report to Congress on why the agency has not complied, including seeking any statutory flexibilities or exceptions believed appropriate.

    Agency: United States Agency for International Development
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: As SBA continues to enhance the SBPAC peer review process, the SBA Administrator in her capacity as head of SBPAC should include more detailed guidelines than those used for the current process to facilitate a more in-depth review of agencies' compliance with section 15(k) requirements.

    Agency: Small Business Administration
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Director: Lori Rectanus
    Phone: (202) 512-2834

    3 open recommendations
    Recommendation: To manage the mail program more effectively, the Secretary of Veterans Affairs should develop and document a plan to source contracts for mailing equipment in a more strategic manner. Such strategic contract sourcing should enable facilities to obtain equipment to track mail volume and expenditure data more consistently and to maximize cost savings.

    Agency: Department of Veterans Affairs
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To manage the mail program more effectively, the Secretary of Veterans Affairs should update VA Directive 6340 to incorporate agency-wide goals and performance measures for mail operations.

    Agency: Department of Veterans Affairs
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To manage the mail program more effectively, the Secretary of Veterans Affairs should determine and document the authority and responsibilities of the agency and administration-level mail managers to enable them to improve management and oversight of mail operations.

    Agency: Department of Veterans Affairs
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Director: Dave Wise
    Phone: (202) 512-2834

    1 open recommendations
    Recommendation: The Secretary of Transportation should direct NHTSA to define, document, and externally communicate the agency's roles and responsibilities in relation to connected vehicle data privacy.

    Agency: Department of Transportation
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Director: Gregory C. Wilshusen
    Phone: (202) 512-6244

    5 open recommendations
    Recommendation: To improve the consistency and effectiveness of governmentwide efforts to reduce the unnecessary use of SSNs and thereby mitigate the risk of identity theft, the Director of OMB should specify elements that agency plans for reducing the unnecessary collection, use, and display of SSNs should contain and require all agencies to develop and maintain complete plans.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To improve the consistency and effectiveness of governmentwide efforts to reduce the unnecessary use of SSNs and thereby mitigate the risk of identity theft, the Director of OMB should require agencies to modify their inventories of systems containing personally identifiable information to indicate which systems contain SSNs and use the inventories to monitor their reduction of unnecessary collection and use of SSNs.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To improve the consistency and effectiveness of governmentwide efforts to reduce the unnecessary use of SSNs and thereby mitigate the risk of identity theft, the Director of OMB should provide criteria to agencies on how to determine unnecessary use of SSNs to facilitate consistent application across the federal government.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To improve the consistency and effectiveness of governmentwide efforts to reduce the unnecessary use of SSNs and thereby mitigate the risk of identity theft, the Director of OMB should take steps to ensure that agencies provide up-to-date status reports on their progress in eliminating unnecessary SSN collection, use, and display in their annual Federal Information Security Modernization Act of 2014 reports.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To improve the consistency and effectiveness of governmentwide efforts to reduce the unnecessary use of SSNs and thereby mitigate the risk of identity theft, the Director of OMB should establish performance measures to monitor agency progress in consistently and effectively implementing planned reduction efforts.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Director: Zina Merritt
    Phone: (202) 512-5257

    4 open recommendations
    Recommendation: To enhance the department's transfer of its excess controlled property, and to strengthen LESO program internal controls for the application and enrollment of federal agencies, the Under Secretary of Defense for Acquisition, Technology and Logistics should direct the Director of DLA to review and revise policy or procedures for verifying and approving federal agency applications and enrollment. For example, such steps could include LESO supervisory approval for all federal agency applications; confirmation of the application with designated points of contact at the headquarters of participating federal agencies; or visiting the location of the applying federal law enforcement agency.

    Agency: Department of Defense: Office of the Secretary of Defense: Office of the Under Secretary of Defense for Acquisition, Technology, and Logistics
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To enhance the department's transfer of its excess controlled property, and to help ensure controlled property is picked up by authorized individuals, the Under Secretary of Defense for Acquisition, Technology and Logistics should direct the Director of DLA to ensure compliance that on-site officials responsible for the transfer of items at Disposition Services' sites request and verify valid identification of the individual(s) authorized to pick up allocated property from the LESO program.

    Agency: Department of Defense: Office of the Secretary of Defense: Office of the Under Secretary of Defense for Acquisition, Technology, and Logistics
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To enhance the department's transfer of its excess controlled property, and to help ensure the accurate quantity of approved items is transferred, the Under Secretary of Defense for Acquisition, Technology and Logistics should direct the Director of DLA to issue guidance that requires DLA Disposition Services on-site officials to verify the type and quantity of approved items against the actual items being transferred prior to removal from the sites.

    Agency: Department of Defense: Office of the Secretary of Defense: Office of the Under Secretary of Defense for Acquisition, Technology, and Logistics
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To enhance the department's transfer of its excess controlled property, and to strengthen LESO program internal controls, the Undersecretary of Defense for Acquisition, Technology, and Logistics should direct the Director of DLA to conduct a fraud risk assessment to design and implement a strategy with specific internal control activities to mitigate assessed fraud risks for all stages relating to LESO's transfer of excess controlled property to law enforcement agencies, consistent with leading practices provided in GAO's Fraud Risk Framework.

    Agency: Department of Defense: Office of the Secretary of Defense: Office of the Under Secretary of Defense for Acquisition, Technology, and Logistics
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Director: J. Christopher Mihm
    Phone: (202) 512-6806

    1 open recommendations
    Recommendation: The Director of OMB should submit or reference agencies' report modification proposals in the President's annual budget as required by GPRAMA.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: In August 2017, the Office of Management and Budget stated it would include a list of report modification proposals in the President's fiscal year (FY) 2019 budget as required by GPRAMA. We will close this recommendation when the FY 2019 President's budget is released.
    Director: Dawn B. Simpson
    Phone: (202) 512-3406

    3 open recommendations
    including 3 priority recommendations
    Recommendation: The Secretary of the Treasury should direct the Fiscal Assistant Secretary to develop and implement procedures and metrics for monitoring the federal government's year-to-year progress in resolving intragovernmental differences for significant federal entities at the reciprocal category and trading partner levels.

    Agency: Department of the Treasury
    Status: Open
    Priority recommendation

    Comments: As of the completion of our fiscal year 2016 consolidated financial statements (CFS) audit, we identified this control deficiency related to monitoring intragovernmental differences. Treasury stated that it will continue to evolve its processes as deemed necessary to ensure that appropriate and effective metrics are deployed to measure and monitor agency performance. We will follow-up on progress made by Treasury and OMB as part of our fiscal year 2017 CFS audit, which is ongoing as of September 2017.
    Recommendation: The Secretary of the Treasury should direct the Fiscal Assistant Secretary to develop and implement a sufficient process for working with federal entities to reduce or resolve the need for significant adjustments to federal entity data submitted for the CFS.

    Agency: Department of the Treasury
    Status: Open
    Priority recommendation

    Comments: As of the completion of our fiscal year 2016 consolidated financial statements (CFS) audit, we identified this control deficiency related to significant adjustments to federal entity data submitted for the CFS. Treasury stated that it will continue to work with agencies to facilitate improvement of processes, minimizing the need for Treasury adjustments to agency reporting. We will follow-up on progress made by Treasury and OMB as part of our fiscal year 2017 CFS audit, which is ongoing as of September 2017.
    Recommendation: The Secretary of the Treasury should direct the Fiscal Assistant Secretary, working in coordination with the Controller of OMB, to improve corrective action plans for (1) treaties and international agreements, (2) additional audit procedures for intragovernmental activity and balances, and (3) the Reconciliation Statements so that they include sufficient information to address the control deficiencies in these areas effectively.

    Agency: Department of the Treasury
    Status: Open
    Priority recommendation

    Comments: As of the completion of our fiscal year 2016 consolidated financial statements (CFS) audit, we identified improvements needed to corrective action plans in three areas. Treasury stated that its current remediation plan, including its various corrective action plans, is comprehensive, appropriate, and effective, with robust ongoing monitoring processes in place. However, we continue to believe that the corrective action plans in these three areas do not include sufficient information to effectively address related control deficiencies involving processes used to prepare the CFS. We will follow-up on progress made by Treasury and OMB as part of our fiscal year 2017 CFS audit, which is ongoing as of September 2017.
    Director: Beryl H. Davis
    Phone: (202) 512-2623

    2 open recommendations
    Recommendation: To help ensure that government-wide compliance under IPERA is consistently determined and reported, the Director of OMB should coordinate with CIGIE to develop and issue guidance, either jointly or independently, to specify what procedures should be conducted as part of the IGs' IPERA compliance determinations.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: OMB had no comments on the report or the recommendation to coordinate with CIGIE to develop guidance. Although this recommendation was not directed to CIGIE, the CIGIE Chairperson stated that CIGIE would coordinate with OMB as needed and provide feedback on any draft OMB guidance.
    Recommendation: To help fulfill USDA's requirements under IPERA and OMB guidance--that agencies submit proposals to Congress when a program reaches 3 or more consecutive years of noncompliance with IPERA criteria--the Secretary of Agriculture should submit a letter to Congress detailing proposals for reauthorization or statutory changes in response to 3 consecutive years of noncompliance as of fiscal year 2015 for its Farm Security and Rural Investment Act Program. To the extent that reauthorization or statutory changes are not considered necessary to bring a program into compliance, the Secretary or designee should state so in the letter.

    Agency: Department of Agriculture
    Status: Open

    Comments: USDA's Acting Deputy Secretary concurred with this recommendation.
    Director: Dicken, John E
    Phone: (202)512-7114

    1 open recommendations
    Recommendation: To ensure efficient use of generic drug user fees, facilitate oversight and transparency, and plan for risks, the Commissioner of FDA should develop a plan for administering user fee carryover that includes analyses of program costs and risks and reflects actual operational needs and contingencies.

    Agency: Department of Health and Human Services: Food and Drug Administration
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Director: Persons, Timothy M
    Phone: (202) 512-6412

    5 open recommendations
    Recommendation: The Secretary of Health and Human Services should direct the Commissioner of the Food and Drug Administration to consolidate information from individual diagnostic test labels and make this information available in a form that enables users to more readily compare information across tests.

    Agency: Department of Health and Human Services
    Status: Open

    Comments: In August 2017, officials from the Department of Health and Human Services told us that the Food and Drug Administration is working to consolidate and make available on its website information for Zika virus diagnostic tests that have emergency use authorization.
    Recommendation: The Secretary of Health and Human Services should direct the Commissioner of the Food and Drug Administration to require manufacturers to list the identity of comparator assays on their diagnostic test labels.

    Agency: Department of Health and Human Services
    Status: Open

    Comments: In August 2017, officials from the Department of Health and Human Services told us that the Food and Drug Administration plans to recommend to sponsors of Zika virus diagnostic tests that they provide a description of the comparator assay.
    Recommendation: The Secretary of Health and Human Services should direct the Director of Centers for Disease Control and Prevention to establish a transparent process to provide CDC diagnostic tests, upon request, to manufacturers that are in the final stages of diagnostic test authorization.

    Agency: Department of Health and Human Services
    Status: Open

    Comments: In August 2017, officials from the Department of Health and Human Services told us that the Centers for Disease Control and Prevention (CDC) Technology Transfer Office is working to establish a transparent process that ensures CDC diagnostic tests can be provided to manufacturers.
    Recommendation: The Secretary of Health and Human Services should direct the Director of Centers for Disease Control and Prevention to include information on CDC-developed tests distributed to or shared with public health laboratories on CDC's website, including laboratory developed tests.

    Agency: Department of Health and Human Services
    Status: Open

    Comments: In August 2017, officials from the Department of Health and Human Services told us the Centers for Disease Control and Prevention (CDC) provides information on CDC-developed diagnostic tests on the Food and Drug Administration?s (FDA) website. CDC stated that their website will feature a direct link to FDA information on CDC-developed tests. CDC will continue to explore additional outlets for publication of information on CDC-developed diagnostic tests.
    Recommendation: The Secretary of Health and Human Services should direct the Director of Centers for Disease Control and Prevention to provide details such as collection records, dates, and data limitations on posted and disseminated mosquito distribution maps to better inform mosquito control experts and the general public.

    Agency: Department of Health and Human Services
    Status: Open

    Comments: In June 2016, the Centers for Disease Control and Prevention (CDC) published a report on the distribution of the mosquitos that can transmit Zika virus and other viruses in the United States. This report included new county collection records, collection dates, and summary maps for each species of mosquitos. In August 2017, officials from the Department of Health and Human Services told us the CDC is planning to update the mosquito distribution information on their website by the end of 2017, and it will include the underlying model predictions and country collection records.
    Director: David Powner
    Phone: (202) 512-9286

    29 open recommendations
    Recommendation: To better ensure that federal data center optimization efforts improve governmental efficiency and achieve cost savings, the Director of OMB should direct the Federal CIO to provide the necessary oversight to ensure that each agency completes their DCOI strategic plan in accordance with OMB's guidance implementing Federal Information Technology Acquisition Reform provisions (FITARA).

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: The Office of Management and Budget (OMB) has not yet taken any actions to implement our recommendation. We will continue to monitor OMB's progress in implementing this recommendation.
    Recommendation: To better ensure that federal data center optimization efforts improve governmental efficiency and achieve cost savings, the Director of OMB should direct the Federal CIO to provide the necessary oversight to ensure that agency reporting of achieved data center consolidation and optimization cost savings and avoidances is consistent across all reporting mechanisms, including quarterly data submissions and agency DCOI strategic plans.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: The Office of Management and Budget (OMB) has not yet taken any actions to implement our recommendation. We will continue to monitor OMB's progress in implementing this recommendation.
    Recommendation: The following 17 agencies (the Secretaries of the Departments of Commerce, Defense, Energy, Health and Human Services, Interior, Labor, State, Transportation, Treasury, and Veterans Affairs; the Attorney General; and the Administrators of the Environmental Protection Agency, National Aeronautics and Space Administration, Small Business Administration, and U.S. Agency for International Development; the Chairman of the Nuclear Regulatory Commission; and the Commissioner of the Social Security Administration) should each take action to complete the missing elements in their respective DCOI strategic plan, including addressing any identified challenges, and submit their completed strategic plan to OMB.

    Agency: Department of Commerce
    Status: Open

    Comments: The Department of Commerce agreed with our recommendation and described planned actions to address it. Specifically, the department stated that it will continue to aggregate its data center inventory and update its DCOI strategic plan by OMB's April 17, 2017, submission deadline. We reviewed the updated DCOI strategic plan and found that the department included planned savings figures for fiscal years 2016 through 2018 and achieved figures for 2016. However, Commerce did not include $517 million in historical savings that the department previously reported to the Office of Management and Budget, as was required to be included in the plan. Additionally, the department's chief information officer statement, regarding compliance with Federal Information Technology Acquisition Reform Act reporting requirements, is not yet publicly available, as is required. We will continue to monitor the department's efforts to address the recommendation.
    Recommendation: The following 17 agencies (the Secretaries of the Departments of Commerce, Defense, Energy, Health and Human Services, Interior, Labor, State, Transportation, Treasury, and Veterans Affairs; the Attorney General; and the Administrators of the Environmental Protection Agency, National Aeronautics and Space Administration, Small Business Administration, and U.S. Agency for International Development; the Chairman of the Nuclear Regulatory Commission; and the Commissioner of the Social Security Administration) should each take action to complete the missing elements in their respective DCOI strategic plan, including addressing any identified challenges, and submit their completed strategic plan to OMB.

    Agency: Department of Defense
    Status: Open

    Comments: The Department of Defense has not yet taken action to implement our recommendation. We will continue to monitor the department's efforts to address the recommendation.
    Recommendation: The following 17 agencies (the Secretaries of the Departments of Commerce, Defense, Energy, Health and Human Services, Interior, Labor, State, Transportation, Treasury, and Veterans Affairs; the Attorney General; and the Administrators of the Environmental Protection Agency, National Aeronautics and Space Administration, Small Business Administration, and U.S. Agency for International Development; the Chairman of the Nuclear Regulatory Commission; and the Commissioner of the Social Security Administration) should each take action to complete the missing elements in their respective DCOI strategic plan, including addressing any identified challenges, and submit their completed strategic plan to OMB.

    Agency: Department of Energy
    Status: Open

    Comments: The Department of Energy agreed with, but has not yet taken action to implement, our recommendation. We will monitor the department's efforts to address our recommendation.
    Recommendation: The following 17 agencies (the Secretaries of the Departments of Commerce, Defense, Energy, Health and Human Services, Interior, Labor, State, Transportation, Treasury, and Veterans Affairs; the Attorney General; and the Administrators of the Environmental Protection Agency, National Aeronautics and Space Administration, Small Business Administration, and U.S. Agency for International Development; the Chairman of the Nuclear Regulatory Commission; and the Commissioner of the Social Security Administration) should each take action to complete the missing elements in their respective DCOI strategic plan, including addressing any identified challenges, and submit their completed strategic plan to OMB.

    Agency: Department of Health and Human Services
    Status: Open

    Comments: The Department of Health and Human Services has not yet taken action to implement our recommendation. We will continue to monitor the department's efforts to address the recommendation.
    Recommendation: The following 17 agencies (the Secretaries of the Departments of Commerce, Defense, Energy, Health and Human Services, Interior, Labor, State, Transportation, Treasury, and Veterans Affairs; the Attorney General; and the Administrators of the Environmental Protection Agency, National Aeronautics and Space Administration, Small Business Administration, and U.S. Agency for International Development; the Chairman of the Nuclear Regulatory Commission; and the Commissioner of the Social Security Administration) should each take action to complete the missing elements in their respective DCOI strategic plan, including addressing any identified challenges, and submit their completed strategic plan to OMB.

    Agency: Social Security Administration
    Status: Open

    Comments: The Social Security Administration agreed with our recommendation and described planned actions to address it. Specifically, the agency noted that it will continue to economize and evolve its data center optimization management and will continue to encourage open dialog and information exchange between agencies to achieve efficiencies and enhanced data center operations government-wide. We will continue to monitor the agency's efforts to address our recommendation.
    Recommendation: The following 17 agencies (the Secretaries of the Departments of Commerce, Defense, Energy, Health and Human Services, Interior, Labor, State, Transportation, Treasury, and Veterans Affairs; the Attorney General; and the Administrators of the Environmental Protection Agency, National Aeronautics and Space Administration, Small Business Administration, and U.S. Agency for International Development; the Chairman of the Nuclear Regulatory Commission; and the Commissioner of the Social Security Administration) should each take action to complete the missing elements in their respective DCOI strategic plan, including addressing any identified challenges, and submit their completed strategic plan to OMB.

    Agency: Department of the Interior
    Status: Open

    Comments: The Department of Interior agreed with, but has not yet taken action to implement, our recommendation. We will monitor the department's efforts to address our recommendation.
    Recommendation: The following 17 agencies (the Secretaries of the Departments of Commerce, Defense, Energy, Health and Human Services, Interior, Labor, State, Transportation, Treasury, and Veterans Affairs; the Attorney General; and the Administrators of the Environmental Protection Agency, National Aeronautics and Space Administration, Small Business Administration, and U.S. Agency for International Development; the Chairman of the Nuclear Regulatory Commission; and the Commissioner of the Social Security Administration) should each take action to complete the missing elements in their respective DCOI strategic plan, including addressing any identified challenges, and submit their completed strategic plan to OMB.

    Agency: Department of Justice
    Status: Open

    Comments: The Department of Justice has not yet taken action to implement our recommendation. We will continue to monitor the department's efforts to address the recommendation.
    Recommendation: The following 17 agencies (the Secretaries of the Departments of Commerce, Defense, Energy, Health and Human Services, Interior, Labor, State, Transportation, Treasury, and Veterans Affairs; the Attorney General; and the Administrators of the Environmental Protection Agency, National Aeronautics and Space Administration, Small Business Administration, and U.S. Agency for International Development; the Chairman of the Nuclear Regulatory Commission; and the Commissioner of the Social Security Administration) should each take action to complete the missing elements in their respective DCOI strategic plan, including addressing any identified challenges, and submit their completed strategic plan to OMB.

    Agency: Department of Transportation
    Status: Open

    Comments: The Department of Transportation agreed with, but has not yet taken action to implement, our recommendation. We will monitor the department's efforts to address our recommendation.
    Recommendation: The following 17 agencies (the Secretaries of the Departments of Commerce, Defense, Energy, Health and Human Services, Interior, Labor, State, Transportation, Treasury, and Veterans Affairs; the Attorney General; and the Administrators of the Environmental Protection Agency, National Aeronautics and Space Administration, Small Business Administration, and U.S. Agency for International Development; the Chairman of the Nuclear Regulatory Commission; and the Commissioner of the Social Security Administration) should each take action to complete the missing elements in their respective DCOI strategic plan, including addressing any identified challenges, and submit their completed strategic plan to OMB.

    Agency: Department of Labor
    Status: Open

    Comments: The Department of Labor has not yet taken action to implement our recommendation. We will continue to monitor the department's efforts to address the recommendation.
    Recommendation: The following 17 agencies (the Secretaries of the Departments of Commerce, Defense, Energy, Health and Human Services, Interior, Labor, State, Transportation, Treasury, and Veterans Affairs; the Attorney General; and the Administrators of the Environmental Protection Agency, National Aeronautics and Space Administration, Small Business Administration, and U.S. Agency for International Development; the Chairman of the Nuclear Regulatory Commission; and the Commissioner of the Social Security Administration) should each take action to complete the missing elements in their respective DCOI strategic plan, including addressing any identified challenges, and submit their completed strategic plan to OMB.

    Agency: Department of the Treasury
    Status: Open

    Comments: The Department of Treasury has not yet taken action to implement our recommendation. We will continue to monitor the department's efforts to address the recommendation.
    Recommendation: The following 17 agencies (the Secretaries of the Departments of Commerce, Defense, Energy, Health and Human Services, Interior, Labor, State, Transportation, Treasury, and Veterans Affairs; the Attorney General; and the Administrators of the Environmental Protection Agency, National Aeronautics and Space Administration, Small Business Administration, and U.S. Agency for International Development; the Chairman of the Nuclear Regulatory Commission; and the Commissioner of the Social Security Administration) should each take action to complete the missing elements in their respective DCOI strategic plan, including addressing any identified challenges, and submit their completed strategic plan to OMB.

    Agency: Department of Veterans Affairs
    Status: Open

    Comments: The Department of Veterans Affairs agreed with, but has not yet taken action to implement, our recommendation. We will monitor the department's efforts to address our recommendation.
    Recommendation: The following 17 agencies (the Secretaries of the Departments of Commerce, Defense, Energy, Health and Human Services, Interior, Labor, State, Transportation, Treasury, and Veterans Affairs; the Attorney General; and the Administrators of the Environmental Protection Agency, National Aeronautics and Space Administration, Small Business Administration, and U.S. Agency for International Development; the Chairman of the Nuclear Regulatory Commission; and the Commissioner of the Social Security Administration) should each take action to complete the missing elements in their respective DCOI strategic plan, including addressing any identified challenges, and submit their completed strategic plan to OMB.

    Agency: Department of State
    Status: Open

    Comments: The Department of State agreed with our recommendation and described planned actions to address it. Specifically, the department described plans to acquire, subject to funding availability, automated monitoring tools for its enterprise data centers. It also described plans to engage OMB to rebaseline the closure target for its non-tiered data centers located outside the United States, based on the department's mission needs. In addition, the department noted that it is in the process of identifying the number of server rooms in the United States that meet the DCOI definition of a data center. We will continue to monitor the department's efforts to address our recommendation.
    Recommendation: The following 17 agencies (the Secretaries of the Departments of Commerce, Defense, Energy, Health and Human Services, Interior, Labor, State, Transportation, Treasury, and Veterans Affairs; the Attorney General; and the Administrators of the Environmental Protection Agency, National Aeronautics and Space Administration, Small Business Administration, and U.S. Agency for International Development; the Chairman of the Nuclear Regulatory Commission; and the Commissioner of the Social Security Administration) should each take action to complete the missing elements in their respective DCOI strategic plan, including addressing any identified challenges, and submit their completed strategic plan to OMB.

    Agency: Environmental Protection Agency
    Status: Open

    Comments: The Environmental Protection Agency described planned actions to address our recommendation. Specifically, the agency stated that it will update its data center optimization initiative strategic plan to include elements not reflected in the 2016 submission and will complete the plan to the extent feasible. We will continue to monitor the agency's progress in taking these actions.
    Recommendation: The following 17 agencies (the Secretaries of the Departments of Commerce, Defense, Energy, Health and Human Services, Interior, Labor, State, Transportation, Treasury, and Veterans Affairs; the Attorney General; and the Administrators of the Environmental Protection Agency, National Aeronautics and Space Administration, Small Business Administration, and U.S. Agency for International Development; the Chairman of the Nuclear Regulatory Commission; and the Commissioner of the Social Security Administration) should each take action to complete the missing elements in their respective DCOI strategic plan, including addressing any identified challenges, and submit their completed strategic plan to OMB.

    Agency: National Aeronautics and Space Administration
    Status: Open

    Comments: The National Aeronautics and Space Administration agreed with our recommendation and described planned actions to address it. Specifically, the agency stated that it would provide OMB with an update to the agency's DCOI strategic plan that would address missing elements and any identified challenges. We will continue to monitor the department's efforts to address our recommendation.
    Recommendation: The following 17 agencies (the Secretaries of the Departments of Commerce, Defense, Energy, Health and Human Services, Interior, Labor, State, Transportation, Treasury, and Veterans Affairs; the Attorney General; and the Administrators of the Environmental Protection Agency, National Aeronautics and Space Administration, Small Business Administration, and U.S. Agency for International Development; the Chairman of the Nuclear Regulatory Commission; and the Commissioner of the Social Security Administration) should each take action to complete the missing elements in their respective DCOI strategic plan, including addressing any identified challenges, and submit their completed strategic plan to OMB.

    Agency: Small Business Administration
    Status: Open

    Comments: The Small Business Administration agreed with, but has not yet taken action to implement, our recommendation. We will monitor the department's efforts to address our recommendation.
    Recommendation: The following 17 agencies (the Secretaries of the Departments of Commerce, Defense, Energy, Health and Human Services, Interior, Labor, State, Transportation, Treasury, and Veterans Affairs; the Attorney General; and the Administrators of the Environmental Protection Agency, National Aeronautics and Space Administration, Small Business Administration, and U.S. Agency for International Development; the Chairman of the Nuclear Regulatory Commission; and the Commissioner of the Social Security Administration) should each take action to complete the missing elements in their respective DCOI strategic plan, including addressing any identified challenges, and submit their completed strategic plan to OMB.

    Agency: Nuclear Regulatory Commission
    Status: Open

    Comments: The Nuclear Regulatory Commission disagreed with our recommendation. We will continue to monitor the agency's efforts to address the recommendation.
    Recommendation: The following 17 agencies (the Secretaries of the Departments of Commerce, Defense, Energy, Health and Human Services, Interior, Labor, State, Transportation, Treasury, and Veterans Affairs; the Attorney General; and the Administrators of the Environmental Protection Agency, National Aeronautics and Space Administration, Small Business Administration, and U.S. Agency for International Development; the Chairman of the Nuclear Regulatory Commission; and the Commissioner of the Social Security Administration) should each take action to complete the missing elements in their respective DCOI strategic plan, including addressing any identified challenges, and submit their completed strategic plan to OMB.

    Agency: United States Agency for International Development
    Status: Open

    Comments: The U.S. Agency for International Development described planned actions to address our recommendation. Specifically, the agency stated it would take action to complete the missing elements in its DCOI strategic plan, including addressing any identified challenges, and submit the completed strategic plan to OMB. We will continue to monitor the agency's progress in taking these actions.
    Recommendation: Finally, the following 11 agencies (the Secretaries of the Departments of Commerce, Education, Health and Human Services, Interior, Labor, State, Transportation, and Treasury; the Administrators of the Environmental Protection Agency, General Services Administration, and the U.S. Agency for International Development) should also each take action to ensure that the amounts of achieved data center cost savings and avoidances are consistent across all reporting mechanisms, including the quarterly data submissions and DCOI strategic plans.

    Agency: Department of Education
    Status: Open

    Comments: The Department of Education has not yet taken action to implement our recommendation. We will continue to monitor the department's efforts to address the recommendation.
    Recommendation: Finally, the following 11 agencies (the Secretaries of the Departments of Commerce, Education, Health and Human Services, Interior, Labor, State, Transportation, and Treasury; the Administrators of the Environmental Protection Agency, General Services Administration, and the U.S. Agency for International Development) should also each take action to ensure that the amounts of achieved data center cost savings and avoidances are consistent across all reporting mechanisms, including the quarterly data submissions and DCOI strategic plans.

    Agency: Department of Commerce
    Status: Open

    Comments: The Department of Commerce agreed with our recommendation and described planned actions to address it. Specifically, the department stated that it will, through the integrated data collection process, continue to collect and report all initiatives resulting in cost savings and avoidances to ensure IT savings are being captured and realized. We will monitor the department's efforts to address this recommendation.
    Recommendation: Finally, the following 11 agencies (the Secretaries of the Departments of Commerce, Education, Health and Human Services, Interior, Labor, State, Transportation, and Treasury; the Administrators of the Environmental Protection Agency, General Services Administration, and the U.S. Agency for International Development) should also each take action to ensure that the amounts of achieved data center cost savings and avoidances are consistent across all reporting mechanisms, including the quarterly data submissions and DCOI strategic plans.

    Agency: Department of Health and Human Services
    Status: Open

    Comments: The Department of Health and Human Services has not yet taken action to implement our recommendation. We will continue to monitor the department's efforts to address the recommendation.
    Recommendation: Finally, the following 11 agencies (the Secretaries of the Departments of Commerce, Education, Health and Human Services, Interior, Labor, State, Transportation, and Treasury; the Administrators of the Environmental Protection Agency, General Services Administration, and the U.S. Agency for International Development) should also each take action to ensure that the amounts of achieved data center cost savings and avoidances are consistent across all reporting mechanisms, including the quarterly data submissions and DCOI strategic plans.

    Agency: Department of the Interior
    Status: Open

    Comments: The Department of Interior agreed with, but has not yet taken action to implement, our recommendation. We will monitor the department's efforts to address our recommendation.
    Recommendation: Finally, the following 11 agencies (the Secretaries of the Departments of Commerce, Education, Health and Human Services, Interior, Labor, State, Transportation, and Treasury; the Administrators of the Environmental Protection Agency, General Services Administration, and the U.S. Agency for International Development) should also each take action to ensure that the amounts of achieved data center cost savings and avoidances are consistent across all reporting mechanisms, including the quarterly data submissions and DCOI strategic plans.

    Agency: Department of Transportation
    Status: Open

    Comments: The Department of Transportation agreed with, but has not yet taken action to implement, our recommendation. We will monitor the department's efforts to address our recommendation.
    Recommendation: Finally, the following 11 agencies (the Secretaries of the Departments of Commerce, Education, Health and Human Services, Interior, Labor, State, Transportation, and Treasury; the Administrators of the Environmental Protection Agency, General Services Administration, and the U.S. Agency for International Development) should also each take action to ensure that the amounts of achieved data center cost savings and avoidances are consistent across all reporting mechanisms, including the quarterly data submissions and DCOI strategic plans.

    Agency: Department of Labor
    Status: Open

    Comments: The Department of Labor has not yet taken action to implement our recommendation. We will continue to monitor the department's efforts to address the recommendation.
    Recommendation: Finally, the following 11 agencies (the Secretaries of the Departments of Commerce, Education, Health and Human Services, Interior, Labor, State, Transportation, and Treasury; the Administrators of the Environmental Protection Agency, General Services Administration, and the U.S. Agency for International Development) should also each take action to ensure that the amounts of achieved data center cost savings and avoidances are consistent across all reporting mechanisms, including the quarterly data submissions and DCOI strategic plans.

    Agency: Department of the Treasury
    Status: Open

    Comments: The Department of Treasury has not yet taken action to implement our recommendation. We will continue to monitor the department's efforts to address the recommendation.
    Recommendation: Finally, the following 11 agencies (the Secretaries of the Departments of Commerce, Education, Health and Human Services, Interior, Labor, State, Transportation, and Treasury; the Administrators of the Environmental Protection Agency, General Services Administration, and the U.S. Agency for International Development) should also each take action to ensure that the amounts of achieved data center cost savings and avoidances are consistent across all reporting mechanisms, including the quarterly data submissions and DCOI strategic plans.

    Agency: Department of State
    Status: Open

    Comments: The Department of State agreed with our recommendation and described planned actions to address it. Specifically, the department described plans to acquire, subject to funding availability, automated monitoring tools for its enterprise data centers. It also described plans to engage OMB to rebaseline the closure target for its non-tiered data centers located outside the United States, based on the department's mission needs. In addition, the department noted that it is in the process of identifying the number of server rooms in the United States that meet the DCOI definition of a data center. We will continue to monitor the department's efforts to address our recommendation.
    Recommendation: Finally, the following 11 agencies (the Secretaries of the Departments of Commerce, Education, Health and Human Services, Interior, Labor, State, Transportation, and Treasury; the Administrators of the Environmental Protection Agency, General Services Administration, and the U.S. Agency for International Development) should also each take action to ensure that the amounts of achieved data center cost savings and avoidances are consistent across all reporting mechanisms, including the quarterly data submissions and DCOI strategic plans.

    Agency: Environmental Protection Agency
    Status: Open

    Comments: The Environmental Protection Agency described planned actions to address our recommendation. Specifically, the agency stated that it is working toward consistent reporting on cost savings and avoidances in future reporting submissions and is finalizing a cost analysis methodology to be applied to its data center optimization initiative strategy. The agency further stated that it would ensure consistent use of the process for all reporting queries. We will continue to monitor the agency's progress in taking these actions.
    Recommendation: Finally, the following 11 agencies (the Secretaries of the Departments of Commerce, Education, Health and Human Services, Interior, Labor, State, Transportation, and Treasury; the Administrators of the Environmental Protection Agency, General Services Administration, and the U.S. Agency for International Development) should also each take action to ensure that the amounts of achieved data center cost savings and avoidances are consistent across all reporting mechanisms, including the quarterly data submissions and DCOI strategic plans.

    Agency: United States Agency for International Development
    Status: Open

    Comments: The U.S. Agency for International Development described planned actions to address our recommendation. Specifically, the agency stated it would, in accordance with OMB, take action to ensure that the amounts of achieved data center cost savings and avoidances are consistent across all reporting mechanisms, including the quarterly data submissions and DCOI strategic plans. We will continue to monitor the agency's progress in taking these actions.
    Director: Paula M. Rascona
    Phone: (202) 512-9816

    2 open recommendations
    including 2 priority recommendations
    Recommendation: The Director of OMB and the Secretary of the Treasury should establish mechanisms to assess the results of independent audits and reviews of agencies' compliance with the DATA Act requirements, including those of agency OIGs, to help inform full implementation of the act's requirements across government.

    Agency: Department of the Treasury
    Status: Open
    Priority recommendation

    Comments: Treasury stated it will establish mechanisms to assess the results of independent audits and reviews of agencies' compliance with the DATA Act requirements, including those of agency OIGs. Treasury also stated these mechanisms will inform Treasury's efforts on whether and how to tailor its future outreach efforts to help agencies meet their DATA Act requirements. We will continue to assess Treasury's efforts to address this recommendation as IGs plan to issue their required reports in November 2017.
    Recommendation: The Director of OMB and the Secretary of the Treasury should establish mechanisms to assess the results of independent audits and reviews of agencies' compliance with the DATA Act requirements, including those of agency OIGs, to help inform full implementation of the act's requirements across government.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open
    Priority recommendation

    Comments: OMB stated that it reviewed available IG readiness review reports in its assessment of agency implementation efforts, and it also relied on other, more up-to-date sources of information from agencies including data obtained from one-on-one meetings and agency self-assessments. We will continue to assess OMB's efforts to address this recommendation as IGs plan to issue their required reports in November 2017.
    Director: Lori Rectanus
    Phone: (202) 512-2834

    2 open recommendations
    Recommendation: To facilitate the removal of underutilized vehicles, the Secretary of Homeland Security should direct the Commissioner of Customs and Border Protection to develop a written plan for how CBP will use newly available usage data to improve its utilization assessment processes. Such a plan would define utilization criteria that reflect CBP's mission and describe how CBP will review and individually justify vehicles that do not meet the utilization criteria established by either DHS or CBP.

    Agency: Department of Homeland Security
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To enhance awareness of NRCS's utilization assessment process and facilitate the elimination of unnecessary vehicles, the Secretary of the Department of Agriculture should communicate USDA's policy on vehicle utilization to USDA's fleet management staff to ensure staff are aware of USDA policy. This communication could include redistributing the 2012 utilization policy memo.

    Agency: Department of Agriculture
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Director: Steve Morris
    Phone: (202) 512-3841

    1 open recommendations
    Recommendation: The Secretary of Agriculture should direct the Administrator of the Animal and Plant Health Inspection Service to develop a plan for evaluating completed corrective actions to determine their effectiveness and, as appropriate, consider whether any completed corrective actions require validation through simulations or exercises.

    Agency: Department of Agriculture
    Status: Open

    Comments: In its comments on our draft report, USDA said that the Animal and Plant Health Inspection Service (APHIS) agreed with our recommendation to develop a plan for evaluating completed corrective actions to determine their effectiveness. Further, USDA said that APHIS will incorporate simulations and exercises in its plan and that, in the event of an actual outbreak, APHIS will evaluate the effectiveness of the response through an after action report. Finally, USDA said that APHIS will continually review the criteria and hierarchy of corrective actions, both completed and ongoing, with respect to avian influenza policies,emergency management activities, and critical communications with states, tribes, poultry producers, and poultry industry partners. GAO will assess the status of the recommendation when USDA provides information on the steps it has taken to implement it.
    Director: Gretta L. Goodwin
    Phone: (202) 512-8777

    2 open recommendations
    Recommendation: To help ensure that DOJ is contributing to efforts to improve data collection and service provision to Native Americans, the Director of OVW should require grantees to report the number of human trafficking victims served using grant funding, and, as appropriate, the Native American status of those victims.

    Agency: Department of Justice: Office of Justice Programs: Violence Against Women Office
    Status: Open

    Comments: In responding to a draft of our report, DOJ agreed to require their grantees to report the number of human trafficking victims served, but did not agree to require them to track Native American status of those victims as appropriate, citing victim confidentiality and other reasons. In June 2017, following our report's publication, DOJ provided a status update, reporting that OVW already collects consolidated data on the number of American Indian and Alaska Native victims served who are victims of all crimes and it is in the process of revising grantee forms to collect information on the number of people served who are victims of sex trafficking. We continue to believe that collecting grantee information on both the number and Native American status of victims served is important and will continue to monitor implementation.
    Recommendation: To help ensure that DOJ is contributing to efforts to improve data collection and service provision to Native Americans, the Assistant Attorney General for the Office of Justice Programs should direct OVC and OJJDP to require their grantees to report the number of human trafficking victims served using grant funding, and, as appropriate, the Native American status of those victims.

    Agency: Department of Justice: Office of Justice Programs
    Status: Open

    Comments: In responding to a draft of our report, DOJ agreed to require its grantees to report the number of human trafficking victims served, but did not agree to require them to track Native American status of those victims as appropriate, citing victim confidentiality and other reasons. In June 2017, following our report's publication, DOJ provided a status update, reporting that OJJDP human trafficking grantees will be required to report the number of human trafficking victims served, beginning with progress reports ending December 31, 2017, and that OJJDP will update applicable solicitations beginning in fiscal year 2018 to reflect this new measure. DOJ reported no new efforts from OVC, and maintained that it will not require grantees to report on the Native American status of their victims served using grant funding because of the concerns it cited initially. We continue to believe that collecting grantee information on both the number and Native American status of victims served is important and will continue to monitor implementation.
    Director: Andrew Sherrill
    Phone: (202) 512-7215

    1 open recommendations
    Recommendation: To enhance the ability of the Executive Office of the President to implement the Revitalize American Manufacturing and Innovation Act of 2014 requirements related to reporting on advanced manufacturing, the Director of the Office of Science and Technology Policy, working through the National Science and Technology Council and agency leadership, as appropriate, should identify the information they will collect from federal agencies to determine the extent to which the objectives outlined in the National Strategic Plan for Advanced Manufacturing are being achieved.

    Agency: Executive Office of the President: Office of Science and Technology Policy
    Status: Open

    Comments: OSTP did not state whether it agreed or disagreed with this recommendation. They provided some comments on the draft recommendation. For example, OSTP commented that the recommendation could focus on the extent to which the objectives of the Advanced Manufacturing Partnership (AMP) recommendations are being achieved in periodic updates to the implementation of the National Strategic Plan for Advanced Manufacturing. However, these recommendations were not covered in the scope of our report: we focused on reporting on the progress in achieving the objectives of the strategic plan.
    Director: Gambler, Rebecca S
    Phone: (202) 512-6912

    9 open recommendations
    Recommendation: To improve management and oversight of the SAVE program, the director of USCIS should ensure SAVE guidance, including written materials and instructional videos, clearly and accurately reflects user agencies' responsibilities for completing each step of a SAVE check, as outlined in each agency's memorandum of agreement.

    Agency: Department of Homeland Security: United States Citizenship and Immigration Services
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To improve management and oversight of the SAVE program, the director of USCIS should develop and implement a mechanism to oversee agencies' completion of training on additional verification in accordance with SAVE MOA provisions and program policies.

    Agency: Department of Homeland Security: United States Citizenship and Immigration Services
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To improve management and oversight of the SAVE program, the director of USCIS should provide notifications to user agencies when a case is ready for the user agency to review.

    Agency: Department of Homeland Security: United States Citizenship and Immigration Services
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To improve management and oversight of the SAVE program, the director of USCIS should develop and implement a more effective method for ensuring that individuals are aware of how they can access and correct their immigration records, such as by updating and improving the Fact Sheet for Benefit Applicants.

    Agency: Department of Homeland Security: United States Citizenship and Immigration Services
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To improve management and oversight of the SAVE program, the director of USCIS should develop and implement a documented, risk-based approach to monitoring and compliance, including (1) a risk-based approach to selecting behaviors to monitor; (2) standards for what triggers compliance actions for the selected behaviors; and (3) a risk-based process for how USCIS will prioritize and select agencies for compliance actions.

    Agency: Department of Homeland Security: United States Citizenship and Immigration Services
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To improve management and oversight of the SAVE program, the director of USCIS should develop and communicate a process for user agencies to update contact information.

    Agency: Department of Homeland Security: United States Citizenship and Immigration Services
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To improve management and oversight of the SAVE program, the director of USCIS should ensure that user agencies participate in compliance reviews when selected, in accordance with SAVE MOA provisions and USCIS policy.

    Agency: Department of Homeland Security: United States Citizenship and Immigration Services
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To improve management and oversight of the SAVE program, the director of USCIS should identify the root causes of agencies' noncompliance with SAVE MOA provisions and program policies and tailor agency recommendations to those identified causes.

    Agency: Department of Homeland Security: United States Citizenship and Immigration Services
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To improve management and oversight of the SAVE program, the director of USCIS should develop and implement a process for ensuring user agencies implement corrective actions such as through a system of escalating compliance assistance actions and follow-up.

    Agency: Department of Homeland Security: United States Citizenship and Immigration Services
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Director: David J. Wise
    Phone: (202) 512-2834

    2 open recommendations
    Recommendation: To improve the reliability of FRPP disposal data, the Administrator of GSA should implement a data validation procedure to prevent reporting the same building disposal multiple times.

    Agency: General Services Administration
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To improve the accuracy of reporting on progress in reducing the inventory of federal buildings, the Director of OMB, in coordination with the GSA Administrator, should establish a procedure to verify that the OMB's reports include the intended data, such as, reporting individual buildings only once and reporting only federally owned buildings.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Director: Joe Kirschbaum
    Phone: (202) 512-9971

    3 open recommendations
    Recommendation: As DOD plans to respond to a pandemic, the Secretary of Defense should direct the Under Secretary of Defense for Policy and other DOD officials, as appropriate, to use DOD's existing coordination mechanisms with HHS and the Federal Emergency Management Agency (FEMA) to explore opportunities to improve their preparedness and response to a pandemic if DOD's capabilities are limited.

    Agency: Department of Defense
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: As HHS plans to respond to a pandemic, the Secretary of Health and Human Services should direct the Assistant Secretary for Preparedness and Response to use HHS's existing coordination mechanisms with DOD and FEMA to explore opportunities to improve their preparedness and response to a pandemic if DOD's capabilities are limited.

    Agency: Department of Health and Human Services
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: As DHS, through FEMA, plans to respond to a pandemic, the Secretary of Homeland Security should direct the Administrator of FEMA to use FEMA's existing coordination mechanisms with DOD and HHS to explore opportunities to improve their preparedness and response to a pandemic if DOD's capabilities are limited.

    Agency: Department of Homeland Security: Directorate of Emergency Preparedness and Response: Federal Emergency Management Agency
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Director: Diana Maurer
    Phone: (202) 512-8777

    2 open recommendations
    Recommendation: To better ensure grantees' compliance with the Drug-Free Communities Support Program's statutory requirements and to strengthen monitoring of grantee activities, SAMHSA should develop an action plan with time frames for addressing any deficiencies it finds through its reviews and making systemic changes to mitigate deficiencies on a prospective basis to strengthen the grant monitoring process.

    Agency: Department of Health and Human Services: Public Health Service: Substance Abuse and Mental Health Services Administration
    Status: Open

    Comments: As of April 2017, according to the Department of Health and Human Services, SAMHSA is currently in the process of implementing routine audits of all its grant files. SAMHSA will also conduct an audit specifically of DFC files to ensure compliance by the end of summer 2017. Additionally, SAMHSA will offer regular training to government project officers (GPO) on grant report requirements and will ensure DFC GPO participation. Finally, SAMHSA is actively implementing the Grants Enterprise Management System to streamline the grants management process and make the process for maintaining grant files automated. By the end of fall 2017, all newly awarded DFC grants will be in this system. By the end of fall 2018, all active DFC grants will utilize this system.
    Recommendation: To better ensure grantees' compliance with the Drug-Free Communities Support Program's statutory requirements and to strengthen monitoring of grantee activities, SAMHSA should develop and implement a method for ensuring that the grantee status reports it provides to ONDCP are complete and accurate.

    Agency: Department of Health and Human Services: Public Health Service: Substance Abuse and Mental Health Services Administration
    Status: Open

    Comments: As of April 2017, according to the Department of Health and Human Services, SAMHSA will develop a plan to ensure complete and accurate information is provided to ONDCP by the end of summer 2017.
    Director: Shelby S. Oakley
    Phone: (202) 512-3841

    3 open recommendations
    Recommendation: To improve the awareness of how risk-significant radioactive sources are transported within the United States and to better determine whether Nuclear Regulatory Commission (NRC) is meeting its goal of providing reasonable assurance for preventing the theft or diversion of these dangerous materials, the Chairman of NRC should take actions to collect information from licensees on the number of shipments and mode of transport for such sources--for example, by identifying the extent to which an existing NRC database (e.g., the National Source Tracking System) may be used to capture this information.

    Agency: Nuclear Regulatory Commission
    Status: Open

    Comments: In its 60-day response letter from NRC to GAO, NRC repeated its position on this recommendation as stated in its formal agency response that was included as appendix III in the report. In both cases, NRC states that it disagrees with this recommendation. NRC disagrees that the specific number of shipments by mode of transport is always needed. NRC explained that existing information collection requirements already exist for category 1 quantities and that it had previously determined that collection of shipment information for category 2 quantities was not necessary. NRC also stated that NSTS would not be the appropriate database to capture shipment information; it is not designed to capture real-time information. In addition, NRC does not consider the proposed collection activity to be of sufficient benefit to justify the additional cost of capturing the information. Therefore, NRC does not believe that adopting this recommendation would result in significant improvements to safety. Despite its disagreement with this recommendation, we will continue to monitor whether NRC takes any actions that would result in addressing the concern GAO raised.
    Recommendation: To further enhance the security of radioactive sources during ground transport, the Chairman of NRC, in consultation with the Secretary of Transportation and the Secretary of Homeland Security, should identify an approach to verify that motor carriers are meeting NRC's Part 37 security requirements applicable to transportation, for example by having DOT inspectors verify compliance with NRC Part 37 security requirements during their on-site investigations.

    Agency: Nuclear Regulatory Commission
    Status: Open

    Comments: As noted in the NRC comments on the GAO report, the NRC agrees in general with the second recommendation to explore with Federal partners an approach to verify that motor carriers meet 10 CFR Part 37 transportation security requirements. The NRC commits to exploring how the respective agencies can verify that motor carriers are meeting the NRC's applicable Part 37 transportation security requirements. This recommendation will remain open until NRC presents evidence that it has acted on it.
    Recommendation: To further enhance the security of radioactive sources during ground transport, the Secretary of Transportation, in consultation with the Chairman of NRC and the Secretary of Homeland Security, should consider examining the potential costs and security benefits associated with lowering the Highway Route Controlled Quantity (HRCQ) threshold so that more, or all, category 1 shipments are classified as HRCQ shipments.

    Agency: Department of Transportation
    Status: Open

    Comments: In its 60-day response letter, NRC stated that it recognizes that HRCQ thresholds fall under the jurisdiction of DOT. The NRC commits to exploring with DOT the potential costs and security benefits associated with lowering the HRCQ threshold so that more if not all , of the shipments of Category 1 quantities of radioactive material may be classified as HRCQ shipments. In its 60-day response letter, DOT concurred with this recommendation and stated that it planned to consult with NRC and the Department of Homeland Security Domestic Nuclear Detection Office, and its internal stakeholders to evaluate potential costs and security benefits of lowering the HRCQ threshold, which they expect to complete by January 15, 2018. This recommendation will remain open until evidence is presented by NRC and DOT that they have examined the costs and benefits of lowering the HRCQ threshold.
    Director: John E. Dicken
    Phone: (202) 512-7114

    2 open recommendations
    Recommendation: In order for drug sponsors to benefit from FDA's revised guidance on antibiotic development and take full advantage of the QIDP designation, FDA should clarify how drug sponsors should utilize draft guidance documents that were released in accordance with GAIN.

    Agency: Department of Health and Human Services: Food and Drug Administration
    Status: Open

    Comments: HHS gave GAO information on its Good Guidance Practices, which provide that guidance documents are not binding on FDA or the public and that sponsors can use alternative approaches consistent with applicable statutes. HHS also noted that FDA issues guidance in draft form to solicit public comment before finalizing its current thinking and recommendations. This practice, as reflected by language on applicable QIDP draft guidance documents indicating that the guidance will represent FDA's current thinking "when finalized," created uncertainty for sponsors in planning their antibiotic drug development programs. Without clarifying the role of draft guidance in the QIDP designation and process, this uncertainty will continue to persist. GAO considers this recommendation open.
    Recommendation: In order for drug sponsors to benefit from FDA's revised guidance on antibiotic development and take full advantage of the QIDP designation, FDA should develop and make available written guidance on the QIDP designation that includes information about the process a drug sponsor must undertake to request the fast track designation and how the agency is applying the market exclusivity incentive.

    Agency: Department of Health and Human Services: Food and Drug Administration
    Status: Open

    Comments: According to HHS, FDA intends to begin developing guidance on the QIDP designation and will eventually make this guidance publicly available.
    Director: Powner, David A
    Phone: (202) 512-9286

    5 open recommendations
    including 2 priority recommendations
    Recommendation: To facilitate the analysis of gaps between current skills and future needs, the development of strategies for filling the gaps, and succession planning, the Secretary of Commerce should require the Chief Information Officer, Chief Human Capital Officer, and other senior managers as appropriate to address the shortfalls in IT workforce planning noted in this report, including the following actions: (1) establish and maintain a workforce planning process; (2) develop competency and staffing requirements; (3) assess competency and staffing needs regularly; (4) assess gaps in competencies for all components of the workforce; (5) develop strategies and plans to address gaps in competencies and staffing; (6) implement activities that address gaps, including an IT acquisition cadre, cross-functional training of acquisition and program personnel, a career path for program managers, and special hiring authorities, if justified and cost-effective; (7) monitor the department's progress in addressing IT competency and staffing gaps; and (8) report to department leadership on progress in addressing competency and staffing gaps.

    Agency: Department of Commerce
    Status: Open
    Priority recommendation

    Comments: The department has not yet provided its written response to this recommendation. We will continue to monitor the department's progress in implementing the recommendation.
    Recommendation: To facilitate the analysis of gaps between current skills and future needs, the development of strategies for filling the gaps, and succession planning, the Secretary of Defense should require the Chief Information Officer, the Under Secretary of Defense for Personnel and Readiness, and other senior managers as appropriate to address the shortfalls in IT workforce planning noted in this report, including the following actions: (1) develop competencies for all staff; (2) assess competency needs regularly for all positions; (3) assess gaps in competencies for all components of the workforce; (4) develop strategies and plans to address gaps in competencies; (5) implement activities that address gaps, including developing a program management career path, if justified and cost-effective; (6) monitor the department's progress in addressing competency gaps identified for IT staff; and (7) report to department leadership on progress in addressing competency gaps.

    Agency: Department of Defense
    Status: Open

    Comments: The department has provided a written response to this recommendation and we are currently evaluating it.
    Recommendation: To facilitate the analysis of gaps between current skills and future needs, the development of strategies for filling the gaps, and succession planning, the Secretary of Health and Human Services should require the Chief Information Officer, Chief Human Capital Officer, and other senior managers as appropriate to address the shortfalls in IT workforce planning noted in this report, including the following actions: (1) establish and maintain a workforce planning process inclusive of all staff; (2) develop staffing requirements for all positions; (3) assess staffing needs regularly; (4) assess gaps in competencies and staffing for all components of the workforce; (5) develop strategies and plans to address gaps in competencies and staffing; (6) implement activities that address gaps, including an IT acquisition cadre, if justified and cost-effective; (7) monitor the department's progress in addressing competency and staffing gaps; and (8) report to department leadership on progress in addressing competency and staffing gaps.

    Agency: Department of Health and Human Services
    Status: Open

    Comments: The department has provided a written response to this recommendation and we are currently evaluating it.
    Recommendation: To facilitate the analysis of gaps between current skills and future needs, the development of strategies for filling the gaps, and succession planning, the Secretary of Transportation should require the Chief Information Officer, Chief Human Capital Officer, and other senior managers as appropriate to address the shortfalls in IT workforce planning noted in this report, including the following actions: (1) establish a time frame for when the department is to finalize its draft workforce planning process and maintain that process; (2) develop staffing requirements for all positions; (3) assess competency and staffing needs regularly for all positions; (4) assess gaps in staffing for all components of the workforce; (5) develop strategies and plans to address gaps in competencies and staffing; (6) implement activities that address gaps, including an IT acquisition cadre, cross-functional training of acquisition and program personnel, a career path for program managers, and use of special hiring authorities, if justified and cost-effective;e (7) monitor the department's progress in addressing competency and staffing gaps; and (8) report to department leadership on progress in addressing competency and staffing gaps.

    Agency: Department of Transportation
    Status: Open
    Priority recommendation

    Comments: The department agreed with the recommendation and stated that it plans to fully implement the recommendation by December 2019. To fully implement this recommendation, DOT should prioritize the completion of its IT workforce planning process and then begin implementing the process in phases based on the availability of resources.
    Recommendation: To facilitate the analysis of gaps between current skills and future needs, the development of strategies for filling the gaps, and succession planning, the Secretary of the Treasury should require the Chief Information Officer, Chief Human Capital Officer, and other senior managers as appropriate to address the shortfalls in IT workforce planning noted in this report, including the following actions: (1) establish and maintain a workforce planning process; (2) develop competency and staffing requirements for all positions; (3) assess competency and staffing needs regularly; (4) assess gaps in competencies and staffing for all components of the workforce; (5) develop strategies and plans to address gaps in competencies and staffing for all components of the workforce; (6) implement activities that address gaps, including a career path for program managers and special hiring authorities, if justified and cost-effective; (7) monitor the department's progress in addressing competency and staffing gaps; and (8) report to department leadership on progress in addressing competency and staffing gaps for all components of the workforce.

    Agency: Department of the Treasury
    Status: Open

    Comments: The department has not yet provided its written response to this recommendation. We will continue to monitor the department's progress in implementing the recommendation.
    Director: Melissa Emrey-Arras
    Phone: (617) 788-0534

    5 open recommendations
    Recommendation: To help ensure quality information is conveyed to servicemembers about how the Servicemembers Civil Relief Act (SCRA) interest rate cap applies to student loans, the Secretary of Defense should direct the secretaries of each service branch, and work with other secretaries as appropriate, to ensure that all information about the SCRA interest rate cap for student loans is accurate when provided to servicemembers and to those who work with servicemembers to help them obtain SCRA benefits, including information contained in outreach materials.

    Agency: Department of Defense
    Status: Open

    Comments: The Department of Defense (DOD) disagreed with this recommendation believing it to be unnecessary because it is already providing accurate information. Specifically, DOD noted that the information provided in several documents GAO reviewed is accurately based on statute whereas Education's updated requirement to automatically apply the cap is based on policy that could change in the future. Moreover, the automated process applies only to federal and commercial FFEL student loans in contrast to other types of debt. DOD said that providing information based on statute rather than policy would cause less confusion and was a better approach than what we recommend. However, our report noted that Education formalized the automated process through federal regulations, effective July 2016, which legally require servicers to use this process for all federal and commercial FFEL loans. In addition, DOD said it was unable to verify whether DOD's Military OneSource website inaccurately states that the SCRA rate cap does not apply to commercial FFEL loans. However, our searches of the website still turned up this inaccuracy. DOD said it would look into a means of verifying website information but that in the meantime, it is satisfied that its training provides correct information. Given that Military OneSource is a key source of information for servicemembers and that some documents DOD provided state that the SCRA rate cap does not apply to student loans, we continue to believe that servicemembers are not always receiving accurate and up-to-date information.
    Recommendation: To ensure that all eligible servicemembers with student loans receive the SCRA interest rate cap, the Attorney General should direct the Department of Justice to consider modifying its proposed changes to SCRA to require use of the automatic eligibility check for private student loans.

    Agency: Department of Justice: Office of the Attorney General
    Status: Open

    Comments: The Department of Justice (DOJ) stated that its current package of proposed legislative changes provides benefits to servicemembers with all kinds of loans, including private student loans. Rather than requiring servicemembers to submit written notice and a copy of military orders, they need only give oral or written notice of eligibility for the cap to their creditors. Creditors would then have to search the Department of Defense's records to verify the servicemembers' military service and apply the SCRA interest rate cap, when applicable. DOJ believes that these changes would significantly benefit all servicemembers with loans while providing a uniform standard for all types of creditors. The department added that it will consider its proposed changes to SCRA in future legislative proposals and plans to obtain feedback from stakeholders on how to improve SCRA's protections for servicemembers. However, as stated in our report, servicemembers with private student loans would still need to be aware of the rate cap in order to give notice, whether written or oral. Therefore, we encourage DOJ to consider updating its current proposal to require use of the automatic eligibility check by all student loan lenders and servicers. Not only would this ensure that servicemembers with private student loans receive a benefit for which they are eligible, but also that the interest rate cap is applied consistently across all types of student loans. The agency said that it would consider these changes to the SCRA in future legislative proposals and plans to obtain feedback from stakeholders on how the agency can propose to improve the SCRA's protections for servicemembers. However, as stated in our report, servicemembers with private student loans would still need to be aware of the rate cap in order to give notice, whether written or oral. Therefore, we encourage DOJ to consider updating its current proposal to require use of the automatic eligibility check by all student loan lenders and servicers. Not only would this ensure that servicemembers with private student loans receive a benefit for which they are eligible, but also that the interest rate cap is applied consistently across all types of student loans.
    Recommendation: To enhance customer service, the Secretary of Education should direct the Office of Federal Student Aid to identify ways to modify the data collected in its unified borrower complaint system to allow the agency to more precisely identify and analyze complaints specifically about the SCRA interest rate cap.

    Agency: Department of Education
    Status: Open

    Comments: The Department of Education said it is committed to accurately tracking the types of complaints it receives and will create a complainant subcategory for SCRA under the "Military and Veterans Benefit" category. In addition, it will continue to run periodic key word searches to identify other complaints that may have been miscategorized by the complainant, related to the requirements of the SCRA, and ensure that they are considered appropriately. GAO will consider closing this recommendation when the department has provided evidence that it has completed these efforts.
    Recommendation: To better ensure that servicemembers with private student loans benefit from the SCRA interest rate cap, the Director of the Consumer Financial Protection Bureau and the Attorney General of the Department of Justice should coordinate with each other, and with the four federal financial regulators, as appropriate, to determine the best way to ensure routine oversight of SCRA compliance for all nonbank private student loan lenders and servicers. If CFPB and DOJ determine that additional statutory authority is needed to facilitate such oversight, CFPB and DOJ should develop a legislative proposal for Congress.

    Agency: Consumer Financial Protection Bureau
    Status: Open

    Comments: The Consumer Financial Protection Bureau (CFPB) stated that it is committed to working with the Department of Justice (DOJ) and federal financial regulators, when possible, to facilitate oversight of SCRA compliance and that it will support all relevant federal agencies in using their respective authorities to identify and address SCRA violations as efficiently and effectively as possible. While CFPB coordinates with DOJ and other federal regulators in general, there is still no single agency authorized to enforce SCRA compliance among nonbank private student loan lenders and servicers, and no entity is conducting onsite supervisory reviews of these lenders and servicers. In addition, while CFPB may refer complaints from servicemembers about the SCRA rate cap for private student loans to DOJ and other financial regulators, we believe this does not constitute routine, proactive oversight and also presumes servicemembers are aware of the SCRA rate cap. GAO will consider closing this recommendation when the bureau has provided evidence of actions it has taken to facilitate routine oversight of SCRA compliance for all nonbank private student loan lenders and servicers.
    Recommendation: To better ensure that servicemembers with private student loans benefit from the SCRA interest rate cap, the Director of the Consumer Financial Protection Bureau and the Attorney General of the Department of Justice should coordinate with each other, and with the four federal financial regulators, as appropriate, to determine the best way to ensure routine oversight of SCRA compliance for all nonbank private student loan lenders and servicers. If CFPB and DOJ determine that additional statutory authority is needed to facilitate such oversight, CFPB and DOJ should develop a legislative proposal for Congress.

    Agency: Department of Justice: Office of the Attorney General
    Status: Open

    Comments: The Department of Justice (DOJ) believes that it is in full compliance with this recommendation and that the four federal financial regulators do not have statutory authority to examine nonbank private student loan lenders and servicers unaffiliated with a depository institution. DOJ stated that it already coordinates extensively with the Consumer Financial Protection Bureau (CFPB) and the financial regulators concerning SCRA compliance through such mechanisms as referrals from CFPB for any SCRA-related violations and access to its consumer complaint database, and regular meetings with CFPB, and that it will continue to be built upon these efforts. While these mechanisms are commendable, GAO believes they do not constitute exercising routine oversight of nonbank private student loan lenders and servicers who are not affiliated with a depository institution. We believe that additional interagency coordination, including working with CFPB to seek additional statutory authority, as needed, is necessary to ensure routine SCRA compliance.
    Director: Timothy J. DiNapoli
    Phone: (202) 512-4841

    5 open recommendations
    including 4 priority recommendations
    Recommendation: To better promote federal agency accountability for implementing the FSSI and category management initiatives, the Administrator of Federal Procurement Policy should ensure that transition plans are submitted and monitored as required by FSSI guidance and guidance governing specific category management initiatives.

    Agency: Executive Office of the President: Office of Management and Budget: Office of Federal Procurement Policy
    Status: Open
    Priority recommendation

    Comments: In October 2016, Office of Management and Budget (OMB) staff agreed that agency transitions plans should be submitted and monitored in accordance with guidance, as GAO recommended in October 2016. OMB staff indicated that all FSSIs are now being evaluated against best in class criteria as part of the migration to a category management approach to federal procurement. Further, OMB staff stated that OMB will issue additional policy or guidance as necessary. GAO believes these actions, if implemented, would meet the intent of the recommendation. As of August 1, 2017, OMB staff indicated they are continuing efforts to implement this recommendation. Given that transition plans were also required under FSSI guidance but were not submitted or monitored, it will be important for OMB to ensure that agencies follow through on submitting required plans going forward.
    Recommendation: To better promote federal agency accountability for implementing the FSSI and category management initiatives, the Administrator of Federal Procurement Policy should update the Leadership Council charter to establish an expectation that Leadership Council agencies develop agency-specific targets for use of the solutions approved.

    Agency: Executive Office of the President: Office of Management and Budget: Office of Federal Procurement Policy
    Status: Open
    Priority recommendation

    Comments: In October 2016, OMB staff agreed with the need for agency-specific targets for use of FSSI and category management initiatives as GAO recommended. OMB staff recommended, however, that this be accomplished through the Category Management governance and reporting procedures and processes that will be instituted in upcoming guidance, rather than an update to the Leadership Council charter. In October 2016, OMB issued a draft circular on category management establishing that spend under management will be the principal measure OMB will use to assess agency adoption of category management. OMB staff indicated that they plan to evaluate at least annually agencies' spend under management results, which includes agency adoption of best in class solutions, and then review with agency leaders progress toward meeting goals. As of August 1, 2017, OMB staff indicated they are continuing efforts to implement this recommendation. Given the low agency usage of the FSSIs, without such actions, and ensuring these targets and measures are set, OMB, and specifically the Office of Federal Procurement Policy, will lack the means to monitor progress and hold large procurement agencies accountable for using existing FSSIs or best in class solutions identified under subsequent category management efforts.
    Recommendation: To better promote federal agency accountability for implementing the FSSI and category management initiatives, the Administrator of Federal Procurement Policy should revise the 2015 category management guidance to establish a process for setting targets and performance measures for each Leadership Council agency's adoption of proposed FSSIs and category management solutions and ensure agency specific targets and measures are set.

    Agency: Executive Office of the President: Office of Management and Budget: Office of Federal Procurement Policy
    Status: Open
    Priority recommendation

    Comments: In October 2016, Office of Management and Budget (OMB) staff agreed that Leadership Council agency progress towards implementing category management should be tracked and measured as we recommended. OMB staff reported that guidance is in draft form in which agency progress will be measured using the Spend Under Management (SUM) model which provides an assessment of category management maturity for each of the ten government-wide categories as evaluated against five attributes: leadership, strategy, data, tools, and metrics. OMB will assess agency progress no less than annually and will engage agency leaders in regularly reviewing progress toward their goals. In addition, OMB will track agency spend through best in class contracts and these data will likely be used as an internal category metric and shared with the agencies. Taken together, these actions are responsive to GAO?s recommendations. As of August 1, 2017, OMB staff indicated they are continuing efforts to implement this recommendation. Given the low use of the FSSIs, OMB should continue to carefully monitor category management implementations as it moves forward and ensure that OFPP uses the planned targets and measures to hold agencies accountable for individual results. In short, greater accountability can lead to increased savings.
    Recommendation: To better promote federal agency accountability for implementing the FSSI and category management initiatives, the Administrator of Federal Procurement Policy should report on agency specific targets and metrics as part of the category management Cross-Agency Priority goal.

    Agency: Executive Office of the President: Office of Management and Budget: Office of Federal Procurement Policy
    Status: Open
    Priority recommendation

    Comments: In October 2016, Office of Management and Budget (OMB) staff agreed that agency specific targets and metrics should be reported as GAO recommended in October 2016. OMB staff indicated that results achieved relative to the Category Management Cross Agency Priority (CAP) goal targets will continue to be reported on a quarterly basis on Peformance.gov but that they will likely not include agency specific targets and metrics. Rather, OMB staff indicated that agency spending through best in class solutions will be tracked and used as an internal category metric and that OMB will engage agency leaders in regularly reviewing progress toward their goals and assess agencies no less than annually. GAO believes these actions, if implemented, would meet the intent of the recommendation. As of August 1, 2017, OMB staff indicated they are continuing efforts to implement this recommendation. Given the low agency usage of the FSSIs, OMB needs to monitor progress and hold large procurement agencies accountable for using existing FSSIs or best in class solutions identified under subsequent category management efforts.
    Recommendation: To improve the management of current FSSIs, the GSA FSSI program management office should provide oversight and support to the Information Retrieval FSSI to better align their practices with current strategic sourcing guidance related to collecting and using transactional data to calculate savings.

    Agency: General Services Administration
    Status: Open

    Comments: In response to our recommendation, GSA conducted a gap analysis of the Information Retrieval FSSI and its compliance with FSSI standards and provided the Library of Congress with FSSI best practice tools and resources related to collecting transactional data and calculating savings. According to GSA, the Library of Congress intends to address gaps to support the goal of implementation in the next Information Retrieval award in 2018. GSA will monitor progress, and provide feedback and assistance.
    Director: Kay E. Brown
    Phone: (202) 512-7215

    2 open recommendations
    including 1 priority recommendation
    Recommendation: The Secretary of Agriculture should take additional steps to collect and disseminate information on promising practices that could help improve data matching processes among state SNAP agencies, including broad and timely dissemination of information on results of recent relevant pilots or demonstrations.

    Agency: Department of Agriculture
    Status: Open
    Priority recommendation

    Comments: The U.S. Department of Agriculture's (USDA) Food and Nutrition Service (FNS) agreed with this recommendation. The agency noted it is moving in this direction and would build on current efforts to address them. GAO will monitor these efforts and consider closing the recommendation when these efforts have been completed.
    Recommendation: The Secretary of Agriculture should work with the Department of Health and Human Services (as appropriate) to analyze spending and understand data needs for SNAP across federal and state contracts and in relation to other programs as FNS explores ways to potentially reduce the costs of using commercial data services.

    Agency: Department of Agriculture
    Status: Open

    Comments: The U.S. Department of Agriculture's (USDA) Food and Nutrition Service (FNS) agreed with this recommendation. The agency noted it has been moving in this general direction and would build on current efforts to address it. GAO will monitor these efforts and consider closing the recommendation when these efforts have been completed.
    Director: Beryl H. Davis
    Phone: (202) 512-2623

    9 open recommendations
    including 4 priority recommendations
    Recommendation: To provide agencies access to SSA's more complete set of death data, Congress should consider amending the Social Security Act to explicitly allow SSA to share its full death file with Treasury for use through the DNP working system.

    Agency: Congress
    Status: Open

    Comments: When we confirm what actions have been taken we will update. As of August 3, 2017, no updated information has been provided.
    Recommendation: To reasonably assure that additional relevant databases are identified and evaluated for inclusion in the DNP working system, the Director of OMB should develop, document, and communicate a formal process that user agencies can use to identify, suggest, and receive feedback on additional databases to be evaluated for inclusion in the DNP working system.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: We provided a draft of this report to OMB and Treasury and other agencies we reviewed for comment. In its written comments, OMB agreed with this recommendation and cited plans to implement it. As of August 3, 2017, no updated information has been provided by the OMB. We will continue to monitor the status of this recommendation.
    Recommendation: To reasonably assure that the DNP working system is used effectively and consistently, the Director of OMB should develop guidance that clarifies whether the use of DNP's payment integration functionality is required and--if required--the circumstances and process in which agencies may obtain an exemption from this requirement.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open
    Priority recommendation

    Comments: We provided a draft of this report to OMB and Treasury and other agencies we reviewed for comment. In its written comments, OMB agreed with this recommendation and cited plans to implement it. As of August 3, 2017, no updated information has been provided by the OMB. We will continue to monitor the status of this recommendation.
    Recommendation: To reasonably assure that agencies use the DNP working system effectively, the Director of OMB should develop a strategy--and communicate its strategy through guidance--for how agencies should use the DNP working system to complement existing data matching processes and whether and how agencies should consider using the DNP working system to streamline existing data matching. Such guidance may cover how agencies should demonstrate that their data matching processes meet the requirements in the Improper Payments Elimination and Recovery Improvement Act of 2012, whether agencies can decide on their own which specific databases to use, and how agencies should use the functionalities available through the DNP working system.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open
    Priority recommendation

    Comments: We provided a draft of this report to OMB and Treasury and other agencies we reviewed for comment. In its written comments, OMB stated that it generally agreed with the concept of developing a strategy for how agencies should use the Do Not Pay (DNP) working system to complement existing data matching processes and would explore the concept further. As of August 3, 2017, no updated information has been provided by the OMB. We will continue to monitor the status of this recommendation.
    Recommendation: To reasonably assure that agencies develop consistent policies and procedures to verify DNP matches, the Director of OMB should provide additional guidance that outlines when and how agencies should verify DNP matches against a secondary source and provide individuals an opportunity to contest before taking adverse actions as a result of DNP matches.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open
    Priority recommendation

    Comments: We provided a draft of this report to OMB and Treasury and other agencies we reviewed for comment. In its written comments, OMB stated that it agreed with the of consistent policies and procedures and will work with agencies so that their policies and procedures for verifying Do Not Pay (DNP) matches are developed consistently. As of August 3, 2017, no updated information has been provided by the OMB. We will continue to monitor the status of this recommendation.
    Recommendation: To better monitor agency use of the DNP working system once a strategy has been developed, the Director of OMB should develop and implement monitoring mechanisms--such as goals, benchmarks, and performance measures--to evaluate agency use of the DNP working system.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open
    Priority recommendation

    Comments: We provided a draft of this report to OMB and Treasury and other agencies we reviewed for comment. In its written comments, OMB stated that it agreed with the concept of monitoring mechanisms and will continue to work with agencies to reduce improper payments and encourage agencies to establish goals to improve payment accuracy that will be monitored and evaluated by OMB. As of August 3, 2017, no updated information has been provided by the OMB. We will continue to monitor the status of this recommendation.
    Recommendation: To reasonably assure that agency-reported information on use of the DNP working system is reliable, the Director of OMB should develop a process for comparing agency reporting on the use of the DNP working system to available sources, such as OMB guidance and DNP working system adjudication reports.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: We provided a draft of this report to OMB and Treasury and other agencies we reviewed for comment. In its written comments, OMB stated that it agreed with the concept of ensuring that data are reliable and will consider the feasibility of a process to compare agency submissions to available sources to reasonably assure that agency-reported information on use of the Do Not Pay (DNP) working system is reliable. As of August 3, 2017, no updated information has been provided by the OMB. We will continue to monitor the status of this recommendation.
    Recommendation: To reasonably assure that agency-reported information on use of the DNP working system is complete, the Director of OMB should revise its guidance to clarify whether agencies should report on their uses of all of the functionalities of the DNP working system in their agency financial reports.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: We provided a draft of this report to OMB and Treasury and other agencies we reviewed for comment. In its written comments, OMB stated that it agreed with ensuring the completeness of data and will continue to work with agencies and the Chief Financial Officer community to ensure that agency-reported information on the use of the Do Not Pay (DNP) working system is complete. As of August 3, 2017, no updated information has been provided by the OMB. We will continue to monitor the status of this recommendation.
    Recommendation: The Secretary of the Treasury should modify the DNP working system to track adjudication of matches obtained through all functionalities.

    Agency: Department of the Treasury
    Status: Open

    Comments: In a memo dated April 13, 2017, the Department of Treasury (Treasury) stated that it is in the process of evaluating potential solutions to capture information on the impact of Portal functionalities (online single search, continuous monitoring, and batch matching), and has developed a plan with timeframes to assess the technical feasibility as well as user willingness to provide information. However, Treasury stated that it cannot be certain that this evaluation will identify viable solutions, and therefore cannot commit to making any modifications to the working system. Treasury explained, for instance, it may not be possible to design an effective and user-friendly strategy to capture agency decisions to remove an excluded party identified in a continuous monitoring file from a list of approved vendors. Further, Treasury explained that even if it can capture those decisions, it may be even more difficult to assign a dollar value to that decision as there would be no payment pending in this example. Nevertheless, Treasury stated that it is committed to thoroughly evaluating whether a solution is possible, and--if a solution proves feasibly--its goal is to complete a development plan for the implementation of any identified solutions by September 30, 2018.
    Director: Nancy Kingsbury
    Phone: (202) 512-2700

    5 open recommendations
    including 2 priority recommendations
    Recommendation: To support its strategic and open data goals, the Director of OPM should improve the availability of the EHRI payroll data--for example, by preparing the data for analytics, making them available through online tools such as FedScope, and including them among the EHRI data sources on the OPM website and Data.gov.

    Agency: Office of Personnel Management
    Status: Open
    Priority recommendation

    Comments: On 4/21/2017 OPM provided a status update based on our inclusion of this rec in the priority rec letter. "As communicated in our December 6, 2017, letter to the Comptroller General, OPM is developing a comprehensive strategy to improve the availability of EHRI payroll data for analytics. We have started an effort to standardize payroll data elements by engaging with the payroll subject matter experts through the shared service providers. We will keep GAO informed as we make additional progress."
    Recommendation: To improve internal controls for data quality, the Director of OPM should update EHRI payroll database documentation to be consistent with current field definitions and requirements, including the Guide to Human Resources Reporting and the Guide to Data Standards, Part B.

    Agency: Office of Personnel Management
    Status: Open

    Comments: No specific updates on this rec, but it would be addressed in the "comprehensive strategy to improve the availability of EHRI payroll data for analytics" that is noted in OPM's response to the priority recommendation.
    Recommendation: To improve internal controls for data quality, the Director of OPM should consistently monitor system-generated error and edit check reports and ensure that timely action is taken to address identified issues.

    Agency: Office of Personnel Management
    Status: Open
    Priority recommendation

    Comments: On 4/21/17 OPM provided an update to their 60 day letter in response to our inclusion of this rec in the priority letter to OPM. Very soon, we will begin implementing follow-up activities with shared service centers and agencies regarding issues identified with the payroll data they submit to EHRI. We are also evaluating the feasibility of incorporating automated methods to validate agency data, to the extent possible. We will keep GAO informed as we make additional progress.
    Recommendation: To integrate the payroll data into the larger suite of EHRI databases, the Director of OPM should develop a schedule for executing these plans.

    Agency: Office of Personnel Management
    Status: Open

    Comments: No specific updates on this rec, but it would be addressed in the "comprehensive strategy to improve the availability of EHRI payroll data for analytics" that is noted in OPM's response to the priority recommendation.
    Recommendation: To integrate the payroll data into the larger suite of EHRI databases, the Director of OPM should evaluate existing internal control activities and develop new control activities for EHRI payroll data, such as implementing transactional edit checks that leverage the information in the other EHRI datasets.

    Agency: Office of Personnel Management
    Status: Open

    Comments: No specific updates on this rec, but it would be addressed in the "comprehensive strategy to improve the availability of EHRI payroll data for analytics" that is noted in OPM's response to the priority recommendation.
    Director: Shea, Rebecca
    Phone: (202) 512-2834

    2 open recommendations
    including 2 priority recommendations
    Recommendation: To improve federal agency LMR procurement practices, the Director of OMB should direct the Office of Federal Procurement Policy to examine the feasibility of including LMR technology in the category management initiative.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open
    Priority recommendation

    Comments: OMB generally agreed with this recommendation and noted that it is working to identify which information-technology strategies will produce the best return on investment and that it continues to evaluate its category-specific plans. We will update the status of this recommendation after we receive additional information from OMB.
    Recommendation: To improve federal agency LMR procurement practices, the Director of OMB should direct the Office of Federal Procurement Policy to, if warranted, include LMR technology within the appropriate spend category.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open
    Priority recommendation

    Comments: OMB generally agreed with this recommendation and noted that it is working to identify which information-technology strategies will produce the best return on investment and that it continues to evaluate its category-specific plans. We will update the status of this recommendation after we receive additional information from OMB.
    Director: Yvonne D. Jones
    Phone: (202) 512-2717

    1 open recommendations
    Recommendation: To help ensure that OPM fulfills its oversight responsibilities related to adherence to merit system principles in hiring and to help improve agencies' compliance with OPM's stated policy on conversions, the Acting Director of OPM should establish a process for agencies to verify and correct, in a timely manner, political conversion data for use in required reports to Congress on conversion requests, and to identify those conversions not receiving OPM's prior approval.

    Agency: Office of Personnel Management
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Director: David Powner
    Phone: (202) 512-9286

    25 open recommendations
    Recommendation: To improve federal agencies' efforts to rationalize their portfolio of applications, the heads of the Departments of Agriculture, Commerce, Education, Energy, Health and Human Services, Housing and Urban Development, the Interior, Labor, State, Transportation, the Treasury, and Veterans Affairs; and heads of the Environmental Protection Agency; National Aeronautics and Space Administration; National Science Foundation; Nuclear Regulatory Commission; Office of Personnel Management; Small Business Administration; Social Security Administration; and U.S. Agency for International Development should direct their Chief Information Officers (CIOs) and other responsible officials to improve their inventories by taking steps to fully address the practices we identified as being partially met or not met.

    Agency: United States Agency for International Development
    Status: Open

    Comments: We plan to follow up on the agency's actions to implement this recommendation.
    Recommendation: To improve federal agencies' efforts to rationalize their portfolio of applications, the heads of the Departments of Agriculture, Commerce, Education, Energy, Health and Human Services, Housing and Urban Development, the Interior, Labor, State, Transportation, the Treasury, and Veterans Affairs; and heads of the Environmental Protection Agency; National Aeronautics and Space Administration; National Science Foundation; Nuclear Regulatory Commission; Office of Personnel Management; Small Business Administration; Social Security Administration; and U.S. Agency for International Development should direct their Chief Information Officers (CIOs) and other responsible officials to improve their inventories by taking steps to fully address the practices we identified as being partially met or not met.

    Agency: Department of Agriculture
    Status: Open

    Comments: In its comments on a draft of our report, the department concurred with our recommendation. Subsequent to the department informing us that it has taken action to implement the recommendation, we will follow up.
    Recommendation: To improve federal agencies' efforts to rationalize their portfolio of applications, the heads of the Departments of Agriculture, Commerce, Education, Energy, Health and Human Services, Housing and Urban Development, the Interior, Labor, State, Transportation, the Treasury, and Veterans Affairs; and heads of the Environmental Protection Agency; National Aeronautics and Space Administration; National Science Foundation; Nuclear Regulatory Commission; Office of Personnel Management; Small Business Administration; Social Security Administration; and U.S. Agency for International Development should direct their Chief Information Officers (CIOs) and other responsible officials to improve their inventories by taking steps to fully address the practices we identified as being partially met or not met.

    Agency: Department of Education
    Status: Open

    Comments: In its comments on a draft of our report, the department concurred with our recommendation. Subsequent to the department informing us that it has taken action to implement the recommendation, we will follow up.
    Recommendation: To improve federal agencies' efforts to rationalize their portfolio of applications, the heads of the Departments of Agriculture, Commerce, Education, Energy, Health and Human Services, Housing and Urban Development, the Interior, Labor, State, Transportation, the Treasury, and Veterans Affairs; and heads of the Environmental Protection Agency; National Aeronautics and Space Administration; National Science Foundation; Nuclear Regulatory Commission; Office of Personnel Management; Small Business Administration; Social Security Administration; and U.S. Agency for International Development should direct their Chief Information Officers (CIOs) and other responsible officials to improve their inventories by taking steps to fully address the practices we identified as being partially met or not met.

    Agency: Department of Commerce
    Status: Open

    Comments: In its comments on a draft of our report, the department concurred with our recommendation. Subsequent to the department informing us that it has taken action to implement the recommendation, we will follow up.
    Recommendation: To improve federal agencies' efforts to rationalize their portfolio of applications, the heads of the Departments of Agriculture, Commerce, Education, Energy, Health and Human Services, Housing and Urban Development, the Interior, Labor, State, Transportation, the Treasury, and Veterans Affairs; and heads of the Environmental Protection Agency; National Aeronautics and Space Administration; National Science Foundation; Nuclear Regulatory Commission; Office of Personnel Management; Small Business Administration; Social Security Administration; and U.S. Agency for International Development should direct their Chief Information Officers (CIOs) and other responsible officials to improve their inventories by taking steps to fully address the practices we identified as being partially met or not met.

    Agency: Department of Energy
    Status: Open

    Comments: In its comments on a draft of our report, the department concurred with our recommendation. Subsequent to the department informing us that it has taken action to implement the recommendation, we will follow up.
    Recommendation: To improve federal agencies' efforts to rationalize their portfolio of applications, the heads of the Departments of Agriculture, Commerce, Education, Energy, Health and Human Services, Housing and Urban Development, the Interior, Labor, State, Transportation, the Treasury, and Veterans Affairs; and heads of the Environmental Protection Agency; National Aeronautics and Space Administration; National Science Foundation; Nuclear Regulatory Commission; Office of Personnel Management; Small Business Administration; Social Security Administration; and U.S. Agency for International Development should direct their Chief Information Officers (CIOs) and other responsible officials to improve their inventories by taking steps to fully address the practices we identified as being partially met or not met.

    Agency: Department of Housing and Urban Development
    Status: Open

    Comments: In its comments on a draft of our report, the department concurred with our recommendation. Subsequent to the department informing us that it has taken action to implement the recommendation, we will follow up.
    Recommendation: To improve federal agencies' efforts to rationalize their portfolio of applications, the heads of the Departments of Agriculture, Commerce, Education, Energy, Health and Human Services, Housing and Urban Development, the Interior, Labor, State, Transportation, the Treasury, and Veterans Affairs; and heads of the Environmental Protection Agency; National Aeronautics and Space Administration; National Science Foundation; Nuclear Regulatory Commission; Office of Personnel Management; Small Business Administration; Social Security Administration; and U.S. Agency for International Development should direct their Chief Information Officers (CIOs) and other responsible officials to improve their inventories by taking steps to fully address the practices we identified as being partially met or not met.

    Agency: Department of Health and Human Services
    Status: Open

    Comments: In its comments on a draft of our report, the department concurred with our recommendation. Subsequent to the department informing us that it has taken action to implement the recommendation, we will follow up.
    Recommendation: To improve federal agencies' efforts to rationalize their portfolio of applications, the heads of the Departments of Agriculture, Commerce, Education, Energy, Health and Human Services, Housing and Urban Development, the Interior, Labor, State, Transportation, the Treasury, and Veterans Affairs; and heads of the Environmental Protection Agency; National Aeronautics and Space Administration; National Science Foundation; Nuclear Regulatory Commission; Office of Personnel Management; Small Business Administration; Social Security Administration; and U.S. Agency for International Development should direct their Chief Information Officers (CIOs) and other responsible officials to improve their inventories by taking steps to fully address the practices we identified as being partially met or not met.

    Agency: Social Security Administration
    Status: Open

    Comments: In its comments on a draft of our report, SSA agreed with our recommendation. Subsequent to SSA informing us that it has taken action to implement the recommendation, we will follow up.
    Recommendation: To improve federal agencies' efforts to rationalize their portfolio of applications, the heads of the Departments of Agriculture, Commerce, Education, Energy, Health and Human Services, Housing and Urban Development, the Interior, Labor, State, Transportation, the Treasury, and Veterans Affairs; and heads of the Environmental Protection Agency; National Aeronautics and Space Administration; National Science Foundation; Nuclear Regulatory Commission; Office of Personnel Management; Small Business Administration; Social Security Administration; and U.S. Agency for International Development should direct their Chief Information Officers (CIOs) and other responsible officials to improve their inventories by taking steps to fully address the practices we identified as being partially met or not met.

    Agency: Department of the Interior
    Status: Open

    Comments: We plan to follow up on the department's actions to implement this recommendation.
    Recommendation: To improve federal agencies' efforts to rationalize their portfolio of applications, the heads of the Departments of Agriculture, Commerce, Education, Energy, Health and Human Services, Housing and Urban Development, the Interior, Labor, State, Transportation, the Treasury, and Veterans Affairs; and heads of the Environmental Protection Agency; National Aeronautics and Space Administration; National Science Foundation; Nuclear Regulatory Commission; Office of Personnel Management; Small Business Administration; Social Security Administration; and U.S. Agency for International Development should direct their Chief Information Officers (CIOs) and other responsible officials to improve their inventories by taking steps to fully address the practices we identified as being partially met or not met.

    Agency: Department of Transportation
    Status: Open

    Comments: In its comments on a draft of our report, the department concurred with our recommendation. Subsequent to the department informing us that it has taken action to implement the recommendation, we will follow up.
    Recommendation: To improve federal agencies' efforts to rationalize their portfolio of applications, the heads of the Departments of Agriculture, Commerce, Education, Energy, Health and Human Services, Housing and Urban Development, the Interior, Labor, State, Transportation, the Treasury, and Veterans Affairs; and heads of the Environmental Protection Agency; National Aeronautics and Space Administration; National Science Foundation; Nuclear Regulatory Commission; Office of Personnel Management; Small Business Administration; Social Security Administration; and U.S. Agency for International Development should direct their Chief Information Officers (CIOs) and other responsible officials to improve their inventories by taking steps to fully address the practices we identified as being partially met or not met.

    Agency: Department of Labor
    Status: Open

    Comments: In its comments on a draft of our report, the department concurred with our recommendation. Subsequent to the department informing us that it has taken action to implement the recommendation, we will follow up.
    Recommendation: To improve federal agencies' efforts to rationalize their portfolio of applications, the heads of the Departments of Agriculture, Commerce, Education, Energy, Health and Human Services, Housing and Urban Development, the Interior, Labor, State, Transportation, the Treasury, and Veterans Affairs; and heads of the Environmental Protection Agency; National Aeronautics and Space Administration; National Science Foundation; Nuclear Regulatory Commission; Office of Personnel Management; Small Business Administration; Social Security Administration; and U.S. Agency for International Development should direct their Chief Information Officers (CIOs) and other responsible officials to improve their inventories by taking steps to fully address the practices we identified as being partially met or not met.

    Agency: Department of the Treasury
    Status: Open

    Comments: The department said it had no comments on our draft report and recommendation. We plan to follow up.
    Recommendation: To improve federal agencies' efforts to rationalize their portfolio of applications, the heads of the Departments of Agriculture, Commerce, Education, Energy, Health and Human Services, Housing and Urban Development, the Interior, Labor, State, Transportation, the Treasury, and Veterans Affairs; and heads of the Environmental Protection Agency; National Aeronautics and Space Administration; National Science Foundation; Nuclear Regulatory Commission; Office of Personnel Management; Small Business Administration; Social Security Administration; and U.S. Agency for International Development should direct their Chief Information Officers (CIOs) and other responsible officials to improve their inventories by taking steps to fully address the practices we identified as being partially met or not met.

    Agency: Department of Veterans Affairs
    Status: Open

    Comments: In its comments on a draft of our report, the department concurred with our recommendation. Subsequent to the department informing us that it has taken action to implement the recommendation, we will follow up.
    Recommendation: To improve federal agencies' efforts to rationalize their portfolio of applications, the heads of the Departments of Agriculture, Commerce, Education, Energy, Health and Human Services, Housing and Urban Development, the Interior, Labor, State, Transportation, the Treasury, and Veterans Affairs; and heads of the Environmental Protection Agency; National Aeronautics and Space Administration; National Science Foundation; Nuclear Regulatory Commission; Office of Personnel Management; Small Business Administration; Social Security Administration; and U.S. Agency for International Development should direct their Chief Information Officers (CIOs) and other responsible officials to improve their inventories by taking steps to fully address the practices we identified as being partially met or not met.

    Agency: Department of State
    Status: Open

    Comments: In its comments on a draft of our report, the department concurred with our recommendation. Subsequent to the department informing us that it has taken action to implement the recommendation, we will follow up.
    Recommendation: To improve federal agencies' efforts to rationalize their portfolio of applications, the heads of the Departments of Agriculture, Commerce, Education, Energy, Health and Human Services, Housing and Urban Development, the Interior, Labor, State, Transportation, the Treasury, and Veterans Affairs; and heads of the Environmental Protection Agency; National Aeronautics and Space Administration; National Science Foundation; Nuclear Regulatory Commission; Office of Personnel Management; Small Business Administration; Social Security Administration; and U.S. Agency for International Development should direct their Chief Information Officers (CIOs) and other responsible officials to improve their inventories by taking steps to fully address the practices we identified as being partially met or not met.

    Agency: Environmental Protection Agency
    Status: Open

    Comments: In its comments on a draft of our report, EPA generally agreed with our recommendation. Subsequent to EPA informing us that it has taken action to implement the recommendation, we will follow up.
    Recommendation: To improve federal agencies' efforts to rationalize their portfolio of applications, the heads of the Departments of Agriculture, Commerce, Education, Energy, Health and Human Services, Housing and Urban Development, the Interior, Labor, State, Transportation, the Treasury, and Veterans Affairs; and heads of the Environmental Protection Agency; National Aeronautics and Space Administration; National Science Foundation; Nuclear Regulatory Commission; Office of Personnel Management; Small Business Administration; Social Security Administration; and U.S. Agency for International Development should direct their Chief Information Officers (CIOs) and other responsible officials to improve their inventories by taking steps to fully address the practices we identified as being partially met or not met.

    Agency: National Aeronautics and Space Administration
    Status: Open

    Comments: In its comments on a draft of our report, NASA concurred with our recommendation. Subsequent to NASA informing us that it has taken action to implement the recommendation, we will follow up.
    Recommendation: To improve federal agencies' efforts to rationalize their portfolio of applications, the heads of the Departments of Agriculture, Commerce, Education, Energy, Health and Human Services, Housing and Urban Development, the Interior, Labor, State, Transportation, the Treasury, and Veterans Affairs; and heads of the Environmental Protection Agency; National Aeronautics and Space Administration; National Science Foundation; Nuclear Regulatory Commission; Office of Personnel Management; Small Business Administration; Social Security Administration; and U.S. Agency for International Development should direct their Chief Information Officers (CIOs) and other responsible officials to improve their inventories by taking steps to fully address the practices we identified as being partially met or not met.

    Agency: National Science Foundation
    Status: Open

    Comments: NSF stated that it had no comments on our draft report and recommendation. We will plan to follow up.
    Recommendation: To improve federal agencies' efforts to rationalize their portfolio of applications, the heads of the Departments of Agriculture, Commerce, Education, Energy, Health and Human Services, Housing and Urban Development, the Interior, Labor, State, Transportation, the Treasury, and Veterans Affairs; and heads of the Environmental Protection Agency; National Aeronautics and Space Administration; National Science Foundation; Nuclear Regulatory Commission; Office of Personnel Management; Small Business Administration; Social Security Administration; and U.S. Agency for International Development should direct their Chief Information Officers (CIOs) and other responsible officials to improve their inventories by taking steps to fully address the practices we identified as being partially met or not met.

    Agency: Small Business Administration
    Status: Open

    Comments: In comments on a draft of our report, SBA said the report captures its current posture. We plan to follow up.
    Recommendation: To improve federal agencies' efforts to rationalize their portfolio of applications, the heads of the Departments of Agriculture, Commerce, Education, Energy, Health and Human Services, Housing and Urban Development, the Interior, Labor, State, Transportation, the Treasury, and Veterans Affairs; and heads of the Environmental Protection Agency; National Aeronautics and Space Administration; National Science Foundation; Nuclear Regulatory Commission; Office of Personnel Management; Small Business Administration; Social Security Administration; and U.S. Agency for International Development should direct their Chief Information Officers (CIOs) and other responsible officials to improve their inventories by taking steps to fully address the practices we identified as being partially met or not met.

    Agency: Nuclear Regulatory Commission
    Status: Open

    Comments: In comments on a draft of our report, NRC stated that it generally agreed with the report. We plan to follow up.
    Recommendation: To improve federal agencies' efforts to rationalize their portfolio of applications, the heads of the Departments of Agriculture, Commerce, Education, Energy, Health and Human Services, Housing and Urban Development, the Interior, Labor, State, Transportation, the Treasury, and Veterans Affairs; and heads of the Environmental Protection Agency; National Aeronautics and Space Administration; National Science Foundation; Nuclear Regulatory Commission; Office of Personnel Management; Small Business Administration; Social Security Administration; and U.S. Agency for International Development should direct their Chief Information Officers (CIOs) and other responsible officials to improve their inventories by taking steps to fully address the practices we identified as being partially met or not met.

    Agency: Office of Personnel Management
    Status: Open

    Comments: In its comments on a draft of our report, OPM concurred with our recommendation. Subsequent to OPM informing us that it has taken action to implement the recommendation, we will follow up.
    Recommendation: To improve federal agencies' efforts to rationalize their portfolio of applications, the Secretaries of Defense, Homeland Security, the Interior, and Labor; and the Director of the National Science Foundation should direct the CIOs and other responsible officials to modify existing investment management processes to address applications more completely. Specifically, the Secretary of Defense should direct the responsible official to modify the department's existing processes to collect and review cost, technical, and business information for the enterprise and business IT systems within the Enterprise Information Environment Mission Area applications which are currently not reviewed as part of the department's process for business systems.

    Agency: Department of Defense
    Status: Open

    Comments: In comments on a draft of our report, the department disagreed with our recommendation. We plan to follow up.
    Recommendation: To improve federal agencies' efforts to rationalize their portfolio of applications, the Secretaries of Defense, Homeland Security, the Interior, and Labor; and the Director of the National Science Foundation should direct the CIOs and other responsible officials to modify existing investment management processes to address applications more completely. Specifically, the Secretary of Homeland Security should direct the department's CIO to identify one high-cost function it could collect detailed cost, technical, and business information for and modify existing processes to collect and review this information.

    Agency: Department of Homeland Security
    Status: Open

    Comments: In its comments on a draft of our report, the department concurred with our recommendation. Subsequent to the department informing us that it has taken action to implement the recommendation, we will follow up.
    Recommendation: To improve federal agencies' efforts to rationalize their portfolio of applications, the Secretaries of Defense, Homeland Security, the Interior, and Labor; and the Director of the National Science Foundation should direct the CIOs and other responsible officials to modify existing investment management processes to address applications more completely. Specifically, the Secretary of the Interior should direct the department's CIO to document and implement a plan for establishing policy that would define a standard analytical technique for rationalizing the investment portfolio.

    Agency: Department of the Interior
    Status: Open

    Comments: We plan to follow up on the department's actions to implement this recommendation.
    Recommendation: To improve federal agencies' efforts to rationalize their portfolio of applications, the Secretaries of Defense, Homeland Security, the Interior, and Labor; and the Director of the National Science Foundation should direct the CIOs and other responsible officials to modify existing investment management processes to address applications more completely. Specifically, the Secretary of Labor should direct the department's CIO to consider a segmented approach to further rationalize and identify a function for which it would modify existing processes to collect and review application-specific cost, technical, and business value information.

    Agency: Department of Labor
    Status: Open

    Comments: In its comments on a draft of our report, the department concurred with our recommendation. Subsequent to the department informing us that it has taken action to implement the recommendation, we will follow up.
    Recommendation: To improve federal agencies' efforts to rationalize their portfolio of applications, the Secretaries of Defense, Homeland Security, the Interior, and Labor; and the Director of the National Science Foundation should direct the CIOs and other responsible officials to modify existing investment management processes to address applications more completely. Specifically, the Director of the National Science Foundation should direct the CIO to consistently document evaluations for all applications and report cost information for them in the roadmap or other documentation.

    Agency: National Science Foundation
    Status: Open

    Comments: NSF stated that it had no comments on our draft report and recommendation. We will plan to follow up.
    Director: Michelle Sager
    Phone: (202) 512-6806

    1 open recommendations
    Recommendation: To facilitate collaboration and identify and broadly disseminate information on leading practices and lessons learned, the Director of OMB should establish a formal means for agencies to collaborate on tiered evidence grants. This could include creating a formal working group or providing collaboration technologies, such as an electronic mailing list or web portals.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: In July 2017, OMB staff told us that they had established an interagency working group and other mechanisms to facilitate collaboration and disseminate information on tiered evidence grants. We have requested documentation of such activities but have yet to receive it.
    Director: Valerie Melvin
    Phone: (202) 512-6304

    2 open recommendations
    Recommendation: To provide greater transparency in the reporting of FOIA litigation costs, Congress could consider requiring Justice to provide a cost estimate for collecting and reporting information on costs incurred when defending lawsuits in which the plaintiffs prevailed.

    Agency: Congress
    Status: Open

    Comments: Congress has not yet considered if it plans to amend FOIA regarding the reporting of costs for defending lawsuits in which the plaintiffs prevailed.
    Recommendation: Congress could consider amending the act to require Justice to reflect in its Litigation and Compliance reports, changes in the award of attorneys' fees and costs resulting from the appeals process and settlement agreements between agencies and plaintiffs, if deemed to be cost-effective.

    Agency: Congress
    Status: Open

    Comments: Congress has not yet considered if it plans to amend FOIA to require Justice to make changes to its Litigation and Compliance reports.
    Director: John Neumann
    Phone: (202) 512-3841

    6 open recommendations
    Recommendation: To fulfill the role assigned to it under the 1980 Act, the Secretary of Commerce should engage with industry stakeholders and continually identify and assess critical materials needs across a broad range of industrial sectors.

    Agency: Department of Commerce
    Status: Open

    Comments: In December 2016, Commerce provided information on its implementation of the recommendation from GAO-16-699. Commerce stated that it had developed an action plan consisting of the following steps: (1)consulting with relevant offices and agencies, including: OSTP, DOD, the U.S. Geological Survey, DOE, the U.S. International Trade Commission, the Bureau of Industry and Security, the National Institute of Standards and Technology, and the National Oceanic and Atmospheric Administration; (2) determining criteria to be used when it is necessary to collect information to identify and assess critical materials needs; (3) determining appropriate steps, which might include: (a) developing a summary of information that federal agencies currently collect on the domestic and international supply of critical raw materials; (b)soliciting input from a broad range of industries through a Federal Register notice; (c)assessing aggregate information, as allowable under law, that is submitted through the Miscellaneous Tariff Bill process over the course of Q1-2 of fiscal year 2017; and (d)consulting with federal advisory groups for advice; (4) determining the audience for collected information and methodology for information dissemination; (5) determining the process for identifying further information collection needs and methodology for disseminating collected information; and (6) determining the timeline and responsibilities for information collection and distribution. In an April 2017 update, Commerce stated that it had identified points of contacts in 7 of the 8 agencies listed in its action plan and is in the process of contacting them for input. Commerce stated that it hoped to identify an appropriate contact in the 8th agency in the near future. Commerce stated that it had also drafted questions to ask the agencies in order to implement the action plan. Commerce did not provide a timeframe for when it expected to complete implementation of the action plan.
    Recommendation: To enhance the ability of the Executive Office of the President to coordinate federal agencies to carry out the national materials policy outlined in the 1980 Act, and to strengthen the federal approach to addressing critical materials supply issues through enhanced interagency collaboration, the Director of the Office of Science and Technology Policy, working with the National Science and Technology Council's Subcommittee on Critical and Strategic Mineral Supply Chains and agency leadership, as appropriate, should agree on and clearly define the roles and responsibilities of member agencies and take steps to actively engage all relevant federal agencies in the Subcommittee's efforts.

    Agency: Executive Office of the President: Office of Science and Technology Policy
    Status: Open

    Comments: In February 2017, OSTP provided information on its efforts to implement recommendations from GAO-16-699. OSTP stated that an increasing number of agencies participate in Subcommittee discussions and activities, with the last several meetings having had strong engagement from agencies that had not previously been involved, including the Department of Homeland Security and the U.S. Department of Agriculture's Forest Service. OSTP indicated that when the Subcommittee's charter is considered for renewal in spring 2017, it will reach out to all federal agencies with relevant responsibilities to discuss their roles in the Subcommittee's efforts and encourage them to name a lead representative and regularly participate. However, OSTP did not provide information about any plans to more clearly define the roles and responsibilities of the Subcommittee's member agencies. OSTP stated that it prefers flexibility, as this facilitates cooperation on topics of mutual interest and better accommodates changing circumstances and areas of focus.
    Recommendation: To enhance the ability of the Executive Office of the President to coordinate federal agencies to carry out the national materials policy outlined in the 1980 Act, and to strengthen the federal approach to addressing critical materials supply issues through enhanced interagency collaboration, the Director of the Office of Science and Technology Policy, working with the National Science and Technology Council's Subcommittee on Critical and Strategic Mineral Supply Chains and agency leadership, as appropriate, should develop joint strategies that articulate common outcomes and identify contributing agencies' efforts.

    Agency: Executive Office of the President: Office of Science and Technology Policy
    Status: Open

    Comments: In February 2017, OSTP provided information on its efforts to implement recommendations from GAO-16-699. However, the information OSTP provided did not include any details related to developing joint strategies that articulate common outcomes and identifying contributing agencies' efforts.
    Recommendation: To enhance the ability of the Executive Office of the President to coordinate federal agencies to carry out the national materials policy outlined in the 1980 Act, and to strengthen the federal approach to addressing critical materials supply issues through enhanced interagency collaboration, the Director of the Office of Science and Technology Policy, working with the National Science and Technology Council's Subcommittee on Critical and Strategic Mineral Supply Chains and agency leadership, as appropriate, should develop a mechanism to monitor, evaluate, and periodically report on the progress of member agencies' efforts.

    Agency: Executive Office of the President: Office of Science and Technology Policy
    Status: Open

    Comments: In February 2017, OSTP provided information on its efforts to implement recommendations from GAO-16-699. However, the information OSTP provided did not include any details related to developing a mechanism to monitor, evaluate, and periodically report on the progress of member agencies' efforts.
    Recommendation: To enhance the ability of the Executive Office of the President to coordinate federal agencies to carry out the national materials policy outlined in the 1980 Act, and to broaden future applications of the early warning screening methodology, the Subcommittee should take the steps necessary to include potentially critical materials beyond minerals, such as developing a plan or strategy for prioritizing additional materials for which actions are needed to address data limitations.

    Agency: Executive Office of the President: Office of Science and Technology Policy
    Status: Open

    Comments: In February 2017, OSTP provided information on its efforts to implement recommendations from GAO-16-699. OSTP stated that current efforts to update the early warning screening methodology have refined, and in some cases augmented, the materials being screened based on available, regularly collected data. The Subcommittee will continue to consider incorporation of additional materials. OSTP further stated that, with respect to data availability limitations, the report's suggestion that the Subcommittee "better work with member agencies to address existing data limitations" is sometimes not actionable because private entities and foreign governments may be unwilling or unable to provide (or even collect) such data. OSTP stated that the Subcommittee will, however, continue to explore approaches to improve data availability and granularity, such as through proposals for revisions to the Harmonized Tariff Schedule or to the North American Industry Classification System or other such systems.
    Recommendation: To enhance the ability of the Executive Office of the President to coordinate federal agencies to carry out the national materials policy outlined in the 1980 Act, and to enhance the federal government's ability to facilitate domestic production of critical materials, the Subcommittee should examine approaches other countries or regions are taking to see if there are any lessons learned that can be applied to the United States.

    Agency: Executive Office of the President: Office of Science and Technology Policy
    Status: Open

    Comments: In February 2017, OSTP provided information on its efforts to implement recommendations from GAO-16-699. OSTP stated that it concurs with the recommendation that the Subcommittee should examine approaches other countries or regions are taking to see if there are any lessons learned that can be applied to the United States. OSTP stated that the Subcommittee is sharing and discussing information on production in other regions, including a U.S.-led project (and other projects with U.S. involvement or support) under the Mining Task Force of the Asia-Pacific Economic Cooperation. OSTP stated that in the future, the Subcommittee expects to review experiences in other countries/regions to glean lessons learned. OSTP did not provide a time frame in reach it would review experiences in other countries/regions.
    Director: Chris Currie
    Phone: (404) 679-1875

    3 open recommendations
    including 1 priority recommendation
    Recommendation: To strengthen efforts to mitigate earthquake risks to federal buildings, the Secretary of Defense and the Administrator of GSA should (1) Define what constitutes an exceptionally high risk building, identify such buildings, and develop plans to mitigate those risks, including prioritizing associated funding requests as needed; and (2) To the extent practicable, prioritize and implement comprehensive seismic safety measures which could include earthquake drills, seismic safety inspections, and non-structural retrofits to decrease risks and reduce damage in federally-owned and -leased buildings in earthquake hazard areas.

    Agency: Department of Defense
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To strengthen efforts to mitigate earthquake risks to federal buildings, the Secretary of Defense and the Administrator of GSA should (1) Define what constitutes an exceptionally high risk building, identify such buildings, and develop plans to mitigate those risks, including prioritizing associated funding requests as needed; and (2) To the extent practicable, prioritize and implement comprehensive seismic safety measures which could include earthquake drills, seismic safety inspections, and non-structural retrofits to decrease risks and reduce damage in federally-owned and -leased buildings in earthquake hazard areas.

    Agency: General Services Administration
    Status: Open
    Priority recommendation

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: Following the expansion of the ShakeAlert governance structure to include key stakeholders, the Secretary of the Department of the Interior should direct the U.S. Geological Survey, working through the ShakeAlert governance structure, to establish a program management plan that addresses, among other things, the known implementation challenges.

    Agency: Department of the Interior
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Director: J. Christopher Mihm
    Phone: (202) 512-6806

    3 open recommendations
    Recommendation: The Director of the Office of Management and Budget, in consultation with the Performance Improvement Council and General Services Administration, should ensure the information presented on Performance.gov consistently complies with GPRAMA public reporting requirements for the website's content.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: In July 2017, OMB staff stated that they will be partnering with a vendor to redesign Performance.gov, and plan to launch the new site in February 2018 with the fiscal year 2019 budget. Staff confirmed they will ensure that the redesigned Performance.gov site will include content that meets public reporting requirements. They stated they anticipate releasing updated agency reporting guidance in the fall of 2017 to help ensure agencies are prepared to report required data.
    Recommendation: The Director of the Office of Management and Budget, in consultation with the Performance Improvement Council and General Services Administration, should analyze and, where appropriate, implement usability test results to improve Performance.gov.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: In July 2017, OMB staff stated that they will be partnering with a vendor to redesign Performance.gov, and plan to launch the new site in February 2018 with the fiscal year 2019 budget. Staff confirmed they will ensure that the redesigned Performance.gov site will include content that meets public reporting requirements. They stated they anticipate releasing updated agency reporting guidance in the fall of 2017 to help ensure agencies are prepared to report required data. In addition, OMB and PIC staff noted that the new vendor for Performance.gov (who had not been selected at that time) will help develop a strategic plan for the site that incorporates results from usability studies, and a stakeholder outreach plan that encompasses diverse groups including Congress, federal agency managers and staff, and other interested groups.
    Recommendation: The Director of the Office of Management and Budget, in consultation with the Performance Improvement Council and General Services Administration, should develop a strategic plan for the future of Performance.gov. Among other things, this plan should include: (A) the goals, objectives, and resources needed to consistently meet Digitalgov.gov and GPRAMA requirements; (B) a customer outreach plan that considers how (1) OMB informs users of changes in Performance.gov, (2) OMB uses social media as a method of communication, and (3) users access Performance.gov so that OMB could, as appropriate, deploy mobile applications to communicate effectively; and (C) a strategy to manage and archive the content and data on Performance.gov in accordance with National Archives and Records Administration guidance.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: In July 2017, OMB staff stated that they will be partnering with a vendor to redesign Performance.gov, and plan to launch the new site in February 2018 with the fiscal year 2019 budget. Staff confirmed they will ensure that the redesigned Performance.gov site will include content that meets public reporting requirements. They stated they anticipate releasing updated agency reporting guidance in the fall of 2017 to help ensure agencies are prepared to report required data. In addition, OMB and PIC staff noted that the new vendor for Performance.gov (who had not been selected at that time) will help develop a strategic plan for the site that incorporates results from usability studies, and a stakeholder outreach plan that encompasses diverse groups including Congress, federal agency managers and staff, and other interested groups.
    Director: Gregory C. Wilshusen
    Phone: (202) 512-6244

    22 open recommendations
    Recommendation: To assist CISOs in carrying out their responsibilities, the Director of OMB should issue guidance for agencies' implementation of the FISMA 2014 requirements to ensure that (1) senior agency officials carry out information security responsibilities and (2) agency personnel are held accountable for complying with the agency-wide information security program. This guidance should clarify the role of the agency CISO with respect to these requirements, as well as implementing the other elements of an agency-wide information security program, taking into account the challenges identified in this report.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: The Office of Management and Budget (OMB) partially concurred with this recommendation, but does not intend to directly issue guidance as recommended. Instead, we are reviewing the relevant OMB memoranda that officials believe address the intent of the recommendation.
    Recommendation: To ensure that the role of the CISO is defined in department policy in accordance with the FISMA 2014, the Secretary of Commerce should define the CISO's role in department policy for ensuring that plans and procedures are in place to ensure recovery and continued operations of the department's information systems in the event of a disruption.

    Agency: Department of Commerce
    Status: Open

    Comments: The Department of Commerce concurred with the recommendation, stating that the department's policy documents are expected to be updated by the end of the 4th Quarter in 2017. However, the Department has not yet provided sufficient evidence that it has implemented the recommendation.
    Recommendation: To ensure that the role of the senior information security officer (SISO) is defined in department policy in accordance with FISMA 2014, the Secretary of Defense should define the SISO's role in department policy for ensuring that information security policies and procedures are developed and maintained.

    Agency: Department of Defense
    Status: Open

    Comments: The Department of Defense (DOD) did not concur with our recommendation, nor has it provided evidence that it has implemented the recommendations.
    Recommendation: To ensure that the role of the SISO is defined in department policy in accordance with FISMA 2014, the Secretary of Defense should define the SISO's role in department policy for ensuring that the department has procedures for incident detection, response, and reporting.

    Agency: Department of Defense
    Status: Open

    Comments: The Department of Defense (DOD) partially concurred with our recommendation, but has not yet provided sufficient evidence that it has implemented the recommendation.
    Recommendation: To ensure that the role of the SISO is defined in department policy in accordance with FISMA 2014, the Secretary of Defense should define the SISO's role in department policy for oversight of security for information systems that are operated by contractors on the department's behalf.

    Agency: Department of Defense
    Status: Open

    Comments: The Department of Defense (DOD) partially concurred with our recommendation, but has not yet provided sufficient evidence that it has implemented the recommendation.
    Recommendation: To ensure that the role of the CISO is defined in department policy in accordance with FISMA 2014, the Secretary of Energy should define the CISO's role in department policy for ensuring that subordinate security plans are documented for the department's information systems.

    Agency: Department of Energy
    Status: Open

    Comments: The Department of Energy concurred with the recommendation, and estimates completion by March 1, 2018. The Department decided in April 2017 to make significant updates to its Cyber Security Program, and estimates it will take up to nine months to gain departmental concurrence, complete revisions, and close this recommendation. However, the Department has not yet provided sufficient evidence that it has implemented the recommendation.
    Recommendation: To ensure that the role of the CISO is defined in department policy in accordance with FISMA 2014, the Secretary of Energy should define the CISO's role in department policy for ensuring that all users receive information security awareness training.

    Agency: Department of Energy
    Status: Open

    Comments: The Department of Energy concurred with the recommendation, and estimates completion by March 1, 2018. The Department decided in April 2017 to make significant updates to its Cyber Security Program, and estimates it will take up to nine months to gain departmental concurrence, complete revisions, and close this recommendation. However, the Department has not yet provided sufficient evidence that it has implemented the recommendation.
    Recommendation: To ensure that the role of the CISO is defined in department policy in accordance with FISMA 2014, the Secretary of Energy should define the CISO's role in department policy for ensuring that the department has a process for planning implementing, evaluating, and documenting remedial actions.

    Agency: Department of Energy
    Status: Open

    Comments: The Department of Energy concurred with the recommendation, and estimates completion by March 1, 2018. The Department decided in April 2017 to make significant updates to its Cyber Security Program, and estimates it will take up to nine months to gain departmental concurrence, complete revisions, and close this recommendation. However, the Department has not yet provided sufficient evidence that it has implemented the recommendation.
    Recommendation: To ensure that the role of the CISO is defined in department policy in accordance with FISMA 2014, the Secretary of Energy should define the CISO's role in department policy for ensuring that plans and procedures are in place to ensure recovery and continued operations of the department's information systems in the event of a disruption.

    Agency: Department of Energy
    Status: Open

    Comments: The Department of Energy concurred with the recommendation, and estimates completion by March 1, 2018. The Department decided in April 2017 to make significant updates to its Cyber Security Program, and estimates it will take up to nine months to gain departmental concurrence, complete revisions, and close this recommendation. However, the Department has not yet provided sufficient evidence that it has implemented the recommendation.
    Recommendation: To ensure that the role of the CISO is defined in department policy in accordance with FISMA 2014, the Secretary of Energy should define the CISO's role in department policy for oversight of security for information systems that are operated by contractors on the department's behalf.

    Agency: Department of Energy
    Status: Open

    Comments: The Department of Energy concurred with the recommendation, and estimates completion by March 1, 2018. The Department decided in April 2017 to make significant updates to its Cyber Security Program, and estimates it will take up to nine months to gain departmental concurrence, complete revisions, and close this recommendation. However, the Department has not yet provided sufficient evidence that it has implemented the recommendation.
    Recommendation: To ensure that the role of the CISO is defined in department policy in accordance with FISMA 2014, the Secretary of Energy should define the CISO's role in department policy in the periodic authorization of the department's information systems.

    Agency: Department of Energy
    Status: Open

    Comments: The Department of Energy concurred with the recommendation, and estimates completion by March 1, 2018. The Department decided in April 2017 to make significant updates to its Cyber Security Program, and estimates it will take up to nine months to gain Departmental concurrence, complete revisions, and close this recommendation. However, the Department has not yet provided sufficient evidence that it has implemented the recommendation.
    Recommendation: To ensure that the role of the CISO is defined in department policy in accordance with FISMA 2014, the Secretary of Health and Human Services should define the CISO's role in department policy for ensuring that plans and procedures are in place to ensure recovery and continued operations of the department's information systems in the event of a disruption.

    Agency: Department of Health and Human Services
    Status: Open

    Comments: The Department of Health and Human Services concurs with our recommendation but has not yet provided sufficient evidence that it has implemented the recommendation.
    Recommendation: To ensure that the role of the CISO is defined in department policy in accordance with FISMA 2014, the Attorney General should define the CISO's role in department policy for ensuring that information security policies and procedures are developed and maintained.

    Agency: Department of Justice
    Status: Open

    Comments: The Department of Justice concurs with our recommendation but has not yet provided sufficient evidence that it has implemented the recommendation.
    Recommendation: To ensure that the role of the CISO is defined in department policy in accordance with FISMA 2014, the Attorney General should define the CISO's role in department policy for ensuring that plans and procedures are in place to ensure recovery and continued operations of the department's information systems in the event of a disruption.

    Agency: Department of Justice
    Status: Open

    Comments: The Department of Justice concurs with our recommendation but has not yet provided sufficient evidence that it has implemented the recommendation.
    Recommendation: To ensure that the role of the CISO is defined in department policy in accordance with FISMA 2014, the Secretary of State should define the CISO's role in department policy for ensuring that the department has procedures for incident detection, response, and reporting.

    Agency: Department of State
    Status: Open

    Comments: The Department of State (State) concurred with this recommendation. We are currently reviewing the evidence provided by State to determine whether the role of the CISO has been defined in its policy to for ensuring that State has procedures for incident detection, response, and reporting.
    Recommendation: To ensure that the role of the CISO is defined in department policy in accordance with FISMA 2014, the Secretary of Transportation should define the CISO's role in department policy for ensuring that subordinate security plans are documented for the department's information systems.

    Agency: Department of Transportation
    Status: Open

    Comments: The Department of Transportation concurred with the recommendation and is currently updating its Cybersecurity Policy. The Department plans to be complete by June 29, 2018. However, the department has not yet provided sufficient evidence that it has implemented the recommendation.
    Recommendation: To ensure that the role of the CISO is defined in department policy in accordance with FISMA 2014, the Secretary of Transportation should define the CISO's role in department policy for ensuring that security controls are tested periodically.

    Agency: Department of Transportation
    Status: Open

    Comments: The Department of Transportation concurred with the recommendation and is currently updating its Cybersecurity Policy. The Department plans to be complete by June 29, 2018. However, the department has not yet provided sufficient evidence that it has implemented the recommendation.
    Recommendation: To ensure that the role of the senior agency information security officer (SAISO) is defined in agency policy in accordance with FISMA 2014, the Administrator of the Environment Protection Agency should define the SAISO's role in agency policy for ensuring that subordinate security plans are documented for the department's information systems.

    Agency: Environmental Protection Agency
    Status: Open

    Comments: The Environmental Protection Agency (EPA) concurred with our recommendation. We are currently reviewing the evidence provided by EPA to determine whether the role of the SAISO has been defined in its policy to for ensuring that subordinate security plans are documented for the agency's information systems.
    Recommendation: To ensure that the role of the SAISO is defined in agency policy in accordance with FISMA 2014, the Administrator of the Environment Protection Agency should define the SAISO's role in agency policy for ensuring that plans and procedures are in place to ensure recovery and continued operations of the department's information systems in the event of a disruption.

    Agency: Environmental Protection Agency
    Status: Open

    Comments: The Environmental Protection Agency (EPA) concurred with our recommendation. We are currently reviewing the evidence provided by EPA to determine whether the role of the SAISO has been defined in its policy to ensure recovery and continued operations of the agency's information systems in the event of a disruption.
    Recommendation: To ensure that the role of the SAISO is defined in agency policy in accordance with FISMA 2014, the Administrator of the Environment Protection Agency should define the SAISO's role in agency policy in the periodic authorization of the department's information systems.

    Agency: Environmental Protection Agency
    Status: Open

    Comments: The Environmental Protection Agency (EPA) concurred with our recommendation. We are currently reviewing the evidence provided by EPA to determine whether the role of the SAISO has been defined in agency policy for the periodic authorization of the department's information systems.
    Recommendation: To ensure that the role of the SAISO is defined in agency policy in accordance with FISMA 2014, the Administrator of the National Aeronautics and Space Administration should define the SAISO's role in agency policy for oversight of security for information systems that are operated by contractors on the agency's behalf.

    Agency: National Aeronautics and Space Administration
    Status: Open

    Comments: The National Aeronautics and Space Administration (NASA) concurred with our recommendation. We are currently reviewing the evidence provided by NASA to determine whether the role of the SAISO has been defined in agency policy for oversight of security for information systems that are operated by contractors on NASA's behalf.
    Recommendation: To ensure that the role of the CISO is defined in agency policy in accordance with FISMA 2014, the Administrator of the Small Business Administration should define the CISO's role in agency policy for ensuring that personnel with significant security responsibilities receive appropriate training.

    Agency: Small Business Administration
    Status: Open

    Comments: The Small Business administration (SBA) concurs with our recommendation but has not yet provided sufficient evidence that it has implemented the recommendation.
    Director: David B. Gootnick
    Phone: (202) 512-3149

    2 open recommendations
    Recommendation: To improve the quality of the data published on ForeignAssistance.gov and help ensure consistency in published information, the Secretary of State should, in consultation with the Director of OMB and the USAID Administrator, undertake a review of the efforts to date on ensuring data quality

    Agency: Department of State
    Status: Open

    Comments: State concurred with this recommendation and noted that it will continue to work with USAID in consultation with OMB to assess whether additional existing resources are required to meet the goals of ForeignAssistance.gov. As of June 2017, State has taken some steps to coordinate with OMB and USAID to improve the quality of data reported for ForeignAssistance.gov. For example, in January 2017, State co-hosted an interagency meeting with OMB and USAID to discuss data quality and reporting requirements. As of June 2017, GAO was following up with State to obtain additional information on how the established review process would or has helped improve the quality of the data reported on Foreignassistance.gov.
    Recommendation: To improve the quality of the data published on ForeignAssistance.gov and help ensure consistency in published information, the Secretary of State should, in consultation with the Director of OMB and the USAID Administrator, develop additional guidance that takes into consideration current challenges to updating ForeignAssistance.gov with verified data.

    Agency: Department of State
    Status: Open

    Comments: As of June 2017, State has taken some steps to coordinate with OMB and USAID to improve the quality of data reported for ForeignAssistance.gov. For example, in January 2017, State co-hosted an interagency meeting with OMB and USAID to discuss data quality and reporting requirements. As of June 2017, GAO was following up with State to determine if additional guidance has been developed that takes into consideration current challenges to updating ForeignAssistance.gov with verified data
    Director: David A. Powner
    Phone: (202) 512-9286

    5 open recommendations
    Recommendation: To effectively measure 18F's performance, the Administrator of GSA should direct the Commissioner for the Technology Transformation Service to ensure that goals and associated performance measures are outcome-oriented and that performance measures have targets, including (1) performance measures and targets tied to fully recovering program costs; and (2) goals, performance measures, and targets for how the program will achieve its mission after September 2016.

    Agency: General Services Administration
    Status: Open

    Comments: The General Services Administration (GSA) agreed with, and has begun to take steps to implement, this recommendation. Specifically, GSA developed a quarterly performance report for fiscal year 2017 that includes an outcome-oriented goal for 18F as well as associated performance measures and targets. According to a Technology Transformation Service official, GSA plans to expand its quarterly performance report for fiscal year 2018 to reflect additional 18F goals and performance measures, including measures tied to fully recovering program costs. We will continue to evaluate GSA's progress in implementing this recommendation.
    Recommendation: To effectively measure 18F's performance, the Administrator of GSA should direct the Commissioner for the Technology Transformation Service to assess actual results for each performance measure.

    Agency: General Services Administration
    Status: Open

    Comments: The General Services Administration (GSA) agreed with, and has begun to take steps to implement, this recommendation. Specifically, GSA developed a quarterly performance report for fiscal year 2017 that includes an outcome-oriented goal for 18F as well as associated performance measures with targets. Additionally, GSA has assessed actual results of the performance measures for the first two quarters of fiscal year 2017. According to a Technology Transformation Service official, GSA plans to expand its quarterly performance report for fiscal year 2018 to include additional 18F goals and performance measures. We will continue to evaluate GSA's progress in implementing this recommendation.
    Recommendation: To effectively measure performance, prioritize USDS's resources, and ensure that CIOs play an integral role in agency digital service teams, the Director of the Office of Management and Budget should direct the Federal Chief Information Officer to ensure that all goals and associated performance measures are outcome-oriented and that performance measures have targets.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: The Office of Management and Budget (OMB) generally agreed with, and has begun to take steps to implement, this recommendation. Specifically, in its December 2016 report to Congress, OMB developed three goals for U.S. Digital Service (USDS): (1) rethink how the federal government builds and buys digital services; (2) expand the use of common, platforms, services, and tools; and (3) bring top technical talent into public service. In addition, OMB established performance measures with targets for its third goal and for each of the program's major projects. However, OMB has not established performance measures for the first two USDS goals. Further, the program's third goal is not outcome-oriented. We will continue to evaluate OMB's progress in implementing this recommendation.
    Recommendation: To effectively measure performance, prioritize USDS's resources, and ensure that CIOs play an integral role in agency digital service teams, the Director of the Office of Management and Budget should direct the Federal Chief Information Officer to assess actual results for each performance measure.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: The Office of Management and Budget (OMB) generally agreed with, and has begun to take steps to implement, this recommendation. Specifically, in its December 2016 report to Congress, OMB assessed the results of performance measures for one of the U.S. Digital Service (USDS) program's goals--bring top technical talent into public service--and for each of the program's major projects. However, OMB has not established performance measures for the other two USDS goals--rethink how the federal government builds and buys digital services; and expand the use of common, platforms, services, and tools. We will continue to evaluate OMB's progress in implementing this recommendation.
    Recommendation: To effectively measure performance, prioritize USDS's resources, and ensure that CIOs play an integral role in agency digital service teams, the Director of the Office of Management and Budget should direct the Federal Chief Information Officer to update USDS policy to clearly define the responsibilities and authorities governing the relationships between CIOs and the digital service teams and require existing agency digital service teams to address this policy. In doing so, the Federal Chief Information Officer should ensure that this policy is aligned with relevant federal law and OMB guidance on CIO responsibilities and authorities.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: The Office of Management and Budget (OMB) generally agreed with, and has begun to take steps to implement, this recommendation. In particular, OMB updated its digital service team policy to require that teams appropriately inform their chief information officers (CIO) regarding U.S. Digital Service (USDS) projects. However, the policy does not describe the responsibilities or authorities governing the relationships between CIOs and digital service teams. We will continue to evaluate OMB's progress in implementing this recommendation.
    Director: Robert Goldenkoff
    Phone: (202) 512-2757

    2 open recommendations
    including 2 priority recommendations
    Recommendation: To help strengthen the government's ability to compete in the labor market for top talent, and to improve the federal hiring process, for hiring authorities for which OPM oversees, the Director of OPM, in conjunction with the Chief Human Capital Officer (CHCO) Council, should conduct a study or assessment of specific hiring authorities and/or processes to gain insight into why these agencies relied on the authorities, the relationship between the agencies' choices and the agency mission and broader public policy goals, consistent with merit systems principles, and determine whether modernization is necessary. For agency-specific hiring authorities and/or processes, OPM should collaborate with the CHCO Council to obtain similar insights agencies may have regarding their authorities and/or processes and to determine whether there are lessons learned which may be relevant to government-wide modernization efforts.

    Agency: Office of Personnel Management
    Status: Open
    Priority recommendation

    Comments: As of August 2017, OPM has undertaken or completed some reviews of agency use of hiring authorities. In August 2016, OPM published the findings of a recent study on the use and effectiveness of the Pathways Programs' hiring authorities. In October 2016, OPM issued a report on hiring authorities used by the National Park Service to help meet its seasonal workforce needs. In August 2017, OPM said it had started a study of agencies' use of excepted service hiring authorities and it plans to issue a report in fiscal year 2018. We will continue to monitor OPM's efforts to assess the use and effectiveness of hiring authorities and any determination of the need for modernization.
    Recommendation: To help strengthen the government's ability to compete in the labor market for top talent, and to improve the federal hiring process, the Director of OPM, in conjunction with the CHCO Council, should use this information to determine whether opportunities exist to refine, consolidate, eliminate, or expand agency-specific authorities to other agencies and implement changes where OPM is authorized, including seeking presidential authorization (as necessary) in order to do so. In cases where legislation would be necessary to implement changes, OPM should work with the CHCO Council to develop legislative proposals.

    Agency: Office of Personnel Management
    Status: Open
    Priority recommendation

    Comments: As of August 2017, OPM said it plans to explore opportunities for improving the hiring system by analyzing and reviewing existing hiring authorities with an eye towards modernization. For example, OPM said it plans to use information from its current study of excepted service hiring authorities to consider changes or refinements to these authorities once that study has been completed in fiscal year 2018. OPM also said its future plans to improve the hiring system will be informed by its current strategic planning efforts.
    Director: Paula M. Rascona
    Phone: (202) 512-9816

    3 open recommendations
    including 3 priority recommendations
    Recommendation: To help ensure effective government-wide implementation and that complete and consistent spending data will be reported as required by the DATA Act, the Director of OMB, in collaboration with the Secretary of the Treasury, should establish or leverage existing processes and controls to determine the complete population of agencies that are required to report spending data under the DATA Act and make the results of those determinations publicly available.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open
    Priority recommendation

    Comments: OMB stated that each agency is responsible for determining whether it is subject to the DATA Act. To help agencies make that determination, OMB published guidance in the form of frequently asked questions and stated that the agencies may consult with OMB for additional counsel. In response to our recommendation, OMB staff told us they have reached out to federal agencies to identify which agencies have determined that they are exempt from reporting under the DATA Act and prepared a list of such agencies. However, OMB has not provided us the list or the procedures for reviewing agency determinations and compiling the results. In addition, OMB has not established procedures for ensuring non-exempt agencies are reporting spending data as required. Finally, OMB has not stated whether it will make the results of the determinations publicly available. Further, additional clarification would improve the usefulness of the frequently asked questions. For example, they state "Any Federal agency submitting data that OMB posts on its SF 133 Report on Budget Execution and Budgetary Resources is required to comply with DATA Act reporting." However, the SF 133 Report for the third quarter of 2016 includes entities such as the Postal Service which are not required by the DATA Act to report financial and payment information. In explaining the frequently asked questions to us, OMB officials clarified that they meant that an entity is required to report if its data appears on the SF 133 and it meets the applicable statutory definition of agency. The frequently asked questions document does not clearly communicate this two-prong approach. Additionally, OMB's verbal clarification when meeting with us does not account for those entities that meet the statutory definition of agency and are required by the DATA Act to report financial and payment information but do not appear on the SF 133. We will continue to assess OMB's efforts to address this recommendation.
    Recommendation: To help ensure effective government-wide implementation and that complete and consistent spending data will be reported as required by the DATA Act, the Director of OMB, in collaboration with the Secretary of the Treasury, should reassess, on a periodic basis, which agencies are required to report spending data under the DATA Act and make appropriate notifications to affected agencies.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open
    Priority recommendation

    Comments: OMB does not have plans to reassess, on a periodic basis, which agencies are required to report spending data under the DATA Act. We continue to believe action on this recommendation is important to effectively implement the DATA Act. We will continue to assess OMB's efforts to address this recommendation.
    Recommendation: To help ensure effective implementation of the DATA Act by the agencies and facilitate the further establishment of overall government-wide governance, the Director of OMB, in collaboration with the Secretary of the Treasury, should request that non-CFO Act agencies required to report federal spending data under the DATA Act submit updated implementation plans, including updated timelines and milestones, cost estimates, and risks, to address new technical requirements.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open
    Priority recommendation

    Comments: On June 15, 2016, OMB directed CFO Act agencies to update key components of their implementation plans by August 12, 2016. The requirement did not extend to non-CFO Act agencies. OMB stated that it is monitoring non-CFO Act agencies by providing feedback to non-CFO Act agencies through workshops instead of requesting updated implementation plan information. According to OMB officials, OMB has not followed-up with non-CFO Act agencies or requested updated implementation plan information because they are working with the CFO Act agencies which comprise approximately 90 percent of federal spending. In addition to these outreach efforts, OMB has worked with Treasury to engage with small and independent agencies through weekly phone calls and other forms of communication. However, the DATA Act applies to most federal agencies, and we believe that it is important to monitor smaller agencies' implementation plans as well as large agencies. We will continue to assess OMB's efforts to address this recommendation.
    Director: Fennell, Anne-marie Lasowski
    Phone: (202) 512-3841

    2 open recommendations
    Recommendation: To help ensure that the Corps and FEMA carry out the national leveesafety- related activities required in the Water Resources Reform and Development Act of 2014, the Secretary of Defense should direct the Secretary of the Army to direct the Chief of Engineers and Commanding General of the U.S. Army Corps of Engineers and that the Secretary of Homeland Security direct the FEMA Administrator to develop a plan, with milestones, for implementing these activities, using existing resources or requesting additional resources as needed. This plan could be posted on the Corps' website and monitored for progress.

    Agency: Department of Homeland Security
    Status: Open

    Comments: As of December 2016, GAO is awaiting action by the agency to implement this recommendation.
    Recommendation: To help ensure that the Corps and FEMA carry out the national leveesafety- related activities required in the Water Resources Reform and Development Act of 2014, the Secretary of Defense should direct the Secretary of the Army to direct the Chief of Engineers and Commanding General of the U.S. Army Corps of Engineers and that the Secretary of Homeland Security direct the FEMA Administrator to develop a plan, with milestones, for implementing these activities, using existing resources or requesting additional resources as needed. This plan could be posted on the Corps' website and monitored for progress.

    Agency: Department of Defense
    Status: Open

    Comments: As of December 2016, GAO is awaiting action by the agency to implement this recommendation.
    Director: James R. McTigue, Jr.
    Phone: (202) 512-9110

    2 open recommendations
    Recommendation: To enhance the budget process and to improve transparency, the Commissioner of Internal Revenue, to the extent feasible, should ensure that the CJ includes data by appropriation account on the amount of funding requested to maintain current services for each future state theme.

    Agency: Department of the Treasury: Internal Revenue Service
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: As Treasury works with IRS to improve the quality and accuracy of budget data, the Secretary of the Treasury should ensure sufficient controls are in place to make certain that the information technology investment reports generated from the SharePoint Investment Knowledge Exchange are accurate. This includes, for example, taking steps to reduce the need for manual corrections to the data.

    Agency: Department of the Treasury
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Director: Sager, Michelle A
    Phone: (202) 512-6806

    1 open recommendations
    Recommendation: The Administrator of General Services, in consultation with the STOC, should develop a travel data management approach, including common reporting formats that would provide GSA with more consistent travel cost data allowing GSA to compare travel costs across federal agencies. GSA could also include in this data management approach the planned implementation of the shared services model that would allow agencies to share a wide range of travel services with each other. This process could reduce both administrative costs and burden to the government and enable data-driven decision making.

    Agency: General Services Administration
    Status: Open

    Comments: According to GSA officials, GSA will take the following actions: (1) conduct a rest program to determine the opportunities and barriers for creating a reliable, standardized data repository containing government-wide travel spending data (pending OMB Director approval); (2) develop and test, in coordination with volunteer agencies and the GSA City Pairs Program personnel, an airfare savings dashboard to assimilates data from multiple sources and provides information on savings and opportunities for additional airfare savings by agencies; (3) publish an FTR Bulletin that identifies 5 core travel Key Performance Indicators that all agencies should use to improve travel management via standardized data; and (4) Identify and promote consistent adaptation of standardized default configurations of air and lodging choices within all E-Gove Travel Service 2 systems. As of August 2017, according to agency officials, they expect to implement this recommendation by the end of September 2017.
    Director: Gretta L. Goodwin
    Phone: (202) 512-8777

    4 open recommendations
    Recommendation: To enhance the clarity and transparency of sexual violence data that is reported to the public, the Secretary of Education should direct the Assistant Secretary for the Office of Postsecondary Education, the Secretary of Health and Human Services should direct the Director of Centers for Disease Control and Prevention, and the Attorney General should direct the Director of the Bureau of Justice Statistics to make information on the acts of sexual violence and contextual factors that are included in their measurements of sexual violence publicly available. This effort could entail revising their definitions of key terms used to describe sexual violence so that the definitions match the measurements of sexual violence.

    Agency: Department of Education
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To enhance the clarity and transparency of sexual violence data that is reported to the public, the Secretary of Education should direct the Assistant Secretary for the Office of Postsecondary Education, the Secretary of Health and Human Services should direct the Director of Centers for Disease Control and Prevention, and the Attorney General should direct the Director of the Bureau of Justice Statistics to make information on the acts of sexual violence and contextual factors that are included in their measurements of sexual violence publicly available. This effort could entail revising their definitions of key terms used to describe sexual violence so that the definitions match the measurements of sexual violence.

    Agency: Department of Health and Human Services
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To enhance the clarity and transparency of sexual violence data that is reported to the public, the Secretary of Education should direct the Assistant Secretary for the Office of Postsecondary Education, the Secretary of Health and Human Services should direct the Director of Centers for Disease Control and Prevention, and the Attorney General should direct the Director of the Bureau of Justice Statistics to make information on the acts of sexual violence and contextual factors that are included in their measurements of sexual violence publicly available. This effort could entail revising their definitions of key terms used to describe sexual violence so that the definitions match the measurements of sexual violence.

    Agency: Department of Justice
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To help lessen confusion among the public and policy makers regarding federal data on sexual violence, the Director of OMB should establish a federal interagency forum on sexual violence statistics. The forum should consider the broad range of differences across the data collection efforts to assess which differences enhance or hinder the overall understanding of sexual violence in the United States.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Director: Yvonne D. Jones
    Phone: (202) 512-6806

    2 open recommendations
    Recommendation: To help ensure HHS has reliable data on SGEs not serving on federal boards, the Secretary of HHS should take steps to improve the reliability of data on SGEs not serving on boards. For example, the agency could reconcile human capital data with general counsel and ethics office data, or issue clarifying guidance to human capital staff on appropriately identifying SGEs in human capital databases.

    Agency: Department of Health and Human Services
    Status: Open

    Comments: In October 2016, HHS submitted its action plan to address GAO's recommendations. HHS stated the agency is currently reviewing its internal policies and procedures related to the hiring of special government employees not serving on boards to identify policy options that might improve data reliability.
    Recommendation: To help ensure that agencies report consistent and reliable data, the Director of OGE should determine (e.g., through a survey of Designated Agency Ethics Officials and/or by analyzing agency data) whether other executive branch agencies are experiencing data challenges similar to HHS, State, and NRC. If they are, the Director should take steps to help the agencies strengthen their data.

    Agency: Office of Government Ethics
    Status: Open

    Comments: In October 2016, OGE submitted its action plan to address GAO's recommendations. OGE reported having a number of actions underway. OGE stated the agency is surveying agency ethics officials to determine whether executive branch agencies are experiencing data challenges related to special government employees not serving on boards. According to OGE, the agency plans to evaluate what steps may help agencies strengthen their data if the survey results show agencies are experiencing data challenges. OGE reported that, in consultation with OPM, the agency proposed new regulations that would improve coordination between agency human resource officials and agency ethics officials by requiring agency human resource officials to provide ethics officials with prompt notification of the appointment of all financial disclosure report filers, including special government employees. OGE also reported expanding the agency's ongoing review of the Department of Health and Human Services (HHS) in light of GAO's recommendation for HHS to take steps to improve the reliability of data on SGEs not serving on boards. OGE plans to evaluate the mechanisms HHS has in place for tracking special government employees not serving on boards and may offer recommendations for improving them.
    Director: Yvonne D. Jones
    Phone: (202) 512-6806

    1 open recommendations
    Recommendation: To help agencies determine the value of their telework programs, the Director of OPM, working with the Chief Human Capital Officers Council, should provide clarifying guidance on options for developing supporting data for benefits and costs associated with agency telework programs. For example, the guidance could identify potential data sources, such as the data generated in response to requirements under the Office of Management and Budget (OMB) Reduce the Footprint Memorandum 2015-01 and Executive Order 13693.

    Agency: Office of Personnel Management
    Status: Open

    Comments: OPM concurred with the recommendation and its work-life policy office will work with the Chief Human Capital Officers (CHCO) Council to further agency efforts to determine the value of their telework programs. OPM stated that they will develop clarifying guidance for agencies with CHCO input and host a CHCO Academy session focused on evaluating the costs and benefits of telework programs. This guidance will review basic principles of cost-benefit analysis, highlight common costs and benefits, and identify potential data sources in areas such as real estate costs, energy use, commuting costs, and employee productivity.
    Director: J. Alfredo Gómez
    Phone: (202) 512-3841

    6 open recommendations
    Recommendation: The EPA Administrator should direct the Office of Grants and Debarment (OGD) and program and regional offices, as appropriate, as part of EPA's ongoing streamlining initiatives and the development of a grantee portal, to incorporate expanded search capability features, such as keyword searches, into its proposed web-based portal for collecting and accessing performance reports to improve their accessibility.

    Agency: Environmental Protection Agency
    Status: Open

    Comments: In its 60 day response, EPA reiterated its agreement with this recommendation. EPA also stated that its vision for grants management includes having grant recipients submit performance reports and other information to the agency through a web-based portal. The portal would incorporate capabilities such as key word searches to allow for easier access to performance report information. However, the portal is a long-term initiative, subject to the agency's budget process, and dependent on the completion of the Next Generation Grants System, which the EPA expects to fully deploy in Fiscal Year 2018.
    Recommendation: The EPA Administrator should direct OGD and program and regional offices, as appropriate, as part of EPA's ongoing streamlining initiatives and the development of a grantee portal, to identify grant programs where existing program-specific data reporting can meet EPA's performance reporting requirements for grants management purposes to reduce duplicative reporting by grantees.

    Agency: Environmental Protection Agency
    Status: Open

    Comments: In its 60 day response, EPA reiterated its general agreement with this recommendation and stated it will work with recipient partners to identify where duplicative reporting can be reduced. However, EPA also noted that program-specific data cannot be relied upon to meet all grants management requirements, and performance reports often contain other information that allows Project Officers to monitor a recipient's progress. Further, EPA will need to consider the feasibility of expanding Project Officer access to certain program databases to enhance grant performance monitoring. EPA anticipates completing the process for identifying where duplicative reporting can be reduced by the end of FY 2017.
    Recommendation: The EPA Administrator should direct OGD and program and regional offices, as appropriate, as part of EPA's ongoing streamlining initiatives and the development of a grantee portal, once EPA's new performance system is in place, to ensure that the Office of Water adopts software tools, as appropriate, to electronically transfer relevant data on program results from program-specific databases to EPA's national performance system.

    Agency: Environmental Protection Agency
    Status: Open

    Comments: In its 60 day response, the EPA reiterated its general agreement with this recommendation and stated that it will apply it, where appropriate and cost effective, to program-specific databases, not only the Office of Water databases. EPA noted that not all data from program-specific databases may be appropriate for direct electronic transfer to the national performance system; some individual grant data may need to be analyzed before being rolled up into national data. Additionally, implementation of this recommendation will depend upon the agency's program offices modifying their databases to interface with the new performance system. Further, implementation of this recommendation is dependent upon completion of EPA's new performance system, currently under development; anticipated deployment is in FY 2017.
    Recommendation: The EPA Administrator should direct OGD and program and regional offices, as appropriate, as part of EPA's ongoing streamlining initiatives and the development of a grantee portal, to clarify the factors project officers should consider when determining whether performance reports are consistent with EPA's environmental results directive.

    Agency: Environmental Protection Agency
    Status: Open

    Comments: In its 60 day response, EPA reiterated its agreement with this recommendation and stated that it will make conforming changes to the implementation guidance for the Environmental Results Order (Directive) in FY 2017.
    Recommendation: The EPA Administrator should direct OGD and program and regional offices, as appropriate, as part of EPA's ongoing streamlining initiatives and the development of a grantee portal, to expand aspects of EPA's policy for certain categorical grants, specifically, the call for an explicit reference to the planned results in grantees' work plans and their projected time frames for completion, to all grants.

    Agency: Environmental Protection Agency
    Status: Open

    Comments: In its 60 day response, EPA reiterated its agreement with this recommendation and stated that it will make conforming changes to existing policy in FY 2017.
    Recommendation: The EPA Administrator should direct OGD and program and regional offices, as appropriate, as part of EPA's ongoing streamlining initiatives and the development of a grantee portal, to incorporate built-in data quality controls for performance reports into the planned web-based portal based on EPA's environmental results directive.

    Agency: Environmental Protection Agency
    Status: Open

    Comments: In its 60 day response, EPA reiterated its general agreement with this recommendation. However, EPA emphasized that identifying and deploying appropriate data quality controls is a long-term effort subject to budgetary considerations, completion of the Next Generation Grants System, and extensive collaboration with internal and external stakeholders. Specifically, the report's vision for built-in data quality controls involves the use of electronic templates and reduced reliance on manual data entry--which would require standardized work plan and performance report formats subject to clearance by the Office of Management and Budget. Further, EPA noted that both grant recipients and EPA program offices generally have not supported standardizing the format of work plan and progress reports in the past. Accordingly, as a first step, EPA will seek feedback from the recipient and program office community. The agency will initiate that process in FY 2017.
    Director: Dawn B. Simpson
    Phone: (202) 512-3406

    1 open recommendations
    including 1 priority recommendation
    Recommendation: The Secretary of the Treasury should direct the Fiscal Assistant Secretary to develop and implement procedures to determine whether user accounts already exist before establishing or recertifying user accounts in the Governmentwide Treasury Account Symbol Adjusted Trial Balance System or Governmentwide Financial Report System.

    Agency: Department of the Treasury
    Status: Open
    Priority recommendation

    Comments: As of the completion of our fiscal year 2016 consolidated financial statements (CFS) audit, Treasury agreed that this recommendation remained open. Treasury plans to implement processes to validate new users who do not already have an existing account in the Governmentwide Treasury Account Symbol Adjusted Trial Balance System (GTAS) or the Governmentwide Financial Report System (GFRS); and to ensure that users do not have conflicting roles or privileges. We will follow-up on progress made by Treasury as part of our fiscal year 2017 CFS audit, which is ongoing as of March 2017.
    Director: Anne-Marie Fennell
    Phone: (202) 512-3841

    6 open recommendations
    Recommendation: To improve the effectiveness of BLM's efforts to track and deter unauthorized grazing, the Secretary of the Interior should direct the Director of BLM to amend the regulations on unauthorized grazing use--43 C.F.R. Subpart 4150 (2005)--to establish a procedure for the informal resolution of violations at the local level, or follow the existing regulations by sending a notice of unauthorized use for each potential violation as provided by 43 C.F.R. 4150.2(a) (2005).

    Agency: Department of the Interior
    Status: Open

    Comments: As of November 2016, GAO is awaiting action by the agency to implement this recommendation.
    Recommendation: To improve the effectiveness of BLM's efforts to track and deter unauthorized grazing, the Secretary of the Interior should direct the Director of BLM to record all incidents of unauthorized grazing, including those resolved informally.

    Agency: Department of the Interior
    Status: Open

    Comments: As of November 2016, GAO is awaiting action by the agency to implement this recommendation.
    Recommendation: To improve the effectiveness of BLM's efforts to track and deter unauthorized grazing, the Secretary of the Interior should direct the Director of BLM to revise the agency's Unauthorized Grazing Use Handbook to make it consistent with 43 C.F.R. pt. 4100 (2005).

    Agency: Department of the Interior
    Status: Open

    Comments: As of November 2016, GAO is awaiting action by the agency to implement this recommendation.
    Recommendation: To improve the effectiveness of the Forest Service's efforts to track and deter unauthorized grazing, the Secretary of Agriculture should direct the Chief of the Forest Service to amend the regulations on range management--36 C.F.R. pt. 222--to provide for nonmonetary settlement when the unauthorized or excess grazing is non-willful and incidental, or follow the existing regulations by determining and charging a grazing use penalty for all unauthorized and excess use when it is identified as provided by 36 C.F.R. 222.50(a) and (h).

    Agency: Department of Agriculture
    Status: Open

    Comments: As of November 2016, GAO is awaiting action by the agency to implement this recommendation.
    Recommendation: To improve the effectiveness of the Forest Service's efforts to track and deter unauthorized grazing, the Secretary of Agriculture should direct the Chief of the Forest Service to record all incidents of unauthorized grazing, including those resolved informally.

    Agency: Department of Agriculture
    Status: Open

    Comments: As of November 2016, GAO is awaiting action by the agency to implement this recommendation.
    Recommendation: To improve the effectiveness of the Forest Service's efforts to track and deter unauthorized grazing, the Secretary of Agriculture should direct the Chief of the Forest Service to adopt an unauthorized grazing penalty structure that is based, similar to BLM's, on the current commercial value of forage.

    Agency: Department of Agriculture
    Status: Open

    Comments: As of November 2016, GAO is awaiting action by the agency to implement this recommendation.
    Director: Beryl Davis
    Phone: (202) 512-2623

    2 open recommendations
    Recommendation: To help fulfill the IPERA and OMB requirements to submit proposals to Congress when agencies reach 3 or more consecutive years of noncompliance with IPERA criteria, the Secretary of Agriculture or a designee should submit a letter to Congress detailing proposals for reauthorization or statutory changes in response to 3 consecutive years of noncompliance as of fiscal year 2014 for its (1) Child and Adult Care Food Program; (2) School Breakfast Program; (3) National School Lunch Program; and (4) Special Supplemental Nutrition Program for Women, Infants, and Children. To the extent that reauthorization or statutory changes are not considered necessary to bring a program into compliance, the Secretary or designee should state so in the letter.

    Agency: Department of Agriculture
    Status: Open

    Comments: We provided a draft of this report to OMB, the IG offices of the 24 CFO Act agencies, and the CFO offices of those agencies with programs that were determined to be noncompliant with IPERA criteria for 3 consecutive years as of fiscal year 2014. In their e-mailed response, officials from the CFO office at USDA neither concurred nor disagreed with our recommendations. We will continue to monitor the status of this recommendation.
    Recommendation: To help fulfill the IPERA and OMB requirements to submit proposals to Congress when agencies reach 3 or more consecutive years of noncompliance with IPERA criteria, the Secretary of Defense or a designee should submit a letter to Congress detailing proposals for reauthorization or statutory changes in response to 3 consecutive years of noncompliance as of fiscal year 2014 for its Department of Defense Travel Pay program. To the extent that reauthorization or statutory changes are not considered necessary to bring the program into compliance, the Secretary or designee should state so in the letter.

    Agency: Department of Defense
    Status: Open

    Comments: We provided a draft of this report to OMB, the IG offices of the 24 CFO Act agencies, and the CFO offices of those agencies with programs that were determined to be noncompliant with IPERA criteria for 3 consecutive years as of fiscal year 2014. In their written comments, the offices of the DOD CFO and DOD IG concurred with our recommendations. The DOD CFO office noted that it does not consider reauthorization or statutory change necessary for its Travel Pay program, but will submit a letter to Congress containing planned actions for improvement by August 30, 2016. As of June 2, 2017, no updated information has been provided by the Department of Defense. We will continue to monitor the status of this recommendation.
    Director: Jennifer Grover
    Phone: (202) 512-7141

    2 open recommendations
    Recommendation: To better position the Coast Guard to effectively plan its Arctic operations, the Commandant of the Coast Guard should develop measures, as appropriate, for gauging how the agency's actions have helped to mitigate the Arctic capability gaps.

    Agency: Department of Homeland Security: United States Coast Guard
    Status: Open

    Comments: In June 2016, we reviewed and reported on the U.S. Coast Guard's efforts in the Arctic. We found that the Coast Guard had taken actions to implement its Arctic strategy and conduct Arctic operations, which may help the Coast Guard to better understand and mitigate identified Arctic capability gaps. Further, we found that the Coast Guard was tracking, or had plans to track, its various activities in the Arctic, but that it had not developed measures to systematically assess how its actions have helped to mitigate Arctic capability gaps. We recommended that the Coast Guard develop measures, as appropriate, for gauging how the agency's actions have helped to mitigate the Arctic capability gaps. In response to our recommendation, in August 2016, the Coast Guard reported that specific measures for some activities would be developed and included as part of the Coast Guard's update to its implementation plan for its Arctic strategy. In March 2017, the Coast Guard reported that it completed an annual review of its implementation plan in January 2017. However, officials stated that technology updates and modifications to its tracking tool are required to better represent the completion percentage. To fully address this recommendation, the Coast Guard will need to finalize the development of its measures to gauge how its actions have helped to mitigate Arctic capability gaps.
    Recommendation: To better position the Coast Guard to effectively plan its Arctic operations, the Commandant of the Coast Guard should design and implement a process to systematically assess the extent to which actions taken agency-wide have helped mitigate the Arctic capability gaps for which it has responsibility.

    Agency: Department of Homeland Security: United States Coast Guard
    Status: Open

    Comments: In June 2016, we reviewed and reported on the U.S. Coast Guard's efforts in the Arctic. We found that the Coast Guard had taken actions to implement its Arctic strategy and conduct Arctic operations, which may help the Coast Guard to better understand and mitigate identified Arctic capability gaps. Further, we found that the Coast Guard was tracking, or had plans to track, its various activities in the Arctic, but that it had not systematically assessed how its actions have helped to mitigate Arctic capability gaps. We recommended that the Coast Guard design and implement a process to systematically assess the extent to which actions taken agency-wide have helped mitigate the Arctic capability gaps for which it has responsibility, so that it will better understand the status of these gaps and be better positioned to effectively plan its Arctic operations. In August 2016, the Coast Guard reported that through its annual review of its implementation plan for its Arctic Strategy, that it will systematically assess how its actions have mitigated capability gaps for which it is the lead agency under the Implementation Framework for the National Strategy for the Arctic Region. In March 2017, the Coast Guard reported that it completed an annual review of its implementation plan in January 2017 which resulted in the consolidation, removal, and addition of Arctic initiatives. Further, officials stated that the Coast Guard will continue to work with the Arctic Executive Steering Committee to provide information for the tracking and measurement of national capabilities, needs and gaps, and impacts in the Arctic Region. To fully address this recommendation, the Coast Guard will need to assess how its actions have helped to mitigate Arctic capability gaps, and provide documentation that identifies the progress it has made in helping to mitigate Arctic capability gaps.
    Director: Anne-Marie Fennell
    Phone: (202) 512-3841

    1 open recommendations
    Recommendation: To fulfill the secretarial order's directive that FWS manage Midway in accordance with the National Historic Preservation Act, the Secretary of the Interior should direct the Director of the U.S. Fish and Wildlife Service to ensure that the public, including key parties that have previously expressed interest in historic preservation issues on Midway, are notified about future FWS undertakings that may have an adverse effect on historic properties so that they have an opportunity to provide comment and input.

    Agency: Department of the Interior
    Status: Open

    Comments: As of November 2016, GAO is awaiting action by the agency to implement this recommendation.
    Director: Valerie C. Melvin
    Phone: (202) 512-6304

    4 open recommendations
    Recommendation: To improve DOL's management of FOIA requests, the Secretary of Labor should direct the Chief FOIA Officer to establish a time frame for implementing, and take actions to implement, section 508 requirements in the department's FOIA system and online portal.

    Agency: Department of Labor
    Status: Open

    Comments: As of May 2017, the Department of Labor had provided a response regarding its actions to address our recommendation. We have not yet verified if the actions meet the intent of our recommendation. When we confirm what actions the agency has taken we will provide updated information.
    Recommendation: To improve DOL's management of FOIA requests, the Secretary of Labor should direct the Chief FOIA Officer to establish a time frame for implementing, and take actions to fully implement, recommended best practice capabilities for enhanced processing of requests in the department's FOIA system and online portal.

    Agency: Department of Labor
    Status: Open

    Comments: As of May 2017, the Department of Labor had provided a response regarding its actions to address our recommendation. We have not yet verified if the actions taken meet the intent of our recommendations. When we confirm what actions the agency has taken we will provide updated information.
    Recommendation: To improve DOL's management of FOIA requests, the Secretary of Labor should direct the Chief FOIA Officer to require components to document in the Secretary's Information Management System for FOIA the rationales for delays in responding to FOIA requests, and to notify requesters of the delayed responses when processing requests.

    Agency: Department of Labor
    Status: Open

    Comments: As of May 2017, the Department of Labor had provided a response regarding its actions to address our recommendation. We have not yet verified if the actions taken meet the intent of our recommendations. When we confirm what actions the agency has taken we will provide updated information.
    Recommendation: To improve DOL's management of FOIA requests, the Secretary of Labor should direct the Chief FOIA Officer to establish a time frame for consulting with the Department of Justice's Office of Information Policy on including language in DOL's response letters to administrative appeals notifying requesters of the National Archives and Records Administration's Office of Government Information Services' mediation services as an alternative to litigation, and then ensure that the department includes the language in the letters.

    Agency: Department of Labor
    Status: Open

    Comments: As of May 2017, the Department of Labor had provided a response regarding its actions to address our recommendation. We have not yet verified if the actions taken meet the intent of our recommendations. When we confirm what actions the agency has taken we will provide updated information.
    Director: John Neumann
    Phone: (202) 512-3841

    2 open recommendations
    Recommendation: To ensure full compliance with SBIR and STTR spending and reporting requirements and improve participation in the administrative pilot program, the SBA Administrator should review SBA guidance regarding when an agency is required to start up an SBIR or STTR program, and if necessary, update the guidance to provide greater clarity to agencies with research or research and development (R&D) obligations greater than the thresholds for participating.

    Agency: Small Business Administration
    Status: Open

    Comments: According to SBA officials, as of April 2017, SBA is working to develop language to update its policy directives to provide guidance on when an agency must start an SBIR or STTR program.
    Recommendation: To ensure full compliance with SBIR and STTR spending and reporting requirements and improve participation in the administrative pilot program, the SBA Administrator should complete the required reporting on the administrative pilot program for fiscal year 2014, which could include an evaluation of the potential constraints that may hinder agencies' participation and any steps to address these constraints.

    Agency: Small Business Administration
    Status: Open

    Comments: As of April 2017, SBA officials said that SBA is in the process of completing its follow-up with agencies to document agencies' utilization of the administrative pilot program. Specifically, officials said they requested that agencies that planned to participate in the pilot program complete and return a template with information on the pilot program. Once SBA receives that information, officials said they will draft a report. As of April 2017, a formal date for completing and submitting the report has not been established.
    Director: David A. Powner
    Phone: (202) 512-9286

    16 open recommendations
    including 4 priority recommendations
    Recommendation: The Director of OMB should identify and publish a specific goal associated with its non-provisioned O&M spending measure.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: The agency agreed with the recommendation. In April 2017, OMB indicated that it has been working with agencies on their Strategic Plans and associated performance goals and measures, but that it would be premature to say whether there would be a specific goal on its non-provisioned O&M spending measure. We will continue to monitor the implementation of this recommendation.
    Recommendation: The Director of OMB should commit to a firm date by which its draft guidance on legacy systems will be issued, and subsequently direct agencies to identify legacy systems and/or investments needing to be modernized or replaced.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: The agency agreed with the recommendation. In April 2017, OMB stated that it was updating the draft guidance on legacy systems and were unable to provide a date when they would be issuing it. We will continue to monitor the implementation of this recommendation.
    Recommendation: To monitor whether existing investments are meeting the needs of their agencies, the Secretaries of Commerce and the Treasury should direct the respective agency CIO to ensure that required analyses are performed on investments in the operations and maintenance phase.

    Agency: Department of Commerce
    Status: Open

    Comments: The agency agreed with the recommendation. In a May 2017 written update, the agency stated that it had updated its Capital Planning and Investment Control handbook with instructions on conducting operational analyses. However, the agency was unable to demonstrate that operational analyses were being completed on an annual basis, as required. We will continue to monitor the implementation of this recommendation.
    Recommendation: To monitor whether existing investments are meeting the needs of their agencies, the Secretaries of Commerce and the Treasury should direct the respective agency CIO to ensure that required analyses are performed on investments in the operations and maintenance phase.

    Agency: Department of the Treasury
    Status: Open

    Comments: The agency had no comment on the recommendation. In June 2017, Treasury provided an update on the IRS's efforts to ensure that operational analyses are performed on investments in the operations and maintenance phase. However, the recommendation is intended to address issues at the department level and not just at the IRS. Treasury declined to provide an update at the department level. We will continue to monitor the implementation of this recommendation.
    Recommendation: To address obsolete IT investments in need of modernization or replacement, the Secretaries of Agriculture, Commerce, Defense, Energy, Health and Human Services, Homeland Security, State, the Treasury, Transportation, and Veterans Affairs; the Attorney General; and the Commissioner of Social Security should direct their respective agency CIOs to identify and plan to modernize or replace legacy systems as needed and consistent with OMB's draft guidance, including time frames, activities to be performed, and functions to be replaced or enhanced.

    Agency: Department of Homeland Security
    Status: Open

    Comments: The agency agreed with the recommendation and in July 2017 stated that the department has drafted a Legacy Systems Modernization Framework. DHS is waiting for OMB?s draft guidance to be issued to ensure compliance. As a result, they now estimate this will be completed by December 2017. We will continue to monitor the implementation of this recommendation.
    Recommendation: To address obsolete IT investments in need of modernization or replacement, the Secretaries of Agriculture, Commerce, Defense, Energy, Health and Human Services, Homeland Security, State, the Treasury, Transportation, and Veterans Affairs; the Attorney General; and the Commissioner of Social Security should direct their respective agency CIOs to identify and plan to modernize or replace legacy systems as needed and consistent with OMB's draft guidance, including time frames, activities to be performed, and functions to be replaced or enhanced.

    Agency: Department of Agriculture
    Status: Open

    Comments: The agency agreed with the recommendation. As of May 2017, the agency stated that it had taken steps to improve its overall IT governance processes, and in particular, its oversight of legacy systems. These steps included, implementing its FITARA strategy, creating a Cloud Strategy and Policy Office, and two new executive oversight groups. In addition, the agency stated that it planned to complete an IT Modernization Plan in calendar year 2018. We will continue to monitor the implementation of this recommendation.
    Recommendation: To address obsolete IT investments in need of modernization or replacement, the Secretaries of Agriculture, Commerce, Defense, Energy, Health and Human Services, Homeland Security, State, the Treasury, Transportation, and Veterans Affairs; the Attorney General; and the Commissioner of Social Security should direct their respective agency CIOs to identify and plan to modernize or replace legacy systems as needed and consistent with OMB's draft guidance, including time frames, activities to be performed, and functions to be replaced or enhanced.

    Agency: Department of Commerce
    Status: Open

    Comments: The agency agreed with the recommendation. In May 2017, the agency stated that it was continuously assessing its current IT portfolio for opportunities to retire or modernize its mission critical legacy systems. Specifically, Commerce stated that it had identified two candidate systems for modernization--the National Weather Service Telecommunications Gateway and the USPTO Examiner Automated Search Tool. However, it is unclear how these plans will relate to OMB's guidance. We will continue to monitor the implementation of this recommendation.
    Recommendation: To address obsolete IT investments in need of modernization or replacement, the Secretaries of Agriculture, Commerce, Defense, Energy, Health and Human Services, Homeland Security, State, the Treasury, Transportation, and Veterans Affairs; the Attorney General; and the Commissioner of Social Security should direct their respective agency CIOs to identify and plan to modernize or replace legacy systems as needed and consistent with OMB's draft guidance, including time frames, activities to be performed, and functions to be replaced or enhanced.

    Agency: Department of Defense
    Status: Open

    Comments: The agency partially concurred with the recommendation, and stated that it would continue to identify, prioritize, and manage legacy systems that should be modernized or replaced, based on existing DOD policies, using existing department processes, consistent to the extent practicable with OMB's draft guidance. In June 2017, the department stated that its position has not changed; the department believes that no corrective actions are necessary or planned. We will continue to monitor the implementation of this recommendation.
    Recommendation: To address obsolete IT investments in need of modernization or replacement, the Secretaries of Agriculture, Commerce, Defense, Energy, Health and Human Services, Homeland Security, State, the Treasury, Transportation, and Veterans Affairs; the Attorney General; and the Commissioner of Social Security should direct their respective agency CIOs to identify and plan to modernize or replace legacy systems as needed and consistent with OMB's draft guidance, including time frames, activities to be performed, and functions to be replaced or enhanced.

    Agency: Department of Energy
    Status: Open
    Priority recommendation

    Comments: The department partially agreed with the recommendation and in an April 2017 update stated that the department has begun an initiative to migrated corporate business IT systems to cloud service providers. The department added that they were coordinating with their program offices to identify and prioritize other IT systems for migration. The department intends to review any forthcoming OMB guidance, and will consider early implementation of such guidance, as applicable to the department, when the guidance is provided. We will continue to monitor the implementation of this recommendation.
    Recommendation: To address obsolete IT investments in need of modernization or replacement, the Secretaries of Agriculture, Commerce, Defense, Energy, Health and Human Services, Homeland Security, State, the Treasury, Transportation, and Veterans Affairs; the Attorney General; and the Commissioner of Social Security should direct their respective agency CIOs to identify and plan to modernize or replace legacy systems as needed and consistent with OMB's draft guidance, including time frames, activities to be performed, and functions to be replaced or enhanced.

    Agency: Department of Health and Human Services
    Status: Open

    Comments: The agency agreed with the recommendation and in a September 2016 written update stated that the office of the CIO is working to identify and plan to modernize or replace IT systems. As of July 2017, the agency had not responded to requests for updates on the implementation of this recommendation. We will continue to monitor this recommendation.
    Recommendation: To address obsolete IT investments in need of modernization or replacement, the Secretaries of Agriculture, Commerce, Defense, Energy, Health and Human Services, Homeland Security, State, the Treasury, Transportation, and Veterans Affairs; the Attorney General; and the Commissioner of Social Security should direct their respective agency CIOs to identify and plan to modernize or replace legacy systems as needed and consistent with OMB's draft guidance, including time frames, activities to be performed, and functions to be replaced or enhanced.

    Agency: Social Security Administration
    Status: Open

    Comments: The agency agreed with the recommendation and as of May 2017, the agency stated that it was working on finishing its Information Technology Modernization Plan that outlines 5 major applications that it plans to update. However, since OMB had not yet issued its legacy system guidance, it is unknown whether this plan is consistent with OMB's guidance. We will continue to monitor the implementation of this recommendation.
    Recommendation: To address obsolete IT investments in need of modernization or replacement, the Secretaries of Agriculture, Commerce, Defense, Energy, Health and Human Services, Homeland Security, State, the Treasury, Transportation, and Veterans Affairs; the Attorney General; and the Commissioner of Social Security should direct their respective agency CIOs to identify and plan to modernize or replace legacy systems as needed and consistent with OMB's draft guidance, including time frames, activities to be performed, and functions to be replaced or enhanced.

    Agency: Department of Justice
    Status: Open

    Comments: The agency agreed with the recommendation. As of May 2017, the agency stated that it was completing the initial steps of an assessment to provide a qualitative and definitive list of systems which meet criteria for retirement and/or decommission. This assessment is to review the complexity of work per system, and provide a rough order of magnitude cost estimate on a system-by-system basis. Further, VA is in the process of decommissioning the BDN and PAID systems mentioned in our report. The decommissioning of BDN is in the planning stage and the agency estimates the project to cost $100 million to complete. The replacement of PAID has been occurring in incremental phases, but the agency did not provide an estimated date of retirement. We will continue to monitor the implementation of this recommendation.
    Recommendation: To address obsolete IT investments in need of modernization or replacement, the Secretaries of Agriculture, Commerce, Defense, Energy, Health and Human Services, Homeland Security, State, the Treasury, Transportation, and Veterans Affairs; the Attorney General; and the Commissioner of Social Security should direct their respective agency CIOs to identify and plan to modernize or replace legacy systems as needed and consistent with OMB's draft guidance, including time frames, activities to be performed, and functions to be replaced or enhanced.

    Agency: Department of Transportation
    Status: Open

    Comments: The agency agreed with the recommendation and stated that work is underway to identify systems in need of modernization and upgrade. The department anticipated being able to close the recommendation 90 days after OMB issues guidance on legacy systems. Further, in a recent update, the agency stated that it had recently started a project to create an integrated inventory of Transportation's systems. According to the agency, through this project, it has been able to identify duplication and opportunities to create efficiencies. The next phase of this project is a future state diagram and a roadmap to show planned modernizations and possible divestments of legacy systems. We will continue to monitor the implementation of this recommendation.
    Recommendation: To address obsolete IT investments in need of modernization or replacement, the Secretaries of Agriculture, Commerce, Defense, Energy, Health and Human Services, Homeland Security, State, the Treasury, Transportation, and Veterans Affairs; the Attorney General; and the Commissioner of Social Security should direct their respective agency CIOs to identify and plan to modernize or replace legacy systems as needed and consistent with OMB's draft guidance, including time frames, activities to be performed, and functions to be replaced or enhanced.

    Agency: Department of the Treasury
    Status: Open
    Priority recommendation

    Comments: The agency had no comment on the recommendation. In a June 2017, Treasury provided an update on the IRS's efforts to modernize the IRS's legacy systems. However, the recommendation is intended to address issues at the department level and not just at the IRS. Treasury declined to provide an update at the department level. We will continue to monitor the implementation of this recommendation.
    Recommendation: To address obsolete IT investments in need of modernization or replacement, the Secretaries of Agriculture, Commerce, Defense, Energy, Health and Human Services, Homeland Security, State, the Treasury, Transportation, and Veterans Affairs; the Attorney General; and the Commissioner of Social Security should direct their respective agency CIOs to identify and plan to modernize or replace legacy systems as needed and consistent with OMB's draft guidance, including time frames, activities to be performed, and functions to be replaced or enhanced.

    Agency: Department of Veterans Affairs
    Status: Open
    Priority recommendation

    Comments: The agency agreed with the recommendation. As of May 2017, the agency stated that it was completing the initial phase of an assessment to provide a qualitative and definitive list of systems which meet criteria for retirement and/or decommission. This assessment will review the complexity of work per system, and provide a rough order of magnitude cost estimate on a system-by-system basis. Further, VA is in the process of decommissioning the BDN and PAID systems mentioned in our report. The decommissioning of BDN is in the planning stage and the agency estimates the project to cost $100 million to complete. The replacement of PAID has been occurring in incremental phases, but the agency did not provide an estimated date of retirement. We will continue to monitor the implementation of this recommendation.
    Recommendation: To address obsolete IT investments in need of modernization or replacement, the Secretaries of Agriculture, Commerce, Defense, Energy, Health and Human Services, Homeland Security, State, the Treasury, Transportation, and Veterans Affairs; the Attorney General; and the Commissioner of Social Security should direct their respective agency CIOs to identify and plan to modernize or replace legacy systems as needed and consistent with OMB's draft guidance, including time frames, activities to be performed, and functions to be replaced or enhanced.

    Agency: Department of State
    Status: Open
    Priority recommendation

    Comments: The agency agreed with the recommendation and stated that it plans to work with OMB upon the publication of OMB's guidance to identify opportunities for modernization. In an April 2017 update, the agency stated that it had extended plans to replace the systems mentioned in the report by several years. As of August 2017, the agency stated that it had finalized a new capital planning guide which includes investment review policy to identify opportunities for modernization and away from legacy systems. However, it is too soon to tell if it is in line with OMB's forthcoming guidance. We will continue to monitor the implementation of this recommendation.
    Director: Gregory C. Wilshusen
    Phone: (202) 512-6244

    17 open recommendations
    including 7 priority recommendations
    Recommendation: To improve agency information security programs, the Administrator of the National Aeronautics and Space Administration should update security assessment plans for selected systems to ensure they include the test procedures to be performed.

    Agency: National Aeronautics and Space Administration
    Status: Open
    Priority recommendation

    Comments: NASA concurred with our recommendation. The agency has implemented a system to support updates of security assessment plans that include the test procedures to be performed. Subsequent to NASA informing us that security assessment plans for selected systems include these test procedures, we plan to verify the agency's actions.
    Recommendation: To improve agency information security programs, the Administrator of the National Aeronautics and Space Administration should re-evaluate security control assessments for selected systems to ensure that they comprehensively test technical controls.

    Agency: National Aeronautics and Space Administration
    Status: Open
    Priority recommendation

    Comments: NASA concurred with our recommendation, and will re-evaluate the selected systems' security control assessments to ensure that technical controls will be comprehensively tested. NASA officials said that they expect to complete this action by January 15, 2018. Subsequent to NASA informing us that it has implemented the recommendation, we plan to verify the agency's actions.
    Recommendation: To improve agency information security programs, the Administrator of the National Aeronautics and Space Administration should update remedial action plans for selected systems, to include responsible organization, estimated funding, source of funding, and updated milestones and completion dates.

    Agency: National Aeronautics and Space Administration
    Status: Open
    Priority recommendation

    Comments: NASA concurred with our recommendation. The agency has implemented a system that generates plans of actions and milestones (POA&Ms), but has not yet provided sufficient examples of remedial action plans for the selected systems. Subsequent to NASA informing us that it has updated POA&Ms for the selected systems to include responsible organization, estimated funding, source of funding, and updated milestones and completion dates, we plan to verify these actions.
    Recommendation: To improve agency information security programs, the Administrator of the National Aeronautics and Space Administration should update the continuous monitoring strategy to include metrics, ongoing status monitoring of metrics, and reporting of security status.

    Agency: National Aeronautics and Space Administration
    Status: Open
    Priority recommendation

    Comments: NASA concurred with our recommendation. The agency has issued an updated continuous monitoring strategy, but this strategy does not clearly identify specific metrics to be used. Subsequent to NASA informing us that the strategy includes metrics, ongoing status monitoring of metrics, and reporting of security status, we plan to verify these actions.
    Recommendation: To improve agency information security programs, the Chairman of the Nuclear Regulatory Commission should re-evaluate security control assessments to ensure that they comprehensively test technical controls.

    Agency: Nuclear Regulatory Commission
    Status: Open

    Comments: NRC concurred with our recommendation. NRC supplied documents regarding its cybersecurity assessment process, but has not yet provided evidence of re-evaluating assessments to ensure that technical controls were comprehensively tested.
    Recommendation: To improve agency information security programs, the Chairman of the Nuclear Regulatory Commission should update remedial action plans for selected systems, to include responsible organization, estimated funding, funding source, and scheduled completion dates.

    Agency: Nuclear Regulatory Commission
    Status: Open

    Comments: NRC concurred with our recommendation. The agency provided evidence that it is including the responsible organization and scheduled completion dates in its plans of action and milestones (POA&Ms). While the estimated funding and source of funding do not appear in the POA&Ms, the agency has indicated that this data is available elsewhere. We are following up with NRC to verify this information.
    Recommendation: To improve agency information security programs, the Chairman of the Nuclear Regulatory Commission should update the standard that addresses continuous monitoring to include metrics and ongoing status monitoring.

    Agency: Nuclear Regulatory Commission
    Status: Open

    Comments: NRC concurred with our recommendation. The agency expects to publish a revised computer security standard in 2018.
    Recommendation: To improve agency information security programs, Acting Director of the Office of Personnel Management should update security plans for selected systems to ensure that all controls specific to high-impact systems are addressed, including a rationale if the control is not implemented, and where other plans are cross-referenced, ensure that the other system's plan appropriately addresses the control.

    Agency: Office of Personnel Management
    Status: Open
    Priority recommendation

    Comments: OPM concurred with our recommendation. The agency intends to migrate security plans to an automated system in order to improve management of security controls.
    Recommendation: To improve agency information security programs, Acting Director of the Office of Personnel Management should provide and track specialized training for all individuals, including contractors, who have significant security responsibilities.

    Agency: Office of Personnel Management
    Status: Open
    Priority recommendation

    Comments: OPM partially concurred with our recommendation. OPM is in the process of reviewing its procedures for identifying employees and contractors who directly access its information systems and reviewing the training requirements for those individuals, as well as specialized training requirements, and how compliance is tracked.
    Recommendation: To improve agency information security programs, Acting Director of the Office of Personnel Management should re-evaluate security control assessments to ensure that they comprehensively test technical controls.

    Agency: Office of Personnel Management
    Status: Open
    Priority recommendation

    Comments: OPM did not concur with our recommendation. OPM is developing additional standards for evaluating technical-controls testing and will incorporate these standards into its oversight of security assessments, once the standards are complete.
    Recommendation: To improve agency information security programs, Acting Director of the Office of Personnel Management should update remedial action plans for selected systems, to include source of funding and updated completion dates.

    Agency: Office of Personnel Management
    Status: Open

    Comments: OPM concurred with our recommendation. OPM is in the process of migrating POA&Ms to a new automated system that will allow the source of funding to be included in plans of action and milestones.
    Recommendation: To improve agency information security programs, the Secretary of the Department of Veterans should update security plans for selected systems to ensure that all controls specific to high-impact systems are addressed, including a rationale if the control is not implemented.

    Agency: Department of Veterans Affairs
    Status: Open

    Comments: VA concurred with our recommendation. VA stated that all high-impact security controls have been addressed, and the agency expects to include all controls in one plan. Subsequent to the agency informing us that it has implemented the recommendation, we plan to verify its actions.
    Recommendation: To improve agency information security programs, the Secretary of the Department of Veterans should provide and track specialized training for all individuals who have significant security responsibilities.

    Agency: Department of Veterans Affairs
    Status: Open

    Comments: VA concurred with our recommendation. VA provided limited evidence that it is tracking specialized training for staff who have significant security responsibilities. GAO plans to request further documentation and verify the completeness of VA's actions.
    Recommendation: To improve agency information security programs, the Secretary of the Department of Veterans should conduct security control assessments for the two selected systems and ensure the procedures comprehensively test technical controls.

    Agency: Department of Veterans Affairs
    Status: Open

    Comments: VA concurred with our recommendation. VA has assessed technical controls, but has not yet provided evidence of re-evaluating assessments to ensure that technical controls were comprehensively tested.
    Recommendation: To improve agency information security programs, the Secretary of the Department of Veterans should update remedial action plans for selected systems, to include estimated funding and funding source.

    Agency: Department of Veterans Affairs
    Status: Open

    Comments: VA concurred with our recommendation. VA provided limited evidence that it is including more information in its remedial action plans for selected systems, but did not demonstrate that it is including estimated funding and funding sources in these plans.
    Recommendation: To improve agency information security programs, the Secretary of the Department of Veterans should develop a continuous monitoring strategy that addresses organization-defined metrics, frequency of monitoring metrics, ongoing status monitoring of metrics, and reporting of security status.

    Agency: Department of Veterans Affairs
    Status: Open

    Comments: VA concurred with our recommendation. VA is developing a new framework to address the people, processes, technology, and performance monitoring mechanisms identified in the Information Security Continuous Monitoring (ISCM) Maturity Model. This framework and supporting program plan are linked to the Department of Homeland Security Continuous Diagnostics and Mitigation (CDM) phase 1 deployment that is ongoing and anticipated to be completed by the fourth quarter of 2017. VA's ISCM program plan and framework have been delayed to accommodate these changes.
    Recommendation: To improve security over federal systems, including those considered to be high impact, the Director of the Office of Management and Budget should issue plan and practices specified in the Cybersecurity Strategy and Implementation Plan.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: OMB concurred with our recommendation. On December 9, 2016, OMB issued memorandum M-17-09, Management of Federal High Value Assets, which lists some existing policies and guidance and other actions that agencies need to take to protect IT assets. In addition OMB provided limited access to a document describing best practices for federal security operation centers. GAO is requesting further access to this document on best practices in order to determine whether OMB has adequately addressed the recommendation.
    Director: Daniel Garcia-Diaz
    Phone: (202) 512-8678

    2 open recommendations
    Recommendation: To receive more consistent information on LIHTC noncompliance, the IRS Commissioner should collaborate with the allocating agencies to clarify when allocating agencies should report such information on the Form 8823 (report of noncompliance or building disposition). The IRS Commissioner should collaborate with the Department of the Treasury in drafting such clarifications to help ensure that any new guidance is consistent with Treasury regulations.

    Agency: Department of the Treasury: Internal Revenue Service
    Status: Open

    Comments: In August 2016, IRS stated it would review the Form 8823 Audit Technique Guide to determine whether additional guidance and clarification were needed for allocating agencies to report noncompliance information on the form. If published legal guidance is required, IRS stated that it will submit a proposal for such guidance for prioritization. IRS indicated an expected implementation date by November 2017. In addition, in March 2017, officials stated that IRS Counsel attended an industry conference with allocating agencies at which issues related to the Form 8823 were discussed. We will continue to monitor IRS's progress in implementing our recommendation to clarify when allocating agencies should report noncompliance.
    Recommendation: To improve IRS's processes for identifying the most significant noncompliance issues, the IRS Commissioner should evaluate how IRS could use HUD's Real Estate Assessment Center databases, including how the information might be used to reassess reporting categories on the Form 8823 and to reassess which categories of noncompliance information have to be reviewed for audit potential.

    Agency: Department of the Treasury: Internal Revenue Service
    Status: Open

    Comments: IRS officials stated that since HUD's database with property inspection data was not complete as of March 2017 and contained data from 30 states, it was unclear how the database could be used. IRS officials said they would continue exploring the HUD database if the data for all LIHTC properties were included and it was possible to isolate the LIHTC property data from other rental properties in the HUD database. We will continue to monitor IRS's progress in evaluating the use of HUD's database for reporting information on noncompliance.
    Director: Carolyn L. Yocom
    Phone: (202) 512-7114

    3 open recommendations
    including 2 priority recommendations
    Recommendation: To improve the effectiveness of states' and plans' Medicaid managed care (MMC) plan provider screening efforts, the Acting Administrator of CMS should consider which additional databases that states and MMC plans use to screen providers could be helpful in improving the effectiveness of these efforts and determine whether any of these databases should be added to the list of databases identified by CMS for screening purposes.

    Agency: Department of Health and Human Services: Centers for Medicare and Medicaid Services
    Status: Open
    Priority recommendation

    Comments: HHS concurred with this recommendation. CMS analyzed 22 databases that were reported to GAO as being used by Medicaid managed care plans to screen providers. It determined that several were already in use by CMS and mentioned in its guidance, several required more study by CMS, and others were not reliable. In April 2017, we reviewed CMS's analysis. For 8 of the databases, CMS noted that more information is needed, including the availability of the data and whether CMS would need an identifier to link providers to the data. CMS has requested additional information for these databases and has not yet concluded whether the databases should be added to the list of databases it has identified for screening purposes. To close the recommendation, CMS will need to determine whether the remaining databases it has studied should be added to the CMS list of databases to be used for provider screening and take the appropriate action.
    Recommendation: To improve the effectiveness of states' and plans' MMC plan provider screening efforts, the Acting Administrator of CMS should collaborate with SSA to facilitate sharing CMS's Death Master File subscription with state Medicaid programs.

    Agency: Department of Health and Human Services: Centers for Medicare and Medicaid Services
    Status: Open
    Priority recommendation

    Comments: HHS concurred with this recommendation. CMS has signed an Interagency Agreement that provides for the states' ability to access the SSA Death Master File. CMS said that it will provide Death Master File information to specific individuals within each state in the near future. To close the recommendation, CMS will need to begin to provide the states with access to Death Master File data and provide us with documentation that it has done so.
    Recommendation: To improve the effectiveness of states' and plans' MMC plan provider screening efforts, the Acting Administrator of CMS should coordinate with other federal agencies, as necessary, to explore the use of an identifier that is relevant for the screening of MMC plan providers and common across databases used to screen MMC plan providers.

    Agency: Department of Health and Human Services: Centers for Medicare and Medicaid Services
    Status: Open

    Comments: HHS concurred with the recommendation. We will update the status of this recommendation when we receive additional information.
    Director: Jacqueline M. Nowicki
    Phone: (617) 788-0580

    2 open recommendations
    including 1 priority recommendation
    Recommendation: The Secretary of Education should direct Education's Office for Civil Rights to more routinely analyze its Civil Rights Data Collection by school groupings and types of schools across key elements to further explore and understand issues and patterns of disparities. For example, Education could use this more detailed information to help identify issues and patterns among school types and groups in conjunction with its analyses of student groups.

    Agency: Department of Education
    Status: Open
    Priority recommendation

    Comments: The Department of Education stated that it already analyzes its civil rights data in some of the ways we recommended, and in light of our recommendation, will consider whether additional analysis could augment their core civil rights enforcement mission. Education noted that it often uses the type of analyses GAO recommended, when appropriate, to inform its internal civil rights investigations, and makes the data available to researchers and other stakeholders outside the agency. While these efforts are encouraging, our recommendation emphasizes that the agency itself more routinely use the civil rights data across key data elements to help it identify disparities and patterns among groups and types of schools. Such an analysis could enhance the agency's current efforts and ultimately improve the agency's ability to target oversight and technical assistance to the schools that need it most. Education reported that this recommendation would be implemented by September 15, 2017. At that time, we will await documentation of its analyses by the school groupings as specified in our recommendation.
    Recommendation: The Attorney General of the United States should direct the Department of Justice's Civil Rights Division to systematically track key summary information across its portfolio of open desegregation cases and use this data to inform its monitoring of these cases. Such information could include, for example, dates significant actions were taken or reports received.

    Agency: Department of Justice
    Status: Open

    Comments: The Department of Justice concurred with this recommendation and believes its procedures for tracking case-related data are adequate. Justice reported in 2016 that it is currently developing an electronic document management system that may allow more case-related information to be stored in electronic format. The agency has already taken substantial steps to increase its case monitoring activities in desegregation cases, and intends to continue those efforts. However, Justice did not provide any details on what these steps are or if these steps are in line with our recommendation. GAO is encouraged that the agency sees a need to increase case monitoring. We will consider closing this recommendation when the agency provides specific information on its systematic tracking of information on open cases and using this information to enhance enforcement.
    Director: Brenda S. Farrell
    Phone: (202) 512-3604

    3 open recommendations
    Recommendation: The Secretary of Defense should direct the Under Secretary of Defense for Personnel and Readiness to establish time frames to complete actions that its Federal Voting Assistance Program has identified it will take to address challenges, and also to use these time frames to demonstrate progress for stakeholders, including through its statutorily required annual reporting.

    Agency: Department of Defense
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: The Under Secretary of Defense for Personnel and Readiness, through the Defense Human Resources Activity, should direct FVAP's Director to fully implement the six selected leading practices of federal strategic planning into the day-to-day operations of the program.

    Agency: Department of Defense: Office of the Under Secretary for Personnel and Readiness
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: The Under Secretary of Defense for Personnel and Readiness, through the Defense Human Resources Activity, should direct FVAP's Director to complete the development of a strategic plan that fully exhibits the six selected leading practices of federal strategic planning, including, but not limited to: (1) a statement of FVAP's revised mission and goals; (2) an identification of strategies that address management challenges and resources needed to achieve goals; (3) a description of leadership involvement and accountability; (4) a description of stakeholder involvement in the development of FVAP priorities; (5) a coordination strategy to communicate the program's mission and goals to other federal agencies; and (6) a description of performance measures, aligned with program goals that FVAP will use to track progress toward achieving goals.

    Agency: Department of Defense: Office of the Under Secretary for Personnel and Readiness
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Director: Michelle Sager
    Phone: (202) 512-6806

    2 open recommendations
    Recommendation: To increase the transparency to Congress about the total amount of funds agencies have available in a given year, the Director of the Office of Management and Budget should identify and publicly report the total amount of actual budget authority government-wide that is temporarily sequestered and "pops up," or becomes available again to agencies for obligation in the subsequent fiscal year.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: In February 2017, OMB staff told us they will consider additional options for reporting a government-wide total amount of actual budget authority that is temporarily sequestered during preparation of the full 2018 President's Budget.
    Recommendation: To promote further transparency in measuring the federal government's progress against deficit reduction targets required under current law, the Director of the Office of Management of Budget should identify and publicly report the total amount of actual reductions in budget authority government-wide each year as a result of sequestration or the reduction of discretionary spending limits under BBEDCA.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: In February 2017, OMB staff maintained their position of disagreement with this recommendation as summarized in our April 2016 report.
    Director: James Cosgrove
    Phone: (202) 512-7114

    5 open recommendations
    including 1 priority recommendation
    Recommendation: As CMS continues to implement and refine the contract-level RADV audit process to improve the efficiency and effectiveness of reducing and recovering improper payments and to improve the accuracy of CMS's calculation of coding intensity, the Administrator should modify that calculation by taking actions such as the following: (1) including only the three most recent pair-years of risk score data for all contracts; (2) standardizing the changes in disease risk scores to account for the expected increase in risk scores for all MA contracts; (3) developing a method of accounting for diagnostic errors not coded by providers, such as requiring that diagnoses added by MA organizations be flagged as supplemental diagnoses in the agency's Encounter Data System to separately calculate coding intensity scores related only to diagnoses that were added through MA organizations' supplemental record review (that is, were not coded by providers); and (4) including MA beneficiaries enrolled in contracts that were renewed from a different contract under the same MA organization during the pair-year period.

    Agency: Department of Health and Human Services: Centers for Medicare and Medicaid Services
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: As CMS continues to implement and refine the contract-level RADV audit process to improve the efficiency and effectiveness of reducing and recovering improper payments. The Administrator should modify CMS's selection of contracts for contract-level RADV audits to focus on those contracts most likely to have high rates of improper payments by taking actions such as the following: (1) selecting more contracts with the highest coding intensity scores; (2) excluding contracts with low coding intensity scores; (3) selecting contracts with high rates of unsupported diagnoses in prior contract-level RADV audits; (4) if a contract with a high rate of unsupported diagnoses is no longer in operation, selecting a contract under the same MA organization that includes the service area of the prior contract; and (5) selecting some contracts with high enrollment that also have either high rates of unsupported diagnoses in prior contract-level RADV audits or high coding intensity scores.

    Agency: Department of Health and Human Services: Centers for Medicare and Medicaid Services
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: As CMS continues to implement and refine the contract-level RADV audit process to improve the efficiency and effectiveness of reducing and recovering improper payments. The Administrator should enhance the timeliness of CMS's contract-level RADV process by taking actions such as the following: (1) closely aligning the time frames in CMS's contract-level RADV audits with those of the national RADV audits the agency uses to estimate the MA improper payment rate; (2) reducing the time between notifying MA organizations of contract audit selection and notifying them about the beneficiaries and diagnoses that will be audited; (3) improving the reliability and performance of the agency's process for transferring medical records from MA organizations, including assessing the feasibility of updating Electronic Submission of Medical Documentation for use in transferring medical records in contract-level RADV audits; and (4) requiring that CMS contract-level RADV auditors complete their medical record reviews within a specific number of days comparable to other medical record review time frames in the Medicare program.

    Agency: Department of Health and Human Services: Centers for Medicare and Medicaid Services
    Status: Open
    Priority recommendation

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: As CMS continues to implement and refine the contract-level RADV audit process to improve the efficiency and effectiveness of reducing and recovering improper payments. The Administrator should improve the timeliness of CMS's contract-level RADV appeal process by requiring that reconsideration decisions be rendered within a specified number of days comparable to other medical record review and first-level appeal time frames in the Medicare program.

    Agency: Department of Health and Human Services: Centers for Medicare and Medicaid Services
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: As CMS continues to implement and refine the contract-level RADV audit process to improve the efficiency and effectiveness of reducing and recovering improper payments. The Administrator should ensure that CMS develops specific plans and a timetable for incorporating a RAC in the MA program as mandated by the Patient Protection and Affordable Care Act.

    Agency: Department of Health and Human Services: Centers for Medicare and Medicaid Services
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Director: David A. Powner
    Phone: (202) 512-9286

    6 open recommendations
    Recommendation: To ensure that agencies are provided with more complete guidance for contracts for cloud computing services, the Director of OMB should include all ten key practices in future guidance to agencies.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: We are following up with OMB on its service level agreement (SLA) guidance to agencies.
    Recommendation: To help ensure continued progress in the implementation of effective cloud computing SLAs, the Secretary of Defense should direct the appropriate officials to ensure key practices are fully incorporated for cloud services as the contracts and associated SLAs expire. These efforts should include updating the Department of Defense memorandum on acquiring cloud services and current Defense Acquisition Regulations System to more completely include the key practices.

    Agency: Department of Defense
    Status: Open

    Comments: We are following up with DOD on updating their service level agreement (SLA) guidance.
    Recommendation: To help ensure continued progress in the implementation of effective cloud computing SLAs, the Secretaries of Health and Human Services, Homeland Security, Treasury, and Veterans Affairs should direct appropriate officials to develop SLA guidance and ensure key practices are fully incorporated as the contract and associated SLAs expire.

    Agency: Department of Homeland Security
    Status: Open

    Comments: We are following up with DHS on the finalization of its service level agreement (SLA) guidance.
    Recommendation: To help ensure continued progress in the implementation of effective cloud computing SLAs, the Secretaries of Health and Human Services, Homeland Security, Treasury, and Veterans Affairs should direct appropriate officials to develop SLA guidance and ensure key practices are fully incorporated as the contract and associated SLAs expire.

    Agency: Department of Health and Human Services
    Status: Open

    Comments: We are following up with HHS on their service level agreement (SLA) guidance.
    Recommendation: To help ensure continued progress in the implementation of effective cloud computing SLAs, the Secretaries of Health and Human Services, Homeland Security, Treasury, and Veterans Affairs should direct appropriate officials to develop SLA guidance and ensure key practices are fully incorporated as the contract and associated SLAs expire.

    Agency: Department of the Treasury
    Status: Open

    Comments: We are following up with Treasury on their service level agreement (SLA) guidance.
    Recommendation: To help ensure continued progress in the implementation of effective cloud computing SLAs, the Secretaries of Health and Human Services, Homeland Security, Treasury, and Veterans Affairs should direct appropriate officials to develop SLA guidance and ensure key practices are fully incorporated as the contract and associated SLAs expire.

    Agency: Department of Veterans Affairs
    Status: Open

    Comments: We are following up with VA on their service level agreement (SLA) guidance.
    Director: Dave Wise
    Phone: (202) 512-2834

    2 open recommendations
    including 1 priority recommendation
    Recommendation: To improve the quality and transparency of data entered into FRPP as GSA transitions the database to a platform that would enable greater government-wide use, the Administrator of GSA, in consultation with OMB and federal agencies, should (1) assess the reliability of FRPP data by determining how individual agencies collect and report FRPP data for each FRPP field, including any supplemental guidance used by agencies to comply with government-wide FRPP data definitions as part of the annual certification of FRPP data; (2) analyze the differences in collecting and reporting practices used by these agencies; and (3) identify and make available to FRPP users the limitations of using FRPP data, in the context of how the data are intended to be used in real property decision making and to measure real property performance across agencies and update federal guidance to address limitations, as needed.

    Agency: General Services Administration
    Status: Open
    Priority recommendation

    Comments: GSA partially agreed with the recommendation noting that it has limited resources to fully analyze and map the data relative to FRPP data definitions, and that it is the responsibility of individual agencies to ensure reliability of the data and compliance with FRPP definitions. As of October 2016, GSA has taken some action to implement this recommendation. GSA told us it has made progress by conducting an in-depth survey in June 2106 focusing on several data elements including: replacement value, status, owned and otherwise management operating costs, repair needs, utilization, and lease costs. The survey asked agencies questions regarding the processes/resources used to source and compile these data elements from agency IT systems as well as internal agency guidance. GSA received responses from 24 agencies and stated it plans to complete its initial analysis of the survey in the fall of 2016 and indicate limitations of these data elements. GSA plans to conduct a series of working group meetings with agencies to conduct an in depth review of the survey results and to develop a set of recommendations for the Federal Real Property Council. GSA said these recommendations may include, but are not limited to, altering data dictionary definitions, sharing best or common practices for reporting these data elements, and sharing the limitations on the use of these data elements. Based on the working group outcomes and input from the Federal Real Property Council and OMB, GSA plans to produce a white paper on these topics by the latter part of 2017.
    Recommendation: To enhance the usefulness of the National Strategy for managing federal real property government-wide, the Director of OMB should expand the National Strategy to further address long-standing real property management challenges by: (1) expanding the scope to include maintenance and repair needs; (2) articulating planned actions and identifying alternative approaches, including alternative-funding mechanisms, to address underlying causes of the real property problems; (3) ensuring that performance measures at the agency level inform the overall progress of the National Strategy; and (4) determining the government-wide costs, benefits, and risks by leveraging agencies' long-term capital plans and identifying approaches to optimally manage that risk.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: When we confirm the actions that OMB has taken in response to this recommendation, we will provide updated information.
    Director: Lori Rectanus
    Phone: (202) 512-2834

    3 open recommendations
    Recommendation: To help FPS enhance its strategic human capital planning efforts, the Secretary of Homeland Security should direct the Under Secretary of NPPD to work with the Director of FPS to identify time frames for developing human capital performance measures with targets that are explicitly aligned to FPS's stated human capital goals.

    Agency: Department of Homeland Security
    Status: Open

    Comments: FPS stated that NPPD is working with FPS to develop a recruitment and retention strategy that will include performance measures. This strategy will be complete by December 31, 2016. However, NPPD and FPS have not yet identified timeframes for developing performance measures for other human capital areas identified in FPS's human capital plan, such as leadership and knowledge management and building a results-oriented performance culture. Furthermore, because the recruitment and retention strategy is still under development, it is unclear whether the performance measures will have targets that are explicitly aligned to FPS's stated human capital goals. FPS plans to finalize all actions associated with this recommendation by March 2017.
    Recommendation: To help FPS enhance its strategic human capital planning efforts, the Secretary of Homeland Security should direct the Under Secretary of NPPD to work with the Director of FPS to establish a plan and time frames for updating FPS's staffing model regularly and for unexpected changes in operating conditions.

    Agency: Department of Homeland Security
    Status: Open

    Comments: FPS stated that it has conducted a review and gap analysis of its existing staffing model to identify additional features it needs to incorporate into the model. FPS also began to develop a data collection plan that will, among other things, identify data needed and how FPS will validate the data. The results of the gap analysis and data collection plan will be used to establish a plan, with timeframes, for updating the staffing model regularly and when unexpected changes in operating conditions occur. FPS plans to finalize all actions associated with this recommendation by March 2017.
    Recommendation: To help FPS enhance its strategic human capital planning efforts, the Secretary of Homeland Security should direct the Under Secretary of NPPD to work with the Director of FPS to develop and document guidance on the process FPS will use to ensure the quality of its staffing model data, such as guidance on how to collect data, validate assumptions, and perform sensitivity analyses to assess the assumptions.

    Agency: Department of Homeland Security
    Status: Open

    Comments: FPS is in the process of developing documentation that will govern the process it will use to collect data and ensure data quality. FPS plans to finalize all actions associated with this recommendation by March 2017.
    Director: Chris Currie
    Phone: (404) 679-1875

    5 open recommendations
    Recommendation: To enhance accountability for key risk-management activities and facilitate coordination with federal and industry stakeholders regarding electromagnetic risks, the Secretary of Homeland Security should designate roles and responsibilities within the department for addressing electromagnetic risks and communicate these to federal and industry partners.

    Agency: Department of Homeland Security
    Status: Open

    Comments: In a June 2016 update to our proposed recommendation, DHS reported that the Cyber, Infrastructure and Resilience (CIR) Policy Office within the DHS Office of Policy is working with DHS components to identify and articulate the roles of the National Protection and Programs Directorate, Federal Emergency Management Agency, Science and Technology Directorate, and others regarding to address electromagnetic risks. As part of this effort, CIR is to coordinate the development of a joint roles and responsibilities document to be communicated through existing partnership structures with internal and external entities.
    Recommendation: To more fully leverage critical infrastructure expertise and address responsibilities to identify critical electrical infrastructure assets as called for in the National Infrastructure Protection Plan, the Secretary of Homeland Security and the Secretary of Energy direct responsible officials to review FERC's electrical infrastructure analysis and collaborate to determine whether further assessment is needed to adequately identify critical electric infrastructure assets, potentially to include additional elements of criticality that might be considered.

    Agency: Department of Homeland Security
    Status: Open

    Comments: In a June 2016 update to our proposed recommendation, DHS reported that the National Protection and Programs Directorate (NPPD) will increase collaborative outreach activities with FERC staff that will include a review of identified critical substations developed by FERC. The intended outcome of this review is to inform DHS activities regarding identification and prioritization of critical infrastructure assets for use during steady state and response activities. NPPD is also to inform FERC of its criticality modeling capabilities through the National Infrastructure Simulation and Analysis Center (NISAC) to enhance engagement with FERC's electric power subject matter expertise and inform future capability developments regarding response to and recovery from events such as electromagnetic pulse.
    Recommendation: To more fully leverage critical infrastructure expertise and address responsibilities to identify critical electrical infrastructure assets as called for in the National Infrastructure Protection Plan, the Secretary of Homeland Security and the Secretary of Energy direct responsible officials to review FERC's electrical infrastructure analysis and collaborate to determine whether further assessment is needed to adequately identify critical electric infrastructure assets, potentially to include additional elements of criticality that might be considered.

    Agency: Department of Energy
    Status: Open

    Comments: In June 2016, DOE provided an update (60-day letter) reiterating their intent to continue with actions identified previously to address the GAO recommendation, namely that the Office of Electricity Delivery and Energy Reliability was to review the Federal Energy Regulatory Commission's electrical infrastructure analysis, and subsequently engage with FERC and DHS to identify if any additional elements of criticality should be considered.
    Recommendation: To enhance federal efforts to assess electromagnetic risks and help determine protection priorities, the Secretary of Homeland Security should direct the Under Secretary for National Protection and Programs Directorate and the Assistant Secretary for the IP to work with other federal and industry partners to collect and analyze key inputs on threat, vulnerability, and consequence related to electromagnetic risks--potentially to include collecting additional information from DOD sources and leveraging existing assessment programs such as the Infrastructure Survey Tool, Regional Resiliency Assessment Program, and DCIP.

    Agency: Department of Homeland Security
    Status: Open

    Comments: In a June 2016 update, DHS reported that the department had completed the planned refresh of the Strategic National Risk Assessment, which was intended to incorporate potential impacts to the power system from electromagnetic events. In addition, DHS reported that the Electricity Sub-sector Coordinating Council created an Electromagnetic pulse (EMP) task force, which met in April 2016 and is currently working to develop a joint industry and government approach to address EMP. It was further noted that DHS and DOE initiated a joint study on the effects of EMP on the electric power sector - led by Los Alamos National Laboratory and the National Infrastructure Simulation and Analysis Center (NISAC) - to analyze the hazard environments, impacts, and consequences of EMP and GMD on U.S. electric power infrastructure. In addition, DHS noted their support of a new effort by the Electric Power Research Institute and 39 industry partners to further study EMP vulnerabilities.
    Recommendation: To facilitate federal and industry efforts to coordinate risk-management activities to address an EMP attack, the Secretary of Homeland Security and the Secretary of Energy should direct responsible officials to engage with federal partners and industry stakeholders to identify and implement key EMP research and development priorities, including opportunities for further testing and evaluation of potential EMP protection and mitigation options.

    Agency: Department of Energy
    Status: Open

    Comments: On March 9, 2016 DOE provided agency comments on GAO-16-243 concurring with the recommendation and identifying related actions. Specifically, DOE reported collaboration with the Electric Power Research Institute to develop a joint DOE/Industry EMP Strategy to include key goals and objectives and identification of R&D priorities. The Strategy is expected to be completed by August 31, 2016 to be followed by more detailed action plans. DOE reported that they will collaborate with DHS and DOD in development of the Strategy and action plans. DOE further noted that a report by the Idaho National Laboratory report also identifies potential technology gaps and includes recommendations for further R&D efforts, which will be incorporated when developing the forthcoming action plans.
    Director: Seto Bagdoyan
    Phone: (202) 512-6722

    2 open recommendations
    Recommendation: The Administrator of SBA should direct the Associate Administrator of Business Development to document its planned method for tracking revenue generated under subsidiaries' primary and secondary lines of business, with milestones and timelines for when and how the method will be implemented.

    Agency: Small Business Administration
    Status: Open

    Comments: GAO is reviewing documentation that SBA provided regarding actions that it has taken to address this recommendation and is currently determining whether these actions fully address the recommendation.
    Recommendation: The Administrator of SBA should direct the Associate Administrator of Business Development to provide the appropriate level of access to and sharing of relevant subsidiary data across district offices, including primary and secondary North American Industry Classification System codes and revenue data, once SBA develops a database with the capabilities of collecting and tracking this revenue data as we recommended in 2012.

    Agency: Small Business Administration
    Status: Open

    Comments: GAO is reviewing documentation that SBA provided regarding actions that it has taken to address this recommendation and is currently determining whether these actions fully address the recommendation.
    Director: Mark Goldstein
    Phone: (202) 512-2834

    1 open recommendations
    Recommendation: To further build on the efforts to improve emergency communications interoperability in the NCR, as part of its efforts to restructure the JFC, the Federal Emergency Management Agency Administrator should direct the Director of ONCRC to clearly articulate in a written agreement the roles and responsibilities of the participating agencies and specify how these agencies are to work together across agency boundaries.

    Agency: Department of Homeland Security: Directorate of Emergency Preparedness and Response: Federal Emergency Management Agency
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Director: Jacqueline M. Nowicki
    Phone: (202) 512-7215

    1 open recommendations
    including 1 priority recommendation
    Recommendation: Using its general authority to collaborate with other federal agencies, the Secretary of Education should convene its federal interagency partners to develop a strategic approach to interagency collaboration on school emergency preparedness. This group could include designees or delegates from the Secretaries of DHS, HHS, and the Attorney General, including representatives from relevant agency components, such as the Federal Emergency Management Agency, Transportation Security Administration, and the Federal Bureau of Investigation, and others as appropriate, and should incorporate leading federal interagency collaboration practices, for example, by: (1) identifying leadership, (2) defining outcomes and assigning accountability, (3) including all relevant participants, and (4) identifying necessary resources.

    Agency: Department of Education
    Status: Open
    Priority recommendation

    Comments: The Department of Education agrees that improved federal coordination will better assist K-12 schools in preparing for emergencies, and noted that other federal agencies, including especially FEMA, play a significant role in school emergency preparedness. Additionally, Education cited the importance of involving other relevant agencies in obtaining agreement on the assignment of roles and responsibilities, including selecting a lead agency charged with primary responsibility for coordinating federal emergency preparedness assistance to K-12 schools. In August 2016, Education convened a committee of Assistant Secretary-level representatives from relevant agencies, including DHS, FEMA, and TSA, among others, to develop a strategic approach to interagency collaboration on school emergency management efforts. Subsequently, in October 2016, it convened a task force consisting of program staff from the relevant agencies to draft a plan for organizational structure, goals, and objectives for the next five years, which it expects will be approved for implementation beginning in January 2017. We are encouraged by these actions and will monitor the group's progress towards developing a strategic approach to school emergency preparedness. Education stated that it expects to complete these efforts very soon. At that time, we will await documentation showing that it has finalized and implemented its strategic approach for interagency collaboration around school emergency management.
    Director: John Neumann
    Phone: (202) 512-3841

    1 open recommendations
    Recommendation: To better ensure that the activities carried out under the ITM program do not duplicate the efforts of other federal loan guarantee programs, such as SBA's 7(a) program, the Secretary of Commerce should direct EDA to work with SBA and NIST to further identify any gaps in capital access that may be present that the program could fill, and then develop marketing materials and conduct outreach to help target those gaps.

    Agency: Department of Commerce
    Status: Open

    Comments: Partially addressed. As of November 2016 the Economic Development Administration (EDA) had begun taking action on GAO's February 2016 recommendation to work with SBA and NIST to identify gaps in capital access and develop marketing materials and conduct outreach based on any gaps identified for the Federal Loan Guarantees for Innovative Technologies in Manufacturing program (ITM). Due to delays in establishing the program, however, these efforts are still in progress. According to EDA officials, as of November 28, 2016 EDA contractors working on the ITM program had held a preliminary discussion with SBA to discuss program marketing, outreach and potential gaps in capital access that the ITM program may be able to fill, among other topics, but had not yet initiated additional coordination with NIST. We continue to believe that coordination with SBA and NIST to identify gaps in capital access, and then marketing the program to target those gaps could help EDA ensure that ITM program activities do not duplicate the efforts of other federal loan guarantee programs.
    Director: Mihm, J Christopher
    Phone: (202) 512-3236

    1 open recommendations
    including 1 priority recommendation
    Recommendation: To help ensure that agencies report consistent and comparable data on federal spending, the Director of OMB, in collaboration with the Secretary of the Treasury, should provide agencies with additional guidance to address potential clarity, consistency, or quality issues with the definitions for specific data elements including Award Description and Primary Place of Performance and that they clearly document and communicate these actions to agencies providing this data as well as to end-users.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open
    Priority recommendation

    Comments: In May 2016, OMB issued guidance for DATA Act Implementation entitled, Implementing Data-Centric Approach for Reporting Federal Spending Information (Management Procedures Memorandum No. 2016-03). This memorandum provided guidance on new federal prime award reporting requirements, agency assurances, and authoritative sources for reporting. In August 2016, OMB released additional draft guidance describing how agencies should report financial information involving intragovernmental transfers and personally identifiable information, as well as how agency Senior Accountable Officials should provide quality assurances for submitted data. Despite these positive steps, we continue to have concerns about the need for additional guidance to facilitate agency implementation of certain data definitions (such as "primary place of performance" and "award description") in order to produce consistent and comparable information, and whether the guidance provides sufficient detail in areas such as the process for providing assurance on data submissions.
    Director: Brian J. Lepore
    Phone: (202) 512-4523

    1 open recommendations
    Recommendation: Recognizing that DOD has recently revised its disposition guidance, the Secretary of Defense should direct the Director, DLA, to further reassess DOD's disposal process to determine whether additional changes are needed in the priority given to recipients within the process, including potential changes to the categories and quantities of property that special programs may obtain, and revise its guidance reflecting those priorities accordingly to better enable DOD to fulfill the disposal program's objectives.

    Agency: Department of Defense
    Status: Open

    Comments: In September 2017, DOD officials stated that the department has been coordinating with the National Association of State Agencies for Surplus Property (NASASP) to identify classes of non-controlled property that state and local law enforcement agencies would no longer be able to obtain during the reutilization (first) stage of the disposal process. The Defense Logistics Agency is reviewing NASASP's proposed list of property items, and DOD officials said that the department planned to issue a policy memorandum that would specify which items would be removed from those that law enforcement agencies could obtain during the reutilization stage. Because DOD has not yet completed its review or issued updated guidance, this recommendation remains open.
    Director: Gregory C. Wilshusen
    Phone: (202) 512-6244

    9 open recommendations
    Recommendation: The Secretary of Homeland Security should direct Network Security Deployment (NSD) to determine the feasibility of enhancing NCPS's current intrusion detection approach to include functionality that would detect deviations from normal network behavior baselines.

    Agency: Department of Homeland Security
    Status: Open

    Comments: April 2017 Update: In Feb. 2017, DHS officials stated that they have continued pilot activities that will enable DHS to identify suspicious network activity based on anomalous behavior and reputation and have collected lessons learned that are being tracked by the NCPS Program Management Office. Officials added that DHS had identified a contractor to support the transition of the pilot, including drafting an implementation plan; however, it had yet to award a contract due to lack of resources. As such, the agency did not have an estimated date on the completion of a draft plan for how the transition would be implemented. We requested that DHS provide a copy of the draft implementation plan for our review, when it became available. We will continue to monitor DHS's progress in addressing this recommendation.
    Recommendation: The Secretary of Homeland Security should direct NSD to determine the feasibility of developing enhancements to current intrusion detection capabilities to facilitate the scanning of traffic not currently scanned by NCPS.

    Agency: Department of Homeland Security
    Status: Open

    Comments: April 2017 update: In Feb. 2017, DHS officials stated that the NCPS Program Management Office is working with participating Internet Service Providers (ISP) to develop plans to support IPv6 for Traffic Aggregation, DNS redirection, and SMTP quarantining capabilities. Officials stated that an implementation plan that would include all ISP schedules for all planned intrusion prevention services would be available in the third quarter of fiscal year 2017. Additionally, regarding encrypted traffic, officials stated that it is conducting an analysis of Security on Encrypted Traffic (SonET) to better understand options for addressing the challenges, viability of options, and how the issue is being addressed at a broader industry level. The study is scheduled to continue through the fourth quarter of fiscal year 2017. We asked DHS to provide the ISP implementation plans (when finalized) and any findings from the ongoing SCADA and Encrypted traffic studies. We will continue to monitor DHS's progress in addressing this recommendation.
    Recommendation: The Secretary of Homeland Security should direct United States Computer Emergency Readiness Team (US-CERT) to update the tool it uses to manage and deploy intrusion detection signatures to include the ability to more clearly link signatures to publicly available, open-source data repositories.

    Agency: Department of Homeland Security
    Status: Open

    Comments: April 2017 update: In Feb. 2017, DHS stated that the NCPS PMO is working with participating Internet Service Providers (ISP) to develop plans to support IPv6 for Traffic Aggregation, DNS redirection, and SMTP quarantining capabilities. Officials stated that an implementation plan that would include all ISP schedules for all planned intrusion prevention services would be available in the third quarter of fiscal year 17. Additionally, officials stated that NSD is conducting an analysis on Security on Encrypted Traffic (SonET) to better understand options for addressing the challenges, viability of options, how the issue is being addressed at a broader industry level. The study will continue through the fourth quarter of fiscal year 2017. We asked DHS to provide the ISP implementation plans (when finalized) and any output/results (findings) from the ongoing studies DHS has related to SCADA and Encrypted traffic. We will continue to monitor DHS's progress in addressing this recommendation.
    Recommendation: The Secretary of Homeland Security should direct US-CERT to consider the viability of using vulnerability information, such as data from the Continuous Diagnostics and Mitigation program as it becomes available, as an input into the development and management of intrusion detection signatures.

    Agency: Department of Homeland Security
    Status: Open

    Comments: April 2017 update: In Feb. 2017, DHS officials stated that enhancements were made so that Continuous Diagnostics and Mitigation program (CDM) data can be viewed with the Cyber Indicators Analysis Program (CIAP). Officials stated that the CDM data now may be combined with known vulnerability findings from NCATS and known threats collected from the CIAP system to further prioritize signature development as necessary. We have requested a meeting with DHS to observe the described enhancements. We believe that we will be able to close this recommendation, once we observe the claimed enhancements.
    Recommendation: The Secretary of Homeland Security should direct US-CERT to develop a timetable for finalizing the incident notification process, to ensure that customer agencies are being sent notifications of potential incidents, which clearly solicit feedback on the usefulness and timeliness of the notification.

    Agency: Department of Homeland Security
    Status: Open

    Comments: April 2017 Update: In Feb. 2017, DHS stated that US-CERT is in the process of developing a targeted survey of EINSTEIN customers (based off of a prior survey). Additionally, US-CERT has updated the Incident Reporting Guidelines to address previously mentioned process concerns. We have requested a copy of these guidelines and will review the modifications made within. Additionally, DHS stated that modifications to the Remedy ticketing system are underway that would allow for the inclusion of user feedback. These changes are anticipated to be implemented by October 2017. We likely would not be able to close this recommendation until we could review the results of the modifications.
    Recommendation: The Secretary of Homeland Security should direct the Office of Cybersecurity and Communications to develop metrics that clearly measure the effectiveness of NCPS's efforts, including the quality, efficiency, and accuracy of supporting actions related to detecting and preventing intrusions, providing analytic services, and sharing cyber-related information.

    Agency: Department of Homeland Security
    Status: Open

    Comments: April 2017 update: In Feb. 2017, DHS officials stated that the Office of Cyber Security and Communications (CS&C) had developed, refined, and were baselining a first set of measures that relate to the Einstein 3A program. Further, they are considering adding one of these measures as an addition to the measures tracked in support of the yearly Government Performance and Results Act (GPRA) required reporting in FY 2018. Additionally, DHS officials stated they are developing information sharing related measures, including exploring how its public and private sector recipients of information measure the value cyber threat indicators and defensive measures. In March 2017, we requested a copy of the developed measures, when they became available. This recommendation will remain open until we are able to review the developed metrics and the subsequent data they are to measure.
    Recommendation: The Secretary of Homeland Security should direct the Office of Cybersecurity and Communications to develop clearly defined requirements for detecting threats on agency internal networks and at cloud service providers to help better ensure effective support of information security activities.

    Agency: Department of Homeland Security
    Status: Open

    Comments: April 2017 update: In Feb. 2017, DHS provided memos that gave an overview of the planned enhancements to the Continuous Diagnostics and Mitigation (CDM) program that included references to cloud providers. However, DHS did not provide any specific requirements for us to review. We have requested a follow-up meeting to review the specific requirements developed in support of the planned enhancements described in the provided memos. We will not be able to close this recommendation until we can review the developed requirements and determine that cloud providers are appropriately covered.
    Recommendation: The Secretary of Homeland Security should direct NSD to develop processes and procedures for using vulnerability information, such as data from the Continuous Diagnostics and Mitigation program as it becomes available, to help ensure DHS is using a risk-based approach for the selection/development of future NCPS intrusion prevention capabilities.

    Agency: Department of Homeland Security
    Status: Open

    Comments: April 2017 update: In Feb. 2017, DHS stated that the NCPS Program Management Office has made enhancements to the Continuous Diagnostics and Mitigation (CDM) dashboard, but had yet to fully develop the CDM/NCPS data correlation. In March 2017, we asked for update on the status of data correlation, once available. In order to close this recommendation, we would need to review this model and determine how, if at all, the vulnerability information was used as part of a risk-based approach to intrusion prevention.
    Recommendation: The Secretary of Homeland Security should direct NSD to work with their customer agencies and the Internet service providers to document secure routing requirements in order to better ensure the complete, safe, and effective routing of information to NCPS sensors.

    Agency: Department of Homeland Security
    Status: Open

    Comments: April 2017 update: In Feb. 2017, DHS officials stated that the agency worked with the Office of Management and Budget to develop a draft Trusted Internet Connections Reference Architecture. This architecture is to serve as the new guidance for agencies on perimeter security capabilities as well as alternative routing strategies. In March 2017, we requested a copy of the guidance to review the alternative routing guidance. This recommendation will remain open until we have been able to review the information above.
    Director: Anne-Marie Fennell
    Phone: (202) 512-3841

    5 open recommendations
    Recommendation: To ensure effective oversight, strengthen internal controls, and address challenges associated with the hardrock mine plan review process, the Secretary of Agriculture should direct the Chief of the Forest Service to take actions to improve the quality of mine plan submissions by, for example, developing guidance for mine operators and agency field officials that instructs them to hold pre-plan submittal meetings whenever possible.

    Agency: Department of Agriculture
    Status: Open

    Comments: According to a letter received from the agency in May 2016, the Department of Agriculture will provide training opportunities at all Forest Service levels in the proper administration and approval of mining plans and hold pre-planning meetings when possible. In addition, the Forest Service will promulgate regulations by October 1, 2017, to incorporate a pre-plan submittal meeting requirement in the revision of the Forest Service regulations at 36 CFR 228 Subpart A, Locatable Minerals.
    Recommendation: To ensure effective oversight, strengthen internal controls, and address challenges associated with the hardrock mine plan review process, the Secretary of Agriculture should direct the Chief of the Forest Service to issue a rule that establishes a fee structure for hardrock mine plan processing activities and request the authority from the Congress to retain any fees it collects.

    Agency: Department of Agriculture
    Status: Open

    Comments: According to a letter received from the agency in May 2016, the Forest Service will review and evaluate all existing authorities that may allow the agency to promulgate a rule to collect and retain fees for hardrock mine plan processing activities. If authorities exist, the Forest Service will promulgate a rule by October 1, 2018. The letter also stated that the Forest Service has contacted the Office of General Counsel to aid in their review and will begin the process for requesting the authority from Congress for collecting and retaining hardrock mine plan processing fees.
    Recommendation: To ensure effective oversight, strengthen internal controls, and address challenges associated with the hardrock mine plan review process, Secretary of the Interior should direct the Director of BLM to take actions to improve the quality of mine plan submissions by, for example, developing guidance for mine operators and agency field officials that instructs them to hold pre-plan submittal meetings whenever possible.

    Agency: Department of the Interior
    Status: Open

    Comments: According to a letter received from the agency in April 2016, BLM agrees that pre-plan submittal meetings are worthwhile and may help prevent delays in the permitting process. The letter also stated that BLM will issue policy guidance for BLM employees regarding participation in pre-plan submittal meetings when possible and when desired by the operator. BLM will include general guidelines and will encourage each state office to create state-specific guidelines that will better meet the needs of the mining industry in each state. According to agency officials in February 2017, BLM has completed a draft of the pre-plan submittal meeting guidelines and expect to issue the final version by March 31, 2017.
    Recommendation: To ensure effective oversight, strengthen internal controls, and address challenges associated with the hardrock mine plan review process, Secretary of the Interior should direct the Director of BLM to issue a rule that assesses fees associated with reviewing hardrock mine plans that involve conducting environmental assessments.

    Agency: Department of the Interior
    Status: Open

    Comments: According to a letter received from the agency in April 2016, BLM expressed concern about whether promulgating a rule to assess cost recovery fees for environmental assessment would result in faster permitting times and noted that such an undertaking may be challenging to complete given resource limitation as a result of other high priority rulemaking efforts currently underway by BLM. In the preamble of BLM's 2005 cost recovery rule, BLM indicated that it would consider issuing a separate rule to recover costs associated with reviewing mine plans that require an environmental assessment. BLM proposes to fulfill the intent of the preamble by conducting an internal analysis to determine whether requiring cost recovery would result in reduced permitting times. BLM will report its findings and address other options for increasing staff resources. According to agency officials in February 2017, BLM expects to complete its internal analysis and report its findings by September 30, 2017.
    Recommendation: To ensure effective oversight, strengthen internal controls, and address challenges associated with the hardrock mine plan review process, Secretary of the Interior should direct the Director of BLM to create new codes in its Legacy Rehost 2000 database distinguishing between different types of mine plans to help track the length of time to complete the mine plan review process.

    Agency: Department of the Interior
    Status: Open

    Comments: According to a letter received from the agency in April 2016, BLM will develop new LR2000 codes to differentiate between different types of operations. According to agency officials in February 2017, BLM expects to revise the LR2000 codes by June 30, 2017.
    Director: John Neumann
    Phone: (202) 512-3841

    2 open recommendations
    Recommendation: The Secretaries of Energy, Defense, and Health and Human Services should develop detailed guidance to ensure that ORISE program coordinators, mentors, and research participants are fully informed of the prohibition on nonfederal employees performing inherently governmental functions.

    Agency: Department of Defense
    Status: Open

    Comments: In 2017 DOD developed a terms of agreement to be signed by each mentor and research participant, in which they acknowledge that they fully understand the restrictions on performing inherently governmental functions. However, DOD intended the terms of agreement to be used by a subset of the ORISE research participants at DOD (those participating in the Science and Technology Policy Fellowships program). To fully address this recommendation, DOD needs to take similar action for ORISE research participants not participating in this program.
    Recommendation: The Secretaries of Energy, Defense, and Health and Human Services should develop detailed guidance to ensure that ORISE program coordinators, mentors, and research participants are fully informed of the prohibition on nonfederal employees performing inherently governmental functions.

    Agency: Department of Health and Human Services
    Status: Open

    Comments: HHS had not provided information as of July 2017 on steps it has taken to address the recommendation.
    Director: Lori Rectanus
    Phone: (202) 512-2834

    7 open recommendations
    Recommendation: To help improve the accuracy of Drive-thru data to allow agencies to better manage their leased-vehicle fleet data, the Administrator of GSA should evaluate the 9,999-mile/month electronic safeguard for Drive-thru odometer readings to determine if a lower threshold could improve the accuracy of customer data and adjust this safeguard accordingly.

    Agency: General Services Administration
    Status: Open

    Comments: In January 2017, GSA reported that it had examined the reported monthly miles for all GSA Fleet leased vehicles for fiscal years 2015 and 2016. Analysis showed that there are a number of vehicles that consistently report mileage between 5,000-9,999 miles per month and that changing the threshold to 7,999 would require an average of 226 customers per month to override the electronic safeguard. GSA will not change the safeguard but will add a warning message when the monthly mileage exceeds 4,999 per month and is more than 3 times the vehicle's monthly average.
    Recommendation: To provide better assurance that Fleet Service Representatives (FSR) are having conversations with leasing customers about utilization in accordance with GSA expectations, the Administrator of GSA should develop a mechanism to help ensure that these conversations occur.

    Agency: General Services Administration
    Status: Open

    Comments: In January 2017, GSA stated that it had reviewed the Customer Visit Checklist which FSRs use, and had codified a checklist to be used for all visits between FSRs and GSA Fleet customers. GSA provided GAO with a copy of the revised checklist. The new checklist includes a requirement to discuss vehicle utililization and the need to "right-size" a vehicle fleet.
    Recommendation: To help strengthen the leased-vehicle justification processes across federal agencies, the Administrator of GSA should examine the Federal Property Management Regulations to determine if these regulations should be amended to require that vehicle justifications are clearly documented and readily available, and adjust them accordingly.

    Agency: General Services Administration
    Status: Open

    Comments: In March 2017, GSA reported that it had reviewed the Federal Property Management Regulations and determined that the section that relates to vehicle utilization (101-39.301) needs to be rewritten. GSA will draft a rewritten section of the FPMR. The draft will then undergo further a public review and comment period.
    Recommendation: To improve the justification process, the Secretary of the Department of Defense should direct the Secretary of the Air Force to modify the current process to ensure that each leased vehicle in the agency's fleet meets the agency's utilization criteria or has readily available justification documentation.

    Agency: Department of Defense
    Status: Open

    Comments: In March 2017, DOD provided GAO with a copy of a DOD memo that requires vehicles to meet utilization criteria or to have justifications electronic format or in hard copy with other vehicle information.
    Recommendation: To improve their justification process, the Secretary of the Department of Veterans Affairs should direct the Under Secretary for Health to modify the current process to ensure that each leased vehicle in the agency's fleet meets the agency's utilization criteria or has readily available justification documentation.

    Agency: Department of Veterans Affairs
    Status: Open

    Comments: As of March 2017, VA stated that they were still working to address these recommendations.
    Recommendation: To facilitate the elimination of unnecessary vehicles, the Secretary of the Department of the Interior should direct the NPS Director to take corrective action to address each leased vehicle that has not met the agency's utilization criteria or passed the justification process. This corrective action could include (1) reassigning vehicles within the agency to ensure they are utilized or (2) returning vehicles to GSA.

    Agency: Department of the Interior
    Status: Open

    Comments: In June 2016, DOI provided documentation of steps it has taken to ensure vehicles have utilization or justification documentation as well as documentation of corrective action taken to address vehicles that have not passed these processes.
    Recommendation: To facilitate the elimination of unnecessary vehicles, the Secretary of the Department of Veterans Affairs should direct the Under Secretary for Health to take corrective action to address each leased vehicle that has not met the agency's utilization criteria or passed the justification process. This corrective action could include (1) reassigning vehicles within the agency to ensure they are utilized or (2) returning vehicles to GSA.

    Agency: Department of Veterans Affairs
    Status: Open

    Comments: As of March 2017, VA was in the process of working with GSA to ensure that VA's new fleet management system could produce reports on utilization. VA is also in the process of amending its current fleet policy to reflect utilization criteria.
    Director: Robert Goldenkoff
    Phone: (202) 512-2757

    3 open recommendations
    Recommendation: To better ensure agencies fulfill their requirements, including implementing IQA guidelines and helping to promote easier public access to IQA information on agency websites, the Director of OMB should consolidate and centralize on OMB's IQA guidance website a government-wide summary of requests for correction submitted under the IQA.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: Spoke with OMB Contact on 1/30/17. She agreed to provide an update on OMB's actions in response to this recommendation in the near future.
    Recommendation: To better ensure agencies fulfill their requirements, including implementing IQA guidelines and helping to promote easier public access to IQA information on agency websites, the Director of OMB should work with the Department of Defense and the Federal Housing Finance Agency to help ensure that they post their IQA administrative mechanisms and IQA guidance online.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: Spoke with OMB Contact on 1/30/17. She agreed to provide an update on OMB's actions in response to this recommendation in the near future.
    Recommendation: To better ensure agencies fulfill their requirements, including implementing IQA guidelines and helping to promote easier public access to IQA information on agency websites, the Director of OMB should provide additional guidance for agencies to help improve the transparency and usability of their IQA websites to help ensure the public can easily find and access online information about agency IQA implementation. Such guidance should include (1) specific time frames for agencies to post information on the IQA correction requests they have received, including making it clear when agencies have not received IQA requests; (2) instructions for agencies to include a statement on their IQA websites that the agencies may address correction requests through other administrative processes; (3) instructions for agencies to include, when responding to correction requests, whether those agencies plan to address the request through another administrative processes, and if so, which process they will use; and (4) suggestions for improving usability of agencies' websites including fixing broken links.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: Spoke with OMB Contact on 1/30/17. She agreed to provide an update on OMB's actions in response to this recommendation in the near future.
    Director: Gregory C. Wilshusen
    Phone: (202) 512-6244

    1 open recommendations
    Recommendation: To better facilitate adoption of the NIST Framework for Improving Critical Infrastructure Cybersecurity, the Secretary of Homeland Security should direct officials responsible for the Critical Infrastructure Cyber Community Voluntary Program to develop metrics for measuring the effectiveness of efforts to promote and support the framework.

    Agency: Department of Homeland Security
    Status: Open

    Comments: In December 2016, DHS officials stated that they will continue to work with sector-specific agency partners and NIST to determine how to develop measurement activities and collect information on C3VP outreach and its effectiveness in promoting and supporting the Cybersecurity Framework. We will continue to monitor their efforts and verify whether implementation of metrics has occurred.
    Director: Gerald Dillingham, Ph.D
    Phone: (202) 512-2834

    1 open recommendations
    Recommendation: To help improve the U.S. aviation sector's preparedness for future communicable disease threats from abroad, the Secretary of Transportation should work with relevant stakeholders, such as the Department of Health and Human Services, to develop a national aviation-preparedness plan for communicable disease outbreaks. Such a plan could establish a mechanism for coordination between the aviation and public health sectors and provides clear and transparent planning assumptions for a variety of types and levels of communicable disease threats.

    Agency: Department of Transportation
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Director: Lori Rectanus
    Phone: (202) 512-2834

    8 open recommendations
    Recommendation: Given the collaboration challenges that FPS and GSA face in protecting federal facilities, GAO is making four recommendations to the Secretary of Homeland Security and the Administrator of the General Services Administration. FPS and GSA headquarters officials should establish a plan with timeframes for reaching agreement on a joint strategy and finalizing it in order to define and articulate a common understanding of expected outcomes and align the two agencies' activities and core processes to achieve their related missions.

    Agency: Department of Homeland Security
    Status: Open

    Comments: As of September 2017, FPS reported that it will begin the process for completing a joint strategy for federal security once its memorandum of agreement with the General Services Administration is updated and signed.
    Recommendation: Given the collaboration challenges that FPS and GSA face in protecting federal facilities, GAO is making four recommendations to the Secretary of Homeland Security and the Administrator of the General Services Administration. FPS and GSA headquarters officials should establish a plan with timeframes for reaching agreement on a joint strategy and finalizing it in order to define and articulate a common understanding of expected outcomes and align the two agencies' activities and core processes to achieve their related missions.

    Agency: General Services Administration
    Status: Open

    Comments: As of September 2017, GSA reported that until FPS works with GSA specifically on the joint strategy, no final document will be released.
    Recommendation: Given the collaboration challenges that FPS and GSA face in protecting federal facilities, GAO is making four recommendations to the Secretary of Homeland Security and the Administrator of the General Services Administration. FPS and GSA headquarters officials should establish a plan with timeframes for reaching agreement on the two agencies' respective roles and responsibilities for federal facility security, and update and finalize the two agencies' MOA accordingly.

    Agency: Department of Homeland Security
    Status: Open

    Comments: As of September 2017, FPS reported that it is working internally to prepare the memorandum of agreement for review and signature by the FPS Director, pending no additional changes are required to the document.
    Recommendation: Given the collaboration challenges that FPS and GSA face in protecting federal facilities, GAO is making four recommendations to the Secretary of Homeland Security and the Administrator of the General Services Administration. FPS and GSA headquarters officials should establish a plan with timeframes for reaching agreement on the two agencies' respective roles and responsibilities for federal facility security, and update and finalize the two agencies' MOA accordingly.

    Agency: General Services Administration
    Status: Open

    Comments: As of September 2017, GSA reported sending a final MOA draft to FPS in December 2015 and stated that it hopes to have a signed MOA by both agencies when leadership is in place.
    Recommendation: Given the collaboration challenges that FPS and GSA face in protecting federal facilities, GAO is making four recommendations to the Secretary of Homeland Security and the Administrator of the General Services Administration. FPS and GSA headquarters officials should develop a process to ensure that compatible policies and procedures, including those for information sharing, are communicated at the regional level so that regional officials at both agencies have common information on how to operationalize the two agencies' collaborative efforts.

    Agency: Department of Homeland Security
    Status: Open

    Comments: As of September 2017, FPS reported that it will begin the process for the issuance of a joint field guidance for working with the General Services Administration (GSA) once its memorandum of agreement with GSA is updated and signed.
    Recommendation: Given the collaboration challenges that FPS and GSA face in protecting federal facilities, GAO is making four recommendations to the Secretary of Homeland Security and the Administrator of the General Services Administration. FPS and GSA headquarters officials should develop a process to ensure that compatible policies and procedures, including those for information sharing, are communicated at the regional level so that regional officials at both agencies have common information on how to operationalize the two agencies' collaborative efforts.

    Agency: General Services Administration
    Status: Open

    Comments: As of September 2017, GSA reported developing and releasing "GSA Order 1000.1 Document Security for Handling Facility Security Assessments" to ensure that when GSA receives a Facility Security Assessment from FPS, it will be handled in a consistent, appropriate manner.
    Recommendation: Given the collaboration challenges that FPS and GSA face in protecting federal facilities, GAO is making four recommendations to the Secretary of Homeland Security and the Administrator of the General Services Administration. FPS and GSA headquarters officials should develop mechanisms to monitor, evaluate, and report on their collaborative efforts to protect federal facilities in order to identify possible areas for improvement and to reinforce accountability.

    Agency: Department of Homeland Security
    Status: Open

    Comments: As of September 2017, FPS reported that it will begin the process for the appointment of an FPS-GSA Liaison once its memorandum of agreement with GSA is updated and signed.
    Recommendation: Given the collaboration challenges that FPS and GSA face in protecting federal facilities, GAO is making four recommendations to the Secretary of Homeland Security and the Administrator of the General Services Administration. FPS and GSA headquarters officials should develop mechanisms to monitor, evaluate, and report on their collaborative efforts to protect federal facilities in order to identify possible areas for improvement and to reinforce accountability.

    Agency: General Services Administration
    Status: Open

    Comments: As of September 2017, GSA reported that the updated MOA will cover this recommendation once signed.
    Director: Anne-Marie Fennell
    Phone: (202) 512-3841

    1 open recommendations
    Recommendation: To help improve its management of recreation fees, the Secretary of the Interior should direct the Director of the Park Service to revise its guidance on recreation fees so that the agency periodically reviews its entrance fees to determine whether the fees are reasonable.

    Agency: Department of the Interior
    Status: Open

    Comments: In its initial response to our published report, the Park Service stated that it plans to revise Reference Manual 22A: Recreation Fee Collection (RM22A). This revision will include a requirement to reevaluate the entrance fee pricing structure every 3 years. The Park Service last reviewed and updated the fee schedule in August 2014. As of November 2016, the Park Service told GAO that it was planning to review its fee schedule on a 3-year cycle, so the next review will be in 2017. The agency also reported that it was on track to update its guidance to reflect this new schedule, but has not yet completed this effort. We will continue to monitor agency progress in implementing this recommendation.
    Director: Melissa Emrey-Arras
    Phone: (617) 788-0534

    5 open recommendations
    Recommendation: In order to ensure complete, analyzable records regarding research grant award decisions are available for management and analysis, the Secretary of Defense should direct the Under Secretary of Defense for Acquisition, Technology and Logistics to lead the implementation of additional data collection efforts in coordination with DOD's grant-making components. These should include: (1) Retaining complete records of pre-proposal, proposal, and award data, including a record of proposal disposition, in linked electronic files to facilitate aggregate, statistical analysis of the grant-making process, including the calculation of success rates. (2) Collecting demographic, education, and career information from applicants, on a voluntary basis, that is not available to proposal reviewers but is used for analysis of success rates.

    Agency: Department of Defense
    Status: Open

    Comments: DOD agreed with our recommendation to implement additional data collection efforts. As of August, 2017, the Basic Research Office (BRO) has drafted an implementation plan and schedule for the collection of demographic data on grant applicants and lifecycle grant data. As part of this, BRO has identified a number of issues to be addressed and resolved within DoD. One of these areas is the protection of any information collected to assess the success rates of women as Principal Investigators (PIs)/co-PIS under STEM Research grants and cooperative agreements. As a result, before BRO proceeds with its planned actions, they are working with the Office of Information Management, WHS, to ensure there are no issues related to the Privacy Act. The agency did not provide a timeline to GAO for when these actions are expected to be completed.
    Recommendation: In order to ensure complete, analyzable records regarding research grant award decisions are available for management and analysis, the Secretary of Energy should direct DOE's grant-making agencies to implement additional data collection efforts, which should include: (1) Retaining complete records of pre-proposal, proposal, and award data, including a record of proposal disposition, in linked electronic files to facilitate aggregate, statistical analysis of the grant-making process, including the calculation of success rates. (2) Collecting demographic, education, and career information from applicants, on a voluntary basis, that is not available to proposal reviewers but is used for analysis of success rates.

    Agency: Department of Energy
    Status: Open

    Comments: DOE generally agreed with our recommendation to implement additional data collection efforts. According to DOE officials, as of September, 2017, of the four components audited at DOE, all four have taken actions toward implementing the recommendation and one component has completed its implementation. Specifically, the Office of Science began collecting investigator demographics during the second quarter of fiscal year 2015 and already retained complete records that enabled the calculation of success rates. Three additional DOE components conducted a joint feasibility study and all concur that it is feasible to collect data on demographic, education and career information of applicants. The Office of Nuclear Energy (NE) revised its approach to data collection and now retains complete grant life cycle information for each individual award, including complete records of pre-proposal, proposal, and award data in linked electronic files. NE is also changing existing data systems to input/track voluntarily submitted demographic information on Principle Investigators on applications to facilitate aggregate, statistical analysis of the grant-making process, including the calculation of success rates. The agency notes that for NE, the completion of the actions required to implement this recommendation is estimated to take up to 12 months. Advanced Research Projects Agency-Energy (ARPA-E) and the Office of Energy Efficiency and Renewable Energy (EERE) participated in the joint feasibility study regarding the collection of demographic data, but have not completed any actions to implement such data collection.
    Recommendation: As NASA begins to collect demographic data on its grant proposals and awards, the NASA Administrator should include the following key components: (1) Retain complete records of pre-proposal, proposal, and award data, including a record of proposal disposition, in linked electronic files to facilitate aggregate, statistical analysis of the grant-making process, including the calculation of success rates. (2) Collect demographic, education, and career information from applicants, on a voluntary basis, that is not available to proposal reviewers but is used for analysis of success rates.

    Agency: National Aeronautics and Space Administration
    Status: Open

    Comments: NASA agreed with our recommendation and indicated it will begin collecting basic demographic, education, and career data from its research grant applicants on a voluntary basis by the end of fiscal year 2016. In addition, NASA noted it will explore its ability to consolidate proposal and award data as part of the ongoing update to its procurement and grants management systems. As of September 2017, NASA officials reported that the notice of grant award document (form 1687) was modified to require entry of the proposal number on the form in order to capture the linkage between proposal and award. When the transition to the new contract/grant writing system (Procurement for Public Sector) occurred in June 2017, NASA began using the amended award notice. NASA states they are continuing to investigate system options for fine tuning this cross-referencing methodology. However, as of September 2017, there were no stated plans to collect or track demographic, education, or career characteristics of grant applicants in such a way as to facilitate the analysis of success rates.
    Recommendation: To comply with Title IX enforcement requirements, the Secretary of the Department of Defense, which funds STEM research at universities, should direct the Director of the Office of Diversity Management and Equal Opportunity to ensure that Title IX compliance reviews of DOD's grantees are periodically conducted.

    Agency: Department of Defense
    Status: Open

    Comments: DOD agreed with our recommendation and noted it is in the process of revising current DOD guidance which will address its Title IX enforcement requirements. In a conversation with GAO in September 2017, a DOD official stated that the agency is in the process of formulating instructions related to both Title IX and Title VI that they believe will address the recommendation regarding Title IX enforcement. To date, these actions are not complete as they are still in the process of developing appropriate language.
    Recommendation: To comply with Title IX enforcement requirements, the Secretary of the Department of Health and Human Services, which funds STEM research at universities, should ensure that Title IX compliance reviews of NIH's grantees are periodically conducted.

    Agency: Department of Health and Human Services
    Status: Open

    Comments: HHS indicated it would consult with NIH and initiate a sex discrimination compliance review program that includes grantee institutions with STEM programs. We will update the status of this recommendation when the agency provides documentation that these efforts have been completed.
    Director: Anne-Marie Fennell
    Phone: (202) 512-3841

    1 open recommendations
    Recommendation: As the Aquatic Nuisance Species Task Force considers how to measure progress toward accomplishing its strategic goals, the Task Force should develop and regularly use a tracking mechanism, to include elements envisioned for an operational plan and to largely meet requirements in the 1990 Act, including: (1) specifying the roles of member agencies related to its strategic plan, (2) tracking activities to be conducted by collecting information on those activities and associated funding, (3) measuring progress member agencies have made in achieving its strategic goals, and (4) reporting to Congress annually on the progress of its program.

    Agency: Aquatic Nuisance Species Task Force
    Status: Open

    Comments: As of August 2017, the Aquatic Nuisance Species Task Force (ANSTF) has issued its 2015 report to Congress and has a working draft of its 2016 report, according to agency officials. The ANSTF reported that it finalized and distributed a new activity tracking tool in October 2016 to collect accomplishments for fiscal years 2015-16, and that it plans to assess and update its tool in future years to align with the development of its next strategic plan.
    Director: J. Alfredo Gómez
    Phone: (202) 512-3841

    2 open recommendations
    Recommendation: To help federal, state, local, and private sector decision makers access and use the best available climate information, the Executive Office of the President should designate a federal entity to develop and periodically update a set of authoritative climate change observations and projections for use in federal decision making, which state, local, and private sector decision makers could also access to obtain the best available climate information.

    Agency: Executive Office of the President
    Status: Open

    Comments: As of 6/7/17, the Executive Office of the President has yet to take action in response to this recommendation.
    Recommendation: To help federal, state, local, and private sector decision makers access and use the best available climate information, the Executive Office of the President should designate a federal entity to create a national climate information system with defined roles for federal agencies and nonfederal entities with existing statutory authority.

    Agency: Executive Office of the President
    Status: Open

    Comments: As of 6/7/17, the Executive Office of the President has yet to take action in response to this recommendation.
    Director: Brenda S. Farrell
    Phone: (202) 512-3604

    2 open recommendations
    Recommendation: To provide greater assurance that the Interagency Rotation Program for national security personnel will be implemented as provided in section 1107 of the National Defense Authorization Act for Fiscal Year 2013, the Director of the Office of Personnel Management, in collaboration with the Committee on National Security Personnel, should establish a clear leadership and oversight structure to guide future implementation efforts.

    Agency: Office of Personnel Management
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To provide greater assurance that the Interagency Rotation Program for national security personnel will be implemented as provided in section 1107 of the National Defense Authorization Act for Fiscal Year 2013, the Director of the Office of Personnel Management, in collaboration with the Committee on National Security Personnel, should work with the departments and agencies to identify and take action on necessary next steps to proceed with the program's implementation, including developing and issuing required guidance for implementation within identified timeframes.

    Agency: Office of Personnel Management
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Director: J. Lawrence Malenich
    Phone: (202) 512-9399

    1 open recommendations
    Recommendation: The Foundation's Executive Director should update the Foundation's draft written policies and procedures over its contracting practices to include all key internal control activities, issue them in final form, and establish a date by which these actions will be completed.

    Agency: Morris K. Udall and Stewart L. Udall Foundation
    Status: Open

    Comments: The Foundation concurred with our recommendation and stated that it will implement the recommended actions. In addition, the Foundation stated that our recommendations will be incorporated in the Foundation's risk assessment documentation, established as a priority, and included in the Foundation's fiscal year 2016 Corrective Action Plan. As of July 2017, the Foundation has not implemented corrective actions to address this recommendation.
    Director: David Wise
    Phone: (202) 512-2834

    1 open recommendations
    Recommendation: The Administrator of the General Services Administration should develop a legislative proposal to enhance accountability for government-wide implementation of the Act. GSA should consider including the following in its proposal: (1) establishing authorities for a single agency to monitor and enforce implementation of the Act; (2) establishing agency responsibilities for reporting progress on implementation of the Act; (3) establishing agency responsibilities for assessing employee skill levels related to the Act and identifying training that allows employees to develop and retain skills required by the Act; and (4) establishing an interagency group to further government-wide collaboration on implementation of the Act.

    Agency: General Services Administration
    Status: Open

    Comments: In response to our recommendation, GSA agreed to work with other agencies to evaluate whether additional legislative changes would improve the speed and efficiency of implementation. In October 2017, GSA informed us they intend to submit a legislative proposal to Congress as part of the FY 2019 budget process. We will continue to monitor GSA actions.
    Director: Michele Mackin
    Phone: (202) 512-4841

    2 open recommendations
    Recommendation: To gain visibility and enable efficient management on the use of bridge contracts in federal agencies, the Administrator of OFPP should take appropriate steps to develop a standardized definition for bridge contracts and incorporate it as appropriate into relevant FAR sections.

    Agency: Executive Office of the President: Office of Management and Budget: Office of Federal Procurement Policy
    Status: Open

    Comments: In July 2017, staff from the Office of Federal Procurement Policy (OFPP) stated that OFPP will be convening the FAR Council to discuss regulatory action after it completes the development of management guidance. The management guidance, which, according to OFPP staff includes a definition of bridge contracts, has been drafted and reviewed by agency Chief Acquisition Officers and Senior Procurement Executives. OFPP staff told us that they received many comments on the draft guidance and that they were in the process of addressing these comments. OFPP staff could not provide a date as to when they expected the management guidance would be finalized.
    Recommendation: To gain visibility and enable efficient management on the use of bridge contracts in federal agencies, the Administrator of OFPP should, as an interim measure, until the FAR is amended, provide guidance to agencies on (1) a definition of bridge contracts, with consideration of contract extensions as well as stand-alone bridge contracts; and (2) suggestions for agencies to track and manage their use of these contracts, such as identifying a contract as a bridge in a Justification and Approval (J&A) when it meets the definition, and listing the history of previous extensions and stand-alone bridge contracts back to the predecessor contract in the J&A.

    Agency: Executive Office of the President: Office of Management and Budget: Office of Federal Procurement Policy
    Status: Open

    Comments: As of July 2017, OFPP has drafted management guidance, which, according to OFPP staff, includes a definition of bridge contracts. The guidance, which was reviewed by agency Chief Acquisition Officers and Senior Procurement Executives, was originally expected to be issued to agencies by the end of calendar year 2016. However, OFPP staff told us that they received many comments on the draft guidance from the agencies, and that they were in the process of addressing these comments. OFPP staff could not provide an update as to when management guidance would be completed.
    Director: J. Alfredo Gómez
    Phone: (202) 512-3841

    1 open recommendations
    Recommendation: To enhance HHS's ability to protect public health from the impacts of climate change, the Secretary of HHS should direct CDC to develop a plan describing when it will be able to issue climate change communication guidance to state and local health departments, to better position relevant officials to effectively communicate about the risks that climate change poses to public health and address requirements of the Climate Ready States and Cities Initiative.

    Agency: Department of Health and Human Services
    Status: Open

    Comments: As of December 2016, CDC has taken steps to start developing a communications strategy, and expects this process to include the development of guidance for public health officials to help them more effectively communicate about the health effects of climate change. CDC expects the strategy to be completed by the fall of 2017.
    Director: Steve D. Morris
    Phone: (202) 512-3841

    3 open recommendations
    Recommendation: To help ensure that FDA has relevant and timely information to support management decisions, including the critical information necessary to ensure the safety and effectiveness of drugs compounded for animals, the Secretary of Health and Human Services should direct the Commissioner of the FDA to modify the voluntary reporting form FDA uses to obtain information on adverse events to ask whether drugs involved in adverse events were compounded.

    Agency: Department of Health and Human Services
    Status: Open

    Comments: As of July 2017, FDA has drafted a notice for publication in the Federal Register that seeks comment on editorial revisions to Form FDA 1932a to clarify how to report adverse drug events associated with compounded products using that form. The publication of the notice was issued in July 2017. After a 60-day public comment period, the revisions to Form FDA 1932a will be submitted to OMB for review and approval under the Paperwork Reduction Act.
    Recommendation: To help ensure that FDA has relevant and timely information to support management decisions, including the critical information necessary to ensure the safety and effectiveness of drugs compounded for animals, the Secretary of Health and Human Services should direct the Commissioner of the FDA to develop policy or guidance for agency staff that specifies circumstances under which FDA will or will not enforce compounding regulations for animals and clearly define key terms.

    Agency: Department of Health and Human Services
    Status: Open

    Comments: In July 2017, FDA notified us that they are still in the process of developing guidance for agency staff that specifies circumstances under which FDA will enforce compounding regulations for animals. According to FDA, the agency received more than 150 comments regarding the draft Guide For Industry #230 and 280 nominations of bulk drug substances for use in compounding office stock; information necessary for updating the guidance. In addition, FDA is reviewing the substances that were nominated for use in compounding office stock. Officials did not provide a specific timeline for completing this work, but stated that developing updated guidance on compounding for animals continues to be a high priority for FDA.
    Recommendation: To help ensure that FDA has relevant and timely information to support management decisions, including the critical information necessary to ensure the safety and effectiveness of drugs compounded for animals, the Secretary of Health and Human Services should direct the Commissioner of the FDA to consistently document the bases for FDA's decisions about how or whether it followed up on warning letters, adverse event reports, and complaints about drug compounding for animals.

    Agency: Department of Health and Human Services
    Status: Open

    Comments: As of July 2017, FDA reported that it is still developing an enforcement strategy for compounded animal drugs that includes a process for documenting the Agency's actions with respect to follow-up on warning letters, adverse event reports, and complaints.
    Director: Anne-Marie Fennell
    Phone: (202) 512-3841

    2 open recommendations
    Recommendation: To better ensure that the agencies have sufficient information to understand the effectiveness of their approach to wildland fires, and to better position them to develop appropriate and effective strategies for wildland fire management, the Secretaries of Agriculture and the Interior should direct the Chief of the Forest Service and the Director of the Office of Wildland Fire to develop specific criteria for selecting wildland fires for review and for conducting the reviews as part of their efforts to improve their approach to reviewing fires.

    Agency: Department of Agriculture
    Status: Open

    Comments: In August 2017, the Forest Service amended its policy to reflect criteria it developed for selecting wildland fires for review. In addition, in August 2017, Forest Service officials told us the agency will host a "Risk Learning Summit" in November 2017 during which they plan to begin developing criteria for conducting fire reviews. They told us that once criteria are agreed upon, they will be reflected in Forest Service policy (through the Forest Service Manual) within a year or so of the summit (around November 2018).
    Recommendation: To better ensure that the agencies have sufficient information to understand the effectiveness of their approach to wildland fires, and to better position them to develop appropriate and effective strategies for wildland fire management, the Secretaries of Agriculture and the Interior should direct the Chief of the Forest Service and the Director of the Office of Wildland Fire to, once such criteria are established, revise agency policies to align with the specific criteria developed by the agencies.

    Agency: Department of Agriculture
    Status: Open

    Comments: In August 2017, the Forest Service amended its policy to reflect criteria it developed for selecting wildland fires for review. In addition, in August 2017, Forest Service officials told us the agency will host a "Risk Learning Summit" in November 2017 during which they plan to begin developing criteria for conducting fire reviews. They told us that once criteria are agreed upon, they will be reflected in Forest Service policy (through the Forest Service Manual) within a year or so of the summit (around November 2018).
    Director: David Powner
    Phone: (202) 512-9286

    17 open recommendations
    Recommendation: To better ensure that agencies' IT savings are being reinvested in the most efficient and effective manner possible, the Director of OMB should direct the Federal CIO to ensure that agencies complete their reinvestment plans, in accordance with established requirements, and maintain those plans on an ongoing basis.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: The Office of Management and Budget (OMB) generally agreed with, and has taken initial steps to implement, our recommendation. In May 2016, OMB released updated guidance for agency's quarterly data submissions that noted the importance of providing savings reinvestment information. Specifically, OMB strongly encouraged agencies to provide reinvestment information where feasible, including a description of the activities that were funded using any savings achieved. OMB further noted that failing to provide such information might result in an agency being unable to accurately track its reinvestments. However, the May 2016 guidance notes that providing this reinvestment information is not required. As of May 2017, OMB had not yet updated its guidance for agencies quarterly data submissions to require reinvestment information. We will continue to evaluate OMB's progress in implementing this recommendation.
    Recommendation: To better ensure that agencies' IT savings are being reinvested in the most efficient and effective manner possible, the Director of OMB should direct the Federal CIO to require agencies to track actual reinvestment performance and define performance targets for agencies' reinvestments, as done previously.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: The Office of Management and Budget (OMB) generally agreed with our recommendation, but has not yet taken steps to implement it. Specifically, as of May 2017, OMB had not issued additional guidance to require agencies to track actual reinvestment performance or defined performance targets for agencies' reinvestments. We will continue to evaluate OMB's progress in implementing this recommendation.
    Recommendation: To improve the department's IT savings reinvestment plans, the Secretary of Agriculture should direct the CIO to ensure that the department's integrated data collection submission to OMB includes, for all reported initiatives, complete plans to reinvest any resulting cost savings and avoidances from OMB-directed IT reform-related efforts.

    Agency: Department of Agriculture
    Status: Open

    Comments: The Department of Agriculture agreed with our recommendation, but has not yet taken steps to implement it. Specifically, as of May 2017, the department's integrated data collection submission to the Office of Management and Budget had not been updated to include reinvestment plans for all reported cost savings and avoidance initiatives. For example, the department reported about $25 million in cost savings and avoidances related to its data center consolidation efforts, but did not include plans regarding how these savings would be reinvested. We will continue to evaluate the department's progress in implementing this recommendation.
    Recommendation: To improve the department's IT savings reinvestment plans, as part of any future update to the department's information resource management strategic plan or equivalent document, the Secretary of Commerce should direct the CIO to include information regarding the approach to reinvesting savings from the consolidation of commodity IT resources (including data centers) in accordance with OMB's guidance.

    Agency: Department of Commerce
    Status: Open

    Comments: The Department of Commerce agreed with our recommendation, but has not yet taken steps to implement it. Specifically, as of May 2017, the department had not updated its IT Resource Management Strategic plan to include the approach to reinvesting savings from the consolidation of commodity IT resources. We will continue to evaluate the department's progress in implementing this recommendation.
    Recommendation: To improve the department's IT savings reinvestment plans, the Secretary of Commerce should direct the CIO to ensure that the department's integrated data collection submission to OMB includes, for all reported initiatives, complete plans to reinvest any resulting cost savings and avoidances from OMB-directed IT reform-related efforts.

    Agency: Department of Commerce
    Status: Open

    Comments: The Department of Commerce agreed with our recommendation, but has not yet taken steps to implement it. Specifically, as of May 2017, the department's integrated data collection submission to the Office of Management and Budget had not been updated to include reinvestment plans for all reported cost savings and avoidance initiatives. For example, the department reported about $26 million in cost savings and avoidances related to its server virtualization efforts, but did not include plans regarding how these savings would be reinvested. We will continue to evaluate the department's progress in implementing this recommendation.
    Recommendation: To improve the department's IT savings reinvestment plans, the Secretary of Defense should direct the Defense CIO to ensure that the department's integrated data collection submission to OMB includes, for all reported initiatives, complete plans to reinvest any resulting cost savings and avoidances from OMB-directed IT reform-related efforts.

    Agency: Department of Defense
    Status: Open

    Comments: The Department of Defense partially agreed with our recommendation and has taken initial steps to implement it. Specifically, as of May 2017, the department reported approximately $331.4 million in data center consolidation cost savings in its quarterly integrated data collection submission to the Office of Management and Budget. Although the department's submission notes that it plans to reinvest these savings in the agency's core mission, it did not provide any further detail regarding these reinvestment plans. In addition, the department did not report any information technology cost savings and avoidance initiatives related to its business system modernization efforts, which it had previously reported to GAO as an area with substantial savings. We will continue to evaluate the department's progress in implementing this recommendation.
    Recommendation: In addition, to improve the U.S. Army Corps of Engineers' IT savings reinvestment plans, the Secretary of Defense should direct the Secretary of the Army, as part of any future update to the U.S. Army Corps of Engineers' IRM strategic plan or equivalent document, to include information regarding the approach to reinvesting savings from the consolidation of commodity IT resources (including data centers) in accordance with OMB's guidance.

    Agency: Department of Defense
    Status: Open

    Comments: The U.S. Army Corps of Engineers agreed with our recommendation, but has not yet taken steps to implement it. Specifically, as of May 2017, the agency had not yet updated its Information Resources Management Strategic Plan to include information regarding the approach to reinvesting savings from the consolidation of commodity IT resources. We will continue to evaluate the agency's progress in implementing this recommendation.
    Recommendation: To improve the department's IT savings reinvestment plans, the Secretary of Health and Human Services should direct the CIO, as part of any future update to the department's IRM strategic plan or equivalent document, to include information regarding the approach to reinvesting savings from the consolidation of commodity IT resources (including data centers) in accordance with OMB's guidance.

    Agency: Department of Health and Human Services
    Status: Open

    Comments: The Department of Health and Human Services (HHS) agreed with, and has taken initial steps to implement, our recommendation. Specifically, in November 2015, the department stated that its Office of the Chief Information Officer will include reinvestment strategies in its next update of the HHS Information Resource Management Strategic Plan. According to the department, the updated strategic plan was expected to be completed by the end of September 2016. However, as of May 2017, the agency had not yet updated its Information Resources Management Strategic Plan to include information regarding the approach to reinvesting savings from the consolidation of commodity IT resources. We will continue to evaluate the department's progress in implementing this recommendation.
    Recommendation: To improve the department's IT savings reinvestment plans, the Secretary of Homeland Security should direct the CIO to ensure that the department's integrated data collection submission to OMB includes, for all reported initiatives, complete plans to reinvest any resulting cost savings and avoidances from OMB-directed IT reform-related efforts.

    Agency: Department of Homeland Security
    Status: Open

    Comments: The Department of Homeland Security agreed with our recommendation, but has not yet taken steps to implement it. Specifically, as of May 2017, the department's integrated data collection submission to the Office of Management and Budget had not been updated to include reinvestment plans for all reported cost savings and avoidance initiatives. For example, the department did not include reinvestment plans for two cost avoidances strategies related to the Office of Management and Budget's PortfolioStat initiative that have resulted approximately $96 million in cost avoidances. We will continue to evaluate the department's progress in implementing this recommendation.
    Recommendation: To improve the department's IT savings reinvestment plans, the Secretary of Housing and Urban Development should direct the CIO to ensure that the department's integrated data collection submission to OMB includes, for all reported initiatives, complete plans to reinvest any resulting cost savings and avoidances from OMB-directed IT reform-related efforts.

    Agency: Department of Housing and Urban Development
    Status: Open

    Comments: The Department of Housing and Urban Development agreed with, and has taken initial steps to implement, our recommendation. Specifically, as of May 2017, the department updated its integrated data collection submission to include reinvestment plans for one of the seven cost savings and avoidance initiatives reported. However, the six remaining initiatives, with savings and avoidances totaling approximately $6 million, did not include reinvestment plans. We will continue to evaluate the department's progress in implementing this recommendation.
    Recommendation: To improve the department's tracking of reinvestments, the Secretary of Labor should direct the CIO to use existing governance mechanisms and any improvements resulting from the implementation of FITARA to improve tracking of how savings have been reinvested.

    Agency: Department of Labor
    Status: Open

    Comments: The Department of Labor has taken initial steps to implement our recommendation. As of November 2015, the department stated that it was planning improvements in the area of information technology (IT) investment management in accordance with the Office of Management and Budget's June 2015 guidance for implementing the December 2014 IT reform law (commonly referred to as the Federal Information Technology Acquisition Reform Act or FITARA). The department added that these improvements would include the tracking of how savings have been reinvested. Subsequently, in May 2016, the department finalized its FITARA Implementation Plan. While the implementation plan discusses planned actions to improve the Chief Information Officer's involvement in agency IT budget requests, acquisition requests, and program management, it did not specifically discuss planned actions to improve the tracking of how information technology savings have been reinvested. In addition, as of May 2017, the department had not documented any FITARA implementation milestones that discussed making improvements in the tracking of how savings are reinvested. We will continue to evaluate the department's progress in implementing this recommendation.
    Recommendation: To improve the department's IT savings reinvestment plans, the Secretary of State should direct the CIO, as part of any future update to the department's IRM strategic plan or equivalent document, to include information regarding the approach to reinvesting savings from the consolidation of commodity IT resources (including data centers) in accordance with OMB's guidance.

    Agency: Department of State
    Status: Open

    Comments: The Department of State has not yet taken steps to implement our recommendation. Specifically, as of May 2017, the agency had not yet updated its Information Technology Strategic Plan to include information regarding the approach to reinvesting savings from the consolidation of commodity IT resources. We will continue to evaluate the department's progress in implementing this recommendation.
    Recommendation: To improve the department's IT savings reinvestment plans, the Secretary of the Treasury should direct the CIO, as part of any future update to the department's IRM strategic plan or equivalent document, to include information regarding the approach to reinvesting savings from the consolidation of commodity IT resources (including data centers) in accordance with OMB's guidance.

    Agency: Department of the Treasury
    Status: Open

    Comments: The Department of the Treasury has not yet taken steps to implement our recommendation. Specifically, as of May 2017, the agency had not yet updated its Information Resources Management Strategic Plan to include information regarding the approach to reinvesting savings from the consolidation of commodity IT resources. We will continue to evaluate the department's progress in implementing this recommendation.
    Recommendation: To improve the department's IT savings reinvestment plans, the Secretary of the Treasury should direct the CIO to ensure that the department's integrated data collection submission to OMB includes, for all reported initiatives, complete plans to use any resulting cost savings and avoidances from OMB-directed IT reform-related efforts.

    Agency: Department of the Treasury
    Status: Open

    Comments: The Department of the Treasury has not yet taken steps to implement our recommendation. Specifically, as of May 2017, the department's integrated data collection submission did not include reinvestment plans for all reported cost savings and avoidance initiatives. For example, the department reported about $1.07 billion in cost savings and avoidances from its information technology infrastructure efficiency initiatives, but did not provide information regarding how it plans to reinvest these savings and avoidances. We will continue to evaluate the department's progress in implementing this recommendation.
    Recommendation: To improve the department's IT savings reinvestment plans, the Secretary of Veterans Affairs should direct the CIO to ensure that the department's integrated data collection submission to OMB includes, for all reported initiatives, complete plans to reinvest any resulting cost savings and avoidances from OMB-directed IT reform-related efforts.

    Agency: Department of Veterans Affairs
    Status: Open

    Comments: The Department of Veterans Affairs agreed with, and has taken initial steps to implement, our recommendation. Specifically, in November 2015, the department's Chief of Staff stated that the Office of Information and Technology was working to establish an office to closely monitor program performance, schedule, return on investment, and total cost of ownership, which will enable reinvestment opportunities. However, as of May 2017, the department's integrated data collection submission did not include reinvestment plans for all of the reported cost savings and avoidance initiatives. For example, the department reported about $177 million in cost savings and avoidances from the renegotiation of an enterprise agreement for software licenses, but did not provide information regarding how it plans to reinvest these savings and avoidances. We will continue to evaluate the department's progress in implementing this recommendation.
    Recommendation: To improve the agency's IT savings reinvestment plans, the Administrator of the Environmental Protection Agency should direct the CIO to ensure that the agency's integrated data collection submission to OMB includes, for all reported initiatives, complete plans to reinvest any resulting cost savings and avoidances from OMB-directed IT reform-related efforts.

    Agency: Environmental Protection Agency
    Status: Open

    Comments: The Environmental Protection Agency agreed with our recommendation, but has not yet taken steps to implement it. Specifically, as of May 2017, the agency's integrated data collection submission did not include reinvestment plans for all of the reported cost savings and avoidance initiatives. For example, the agency reported about $3 million in cost savings and avoidances related to two shared services initiatives, but did not provide information regarding how it plans to reinvest these savings and avoidances. We will continue to evaluate the agency's progress in implementing this recommendation.
    Recommendation: To improve the agency's IT savings reinvestment plans, the Director of the Office of Personnel Management should direct the CIO, as part of any future update to the agency's IRM strategic plan or equivalent document, to include information regarding the approach to reinvesting savings from the consolidation of commodity IT resources (including data centers) in accordance with OMB's guidance.

    Agency: Office of Personnel Management
    Status: Open

    Comments: The Office of Personnel Management (OPM) agreed with our recommendation, but has not yet taken action to implement it. Specifically, in November 2015, OPM's Acting Director stated that information regarding the approach to reinvesting savings from the consolidation of commodity IT resources (including data centers) would be included in future updates to OPM's Strategic IT Plan. However, as of May 2017, the agency had not yet updated its strategic plan to include this information. We will continue to evaluate the OPM's progress in implementing this recommendation.
    Director: J. Christopher Mihm
    Phone: (202) 512-6806

    1 open recommendations
    Recommendation: To build upon the Department of Housing and Urban Development and the Rental Policy Working Group's efforts to improve coordination of rental assistance, the Secretary of the Department of Housing and Urban Development, in consultation with the Rental Policy Working Group, should work with states and localities to develop an approach for compiling and reporting on the collective performance of federal, state, and local rental assistance programs. Such an effort may begin with one or more pilots to test approaches before they are considered for wider application.

    Agency: Department of Housing and Urban Development
    Status: Open

    Comments: In July 2017, a HUD official said HUD is still working to respond to the GAO recommendation. He said HUD is currently in the planning stages for updating the existing "Picture of Subsidized Housing" database to add the Low Income Housing Tax Credit (LIHTC) and HOME programs and that including LIHTC and HOME will give a more complete picture of governmental assistance since LIHTC is often combined with other subsidies and HOME funds are often put into state housing trust funds and issued together with funding from state revenue sources.
    Director: David J. Wise
    Phone: (202) 512-2834

    2 open recommendations
    Recommendation: To ensure that transit agencies have appropriate and current guidance to assist them when procuring transit buses, the Administrator of FTA should update its Best Practices Procurement Manual and assess its other related guidance identified in this report and update that guidance as needed.

    Agency: Department of Transportation: Federal Transit Administration
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To provide a more efficient and cost-effective way for transit agencies to procure transit buses while complying with federal procurement requirements, the Administrator of FTA, in conjunction with the Administrator of the General Services Administration, should submit a legislative proposal to Congress that would authorize transit agencies that are recipients of FTA grants to access GSA sources of supply for the purchase of transit buses.

    Agency: Department of Transportation: Federal Transit Administration
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Director: J. Christopher Mihm
    Phone: (202) 512-6806

    9 open recommendations
    Recommendation: To improve the public reporting about how agencies are ensuring the quality of performance information used to measure progress towards their priority goals, the Secretaries of Agriculture, Defense, Homeland Security, Interior, and Labor, and the Administrator of NASA should more fully address GPRAMA requirements and OMB guidance by working with OMB to describe on Performance.gov how they are ensuring the quality of performance information used to measure progress towards their APGs.

    Agency: Department of Agriculture
    Status: Open

    Comments: On June 15, 2017, the Director of the Office of Management and Budget (OMB) stated in a memorandum to agency heads that reporting on Performance.gov concerning the previous Administration's priority goals is suspended through the end of fiscal year 2017. The OMB Director stated that priority goals are intended to focus efforts toward achieving the priorities of the current political leadership and that new goals would be established when the President's fiscal year 2019 Budget is released. We will continue to monitor the Department of Agriculture's efforts to address our recommendation.
    Recommendation: To improve the public reporting about how agencies are ensuring the quality of performance information used to measure progress towards their priority goals, the Secretaries of Agriculture, Defense, Homeland Security, Interior, and Labor, and the Administrator of NASA should more fully address GPRAMA requirements and OMB guidance by working with OMB to describe on Performance.gov how they are ensuring the quality of performance information used to measure progress towards their APGs.

    Agency: Department of Defense
    Status: Open

    Comments: On June 15, 2017, the Director of the Office of Management and Budget (OMB) stated in a memorandum to agency heads that reporting on Performance.gov concerning the previous Administration's priority goals is suspended through the end of fiscal year 2017. The OMB Director stated that priority goals are intended to focus efforts toward achieving the priorities of the current political leadership and that new goals would be established when the President's fiscal year 2019 Budget is released. We will continue to monitor the Department of Defense's efforts to address our recommendation.
    Recommendation: To improve the public reporting about how agencies are ensuring the quality of performance information used to measure progress towards their priority goals, the Secretaries of Agriculture, Defense, Homeland Security, Interior, and Labor, and the Administrator of NASA should more fully address GPRAMA requirements and OMB guidance by working with OMB to describe on Performance.gov how they are ensuring the quality of performance information used to measure progress towards their APGs.

    Agency: Department of the Interior
    Status: Open

    Comments: On June 15, 2017, the Director of the Office of Management and Budget (OMB) stated in a memorandum to agency heads that reporting on Performance.gov concerning the previous Administration's priority goals is suspended through the end of fiscal year 2017. The OMB Director stated that priority goals are intended to focus efforts toward achieving the priorities of the current political leadership and that new goals would be established when the President's fiscal year 2019 Budget is released. We will continue to monitor the Department of the Interior's efforts to address our recommendation.
    Recommendation: To improve the public reporting about how agencies are ensuring the quality of performance information used to measure progress towards their priority goals, the Secretaries of Agriculture, Defense, Homeland Security, Interior, and Labor, and the Administrator of NASA should more fully address GPRAMA requirements and OMB guidance by working with OMB to describe on Performance.gov how they are ensuring the quality of performance information used to measure progress towards their APGs.

    Agency: Department of Labor
    Status: Open

    Comments: Labor officials informed us that they had planned to address this recommendation by using a data quality self-assessment pilot they had conducted with component agencies that support Labor's priority goals. Labor had described its plans for this pilot in its fiscal year 2015 performance report and a link is provided from Performance.gov to agencies' performance plans and reports. Labor officials told us they described the results of this pilot in their draft fiscal year 2016 performance report, but according to Labor officials were advised by Office of Management and Budget (OMB) staff to deemphasize the priority goals and thus they dropped this section from the published performance report. On June 15, 2017, the Director of OMB stated in a memorandum to agency heads that reporting on Performance.gov concerning the previous Administration's priority goals is suspended through the end of fiscal year 2017. The OMB Director stated that priority goals are intended to focus efforts toward achieving the priorities of the current political leadership and that new goals would be established when the President's fiscal year 2019 Budget is released. We will continue to monitor Labor's efforts to address our recommendation.
    Recommendation: To improve the public reporting about how agencies are ensuring the quality of performance information used to measure progress towards their priority goals, the Secretaries of Agriculture, Defense, Interior, and Labor, and the Administrator of NASA should more fully address GPRAMA requirements and OMB guidance by describing in their agencies' annual performance plans and reports how they are ensuring the quality of performance information used to measure progress towards their APGs.

    Agency: Department of Agriculture
    Status: Open

    Comments: The Department of Agriculture's (USDA) annual performance report for fiscal year 2016 and performance plan for fiscal year 2018 continues to provide a general statement on how the agency uses a standardized methodology to measure its performance and that agency officials attest to the quality of the performance information. However, USDA does not provide more specific explanation of how it is ensuring the accuracy and reliability of the performance information used to measure progress on the priority goals the agency identified for fiscal years 2016 and 2017. On June 15, 2017, the Director of the Office of Management and Budget stated in a memorandum to agency heads that priority goals are intended to focus efforts toward achieving the priorities of the current political leadership and that new goals would be established when the President's fiscal year 2019 Budget is released. We will continue to monitor USDA's efforts to address our recommendation.
    Recommendation: To improve the public reporting about how agencies are ensuring the quality of performance information used to measure progress towards their priority goals, the Secretaries of Agriculture, Defense, Interior, and Labor, and the Administrator of NASA should more fully address GPRAMA requirements and OMB guidance by describing in their agencies' annual performance plans and reports how they are ensuring the quality of performance information used to measure progress towards their APGs.

    Agency: Department of Defense
    Status: Open

    Comments: The Department of Defense's (DOD) performance report for fiscal year 2016 continues to state that performance goal owners are expected to attest that their performance data is complete, accurate, and reliable. However, the report does not provide more specific explanation for individual priority goals. On June 15, 2017, the Director of the Office of Management and Budget stated in a memorandum to agency heads that priority goals are intended to focus efforts toward achieving the priorities of the current political leadership and that new goals would be established when the President's fiscal year 2019 Budget is released. We will continue to monitor DOD's efforts to address our recommendation.
    Recommendation: To improve the public reporting about how agencies are ensuring the quality of performance information used to measure progress towards their priority goals, the Secretaries of Agriculture, Defense, Interior, and Labor, and the Administrator of NASA should more fully address GPRAMA requirements and OMB guidance by describing in their agencies' annual performance plans and reports how they are ensuring the quality of performance information used to measure progress towards their APGs.

    Agency: Department of the Interior
    Status: Open

    Comments: The Department of the Interior's 2017/2018 Annual Performance Plan & 2016 Report (APP&R) includes a section concerning data accuracy and reliability and describes in general terms how Interior ensures the accuracy and reliability of performance information and how it addresses the five data quality requirements in the GPRA Modernization Act of 2010(GPRAMA). However, Interior does not provide more specific explanation for individual priority goals. For example, Interior states that the source of performance information are program managers, but does not provide more specific explanation of how the agency obtains performance information for priority goals that address a diverse array of issues, such as assisting Indian tribes, addressing climate change, and managing oil and gas resources. In September 2016, we provided feedback to Interior officials, at their request, and suggested they provide more specific data quality explanation. On June 15, 2017, the Director of the Office of Management and Budget stated in a memorandum to agency heads that priority goals are intended to focus efforts toward achieving the priorities of the current political leadership and that new goals would be established when the President's fiscal year 2019 Budget is released. We will continue to monitor Interior's efforts to address our recommendation.
    Recommendation: To improve the public reporting about how agencies are ensuring the quality of performance information used to measure progress towards their priority goals, the Secretaries of Agriculture, Defense, Interior, and Labor, and the Administrator of NASA should more fully address GPRAMA requirements and OMB guidance by describing in their agencies' annual performance plans and reports how they are ensuring the quality of performance information used to measure progress towards their APGs.

    Agency: Department of Labor
    Status: Open

    Comments: On June 15, 2017, Labor officials informed us that they had planned to address this recommendation by using a data quality self-assessment pilot they had conducted with component agencies that support Labor's priority goals. Labor had described its plans for this pilot in its fiscal year 2015 performance report. Labor officials told us they described the results of this pilot in their draft fiscal year 2016 performance report, but according to Labor officials were advised by Office of Management and Budget (OMB) staff to deemphasize the priority goals and thus they dropped this section from the published performance report. On June 15, 2017, the Director of OMB stated in a memorandum to agency heads that reporting on Performance.gov concerning the previous Administration's priority goals is suspended through the end of fiscal year 2017. The OMB Director stated that priority goals are intended to focus efforts toward achieving the priorities of the current political leadership and that new goals would be established when the President's fiscal year 2019 Budget is released. We will continue to monitor Labor's efforts to address our recommendation.
    Recommendation: To help participating agencies improve their public reporting, the Director of OMB, working with the PIC Executive Director, should identify additional changes that need to be made in OMB's guidance to agencies related to ensuring the quality of performance information for APGs on Performance.gov.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: On June 15, 2017, the Director of the Office of Management and Budget (OMB) stated in a memorandum to agency heads that reporting on Performance.gov concerning the previous Administration's priority goals is suspended through the end of fiscal year 2017. The OMB Director stated that priority goals are intended to focus efforts toward achieving the priorities of the current political leadership and that new goals would be established when the President's fiscal year 2019 Budget is released. We will continue to monitor OMB's efforts to address our recommendation.
    Director: Mark Goldstein
    Phone: (202) 512-2834

    1 open recommendations
    Recommendation: To ensure that NTIA's evaluation of the Internet multistakeholder community's transition proposal fully considers whether the proposal provides reasonable assurance that NTIA's core goals for the transition will be met, the NTIA Administrator should review relevant frameworks for evaluation, such as the Committee of Sponsoring Organizations of the Treadway Commission framework and the International Organization for Standardization quality management principles, and use the relevant portions of the frameworks to help evaluate and document whether and how the transition proposal meets NTIA's core goals.

    Agency: National Telecommunications and Information Administration
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Director: David C. Trimble
    Phone: (202) 512-3841

    2 open recommendations
    Recommendation: To improve transparency in future NNSA budget materials so that they are more useful for congressional decision makers, the Administrator of NNSA should, in instances where NNSA's internal cost estimates for a life extension program suggest that additional funding may be needed beyond what is included in the 5-year budget estimates to align with the program's plan, identify the amount of the shortfall in its budget materials and, what, if any, effect the shortfall may have on the program's cost and schedule or the risk of achieving program objectives.

    Agency: Department of Energy: National Nuclear Security Administration
    Status: Open

    Comments: In commenting on the report, the National Nuclear Security Administration (NNSA) agreed with this recommendation and outlined planned actions to incorporate the recommendation into the agency's fiscal year 2017 budget materials. However, the level of additional transparency for life extension programs in NNSA's fiscal year 2017 budget materials appears mixed. GAO will conduct additional follow-up with NNSA in 2017 following release of the fiscal year 2018 Stockpile Stewardship and Management Plan to clarify and assess prospects for further transparency with respect to funding shortfalls for life extension programs.
    Recommendation: To improve transparency in future NNSA budget materials so that they are more useful for congressional decision makers, the Administrator of NNSA should, in instances where budget estimates do not achieve DOE benchmarks for maintenance and recapitalization investment over the 5-year budget estimates, identify in the budget materials the amount of the shortfall and the effects, if any, on the deferred maintenance backlog.

    Agency: Department of Energy: National Nuclear Security Administration
    Status: Open

    Comments: In commenting on the report, the National Nuclear Security Administration (NNSA) agreed with this recommendation and outlined planned actions to incorporate the recommendation into the agency's fiscal year 2017 budget materials. However, the fiscal year 2017 NNSA budget materials do not support the benchmarked levels of funding needed to address maintenance and recapitalization, and there was no apparent discussion of the shortfall and likely effects on the deferred maintenance backlog in those materials. GAO will follow up on this recommendation in 2017 and 2018 to assess adequacy of funding in NNSA's fiscal year 2018 and 2019 budget materials and any applicable explanations of shortfalls.
    Director: Mihm, J Christopher
    Phone: (202) 512-6806

    2 open recommendations
    including 2 priority recommendations
    Recommendation: To ensure that federal program spending data are provided to the public in a transparent, useful, and timely manner, the Director of OMB should accelerate efforts to determine how best to merge DATA Act purposes and requirements with the GPRAMA requirement to produce a federal program inventory.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open
    Priority recommendation

    Comments: OMB staff told us that they don't expect to be able to identify programs for the purposes of DATA Act reporting until sometime after May 2017. However, they said that they are conducting a program definition and alignment study to identify a more consistent framework for defining federal agency programs with the aim of improving government-wide comparability and tying programs to spending. The effort is supported by a working group comprised of representatives from the CFO community. OMB staff noted that they expect to begin analyzing the results of the study in fall 2016.
    Recommendation: To ensure that the integrity of data standards is maintained over time, the Director of OMB, in collaboration with the Secretary of the Treasury, should establish a set of clear policies and processes for developing and maintaining data standards that are consistent with leading practices for data governance.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open
    Priority recommendation

    Comments: OMB and Treasury have taken some initial steps to build a data governance structure including conducting interviews with key stakeholders and developing a set of recommendations for decision-making authority. In September 2016, OMB and Treasury took another step toward establishing a data governance structure by creating a new Data Standards and Management Committee that will be responsible for maintaining established standards and identifying new data elements. However, more remains to be done. As part of our ongoing feedback with OMB, we shared 5 key practices that we believe should inform their plans to develop a data governance framework moving forward.
    Director: Kimberly Gianopoulos
    Phone: (202)512-8612

    1 open recommendations
    Recommendation: To strengthen agency performance measurement related to deterring child smuggling, the Secretary of Homeland Security should instruct DHS's U.S. Immigration and Customs Enforcement to establish annual performance targets associated with the performance measures it has established for its Transnational Criminal Investigative Units.

    Agency: Department of Homeland Security
    Status: Open

    Comments: In its comments on the report in July 2015, the Department of Homeland Security stated that it concurred with this recommendation, and that it would work with host nation partners to establish goals to measure these units' investigative activities and capacity development. In September 2015, DHS noted that it planned to use law enforcement data to measure TCIU success rates and inform efforts going forward. GAO has followed up with DHS--most recently in June 2017--on the status of its efforts to establish performance targets, but has not yet received a response.
    Director: Daniel Garcia-Diaz
    Phone: (202) 512-8678

    2 open recommendations
    Recommendation: To better align program goals with agency missions and improve program administration and oversight, Congress should consider designating the Department of Housing and Urban Development as a joint administrator of the program responsible for oversight. As part of the deliberation, Congress also should direct HUD to estimate the costs to monitor and perform the additional oversight responsibilities, including a discussion of funding options.

    Agency: Congress
    Status: Open

    Comments: As of July 2017, Congress had not enacted legislation to give HUD an oversight role for LIHTC.
    Recommendation: To improve the utility of the credit allocation information contained in IRS's database, IRS should address weaknesses identified in data entry and programming controls to ensure reliable data are collected.

    Agency: Department of the Treasury: Internal Revenue Service
    Status: Open

    Comments: IRS acknowledged the need for improvements in its controls and procedures (including data entry and quality reviews). IRS officials agreed that these problems should be corrected and data quality reviews should be conducted on an ongoing basis. As of March 2017, in response to our recommendation, IRS officials said that they had explored possibilities to improve the database, which not only houses credit allocation information, but also data from noncompliance and building disposition forms. Specifically, IRS is working to move the database to a new and updated server, which will address weaknesses identified in data entry and programming controls. IRS expects to complete the data migration step by early fall of 2017. Until IRS implements its plan to improve the data, this recommendation will remain open.
    Director: William T. Woods
    Phone: (202) 512-4841

    3 open recommendations
    Recommendation: To ensure consistent implementation of the Buy Indian Act procurement authority across the agencies and to enhance oversight of implementation of the Act at regional offices, the Secretaries of the Interior and Health and Human Services should direct the Bureau of Indian Affairs and Indian Health Service respectively, to clarify and codify their policies related to the priority for use of the Buy Indian Act, including whether the Buy Indian Act should be used before other set-aside programs.

    Agency: Department of Health and Human Services
    Status: Open

    Comments: The Department of Health and Human Services (HHS) has made progress towards addressing this recommendation. The Indian Health Service (IHS) is currently working on efforts to revise the Acquisition Management section of the Indian Health Manual to clarify and codify policies related to the priority for use of the Buy Indian Act. IHS plans for the revision to include implementation and reporting mechanisms for contracts awarded under the Buy Indian Act. HHS reported that IHS plans to issue new policy guidance relating to the Buy Indian Act and how it is to be implemented and prioritized in conjunction with other set asides.
    Recommendation: To ensure consistent implementation of the Buy Indian Act procurement authority across the agencies and to enhance oversight of implementation of the Act at regional offices, the Secretaries of the Interior and Health and Human Services should direct the Bureau of Indian Affairs and Indian Health Service respectively, to collect data on regional offices' implementation of key requirements, such as challenges to self-certification.

    Agency: Department of Health and Human Services
    Status: Open

    Comments: Officials at the Department of Health and Human Services' Indian Health Service (IHS) told us they plan to continue oversight to ensure that contractors comply with key requirements such as (1) maintaining the proportion of Indian ownership, (2) not subcontracting more than half the work to other than Indian firms, and (3) providing a preference to Indians in employment, training, and subcontracting. However, as of July 2017, IHS had not provided evidence that they were collecting data on regional offices' implementation of these key requirements. IHS officials told us they plan to incorporate Buy Indian Act policy language and clauses into all contracts and track Buy Indian award actions and obligations. IHS officials also stated they will ensure that the contracting officer authenticates an Indian Economic Enterprise's categorization/credentials, before award and throughout the contract period.
    Recommendation: To ensure consistent implementation of the Buy Indian Act procurement authority across the agencies and to enhance oversight of implementation of the Act at regional offices, the Secretaries of the Interior and Health and Human Services should direct the Bureau of Indian Affairs and Indian Health Service respectively, to include Buy Indian Act contracts as a part of their regular procurement review process.

    Agency: Department of Health and Human Services
    Status: Open

    Comments: Department of Health and Human Services officials told us initial on-site communications to raise awareness of the Buy Indian Act was included in the fiscal year 2017 Indian Health Service (IHS) Procurement Management Reviews (PMR) being conducted at all area offices. Starting in the fall of 2017, IHS plans to develop webinar training sessions to ensure that a large, diverse audience of contracting and management officials have access to the training. IHS will also incorporate the Buy Indian Act Policy into the established annual procurement management reviews beginning in fiscal year 2018 to ensure compliance.
    Director: William T. Woods
    Phone: (202) 512-4841

    3 open recommendations
    Recommendation: To help ensure contracting officers follow ordering procedures when using FSS, and to enhance internal controls, the Secretaries of DOD and HHS and the Administrator of GSA should issue guidance emphasizing the requirement to seek discounts and outlining effective strategies for negotiating discounts when using the FSS program.

    Agency: Department of Health and Human Services
    Status: Open

    Comments: In December 2016, HHS stated that it had assessed and reviewed existing guidance and determined that existing guidance was adequate, but that HHS contracting officials needed to be refreshed on the content. While HHS stated that it had tasked the contracting heads of each HHS component with ensuring that its officials attend refresher training, the agency has not yet ensured that this has been accomplished. In June 2017, HHS officials said they were again considering issuing additional guidance, per our recommendation.
    Recommendation: To help ensure contracting officers follow ordering procedures when using FSS, and to enhance internal controls, the Secretaries of DOD and HHS and the Administrator of GSA should issue guidance reminding contracting officials of the procedures they must follow with respect to purchasing open market items through the FSS program, including the requirement to perform a separate determination that the prices of these items are fair and reasonable.

    Agency: Department of Health and Human Services
    Status: Open

    Comments: In December 2016, HHS stated that it had assessed and reviewed existing guidance and determined that existing guidance was adequate, but that HHS contracting officials needed to be refreshed on the content. While HHS stated that it had tasked the contracting heads of each HHS component with ensuring that its officials attend refresher training, the agency has not yet ensured that this has been accomplished. In June 2017, HHS officials said they were again considering issuing additional guidance, per our recommendation.
    Recommendation: To help foster competition for FSS orders consistent with the FAR, the Secretary of HHS should assess reasons that may be contributing to the high percentage of orders with one or two quotes--including the practice of narrowing the pool of potential vendors--and if necessary, depending on the results of the assessment, provide guidance to help ensure contracting officials are taking reasonable steps to obtain three or more quotes above the simplified acquisition threshold.

    Agency: Department of Health and Human Services
    Status: Open

    Comments: HHS agreed with the recommendation. In January 2017, an HHS official stated that the agency had tried to conduct an assessment but had not yet been able to obtain enough information. In June 2017, HHS officials said that they would reexamine how to conduct an assessment per our recommendation.
    Director: J. Christopher Mihm
    Phone: (202) 512-6806

    5 open recommendations
    Recommendation: To help ensure that agency review processes provide frequent, regular opportunities to assess progress on agency priority goals (APG), and are conducted in a manner consistent with GPRA Modernization Act of 2010 (GPRAMA) requirements, OMB guidance, and leading practices, the Secretary of Defense should work with the COO and PIO to modify the Department's review processes to ensure that review meetings are led by the agency head or COO.

    Agency: Department of Defense
    Status: Open

    Comments: In March 2016, the DCMO and DOD Chief Information Officer released a memorandum stating that DOD would no longer hold in-person quarterly reviews of progress on APGs, and that the only issues that would be reviewed are those "requiring specific visibility." This approach is not consistent with the requirements of GPRAMA or OMB guidance, which require agencies to hold in-person, leadership-driven reviews of progress on all APGs at least once each quarter. We will continue to monitor the status of agency actions to address this recommendation.
    Recommendation: To help ensure that agency review processes provide frequent, regular opportunities to assess progress on agency priority goals (APG), and are conducted in a manner consistent with GPRA Modernization Act of 2010 (GPRAMA) requirements, OMB guidance, and leading practices, the Secretary of Defense should work with the COO and PIO to modify the Department's review processes to ensure that review meetings are used to review progress on all APGs at least once a quarter, discuss at-risk goals and improvement strategies, and assess whether specific program activities, policies, or other activities are contributing to goals as planned.

    Agency: Department of Defense
    Status: Open

    Comments: In March 2016 the Deputy Chief Management Officer (DCMO) and DOD Chief Information Officer released a memorandum stating that DOD would no longer hold in-person quarterly reviews of progress on APGs, and that the only issues that would be reviewed are those "requiring specific visibility." This approach is not consistent with the requirements of GPRAMA or OMB guidance, which require that agencies hold in-person reviews of progress on all APGs and identify any necessary improvement strategies at least once each quarter. We will continue to monitor the status of agency actions to address this recommendation.
    Recommendation: To help ensure that agency review processes provide frequent, regular opportunities to assess progress on agency priority goals (APG), and are conducted in a manner consistent with GPRA Modernization Act of 2010 (GPRAMA) requirements, OMB guidance, and leading practices, the Secretary of Defense should work with the COO and PIO to modify the Department's review processes to ensure that review meetings are used by participants to identify, agree upon, document and track follow-up actions.

    Agency: Department of Defense
    Status: Open

    Comments: In March 2016, the DCMO and DOD Chief Information Officer released a memorandum stating that DOD would no longer hold in-person quarterly reviews of progress on agency priority goals (APGs), and that the only issues that would be reviewed are those "requiring specific visibility." This approach is not consistent with OMB guidance or leading practices, which state that agencies should identify follow-up actions and responsible parties for implementing them, and subsequently track their status at in-person reviews at least once each quarter. We will continue to monitor the status of agency actions to address this recommendation.
    Recommendation: To help ensure that agency review processes provide frequent, regular opportunities to assess progress on agency priority goals (APG), and are conducted in a manner consistent with GPRA Modernization Act of 2010 (GPRAMA) requirements, OMB guidance, and leading practices, the Secretary of State should work with the COO and PIO to modify the Department's review processes to ensure that progress on each APG is reviewed in an in-person review meeting at least quarterly.

    Agency: Department of State
    Status: Open

    Comments: According to State Department staff, as of June 2016, the department continues to hold in-person review meetings for APGs involving agency leaders, goal leaders, and other stakeholders only once a year. We will continue to monitor the status of agency actions to address this recommendation.
    Recommendation: To help ensure that agency review processes provide frequent, regular opportunities to assess progress on agency priority goals (APG), and are conducted in a manner consistent with GPRA Modernization Act of 2010 (GPRAMA) requirements, OMB guidance, and leading practices, the Secretary of State should work with the COO and PIO to modify the Department's review processes to ensure that the reviews are led by the agency head or COO.

    Agency: Department of State
    Status: Open

    Comments: According to information provided by State Department officials in June 2016, the department's in-person review meetings continue to be led by the PIO. Although the Deputy Secretary for Management and Resources, who serves as the State Department's COO, receives a quarterly written summary of progress on State's APGs, this approach is not consistent with the requirements of the GPRA Modernization Act (GPRAMA) or Office of Management and Budget (OMB) guidance that the agency head and/or the COO conduct quarterly, in-person reviews. We will continue to monitor the status of agency actions to address this recommendation.
    Director: Michele Mackin
    Phone: (202) 512-4841

    1 open recommendations
    Recommendation: To ensure consistent implementation and documentation of actions relating to interagency agreements, the Secretary of Veterans Affairs should ensure that planned training on interagency agreements reaches the full range of program and contracting officials, particularly those who only occasionally award interagency agreements.

    Agency: Department of Veterans Affairs
    Status: Open

    Comments: VA concurred with this recommendation, and developed training based on the revised policy on interagency agreements issued in October 2016. GAO requested information in June 2017 on how VA will ensure this training reaches the full range of program and contracting officials, but as of September 2017 we have not yet received these details.
    Director: Joseph Kirschbaum
    Phone: (202) 512-9971

    3 open recommendations
    Recommendation: To improve the identification, alignment, and management of DOD's chemical and biological defense infrastructure and to fully institutionalize the use of risk assessments to support future investment decisions, the Secretary of Defense should direct the Under Secretary of Defense for Acquisition, Technology and Logistics to update the roles and responsibilities guidance in DOD Directive 5160.05E to identify which organizations are responsible for conducting and participating in CBDP Enterprise risk assessments.

    Agency: Department of Defense
    Status: Open

    Comments: DOD concurred with this recommendation but has not yet completed actions to implement it. As of August 2017, DOD was still waiting to release the final version of DOO Directive 5160.05E.
    Recommendation: To improve the identification, alignment, and management of DOD's chemical and biological defense infrastructure and to fully institutionalize the use of risk assessments to support future investment decisions, the Secretary of Defense should direct the Under Secretary of Defense for Acquisition, Technology and Logistics to update the CBDP Enterprise's portfolio planning process, to include when risk assessments will be conducted.

    Agency: Department of Defense
    Status: Open

    Comments: DOD concurred with this recommendation but has not yet completed actions to implement it. On 6/8/16, DOD reported that the risk assessment process was initially piloted in 2014 to determine its utility for informing CBDP Enterprise portfolio planning and guidance. Moving forward, the CBDP Enterprise plans to conduct risk assessments annually to support portfolio planning and guidance. As of August 2017, DOD reported that the department was beginning an approximately 12-month process to revise the CBDP Business Plan, which would likely be published as a DOD Instruction. This plan should address the risk assessment recommendation.
    Recommendation: To improve the identification, alignment, and management of DOD's chemical and biological defense infrastructure and to enhance PAIO's ongoing analysis of potential infrastructure duplication in the CBDP Enterprise and gain potential efficiencies, the Secretary of Defense should direct the Under Secretary of Defense for Acquisition, Technology and Logistics to identify, request, and consider any information from existing infrastructure studies from other federal agencies with chemical and biological research and development and test and evaluation infrastructure.

    Agency: Department of Defense
    Status: Open

    Comments: DOD concurred with this recommendation but has not yet completed actions to implement it. As of July 2017, DOD has requested, but not received, such studies from other federal agencies. However, DOD is currently engaged in phase two of a three-phase effort regarding its chemical and biological defense infrastructure program (CBDP), which includes a review of the department's interagency roles and responsibilities for its chemical and biological defense Infrastructure Manager. Targeted completion for this phase is December 2017, at which time, DOD may have obtained relevant information from other federal agencies.
    Director: Frank Rusco
    Phone: (202) 512-3841

    15 open recommendations
    Recommendation: To help agencies more consistently perform their oversight responsibilities and oversee contractors' measurement and verification activities, the Secretary of Energy should direct FEMP to monitor agencies' oversight of ESPC projects that agencies have awarded using the DOE contract vehicle, including whether agencies witnessed the contractors' measurement and verification activities and reviewed and certified acceptance of the measurement and verification report.

    Agency: Department of Energy
    Status: Open

    Comments: As of December 2016, we were working with DOE officials to confirm the status of their actions to implement the recommendation.
    Recommendation: To help ensure that agencies have sufficient information on the effects of changing circumstances on the performance of their ESPC portfolios, the Secretaries of Defense, Energy, and Veterans Affairs; the Attorney General; and the Administrator of the General Services Administration should establish a process to systematically evaluate their ESPC projects--including baseline assumptions about facilities' energy use, utility prices, and interest rates--to determine how their ESPC portfolios are performing and the extent to which they are achieving expected savings. Agencies could consider conducting such evaluations either after a certain number of years, or in response to events, such as changes in utility prices or market interest rates, or appropriations becoming available that could be used for modifications or terminations.

    Agency: Department of Defense
    Status: Open

    Comments: In comments on a draft of this report, DOD partially concurred with this recommendation. As of December 2016, we were working with DOD officials to confirm the status of their actions to implement the recommendation.
    Recommendation: To help ensure that agencies have sufficient information on the effects of changing circumstances on the performance of their ESPC portfolios, the Secretaries of Defense, Energy, and Veterans Affairs; the Attorney General; and the Administrator of the General Services Administration should establish a process to systematically evaluate their ESPC projects--including baseline assumptions about facilities' energy use, utility prices, and interest rates--to determine how their ESPC portfolios are performing and the extent to which they are achieving expected savings. Agencies could consider conducting such evaluations either after a certain number of years, or in response to events, such as changes in utility prices or market interest rates, or appropriations becoming available that could be used for modifications or terminations.

    Agency: Department of Energy
    Status: Open

    Comments: As of December 2016, we were working with DOE officials to confirm the status of their actions to implement the recommendation.
    Recommendation: To help ensure that agencies have sufficient information on the effects of changing circumstances on the performance of their ESPC portfolios, the Secretaries of Defense, Energy, and Veterans Affairs; the Attorney General; and the Administrator of the General Services Administration should establish a process to systematically evaluate their ESPC projects--including baseline assumptions about facilities' energy use, utility prices, and interest rates--to determine how their ESPC portfolios are performing and the extent to which they are achieving expected savings. Agencies could consider conducting such evaluations either after a certain number of years, or in response to events, such as changes in utility prices or market interest rates, or appropriations becoming available that could be used for modifications or terminations.

    Agency: Department of Justice
    Status: Open

    Comments: In comments on a draft of this report, the Department of Justice agreed with the recommendation. As of December 2016, we were working with Department of Justice officials to confirm the status of their actions to implement the recommendation.
    Recommendation: To help ensure that agencies have sufficient information on the effects of changing circumstances on the performance of their ESPC portfolios, the Secretaries of Defense, Energy, and Veterans Affairs; the Attorney General; and the Administrator of the General Services Administration should establish a process to systematically evaluate their ESPC projects--including baseline assumptions about facilities' energy use, utility prices, and interest rates--to determine how their ESPC portfolios are performing and the extent to which they are achieving expected savings. Agencies could consider conducting such evaluations either after a certain number of years, or in response to events, such as changes in utility prices or market interest rates, or appropriations becoming available that could be used for modifications or terminations.

    Agency: Department of Veterans Affairs
    Status: Open

    Comments: In comments on a draft of this report, the Department of Veterans Affairs agreed with the recommendation. As of December 2016, we were working with Department of Veterans Affairs officials to confirm the status of their actions to implement the recommendation.
    Recommendation: To help ensure that agencies have sufficient information on the effects of changing circumstances on the performance of their ESPC portfolios, the Secretaries of Defense, Energy, and Veterans Affairs; the Attorney General; and the Administrator of the General Services Administration should establish a process to systematically evaluate their ESPC projects--including baseline assumptions about facilities' energy use, utility prices, and interest rates--to determine how their ESPC portfolios are performing and the extent to which they are achieving expected savings. Agencies could consider conducting such evaluations either after a certain number of years, or in response to events, such as changes in utility prices or market interest rates, or appropriations becoming available that could be used for modifications or terminations.

    Agency: General Services Administration
    Status: Open

    Comments: In comments on a draft of this report, GSA agreed with the recommendation. As of December 2016, we were working with GSA officials to confirm the status of their actions to implement the recommendation.
    Recommendation: To help agencies decide whether to use ESPCs to consolidate federal data centers, the Director of the Office of Management and Budget should document, for the purposes of scoring ESPCs, (1) what qualifies as energy-related savings and (2) the allowable proportion of energy and energy-related cost savings.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: OMB did not comment on its plans to implement this recommendation in its review of a draft of the report and, as of December 2016, had not provided us with requested information on its actions to implement this recommendation. We will continue to follow-up on the status of this recommendation.
    Recommendation: To help agencies more consistently perform their oversight responsibilities and oversee contractors' measurement and verification activities, the Secretary of Energy should direct DOE's Federal Energy Management Program (FEMP) to evaluate existing training and determine whether additional training is needed on observing contractors' measurement and verification activities and reviewing and certifying measurement and verification reports.

    Agency: Department of Energy
    Status: Open

    Comments: As of December 2016, we were working with DOE officials to confirm the status of their actions to implement the recommendation.
    Recommendation: To help ensure that agencies have sufficient information on ESPC performance to oversee whether future and current contracts are achieving their expected savings, the Secretaries of Defense and Energy should specify in the scheduled revisions to their ESPC contract vehicles or in guidance to agencies that measurement and verification reports for future projects are to include estimates of cost and energy savings that were not achieved because of agency actions. Additionally, the Department of Energy (DOE) may wish to consider periodically analyzing data on other factors that may affect savings, such as utility prices, to provide information on how savings achieved by ESPCs awarded through its contract vehicle have been affected by changing utility prices since its prior study in 2007.

    Agency: Department of Defense
    Status: Open

    Comments: In comments on a draft of this report, DOD concurred with this recommendation. As of December 2016, we were working with DOD officials to confirm the status of their actions to implement the recommendation.
    Recommendation: To help ensure that agencies have sufficient information on ESPC performance to oversee whether future and current contracts are achieving their expected savings, the Secretaries of Defense and Energy should specify in the scheduled revisions to their ESPC contract vehicles or in guidance to agencies that measurement and verification reports for future projects are to include estimates of cost and energy savings that were not achieved because of agency actions. Additionally, the Department of Energy (DOE) may wish to consider periodically analyzing data on other factors that may affect savings, such as utility prices, to provide information on how savings achieved by ESPCs awarded through its contract vehicle have been affected by changing utility prices since its prior study in 2007.

    Agency: Department of Energy
    Status: Open

    Comments: As of December 2016, we were working with DOE officials to confirm the status of their actions to implement the recommendation.
    Recommendation: To help ensure that agencies have sufficient information on ESPC performance to oversee whether future and current contracts are achieving their expected savings, the Secretaries of Defense, Energy, and Veterans Affairs; the Attorney General; and the Administrator of the General Services Administration should work with contractors to determine the best way to obtain estimates of cost and energy savings that are not achieved because of agency actions in order to include these estimates in future measurement and verification reports for existing contracts, in accordance with DOE guidance, and where economically feasible.

    Agency: Department of Defense
    Status: Open

    Comments: In comments on a draft of this report, DOD concurred with this recommendation. As of December 2016, we were working with DOD officials to confirm the status of their actions to implement the recommendation.
    Recommendation: To help ensure that agencies have sufficient information on ESPC performance to oversee whether future and current contracts are achieving their expected savings, the Secretaries of Defense, Energy, and Veterans Affairs; the Attorney General; and the Administrator of the General Services Administration should work with contractors to determine the best way to obtain estimates of cost and energy savings that are not achieved because of agency actions in order to include these estimates in future measurement and verification reports for existing contracts, in accordance with DOE guidance, and where economically feasible.

    Agency: Department of Energy
    Status: Open

    Comments: As of December 2016, we were working with DOE officials to confirm the status of their actions to implement the recommendation.
    Recommendation: To help ensure that agencies have sufficient information on ESPC performance to oversee whether future and current contracts are achieving their expected savings, the Secretaries of Defense, Energy, and Veterans Affairs; the Attorney General; and the Administrator of the General Services Administration should work with contractors to determine the best way to obtain estimates of cost and energy savings that are not achieved because of agency actions in order to include these estimates in future measurement and verification reports for existing contracts, in accordance with DOE guidance, and where economically feasible.

    Agency: Department of Justice
    Status: Open

    Comments: In comments on a draft of this report, the Department of Justice agreed with the recommendation. As of December 2016, we were working with Department of Justice officials to confirm the status of their actions to implement the recommendation.
    Recommendation: To help ensure that agencies have sufficient information on ESPC performance to oversee whether future and current contracts are achieving their expected savings, the Secretaries of Defense, Energy, and Veterans Affairs; the Attorney General; and the Administrator of the General Services Administration should work with contractors to determine the best way to obtain estimates of cost and energy savings that are not achieved because of agency actions in order to include these estimates in future measurement and verification reports for existing contracts, in accordance with DOE guidance, and where economically feasible.

    Agency: Department of Veterans Affairs
    Status: Open

    Comments: In comments on a draft of this report, the Department of Veterans Affairs did not agree with the recommendation, but suggested changes, which we incorporated. As of December 2016, we were working with Department of Veterans Affairs officials to confirm the status of their actions to implement the recommendation.
    Recommendation: To help ensure that agencies have sufficient information on ESPC performance to oversee whether future and current contracts are achieving their expected savings, the Secretaries of Defense, Energy, and Veterans Affairs; the Attorney General; and the Administrator of the General Services Administration should work with contractors to determine the best way to obtain estimates of cost and energy savings that are not achieved because of agency actions in order to include these estimates in future measurement and verification reports for existing contracts, in accordance with DOE guidance, and where economically feasible.

    Agency: General Services Administration
    Status: Open

    Comments: In comments on a draft of this report, GSA agreed with the recommendation. As of December 2016, we were working with GSA officials to confirm the status of their actions to implement the recommendation.
    Director: Johana Ayers
    Phone: (202) 512-5741

    1 open recommendations
    Recommendation: To ensure that the Defense Civilian Personnel Advisory Service (DCPAS) and DOD components are determining LQA eligibility consistently with DOD's LQA Instruction, the DSSR, and OPM compensation claim decisions, the Secretary of Defense should direct the Under Secretary of Defense for Personnel and Readiness to require the Deputy Assistant Secretary of Defense for Civilian Personnel Policy or DCPAS, as delegated, to monitor reviews of LQA eligibility determinations conducted by DOD components.

    Agency: Department of Defense
    Status: Open

    Comments: On February 11, 2016, the Deputy Assistant Secretary of Defense for Civilian Personnel Policy issued a memorandum to conduct a review of overseas allowances and differentials (including Living Quarters Allowance (LQA)) paid to civilian employees. This memorandum orders DOD components to review 5 percent of their employees who received LQA during the calendar year 2015. These reports are to identify the employees locations, the annual amount of each allowance each employee receives, the laws and regulations authorizing the allowance, and confirmation that supporting documents used to determine employee eligibility for the allowance were reviewed and found acceptable. The February 2016 memorandum states that these reviews should be completed within 90 days of its issuance. However, the memorandum does not require the monitoring of these reviews by the Defense Civilian Personnel Advisory Service. In the absence of such a requirement, Defense Civilian Personnel Advisory Service officials told us in May 2016 that they had started receiving the results of these reviews and would assess them as soon as possible for any inconsistencies. These officials have not yet provided any documents demonstrating their monitoring of these reviews.
    Director: John Neumann
    Phone: (202) 512-3841

    1 open recommendations
    including 1 priority recommendation
    Recommendation: To improve the ability of the federal veterinarian workforce to carry out its activities, and to prepare for an emergency involving a large-scale animal disease outbreak, the Secretary of Agriculture should direct the Administrator of the Animal and Plant Health Inspection Service to assess the veterinarian workforce needs under possible scenarios for an emergency response to a large-scale animal disease outbreak. Building on the Talent Management Advisory Council's (TMAC) efforts to determine the veterinarian workforce needed to respond to an animal disease outbreak, the assessment should include the number and types of veterinarians needed, the sources required to have a sufficient workforce to respond, and the training needed to carry out their roles.

    Agency: Department of Agriculture
    Status: Open
    Priority recommendation

    Comments: USDA provided information in April 2017 on steps taken to partially address this recommendation. According to USDA, the agency uses its experiences with real-world animal disease outbreaks, such as recent outbreaks of highly pathogenic avian influenza, to assess its veterinarian workforce needs. To fully implement this recommendation, APHIS needs to develop an estimate of the number of veterinarians necessary to respond to large-scale animal disease outbreaks, such as a nationwide foot-and-mouth disease outbreak in livestock.
    Director: Carol R. Cha
    Phone: (202) 512-4456

    27 open recommendations
    Recommendation: To help the department effectively manage spending on mobile devices and services, the Secretary of Commerce should ensure an inventory of mobile devices and services is established department-wide (i.e., all components' devices and associated services are accounted for).

    Agency: Department of Commerce
    Status: Open

    Comments: The Department of Commerce has not yet implemented this recommendation. In response to our report, the department said it planned to address the recommendation by the second quarter of fiscal year 2016. However, as of August 2017, it had not demonstrated that it had done so. We will continue to monitor the department's progress.
    Recommendation: To help the department effectively manage spending on mobile devices and services, the Secretary of Commerce should ensure a reliable department-wide inventory of mobile service contracts is developed and maintained.

    Agency: Department of Commerce
    Status: Open

    Comments: The Department of Commerce has not yet implemented this recommendation. In response to our report, the department said it planned to address the recommendation by the second quarter of fiscal year 2016. However, as of August 2017, it had not demonstrated that it had done so. We will continue to monitor the department's progress.
    Recommendation: To help the department effectively manage spending on mobile devices and services, the Secretary of Commerce should ensure procedures to monitor and control spending are established department-wide. Specifically, ensure that (1) procedures include assessing devices for zero, under, and over usage; (2) personnel with authority and responsibility for performing the procedures are identified; and (3) the specific steps to be taken to perform the process are documented.

    Agency: Department of Commerce
    Status: Open

    Comments: The Department of Commerce has not yet implemented this recommendation. In response to our report, the department said it planned to address the recommendation by the second quarter of fiscal year 2016. However, as of August 2017, it had not demonstrated that it had done so. We will continue to monitor the department's progress.
    Recommendation: To help the department effectively manage spending on mobile devices and services, the Secretary of Defense should ensure an inventory of mobile devices and services is established department-wide (i.e., all components' devices and associated services are accounted for).

    Agency: Department of Defense
    Status: Open

    Comments: As of August 2017, the Department of Defense had not implemented this recommendation. In July 2016, the department reported that it does not maintain a single, centralized device-level inventory and, instead, the military departments track and manage their own devices and contracted wireless services as separate enterprises. However, as we stated in our report, the inventory need not be generated centrally at the headquarters level; the department can compile a comprehensive inventory using its components' complete inventories. We will continue to monitor the department's efforts to address this recommendation.
    Recommendation: To help the department effectively manage spending on mobile devices and services, the Secretary of Defense should ensure a reliable department-wide inventory of mobile service contracts is developed and maintained.

    Agency: Department of Defense
    Status: Open

    Comments: As of August 2017, the Department of Defense had not implemented this recommendation. The department updated its mobile services contract inventory in August 2015; however, as of August 2017, the department had not demonstrated that it has maintained the inventory. We will continue to monitor the department's efforts to implement the recommendation.
    Recommendation: To help the department effectively manage spending on mobile devices and services, the Secretary of Health and Human Services should ensure procedures to monitor and control spending are established department-wide. Specifically, ensure that (1) procedures include assessing devices for zero, under, and over usage; (2) personnel with authority and responsibility for performing the procedures are identified; and (3) the specific steps to be taken to perform the process are documented.

    Agency: Department of Health and Human Services
    Status: Open

    Comments: The Department of Health and Human Services has not implemented this recommendation. In April 2016, an audit liaison in the Office of the Chief Information Officer reported that each component maintains processes and procedures for device management. However, as of August 2017, the department had not provided evidence that components have established procedures that address the elements of our recommendation. We will continue to monitor the department's implementation of this recommendation.
    Recommendation: To help the department effectively manage spending on mobile devices and services, the Secretary of Homeland Security should ensure an inventory of mobile devices and services is established department-wide (i.e., all components' devices and associated services are accounted for).

    Agency: Department of Homeland Security
    Status: Open

    Comments: The Department of Homeland Security has taken steps to implement this recommendation. Specifically, it developed inventories for the two components we reviewed. The department also reported that it had identified all components' devices. However, as of August 2017, it had not provided evidence that all the components had an inventory of unique devices and associated services. We will continue to monitor the department's efforts to implement the recommendation.
    Recommendation: To help the department effectively manage spending on mobile devices and services, the Secretary of Homeland Security should ensure a reliable department-wide inventory of mobile service contracts is developed and maintained.

    Agency: Department of Homeland Security
    Status: Open

    Comments: The Department of Homeland Security has taken steps to implement the recommendation, but more needs to be done. Specifically, in May 2017, the department developed an enterprise-wide inventory of mobile service contracts; however, the department has not demonstrated that it has maintained the inventory quarterly. We will continue to monitor the department's efforts to fully implement the recommendation.
    Recommendation: To help the department effectively manage spending on mobile devices and services, the Secretary of Homeland Security should ensure procedures to monitor and control spending are established department-wide. Specifically, ensure that (1) procedures include assessing devices for zero, under, and over usage; (2) personnel with authority and responsibility for performing the procedures are identified; and (3) the specific steps to be taken to perform the process are documented.

    Agency: Department of Homeland Security
    Status: Open

    Comments: The Department of Homeland Security has not implemented the recommendation. In August 2017, a Program Management Specialist in the Office of the Chief Information Office described steps the department was taking as it considers a follow-on to its department-wide blanket purchase agreement for wireless expense management services. We will continue to monitor the department's efforts to implement the recommendation.
    Recommendation: To help the department effectively manage spending on mobile devices and services, the Secretary of the Interior should ensure an inventory of mobile devices and services is established department-wide (i.e., all components' devices and associated services are accounted for).

    Agency: Department of the Interior
    Status: Open

    Comments: The Department of the Interior has not implemented this recommendation. As of May 2017, the department was in the process of migrating its cellular service contracts to the General Services Administration's federal wireless strategic sourcing initiative blanket purchase agreement as its agency-wide solution for mobile devices and services. According to the department, the initiative requires awardee(s) and orderers to conduct a complete inventory of devices and legacy service contracts as they transition to the blanket purchase agreement. According to the department's transition plan, the transition is to be complete by February 2018. We will continue to monitor the department's efforts to implement the recommendation.
    Recommendation: To help the department effectively manage spending on mobile devices and services, the Secretary of the Interior should ensure a reliable department-wide inventory of mobile service contracts is developed and maintained.

    Agency: Department of the Interior
    Status: Open

    Comments: The Department of the Interior has not implemented this recommendation. As of May 2017, the department was in the process of migrating its cellular service contracts to the General Services Administration's federal wireless strategic sourcing initiative blanket purchase agreement as its agency-wide solution for mobile devices and services. According to the department, the initiative requires awardee(s) and orderers to conduct a complete inventory of devices and legacy service contracts as they transition to the blanket purchase agreement. According to the department's transition plan, the transition is to be complete by February 2018. We will continue to monitor the department's efforts to implement the recommendation.
    Recommendation: To help the department effectively manage spending on mobile devices and services, the Attorney General should ensure procedures to monitor and control spending are established department-wide. Specifically, ensure that (1) procedures include assessing devices for zero, under, and over usage; (2) personnel with authority and responsibility for performing the procedures are identified; and (3) the specific steps to be taken to perform the process are documented.

    Agency: Department of Justice
    Status: Open

    Comments: The Department of Justice has taken steps to implement this recommendation. Specifically, in response to our findings, the department's Chief Information Officer issued a memo that required components to establish procedures for regular reviews of invoices for wireless services to identify unused and underused devices or services, as well as any over-usage charges to service plans. However, as of August 2017, the department had not demonstrated that its components had implemented the requirements. We will continue to monitor the department's progress.
    Recommendation: To help the department effectively manage spending on mobile devices and services, the Secretary of State should ensure an inventory of mobile devices and services is established department-wide (i.e., all components' devices and associated services are accounted for).

    Agency: Department of State
    Status: Open

    Comments: The Department of State has not yet implemented this recommendation. In July 2017, the department stated that it planned to transition its mobile devices and services to the General Services Administration's Federal Strategic Sourcing Initiative. However, the department has not addressed developing an inventory of mobile devices and services. We will continue to monitor the department's progress in implementing this recommendation.
    Recommendation: To help the department effectively manage spending on mobile devices and services, the Secretary of State should ensure a reliable department-wide inventory of mobile service contracts is maintained.

    Agency: Department of State
    Status: Open

    Comments: The Department of State has not implemented this recommendation. In July 2017, the department stated that it plans to transition its mobile devices and services to the General Services Administration's Federal Strategic Sourcing Initiative. However, the department has not addressed developing an inventory of mobile service contracts. We will continue to monitor the department's progress in implementing this recommendation.
    Recommendation: To help the department effectively manage spending on mobile devices and services, the Secretary of State should ensure procedures to monitor and control spending are established department-wide. Specifically, ensure that (1) procedures include assessing devices for zero, under, and over usage; (2) personnel with authority and responsibility for performing the procedures are identified; and (3) the specific steps to be taken to perform the process are documented.

    Agency: Department of State
    Status: Open

    Comments: The Department of State has not yet implemented this recommendation. In July 2017, the department stated that it was in the process of implementing a Telecommunications Expense Management System to provide visibility into mobile spending, asset management, usage, and tracking. However, the department has not provided evidence that it has established procedures that address the elements of our recommendation . We will continue to monitor the department's progress in implementing this recommendation.
    Recommendation: To help the department effectively manage spending on mobile devices and services, the Secretary of Transportation should ensure procedures to monitor and control spending are established department-wide. Specifically, ensure that (1) procedures include assessing devices for zero, under, and over usage; (2) personnel with authority and responsibility for performing the procedures are identified; and (3) the specific steps to be taken to perform the process are documented.

    Agency: Department of Transportation
    Status: Open

    Comments: The Department of Transportation has not yet demonstrated that it has implemented our recommendation. Specifically, as of August 2017, neither of the two components we reviewed in May 2015 had addressed the weaknesses we identified in their procedures. We will continue to monitor the department's progress in implementing this recommendation.
    Recommendation: To help the department effectively manage spending on mobile devices and services, the Secretary of the Treasury should ensure an inventory of mobile devices and services is established department-wide (i.e., all components' devices and associated services are accounted for).

    Agency: Department of the Treasury
    Status: Open

    Comments: The Department of the Treasury has not yet implemented this recommendation. In May 2016, the Department of the Treasury stated that it had performed data calls to collect data on mobile device inventories across the department. However, as of August 2017, the department had not demonstrated that it had established a department-wide inventory of mobile devices and services. We will monitor the department's progress in implementing this recommendation.
    Recommendation: To help the department effectively manage spending on mobile devices and services, the Secretary of Veterans Affairs should ensure procedures to monitor and control spending are established department-wide. Specifically, ensure that (1) procedures include assessing devices for zero, under, and over usage; (2) personnel with authority and responsibility for performing the procedures are identified; and (3) the specific steps to be taken to perform the process are documented.

    Agency: Department of Veterans Affairs
    Status: Open

    Comments: The Department of Veterans Affairs has not yet implemented this recommendation. The department stated that its Office of Information and Technology drafted documentation for the development and implementation of a system to manage spending on mobile devices and services. However, the solution had not been funded. The department stated that a target date for addressing the recommendation is December 2017, conditional upon available funds.
    Recommendation: To help the agency effectively manage spending on mobile devices and services, the Administrator of the Environmental Protection Agency should ensure a complete inventory of mobile devices and associated services is established.

    Agency: Environmental Protection Agency
    Status: Open

    Comments: The Environmental Protection Agency had taken steps to implement this recommendation. Specifically, it reported that it had conducted a management review and identified improvements to ensure that the agency has a complete inventory of mobile devices and services. However, as of August 2017, it had not demonstrated that it had established a complete inventory. We will continue to monitor the agency's progress.
    Recommendation: To help the agency effectively manage spending on mobile devices and services, the Administrator of the Environmental Protection Agency should ensure procedures to monitor and control spending are established agency-wide. Specifically, ensure that (1) procedures include assessing devices for zero, under, and over usage; (2) personnel with authority and responsibility for performing the procedures are identified; and (3) the specific steps to be taken to perform the process are documented.

    Agency: Environmental Protection Agency
    Status: Open

    Comments: The Environmental Protection Agency has not yet implemented this recommendation. The agency stated that program offices receive quarterly mobile device usage reports and are requested to review them. However, as of August 2017, the agency had not provided documented procedures that address the elements of our recommendation.
    Recommendation: To help the agency effectively manage spending on mobile devices and services, the Administrator of the National Aeronautics and Space Administration should ensure a complete inventory of mobile devices and associated services is established.

    Agency: National Aeronautics and Space Administration
    Status: Open

    Comments: The National Aeronautics and Space Administration (NASA) has not yet implemented the recommendation. In August 2017, officials from NASA's Office of the Chief Information Officer stated that the agency plans to address the recommendation through a strategic sourcing approach the agency is developing and estimates implementing in fiscal year 2018. The officials stated that the agency expects to fully address the recommendation by December 2018.
    Recommendation: To help the agency effectively manage spending on mobile devices and services, the Administrator of the National Aeronautics and Space Administration should ensure a reliable inventory of mobile service contracts is developed and maintained.

    Agency: National Aeronautics and Space Administration
    Status: Open

    Comments: The National Aeronautics Administration (NASA) has not yet implemented the recommendation. In August 2017, officials from NASA's Office of the Chief Information Officer stated that the agency plans to address the recommendation through a strategic sourcing approach the agency is developing and estimates implementing in fiscal year 2018. The officials stated that the agency expects to fully address the recommendation by March 2019.
    Recommendation: To help the agency effectively manage spending on mobile devices and services, the Administrator of the National Aeronautics and Space Administration should ensure procedures to monitor and control spending are established agency-wide. Specifically, ensure that (1) procedures include assessing devices for zero, under, and over usage; (2) personnel with authority and responsibility for performing the procedures are identified; and (3) the specific steps to be taken to perform the process are documented.

    Agency: National Aeronautics and Space Administration
    Status: Open

    Comments: The National Aeronautics and Space Administration (NASA) has not implemented the recommendation. In August 2017, officials from NASA's Office of the Chief Information Officer stated that the agency plans to address the recommendation through an Enterprise Mobility Service Contract that it plans to fully transition to by July 2019. The officials stated that the contract will allow the agency to monitor and optimize usage.
    Recommendation: To help the agency effectively manage spending on mobile devices and services, the Commissioner of the Social Security Administration should ensure a complete inventory of mobile devices and associated services is established.

    Agency: Social Security Administration
    Status: Open

    Comments: The Social Security Administration (SSA) described steps it was taking to address our recommendation. Specifically, the agency stated that it had deployed and is operating a Mobile Expense Management System that will be used to maintain an enterprise-wide inventory of mobile devices and associated services once all the agency's mobile service contracts/accounts have been successfully consolidated onto one of the agency's blanket purchasing agreements. SSA expected to complete this consolidation in the September to October 2016 timeframe. However, as of August 2017, the agency had not demonstrated that it had implemented the recommendation. We will continue to monitor its progress in implementing this recommendation.
    Recommendation: To help the agency effectively manage spending on mobile devices and services, the Commissioner of the Social Security Administration should ensure procedures to monitor and control spending are established agency-wide. Specifically, ensure that (1) procedures include assessing devices for zero, under, and over usage; (2) personnel with authority and responsibility for performing the procedures are identified; and (3) the specific steps to be taken to perform the process are documented.

    Agency: Social Security Administration
    Status: Open

    Comments: The Social Security Administration (SSA) described steps it was taking to address this recommendation. Specifically, the agency stated that representatives from various agency components were working to develop and document the policies, guidelines, processes, and procedures to effectively implement an enterprise model for mobile provisioning and management. SSA expects to complete this effort in fiscal year 2017. As of August 2017, the agency had not demonstrated that it had addressed the recommendation. We will continue to monitor its progress in implementing this recommendation.
    Recommendation: To help the department effectively manage spending on mobile devices and services, the Secretary of the Treasury should ensure procedures to monitor and control spending are established department-wide. Specifically, ensure that (1) procedures include assessing devices for zero, under, and over usage; (2) personnel with authority and responsibility for performing the procedures are identified; and (3) the specific steps to be taken to perform the process are documented.

    Agency: Department of the Treasury
    Status: Open

    Comments: The Department of the Treasury has not yet implemented this recommendation. In May 2016, the department stated that it had awarded two contracts to facilitate mobile device management, and had advised its bureaus to track, analyze, and manage mobile device use and cost in accordance with GAO guidance at their level until migration to the department-wide contracts has been completed. However, as of August 2017, the department had not demonstrated that it had established department-wide procedures to monitor and control spending on mobile devices and services. We will continue to monitor the department's progress in implementing this recommendation.
    Recommendation: To better enable OMB to oversee agency efforts to consolidate mobile telecommunications contracts, the Director should measure and report progress in achieving its goal of cost savings through consolidation, as described in the 2012 Digital Government Strategy.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: As of August 2017, the Office of Management and Budget (OMB) had made progress in implementing this recommendation by requiring agencies to track savings; however, it had not yet reported progress in achieving its goal of cost savings. Specifically, in August 2016, OMB issued a policy requiring covered agencies to appoint, by November 2016, a dedicated lead for mobile devices and services. The official is expected to work closely with senior agency officials to establish and maintain an agency-wide inventory of mobile contracts, identify opportunities for contract consolidation, and track savings, among other things. In addition, according to an official in OMB's Office of Federal Procurement, a team led by OMB, the General Services Administration, and the departments of Defense and Homeland Security, is to develop an approach for measuring savings related to mobile devices and services.
    Director: Kay Brown
    Phone: (202) 512-7215

    1 open recommendations
    Recommendation: The Secretary of the Department of Health and Human Services should facilitate development of a cross-agency federal strategy to help ensure that federal resources from Administration for Community Living, CMS, USDA, HUD, and DOT are effectively and efficiently used to support a comprehensive system of HCBS and related supports for older adults. Through such a strategy the agencies could, for example, define common outcomes for affordable housing with supportive services, non-medical transportation, and nutrition assistance at the federal level; develop lessons learned for the local networks that area agencies on aging and community-based organizations are forming; and develop strategies for leveraging limited resources.

    Agency: Department of Health and Human Services
    Status: Open

    Comments: HHS agreed with this recommendation, noting that it continually strives to improve its strategic coordination and described ways that it facilitates cross agency strategic efforts, including a community-living initiative with HUD and an interagency workgroup on Olmstead requirements. HHS also described collaboration by HHS and HUD on policy research projects concerning housing and supportive services for older adults, including a comparison of health service utilization by older adults who live in assisted housing with those who do not and an evaluation of a demonstration in Vermont that provides services and supports to residents of HUD-assisted housing. We continue to encourage HHS to engage all five agencies to develop a cross agency federal strategy for administering home and community-based services for older adults. Using the eight practices to enhance and sustain interagency collaboration that we identified in prior work could help the five agencies address some of the challenges. In May 2016, HHS reported that it believes it addressed the recommendation and plans no additional action.
    Director: David Powner
    Phone: (202) 512-9286

    5 open recommendations
    Recommendation: To better ensure that the PortfolioStat initiative improves governmental efficiency and achieves cost savings, the Director of OMB should direct the Federal CIO to ensure that its reports to Congress about the results of IT reform efforts accurately reflect savings generated from all PortfolioStat initiatives, including those associated with FDCCI.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: In July 2016, we followed up with OMB on its efforts to address this recommendation. As of September 1, 2016, we were still waiting for the agency's response.
    Recommendation: To better ensure that the PortfolioStat initiative improves governmental efficiency and achieves cost savings, the Director of OMB should direct the Federal CIO to track agencies' planned savings and use them as a baseline for measuring reported actual savings.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: In July 2016, we followed up with OMB on its efforts to address this recommendation. As of September 1, 2016, we were still waiting for the agency's response.
    Recommendation: To better ensure that the PortfolioStat initiative improves governmental efficiency and achieves cost savings, the Director of OMB should direct the Federal CIO to require agencies to document specifically how the cost savings achieved from PortfolioStat have been reinvested.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: In July 2016, we followed up with OMB on its efforts to address this recommendation. As of September 1, 2016, we were still waiting for the agency's response.
    Recommendation: To better ensure that the PortfolioStat initiative improves governmental efficiency and achieves cost savings, the Director of OMB should direct the Federal CIO to establish time frames for completing assigned PortfolioStat action items and hold agencies accountable for meeting those time frames.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: In July 2016, we followed up with OMB on its efforts to address this recommendation. As of September 1, 2016, we were still waiting for the agency's response.
    Recommendation: The Secretary of Defense should direct the Chief Information Officer to revisit the 25 cost initiatives GAO reported in GAO-14-65 to identify those that have achieved savings and cost avoidances and report those savings and avoidances to OMB.

    Agency: Department of Defense
    Status: Open

    Comments: In March 2016, during our review of federal agencies' efforts to rationalize their portfolio of software applications, the department reported that it does not collect data specifically on savings and cost avoidance associated with the business and enterprise IT applications that comprise most of the 25 cost initiatives reported in GAO-14-65. We will continue to follow up with the department on this recommendation.
    Director: Michelle Sager
    Phone: (202) 512-6806

    3 open recommendations
    Recommendation: To better ensure the adherence to requirements for approval and public access to and feedback on significant guidance in accordance with OMB's Final Bulletin for Agency Good Guidance Practices (M-07-07), the Secretary of HHS should develop written procedures for the approval of significant guidance documents.

    Agency: Department of Health and Human Services
    Status: Open

    Comments: In comments printed in the April 2015 final report, HHS concurred with the recommendation and stated that it would explore the best mechanism for distributing written procedures for approval of significant guidance. As of August 2017, GAO is working with HHS officials to obtain additional updates and documentation regarding the department's implementation of this recommendation.
    Recommendation: To improve agencies' guidance development, review, evaluation, and dissemination processes for non-significant guidance, we recommend that the Secretaries of USDA, HHS, DOL, and Education should strengthen their selected components' application of internal controls to guidance processes by adopting, as appropriate, practices developed by other departments and components, such as assessment of risk; written procedures and tools to promote the consistent implementation and communication of management directives; and ongoing monitoring efforts to ensure that guidance is being issued appropriately and has the intended effect. Examples of practices that could be adopted more widely include (1) written procedures for guidance production to, among other things, clearly define management roles; (2) improved communication tools, such as routing slips to document management review; and (3) consistent and ongoing monitoring to determine if guidance is being accessed and having the intended effect.

    Agency: Department of Health and Human Services
    Status: Open

    Comments: In comments printed in the April 2015 final report, HHS concurred with the recommendation and stated that it would continue to work with its agencies to share best practices and ensure that agency practices are alighted with departmental standards. As of August 2017, GAO is working with HHS officials to obtain additional updates and documentation regarding the department's implementation of this recommendation.
    Recommendation: To improve agencies' guidance development, review, evaluation, and dissemination processes for non-significant guidance, we recommend that the Secretaries of USDA, HHS, DOL, and Education should improve the usability of selected component websites to ensure that the public can easily find, access, and comment on online guidance. These improvements could be informed by the web and customer satisfaction metrics that components have collected on their websites. Some examples of changes that could facilitate public access to online guidance include (1) improving website usability by clarifying which links contain guidance; (2) highlighting new or important guidance; and (3) ensuring that posted guidance is current.

    Agency: Department of Health and Human Services
    Status: Open

    Comments: In comments printed in the April 2015 final report, HHS concurred with the recommendation and stated that it would review current links to guidance documents and explore ways to enhance their visibility and usability. As of August 2017, GAO is working with HHS officials to obtain additional updates and documentation regarding the department's implementation of this recommendation.
    Director: David A. Powner
    Phone: (202) 512-9286

    1 open recommendations
    Recommendation: To improve the effectiveness of OMB streamlining efforts and ensure agency CIOs are better able to carry out their responsibilities in managing IT, including implementing OMB's IT reform initiatives, the Director of OMB should direct the Federal CIO, in collaboration with agency CIOs, to ensure there is a common understanding with agency CIOs on the priority of the current reporting requirements and related IT reform initiatives. This should include addressing underlying reasons cited by CIOs regarding the usefulness of requirements, including when department priorities are reportedly different than OMB's and the burdensome and duplicative nature of requirements.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: The Office of Management and Budget (OMB) neither agreed or disagreed with our recommendation. Subsequently, OMB has taken steps to address some aspects of our recommendation. Specifically, in January 2017, OMB worked with the Chief Information Officer (CIO) Council to issue a report entitled "State of Federal Information Technology (SOFIT)" which outlined current IT trends and their key challenges, and made recommendations to improve implementation efforts. Notably, the report also identified differences in priorities between OMB and agency CIOs on key IT reform initiatives and the need for improved reporting requirements. In addition, in June 2017, OMB staff reported that they met the CIO and head of each agency this past spring regarding their priorities and challenges. While these are positive steps toward ensuring a common understanding of these initiatives and reporting requirements, OMB still needs to take action to address the underlying reasons for these differences in priorities and reduce burdensome and duplicative requirements. Until OMB takes action in these areas, there is a risk that key IT reform initiatives may not fully succeed. We will continue to evaluate OMB's progress in addressing our recommendation.
    Director: J. Christopher Mihm
    Phone: (202) 512-6806

    1 open recommendations
    Recommendation: The Director of the Office of Management and Budget should direct, as appropriate, federal agencies involved with the White House Working Group on Detroit, to collect good practices and lessons learned from their efforts to assist Detroit during its fiscal crisis and share them with other federal agencies and local governments. Toward this end, OMB may want to consider making use of existing knowledge and capacity associated with the Strong Cities, Strong Communities Initiative and its National Resource Network.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: In commenting on a draft of GAO's March 2015 report, OMB neither agreed nor disagreed with this recommendation. In April 2017, OMB staff stated that they believed steps had been taken to preserve some of the lessons coming out of the administration's efforts to assist the City of Detroit during its fiscal crisis. However, they were unable to provide specifics. GAO has requested additional information and supporting documentation regarding this effort.
    Director: Anne-Marie Fennell
    Phone: (202) 512-3841

    1 open recommendations
    Recommendation: To reduce the cost of the crop insurance program and achieve budgetary savings for deficit reduction or other purposes, Congress should consider reducing premium subsidies for the highest income participants.

    Agency: Congress
    Status: Open

    Comments: As of July 2017, we await Congressional action.
    Director: Andrew Sherrill
    Phone: (202) 512-7215

    5 open recommendations
    Recommendation: To better report the occupations filled by H-2B workers who have been approved by DHS, the Director of U.S. Citizenship and Immigration Services should implement during its transformation process to an electronic petition form, an occupation classification system that conforms to a national standard.

    Agency: Department of Homeland Security: United States Citizenship and Immigration Services
    Status: Open

    Comments: In September 2016, USCIS indicated that it was revising its Transformation Roadmap (schedule). The conversion to electronic nonimmigrant petitions is expected to be completed during the second quarter of fiscal year 2018. USCIS also noted that it is exploring the adoption of a single set of occupation codes across multiple form types, but has not yet made a final decision whether to implement this. USCIS estimates this recommendation will be completed by March 31, 2018.
    Recommendation: To help potential H-2A and H-2B workers and their advocates better assess employment offers and reduce their vulnerability to abuse, the Director of U.S. Citizenship and Immigration Services should, during its transformation to an electronic petition form, ensure that petition job information is collected in an electronic manner and made available to the public as soon as possible following a final adjudication decision. Such job information should include number of positions, wage, and any staffing, placement or recruitment agency the employer plans to use.

    Agency: Department of Homeland Security: United States Citizenship and Immigration Services
    Status: Open

    Comments: In September 2016, USCIS indicated that it was revising its Transformation Roadmap (schedule). The conversion to electronic nonimmigrant petitions is expected to be completed during the second quarter of fiscal year 2018. Therefore, USCIS estimates this recommendation will be completed by March 31, 2018.
    Recommendation: To help protect workers from being hired by employers who have been debarred from program participation, the Secretary of Labor should direct the Assistant Secretary, Employment and Training Administration, to use all employer-related information it collects on debarred employers to screen new applications.

    Agency: Department of Labor
    Status: Open

    Comments: In June 2016, the agency noted that it continues to screen for debarred employers in two ways: 1) by adding debarred employers to its iCERT System, which matches incoming employer applications using the federal Employer Identification Number; and 2) by conducting additional reviews during analyst case adjudications using a more expansive set of employer-related information. While the Employment and Training Administration explored enhancing its iCERT system in 2015 to flag more information on debarred employers, the agency said this enhancement was not pursued due to technical difficulties in matching open text fields (e.g., physical employer addresses).
    Recommendation: To ensure that H-2B workers are adequately protected and that DOL's investigative resources are appropriately focused, the Secretary of Labor should direct the Administrator, Wage and Hour Division, to review its enforcement efforts and conduct a national investigations-based evaluation of H-2B employers.

    Agency: Department of Labor
    Status: Open

    Comments: In June 2016, DOL's Wage and Hour Division (WHD) indicated that it is coordinating closely with the department's Chief Evaluation Office on evaluations and special projects involving data analytics. As a result of that coordination, it is shifting away from large-scale compliance surveys and toward leveraging internal enforcement data and external survey data to assess compliance levels in priority industries. Therefore, WHD is not currently considering a national level survey of the H-2B program. However, WHD indicated that its focus of enforcement resources on industries that employ workers vulnerable to violations of labor laws will include H-2B workers and employers.
    Recommendation: To determine to what extent, if any, the 2-year statute of limitations on debarment limits its use as a remedy for employers who violate program requirements: (1) the Secretary of Labor should direct the Assistant Secretary, Employment and Training Administration, and the Administrator, Wage and Hour Division, to collect data on the nature of the cases where debarment would have been recommended but was not because the 2-year statute of limitations had expired, and based on that data determine whether to pursue a legislative proposal to extend the statute of limitations; and (2) the Department of Labor Inspector General should direct the Assistant Inspector General, Office of Labor Racketeering and Fraud Investigations to provide the Assistant Secretary, Employment and Training Administration, and the Administrator, Wage and Hour Division, data on the number of referrals for debarment that the Inspector General's Office sent to the department after the 2-year statute of limitations had expired.

    Agency: Department of Labor
    Status: Open

    Comments: In June 2016, DOL indicated that it was considering the utility of collecting these data in light of the fact that the new H-2B regulations that were issued in April 2015 eliminated the 2-year statute of limitations for the H-2B program. We continue to believe, however, that this data collection would be valuable given that the H-2A program is still subject to the 2-year statute of limitations. The department indicated it is undertaking a modernization of its data systems--by implementing a data governance structure that will manage its data as a business asset--and our recommendation for the collection of these data will be vetted through this process.
    Director: Beryl H. Davis
    Phone: (202) 512-2623

    3 open recommendations
    Recommendation: To help reduce the risk that improper payment estimates related to DRAA funding developed and reported by selected agencies may not be accurate or reliable, and to help ensure that DOT produces reliable estimates of its DRAA improper payments, as applicable to each administration, the Secretary of Transportation should direct the Administrators of the Federal Aviation Administration, Federal Highway Administration, Federal Railroad Administration, and Federal Transit Administration to revise their policies and procedures for estimating improper payments by: (1) clearly identifying roles and responsibilities for estimating improper payments; (2) defining improper payments consistently with IPIA, as amended, and OMB Circular No. A-123, Appendix C; (3) requiring payments to federal employees to be included in populations for testing as required by IPIA, as amended; (4) including steps to assess the completeness of the population of transactions used for selecting the samples to be tested; (5) requiring the agency to maintain sufficient documentation to support improper payment estimates; (6) requiring that the sampling methodologies meet the precision requirements outlined in OMB Circular No. A-123, Appendix C; and (7) requiring a consultation with a statistician to ensure the validity of sample design, sample size, and measurement methodology.

    Agency: Department of Transportation
    Status: Open

    Comments: On April 14, 2017, we were informed that the Office of the Chief Financial Officer has oversight over the Department of Transportation's (DOT) improper payments implementation and is revising DOT's policies for estimating improper payments. DOT plans to complete this action by 10/31/2017. We will continue to monitor the status of this recommendation.
    Recommendation: To help reduce the risk that improper payment estimates related to DRAA funding developed and reported by selected agencies may not be accurate or reliable, and to help ensure that the Department of Housing and Urban Development produces reliable estimates of its DRAA improper payments, the Secretary of Housing and Urban Development should direct appropriate officials to revise its policies and procedures for estimating improper payments by (1) requiring payments to federal employees to be included in populations for testing as required by the Improper Payments Information Act of 2002 (IPIA), as amended, and (2) including steps to assess the completeness of the population of transactions used for selecting the samples to be tested.

    Agency: Department of Housing and Urban Development
    Status: Open

    Comments: Overall, we believe the Department of Housing and Urban Development (HUD) is on track for taking corrective actions that meet the intent of GAO recommendation. For example, we believe HUD has met the intent of this recommendation with regards to HUD revising its policies and procedures for estimating improper payments. Specifically, we have reviewed HUD's updated recapture audit plan dated June 26, 2015, and verified it requires payments to federal employees to be included in populations for testing. However, we do not believe HUD has met the intent of this recommendation with regards to including steps to assess the completeness of the population of transactions used for selecting the samples to be tested. Specifically, we have not seen where HUD's policies and procedures show how HUD ensures that it is selecting from a complete list of grantee files when conducting tests related to estimating improper payments. On July 19, 2017, a HUD official explained that HUD does not have controls in place to ensure that the grantee files are complete. Further, the HUD official indicated that the grantee files come from the grantee, and HUD relies on the grantees to provide a complete list of files. However, HUD does not currently have a way to verify that this list is complete. According to the HUD official, HUD he will explore options HUD can implement for ensuring that grantee files are complete, including possibly having grantees to sign a statement certifying that their grantee files are complete when provided to HUD. We will continue to monitor the agency's actions to address this recommendation.
    Recommendation: To help reduce the risk that improper payment estimates related to DRAA funding developed and reported by selected agencies may not be accurate or reliable, and to help ensure that the U.S. Army Corps of Engineers (USACE) produces reliable estimates of its DRAA improper payments, the Secretary of the Army should direct the Chief of Engineers and Commanding General of USACE to revise policies and procedures for estimating improper payments by: (1) defining improper payments consistently with IPIA, as amended, and OMB Circular No. A-123, Appendix C; (2) requiring payments to federal employees to be included in populations for testing as required by IPIA, as amended; (3) including steps to assess the completeness of the population of transactions used for selecting the samples to be tested; (4) providing sufficient procedures for determining an error and what documentation is necessary to substantiate payment; and (5) requiring the agency to maintain sufficient documentation to support improper payment estimates.

    Agency: Department of Defense: Department of the Army
    Status: Open

    Comments: As of June 5, 2017, no updated information has been provided by the Department of Defense. We will continue to monitor the status of this recommendation.
    Director: Kay Brown
    Phone: (202) 512-7215

    2 open recommendations
    Recommendation: To improve the consistency of assistance provided to tribes, the Secretary of Health and Human Services should take steps to provide consistent title IV-E guidance to tribes across its regional offices.

    Agency: Department of Health and Human Services
    Status: Open

    Comments: In May 2015, HHS hired a tribal coordinator who will work in the Office of the Associate Commissioner of the Children's Bureau. The tribal coordinator's primary functions will include facilitating communication across the regions and with tribes to share experiences and information, so as to ensure greater consistency and clarity. While this hire represents an initial step towards improving communication with tribal title IV-E agencies, more time is needed for the tribal coordinator to implement policies and procedures that will ensure consistent title IV-E guidance to tribes across HHS regional offices. In May 2017, the agency reported that tribal coordinator position was ultimately elevated to the Office of the ACYF Commissioner and became the Commissioner's representative to the Tribes. We await documentation on any guidance provided to the regional offices that would help with consistency.
    Recommendation: To improve the timeliness of assistance provided to tribes, the Secretary of Health and Human Services should establish procedures to ensure reviews of draft title IV-E plans are conducted by regional office staff in a timely manner.

    Agency: Department of Health and Human Services
    Status: Open

    Comments: As of May 2017, HHS stated that it does not anticipate taking action in response to this recommendation because of its existing protocols for communicating with and responding to tribal title IV-E grantees. We maintain that establishing procedures, including but not limited to timeframes for responses, would help ensure that tribes receive timely feedback from regional offices regarding their draft title IV-E plans.
    Director: Maurer, Diana C
    Phone: (202) 512-9627

    2 open recommendations
    Recommendation: To improve disposition reporting that would help states update and complete criminal history records, the Director of the FBI should task the FBI Advisory Policy Board to establish a plan with time frames and milestones for achieving its Disposition Task Force's stated goals.

    Agency: Department of Justice: Federal Bureau of Investigation
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To better equip states to meet the regulatory requirement to notify individuals of their rights to challenge and update information in their criminal history records, and to ensure that audit findings are resolved, the Director of the FBI--in coordination with the Compact Council-- should determine why states do not comply with the requirement to notify applicants and use this information to revise its state educational programs accordingly.

    Agency: Department of Justice: Federal Bureau of Investigation
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Director: David A. Powner
    Phone: (202) 512-9286

    3 open recommendations
    Recommendation: To better facilitate the coordination of--and accountability for--the estimated billions of dollars in federal geospatial investments, to reduce duplication, and, specifically, to make progress toward an effective national infrastructure and to improve oversight on federal spending on geospatial data and assets, the Director of OMB should improve oversight of progress on the NSDI by requiring federal agencies to report on their efforts to establish and implement policies for identifying geospatial metadata on the Geospatial Platform and their procedures for utilizing the Marketplace feature of the Geospatial Platform before making new investments in geospatial data.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: As of September 7, 2017, OMB had not yet taken steps to require all federal agencies that invest in geospatial data to report on their efforts to establish and implement policies and procedures for utilizing the Geospatial Platform before making new investments in geospatial data. OMB officials in stated in December 2016 that they were in discussion with the Federal Geographic Data Committee (FGDC) on how to best address this issue, possibly in future guidance. On September 7, 2017, OMB officials stated that there have been no changes to the status of this recommendation, but that they anticipate the recommendation will be considered further once the new FGDC Steering Committee leadership and membership are in place; and the NSDI Strategic Plan actions and the potential for a new geospatial policy update are determined. However, OMB did not provide anticipated dates for these activities.
    Recommendation: To better facilitate the coordination of--and accountability for--the estimated billions of dollars in federal geospatial investments, to reduce duplication, and to help ensure the success of departmental efforts to improve geospatial coordination and reduce duplication, the Secretary of Agriculture should direct the designated senior agency official for geospatial information to develop and implement internal procedures to ensure that it accesses the Geospatial Platform Marketplace before it expends funds to collect or produce new geospatial data to determine (1) whether the information has already been collected by others and (2) whether cooperative efforts to obtain the data are possible.

    Agency: Department of Agriculture
    Status: Open

    Comments: The United States Department of Agriculture (Agriculture) issued a departmental regulation in August 2016 covering enterprise geospatial data management. The regulation applies to all Agriculture agencies, organizations and contractors, and addresses all geospatial authoritative data sources. It states that all Agriculture agencies and staff offices will follow documented procedures approved by the Office of the Chief Information Officer (OCIO) to conduct a formal search of the Geospatial Marketplace prior to expending funds for geospatial data acquisitions. However, Agriculture has yet to provide the OCIO-approved documented procedures, or evidence of their implementation. According to an Agriculture official in July 2017, the new procedures are under review, and they hope to have implemented them by the end of December 2017.
    Recommendation: To increase coordination between various levels of government and reduce duplication of effort, resources, and costs associated with collecting and maintaining accurate address data, Congress should consider assessing the impact of the disclosure restrictions of Section 9 of Title 13 and Section 412 of Title 39 of the U.S. Code in moving toward a national geospatial address database. If warranted, Congress should consider revising those statutes to authorize the limited release of addresses, without any personally identifiable information, specifically for geospatial purposes. Such a change, if deemed appropriate, could potentially result in significant savings across federal, state, and local governments.

    Agency: Congress
    Status: Open

    Comments: There has been no legislative action identified as of August 16, 2017. Addressing this action, which GAO suggested in February 2015, could increase coordination between various levels of government and reduce duplication of effort, resources, and costs associated with collecting and maintaining accurate address data.
    Director: Zina D. Merritt
    Phone: (202) 512-5257

    3 open recommendations
    Recommendation: To help DOD increase the efficiency and effectiveness of its management of its business operations, and to enhance DOD's ability to achieve its business transformation efforts, the Secretary of Defense should direct the Deputy Secretary of Defense, in his capacity as the CMO, to ensure that the DCMO document business transformation priorities and communicate these priorities to officials responsible for DOD's business functions.

    Agency: Department of Defense
    Status: Open

    Comments: DOD has developed an updated draft of its Agency Strategic Plan for Fiscal Years 2015-2018. Once this draft is signed and issued, we believe it will communicate the department's priorities for its business operations. DOD DCMO officials estimate that the plan will be signed and issued in October 2016.
    Recommendation: To help DOD increase the efficiency and effectiveness of its management of its business operations, and to enhance DOD's ability to achieve its business transformation efforts, the Secretary of Defense should direct the Deputy Secretary of Defense, in his capacity as the CMO, to ensure that the DCMO oversee the development of a corrective action plan, in coordination with officials responsible for DOD business functions, that outlines the root causes for business transformation weaknesses and the solutions needed to address those weaknesses.

    Agency: Department of Defense
    Status: Open

    Comments: DOD has developed an appendix in an updated draft of its Agency Strategic Plan for Fiscal Years 2015-2018 that is titled "Performance Action Plan," but we not yet reviewed this appendix, so cannot assess whether this would meet the intent of our recommendation that they develop a corrective action plan. DOD DCMO officials estimate that the plan, which includes this appendix, will be signed and issued in October 2016.
    Recommendation: To help DOD increase the efficiency and effectiveness of its management of its business operations, and to enhance DOD's ability to monitor the progress of its business transformation efforts, the Secretary of Defense should direct the Office of the DCMO to, in coordination with officials responsible for DOD's business functions, develop performance measures that reflect key attributes of successful performance measures, such as clarity, comprehensiveness, and linkage.

    Agency: Department of Defense
    Status: Open

    Comments: DOD has developed an updated draft of its Agency Strategic Plan for Fiscal Years 2015-2018 that contains a set of performance measures that are more clear and comprehensive than the measures contained in previous strategic plans. This plan also demonstrates how the performances measures to link to strategic goals and objectives. DOD DCMO officials estimate that the plan will be signed and issued in October 2016.
    Director: Charles Michael Johnson, Jr.
    Phone: (202) 512-7331

    3 open recommendations
    including 2 priority recommendations
    Recommendation: Given the significant unobligated balances of about $260 million in the ESF account for Egypt previously allocated for a cash transfer that the administration has stated it no longer intends to carry out, the Secretary of State and the USAID Administrator should work to develop plans for an alternate use of these funds, in consultation with the appropriate committees of Congress. As part of planning for these funds, State should also consider ways that this funding could potentially be used to offset future budget requests.

    Agency: Department of State
    Status: Open
    Priority recommendation

    Comments: In written comments on our draft report, State and USAID generally concurred with our recommendation. State and USAID reported in May 2016 that the agencies had reprogrammed $230 million of the $260 million previously allocated for the cash transfer to the Egyptian government for programs in Syria, Iraq, Tunisia, and Egypt, among other countries. As of May 2017, State and USAID had not yet made a decision on how to best utilize the remaining $30 million. GAO will continue to monitor agency efforts to fully implement this recommendation.
    Recommendation: Given the significant unobligated balances of about $260 million in the ESF account for Egypt previously allocated for a cash transfer that the administration has stated it no longer intends to carry out, the Secretary of State and the USAID Administrator should work to develop plans for an alternate use of these funds, in consultation with the appropriate committees of Congress. As part of planning for these funds, State should also consider ways that this funding could potentially be used to offset future budget requests.

    Agency: United States Agency for International Development
    Status: Open
    Priority recommendation

    Comments: In written comments on our draft report, State and USAID generally concurred with our recommendation. State and USAID reported in May 2016 that the agencies had reprogrammed $230 million of the $260 million previously allocated for the cash transfer to the Egyptian government for programs in Syria, Iraq, Tunisia, and Egypt, among other countries. As of May 2017, State and USAID had not yet made a decision on how to best utilize the remaining $30 million. GAO will continue to monitor agency efforts to fully implement this recommendation.
    Recommendation: To help ensure the timely completion of an evaluation of security assistance to Egypt that is required by State policy, the Secretary of State should establish specific time frames for completing such an evaluation.

    Agency: Department of State
    Status: Open

    Comments: State agreed with this recommendation. State noted that while evaluation of security assistance to Egypt poses challenges, it views evaluation as a critical tool for accountability and program improvement and will continue to pursue a formal evaluation of security assistance to Egypt. As of August 2017, State had not established specific time frames for such an evaluation. However, according to State officials, the department had begun preliminary data collection in anticipation of an evaluation at some point in the future. GAO will continue to monitor agency efforts to fully implement this recommendation.
    Director: Vijay A. D'Souza
    Phone: (202) 512-7114

    1 open recommendations
    Recommendation: In order to ensure that efforts to address prenatal opioid use and NAS are systematically and effectively planned and coordinated across the federal government, the Director of ONDCP should document the process, including discussions held and information considered, of developing action items on prenatal opioid use and NAS. This may include documenting gaps that were considered in developing action items.

    Agency: Executive Office of the President: Office of National Drug Control Policy
    Status: Open

    Comments: In May 2017 and July 2017, ONDCP officials described the process used to develop the action items related to prenatal opioid use and NAS for the 2015 National Drug Control Strategy report. Specifically, officials described working directly with federal agencies to identify proposals for action items and review proposals during an interagency working group meeting in March 2015. However, ONDCP officials could not provide us any formal documentation, such as meeting minutes, showing the process used or what gaps were considered in developing the action items. ONDCP officials also told us the action items related to prenatal opioid use and NAS for the 2015 Strategy have been generally completed. No action items related to prenatal opioid use and NAS were included in the 2016 Strategy and ONDCP officials said they did not know whether any related action items will be included for the 2017 Strategy. We will update the status of this recommendation after future Strategy reports are published.
    Director: Marie A. Mak
    Phone: (202) 512-4841

    6 open recommendations
    Recommendation: To ensure a consistent and more collaborative approach to the protection of critical technologies, the Secretaries of Commerce, Defense, Homeland Security, State, and the Treasury; as well as the Attorney General of the United States, who have lead and stakeholder responsibilities for the eight programs within the critical technologies portfolio, should take steps to promote and strengthen collaboration mechanisms among their respective programs while ongoing initiatives are implemented and assessed. These steps need not be onerous; for example, they could include conducting an annual meeting to discuss their programs, including the technologies they are protecting, their programs' intent, any new developments or changes planned for their programs, as well as defining consistent critical technologies terminology and sharing important updates.

    Agency: Department of Homeland Security
    Status: Open

    Comments: In providing comments on this report, the agency concurred with this recommendation. Relevant efforts by DHS to finalize memoranda of understanding with other agencies and by the Export Enforcement Coordination Center to share information and data across the export control enforcement community are ongoing. As of Sept 2017, DHS did not identify relevant actions to coordinate on critical technologies among other agencies.
    Recommendation: To ensure a consistent and more collaborative approach to the protection of critical technologies, the Secretaries of Commerce, Defense, Homeland Security, State, and the Treasury; as well as the Attorney General of the United States, who have lead and stakeholder responsibilities for the eight programs within the critical technologies portfolio, should take steps to promote and strengthen collaboration mechanisms among their respective programs while ongoing initiatives are implemented and assessed. These steps need not be onerous; for example, they could include conducting an annual meeting to discuss their programs, including the technologies they are protecting, their programs' intent, any new developments or changes planned for their programs, as well as defining consistent critical technologies terminology and sharing important updates.

    Agency: Department of Commerce
    Status: Open

    Comments: Commerce has identified various efforts to collaborate across multiple agencies within individual critical technologies programs, but has not taken steps to promote collaboration on critical technologies through a larger group discussion.
    Recommendation: To ensure a consistent and more collaborative approach to the protection of critical technologies, the Secretaries of Commerce, Defense, Homeland Security, State, and the Treasury; as well as the Attorney General of the United States, who have lead and stakeholder responsibilities for the eight programs within the critical technologies portfolio, should take steps to promote and strengthen collaboration mechanisms among their respective programs while ongoing initiatives are implemented and assessed. These steps need not be onerous; for example, they could include conducting an annual meeting to discuss their programs, including the technologies they are protecting, their programs' intent, any new developments or changes planned for their programs, as well as defining consistent critical technologies terminology and sharing important updates.

    Agency: Department of Defense
    Status: Open

    Comments: DOD has identified numerous activities within DOD to coordinate across the critical technologies portfolio, in particular the Arms Transfer and Technology Release Senior Steering Group. In some cases, these activities include other departments, most commonly State. However, officials have stated that they are not aware of any high-level coordination on critical technologies among the larger group of agencies. On Sept. 5, 2017, DOD provided an update on multiple DOD efforts, including CFIUS, but none are collaborating among all of the agencies cited in the recommendation.
    Recommendation: To ensure a consistent and more collaborative approach to the protection of critical technologies, the Secretaries of Commerce, Defense, Homeland Security, State, and the Treasury; as well as the Attorney General of the United States, who have lead and stakeholder responsibilities for the eight programs within the critical technologies portfolio, should take steps to promote and strengthen collaboration mechanisms among their respective programs while ongoing initiatives are implemented and assessed. These steps need not be onerous; for example, they could include conducting an annual meeting to discuss their programs, including the technologies they are protecting, their programs' intent, any new developments or changes planned for their programs, as well as defining consistent critical technologies terminology and sharing important updates.

    Agency: Department of Justice: Office of the Attorney General
    Status: Open

    Comments: In August 2016, the agency identified coordination actions being taken across the agencies with export control responsibilities--including through the Export Control Enforcement Center--and through the Committee on Foreign Investment in the United States. However, it is not clear how, or if, these coordination efforts are tied to the larger, government-wide portfolio of critical technologies programs. As of Sept. 2017, Justice has no additional updates.
    Recommendation: To ensure a consistent and more collaborative approach to the protection of critical technologies, the Secretaries of Commerce, Defense, Homeland Security, State, and the Treasury; as well as the Attorney General of the United States, who have lead and stakeholder responsibilities for the eight programs within the critical technologies portfolio, should take steps to promote and strengthen collaboration mechanisms among their respective programs while ongoing initiatives are implemented and assessed. These steps need not be onerous; for example, they could include conducting an annual meeting to discuss their programs, including the technologies they are protecting, their programs' intent, any new developments or changes planned for their programs, as well as defining consistent critical technologies terminology and sharing important updates.

    Agency: Department of the Treasury
    Status: Open

    Comments: In September 2016, a Treasury official identified coordination actions being taken across the agencies with export control responsibilities and through the Committee on Foreign Investment in the United States. However, coordination efforts are not tied to larger, government-wide collaboration on critical technologies. In March 2017, Treasury provided an update on actions taken, but did not address the recommendation for coordination among the critical technologies programs.
    Recommendation: To ensure a consistent and more collaborative approach to the protection of critical technologies, the Secretaries of Commerce, Defense, Homeland Security, State, and the Treasury; as well as the Attorney General of the United States, who have lead and stakeholder responsibilities for the eight programs within the critical technologies portfolio, should take steps to promote and strengthen collaboration mechanisms among their respective programs while ongoing initiatives are implemented and assessed. These steps need not be onerous; for example, they could include conducting an annual meeting to discuss their programs, including the technologies they are protecting, their programs' intent, any new developments or changes planned for their programs, as well as defining consistent critical technologies terminology and sharing important updates.

    Agency: Department of State
    Status: Open

    Comments: In providing comments on this report, the agency concurred with this recommendation but has not yet taken any actions necessary to implement it. In Sept. 2017, State provided updates on actions taken within the department, but none across affected agencies.
    Director: Robert Goldenkoff
    Phone: (202) 512-2757

    3 open recommendations
    including 3 priority recommendations
    Recommendation: To assist the interagency working group, known as the Federal Agency Skills Team (FAST), to better identify government-wide skills gaps having programmatic impacts and measure its progress towards closing them, the Director of OPM--in conjunction with the CHCO Council--should strengthen its approach and methodology by (1) assisting FAST in developing goals for closing skills gaps with targets that are both clear and measurable; (2) working with FAST to design outcome-oriented performance metrics that align with overall targets for closing skills gaps and link to the activities for addressing kills gaps; (3) incorporating greater input from subject matter experts, as planned; and (4) ensuring FAST consistently follows key practices for project planning.

    Agency: Office of Personnel Management
    Status: Open
    Priority recommendation

    Comments: As of October 2016, OPM has sought to strengthen the methodology for closing skills gaps by offering skills gap closure training to 1) agency officials with respect to agency-specific skills gaps, and 2) interagency working groups with respect to government-wide skills gaps. Held during the spring of 2016, this OPM-led training sought to provide agency officials with methodologies for identifying the root causes for skills gaps, as well as provide assistance in developing action plans for implementing and monitoring their strategies to address these skills gaps. OPM officials stated that these interagency teams will report on a quarterly basis to the OPM Director on their progress to implement these strategies, beginning in January 2017. OPM, in conjunction with OMB, agencies, and the CHCO Council, needs to ensure that this infrastructure is implemented as developed.
    Recommendation: To ensure that OPM builds the predictive capacity to identify emerging skills gaps across the government--including the ability to collect and use reliable information on the competencies of the federal workforce for government-wide workforce analysis--the Director of OPM should (1) establish a schedule specifying when OPM will modify its Enterprise Human Resources Integration database to capture staffing data that it currently collects from agencies through its annual workforce data reporting process; and (2) work with agency CHCOs to bolster the ability of agencies to assess workforce competencies by sharing competency surveys, lessons learned, and other tools and resources.

    Agency: Office of Personnel Management
    Status: Open
    Priority recommendation

    Comments: As of October 2016, officials reported that OPM has partnered with the Chief Learning Officers Council to leverage resources to develop a framework to support agencies efforts to develop competency assessments. Additionally, OPM reported that it has created an internal working group to determine whether its Enterprise Human Resources Integration (EHRI) personnel database can support having a predictive capacity for identifying emerging skills gaps across the government, including the ability to collect and use information on the competencies of the federal workforce. OPM needs to work with agencies to improve competency assessment across the government and to pursue modifying EHRI to support the collection of staffing and competency data.
    Recommendation: To help agencies and OPM better monitor progress toward closing skills gaps within agencies and government-wide, the Director of OPM should (1) work with the CHCO Council to develop a core set of metrics that all agencies should use as part of their HRstat data-driven reviews; and (2) coordinate with FAST personnel and explore the feasibility of collecting information needed by FAST as part of agencies' HRstat reviews.

    Agency: Office of Personnel Management
    Status: Open
    Priority recommendation

    Comments: As of October 2016, officials reported that OPM has partnered with the CHCO Council to implement a government-wide set of metrics for use as part of a government-wide benchmarking effort. However, it has no plans to coordinate the data collection efforts of agencies' HRstat reviews with the collection efforts of OPM's and agencies' working groups to identify and address skills gaps. OPM stated that coordinating the data collection was not possible because agencies' HRstat reviews have different goals and collect different types of data than the working groups. We maintain that action on our recommendation is important because it is likely that the core metrics collected under HRstat could help inform the efforts of the working groups and thus reduce duplicative efforts. Moreover, the use of a core set of metrics from agencies' HRstat reviews could aid in monitoring actual progress in closing skills gaps government-wide.
    Director: Gomez, Jose A
    Phone: (202) 512-3841

    4 open recommendations
    Recommendation: To ensure that USDA has the information needed to better identify potentially contaminated sites--particularly abandoned mines--on properties it manages and, thereby, help minimize possible risks to human health and the environment, the Secretary of Agriculture should direct the heads of the department's land management agencies to develop plans and procedures for completing their inventories of potentially contaminated sites.

    Agency: Department of Agriculture
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To help resolve disagreements between EPA and USDA and Interior regarding which remaining docket sites require preliminary assessments, the Administrator of EPA should direct the Office of Federal Facilities Restoration and Reuse to review available information on USDA and Interior sites where EPA's Superfund Enterprise Management System indicates that a preliminary assessment has not occurred to determine the accuracy of this information, and update the information, as needed.

    Agency: Environmental Protection Agency
    Status: Open

    Comments: In response to this recommendation, EPA Federal Facilities Restoration and Reuse Office (FFRRO) generated a spreadsheet with information from EPA's Superfund Enterprise Management System showing the status of USDA and Interior sites on the docket. In January 2016 FFRRO sent letters to USDA and Interior which included information from the spreadsheet showing the status of each department's sites and requested that the departments work with EPA to determine the accuracy of the data. In addition, the departments were to--for those sites where EPA believed that a preliminary assessment was needed--provide a schedule for completion of the sites. In a June 2016 letter to EPA, USDA responded that with help from EPA regions they were able to substantially reconcile the list, complete preliminary assessments or their equivalent, and provide a status to EPA on its 251 sites. In an October 2016 letter to EPA, Interior responded that 79 sites have one or more areas of uncertainty regarding their status within the Federal Facilities Docket system. Interior stated that it had developed a work plan for obtaining additional information on the sites, which is scheduled for completion in March 2018. We will continue to monitor EPA's and Interior's progress to address this recommendation.
    Recommendation: To help resolve disagreements between EPA and USDA and Interior regarding which remaining docket sites require preliminary assessments, the Administrator of EPA should direct the Office of Federal Facilities Restoration and Reuse to work with the relevant USDA and Interior offices to obtain any additional information needed to assist EPA in determining the accuracy of the agency's data on the status of preliminary assessments for these sites.

    Agency: Environmental Protection Agency
    Status: Open

    Comments: According to EPA officials and documents, in response to this recommendation, EPA's Federal Facilities Restoration and Reuse Office (FFRRO) has been meeting quarterly with USDA and Interior to discuss, among other issues, any additional information needed to assist EPA in determining the accuracy of the agency's data on the status of preliminary assessments for these sites. According to a June 2016 letter USDA sent to EPA, preliminary assessments or their equivalent have been completed for its 251 sites. Interior informed EPA in an October 2016 letter that it has developed a plan--scheduled for completion in March 2018--for obtaining additional information on the sites. After the updated list of sites is developed, Interior plans to work with EPA to determine the final steps necessary to complete a preliminary assessment for each site. We will continue to monitor EPA's and Interior's progress to address this recommendation.
    Recommendation: To help resolve disagreements between EPA and USDA and Interior regarding which remaining docket sites require preliminary assessments, the Administrator of EPA should direct the Office of Federal Facilities Restoration and Reuse to, after completing this review, inform USDA and Interior whether the requirement to conduct a preliminary assessment at the identified sites has been met or if additional work is needed to meet this requirement

    Agency: Environmental Protection Agency
    Status: Open

    Comments: According to EPA officials and documents, in response to this recommendation, EPA's Federal Facilities Restoration and Reuse Office (FFRRO) has been meeting quarterly with USDA and Interior to discuss, among other issues, whether the requirement to conduct a preliminary assessment at the identified sites has been met or if additional work is needed to meet this requirement. According to a June 2016 letter USDA sent to EPA, preliminary assessments or their equivalent have been completed for its 251 sites. Interior informed EPA in an October 2016 letter that it has developed a plan--scheduled for completion in March 2018--for obtaining additional information on the sites. After the updated list of sites is developed, Interior plans to work with EPA to determine the final steps necessary to complete a preliminary assessment for each site. We will continue to monitor EPA's and Interior's progress to address this recommendation.
    Director: Yvonne D. Jones
    Phone: (202) 512-2717

    2 open recommendations
    Recommendation: To improve OPM's assistance to agencies and management of its dual compensation waiver program, the Director of OPM should analyze dual compensation waivers to identify trends that can inform OPM's human capital management tools.

    Agency: Office of Personnel Management
    Status: Open

    Comments: According to an OPM official, the agency has established and implemented a standard method for captioning dual compensation files. In addition, according to this official, OPM has provided training to staff who routinely create and access these case files within the agency's document management system. We discussed OPM's efforts on this issue several times during 2016 and will continue to monitor OPM's efforts to analyze these waivers.
    Recommendation: To improve OPM's assistance to agencies and management of its dual compensation waiver program, the Director of OPM should establish policies and procedures for documenting the dual compensation waiver review process.

    Agency: Office of Personnel Management
    Status: Open

    Comments: According to an OPM official, the agency has established and implemented a standard method for captioning dual compensation files. In addition, according to this official, OPM has provided training to staff who routinely create and access these case files within the agency's document management system. We discussed OPM's efforts on this issue several times during 2016 and will continue to monitor whether OPM will use the new captioning procedures.
    Director: David C. Trimble
    Phone: (202) 512-3841

    5 open recommendations
    Recommendation: To help improve its ability to assess the risk of improper payments and make more effective use of DOE and contractor resources, the Secretary of Energy should direct the department's Chief Financial Officer to revise the department's IPERA guidance and direct field office sites with responsibility for non-M&O contractor risk assessments to address risk factors as they relate to those sites and take steps to ensure sites implement it.

    Agency: Department of Energy
    Status: Open

    Comments: As of May 2017, DOE had revised its fiscal year 2015 and 2016 improper payments guidance. The revised guidance directs field office sites with responsibility for non-M&O contractor risk assessments to address risk factors as they relate to those sites. The guidance further requires each site Chief Financial Officer to certify to the accuracy of improper payments and risk rating. We will continue to monitor DOE's efforts to ensure sites implement this new guidance.
    Recommendation: To help improve its ability to assess the risk of improper payments and make more effective use of DOE and contractor resources, the Secretary of Energy should direct the department's Chief Financial Officer to revise the department's IPERA guidance and clarify how payment sites are to address risk factors and document the basis for their risk rating determinations and take steps to ensure sites implement it.

    Agency: Department of Energy
    Status: Open

    Comments: As of May 2017, DOE had revised its fiscal years 2015 and 2016 improper payments guidance requiring sites to prepare risk assessments using a new risk assessment format. The guidance states that the new format was developed to improve consistency among the sites and improve documentation supporting the risk ratings. In the new format, each risk factor includes a description of the risk factor, rating criteria and/or questions to consider during the evaluation to assist sites in determining a risk rating by payment type. The guidance also requires all sites to maintain supporting documentation for their risk assessment. We will continue to monitor DOE's efforts to ensure sites implement this new guidance.
    Recommendation: To help improve its ability to assess the risk of improper payments and make more effective use of DOE and contractor resources, the Secretary of Energy should direct the department's Chief Financial Officer to revise the department's IPERA guidance and clarify who is responsible at DOE for reviewing and approving risk assessments for consistency across sites and take steps to ensure those entities implement it.

    Agency: Department of Energy
    Status: Open

    Comments: As of May 2017, DOE had revised its fiscal years 2015 and 2016 improper payments guidance to require site Chief Financial Officers and the Director of Risk Management of the Loan Programs Office to provide a signed certification to DOE's Director of the Office of Finance and Accounting certifying to the accuracy of improper payments and the risk assessment and rating submitted. The guidance provides templates for these certifications. We will continue to monitor DOE's efforts to ensure sites implement this new guidance.
    Recommendation: To help improve its ability to assess the risk of improper payments and make more effective use of DOE and contractor resources, the Secretary of Energy should direct the department's Chief Financial Officer to revise the department's IPERA guidance and provide specific examples of other risk factors that present inherent risks likely to contribute to significant improper payments, in addition to the eight risk factors, direct payment sites to consider those when performing their improper payment risk assessments, and take steps to ensure sites implement it.

    Agency: Department of Energy
    Status: Open

    Comments: As of May 2017, DOE had revised its fiscal year 2015 and 2016 improper payments guidance. In addition to the required OMB risk factors, the guidance added the following additional risk factors to be included in the risk assessments: (1) contractor payment processing oversight and (2) segregation of duties. The guidance states these factors have been added to ensure that inherently high-risk areas that can contribute to a site's susceptibility to significant improper payments are properly evaluated. We will continue to monitor DOE's efforts to ensure sites implement this new guidance.
    Recommendation: To provide better transparency regarding its total known improper payments reported under IPERA, the Secretary of Energy should direct the department's Chief Financial Officer to improve public reporting on the amount of total known improper payments by disclosing additional information regarding this amount and the extent to which improper payments could be occurring.

    Agency: Department of Energy
    Status: Open

    Comments: As of May 2017, DOE had added supplemental information to its fiscal year 2016 Agency Financial Report. We will continue to gather additional information from DOE to determine the extent to which this information addresses the amount of total known improper payments.
    Director: Linda Kohn
    Phone: (202) 512-7114

    2 open recommendations
    Recommendation: To help determine if programs are effective at supporting those individuals with serious mental illness, the Secretaries of Defense, Health and Human Services, Veterans Affairs, and the Attorney General--which oversee programs targeting individuals with serious mental illness--should document which of their programs targeted for individuals with serious mental illness should be evaluated and how often such evaluations should be completed.

    Agency: Department of Defense
    Status: Open

    Comments: The Department of Defense's position is that it already engages in periodic program evaluation of its psychological health programs as required. It noted that on November 24, 2014, the Under Secretary of Defense for Personnel and Readiness directed the Military Departments and other Department of Defense components to assist in an initiative to evaluate Psychological Health and Traumatic Brain Injury programs across the Department of Defense. As of September 2017, we have not received a further update on the Department of Defense's actions. We will continue to monitor these efforts and seek to determine whether they result in documentation of which programs should be evaluated and how such evaluations should be completed.
    Recommendation: To help determine if programs are effective at supporting those individuals with serious mental illness, the Secretaries of Defense, Health and Human Services, Veterans Affairs, and the Attorney General--which oversee programs targeting individuals with serious mental illness--should document which of their programs targeted for individuals with serious mental illness should be evaluated and how often such evaluations should be completed.

    Agency: Department of Health and Human Services
    Status: Open

    Comments: HHS did not concur with this recommendation. The Helping Families in Mental Health Crisis Reform Act of 2016 enacted in December 2016 included a requirement for HHS to develop a strategy for conducting ongoing evaluations of programs related to mental illness--including serious mental illness--and substance use disorders. As of August 2017, HHS is in the process of preparing a report that identifies key programs and activities across the department, as well as summarizes data on those programs and develops criteria for use in prioritizing programs for evaluation. However, this report is not yet complete. We will continue to monitor HHS's efforts in this regard and look for documentation of HHS plans for future evaluations of programs for individuals with serious mental illness.
    Director: Brian Lepore
    Phone: (202) 512-4523

    2 open recommendations
    Recommendation: To improve the ability of the Department of Defense and the military departments to manage the potential for foreign encroachment near their test and training ranges, the Secretary of Defense, in consultation with the military departments, should develop and implement guidance for assessing risks to test and training ranges from foreign encroachment in particular, to include: (1) determining the criticality and vulnerability of DOD's ranges and the level of the threat; and (2) a time frame for completion of risk assessments.

    Agency: Department of Defense
    Status: Open

    Comments: In written comments on a draft of this report, DOD concurred with our recommendation. In August 2016, a DOD official told us that DOD is currently working on a DOD Instruction with guidance on assessing risks to test and training ranges from foreign encroachment. DOD does not currently have an estimate for issuance of this instruction. In addition, DOD is currently coordinating on a tasker that will ask the services to identify their Mission Essential Locations. This tasker should be ready to go out to the services before the end of fiscal year 2016 and the responses should be back by the end of calendar year 2016.
    Recommendation: To identify potential foreign encroachment concerns on federally-owned land near test and training ranges, the Secretary of Defense should collaborate with the secretaries of relevant federal agencies, including at a minimum the Secretaries of the Interior and Transportation, to obtain additional information needed from federal agencies managing land and transactions adjacent to DOD's test and training ranges. If appropriate, legislative relief should be sought to facilitate this collaborative effort.

    Agency: Department of Defense
    Status: Open

    Comments: In written comments on a draft of this report, DOD concurred with our recommendation and stated that it is working with the Department of the Interior on a pilot project to develop a process that will provide information regarding land transactions on the outer continental shelf. DOD stated that it will seek collaboration with other federal land management agencies and is considering legislative relief. In August 2016, a DOD official stated that DOD is currently working to re-engage relevant federal agencies and that the Bureau of Land Management is the key player in this effort.
    Director: Mark L. Goldstein
    Phone: (202) 512-2834

    2 open recommendations
    including 1 priority recommendation
    Recommendation: The Secretary of Homeland Security, in consultation with GSA, should develop and implement a strategy to address cyber risk to building and access control systems that, among other things: (1) defines the problem; (2) identifies roles and responsibilities; (3) analyzes the resources needed; and (4) identifies a methodology for assessing this cyber risk.

    Agency: Department of Homeland Security
    Status: Open

    Comments: When we confirm what actions the Department has taken in response to this recommendation, we will provide updated information.
    Recommendation: The Administrator of the General Services Administration should assess the building and access control systems that it owns in FPS-protected facilities in a manner that is fully consistent with FISMA and its implementation guidelines.

    Agency: General Services Administration
    Status: Open
    Priority recommendation

    Comments: As of October 2016, GSA recently provided documentation about its assessments of the control systems that the agency owns in FPS-protected facilities. We are reviewing this information to determine whether GSA has implemented the recommendation.
    Director: David J. Wise
    Phone: (202) 512-2834

    1 open recommendations
    Recommendation: To promote and enhance federal, state, and local coordination activities, the Secretary of Transportation, as the chair of the Coordinating Council, should convene a meeting of the member agencies of the Coordinating Council and define and report on desired outcomes and collect related data to track and measure progress in achieving results, including the extent of coordination efforts that are under way, such as improved services for older adults. This effort could be conducted as a part of the Coordinating Council's process to update its strategic plan, which we have also recommended in a concurrent report.

    Agency: Department of Transportation
    Status: Open

    Comments: The Federal Transit Administration (FTA) has taken steps to enhance older adult mobility. For example, the agency and the Coordinating Council on Access and Mobility (CCAM) developed a draft strategic plan, which is being reevaluated in light of requirements in the Fixing America's Surface Transportation Act of 2015. FTA officials will provide GAO with an update on the status of those efforts after the July 2016 CCAM meeting.
    Director: Chris P. Currie
    Phone: (404) 679-1875

    1 open recommendations
    Recommendation: To enhance the Secretary of Homeland Security's ability to assess national preparedness and provide management oversight of federal interagency efforts to close previously identified capability gaps, the Secretary of Homeland Security should direct the Administrator of FEMA--in coordination and collaboration with the National Security Council Staff and other federal departments and agencies--to collect information on and regularly report to the Secretary the status of federal interagency implementation of corrective actions identified (1) through prior national-level exercises and (2) following real-world incidents, specifically major disasters.

    Agency: Department of Homeland Security
    Status: Open

    Comments: In November 2016, FEMA officials reported that the agency had developed an approach for collecting and reporting on the status of federal interagency corrective actions from Level I disasters to add to the current practice of reporting on national level exercises. According to officials, the proposed approach was under review and the agency plans to coordinate with the other federal departments and agencies before submitting their proposal to DHS for final approval. In August 2017, FEMA's National Preparedness Directorate reported an expected completion date of December 29, 2017. Pending completion of this effort, this recommendation remains open.
    Director: Yvonne D. Jones
    Phone: (202) 512-2717

    1 open recommendations
    Recommendation: Any federal agency designated to investigate future USERRA claims against federal executive agencies should undertake efforts to increase the response rate of the customer satisfaction survey if it continues to be administered, so more tenable conclusions can be drawn from its data. Such efforts may include follow-up phone calls to nonrespondents, additional email notifications requesting participation in the survey, or making the survey easier to complete and submit.

    Agency: Department of Labor
    Status: Open

    Comments: In February 2016, Department of Labor Veterans Employment and Training Service (DOL/VETS) reported their office is handling all USERRA complaints, Federal and non-Federal following conclusion of the demonstration project with OSC. DOL/VETS reported the agency deployed its customer satisfaction survey in May 2016 and will be monitoring and collecting responses on a quarterly basis. The agency plans to employ the same follow-up technique used during the demonstration project and will determine if additional follow-up emails are warranted.
    Director: Alicia Puente Cackley
    Phone: (202) 512-8678

    2 open recommendations
    Recommendation: To achieve greater efficiency and effectiveness, Congress should consider transferring the oversight of the markings of toy and imitation firearms in 15 U.S.C. 5001 from the National Institute of Standards and Technology (within the Department of Commerce) to the Consumer Product Safety Commission.

    Agency: Congress
    Status: Open

    Comments: This matter is an action identified in GAO's annual Duplication and Cost Savings reports. There has been no legislative action identified. The Gun Look-Alike Case Act, H.R. 3224, which was introduced on July 27, 2015, in the 114th Congress, would transfer the authority to regulate the markings of toy, look-alike, and imitation firearms in section 5001 of title 15 of the U.S. Code from NIST to CPSC, as GAO suggested in November 2014. This bill was referred to the Subcommittee on Commerce, Manufacturing, and Trade of the Committee on Energy and Commerce in the United States House of Representatives, and did not pass out of committee. As of March 1, 2017, the bill has not been reintroduced in the 115th Congress.
    Recommendation: To improve existing coordination of oversight for consumer product safety, Congress should consider establishing a formal comprehensive oversight mechanism for consumer product safety agencies to address crosscutting issues as well as inefficiencies related to fragmentation and overlap such as communication and coordination challenges and jurisdictional questions between agencies. Different types of formal mechanisms could include, for example, creating a memorandum of understanding to formalize relationships and agreements or establishing a task force or interagency work group. As a starting point, Congress may wish to obtain agency input on options for establishing more formal coordination.

    Agency: Congress
    Status: Open

    Comments: This matter is an action identified in GAO's annual Duplication and Cost Savings reports. There has been no legislative action identified. No legislation was introduced as of March 1, 2017, that would establish a collaborative mechanism to facilitate communication across the relevant agencies and to help enable them to collectively address crosscutting issues, as GAO suggested in November 2014. Some of the agencies with direct regulatory oversight responsibilities for consumer product safety reported that they continue to collaborate to address specific consumer product safety topics. However, without a formal comprehensive oversight mechanism, the agencies risk missing opportunities to better leverage resources and address challenges, including those related to fragmentation and overlap.
    Director: Thomas Melito
    Phone: (202) 512-9601

    3 open recommendations
    Recommendation: To help ensure agencies can more fully implement their monitoring policy and guidance related to recruitment of foreign workers, the Secretaries of Defense and State and the Administrator of the U.S. Agency for International Development should each develop, as part of their agency policy and guidance, a more precise definition of recruitment fees, including permissible components and amounts.

    Agency: Department of Defense
    Status: Open

    Comments: In comments on a draft of the report, the Department of Defense (DOD) concurred with this recommendation and indicated that it would define recruitment fees as part of the next review of DOD policy on combating trafficking in persons. In January 2015, DOD and other agencies issued a final rule in the Federal Acquisition Regulation (FAR) that prohibits charging employees any recruitment fees; however, this rule did not provide a precise definition of such fees. In May 2016, DOD and others proposed a new FAR rule defining "recruitment fees." The public comment period for this proposed rule ended in July 2016, and, as of August 2017, the proposed rule was in process. In addition, DOD has updated its policy and guidance on combating trafficking in persons, most recently in June 2015. GAO is monitoring these efforts and will provide an update once the proposed FAR rule is finalized.
    Recommendation: To help ensure agencies can more fully implement their monitoring policy and guidance related to recruitment of foreign workers, the Secretaries of Defense and State and the Administrator of the U.S. Agency for International Development should each develop, as part of their agency policy and guidance, a more precise definition of recruitment fees, including permissible components and amounts.

    Agency: United States Agency for International Development
    Status: Open

    Comments: In commenting on a draft of this report, the U.S. Agency for International Development (USAID) noted that a proposed amendment to the Federal Acquisition Regulation (FAR) on combating Trafficking in Persons (TIP) contained language that would prohibit charging contractor employees any recruitment fees. In January 2015, the final FAR rule was issued, prohibiting employers from charging employees any recruitment fees on government contracts; however, this rule did not provide a precise definition of such fees. In May 2016, a new FAR rule defining "recruitment fees," which would apply to USAID, among others, was proposed. The public comment period for this proposed rule ended in July 2016, and, as of August 2017, the proposed rule in process, GAO is monitoring the status of these actions and will provide an update on USAID's activities to define components of recruitment fees once the proposed FAR rule is finalized.
    Recommendation: To help improve agencies' abilities to detect potential TIP abuses and implement the U.S. government's zero tolerance policy, the Secretaries of Defense and State and the Administrator of the U.S. Agency for International Development should each take actions to better ensure that contracting officials specifically include TIP in monitoring plans and processes, especially in areas where the risk of trafficking is high. Such actions could include developing a process for auditing efforts to combat TIP or ensuring that officials responsible for contract monitoring are aware of all relevant acquisition policy and guidance on combating TIP.

    Agency: Department of Defense
    Status: Open

    Comments: In comments on a draft of the report, the Department of Defense (DOD) concurred with this recommendation and indicated that it would update the Defense Federal Acquisition Regulation Supplement (DFARS) accordingly once the final Federal Acquisition Regulation on Ending Trafficking in Persons had been published. In January 2015, DOD updated the DFARS to include a sample checklist for auditing compliance with Combating Trafficking in Persons (CTIP) policy. This checklist reiterates the U.S. government's zero tolerance policy regarding trafficking in persons and includes, among other items, questions regarding contractors' treatment of employee passports and other identification documents. In addition, in September 2017, DOD reported that it had developed and mandated acquisition training for DOD military and civilian contracting employees. U.S. Central Command has also created a CTIP Program Manager position in Afghanistan, which ensures that CTIP training is provided to contracting officials in that country. GAO is monitoring these efforts and will provide an update on DOD's progress as more information becomes available.
    Director: David Wise
    Phone: (202) 512-2834

    1 open recommendations
    Recommendation: To enhance the transparency of the FRPP data and help GSA make more informed decisions regarding the planning, effective and efficient management, and disposal of civilian warehouse assets, in GSA's landlord role, which is performed by the Public Buildings Service, and as part of its efforts to address our 2012 recommendation to develop and publish a comprehensive 5-year capital plan, GSA should develop and implement a strategy specific to warehouses. This strategy should apply capital-planning leading practices, involving prioritization and long-term planning, to the warehouse portion of GSA's portfolio.

    Agency: General Services Administration
    Status: Open

    Comments: The General Services Administration (GSA) analyzed warehouse data and determined that the existing tools and processes are the most appropriate way to treat warehouses because these tools and processes consider warehouses within the context of local markets, client agencies, and GSA's short and long-term investment plans. However, GSA continues to lack a strategic approach to prioritize warehouses and make long-term, informed decisions about government warehouse space. Further, in light of GSA's aging warehouse inventory and agencies' modern-day storage needs, there is potentially a growing gap between what GSA can provide from the government's owned portfolio and what the tenant agencies require. Because the agency lacks a strategy focused on its warehouse portfolio, GSA may have limited ability to address this potentially growing gap as well as the unique challenges facing GSA's warehouse portfolio. Such a strategy would enable GSA and tenant agencies to prioritize their needs and take a long-term view of the warehouse inventory to support better informed decisions. We will follow-up with GSA regarding this recommendation, which is intended to enhance GSA's existing tools and processes, as they relate to warehouses.
    Director: J. Christopher Mihm
    Phone: (202) 512-6806

    8 open recommendations
    including 2 priority recommendations
    Recommendation: To ensure the effective implementation of federal program inventory requirements and to make the inventories more useful, the Director of OMB should, to better present a more coherent picture of all federal programs, revise relevant guidance to direct agencies to collaborate with each other in defining and identifying programs that contribute to common outcomes.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: In June 2016, Office of Management and Budget (OMB) staff stated that they have not taken any actions in response to our recommendations related to the federal program inventory, as they continue to determine how best to implement inventory requirements in coordination with those of the Digital Accountability and Transparency Act of 2014 (DATA Act). In our July 2015 testimony on DATA Act implementation, we recommended that OMB accelerate efforts to determine how best to merge DATA Act purposes and requirements with the GPRAMA requirement to produce a federal program inventory (see GAO-15-752T). However, at the same hearing, the Acting Deputy Director for Management and Controller at OMB stated that, because the staff that would be involved in working on the program inventories were heavily involved in DATA Act implementation, he would not expect an update of the program inventories to happen before May 2017.
    Recommendation: To ensure the effective implementation of federal program inventory requirements and to make the inventories more useful, the Director of OMB should, to better present a more coherent picture of all federal programs, revise relevant guidance to provide a time frame for what constitutes "persistent over time" that agencies can use as a decision rule for whether to include short-term efforts as programs.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: In June 2016, Office of Management and Budget (OMB) staff stated that they have not taken any actions in response to our recommendations related to the federal program inventory, as they continue to determine how best to implement inventory requirements in coordination with those of the Digital Accountability and Transparency Act of 2014 (DATA Act). In our July 2015 testimony on DATA Act implementation, we recommended that OMB accelerate efforts to determine how best to merge DATA Act purposes and requirements with the GPRAMA requirement to produce a federal program inventory (see GAO-15-752T). However, at the same hearing, the Acting Deputy Director for Management and Controller at OMB stated that, because the staff that would be involved in working on the program inventories were heavily involved in DATA Act implementation, he would not expect an update of the program inventories to happen before May 2017.
    Recommendation: To ensure the effective implementation of federal program inventory requirements and to make the inventories more useful, the Director of OMB should, to better present a more coherent picture of all federal programs, define plans for when additional agencies will be required to develop program inventories.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: In June 2016, Office of Management and Budget (OMB) staff stated that they have not taken any actions in response to our recommendations related to the federal program inventory, as they continue to determine how best to implement inventory requirements in coordination with those of the Digital Accountability and Transparency Act of 2014 (DATA Act). In our July 2015 testimony on DATA Act implementation, we recommended that OMB accelerate efforts to determine how best to merge DATA Act purposes and requirements with the GPRAMA requirement to produce a federal program inventory (see GAO-15-752T). However, at the same hearing, the Acting Deputy Director for Management and Controller at OMB stated that, because the staff that would be involved in working on the program inventories were heavily involved in DATA Act implementation, he would not expect an update of the program inventories to happen before May 2017.
    Recommendation: To ensure the effective implementation of federal program inventory requirements and to make the inventories more useful, the Director of OMB should, to better present a more coherent picture of all federal programs, include tax expenditures in the federal program inventory effort by designating tax expenditure as a program type in relevant guidance.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open
    Priority recommendation

    Comments: As of March 2017, OMB had not taken action to include tax expenditures in the federal program inventory, as GAO recommended in October 2014. The GPRA Modernization Act of 2010 (GPRAMA) requires OMB to publish a list of all federal programs on a central, government-wide website. The federal program inventory is the primary tool for agencies to identify programs that contribute to their goals, according to OMB?s guidance. By including tax expenditures in the inventory, OMB could help ensure that agencies are properly identifying the contributions of tax expenditures to the achievement of their goals. Although OMB published an initial inventory covering the programs of 24 federal agencies in May 2013, OMB decided to postpone further development of the inventory in order to coordinate with the implementation of the Digital Accountability and Transparency Act of 2014 (DATA Act). In July 2015, GAO recommended that OMB accelerate efforts to merge DATA Act purposes with the production of a federal program inventory. In June 2016, OMB staff said they continue to determine how best to implement the program inventory requirements in coordination with those of the DATA Act; OMB staff said there was no update as of March 2017. Without including tax expenditures in the inventory, OMB is missing an important opportunity to increase the transparency of tax expenditures and the outcomes to which they contribute.
    Recommendation: To ensure the effective implementation of federal program inventory requirements and to make the inventories more useful, the Director of OMB should, to better present a more coherent picture of all federal programs, include tax expenditures in the federal program inventory effort by developing, in coordination with the Secretary of the Treasury, a tax expenditure inventory that identifies each tax expenditure and provides a description of how the tax expenditure is defined, its purpose, and related performance and budget information.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open
    Priority recommendation

    Comments: As of March 2017, OMB had not taken action to include tax expenditures in the federal program inventory, as GAO recommended in October 2014. The GPRA Modernization Act of 2010 (GPRAMA) requires OMB to publish a list of all federal programs on a central, government-wide website. The federal program inventory is the primary tool for agencies to identify programs that contribute to their goals, according to OMB?s guidance. By including tax expenditures in the inventory, OMB could help ensure that agencies are properly identifying the contributions of tax expenditures to the achievement of their goals. Although OMB published an initial inventory covering the programs of 24 federal agencies in May 2013, OMB decided to postpone further development of the inventory in order to coordinate with the implementation of the Digital Accountability and Transparency Act of 2014 (DATA Act). In July 2015, GAO recommended that OMB accelerate efforts to merge DATA Act purposes with the production of a federal program inventory. In June 2016, OMB staff said they continue to determine how best to implement the program inventory requirements in coordination with those of the DATA Act; OMB staff said there was no update as of March 2017. Without including tax expenditures in the inventory, OMB is missing an important opportunity to increase the transparency of tax expenditures and the outcomes to which they contribute.
    Recommendation: To ensure the effective implementation of federal program inventory requirements and to make the inventories more useful, the Director of OMB should, to help ensure that the information agencies provide in their inventories is useful to federal decision makers and key stakeholders, and to provide greater transparency and ensure consistency in federal program funding and performance information, revise relevant guidance to direct agencies to consult with relevant congressional committees and stakeholders on their program definition approach and identified programs when developing or updating their inventories.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: In June 2016, Office of Management and Budget (OMB) staff stated that they have not taken any actions in response to our recommendations related to the federal program inventory, as they continue to determine how best to implement inventory requirements in coordination with those of the Digital Accountability and Transparency Act of 2014 (DATA Act). In our July 2015 testimony on DATA Act implementation, we recommended that OMB accelerate efforts to determine how best to merge DATA Act purposes and requirements with the GPRAMA requirement to produce a federal program inventory (see GAO-15-752T). However, at the same hearing, the Acting Deputy Director for Management and Controller at OMB stated that, because the staff that would be involved in working on the program inventories were heavily involved in DATA Act implementation, he would not expect an update of the program inventories to happen before May 2017.
    Recommendation: To ensure the effective implementation of federal program inventory requirements and to make the inventories more useful, the Director of OMB should, to help ensure that the information agencies provide in their inventories is useful to federal decision makers and key stakeholders, and to provide greater transparency and ensure consistency in federal program funding and performance information, revise relevant guidance to direct agencies to identify in their inventories the performance goal(s) to which each program contributes.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: In June 2016, Office of Management and Budget (OMB) staff stated that they have not taken any actions in response to our recommendations related to the federal program inventory, as they continue to determine how best to implement inventory requirements in coordination with those of the Digital Accountability and Transparency Act of 2014 (DATA Act). In our July 2015 testimony on DATA Act implementation, we recommended that OMB accelerate efforts to determine how best to merge DATA Act purposes and requirements with the GPRAMA requirement to produce a federal program inventory (see GAO-15-752T). However, at the same hearing, the Acting Deputy Director for Management and Controller at OMB stated that, because the staff that would be involved in working on the program inventories were heavily involved in DATA Act implementation, he would not expect an update of the program inventories to happen before May 2017.
    Recommendation: To ensure the effective implementation of federal program inventory requirements and to make the inventories more useful, the Director of OMB should, to help ensure that the information agencies provide in their inventories is useful to federal decision makers and key stakeholders, and to provide greater transparency and ensure consistency in federal program funding and performance information, ensure, during OMB reviews of inventories, that agencies consistently identify, as applicable, the strategic goals, strategic objectives, agency priority goals, and cross-agency priority goals each program supports.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: In June 2016, Office of Management and Budget (OMB) staff stated that they have not taken any actions in response to our recommendations related to the federal program inventory, as they continue to determine how best to implement inventory requirements in coordination with those of the Digital Accountability and Transparency Act of 2014 (DATA Act). In our July 2015 testimony on DATA Act implementation, we recommended that OMB accelerate efforts to determine how best to merge DATA Act purposes and requirements with the GPRAMA requirement to produce a federal program inventory (see GAO-15-752T). However, at the same hearing, the Acting Deputy Director for Management and Controller at OMB stated that, because the staff that would be involved in working on the program inventories were heavily involved in DATA Act implementation, he would not expect an update of the program inventories to happen before May 2017.
    Director: Gomez, Jose A
    Phone: (202) 512-3841

    2 open recommendations
    Recommendation: To promote forward-looking construction and rebuilding efforts while FEMA phases out most subsidies, the Secretary of the Department of Homeland Security should direct FEMA to consider amending NFIP minimum standards for floodplain management to incorporate, as appropriate, forward-looking standards, similar to the minimum standard adopted by the Hurricane Sandy Rebuilding Task Force.

    Agency: Department of Homeland Security
    Status: Open

    Comments: In March 2017, the Department of Homeland Security reaffirmed that they agreed with the recommendation, and would begin implementing it after implementing the statutory mandates in the Biggert-Waters Flood Insurance Reform Act of 2012. The Department estimated that it would begin implementing our recommendation in 2018 and complete its implementation by 2020.
    Recommendation: To promote greater resilience to climate change effects in U.S. agriculture, the Secretary of Agriculture should direct RMA to consider working with agricultural experts to recommend or incorporate resilient agricultural practices into their expert guidance for growers, so that good farming practices take into account longterm agricultural resilience to climate change.

    Agency: Department of Agriculture
    Status: Open

    Comments: In May 2016, USDA issued Building Blocks for Climate Smart Agriculture and Forestry: Implementation Plan and Progress Report as USDA's framework for helping farmers, ranchers, and forestland owners respond to climate change, through voluntary and incentive-based actions. The report establishes long-term goals for improving agricultural resilience to climate change, which could reduce federal fiscal exposure for federally-insured crops. However, USDA has framed its resilience-building actions for producers as voluntary, rather than incorporating them into the good farming practices required to be eligible for insurance payouts. As a result, it is unclear to what extent federal crop insurance policyholders will use the information provided to improve their resilience.
    Director: J. Christopher Mihm
    Phone: (202) 512-6806

    4 open recommendations
    Recommendation: Recognizing that moving toward a more customer-oriented culture within federal agencies is likely to be a continuous effort, the Secretary of Agriculture should direct the Under Secretary for Natural Resources and Environment, to improve Forest Service's customer service standards and feedback review, to: (1) ensure standards include performance targets or goals, (2) ensure standards include performance measures, (3) ensure standards are easily publicly available, (4) develop a feedback mechanism to collect comments agency-wide, which should include guidance or criteria to elevate customer feedback from local and regional offices to identify the need for and to make service improvements.

    Agency: Department of Agriculture
    Status: Open

    Comments: In August 2017, Forest Service provided an update for completing the tasks necessary to respond to our recommendations. In accordance with our recommendations, for each of its customer service standards, the Forest Service has developed goals, targets and measures and we consider this part of the recommendation closed. Forest Service stated the remaining part of the recommendation will be implemented by December 2018. Specifically, the Forest Service stated by December 2018 it will begin to make standards easily publicly available on its public-facing websites. The Forest Service provided the criteria for elevating customer comments and by December 2018 stated it will begin to deploy and collect feedback forms. We will close this recommendation as implemented when standards are publicly available and customer feedback forms are deployed.
    Recommendation: Recognizing that moving toward a more customer-oriented culture within federal agencies is likely to be a continuous effort, the Secretary of Education should direct Federal Student Aid's Chief Operating Officer, to improve Federal Student Aid's customer service standards and feedback review, to: (1) ensure standards are easily publicly available, (2) develop a feedback mechanism that includes guidance or criteria for service providers to elevate customer feedback to identify the need for and to make service improvements.

    Agency: Department of Education
    Status: Open

    Comments: We emailed Department of Education in June 2017 for an update on the status of this recommendation. Once a response is received we will update this recommendation.
    Recommendation: Recognizing that moving toward a more customer-oriented culture within federal agencies is likely to be a continuous effort, the Commissioner of U.S. Customs and Border Protection should, to improve CBP's customer service standards: (1) ensure standards include performance targets or goals, (2) ensure standards include performance measures.

    Agency: Department of Homeland Security: United States Customs and Border Protection
    Status: Open

    Comments: In January 2017, CBP sent an email stating that the agency has done all it can to fully implement the recommendation at this time. Because CBP does not have performance goals or targets for customer service standards this recommendation remains open. In April 2016, CBP provided us with customer service survey questions they use to collect data. Based on our review of that information, we were unable to confirm CBP had established performance targets and goals for the data being collected. As we stated in the report, performance goals should be in a quantifiable and measurable form to define the level of performance to be achieved for program activities each year. Although CBP is collecting new customer service data based on survey responses, without predetermined performance targets that align with a customer service standard it is not clear what or if internal targets or customer needs are being met. In June 2017, we emailed CBP for an update on the status of this recommendation. Once a response is received we will update this recommendation.
    Recommendation: Recognizing that moving toward a more customer-oriented culture within federal agencies is likely to be a continuous effort, the Secretary of the Interior should direct the Assistant Secretary of Fish, Wildlife and Parks, to improve the National Park Service's customer service standards and feedback review, to: (1) ensure standards include performance targets or goals, (2) ensure standards include performance measures, (3) ensure standards are easily publicly available, (4) develop a feedback mechanism that includes guidance or criteria to review and elevate customer feedback from local and regional offices to identify the need for and to make service improvements.

    Agency: Department of the Interior
    Status: Open

    Comments: According to NPS officials, NPS plans on defining a strategy that describes the intended customer experience for highest customer interactions such as Volunteer in Parks program and Teacher engagement program. NPS will align the strategy with overall organizational strategy, share the strategy with all employees (e.g., documentation, training), and update strategy plans to include performance targets and goals for customer service. NPS also plans on soliciting feedback from customers about their experiences with the VIP and Teacher Outreach Programs, collecting unsolicited feedback from customers about their experiences with the organization (e.g., by mining calls, emails, or social media posts), and gathering input from employees about their experiences with customers and their role in delivering the customer experience. NPS plans to share customer experience metrics and models with all employees (e.g., distribute reports and dashboards, conduct training sessions), publish customer service standards on website so that customers know what to expect, and publish customer service data to ensure actual service levels are transparent. Finally NPS plans on piloting the "Federal Feedback" Button and evaluate for expanded use in fiscal year 2018. In June 2017, we emailed NPS for an update on this recommendation. Once a response is received we will update this recommendation.
    Director: Yvonne D. Jones
    Phone: (202) 512-2717

    2 open recommendations
    Recommendation: To help ensure that agencies report comparable and reliable data to Enterprise Human Resources Integration (EHRI), the Director of OPM, in coordination with agencies and payroll service providers, should develop guidance for agencies on which activities to enter, or not enter, as paid administrative leave in agency time and attendance systems.

    Agency: Office of Personnel Management
    Status: Open

    Comments: To address agency use of paid administrative leave that may exceed reasonable amounts as well as discrepancies in recording and reporting paid administrative leave, in December 2016, Congress passed the "Administrative Leave Act of 2016." The act mandates new categories of paid leave, including "investigative leave," "notice leave," and "weather and safety leave" and sets limitations on the duration of paid administrative leave as well as the new categories of investigative and notice leave. The Act also requires OPM to establish regulations on (1) when to grant administrative leave and the other new categories of paid leave, and (2) the proper recording and reporting of these types of paid leave. In July 2017, OPM proposed new rules to regulate paid administrative leave, which it will finalize after the public comment period ends in August 2017. In addition, in response to our recommendation, in May 2015, OPM issued a fact sheet on administrative leave, which discusses the appropriate use of an agency's administrative leave authority, including a definition of administrative leave as well as applicable government-wide, individual agency, and emergency policies on the use of administrative leave. However, this fact sheet will need to be revised to reflect the new regulations when they are in effect. Once finalized, the proposed rules, along with updated fact sheet guidance, should help agencies and federal employees appropriately use, record, and report administrative leave. We will update the status of this recommendation once the regulations are finalized and the fact sheet guidance is revised.
    Recommendation: To help ensure that agencies report comparable and reliable data to EHRI, the Director of OPM, in coordination with agencies and payroll service providers, should provide updated and specific guidance to payroll service providers on which activities to report, or not report, to the paid administrative leave data element in EHRI.

    Agency: Office of Personnel Management
    Status: Open

    Comments: To address agency use of paid administrative leave that may exceed reasonable amounts as well as discrepancies in recording and reporting paid administrative leave, in December 2016, Congress passed the "Administrative Leave Act of 2016." The act mandates new categories of paid leave, including "investigative leave," "notice leave," and "weather and safety leave" and sets limitations on the duration of paid administrative leave as well as the new categories of investigative and notice leave. The Act also requires OPM to establish regulations on (1) when to grant administrative leave and the other new categories of paid leave, and (2) the proper recording and reporting of these types of paid leave. In July 2017, OPM proposed new rules to regulate paid administrative leave, which it will finalize after the public comment period ends in August 2017. OPM officials reported in June 2017 that they are working with payroll providers to revise reporting requirements. Once finalized, the proposed rules, along with updated guidance to payroll providers for reporting paid administrative leave and the new leave categories, should help agencies report comparable and reliable data to EHRI. We will update the status of this recommendation once the regulations are finalized and the guidance is revised.
    Director: Mathew Scirè
    Phone: (202) 512-8678

    1 open recommendations
    Recommendation: To improve monitoring and oversight of Treasury's HAMP, the Secretary of the Treasury should conduct periodic evaluations using analytical methods, such as econometric modeling as appropriate, to help explain differences among MHA servicers in redefault rates that may inform its compliance reviews of individual servicers, identify areas of weaknesses and best practices, and determine the potential need for additional program policy changes.

    Agency: Department of the Treasury
    Status: Open

    Comments: Treasury put together a list of servicers with reporting anomalies that had been identified and sent them questionnaires asking them to explain the rationale behind using certain codes to report denials (denial codes) of applications for trial modifications. Treasury expects to have answers back by October 2015. Treasury's compliance agent has also added procedures for testing denial codes that servicers report. Although these are examples of analysis of overall denial rates, Treasury's actions do not address differences in individual MHA servicers' reasons for denial. Additionally, it is not clear whether Treasury plans to conduct periodic evaluations of differences in denial rates or how Treasury will use the information it gathers to identify areas of weaknesses and best practices and determine whether additional policy changes are needed. Thus, we continue to maintain that Treasury should take action to implement this recommendation.
    Director: David J.Wise
    Phone: (202) 512-2834

    6 open recommendations
    Recommendation: To ensure that properties determined as suitable and available are more likely to be practical for homeless assistance and that Federal Register reporting is not redundant, Congress should revisit the scope of properties to be reported to HUD with respect to the types of properties that may be less likely to be useful to assist the homeless and the frequency of Federal Register reporting.

    Agency: Congress
    Status: Open

    Comments: Two companion bills were introduced in the 114th Congress that address this matter. S. 2375 and HR 4465, "The Federal Asset Sale and Transfer Act of 2015/16" would require the list of available properties to assist the homeless be available on HUD and GSA websites rather than in the Federal Register. In addition, the bills would enable buildings not optimal for homeless assistance to be listed for sale more quickly. Both bills have been reported by their respective committees and placed on the Senate Legislative Calendar. When we confirm what additional actions the US Congress has taken in response to the this matter, we will provide updated information.
    Recommendation: To improve HUD's database on Title V homeless assistance properties, HUD should modify its existing database or create an electronic, searchable database to meet reporting needs to the extent that the benefits outweigh the costs.

    Agency: Department of Housing and Urban Development
    Status: Open

    Comments: When we confirm what actions HUD has taken in response to this recommendation, we will provide updated information.
    Recommendation: HUD, General Services Administration, HHS, and USICH should work together to address the challenges that homeless assistance providers face with the Title V homeless assistance program by (1) identifying what kinds of properties are most practical for homeless assistance, and (2) developing a web-based source of information on the program for homeless assistance providers.

    Agency: Department of Housing and Urban Development
    Status: Open

    Comments: When we confirm what actions HUD has taken in response to this recommendation, we will provide updated information.
    Recommendation: HUD, General Services Administration, HHS, and USICH should work together to address the challenges that homeless assistance providers face with the Title V homeless assistance program by (1) identifying what kinds of properties are most practical for homeless assistance, and (2) developing a web-based source of information on the program for homeless assistance providers.

    Agency: Department of Health and Human Services
    Status: Open

    Comments: When we confirm what actions HHS has taken in response to this recommendation, we will provide updated information.
    Recommendation: HUD, General Services Administration, HHS, and USICH should work together to address the challenges that homeless assistance providers face with the Title V homeless assistance program by (1) identifying what kinds of properties are most practical for homeless assistance, and (2) developing a web-based source of information on the program for homeless assistance providers.

    Agency: General Services Administration
    Status: Open

    Comments: GSA has made several minor changes to its McKinney-Vento Homeless Assistance website (a module of www.disposal.gsa.gov) during the two years since the report was issued. Specifically, GSA added a link to USICH and repaired some other links that were non-functional, but GSA has not made any other substantive changes to the site. The agencies have not yet worked together to develop a web-based source of information on the program.
    Recommendation: HUD, General Services Administration, HHS, and USICH should work together to address the challenges that homeless assistance providers face with the Title V homeless assistance program by (1) identifying what kinds of properties are most practical for homeless assistance, and (2) developing a web-based source of information on the program for homeless assistance providers.

    Agency: United States Interagency Council on Homelessness
    Status: Open

    Comments: When we confirm what actions USICH has taken in response to this recommendation, we will provide updated information.
    Director: David A. Powner
    Phone: (202) 512-9286

    10 open recommendations
    including 2 priority recommendations
    Recommendation: The Secretaries of HHS, the Interior, Justice, and Labor, and the Administrators of GSA and NASA should complete action plans for addressing their challenges in reporting cost savings, as discussed in this report.

    Agency: Department of Health and Human Services
    Status: Open

    Comments: The Department of Health and Human Services agreed with, and has taken initial steps to implement, our recommendation. In June 2015, the department reported that it had begun an effort to calculate the tangible cost savings and avoidances derived from closing over 50 data centers as part of its data center consolidation efforts. As of March 2017, the department reported that it had closed a total of 74 data centers and had identified $6.64 million in cost savings and avoidances, which is approximately $2.30 million more than what we reported in September 2014. However, the identified cost savings does not include any savings from fiscal years 2015 or 2016. Accordingly, we conclude the department has not yet completed efforts to address challenges in calculating cost savings and avoidances. We will continue to evaluate the department's progress in implementing this recommendation.
    Recommendation: The Secretaries of HHS, the Interior, Justice, and Labor, and the Administrators of GSA and NASA should complete action plans for addressing their challenges in reporting cost savings, as discussed in this report.

    Agency: Department of the Interior
    Status: Open

    Comments: The Department of the Interior agreed with, and has taken initial steps to implement, our recommendation. Specifically, in December 2014, the Interior's Deputy Assistant Secretary for Policy, Management and Budget established a series of steps toward addressing our recommendation. The steps include, for example, consolidating and streamlining data center consolidation reporting processes, developing a template that all department bureaus and offices are required to use, and issuing a directive requiring consistent reporting for all data center cost savings and avoidances. In addition, the department submitted a Data Center Optimization Initiative strategic plan to the Office of Management and Budget (OMB) in September 2016. In the plan, the department reported closing 53 data centers and achieving $4.4 million in cost savings and avoidances in fiscal year 2016. However, the plan does not indicate how the department will address identified challenges nor does it indicate whether the department has successfully implemented its directive on consistent monitoring of cost savings and avoidances. We will continue to evaluate the department's progress in implementing this recommendation.
    Recommendation: The Secretaries of HHS, the Interior, Justice, and Labor, and the Administrators of GSA and NASA should complete action plans for addressing their challenges in reporting cost savings, as discussed in this report.

    Agency: Department of Labor
    Status: Open

    Comments: The Department of Labor agreed with, and has taken initial steps to implement, our recommendation. In September 2015, the department stated that its Office of the Chief Information Officer was working to develop an enterprise data center inventory as part of the department-wide Data Center Consolidation Initiative Working Group. In September 2016, the department submitted its Data Center Optimization Initiative plan to the Office of Management and Budget. The plan reported that the department had closed 28 non-tiered data centers in fiscal year 2016 and indicated that the department had historical cost savings of $4.85 million to date. However, as of March 2017, the department had not yet reported any resulting cost savings or avoidances in its quarterly report to OMB. We will continue to evaluate the department's progress in implementing this recommendation.
    Recommendation: The Secretaries of Agriculture, Commerce, Defense, Energy, the Interior, Transportation, the Treasury, and Department of Veterans Affairs; the Administrators of the Environmental Protection Agency and NASA; and the Director of the Office of Personnel Management should direct responsible officials to report all data center consolidation cost savings and avoidances to OMB in accordance with established guidance.

    Agency: Department of Agriculture
    Status: Open

    Comments: The Department of Agriculture agreed with, and has taken initial steps to implement, our recommendation. In September 2014, we found that the department reported fiscal year 2012 through 2015 cost savings and avoidances of $244.17 million to GAO, but had only reported $71.20 million to the Office of Management and Budget (OMB)--a difference of approximately $172.97 million. Moreover, as of March 2017, the department still had not yet fully reported its savings to OMB, as we recommended. Specifically, the department had reported a total of about $25.07 million in cost savings and avoidances to OMB from fiscal years 2012 to 2016--an amount that is approximately $219.1 million short of the total savings and avoidances that the department had reported to GAO as of September 2014. We will continue to evaluate the department's progress in implementing this recommendation.
    Recommendation: The Secretaries of Agriculture, Commerce, Defense, Energy, the Interior, Transportation, the Treasury, and Department of Veterans Affairs; the Administrators of the Environmental Protection Agency and NASA; and the Director of the Office of Personnel Management should direct responsible officials to report all data center consolidation cost savings and avoidances to OMB in accordance with established guidance.

    Agency: Department of Defense
    Status: Open
    Priority recommendation

    Comments: DOD concurred with, and has taken initial steps to implement, our priority recommendation. In March 2016, we determined that the department had identified a total of about $1.07 billion in data center consolidation cost savings from fiscal year 2012 through 2016. However, as of March 2017, the department had not yet fully reported its savings to the Office of Management and Budget, as we recommended. Specifically, as of June 2016, the department reported $859 million in savings to the Office of Management and Budget--an amount $211 million less than the $1.07 billion previously reported to us. However, as of March 2017, the department only reported $331 million to the Office of Management and Budget--a decrease of $528 million and $739 million less than what was previously reported to us. In light of the department's considerable planned savings, and the significant decrease in what is being reported, full and accurate reporting by the department is critical toward ensuring that the Office of Management and Budget and Congress have the ability to oversee DOD's progress against key data center consolidation initiative goals.
    Recommendation: The Secretaries of Agriculture, Commerce, Defense, Energy, the Interior, Transportation, the Treasury, and Department of Veterans Affairs; the Administrators of the Environmental Protection Agency and NASA; and the Director of the Office of Personnel Management should direct responsible officials to report all data center consolidation cost savings and avoidances to OMB in accordance with established guidance.

    Agency: Department of the Interior
    Status: Open

    Comments: The Department of the Interior agreed with, and has taken initial steps to implement, our recommendation. In September 2014, we found that the department had reported fiscal year 2012 to 2015 cost savings and avoidances of $84.42 million to GAO, but had only reported $13.59 million to OMB--a difference of approximately $70.83 million. Moreover, as of February 2017, the department had not yet fully reported its savings to OMB, as we recommended. Specifically, the department had reported a total of about $13.61 million in cost savings and avoidances to OMB from fiscal years 2012 to 2016--an amount that is approximately $70.81 million short of the total savings and avoidances that the department had reported to GAO as of September 2014. We will continue to evaluate the department's progress in implementing this recommendation.
    Recommendation: The Secretaries of Agriculture, Commerce, Defense, Energy, the Interior, Transportation, the Treasury, and Department of Veterans Affairs; the Administrators of the Environmental Protection Agency and NASA; and the Director of the Office of Personnel Management should direct responsible officials to report all data center consolidation cost savings and avoidances to OMB in accordance with established guidance.

    Agency: Department of Transportation
    Status: Open

    Comments: The Department of Transportation agreed with our recommendation, but had not yet taken steps to implement it. In September 2014, we found that the department had reported fiscal year 2012 to 2015 cost savings and avoidances of $140.18 million to GAO, but had only reported $7.36 million to OMB--a difference of approximately $132.82 million. However, in February 2017, the department had still only reported a total of $4.89 million in data center consolidation savings and avoidance to OMB. We will continue to evaluate the department's progress in implementing this recommendation.
    Recommendation: The Secretaries of Agriculture, Commerce, Defense, Energy, the Interior, Transportation, the Treasury, and Department of Veterans Affairs; the Administrators of the Environmental Protection Agency and NASA; and the Director of the Office of Personnel Management should direct responsible officials to report all data center consolidation cost savings and avoidances to OMB in accordance with established guidance.

    Agency: Department of the Treasury
    Status: Open
    Priority recommendation

    Comments: Treasury did not comment on this recommendation and has not comprehensively reported cost savings and avoidances, as we recommended. For example, as of March 2017, Treasury had reported about $1.14 billion in data center consolidation-related cost avoidances in its quarterly report to OMB--an increase of about $734 million compared to a previous report. However, the department has not yet reported to OMB other cost avoidances totaling about $210 million that the department had previously reported to us. We will continue to monitor Treasury's progress against this recommendation.
    Recommendation: The Secretaries of Agriculture, Commerce, Defense, Energy, the Interior, Transportation, the Treasury, and Department of Veterans Affairs; the Administrators of the Environmental Protection Agency and NASA; and the Director of the Office of Personnel Management should direct responsible officials to report all data center consolidation cost savings and avoidances to OMB in accordance with established guidance.

    Agency: Office of Personnel Management
    Status: Open

    Comments: The Office of Personnel Management agreed with our recommendation, but has not yet taken steps to implement it. In September 2014, we found that the agency had reported fiscal year 2012 to 2015 cost savings and avoidances of $3.40 million to GAO, but had not reported any of its savings and avoidances to the Office of Management and Budget as required. As of March 2017, the agency had not yet reported any data center consolidation cost savings and avoidances to the Office of Management and Budget. We will continue to evaluate the agency's progress in implementing this recommendation.
    Recommendation: To better ensure that the Federal Data Center Consolidation Initiative (FDCCI) improves governmental efficiency and achieves cost savings, the Director of OMB should direct the Federal chief information officer (CIO) to utilize the existing PortfolioStat review sessions to assist the Department of Health and Human Services (HHS), Interior, Justice, Labor, the General Services Administration (GSA), and the National Aeronautics and Space Administration (NASA) in identifying data center consolidation cost savings opportunities.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: The Office of Management and Budget (OMB) agreed with, and has taken initial steps to implement, our recommendation. Specifically, in June 2015, OMB issued a memorandum that discussed the fiscal year 2015 PortfolioStat requirements, including that agencies should hold PortfolioStat sessions on a quarterly basis (versus annually, as done previously) with OMB, the agency chief information officer, and other attendees. The memorandum also stated that, during these sessions, agencies are expected to discuss a strategy to reduce duplication and waste within the IT portfolio of the agency, identify projected cost savings resulting from such strategy, and identify ways to increase the efficiency and effectiveness of IT investments, among other things. However, as of March 2017, several agencies were still reporting limited savings from their consolidation efforts. For example, the Department of Transportation reported closing 146 data centers through February 2017, but had reported only $4.9 million in savings. As another example, the Department of Labor reported closing 25 data centers through February 2017, but reported no resulting cost savings. Until OMB assists these agencies with limited or no cost savings reported, they may not be able to identify the full extent of savings from their consolidation efforts. We will continue to evaluate OMB's progress in implementing this recommendation.
    Director: David Powner
    Phone: (202) 512-9286

    8 open recommendations
    Recommendation: To help ensure continued progress in the implementation of cloud computing services, the Secretaries of Agriculture, Health and Human Services, Homeland Security, State, and the Treasury; and the Administrators of the General Services Administration and Small Business Administration should direct their respective Chief Information Officers to ensure that all IT investments are assessed for suitability for migration to a cloud computing service.

    Agency: Department of Agriculture
    Status: Open

    Comments: We are in the process of reviewing agency documentation and waiting for additional supporting documentation.
    Recommendation: To help ensure continued progress in the implementation of cloud computing services, the Secretaries of Agriculture, Health and Human Services, Homeland Security, State, and the Treasury; and the Administrators of the General Services Administration and Small Business Administration should direct their respective Chief Information Officers to ensure that all IT investments are assessed for suitability for migration to a cloud computing service.

    Agency: Department of the Treasury
    Status: Open

    Comments: We contacted the agency and are awaiting its response on the status of efforts to implement this recommendation.
    Recommendation: To help ensure continued progress in the implementation of cloud computing services, the Secretaries of Agriculture, Health and Human Services, Homeland Security, State, and the Treasury; and the Administrators of the General Services Administration and Small Business Administration should direct their respective Chief Information Officers to ensure that all IT investments are assessed for suitability for migration to a cloud computing service.

    Agency: Department of State
    Status: Open

    Comments: The Department of State established a requirement for completing a cloud computing service alternatives analysis for all new projects, and that existing IT projects be evaluated for the viability to migrate to a cloud computing environment. Further, the department established key factors for consideration when selecting applications for migration to a cloud environment. However, State has not yet evaluated a majority of its IT investments for cloud alternatives. The department said it plans to complete evaluations for some of these investments by the end of FY2017, but has not yet established plans to evaluate over a third of its investments.
    Recommendation: To help ensure continued progress in the implementation of cloud computing services, the Secretaries of Agriculture, Health and Human Services, Homeland Security, State, and the Treasury; and the Administrators of the General Services Administration and Small Business Administration should direct their respective Chief Information Officers to ensure that all IT investments are assessed for suitability for migration to a cloud computing service.

    Agency: Small Business Administration
    Status: Open

    Comments: We are waiting for a response from SBA on the status of efforts to implement this recommendation.
    Recommendation: To help ensure continued progress in the implementation of cloud computing services, the Secretaries of Agriculture, Health and Human Services, Homeland Security, State, and the Treasury; and the Administrators of the General Services Administration and Small Business Administration should direct their respective Chief Information Officers to establish evaluation dates for those investments identified in this report that have not been assessed for migration to the cloud.

    Agency: Department of Agriculture
    Status: Open

    Comments: We are in the process of waiting for additional department documentation.
    Recommendation: To help ensure continued progress in the implementation of cloud computing services, the Secretaries of Agriculture, Health and Human Services, Homeland Security, State, and the Treasury; and the Administrators of the General Services Administration and Small Business Administration should direct their respective Chief Information Officers to establish evaluation dates for those investments identified in this report that have not been assessed for migration to the cloud.

    Agency: Department of the Treasury
    Status: Open

    Comments: We are waiting for a response from the department on the status of efforts to implement this recommendation.
    Recommendation: To help ensure continued progress in the implementation of cloud computing services, the Secretaries of Agriculture, Health and Human Services, Homeland Security, State, and the Treasury; and the Administrators of the General Services Administration and Small Business Administration should direct their respective Chief Information Officers to establish evaluation dates for those investments identified in this report that have not been assessed for migration to the cloud.

    Agency: Department of State
    Status: Open

    Comments: The Department of State established a requirement for completing a cloud computing service alternatives analysis for all new projects, and that existing IT projects be evaluated for viability to migrate to a cloud computing environment. Further, the department established key factors for consideration when selecting applications for migration to a cloud environment. However, the department has not yet established evaluation dates for the vast majority of the investments that have not been assessed for migration to the cloud. Specifically, the department plans to complete evaluations for some of these investments by the end of fiscal year 2017, but does not plan to do so for most of them.
    Recommendation: To help ensure continued progress in the implementation of cloud computing services, the Secretaries of Agriculture, Health and Human Services, Homeland Security, State, and the Treasury; and the Administrators of the General Services Administration and Small Business Administration should direct their respective Chief Information Officers to establish evaluation dates for those investments identified in this report that have not been assessed for migration to the cloud.

    Agency: Small Business Administration
    Status: Open

    Comments: We are waiting for a response from the department on the status of efforts to implement this recommendation.
    Director: Maurer, Diana C
    Phone: (202) 512-9627

    6 open recommendations
    including 5 priority recommendations
    Recommendation: The Secretary of Homeland Security should designate the headquarters consolidation program a major acquisition, consistent with DHS acquisition policy, and apply DHS acquisition policy requirements.

    Agency: Department of Homeland Security
    Status: Open
    Priority recommendation

    Comments: In alignment with GAO's recommendation, on September 16, 2014, DHS issued an Acquisition Decision Memorandum designating the DHS-funded portions of the headquarters consolidation program as a Major Acquisition Program to be overseen by the departmental Acquisition Review Board (ARB). DHS made further progress implementing this recommendation by conducting and documenting an ARB of the program on November 15, 2016. The ARB process provided DHS greater oversight of headquarters consolidation, and provided a forum for officials to consider a wide range of issues affecting consolidation efforts, such as funding and project scope. However, DHS and General Services Administration (GSA) were required to revise their cost and schedule estimates subsequent to the ARB's review. In addition, as of March 2017, DHS, in coordination with GSA, had not submitted the report to Congress on DHS Headquarters Consolidation mandated by Pub. L. No. 114-150. GAO will reassess the status of this recommendation after cost and schedule estimates are finalized and DHS and GSA submit the required report to Congress, i.e., when there is more certainty about the future direction of the project overall and DHS's funded portion in particular.
    Recommendation: In order to improve transparency and allow for more informed decision making by congressional leaders and DHS and GSA decision-makers, before requesting additional funding for the DHS headquarters consolidation project, the Secretary of Homeland Security and the Administrator of the General Services Administration should work jointly to conduct the following assessments and use the results to inform updated DHS headquarters consolidation plans: (1) a comprehensive needs assessment and gap analysis of current and needed capabilities that take into consideration changing conditions, and (2) an alternatives analysis that identifies the costs and benefits of leasing and construction alternatives for the remainder of the project and prioritizes options to account for funding instability.

    Agency: Department of Homeland Security
    Status: Open
    Priority recommendation

    Comments: The Department of Homeland Security Headquarters Consolidation Accountability Act of 2015 (Pub. L. No. 114-150) was enacted on April 29, 2016. Among other things, the act requires DHS, in coordination with GSA, to submit information to Congress about DHS headquarters consolidation efforts not later than 120 days of enactment. As of March 2017, DHS and GSA had not submitted the information to Congress required by Pub. L. No. 114-150. Officials stated that the information would be submitted as soon as possible, but exact timeframes were uncertain given ongoing project deliberations and internal reviews. Required information includes a comprehensive assessment of property and facilities utilized by DHS in the National Capital Region, and an analysis that identifies the costs and benefits of leasing and construction alternatives for the remainder of the consolidation project. DHS and GSA have made significant progress in developing a revised plan for headquarters consolidation since 2014, including the completion of a business case analysis to support the new plan. GAO will review the latest information on DHS headquarters consolidation efforts when it is provided to Congress, and will assess the materials in the context of this recommendation at that time. Continued DHS and GSA attention to following leading capital planning practices is critical given the project's multi-billion dollar cost and impact on future departmental operations.
    Recommendation: In order to improve transparency and allow for more informed decision making by congressional leaders and DHS and GSA decision-makers, before requesting additional funding for the DHS headquarters consolidation project, the Secretary of Homeland Security and the Administrator of the General Services Administration should work jointly to conduct the following assessments and use the results to inform updated DHS headquarters consolidation plans: (1) a comprehensive needs assessment and gap analysis of current and needed capabilities that take into consideration changing conditions, and (2) an alternatives analysis that identifies the costs and benefits of leasing and construction alternatives for the remainder of the project and prioritizes options to account for funding instability.

    Agency: General Services Administration
    Status: Open
    Priority recommendation

    Comments: GSA agreed with both recommendations to conduct a comprehensive needs assessment and gap analysis and to update cost and schedule estimates. The Department of Homeland Security Headquarters Consolidation Accountability Act of 2015 (Pub. L. No. 114-150), enacted on April 29, 2016, mirrors GAO recommendations in this area. Among other things, the act requires DHS, in coordination with GSA, to submit information to Congress about DHS's headquarters consolidation efforts not later than 120 days of enactment. As of March 2017, DHS and GSA had not submitted the information to Congress required by Pub. L. No. 114-150. Officials stated that the information would be submitted as soon as possible, but exact timeframes were uncertain given ongoing project deliberations and internal reviews. Required information includes a comprehensive needs assessment, a costs and benefits analysis, and updated cost and schedule estimates. Furthermore, the act requires the Comptroller General to evaluate the cost and schedule estimates not later than 90 days after their submittal to Congress. DHS and GSA have made significant progress in developing an Enhanced Plan for headquarters consolidation since 2014, including the completion of a business case analysis to support the new plan. In addition, GSA is leading efforts to revise the project's cost and schedule estimates, and according to GSA officials, the revised figures will take into account GAO's leading cost-estimation practices. We will review the latest information on DHS's headquarters consolidation efforts when it is provided to Congress, and will assess the materials in the context of these recommendations at that time. Continued DHS and GSA attention to following leading practices for capital planning and cost and schedule estimation is critical given the project's multi-billion dollar cost and impact on future departmental operations.
    Recommendation: In order to improve transparency and allow for more informed decision making by congressional leaders and DHS and GSA decision-makers, before requesting additional funding for the DHS headquarters consolidation project, after revising the DHS headquarters consolidation plans, the Secretary of Homeland Security and the Administrator of the General Services Administration should work jointly to develop revised cost and schedule estimates for the remaining portions of the consolidation project that conform to GSA guidance and leading practices for cost and schedule estimation, including an independent evaluation of the estimates.

    Agency: Department of Homeland Security
    Status: Open
    Priority recommendation

    Comments: The Department of Homeland Security Headquarters Consolidation Accountability Act of 2015 (Pub. L. No. 114-150) was enacted on April 29, 2016. Among other things, the act requires DHS, in coordination with GSA, to submit information to Congress about DHS headquarters consolidation efforts not later than 120 days of enactment. As of March 2017, DHS and GSA had not submitted the information to Congress required by Pub. L. No. 114-150. Officials stated that the information would be submitted as soon as possible, but exact timeframes were uncertain given ongoing project deliberations and internal reviews. Required information includes updated cost and schedule estimates for the consolidation project that are consistent with GAO's recommendations in GAO-14-648. Furthermore, the act requires the Comptroller General to evaluate the cost and schedule estimates not later than 90 days after their submittal to Congress. GSA is leading efforts to revise project cost and schedule estimates, and according to GSA officials, the revised figures will take into account GAO's leading estimation practices. GAO will review the latest DHS headquarters consolidation cost and schedule estimates when they are provided to Congress, and will assess the materials in the context of this recommendation at that time. Continued DHS and GSA attention to following leading cost and schedule estimation practices is critical given the project's multi-billion dollar cost and impact on future departmental operations.
    Recommendation: In order to improve transparency and allow for more informed decision making by congressional leaders and DHS and GSA decision-makers, before requesting additional funding for the DHS headquarters consolidation project, after revising the DHS headquarters consolidation plans, the Secretary of Homeland Security and the Administrator of the General Services Administration should work jointly to develop revised cost and schedule estimates for the remaining portions of the consolidation project that conform to GSA guidance and leading practices for cost and schedule estimation, including an independent evaluation of the estimates.

    Agency: General Services Administration
    Status: Open
    Priority recommendation

    Comments: The Department of Homeland Security Headquarters Consolidation Accountability Act of 2015 (Pub. L. No. 114-150) was enacted on April 29, 2016. Among other things, the act requires DHS, in coordination with GSA, to submit information to Congress about DHS headquarters consolidation efforts not later than 120 days of enactment. As of March 2017, DHS and GSA had not submitted the information to Congress required by Pub. L. No. 114-150. Officials stated that the information would be submitted as soon as possible, but exact timeframes were uncertain given ongoing project deliberations and internal reviews. Required information includes updated cost and schedule estimates for the consolidation project that are consistent with GAO's recommendations in GAO-14-648. Furthermore, the act requires the Comptroller General to evaluate the cost and schedule estimates not later than 90 days after their submittal to Congress. GSA is leading efforts to revise project cost and schedule estimates, and according to GSA officials, the revised figures will take into account GAO's leading estimation practices. GAO will review the latest DHS headquarters consolidation cost and schedule estimates when they are provided to Congress, and will assess the materials in the context of this recommendation at that time. Continued DHS and GSA attention to following leading cost and schedule estimation practices is critical given the project's multi-billion dollar cost and impact on future departmental operations.
    Recommendation: Congress should consider making future funding for the St. Elizabeths project contingent upon DHS and GSA developing a revised headquarters consolidation plan, for the remainder of the project, that conforms with leading practices and that (1) recognizes changes in workplace standards, (2) identifies which components are to be colocated at St. Elizabeths and in leased and owned space throughout the National Capital Region, and (3) develops and provides reliable cost and schedule estimates.

    Agency: Congress
    Status: Open

    Comments: The Department of Homeland Security Headquarters Consolidation Accountability Act of 2015 (Pub. L. No. 114-150) was enacted on April 29, 2016. Among other things, the act requires DHS, in coordination with GSA, to submit information to Congress about DHS headquarters consolidation efforts not later than 120 days of enactment. As of March 2017, DHS and GSA had not submitted the information to Congress required by Pub. L. No. 114-150. Officials stated that the information would be submitted as soon as possible, but exact timeframes were uncertain given ongoing project deliberations and internal reviews. Required information includes: a comprehensive assessment of property and facilities utilized by DHS in the National Capital Region; an analysis that identifies the costs and benefits of leasing and construction alternatives for the remainder of the consolidation project; and updated cost and schedule estimates for the project that are consistent with GAO's recommendations in GAO-14-648. Furthermore, the act requires the Comptroller General to evaluate the cost and schedule estimates not later than 90 days after their submittal to Congress. A comprehensive report to Congress on DHS headquarters consolidation, along with reliable project cost and schedule estimates, could inform Congress's funding decisions.
    Director: Morris, Steve D
    Phone: (202) 512-3841

    1 open recommendations
    Recommendation: To improve the federal response to ocean acidification, the appropriate entities within the Executive Office of the President, including the Office of Science and Technology Policy and the National Science and Technology Council's Subcommittee on Ocean Science and Technology, in consultation with the agencies in the interagency working group, should establish an ocean acidification information exchange.

    Agency: Executive Office of the President
    Status: Open

    Comments: The agency concurred with this recommendation and expects to launch the information exchange in early 2018, according to agency officials.
    Director: Michelle Sager
    Phone: (202) 512-6806

    1 open recommendations
    Recommendation: To improve transparency in the rulemaking process, provide agencies and the public with information on why regulations are considered to be significant regulatory actions, and promote consistency in the designation of rules as significant regulatory actions, the Director of the Office of Management and Budget should work with agencies to clearly communicate the reasons for designating a regulation as a significant regulatory action. Specifically, OMB should encourage agencies to clearly state in the preamble of final significant regulations the section of Executive Order 12866's definition of a significant regulatory action that applies to the regulation.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: In a May 14, 2015 letter to the Chairman of the Senate Committee on Homeland Security and Governmental Affairs, the Director of OMB stated that nothing in the Executive Order 12866 prevents agencies from identifying the particular relevant definition of significance in rules, and that some rules do contain this information. However, OMB believes it is appropriate to leave agencies flexibility in how they comply with Executive Order 12866, since such specific procedures for including such information is not a requirement of the Executive Order itself. As of February 2017, the Office of Information and Regulatory Affairs has not taken action. We will continue to monitor this to see whether action is taken.
    Director: Gregory C. Wilshusen
    Phone: (202) 512-6244

    16 open recommendations
    including 1 priority recommendation
    Recommendation: To ensure that the privacy and security controls of contractor-operated systems are being properly overseen, the Secretary of Energy should develop, document, and implement oversight procedures for ensuring that, for each contractor-operated system, a system test plan is developed.

    Agency: Department of Energy
    Status: Open

    Comments: DOE concurred with the recommendation. However, DOE has not yet provided sufficient evidence that it has implemented the recommendation. We plan to validate the department's actions when DOE informs us that it has satisfactorily implemented the recommendation.
    Recommendation: To ensure that the privacy and security controls of contractor-operated systems are being properly overseen, the Secretary of Energy should develop, document, and implement oversight procedures for ensuring that, for each contractor-operated system, a system test is fully executed.

    Agency: Department of Energy
    Status: Open

    Comments: DOE concurred with the recommendation. However, DOE has not yet provided sufficient evidence that it has implemented the recommendation. We plan to validate the department's actions when DOE informs us that it has implemented the recommendation.
    Recommendation: To ensure that the privacy and security controls of contractor-operated systems are being properly overseen, the Secretary of Energy should develop, document, and implement oversight procedures for ensuring that, for each contractor-operated system, test results are reviewed by agency officials.

    Agency: Department of Energy
    Status: Open

    Comments: DOE concurred with the recommendation. However, DOE has not yet provided sufficient evidence that it has implemented the recommendation. We plan to validate the department's actions when DOE informs us that it has implemented the recommendation.
    Recommendation: To ensure that the privacy and security controls of contractor-operated systems are being properly overseen, the Secretary of State should develop, document, and implement oversight procedures for ensuring that, for each contractor-operated system, security and privacy requirements are communicated to contractors.

    Agency: Department of State
    Status: Open

    Comments: The Department of State concurred with our recommendation and is planning to develop, document, and implement oversight procedures for each contractor-operated, contractor-owned system. However, STATE has not yet provided sufficient evidence that it has implemented the recommendation. We plan to validate the department's actions when STATE informs us that it has satisfactorily implemented the recommendation.
    Recommendation: To ensure that the privacy and security controls of contractor-operated systems are being properly overseen, the Secretary of State should develop, document, and implement oversight procedures for ensuring that, for each contractor-operated system, an independent assessor is selected to assess the system.

    Agency: Department of State
    Status: Open

    Comments: The Department of State concurred with our recommendation and is planning to develop, document, and implement oversight procedures for each contractor-operated, contractor-owned system. However, STATE has not yet provided sufficient evidence that it has implemented the recommendation. We plan to validate the department's actions when STATE informs us that it has implemented the recommendation.
    Recommendation: To ensure that the privacy and security controls of contractor-operated systems are being properly overseen, the Secretary of State should develop, document, and implement oversight procedures for ensuring that, for each contractor-operated system, a system test is fully executed.

    Agency: Department of State
    Status: Open

    Comments: The Department of State concurred with our recommendation and is planning to develop, document, and implement oversight procedures for each contractor-operated, contractor-owned system. However, STATE has not yet provided sufficient evidence that it has implemented the recommendation. We plan to validate the department's actions when STATE informs us that it has implemented the recommendation.
    Recommendation: To ensure that the privacy and security controls of contractor-operated systems are being properly overseen, the Secretary of State should develop, document, and implement oversight procedures for ensuring that, for each contractor-operated system, test results are reviewed by agency officials.

    Agency: Department of State
    Status: Open

    Comments: The Department of State concurred with our recommendation and is planning to develop, document, and implement oversight procedures for each contractor-operated, contractor-owned system. However, STATE has not yet provided sufficient evidence that it has implemented the recommendation. We plan to validate the department's actions when STATE informs us that it has implemented the recommendation.
    Recommendation: To ensure that the privacy and security controls of contractor-operated systems are being properly overseen, the Secretary of State should develop, document, and implement oversight procedures for ensuring that, for each contractor-operated system, plans of action and milestones with estimated completion dates and resources assigned for resolution are maintained.

    Agency: Department of State
    Status: Open

    Comments: The Department of State concurred with our recommendation and is planning to develop, document, and implement oversight procedures for each contractor-operated, contractor-owned system. However, STATE has not yet provided sufficient evidence that it has implemented the recommendation. We plan to validate the department's actions when STATE informs us that it has implemented the recommendation.
    Recommendation: To ensure that the privacy and security controls of contractor-operated systems are being properly overseen, the Secretary of Transportation should develop, document, and implement oversight procedures for ensuring that, for each contractor-operated system, security and privacy requirements are communicated to contractors.

    Agency: Department of Transportation
    Status: Open

    Comments: In written comments on a draft of this report, the department agreed to consider our recommendations. We continue to believe that the department needs to develop, document, and implement oversight procedures for each contractor-operated system. DOT has not yet provided sufficient evidence that it has taken these actions. We plan to validate the department's actions when DOT informs us that it has satisfactorily implemented the recommendation.
    Recommendation: To ensure that the privacy and security controls of contractor-operated systems are being properly overseen, the Secretary of Transportation should develop, document, and implement oversight procedures for ensuring that, for each contractor-operated system, a system test is fully executed.

    Agency: Department of Transportation
    Status: Open

    Comments: In written comments on a draft of this report, the department agreed to consider our recommendations. We continue to believe that the department needs to develop, document, and implement oversight procedures for each contractor-operated system. DOT has not yet provided sufficient evidence that it has taken these actions. We plan to validate the department's actions when DOT informs us that it has implemented the recommendation.
    Recommendation: To ensure that the privacy and security controls of contractor-operated systems are being properly overseen, the Secretary of Transportation should develop, document, and implement oversight procedures for ensuring that, for each contractor-operated system, test results are reviewed by agency officials.

    Agency: Department of Transportation
    Status: Open

    Comments: In written comments on a draft of this report, the department agreed to consider our recommendations. We continue to believe that the department needs to develop, document, and implement oversight procedures for each contractor-operated system. DOT has not yet provided sufficient evidence that it has taken these actions. We plan to validate the department's actions when DOT informs us that it has implemented the recommendation.
    Recommendation: To ensure that the privacy and security controls of contractor-operated systems are being properly overseen, the Secretary of Transportation should develop, document, and implement oversight procedures for ensuring that, for each contractor-operated system, plans of action and milestones with estimated completion dates and resources assigned to resolution are maintained.

    Agency: Department of Transportation
    Status: Open

    Comments: In written comments on a draft of this report, the department agreed to consider our recommendations. We continue to believe that the department needs to develop, document, and implement oversight procedures for each contractor-operated system. DOT has not yet provided sufficient evidence that it has taken these actions. We plan to validate the department's actions when DOT informs us that it has implemented the recommendation.
    Recommendation: To ensure that the privacy and security controls of contractor-operated systems are being properly overseen, the Administrator of the Environmental Protection Agency should develop, document, and implement oversight procedures for ensuring that, for each contractor-operated system, a system test is fully executed.

    Agency: Environmental Protection Agency
    Status: Open

    Comments: EPA concurred with our recommendation. However, EPA has not yet provided evidence that it has implemented the recommendation. We plan to validate the department's actions when EPA informs us that it has implemented the recommendation.
    Recommendation: To ensure that the privacy and security controls of contractor-operated systems are being properly overseen, the Administrator of the Environmental Protection Agency should develop, document, and implement oversight procedures for ensuring that, for each contractor-operated system, plans of action and milestones with estimated completion dates and resources assigned for resolution are maintained.

    Agency: Environmental Protection Agency
    Status: Open

    Comments: EPA concurred with our recommendation. However, EPA has not yet provided evidence that it has implemented the recommendation. We plan to validate the department's actions when EPA informs us that it has implemented the recommendation.
    Recommendation: To ensure that the privacy and security controls of contractor-operated systems are being properly overseen, the Director of the Office of Personnel Management should develop, document, and implement oversight procedures for ensuring that a system test is fully executed for each contractor-operated system.

    Agency: Office of Personnel Management
    Status: Open
    Priority recommendation

    Comments: OPM concurred with our recommendation. However, as of April 2017, OPM had not implemented the recommendation to develop, document and implement oversight procedures to ensure that a system test is fully executed for each contractor-operated system. We will monitor OPM's efforts and validate OPM actions when evidence discloses that the recommendation has been implemented.
    Recommendation: To be able to effectively assist agencies with their contractor oversight programs, the Director of the Office of Management and Budget, in collaboration with the Secretary of Homeland Security, should develop and clarify reporting guidance to agencies for annually reporting the number of contractor-operated systems.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: We requested comments on a draft of this report from the Office of Management and Budget, but none were provided. In June 2017, OMB stated that its and DHS's annual reporting requirements now contain an expanded list of criteria for contractor-operated systems, including definitions in related guidance from the National Institute of Standards and Technology. However, although the reporting requirements call for agencies to report on their total number of contractor-operated systems, neither the requirements or related guidance clarify which agency systems that have contractor relationships should be categorized as contractor-operated. The lack of clear instructions may continue to result in incomplete information regarding the number of contractor-operated systems within the government.
    Director: John H. Pendleton
    Phone: (202) 512-3489

    1 open recommendations
    Recommendation: To assist DOD in conducting any future comprehensive assessments of roles and missions that reflect appropriate statutory requirements, the Secretary of Defense should develop a comprehensive process that includes (1) a planned approach, including the principles or assumptions used to inform the assessment, that addresses all statutory requirements; (2) the involvement of key DOD stakeholders, such as the armed services, Joint Staff, and other officials within the department; (3) an opportunity to identify and involve appropriate external stakeholders, to provide input to inform the assessment; and (4) time frames with milestones for conducting the assessment and for reporting on its results.

    Agency: Department of Defense
    Status: Open

    Comments: The Department of Defense (DOD) has not subsequently conducted a comprehensive assessment of roles and missions. However, a DOD official responsible for force development stated that, in response to our report, DOD has taken specific steps to improve the force planning guidance it uses to inform its annual Planning, Programming, Budgeting, and Execution process, including in ways that reflect evolving roles and missions of the military services. As of August 2016, DOD has still not conducted a subsequent comprehensive assessment of roles and missions; however according to a DOD official, through the normal Fiscal Year 2017 Program Review and development of internal force planning guidance in advance of the budget cycle, a range of discussions touching on roles and missions have occurred.
    Director: Robert Goldenkoff
    Phone: (202) 512-2757

    2 open recommendations
    including 1 priority recommendation
    Recommendation: To improve the classification system and to strengthen OPM's management and oversight, the Director of OPM, working through the Chief Human Capital Officer Council, and in conjunction with key stakeholders such as the Office of Management and Budget, unions, and others, should use prior studies and lessons learned from demonstration projects and alternative systems to examine ways to make the GS system's design and implementation more consistent with the attributes of a modern, effective classification system. To the extent warranted, develop a legislative proposal for congressional consideration.

    Agency: Office of Personnel Management
    Status: Open
    Priority recommendation

    Comments: As of April 2017, OPM officials said they continue to meet on a regular basis with the Interagency Classification Policy Forum group to inform strategies and action plans for implementation of general schedule system best practices. As a result, they have made changes for conducting occupational studies through various actions, including streamlining their process for conducting occupational studies. These actions include the cancellation of 21 occupational series with minimal agency use (25 or fewer Federal employees reported) and upcoming policy issuances - the Handbook of Occupational Groups and Families and the Interpretive Guidance for Cybersecurity Positions and 17 Professional Medical and Health occupational series. In addition, they have developed a methodology to streamline studies for occupational series with 1,000 or less Federal employees. OPM officials said any further action to develop a legislative proposal for congressional consideration would be contingent upon having permanent OPM leadership in place. We will continue to monitor OPM's efforts.
    Recommendation: To improve the classification system and to strengthen OPM's management and oversight, the Director of OPM should develop cost-effective mechanisms to oversee agency implementation of the classification system as required by law, and develop a strategy that will enable OPM to more effectively and routinely monitor agencies' implementation of classification standards.

    Agency: Office of Personnel Management
    Status: Open

    Comments: In June 2016, OPM officials said the agency had designed several efforts to improve the classification system and strengthen oversight: (1) OPM is reviewing occupational series post studies to assess whether agencies are implementing classification policy updates and new issuances. (2) Decisions from the classification appeals program are issued to monitor implementation of classification standards. (3) The classification policy group has formalized the participation of the Merit System Accountability and Compliance group to discuss best practices in monitoring and overseeing classification policies and is planning a related classification forum. We will continue to monitor these efforts. Specifically, OPM officials said they were conducting occupational series post studies of custodians, public affairs, financial management, sustainability and other White House initiatives. We will continue to monitor OPM's efforts.
    Director: Gregory C. Wilshusen
    Phone: (202) 512-6244

    1 open recommendations
    Recommendation: To improve the consistency and effectiveness of government-wide implementation of information security programs and privacy requirements at small agencies, the Director of OMB should include in the annual report to Congress on agencies' implementation of the Federal Information Security Management Act (FISMA): a list of agencies that did not report on implementation of their information security programs.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: OMB concurred with the recommendation but has not yet provided sufficient evidence that it has implemented the recommendation.
    Director: David C. Trimble
    Phone: (202) 512-3841

    1 open recommendations
    including 1 priority recommendation
    Recommendation: To ensure that the security of radiological sources at industrial facilities is reasonably assured, the Chairman of the Nuclear Regulatory Commission should conduct an assessment of the T&R process--by which licensees approve employees for unescorted access--to determine if it provides reasonable assurance against insider threats, including (1) determining why criminal history information concerning convictions for terroristic threats was not provided to a licensee during the T&R process to establish if this represents an isolated case or a systemic weakness in the T&R process; and (2) revising, to the extent permitted by law, the T&R process to provide specific guidance to licensees on how to review a employee's background. NRC should also consider whether certain criminal convictions or other indicators should disqualify an employee from T&R or trigger a greater role for NRC.

    Agency: Nuclear Regulatory Commission
    Status: Open
    Priority recommendation

    Comments: On December 14, 2016, the NRC provided Congress with a report detailing its review of the effectiveness of the requirements in 10 CFR Part 37 to determine whether any additional security measures, guidance updates, rulemaking changes, or licensee outreach efforts are appropriate. The completion of the 10 CFR Part 37 program review included insights into the effectiveness of the T&R process. Specifically, the review generated recommendations for enhancements in the area of T&R, including, among other things, increased controls for protection of information related to individuals having access to Category 1 and 2 quantities of radioactive materials; improved guidance related to information individuals must disclose when applying for unescorted access; development of sample forms or templates for use in T&R evaluations; and improved coordination efforts with the FBI to share potential terrorist threat information involving individuals seeking approval for new or continued unescorted access to Category 1 and 2 quantities of radioactive materials. However, certain aspects of the NRC staff's assessment of the T&R process remain ongoing. Specifically, on November 25, 2016, the staff closed Temporary Instruction (TI) 2800/042, "Evaluation of Trustworthiness and Reliability Determinations," and is using the information gained from the TI to consider additional enhancements to the T&R process. As part of this continuing effort, the NRC will evaluate the potential use of disqualifying criteria in making T&R determinations and the incorporation of additional insider mitigation program features, such as requiring the self-reporting of legal actions, into the T&R process to which the individual has been subject. The NRC expects this evaluation to be completed in December 2017.
    Director: Gregory C. Wilshusen
    Phone: (202) 512-6244

    5 open recommendations
    Recommendation: To enhance the cybersecurity of critical infrastructure in the maritime sector, the Secretary of Homeland Security should direct the Commandant of the Coast Guard to work with federal and nonfederal partners to ensure that the maritime risk assessment includes cyber-related threats, vulnerabilities, and potential consequences.

    Agency: Department of Homeland Security
    Status: Open

    Comments: In April 2017, USCG stated that the National Maritime Strategic Risk Assessment (NMSRA) was still being finalized. The agency stated that they expected this to be completed by July 2017. Once completed, we will analyze the results of the NMSRA in order to validate the extent to which its contents implement our recommendation.
    Recommendation: To enhance the cybersecurity of critical infrastructure in the maritime sector, the Secretary of Homeland Security should direct the Commandant of the Coast Guard to use the results of the risk assessment to inform how guidance for area maritime security plans, facility security plans, and other securityrelated planning should address cyber-related risk for the maritime sector.

    Agency: Department of Homeland Security
    Status: Open

    Comments: In April 2017, USCG stated that it had developed a draft Navigation and Vessel Inspection Circular (NVIC) to provide guidance on assessment methods that assist vessel and facility owners and operators identify and address cybersecurity vulnerabilities. USCG stated that the draft NVIC would be published in the Federal Register for 60 days, to enable maritime stakeholders to review and provide comment. Once USCG provides us a final copy of the NVIC, we will analyze it to determine if it provides guidance for addressing cyber-related risk in the maritime sector.
    Recommendation: To enhance the cybersecurity of critical infrastructure in the maritime sector, the Secretary of Homeland Security should direct the Commandant of the Coast Guard to work with federal and nonfederal stakeholders to determine if the Maritime Modal Sector Coordinating Council should be reestablished to better facilitate stakeholder coordination and information sharing across the maritime environment at the national level.

    Agency: Department of Homeland Security
    Status: Open

    Comments: In April 2017, the U.S. Coast Guard (USCG) stated that the tasking for the National Maritime Security Advisory Committee to explore the issue of information sharing mechanisms in regards to cyber information had been completed. However, USCG did not mention any decision related to the reestablishment of the sector coordinating council.
    Recommendation: To help ensure the effective use of Port Security Grant Program funds to support the program's stated mission of addressing vulnerabilities in the maritime port environment, the Secretary of Homeland Security should direct the FEMA Administrator, in coordination with the Coast Guard, to develop procedures for officials at the field review level (i.e., captains of the port) and national review level (i.e., the National Review Panel and FEMA) to consult cybersecurity subject matter experts from the Coast Guard and other relevant DHS components, if applicable, during the review of cybersecurity grant proposals for funding.

    Agency: Department of Homeland Security
    Status: Open

    Comments: In June 2017, FEMA officials stated they would provide GAO an update on the status of the recommendation by July 2017. Once provided, we will analyze the information we receive and update status of implementation efforts.
    Recommendation: To help ensure the effective use of Port Security Grant Program funds to support the program's stated mission of addressing vulnerabilities in the maritime port environment, the Secretary of Homeland Security should direct the FEMA Administrator, in coordination with the Coast Guard, to use any information on cyberrelated threats, vulnerabilities, and consequences identified in the maritime risk assessment to inform future versions of funding guidance for grant applicants and reviews at the field and national levels.

    Agency: Department of Homeland Security
    Status: Open

    Comments: In June 2017, FEMA officials stated they would provide GAO an update on the status of the recommendation by July 2017. Once provided, we will analyze the information received and update status of implementation efforts.
    Director: Carol R. Cha
    Phone: (202) 512-4456

    100 open recommendations
    including 2 priority recommendations
    Recommendation: To ensure the effective management of software licenses, the Secretary of Agriculture should develop an agency-wide comprehensive policy for the management of software licenses that addresses the weaknesses we identified.

    Agency: Department of Agriculture
    Status: Open

    Comments: In written comments to our report, the Department of Agriculture concurred with our recommendation. In July 2017, Agriculture reported on actions taken to address this recommendation, including the development of a draft software license management policy to address Information Technology Asset Management (ITAM) procedures and practices. We will follow-up with the department to monitor its progress in completing an agency-wide comprehensive policy for the management of software licenses.
    Recommendation: To ensure the effective management of software licenses, the Secretary of Agriculture should establish a comprehensive inventory of software licenses using automated tools for the majority of agency software license spending and/or enterprise-wide licenses.

    Agency: Department of Agriculture
    Status: Open

    Comments: The Department of Agriculture agreed with our recommendation and, in July 2017 reported that it has established a comprehensive software license inventory. We will request additional information to validate the extent to which Agriculture addressed this recommendation.
    Recommendation: To ensure the effective management of software licenses, the Secretary of Agriculture should regularly track and maintain a comprehensive inventory of software licenses using automated tools and metrics.

    Agency: Department of Agriculture
    Status: Open

    Comments: The Department of Agriculture agreed with our recommendation. In July 2017, Agriculture reported on actions taken to address this recommendation. For example, Agriculture reported that it uses the Bigfix network management tool to track software. We will request additional information to validate the extent to which Agriculture regularly tracks and maintains the department's inventory of software licenses; and analyzes software data to inform decision making.
    Recommendation: To ensure the effective management of software licenses, the Secretary of Agriculture should analyze agency-wide software license data, such as costs, benefits, usage, and trending data, to identify opportunities to reduce costs and better inform investment decision making.

    Agency: Department of Agriculture
    Status: Open

    Comments: The Department of Agriculture agreed with our recommendation. In July 2017, Agriculture reported on actions taken to address this recommendation. For example, agriculture reported that it continues to analyze existing contracts to show their utilization. We will request additional information to validate the extent to which Agriculture analyzes agency-wide software license data to identify opportunities to reduce costs and better inform investment decision making.
    Recommendation: To ensure the effective management of software licenses, the Secretary of Agriculture should provide software license management training to appropriate agency personnel addressing contract terms and conditions, negotiations, laws and regulations, acquisition, security planning, and configuration management.

    Agency: Department of Agriculture
    Status: Open

    Comments: In July 2017, Agriculture reported on actions taken to address this recommendation. For example, Agriculture reported that members of its Category Management Team have worked with GSA over the past year to better understand the terms and conditions of vendors, such as Oracle and Microsoft. In addition, Agriculture reported that the members maintain a Contracting Officer's Representative certification and attend continuous training on software procurement, contracting laws regulations and negotiations. We will request additional information to validate the extent to which Agriculture provided appropriate agency personnel with sufficient software license management training.
    Recommendation: To ensure the effective management of software licenses, the Secretary of Commerce should develop an agency-wide comprehensive policy for the management of software licenses that addresses the weaknesses we identified.

    Agency: Department of Commerce
    Status: Open

    Comments: The Department of Commerce concurred with our recommendation. In April 2017, the department reported that it has established an integrated project team (IPT) team with representation from the bureau enterprise architecture teams to develop a methodology of managing software licenses across the department. In addition, Commerce reported that the IPT is chartered to refine the department's software licenses policy over time and provide guidance in establishing an enterprise license software management practice. We will continue to monitor the department's progress in implementing a comprehensive software license management policy.
    Recommendation: To ensure the effective management of software licenses, the Secretary of Commerce should employ a centralized software license management approach that is coordinated and integrated with key personnel for the majority of agency software license spending and/or enterprise-wide licenses.

    Agency: Department of Commerce
    Status: Open

    Comments: The Department of Commerce partially concurred with our recommendation. In April 2017, the department reported that it has established an integrated project team (IPT) with representation from the bureau enterprise architecture teams to develop a methodology of managing licenses across the department. In addition, the department reported that the IPT is chartered to refine the software policy over time and provide guidance in establishing an enterprise license management practice. We will continue to monitor the department's progress in implementing this recommendation.
    Recommendation: To ensure the effective management of software licenses, the Secretary of Commerce should establish a comprehensive inventory of software licenses using automated tools for the majority of agency software license spending and/or enterprise-wide licenses.

    Agency: Department of Commerce
    Status: Open
    Priority recommendation

    Comments: The Department of Commerce partially concurred with our recommendation. In April 2017, Commerce reported that it has conducted an inventory of software licenses through a data call and inventory collection template. Commerce also reported that it is evaluating how to automate the inventory process by leveraging the portfolio of deployed network discovery tools for identifying installed licensed products, collating and ingesting the information into a repository for maintenance and reporting of the data. We will continue to monitor the department's progress in implementing automated discovery and inventory tools in support of its department-wide software license inventory.
    Recommendation: To ensure the effective management of software licenses, the Secretary of Commerce should regularly track and maintain a comprehensive inventory of software licenses using automated tools and metrics.

    Agency: Department of Commerce
    Status: Open

    Comments: The Department of Commerce partially concurred with our recommendation. In April 2017, Commerce reported that it has conducted an inventory of software licenses through a data call and inventory collection template. Commerce also reported that it is evaluating how to automate the inventory process by leveraging the portfolio of deployed network discovery tools for identifying installed licensed products, collating and ingesting the information into a repository for maintenance and reporting of the data. We will continue to monitor the department's progress in implementing automated discovery and inventory tools in support of its department-wide software license inventory.
    Recommendation: To ensure the effective management of software licenses, the Secretary of Commerce should analyze agency-wide software license data, such as costs, benefits, usage, and trending data, to identify opportunities to reduce costs and better inform investment decision making.

    Agency: Department of Commerce
    Status: Open

    Comments: The Department of Commerce partially concurred with our recommendation. In April 2017, the department reported that it has established an integrated project team (IPT) with representation from the bureau enterprise architecture teams to develop a methodology of managing licenses across the department. In addition, the department reported that the IPT is chartered to refine the software policy over time and provide guidance in establishing an enterprise license management practice. We will continue to monitor the department's progress in implementing this recommendation.
    Recommendation: To ensure the effective management of software licenses, the Secretary of Commerce should provide software license management training to appropriate agency personnel addressing contract terms and conditions, negotiations, laws and regulations, acquisition, security planning, and configuration management.

    Agency: Department of Commerce
    Status: Open

    Comments: The Department of Commerce partially concurred with our recommendation. In April 2017, the department reported that it has established an integrated project team (IPT) with representation from the bureau enterprise architecture teams to develop a methodology of managing licenses across the department. In addition, the department reported that the IPT is chartered to refine the software policy over time and provide guidance in establishing an enterprise license management practice. We will continue to monitor the department's progress in implementing this recommendation.
    Recommendation: To ensure the effective management of software licenses, the Secretary of Defense should develop an agency-wide comprehensive policy for the management of software licenses that addresses the weaknesses we identified

    Agency: Department of Defense
    Status: Open

    Comments: In March 2016, the Department of Defense reported that it was in the process of developing policy and guidance for software license management with issuance expected by the end of fiscal year 2017. As of July 2017, the department did not provide additional information. We plan to follow up with the agency to obtain supporting documents and continue to monitor its progress in implementing this recommendation.
    Recommendation: To ensure the effective management of software licenses, the Secretary of Defense should employ a centralized software license management approach that is coordinated and integrated with key personnel for the majority of agency software license spending and/or enterprise-wide licenses.

    Agency: Department of Defense
    Status: Open

    Comments: In March 2016, the Department of Defense (DOD) reported on actions to implement a more centralized software license management approach. For example, the department reported that the DOD CIO is leveraging the DOD Enterprise Software Initiative and joint enterprise license agreement efforts centrally managed by the Defense Information Systems Agency to coordinate centralized acquisitions for licenses that are commonly purchased across DOD. The DOD CIO also issued a memorandum on November 16, 2015 directing department-wide migration to the Microsoft Windows 10 Operating System by January 2017 for all Windows-based desktop and laptop computers, which will support an enterprise approach for centrally coordinating software license management. However, as of July 2017, the department did not provide additional information. We will follow up with the agency to obtain supporting documents and continue to monitor its progress in implementing this recommendation.
    Recommendation: To ensure the effective management of software licenses, the Secretary of Defense should establish a comprehensive inventory of software licenses using automated tools for the majority of agency software license spending and/or enterprise-wide licenses.

    Agency: Department of Defense
    Status: Open

    Comments: The Department of Defense partially concurred to develop comprehensive inventory for the management of software licenses. In March 2016, DOD reported on actions to implement a comprehensive inventory using automated tools. For example, DOD reported that it has completed a software inventory license reporting plan and continues to automate security domains for asset management and plans to implement automated support and processes for software license management processes in Fiscal Year 2020. However, as of July 2017, the department did not provide additional information. We will follow up with the agency to obtain supporting documents and continue to monitor its progress in implementing this recommendation.
    Recommendation: To ensure the effective management of software licenses, the Secretary of Defense should regularly track and maintain a comprehensive inventory of software licenses using automated tools and metrics.

    Agency: Department of Defense
    Status: Open

    Comments: The Department of Defense partially concurred with this recommendation to develop a comprehensive inventory for the management of software licenses. In March 2016, DOD reported on actions to implement this recommendation. For example, DOD reported that it has completed a software inventory license reporting plan and continues to automate security domains for asset management and plans to implement automated support and processes for software license management processes in Fiscal Year 2020. However, the department did not provide additional information as of July 2017. We will follow up with the agency to obtain supporting documents and continue to monitor its progress in implementing this recommendation.
    Recommendation: To ensure the effective management of software licenses, the Secretary of Defense should analyze agency-wide software license data, such as costs, benefits, usage, and trending data, to identify opportunities to reduce costs and better inform investment decision making.

    Agency: Department of Defense
    Status: Open
    Priority recommendation

    Comments: The Department of Defense concurred with this recommendation. DOD made progress in implementing this recommendation by analyzing Fiscal Year 2013 selected software inventory data from 31 of 32 components. However, as of October 2016, DOD had not yet fully implemented this recommendation because it had not established automated discovery and inventory tools to maintain and track a comprehensive inventory of licenses, which are needed to fully and routinely analyze agency-wide software licensing data. Further, the department did not provide additional information as of July 2017. We will follow up with the agency to obtain supporting documents and continue to monitor its progress in implementing this recommendation.
    Recommendation: To ensure the effective management of software licenses, the Secretary of Defense should provide software license management training to appropriate agency personnel addressing contract terms and conditions, negotiations, laws and regulations, acquisition, security planning, and configuration management.

    Agency: Department of Defense
    Status: Open

    Comments: The Department of Defense concurred with this recommendation. In March 2016, DOD reported on actions to implement this recommendation. For example, DOD added a new webinar training session on software license management and developed a two-day in-person training course on "Strategic Vendor Management" that introduces participants to category management best practices for commercial software. DOD also reported that it expects to establish additional training on software license management by the end of fiscal year 2016. However, the department did not provide updated information as of July 2017. We will follow up with the agency to obtain supporting documents and continue to monitor its progress in implementing this recommendation.
    Recommendation: To ensure the effective management of software licenses, the Secretary of Education should develop an agency-wide comprehensive policy for the management of software licenses that addresses the weaknesses we identified.

    Agency: Department of Education
    Status: Open

    Comments: The Department of Education concurred with this recommendation. In August 2016, the Department provided evidence that it has developed agency-wide policy that addresses six of the seven elements that a comprehensive software licensing policy should specify. However, as of August 2017, the department did not provide evidence that its policy specifically addresses the analysis of software license data such as usage to inform decision making. We will follow up with the agency to obtain additional information on its software licensing policy and continue to monitor its progress in implementing this recommendation.
    Recommendation: To ensure the effective management of software licenses, the Secretary of Education should analyze agency-wide software license data, such as costs, benefits, usage, and trending data, to identify opportunities to reduce costs and better inform investment decision making.

    Agency: Department of Education
    Status: Open

    Comments: The Department of Education concurred with this recommendation. In August 2016, the department reported that it regularly analyzes agency-wide software license data, such as costs, benefits, usage, and trending data, to identify opportunities to reduce costs and better inform investment decision making. For example, the department said that it manually analyzes software data by comparing data in the software inventory database with requests for software acquisitions. However, as of August 2017, the department did not provide documentation on its analysis of agency-wide software license data or on the extent to which this information was used to inform investment decisions to identify opportunities to reduce costs. We will follow-up with the department to obtain documentation supporting actions to fully implement this recommendation.
    Recommendation: To ensure the effective management of software licenses, the Secretary of Education should provide software license management training to appropriate agency personnel addressing contract terms and conditions, negotiations, laws and regulations, acquisition, security planning, and configuration management.

    Agency: Department of Education
    Status: Open

    Comments: The Department of Education concurred with this recommendation. The department has made progress in implementing this recommendation by providing its staff with software license training, including training on its software tracking database. In addition, the department's Software Asset Management and Acquisition Policy (SAMA) require employees to take training on the SAMA policy and computer software piracy. However, as of August 2017, the department did not demonstrate that it offers training in other important areas specific to software license management, such as contract terms and conditions, laws, and regulations. We will continue to monitor the agency's progress in implementing this recommendation.
    Recommendation: To ensure the effective management of software licenses, the Secretary of Energy should develop an agency-wide comprehensive policy for the management of software licenses that addresses the weaknesses we identified.

    Agency: Department of Energy
    Status: Open

    Comments: In the Department of Energy's written comments the agency neither agreed nor disagreed with our recommendation, but stated it has taken a number of steps to aggregate software licensing. In March 2017, Energy reported that it had developed an agency-wide comprehensive policy for the management of software licenses. In addition, the department reported that the policy encourages the consolidation of software package acquisition, volume purchasing arrangements, enterprise wide agreements and best practices in software implementation. However, the department has not yet provided documentation of its policy. We will follow-up with the department to obtain supporting documentation and continue to monitor its progress in implementing this recommendation.
    Recommendation: To ensure the effective management of software licenses, the Secretary of Energy should employ a centralized software license management approach that is coordinated and integrated with key personnel for the majority of agency software license spending and/or enterprise-wide licenses.

    Agency: Department of Energy
    Status: Open

    Comments: In the Department of Energy's written comments the agency neither agreed nor disagreed with our recommendation, but stated it had taken a number of steps to aggregate software licensing, and at that time had no plans to centralize software licensing. In March 2017, the department reported that it's Office of the Chief Information Officer's Enterprise Wide Agreement (EWA) program host periodic conference calls with key IT representatives across the department's complex and recommend common software for consideration by the EWA program. In addition, the department reported that its Office of Management, Strategic Programs Division holds meetings throughout the department to facilitate a centralized management approach towards purchasing. However, the department has not provided evidence that it employs a centralized software management approach that is coordinated and integrated with key personnel for the majority of the agency's software licenses spending and/or enterprise-wide licenses. We will continue to monitor the agency's progress in implementing this recommendation.
    Recommendation: To ensure the effective management of software licenses, the Secretary of Energy should establish a comprehensive inventory of software licenses using automated tools for the majority of agency software license spending and/or enterprise-wide licenses.

    Agency: Department of Energy
    Status: Open

    Comments: In the Department of Energy's written comments the agency neither agreed nor disagreed with our recommendation, but stated it had taken a number of steps to aggregate software licensing, and at that time had no plans to centralize software licensing. In March 2017, the department reported that it's Office of the Chief Information Officer's Enterprise Wide Agreement (EWA) program hosts periodic conference calls with key IT representatives across the department's complex and recommend common software for consideration by the EWA program. In addition, the department reported that its Office of Management, Strategic Programs Division holds meetings throughout the department to facilitate a centralized management approach towards purchasing. However, the department has not provided evidence that it employs a centralized software management approach that is coordinated and integrated with key personnel for the majority of the department's software licenses spending and/or enterprise-wide licenses. We will continue to monitor the department's progress in implementing this recommendation
    Recommendation: To ensure the effective management of software licenses, the Secretary of Energy should regularly track and maintain a comprehensive inventory of software licenses using automated tools and metrics.

    Agency: Department of Energy
    Status: Open

    Comments: In Energy's written comments the agency neither agreed nor disagreed with our recommendation. In March 2017, DOE reported on actions to implement this recommendation. Consistent with the Act's provisions, Energy is working with GSA on providing usage data and support needed for the establishment of government-wide software contracts. The agency noted that it continues to use Continuous Monitoring and Diagnostic tools to inventory and consolidate software usage and eliminate unnecessary maintenance support costs. We have not yet validated agency actions on this recommendation.
    Recommendation: To ensure the effective management of software licenses, the Secretary of Energy should analyze agency-wide software license data, such as costs, benefits, usage, and trending data, to identify opportunities to reduce costs and better inform investment decision making.

    Agency: Department of Energy
    Status: Open

    Comments: In the Department of Energy's written comments the agency neither agreed nor disagreed with our recommendation, but stated it has taken a number of steps to aggregate software licensing. In March 2017, Energy stated that it is analyzing agency-wide software data through the CIO's Enterprise Wide Agreement program which hosts periodic conference calls with key IT representatives across Energy. However, Energy has not provided evidence that it is fully analyzing agency-wide software license data to inform investment decisions and identify opportunities to reduce costs. We will follow up with the agency to obtain supporting documents and continue to monitor its progress in implementing this recommendation.
    Recommendation: To ensure the effective management of software licenses, the Secretary of Energy should provide software license management training to appropriate agency personnel addressing contract terms and conditions, negotiations, laws and regulations, acquisition, security planning, and configuration management.

    Agency: Department of Energy
    Status: Open

    Comments: In Energy's written comments the agency neither agreed nor disagreed with our recommendation. In March 2017, the department noted that training for employees is managed on an office-by-office basis as part of the Individual Development and Training Needs Assessment Process and those individuals needing such training can be self-identified or identified by their supervisor for training. We will follow up with Energy to obtain documentation on its software license management training.
    Recommendation: To ensure the effective management of software licenses, the Secretary of Health and Human Services should develop an agency-wide comprehensive policy for the management of software licenses that addresses the weaknesses we identified.

    Agency: Department of Health and Human Services
    Status: Open

    Comments: The Department of Health and Human Services (HHS) neither agreed nor disagreed with this recommendation. We have requested documentation regarding implementation of this recommendation, and as of July 2017, are awaiting a response. We will follow up with HHS to obtain supporting documentation and continue monitoring its progress in implementing this recommendation.
    Recommendation: To ensure the effective management of software licenses, the Secretary of Health and Human Services should employ a centralized software license management approach that is coordinated and integrated with key personnel for the majority of agency software license spending and/or enterprise-wide licenses.

    Agency: Department of Health and Human Services
    Status: Open

    Comments: The Department of Health and Human Services (HHS) neither agreed nor disagreed with this recommendation. We have requested documentation regarding implementation of this recommendation, and as of July 2017, are awaiting a response. We will follow up with HHS to obtain supporting documentation and continue monitoring its progress in implementing this recommendation.
    Recommendation: To ensure the effective management of software licenses, the Secretary of Health and Human Services should establish a comprehensive inventory of software licenses using automated tools for the majority of agency software license spending and/or enterprise-wide licenses.

    Agency: Department of Health and Human Services
    Status: Open

    Comments: The Department of Health and Human Services (HHS) neither agreed nor disagreed with this recommendation. We have requested documentation regarding implementation of this recommendation, and as of July 2017, are awaiting a response. We will follow up with HHS to obtain supporting documentation and continue monitoring its progress in implementing this recommendation.
    Recommendation: To ensure the effective management of software licenses, the Secretary of Health and Human Services should regularly track and maintain a comprehensive inventory of software licenses using automated tools and metrics

    Agency: Department of Health and Human Services
    Status: Open

    Comments: The Department of Health and Human Services (HHS) neither agreed nor disagreed with this recommendation. We have requested documentation regarding implementation of this recommendation, and as of July 2017, are awaiting a response. We will follow up with HHS to obtain supporting documentation and continue monitoring its progress in implementing this recommendation.
    Recommendation: To ensure the effective management of software licenses, the Secretary of Health and Human Services should analyze agency-wide software license data, such as costs, benefits, usage, and trending data, to identify opportunities to reduce costs and better inform investment decision making.

    Agency: Department of Health and Human Services
    Status: Open

    Comments: The Department of Health and Human Services (HHS) neither agreed nor disagreed with this recommendation. We have requested documentation regarding implementation of this recommendation, and as of July 2017, are awaiting a response. We will follow up with HHS to obtain supporting documentation and continue monitoring its progress in implementing this recommendation.
    Recommendation: To ensure the effective management of software licenses, the Secretary of Health and Human Services should provide software license management training to appropriate agency personnel addressing contract terms and conditions, negotiations, laws and regulations, acquisition, security planning, and configuration management.

    Agency: Department of Health and Human Services
    Status: Open

    Comments: The Department of Health and Human Services (HHS) neither agreed nor disagreed with this recommendation. We have requested documentation regarding implementation of this recommendation, and as of July 2017, are awaiting a response. We will follow up with HHS to obtain supporting documentation and continue monitoring its progress in implementing this recommendation.
    Recommendation: To ensure the effective management of software licenses, the Secretary of Homeland Security should employ a centralized software license management approach that is coordinated and integrated with key personnel for the majority of agency software license spending and/or enterprise-wide licenses.

    Agency: Department of Homeland Security
    Status: Open

    Comments: In June 2017, the Department of Homeland Security (DHS) reported that it is in the process of implementing the Continuous Diagnostics and Mitigation (CDM) tool that enables industry best practices and standards for software license management. DHS also reported that the CDM implementation will facilitate normalization efforts across DHS by defining common software license and maintenance requirements. We will follow up with the agency to obtain supporting documents and continue to monitor its progress in implementing this recommendation.
    Recommendation: To ensure the effective management of software licenses, the Secretary of Homeland Security should establish a comprehensive inventory of software licenses using automated tools for the majority of agency software license spending and/or enterprise-wide licenses.

    Agency: Department of Homeland Security
    Status: Open

    Comments: In June 2017, the Department of Homeland Security (DHS) reported that it is in the process of implementing the Continuous Diagnostics and Mitigation (CDM) tool that enables industry best practices and standards for software license management. DHS also reported that the CDM implementation will provide DHS with an automated capability for IT hardware and software asset discovery; IT asset inventory tracking; software inventory normalization; software license optimization; data sharing capabilities, and thus ensure full compliance with the requirement to maintain a continual agency-wide inventory of software licenses. We will follow up with the agency to obtain supporting documents and continue to monitor its progress in implementing this recommendation.
    Recommendation: To ensure the effective management of software licenses, the Secretary of Homeland Security should regularly track and maintain a comprehensive inventory of software licenses using automated tools and metrics.

    Agency: Department of Homeland Security
    Status: Open

    Comments: In June 2017, the Department of Homeland security (DHS) reported that it is in the process of implementing the Continuous Diagnostics and Mitigation (CDM) tool that enables industry best practices and standards for software license management. DHS also reported that the tracking of software assets and inventory will be implemented as CDM is rolled out to each DHS Component. We will follow up with the agency to obtain supporting documents and continue to monitor its progress in implementing this recommendation.
    Recommendation: To ensure the effective management of software licenses, the Secretary of Homeland Security should analyze agency-wide software license data, such as costs, benefits, usage, and trending data, to identify opportunities to reduce costs and better inform investment decision making.

    Agency: Department of Homeland Security
    Status: Open

    Comments: In June 2017, the Department of Homeland Security (DHS) reported that it is in the process of implementing the Continuous Diagnostics and Mitigation (CDM) tool that enables industry best practices and standards for software license management. DHS also reported that CDM tracking of software assets and inventory will be implemented as CDM is rolled out to each DHS Component. The CDM tool will provide DHS with an automated capability for IT hardware and software asset discovery; IT asset inventory tracking; software inventory normalization; software license optimization; data sharing capabilities, and thus ensure full compliance with the requirement to maintain a continual agency-wide inventory of software licenses, including all licenses purchased, deployed, and in use, as well as spending on subscription services. As this data is captured the DHS OCIO, OSDO will analyze the software license data to track cost, usage, benefits to establish spending data that allows to the Department to perform trend analysis. We will follow up with the agency to obtain supporting documents and continue to monitor its progress in implementing this recommendation.
    Recommendation: To ensure the effective management of software licenses, the Secretary of Housing and Urban Development should develop an agency-wide comprehensive policy for the management of software licenses that addresses the weaknesses we identified

    Agency: Department of Housing and Urban Development
    Status: Open

    Comments: In written comments to our report, HUD agreed to take executive actions to address our recommendation and noted steps the agency plans to take. In its May 2017 update, HUD stated that the department developed a draft policy that will implement policies and responsibilities for managing software licenses and a software license consolidation plan to enable maintenance and enforcement of the software license management policy. In addition, the department reported that it appointed a software license manager who is the single point of contact for software license management. According to HUD, the targeted completion for implementing this recommendation is the first quarter of 2018. We will follow-up with the Department to obtain supporting documentation and continue to monitor its progress in implementing this recommendation.
    Recommendation: To ensure the effective management of software licenses, the Secretary of Housing and Urban Development should regularly track and maintain a comprehensive inventory of software licenses using automated tools and metrics.

    Agency: Department of Housing and Urban Development
    Status: Open

    Comments: In May 2017, HUD reported that its Office of the Chief information Officer (CIO) has achieved full operational capability for the agency's Federal Asset Management Enterprise System (FAMES) and began to populate the FAMES with information on the agency's software assets in January 2017. However, HUD noted that it still needs to implement and test the PRISM interface with the FAMES which the agency expects to be completed by the end of fiscal year 2017. We will follow-up with the department to obtain supporting documentation and continue to monitor its progress in implementing this recommendation.
    Recommendation: To ensure the effective management of software licenses, the Secretary of Housing and Urban Development should analyze agency-wide software license data, such as costs, benefits, usage, and trending data, to identify opportunities to reduce costs and better inform investment decision making.

    Agency: Department of Housing and Urban Development
    Status: Open

    Comments: In written comments to our report, HUD agreed to take executive actions to address our recommendation. In its May 2017 update, HUD reported on actions taken to implement this recommendation including the development of a GAP analysis to support acquisition and deployment of an automated software license management capability. According to HUD, this capability will provide the CIO with the data necessary to identify opportunities to reduce cost, implement IT commodity-consolidated acquisitions and buy licenses in bulk. We will follow-up with the department to obtain supporting documentation and continue to monitor its progress in implementing this recommendation.
    Recommendation: To ensure the effective management of software licenses, the Secretary of Housing and Urban Development should provide software license management training to appropriate agency personnel addressing contract terms and conditions, negotiations, laws and regulations, acquisition, security planning, and configuration management.

    Agency: Department of Housing and Urban Development
    Status: Open

    Comments: In written comments to our report, HUD agreed to take executive actions to address our recommendation and noted steps the agency plans to take. In May 2017, HUD reported that the agency has worked with the Department of Defense (DOD) to offer DOD Enterprise Software Initiative (ESI) sponsored software license management training to staff and continues to work with peer agencies to identify opportunities to access required software management skills and other required training. HUD reported that its target completion for addressing this recommendation is the first quarter of 2018. We will follow-up with the department to obtain supporting documentation and continue to monitor its progress in implementing this recommendation.
    Recommendation: To ensure the effective management of software licenses, the Secretary of the Interior should develop an agency-wide comprehensive policy for the management of software licenses that addresses the weaknesses we identified.

    Agency: Department of the Interior
    Status: Open

    Comments: The Department of Interior (DOI) agreed with this recommendation. In March 2017, DOI reported that the department has drafted a comprehensive policy that is comprised of the core elements of software management. We plan to follow up with the agency to obtain supporting documents and continue to monitor its progress in implementing this recommendation.
    Recommendation: To ensure the effective management of software licenses, the Secretary of the Interior should employ a centralized software license management approach that is coordinated and integrated with key personnel for the majority of agency software license spending and/or enterprise-wide licenses.

    Agency: Department of the Interior
    Status: Open

    Comments: In March 2017, DOI reported that the department is working on a comprehensive management approach for accounting for and managing IT Software Assets, and that this approach includes roles and responsibilities. We plan to follow up with the agency to obtain supporting documents and continue to monitor its progress in implementing this recommendation.
    Recommendation: To ensure the effective management of software licenses, the Secretary of the Interior should establish a comprehensive inventory of software licenses using automated tools for the majority of agency software license spending and/or enterprise-wide licenses.

    Agency: Department of the Interior
    Status: Open

    Comments: In written comments to our report, the Department of Interior (DOI) concurred with our recommendation. In March 2017, DOI reported that the department was working on a comprehensive management approach for accounting for and managing IT Software Assets. We plan to follow up with the agency to obtain supporting documents and continue to monitor its progress in implementing this recommendation.
    Recommendation: To ensure the effective management of software licenses, the Secretary of the Interior should regularly track and maintain a comprehensive inventory of software licenses using automated tools and metrics.

    Agency: Department of the Interior
    Status: Open

    Comments: In written comments to our report, the Department of Interior concurred with our recommendation. In March 2017, DOI reported that the department was working on a comprehensive management approach for accounting for and managing IT Software Assets. We plan to follow up with the agency to obtain supporting documents and continue to monitor its progress in implementing this recommendation.
    Recommendation: To ensure the effective management of software licenses, the Secretary of the Interior should analyze agency-wide software license data, such as costs, benefits, usage, and trending data, to identify opportunities to reduce costs and better inform investment decision making

    Agency: Department of the Interior
    Status: Open

    Comments: In written comments to our report, the Department of Interior concurred with our recommendation. In March 2017, DOI reported that the department is working on a comprehensive management approach for accounting for and managing IT Software Assets. We plan to follow up with the agency to obtain supporting documents and continue to monitor its progress in implementing this recommendation.
    Recommendation: To ensure the effective management of software licenses, the Secretary of the Interior should provide software license management training to appropriate agency personnel addressing contract terms and conditions, negotiations, laws and regulations, acquisition, security planning, and configuration management.

    Agency: Department of the Interior
    Status: Open

    Comments: In written comments to our report, the Department of Interior partially concurred with our recommendation to provide software license management training to appropriate agency personnel addressing contract terms and conditions, negotiations, laws and regulations, acquisition, security planning, and configuration management. In March 2017, DOI reported that the department DOI does and will continue to provide software license management training to agency personnel on contract terms and conditions, negotiations, laws and regulations, acquisition, security planning, and configuration management as appropriate. We will follow-up with the department to obtain supporting documentation.
    Recommendation: To ensure the effective management of software licenses, the Secretary of Justice should develop an agency-wide comprehensive policy for the management of software licenses that addresses the weaknesses we identified.

    Agency: Department of Justice
    Status: Open

    Comments: In its June 2015 statement of actions to address our recommendations, the Department of Justice reported that it was pursuing a number of initiatives focused on improving Software License management. We contacted the department in July 2017 and are awaiting a response on the current status of efforts to implement this recommendation. We will continue to evaluate the agency's progress in implementing this recommendation.
    Recommendation: To ensure the effective management of software licenses, the Secretary of Justice should employ a centralized software license management approach that is coordinated and integrated with key personnel for the majority of agency software license spending and/or enterprise-wide licenses.

    Agency: Department of Justice
    Status: Open

    Comments: The Department reported in June 2015 that it has taken initial steps to address our recommendations. For example, it reported using technology tools to pull software data being used within the infrastructure and to identify what software is not being used. We contacted the department in July 2017 and are awaiting a response on the current status of efforts to implement this recommendation. We will continue to evaluate the agency's progress in implementing this recommendation.
    Recommendation: To ensure the effective management of software licenses, the Secretary of Justice should establish a comprehensive inventory of software licenses using automated tools for the majority of agency software license spending and/or enterprise-wide licenses.

    Agency: Department of Justice
    Status: Open

    Comments: The Department in June 2015 reported that it has initiated steps to establish a comprehensive inventory of software licenses by using automated tools. We contacted the department in July 2017 and are awaiting a response on the current status of efforts to implement this recommendation. We will continue to evaluate the agency's progress in implementing this recommendation.
    Recommendation: To ensure the effective management of software licenses, the Secretary of Justice should regularly track and maintain a comprehensive inventory of software licenses using automated tools and metrics.

    Agency: Department of Justice
    Status: Open

    Comments: The Department has taken initial steps to regularly track and maintain a comprehensive inventory of software licenses. For example, the Department reported in June 2015, that it is managing a comprehensive inventory for major suppliers and exploring enterprise agreements with key suppliers to ensure compliance. We contacted the department in July 2017 and are awaiting a response on the current status of efforts to implement this recommendation. We will continue to evaluate the agency's progress in implementing this recommendation.
    Recommendation: To ensure the effective management of software licenses, the Secretary of Justice should analyze agency-wide software license data, such as costs, benefits, usage, and trending data, to identify opportunities to reduce costs and better inform investment decision making.

    Agency: Department of Justice
    Status: Open

    Comments: The Department reported in June 2015 that it has taken initial steps to analyze agency-wide software license data by providing better governance of software utilization to derive cost savings and by developing Enterprise License Agreements to achieve savings from processes across the components. We contacted the department in July 2017 and are awaiting a response on the current status of efforts to implement this recommendation. We will continue to evaluate the agency's progress in implementing this recommendation.
    Recommendation: To ensure the effective management of software licenses, the Secretary of Justice should provide software license management training to appropriate agency personnel addressing contract terms and conditions, negotiations, laws and regulations, acquisition, security planning, and configuration management.

    Agency: Department of Justice
    Status: Open

    Comments: The Department reported in June 2015 that it has taken initial steps to provide training to appropriate agency personnel. For example, in the department's Vendor Management Calls they provide training on processes and the use of tools, including contract terms, negotiations, laws and regulations, acquisition, security planning and configuration management. We contacted the department in July 2017 and are awaiting a response on the current status of efforts to implement this recommendation. We will continue to evaluate the agency's progress in implementing this recommendation.
    Recommendation: To ensure the effective management of software licenses, the Secretary of Labor should establish a comprehensive inventory of software licenses using automated tools for the majority of agency software license spending and/or enterprise-wide licenses.

    Agency: Department of Labor
    Status: Open

    Comments: In June 2017, the Department of Labor (DOL) reported that it plans to continue researching for an automated tool to identify, track and maintain the agency's software license inventory. We will continue to monitor its progress in implementing this recommendation.
    Recommendation: To ensure the effective management of software licenses, the Secretary of Labor should regularly track and maintain a comprehensive inventory of software licenses using automated tools and metrics.

    Agency: Department of Labor
    Status: Open

    Comments: In June 2017, the Department of Labor (DOL) reported that it plans to continue researching for an automated tool to identify, track and maintain the agency's software license inventory. We will continue to monitor its progress in implementing this recommendation
    Recommendation: To ensure the effective management of software licenses, the Secretary of Labor should analyze agency-wide software license data, such as costs, benefits, usage, and trending data, to identify opportunities to reduce costs and better inform investment decision making.

    Agency: Department of Labor
    Status: Open

    Comments: In June 2017, the Department of Labor (DOL) reported that it was planning to assemble a cross-functional team before the end of fiscal year 2017 to evaluate solutions and tools for automated software management and to identify opportunities for enterprise-wide software agreements. We will continue to monitor its progress in implementing this recommendation.
    Recommendation: To ensure the effective management of software licenses, the Secretary of Labor should provide software license management training to appropriate agency personnel addressing contract terms and conditions, negotiations, laws and regulations, acquisition, security planning, and configuration management.

    Agency: Department of Labor
    Status: Open

    Comments: In June 2016, the Department of Labor reported that it now has one individual certified in software management and intends to provide training to additional staff over the next year. In June 2017, Labor reported on progress in implementing this recommendation. Specifically, Labor noted that it has two additional personnel with configuration management and software library certifications to help ensure effective management of software licenses. We will continue to monitor its progress in providing appropriate agency personnel with sufficient training on managing software licenses.
    Recommendation: To ensure the effective management of software licenses, the Secretary of State should develop an agency-wide comprehensive policy for the management of software licenses that addresses the weaknesses we identified.

    Agency: Department of State
    Status: Open

    Comments: The Department of State concurred with our recommendation. In July 2017, the department reported that its existing department policy identifies a single office within the department for managing the enterprise software licensing agreements. However, the department did not provide evidence that it addressed the weaknesses identified in our report including policies establishing a comprehensive inventory, analyses of software license data, training on management of software licenses, goals and objectives, and consideration of the software license life-cycle phases. We will follow-up with the agency to obtain supporting documents and continue to monitor its progress in implementing this recommendation.
    Recommendation: To ensure the effective management of software licenses, the Secretary of State should employ a centralized software license management approach that is coordinated and integrated with key personnel for the majority of agency software license spending and/or enterprise-wide licenses.

    Agency: Department of State
    Status: Open

    Comments: The Department of State concurred with our recommendation. In July 2017, the department reported that existing policy identifies roles and responsibilities for key stakeholders in the acquisition of software including the CIO and systems owners. However, the department did not provided evidence that it addressed the weaknesses identified in our report including employing a centralized management approach to the software licenses that had been managed on a bureau by bureau basis. We will follow-up with the agency to obtain supporting documents and continue to monitor its progress in implementing this recommendation.
    Recommendation: To ensure the effective management of software licenses, the Secretary of State should establish a comprehensive inventory of software licenses using automated tools for the majority of agency software license spending and/or enterprise-wide licenses.

    Agency: Department of State
    Status: Open

    Comments: The Department of State concurred with, and has taken steps to implement our recommendation. In July 2017, the department reported that it currently has insight into procurement information as well as a broad range of software inventory information available via the department's current network monitoring toolset and purchasing system. In addition, the department stated that it is in the process of implementing the Continuous Diagnostics and Mitigation (CDM) initiative spearheaded by the Department of Homeland Security. According to the department, the CDM is expected to provide an improved, more consolidated, user-friendly, and actionable view into software license data on its network. We will continue to monitor the department's progress in implementing this recommendation.
    Recommendation: To ensure the effective management of software licenses, the Secretary of State should regularly track and maintain a comprehensive inventory of software licenses using automated tools and metrics.

    Agency: Department of State
    Status: Open

    Comments: The Department of State concurred with, and has taken steps to implement our recommendation. In July 2017, the department reported that it currently has insight into procurement information as well as a broad range of software inventory information available via the department's current network monitoring toolset and purchasing system. In addition, the department stated that it is in the process of implementing the Continuous Diagnostics and Mitigation (CDM) which is expected to become the department's automated tool to track its software inventory. We will continue to monitor the department's progress in implementing this recommendation.
    Recommendation: To ensure the effective management of software licenses, the Secretary of State should analyze agency-wide software license data, such as costs, benefits, usage, and trending data, to identify opportunities to reduce costs and better inform investment decision making.

    Agency: Department of State
    Status: Open

    Comments: The Department of State concurred with, and has taken steps to implement our recommendation. In July 2017, the department reported that it currently conducts software licenses analysis on a contract-by-contract basis, with a focus on the highest-dollar contracts. In addition, the department stated that the implementation of Continuous Diagnostics and Mitigation (CDM) automated tool is expected to provide a baseline of inventory, usage, and trending data that combined with our acquisition insight will permit decision makers to identify opportunities for future centralized, enterprise agreements. We will continue to monitor the department's progress in implementing this recommendation.
    Recommendation: To ensure the effective management of software licenses, the Secretary of State should provide software license management training to appropriate agency personnel addressing contract terms and conditions, negotiations, laws and regulations, acquisition, security planning, and configuration management.

    Agency: Department of State
    Status: Open

    Comments: The Department of State concurred with, and has taken steps to implement our recommendation. In July 2017, the department reported that it has provided software license management training to the agency's Information Resource Management and acquisition personnel and that the agency plans to provide more relevant software license training in the future. We will follow-up with the agency to obtain supporting documents and continue to monitor its progress in implementing this recommendation.
    Recommendation: To ensure the effective management of software licenses, the Secretary of Transportation should develop an agency-wide comprehensive policy for the management of software licenses that addresses the weaknesses we identified.

    Agency: Department of Transportation
    Status: Open

    Comments: In February 2017, DOT stated that it has developed a policy addressing components of centralized management and management of software licenses through the entire life cycle. In addition, DOT updated its policy to address regularly tracking licenses using automated tools, analyzing license data to inform investment decision making, providing license management training to personnel, and establishing goals and objectives of the program. However, while DOT's Order 1351.21 states that each Enterprise License Agreement will be accompanied by a licensed management portal to provide department-wide transparency on how many licenses are available and when licenses need to be renewed, the policy did not include details on procedures for establishing a comprehensive inventory by identifying and collecting information about software license agreements using automated discovery and inventory tools. We will follow up with the department to obtain evidence of the department-wide implementation of this recommendation.
    Recommendation: To ensure the effective management of software licenses, the Secretary of Transportation should establish a comprehensive inventory of software licenses using automated tools for the majority of agency software license spending and/or enterprise-wide licenses.

    Agency: Department of Transportation
    Status: Open

    Comments: In February 2017, DOT reported that the Federal Information Technology Acquisition Reform Act (FITARA) guidance requires the department to maintain a continual agency-wide inventory of software licenses. However, DOT did not provide evidence that it had established a comprehensive inventory of software licenses using automated tools for the majority of agency software license spending and/or enterprise-wide licenses. We will follow-up with the department to obtain evidence of the implementation of this recommendation.
    Recommendation: To ensure the effective management of software licenses, the Secretary of Transportation should regularly track and maintain a comprehensive inventory of software licenses using automated tools and metrics.

    Agency: Department of Transportation
    Status: Open

    Comments: In February 2017, the Department of Transportation (DOT) noted that it was following guidance under the Federal Information Technology Acquisition Reform Act (FITARA). However, DOT did not provide evidence that it is regularly tracing and maintaining a comprehensive inventory of software licenses. We will follow up with the department to obtain evidence of the department-wide implementation of this recommendation.
    Recommendation: To ensure the effective management of software licenses, the Secretary of Transportation should analyze agency-wide software license data, such as costs, benefits, usage, and trending data, to identify opportunities to reduce costs and better inform investment decision making.

    Agency: Department of Transportation
    Status: Open

    Comments: In February 2017, the Department of Transportation (DOT) noted that it was following guidance under the Federal Information Technology Acquisition Reform Act (FITARA). However, DOT did not provide evidence that it analyzes agency-wide software license data to identify opportunities to reduce cost and inform decisions. We will follow up with the department to obtain evidence of the department-wide implementation of this recommendation.
    Recommendation: To ensure the effective management of software licenses, the Secretary of Transportation should provide software license management training to appropriate agency personnel addressing contract terms and conditions, negotiations, laws and regulations, acquisition, security planning, and configuration management.

    Agency: Department of Transportation
    Status: Open

    Comments: In February 2017, the Department of Transportation (DOT) reported that its Office of the Chief Information Officer (OCIO) is piloting the Staff Training Education and Professional Development Program (STEP) for all OCIO employees. The courses cover areas such as contracting and negotiations, laws and regulations and security training. However, DOT reported that the training is not specific to software licensing, although elements of software management are covered in full through the offerings within the STEP program. We will follow up with the department to obtain evidence of the department-wide implementation of this recommendation.
    Recommendation: To ensure the effective management of software licenses, the Secretary of the Treasury should develop an agency-wide comprehensive policy for the management of software licenses that addresses the weaknesses we identified.

    Agency: Department of the Treasury
    Status: Open

    Comments: In its July 2016 statement on corrective actions to address our recommendations, Treasury reported that it continues to be dependent on the rollout of the Department of Homeland Security's Continuous Diagnostics and Mitigation (CDM) program. According to Treasury, once implemented the CDM capabilities will enhance the department's security posture and provide the department with capabilities for automatically collecting software and hardware inventories. Treasury stated that it will then work with its bureaus to develop common procedures, policies and capabilities for auditing and tracking software inventories. In March and September of 2017, we contacted the department and are awaiting a response on the status of efforts to implement this recommendation. We will follow-up with Treasury to monitor its progress in implementing this recommendation and obtain supporting documentation.
    Recommendation: To ensure the effective management of software licenses, the Secretary of the Treasury should employ a centralized software license management approach that is coordinated and integrated with key personnel for the majority of agency software license spending and/or enterprise-wide licenses.

    Agency: Department of the Treasury
    Status: Open

    Comments: In its July 2016 statement on corrective actions to address our recommendations, Treasury reported that it continues to be dependent on the rollout of the Department of Homeland Security's Continuous Diagnostics and Mitigation (CDM) program. According to Treasury, once implemented the CDM capabilities will enhance the department's security posture and provide the department with capabilities for automatically collecting software and hardware inventories. Treasury stated that it will then work with its bureaus to develop common procedures, policies and capabilities for auditing and tracking software inventories. In March and September of 2017, we contacted the department and are awaiting a response on the status of efforts to implement this recommendation. We will follow-up with Treasury to monitor its progress in implementing this recommendation and obtain supporting documentation.
    Recommendation: To ensure the effective management of software licenses, the Secretary of the Treasury should establish a comprehensive inventory of software licenses using automated tools for the majority of agency software license spending and/or enterprise-wide licenses.

    Agency: Department of the Treasury
    Status: Open

    Comments: In its July 2016 statement on corrective actions to address our recommendations, Treasury reported that it continues to be dependent on the rollout of the Department of Homeland Security's Continuous Diagnostics and Mitigation (CDM) program. According to Treasury, once implemented the CDM capabilities will enhance the department's security posture and provide the department with capabilities for automatically collecting software and hardware inventories. Treasury stated that it will then work with its bureaus to develop common procedures, policies and capabilities for auditing and tracking software inventories. In March and September of 2017, we contacted the department and are awaiting a response on the status of efforts to implement this recommendation. We will follow-up with Treasury to monitor its progress in implementing this recommendation and obtain supporting documentation.
    Recommendation: To ensure the effective management of software licenses, the Secretary of the Treasury should regularly track and maintain a comprehensive inventory of software licenses using automated tools and metrics.

    Agency: Department of the Treasury
    Status: Open

    Comments: In its July 2016 statement on corrective actions to address our recommendations, Treasury reported that it continues to be dependent on the rollout of the Department of Homeland Security's Continuous Diagnostics and Mitigation (CDM) program. According to Treasury, once implemented the CDM capabilities will enhance the department's security posture and provide the department with capabilities for automatically collecting software and hardware inventories. Treasury stated that it will then work with its bureaus to develop common procedures, policies and capabilities for auditing and tracking software inventories. In March and September of 2017, we contacted the department and are awaiting a response on the status of efforts to implement this recommendation. We will follow-up with Treasury to monitor its progress in implementing this recommendation and obtain supporting documentation.
    Recommendation: To ensure the effective management of software licenses, the Secretary of the Treasury should analyze agency-wide software license data, such as costs, benefits, usage, and trending data, to identify opportunities to reduce costs and better inform investment decision making.

    Agency: Department of the Treasury
    Status: Open

    Comments: In its July 2016 statement on corrective actions to address our recommendations, Treasury reported that it continues to be dependent on the rollout of the Department of Homeland Security's Continuous Diagnostics and Mitigation (CDM) program. According to Treasury, once implemented the CDM capabilities will enhance the department's security posture and provide t