Reports & Testimonies

  • GAO’s recommendations database contains report recommendations that still need to be addressed.

    GAO’s recommendations help congressional and agency leaders prepare for appropriations and oversight activities, as well as help improve government operations. Recommendations remain open until they are designated as Closed-implemented or Closed-not implemented. You can explore open recommendations by searching or browsing.

    GAO's priority recommendations are those that we believe warrant priority attention. We sent letters to the heads of key departments and agencies, urging them to continue focusing on these issues. These recommendations are labeled as such. You can find priority recommendations by searching or browsing our open recommendations below, or through our mobile app.

  • Browse Open Recommendations

    Explore priority recommendations by subject terms or browse by federal agency

    Search Open Recommendations

    Search for a specific priority recommendation by word or phrase



  • Governing on the go?

    Our Priorities for Policy Makers app makes it easier for leaders to search our recommendations on the go.

    See the November 10th Press Release


  • Have a Question about a Recommendation?

    • For questions about a specific recommendation, contact the person or office listed with the recommendation.
    • For general information about recommendations, contact GAO's Audit Policy and Quality Assurance office at (202) 512-6100 or apqa@gao.gov.
  • « Back to Results List Sort by   

    Results:

    Subject Term: "Federal facilities"

    33 publications with a total of 93 open recommendations including 8 priority recommendations
    Director: Seto J. Bagdoyan
    Phone: (202) 512-6722

    4 open recommendations
    Recommendation: The NIST Director should incorporate elements of key practices into the implementation of the Security Sprint action plans, by establishing a comprehensive communication strategy for employees; interim milestone dates; and measures to assess effectiveness. (Recommendation 1)

    Agency: Department of Commerce: National Institute of Standards and Technology
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: The Director of the Office of Security (OSY), in coordination with the NIST Director, should conduct an evaluation of the effectiveness of the current security management structure as compared to a consolidated security structure, centrally managed by OSY, to identify the most effective and feasible approach to physical security at NIST. (Recommendation 2)

    Agency: Department of Commerce: Office of Security
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: The Director of OSY should ensure that the draft Commerce risk management policy is finalized and implemented in accordance with the ISC's RMP Standard, by requiring the following: (1) Use and documentation of a sound risk assessment methodology that assesses the threats, vulnerabilities, and consequences for each of the undesirable events required by the RMP Standard, and use of these three factors to measure risk. (2) Documentation of key risk management decisions, such as justification and tenants' approval for facility security level (FSL) determinations, justification for deviation from baseline levels of risk or protection, as well as risk acceptance and consideration of alternative countermeasures. (3) Establishment of a facility security committee (FSC) at multitenant facilities and campuses, including locations such as the NIST Boulder campus. (4) ISC training for all OSY assessors and the individuals responsible for deciding to implement countermeasures and accepting risk. (Recommendation 3)

    Agency: Department of Commerce: Office of Security
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: The NIST Director should finalize and implement risk management policies and procedures, ensuring that they contain a formal coordination mechanism between OSY and NIST and are aligned with Commerce's revised risk management policy, particularly with regard to establishing FSCs. (Recommendation 4)

    Agency: Department of Commerce: National Institute of Standards and Technology
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Director: Jessica Farb
    Phone: (202) 512-6991

    2 open recommendations
    Recommendation: The Assistant Secretary of State for Diplomatic Security should take steps to ensure the implementation of revised standard operating procedures for collecting electronic ATA course and participant data. (Recommendation 1)

    Agency: Department of State
    Status: Open

    Comments: On August 28, 2017, having reviewed a draft version of GAO-17-704, State concurred with this recommendation and noted that ATA had revised its standard operating procedures for collecting data and shared the document with us. We will follow-up with ATA regarding steps taken to ensure the implementation of those procedures.
    Recommendation: The Assistant Secretary of State for Diplomatic Security should develop and implement a process to confirm and document whether future ATA participants return to their home countries following the completion of ATA training and, for any participants trained in the United States who do not, share relevant information with the Department of Homeland Security. (Recommendation 2)

    Agency: Department of State
    Status: Open

    Comments: On August 28, 2017, having reviewed a draft version of GAO-17-704, State concurred with this recommendation and stated that, by the end of the year, it will implement a process to ensure that participants sent to ATA training in the United States return to their home countries. We will follow-up with ATA regarding the implementation of such a process for participants sent to ATA training in the United States or other locations outside of their home countries.
    Director: Lori Rectanus
    Phone: (202) 512-2834

    7 open recommendations
    Recommendation: The Secretary of the Interior should direct the Director of the National Park Service to direct the U.S. Park Police to ensure that performance measures linked to program goals are included as part of its updated strategic plan and direct it to develop a timeline for completion of this plan.

    Agency: Department of the Interior
    Status: Open

    Comments: Interior concurred with this recommendation and said it would take steps to implement it. When we confirm what actions Interior has taken in response to this recommendation, we will provide updated information.
    Recommendation: The Secretary of the Interior should direct the Director of the National Park Service to direct the U.S. Park Police to seek additional input from federal entities with expertise regarding ways to enhance testing of its physical security program.

    Agency: Department of the Interior
    Status: Open

    Comments: Interior concurred with this recommendation and said it would take steps to implement it. When we confirm what actions Interior has taken in response to this recommendation, we will provide updated information.
    Recommendation: The Secretary of the Smithsonian Institution should direct the Office of Protection Services to develop program goals and ensure that performance measures linked to those goals are included as part of the strategic plan for security and develop a timeline for completion of this plan.

    Agency: Smithsonian Institution
    Status: Open

    Comments: The Smithsonian concurred with this recommendation and said it would take steps to implement it. When we confirm what actions the Smithsonian has taken in response to this recommendation, we will provide updated information.
    Recommendation: The Secretary of the Smithsonian Institution should direct the Office of Protection Services to seek additional input from federal entities with expertise regarding ways to enhance testing of the physical security program.

    Agency: Smithsonian Institution
    Status: Open

    Comments: The Smithsonian concurred with this recommendation and said it would take steps to implement it. When we confirm what actions the Smithsonian has taken in response to this recommendation, we will provide updated information.
    Recommendation: The Director of the National Gallery of Art should direct the Office of Protection Services to develop a process for documenting risk management decisions.

    Agency: National Gallery of Art
    Status: Open

    Comments: The National Gallery concurred with this recommendation and said it would take steps to implement it. When we confirm what actions the National Gallery has taken in response to this recommendation, we will provide updated information.
    Recommendation: The Director of the National Gallery of Art should direct the Office of Protection Services to ensure that program goals and performance measures linked to those goals are included as part of the master security plan and develop a timeline for completion of this plan.

    Agency: National Gallery of Art
    Status: Open

    Comments: The National Gallery concurred with this recommendation and said it would take steps to implement it. When we confirm what actions the National Gallery has taken in response to this recommendation, we will provide updated information.
    Recommendation: The Director of the National Gallery of Art should direct the Office of Protection Services to seek additional input from federal entities with expertise regarding ways to enhance testing of the physical security program.

    Agency: National Gallery of Art
    Status: Open

    Comments: The National Gallery concurred with this recommendation and said it would take steps to implement it. When we confirm what actions the National Gallery has taken in response to this recommendation, we will provide updated information.
    Director: Lori Rectanus
    Phone: (202) 512-2834

    4 open recommendations
    Recommendation: The Attorney General should instruct the Director of the Marshals Service to ensure that the improvements being made to the Marshals Service's information on the security concerns of individual buildings allow the Marshals Service to understand the concerns across the portfolio.

    Agency: Department of Justice
    Status: Open

    Comments: When we confirm what actions the Marshalls Service has taken in response to this recommendation, we will provide updated information.
    Recommendation: The Administrator of GSA and the Director of the AOUSC, on behalf of the Judicial Conference of the United States, in conjunction with the Marshals Service and FPS, should improve CSP documentation in order to improve transparency and collaboration in the CSP program.

    Agency: General Services Administration
    Status: Open

    Comments: When we confirm what actions GSA has taken in response to this recommendation, we will provide updated information.
    Recommendation: The Administrator of GSA and the Director of the AOUSC, on behalf of the Judicial Conference of the United States, in conjunction with the Marshals Service and FPS, should improve CSP documentation in order to improve transparency and collaboration in the CSP program.

    Agency: Administrative Office of the United States Courts
    Status: Open

    Comments: When we confirm what actions AOUSC has taken in response to this recommendation, we will provide updated information.
    Recommendation: The Administrator of GSA--in conjunction with AOUSC, the Marshals Service, and FPS--should establish a national-level working group or similar forum, consisting of leadership designees with decision-making authority, to meet regularly to address courthouse security issues.

    Agency: General Services Administration
    Status: Open

    Comments: When we confirm what actions GSA has taken in response to this recommendation, we will provide updated information.
    Director: Kathy King
    Phone: (202) 512-7114

    1 open recommendations
    including 1 priority recommendation
    Recommendation: To help ensure that quality care is provided to AI/AN people, as part of the implementation of its quality framework, the Secretary of HHS should direct the Director of IHS to ensure that agency-wide standards for the quality of care provided in its federally operated facilities are developed, that facility performance in meeting these standards is systematically monitored over time, and that enhancements are made to its adverse event reporting system.

    Agency: Department of Health and Human Services
    Status: Open
    Priority recommendation

    Comments: HHS agreed with our recommendation and cited steps it already has underway to improve the quality of care in IHS's federally-operated facilities. HHS described the development of the IHS Quality Framework and Implementation Plan released in November 2016. However, as of June 2017, IHS had not developed agency-wide standards for the quality of care provided in its federally operated facilities.
    Director: Anne-Marie Fennell
    Phone: (202) 512-3841

    1 open recommendations
    Recommendation: To ensure that the elements of the agency's process for making asset maintenance decisions are achieving desired outcomes, the Secretary of the Interior should direct the Director of the Park Service to evaluate the Capital Investment Strategy and its results to determine if it is achieving its intended outcomes or if changes need to be made.

    Agency: Department of the Interior
    Status: Open

    Comments: In its March 22, 2017 update, the Department of the Interior stated that they concur with this recommendation and will assign responsibility for developing and implementing corrective actions to the new Director of NPS upon his or her confirmation.
    Director: Shea, Rebecca
    Phone: (202) 512-2834

    1 open recommendations
    Recommendation: To enhance transparency and allow for more informed decision making related to VA's major medical facility leases, the Secretary of Veterans Affairs should annually assess how VA has benefited from flexibilities afforded by leasing its major medical facilities and use information from these assessments in its annual capital plans.

    Agency: Department of Veterans Affairs
    Status: Open

    Comments: On September 30, 2016, VA reported to GAO that as VA develops its fiscal year 2018 Budget Request to Congress, the Department will continue assessing the benefits of its major medical lease program and will include the related documentation in its capital budget request.
    Director: Diana C. Maurer
    Phone: (202) 512-9627

    4 open recommendations
    Recommendation: To help determine if pretrial diversion programs and practices are effectively contributing to the achievement of department goals and enhance DOJ's ability to better manage and encourage the use of such programs and practices, the Attorney General should identify, obtain, and track data on the outcomes and costs of pretrial diversion programs.

    Agency: Department of Justice
    Status: Open

    Comments: In providing comments on this report, DOJ concurred with this recommendation but has not yet taken any actions necessary to implement it.
    Recommendation: To help determine if pretrial diversion programs and practices are effectively contributing to the achievement of department goals and enhance DOJ's ability to better manage and encourage the use of such programs and practices, the Attorney General should develop performance measures by which to help assess program outcomes.

    Agency: Department of Justice
    Status: Open

    Comments: In providing comments on this report, DOJ concurred with this recommendation but has not yet taken any actions necessary to implement it.
    Recommendation: To determine how the use of RRCs and home confinement contribute to its goal of helping inmates successfully reenter society, and to better enable BOP to adjust its policies and procedures for the optimal use of these alternatives, as necessary and within statutory requirements, the Director of BOP should identify, obtain, and track data on the outcomes of the programs.

    Agency: Department of Justice: Bureau of Prisons
    Status: Open

    Comments: In providing comments on this report, DOJ concurred with this recommendation but has not yet taken any actions necessary to implement it.
    Recommendation: To determine how the use of RRCs and home confinement contribute to its goal of helping inmates successfully reenter society, and to better enable BOP to adjust its policies and procedures for the optimal use of these alternatives, as necessary and within statutory requirements, the Director of BOP should develop performance measures by which to help assess program outcomes.

    Agency: Department of Justice: Bureau of Prisons
    Status: Open

    Comments: In providing comments on this report, DOJ concurred with this recommendation but has not yet taken any actions necessary to implement it.
    Director: Maurer, Diana C
    Phone: (202) 512-8777

    2 open recommendations
    Recommendation: To ensure that costs savings estimates are reliable, the Director of the USMS should direct its Prisoner Operations Division to develop reliable methods for estimating cost savings and validating reported savings achieved.

    Agency: Department of Justice: United States Marshals Service
    Status: Open

    Comments: In May 2016, we reported on United States Marshals Service's (USMS) actions to reduce prisoner-related costs from fiscal years 2010 through 2015. During the course of our review, we found that while USMS implemented actions that it reports have continued to save prisoner-related costs, USMS's methods to determine savings for certain actions were not reliable. For example, USMS identified $375 million in savings from the alternatives to pre-trial detention program for fiscal years 2010 through 2015, but did not verify the data or methodology used to develop the estimate or provide documentation supporting its reported savings for fiscal years 2012 onward. Consequently, we recommended that USMS direct its prisoner operations division to develop reliable methods for estimating cost savings and validating reports savings achieved. USMS concurred with our recommendation. In July 2016, USMS provided more information about how it would address the recommendation by confirming that its future cost savings estimates would be consistent with OMB guidelines for conducting benefit-cost analyses and GAO-identified practices for assessing the reliability of computer-processed data. Aligning USMS estimates with these identified practices would better position the agency to assess the effectiveness of its cost savings efforts. As USMS develops such mechanisms, we will request and consider documentation and other evidence to determine that USMS has implemented this recommendation.
    Recommendation: To enable USMS to more consistently identify deficiencies and monitor corrective actions, the Director of the USMS should establish a mechanism to aggregate and analyze the results of annual district self-assessments.

    Agency: Department of Justice: United States Marshals Service
    Status: Open

    Comments: In May 2016, we reported on United States Marshals Service's (USMS) actions to design systems to help identify cost savings opportunities. During the course of our review, we found that USMS has designed several systems for identifying cost savings, including, for example, developing a strategic plan and guidance for district officials that reinforce policies to provide for the safe, secure, and cost-effective containment of its prisoners. In addition, USMS requires districts to conduct annual self-assessments of their procedures to identify any deficiencies which could lead to cost savings. However, USMS cannot aggregate and analyze the results of the assessments across districts. As a result, we recommended that USMS establish a mechanism to aggregate and analyze the results of annual district self-assessments. USMS concurred with our recommendation. In July 2016, USMS informed us that the agency will develop a method to aggregate and analyze the results of the annual district self-assessments. However, it has not provided information on its plans or timelines to implement the recommendation. As USMS develops such mechanisms, we will consider documentation and other evidence to determine that USMS has implemented this recommendation.
    Director: Brian Lepore
    Phone: (202) 512-4523

    4 open recommendations
    including 1 priority recommendation
    Recommendation: To improve DOD's ability to oversee its inventory of leased real property, aimed at improving the accuracy and completeness of data in RPAD, the Secretary of Defense should direct the Secretary of the Army to enforce DOD's Real Property Inventory (RPI) Reporting Guidance, which states that for multiple assets associated with a single lease, the military departments and WHS must provide a breakout of the annual rent plus other costs for each asset on the same lease, to avoid overstating costs associated with such leases.

    Agency: Department of Defense
    Status: Open

    Comments: DOD concurred with our recommendation that Secretary of the Army enforce DOD's Real Property Inventory (RPI) Reporting Guidance to break out the annual rent plus other costs for each asset on the same lease to avoid overstating the costs associated with such leases. As of October 2016, DOD has not completed any actions to implement this recommendation.
    Recommendation: To help reduce facility costs and reliance on leased space, the Secretary of Defense should direct the Secretaries of the military departments to require that their departments look for opportunities to relocate DOD organizations in leased space to installations that may have underutilized space due to force structure reductions or other indicators of potentially available space, where such relocation is cost-effective and does not interfere with the installation's ongoing military mission.

    Agency: Department of Defense
    Status: Open
    Priority recommendation

    Comments: DOD did not concur with our recommendation that the military departments look for opportunities to relocate DOD organizations in leased space onto installations that may have underutilized space. As of October 2016, DOD has not completed any actions to implement this recommendation.
    Recommendation: To improve DOD's ability to ensure that its leased facilities are secure, the Secretary of Defense should direct the Under Secretary of Defense (Intelligence) to request reports from the Federal Protective Service for all leased facilities on a periodic basis as determined necessary for oversight. At a minimum, the Under Secretary should request (1) the results of the assessments, (2) the date on which the last assessment was completed for each facility and the date for which the next scheduled assessment is planned, and (3) information on whether these dates meet the time frames established by Interagency Security Committee standards.

    Agency: Department of Defense
    Status: Open

    Comments: DOD concurred with our recommendation that DOD improve its ability to ensure that its leased facilities are secure and stated that it would collaborate with the Federal Protective Service to obtain the listing of the leased facilities the agency supports, monitor and provide oversight of the scheduling of the assessments, and review the results of the assessments. As of October 2016, DOD has not completed any actions to implement this recommendation.
    Recommendation: To improve DOD's ability to oversee its inventory of leased real property, aimed at improving the accuracy and completeness of data in RPAD, the Secretary of Defense should direct the Assistant Secretary of Defense (Energy, Installations and Environment) to modify the office's Real Property Information Model to include a data element to capture the square footage for each lease of space in a single building and also make a corresponding change to its Real Property Inventory (RPI) Reporting Guidance to require that the square footage for each individual lease be reported when multiple leases exist for a single building, to avoid overstating the total square footage assigned to each lease in RPAD.

    Agency: Department of Defense
    Status: Open

    Comments: DOD did not concur with our recommendation that the Assistant Secretary of Defense (Energy, Installations and Environment) modify the office's Real Property Information Model to include a new data element to capture the total square footage assigned to each individual lease when multiple leases exist for a single building and make a corresponding change to its guidance to avoid overstating the total square footage assigned to each lease in RPAD. As of October 2016, DOD has not completed any actions to implement this recommendation.
    Director: Debra A. Draper
    Phone: (202) 512-7114

    12 open recommendations
    Recommendation: The Secretaries of Veterans Affairs and Defense should collaborate to establish FHCC-specific selection criteria for the FHCC facility director and deputy director positions that include responsibilities and leadership competencies for effective collaboration.

    Agency: Department of Defense
    Status: Open

    Comments: We will update the status of this recommendation when we determine what steps the agency has taken to implement it.
    Recommendation: The Secretaries of Veterans Affairs and Defense should collaborate to establish FHCC-specific selection criteria for the FHCC facility director and deputy director positions that include responsibilities and leadership competencies for effective collaboration.

    Agency: Department of Veterans Affairs
    Status: Open

    Comments: We will update the status of this recommendation when we determine what steps the agency has taken to implement it.
    Recommendation: The Secretaries of Veterans Affairs and Defense should collaborate to ensure that the evaluation of the leadership performance at the FHCC is carried out jointly between VA and DOD.

    Agency: Department of Defense
    Status: Open

    Comments: We will update the status of this recommendation when we determine what steps the agency has taken to implement it.
    Recommendation: The Secretaries of Veterans Affairs and Defense should collaborate to ensure that the evaluation of the leadership performance at the FHCC is carried out jointly between VA and DOD.

    Agency: Department of Veterans Affairs
    Status: Open

    Comments: We will update the status of this recommendation when we determine what steps the agency has taken to implement it.
    Recommendation: The Secretaries of Veterans Affairs and Defense should collaborate to perform data-driven strategic workforce planning prior to implementing any future integration efforts.

    Agency: Department of Defense
    Status: Open

    Comments: We will update the status of this recommendation when we determine what steps the agency has taken to implement it.
    Recommendation: The Secretaries of Veterans Affairs and Defense should collaborate to perform data-driven strategic workforce planning prior to implementing any future integration efforts.

    Agency: Department of Veterans Affairs
    Status: Open

    Comments: We will update the status of this recommendation when we determine what steps the agency has taken to implement it.
    Recommendation: The Secretaries of Veterans Affairs and Defense should collaborate to determine how best to fill the FHCC's short-term staffing needs, including any additional statutory authorities that might be necessary to implement the desired approach.

    Agency: Department of Defense
    Status: Open

    Comments: We will update the status of this recommendation when we determine what steps the agency has taken to implement it.
    Recommendation: The Secretaries of Veterans Affairs and Defense should collaborate to determine how best to fill the FHCC's short-term staffing needs, including any additional statutory authorities that might be necessary to implement the desired approach.

    Agency: Department of Veterans Affairs
    Status: Open

    Comments: We will update the status of this recommendation when we determine what steps the agency has taken to implement it.
    Recommendation: The Secretaries of Veterans Affairs and Defense should collaborate to resolve differences in IT network security standards to the extent possible prior to implementing any future integration efforts.

    Agency: Department of Defense
    Status: Open

    Comments: We will update the status of this recommendation when we determine what steps the agency has taken to implement it.
    Recommendation: The Secretaries of Veterans Affairs and Defense should collaborate to resolve differences in IT network security standards to the extent possible prior to implementing any future integration efforts.

    Agency: Department of Veterans Affairs
    Status: Open

    Comments: We will update the status of this recommendation when we determine what steps the agency has taken to implement it.
    Recommendation: The Secretaries of Veterans Affairs and Defense should direct FHCC leadership to provide additional guidance on the patient priority system to all staff responsible for approving consults and ensure that the monthly capability and capacity reports include information on all categories of FHCC patients defined by the patient priority system.

    Agency: Department of Defense
    Status: Open

    Comments: We will update the status of this recommendation when we determine what steps the agency has taken to implement it.
    Recommendation: The Secretaries of Veterans Affairs and Defense should direct FHCC leadership to provide additional guidance on the patient priority system to all staff responsible for approving consults and ensure that the monthly capability and capacity reports include information on all categories of FHCC patients defined by the patient priority system.

    Agency: Department of Veterans Affairs
    Status: Open

    Comments: We will update the status of this recommendation when we determine what steps the agency has taken to implement it.
    Director: Brian J. Lepore
    Phone: (202) 512-4523

    1 open recommendations
    Recommendation: In order to improve the consistency of certain data submitted by the military services and defense agencies to the Office of the Secretary of Defense and reported in the Energy Report, the Secretary of Defense should direct the secretaries of the Army, Navy, and Air Force, the Commandant of the Marine Corps, the heads of the defense agencies, and the Assistant Secretary of Defense for Energy, Installations and Environment to work together to provide more consistent guidance to the installations, including clearly stating the energy reporting requirements for tenant and host facilities, energy projects, and end-of-fiscal-year data.

    Agency: Department of Defense
    Status: Open

    Comments: DOD concurred with our recommendation to provide more consistent guidance to the installations for the Energy Report. DOD stated that the Office of the Assistant Secretary of Defense for Energy, Installations, and Environment will work with the military services in fiscal year 2016 to provide more consistent guidance to military installations. In a September 2017 follow up, DOD stated that it has draft guidance in progress and is awaiting finalization. We will continue to follow up on the status of this recommendation.
    Director: Gregory C. Wilshusen
    Phone: (202) 512-6244

    1 open recommendations
    Recommendation: To better facilitate adoption of the NIST Framework for Improving Critical Infrastructure Cybersecurity, the Secretary of Homeland Security should direct officials responsible for the Critical Infrastructure Cyber Community Voluntary Program to develop metrics for measuring the effectiveness of efforts to promote and support the framework.

    Agency: Department of Homeland Security
    Status: Open

    Comments: In December 2016, DHS officials stated that they will continue to work with sector-specific agency partners and NIST to determine how to develop measurement activities and collect information on C3VP outreach and its effectiveness in promoting and supporting the Cybersecurity Framework. We will continue to monitor their efforts and verify whether implementation of metrics has occurred.
    Director: Lori Rectanus
    Phone: (202) 512-2834

    8 open recommendations
    Recommendation: Given the collaboration challenges that FPS and GSA face in protecting federal facilities, GAO is making four recommendations to the Secretary of Homeland Security and the Administrator of the General Services Administration. FPS and GSA headquarters officials should establish a plan with timeframes for reaching agreement on a joint strategy and finalizing it in order to define and articulate a common understanding of expected outcomes and align the two agencies' activities and core processes to achieve their related missions.

    Agency: Department of Homeland Security
    Status: Open

    Comments: As of September 2017, FPS reported that it will begin the process for completing a joint strategy for federal security once its memorandum of agreement with the General Services Administration is updated and signed.
    Recommendation: Given the collaboration challenges that FPS and GSA face in protecting federal facilities, GAO is making four recommendations to the Secretary of Homeland Security and the Administrator of the General Services Administration. FPS and GSA headquarters officials should establish a plan with timeframes for reaching agreement on a joint strategy and finalizing it in order to define and articulate a common understanding of expected outcomes and align the two agencies' activities and core processes to achieve their related missions.

    Agency: General Services Administration
    Status: Open

    Comments: As of September 2017, GSA reported that until FPS works with GSA specifically on the joint strategy, no final document will be released.
    Recommendation: Given the collaboration challenges that FPS and GSA face in protecting federal facilities, GAO is making four recommendations to the Secretary of Homeland Security and the Administrator of the General Services Administration. FPS and GSA headquarters officials should establish a plan with timeframes for reaching agreement on the two agencies' respective roles and responsibilities for federal facility security, and update and finalize the two agencies' MOA accordingly.

    Agency: Department of Homeland Security
    Status: Open

    Comments: As of September 2017, FPS reported that it is working internally to prepare the memorandum of agreement for review and signature by the FPS Director, pending no additional changes are required to the document.
    Recommendation: Given the collaboration challenges that FPS and GSA face in protecting federal facilities, GAO is making four recommendations to the Secretary of Homeland Security and the Administrator of the General Services Administration. FPS and GSA headquarters officials should establish a plan with timeframes for reaching agreement on the two agencies' respective roles and responsibilities for federal facility security, and update and finalize the two agencies' MOA accordingly.

    Agency: General Services Administration
    Status: Open

    Comments: As of September 2017, GSA reported sending a final MOA draft to FPS in December 2015 and stated that it hopes to have a signed MOA by both agencies when leadership is in place.
    Recommendation: Given the collaboration challenges that FPS and GSA face in protecting federal facilities, GAO is making four recommendations to the Secretary of Homeland Security and the Administrator of the General Services Administration. FPS and GSA headquarters officials should develop a process to ensure that compatible policies and procedures, including those for information sharing, are communicated at the regional level so that regional officials at both agencies have common information on how to operationalize the two agencies' collaborative efforts.

    Agency: Department of Homeland Security
    Status: Open

    Comments: As of September 2017, FPS reported that it will begin the process for the issuance of a joint field guidance for working with the General Services Administration (GSA) once its memorandum of agreement with GSA is updated and signed.
    Recommendation: Given the collaboration challenges that FPS and GSA face in protecting federal facilities, GAO is making four recommendations to the Secretary of Homeland Security and the Administrator of the General Services Administration. FPS and GSA headquarters officials should develop a process to ensure that compatible policies and procedures, including those for information sharing, are communicated at the regional level so that regional officials at both agencies have common information on how to operationalize the two agencies' collaborative efforts.

    Agency: General Services Administration
    Status: Open

    Comments: As of September 2017, GSA reported developing and releasing "GSA Order 1000.1 Document Security for Handling Facility Security Assessments" to ensure that when GSA receives a Facility Security Assessment from FPS, it will be handled in a consistent, appropriate manner.
    Recommendation: Given the collaboration challenges that FPS and GSA face in protecting federal facilities, GAO is making four recommendations to the Secretary of Homeland Security and the Administrator of the General Services Administration. FPS and GSA headquarters officials should develop mechanisms to monitor, evaluate, and report on their collaborative efforts to protect federal facilities in order to identify possible areas for improvement and to reinforce accountability.

    Agency: Department of Homeland Security
    Status: Open

    Comments: As of September 2017, FPS reported that it will begin the process for the appointment of an FPS-GSA Liaison once its memorandum of agreement with GSA is updated and signed.
    Recommendation: Given the collaboration challenges that FPS and GSA face in protecting federal facilities, GAO is making four recommendations to the Secretary of Homeland Security and the Administrator of the General Services Administration. FPS and GSA headquarters officials should develop mechanisms to monitor, evaluate, and report on their collaborative efforts to protect federal facilities in order to identify possible areas for improvement and to reinforce accountability.

    Agency: General Services Administration
    Status: Open

    Comments: As of September 2017, GSA reported that the updated MOA will cover this recommendation once signed.
    Director: David Wise
    Phone: (202) 512-2834

    1 open recommendations
    Recommendation: The Administrator of the General Services Administration should develop a legislative proposal to enhance accountability for government-wide implementation of the Act. GSA should consider including the following in its proposal: (1) establishing authorities for a single agency to monitor and enforce implementation of the Act; (2) establishing agency responsibilities for reporting progress on implementation of the Act; (3) establishing agency responsibilities for assessing employee skill levels related to the Act and identifying training that allows employees to develop and retain skills required by the Act; and (4) establishing an interagency group to further government-wide collaboration on implementation of the Act.

    Agency: General Services Administration
    Status: Open

    Comments: In response to our recommendation, GSA agreed to work with other agencies to evaluate whether additional legislative changes would improve the speed and efficiency of implementation. In October 2017, GSA informed us they intend to submit a legislative proposal to Congress as part of the FY 2019 budget process. We will continue to monitor GSA actions.
    Director: Valerie C. Melvin
    Phone: (202) 512-6304

    2 open recommendations
    Recommendation: To improve the oversight of states' marketplace IT projects, the Secretary of Health and Human Services should direct the Administrator of the Centers for Medicare & Medicaid Services to ensure that all CMS senior executives from IT and business units who are involved in the establishment of state marketplace IT projects review and approve funding decisions for these projects.

    Agency: Department of Health and Human Services
    Status: Open

    Comments: In 2015, Department of Health and Human Services (HHS) Centers for Medicare and Medicaid Services (CMS) concurred with the recommendation. The department, in its agency comments, stated that it already included senior executives in its funding decisions for these projects. However, as noted in our report, CMS did not provide evidence that key senior executives from CCIIO, CMCS, and OTS were involved in various funding decisions associated with the states' IT projects. For example, CMS did not demonstrate that senior-level executives from all relevant business and IT units were involved in the initial approval of grant awards or the release of restricted IT funds from marketplace grants as states progressed with their projects. In addition, CMS did not provide evidence of senior executive involvement in the approval of Medicaid funds for marketplace IT projects. Furthermore, as of March 10, 2017, CMS still had not provided evidence that it had taken such actions to support the implementation of this recommendation. By ensuring such executive involvement, CMS would increase accountability for decisions to fund states' IT projects and ensure that these decisions are well informed in order to make efficient use of federal funds.
    Recommendation: To improve the oversight of states' marketplace IT projects, the Secretary of Health and Human Services should direct the Administrator of the Centers for Medicare & Medicaid Services to ensure that states have completed all testing of marketplace system functions prior to releasing them into operation.

    Agency: Department of Health and Human Services
    Status: Open

    Comments: In 2015, Department of Health and Human Services (HHS) Centers for Medicare and Medicaid Services (CMS) concurred with the recommendation. The department noted that it would continue to follow its guidelines to determine if state marketplace system functions are ready for release. The department added that it would work closely with state-based marketplaces to improve their systems and verify that system requirements are met and fully tested before approving them for release into production. While CMS drafted guidance to update its process in June 2016, which required states to submit certain testing reports and supporting documentation, as of March 10, 2017, the agency had not provided evidence that it had determined that state systems had been sufficiently tested for release into operations.
    Director: John Neumann
    Phone: (202) 512-3841

    1 open recommendations
    Recommendation: To ensure full compliance with SBIR and STTR spending and reporting requirements, the SBA Administrator should assess the methodology reporting requirement to determine whether it generates adequate information for SBA to analyze the accuracy of agencies' calculations of their extramural R&D. If SBA finds that the information is inadequate, SBA should update its guidance to require adequate information.

    Agency: Small Business Administration
    Status: Open

    Comments: In April 2016, SBA proposed expanded guidance to agencies regarding their annual methodology reports in its update to the program policy directives. The proposed guidance required agencies to include an explanation of the calculation of the total extramural research or research and development, an itemization of excluded programs, and an explanation of why the program was excluded, as well as a review of the agency's compliance with the funding requirement for the prior fiscal year and a funding plan for the current fiscal year for how the agency plans to meet or exceed the year's expected minimum obligations requirement. However, according to SBA officials, in January 2017, the policy directive was withdrawn from the Office of Management and Budget and is under further internal consideration in light of a recent executive order. As of April 2017, SBA has not established a time frame for publication of the final policy directive.
    Director: Mark L. Goldstein
    Phone: (202) 512-2834

    1 open recommendations
    Recommendation: The Secretary of the Department of Homeland Security should direct FPS to develop and implement a strategy for using covert-testing data and data on prohibited items to improve FPS's security-screening efforts. The strategy should, at a minimum, aim to ensure that: (1) covert-testing data are used to systematically monitor, review, and improve performance nationwide; (2) covert-testing data are used to determine which testing scenarios will be implemented or reinstated; and (3) data on prohibited items are analyzed to determine the reasons for wide variations in the number of reported prohibited-items detected across buildings and to assist with managing the screening process and informing policy.

    Agency: Department of Homeland Security
    Status: Open

    Comments: As of June 2016, implementation of this recommendation was in process, according to the Federal Protective Service (FPS). FPS provided no additional information, but plans to update GAO in the coming weeks on the status of this and other open recommendations.
    Director: Mark L. Goldstein
    Phone: (202) 512-2834

    2 open recommendations
    including 1 priority recommendation
    Recommendation: The Secretary of Homeland Security, in consultation with GSA, should develop and implement a strategy to address cyber risk to building and access control systems that, among other things: (1) defines the problem; (2) identifies roles and responsibilities; (3) analyzes the resources needed; and (4) identifies a methodology for assessing this cyber risk.

    Agency: Department of Homeland Security
    Status: Open

    Comments: When we confirm what actions the Department has taken in response to this recommendation, we will provide updated information.
    Recommendation: The Administrator of the General Services Administration should assess the building and access control systems that it owns in FPS-protected facilities in a manner that is fully consistent with FISMA and its implementation guidelines.

    Agency: General Services Administration
    Status: Open
    Priority recommendation

    Comments: As of October 2016, GSA recently provided documentation about its assessments of the control systems that the agency owns in FPS-protected facilities. We are reviewing this information to determine whether GSA has implemented the recommendation.
    Director: David Wise
    Phone: (202) 512-2834

    1 open recommendations
    Recommendation: To enhance the transparency of the FRPP data and help GSA make more informed decisions regarding the planning, effective and efficient management, and disposal of civilian warehouse assets, in GSA's landlord role, which is performed by the Public Buildings Service, and as part of its efforts to address our 2012 recommendation to develop and publish a comprehensive 5-year capital plan, GSA should develop and implement a strategy specific to warehouses. This strategy should apply capital-planning leading practices, involving prioritization and long-term planning, to the warehouse portion of GSA's portfolio.

    Agency: General Services Administration
    Status: Open

    Comments: The General Services Administration (GSA) analyzed warehouse data and determined that the existing tools and processes are the most appropriate way to treat warehouses because these tools and processes consider warehouses within the context of local markets, client agencies, and GSA's short and long-term investment plans. However, GSA continues to lack a strategic approach to prioritize warehouses and make long-term, informed decisions about government warehouse space. Further, in light of GSA's aging warehouse inventory and agencies' modern-day storage needs, there is potentially a growing gap between what GSA can provide from the government's owned portfolio and what the tenant agencies require. Because the agency lacks a strategy focused on its warehouse portfolio, GSA may have limited ability to address this potentially growing gap as well as the unique challenges facing GSA's warehouse portfolio. Such a strategy would enable GSA and tenant agencies to prioritize their needs and take a long-term view of the warehouse inventory to support better informed decisions. We will follow-up with GSA regarding this recommendation, which is intended to enhance GSA's existing tools and processes, as they relate to warehouses.
    Director: Frank Rusco
    Phone: (202) 512-3841

    1 open recommendations
    Recommendation: To help achieve and sustain public acceptance for future spent nuclearfuel management efforts, the Secretary of the Department of Energy should develop and implement a coordinated outreach strategy for providing information to specific stakeholders and the general public on federal activities related to managing spent nuclear fuel.

    Agency: Department of Energy
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Director: John Neumann
    Phone: (202) 512-3841

    4 open recommendations
    Recommendation: To more effectively fulfill its expanded role in providing a clearinghouse of information on available federal technology transfer opportunities, the Chair of FLC, in coordination with the other members of the Executive Board, should work collaboratively with agency and lab members to take steps to better communicate with potential customers during the design and implementation of FLC's clearinghouse initiatives, including conducting customer needs assessments, conducting customer testing of current and future web-based initiatives, and collecting customer feedback on all FLC initiatives to make the initiatives more useful.

    Agency: Federal Laboratory Consortium for Technology Transfer
    Status: Open

    Comments: FLC has provided GAO with information on steps they are taking to address the recommendations in GAO-15-127. A number of these actions should be completed towards the end of 2016 after which we plan to request additional information from FLC.
    Recommendation: To more effectively fulfill its expanded role in providing a clearinghouse of information on available federal technology transfer opportunities, the Chair of FLC, in coordination with the other members of the Executive Board, once feedback is collected from potential customers, should work collaboratively with agency and lab members to use this feedback to improve FLC's initiatives to make them more useful to potential customers, including asking FLC members for additional or different information, as appropriate.

    Agency: Federal Laboratory Consortium for Technology Transfer
    Status: Open

    Comments: FLC has provided GAO with information on steps they are taking to address the recommendations in GAO-15-127. A number of these actions should be completed towards the end of 2016 after which we plan to request additional information from FLC.
    Recommendation: To more effectively fulfill its expanded role in providing a clearinghouse of information on available federal technology transfer opportunities, the Chair of FLC, in coordination with the other members of the Executive Board, should work collaboratively with agency and lab members to develop performance goals and measures for FLC's clearinghouse initiatives and use the results to evaluate progress toward meeting FLC's goals on outreach and networking.

    Agency: Federal Laboratory Consortium for Technology Transfer
    Status: Open

    Comments: FLC has provided GAO with information on steps they are taking to address the recommendations in GAO-15-127. A number of these actions should be completed towards the end of 2016 after which we plan to request additional information from FLC.
    Recommendation: To more effectively fulfill its expanded role in providing a clearinghouse of information on available federal technology transfer opportunities, the Chair of FLC, in coordination with the other members of the Executive Board, should report on FLC's progress in these efforts in its annual report to the President and Congress.

    Agency: Federal Laboratory Consortium for Technology Transfer
    Status: Open

    Comments: FLC has provided GAO with information on steps they are taking to address the recommendations in GAO-15-127. A number of these actions should be completed towards the end of 2016 after which we plan to request additional information from FLC.
    Director: Stephen Caldwell
    Phone: (202) 512-8777

    4 open recommendations
    Recommendation: Within DHS, to promote efficiency and harmonize the various assessments to advance security and resilience across the spectrum of CI in a manner consistent with the Homeland Security Act of 2002, PPD-21, and the NIPP, the Secretary of Homeland Security should direct the Under Secretary for the National Protection and Programs Directorate work with other DHS offices and components to develop and implement ways that DHS can facilitate data sharing and coordination of vulnerability assessments to minimize the risk of potential duplication or gaps in coverage.

    Agency: Department of Homeland Security
    Status: Open

    Comments: DHS has taken action in response to GAO's September 2014 recommendation to develop a department-wide process to facilitate data sharing and coordination among the various DHS components that conduct or require vulnerability assessments, but has not fully implemented the recommendation. DHS first reported to GAO in August 2015 that its Office of Infrastructure Protection (IP) and the Sector Outreach and Programs Division Innovation Center had formed a vulnerability assessment working group comprised of a variety of federal stakeholders, both within and outside DHS, to enhance overall integration and coordination of vulnerability assessment efforts. In December 2015, DHS stated that IP was conducting pilot projects to expand access to its IPGateway portal--IP's system that houses infrastructure data and identifies facilities that have been assessed by IP. In a July 2016 update, DHS reported that IP had reached agreement with DHS components to expand access to its IP Gateway portal to those partners as a means to share IP's vulnerability assessment information and help coordinate assessment visits and related activities. DHS also noted in its update that IP had begun providing access to IP Gateway to components within DHS but did not provide a date as to when that step would be complete. These are positive steps toward implementing a systematic and integrated approach for facilitating data sharing and coordination of vulnerability assessments throughout the department. However, developing a department-wide process to facilitate data sharing and coordination among the DHS offices and components that conduct or require vulnerability assessments would better enable DHS to minimize the risk of potential duplication and gaps by its offices and components in the vulnerability assessments they conduct. Because DHS is still in the process of completing these steps, the recommendation has not yet been fully implemented.
    Recommendation: Regarding SSAs and other federal departments or agencies external to DHS with CI security-related responsibilities that offer or conduct vulnerability assessment tools and methods and building on our recommendation that DHS review its own vulnerability assessments, the Secretary of Homeland Security should direct the Under Secretary for the National Protection and Programs Directorate to work with SSAs and other federal agencies that have CI security responsibilities to identify key CI security-related assessment tools and methods used or offered by SSAs and other federal agencies.

    Agency: Department of Homeland Security
    Status: Open

    Comments: As of September 2016, DHS has established a Cross-Sector Integration and Innovation Center in conjunction with the Office of Infrastructure Protection, and has designed, created, and launched a Cross-Agency Vulnerability Assessment Working Group portal on the Homeland Security Information Network-Critical Infrastructure (HSIN-CI). The Working Group, consisting of members from multiple departments and agencies, is collaborating to enhance the integration and coordination of vulnerability assessment efforts. This working group is intended to serve as an interagency forum to address several recommendations from GAO Report 14-507. However, the effort is ongoing and it is too early to determine if it will successfully address the recommendation.
    Recommendation: Regarding SSAs and other federal departments or agencies external to DHS with CI security-related responsibilities that offer or conduct vulnerability assessment tools and methods and building on our recommendation that DHS review its own vulnerability assessments, the Secretary of Homeland Security should direct the Under Secretary for the National Protection and Programs Directorate to work with SSAs and other federal agencies that have CI security responsibilities to analyze the key CI security-related assessment tools and methods offered by sector-specific agencies (SSA) and other federal agencies to determine the areas they capture.

    Agency: Department of Homeland Security
    Status: Open

    Comments: As of September 2016, DHS has established a Cross-Sector Integration and Innovation Center in conjunction with the Office of Infrastructure Protection, and has designed, created, and launched a Cross-Agency Vulnerability Assessment Working Group portal on the Homeland Security Information Network-Critical Infrastructure (HSIN-CI). The Working Group, consisting of members from multiple departments and agencies, is collaborating to enhance the integration and coordination of vulnerability assessment efforts. This working group is intended to serve as an interagency forum to address several recommendations from GAO Report 14-507. However, the effort is ongoing and it is too early to determine if it will successfully address the recommendation.
    Recommendation: Regarding SSAs and other federal departments or agencies external to DHS with CI security-related responsibilities that offer or conduct vulnerability assessment tools and methods and building on our recommendation that DHS review its own vulnerability assessments, the Secretary of Homeland Security should direct the Under Secretary for the National Protection and Programs Directorate to work with SSAs and other federal agencies that have CI security responsibilities to develop and provide guidance for what areas should be included in vulnerability assessments of CI that can be used by DHS, SSAs, and other CI partners in an integrated and coordinated manner, among and across sectors, where appropriate.

    Agency: Department of Homeland Security
    Status: Open

    Comments: As of September 2016, DHS has established a Cross-Sector Integration and Innovation Center in conjunction with the Office of Infrastructure Protection, and has designed, created, and launched a Cross-Agency Vulnerability Assessment Working Group portal on the Homeland Security Information Network-Critical Infrastructure (HSIN-CI). The Working Group, consisting of members from multiple departments and agencies, is collaborating to enhance the integration and coordination of vulnerability assessment efforts. This working group is intended to serve as an interagency forum to address several recommendations from GAO Report 14-507. However, the effort is ongoing and it is too early to determine if it will successfully address the recommendation.
    Director: Maurer, Diana C
    Phone: (202) 512-9627

    1 open recommendations
    Recommendation: To better address obstacles that occur during the activation process and to help ensure that institutions are activated within estimated timeframes, including those institutions that do not currently have inmates, such as Administrative USP Thomson and USP Yazoo City, the Director of the Bureau of Prisons should develop and implement an activation schedule that incorporates the four characteristics of scheduling best practices.

    Agency: Department of Justice: Bureau of Prisons
    Status: Open

    Comments: On November 25, 2014, DOJ provided a written response to GAO-14-709 that stated that BOP was in the process of developing a new activation handbook and comprehensive schedule and that BOP would establish a multi-disciplinary working group of BOP subject-matter experts to work on this project. On June 3, 2015, BOP reported that it had assembled a multidisciplinary workgroup as planned, and based on BOP's March 16, 2016 status update, the workgroup's efforts were ongoing at the time. On September 20, 2016, BOP provided the schedule to us, as part of its newly developed activation handbook. While the Activation Handbook's schedule addresses in detail what needs to be done and who should do the work, it is not fully inclusive of the best practices related to scheduling that we outlined in our report. To fully address this recommendation, BOP would need to fully incorporate best practices. This includes creating a baseline schedule that incorporates all of the tasks identified in the responsibility matrix, determining the duration for each effort, and incorporating the appropriate predecessor and successor logic. Per scheduling best practices, BOP would also need to determine which activities make up the critical path and develop procedures for conducting a schedule risk analysis, ensuring that the schedule can be traced both horizontally and vertically, and that mechanisms are in place for maintaining the baseline schedule and an updated schedule as projects progress.
    Director: Courts, Michael J
    Phone: (202) 512-8980

    5 open recommendations
    including 5 priority recommendations
    Recommendation: To improve the consistency and data reliability of Department of State risk management data, the Secretary of State should direct the Under Secretary for Management to identify and eliminate inconsistencies between and within the Foreign Affairs Manual, Foreign Affairs Handbook (FAH), and other guidance concerning physical security.

    Agency: Department of State
    Status: Open
    Priority recommendation

    Comments: State has taken steps to revise sections of the Foreign Affairs Manual and Foreign Affairs Handbook related to physical security through the Security Standards Committee. The committee, which is made up of DS and OBO officials, meet weekly to create and revise physical security standards, as needed. In addition, DS officials review all relevant sections of the FAM and FAH each year. However, as of March 2017, State has not provided evidence that it has conducted a comprehensive review of all physical security guidance to identify inconsistencies.
    Recommendation: To strengthen the applicability and effectiveness of the Department of State's physical security standards, the Secretary of State should work through DS or, in his capacity as chair, through the OSPB to clarify existing flexibilities in the FAH to ensure that security and life-safety updates to the OSPB standards and Physical Security Handbook are updated through an expedited review process.

    Agency: Department of State
    Status: Open
    Priority recommendation

    Comments: State is in the process of revising the OSPB Working Group Guidelines in the FAH to clarify existing flexibilities for and to formalize an expedited process for making security and life-safety updates to the OSPB standards and Physical Security Handbook. As of April 2017 this action had not been completed, and State now expects to complete this action by the end of calendar year 2017.
    Recommendation: To strengthen the applicability and effectiveness of the Department of State's physical security standards, the Secretary of State should work through DS or, in his capacity as chair, through the OSPB to develop a process to routinely review all OSPB standards and the Physical Security Handbook to determine if the standards adequately address evolving threats and risks.

    Agency: Department of State
    Status: Open
    Priority recommendation

    Comments: Although State has not developed a process to routinely review all OSPB standards and the Physical Security Handbook to determine if the standards adequately address evolving threats and risks, officials agree with the intent of the recommendation and are taking actions to address it. For example, State?s Security Standards Committee, which is made up of DS and OBO officials, meet weekly to create and revise physical security standards, as needed. In addition, DS officials conduct an annual review of all the relevant sections of the FAM and FAH, which includes the OSPB standards and the Physical Security Handbook. However, as of March 2017, State had not provided evidence proving that it specifically considers evolving threats and risks when reviewing OSPB standards and the Physical Security Handbook.
    Recommendation: To strengthen the applicability and effectiveness of the Department of State's physical security standards, the Secretary of State should work through DS or, in his capacity as chair, through the OSPB to develop a policy for the use of interim and temporary facilities that includes definitions for such facilities, time frames for use, and a routine process for reassessing the interim or temporary designation.

    Agency: Department of State
    Status: Open
    Priority recommendation

    Comments: State is taking a number of actions to regularly reassess the risk that various posts and facilities face. For example, Regional Security Officers are required to conduct a physical security review for every work facility at least once a year at high-threat, high-risk posts, and every three years at all other posts. State also now conducts an annual process, the Vital Presence Validation Process, to reassess the risk taken to operate at each of the high-threat, high-risk posts. However, as of March 2017, it is unclear whether temporary and interim facilities are being reviewed and reassessed during these or other processes.
    Recommendation: To strengthen the effectiveness of the Department of State's risk management policies, the Secretary of State should develop a risk management policy and procedures for ensuring the physical security of diplomatic facilities, including roles and responsibilities of all stakeholders and a routine feedback process that continually incorporates new information.

    Agency: Department of State
    Status: Open
    Priority recommendation

    Comments: State has created a working group to draft a revision to the risk management policy. As of April 2017, State anticipates that the update will be published in 2018.
    Director: Frank Rusco
    Phone: (202) 512-3841

    1 open recommendations
    Recommendation: To improve compliance with the Small Business Act and enhance SBA's ability to provide oversight of the programs, the SBA Administrator should revise the language in the SBIR and STTR policy directives to accurately summarize the statutory provisions that describe the program spending requirements.

    Agency: Small Business Administration
    Status: Open

    Comments: In April 2016, SBA proposed an update to its SBIR and STTR policy directive to state that each participating agency must spend (obligate) the required amounts on the programs, which is consistent with the statutory provisions for program spending requirements. However, according to SBA officials, in January 2017, the policy directive was withdrawn from the Office of Management and Budget and is under further internal consideration in light of a recent executive order. As of April 2017, SBA has not established a time frame for publication of the final policy directive.
    Director: Brian J. Lepore
    Phone: (202) 512-4523

    2 open recommendations
    Recommendation: In order to facilitate the efforts of installation planners to efficiently implement the requirements of the Unified Facilities Criteria and DOD Instruction 4715.03, the Secretary of Defense--in conjunction with the Secretaries of the military departments--should provide further direction and information that clarifies the planning actions that should be taken to account for climate change in installation Master Plans and Integrated Natural Resource Management Plans. At a minimum, further direction could include definitions of key terms, such as the definition of "climate change" recently included in DOD Manual 4715.03; further information about changes in applicable building codes and design standards that account for potential climate change impacts; and further information about potential projected impacts of climate change for individual installations.

    Agency: Department of Defense
    Status: Open

    Comments: DOD concurred with our recommendation to provide further direction and information that clarifies the planning actions that should be taken to account for climate change in installation Master Plans and Integrated Natural Resource Management Plans, including providing further information about potential projected impacts of climate change for individual installations. Although DOD has not fully implemented this recommendation, DOD has started to take actions to address components of the recommendation. For example, the Department issued DOD Directive 4715.21 (January 14, 2016), in which DOD defines climate change. Also, the Strategic Environmental Research and Development Program produced the report entitled Regional Sea Level Scenarios for Coastal Risk Management (April, 2016) and accompanying database, in which DOD provides regionalized sea level and extreme water level scenarios for three future time horizons (2035, 2065, and 2100) for 1,774 DOD sites worldwide. DOD intends the report and database to be used by planners to adapt to sea level rise, one impact of climate change. However, during July 2017 follow-up work, we learned that the department has not yet provided these planners with projections for the full set of expected impacts of weather effects associated with climate change.
    Recommendation: In order to improve the military services' ability to make facility investment decisions in accordance with DOD's strategic direction to include climate change adaptation considerations and additionally, to demonstrate an emphasis on proposing projects with an adaption component to installation planners, the Secretary of Defense should direct the Secretaries of the military departments to clarify instructions associated with the processes used to compare potential military construction projects for approval and funding so that, at a minimum, climate change adaptation is considered as a project component that may be needed to address potential climate change impacts on infrastructure.

    Agency: Department of Defense
    Status: Open

    Comments: DOD concurred with our recommendation to clarify instructions associated with the processes used to compare potential military construction projects for approval and funding so that, at a minimum, climate change adaptation is considered as a project component that may be needed to address potential climate change impacts on infrastructure. DOD stated that climate change may be one of many factors that can affect facilities and impact mission and readiness, and that the department will review processes and criteria, such as the Unified Facilities Criteria, to strengthen consideration of climate change adaptation. DOD concurred with our recommendation to provide further direction and information that clarifies the planning actions that should be taken to account for climate change in installation Master Plans and Integrated Natural Resource Management Plans, including providing further information about potential projected impacts of climate change for individual installations. Although DOD has not fully implemented this recommendation, during September 2016 follow-up work, we learned that the Army has started to take actions to address components of the recommendation. Specifically, in briefing slides presented to congressional staff in 2016, the Army noted that two military construction projects were sited in a manner specifically designed to mitigate the impacts of climate change. These projects were a powertrain facility at Corpus Christi Army Depot and a waste water treatment plant at West Point. However, as of July 2017, DOD had not provided us with evidence that the department's components have clarified instructions associated with the processes used to compare potential military construction projects for approval and funding.
    Director: Goldstein, Mark L
    Phone: (202) 512-2834

    2 open recommendations
    Recommendation: To improve the management and oversight of FPS's contract guard program, the Secretary of Homeland Security should direct the Under Secretary of National Protection and Programs Directorate (NPPD) and the Director of FPS to take immediate steps to determine which guards have not had screener or active-shooter scenario training and provide it to them and, as part of developing a national lesson plan, decide how and how often these trainings will be provided in the future.

    Agency: Department of Homeland Security
    Status: Open

    Comments: FPS has indicated that they plan to implement this recommendation through its implementation of a training management system. FPS anticipates beginning implementation of this system in early 2018 and completing implementation by August 2018. GAO will continue to work with FPS to determine whether this recommendation has been implemented.
    Recommendation: To improve the management and oversight of FPS's contract guard program, the Secretary of Homeland Security should direct the Under Secretary of NPPD and the Director of FPS to require that contract guard companies' instructors be certified to teach basic and refresher training courses to guards and evaluate whether a standardized instructor certification process should be implemented.

    Agency: Department of Homeland Security
    Status: Open

    Comments: FPS has indicated that they are currently assessing options for implementing a national lesson plan for guard training that addresses this recommendation. GAO will continue to work with FPS to determine whether this recommendation has been implemented.
    Director: King, Kathleen M
    Phone: (202) 512-7114

    2 open recommendations
    Recommendation: To help ensure successful outreach efforts resulting in significant new enrollment, the Secretary of Health and Human Services should direct the Director of IHS to prepare for the increase in eligibility for expanded Medicaid and new coverage options, and the need for enrollment assistance and billing capacity, by realigning current resources and personnel to increase capacity to assist with these efforts.

    Agency: Department of Health and Human Services
    Status: Open

    Comments: As of January 2017, IHS has reported that it developed a business plan template to help maximize capacity building and enrollment activities at the local level in coordination with IHS Headquarters and Area Offices. The agency reported that it will monitor the overall implementation process through performance plan evaluations of local leadership by their respective Area Directors. Until we receive documentation of these efforts, this recommendation will remain open.
    Recommendation: To help ensure successful outreach efforts resulting in significant new enrollment, the Secretary of Health and Human Services should direct the Administrator of CMS to develop a plan to educate state Medicaid agencies about when coverage status information may be shared between states and IHS facilities, tribal facilities, and urban Indian health programs (I/T/U) facilities and tribes.

    Agency: Department of Health and Human Services
    Status: Open

    Comments: As of January 2017, CMS officials reported that the agency has implemented a plan to educate state Medicaid agencies about when coverage status information may be shared between states and I/T/U facilities on a case by case basis because of variation in how this information is shared from state to state. Until we receive documentation of the plan and its implementation, this recommendation will remain open.
    Director: Goldstein, Mark L
    Phone: (202) 512-2834

    2 open recommendations
    Recommendation: Given the challenges that FPS faces in assessing risks to federal facilities and managing its contract guard workforce, the Secretary of Homeland Security should develop and implement a new comprehensive and reliable system for contract guard oversight.

    Agency: Department of Homeland Security
    Status: Open

    Comments: According to FPS officials, as of September 2017, FPS is currently reviewing proposals and preparing to make a decision for the final contract award for a Post Tracking System (PTS). According to FPS, this PTS will allow FPS to comprehensively and reliability mange its contract guards. Once the contract is awarded in late 2017 FPS will begin to implement the PTS system. GAO is keeping this recommendation open pending successful implementation of this system.
    Recommendation: Given the challenges that FPS faces in assessing risks to federal facilities and managing its contract guard workforce, the Secretary of Homeland Security should verify independently that FPS's contract guards are current on all training and certification requirements.

    Agency: Department of Homeland Security
    Status: Open

    Comments: According to FPS officials, as of September 2017, FPS plans to address this recommendation through the implementation of FPS?s Training Academy and Management System (TAMS). FPS reported that this system should allow it to verify independently that FPS's contract guards are current on all training and certification requirements. FPS is currently taking various steps to finalize the system and anticipates full implementation of TAMS by August 2018. GAO is leaving this recommendation open pending successful implementation of TAMS.
    Director: Goldstein, Mark L
    Phone: (202)512-6670

    2 open recommendations
    Recommendation: The Secretary of Homeland Security and Attorney General should instruct the Director of FPS, and the Director of the Marshals Service, respectively, to jointly lead an effort, in consultation and agreement with the judiciary and GSA, to update the MOA on courthouse security to address the challenges discussed in this report. Specifically, in this update to the MOA stakeholders should: (1) clarify federal stakeholders' roles and responsibilities including, but not limited to, the conditions under which stakeholders may assume each other's responsibilities and whether such agreements should be documented; and define GSA's responsibilities and determine whether GSA should be included as a signatory to the updated MOA; (2) outline how they will ensure greater participation of relevant stakeholders in court or facility security committees; and (3) specify how they will complete required risk assessments for courthouses, referred to by the Marshals Service as court security facility surveys and by FPS as facility security assessments (FSA), and ensure that the results of those assessments are shared with relevant stakeholders, as appropriate.

    Agency: Department of Homeland Security
    Status: Open

    Comments: As of April 2017, The Federal Protective Service, U.S. Marshals Service, Administrative Office of the U.S. Courts, and General Services Administration were working to update the memorandum of agreement on courthouse security. An updated memorandum has been drafted, but it has yet to be signed by all parties. Consequently, resolution of this recommendation is pending until further action is taken.
    Recommendation: The Secretary of Homeland Security and Attorney General should instruct the Director of FPS, and the Director of the Marshals Service, respectively, to jointly lead an effort, in consultation and agreement with the judiciary and GSA, to update the MOA on courthouse security to address the challenges discussed in this report. Specifically, in this update to the MOA stakeholders should: (1) clarify federal stakeholders' roles and responsibilities including, but not limited to, the conditions under which stakeholders may assume each other's responsibilities and whether such agreements should be documented; and define GSA's responsibilities and determine whether GSA should be included as a signatory to the updated MOA; (2) outline how they will ensure greater participation of relevant stakeholders in court or facility security committees; and (3) specify how they will complete required risk assessments for courthouses, referred to by the Marshals Service as court security facility surveys and by FPS as facility security assessments (FSA), and ensure that the results of those assessments are shared with relevant stakeholders, as appropriate.

    Agency: Department of Justice
    Status: Open

    Comments: As of April 2017, The Federal Protective Service, U.S. Marshals Service, Administrative Office of the U.S. Courts, and General Services Administration were working to update the memorandum of agreement on courthouse security. An updated memorandum has been drafted, but it has yet to be signed by all parties. Consequently, resolution of this recommendation is pending until further action is taken.
    Director: Trimble, David C
    Phone: (202)512-9338

    1 open recommendations
    Recommendation: To improve cohesion in the management and operation of EPA's laboratories, the Administrator of EPA should establish a top-level science official with the authority and responsibility to coordinate, oversee, and make management decisions regarding major scientific activities throughout the agency, including the work of all program, regional, and ORD laboratories.

    Agency: Environmental Protection Agency
    Status: Open

    Comments: EPA took some steps toward establishing a top-level science official with responsibilities to coordinate and oversee the laboratories, but the agency did not expand this official's authority to make management decisions regarding scientific activities for the laboratories.
    Director: Dicken, John E
    Phone: (202)512-7043

    6 open recommendations
    Recommendation: To ensure that information entered into CMS's complaints database is reliable and consistent, the Administrator of CMS should identify issues with data quality and clarify guidance to states about how particular fields in the database should be interpreted, such as what it means to substantiate a complaint.

    Agency: Department of Health and Human Services: Centers for Medicare and Medicaid Services
    Status: Open

    Comments: HHS concurred with this recommendation. In November 2014, CMS officials reported that the agency's Survey and Certification Group was in the early stages of a planned multi-year review of all of its business processes, including those related to nursing home complaint investigations. Officials stated that, as part of that review, agency staff would seek to provide clarification on all aspects of the complaint process, including what it means to substantiate a complaint. As of September 2016, CMS officials have not implemented this recommendation. GAO considers it to be open. We will update the status of this recommendation when we receive additional information.
    Recommendation: To strengthen CMS's assessment of state survey agencies' performance in the management of nursing home complaints, the Administrator of CMS should conduct additional monitoring of state performance using information from CMS's complaints database, such as additional timeliness measures.

    Agency: Department of Health and Human Services: Centers for Medicare and Medicaid Services
    Status: Open

    Comments: In November 2014, CMS officials reported that the fiscal year 2014 protocol for assessment of state agency performance includes a new measure that tracks how soon after the completion of a complaint investigation a state agency uploads data from that investigation to CMS's complaint tracking system. However, the protocol does not call for assessment of the number of days by which state survey agencies miss the deadlines for some complaint investigations--a measure that we suggested could provide a more comprehensive picture of state agency performance. As of September 2016, CMS officials have not implemented this recommendation. GAO considers it to be open. We will update the status of this recommendation when we receive additional information.
    Recommendation: To strengthen CMS's assessment of state survey agencies' performance in the management of nursing home complaints, the Administrator of CMS should assure greater consistency in assessments by identifying differences in interpretation of the performance standards and clarifying guidance to state survey agencies and CMS regional offices.

    Agency: Department of Health and Human Services: Centers for Medicare and Medicaid Services
    Status: Open

    Comments: HHS agreed that CMS needed to strengthen its assessment of state survey agencies' performance in the management of nursing home complaints. In November 2014, CMS officials reported that the agency's fiscal year 2014 protocol for assessment of state agencies' performance requires CMS regional offices to review the extent to which the states' policies are consistent with CMS policies. CMS officials acknowledged that there was some variation among states and noted that the agency's Survey and Certification Group is in the early stages of a multi-year review of all of its business processes. Officials expected this review would identify additional opportunities to improve consistency among states in the application of the performance standards. As of September 2016, CMS officials have not implemented this recommendation. GAO considers it to be open. We will update the status of this recommendation when we receive additional information.
    Recommendation: To strengthen and increase accountability of state survey agencies' management of the nursing home complaints process, the Administrator of CMS should clarify guidance to the state survey agencies about the minimum information that should be conveyed to complainants at the close of an investigation.

    Agency: Department of Health and Human Services: Centers for Medicare and Medicaid Services
    Status: Open

    Comments: HHS agreed that CMS needed to take steps to strengthen and increase accountability of state survey agencies' management of nursing home complaints. In November 2014, CMS officials reported that while they believed the CMS State Operations Manual, which specifies procedures for addressing complaints, provides significant guidance regarding the information that state agencies should convey to complainants at the close of an investigation, they would review the guidance to identify any needed changes. As of September 2016, CMS officials have not implemented this recommendation. GAO considers it to be open. We will update the status of this recommendation when we receive additional information.
    Recommendation: To strengthen and increase accountability of state survey agencies' management of the nursing home complaints process, the Administrator of CMS should provide guidance encouraging state survey agencies to prioritize complaints at the level that is warranted, not above that level.

    Agency: Department of Health and Human Services: Centers for Medicare and Medicaid Services
    Status: Open

    Comments: HHS agreed that CMS needed to take steps to strengthen and increase accountability of state survey agencies' management of the nursing home complaints process and stated that CMS would provide clarification and guidance to states to ensure complaints were prioritized at the appropriate level. However, in CMS's fiscal year 2014 protocol for assessment of state agency performance, the prioritization standard still required only that complaints be assigned a priority level at or above the level assigned by CMS reviewers. We remain concerned that defining the standard this way may create an incentive for survey agencies to prioritize some complaints at a higher level than is warranted--which could increase workload and potentially jeopardize the timeliness of investigations that warrant the higher priority level. As of September 2016, CMS officials have not implemented this recommendation. GAO considers it to be open. We will update the status of this recommendation when we receive additional information.
    Recommendation: To strengthen and increase accountability of state survey agencies' management of the nursing home complaints process, the Administrator of CMS should implement CMS's proposed plans to publish state survey agencies' scores but limit publication to those performance standards that CMS considers the most reliable and clear.

    Agency: Department of Health and Human Services: Centers for Medicare and Medicaid Services
    Status: Open

    Comments: HHS agreed that CMS needed to take steps to strengthen and increase accountability of state survey agencies' management of the nursing home complaints process and said that CMS would work with state officials and others to identify key performance information that would be of public value. In November 2014, CMS officials reported that the agency had not yet outlined a method or timetable for publishing states' performance scores. As of September 2016, CMS officials have not implemented this recommendation. GAO considers it to be open. We will update the status of this recommendation when we receive additional information.