Reports & Testimonies

  • GAO’s recommendations database contains report recommendations that still need to be addressed.

    GAO’s recommendations help congressional and agency leaders prepare for appropriations and oversight activities, as well as help improve government operations. Recommendations remain open until they are designated as Closed-implemented or Closed-not implemented. You can explore open recommendations by searching or browsing.

    GAO's priority recommendations are those that we believe warrant priority attention. We sent letters to the heads of key departments and agencies, urging them to continue focusing on these issues. These recommendations are labeled as such. You can find priority recommendations by searching or browsing our open recommendations below, or through our mobile app.

  • Browse Open Recommendations

    Explore priority recommendations by subject terms or browse by federal agency

    Search Open Recommendations

    Search for a specific priority recommendation by word or phrase



  • Governing on the go?

    Our Priorities for Policy Makers app makes it easier for leaders to search our recommendations on the go.

    See the November 10th Press Release


  • Have a Question about a Recommendation?

    • For questions about a specific recommendation, contact the person or office listed with the recommendation.
    • For general information about recommendations, contact GAO's Audit Policy and Quality Assurance office at (202) 512-6100 or apqa@gao.gov.
  • « Back to Results List Sort by   

    Results:

    Topic: "Information Management"

    29 publications with a total of 150 open recommendations including 10 priority recommendations
    Director: David A. Powner
    Phone: (202) 512-9286

    6 open recommendations
    Recommendation: The Secretary of Health and Human Services should direct the Administrator of the Centers for Medicare & Medicaid Services to take steps to ensure that state-based marketplace annual sustainability plans, to the extent possible, have complete 5-year budget forecasts. (Recommendation 1)

    Agency: Department of Health and Human Services
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: The Secretary of Health and Human Services should direct the Administrator of the Centers for Medicare & Medicaid Services to take steps to ensure that all state-based marketplaces provide required annual financial audit reports which are in accordance with generally accepted government auditing standards. (Recommendation 2)

    Agency: Department of Health and Human Services
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: The Secretary of Health and Human Services should direct the Administrator of the Centers for Medicare & Medicaid Services to take steps to ensure that marketplace IT self-sustainability risk assessments are based on fully defined measurable terms, a clear categorization process, and a defined response to high risks. (Recommendation 3)

    Agency: Department of Health and Human Services
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: The Secretary of Health and Human Services should direct the Administrator of the Centers for Medicare & Medicaid Services to take steps to ensure that states develop, update, and follow performance measurement plans that allow the states to continuously identify and assess the most important IT metrics for their state marketplaces. (Recommendation 4)

    Agency: Department of Health and Human Services
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: The Secretary of Health and Human Services should direct the Administrator of the Centers for Medicare & Medicaid Services to take steps to conduct operational analysis reviews and systematically monitor the performance of states' marketplace IT systems using key performance indicators. (Recommendation 5)

    Agency: Department of Health and Human Services
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: The Secretary of Health and Human Services should direct the Administrator of the Centers for Medicare & Medicaid Services to take steps to ensure that metrics collected from states to monitor marketplaces' operational performance link to performance goals and include baselines and targets to monitor progress. (Recommendation 6)

    Agency: Department of Health and Human Services
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Director: Gregory C. Wilshusen
    Phone: (202) 512-6244

    5 open recommendations
    Recommendation: To improve the consistency and effectiveness of governmentwide efforts to reduce the unnecessary use of SSNs and thereby mitigate the risk of identity theft, the Director of OMB should specify elements that agency plans for reducing the unnecessary collection, use, and display of SSNs should contain and require all agencies to develop and maintain complete plans.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To improve the consistency and effectiveness of governmentwide efforts to reduce the unnecessary use of SSNs and thereby mitigate the risk of identity theft, the Director of OMB should require agencies to modify their inventories of systems containing personally identifiable information to indicate which systems contain SSNs and use the inventories to monitor their reduction of unnecessary collection and use of SSNs.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To improve the consistency and effectiveness of governmentwide efforts to reduce the unnecessary use of SSNs and thereby mitigate the risk of identity theft, the Director of OMB should provide criteria to agencies on how to determine unnecessary use of SSNs to facilitate consistent application across the federal government.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To improve the consistency and effectiveness of governmentwide efforts to reduce the unnecessary use of SSNs and thereby mitigate the risk of identity theft, the Director of OMB should take steps to ensure that agencies provide up-to-date status reports on their progress in eliminating unnecessary SSN collection, use, and display in their annual Federal Information Security Modernization Act of 2014 reports.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To improve the consistency and effectiveness of governmentwide efforts to reduce the unnecessary use of SSNs and thereby mitigate the risk of identity theft, the Director of OMB should establish performance measures to monitor agency progress in consistently and effectively implementing planned reduction efforts.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Director: Yocom, Carolyn L
    Phone: (202) 512-7114

    2 open recommendations
    Recommendation: To improve efforts to promote EHR use and electronic exchange of health information in post-acute care settings, the Secretary of Health and Human Services should direct the Centers for Medicare & Medicaid Services (CMS) and ONC to evaluate the effectiveness of HHS's key efforts to determine whether they are contributing to HHS's goal for increasing the use of EHRs and electronic exchange of health information in post-acute care settings.

    Agency: Department of Health and Human Services
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To improve efforts to promote EHR use and electronic exchange of health information in post-acute care settings, the Secretary of Health and Human Services should direct CMS and ONC to comprehensively plan for how to achieve the department's goal related to the use of EHRs and electronic information exchange in post-acute care settings. This planning may include, for example, identifying specific actions related to post-acute care settings and identifying and considering external factors.

    Agency: Department of Health and Human Services
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Director: William B. Shear
    Phone: (202) 512-8678

    3 open recommendations
    Recommendation: To help business disaster victims and resource partners better access information about the disaster loan process, the Administrator of the Small Business Administration should integrate information resources such as the fact sheet, reference guide, and three-step process flier into its disaster loan assistance web portal and Partner Training Portal in a way that is more accessible to users.

    Agency: Small Business Administration
    Status: Open

    Comments: SBA stated that the disaster loan assistance portal includes links to various loan-related resources and a link to SBA.gov, where users can access the SBA Disaster Loan Program Reference Guide and online learning center. We will continue to follow up with SBA on whether the agency plans to centrally integrate the links to loan-related resources into its disaster loan assistance web portal and Partner Training Portal, so resources can be more accessible to users.
    Recommendation: To help reduce confusion about the disaster loan process and the time frames applicants may experience, the Administrator of the Small Business Administration should ensure the consistency of content across its disaster loan process resources by including in these written and online resources, as appropriate, the following: (1) the three-step process; (2) the types of documentation SBA may request and the general reasons why such information may be requested; and (3) estimates of loan processing time frames applicants might experience and external factors, such as the severity of a disaster, that may affect these time frames using, for example, estimates from its forecasting and related planning tools.

    Agency: Small Business Administration
    Status: Open

    Comments: SBA stated that the agency has provided a consistent messaging about the timeframe for making approval decisions on disaster loan applications: SBA's goal is to make a decision on all home and business disaster loan applications within 2-3 weeks, and this loan approval timeframe also is referenced in other loan-related resources and media interviews. We will continue to follow up with SBA on whether the agency plans to (a) ensure informational content is consistent across written and online resources, (b) also include in written and online resources the types of documentation SBA may request and general reasons for the information requests, and (c) tailor the general 2-3 week loan decision timeframe to the each disaster, including the severity of the disaster and other factors that may affect the timeframe, by using the agency's forecasting and related planning tools.
    Recommendation: To further assist disaster business loan applicants, the Administrator of the Small Business Administration should define technical terminology related to financial statements and other finance terminology on the disaster business loan application forms, in both electronic and paper format. For example, in the online application portal, SBA could incorporate a glossary in the "help" feature. Additionally, SBA could include a glossary in the paper application, so that business applicants who apply by mail can access the definitions as well as the general reasons why such information may be requested.

    Agency: Small Business Administration
    Status: Open

    Comments: SBA stated that the agency is developing a glossary of business financial terms to clearly define terminology used in SBA home and business disaster loan applications and required supporting financial documents. Once completed, SBA stated that it will make the glossary available through the agency's disaster loan assistance portal and the SBA.gov website. We will follow up with SBA once the agency completes the glossary of business financial terms.
    Director: Kay E. Brown
    Phone: (202) 512-7215

    2 open recommendations
    including 1 priority recommendation
    Recommendation: The Secretary of Agriculture should take additional steps to collect and disseminate information on promising practices that could help improve data matching processes among state SNAP agencies, including broad and timely dissemination of information on results of recent relevant pilots or demonstrations.

    Agency: Department of Agriculture
    Status: Open
    Priority recommendation

    Comments: The U.S. Department of Agriculture's (USDA) Food and Nutrition Service (FNS) agreed with this recommendation. The agency noted it is moving in this direction and would build on current efforts to address them. GAO will monitor these efforts and consider closing the recommendation when these efforts have been completed.
    Recommendation: The Secretary of Agriculture should work with the Department of Health and Human Services (as appropriate) to analyze spending and understand data needs for SNAP across federal and state contracts and in relation to other programs as FNS explores ways to potentially reduce the costs of using commercial data services.

    Agency: Department of Agriculture
    Status: Open

    Comments: The U.S. Department of Agriculture's (USDA) Food and Nutrition Service (FNS) agreed with this recommendation. The agency noted it has been moving in this general direction and would build on current efforts to address it. GAO will monitor these efforts and consider closing the recommendation when these efforts have been completed.
    Director: Nancy Kingsbury
    Phone: (202) 512-2700

    5 open recommendations
    including 2 priority recommendations
    Recommendation: To support its strategic and open data goals, the Director of OPM should improve the availability of the EHRI payroll data--for example, by preparing the data for analytics, making them available through online tools such as FedScope, and including them among the EHRI data sources on the OPM website and Data.gov.

    Agency: Office of Personnel Management
    Status: Open
    Priority recommendation

    Comments: On 4/21/2017 OPM provided a status update based on our inclusion of this rec in the priority rec letter. "As communicated in our December 6, 2017, letter to the Comptroller General, OPM is developing a comprehensive strategy to improve the availability of EHRI payroll data for analytics. We have started an effort to standardize payroll data elements by engaging with the payroll subject matter experts through the shared service providers. We will keep GAO informed as we make additional progress."
    Recommendation: To improve internal controls for data quality, the Director of OPM should update EHRI payroll database documentation to be consistent with current field definitions and requirements, including the Guide to Human Resources Reporting and the Guide to Data Standards, Part B.

    Agency: Office of Personnel Management
    Status: Open

    Comments: No specific updates on this rec, but it would be addressed in the "comprehensive strategy to improve the availability of EHRI payroll data for analytics" that is noted in OPM's response to the priority recommendation.
    Recommendation: To improve internal controls for data quality, the Director of OPM should consistently monitor system-generated error and edit check reports and ensure that timely action is taken to address identified issues.

    Agency: Office of Personnel Management
    Status: Open
    Priority recommendation

    Comments: On 4/21/17 OPM provided an update to their 60 day letter in response to our inclusion of this rec in the priority letter to OPM. Very soon, we will begin implementing follow-up activities with shared service centers and agencies regarding issues identified with the payroll data they submit to EHRI. We are also evaluating the feasibility of incorporating automated methods to validate agency data, to the extent possible. We will keep GAO informed as we make additional progress.
    Recommendation: To integrate the payroll data into the larger suite of EHRI databases, the Director of OPM should develop a schedule for executing these plans.

    Agency: Office of Personnel Management
    Status: Open

    Comments: No specific updates on this rec, but it would be addressed in the "comprehensive strategy to improve the availability of EHRI payroll data for analytics" that is noted in OPM's response to the priority recommendation.
    Recommendation: To integrate the payroll data into the larger suite of EHRI databases, the Director of OPM should evaluate existing internal control activities and develop new control activities for EHRI payroll data, such as implementing transactional edit checks that leverage the information in the other EHRI datasets.

    Agency: Office of Personnel Management
    Status: Open

    Comments: No specific updates on this rec, but it would be addressed in the "comprehensive strategy to improve the availability of EHRI payroll data for analytics" that is noted in OPM's response to the priority recommendation.
    Director: Valerie Melvin
    Phone: (202) 512-6304

    2 open recommendations
    Recommendation: To provide greater transparency in the reporting of FOIA litigation costs, Congress could consider requiring Justice to provide a cost estimate for collecting and reporting information on costs incurred when defending lawsuits in which the plaintiffs prevailed.

    Agency: Congress
    Status: Open

    Comments: Congress has not yet considered if it plans to amend FOIA regarding the reporting of costs for defending lawsuits in which the plaintiffs prevailed.
    Recommendation: Congress could consider amending the act to require Justice to reflect in its Litigation and Compliance reports, changes in the award of attorneys' fees and costs resulting from the appeals process and settlement agreements between agencies and plaintiffs, if deemed to be cost-effective.

    Agency: Congress
    Status: Open

    Comments: Congress has not yet considered if it plans to amend FOIA to require Justice to make changes to its Litigation and Compliance reports.
    Director: David B. Gootnick
    Phone: (202) 512-3149

    2 open recommendations
    Recommendation: To improve the quality of the data published on ForeignAssistance.gov and help ensure consistency in published information, the Secretary of State should, in consultation with the Director of OMB and the USAID Administrator, undertake a review of the efforts to date on ensuring data quality

    Agency: Department of State
    Status: Open

    Comments: State concurred with this recommendation and noted that it will continue to work with USAID in consultation with OMB to assess whether additional existing resources are required to meet the goals of ForeignAssistance.gov. As of June 2017, State has taken some steps to coordinate with OMB and USAID to improve the quality of data reported for ForeignAssistance.gov. For example, in January 2017, State co-hosted an interagency meeting with OMB and USAID to discuss data quality and reporting requirements. As of June 2017, GAO was following up with State to obtain additional information on how the established review process would or has helped improve the quality of the data reported on Foreignassistance.gov.
    Recommendation: To improve the quality of the data published on ForeignAssistance.gov and help ensure consistency in published information, the Secretary of State should, in consultation with the Director of OMB and the USAID Administrator, develop additional guidance that takes into consideration current challenges to updating ForeignAssistance.gov with verified data.

    Agency: Department of State
    Status: Open

    Comments: As of June 2017, State has taken some steps to coordinate with OMB and USAID to improve the quality of data reported for ForeignAssistance.gov. For example, in January 2017, State co-hosted an interagency meeting with OMB and USAID to discuss data quality and reporting requirements. As of June 2017, GAO was following up with State to determine if additional guidance has been developed that takes into consideration current challenges to updating ForeignAssistance.gov with verified data
    Director: Valerie C. Melvin
    Phone: (202) 512-6304

    8 open recommendations
    Recommendation: To assist VA in sustaining an IT workforce with the necessary knowledge, skills, and abilities to execute its mission and goals, the Secretary of Veterans Affairs should direct the Chief Information Officer to track and review OI&T historical workforce data and projections related to leadership retirements.

    Agency: Department of Veterans Affairs
    Status: Open

    Comments: VA concurred with our recommendation and reported that OI&T's Human Capital Management Office (HCM) had completed a succession planning project that encompassed all senior leadership and included data review and risk assessment for each position. VA also stated that OI&T tracks the gains and losses associated with its leadership positions and provided this information for fiscal year 2016. However, the department has not provided documentation that supports the assertion that historical and projected OI&T leadership retirement data was presented and discussed as part of the succession planning project and did not provide data on projected retirements for OI&T's leadership positions. Additionally, the department stated that OI&T HCM has the ability to project retirement eligibility but has not provided documentation to support this assertion. It is important that VA tracks and reviews its OI&T historical workforce data and forecasts its leadership retirements to avoid being unprepared to effectively respond to vacancies in key leadership positions.
    Recommendation: To assist VA in sustaining an IT workforce with the necessary knowledge, skills, and abilities to execute its mission and goals, the Secretary of Veterans Affairs should direct the Chief Information Officer to identify IT skills needed beyond the current fiscal year to assist in identifying future skills gaps.

    Agency: Department of Veterans Affairs
    Status: Open

    Comments: VA concurred with our recommendation and reported that Information Technology Workforce Development (ITWD) will produce reports that identify skill gaps and will contain long-term recommendations that show the types of IT skills each organization needs to increase and which proficiency level targets need the most emphasis. As of July 2017, VA stated that ITWD reviewed, and updated where needed, the fiscal year 2017 competencies within each OI&T competency model role in order to align the models to the OI&T Transformation initiative. According to the department, the resulting updates support learning solutions that sustain and accelerate OI&T's transformation. Additionally, VA stated that 85 percent of OI&T staff completed a validated competency self-assessment and provided the OI&T fiscal year 2017 Training Gap Analysis Report which shows the strengths and gaps of OI&T by organization, trends between fiscal years 2016 and 2017, findings, next steps, and recommended actions for the next fiscal year. The department also stated that ITWD held meetings to review skill gap and learning solution reports. VA provided these reports and they present the top gaps and strengths, key findings, and next steps to address the skill gaps. While the department has taken these actions, its OI&T Training Gap Analysis Report does not identify IT skills needed beyond fiscal year 2017.
    Recommendation: To assist VA in establishing comprehensive and documented processes that reflect system development and acquisition best practices, the Secretary of Veterans Affairs should direct the Chief Information Officer to revise OI&T's documented processes related to project planning, to include (1) estimating the level of effort that will need to be expended for work products and tasks, and (2) making adjustments to the project plan to reconcile differences between estimated and available resources.

    Agency: Department of Veterans Affairs
    Status: Open

    Comments: VA concurred with our recommendation and stated that OI&T is documenting changes to processes related to project planning as it transitions from PMAS to the Veteran-Focused Integration Process (VIP). According to VA, the VIP processes will lead to better requirements elaboration and prioritization, increasing significantly the accuracy of estimates related to level of effort. Additionally, the department stated that by using short Agile sprints, the project team will be able adjust the project plan frequently to reconcile differences between estimated and available resources. As of July 2017, VA stated that all projects have transitioned to the VIP, which ensures they are incorporating the Agile methodology into the project lifecycle. According to the department, the latest version of its VIP Guide incorporates the use of daily scrum and weekly scrum of scrum meetings that can be used to frequently adjust the project plan to reconcile differences between estimated and available resources. VA stated that the project planning processes will continue to evolve beyond July and expects to complete its actions in response to this recommendation by the end of fiscal year 2017.
    Recommendation: To assist VA in establishing comprehensive and documented processes that reflect system development and acquisition best practices, the Secretary of Veterans Affairs should direct the Chief Information Officer to revise OI&T's documented processes related to requirements management, to include identifying changes to be made to plans and work products as a result of requirements baseline changes.

    Agency: Department of Veterans Affairs
    Status: Open

    Comments: VA concurred with our recommendation and reported that OI&T is revising its documentation related to requirements management as part of the transition to the Veteran-Focused Integration Process (VIP). According to VA, requirements will be tracked using the IBM Rational Tools Suite, which will be able to provide a snapshot of the original baseline and all captured changes in the form of an audit trail that captures the history of requirement changes. As of July 2017, the department stated that all projects have transitioned to the VIP and requirements baselines and subsequent changes are tracked in the Rational Tools Suite. VA also reported that efforts in fiscal year 2017 to consolidate all mandatory architectural, design, and process methodologies into a single library of requirements were successful, which resulted in combining the full body of requirements. Additionally according to the department, versioning of the requirements will allow the office to trace specific versions of individual requirements and their evolution by time period and project inheritance. VA stated that it expects to complete its actions in response to this recommendation by the end of fiscal year 2017.
    Recommendation: To assist VA in establishing comprehensive and documented processes that reflect system development and acquisition best practices, the Secretary of Veterans Affairs should direct the Chief Information Officer to revise OI&T's documented processes related to risk management, to include (1) determining costs and benefits of implementing the risk mitigation plan for each risk and (2) collecting performance measures on risk handling activities.

    Agency: Department of Veterans Affairs
    Status: Open

    Comments: VA concurred with our recommendation and reported that the IBM Rational Tools Suite will be used to manage risks and issues. According to VA, the tools suite will allow requirements to be linked to risks, which will provide traceability; teams will be able to track and report steps taken to mitigate risks; and an audit trail will show the history of changes made to each risk. The department also reported that the Office of Privacy and Risk will establish risk mitigation strategies for OI&T. As of July 2017, VA stated that risks data capture has been developed as a standardized process and that data on project and program risks in the Rational Tools Suite is aggregated and prepared for use to verify aggressive management, and will be included in enterprise reporting. The department stated that work is underway with the Performance Management Office and that OI&T expects to complete its actions in response to this recommendation by the end of fiscal year 2017.
    Recommendation: To assist VA in establishing comprehensive and documented processes that reflect system development and acquisition best practices, the Secretary of Veterans Affairs should direct the Chief Information Officer to revise OI&T's documented processes related to project monitoring and control, to include the 10 best practices that were missing from the guidance.

    Agency: Department of Veterans Affairs
    Status: Open

    Comments: VA concurred with our recommendation and reported that implementation of the Veteran-Focused Integration Process (VIP) and Agile processes within OI&T will address eight of the ten best practices related to project monitoring and control that were missing from its guidance. In regard to monitoring the knowledge and skills of project staff, OI&T's IT Workforce Development (ITWD) group collects and analyzes competency assessment data, which is used in requirements gathering meetings with OI&T leaders. According to VA, during these meetings organizational needs and next steps are discussed in detail. Additionally, the department's latest version of its VIP Guide states that the product team should be cross-functional and include all skills needed to deliver a product. Further, the department reported that data management activities, issues, and impacts will be managed using VIP, Agile, and IBM Rational Tools Suite. According to its VIP Guide, OI&T expects that all products follow the Agile product management process and use the Rational Tools Suite to manage scheduled product sprints and backlog, product requirements, risks and issues, and product planning and engineering documentation, among others. Also, VA stated that Agile methodologies will require stakeholders to be involved in the daily scrum meetings, user acceptance testing, and acceptance of deliverables, which will address stakeholders being involved regularly and documenting the results of stakeholder involvement status reviews. According to the VIP Guide, the Agile development methodologies require development teams to meet often with stakeholders to ensure transparency and foster a collaborative work environment. Additionally, the department stated that critical decision events are using Rational based data assessments to report on level of satisfaction of project controls and process compliance requirements. Further, according to the VIP Guide, the Product Owner will have a key role in the decision-making process during the development of the product and will be able to regularly express concerns and/or approvals to best meet user satisfaction. The department stated that critical decision events are being held at the portfolio level, and action items from these events are being tracked. VA provided meeting minutes from critical decision events that were held in October and December 2016. The December 2016 meeting minutes identified action items and the status of those items. Although VA has taken actions to address the majority of best practices related to project monitoring and control, the department's new VIP process does not include two practices that call for (1) tracking expended effort and (2) monitoring the utilization of staff and resources. Until OI&T's documented processes for project monitoring and control fully reflect best practices, the office is at risk that its projects will not achieve expected results.
    Recommendation: To assist VA in establishing comprehensive and documented processes that reflect system development and acquisition best practices, the Secretary of Veterans Affairs should direct the Chief Information Officer to revise OI&T's documented processes related to process and product quality assurance, to include (1) documenting a description of the quality assurance reporting chain and defining how objectivity will be ensured, and (2) periodically reviewing open noncompliance issues and trends with management that is designated to receive and act on them.

    Agency: Department of Veterans Affairs
    Status: Open

    Comments: VA concurred with our recommendation and reported that the implementation of the Veteran-Focused Integration Process (VIP), Agile processes, and the Rational Toolset within OI&T will address process and product quality assurance. According to VA, as a part of VIP, the Product Owner is engaged from intake through project completion, which will ensure that the quality of the product is maintained throughout the life cycle. Additionally the department reported that the process of periodically reviewing open non-compliance issues and trends with management that is designated to receive and act on them will be accomplished through CIOStat meetings held with OI&T senior leadership. VA also reported that the Rational Quality Manager tool is used to automate routine testing activities to identify non-compliance issues and trends. As of July 2017, the department stated that the Product Owner is beginning to have a stronger role on the project team, which enables them to assist in all types of issues, including quality assurance. VA also stated that Release Agents develop and distribute Release Readiness Reports, which provide a status of all release requirements and of traceability among requirements, deliverables, and test results. VA expects to complete its actions in response to this recommendation by the end of fiscal year 2017.
    Recommendation: To assist VA in establishing comprehensive and documented processes that reflect system development and acquisition best practices, the Secretary of Veterans Affairs should direct the Chief Information Officer to revise OI&T's documented processes related to project scheduling, to include the 9 best practices that were missing from the guidance and revise the documented processes where the guidance was contrary to best practices.

    Agency: Department of Veterans Affairs
    Status: Open

    Comments: VA concurred with our recommendation and reported that the implementation of VIP and Agile processes within OI&T will address five of the nine best practices related to project scheduling that are missing from its guidance. According to VA, business and compliance requirements will be captured during the planning phase and maintained in the IBM Rational Tools Suite to manage scheduled project/product builds and backlog which will allow the project to more accurately maintain the schedule baseline, capture all schedule changes, and provides an audit trail of all the changes. Additionally, the department reported that the IBM Rational Tools Suite connects requirements, change orders, test cases, and test results in order to have full traceability in a closed loop system. VA also noted that the use of short development builds within Agile increases the probability of successful adherence to the schedule; and Agile provides the flexibility to make schedule changes using the backlog to prioritize requirements. As of July 2017, VA stated that Project Build Planning sessions capture and prioritize all backlog items with high level activities captured in the VIP Dashboard; and that each project task receives an estimated duration. The department also stated that the project team commits to a high level scope for each build and then the scope is solidified and committed to in detail at each Sprint Plan. According to VA, at the end of each sprint the Product Owner accepts or rejects the product of what was committed to at Sprint Planning. The department also stated that there is a high-level commitment at the Critical Decision 1 meeting; that each build gets committed to at a more granular level; and that sprint planning includes establishing a firm commitment for exactly what will be completed during the sprint. The department further stated that part of the Agile process being used by OI&T removes rigid, mandatory constraints as long as project teams follow compliance epics. Additionally, the department reported that because of the use of Agile methodology, if a task is critical today, the project team can reprioritize and address the needs of the project immediately. According to VA, Agile supports both sustainment and development projects, by allowing changes to the project backlog to address high priority functionality. VA also stated that Agile allows flexibility to shift from one build to another based on priorities and to shift backlog items based on VIP Triad priorities. Additionally, according to the department, risks are managed in the Rational Tools Suite and impediments are raised and escalated during daily scrums and scrum of scrum calls. The VIP Guide indicates that product teams are required to make timely updates to the VIP Dashboard regarding schedule and that the Rational Tools Suite will be used to manage and administer source control and baselines; manage risks and issues; and manage scheduled product sprints and backlogs. However, the VIP Guide does not include practices to (1) document that each project task should receive a duration estimate; (2)require that the project schedule be traceable horizontally and vertically; (3) sequence all activities; and (4) confirm that the critical path is valid. Until OI&T's documented processes for developing schedules fully reflect best practices, the office is at risk that schedules created for its projects will not be reliable.
    Director: Valerie Melvin
    Phone: (202) 512-6304

    4 open recommendations
    Recommendation: To address weaknesses in the department's financial management systems modernization efforts, the Secretary of HUD should direct the Chief Financial Officer to work with the Chief Information Officer in managing subsequent initiatives to define a high-level depiction of the IT systems anticipated in the future state, a description of the operations that must be performed and who must perform them, and an explanation of where and how the operations are to be carried out.

    Agency: Department of Housing and Urban Development
    Status: Open

    Comments: In its comments on our draft report, HUD neither agreed nor disagreed with our recommendations, but noted that it planned to improve management practices and IT governance for future modernization efforts. In May 2017, HUD's Deputy Chief Information Officer reported that that the office was managing multiple enterprise-level initiatives no longer classified as financial management modernization efforts, but which are intended to address certain previously reported financial systems modernization needs. The department provided early high-level requirements and a solution architecture for one such initiative, including a future requirement to support data required for HUD's financial reporting needs from Treasury. However, HUD does not yet have a plan to develop a high-level concept of operations for IT systems anticipated in the future state. We intend to follow up on HUD's actions.
    Recommendation: To address weaknesses in the department's financial management systems modernization efforts, the Secretary of HUD should direct the Chief Financial Officer to work with the Chief Information Officer in managing subsequent initiatives to develop comprehensive plans for scope, schedule and cost.

    Agency: Department of Housing and Urban Development
    Status: Open

    Comments: In its comments on our draft report, HUD neither agreed nor disagreed with our recommendations, but noted that it planned to improve management practices and IT governance for future modernization efforts. In May 2017, the department provided an early project oversight plan and critical task schedule for one initiative related to enterprise data management, but these plans are not comprehensive and do not include, among other things, detailed cost estimates. We intend to follow up on HUD's actions.
    Recommendation: To address weaknesses in the department's financial management systems modernization efforts, the Secretary of HUD should direct the Chief Financial Officer to work with the Chief Information Officer in managing subsequent initiatives to ensure requirements are fully documented and traceable.

    Agency: Department of Housing and Urban Development
    Status: Open

    Comments: In its comments on our draft report, HUD neither agreed nor disagreed with our recommendations, but noted that it planned to improve management practices and IT governance for future modernization efforts. In March 2017, the department reported that the Chief Financial Officer and the Chief Information Officer intend to partner on future departmental financial management systems modernization efforts to fully document requirements and trace requirements to the functionality in the modernized system. In May 2017, department officials reported that the subsequent initiatives underway were following an Agile process yielding product-release backlogs as documentation of requirements for ongoing initiatives. They provided the initial backlog for an enterprise data management initiative. However, HUD could not demonstrate that these requirements were complete and traceable to mission needs. We intend to follow up on HUD's actions.
    Recommendation: The Secretary of HUD should also direct the Deputy Secretary to ensure that the Chief Information Officer takes action to improve IT governance control activities used for monitoring programs and identifying needed corrective actions, and strengthen investment oversight by improving coordination with stakeholders and alignment among IT modernization efforts.

    Agency: Department of Housing and Urban Development
    Status: Open

    Comments: In its comments on our draft report, HUD neither agreed nor disagreed with our recommendations, but noted that it planned to improve management practices and IT governance for future modernization efforts. In March 2017, the department reported on its fiscal year 2016 updates to charters of its IT governance boards, which provide oversight of all its IT investments, including financial management initiatives, and noted that business cases for proposed development and modernization initiatives had been discussed at governance meetings. HUD also reported that it had set up steering committees to supplement board governance and monitoring two enterprise-level modernization efforts and planned to apply mechanisms, such as project health assessments, intended to establish effective investment oversight. However, HUD has not yet demonstrated that the updated governance control activities have improved program monitoring and identified any needed corrective actions or that planned oversight mechanisms have improved coordination with stakeholders or alignment of modernization efforts. We intend to follow up on HUD's actions to ensure that planned improvements to governance and oversight mechanisms are effectively implemented and institutionalized.
    Director: Gretta L. Goodwin
    Phone: (202) 512-8777

    4 open recommendations
    Recommendation: To enhance the clarity and transparency of sexual violence data that is reported to the public, the Secretary of Education should direct the Assistant Secretary for the Office of Postsecondary Education, the Secretary of Health and Human Services should direct the Director of Centers for Disease Control and Prevention, and the Attorney General should direct the Director of the Bureau of Justice Statistics to make information on the acts of sexual violence and contextual factors that are included in their measurements of sexual violence publicly available. This effort could entail revising their definitions of key terms used to describe sexual violence so that the definitions match the measurements of sexual violence.

    Agency: Department of Education
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To enhance the clarity and transparency of sexual violence data that is reported to the public, the Secretary of Education should direct the Assistant Secretary for the Office of Postsecondary Education, the Secretary of Health and Human Services should direct the Director of Centers for Disease Control and Prevention, and the Attorney General should direct the Director of the Bureau of Justice Statistics to make information on the acts of sexual violence and contextual factors that are included in their measurements of sexual violence publicly available. This effort could entail revising their definitions of key terms used to describe sexual violence so that the definitions match the measurements of sexual violence.

    Agency: Department of Health and Human Services
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To enhance the clarity and transparency of sexual violence data that is reported to the public, the Secretary of Education should direct the Assistant Secretary for the Office of Postsecondary Education, the Secretary of Health and Human Services should direct the Director of Centers for Disease Control and Prevention, and the Attorney General should direct the Director of the Bureau of Justice Statistics to make information on the acts of sexual violence and contextual factors that are included in their measurements of sexual violence publicly available. This effort could entail revising their definitions of key terms used to describe sexual violence so that the definitions match the measurements of sexual violence.

    Agency: Department of Justice
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To help lessen confusion among the public and policy makers regarding federal data on sexual violence, the Director of OMB should establish a federal interagency forum on sexual violence statistics. The forum should consider the broad range of differences across the data collection efforts to assess which differences enhance or hinder the overall understanding of sexual violence in the United States.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Director: Carol C. Harris
    Phone: (202) 512-4456

    9 open recommendations
    Recommendation: To help the department achieve the benefits anticipated from JIE, the Secretary should direct the DOD Chief Information Officer (CIO), and other entities, as appropriate, to develop a detailed JIE scope statement that is verified by stakeholders and approved by the Executive Committee.

    Agency: Department of Defense
    Status: Open

    Comments: As of July 2017, the Department of Defense had made progress in implementing the recommendation. Specifically, the department developed a draft Joint Information Environment (JIE) scope statement that can provide the context and framework for reporting, tracking, and controlling JIE activities. According to written comments on the status of the recommendation provided by the department in July 2017, this scope statement will be presented to the JIE Executive Committee in August 2017 for approval. We will continue to monitor the department's efforts to implement the recommendation.
    Recommendation: To help the department achieve the benefits anticipated from JIE, the Secretary should direct the DOD CIO and other entities, as appropriate, to establish a plan for managing, documenting, and communicating scope.

    Agency: Department of Defense
    Status: Open

    Comments: As of July 2017, the Department of Defense had made progress in implementing the recommendation. Specifically, the department developed a draft JIE scope statement, which documents the scope of JIE and describes how updates to its scope will be periodically reviewed and approved. According to written comments on the status of the recommendation provided by the department in July 2017, the draft will be presented to the JIE Executive Committee in August 2017 for approval. We will continue to monitor the department's efforts to implement the recommendation.
    Recommendation: To help the department achieve the benefits anticipated from JIE, the Secretary should direct the DOD CIO and other entities, as appropriate, to develop a reliable JIE cost estimate and baseline, consistent with the best practices described in this report.

    Agency: Department of Defense
    Status: Open

    Comments: As of July 2017, the Department of Defense had not implemented the recommendation. According to written comments on the status of the recommendation provided by the department, it developed cost baselines for two components of JIE. However, it did not develop cost estimates for the other JIE components. Specifically, the JIE Executive Committee approved the cost estimate for the Joint Regional Security Stacks in April 2017. In addition, the department's comments stated that the cost baseline for the Mission Partner Environment-Information System (MPE-IS) was included in the MPE-IS Business Case Analysis and presented to the department's Office of Cost Assessment and Program Evaluation in July 2016. We are in the process of reviewing the cost estimates for these components. The department further stated that as solutions for other JIE efforts are established, their cost baselines will be added as appropriate.
    Recommendation: To help the department achieve the benefits anticipated from JIE, the Secretary should direct the DOD CIO and other entities, as appropriate, to develop a JIE schedule management plan and reliable schedule, consistent with practices described in this report.

    Agency: Department of Defense
    Status: Open

    Comments: As of July 2017, the department had not implemented the recommendation. We will continue to monitor the department's efforts to address this recommendation by periodically requesting and evaluating updated information.
    Recommendation: To help the department achieve the benefits anticipated from JIE, the Secretary should direct the DOD CIO and other entities, as appropriate, to develop a JRSS schedule management plan and reliable JRSS schedule and schedule baseline, consistent with practices described in this report.

    Agency: Department of Defense
    Status: Open

    Comments: As of July 2017, the Department of Defense had not fully implemented this recommendation. In March 2017, the JIE Executive Committee approved a schedule baseline for the Non-secure Internet Protocol Router network component of JRSS. In addition, the Executive Committee memo approving this schedule baseline indicated that the Executive Committee planned to review and approve a schedule baseline for the Secure Internet Protocol Router network component of JRSS by the end of fiscal year 2017. However, the department has not demonstrated that it has a schedule management plan or that its schedule was developed consistent with the practices described in our report.
    Recommendation: To help the department achieve the benefits anticipated from JIE, the Secretary should direct the DOD CIO and other entities, as appropriate, to complete an assessment to determine the number of staff and the specific skills and abilities needed to effectively achieve JIE, consistent with the workforce planning practices described in this report.

    Agency: Department of Defense
    Status: Open

    Comments: As of July 2017, the Department of Defense had not implemented the recommendation. In its June 2016 written comments on a draft of our report, the department stated that the National Institute of Standards and Technology and the Office of Personnel Management were to publish a coding structure in response to the Federal Cybersecurity Workforce Assessment Act of 2015. DOD stated that this structure would inform steps DOD planned to take to identify the type of personnel and specific skills required to support enterprise operations and services and the government capabilities needed to effectively achieve JIE. However, as of July 2017, the department had not demonstrated that it has taken action to implement our recommendation.
    Recommendation: To help the department achieve the benefits anticipated from JIE, the Secretary should direct the DOD CIO and other entities, as appropriate, to develop a strategy for conducting JIE security assessments that describes the resources needed to execute the strategy, responsible organizations, and a schedule to complete the assessments.

    Agency: Department of Defense
    Status: Open

    Comments: As of July 2017, the Department had not implemented the recommendation. We will continue to monitor the department's efforts to address this recommendation by periodically requesting and evaluating updated information.
    Recommendation: To help the department achieve the benefits anticipated from JIE, the Secretary should direct the DOD CIO and other entities, as appropriate, to develop a strategy and schedule to transition JRSS to the Risk Management Framework, and develop the security plan required by the new framework.

    Agency: Department of Defense
    Status: Open

    Comments: As of July 2017, the Department of Defense had not implemented this recommendation. In January 2017, the Joint Regional Security Stacks (JRSS) program received a six-month provisional Risk Management Framework Authority to Operate. According to a July 2017 update from the department on the status of this recommendation, the JRSS program management office was in the process of requesting another six-month provisional authority to operate. However, the department has not developed a strategy and schedule to complete transition of JRSS to the Risk Management Framework or developed the security plan required by the framework.
    Recommendation: To help the department achieve the benefits anticipated from JIE, the Secretary should direct the DOD CIO and other entities, as appropriate, to develop a reliable Joint Regional Security Stacks (JRSS) cost estimate and baseline, consistent with practices described in this report.

    Agency: Department of Defense
    Status: Open

    Comments: The Department of Defense had taken steps to address the recommendation and we are in the process of reviewing documentation the department provided in July 2017 to determine if it sufficiently addresses the recommendation. Specifically, in April 2017, the JRSS program office documented the methodology, ground rules, and assumptions, among other things, used to develop the cost estimate we reviewed in our report, and the JIE Executive Committee established the estimate as its JRSS cost baseline. We are in the process of reviewing the cost estimate documentation and will update this status after completing the review.
    Director: Carol C. Harris
    Phone: (202) 512-4456

    9 open recommendations
    Recommendation: To provide reasonable assurance that the program executes Agile software development for USCIS ELIS consistent with its own policies and guidance and follows applicable leading practices, the Secretary of the Department of Homeland Security (DHS) should direct the Director of USCIS to direct the USCIS Chief Information Officer (CIO), in coordination with the DHS CIO and the Chief of the Office of Transformation Coordination (OTC), to review and update, as needed, existing policies and guidance and consider additional controls to complete planning for software releases prior to initiating development and ensure software meets business expectations prior to deployment.

    Agency: Department of Homeland Security
    Status: Open

    Comments: As of July 2017, the U.S. Citizenship and Immigration Services (USCIS) within the Department of Homeland Security (DHS) had taken steps to address this recommendation. In particular, in June 2017, USCIS provided an updated policy, dated April 2017, governing planning and deploying software releases. USCIS also demonstrated partial compliance with that policy. For example, it provided some release planning review documentation for recent releases that are required by the updated policy, including readiness review memos for releases 7.2 and 8.1. However, USCIS did not demonstrate that the program responsible for developing the USCIS Electronic Immigration System (USCIS ELIS) was consistently following its updated policy. For example, USCIS did not demonstrate that the program was completing all planning activities prior to initiating development, as called for in its updated policy. Moreover, the agency did not demonstrate compliance with its previous policy for all software releases planned and deployed since our July 2016 report. We will continue to work with USCIS to monitor actions the agency is taking to address this recommendation.
    Recommendation: To provide reasonable assurance that the program executes Agile software development for USCIS ELIS consistent with its own policies and guidance and follows applicable leading practices, the Secretary of DHS should direct the Director of USCIS to direct the USCIS CIO, in coordination with the DHS CIO and the Chief of OTC, to review and update, as needed, existing policies and guidance and consider additional controls to consistently implement the principles of the framework adopted for Agile software development.

    Agency: Department of Homeland Security
    Status: Open

    Comments: As of July 2017, USCIS had taken steps to address this recommendation. For example, in May 2017, USCIS provided updated policy governing the development of software releases, dated April 2017, along with release planning artifacts specific to USCIS ELIS. The updated policy included an appendix devoted to generally accepted agency practices and applying Agile principles in the agency. However, USCIS had not clearly indicated if USCIS ELIS was to implement the practices described in the policy. For example, the updated policy did not require program compliance with the generally accepted agency practices. Moreover, supporting artifacts from the release planning process did not always define a commitment to a particular development methodology or set of development practices. For example, the team process agreements, which describe how members of individual teams will work with each other, did not indicate if developers were to adhere to the practices described in updated USCIS policy. We will continue to work with USCIS to obtain additional documentation about actions it is taking to address this recommendation.
    Recommendation: To provide reasonable assurance that the program executes Agile software development for USCIS ELIS consistent with its own policies and guidance and follows applicable leading practices, the Secretary of DHS should direct the Director of USCIS to direct the USCIS CIO, in coordination with the DHS CIO and the Chief of OTC, to review and update, as needed, existing policies and guidance and consider additional controls to define and consistently execute appropriate roles and responsibilities for individuals responsible for development activities consistent with its selected development framework.

    Agency: Department of Homeland Security
    Status: Open

    Comments: As of July 2017, USCIS had taken steps to address this recommendation. For example, in June 2017, USCIS provided updated policy, dated April 2017, governing the development of software releases and release planning artifacts. The updated policy and release documentation defined some roles and responsibilities that were previously only described by USCIS in its informal November 2014 management model, such as the authority and responsibility of a product owner. However, program documentation and policy did not define all of the roles and responsibilities. For example, program documentation and policy did not define the roles and responsibilities of a facilitator, or Scrum Master, which is a position identified in leading practices for software development using Scrum, the development methodology previously identified by the program. In addition, USCIS did not demonstrate that it had defined and committed to an updated development methodology for software releases. Such a defined methodology will impact expectations for the roles and responsibilities in software development. Without such a defined methodology or approach to Agile software development, it is not clear if roles and responsibilities defined by previously documented approach to Agile software development are still applicable for the current development approach. Moreover, documentation associated with program releases and updated policy did not define all of the roles and responsibilities for positions described by USCIS in its May 2017 written response to GAO. We will continue to work with USCIS to obtain additional documentation about actions it is taking to address this recommendation.
    Recommendation: To provide reasonable assurance that the program executes Agile software development for USCIS ELIS consistent with its own policies and guidance and follows applicable leading practices, the Secretary of DHS should direct the Director of USCIS to direct the USCIS CIO, in coordination with the DHS CIO and the Chief of OTC, to review and update, as needed, existing policies and guidance and consider additional controls to identify all system users and involve them in release planning activities.

    Agency: Department of Homeland Security
    Status: Open

    Comments: As of July 2017, DHS and USCIS had not provided information demonstrating that the department has addressed this recommendation. In October 2016, DHS provided a written response stating that the USCIS Office of Information Technology and Office of Transformation Coordination were working closely with the various USCIS directorates to obtain and integrate feedback through regular review sessions with the end users and through additional end user testing. However, as of July 2017, DHS and USCIS have not provided new information about the status of this recommendation.
    Recommendation: To provide reasonable assurance that the program executes Agile software development for USCIS ELIS consistent with its own policies and guidance and follows applicable leading practices, the Secretary of DHS should direct the Director of USCIS to direct the USCIS CIO, in coordination with the DHS CIO and the Chief of OTC, to review and update, as needed, existing policies and guidance and consider additional controls to write user stories that identify user roles, include estimates of complexity, take no longer than one sprint to complete, and describe business value.

    Agency: Department of Homeland Security
    Status: Open

    Comments: As of July 2017, USCIS had provided GAO with documentation intended to demonstrate that the agency had taken steps to address this recommendation. For example, in May 2017, USCIS provided updated policy governing the development of software releases along with release planning artifacts specific to USCIS ELIS and an Independent Verification and Validation assessment. The agency also provided a series of backlogs that captured user stories for some software releases. In addition, the Independent Verification and Validation assessment indicated that the program was tracking user story quality as part of assessing whether value was continuously discovered and aligned to the mission. However, the assessment report provided to GAO indicated a negative trend for this outcome. Moreover, USCIS policy no longer set expectations regarding user story development. In addition, supporting artifacts from the release planning process did not always define a commitment to a particular development methodology, which is turn impacts the expectations for writing user stories. Finally, backlogs provided by USCIS did not cover all releases in development since our July 2016 report and did not include enough detail to assess all aspects of the user story process (e.g., story size and user involvement). We will continue to work with USCIS to obtain additional documentation about actions it is taking to address this recommendation.
    Recommendation: To provide reasonable assurance that the program executes Agile software development for USCIS ELIS consistent with its own policies and guidance and follows applicable leading practices, the Secretary of DHS should direct the Director of USCIS to direct the USCIS CIO, in coordination with the DHS CIO and the Chief of OTC, to review and update, as needed, existing policies and guidance and consider additional controls to establish outcomes for Agile software development.

    Agency: Department of Homeland Security
    Status: Open

    Comments: As of July 2017, USCIS had taken steps to address this recommendation. For example, in April 2017, USCIS issued updated policy governing software development at the agency. The updated policy included an appendix devoted to generally accepted agency practices and applying Agile principles in the agency. This appendix also included a set of ten outcomes associated with using Agile practices at USCIS. For example, outcomes included that value is continuously discovered and aligned to the mission. However, the updated policy did not require program compliance with the practices and principles described in the appendix. Moreover, the agency did not demonstrate that USCIS ELIS had committed to achieving a specific set of outcomes for Agile software development, such as the outcomes described in the USCIS policy. We will continue to work with USCIS to obtain additional documentation about actions it is taking to address this recommendation.
    Recommendation: To provide reasonable assurance that the program executes Agile software development for USCIS ELIS consistent with its own policies and guidance and follows applicable leading practices, the Secretary of DHS should direct the Director of USCIS to direct the USCIS CIO, in coordination with the DHS CIO and the Chief of OTC, to review and update, as needed, existing policies and guidance and consider additional controls to monitor program performance and report to appropriate entities through the collection of reliable metrics.

    Agency: Department of Homeland Security
    Status: Open

    Comments: As of July 2017, USCIS had taken steps to address this recommendation. For example, in May 2017, USCIS provided updated policy governing the development of software that called for teams to prepare an Operations Monitoring Plan or dashboard showing the practices, tools, and measures that will monitor applications in production. The agency also provided a series of documents from internal systems and processes intended to monitor performance, such as a product dashboard for analyzing code quality (i.e., SonarQube) and a report from its Independent Verification and Validation team. However, the program was undergoing a re-baseline and had yet to document updated cost, schedule, and performance expectations against which to monitor. Moreover, the agency did not demonstrate that other metrics, such as customer satisfaction and team velocity, were being reliably collected. We will continue to work with USCIS to obtain additional documentation about actions it is taking to address this recommendation.
    Recommendation: To help manage the USCIS ELIS system, the Secretary of DHS should direct the Director of USCIS to direct the USCIS CIO, in coordination with the DHS CIO and the Chief of OTC, to review and update existing policies and guidance and consider additional controls to conduct unit and integration, and functional acceptance tests, and code inspection consistent with stated program goals.

    Agency: Department of Homeland Security
    Status: Open

    Comments: As of July 2017, USCIS had taken steps to address this recommendation. For example, in May 2017, USCIS provided artifacts from internal systems in place to monitor software development performance. These metrics monitored aspects of testing, such as code quality and code coverage. However, the program did not provide an updated Test and Evaluation Master Plan, which is a document it will produce as part of its ongoing effort to re-baseline. A Test and Evaluation Master Plan sets the testing expectations for the program as agreed upon with its stakeholders in DHS and USCIS. The updated plan will provide a basis for further evaluation of the steps DHS and USCIS have taken to address this recommendation. Moreover, the agency did not demonstrate that functional acceptance tests were being conducted in accordance with stated program goals. For example, the agency did not provide acceptance criteria or the associated tests demonstrating that user stories passed the defined acceptance criteria. We will continue to work with USCIS to obtain additional documentation about actions it is taking to address this recommendation.
    Recommendation: To help manage the USCIS ELIS system, the Secretary of DHS should direct the Director of USCIS to direct the USCIS CIO, in coordination with the DHS CIO and the Chief of OTC, to review and update existing policies and guidance and consider additional controls to develop complete test plans and cases for interoperability and end user testing, as defined in the USCIS Transformation Program Test and Evaluation Master Plan, and document the results.

    Agency: Department of Homeland Security
    Status: Open

    Comments: As of July 2017, DHS and USCIS had not provided information demonstrating that they had addressed this recommendation. In October 2016, DHS provided a written response indicating that an internal process for revisiting the USCIS ELIS Test and Evaluation Master Plan had been initiated, with participation from all relevant stakeholder groups. A Test and Evaluation Master Plan sets the testing expectations for the program as agreed upon with its stakeholders in DHS and USCIS. The updated plan will provide a basis for further evaluation of the steps DHS and USCIS have taken to address this recommendation. The letter also stated that USCIS had begun to work on a policy for new interoperability test procedures. Moreover, the letter added that end user testing is a continuing activity, including providing feedback of observed issues into the development queue, with the slow launch of the naturalization capabilities in USCIS ELIS being a model. However, as of July 2017, DHS and USCIS had not provided new information about the status of this recommendation. We will continue to work with DHS and USCIS to obtain additional documentation about actions they are taking to address this recommendation.
    Director: Valerie C. Melvin
    Phone: (202) 512-6304

    4 open recommendations
    Recommendation: To improve DOL's management of FOIA requests, the Secretary of Labor should direct the Chief FOIA Officer to establish a time frame for implementing, and take actions to implement, section 508 requirements in the department's FOIA system and online portal.

    Agency: Department of Labor
    Status: Open

    Comments: As of May 2017, the Department of Labor had provided a response regarding its actions to address our recommendation. We have not yet verified if the actions meet the intent of our recommendation. When we confirm what actions the agency has taken we will provide updated information.
    Recommendation: To improve DOL's management of FOIA requests, the Secretary of Labor should direct the Chief FOIA Officer to establish a time frame for implementing, and take actions to fully implement, recommended best practice capabilities for enhanced processing of requests in the department's FOIA system and online portal.

    Agency: Department of Labor
    Status: Open

    Comments: As of May 2017, the Department of Labor had provided a response regarding its actions to address our recommendation. We have not yet verified if the actions taken meet the intent of our recommendations. When we confirm what actions the agency has taken we will provide updated information.
    Recommendation: To improve DOL's management of FOIA requests, the Secretary of Labor should direct the Chief FOIA Officer to require components to document in the Secretary's Information Management System for FOIA the rationales for delays in responding to FOIA requests, and to notify requesters of the delayed responses when processing requests.

    Agency: Department of Labor
    Status: Open

    Comments: As of May 2017, the Department of Labor had provided a response regarding its actions to address our recommendation. We have not yet verified if the actions taken meet the intent of our recommendations. When we confirm what actions the agency has taken we will provide updated information.
    Recommendation: To improve DOL's management of FOIA requests, the Secretary of Labor should direct the Chief FOIA Officer to establish a time frame for consulting with the Department of Justice's Office of Information Policy on including language in DOL's response letters to administrative appeals notifying requesters of the National Archives and Records Administration's Office of Government Information Services' mediation services as an alternative to litigation, and then ensure that the department includes the language in the letters.

    Agency: Department of Labor
    Status: Open

    Comments: As of May 2017, the Department of Labor had provided a response regarding its actions to address our recommendation. We have not yet verified if the actions taken meet the intent of our recommendations. When we confirm what actions the agency has taken we will provide updated information.
    Director: Jacqueline M. Nowicki
    Phone: (617) 788-0580

    2 open recommendations
    including 1 priority recommendation
    Recommendation: The Secretary of Education should direct Education's Office for Civil Rights to more routinely analyze its Civil Rights Data Collection by school groupings and types of schools across key elements to further explore and understand issues and patterns of disparities. For example, Education could use this more detailed information to help identify issues and patterns among school types and groups in conjunction with its analyses of student groups.

    Agency: Department of Education
    Status: Open
    Priority recommendation

    Comments: The Department of Education stated that it already analyzes its civil rights data in some of the ways we recommended, and in light of our recommendation, will consider whether additional analysis could augment their core civil rights enforcement mission. Education noted that it often uses the type of analyses GAO recommended, when appropriate, to inform its internal civil rights investigations, and makes the data available to researchers and other stakeholders outside the agency. While these efforts are encouraging, our recommendation emphasizes that the agency itself more routinely use the civil rights data across key data elements to help it identify disparities and patterns among groups and types of schools. Such an analysis could enhance the agency's current efforts and ultimately improve the agency's ability to target oversight and technical assistance to the schools that need it most. Education reported that this recommendation would be implemented by September 15, 2017. At that time, we will await documentation of its analyses by the school groupings as specified in our recommendation.
    Recommendation: The Attorney General of the United States should direct the Department of Justice's Civil Rights Division to systematically track key summary information across its portfolio of open desegregation cases and use this data to inform its monitoring of these cases. Such information could include, for example, dates significant actions were taken or reports received.

    Agency: Department of Justice
    Status: Open

    Comments: The Department of Justice concurred with this recommendation and believes its procedures for tracking case-related data are adequate. Justice reported in 2016 that it is currently developing an electronic document management system that may allow more case-related information to be stored in electronic format. The agency has already taken substantial steps to increase its case monitoring activities in desegregation cases, and intends to continue those efforts. However, Justice did not provide any details on what these steps are or if these steps are in line with our recommendation. GAO is encouraged that the agency sees a need to increase case monitoring. We will consider closing this recommendation when the agency provides specific information on its systematic tracking of information on open cases and using this information to enhance enforcement.
    Director: Mihm, J Christopher
    Phone: (202) 512-3236

    1 open recommendations
    including 1 priority recommendation
    Recommendation: To help ensure that agencies report consistent and comparable data on federal spending, the Director of OMB, in collaboration with the Secretary of the Treasury, should provide agencies with additional guidance to address potential clarity, consistency, or quality issues with the definitions for specific data elements including Award Description and Primary Place of Performance and that they clearly document and communicate these actions to agencies providing this data as well as to end-users.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open
    Priority recommendation

    Comments: In May 2016, OMB issued guidance for DATA Act Implementation entitled, Implementing Data-Centric Approach for Reporting Federal Spending Information (Management Procedures Memorandum No. 2016-03). This memorandum provided guidance on new federal prime award reporting requirements, agency assurances, and authoritative sources for reporting. In August 2016, OMB released additional draft guidance describing how agencies should report financial information involving intragovernmental transfers and personally identifiable information, as well as how agency Senior Accountable Officials should provide quality assurances for submitted data. Despite these positive steps, we continue to have concerns about the need for additional guidance to facilitate agency implementation of certain data definitions (such as "primary place of performance" and "award description") in order to produce consistent and comparable information, and whether the guidance provides sufficient detail in areas such as the process for providing assurance on data submissions.
    Director: Melissa Emrey-Arras
    Phone: (617) 788-0534

    8 open recommendations
    Recommendation: To improve the administration of the Post-9/11 GI Bill, reduce the occurrence of overpayments, and increase debt collections, the Secretary of Veterans Affairs should improve program management by expanding monitoring of available information on overpayment debts and collections. This could include regularly tracking the number and amount of overpayments created and the effectiveness of collection efforts.

    Agency: Department of Veterans Affairs
    Status: Open

    Comments: VA reported in March 2017 that the Veterans Benefits Administration and the Debt Management Center had recently developed a plan to track, analyze, and report on new measures of overpayments. This will include the number and amount of new overpayments, average debt per student, and the amount of uncollected debts outstanding. VA plans to include this information in a bi-annual report and use the data to identify trends and determine root causes of student and school debts. We will consider closing this recommendation once VA has produced the new reports and we have had an opportunity to review them.
    Recommendation: To improve the administration of the Post-9/11 GI Bill, reduce the occurrence of overpayments, and increase debt collections, the Secretary of Veterans Affairs should address overpayments resulting from enrollment changes by providing guidance to educate student veterans about their benefits and consequences of changing their enrollment.

    Agency: Department of Veterans Affairs
    Status: Open

    Comments: VA officials reported in June 2017 that the agency has drafted revisions to the initial and subsequent award letters issued to students. The draft letters that we reviewed included more detailed information on education benefits and the consequences of changes in enrollment and a link to a website with additional helpful information about student overpayment debts. VA officials said these revisions are pending approval and the new award letters should be implemented by December 2017 once the necessary IT resources are available. We will close this recommendation when we receive confirmation that these changes have been incorporated into the letters that are sent to beneficiaries.
    Recommendation: To improve the administration of the Post-9/11 GI Bill, reduce the occurrence of overpayments, and increase debt collections, the Secretary of Veterans Affairs should address overpayments resulting from enrollment changes by providing guidance to schools about the benefits of using a dual certification process where schools wait to certify the actual tuition and fee amounts until after the school's deadline for adding and dropping classes.

    Agency: Department of Veterans Affairs
    Status: Open

    Comments: VA reported in March 2017 that the agency sent school administrators an official letter in March 2017 asking them to use the dual certification process and to wait to certify actual tuition and fee amounts until after the school's deadline for adding and dropping classes. In addition, VA reported that it had discussed the dual certification method during a webinar with school administrators in June 2016. While these communications are helpful, we believe that VA should also update its guidance, such as its School Certifying Official Handbook, to include this information so that specific guidance on how dual certification can reduce tuition and fee overpayments is available on a continuing basis for current and future school certifying officials.
    Recommendation: To improve the administration of the Post-9/11 GI Bill, reduce the occurrence of overpayments, and increase debt collections, the Secretary of Veterans Affairs should address overpayments resulting from enrollment changes by identifying and implementing a cost-effective way to allow Post-9/11 GI Bill beneficiaries to verify their enrollment status each month, and require monthly reporting.

    Agency: Department of Veterans Affairs
    Status: Open

    Comments: VA officials reported in March 2017 that the agency is developing a plan to add functionality for monthly verifications of student enrollment to its information technology systems, as GAO recommended in its 2015 report. Officials said they expect to complete these upgrades by December 2017once the necessary IT resources requested by the Veterans Benefits Administration are provided.
    Recommendation: To improve the administration of the Post-9/11 GI Bill, reduce the occurrence of overpayments, and increase debt collections, the Secretary of Veterans Affairs should improve efforts to notify veterans and schools about overpayment debts by identifying and implementing other methods of notifying veterans and schools about debts to supplement the agency's mailed notices (e.g., email, eBenefits).

    Agency: Department of Veterans Affairs
    Status: Open

    Comments: VA officials reported in March 2017 that the agency is developing a plan to update its IT systems so veterans could be notified of overpayment debts through eBenefits or by email. VA plans to complete this action by December 2017 once the necessary IT resources are available.
    Recommendation: To improve the administration of the Post-9/11 GI Bill, reduce the occurrence of overpayments, and increase debt collections, the Secretary of Veterans Affairs should improve efforts to notify veterans and schools about overpayment debts by including information on both the cause of the debt and how to repay it in debt letters.

    Agency: Department of Veterans Affairs
    Status: Open

    Comments: VA agreed with our recommendation and reported in March 2017 that it is working on a plan to include school term dates on debt notification letters sent to schools. VA also plans to review and modify the initial debt letters sent to students and schools to include information on both the cause of the debt and how to repay the debt. VA plans to complete these actions by December 2017 once the necessary IT resources are available.
    Recommendation: To improve the administration of the Post-9/11 GI Bill, reduce the occurrence of overpayments, and increase debt collections, the Secretary of Veterans Affairs should revise policy for calculating overpayments to increase collections by prorating tuition overpayments when veterans reduce their enrollment during the term based on the actual date of the enrollment change rather than paying additional benefits through the end of the month during which the reduction occurred.

    Agency: Department of Veterans Affairs
    Status: Open

    Comments: VA officials reported in March 2017 that the agency is revising its tuition overpayment regulations, as GAO recommended in its 2015 report. VA officials said these proposed regulatory revisions are going through the internal approval process, which is expected to be completed by October 2017.
    Recommendation: To improve the administration of the Post-9/11 GI Bill, reduce the occurrence of overpayments, and increase debt collections, the Secretary of Veterans Affairs should ensure it is recovering the full amount of tuition and fee payments if a school does not charge a veteran for any tuition or fees after dropping a class or withdrawing from school. For example, VA could adjust its overpayment calculation to account for these situations or provide schools with guidance on how to account for school refund policies when reporting enrollment and tuition changes.

    Agency: Department of Veterans Affairs
    Status: Open

    Comments: VA officials reported in March 2017 that the agency plans to amend its procedures to account for school refund policies when calculating veterans' overpayment debts, as GAO recommended in its 2015 report. VA officials said they plan to publish this information in the School Certifying Official Handbook and notify schools and student veterans about the change. However, officials also reported that the agency needs to address several issues with its information technology systems before these changes can be made. Officials said they expect to complete these upgrades by December 2017 once the necessary IT resources requested by the Veterans Benefits Administration are provided.
    Director: Valerie C. Melvin
    Phone: (202) 512-6304

    4 open recommendations
    Recommendation: To facilitate oversight and inform decision making regarding their respective department's interoperability-related activities, the Secretaries of Defense and Veterans Affairs, working with the Interagency Program Office, should ensure related goals are defined to provide a basis for assessing and reporting on the status of interoperability-related activities and the extent to which interoperability is being achieved by the departments' modernized electronic health record systems.

    Agency: Department of Defense
    Status: Open

    Comments: The Department of Defense (DOD) and the Department of Veterans Affairs (VA) are working to define goals to provide a basis for assessing and reporting on the status of interoperability-related activities and the extent to which interoperability is being achieved by the departments' modernized electronic health record systems. Specifically, according to the DOD/VA Interagency Program Office (IPO), the office, in conjunction with the departments, has employed use cases in the Joint Interoperability Plan to define the interoperability-related goal areas, which are to be used as the basis for the development of outcome-oriented metrics, assessments, and reporting. The departments, the IPO, and workgroups within the Health Executive Committee's data sharing areas have focused on the feasibility and development of metrics aligned to six use cases as they relate to electronic health record interoperability between DOD and VA and outcomes to service members, veterans, and healthcare providers. The IPO reports that the work to establish these goals will be completed by December 2017. GAO will continue to review the results of these efforts.
    Recommendation: To facilitate oversight and inform decision making regarding their respective department's interoperability-related activities, the Secretaries of Defense and Veterans Affairs, working with the Interagency Program Office, should ensure related goals are defined to provide a basis for assessing and reporting on the status of interoperability-related activities and the extent to which interoperability is being achieved by the departments' modernized electronic health record systems.

    Agency: Department of Veterans Affairs
    Status: Open

    Comments: The Department of Veterans Affairs (VA) and the Department of Defense (DOD) are working to define goals to provide a basis for assessing and reporting on the status of interoperability-related activities and the extent to which interoperability is being achieved by the departments' modernized electronic health record systems. Specifically, according to the DOD/VA Interagency Program Office (IPO), the office, in conjunction with the departments, has employed use cases in the Joint Interoperability Plan to define the interoperability-related goal areas, which are to be used as the basis for the development of outcome-oriented metrics, assessments, and reporting. The departments, the IPO, and workgroups within the Health Executive Committee's data sharing areas have focused on the feasibility and development of metrics aligned to six use cases as they relate to electronic health record interoperability between VA and DOD and outcomes to service members, veterans, and healthcare providers. The IPO reports that the work to establish these goals will be completed by December 2017. GAO will continue to review the results of these efforts.
    Recommendation: To facilitate oversight and inform decision making regarding their respective department's interoperability-related activities, the Secretaries of Defense and Veterans Affairs, working with the Interagency Program Office, should update IPO guidance to reflect the metrics and goals identified.

    Agency: Department of Defense
    Status: Open

    Comments: According to the Department of Defense (DOD)/Department of Veterans Affairs (VA) Interagency Program Office (IPO), the office has issued an update to the Health Data Interoperability Management Plan that documents the IPO's role and outlines governance for supporting interoperability between the departments. The IPO is also in the process of updating additional guidance to describe the benefits of interoperability and reflect associated outcome-oriented metrics and goals. Specifically, IPO officials reported that the IPO's Joint Interoperability Plan is transitioning to the Joint Interoperability Strategic Plan and is expected to be finalized in November 2017. GAO will review this guidance once it is approved by DOD and VA.
    Recommendation: To facilitate oversight and inform decision making regarding their respective department's interoperability-related activities, the Secretaries of Defense and Veterans Affairs, working with the Interagency Program Office, should update IPO guidance to reflect the metrics and goals identified.

    Agency: Department of Veterans Affairs
    Status: Open

    Comments: According to the Department of Defense (DOD)/Department of Veterans Affairs (VA) Interagency Program Office (IPO), the office has issued an update to the Health Data Interoperability Management Plan that documents the IPO's role and outlines governance for supporting interoperability between the departments. The IPO is also in the process of updating additional guidance to describe the benefits of interoperability and reflect associated outcome-oriented metrics and goals. Specifically, IPO officials reported that the IPO's Joint Interoperability Plan is transitioning to the Joint Interoperability Strategic Plan and is expected to be finalized in November 2017. GAO will review this guidance once it is approved by VA and DOD.
    Director: David A. Powner
    Phone: (202) 512-9286

    1 open recommendations
    Recommendation: To improve the effectiveness of OMB streamlining efforts and ensure agency CIOs are better able to carry out their responsibilities in managing IT, including implementing OMB's IT reform initiatives, the Director of OMB should direct the Federal CIO, in collaboration with agency CIOs, to ensure there is a common understanding with agency CIOs on the priority of the current reporting requirements and related IT reform initiatives. This should include addressing underlying reasons cited by CIOs regarding the usefulness of requirements, including when department priorities are reportedly different than OMB's and the burdensome and duplicative nature of requirements.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: The Office of Management and Budget (OMB) neither agreed or disagreed with our recommendation. Subsequently, OMB has taken steps to address some aspects of our recommendation. Specifically, in January 2017, OMB worked with the Chief Information Officer (CIO) Council to issue a report entitled "State of Federal Information Technology (SOFIT)" which outlined current IT trends and their key challenges, and made recommendations to improve implementation efforts. Notably, the report also identified differences in priorities between OMB and agency CIOs on key IT reform initiatives and the need for improved reporting requirements. In addition, in June 2017, OMB staff reported that they met the CIO and head of each agency this past spring regarding their priorities and challenges. While these are positive steps toward ensuring a common understanding of these initiatives and reporting requirements, OMB still needs to take action to address the underlying reasons for these differences in priorities and reduce burdensome and duplicative requirements. Until OMB takes action in these areas, there is a risk that key IT reform initiatives may not fully succeed. We will continue to evaluate OMB's progress in addressing our recommendation.
    Director: David A. Powner
    Phone: (202) 512-9286

    3 open recommendations
    Recommendation: To better facilitate the coordination of--and accountability for--the estimated billions of dollars in federal geospatial investments, to reduce duplication, and, specifically, to make progress toward an effective national infrastructure and to improve oversight on federal spending on geospatial data and assets, the Director of OMB should improve oversight of progress on the NSDI by requiring federal agencies to report on their efforts to establish and implement policies for identifying geospatial metadata on the Geospatial Platform and their procedures for utilizing the Marketplace feature of the Geospatial Platform before making new investments in geospatial data.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: As of September 7, 2017, OMB had not yet taken steps to require all federal agencies that invest in geospatial data to report on their efforts to establish and implement policies and procedures for utilizing the Geospatial Platform before making new investments in geospatial data. OMB officials in stated in December 2016 that they were in discussion with the Federal Geographic Data Committee (FGDC) on how to best address this issue, possibly in future guidance. On September 7, 2017, OMB officials stated that there have been no changes to the status of this recommendation, but that they anticipate the recommendation will be considered further once the new FGDC Steering Committee leadership and membership are in place; and the NSDI Strategic Plan actions and the potential for a new geospatial policy update are determined. However, OMB did not provide anticipated dates for these activities.
    Recommendation: To better facilitate the coordination of--and accountability for--the estimated billions of dollars in federal geospatial investments, to reduce duplication, and to help ensure the success of departmental efforts to improve geospatial coordination and reduce duplication, the Secretary of Agriculture should direct the designated senior agency official for geospatial information to develop and implement internal procedures to ensure that it accesses the Geospatial Platform Marketplace before it expends funds to collect or produce new geospatial data to determine (1) whether the information has already been collected by others and (2) whether cooperative efforts to obtain the data are possible.

    Agency: Department of Agriculture
    Status: Open

    Comments: The United States Department of Agriculture (Agriculture) issued a departmental regulation in August 2016 covering enterprise geospatial data management. The regulation applies to all Agriculture agencies, organizations and contractors, and addresses all geospatial authoritative data sources. It states that all Agriculture agencies and staff offices will follow documented procedures approved by the Office of the Chief Information Officer (OCIO) to conduct a formal search of the Geospatial Marketplace prior to expending funds for geospatial data acquisitions. However, Agriculture has yet to provide the OCIO-approved documented procedures, or evidence of their implementation. According to an Agriculture official in July 2017, the new procedures are under review, and they hope to have implemented them by the end of December 2017.
    Recommendation: To increase coordination between various levels of government and reduce duplication of effort, resources, and costs associated with collecting and maintaining accurate address data, Congress should consider assessing the impact of the disclosure restrictions of Section 9 of Title 13 and Section 412 of Title 39 of the U.S. Code in moving toward a national geospatial address database. If warranted, Congress should consider revising those statutes to authorize the limited release of addresses, without any personally identifiable information, specifically for geospatial purposes. Such a change, if deemed appropriate, could potentially result in significant savings across federal, state, and local governments.

    Agency: Congress
    Status: Open

    Comments: There has been no legislative action identified as of August 16, 2017. Addressing this action, which GAO suggested in February 2015, could increase coordination between various levels of government and reduce duplication of effort, resources, and costs associated with collecting and maintaining accurate address data.
    Director: Melvin, Valerie C
    Phone: (202) 512-6304

    3 open recommendations
    Recommendation: To improve the management of DHS FOIA requests, the Secretary of DHS should direct the Chief FOIA Officer to improve reporting of FOIA costs by including salaries, employee benefits, non-personnel direct costs, indirect costs, and costs for other offices.

    Agency: Department of Homeland Security
    Status: Open

    Comments: In responding to our recommendation, DHS said it has developed a spreadsheet that is to be used by its components to track FOIA costs. However, as of September 2017, DHS has not yet provided information containing such details as when its components will be required to use the spreadsheet and if the spreadsheet is to track all the categories of costs discussed in our report. We plan to update the status of this recommendation when DHS provides documentation that further explains, and confirms the department's use of, the spreadsheet.
    Recommendation: To improve the management of DHS FOIA requests, the Secretary of DHS should direct the Chief FOIA Officer to direct USCIS and Coast Guard to fully implement the recommended FOIA processing system capabilities and the section 508 requirement.

    Agency: Department of Homeland Security
    Status: Open

    Comments: In response to our recommendation, DHS issued a memo to all of the department's FOIA officers in March 2015 which focused on ensuring that each component's FOIA processing systems are 508 compliant. However, as of September 2017, DHS has not yet provided us with evidence that the U.S. Citizenship and Immigration Services and the Coast Guard have implemented system capabilities that are 508 compliant. When DHS provides information concerning its actions taken to make the systems compliant, we will update the status of the recommendation.
    Recommendation: To improve the management of DHS FOIA requests, the Secretary of DHS should direct the Chief FOIA Officer to determine the viability of re-establishing the service-level agreement between the U.S. Citizenship and Immigration Services (USCIS) and U.S. Immigration and Customs Enforcement to eliminate duplication in the processing of immigration files. If the benefits of doing so would exceed the costs, re-establish the agreement.

    Agency: Department of Homeland Security
    Status: Open

    Comments: DHS has stated that it is taking steps to determine if the U.S. Immigration and Customs Enforcement and the U.S. Citizenship and Immigration Services will re-establish the service-level agreement to process FOIA requests related to immigration files. In addition, the department has stated that duplication no longer exists in the processing of these type of requests. However, DHS has not yet provided evidence, such as a cost-benefit analysis, that could demonstrate the steps it is taking regarding the service-level agreement. Further, GAO has not yet received evidence from the department to support its assertion that duplication no longer exists in the processing of immigration files. We will update the status of this recommendation when DHS provides documentation.
    Director: Carol R. Cha
    Phone: (202) 512-4456

    3 open recommendations
    including 2 priority recommendations
    Recommendation: To improve the completeness and accuracy of data submissions to the USASpending.gov website, the Director of the Office of Management and Budget, in collaboration with Treasury's Fiscal Service, should clarify guidance on (1) agency responsibilities for reporting awards funded by non-annual appropriations; (2) the applicability of USASpending.gov reporting requirements to non-classified awards associated with intelligence operations; (3) the requirement that award titles describe the award's purpose (consistent with our prior recommendation); and (4) agency maintenance of authoritative records adequate to verify the accuracy of required data reported for use by USASpending.gov.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open
    Priority recommendation

    Comments: As of July 2017, OMB and Treasury were working to implement the DATA Act, which includes several provisions that may address these recommendations once fully implemented. 1) OMB staff said they continue to deliberate on agency responsibilities for reporting awards funded by non-annual appropriations. 2) OMB staff provided a Frequently Asked Question (FAQ) addressing the applicability of USASpending.gov reporting requirements for recipient information related to classified or sensitive information. GAO reviewed the FAQ and determined that additional guidance is still needed to ensure complete reporting of unclassified awards as required by FFATA. 3) OMB staff have agreed that it will be important to clarify guidance on how agencies can report on award titles that appropriately describes the awards' purposes and noted that they are working on providing additional guidance to agencies as part of their larger DATA Act implementation efforts. 4) OMB released policy guidance in May 2016 (MPM 2016-03) that identifies the authoritative sources for reporting procurement and award data. However, GAO's review of this policy guidance determined that it does not address the underlying source that can be used to verify the accuracy of non-financial procurement data or any source for data on assistance awards.
    Recommendation: To improve the completeness and accuracy of data submissions to the USASpending.gov website, the Director of the Office of Management and Budget, in collaboration with Treasury's Fiscal Service, should develop and implement a government-wide oversight process to regularly assess the consistency of information reported by federal agencies to the website other than the award amount.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open
    Priority recommendation

    Comments: As part of their DATA Act implementation efforts, OMB issued policy guidance in May 2016 (MPM 2016-03) that identifies authoritative systems to validate agency spending information. The guidance also directs agency DATA Act Senior Accountable Officials (SAOs) to provide a quarterly assurance regarding the data reported to USASpending.gov and specifies that this assurance should leverage data quality and management controls established in statute, regulation, and Federal-wide policy and be aligned with the internal control and risk management strategies in Circular A-123, and provides information on how agency DATA Act SAOs are to provide assurances over the spending data reported to USASpending.gov. In addition, Treasury's broker is to provide an additional set of validation rules to further ensure the proper formatting of data submitted to USAspending.gov. OMB staff noted that OMB and Treasury had prioritized the linking of financial data to award data as a means of addressing the issue of unreported awards we previously identified. We agree that linking financial and award data can help agencies identify gaps in reporting. However, as of July 2017, OMB did not identify any new or revised processes aimed at addressing the accuracy concerns we addressed other than citing agencies' responsibility to certify the accuracy of their data.
    Recommendation: To improve the completeness of foreign recipient data on the USASpending.gov website, the Chief Executive Officer of the Millennium Challenge Corporation should direct responsible officials within the Corporation's Department of Administration and Finance to report spending information on all assistance award programs to USASpending.gov for prior and future fiscal years in accordance with statutory requirements and OMB guidance.

    Agency: Millennium Challenge Corporation
    Status: Open

    Comments: The Millennium Challenge Corporation has begun reporting awards made in fiscal year 2015. As of July 2017, it has not yet reported awards for previous fiscal years, as we had recommended. We will continue to follow up.
    Director: Powner, David A
    Phone: (202)512-9286

    48 open recommendations
    including 1 priority recommendation
    Recommendation: To help ensure the success of PortfolioStat, the Director of the Office of Management and Budget should direct the Federal Chief Information Officer to disclose the limitations of any data reported (or disclose the parameters and assumptions of these data) on the agencies' consolidation efforts and associated savings and cost avoidance.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: In its comments on GAO's November 2013 report, OMB disagreed with this recommended action, stating that it had disclosed limitations on data reported and cited three instances of these efforts. However, GAO maintained that, while OMB reported limitations of data regarding commodity information technology (IT) consolidation efforts in these cases, the information reported did not provide stakeholders and the public with a complete understanding of the data presented. For example, OMB did not disclose that information from the Departments of Defense (DOD) and Justice was not included in the consolidation estimates reported, which, considering the scope of DOD's efforts in this area (at least $3.2 billion), was a major gap. As of March 2017, OMB still had not addressed this recommendation. During that month, the agency told GAO that improving the quality of the data agencies submit through the integrated data collections (which include data on agencies' consolidation efforts and associated savings and cost avoidance) is a priority and that Office of the Federal Chief Information Officer staff follow up with agencies when they detect anomalies in the data reported. OMB, however, did not address actions to disclose the limitations of data reported or disclose the parameters and assumptions of these data. Such disclosure would provide the public and other stakeholders with crucial information needed to understand the status of PortfolioStat and agency progress in meeting the goals of the initiative.
    Recommendation: To help ensure the success of PortfolioStat, the Director of the Office of Management and Budget should direct the Federal Chief Information Officer to require that agencies report on efforts to address action plan items as part of future PortfolioStat reporting.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: OMB's June 2015 memorandum on the management and oversight of federal information technology (M-15-14) established quarterly PortfolioStat sessions between OMB and agency Chief Information Officers. This represented a change from the previously required annual action item memos. In November 2016, OMB stated that it informally tracks action items resulting from PortfolioStat but no formal documentation is kept. We will continue to follow up on how OMB ensures that agencies report on efforts to address action items as part of future PortfolioStat reporting.
    Recommendation: To help ensure the success of PortfolioStat, the Director of the Office of Management and Budget should direct the Federal Chief Information Officer to improve transparency of and accountability for PortfolioStat by publicly disclosing planned and actual data consolidation efforts and related cost savings by agency.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: In October 2015, OMB started displaying actual data consolidation savings data on the federal information technology (IT) dashboard, consistent with provisions of the IT reform legislation commonly referred to as the Federal Information Technology Acquisition Reform Act. However, in November 2016, and again in March 2017, OMB stated that it does not track planned cost savings and cost avoidance figures and did not provide any plans to do so. Improving the transparency and accountability for PortfolioStat by publicly disclosing both planned and actual data consolidation efforts and related cost savings by agency would provide stakeholders, including Congress and the public, a means to monitor agencies' progress and hold them accountable for reducing duplication and achieving cost savings.
    Recommendation: To improve the department's implementation of PortfolioStat, the Secretary of Agriculture should direct the CIO to develop a complete commodity IT baseline.

    Agency: Department of Agriculture
    Status: Open

    Comments: In its March 2014 statement of actions to address our recommendations, the Department of Agriculture (USDA) provided information on its efforts to ensure the quality of its commodity IT baseline data. Specifically, USDA reported having (1) developed a central repository for agencies and staff offices to populate commodity IT data and (2) provided training on the use of the repository, and (3)established an addtional level of oversight to monitor data quality. We are reviewing supporting documentation obtained from the department to determine whether the recommendation has been fully addressed.
    Recommendation: To improve the department's implementation of PortfolioStat, in future reporting to OMB, the Secretary of Agriculture should direct the CIO to fully describe the following PortfolioStat Action plan elements: (1) consolidate commodity IT spending under the agency CIO and (2) establish criteria for wasteful, low-value, or duplicative investments.

    Agency: Department of Agriculture
    Status: Open

    Comments: In its March 2014 statement of actions to address our recommendations, the Department of Agriculture provided information on the elements identified in the recommendation. We are reviewing additional supporting documentation obtained from the department to determine whether the recommendation has been fully addressed.
    Recommendation: To improve the department's implementation of PortfolioStat, as the department finalizes and matures its valuation methodology, the Secretary of Agriculture should direct the CIO to utilize this process to identify whether there are additional opportunities to reduce duplicative, low-value, or wasteful investments.

    Agency: Department of Agriculture
    Status: Open

    Comments: In its March 2014 statement of actions to address our recommendations, the Department of Agriculture stated that its Chief Information Officer will formalize and implement a value-based measurement model to help determine which IT investments should be included in the USDA IT portfolio. We are reviewing supporting documentation obtained from the department to determine whether this recommendation has been fully addressed.
    Recommendation: To improve the department's implementation of PortfolioStat, the Secretary of Agriculture should direct the CIO to develop support for the estimated savings for fiscal years 2013 through 2015 for the Cellular Phone Contract Consolidation, IT Infrastructure Consolidation/Enterprise Data Center Consolidation, and Geospatial Consolidation initiatives.

    Agency: Department of Agriculture
    Status: Open

    Comments: In its March 2014 statement of actions to address our recommendations, the Department of Agriculture stated that its CIO has developed supporting documentation for the cost savings/avoidance associated with the efforts identified in the recommendation. We are reviewing supporting documentation obtained from the department to determine whether this recommendation has been fully addressed.
    Recommendation: To improve the department's implementation of PortfolioStat, the Secretary of Commerce should direct the CIO to reflect 100 percent of information technology investments in the department's enterprise architecture.

    Agency: Department of Commerce
    Status: Open

    Comments: In its January 2014 statement of actions to address our recommendations, the Department of Commerce stated that the majority of its IT investments were made at the operating unit level and it was therefore planning on issuing policy to require consistency between the operating units' enterprise architecture and the totality of IT investments as reflected in the annual capital asset plan and business case summary submission. The department noted it would also require that consistency between the department's enterprise architecture and the IT investment portfolio is confirmed before submission of either of these artifacts. We are following up with the department to determine the status of these planned actions.
    Recommendation: To improve the department's implementation of PortfolioStat, the Secretary of Commerce should direct the CIO to develop a complete commodity IT baseline.

    Agency: Department of Commerce
    Status: Open

    Comments: In its January 2014 statement of actions to address our recommendations, the Department of Commerce stated it had submitted two iterations of its commodity IT baseline to OMB since we made our recommendation. The department noted the PortfolioStat process and requirement to submit the baseline through the integrated data collection tool helped ensure the baseline was complete. We plan to follow up with Commerce officials.
    Recommendation: To improve the department's implementation of PortfolioStat, the Secretary of Defense should direct the CIO to develop a complete commodity IT baseline.

    Agency: Department of Defense
    Status: Open

    Comments: In its December 2013 statement of actions to address our recommendations, the Department of Defense stated that it had efforts underway, including an initiative known as the Joint Information Environment, to further refine the Department's commodity IT baseline. As of August 2016, we found that the department's DOD IT Portfolio Repository included business and enterprise IT systems--two of three commodity IT areas defined by OMB--as part of an ongoing engagement. We are following up with the department to find out about actions to develop an inventory of assets associated with IT infrastructure--the third category of commodity IT defined by OMB.
    Recommendation: To improve the department's implementation of PortfolioStat, in the future reporting to OMB, the Secretary of Defense should direct the CIO to fully describe the following PortfolioStat action plan element: consolidate commodity IT spending under the agency CIO.

    Agency: Department of Defense
    Status: Open

    Comments: As of December 2013, the department did not concur with this recommendation stating that the commodity IT construct implemented in the PortfolioStat initiative did not work well within the department's federated processes. The department agreed, however, that a strategy, consistent with the intent of achieving better buying power and control of commodity IT items, should be developed and implemented within the department using existing authorities, and noted that it was in the process of implementing such a strategy. In August 2016, we followed up with the department to obtain an update on the status of this strategy and determine the associated reporting to OMB. As of the end of October, we were still waiting for a response.
    Recommendation: To improve the department's implementation of PortfolioStat, the Secretary of Defense should direct the CIO to obtain support from the relevant component agencies for the estimated savings for fiscal years 2013 to 2015 for the data center consolidation, enterprise software purchasing, and General Fund Enterprise Business System initiatives.

    Agency: Department of Defense
    Status: Open

    Comments: In its statement of actions to address our recommendations, the Department of Defense stated that it already reports data center consolidation savings to both OMB and Congress and will continue to realize savings from the Enterprise Software Initiative, other strategic sourcing efforts, and the continuing implementation of General Fund Enterprise Business System initiatives. As of August 2016, we had collected support for data center consolidation as part of our ongoing data center consolidation work, and were waiting to receive support for the Enterprise Software Initiative savings for fiscal years 2013 to 2015 through recommendation follow-up for a prior software licensing review (GAO-14-413). We are following up with the department to obtain support for savings for the General Fund Enterprise Business System.
    Recommendation: To improve the U.S. Army Corps of Engineers' implementation of PortfolioStat, in future reporting to OMB, the Secretary of Defense should direct the Secretary of the Army to the CIO to fully describe the following PortfolioStat action plan elements: (1) consolidate commodity IT spending under the agency CIO; (2) target duplicative systems or contracts that support common business functions for consolidation; (3) establish criteria for identifying wasteful, low-value, or duplicative investments; and (4) establish a process to identify these potential investments and a schedule for eliminating them from the portfolio.

    Agency: Department of Defense
    Status: Open

    Comments: In its statement of actions to address our recommendations, the Department of Defense stated that the U.S. Army Corps of Engineers would fully describe the four action plan elements identified in this recommendation in future OMB reporting. We are following up with the department to determine the status of these efforts and obtain the associated supporting documentation.
    Recommendation: To improve the U.S. Army Corps of Engineers' implementation of PortfolioStat, the Secretary of Defense should direct the Secretary of the Army to report on the agency's progress in consolidating eCPIC to a shared service as part of the OMB integrated data collection quarterly reporting until completed.

    Agency: Department of Defense
    Status: Open

    Comments: In October 2016, the Department of Defense provided a report stating it had completed the consolidation of eCPIC to a shared service in August 2014. We are following up with the department to obtain supporting documentation.
    Recommendation: To improve the department's implementation of PortfolioStat, in future reporting to OMB, the Secretary of Energy should direct the CIO to fully describe the following PortfolioStat action plan elements: (1) consolidate commodity IT spending under the agency CIO and (2) establish criteria for identifying wasteful, low-value, or duplicative investments.

    Agency: Department of Energy
    Status: Open

    Comments: In its March 2014 statement of actions to address our recommendations, the Department of Energy stated that it will update its policy orders as necessary to implement the OMB policy for consolidating commodity IT under the Chief Information Officer and include a description in future OMB reporting. The department also noted that it will work to establish additional value criteria to idenitfy low-value or duplicative federal commodity IT investments, and these criteria will be described in future OMB reporting. We are reviewing the department's reporting to OMB to determine the extent to which this recommendation has been addressed.
    Recommendation: To improve the agency's implementation of PortfolioStat, the Administrator of the Environmental Protection Agency should direct the CIO to develop a complete commodity IT baseline.

    Agency: Environmental Protection Agency
    Status: Open

    Comments: In August 2014, the Environmental Protection Agency reported that it uses OMB's quarterly integrated data collection submission process to continually update the information in its baseline. We are following up with the agency to determine whether it has any process to ensure the completeness of the information that is submitted.
    Recommendation: To improve the agency's implementation of PortfolioStat, in future reporting to OMB, the Administrator of the Environmental Protection Agency should direct the CIO to fully describe the following PortfolioStat action plan elements: (1) consolidate commodity IT spending under the agency CIO; (2) establish targets for commodity IT spending reductions and deadlines for meeting those targets; and (3) establish criteria for identifying wasteful, low-value, or duplicative investments.

    Agency: Environmental Protection Agency
    Status: Open

    Comments: In August 2014, the Environmental Protection Agency stated that, in its August 2014 PortfolioStat update, it had reported to OMB on the status of actions to consolidate commodity IT spending under the agency CIO and to establish targets for commodity IT spending reductions. The agency also stated that it was working to develop criteria for identifying wasteful, low-value, and duplicative investments. We are reviewing the August 2014 PortfolioStat update to verify the agency's claims. We plan to also follow up on efforts to develop the aforementioned criteria and any associated reporting to OMB.
    Recommendation: To improve the agency's implementation of PortfolioStat, the Administrator of the Environmental Protection Agency should direct the CIO to report on the agency's progress in consolidating the managed print services and strategic sourcing of end user computing to shared services as part of the OMB integrated data collection quarterly reporting until completed.

    Agency: Environmental Protection Agency
    Status: Open

    Comments: In its March 2014 statement of actions to address our recommendations, the Environmental Protection Agency stated that it expected its print services to take on additional devices and locations beginning in April 2014 and that a contract vehicle for the purchasing and leasing of end user computing equipment was expected to be awarded by the end of the month. We are reviewing the agency's quarterly reporting to OMB to determine whether progress on the two initiatives was reported to OMB as we recommended.
    Recommendation: To improve the department's implementation of PortfolioStat, the Secretary of the Interior should direct the CIO to develop a complete commodity IT baseline.

    Agency: Department of the Interior
    Status: Open

    Comments: In August 2014, the Department reported that it was planning to undertake a series of activities spanning a 15-month timeframe to create a complete commodity IT baseline, including embarking upon a statistical analysis and cost projection initiative that is intended to identify the degree of confidence in the commodity IT baseline, and develop mechanisms that will enable validation and verification in the future. We will follow up with the department on the results of its activities.
    Recommendation: To improve the department's implementation of PortfolioStat, in future reporting to OMB, the Secretary of the Interior should direct the CIO to fully describe the following PortfolioStat action plan element: establish criteria for identifying wasteful, low-value, or duplicative investments.

    Agency: Department of the Interior
    Status: Open

    Comments: In its January 2014 comments on our report, the Department of the Interior stated that it was undertaking a business-driven approach that will involve working wtih its governance boards to establish criteria for identifying wasteful, low-value, or duplicative investments. The department stated it would establish the criteria by December 2014. However, the department did not address whether it would be reporting its plans to OMB, which was the focus of our recomnendation. We will follow up with officials on this.
    Recommendation: To improve the department's implementation of PortfolioStat, the Secretary of the Interior should direct the CIO to report on the department's progress in consolidating the Electronic Forms System component of the eMail Enterprise Records & Document Management System deployment 8 to a shared service as part of the OMB integrated data collection quarterly reporting until completed.

    Agency: Department of the Interior
    Status: Open

    Comments: In its January 2014 comments on our report, the Department of the Interior provided information on the status of its efforts to consolidate the Enterprise Forms System to a shared service and established a December 2014 target date for completion. In addition, the department stated that it would report on the status of the initiative quarterly until completion. We will follow up with the department to monitor its progress in completing the initiative and reporting on it to OMB.
    Recommendation: To improve the department's implementation of PortfolioStat, the Attorney General should direct the CIO to reflect 100 percent of information technology investments in the department's enterprise architecture.

    Agency: Department of Justice
    Status: Open

    Comments: In its December 2013 response to this recommendation, the Department of Justice stated that it had updated its enterprise architecture to include 100 percent of the information technology investments. However, it did not provide evidence of this action.We will follow up with the department to obtain supporting documentation.
    Recommendation: To improve the department's implementation of PortfolioStat, in future reporting to OMB, the Attorney General should direct the CIO to fully describe the following PortfolioStat action plan element: establish targets for commodity IT spending reductions and deadlines for meeting those targets.

    Agency: Department of Justice
    Status: Open

    Comments: In its December 2013 response to this recommendation, the Department of Justice (DOJ) stated that its Email and Collaboration Working Group established consolidation targets, and began Phase One of its email consolidation effort. In addition, DOJ provided information on the status of its efforts to establish additional targets. We are reviewing the information provided, as well as DOJ's reporting to OMB, to determine the extent to which this recommendation has been addressed.
    Recommendation: To improve the department's implementation of PortfolioStat, in future reporting to OMB, the Secretary of Labor should direct the CIO to fully describe the following PortfolioStat action plan elements: (1) consolidate commodity IT spending under the agency CIO and (2) establish targets for commodity IT spending reductions and deadlines for meeting those targets.

    Agency: Department of Labor
    Status: Open

    Comments: In its December 2013 response to this recommendation, the Department of Labor stated that the Chief Information Officer participates in discussions to identify and eliminate duplication and facilitate the use of commodity IT and shared services through the IT governance committees. We are reviewing documentation we recently obtained from the department to determine the current status of action to address this recommendation.
    Recommendation: To improve the department's implementation of PortfolioStat, the Secretary of Labor should direct the CIO to report on the department's progress in consolidating the cloud e-mail services to a shared service as part of the OMB integrated data collection quarterly reporting until completed.

    Agency: Department of Labor
    Status: Open

    Comments: The Department of Labor completed the consolidation of DOL agency e-mail systems into a shared cloud-based e-mail service in September 2014. In July 2015, the department provided evidence of a status report on the Office of Management and Budget IT dashboard showing completion of the initiative.
    Recommendation: To improve the agency's implementation of PortfolioStat, the Administrator of the National Aeronautics and Space Administration should direct the CIO to reflect 100 percent of information technology investments in the agency's enterprise architecture.

    Agency: National Aeronautics and Space Administration
    Status: Open

    Comments: in July 2015, NASA reported that it had initiated an effort referred to as Business Service Assessment (BSA) for IT to establish a more efficient IT operating model that maintains a minimum set of capabilities and meets current and future mission needs. The agency stated that one objective of the BSA is to guide technical, services, and investment decisions, create enterprise architecture and enterprise services methodologies for each IT domain that feeds into the overarching enterprise architecture for the full IT portfolio. In March 2016, the agency reported that final recommendations regarding the BSA were expected to be submitted to the Agency Mission Support Council at the end of the month. We are following up with NASA on the status of this recommendation.
    Recommendation: To improve the agency's implementation of PortfolioStat, in future reporting to OMB, the Administrator of the National Aeronautics and Space Administration should direct the CIO to fully describe the following PortfolioStat action plan elements: (1) consolidate commodity IT spending under the agency CIO; (2) target duplicative systems or contracts that support common business functions for consolidation; (3) establish criteria for identifying wasteful, low-value, or duplicative investments; and (4) establish a process to identify these potential investments and a schedule for eliminating them from the portfolio.

    Agency: National Aeronautics and Space Administration
    Status: Open

    Comments: In May 2015, NASA reported that OMB published new action items that resulted in a shift in tracking of the previous action items identified in our recommendation. In July 2015, the agency provided evidence of a July 2015 report updating OMB of the status of these items.
    Recommendation: To improve the agency's implementation of PortfolioStat, in future reporting to OMB, the Archivist of the United States should direct the CIO to fully describe the following PortfolioStat action plan elements: (1) consolidate commodity IT spending under the agency CIO; (2) target duplicative systems or contracts that support common business functions for consolidation; (3) establish criteria for identifying wasteful, low-value, or duplicative investments; and (4) establish a process to identify these potential investments and a schedule for eliminating them from the portfolio.

    Agency: National Archives and Records Administration
    Status: Open

    Comments: In its February 2014 statement of actions to address our recommendations, the National Archives and Records Administration reported that the four action plan elements identified in the recommendation had been included in the latest information resources management strategic plan submitted to OMB. We will review the plan to confirm whether the elements were included.
    Recommendation: To improve the agency's implementation of PortfolioStat, in future reporting to OMB, the Director of the National Science Foundation should direct the CIO to fully describe the following PortfolioStat action plan elements: (1) consolidate commodity IT spending under the agency CIO and (2) establish criteria for identifying wasteful, low-value, or duplicative investments.

    Agency: National Science Foundation
    Status: Open

    Comments: The National Science Foundation (NSF) reported that while OMB had not requested that the agency provide updates to the 2012 PortfolioStat action plan, NSF had provided different, OMB-requested documentation in support of annual PortfolioStat activities. We plan to follow up with the agency to determine the extent to which the documentation provided to OMB addresses our recommendation.
    Recommendation: To improve the agency's implementation of PortfolioStat, the Director of the Office of Personnel Management should direct the CIO to develop a complete commodity IT baseline.

    Agency: Office of Personnel Management
    Status: Open

    Comments: In August 2014, the Office of Personnel Management stated that it would be generating a policy requiring the baselines to be updated quarterly and established a target of May 2015 for fully implementing this recommendation. In March 2015, the agency stated that it was continuing to make progress toward the completion of its commodity IT baseline.
    Recommendation: To improve the agency's implementation of PortfolioStat, in future reporting to OMB, the Director of the Office of Personnel Management should direct the CIO to fully describe the following PortfolioStat action plan elements: (1) move at least two commodity IT areas to shared services and (2) target duplicative systems or contracts that support common business functions for consolidation.

    Agency: Office of Personnel Management
    Status: Open

    Comments: In August 2014, the Office of Personnel Management stated that the initial program office responses to our recommendation represented the vision of the former Chief Information Officer (CIO). The agency stated that the new CIO's strategic plan would address duplicative systems and contracts as part of the CIO re-organization project that was underway, with the intent of bringing the different job functions under one group in order to utilize resources and common business functions more effectively. The agency established May 2015 as a target for fully implementing the recommendation. However, we have not yet received evidence of this action. We plan to follow up on the status of actions taken.
    Recommendation: To improve the agency's implementation of PortfolioStat, the Director of the Office of Personnel Management should direct the CIO to report on the agency's progress in consolidating the help desk consolidation and IT asset inventory to shared services as part of the OMB integrated data collection quarterly reporting until completed.

    Agency: Office of Personnel Management
    Status: Open

    Comments: In August 2014, the Office of Personal Management (OPM) stated that a project initiated under the former Chief Information Officer's guidance deals specifically with help desk consolidation. OPM also stated it had leveraged the Remedy tool to integrate the IT asset inventory function as part of the help desk and that many of the IT asset inventory functions were now automated as part of this effort. The agency established May 2015 as a target for fully implementing the recommendation. We plan to follow up with OPM to find out about the status of actions taken to address this recommendation.
    Recommendation: To improve the agency's implementation of PortfolioStat, the Administrator of the Small Business Administration should direct the CIO to develop a complete commodity IT baseline.

    Agency: Small Business Administration
    Status: Open
    Priority recommendation

    Comments: In a recent GAO review examining whether agencies have complete inventories of business and enterprise IT systems (which represent 2 of the 3 categories of assets called for in the commodity IT baseline), SBA provided an inventory which it acknowledged did not include all systems or represent all offices. (Note: the review was summarized in GAO-16-511 issued in September 2016.) The agency noted that it was working with its offices to complete the inventory and hoped to finalize it and establish processes for updating the inventory, including possibly automating its data gathering abilities. In May 2017, SBA provided an update on the status of actions to address the recommendation. We are currently reviewing the documentation provided to determine whether SBA has fully addressed the recommendation.
    Recommendation: To improve the agency's implementation of PortfolioStat, in future reporting to OMB, the Administrator of the Small Business Administration should direct the CIO to fully describe the following PortfolioStat action plan elements: (1) consolidate commodity IT spending under the agency CIO; (2) establish targets for commodity IT spending reductions and deadlines for meeting those targets; (3) target duplicative systems or contracts that support common business functions for consolidation; and (4) establish a process to identify those potential investments and a schedule for eliminating them from the portfolio.

    Agency: Small Business Administration
    Status: Open

    Comments: In June 2015, SBA stated it believed the action items would be addressed as part of its actions to implement the provisions of the Federal Information Technology Acquisition Reform Act. We reviewed the agency's December 2015 plan for implementing the law and an April 2016 update but did not find evidence of actions to address the items in the recommendation. In May 2017, SBA provided an update on the status of actions to address the recommendation. We are currently reviewing the documentation provided to determine whether SBA has fully addressed the recommendation.
    Recommendation: To improve the agency's implementation of PortfolioStat, the Commissioner of the Social Security Administration should direct the CIO to develop a complete commodity IT baseline.

    Agency: Social Security Administration
    Status: Open

    Comments: In September 2014, the Social Security Administration (SSA) reported that the instruction set for its Special Expense Item process through which all non-labor IT dollars go now includes the definition of commodity IT baseline, and the requirement to identify all commodity IT baseline funds requested. SSA also stated it will report the commodity IT baseline results for fiscal year 2015 in its November integrated data collection report. We are reviewing the instruction set for the Special Expense Item process and SSA's November integrated data collection report to verify SSA's reported actions.
    Recommendation: To improve the agency's implementation of PortfolioStat, the Commissioner of the Social Security Administration should direct the CIO to report on the agency's progress in consolidating the geospatial architecture to a shared service as part of the OMB integrated data collection quarterly reporting until completed.

    Agency: Social Security Administration
    Status: Open

    Comments: In August 2015, the Social Security Administration (SSA) reported that it had migrated its geospatial architecture to a shared service in September 2014 and was complying with OMB reporting requirements. In July 2016, the agency provided e-mail messages and meeting minutes documenting various stages of the migration as evidence that it was completed as planned. However, SSA did not provide evidence of reporting to OMB. We are following up with SSA to obtain this evidence.
    Recommendation: To improve the department's implementation of PortfolioStat, the Secretary of State should direct the CIO to reflect 100 percent of information technology investments in the department's enterprise architecture.

    Agency: Department of State
    Status: Open

    Comments: According to the Department of State, since August 2014 all major and non-major IT investments and corresponding assets have been captured in enterprise architecture artifacts. We will follow up with the department to obtain documentation supporting this claim.
    Recommendation: To improve the department's implementation of PortfolioStat, in future reporting to OMB, the Secretary of State should direct the CIO to fully describe the following PortfolioStat action plan elements: (1) consolidate commodity IT spending under the agency CIO; (2) establish targets for commodity IT spending reductions and deadlines for meeting those targets; (3) move at least two commodity IT areas to shared services; (4) target duplicative systems or contracts that support common business functions for consolidation; and (5) establish a process to identify those potential investments and a schedule for eliminating them from the portfolio.

    Agency: Department of State
    Status: Open

    Comments: In August 2014, the Department of State reported taking several actions to address the action plan elements we determined had not been fully described in our review. For example, it provided the Integrated Logistics Management System and the Global IT Modernization program as examples of two commodity IT investments it had moved to shared services and reported that it instituted review processes to identify duplicative efforts within the IT portfolio. The department, however, did not state whether it had reported these actions to OMB, which was the focus of our recommendation. We will follow up with the department on this.
    Recommendation: To improve the department's implementation of PortfolioStat, the Secretary of State should direct the CIO to report on the department's progress in consolidating the Foreign Affairs Network and content publishing and delivery services to shared services as part of the OMB integrated data collection quarterly reporting until completed.

    Agency: Department of State
    Status: Open

    Comments: In August 2014, the Department of State reported that it had completed the content publishing and delivery services initiative and was reporting on its progress in consolidating the Foreign Affairs Network initiative to shared services through the OMB budget process. We plan to follow up with the agency to obtain supporting documentation.
    Recommendation: To improve the department's implementation of PortfolioStat, the Secretary of Transportation should direct the CIO to report on the department's progress in consolidating the Enterprise Messaging to shared services as part of the OMB integrated data collection quarterly reporting until completed.

    Agency: Department of Transportation
    Status: Open

    Comments: In September 2015, the department reported that it had discontinued its effort to migrate the Enterprise Messaging program to shared services because it was no longer cost-effective. We plan to follow up with the department on this matter.
    Recommendation: To improve the department's implementation of PortfolioStat, in future reporting to OMB, the Secretary of the Treasury should direct the CIO to fully describe the following PortfolioStat action plan elements: (1) consolidate commodity IT spending under the agency CIO and (2) establish criteria for identifying wasteful, low-value, or duplicative investments.

    Agency: Department of the Treasury
    Status: Open

    Comments: In September 2014, the Departmnent of the Treasury provided information on its efforts to address its action plan elements, including (1) establishing a general approach to reviewing new investment requests that considers risk, value, and cost; and (2) driving Treasury's IT investment portfolio toward common platforms whenever possible. However, the department did not address whether it was reporting on these efforts to OMB, which was the focus of our recommendation. We will follow up with the department on this.
    Recommendation: To improve the department's implementation of PortfolioStat, as the department finalizes and matures its enterprise architecture and valuation methodology, the Secretary of the Treasury should direct the CIO to utilize these processes to identify whether there are additional opportunities to reduce duplicative, low-value, or wasteful investments.

    Agency: Department of the Treasury
    Status: Open

    Comments: The department described several examples of processes it had in place to identify opportunities to reduce duplicative, low-value or wasteful investments, including annual reviews of each major IT investment and monthly portfolio reviews. We plan to follow up with the department to obtain supporting documentation.
    Recommendation: To improve the department's implementation of PortfolioStat, the Secretary of the Treasury should direct the CIO to develop support for the estimated savings for fiscal years 2013 to 2015 for the DoNotPay Business Center, Fiscal IT Data Center Consolidation and Business Process Management Status initiatives.

    Agency: Department of the Treasury
    Status: Open

    Comments: The department provided documentation related to its DoNotPay Business Center, Fiscal IT Data Center Consolidation, and Business Process Management Status initiatives. We are reviewing the information provided and plan to follow up with the department as appropriate.
    Recommendation: To improve the agency's implementation of PortfolioStat, the Administrator of the U.S. Agency for International Development should direct the CIO to reflect 100 percent of information technology investments in the agency's enterprise architecture.

    Agency: United States Agency for International Development
    Status: Open

    Comments: In response to this recommendation, in September 2014, USAID provided GAO its guidance for establishing an IT asset inventory consistent with Federal Information Systems Management Act requirements and its guidance for purchasing equipment and services which are compliant with agency standards. In October 2015, USAID also stated that it regularly updates its enterprise architecture through maintenance of its information systems inventory and evaluation of future investments. In March 2017, the agency provided GAO documentation supporting its efforts to maintain its information systems inventory and evaluate future investments. However, USAID did not show how these activities help ensure that investments are all included in the enterprise architecture. GAO is following up with the agency on this matter.
    Recommendation: To improve the department's implementation of PortfolioStat, in future reporting to OMB, the Secretary of Veterans Affairs should direct the CIO to fully describe the following PortfolioStat action plan element: target duplicative systems or contracts that support common business functions for consolidation.

    Agency: Department of Veterans Affairs
    Status: Open

    Comments: In a December 2015 update to the status of this recommendation, the department stated it was changing its governance processes and organizational structures for IT portfolio, system, project and requirements management to strengthen its ability to identify and eliminate/consolidate duplicative systems or contracts. The department recently reported that these new processes and organizations were established in the Spring of 2016, including a new strategic sourcing approach which should assist in addressing our recommendation. We are following up with the department to obtain evidence of this approach.
    Recommendation: To improve the department's implementation of PortfolioStat, the Secretary of Veterans Affairs should direct the CIO to report on the department's progress in consolidating the dedicated fax servers to a shared service as part of the OMB integrated data collection quarterly reporting until completed.

    Agency: Department of Veterans Affairs
    Status: Open

    Comments: In December 2015, the department reported that it would no longer pursue the initiative because an analysis performed in fiscal year 2014 indicated very little, if any cost savings to be achieved. The agency, however, did not provide evidence regarding any related reporting to OMB. We are following up with the department to obtain this evidence.
    Recommendation: To improve the department's implementation of PortfolioStat, as the department matures its enterprise architecture process, the Secretary of Veterans Affairs should direct the CIO to make use of it, as well as the valuation model, to identify whether there are additional opportunities to reduce duplicative, low-value, or wasteful investments.

    Agency: Department of Veterans Affairs
    Status: Open

    Comments: In December 2015, the department stated it was changing its governance processes and organizational structures for IT portfolio, system, project and requirements management to strengthen its ability to identify and eliminate/consolidate duplicative systems or contracts. The department recently reported that these new processes and organizations were established in the Spring of 2016. We are following up with the department to find out how they are incorporating the use of the enterprise architecture and value model to identify opportunities to reduce duplicative, low-value, or wasteful investments.
    Recommendation: To improve the department's implementation of PortfolioStat, the Secretary of Veterans Affairs should direct the CIO to develop detailed support for the estimated savings for fiscal years 2013 to 2015 for the Server Virtualization, Eliminate Dedicated Fax Servers Consolidation, Renegotiate Microsoft Enterprise License Agreement, and one CPU policy initiatives.

    Agency: Department of Veterans Affairs
    Status: Open

    Comments: In December 2015, the department reported that the scope of the Server Virtualization initiative was increased and that the cost avoidance estimates were being revised accordingly. It also reported that the Elimination of Analog Fax Lines initiative was no longer being pursued because an analysis found that it would result in very little, if any, cost savings. In regards to the Renegotiate Microsoft Enterprise License Agreement initiative, the department reported that total savings over a 5-year period were renegotiated but did not provide supporting documentation. Lastly, the department reported that a new economic justification for the One CPU Policy initiative was being developed based on a consolidation strategy, and would be provided when completed. We are following up with the department to obtain documentation supporting its reported actions.
    Director: Maurer, Diana C
    Phone: (202) 512-9627

    3 open recommendations
    including 2 priority recommendations
    Recommendation: To promote coordination as a practice to help avoid overlap, the Secretary of Homeland Security, the Attorney General, and the Director of ONDCP should work through the Information Sharing and Access Interagency Policy Committee (ISA IPC) or otherwise collaborate to develop a mechanism, such as performance metrics related to coordination, that will allow them to hold field-based information-sharing entities accountable for coordinating with each other and monitor and evaluate the coordination results achieved.

    Agency: Department of Justice
    Status: Open
    Priority recommendation

    Comments: The Department of Justice (DOJ), in coordination with the Department of Homeland Security (DHS) and the Office of National Drug Control Policy (ONDCP), has made progress toward addressing GAO's April 2013 recommendation but has not included all of the relevant field-based information sharing entities in its efforts. Through their involvement in an interagency policy committee within the Executive Office of the President, DHS, DOJ, and ONDCP have developed a mechanism to hold state and urban area fusion centers, Regional Information Sharing System (RISS) centers, and High Intensity Drug Trafficking Area (HIDTA) Investigative Support Centers accountable for coordinating their analytical and investigative activities. However, the agencies have not fully addressed the action because DOJ's Federal Bureau of Investigation's (FBI) Joint Terrorism Task Forces (JTTF) and Field Intelligence Groups (FIG), two of the five field-based entities included in GAO's April 2013 report, have not participated in the assessment on which the mechanism is based. In December 2015, DHS developed a field-based partners report in which DHS, DOJ and ONDCP reported data for state and urban area fusion centers, RISS centers, and HIDTA Investigative Support Centers. These data were focused on field-based collaboration, including governance, colocation, and other information sharing, analytic, and deconfliction-focused topics. However, the report did not include data for DOJ's JTTFs or FIGs. DOJ has noted that JTTFs and FIGs are different from the other entities because JTTFs are operational law enforcement investigative entities and FIGs provide intelligence support to FBI Field Offices. However, GAO's April 2013 report identified areas in which the missions and activities of JTTFs and FIGs overlapped with those of the other entities and that coordination with other field based entities was important to prevent unnecessary overlap and potential duplication. Considering the exclusion of two of the five entities, the agencies do not have a collective mechanism that can hold FIGS and JTTFs accountable for coordinating with the other field-based information sharing entities and allow the agencies to monitor progress and evaluate results across entities. Such a mechanism can help entities maintain effective relationships when new leadership is assigned and avoid unnecessary overlap in activities, which in turn can help entities to leverage scarce resources. As of March 2017, DOJ had provided no new updates. GAO will continue to monitor DOJ's progress in this area.
    Recommendation: To help identify where agencies and the field-based entities they support could apply coordination mechanisms to enhance information sharing and reduce inefficiencies resulting from overlap, the Secretary of Homeland Security, the Attorney General, and the Director of ONDCP should work through the ISA IPC or otherwise collaborate to identify characteristics of entities and assess specific geographic areas in which practices that could enhance coordination and reduce unnecessary overlap, such as cross-entity participation on governance boards and colocation of entities, could be further applied. The results of this assessment could be used by the agencies to provide recommendations or guidance to the entities to create coordinated governance boards or colocate entities, which can result in increased efficiencies through shared facilities and resources and reduced overlap through coordinated or collaborative products, activities, and services.

    Agency: Department of Justice
    Status: Open
    Priority recommendation

    Comments: The Department of Justice (DOJ), in coordination with the Department of Homeland Security (DHS) and the Office of National Drug Control Policy (ONDCP), has made progress toward addressing GAO's April 2013 recommendation but has not included all of the relevant field-based information sharing entities in its efforts. The three agencies have taken the necessary steps to assess the extent to which practices that can enhance coordination are being implemented at state and urban area fusion centers, Regional Information Sharing System (RISS) centers, and High Intensity Drug Trafficking Area (HIDTA) Investigative Support Centers through their involvement in an interagency policy committee within the Executive Office of the President. However, the assessment did not include DOJ's Federal Bureau of Investigation's (FBI) Joint Terrorism Task Forces (JTTF) or Field Intelligence Groups (FIG), two of the five field-based entities included in GAO's April 2013 report. In December 2015, DHS, DOJ, and ONDCP developed a field-based partners report in which DOJ and ONDCP collected and reported data elements for RISS centers and HIDTA Investigative Support Centers similar to those DHS uses in its annual fusion center assessment. These data were focused on field-based collaboration, including governance, colocation, and other information sharing, analytic, and deconfliction-focused topics. However, the report did not include data for DOJ's FBI JTTFs or FIGs. A collaborative assessment of where practices that enhance coordination can be applied to reduce overlap, collaborate, and leverage resources for all five field-based information-sharing entities would allow the agencies to provide recommendations or guidance to the entities on implementing these practices. As of March 2017, DOJ had provided no new updates. GAO will continue to monitor DOJ's progress in this area.
    Recommendation: To help ensure that an assessment of practices that could enhance coordination and reduce unnecessary overlap is shared and used to further enhance collaboration and efficiencies across agencies, the Program Manager, with input from the ISA IPC collaborating agencies, should report in the Information Sharing Environment (ISE) annual report to Congress the results of the assessment, including any additional coordination practices identified, efficiencies realized, or actions planned.

    Agency: Office of the Director of National Intelligence: Office of the Program Manager--Information Sharing Environment
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information. Status last updated August 31, 2017.
    Director: Powner, David A
    Phone: (202) 512-9286

    2 open recommendations
    Recommendation: The Secretary of Transportation should designate a senior agency official who has departmentwide responsibility, accountability, and authority for geospatial information issues. The Secretary of Transportation direct the designated senior official for geospatial information to prepare, maintain, publish, and implement a strategy for advancing geographic information and related geospatial data activities appropriate to its mission.

    Agency: Department of Transportation
    Status: Open

    Comments: In July 2016, a Transportation official told GAO that the department had completed a draft of the geospatial strategic plan that month. According to a Transportation official, as of March 1, 2017, the draft was under review. On September 8, 2017, a Transportation official stated that the department plans to issue the plan by November 1, 2017.
    Recommendation: To improve OMB oversight of geospatial information and assets, and minimize duplication of federal geospatial investments, the Director of OMB should develop a mechanism, or modify existing mechanisms, to identify and report annually on all geospatial related investments, including dollars invested and the nature of the investment.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: OMB has made progress in developing a way to identify and report annually on all geospatial-related investments, but has not completed its efforts. In March 2014, the Federal Geographic Data Committee (FGDC) issued its National Geospatial Data Asset (NGDA) Management Plan. The plan was developed in conjunction with OMB officials. One of the objectives of the plan is to develop and apply a standard definition of a geospatial investment in order to facilitate reporting on budgeted geospatial data investments, due to the fact that different definitions are being used by OMB, the FGDC community, and individual agencies. There are two supporting actions for this objective. The first action was completed with the finalization and issuance of the FGDC's Geospatial Investment Definitions for Tracking and Reporting Geospatial Investment Costs document in April 2016. The document contains a set of geospatial definitions with specific examples for each. The second action is for the geospatial community to apply the definitions in submissions to OMB during the annual federal government budget planning and reporting process. According to FGDC officials, they expect this to be challenging for a number of reasons, including the need for agencies to determine how they can align their investment tracking systems to accommodate the new definitions and the extent to which agencies will be able to use a common reporting capability. As a result, a two-pronged approach is being used. First, FGDC developed a reporting method using the theme implementation plans to support federal geospatial data investment tracking. For example, in February 2017, an official provided an implementation plan from January 2017 which included an estimate of the amount of time federal employees spent on NGDA work, and reported this as a percentage of full-time equivalents. Second, OMB worked with FGDC to revise geospatial investment reporting guidance found in OMB Circular No. A-11. Starting with fiscal year 2018 allocations (Circular No. A-11 revised July 2016), agencies are required to report on annual aggregated geospatial data investments of $100,000 or greater using the Marketplace feature of the Geospatial Platform. According to an agency official, this approach leverages existing, federal government-wide reporting methods already in place and minimizes the potential for agencies to implement separate, potentially duplicative reporting mechanisms that are not integrated with existing OMB reporting procedures. According to OMB officials as of September 7, 2017, OMB anticipates that since fiscal year 2018 will be the first year of implementation, some agencies may have challenges identifying and reporting their data. As a result, OMB states that the content and completeness of the reported information will need to be evaluated prior to determining its fitness and application for overseeing geospatial investments.
    Director: Melvin, Valerie C
    Phone: (202)512-6304

    1 open recommendations
    Recommendation: In light of the agency's declining revenue associated with its basic statutory function and the charging for information that is often freely available elsewhere, Congress should consider examining the appropriateness and viability of the fee-based model under which NTIS currently operates for disseminating technical information to determine whether the use of this model should be continued.

    Agency: Congress
    Status: Open

    Comments: Congress has not yet enacted legislation to re-examine the fee-based model under which NTIS operates, although it has begun taking actions that give it an opportunity to do so. Specifically, the Department of Commerce Appropriations Acts, 2015, 2016 and 2017, prohibited NTIS from charging customers for reports authored by legislative branch offices unless the agency tells the customer how an electronic copy of the report can be accessed or downloaded for free online. The Act further stated that, if a customer still requires such a report from NTIS, the agency should not charge more than what is needed to recover the cost of processing, reproducing, and delivering the document requested. Additionally, in the 114th Congress, three bills (H.R. 443, S.787, and S.1636) were introduced and referred to the House Committee on Science, Space, and Technology and the Senate Committee on Commerce, Science, and Transportation. However, none of these bills were passed. The 115th Congress has yet to consider legislation that would ensure the assessment of the appropriateness or viability of NTIS functions.
    Director: Shames, Lisa R
    Phone: (202) 512-3841

    1 open recommendations
    Recommendation: To reduce the cost of the crop insurance program, Congress may wish to consider limiting the subsidy for premiums that an individual farmer can receive each year or reducing the subsidy for all farmers participating in the program, or both limiting and reducing these subsidies.

    Agency: Congress
    Status: Open

    Comments: As of December 2016, Congress has not taken action to implement this matter.
    Director: Goldenkoff, Robert N
    Phone: (202)512-2757

    3 open recommendations
    Recommendation: In order to maintain progress in maximizing the efficiency of existing data sources, and to improve the broader efficiency of the federal statistical system and improve communication among agencies and others, the Director of OMB, in consultation with the Chief Statistician, should work with the ICSP, when OMB next updates guidance on agency survey and statistical information collection and dissemination methods, to include additional details on actions agencies can take to meet requirements to identify duplication, to consult with persons outside of the agency, and address other requirements as appropriate.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: OMB concurred with our recommendation. As of August 2017, the team is awaiting an update from the agency on the status of OMB's actions to implement this recommendation.
    Recommendation: In order to maintain progress in maximizing the efficiency of existing data sources, and to improve the broader efficiency of the federal statistical system and improve communication among agencies and others, the Director of OMB, in consultation with the Chief Statistician, should work with the ICSP to create new methods or enhance existing methods to improve the dissemination of information and resources produced by interagency statistical committees. For example, such enhancements could include increasing the timeliness and availability of information on websites to better capture the full range of products and identify committee priorities.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: OMB concurred with our recommendation and in July 2014 reported that it plans to implement it by launching a new website for the Federal Committee on Statistical Methodology. The new website will be hosted by the General Services Administration and will give interagency statistical committees the ability to manage their own webpages and disseminate products. As of August 2017, the team is awaiting an update from the agency on the status of OMB's actions to implement this recommendation.
    Recommendation: In order to maintain progress in maximizing the efficiency of existing data sources, and to increase the reliability of the information presented on the Reginfo.gov website and in OMB's internal system, the Director of OMB, in consultation with the Chief Statistician, should work with the ICSP to implement quality-control procedures designed to identify and remedy any differences between cost and burden information provided on the website and in the related supporting statement documentation that underlies this information.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: OMB concurred with our recommendation. As of August 2017, the team is awaiting an update from OMB on the status of actions taken to implement this recommendation.
    Director: King, Kathleen M
    Phone: (202)512-5154

    2 open recommendations
    Recommendation: To develop more accurate data for estimating the funds needed for the CHS program and improving IHS oversight, the Secretary of Health and Human Services should direct the Director of IHS to develop a written policy documenting how IHS evaluates need for the CHS program and disseminate it to area offices and CHS programs to ensure they understand how unfunded services data are used to estimate overall program needs.

    Agency: Department of Health and Human Services
    Status: Open

    Comments: In response to this recommendation, IHS reported in October 2015 that it was completing a comprehensive update of a policy chapter related to the Contract Health Services (CHS) Program (also called the Purchased/Referred Care Program). The agency indicated that this revised chapter would incorporate a written policy on how IHS evaluates need for the CHS program. It indicated that the chapter update had been under revision since December 20, 2012, with final approval anticipated in 2015. In July 2017, IHS indicated that the policy was still under development and would be issued to all IHS sites by September 30, 2017.
    Recommendation: To develop more accurate data for estimating the funds needed for the CHS program and improving IHS oversight, the Secretary of Health and Human Services should direct the Director of IHS to provide written guidance to CHS programs on a process to use when funds are depleted and there is a continued need for services, and monitor to ensure that appropriate actions are taken.

    Agency: Department of Health and Human Services
    Status: Open

    Comments: In response to this recommendation, IHS reported in October 2015 that it developed and distributed Fund Management Standardization guidance to Area Offices to monitor compliance by federal Contract Health Services (CHS) program (also called the Purchased/Referred Care program) Service Units. Also, IHS issued standardized spending plan procedures to all Area Offices and Federally-operated programs. Also, it indicated that spending plan guidance would be included in an update of a policy chapter related to the CHS program. The agency indicated that this chapter had been under revision since December 20, 2012, with final approval anticipated in 2015. In July 2017, IHS indicated that the policy was still under development and would be issued to all IHS sites by September 30, 2017.