Reports & Testimonies

  • GAO’s recommendations database contains report recommendations that still need to be addressed.

    GAO’s recommendations help congressional and agency leaders prepare for appropriations and oversight activities, as well as help improve government operations. Recommendations remain open until they are designated as Closed-implemented or Closed-not implemented. You can explore open recommendations by searching or browsing.

    GAO's priority recommendations are those that we believe warrant priority attention. We sent letters to the heads of key departments and agencies, urging them to continue focusing on these issues. These recommendations are labeled as such. You can find priority recommendations by searching or browsing our open recommendations below, or through our mobile app.

  • Browse Open Recommendations

    Explore priority recommendations by subject terms or browse by federal agency

    Search Open Recommendations

    Search for a specific priority recommendation by word or phrase



  • Governing on the go?

    Our Priorities for Policy Makers app makes it easier for leaders to search our recommendations on the go.

    See the November 10th Press Release


  • Have a Question about a Recommendation?

    • For questions about a specific recommendation, contact the person or office listed with the recommendation.
    • For general information about recommendations, contact GAO's Audit Policy and Quality Assurance office at (202) 512-6100 or apqa@gao.gov.
  • « Back to Results List Sort by   

    Results:

    Subject Term: "Private sector"

    38 publications with a total of 123 open recommendations including 2 priority recommendations
    Director: Anne-Marie Fennell
    Phone: (202) 512-3841

    2 open recommendations
    Recommendation: The Secretary of Commerce should direct the NOAA Administrator to ensure that NOAA's efforts to improve its cost comparison reports include actions to fully track capital asset depreciation costs and account for ships in port undergoing major maintenance in accordance with its standard operating procedure.

    Agency: Department of Commerce
    Status: Open

    Comments: As of August 2017, NOAA reported that it has taken steps to start developing procedures to fully track capital asset depreciation costs. NOAA expects to implement draft procedures by September 30, 2018, and fully implement them in fall 2019. In addition, NOAA stated that, by January 31, 2018, it will review and assess the current methodology it uses to account for the costs of ships in port undergoing major maintenance. NOAA intends to implement a revised methodology by February 28, 2018.
    Recommendation: The Secretary of Commerce should direct the NOAA Administrator to develop a strategy for expanding NOAA's use of the private sector in its hydrographic survey program, as required by law.

    Agency: Department of Commerce
    Status: Open

    Comments: As of August 2017, NOAA reported that it had begun developing a strategy to expand its hydrographic data collection program, and has determined that there are significant growth opportunities for private sector involvement in its program. NOAA intends to take several actions to promote the hydrographic surveying industry, and will compile the findings from the actions taken and issue a final strategy report by December 31, 2019.
    Director: Alicia Puente Cackley
    Phone: (202) 512-8678

    1 open recommendations
    Recommendation: As Congress considers reauthorizing NFIP, it should consider comprehensive reform to improve the program's solvency and enhance the nation's resilience to flood risk, which could include actions in six areas: (1) addressing the current debt, (2) removing existing legislative barriers to FEMA's revising premium rates to reflect the full risk of loss, (3) addressing affordability, (4) increasing consumer participation, (5) removing barriers to private-sector involvement, and (6) protecting NFIP flood resilience efforts. In implementing these reforms, Congress should consider the sequence of the actions and their interaction with each other.

    Agency: Congress
    Status: Open

    Comments: When we determine what steps the Congress has taken, we will provide updated information.
    Director: Dillingham, Gerald L
    Phone: (202) 512-2834

    3 open recommendations
    Recommendation: To help FAA better manage and oversee its portfolio of R&D activities, the Secretary of Transportation should direct the FAA to take a more strategic approach to identifying research priorities across the agency, including developing guidance to identify long-term priorities and emerging issue areas, as part of FAA's portfolio development process.

    Agency: Department of Transportation
    Status: Open

    Comments: As of June 2017, FAA officials said they were redesigning the agency?s National Aviation Research Plan (NARP) to, among other things, better align research to agency outcomes. FAA officials said that the redesigned NARP will provide the agency a strategic view of R&D and a better understanding of the driving forces for research, such as longer term strategic needs and emerging issues. The officials also said that the redesigned NARP will allow for a more effective framework from which to prioritize research. FAA plans to finalize the redesign of the NARP by February 2019.
    Recommendation: To help FAA better manage and oversee its portfolio of R&D activities, the Secretary of Transportation should direct the FAA to clarify its portfolio development guidance to call for each Program Planning Teams to disclose the process it used for prioritizing and selecting research projects so that decision-making is more transparent for FAA management.

    Agency: Department of Transportation
    Status: Open

    Comments: As of June 2017, FAA officials said they were developing guidance that will require the Program Planning Teams to identify and document their process for prioritizing and selecting research projects. FAA plans to finalize the guidance by November 2017.
    Recommendation: To help FAA better manage and oversee its portfolio of R&D activities, the Secretary of Transportation should direct the FAA to develop guidance to ensure that future National Aviation Research Plans (NARP) and R&D Annual Reviews meet statutory requirements to the extent practicable, including (a) The NARP lists activities that are carried under cooperative agreements. (b) The NARP describes the rationale for the prioritized research programs. (c) The NARP identifies how resources were allocated for long-term and near-term research. (d) The NARP identifies REDAC recommendations that are accepted, not accepted, and the reasons for non-acceptance. (e) The NARP provides a detailed description of technology transfer to government, industry, and academia. (f) The Annual Review describes new technologies developed and the dissemination of research results to the private sector. (g) The Annual Review allows a comparison to the NARP. (h) The Annual Review is prepared and presented in accordance with agency performance reporting requirements.

    Agency: Department of Transportation
    Status: Open

    Comments: As of June 2017, FAA officials said they were redesigning the National Aviation Research Plan (NARP) and R&D Annual Review to include, among other things, information required by statute. FAA plans to finalize the redesign of the NARP and Annual Review by February 2019.
    Director: Lawrance Evans
    Phone: (202) 512-8678

    5 open recommendations
    Recommendation: In the event that Congress again requires an agency to provide affected individuals with identity theft insurance in response to a breach of sensitive personal data, Congress should consider permitting the agency to determine the appropriate level of that insurance.

    Agency: Congress
    Status: Open

    Comments: When we determine what steps the Congress has taken, we will provide updated information.
    Recommendation: The Director of the Office of Management and Budget should, to the extent feasible, conduct an analysis of the effectiveness of the various identity theft services relative to alternatives, and revise OMB's guidance to federal agencies in light of this analysis.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: The Director of the Office of Management and Budget should explore options to address the risk of duplication in federal agencies' provision of identity theft services in response to data breaches, and take action if viable options are identified.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: The Director of the Office of Personnel Management should incorporate criteria and procedures for determining whether to offer identity theft services into the agency's data-breach-response policy.

    Agency: Office of Personnel Management
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: The Director of the Office of Personnel Management should implement procedures that provide reasonable assurance that significant decisions on the use of identity theft services are appropriately documented.

    Agency: Office of Personnel Management
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Director: Brian J. Lepore
    Phone: (202) 512-4523

    2 open recommendations
    Recommendation: To improve operational efficiencies and reduce costs related to product management and services that support commissary operations, the Secretary of Defense should direct the Chief Executive Officer of DeCA to develop a plan with objectives, goals, and time frames on how it will improve efficiency in product management, such as offering products based on store sales or customer demand.

    Agency: Department of Defense
    Status: Open

    Comments: As of August 2017, the Defense Commissary Agency (DeCA) started to implement the Category Performance Improvement process which could help improve efficiencies by offering products based on store sales and customer demand. In addition, DeCA is also offering commissary brand items which have improved efficiencies in inventory and stocking products. By making these improvements, DeCA could improve operational efficiencies. However, DeCA is in the early stages of implementing these actions and it is unclear to what extent these efficiencies have helped reduce costs related to product management.
    Recommendation: To improve operational efficiencies and reduce costs related to product management and services that support commissary operations, the Secretary of Defense should direct the Chief Executive Officer of DeCA to conduct comprehensive cost-benefit analyses to guide decisions on implementing the most cost-effective option as stocking and custodial services contracts are renewed, and on choosing product distribution options.

    Agency: Department of Defense
    Status: Open

    Comments: As of August 2017, the Defense Commissary Agency has not taken action that addresses GAO's March 2017 recommendation to conduct comprehensive cost-benefit analyses to guide decisions on implementing the most cost-effective option as stocking and custodial services contracts are renewed, and on choosing product distribution options.
    Director: Gregory C. Wilshusen
    Phone: (202) 512-6244

    9 open recommendations
    Recommendation: To more fully address the requirements identified in the National Cybersecurity Protection Act of 2014 and the Cybersecurity Act of 2015, the Secretary of the Department of Homeland Security should determine the extent to which the statutorily required implementing principles apply to NCCIC's cybersecurity functions.

    Agency: Department of Homeland Security
    Status: Open

    Comments: In April 2017, DHS stated that NCCIC is currently conducting an analysis of all mission functions to include the following goals: simplify the descriptions of NCCIC's mission functions, document all NCCIC functional capabilities, document the applicability of implementing principles to NCCIC mission functions, and map as appropriate. Once completed, we will analyze the output of NCCIC's efforts in this area to determine the extent to which DHS has fulfilled this recommendation. In August 2017, DHS officials stated an update on the status of the recommendations was forthcoming in September 2017. We will review the evidence provided and update the recommendation status as appropriate.
    Recommendation: To more fully address the requirements identified in the National Cybersecurity Protection Act of 2014 and the Cybersecurity Act of 2015, the Secretary of the Department of Homeland Security should develop metrics for assessing adherence to applicable principles in carrying out statutorily required functions.

    Agency: Department of Homeland Security
    Status: Open

    Comments: In April 2017, DHS stated that they were still in the process completing mission functional analysis described in DHS's response to Recommendation 1, which would serve as the basis of developing metrics. Once completed, we will analyze the output of NCCIC's efforts in this area to determine the extent to which DHS has fulfilled this recommendation. In August 2017, DHS officials stated an update on the status of the recommendations was forthcoming in September 2017. We will review the evidence provided and update the recommendation status as appropriate.
    Recommendation: To more fully address the requirements identified in the National Cybersecurity Protection Act of 2014 and the Cybersecurity Act of 2015, the Secretary of the Department of Homeland Security should establish methods for monitoring the implementation of cybersecurity functions against the principles on an ongoing basis.

    Agency: Department of Homeland Security
    Status: Open

    Comments: In April 2017, DHS stated that NCCIC is updating existing policies and procedures for program management reviews (PMR) to include the metrics developed in recommendation two. Once completed, we will analyze the output of NCCIC's efforts in this area to determine the extent to which DHS has fulfilled this recommendation. In August 2017, DHS officials stated an update on the status of the recommendations was forthcoming in September 2017. We will review the evidence provided and update the recommendation status as appropriate.
    Recommendation: To more fully address the requirements identified in the National Cybersecurity Protection Act of 2014 and the Cybersecurity Act of 2015, the Secretary of the Department of Homeland Security should integrate information related to security incidents to provide management with more complete information about NCCIC operations.

    Agency: Department of Homeland Security
    Status: Open

    Comments: In April 2017, DHS stated that the NCCIC updated guidelines for incident reporting would be completed in May 2017. In addition, according to DHS, incident management system requirements were updated to support the new guidelines and are scheduled to be implemented in June 2017. DHS stated that these steps will enable the successful implementation of the new National Cyber Incident Scoring Schema (NCISS), which the NCCIC Watch Operations uses to help facilitate the timely, actionable, and relevant dissemination of information to leadership. Once completed, we will analyze the output of NCCIC's efforts in this area to determine the extent to which DHS has fulfilled this recommendation. As of August 2017, DHS has not provided evidence that the new guidelines have been implemented. However, DHS officials stated an update on the status of the recommendations was forthcoming in September 2017. We will review the evidence provided and update the recommendation status as appropriate.
    Recommendation: To more fully address the requirements identified in the National Cybersecurity Protection Act of 2014 and the Cybersecurity Act of 2015, the Secretary of the Department of Homeland Security should determine the necessity of reducing, consolidating, or modifying the points of entry used to communicate with NCCIC to better ensure that all incident tickets are logged appropriately.

    Agency: Department of Homeland Security
    Status: Open

    Comments: In April 2017, DHS stated that NCCIC had completed initial mapping of information flows, as well as the roles and responsibilities for the incident management function. A plan to integrate or consolidate disparate incident reporting systems is scheduled to be completed in December 2017. Once completed, we will analyze the output of NCCIC's efforts in this area to determine the extent to which DHS has fulfilled this recommendation. In August 2017, DHS officials stated an update on the status of the recommendations was forthcoming in September 2017. We will review the evidence provided and update the recommendation status as appropriate.
    Recommendation: To more fully address the requirements identified in the National Cybersecurity Protection Act of 2014 and the Cybersecurity Act of 2015, the Secretary of the Department of Homeland Security should develop and implement procedures to perform regular reviews of customer information to ensure that it is current and reliable.

    Agency: Department of Homeland Security
    Status: Open

    Comments: In April 2017, DHS stated that NPPD is gathering the requirements for a customer relationship management (CRM) tool that will support regular reviews and updates to customer information. Additionally, DHS stated that NCCIC will establish and implement a standing operating procedure for capturing and regularly updating prioritized customer information including contact information in the event of an incident. Once completed, we will analyze the output of NCCIC's efforts in this area to determine the extent to which DHS has fulfilled this recommendation. In August 2017, DHS officials stated an update on the status of the recommendations was forthcoming in September 2017. We will review the evidence provided and update the recommendation status as appropriate.
    Recommendation: To more fully address the requirements identified in the National Cybersecurity Protection Act of 2014 and the Cybersecurity Act of 2015, the Secretary of the Department of Homeland Security should take steps to ensure the full representation of the owners and operators of the nation's most critical cyber-dependent infrastructure assets.

    Agency: Department of Homeland Security
    Status: Open

    Comments: In April 2017, DHS stated that the Office of Cybersecurity and Communications is establishing integrated customer engagement activities that support cyber risk mitigation and incident response planning. In addition, NCCIC will develop standing operating procedures that leverage existing information sharing programs, activities and relationships to tailor engagements that support owners and operators of the most critical cyber-dependent infrastructure assets including designated lifeline sectors. Once completed, we will analyze the output of NCCIC's efforts in this area to determine the extent to which DHS has fulfilled this recommendation. In August 2017, DHS officials stated an update on the status of the recommendations was forthcoming in September 2017. We will review the evidence provided and update the recommendation status as appropriate.
    Recommendation: To more fully address the requirements identified in the National Cybersecurity Protection Act of 2014 and the Cybersecurity Act of 2015, the Secretary of the Department of Homeland Security should establish plans and time frames for consolidating or integrating the legacy networks used by NCCIC analysts to reduce the need for manual data entry.

    Agency: Department of Homeland Security
    Status: Open

    Comments: In April 2017, DHS stated that the Assistant Secretary of Office of Cybersecurity and Communications (CS&C) had consolidated the Enterprise Architecture role within the Office of the Chief Technology Officer (CTO). Working across CS&C, the CTO will establish a technology roadmap, to include consolidation of networks. In addition, NCCIC is working to determine the potential impact of network consolidation on mission functions, including mapping current data sources. Once completed, we will analyze the output of NCCIC's efforts in this area to determine the extent to which DHS has fulfilled this recommendation. In August 2017, DHS officials stated an update on the status of the recommendations was forthcoming in September 2017. We will review the evidence provided and update the recommendation status as appropriate.
    Recommendation: To more fully address the requirements identified in the National Cybersecurity Protection Act of 2014 and the Cybersecurity Act of 2015, the Secretary of the Department of Homeland Security should identify alternative methods to collaborate with international partners, while ensuring the security requirements of high-impact systems.

    Agency: Department of Homeland Security
    Status: Open

    Comments: In April 2017, DHS stated that the potential reduction in sharing cybersecurity products that may result from migrating the NCCIC Portal to HSIN should be minimal. Contingency information sharing plans will be developed to mitigate potential issues through alternate information sharing practices, particularly involving an actual incident during migration transition. Foreign partnerships will continued to be maintained by exercises, analytic exchanges with our closest partners, and continued participation in multilateral and bilateral engagements. Once completed, we will analyze the output of NCCIC's efforts in this area to determine the extent to which DHS has fulfilled this recommendation. In August 2017, DHS officials stated an update on the status of the recommendations was forthcoming in September 2017. We will review the evidence provided and update the recommendation status as appropriate.
    Director: Brenda S. Farrell
    Phone: (202) 512-3604

    11 open recommendations
    Recommendation: To help the Air Force in its effort to address UAS pilot shortfalls, and to help ensure that the Air Force strategies to address UAS pilot shortages are tailored to address remaining issues, such as the significant amount of pilots who are temporarily assigned to the UAS pilot career, the limited amount of cadet interest in the UAS pilot career, and the workload of UAS pilots, the Secretary of Defense should direct the Secretary of the Air Force to revise the Get Well Plan to address these issues.

    Agency: Department of Defense
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To help the Air Force in its effort to address UAS pilot shortfalls, and to help the Air Force ensure that its strategies are having the intended effects, the Secretary of Defense should direct the Secretary of the Air Force to monitor the extent to which that achieving the human capital goals in its strategy helps the Air Force achieve its programmatic goals.

    Agency: Department of Defense
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To help the Air Force in its effort to address UAS pilot shortfalls, and to help the Air Force ensure that it is poised to meet future needs for UAS pilots, the Secretary of Defense should direct the Secretary of the Air Force to explore the potential use of additional flexibilities that would enable it to increase the number of UAS pilots in its workforce.

    Agency: Department of Defense
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To help the Army in its effort to address UAS unit training shortfalls, and to help the Army identify challenges that UAS pilots face in completing their training, the Secretary of Defense should direct the Secretary of the Army to collect feedback from UAS pilots in UAS units, such as by surveying, or conducting focus groups with them.

    Agency: Department of Defense
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To help the Army in its effort to address UAS unit training shortfalls, and to help the Army identify challenges that UAS pilots face in completing their training, the Secretary of Defense should direct the Secretary of the Army to incorporate such feedback into the Army's strategy to address UAS training shortfalls.

    Agency: Department of Defense
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To help the Army in its effort to address UAS unit training shortfalls, and to help ensure that Army Shadow units meet minimum training requirements, the Secretary of Defense should direct the Secretary of the Army to revise its strategy to address UAS training shortfalls to ensure that it is fully tailored to address training issues and address factors such as lack of adequate facilities, lack of access to airspace, and the inability to fly more than one UAS at a time.

    Agency: Department of Defense
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To help the Army in its effort to address UAS unit training shortfalls, and to help the Army ensure that it is basing its decisions to select individuals for UAS pilot training on sound evidence and to help it take advantage of the key benefits associated with effective personnel selection that could include reducing training costs, improving job performance, improving retention of qualified personnel, enabling leadership development, and enhancing organizational effectiveness, the Secretary of Defense should direct the Secretary of the Army to validate that the Armed Services Vocational Aptitude Battery is an effective predictor of UAS pilot candidate performance in UAS pilot training and job performance.

    Agency: Department of Defense
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To help the Army in its effort to address UAS unit training shortfalls, and to help the Army ensure that it is basing its decisions to select individuals for UAS pilot training on sound evidence and to help it take advantage of the key benefits associated with effective personnel selection that could include reducing training costs, improving job performance, improving retention of qualified personnel, enabling leadership development, and enhancing organizational effectiveness, the Secretary of Defense should direct the Secretary of the Army to assess existing research that has been performed that identifies UAS pilot competencies.

    Agency: Department of Defense
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To help the Army in its effort to address UAS unit training shortfalls, and to help the Army ensure that it is basing its decisions to select individuals for UAS pilot training on sound evidence and to help it take advantage of the key benefits associated with effective personnel selection that could include reducing training costs, improving job performance, improving retention of qualified personnel, enabling leadership development, and enhancing organizational effectiveness, the Secretary of Defense should direct the Secretary of the Army to incorporate relevant findings from such research into the Army's approach for selecting UAS pilot candidates, as appropriate.

    Agency: Department of Defense
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To help address personnel shortages and meet mission needs cost effectively, the Office of the Secretary of Defense, through the Under Secretary of Defense (Personnel & Readiness) should direct the Air Force and the Army to evaluate the workforce mix and the use of federal civilians for UAS pilot positions.

    Agency: Department of Defense
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To help address personnel shortages and meet mission needs cost effectively, the Office of the Secretary of Defense, through the Under Secretary of Defense (Personnel & Readiness) should direct the Air Force and the Army to conduct cost analyses consistent with DOD guidance to inform their workforce decisions and ensure cost effectiveness of the UAS pilot workforce mix.

    Agency: Department of Defense
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Director: David B. Gootnick
    Phone: (202) 512-3149

    1 open recommendations
    Recommendation: To ensure that all relevant U.S. agencies have information on the effect of changes in U.S. policy related to Cuba, the Secretary of State, in consultation with the Department of Commerce, Department of the Treasury, U.S. Department of Agriculture, and other relevant agencies, should take steps to identify and begin to collect the information that would allow them to monitor changes in economic engagement, including with the Cuban private sector.

    Agency: Department of State
    Status: Open

    Comments: State concurred with this recommendation. As of April 2017, State reported that it is taking steps to identify and collect information that would enable it to monitor the Cuban economy and changes in the economic environment, including with the Cuban private sector. For example, State noted that Embassy Havana has developed a plan for in-country travel and reporting by identifying key sectors and provinces that can provide additional insights on the Cuban economy. GAO will continue to monitor State's efforts to implement this recommendation.
    Director: Frank Rusco
    Phone: (202) 512-3841

    7 open recommendations
    Recommendation: To improve DOD's analyses of the financial costs and benefits of renewable energy projects, the Secretary of Defense should direct the Assistant Secretary of Defense for Energy, Installations and Environment and the Secretaries of the Army, Navy, and Air Force to modify guidance for presenting land values in project documentation to apply to the range of alternative financing mechanisms DOD has used.

    Agency: Department of Defense
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To improve DOD's analyses of the financial costs and benefits of renewable energy projects, the Secretary of Defense should direct the Assistant Secretary of Defense for Energy, Installations and Environment and the Secretaries of the Army, Navy, and Air Force to clarify the guidance to direct all project documentation for alternatively financed projects involving land use agreements to include the value of the land, the compensation DOD would receive for it, and how the value of the land compared with the value of the compensation.

    Agency: Department of Defense
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To improve DOD's analyses of the financial costs and benefits of renewable energy projects involving long-term PPAs on its land, the Secretary of Defense should direct the Assistant Secretary of Defense for Energy, Installations and Environment and the Secretaries of the Army, Navy, and Air Force to revise guidance to develop consistent sources for assumptions for escalation.

    Agency: Department of Defense
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To improve DOD's analyses of the financial costs and benefits of renewable energy projects involving long-term PPAs on its land, the Secretary of Defense should direct the Assistant Secretary of Defense for Energy, Installations and Environment and the Secretaries of the Army, Navy, and Air Force to revise guidance to clarify how to describe sensitivity analyses in project documentation.

    Agency: Department of Defense
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To improve the information available to approving officials on projects' contributions to DOD's renewable energy goals and energy security objective and to help ensure the consistency and completeness of project documentation, the Secretary of Defense should direct the Assistant Secretary of Defense for Energy, Installations and Environment and the Secretaries of the Army, Navy, and Air Force to develop guidance to clarify that projects should specify their contribution to DOD's energy production and consumption goals.

    Agency: Department of Defense
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To improve the information available to approving officials on projects' contributions to DOD's renewable energy goals and energy security objective and to help ensure the consistency and completeness of project documentation, the Secretary of Defense should direct the Assistant Secretary of Defense for Energy, Installations and Environment and the Secretaries of the Army, Navy, and Air Force to develop guidance to clarify the type of energy security benefit that projects will provide and state whether any such benefit is immediately available or would require additional investments and, for projects that would require additional investment, provide a detailed estimate of those investments.

    Agency: Department of Defense
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To improve the information available to approving officials on projects' contributions to DOD's renewable energy goals and energy security objective and to help ensure the consistency and completeness of project documentation, the Secretary of Defense should direct the Assistant Secretary of Defense for Energy, Installations and Environment and the Secretaries of the Army, Navy, and Air Force to develop guidance to clarify that a consistent approach is to be taken to estimate the value of the energy security benefit of providing assured access to power during a grid outage and that a description of this approach is provided in project documentation.

    Agency: Department of Defense
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Director: Lawrance Evans
    Phone: (202) 512-8678

    2 open recommendations
    Recommendation: To provide greater assurance that the Federal Reserve is complying with the Monetary Control Act's requirement to establish fees on the basis of costs actually incurred and an allocation of imputed private-sector costs, the Chair of the Federal Reserve Board of Governors of the Federal Reserve System should consider ways to incorporate the costs related to integrated planning for recovery and wind down and compliance with antimoney-laundering requirements, to the extent practicable, in its imputed private-sector cost methodology.

    Agency: Federal Reserve System: Board of Governors
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To provide greater assurance that the Federal Reserve is complying with the Monetary Control Act's requirement to establish fees on the basis of costs actually incurred and an allocation of imputed private-sector costs, the Chair of the Federal Reserve Board of Governors of the Federal Reserve System should periodically obtain independent testing of the methods the Federal Reserve uses to capture its actual costs and simulate those of the private sector.

    Agency: Federal Reserve System: Board of Governors
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Director: Alicia Puente Cackley
    Phone: (202) 512-8678

    1 open recommendations
    Recommendation: To address a potential challenge for consumers who wish to opt for private flood insurance and who must have insurance under the mandatory purchase requirement, the FEMA Administrator should consider reinstating the cancellation reason code allowing policyholders to cancel their NFIP policy and be eligible for premium refunds, on a prorated basis, if they obtain a non-NFIP policy after their NFIP policy became effective. If changes are needed to NFIP's standard flood insurance policy to allow such refunds, FEMA should take the necessary steps to amend its standard flood insurance policy.

    Agency: Department of Homeland Security: Directorate of Emergency Preparedness and Response: Federal Emergency Management Agency
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Director: David J. Wise
    Phone: (202) 512-2834

    2 open recommendations
    Recommendation: To increase the completeness of information on the federal government's real property holdings and improve the coordination among federal entities that lease real property, the Deputy Director of the OMB--as chair of the FRPC--should establish efficient methods for including data from non-FRPC member entities in the FRPP.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To increase the completeness of information on the federal government's real property holdings and improve the coordination among federal entities that lease real property, the Deputy Director of the OMB--as chair of the FRPC--should establish efficient methods for increasing collaboration between FRPC member and non-member entities, including sharing leading real-property management practices.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Director: Andrew Von Ah
    Phone: (213) 830-1011

    3 open recommendations
    Recommendation: The Secretary of Defense should direct the Under Secretary of Defense for Personnel and Readiness, in consultation with officials from the military service components and the JAMRS office, to develop a formal process for coordination on crosscutting issues to facilitate better leveraging of resources. As part of this process, DOD could review existing advertising programs to identify opportunities to reduce unnecessary duplication, overlap, and fragmentation and obtain potential efficiencies.

    Agency: Department of Defense
    Status: Open

    Comments: As of August 2017, a DOD official from the office of Under Secretary of Defense for Personnel and Readiness stated that a working group drafted an Instruction on DOD advertising and marketing and this instruction will be signed within the next 30 days. The instruction requires that the relevant departmentwide office will meet quarterly with the military service marketing representatives to discuss best practices and to look for efficiencies. Further, the official stated that the Army has directed the Army National Guard to work through Army Marketing and Research Group regarding their marketing efforts, which consolidates all Army marketing efforts within one office. The Air force is also in discussion to determine how best to consolidate the marketing efforts of its Guard and Reserve components with the Active Duty to gain efficiencies. We will monitor the issuance of the instruction and the efforts of the Air Force to consolidate activities.
    Recommendation: The Secretary of Defense should direct the Secretaries of the Departments of the Army, the Navy, and the Air Force to ensure that each military service component fully measure advertising performance. This should include both the identification of measurable goals in future versions of the service components' advertising plans and assurance that the service components have access to the necessary performance data to determine the effectiveness of their advertising activities for lead generation activities.

    Agency: Department of Defense
    Status: Open

    Comments: As of August 2017, a DOD official from the office of Under Secretary of Defense for Personnel and Readiness stated that a working group drafted an Instruction on DOD advertising and marketing and this instruction will be signed within the next 30 days. The instruction requires that the relevant department-level office will meet quarterly with the military service marketing representatives to discuss best practices and to look for efficiencies. Upon issuance of the instruction, we will assess the direction provided to the services in the instruction regarding performance measurement.
    Recommendation: The Secretary of Defense should direct the Under Secretary of Defense for Personnel and Readiness to ensure, as the department undertakes its effort to issue a department-wide policy for advertising, that this policy (1) clearly defines DOD's role in overseeing the advertising activities of military service components; (2) clarifies issues related to sports-related advertising; and (3) outlines procedures that should guide the components' advertising activities for other types of advertising, such as music concerts, other event advertising, and digital advertising.

    Agency: Department of Defense
    Status: Open

    Comments: As of August 2017, a DOD official from the office of Under Secretary of Defense for Personnel and Readiness stated that a work group session was held in October 2016 and based on the outcome of that work group, DOD has drafted an Instruction on DOD advertising and marketing. That instruction is currently in the "Pre-Signature" phase as a priority instruction which means it should be signed and published within the next 30 days. We will continue to monitor the issuance of this instruction.
    Director: David A. Powner
    Phone: (202) 512-9286

    6 open recommendations
    Recommendation: To ensure that agencies are provided with more complete guidance for contracts for cloud computing services, the Director of OMB should include all ten key practices in future guidance to agencies.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: We are following up with OMB on its service level agreement (SLA) guidance to agencies.
    Recommendation: To help ensure continued progress in the implementation of effective cloud computing SLAs, the Secretary of Defense should direct the appropriate officials to ensure key practices are fully incorporated for cloud services as the contracts and associated SLAs expire. These efforts should include updating the Department of Defense memorandum on acquiring cloud services and current Defense Acquisition Regulations System to more completely include the key practices.

    Agency: Department of Defense
    Status: Open

    Comments: We are following up with DOD on updating their service level agreement (SLA) guidance.
    Recommendation: To help ensure continued progress in the implementation of effective cloud computing SLAs, the Secretaries of Health and Human Services, Homeland Security, Treasury, and Veterans Affairs should direct appropriate officials to develop SLA guidance and ensure key practices are fully incorporated as the contract and associated SLAs expire.

    Agency: Department of Homeland Security
    Status: Open

    Comments: We are following up with DHS on the finalization of its service level agreement (SLA) guidance.
    Recommendation: To help ensure continued progress in the implementation of effective cloud computing SLAs, the Secretaries of Health and Human Services, Homeland Security, Treasury, and Veterans Affairs should direct appropriate officials to develop SLA guidance and ensure key practices are fully incorporated as the contract and associated SLAs expire.

    Agency: Department of Health and Human Services
    Status: Open

    Comments: We are following up with HHS on their service level agreement (SLA) guidance.
    Recommendation: To help ensure continued progress in the implementation of effective cloud computing SLAs, the Secretaries of Health and Human Services, Homeland Security, Treasury, and Veterans Affairs should direct appropriate officials to develop SLA guidance and ensure key practices are fully incorporated as the contract and associated SLAs expire.

    Agency: Department of the Treasury
    Status: Open

    Comments: We are following up with Treasury on their service level agreement (SLA) guidance.
    Recommendation: To help ensure continued progress in the implementation of effective cloud computing SLAs, the Secretaries of Health and Human Services, Homeland Security, Treasury, and Veterans Affairs should direct appropriate officials to develop SLA guidance and ensure key practices are fully incorporated as the contract and associated SLAs expire.

    Agency: Department of Veterans Affairs
    Status: Open

    Comments: We are following up with VA on their service level agreement (SLA) guidance.
    Director: Dave Wise
    Phone: (202) 512-2834

    3 open recommendations
    including 1 priority recommendation
    Recommendation: As part of its lease reform efforts and to increase possible cost savings, the GSA Administrator should fully explore strategies to enhance competition for GSA leases by encouraging tenant agencies to broaden their allowable geographic areas and to limit their specialized building requirements to those justifiably unique to the federal government.

    Agency: General Services Administration
    Status: Open

    Comments: When we confirm the action that GSA has taken to address the recommendation, we will update its status.
    Recommendation: As part of its lease reform efforts and to increase possible cost savings, the GSA Administrator should seek to reduce leasing costs for federal agencies by exploring, with relevant stakeholders, the possibility of loaning unobligated Federal Buildings Fund balances to agencies to cover tenant improvement costs that would otherwise have to be financed for new leases. If GSA finds that, with sufficient controls in place, tenant improvements can be safely funded this way, it should participate in the development of a legislative proposal to request that Congress make the necessary budget authority available.

    Agency: General Services Administration
    Status: Open
    Priority recommendation

    Comments: GSA agreed with the recommendation to reduce leasing costs for federal agencies by exploring the possibility of loaning unobligated Federal Building Fund (FBF) balances to agencies to cover tenants' improvement costs. In June 2016, GSA told us research is under way to establish the parameters of the annual financial impact of tenant improvement allowances on the unobligated Federal Buildings Fund balance. GSA's considerations will include defining the impact to the FBF balance of financing agencies' tenant improvement allowances, which would compete with the limited dollars available for new construction and major repairs and alterations. As of October 20, 2016, GSA had not provided GAO with additional updates to the status of this recommendation.
    Recommendation: As part of its lease reform efforts and to increase possible cost savings, the GSA Administrator should seek to reduce leasing costs for federal agencies by allowing tenant agencies the option of choosing non-cancelable occupancy agreements with lower administrative costs, particularly for leases with firm terms of 5 years or less.

    Agency: General Services Administration
    Status: Open

    Comments: When we confirm the action that GSA has taken to address the recommendation, we will update its status.
    Director: Kimberly M. Gianopoulos
    Phone: (202) 512-8612

    1 open recommendations
    Recommendation: To further improve OPIC's monitoring processes, the President and CEO of OPIC should assess the current monitoring processes to ensure that the risk associated with the use of client-reported data and limited site visits for monitoring is acceptable for meeting OPIC's program goals.

    Agency: Overseas Private Investment Corporation
    Status: Open

    Comments: In written comments on the draft report, the Overseas Private Investment Corporation (OPIC) concurred with the recommendation. In February 2017, OPIC executed two contracts with an external group to assist it in assessing the Office of Information Policy's current monitoring processes to ensure that the risks associated with the use of client-reported data and limited site visits for monitoring are acceptable and meet OPIC's program goals. The work is currently underway.
    Director: Cary B. Russell
    Phone: (202) 512-5431

    4 open recommendations
    Recommendation: To help ensure that DOD effectively evaluates the safety performance of carriers entrusted to transport security-sensitive materials in the Transportation Protective Services (TPS) program, the Secretary of Defense should direct the Office of the Under Secretary of Defense for Acquisition, Technology, and Logistics, in collaboration with the U.S. Transportation Command to update TPS program guidance to clarify (1) how to address carriers with absent or dated Safety Ratings and poor Safety Measurement System scores, and (2) what specific actions should be taken when carriers do not meet program requirements.

    Agency: Department of Defense
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To help ensure that DOD effectively evaluates the safety performance of carriers entrusted to transport security-sensitive materials in the Transportation Protective Services (TPS) program, the Secretary of Defense should direct the Office of the Under Secretary of Defense for Acquisition, Technology, and Logistics, in collaboration with the U.S. Transportation Command to establish and document an approach for conducting reviews of available violation data, such as analyzing violations incurred while transporting TPS shipments.

    Agency: Department of Defense
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To improve DOD's ability to identify and effectively mitigate public safety risks of TPS carriers transporting security-sensitive materials, the Secretary of Defense should direct the Office of the Under Secretary of Defense for Acquisition, Technology, and Logistics, in collaboration with the DOD Explosives Safety Board, the U.S. Transportation Command, the Surface Deployment and Distribution Command, and the Army Headquarters Safety Office, to develop department-wide guidance requiring the evaluation of the Defense Transportation Tracking System TPS carrier incident data to identify trends and patterns that could suggest systemic weaknesses such as mechanical breakdowns or unusual delays that represent a heightened potential public safety risk and take action to address any identified weaknesses.

    Agency: Department of Defense
    Status: Open

    Comments: According to TRANSCOM officials during our visit on April 2016--they are working on implementing these actions with a goal of completing them in Fall 2017.
    Recommendation: To improve DOD's ability to identify and effectively mitigate public safety risks of TPS carriers transporting security-sensitive materials, the Secretary of Defense should direct the Office of the Under Secretary of Defense for Acquisition, Technology, and Logistics, in collaboration with the DOD Explosives Safety Board, the U.S. Transportation Command, the Surface Deployment and Distribution Command, and the Army Headquarters Safety Office, to develop department-wide guidance requiring the identification and full investigation of TPS carrier incidents, including mishaps and near misses involving security-sensitive shipments, to determine potential root causes and identify corrective actions that could mitigate the recurrence of the mishap or the potential for more significant ones.

    Agency: Department of Defense
    Status: Open

    Comments: According to TRANSCOM officials during our visit on April 2016--they are working on implementing these actions with a goal of completing them in Fall 2017.
    Director: J. Alfredo Gómez
    Phone: (202) 512-3841

    2 open recommendations
    Recommendation: To help federal, state, local, and private sector decision makers access and use the best available climate information, the Executive Office of the President should designate a federal entity to develop and periodically update a set of authoritative climate change observations and projections for use in federal decision making, which state, local, and private sector decision makers could also access to obtain the best available climate information.

    Agency: Executive Office of the President
    Status: Open

    Comments: As of 6/7/17, the Executive Office of the President has yet to take action in response to this recommendation.
    Recommendation: To help federal, state, local, and private sector decision makers access and use the best available climate information, the Executive Office of the President should designate a federal entity to create a national climate information system with defined roles for federal agencies and nonfederal entities with existing statutory authority.

    Agency: Executive Office of the President
    Status: Open

    Comments: As of 6/7/17, the Executive Office of the President has yet to take action in response to this recommendation.
    Director: Gregory C. Wilshusen
    Phone: (202) 512-6244

    7 open recommendations
    Recommendation: To better monitor and provide a basis for improving the effectiveness of cybersecurity risk mitigation activities, informed by the sectors' updated plans and in collaboration with sector stakeholders, the Secretary of Homeland Security should direct responsible officials to develop performance metrics to provide data and determine how to overcome challenges to monitoring the chemical, commercial facilities, communications, critical manufacturing, dams, emergency services, information technology, and nuclear sectors' cybersecurity progress.

    Agency: Department of Homeland Security
    Status: Open

    Comments: DHS has released updated sector-specific plans for the chemical, commercial facilities, communications, critical manufacturing, dams, emergency services, information technology, and nuclear reactors sectors. The plans include a section on measuring effectiveness based on the plan development guidance. The plans provide expected metrics to track the progress of sector activities and state that the outcomes will be reported through the National Annual Reporting process as well as through the quadrennial plan update. Because the metrics are new and annual reporting has not yet occurred, DHS has not provided evidence of metrics data collected and reported to address the challenges. We will continue to follow-up to determine how performance measures have been implemented and what reporting is available based on those measures.
    Recommendation: To better monitor and provide a basis for improving the effectiveness of cybersecurity risk mitigation activities, informed by the sectors' updated plans and in collaboration with sector stakeholders, the Secretary of the Treasury should direct responsible officials to develop performance metrics to provide data and determine how to overcome challenges to monitoring the financial services sector's cybersecurity progress.

    Agency: Department of the Treasury
    Status: Open

    Comments: The 2015 sector-specific plan for the financial services sector includes a section on measuring the effectiveness of sector activities; however, the plan does not include specific metrics. The plan refers to working groups and meetings of sector stakeholders as mechanisms to track sector progress. No specific metrics and associated reports of outcomes have been provided to address overcoming the challenges of monitoring the sector's cybersecurity progress. We will continue to monitor financial services sector activities and determine any specific metrics and related reports developed and implemented to track and report on the sector's cybersecurity progress.
    Recommendation: To better monitor and provide a basis for improving the effectiveness of cybersecurity risk mitigation activities, informed by the sectors' updated plans and in collaboration with sector stakeholders, the Secretaries of Agriculture and Health and Human Services (as co-SSAs) should direct responsible officials to develop performance metrics to provide data and determine how to overcome challenges to monitoring the food and agriculture sector's cybersecurity progress.

    Agency: Department of Agriculture
    Status: Open

    Comments: The Departments of Agriculture and Health and Human Services released an update to the food and agriculture sector-specific plan for 2015. The plan states the sector's lack of an overarching mechanism to measure and evaluate risk mitigation activities and the challenge of obtaining performance measurement data from non-federal partners. However, the plan notes a goal of evaluating the progress of individual protective programs and strategies. No metrics or reports of outcomes have been provided to address the challenge of monitoring the sector's cybersecurity progress. We will continue to follow up to determine whether USDA and HHS have developed and implemented mechanisms to measure the outcomes of their sector cybersecurity-related activities.
    Recommendation: To better monitor and provide a basis for improving the effectiveness of cybersecurity risk mitigation activities, informed by the sectors' updated plans and in collaboration with sector stakeholders, the Secretaries of Agriculture and Health and Human Services (as co-SSAs) should direct responsible officials to develop performance metrics to provide data and determine how to overcome challenges to monitoring the food and agriculture sector's cybersecurity progress.

    Agency: Department of Health and Human Services
    Status: Open

    Comments: The Departments of Agriculture and Health and Human Services released an update to the food and agriculture sector-specific plan for 2015. The plan states the sector's lack of an overarching mechanism to measure and evaluate risk mitigation activities and the challenge of obtaining performance measurement data from non-federal partners. However, the plan notes a goal of evaluating the progress of individual protective programs and strategies. No metrics or reports of outcomes have been provided to address the challenge of monitoring the sector's cybersecurity progress. We will continue to follow up to determine whether HHS has developed and implemented mechanisms to measure the outcomes of its sector cybersecurity-related activities.
    Recommendation: To better monitor and provide a basis for improving the effectiveness of cybersecurity risk mitigation activities, informed by the sectors' updated plans and in collaboration with sector stakeholders, the Secretaries of Homeland Security and Transportation (as co-SSAs) should direct responsible officials to develop performance metrics to provide data and determine how to overcome challenges to monitoring the transportation systems sector's cybersecurity progress.

    Agency: Department of Homeland Security
    Status: Open

    Comments: The co-Sector-Specific Agencies (SSAs) for the Transportation Systems Sector, DHS (TSA and Coast Guard) and the Department of Transportation, provided an update on efforts to develop sector cybersecurity metrics. The update described measures under consideration such as tracking the number of sector stakeholders receiving cybersecurity products, monitoring the usefulness of products through satisfaction surveys, and tracking attendance at sector events and seminars encompassing cybersecurity. The co-SSAs plan to report sector cyber activities, progress, and relevant metrics annually through the Critical Infrastructure National Annual Report and through quadrennial updates to the sector-specific plan. The latest sector-specific plan was released in 2015. The proposed metrics have not been formalized in a strategy or plan. We will continue to monitor and evaluate efforts to formalize and implement the proposed metrics to determine whether they address the intent of the recommendation.
    Recommendation: To better monitor and provide a basis for improving the effectiveness of cybersecurity risk mitigation activities, informed by the sectors' updated plans and in collaboration with sector stakeholders, the Secretaries of Homeland Security and Transportation (as co-SSAs) should direct responsible officials to develop performance metrics to provide data and determine how to overcome challenges to monitoring the transportation systems sector's cybersecurity progress.

    Agency: Department of Transportation
    Status: Open

    Comments: The co-Sector-Specific Agencies (SSAs) for the Transportation Systems Sector, DHS (TSA and Coast Guard) and the Department of Transportation, provided an update on efforts to develop sector cybersecurity metrics. The update described measures under consideration such as tracking the number of sector stakeholders receiving cybersecurity products, monitoring the usefulness of products through satisfaction surveys, and tracking attendance at sector events and seminars encompassing cybersecurity. The co-SSAs plan to report sector cyber activities, progress, and relevant metrics annually through the Critical Infrastructure National Annual Report and through quadrennial updates to the sector-specific plan. The latest sector-specific plan was released in 2015. The proposed metrics have not been formalized in a strategy or plan. We will continue to monitor and evaluate efforts to formalize and implement the proposed metrics to determine whether they address the intent of the recommendation.
    Recommendation: To better monitor and provide a basis for improving the effectiveness of cybersecurity risk mitigation activities, informed by the sectors' updated plans and in collaboration with sector stakeholders, the Administrator of the Environmental Protection Agency should direct responsible officials to develop performance metrics to provide data and determine how to overcome challenges to monitoring the water and wastewater systems sector's cybersecurity progress.

    Agency: Environmental Protection Agency
    Status: Open

    Comments: The 2015 water and wastewater sector-specific plan includes a segment on measuring the effectiveness of sector activities that describes the overall principles for collecting data and using the National Annual Report data calls as a tool for assessing performance and reporting on progress within the sector. However, the plan does not state specific measures and the agency acknowledged in its response to our report that it does not collect performance metrics on the effectiveness of its cybersecurity programs for the sector. According to agency officials, the development of performance metrics in collaboration with sector partners is underway. We will continue to follow up to identify any specific metrics developed and implemented and resulting outcome-based reports.
    Director: Johana Ayers
    Phone: (202) 512-5741

    4 open recommendations
    Recommendation: To help DOD ensure that it appropriately considers the manufacturing arsenals as a source of manufacture and is strategically positioned to sustain the manufacturing arsenals' critical capabilities, the Secretary of Defense should direct the Secretary of the Army to issue clear, step-by-step implementing guidance, such as an instruction or guidebook, on the process for conducting make-or-buy analyses in a consistent manner.

    Agency: Department of Defense
    Status: Open

    Comments: DOD concurred with our recommendation related to issuing implementing guidance on make-or-buy analyses but provided no details on how or when it would issue such guidance. As of September 2016 DOD had not taken any action and this recommendation will remain open.
    Recommendation: To help DOD ensure that it appropriately considers the manufacturing arsenals as a source of manufacture and is strategically positioned to sustain the manufacturing arsenals' critical capabilities, the Secretary of Defense should direct the Secretary of the Army to identify and document fundamental elements--such as steps, interim milestones, time frames, and resources--for implementing the Army's Organic Industrial Base Strategic Plan 2012-2022.

    Agency: Department of Defense
    Status: Open

    Comments: DOD concurred with our recommendation related to implementing its 2012 strategic plan but provided no details on how or when it would implement the recommendation. As of September 2016 DOD had not taken any action and this recommendation will remain open.
    Recommendation: To help DOD ensure that it appropriately considers the manufacturing arsenals as a source of manufacture and is strategically positioned to sustain the manufacturing arsenals' critical capabilities, the Secretary of Defense should direct the Office of the Deputy Assistant Secretary of Defense for Maintenance Policy and Programs--in coordination with the military services, as appropriate, to complete DOD's ongoing effort to establish a process for identifying the manufacturing arsenals' critical capabilities and a method for determining the minimum workload needed to sustain these capabilities.

    Agency: Department of Defense
    Status: Open

    Comments: DOD concurred with our recommendation related to developing a process to identify the arsenals? critical capabilities and a method to determine the minimum workload needed to sustain those capabilities. DOD stated that its effort to address this recommendation were on going. As of September 2016 DOD had not taken any action and this recommendation will remain open.
    Recommendation: To help DOD ensure that it appropriately considers the manufacturing arsenals as a source of manufacture and is strategically positioned to sustain the manufacturing arsenals' critical capabilities, the Secretary of Defense should direct the Office of the Deputy Assistant Secretary of Defense for Maintenance Policy and Programs--in coordination with the military services, as appropriate, to develop and issue guidance, such as a DOD instruction, to implement the process for identifying the manufacturing arsenals' critical capabilities and the method for determining the minimum workload needed to sustain these capabilities.

    Agency: Department of Defense
    Status: Open

    Comments: Although DOD did not specifically comment on our recommendation related to issuing guidance to implement a process for identifying the arsenals critical capabilities and a method for determining the minimum workload needed to sustain these capabilities, it commented that it expects to issue an instruction incorporating such a process by the end of fiscal year 2016. However, as of September 2016 DOD had not taken any action and this recommendation will remain open.
    Director: Charles A. Jeszeck
    Phone: (202) 512-7215

    3 open recommendations
    Recommendation: To address the legal uncertainty stemming from ERISA preemption of state laws while maintaining the advantages of ERISA for both employers and workers, Congress should consider providing states limited flexibility to pursue efforts to increase coverage under workplace retirement savings programs. To do this, Congress could, for example, direct or authorize the Secretary of Labor, in consultation with the Secretary of the Treasury, to (1) promulgate regulations prescribing a limited safe harbor under which state workplace retirement savings programs with sufficient safeguards would not be preempted and would receive tax treatment comparable to that provided to private sector workplace retirement savings programs, or (2) create a pilot program under which DOL could select a limited number of states to establish workplace retirement savings programs subject to DOL and Treasury oversight. In either case, any such initiative should ensure that state programs include adequate participant protections and are subject to agency oversight, appropriate reporting requirements, and meaningful evaluation.

    Agency: Congress
    Status: Open

    Comments: No action taken to date.
    Recommendation: To facilitate state efforts to expand coverage in workplace retirement savings programs, the Secretary of Labor and Secretary of the Treasury should consider their authority and review and revise, if necessary, existing regulations and guidance causing uncertainty for state efforts. For example, the Secretary of Labor could direct the Employee Benefits Security Administration's (EBSA) Assistant Secretary to revise Interpretive Bulletin 99-1 to clarify whether states can offer payroll deduction Individual Retirement Accounts (IRAs) and, if so, whether features in relevant enacted state legislation--such as automatic enrollment and/or a requirement that employers offer a payroll deduction--would cause these programs to be treated as employee benefit plans.

    Agency: Department of Labor
    Status: Open

    Comments: DOL generally agreed with this recommendation. To address uncertainty facing state efforts, EBSA is initiating a regulatory agenda entitled ?Saving Arrangements Established by States for Non-Governmental Employees,? which will appear in the Fall 2015 Semi-Annual Regulatory Agenda. On November 18, 2015, DOL published a Notice of Proposed Rulemaking (NPRM) on state payroll deduction IRA programs. Under the proposed rule, employers complying with the state law requirements would not create a retirement plan subject to ERISA as long as the state and the employer follows certain rules. They also also published a companion Interpretive Bulletin on the same day that describes ways in which states can promote the creation of ERISA-covered plans, fully subject to ERISA?s rules and protections, without triggering ERISA preemption. The public comment period for the proposed rule closed on January 19, 2016. EBSA is evaluating the 67 public comments submitted (and posted on EBSA?s website) and working towards drafting and clearance of a final rule. EBSA has also been providing technical assistance to several states and other jurisdictions about the Interpretive Bulletin. The Administration?s 2017 Budget also included legislative proposals for piloting innovative, more portable approaches to provide retirement and other employment-based benefits.
    Recommendation: To facilitate state efforts to expand coverage in workplace retirement savings programs, the Secretary of Labor and Secretary of the Treasury should consider their authority and review and revise, if necessary, existing regulations and guidance causing uncertainty for state efforts. For example, the Secretary of Labor could direct the Employee Benefits Security Administration's (EBSA) Assistant Secretary to revise Interpretive Bulletin 99-1 to clarify whether states can offer payroll deduction Individual Retirement Accounts (IRAs) and, if so, whether features in relevant enacted state legislation--such as automatic enrollment and/or a requirement that employers offer a payroll deduction--would cause these programs to be treated as employee benefit plans.

    Agency: Department of the Treasury
    Status: Open

    Comments: The Department of the Treasury generally agreed with this recommendation and did not provide additional comments on actions to address it.
    Director: Mark Goldstein
    Phone: (202) 512-2834

    1 open recommendations
    Recommendation: To ensure that NTIA's evaluation of the Internet multistakeholder community's transition proposal fully considers whether the proposal provides reasonable assurance that NTIA's core goals for the transition will be met, the NTIA Administrator should review relevant frameworks for evaluation, such as the Committee of Sponsoring Organizations of the Treadway Commission framework and the International Organization for Standardization quality management principles, and use the relevant portions of the frameworks to help evaluate and document whether and how the transition proposal meets NTIA's core goals.

    Agency: National Telecommunications and Information Administration
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Director: Lawrance Evans
    Phone: (202) 512-8678

    4 open recommendations
    Recommendation: To ensure that NCUA has adequate authority to determine the safety and soundness of credit unions, Congress should consider modifying the Federal Credit Union Act to grant NCUA authority to examine technology service providers of credit unions.

    Agency: Congress
    Status: Open

    Comments: In July 2015, we suggested that Congress modify the Federal Credit Union Act to grant NCUA authority to examine technology service providers of credit unions. As of October 2016, Congress had not granted NCUA such authority.
    Recommendation: To improve their ability to assess the adequacy of the information security practices at medium and small institutions, the heads of Federal Deposit Insurance Corporation, the Federal Reserve, Office of the Comptroller of the Currency, and NCUA should routinely categorize IT examination findings and analyze this information to identify trends that can guide areas of review across institutions.

    Agency: Department of the Treasury: Office of the Comptroller of the Currency
    Status: Open

    Comments: In July 2015, we recommended that the Office of the Comptroller of the Currency (OCC) and other federal financial institution regulators conduct trend analysis of their IT examination findings to improve their ability to assess the adequacy of information security practices at medium and small institutions. In September 2015, OCC stated that it is taking two actions to respond to our recommendation. First, the agency is integrating the Cybersecurity Assessment Tool (Tool), developed by OCC and other federal financial institution regulators, into OCC's ongoing IT examinations of national banks and federal savings associations. Officials believe that the Tool will provide OCC with a repeatable and measurable process for assessing both the level of risk and the maturity of risk management processes within and across OCC-supervised institutions. Also, officials believe that data gathered in this process will allow OCC to monitor industry trends and identify new or emerging weaknesses where additional guidance or supervisory actions may be needed. Furthermore, the Tool will help OCC allocate examiner resources and better target examiner training. OCC began integrating the Tool in selected examinations in December 2015. Second, OCC stated that it enhanced its guidance and procedures for examiners to identify and aggregate supervisory concerns into matters requiring attention (MRAs), which are the mechanism OCC uses to communicate supervisory concerns to bank management and directors. OCC believes that the enhancements will facilitate systemic categorization of supervisory concerns that strengthen recording, monitoring, and analyzing of volumes and trends across bank portfolios. Also, the enhanced guidance discusses the relationship between MRAs, interagency ratings, OCC's risk assessment system, and enforcement actions. OCC believes that these process enhancements combined with the integration of the Tool, will improve its ability to assess information security practices at medium and small institutions. We will continue to monitor OCC's progress in implementing the Tool and the resulting trend analyses that the Tool is intended to facilitate.
    Recommendation: To improve their ability to assess the adequacy of the information security practices at medium and small institutions, the heads of Federal Deposit Insurance Corporation, the Federal Reserve, Office of the Comptroller of the Currency, and NCUA should routinely categorize IT examination findings and analyze this information to identify trends that can guide areas of review across institutions.

    Agency: Federal Reserve System
    Status: Open

    Comments: In July 2015, we recommended that the Board of Governors of the Federal Reserve System (Board) and other federal financial institution regulators conduct trend analysis of their IT examination findings to improve their ability to assess the adequacy of information security practices at medium and small institutions. As of October 2016, the Board had not provided an update on its efforts to address this recommendation.
    Recommendation: To improve their ability to assess the adequacy of the information security practices at medium and small institutions, the heads of Federal Deposit Insurance Corporation, the Federal Reserve, Office of the Comptroller of the Currency, and NCUA should routinely categorize IT examination findings and analyze this information to identify trends that can guide areas of review across institutions.

    Agency: National Credit Union Administration
    Status: Open

    Comments: In July 2015, we recommended that the National Credit Union Administration (NCUA) and other federal financial institution regulators conduct trend analysis of their IT examination findings to improve their ability to assess the adequacy of information security practices at medium and small institutions. In July 2016, NCUA told us that it and the other federal financial institution regulators issued the Cybersecurity Assessment Tool (Tool) in June 2015 to provide a comprehensive method for institutions to benchmark their cybersecurity programs. Officials believe that the Tool will allow examiners to consistently and methodically look at credit union risks and trends, as well as collect detailed information on the risks and mitigating controls employed by credit unions. When the Tool is fully implemented, officials expect to be able to aggregate risk indicators and program gaps across the credit union industry to improve resource deployment and enhance cybersecurity supervisory oversight. NCUA plans to begin pilot testing the Tool in late 2016 with program integration targeted for July 2017. We will continue to monitor NCUA's progress with this program and revisit our recommendation in July 2017.
    Director: Maurer, Diana C
    Phone: (202) 512-9627

    2 open recommendations
    Recommendation: To improve disposition reporting that would help states update and complete criminal history records, the Director of the FBI should task the FBI Advisory Policy Board to establish a plan with time frames and milestones for achieving its Disposition Task Force's stated goals.

    Agency: Department of Justice: Federal Bureau of Investigation
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To better equip states to meet the regulatory requirement to notify individuals of their rights to challenge and update information in their criminal history records, and to ensure that audit findings are resolved, the Director of the FBI--in coordination with the Compact Council-- should determine why states do not comply with the requirement to notify applicants and use this information to revise its state educational programs accordingly.

    Agency: Department of Justice: Federal Bureau of Investigation
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Director: David A. Powner
    Phone: (202) 512-9286

    3 open recommendations
    Recommendation: To better facilitate the coordination of--and accountability for--the estimated billions of dollars in federal geospatial investments, to reduce duplication, and, specifically, to make progress toward an effective national infrastructure and to improve oversight on federal spending on geospatial data and assets, the Director of OMB should improve oversight of progress on the NSDI by requiring federal agencies to report on their efforts to establish and implement policies for identifying geospatial metadata on the Geospatial Platform and their procedures for utilizing the Marketplace feature of the Geospatial Platform before making new investments in geospatial data.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: As of September 7, 2017, OMB had not yet taken steps to require all federal agencies that invest in geospatial data to report on their efforts to establish and implement policies and procedures for utilizing the Geospatial Platform before making new investments in geospatial data. OMB officials in stated in December 2016 that they were in discussion with the Federal Geographic Data Committee (FGDC) on how to best address this issue, possibly in future guidance. On September 7, 2017, OMB officials stated that there have been no changes to the status of this recommendation, but that they anticipate the recommendation will be considered further once the new FGDC Steering Committee leadership and membership are in place; and the NSDI Strategic Plan actions and the potential for a new geospatial policy update are determined. However, OMB did not provide anticipated dates for these activities.
    Recommendation: To better facilitate the coordination of--and accountability for--the estimated billions of dollars in federal geospatial investments, to reduce duplication, and to help ensure the success of departmental efforts to improve geospatial coordination and reduce duplication, the Secretary of Agriculture should direct the designated senior agency official for geospatial information to develop and implement internal procedures to ensure that it accesses the Geospatial Platform Marketplace before it expends funds to collect or produce new geospatial data to determine (1) whether the information has already been collected by others and (2) whether cooperative efforts to obtain the data are possible.

    Agency: Department of Agriculture
    Status: Open

    Comments: The United States Department of Agriculture (Agriculture) issued a departmental regulation in August 2016 covering enterprise geospatial data management. The regulation applies to all Agriculture agencies, organizations and contractors, and addresses all geospatial authoritative data sources. It states that all Agriculture agencies and staff offices will follow documented procedures approved by the Office of the Chief Information Officer (OCIO) to conduct a formal search of the Geospatial Marketplace prior to expending funds for geospatial data acquisitions. However, Agriculture has yet to provide the OCIO-approved documented procedures, or evidence of their implementation. According to an Agriculture official in July 2017, the new procedures are under review, and they hope to have implemented them by the end of December 2017.
    Recommendation: To increase coordination between various levels of government and reduce duplication of effort, resources, and costs associated with collecting and maintaining accurate address data, Congress should consider assessing the impact of the disclosure restrictions of Section 9 of Title 13 and Section 412 of Title 39 of the U.S. Code in moving toward a national geospatial address database. If warranted, Congress should consider revising those statutes to authorize the limited release of addresses, without any personally identifiable information, specifically for geospatial purposes. Such a change, if deemed appropriate, could potentially result in significant savings across federal, state, and local governments.

    Agency: Congress
    Status: Open

    Comments: There has been no legislative action identified as of August 16, 2017. Addressing this action, which GAO suggested in February 2015, could increase coordination between various levels of government and reduce duplication of effort, resources, and costs associated with collecting and maintaining accurate address data.
    Director: Michael Courts
    Phone: (202) 512-8980

    3 open recommendations
    Recommendation: To enhance State's efforts to protect SWT participants from abuse and the SWT program from misuse, the Secretary of State should direct the Bureau of Education and Cultural Affairs to establish a mechanism to ensure that sponsors provide complete and consistent lists of fees that participants must pay.

    Agency: Department of State
    Status: Open

    Comments: In response to our recommendation that the State Department (State) establish a mechanism to ensure that sponsor provide complete and consistent lists of fees that exchange visitors on the Summer Work Travel program must pay, State acknowledged it collected such fee information in 2016. As of August 3, 2017, we are awaiting State's review and analysis of this information to ensure the price lists are consistent and comprehensive.
    Recommendation: To enhance State's efforts to protect SWT participants from abuse and the SWT program from misuse, the Secretary of State should direct the Bureau of Education and Cultural Affairs to establish a mechanism to establish a mechanism to ensure that information about these participant fees is made publicly available.

    Agency: Department of State
    Status: Open

    Comments: In response to our recommendation that the State Department (State) establish a mechanism to ensure that information about Summer Work Travel participant fees is made publically available, State noted that it had published a notice for proposed rulemaking on January 12, 2017. When finalized, this would require would require each sponsor to include in its recruiting material, and post on its main Web site (e.g., with a visible link to such a page on the sponsor?s homepage), examples of the typical monthly budgets of exchange visitors placed in various regions of the United States to illustrate wages (based on the required weekly minimum of 32-hours of work at a typical host placement) balanced against itemized fees and estimated costs. Until State finalizes this rule, they cannot enforce this requirement. As of July 27, 2017, this information was not available to the public on the six sponsor websites we checked.
    Recommendation: To enhance State's efforts to protect SWT participants from abuse and the SWT program from misuse, the Secretary of State should direct the Bureau of Education and Cultural Affairs to establish detailed criteria that will allow State to assess the sufficiency and appropriateness of opportunities for cultural activities outside the workplace that sponsors provide to SWT participants.

    Agency: Department of State
    Status: Open

    Comments: In response to our recommendation that the State Department (State) establish detailed criteria that will allow it to assess the sufficiency and appropriateness of opportunities for cultural activities outside the workplace that sponsors provide to Summer Work Travel participants, State published a notice for proposed rulemaking on January 12, 2017. When finalized, this would require sponsors and their host entities to create cultural opportunities at least once per month. The proposed rule also notes that State will issue guidance outlining best practices for cross-cultural programming. As of July 27, 2017 this is not finalized.
    Director: Gomez, Jose A
    Phone: (202) 512-3841

    2 open recommendations
    Recommendation: To promote forward-looking construction and rebuilding efforts while FEMA phases out most subsidies, the Secretary of the Department of Homeland Security should direct FEMA to consider amending NFIP minimum standards for floodplain management to incorporate, as appropriate, forward-looking standards, similar to the minimum standard adopted by the Hurricane Sandy Rebuilding Task Force.

    Agency: Department of Homeland Security
    Status: Open

    Comments: In March 2017, the Department of Homeland Security reaffirmed that they agreed with the recommendation, and would begin implementing it after implementing the statutory mandates in the Biggert-Waters Flood Insurance Reform Act of 2012. The Department estimated that it would begin implementing our recommendation in 2018 and complete its implementation by 2020.
    Recommendation: To promote greater resilience to climate change effects in U.S. agriculture, the Secretary of Agriculture should direct RMA to consider working with agricultural experts to recommend or incorporate resilient agricultural practices into their expert guidance for growers, so that good farming practices take into account longterm agricultural resilience to climate change.

    Agency: Department of Agriculture
    Status: Open

    Comments: In May 2016, USDA issued Building Blocks for Climate Smart Agriculture and Forestry: Implementation Plan and Progress Report as USDA's framework for helping farmers, ranchers, and forestland owners respond to climate change, through voluntary and incentive-based actions. The report establishes long-term goals for improving agricultural resilience to climate change, which could reduce federal fiscal exposure for federally-insured crops. However, USDA has framed its resilience-building actions for producers as voluntary, rather than incorporating them into the good farming practices required to be eligible for insurance payouts. As a result, it is unclear to what extent federal crop insurance policyholders will use the information provided to improve their resilience.
    Director: John Neumann
    Phone: (202) 512-3841

    4 open recommendations
    Recommendation: To more effectively fulfill its expanded role in providing a clearinghouse of information on available federal technology transfer opportunities, the Chair of FLC, in coordination with the other members of the Executive Board, should work collaboratively with agency and lab members to take steps to better communicate with potential customers during the design and implementation of FLC's clearinghouse initiatives, including conducting customer needs assessments, conducting customer testing of current and future web-based initiatives, and collecting customer feedback on all FLC initiatives to make the initiatives more useful.

    Agency: Federal Laboratory Consortium for Technology Transfer
    Status: Open

    Comments: FLC has provided GAO with information on steps they are taking to address the recommendations in GAO-15-127. A number of these actions should be completed towards the end of 2016 after which we plan to request additional information from FLC.
    Recommendation: To more effectively fulfill its expanded role in providing a clearinghouse of information on available federal technology transfer opportunities, the Chair of FLC, in coordination with the other members of the Executive Board, once feedback is collected from potential customers, should work collaboratively with agency and lab members to use this feedback to improve FLC's initiatives to make them more useful to potential customers, including asking FLC members for additional or different information, as appropriate.

    Agency: Federal Laboratory Consortium for Technology Transfer
    Status: Open

    Comments: FLC has provided GAO with information on steps they are taking to address the recommendations in GAO-15-127. A number of these actions should be completed towards the end of 2016 after which we plan to request additional information from FLC.
    Recommendation: To more effectively fulfill its expanded role in providing a clearinghouse of information on available federal technology transfer opportunities, the Chair of FLC, in coordination with the other members of the Executive Board, should work collaboratively with agency and lab members to develop performance goals and measures for FLC's clearinghouse initiatives and use the results to evaluate progress toward meeting FLC's goals on outreach and networking.

    Agency: Federal Laboratory Consortium for Technology Transfer
    Status: Open

    Comments: FLC has provided GAO with information on steps they are taking to address the recommendations in GAO-15-127. A number of these actions should be completed towards the end of 2016 after which we plan to request additional information from FLC.
    Recommendation: To more effectively fulfill its expanded role in providing a clearinghouse of information on available federal technology transfer opportunities, the Chair of FLC, in coordination with the other members of the Executive Board, should report on FLC's progress in these efforts in its annual report to the President and Congress.

    Agency: Federal Laboratory Consortium for Technology Transfer
    Status: Open

    Comments: FLC has provided GAO with information on steps they are taking to address the recommendations in GAO-15-127. A number of these actions should be completed towards the end of 2016 after which we plan to request additional information from FLC.
    Director: Charlie Jeszeck
    Phone: (202) 512-7215

    4 open recommendations
    Recommendation: To improve IRS's enforcement and compliance efforts, decrease the administrative and financial burden of maintaining both electronic and paper-based form processing systems, and reduce plan reporting costs, Congress should consider providing the Department of the Treasury with the authority to require that the Form 5500 series be filed electronically.

    Agency: Congress
    Status: Open

    Comments: As of 5/31/17, Congress has taken no action.
    Recommendation: To improve the usefulness, reliability, and comparability of Form 5500 data for all stakeholders while limiting the burden on the filing community, the Secretaries of DOL and Treasury, and the Director of PBGC should consider implementing the findings from our panel when modifying plan investment and service provider fee information, including: (1) revising Schedule H plan asset categories to better match current investment vehicles and provide more transparency into plan investments; (2) revising the Schedule of Assets attachments to create a standard searchable format; (3) developing a central repository for EIN and PN numbers for filers and service providers to improve the comparability of form data across filings; (4) clarifying Schedule C instructions for direct, eligible indirect, and reportable indirect compensation so plan fees are reported more consistently and, as we recommended in the past, better align with the 408(b)(2) fee disclosures; and (5) simplifying and clarify Schedule C service provider codes to increase reporting consistency.

    Agency: Department of Labor
    Status: Open

    Comments: In 2016, DOL in coordination with IRS and PBGC has implemented cross-year edit checks into EFAST in an effort to improve the consistency in key identifying information, such as the EIN, Plan Number and Plan Name. These checks aim to verify identifying information submitted on the Form 5500 and to notify the filer and government agencies of inconsistencies, which affords filers the ability to review and modify crucial identifying information prior to submission. Additionally, if the filer chooses to submit data that may contain inconsistent information, the edit test indicators provide government users with the ability to more readily detect filings containing potential errors in the identifying information for further review and correction. DOL has also collaborated with PBGC and IRS in issuing proposed revisions to the Form 5500 Series in a Notice of Proposed Forms Revisions. The deadline for public comment ended December 5, 2016. The proposed revisions in the Notice reflect efforts of DOL, IRS, and PBGC to improve the Form 5500 reporting for filers, the public, and the agencies by among other things, (1) modernizing financial information filed by regarding plans; (2) updating fee and expense information on plan service providers with a focus on harmonizing annual reporting requirement with DOL's 408(b)(2); financial disclosure requirements; (3) enhancing the ability to mine data files on annual returns/reports; and (4) improving compliance with ERISA and the Code through selected new questions regarding plan operation, service provider relationships, and financial management of plans. Specifically, in the Notice the agencies propose that Schedule H report assets held and assets disposed of during the plan year to provide more transparency and a more complete report of plan's annual investments and that that the Schedule of Assets be revised to require reporting of assets held through direct filing entities. Additionally, the agencies are proposing revisions to the Schedule H, Schedule of Assets that require filers to complete standardized Schedules in a format enabling data to captured electronically. This requirement would enable importation of information from the Schedules of Assets into structured databases that DOL would make available to the public from each year's Form 5500 Series filing. The agencies are also proposing to add clarifying definitions and instructions to improve the consistency of Form 5000 responses. This includes clarification of conventions to identify filers by name and identifying numbers to help mitigate confusion about legal identities with which plans transact and improve comparability of form data across filings. In addition, the agencies also propose revisions to Schedule C to require reporting of indirect compensation for service provider subject to 408(b)(2) requirements and for all compensation that is required to be disclosed. Further, the Schedule C instructions would be clarified to track more closely with the language of the 408(b)(2) regulations. The agencies are also proposing to limit the codes for Schedule C and requiring the filer to more simply indicate all types of services for each provider identified. Additionally, they propose a requirement to indicate all the types of fees/compensation separately when reporting sources of compensation from parties other than plan and plan sponsor. The agencies are reviewing the public comments and expect the process to continue through 2017. While the Agencies have made considerable efforts to address our recommendation in the proposed revisions to the Form 5500, they have not made any decisions on whether to make changes to the forms or DOL regulations, and have not decided on a timeline for implementation of any changes to the form or DOL regulations that the Agencies ultimately may decide to adopt. We will close this recommendation once the revision is final.
    Recommendation: To improve the usefulness, reliability, and comparability of Form 5500 data for all stakeholders while limiting the burden on the filing community, the Secretaries of DOL and Treasury, and the Director of PBGC should consider implementing the findings from our panel when modifying plan investment and service provider fee information, including: (1) revising Schedule H plan asset categories to better match current investment vehicles and provide more transparency into plan investments; (2) revising the Schedule of Assets attachments to create a standard searchable format; (3) developing a central repository for EIN and PN numbers for filers and service providers to improve the comparability of form data across filings; (4) clarifying Schedule C instructions for direct, eligible indirect, and reportable indirect compensation so plan fees are reported more consistently and, as we recommended in the past, better align with the 408(b)(2) fee disclosures; and (5) simplifying and clarify Schedule C service provider codes to increase reporting consistency.

    Agency: Department of the Treasury
    Status: Open

    Comments: In 2016, DOL in coordination with IRS and PBGC has implemented cross-year edit checks into EFAST in an effort to improve the consistency in key identifying information, such as the EIN, Plan Number and Plan Name. These checks aim to verify identifying information submitted on the Form 5500 and to notify the filer and government agencies of inconsistencies, which affords filers the ability to review and modify crucial identifying information prior to submission. Additionally, if the filer chooses to submit data that may contain inconsistent information, the edit test indicators provide government users with the ability to more readily detect filings containing potential errors in the identifying information for further review and correction. IRS has also collaborated with DOL and PBGC in issuing proposed revisions to the Form 5500 Series in a Notice of Proposed Forms Revisions. The deadline for public comment ended December 5, 2016. The proposed revisions in the Notice reflect efforts of DOL, IRS, and PBGC to improve the Form 5500 reporting for filers, the public, and the agencies by among other things, (1) modernizing financial information filed by regarding plans; (2) updating fee and expense information on plan service providers with a focus on harmonizing annual reporting requirement with DOL's 408(b)(2); financial disclosure requirements; (3) enhancing the ability to mine data files on annual returns/reports; and (4) improving compliance with ERISA and the Code through selected new questions regarding plan operation, service provider relationships, and financial management of plans. Specifically, in the Notice the agencies propose that Schedule H report assets held and assets disposed of during the plan year to provide more transparency and a more complete report of plan's annual investments and that that the Schedule of Assets be revised to require reporting of assets held through direct filing entities. Additionally, the agencies are proposing revisions to the Schedule H, Schedule of Assets that require filers to complete standardized Schedules in a format enabling data to captured electronically. This requirement would enable importation of information from the Schedules of Assets into structured databases that DOL would make available to the public from each year's Form 5500 Series filing. The agencies are also proposing to add clarifying definitions and instructions to improve the consistency of Form 5000 responses. This includes clarification of conventions to identify filers by name and identifying numbers to help mitigate confusion about legal identities with which plans transact and improve comparability of form data across filings. In addition, the agencies also propose revisions to Schedule C to require reporting of indirect compensation for service provider subject to 408(b)(2) requirements and for all compensation that is required to be disclosed. Further, the Schedule C instructions would be clarified to track more closely with the language of the 408(b)(2) regulations. The agencies are also proposing to limit the codes for Schedule C and requiring the filer to more simply indicate all types of services for each provider identified. Additionally, they propose a requirement to indicate all the types of fees/compensation separately when reporting sources of compensation from parties other than plan and plan sponsor. The agencies are reviewing the public comments and expect the process to continue through 2017. While the Agencies have made considerable efforts to address our recommendation in the proposed revisions to the Form 5500, they have not made any decisions on whether to make changes to the forms or DOL regulations, and have not decided on a timeline for implementation of any changes to the form or DOL regulations that the Agencies ultimately may decide to adopt. We will close this recommendation once the revision is final.
    Recommendation: To improve the usefulness, reliability, and comparability of Form 5500 data for all stakeholders while limiting the burden on the filing community, the Secretaries of DOL and Treasury, and the Director of PBGC should consider implementing the findings from our panel when modifying plan investment and service provider fee information, including: (1) revising Schedule H plan asset categories to better match current investment vehicles and provide more transparency into plan investments; (2) revising the Schedule of Assets attachments to create a standard searchable format; (3) developing a central repository for EIN and PN numbers for filers and service providers to improve the comparability of form data across filings; (4) clarifying Schedule C instructions for direct, eligible indirect, and reportable indirect compensation so plan fees are reported more consistently and, as we recommended in the past, better align with the 408(b)(2) fee disclosures; and (5) simplifying and clarify Schedule C service provider codes to increase reporting consistency.

    Agency: Pension Benefit Guaranty Corporation
    Status: Open

    Comments: In 2016, DOL in coordination with IRS and PBGC has implemented cross-year edit checks into EFAST in an effort to improve the consistency in key identifying information, such as the EIN, Plan Number and Plan Name. These checks aim to verify identifying information submitted on the Form 5500 and to notify the filer and government agencies of inconsistencies, which affords filers the ability to review and modify crucial identifying information prior to submission. Additionally, if the filer chooses to submit data that may contain inconsistent information, the edit test indicators provide government users with the ability to more readily detect filings containing potential errors in the identifying information for further review and correction. PBDC has also collaborated with DOL and IRS in issuing proposed revisions to the Form 5500 Series in a Notice of Proposed Forms Revisions. The deadline for public comment ended December 5, 2016. The proposed revisions in the Notice reflect efforts of DOL, IRS, and PBGC to improve the Form 5500 reporting for filers, the public, and the agencies by among other things, (1) modernizing financial information filed by regarding plans; (2) updating fee and expense information on plan service providers with a focus on harmonizing annual reporting requirement with DOL's 408(b)(2); financial disclosure requirements; (3) enhancing the ability to mine data files on annual returns/reports; and (4) improving compliance with ERISA and the Code through selected new questions regarding plan operation, service provider relationships, and financial management of plans. Specifically, in the Notice the agencies propose that Schedule H report assets held and assets disposed of during the plan year to provide more transparency and a more complete report of plan's annual investments and that that the Schedule of Assets be revised to require reporting of assets held through direct filing entities. Additionally, the agencies are proposing revisions to the Schedule H, Schedule of Assets that require filers to complete standardized Schedules in a format enabling data to captured electronically. This requirement would enable importation of information from the Schedules of Assets into structured databases that DOL would make available to the public from each year's Form 5500 Series filing. The agencies are also proposing to add clarifying definitions and instructions to improve the consistency of Form 5000 responses. This includes clarification of conventions to identify filers by name and identifying numbers to help mitigate confusion about legal identities with which plans transact and improve comparability of form data across filings. In addition, the agencies also propose revisions to Schedule C to require reporting of indirect compensation for service provider subject to 408(b)(2) requirements and for all compensation that is required to be disclosed. Further, the Schedule C instructions would be clarified to track more closely with the language of the 408(b)(2) regulations. The agencies are also proposing to limit the codes for Schedule C and requiring the filer to more simply indicate all types of services for each provider identified. Additionally, they propose a requirement to indicate all the types of fees/compensation separately when reporting sources of compensation from parties other than plan and plan sponsor. The agencies are reviewing the public comments and expect the process to continue through 2017. While the Agencies have made considerable efforts to address our recommendation in the proposed revisions to the Form 5500, they have not made any decisions on whether to make changes to the forms or DOL regulations, and have not decided on a timeline for implementation of any changes to the form or DOL regulations that the Agencies ultimately may decide to adopt. We will close this recommendation once any revision are made final.
    Director: Jeszeck, Charles A
    Phone: (202) 512-7215

    6 open recommendations
    Recommendation: To increase the accuracy of "potential private pension benefit information" notices that SSA sends to Social Security claimants, Congress should consider legislation shifting responsibility and necessary resources to Labor for (a) electronically collecting form 8955-SSA information on participants' deferred vested benefits, (b) maintaining an accurate federal database of those benefits, and (c) periodically sending SSA accurate information about such benefits for recent Social Security claimants identified by SSA, so that SSA may provide notices to retirees.

    Agency: Congress
    Status: Open

    Comments: As of September 2017, no congressional action has been taken in response to this recommendation.
    Recommendation: To ease the burden on plan sponsors, enhance compliance, and help ensure that disclosures to participants are written in a manner that can be understood by the average participant, Labor, IRS, and PBGC should work together to create and regularly update a comprehensive online tool for plan sponsors to search for the reports and disclosures they are required to provide based on plan type, design, and circumstances.

    Agency: Department of Labor
    Status: Open

    Comments: In November 2013, Labor officials said that they would consult with their colleagues at the Treasury Department/IRS and PBGC regarding creation of one unified online tool for plan adminstrators to search for the reports and disclosures they are required to submit based on a plan's type, design, and circumstances. However, in FY 2014, officials indicated that, although they will continue to consult with their other agency colleagues regarding creation of such a tool, they now tentativley disagree with the recommendation and believe that such a tool could be confusing, especially for small employers. In 2015, Labor raised concerns about this recommendation, continuing to question whether a unified tri-agency online tool would be valuable for sponsors of large pension plans and may be confusing to some plan sponsors, especially small employers. They further noted that they do not believe it would be appropriate for EBSA to adjust its regulatory or guidance priorities at this time or reallocate resources currently dedicated to other priority projects in order to further explore any possible merit of such an online tool. GAO continues to believe just the opposite, that a well-designed comprehensive online tool could be very helpful, especially for small employers. In FY 17, Labor reiterated its opinions from previous years.
    Recommendation: To ease the burden on plan sponsors, enhance compliance, and help ensure that disclosures to participants are written in a manner that can be understood by the average participant, Labor, IRS, and PBGC should work together to create and regularly update a comprehensive online tool for plan sponsors to search for the reports and disclosures they are required to provide based on plan type, design, and circumstances.

    Agency: Department of the Treasury: Internal Revenue Service
    Status: Open

    Comments: IRS officials initially noted that they are continuing their efforts to ensure that plan sponsors have access to comprehensive and up-to-date online resources. They said they had met with Labor and PBGC officials to discuss the value and feasibility of developing and maintaining a comprehensive online tool. However, with decreased resources, they believe it is unlikely for the agency to create and regularly update such a tool. However, they would continue to confer with Labor and PBGC colleagues to determine if it is possible to cross-reference existing agency resources online. As of September 2017, IRS has not provided an update on its efforts. GAO continues to believe that such a tool would be beneficial to plan sponsors of all sizes.
    Recommendation: To ease the burden on plan sponsors, enhance compliance, and help ensure that disclosures to participants are written in a manner that can be understood by the average participant, Labor, IRS, and PBGC should work together to define criteria for complying with the readability provisions in ERISA and the Internal Revenue Code (IRC), and apply the criteria to agency-generated model notices as well as those developed by plan sponsors. As part of these criteria, consider requiring clear, simple, brief highlights at the beginning of disclosures, reflecting federal plain language guidelines.

    Agency: Department of Labor
    Status: Open

    Comments: Labor officials stated that, while sensitive to plan sponsor concerns regarding liabilities that may result from ambiguities that arise when complex information is summarized using plain English criteria, they will, nevertheless, explore the application of readability standards in this context. Officials indicated they may decide it would be helpful to engage a contractor and undertake a survey or other data collection in order to evaluate this recommendation, but do not have resources budgeted in FY 2014 for such an exercise. In the meantime, they plan to continue to use modern communication techniques (such as focus group testing) to improve the effectiveness of their model notices and other standardized disclosures. In 2015, Labor reported that they need to explore the application of readability standards in light of concerns about liabilities that may result from ambiguities when complex information is summarized or presented using "plain English" criteria. Contracting for data collection would help them make an informed evaluation of this recommendation but they do not have the budgeted resources and believe it would not be appropriate to adjust priorities or reallocate resources. They will use techniques such as focus group testing to improve the effectiveness model notices and other standardized disclosures. GAO continues to believe it is important to implement a requirement to have clear, simple, brief highlights. In FY 17, Labor noted that the agency had not yet made a decision regarding future rulemaking and had suggested that the ERISA advisory counsel look at the effectiveness of disclosures.
    Recommendation: To ease the burden on plan sponsors, enhance compliance, and help ensure that disclosures to participants are written in a manner that can be understood by the average participant, Labor, IRS, and PBGC should work together to define criteria for complying with the readability provisions in ERISA and the Internal Revenue Code (IRC), and apply the criteria to agency-generated model notices as well as those developed by plan sponsors. As part of these criteria, consider requiring clear, simple, brief highlights at the beginning of disclosures, reflecting federal plain language guidelines.

    Agency: Department of the Treasury: Internal Revenue Service
    Status: Open

    Comments: IRS officials said that they are committed to using the Federal Plain Language Guidelines as a resource in preparing model disclosures and that they will consider including brief highlights at the beginning of model disclosures. They said that it is unclear that imposing defined readability criteria on employer and plan communications is in the best interests of plan participants, administrators, sponsors, and the retirement system as a whole. However, they do see merit in directing employers and plan sponsors to the Guidelines as a resource for developing readable notices and disclosures, and are considering how best to communicate that resource to stakeholders. As of September 2017, IRS has not provided an update on these efforts.
    Recommendation: To better ensure plan participants have access to information about their rights and benefits, as currently in force under their plans, Labor should direct plan sponsors to post to any intranet website maintained by the employer, as soon as determined feasible by Labor, a copy of the most current summary plan description (SPD) and any summary of material modifications issued subsequent to that SPD.

    Agency: Department of Labor
    Status: Open

    Comments: Labor officials said that they generally support implementing such a requirement, subject to a legal determination of their authority absent legislation to issue such a directive. However, rather than addressing the recommendation as a stand-alone item, they believe it would be better to consider the benefits of such an intranet posting requirement in connection with efforts to expand or modify disclosure standards in response to their 2011 Request for Information (RFI) regarding electronic disclosure. Moreover, officials noted that, during FY 2014, Labor was focusing its regulatory resources on other higher priority projects and did not have a specific timeline for any next action on e-disclosure issues. In their 2015 response, Labor reiterated their agreement from agency comments. Based on comments from their RFI, they understand that many plan sponsors, especially those that have intranet websites, already post plan-related information for employees and that input from consumer advocates that have expressed concern about replacing employees? paper disclosure rights under ERISA with internet access. Labor has not added an e-disclosure project to its regulatory agenda but is still focusing its regulatory resources on other higher priority projects. GAO continues to believe that this is an important pursuit. In FY 17, Labor stated that they do not have any specific timeline for actions on e-disclosures.
    Director: Trimble, David C
    Phone: (202) 512-3841

    3 open recommendations
    Recommendation: To improve DOE's management and oversight of the WFO program, the Secretary of Energy should require laboratories to establish and follow written procedures for developing WFO project budgets and for charging costs to WFO projects.

    Agency: Department of Energy
    Status: Open

    Comments: According to DOE, the Chief Financial Officer will address this recommendation as part of the revisions to DOE Order 520.1A. As of March 2017, DOE anticipates that the updated order will be completed in the first quarter of fiscal year 2018.
    Recommendation: To improve DOE's management and oversight of the WFO program, the Secretary of Energy should ensure that annual summary reports of WFO activities are prepared so that data on those activities are readily available for those who need this information.

    Agency: Department of Energy
    Status: Open

    Comments: On December 5, 2016, DOE issued revised order 481.1D, Strategic Partnership Projects (SPP) [Formerly Known as Work for Others (Non-Department of Energy Funded Work)] and has removed the requirement to issue annual summary reports of Work for Others activities. Instead, the revised order states that reports can be prepared on an "as needed" basis.
    Recommendation: To improve DOE's management and oversight of the WFO program, the Secretary of Energy should establish performance measures that incorporate key attributes of successful performance measures and that address the objectives of the WFO program.

    Agency: Department of Energy
    Status: Open

    Comments: On December 5, 2016, DOE issued revised order 481.1D Strategic Partnership Projects (SPP)[Formerly Known as Work for Others (Non-Department of Energy Funded Work)]. DOE states that this order addresses performance measures and that the corrective action is closed. Although the order directs DOE Field Office Managers to "establish performance measures to assess the effectiveness of the procedures for SPP review, acceptance, authorization and monitoring consistent with NNSA policies and procedures", it does not further identify specific performance measures that address the objectives of the SPP program as indicated in the order.
    Director: Cackley, Alicia P
    Phone: (202) 512-8678

    1 open recommendations
    Recommendation: Congress should consider strengthening the current consumer privacy framework to reflect the effects of changes in technology and the marketplace--particularly in relation to consumer data used for marketing purposes--while also ensuring that any limitations on data collection and sharing do not unduly inhibit the economic and other benefits to industry and consumers that data sharing can accord. Among the issues that should be considered are: (1) the adequacy of consumers' ability to access, correct, and control their personal information in circumstances beyond those currently accorded under FCRA; (2) whether there should be additional controls on the types of personal or sensitive information that may or may not be collected and shared; (3) changes needed, if any, in the permitted sources and methods for data collection; and (4) privacy controls related to new technologies, such as web tracking and mobile devices.

    Agency: Congress
    Status: Open

    Comments: As of April 2017, Congress has not taken action on this matter.
    Director: Jeszeck, Charles A
    Phone: (202) 512-7215

    2 open recommendations
    Recommendation: The Secretary of Labor and the Secretary of the Treasury should consider requiring pension plan sponsors to provide participants with an opportunity to opt out of all forms of electronic delivery, including (but not limited to) disclosures sent by default electronic delivery and disclosures posted on a secure continuous access website.

    Agency: Department of Labor
    Status: Open

    Comments: In 2013, DOL stated that it was appropriate to consider the merits of broader rights to opt out of electronic delivery and would want to consult with the Treasury Department/IRS on the agencies' different opt-out standards. In FY14, the agency reiterated that dfferent opt-out standards may be appropriate for general plan information versus individual account or other personal information and would consult with Treasury/IRS. They will consider this matter as part of any future rulemaking that modifies or amends the current regulatory safe harbor. In FY15, Labor stated that different opt-out standards may be appropriate for general plan information versus individual account or other personal information, but that was an issue for Labor to consider in consultation with the Treasury Department/IRS should Labor pursue future rulemaking that modifies or amends the current regulatory safe harbor. In July 2016, DOL confirmed that the agency continues to plan to take the above action. As of July 2017, DOL indicated that no decisions had been made concerning future rulemaking in this area.
    Recommendation: The Secretary of Labor and the Secretary of the Treasury should consider requiring pension plan sponsors to send a periodic paper notice to participants reminding them of their right to change their preferred delivery method at any time and the steps they must take to make these changes.

    Agency: Department of Labor
    Status: Open

    Comments: In FY13, DOL stated that it was appropriate to obtain further input on requiring some periodic paper reminder notice. In FY14, the agency reported that the sort of periodic notice described by GAO could be a safeguard against malfunctions in the electronic communication system and act as a reminder that important plan information is being provided through electronic media. DOL will consider and obtain further input on requiring a periodic paper reminder of as part of any future rulemaking that modifies or amends the current regulatory safe harbor. In FY15, Labor stated that the agency intends to consider and obtain further input on requiring a periodic paper reminder should we pursue future rulemaking that modifies or amends the current regulatory safe harbor. In July 2016, DOL confirmed that the agency continues to plan to take the above action. As of July 2017, DOL indicated that no decisions had been made concerning future rulemaking in this area.
    Director: Gambler, Rebecca S
    Phone: (202) 512-8777

    3 open recommendations
    Recommendation: To improve the usefulness of southwest border crossing wait time data for informing public and management decisions, the Commissioner of CBP should identify and carry out steps that can be taken to help CBP port officials overcome challenges to consistent implementation of existing wait time estimation methodologies. Steps for ensuring consistent implementation of these methodologies could include, for example, implementing the fiscal year 2008 Western Hemisphere Travel Initiative report recommendations to use closed-circuit television cameras to measure wait time in real time and provide a standardized measurement and validation tool.

    Agency: Department of Homeland Security: United States Customs and Border Protection
    Status: Open

    Comments: As of May 2017, CBP officials report that in order to avoid further investment in a manual wait time methodology, the agency plans to focus resources on developing an enterprise-wide solution for automating the measurement of border delays. CBP estimates that this recommendation will be completed in October 2017.
    Recommendation: To improve the usefulness of southwest border crossing wait time data for informing public and management decisions, the Commissioner of CBP should, in consultation with Federal Highway Administration and state DOTs, assess the feasibility of replacing current methods of manually calculating wait times with automated methods, which could include assessing all of the associated costs and benefits, options for how the agency will use and publicly report the results of automated data collection, the potential trade-offs associated with moving to this new system, and other factors such as those influencing the possible expansion of existing automation efforts to the 34 other locations that currently report wait times but have no automation projects under way.

    Agency: Department of Homeland Security: United States Customs and Border Protection
    Status: Open

    Comments: As of May 2017, CBP's Office of Field Operations (OFO) reports working to identify a feasible and cost effective wait time solution to measure commercial vehicle delays along the southern border. Specifically, CBP officials report that they have been partnering with the Federal Highway Administration and the Texas A&M's Transportation Institute on the deployment of an automated radio-frequency identification measurement solution to measure commercial delays at eight crossings. To verify the accuracy of the automated wait time data, CBP officials report that in June 2016 they conducted a ground-truth analysis with mixed results. CBP officials report DHS Science and Technology directorate delivered their final report in February 2017 and by the end of September 2017, pending review and acceptance of the report's findings, CBP will coordinate efforts to develop the required communication protocols and data schematics for near real-time commercial vehicle wait time updates to the CBP Border Wait Time website and Border Wait Time app. CBP estimates that this recommendation will be completed in October 2017.
    Recommendation: To better ensure that CBP's Office of Field Operations' (OFO) staffing processes are transparent and to help ensure CBP can demonstrate that these resource decisions have effectively addressed CBP's mission needs, the Commissioner of CBP should document the methodology and process OFO uses to allocate staff to land ports of entry on the southwest border, including the rationales and factors considered in making these decisions.

    Agency: Department of Homeland Security: United States Customs and Border Protection
    Status: Open

    Comments: As of May 2017, CBP's Office of Field Operations (OFO) reports that they have adopted a workload staffing model to identify CBP staffing requirements at land ports of entry. CBP officials report that the workload staffing model provides senior leadership with a decision-support tool to identify the number of required resources for each location and accounts for distinct operating environments, unique variables, and major functions and activities. CBP officials report that they use the workload staffing model results in its budget requests and when allocating staff to the ports of entry. However, CBP has not provided GAO with documentation showing how staff are allocated among land ports of entry including how workload staffing model results are used in this process. CBP officials report that in May 2017 OFO began working with contracted experts to synthesize the quantitative and qualitative data available and develop a comprehensive CBP position allocation methodology. CBP estimates that this recommendation will be completed in March 2018.
    Director: Farrell, Brenda S
    Phone: (202)512-3604

    2 open recommendations
    Recommendation: To help ensure DOD's workforce mix guidance reflects the current statutory requirements for total force management policy set forth in 10 U.S.C. 129a as well as the regulatory requirements set forth in the Office of Federal Procurement Policy's September 2011 policy letter, the Secretary of Defense should direct the Under Secretary of Defense for Personnel and Readiness to revise DOD's existing workforce policies and procedures to address the (1) determination of the appropriate workforce mix, and (2) identification of critical functions.

    Agency: Department of Defense
    Status: Open

    Comments: DOD partially concurred with this recommendation and stated in its agency comments that DOD Directive 1100.4. was undergoing revision and entering the formal issuance process for signature by the Deputy Secretary of Defense. Further, DOD stated that the updated directive would authorize and direct the revision of the instruction. However, as of August 2017, a DOD official stated that revisions to DOD Directive 1100.4 and DOD Instruction 1100.22 continue to be worked within the Department. Changes enacted through the most recent National Defense Authorization Act required a reconsideration of numerous aspects of the draft directive. Further, the official stated that the department was required to develop an overarching workforce rationalization strategy and that the furthering of this strategy will likewise impact the draft policies.
    Recommendation: Until such time that DOD is able to accurately project contractor FTE estimates it presents in budget submissions using the inventories and required reviews, the Secretary of Defense should direct the Under Secretary of Defense (Comptroller) to include an explanation in annual budget exhibits of the methodology used to project contractor FTE estimates and any limitations of that methodology or the underlying information to which the methodology is applied.

    Agency: Department of Defense
    Status: Open

    Comments: DOD partially concurred with this recommendation and stated in its agency comments that it will strengthen the annual guidance as improvements are made in the inventory of contracted services. Further, DOD stated that if a component's methodology deviates from the process defined in the annual guidance, a footnote explaining the deviation will be included in the contracted services section of the Operation and Maintenance Overview book within the budget. As of August 2017, the department could not provide any evidence of steps taken in response to this recommendation.
    Director: Yager, Loren
    Phone: (202)512-4347

    1 open recommendations
    including 1 priority recommendation
    Recommendation: To more effectively implement SBA's expansion of OIT field staff as required by the SBJA, the Administrator of the SBA should update SBA's plan for additional OIT staff to include funding sources and time frames, as well as possible efficiencies from clearly defining roles and responsibilities and leveraging other entities' export assistance resources.

    Agency: Small Business Administration
    Status: Open
    Priority recommendation

    Comments: SBA concurred with our recommendations and noted that SBA would work to implement the recommendations. SBA agreed that it intends to respond to staffing requirements of the SBJA while acknowledging resource constraints in its next annual report to Congress. In November 2014, SBA officials said that SBA was in the process of evaluating the impact of Voluntary Early Retirement Authority (VERA) and Voluntary Separation Incentive Payments (VSIP) retirements that took place at the end of September 2014 and was developing a plan for reallocating full-time employees (FTEs). They said that at the end of this process, SBA would have a better understanding of the impact on current and future USEAC staffing levels. In September 2015, SBA stated that it was still in the process of evaluating the impact of the VERA/VSIP retirements that took place at the end of September 2014, and was developing a plan for current and future FTEs. In February 2016, SBA's Office of International Trade (OIT) reported that in the first quarter of fiscal year 2016, it was able to fill the 21st of 30 USEAC-based Export Finance Specialist positions. OIT also reported that it has prepared an updated staffing proposal for the remaining nine positions called for under the Small Business Jobs Act of 2010. OIT noted that filling the remaining nine positions would depend on their receiving additional agency funding. SBA needs to provide documentation of its plan for complying with staffing requirements in the Small Business Jobs Act, or provide evidence that they have reallocated resources to actually do so. As of March 2017, SBA's new leadership was reviewing agency budget and staffing needs and had not provided us with a proposal for filling the remaining positions.
    Director: Cosgrove, James C
    Phone: (202) 512-7114

    2 open recommendations
    Recommendation: As CMS continues to implement and refine the Value Modifier program to enhance the quality and efficiency of physician care, the Administrator of CMS should consider whether certain private-sector practices could broaden and strengthen the program's incentives. Specifically, she should consider (1) developing at least some performance benchmarks that reward physicians for improvement as well as for meeting absolute performance benchmarks, and (2) making Value Modifier adjustments more timely in order to better reflect recent physician performance.

    Agency: Department of Health and Human Services: Centers for Medicare and Medicaid Services
    Status: Open

    Comments: CMS stated that it is working to implement GAO's recommendation. Previously, the agency noted that it would investigate accelerating the timeline of the Value Modifier, keeping in mind reporting requirements, data availability, and the need for valid and reliable measures. In addition, Congress passed legislation in 2015 requiring CMS to incorporate certain benchmark methodology and timing aspects that reflect GAO's 2013 recommendation, and the agency is replacing the Value Modifier with a new merit-based incentive payment system. CMS's efforts may, in time, address GAO recommendations to improve performance benchmarks and the timeliness of payment adjustments, but they have yet to be fully implemented. As of August 2017, CMS officials have not implemented this recommendation. GAO considers it to be open. We will update the status of this recommendation when we receive additional information.
    Recommendation: The Administrator should develop a strategy to reliably measure the performance of solo and small physician practices, such as by aggregating their performance data to create informal practice groups.

    Agency: Department of Health and Human Services: Centers for Medicare and Medicaid Services
    Status: Open

    Comments: CMS stated that it is working to implement GAO's recommendation to measure the performance of solo and small physician practices. CMS included in its Value Modifier policies the amount of payment adjustments for solo and small physician practices, along with the parameters for measurement. In addition, Congress passed legislation in 2015 requiring CMS to establish a process to allow solo and physician practices under ten eligible professionals to be measured in a virtual group, and the agency is replacing the Value Modifier with a new merit-based incentive payment system. CMS's efforts may, in time, address GAO recommendations to reliably measure the performance of solo and small physician practices, but they have yet to be fully implemented. As of August 2017, CMS officials have not implemented this recommendation. GAO considers it to be open. We will update the status of this recommendation when we receive additional information.
    Director: Wilshusen, Gregory C
    Phone: (202) 512-6244

    1 open recommendations
    Recommendation: To help mitigate vulnerabilities in mobile devices, the Chairman of the Federal Communications Commission should monitor progress of wireless carriers and device manufacturers in achieving their milestones and time frames once an industry baseline of mobile security safeguards has been implemented.

    Agency: Federal Communications Commission
    Status: Open

    Comments: FCC plans on monitoring the progress of wireless carriers and device manufacturers in achieving their milestones and time frames through one-on-one cyber risk management assurance meetings with service providers. FCC stated that it anticipates the meetings will begin within the next year pending the Commission's adoption of the policy statement for conducting the recommended meetings. We will validate these actions in the coming year.