Skip to main content

Department of Agriculture

Jump To:

Recent Reports

View More Reports

Open Recommendations (84 total)

Rural Housing Service: Actions Needed to Strengthen Management of the Single Family Mortgage Guarantee Program

GAO-16-193
Show
1 Open Recommendations
Agency Affected Recommendation Status
Department of Agriculture To improve compliance with OMB Circular A-129 standards and strengthen management and oversight of the guarantee program, and to strengthen risk assessment and reporting, the Secretary of Agriculture should direct the Undersecretary for Rural Development to improve performance measures comparing RHS and the Federal Housing Administration loan performance, potentially by making comparisons on a cohort basis and limiting comparisons to loans made in similar geographic areas.
Open – Partially Addressed
Consistent with one aspect of our recommendation, RHS produces an internal quarterly report that includes a comparison of RHS and Federal Housing Administration (FHA) loan performance by state. However, the report does not include any cohort-level comparisons. In August 2023, RHS said it had implemented Moody's rating agency's Mortgage Portfolio Analyzer (MPA) and stated that this allowed RHS to make comparisons to FHA loan performance on a cohort basis and in similar geographic areas. RHS has used MPA to compare RHS and FHA expected portfolio-level losses under baseline and severely adverse environments. However, as of December 2023, RHS had not provided documentation that it uses MPA to compare RHS and FHA loan performance at the cohort level and in similar geographies. We maintain that these more detailed comparisons would be more meaningful than the portfolio-level comparisons RHS currently makes.

Critical Infrastructure Protection: Additional Actions Are Essential for Assessing Cybersecurity Framework Adoption

GAO-18-211
Show
1 Open Recommendations
1 Priority
Agency Affected Recommendation Status
Department of Agriculture
Priority Rec.
The Secretary of Agriculture, in cooperation with the Secretary of Health and Human Services, should take steps to consult with respective sector partner(s), such as the sector coordinating council (SCC), Department of Homeland Security (DHS) and NIST, as appropriate, to develop methods for determining the level and type of framework adoption by entities across their respective sector. (Recommendation 1)
Open – Partially Addressed
USDA neither agreed nor disagreed with the recommendation, but stated that it would attempt to develop a measurement mechanism as part of its annual data calls to the Food and Agriculture Sector. USDA has taken steps towards determining framework adoption across the sector. For example, USDA has distributed several requests for information to sector members that include questions regarding framework adoption and resulting improvements. In addition, USDA requested feedback from sector partners and made subsequent changes to its data calls responses. Despite these efforts, as of February 2024, USDA has not yet received information from sector entities regarding their adoption of the NIST cybersecurity framework. To fully implement this recommendation, USDA needs to implement actions that will allow the agency to better assess framework adoption among entities within its sector. USDA has been encouraging and supporting the use of the framework. However, in order to assist in protecting critical infrastructure the agency needs to implement our recommendation so it can gain a more comprehensive understanding of the framework's use.

Community Development: Federal Revitalization Programs Are Being Implemented, but Data on the Use of Tax Benefits Are Limited

GAO-04-306
Show
1 Open Recommendations
Agency Affected Recommendation Status
Department of Agriculture To facilitate the administration, audit, and evaluation of the EZ/EC and RC programs, HUD, USDA, and IRS should collaborate to (1) identify the data needed to assess the use of the tax benefits and the various means of collecting such data; (2) determine the cost-effectiveness of collecting these data, including the potential impact on taxpayers and other program participants; (3) document the findings of their analysis; and, if necessary, (4) seek the authority to collect the data, if a cost- effective means is available.
Open – Partially Addressed
In response to GAO's recommendation, officials from HUD, USDA, and IRS met to identify data needed to assess the use of the tax benefits and identified three means of collecting such data. These methods include (1) using existing data to extrapolate an estimate of the use of some tax benefits; however, such data would be limited to the national level; (2) changing tax return forms to indicate the Empowerment Zone or Renewal Community in which each benefit is claimed; and (3) surveying businesses located in Empowerment Zones and Renewal Communities about tax benefit use. They also discussed the cost-effectiveness of each of the data collection options. The IRS Director of Research, Analysis, and Statistics, sent a letter to GAO that documented these discussions and indicated that the agencies were unable to agree on a cost effective method of collecting the data. GAO has been told that none of the agencies plan to seek the authority to collect the data at this time.

Critical Infrastructure Protection: Additional Actions Needed to Identify Framework Adoption and Resulting Improvements

GAO-20-299
Show
1 Open Recommendations
Agency Affected Recommendation Status
Department of Agriculture The Secretary of Agriculture, in coordination with the Secretary of Health and Human Services, should take steps to consult with respective sector partner(s), such as the SCC, DHS, and NIST, as appropriate, to collect and report sector-wide improvements from use of the framework across its critical infrastructure sector using existing initiatives. (Recommendation 2)
Open – Partially Addressed
USDA concurred with our recommendation and has taken steps towards implementing it. For example, USDA, in partnership with the Department of Health and Human Services has distributed multiple requests for information to sector members that include questions regarding framework adoption and improvements. In addition, USDA requested feedback from sector partners and made subsequent changes to its data calls. Despite these efforts, as of February 2024 USDA has not yet collected information regarding sector improvements resulting from use of the NIST cybersecurity framework. To fully implement this recommendation, USDA needs to collect and report on sector-wide improvements resulting from use of the framework. Until the department does so, it will not fully understand the value of the framework and approaches that could be prioritized in helping protect the food and agriculture sector from cyber threats. We will continue to monitor the agency's progress in implementing our recommendation.

Small Business Research Programs: Agencies Should Further Improve Award Timeliness

GAO-22-104677
Show
1 Open Recommendations
Agency Affected Recommendation Status
Department of Agriculture The Secretary of Agriculture should evaluate the effectiveness of steps taken to improve SBIR award timeliness and take any necessary additional steps in order to consistently meet SBA award timeliness guidelines. (Recommendation 3)
Open – Partially Addressed
In its March 2022 letter responding to our report, USDA concurred with this recommendation. In its letter, USDA said it would take actions to implement the recommendation, including requesting the same review award timeline allowances afforded to the National Science Foundation (NSF) and the National Institutes of Health (NIH). In further documentation provided to GAO in March 2022, USDA stated it would pursue legislative action to request extended timeframes. Furthermore, USDA provided documentation describing how it is taking a more aggressive approach in managing its SBIR program timelines, such as by increasing email reminders to staff to ensure their Phase I panel managers were in place prior to solicitation, and holding awardee selection meetings after each of the 10 SBIR topic area panels concluded rather than waiting for all panels to conclude. Our evaluation of USDA's SBIR award data shows that, initially, USDA's timeliness improved from FY2020 to FY2021. In December 2023, we obtained and analyzed publicly available USDA award data for FY22. Our analysis indicated that USDA met SBA's award timeliness guidelines in FY22. However, in combination with prior fiscal years, USDA has not met SBA's timeliness guidelines in at least 3 of the preceding 5 years based on available data. Going forward, we will follow up to obtain data on USDA's award timeliness in subsequent fiscal years to determine if actions the agency has taken have resulted in it being able to consistently meet SBA's award timeliness guidelines.

Tribal Economic Development: Action is Needed to Better Understand the Extent of Federal Support

GAO-22-105215
Show
1 Open Recommendations
Agency Affected Recommendation Status
Department of Agriculture The Director of USDA's Office of Tribal Relations, in coordination with tribes, should establish a plan for periodically analyzing and publicly reporting the amount of economic development assistance provided to tribal entities by USDA and using that analysis to identify opportunities to improve assistance to tribal entities. This could include leveraging methods already used by specific USDA program offices such as Rural Development (Recommendation 4)
Open – Partially Addressed
USDA has taken steps to address the recommendation. For example, in May 2023, USDA's Office of Tribal Relations produced an action plan in response to the recommendation. Additionally, for FY2022 and FY2023, USDA's Office of Tribal Relations analyzed data and publicly reported on tribal obligations for relevant USDA Farm Service and Rural Development programs. In order to fully implement the recommendation, USDA's Office of Tribal Services should work closely with and inquire about the steps the Farm Service Agency has taken to explore additional data analysis methods beyond self-reported data to understand the reach of that agency's programs/funding in tribal communities.

Cloud Security: Selected Agencies Need to Fully Implement Key Practices

GAO-23-105482
Show
1 Open Recommendations
Agency Affected Recommendation Status
Department of Agriculture The Secretary of Agriculture should ensure that the agency fully documents the access authorizations for its selected PaaS system. (Recommendation 1)
Open – Partially Addressed
In September 2023, Agriculture officials described their plans for addressing our recommendation. Specifically, the officials stated that they will review their existing identity, credential and access management procedures, and will document the access authorizations for the selected system. In January 2024, the agency provided documentation of its procedures for the system's authorization process. However, the procedures did not document the access authorizations for the system. We will continue to monitor the agency's efforts to address our recommendation.

Cloud Security: Selected Agencies Need to Fully Implement Key Practices

GAO-23-105482
Show
2 Open Recommendations
Agency Affected Recommendation Status
Department of Agriculture The Secretary of Agriculture should ensure that the agency fully implements continuous monitoring for its selected PaaS system, to include reviewing the continuous monitoring deliverables from the CSP and committing to a time frame to review audit logs. (Recommendation 2)
Open – Partially Addressed
In September 2023, Agriculture officials described their plans for addressing our recommendation. Specifically, the officials stated that they plan to develop and adopt procedures that detail the process for implementing and documenting continuous monitoring for its selected system. According to the officials, the procedures would include the review of continuous monitoring deliverables from the cloud service provider, and the frequency for review of audit logs. In January 2024, the agency provided documentation of its continuous monitoring procedures. The procedures including, among other things, steps for reviewing the continuous monitoring deliverables from the CSP. However, the agency did not provide documentation showing that these efforts were implemented. We will continue to monitor the agency's efforts to address our recommendation.
Department of Agriculture The Secretary of Agriculture should ensure that the agency provides the authorization letter to the FedRAMP PMO for its selected SaaS system 2. (Recommendation 6)
Open – Partially Addressed
In September 2023, Agriculture officials described their plans for addressing our recommendation. Specifically, the officials stated that they plan to develop procedures, including guidance, for addressing the Federal Risk and Authorization Management Program (FedRAMP) requirements. In February 2024, the agency provided its FedRAMP Standard Operating Procedures. The procedures include requirements for providing authorization letters to the FedRAMP program management office (PMO). However, the agency did not provide evidence that it had provided the letter to FedRAMP PMO for its selected SaaS system 2. We will continue to monitor the agency's efforts to address our recommendation.

IT Modernization: USDA Needs to Improve Oversight of Farm Production and Conservation Mission Area

GAO-21-512
Show
1 Open Recommendations
Agency Affected Recommendation Status
Department of Agriculture The Secretary of Agriculture should ensure that the Under Secretary for Farm Production and Conservation (FPAC) directs the Business Center Chief Operating Officer to have the FPAC mission area implement the key IT workforce planning activity of establishing and maintaining a workforce planning process. (Recommendation 4)
Open
In August 2023, agency officials noted that the U.S. Department of Agriculture's Workforce Steering Committee had updated the technical competencies for its IT workforce. Subsequently the FPAC Human Resources group used the updated competencies to develop a competency assessment process. However, agency officials stated that that the assessment process was put on hold. FPAC officials noted that in August 2023 they began the process of restarting the competency assessments. We will continue to review FPAC's progress in this area.
View More Recommendations

Related Pages