GAO’s recommendations database contains report recommendations that still need to be addressed. GAO’s priority recommendations are those that we believe warrant priority attention. We sent letters to the heads of key departments and agencies, urging them to continue focusing on these issues. Below you can search only priority recommendations, or search all recommendations.

Our recommendations help congressional and agency leaders prepare for appropriations and oversight activities, as well as help improve government operations. Moreover, when implemented, some of our priority recommendations can save large amounts of money, help Congress make decisions on major issues, and substantially improve or transform major government programs or agencies, among other benefits.

As of April 18, 2018, there are 5,184 open recommendations, of which 465 are priority recommendations. Recommendations remain open until they are designated as Closed-implemented or Closed-not implemented.

Browse or Search Open Recommendations

Search



Have a Question about a Recommendation?

  • For questions about a specific recommendation, contact the person or office listed with the recommendation.
  • For general information about recommendations, contact GAO's Audit Policy and Quality Assurance office at (202) 512-6100 or apqa@gao.gov.
« Back to Results List Sort by   

Results:

Federal Agency: "Department of Homeland Security"

9 publications with a total of 15 priority recommendations
Director: Gregory C. Wilshusen
Phone: (202) 512-6244

2 open priority recommendations
Recommendation: The Secretary of Homeland Security should ensure the DHS Office of Chief Human Capital Officer collects complete and accurate data from its components on all filled and vacant cybersecurity positions when it conducts its cybersecurity identification and coding efforts. (Recommendation 4)

Agency: Department of Homeland Security
Status: Open
Priority recommendation

Comments: DHS agreed with this priority recommendation. By June 29, 2018, DHS plans to issue memorandums to its components that include instructions, guidance, and plans to address this recommendation by periodically reviewing compliance and cybersecurity workforce data concerns with component leads to ensure data accuracy. If implemented, DHS's planned actions would fully address this recommendation.
Recommendation: The Secretary of Homeland Security should develop guidance to assist DHS components in identifying their cybersecurity work categories and specialty areas of critical need that align to the National Initiative for Cybersecurity Education framework. (Recommendation 5)

Agency: Department of Homeland Security
Status: Open
Priority recommendation

Comments: DHS agreed with this priority recommendation. By June 29, 2018, DHS plans to issue memorandums to its components that include instructions, guidance, and plans to address this recommendation by disseminating a reporting schedule for identifying cybersecurity critical needs. If implemented, DHS's planned actions would fully address this recommendation.
Director: Rebecca Gambler
Phone: (202) 512-8777

1 open priority recommendation
Recommendation: To ensure Border Patrol has the best available information to inform future investments in TI and resource allocation decisions among TI and other assets Border Patrol deploys in the furtherance of border security operations, and to ensure that key parties within Border Patrol's Requirements Management Process are aware of their roles and responsibilities within the process, the Chief of the Border Patrol should develop metrics to assess the contributions of pedestrian and vehicle fencing to border security along the southwest border using the data Border Patrol already collects and apply this information, as appropriate, when making investment and resource allocation decisions.

Agency: Department of Homeland Security: United States Customs and Border Protection: Office of the Commissioner: U.S. Border Patrol
Status: Open
Priority recommendation

Comments: DHS agreed with the recommendation and stated that it planned to develop and incorporate metrics into Border Patrol's Requirements Management Process. To fully implement it, the Border Patrol should complete its efforts to develop metrics for assessing the contributions of pedestrian and vehicle fencing to border security operations and apply these metrics when making resource allocation decisions. As of December 2017, DHS planned to update the Requirements Management Process by fiscal year 2019.
Director: Gregory C. Wilshusen
Phone: (202) 512-6244

2 open priority recommendations
Recommendation: To more fully address the requirements identified in the National Cybersecurity Protection Act of 2014 and the Cybersecurity Act of 2015, the Secretary of the Department of Homeland Security should develop metrics for assessing adherence to applicable principles in carrying out statutorily required functions.

Agency: Department of Homeland Security
Status: Open
Priority recommendation

Comments: In January 2018, DHS stated that they are in the process of updating NCCIC Strategic Objectives. In doing so, DHS will determine the applicability of key performance indicators (KPI) and performance targets enabling NCCIC to assess its effectiveness in achieving its mission. The target date for completion of these activities is September 2018.
Recommendation: To more fully address the requirements identified in the National Cybersecurity Protection Act of 2014 and the Cybersecurity Act of 2015, the Secretary of the Department of Homeland Security should establish methods for monitoring the implementation of cybersecurity functions against the principles on an ongoing basis.

Agency: Department of Homeland Security
Status: Open
Priority recommendation

Comments: In January 2018, DHS stated that it is in the process of updating NCCIC Strategic Objectives. DHS reported that it will align and verify each of its programs goals and reestablish performance reviews to ensure mission effectiveness. The target date for completion of these activities is September 2018.
Director: Kimberly M. Gianopoulos
Phone: (202) 512-8612

3 open priority recommendations
Recommendation: To better manage the AD/CV duty liquidation process, CBP should issue guidance directing the Antidumping and Countervailing Duty Centralization Team to (a) collect and analyze data on a regular basis to identify and address the causes of liquidations that occur contrary to the process or outside the 6-month time frame mandated by statute, (b) track progress on reducing such liquidations, and (c) report on any effects these liquidations may have on revenue.

Agency: Department of Homeland Security: United States Customs and Border Protection
Status: Open
Priority recommendation

Comments: CBP concurred with this recommendation and said it would take steps to implement it. As of August 2018, CBP had not implemented this recommendation. In August 2018, CBP developed and implemented a new handbook for use in managing antidumping and countervailing duty entries. The new handbook supersedes a previous one issued in March 1998 and provides step-by-step guidance for identifying and managing AD/CV entries; however, it does not contain requirements for CBP to regularly collect and analyze data to identify the causes of liquidations that occur contrary to the process or outside the 6-month time frame mandated by statute. It also does not contain a requirement to track progress toward reducing such untimely liquidations and reporting on their effects on revenue. In August 2018, CBP officials stated that they do not currently collect and analyze data to identify the causes of untimely liquidations, nor are they tracking progress toward reducing and reporting on such liquidations and their effects on revenue. CBP officials said that their focus is on identifying and acting on liquidations before they are liquidated in an untimely manner. For this purpose, they said they had made improvements to their internal procedures and provided additional training to CBP staff. The internal improvements involve the use of ACE reports to identify AD/CV entries at risk for untimely liquidation. Because they are not collecting and analyzing data to identify the causes of untimely liquidations or tracking progress toward reducing and eliminating these liquidations, as of August 2017, CBP did not have any quantifiable data to show the extent to which they have made progress toward reducing or eliminating untimely liquidations in fiscal year 2018. In January 2018, CBP informed GAO that as of September 2017, it had estimated the revenue effect of untimely liquidations during fiscal year 2017 at about $16,000 in lost revenue.
Recommendation: To improve risk management in the collection of AD/CV duties and to identify new or changing risks, CBP should regularly conduct a comprehensive risk analysis that assesses both the likelihood and the significance of risk factors related to AD/CV duty collection. For example, CBP could construct statistical models that explore the associations between potential risk factors and both the probability of nonpayment and the size of nonpayment when it occurs.

Agency: Department of Homeland Security: United States Customs and Border Protection
Status: Open
Priority recommendation

Comments: CBP concurred with this recommendation and said it would take steps to implement it. As of June 2018, CBP had developed a risk-based model. CBP had also begun testing the model to determine its feasibility with members of the surety industry, as well as with members of the Commercial Customs Operation Advisory Committee. In addition, CBP had also begun taking steps to ensure that the model, when it is finally completed and fully implemented, automatically factors in new data for use in risk analysis. The model, when complete, could enable CBP to use data strategically by enabling it to identify entries that pose a heightened risk of nonpayment and target them with appropriate corresponding bonds. For example, according to CBP officials, it could be used be used to assess a requirement for additional security in the form of bonds as part of an enhanced bonding requirement if carefully tailored in order to avoid a legal challenge. As of June 2018, CBP stated that it planned to begin use of the model around the end of October 2018.
Recommendation: To improve risk management in the collection of AD/CV duties, CBP should, consistent with U.S. law and international obligations, take steps to use its data and risk assessment strategically to mitigate AD/CV duty nonpayment, such as by using predictive risk analysis to identify entries that pose heightened risk and taking appropriate action to mitigate the risk.

Agency: Department of Homeland Security: United States Customs and Border Protection
Status: Open
Priority recommendation

Comments: CBP concurred with this recommendation and said it would take steps to implement it. As of June 2018, CBP had partially addressed this recommendation. CBP will not be able to fully implement this recommendation until it has finalized and implemented the risk-based model that it plans to use to identify entries that pose a heightened risk of nonpayment and target them with the appropriate corresponding bonds. As discussed earlier, as of June 2018, CBP was in the process of testing this risk-based model and planned to begin use of the model around the end of October, 2018. Developing a risk-based model to use in mitigating antidumping and countervailing duty nonpayment could enhance CBP's capacity to collect additional revenue. For example, according to CBP officials, it could be used to assess a requirement for additional security in the form of bonds as part of an enhanced bonding requirement if carefully tailored to avoid a legal challenge.
Director: Rebecca Gambler
Phone: (202) 512-8777

2 open priority recommendations
Recommendation: To provide reasonable assurance that USCIS's fraud prevention controls are adequate and effectively implemented, and ensure that asylum officers and FDNS immigration officers have the capacity to detect and prevent fraud, the Secretary of Homeland Security should direct USCIS to conduct regular fraud risk assessments across the affirmative asylum application process.

Agency: Department of Homeland Security
Status: Open
Priority recommendation

Comments: In October 2016, DHS indicated that USCIS had established a working group and collected fraud trend information from all eight asylum offices that will be used to inform the development of a risk assessment framework. According to USCIS, the Asylum Division, in cooperation with other relevant internal stakeholders such as USCIS's Fraud Detection and National Security Directorate, completed a draft asylum fraud risk assessment in September 2017. As of September 2018, USCIS told GAO that the draft assessment is under internal review and that USCIS anticipates that the review process will be completed by December 31, 2018. Regularly assessing fraud risks across the affirmative asylum process would provide USCIS more complete information on risks that may affect the integrity of the process and therefore help USCIS target its fraud prevention efforts to those areas that are of highest risk.
Recommendation: To provide reasonable assurance that USCIS's fraud prevention controls are adequate and effectively implemented, and ensure that asylum officers and FDNS immigration officers have the capacity to detect and prevent fraud, the Secretary of Homeland Security should direct USCIS to identify and implement tools that asylum officers and FDNS immigration officers can use to detect potential fraud patterns across affirmative asylum applications.

Agency: Department of Homeland Security
Status: Open
Priority recommendation

Comments: In February 2016, DHS indicated that USCIS had allotted fiscal year 2016 funds in support of initial acquisition activities for tools to detect potential fraud patterns across affirmative asylum applications. According to USCIS, FDNS identified a hardware solution and began acquisition planning for this hardware in September 2016. However, in December 2017, USCIS reported that Asylum Division leadership met with internal stakeholders in September 2017 to collaborate on the development of a solution that would allow for the use of internal USCIS capability and resourcing. As a result of that meeting, USCIS reported that it has begun work internally on a prototype tool. As of August 2018, USCIS expects to complete the development of the tool by September 30, 2018. Identifying and implementing new tools to detect fraud patterns would help USCIS ensure that asylum officers and FDNS immigration officers have the capacity to detect and prevent asylum fraud.
Director: Maurer, Diana C
Phone: (202) 512-9627

2 open priority recommendations
Recommendation: In order to improve transparency and allow for more informed decision making by congressional leaders and DHS and GSA decision-makers, before requesting additional funding for the DHS headquarters consolidation project, the Secretary of Homeland Security and the Administrator of the General Services Administration should work jointly to conduct the following assessments and use the results to inform updated DHS headquarters consolidation plans: (1) a comprehensive needs assessment and gap analysis of current and needed capabilities that take into consideration changing conditions, and (2) an alternatives analysis that identifies the costs and benefits of leasing and construction alternatives for the remainder of the project and prioritizes options to account for funding instability.

Agency: Department of Homeland Security
Status: Open
Priority recommendation

Comments: The Department of Homeland Security Headquarters Consolidation Accountability Act of 2015 (Pub. L. No. 114-150) was enacted on April 29, 2016. Among other things, the act requires DHS, in coordination with GSA, to submit information to Congress about DHS headquarters consolidation efforts not later than 120 days of enactment. As of April 2018, DHS and GSA had not submitted the information to Congress required by Pub. L. No. 114-150. Required information includes a comprehensive assessment of property and facilities utilized by DHS in the National Capital Region, and an analysis that identifies the costs and benefits of leasing and construction alternatives for the remainder of the consolidation project. In January 2018, DHS and GSA reported that they had prepared alternatives analyses, updated plans, and cost and schedule estimates for DHS headquarters consolidation, but needed to reexamine these efforts relative to new Administration priorities and budget circumstances. GAO will review the latest information on DHS headquarters consolidation efforts when it is provided to Congress, and will assess the materials in the context of this recommendation at that time. Continued DHS and GSA attention to following leading capital planning practices is critical given the project's multi-billion dollar cost and impact on future departmental operations.
Recommendation: In order to improve transparency and allow for more informed decision making by congressional leaders and DHS and GSA decision-makers, before requesting additional funding for the DHS headquarters consolidation project, after revising the DHS headquarters consolidation plans, the Secretary of Homeland Security and the Administrator of the General Services Administration should work jointly to develop revised cost and schedule estimates for the remaining portions of the consolidation project that conform to GSA guidance and leading practices for cost and schedule estimation, including an independent evaluation of the estimates.

Agency: Department of Homeland Security
Status: Open
Priority recommendation

Comments: The Department of Homeland Security Headquarters Consolidation Accountability Act of 2015 (Pub. L. No. 114-150) was enacted on April 29, 2016. Among other things, the act requires DHS, in coordination with GSA, to submit information to Congress about DHS headquarters consolidation efforts not later than 120 days of enactment. As of April 2018, DHS and GSA had not submitted the information to Congress required by Pub. L. No. 114-150. Required information includes updated cost and schedule estimates for the consolidation project that are consistent with GAO's recommendations in GAO-14-648. Furthermore, the act requires the Comptroller General to evaluate the cost and schedule estimates not later than 90 days after their submittal to Congress. In January 2018, DHS and GSA reported that they had prepared alternatives analyses, updated plans, and cost and schedule estimates for DHS headquarters consolidation, but needed to reexamine these efforts relative to new Administration priorities and budget circumstances. GAO will review the latest DHS headquarters consolidation cost and schedule estimates when they are provided to Congress, and will assess the materials in the context of this recommendation at that time. Continued DHS and GSA attention to following leading cost and schedule estimation practices is critical given the project's multi-billion dollar cost and impact on future departmental operations.
Director: Rebecca Gambler
Phone: (202) 512-8777

1 open priority recommendation
Recommendation: To improve the acquisition management of the Plan and the reliability of its cost estimates and schedules, assess the effectiveness of deployed technologies, and better inform CBP's deployment decisions, once data on asset assists are required to be recorded and tracked, the Commissioner of CBP should analyze available data on apprehensions and seizures and technological assists, in combination with other relevant performance metrics or indicators, as appropriate, to determine the contribution of surveillance technologies to CBP's border security efforts.

Agency: Department of Homeland Security: United States Customs and Border Protection
Status: Open
Priority recommendation

Comments: In February 2015, the Border Patrol was planning to address this recommendation using the Capability Gap Analysis Process (CGAP) developed by Johns Hopkins University Applied Physics Lab, specifically for the Border Patrol, to examine the effects of technology and other assets, such as infrastructure. In September 2016, Border Patrol provided a case study that assessed CGAP data with technology assist data and other measures. While this was a start to developing performance measures, the case study was limited to one location along the border and the analysis limited to select technologies. In May 2017, Border Patrol officials demonstrated a new system, intended to allow for more comprehensive analysis of the contributions of surveillance technologies to Border Patrol's mission. However, officials confirmed that it is not yet used to support such analytic efforts. As noted in GAO's November 2017 report on CBP's use of surveillance technology, GAO continues to believe that developing and applying performance metrics for its border technologies, in accordance with our prior recommendation, would help Border Patrol more fully assess its progress in implementing the Southwest Border Technology Plan and determine when mission benefits have been realized.
Director: Currie, Christopher
Phone: (404)679-3000

1 open priority recommendation
Recommendation: To increase the efficiency and effectiveness of the process for disaster declarations, the FEMA Administrator should develop and implement a methodology that provides a more comprehensive assessment of a jurisdiction's capability to respond to and recover from a disaster without federal assistance. This should include one or more measures of a jurisdiction's fiscal capacity, such as TTR, and consideration of the jurisdiction's response and recovery capabilities. If FEMA continues to use the PA per capita indicator to assist in identifying a jurisdiction's capabilities to respond to and recover from a disaster, it should adjust the indicator to accurately reflect the annual changes in the U.S. economy since 1986, when the current indicator was first adopted for use. In addition, implementing the adjustment by raising the indicator in steps over several years would give jurisdictions more time to plan for and adjust to the change.

Agency: Department of Homeland Security: Directorate of Emergency Preparedness and Response: Federal Emergency Management Agency
Status: Open
Priority recommendation

Comments: On January 20, 2016, FEMA published an Advanced Notice of Proposed Rulemaking to solicit comments on an option FEMA is considering to establish a disaster deductible, which would require a predetermined level of financial or other commitment from a recipient, generally the state or territorial government, before FEMA would provide assistance under the Public Assistance Program. According to FEMA, the agency received 150 responses during the 60-day public comment period, which ended on March 21, 2016, and used this input to develop a plan for further engagement on a more detailed proposal for public comment. The Supplemental Advanced Notice of Proposed Rulemaking, published on January 12, 2017, provided another opportunity for stakeholder input prior to any changes to the Public Assistance program. This proposal included an explanation of how deductible amounts might be calculated, identified specific credits that states could apply for, and detailed how the deductible would be applied post-declaration. According to FEMA officials, the comments received, in part, raised concerns about the complexity of the proposed deductible model. FEMA agreed with the concerns raised that the proposal was too complicated, and in August 2018, told us that it is no longer pursuing that option. However, FEMA is considering options that leverage similar approaches but does not have an estimated completion date for implementation. Until FEMA implements a new methodology, FEMA will not have an accurate assessment of a jurisdiction's capabilities to respond to and recover from a disaster without federal assistance and runs the risk of recommending that the President award Public Assistance to jurisdictions that have the capability to respond and recover on their own.
Director: Grover, Jennifer A
Phone: (202) 512-7141

1 open priority recommendation
Recommendation: To identify effective and cost-efficient methods for meeting TWIC program objectives, and assist in determining whether the benefits of continuing to implement and operate the TWIC program in its present form and planned use with readers surpass the costs, the Secretary of Homeland Security should conduct an effectiveness assessment that includes addressing internal control weaknesses and, at a minimum, evaluates whether use of TWIC in its present form and planned use with readers would enhance the posture of security beyond efforts already in place given costs and program risks.

Agency: Department of Homeland Security
Status: Open
Priority recommendation

Comments: We reported that DHS had not assessed the program's effectiveness at enhancing security. We recommended that DHS conduct an effectiveness assessment that includes addressing internal control weaknesses and, at a minimum, evaluates whether use of TWIC in its present form and planned use with readers would enhance the posture of security beyond efforts already in place given costs and program risks. In March 2012, DHS reported that it agreed that the results and progress of the internal control actions should be used to further evaluate the effectiveness of the TWIC program. They further noted that as the different long term actions progress, DHS will develop specific plans to address this action. In May 2013 (see GAO-13-198), we reported that DHS had not addressed this recommendation. On January 17, 2014, the explanatory statement accompanying the Consolidated Appropriations Act, 2014, directed DHS to complete the assessment that we recommended within 90 days after enactment (April 17, 2014). In February 2014, TSA reported that it, in coordination with Coast Guard and DHS subject matter experts, had established an Executive Steering Committee to address recommendations from the May 2011 report on the TWIC program's internal controls (GAO-11-657). GAO recommended that the internal control assessment be the basis of the effectiveness assessment. In response, the Executive Steering Committee developed an internal control action plan that lists TWIC program control issues GAO identified, along with actions that TSA and the Coast Guard would or would not take to address them. However, based on our review of the internal control action plan and associated documents, and further discussing with TSA officials the methodology used to arrive at the internal control action plan, we determined that the internal control assessment we recommended has not been implemented. Specifically, there is no evidence of a detailed mapping of each policy and process in the program, their interrelationships, and clear linkage to show how actions in one step may enhance or reduce the effectiveness of the TWIC program achieving its stated mission needs. As of March 2017, the internal control assessment we recommended as the basis for initiating the effectiveness assessment had not been completed. However, on January 15, 2016, Coast Guard reported that it had completed its effectiveness assessment. Specifically, DHS completed an effectiveness assessment titled "Security Assessment of the Transportation Worker Identification Credential and Readers." However, the effectiveness assessment did not substantively address the risk concerns identified in our report. For example, the effectiveness assessment lacked the internal control assessment we deem to be the critical first step for fully understanding the TWIC program's controls, costs, and risks. Further, while the effectiveness assessment presented a comparison of alternative credentialing approaches, the assessment did not fully consider, as discussed in our 2011 and 2013 reports, an approach wherein federal security threat assessments could be leveraged in concert with site-specific credentials. The analysis did consider the benefits of updating the TWIC credential to new federal credentialing standards. However, absent from the analysis is a risk-informed basis for disallowing site-specific credentials. While TWIC credentials are developed based on standards aligned with those used by federal entities, each federal entity continues to use site-specific credentials that have varying appearances, rather than a single credential for granting access to all federal entities. This is important, especially because Coast Guard's risk assessment does not include an evaluation of the security benefits and shortfalls that a single credential used nation-wide provide. Absent an effectiveness assessment that meets the intent of our recommendation, this recommendation remains open.